class SchleuderCertManager
Public Class Methods
error(msg)
click to toggle source
# File lib/schleuder/cli/schleuder_cert_manager.rb, line 62 def self.error(msg) $stderr.puts "Error: #{msg}" exit 1 end
fingerprint(cert)
click to toggle source
# File lib/schleuder/cli/schleuder_cert_manager.rb, line 51 def self.fingerprint(cert) if ! cert.is_a?(OpenSSL::X509::Certificate) path = Pathname.new(cert).expand_path if ! path.readable? error "Error: Not a readable file: #{path}" end cert = OpenSSL::X509::Certificate.new(path.read) end OpenSSL::Digest::SHA256.new(cert.to_der).to_s end
generate(project_name, filename_key, filename_cert)
click to toggle source
# File lib/schleuder/cli/schleuder_cert_manager.rb, line 5 def self.generate(project_name, filename_key, filename_cert) keysize = 2048 subject = "/C=MW/O=Schleuder/OU=#{project_name}" filename_key = Pathname.new(filename_key).expand_path filename_cert = Pathname.new(filename_cert).expand_path key = OpenSSL::PKey::RSA.new(keysize) cert = OpenSSL::X509::Certificate.new cert.subject = OpenSSL::X509::Name.parse(subject) cert.issuer = cert.subject cert.not_before = Time.now cert.not_after = Time.now + 10 * 365 * 24 * 60 * 60 cert.public_key = key.public_key cert.serial = 0x0 cert.version = 2 ef = OpenSSL::X509::ExtensionFactory.new ef.subject_certificate = cert ef.issuer_certificate = cert cert.extensions = [ ef.create_extension('basicConstraints', 'CA:TRUE', true), ef.create_extension('subjectKeyIdentifier', 'hash'), ] cert.add_extension ef.create_extension('authorityKeyIdentifier', 'keyid:always,issuer:always') cert.sign key, OpenSSL::Digest::SHA256.new filename_key = prepare_writing(filename_key) filename_cert = prepare_writing(filename_cert) filename_key.open('w', 400) do |fd| fd.puts key end puts "Private key written to: #{filename_key}" filename_cert.open('w') do |fd| fd.puts cert.to_pem end puts "Certificate written to: #{filename_cert}" fingerprint(cert) rescue => exc error exc.message end
note(msg)
click to toggle source
# File lib/schleuder/cli/schleuder_cert_manager.rb, line 67 def self.note(msg) $stdout.puts "Note: #{msg}" end
prepare_writing(filename)
click to toggle source
# File lib/schleuder/cli/schleuder_cert_manager.rb, line 71 def self.prepare_writing(filename) if filename.exist? note "File exists: #{filename} — writing to current directory, you should move the file manually or change the configuration file." if filename.basename.exist? error "File exists: #{filename.basename} — (re)move it or fix previous error and try again." end filename = filename.basename end if ! filename.dirname.exist? filename.dirname.mkpath end filename end