class Xml::Kit::SelfSignedCertificate

Constants

SUBJECT

Public Instance Methods

create(algorithm: 'AES-256-CBC', passphrase: nil, key_pair: OpenSSL::PKey::RSA.new(2048)) click to toggle source
# File lib/xml/kit/self_signed_certificate.rb, line 8
def create(algorithm: 'AES-256-CBC',
           passphrase: nil,
           key_pair: OpenSSL::PKey::RSA.new(2048))
  certificate = certificate_for(key_pair.public_key)
  certificate.sign(key_pair, OpenSSL::Digest::SHA256.new)
  [certificate.to_pem, export(key_pair, algorithm, passphrase)]
end

Private Instance Methods

apply_ski_extension_to(certificate) click to toggle source
# File lib/xml/kit/self_signed_certificate.rb, line 40
def apply_ski_extension_to(certificate)
  extensions = OpenSSL::X509::ExtensionFactory.new
  extensions.subject_certificate = certificate
  extensions.issuer_certificate = certificate
  certificate.add_extension(
    extensions.create_extension('subjectKeyIdentifier', 'hash', false)
  )
end
certificate_for(public_key) click to toggle source
# File lib/xml/kit/self_signed_certificate.rb, line 27
def certificate_for(public_key)
  certificate = OpenSSL::X509::Certificate.new
  certificate.subject =
    certificate.issuer = OpenSSL::X509::Name.parse(SUBJECT)
  certificate.not_before = Time.now
  certificate.not_after = certificate.not_before + 30 * 24 * 60 * 60 # 30 days
  certificate.public_key = public_key
  certificate.serial = 0x0
  certificate.version = 2
  apply_ski_extension_to(certificate)
  certificate
end
export(key_pair, algorithm, passphrase) click to toggle source
# File lib/xml/kit/self_signed_certificate.rb, line 18
def export(key_pair, algorithm, passphrase)
  if passphrase.present?
    cipher = OpenSSL::Cipher.new(algorithm)
    key_pair.export(cipher, passphrase)
  else
    key_pair.export
  end
end