bitca 2.0.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 526308b797c2fa7fd78cf53134001ffe88915e1a
+  data.tar.gz: c347aea101daf5ad97122ef78598ff9be053e7dd
+SHA512:
+  metadata.gz: 9e828ed837fa4f45ad59cbb229c413d30c006a010c9d7ddb091e1b50f3f6b2312463a4215f80f09605a115d18df675c4732859b55c1e75b7253295119e45c7c5
+  data.tar.gz: 2524b029adc60d4d7be33565b99e29c5f532611f7c9776b2be20c3552e9231c211d5b45228fe90c1ed2bba15986cf691854255e233e2e31342f74ade2effba71

data/.gitignore

@@ -0,0 +1,38 @@
+# ignore everything in log and pids directory, but keep it
+pid/*
+!pid/.gitignore
+log/*
+!log/.gitignore
+
+# temporary dir
+tmp/
+
+# config
+config/config.yml
+config/original_config.yml
+
+# JetBrains RubyMine files
+.idea
+
+# vim temporary files
+*.swp
+*.swo
+
+# gem related
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/LICENSE

@@ -0,0 +1,190 @@
+   Evia Project - bitca
+   Copyright 2013 Relbit Ltd.
+
+   Unless explicitly noted otherwise, all files under this directory are
+   licensed under the Apache License, Version 2.0 (the "License"); you may
+   not use this product except in compliance with the License attached
+   below.
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted" 
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution." 
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS

data/README.md

@@ -0,0 +1,29 @@
+# Bitca
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'bitca'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install bitca
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,18 @@
+require "bundler/gem_tasks"
+
+# Monkey patch Bundler gem_helper so we release to our gem server instead of rubygems.org
+module Bundler
+  class GemHelper
+    def rubygem_push(path)
+      gem_server_url = 'http://gem.int.prg.relbit.com:80/'
+      sh("gem inabox '#{path}' --host #{gem_server_url}")
+      Bundler.ui.confirm "Pushed #{name} #{version} to #{gem_server_url}"
+    end
+    def perform_git_push(options = '')
+      puts "not pushing for now ... "
+      cmd = "git push #{options}"
+      out, code = sh_with_code(cmd)
+      raise "Couldn't git push. `#{cmd}' failed with the following output:\n\n#{out}\n" unless code == 0
+    end
+  end
+end

data/VERSION

@@ -0,0 +1 @@
+2.0.2

data/bin/bitca

@@ -0,0 +1,103 @@
+#!/usr/bin/env ruby
+
+APP_DIR = File.expand_path("#{File.dirname(__FILE__)}/../")
+require APP_DIR + "/lib/bitca"
+
+options = {
+  :config_path => "/etc/bitca.yml"
+}
+
+optparse = OptionParser.new do |opts|
+  opts.banner = "Usage: bitca [options]"
+  opts.define_head "Main, version #pojebse"
+  opts.separator "\nOptions:"
+  
+  opts.on('-c', '--config FILE', "Path to config file, defaults to #{options[:config_path]}") do |config_path|
+    options[:config_path] = File.expand_path("#{Dir.getwd}/#{config_path}")
+  end
+  
+  opts.on('-i', '--init', "Initialize the CA and pwdgen for the first time") do |init|
+    options[:init] = init
+  end
+  
+  opts.on('-g', "--generate HOSTNAME", "Generate key and password for HOSTNAME (unless --keys-only or --pwd-only was given)") do |hostname|
+    options[:hostname] = hostname
+    options[:generate] = true
+  end
+  
+  opts.on('-s', "--show HOSTNAME", "Show key and password for HOSTNAME (unless --keys-only or --pwd-only was given)") do |hostname|
+    options[:hostname] = hostname
+    options[:generate] = false
+  end
+
+  opts.on('-f', "--force", "Overwrite existing keys/pwd") do |force|
+    options[:force] = force
+  end
+  
+  opts.on('-k', "--keys-only", "Generate keys only") do |keys_only|
+    options[:keys_only] = keys_only
+  end
+  
+  opts.on('-p', "--pwd-only", "Generate pwd only") do |pwd_only|
+    options[:pwd_only] = pwd_only
+  end
+
+  opts.on('-m', "--print-sample-config", "Prints sample config") do |print_sample_config|
+    options[:print_sample_config] = print_sample_config
+  end
+  
+  opts.on("-v", "--version", "Prints version") do
+    puts "Bitca, version #{Bitca::VERSION}"
+    exit
+  end
+  
+  help = Proc.new do
+    puts opts
+    puts
+    puts 'To initiate a new CA:'
+    puts 'bitca --init'
+    puts
+    puts 'To generate bundle of HTTP basic password and RSA key signed by CA:'
+    puts 'bitca --generate example.com'
+    puts
+    puts 'bitca --generate example.com --key-only'
+    puts 'bitca --generate example.com --pwd-only'
+
+    exit
+  end
+  
+  opts.on_tail('-h','--help', 'Show this message', &help)
+  help.call if ARGV.empty?
+end
+
+begin
+  optparse.parse!
+  raise "Don't know what to do, because --pwd-only and --key-only were given at the same time" if options[:pwd_only] && options[:key_only]
+rescue => e
+  STDERR.puts(e.message)
+  exit(1)
+end
+
+begin
+  if options[:print_sample_config]
+    Bitca::Main.print_sample_config
+    exit
+  end
+
+  bitca = Bitca::Main.new options[:config_path]
+
+  if options[:init]
+    bitca.init
+  end
+  
+  unless options[:hostname].nil?
+    bitca.generate(options[:hostname], options) if options[:generate]
+    STDOUT.puts JSON.pretty_generate(bitca.show(options[:hostname], options))
+  end
+rescue Bitca::ConfigMissingError => e
+  STDERR.puts(e.message)
+  Bitca::Main.print_sample_config
+  exit
+rescue => e
+  STDERR.puts("Main operation failed: #{e.message}")
+end

data/bitca.gemspec

@@ -0,0 +1,22 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'bitca/version'
+
+Gem::Specification.new do |gem|
+  gem.name          = "bitca"
+  gem.version       = Bitca::VERSION
+  gem.authors       = ["snajpa"]
+  gem.email         = ["pavel.snajdr@relbit.com"]
+  gem.description   = "Bitca"
+  gem.summary       = "Bitca"
+  gem.homepage      = ""
+
+  gem.files         = `git ls-files`.split($/)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+  gem.add_development_dependency 'geminabox', '~>0.10.1'
+  gem.add_dependency 'rake', '~>10.1.0'
+  gem.add_dependency 'json', '~>1.8.0'
+end

data/ca.crt

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDiDCCAnACCQCiN90NTa66gjANBgkqhkiG9w0BAQQFADCBhTEWMBQGA1UEChMN
+UmVsYml0IHMuci5vLjELMAkGA1UECxMCTkExHDAaBgkqhkiG9w0BCQEWDWNhQHJl
+bGJpdC5jb20xEzARBgNVBAcTCkJyYXRpc2xhdmExETAPBgNVBAgTCFNsb3Zha2lh
+MQswCQYDVQQGEwJTSzELMAkGA1UEAxMCY2EwHhcNMTIxMTEyMTYxNTA4WhcNMjIx
+MTEwMTYxNTA4WjCBhTEWMBQGA1UEChMNUmVsYml0IHMuci5vLjELMAkGA1UECxMC
+TkExHDAaBgkqhkiG9w0BCQEWDWNhQHJlbGJpdC5jb20xEzARBgNVBAcTCkJyYXRp
+c2xhdmExETAPBgNVBAgTCFNsb3Zha2lhMQswCQYDVQQGEwJTSzELMAkGA1UEAxMC
+Y2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz2K29bvlK5gDqRj0M
+JPz8AlUKJolK2AgZLNOZVzk+LL39S4yZeNzGygv223B636BbfBelRiyc7oYeV6kJ
+QKCyXoDx2i5wGuynHteQ2X2n7LeuxO+glfUn0XZD5UHuxLk8nYqlcalLDRdehDQ3
+jQSM43fu6eGDZwYtXqdORFZf2cSMpoffGmbZHZhus9wic5hKwy8FmWppF0tRn556
+EvVkMLCwqw9/iXGKiriiNt+ePhEUnjAGEXw5LMXWDEzjHS7mS1UUvdOiiC50ontt
+8a010ClRpEDNG2Sg/Tveao+j7j2u3OjL/6DSREQtV2Z4nYJyMmRy53nVSomTBA6l
+GfeDAgMBAAEwDQYJKoZIhvcNAQEEBQADggEBAHJ4IqLKPndVF30/DCY/tfOZoK8z
+z9e5jq/SFdAoO16oP5nBVdG8D1emiRgnE0OMFODk39L8FDFp5q9eFM3e3iqdzml0
+l8fCiN856Jp+gbdFTyu/NqccpEBOmUf5I9zKPukj1pcxGzpri1snfRgAN5GNBdiW
+qbYQ+t9lvuT/w8Fu/mxrYxui+6u67+v81z3mFJLfiCqWa/H8Z7ErKb6Z5GtTOrxA
+t+ttzU/GHSncOB1GZD832wDU3jKi0CvNm2nQ8IYwjI/JDTM67EF/RC/Sn1fL7xY4
+I9hAMwrXuke4Hdh0kSem0MoLrtmNfmTIC4WgekmUv1AGa9aTVTk9fkUsUnA=
+-----END CERTIFICATE-----

data/config/sample_config.yml

@@ -0,0 +1,10 @@
+path:                   /tmp/uzasnanovaCA
+pwdsize:                40
+keysize:                2048
+days:                   3650
+countryName:            SK
+stateOrProvinceName:    Slovakia
+localityName:           Bratislava
+organizationName:       Relbit s.r.o.
+organizationalUnitName: NA
+emailAddress:           ca@relbit.com

data/lib/bitca.rb

@@ -0,0 +1,16 @@
+require 'rubygems'
+require 'json'
+require 'erb'
+require 'optparse'
+require 'yaml'
+
+$:.unshift File.dirname(__FILE__)
+
+require 'bitca/main'
+require 'bitca/certificate_authority'
+require 'bitca/pwdgen'
+require 'bitca/version'
+
+module Bitca
+
+end

data/lib/bitca/certificate_authority.rb

@@ -0,0 +1,192 @@
+module Bitca
+  class CertificateAuthorityError < StandardError; end
+
+  class CertificateAuthority
+    def initialize(rootpath='.',keysize=2048,days=3650)
+      @rootpath    = rootpath
+      @capath      = "#@rootpath/ca"
+      @ca_crt      = "#@capath/ca.crt"
+      @ca_key      = "#@capath/ca.key"
+      @keyspath    = "#@rootpath/keys"
+      @cfgpath     = "#@rootpath/cfg"
+      @cfgtemplate = "#@rootpath/cfg.erb"
+      @keysize     = keysize
+      @days        = days
+    end
+
+    def list(type = :key)
+      items = []
+
+      Dir.foreach(@keyspath) do |f|
+        next unless f =~ /\.#{type}$/
+        items << f.gsub(/\.#{type}$/, '')
+      end
+
+      items
+    end
+
+    def ca_exists?
+      File.exist?(@ca_crt) and File.exist?(@ca_key)
+    end
+
+    def req_exists?(cn)
+      File.exist?("#@keyspath/#{cn}.csr")
+    end
+
+    def key_exists?(cn)
+      File.exist?("#@keyspath/#{cn}.key")
+    end
+
+    def crt_exists?(cn)
+      File.exist?("#@keyspath/#{cn}.crt")
+    end
+
+    def genkey(cn)
+      openssl :genrsa, "-out #@keyspath/#{cn}.key #@keysize"
+    end
+
+    def genreq(cn)
+      gencfg cn
+      openssl :req, "-new -key #@keyspath/#{cn}.key -out #@keyspath/#{cn}.csr -batch -config #@cfgpath/#{cn}"
+    end
+
+    def sign(cn)
+      openssl :x509, "-req -in #@keyspath/#{cn}.csr -CA #@ca_crt -CAkey #@ca_key -CAcreateserial -out #@keyspath/#{cn}.crt -days #@days"
+    end
+
+    def get_bundle(cn)
+      list = {}
+
+      { :ca_crt => @ca_crt,
+        :cfg => "#@cfgpath/#{cn}",
+        :crt => "#@keyspath/#{cn}.crt",
+        :csr => "#@keyspath/#{cn}.csr",
+        :key => "#@keyspath/#{cn}.key"}.each do |type, f|
+        list[type] = File.read(f) if File.exist?(f)
+      end
+
+      list
+    end
+
+    def get_files(cn)
+      list = {}
+
+      { :cfg => "#@cfgpath/#{cn}",
+        :crt => "#@keyspath/#{cn}.crt",
+        :csr => "#@keyspath/#{cn}.csr",
+        :key => "#@keyspath/#{cn}.key"}.each do |type, f|
+        list[type] = f if File.exist?(f)
+      end
+
+      list
+    end
+
+    def remove(cn)
+      return false unless key_exists?(cn)
+
+      get_files(cn).each do |type, f|
+        File.delete(f)
+      end
+
+      true
+    end
+
+    def genca (params = {})
+      return false if ca_exists?
+
+      gencfg_template params
+      gencfg "ca"
+
+      openssl :genrsa, "-out #@ca_key #@keysize"
+      openssl :req, "-x509 -new -days #@days -nodes -out #@ca_crt -key #@ca_key -batch -config #@cfgpath/ca"
+
+      File.chmod(0600, @ca_key, @ca_crt)
+
+      true
+    end
+
+    private
+    def mkdirs
+      mask = 0700
+      Dir.mkdir(@rootpath, mask) unless File.directory?(@rootpath)
+      Dir.mkdir(@capath, mask)   unless File.directory?(@capath)
+      Dir.mkdir(@keyspath, mask) unless File.directory?(@keyspath)
+      Dir.mkdir(@cfgpath, mask)  unless File.directory?(@cfgpath)
+    end
+
+    def gencfg(cn)
+      mkdirs
+
+      commonName = cn
+
+      erb = ERB.new(File.read(@cfgtemplate))
+
+      file = File.new("#@cfgpath/#{cn}", "w")
+      file.write(erb.result(binding))
+      file.close
+    end
+
+    def gencfg_template(params = {})
+      mkdirs
+
+      vars = {}
+
+      %w( countryName
+          stateOrProvinceName
+          localityName
+          organizationName
+          organizationalUnitName
+          emailAddress ).each do |v|
+        unless params[v.to_sym].nil?
+          vars[v.to_sym] = params[v.to_sym]
+        else
+          vars[v.to_sym] = "NA"
+        end
+      end
+
+      cfg = %q{
+        [ req ]
+        default_bits = <%= @keysize %>
+        default_keyfile = key.pem
+        default_md = md5
+        string_mask = nombstr
+        distinguished_name = req_distinguished_name
+
+        [ req_distinguished_name ]
+        0.organizationName = Organization Name (company)
+        organizationalUnitName = Organizational Unit Name (department, division)
+        emailAddress = Email Address
+        emailAddress_max = 40
+        localityName = Locality Name (city, district)
+        stateOrProvinceName = State or Province Name (full name)
+        countryName = Country Name (2 letter code)
+        countryName_min = 2
+        countryName_max = 2
+        commonName = Common Name (hostname, IP, or your name)
+        commonName_max = 64
+
+        countryName_default             = <%= vars[:countryName] %>
+        stateOrProvinceName_default     = <%= vars[:stateOrProvinceName] %>
+        localityName_default            = <%= vars[:localityName] %>
+        0.organizationName_default      = <%= vars[:organizationName] %>
+        organizationalUnitName_default  = <%= vars[:organizationalUnitName] %>
+        commonName_default              = <%%= commonName %>
+        emailAddress_default            = <%= vars[:emailAddress] %>
+      }.gsub(/^\s+/, '')
+
+      erb = ERB.new(cfg)
+
+      file = File.new(@cfgtemplate, "w")
+      file.write(erb.result(binding))
+      file.close
+    end
+
+    def openssl(command, params)
+      `openssl #{command.to_s} #{params} 2>&1 >/dev/null`
+
+      raise CertificateAuthorityError, "openssl call error: #{cmd}" unless $?.exitstatus == 0
+
+      true
+    end
+  end
+end

data/lib/bitca/main.rb

@@ -0,0 +1,82 @@
+module Bitca
+
+  class ConfigMissingError < StandardError; end
+
+  class Main
+
+    def self.print_sample_config
+      STDOUT.puts(File.read("#{APP_DIR}/config/sample_config.yml"))
+    end
+
+    def initialize(config_path)
+      raise ConfigMissingError, "Config '#{File.expand_path(config_path)}' does not exist" unless File.exists?(config_path)
+      @config = symbolize_keys(YAML.load_file(config_path))
+      @ca = CertificateAuthority.new(@config[:path], @config[:keysize], @config[:days])
+      @pwdgen = Pwdgen.new(@config[:path], @config[:pwdsize])
+    end
+
+    def init
+      unless @ca.ca_exists?
+        @ca.genca @config
+        @pwdgen.init
+      else
+        raise "CA already initialized"
+      end
+    end
+
+    def generate(hostname, options)
+      raise "CA not initialized" unless @ca.ca_exists?
+
+      unless options[:pwd_only]
+        if @ca.list.include?(hostname) && !options[:force]
+          raise "Keys for #{hostname} already exist"
+        else
+          @ca.genkey hostname
+          @ca.genreq hostname
+          @ca.sign   hostname
+        end
+      end
+
+      unless options[:keys_only]
+        if @pwdgen.list.include?(hostname) && !options[:force]
+          raise "Password for #{hostname} already exists"
+        else
+          @pwdgen.genpwd hostname
+        end
+      end
+    end
+
+    def show(hostname, options)
+      raise "CA not initialized" unless @ca.ca_exists?
+
+      ret = {}
+
+      unless options[:pwd_only]
+        if @ca.list.include?(hostname)
+          ret.merge!(@ca.get_bundle(hostname))
+        else
+          raise "Keys for #{hostname} do not exist"
+        end
+      end
+
+      unless options[:keys_only]
+        if @pwdgen.list.include?(hostname)
+          ret.merge!({:password => @pwdgen.getpwd(hostname)})
+        else
+          raise "Password for #{hostname} does not exist"
+        end
+      end
+
+      ret
+    end
+
+    private
+    def symbolize_keys(hash)
+      new = {}
+      hash.each { |k, v| new[k.to_sym] = v.class == Hash ? self.symbolize_keys(v) : v }
+      new
+    end
+
+  end
+
+end

data/lib/bitca/pwdgen.rb

@@ -0,0 +1,49 @@
+module Bitca
+  class Pwdgen
+    def initialize(rootpath = '.', pwdsize = 40)
+      @pwdsize = pwdsize
+      @rootpath = rootpath
+      @pwdpath = "#{rootpath}/pwd"
+    end
+
+    def init
+      Dir.mkdir(@pwdpath, 0700) unless File.directory?(@pwdpath)
+    end
+
+    def list
+      items = []
+
+      Dir.foreach(@pwdpath) do |f|
+        next unless f =~ /\.pwd$/
+        items << f.gsub(/\.pwd$/, '')
+      end
+
+      items
+    end
+
+    def pwd_exists?(cn)
+      File.exist?("#{@pwdpath}/#{cn}.pwd")
+    end
+
+    def genpwd(cn)
+      chars = (('a'..'z').to_a + ('A'..'Z').to_a + ('0'..'9').to_a) + %w(i I o O 1 l 0)
+      pwd = (1..@pwdsize).collect{|a| chars[rand(chars.size)] }.join
+
+      f = File.new("#{@pwdpath}/#{cn}.pwd", "w")
+      f.puts pwd
+      f.close
+
+      pwd
+    end
+
+    def getpwd(cn)
+      return false unless pwd_exists?(cn)
+      File.read("#{@pwdpath}/#{cn}.pwd").gsub /\n/, ''
+    end
+
+    def remove(cn)
+      return false unless pwd_exists?(cn)
+      File.delete("#{@pwdpath}/#{cn}.pwd")
+    end
+  end
+end

data/lib/bitca/version.rb

@@ -0,0 +1,3 @@
+module Bitca
+  VERSION = '2.0.2'
+end

metadata

@@ -0,0 +1,101 @@
+--- !ruby/object:Gem::Specification
+name: bitca
+version: !ruby/object:Gem::Version
+  version: 2.0.2
+platform: ruby
+authors:
+- snajpa
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-04-07 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: geminabox
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.10.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.10.1
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 10.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 10.1.0
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.8.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.8.0
+description: Bitca
+email:
+- pavel.snajdr@relbit.com
+executables:
+- bitca
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- VERSION
+- bin/bitca
+- bitca.gemspec
+- ca.crt
+- config/sample_config.yml
+- lib/bitca.rb
+- lib/bitca/certificate_authority.rb
+- lib/bitca/main.rb
+- lib/bitca/pwdgen.rb
+- lib/bitca/version.rb
+homepage: ''
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Bitca
+test_files: []