Class: Spider::CommandLine::CertCommand

Inherits:
CmdParse::Command
  • Object
show all
Defined in:
lib/spiderfw/cmd/commands/cert.rb

Instance Method Summary collapse

Constructor Details

#initializeCertCommand

Returns a new instance of CertCommand.



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
 
# File 'lib/spiderfw/cmd/commands/cert.rb', line 6

def initialize
    super( 'cert', true, true )
    @short_desc = _("Manage certificates")
    #        @description = _("")
       
    # start
    generate = CmdParse::Command.new( 'generate', false )
    generate.short_desc = _("Generate new X.509")
    generate.options = CmdParse::OptionParserWrapper.new do |opt|
        opt.on("--path path", _("Where to generate the certificate"), "-p") { |path|
            @path = path
        }
        opt.on("--org label", _("Name of the organization to generate the certificate for"), "-o"){ |org|
            @org = org
        }
    end
    generate.set_execution_block do |args|
        require 'spiderfw'
        Spider.init_base
        require 'openssl'
        @path ||= Spider.paths[:certs]
        @org ||= 'default'
        path = @path+'/'+@org
        orgs = Spider.conf.get('orgs')
        o = orgs[@org] if orgs
        raise _("You have to configure the organization '#{@org}' to generate a certificate") unless o
        raise _("You have to set the organization name for '#{@org}' in configuration") unless o['name']
        raise _("You have to set the organization country code for '#{@org}' in configuration") unless o['country_code']
        raise _("You have to set the organization state for '#{@org}' in configuration") unless o['state']
        raise _("You have to set the organization city for '#{@org}' in configuration") unless o['city']
        raise _("You have to set the organization common name for '#{@org}' in configuration") unless o['common_name']
        raise _("You have to set the organization email address for '#{@org}' in configuration") unless o['email']
        id = "/C=#{o['country_code']}/ST=#{o['state']}/L=#{o['city']}"
        id += "/OU=#{o['organizational_unit']}" if o['organizational_unit']
        id += "/CN=#{o['common_name']}/emailAddress=#{o['email']}"
        FileUtils.mkpath(path+'/private')
        key = OpenSSL::PKey::RSA.generate(4096)
        pub = key.public_key
        # O => organization (Example company)
        # OU => organizational unit (Test department)
        # CN => common name (my company name)
        # /C=US/ST=Florida/L=Miami/O=Waitingf/OU=Poopstat/CN=waitingf.org/[email protected]
        ca = OpenSSL::X509::Name.parse(id)
        cert = OpenSSL::X509::Certificate.new
        cert.version = 2
        cert.serial = 1
        cert.subject = ca
        cert.issuer = ca
        cert.public_key = pub
        cert.not_before = Time.now
        cert.not_after = Time.now + (60*60*24*356*3)
        cert.sign(key, OpenSSL::Digest::SHA1.new)
        File.open(path+"/public.pem", "w"){ |f| f.write pub.to_pem }
        File.open(path+"/private/key.pem", "w") { |f| f.write key.to_pem }
        File.open(path+"/cert.pem", "w") { |f| f.write cert.to_pem }
    end
    self.add_command( generate )

    # stop


end