certie 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/bin/certie +19 -0
- data/lib/certie.rb +100 -0
- metadata +58 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: d6e1cb8a0e33e9293d80d691f0e8823c67810b388212569e45afcbcd926bfbc9
|
|
4
|
+
data.tar.gz: 3efbdc54c10c9f838d62a257d4427813d24f3f6546531e97a88f3c6a52341d20
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: 2463d49a316393ad773e4101bf8307d9db69783f4efecaacb84568bbc0a2a993c527356cc95991edb2c3f9cd56d56aa2fe0f4608745da6c6a5d0ac0697cf6f32
|
|
7
|
+
data.tar.gz: 223456217cfc468be901fe28fb161e09ed923cbfaf76905b3681e5d64c0e7bf8bd30e5753cf57eeeec344ea2fe99ddfb731ae60c4158093c4fcaeb8a8b31e0f8
|
data/bin/certie
ADDED
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
require 'certie'
|
|
3
|
+
|
|
4
|
+
def show_usage
|
|
5
|
+
puts "Usage: #{$0} <common_name>"
|
|
6
|
+
puts "Example: #{$0} example.com"
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
ARGV.each do |iterarg|
|
|
10
|
+
if iterarg=='--help'
|
|
11
|
+
show_usage ; exit
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
if ARGV.length == 0
|
|
16
|
+
show_usage ; exit
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
CertificateWrapper.build ARGV[0]
|
data/lib/certie.rb
ADDED
|
@@ -0,0 +1,100 @@
|
|
|
1
|
+
|
|
2
|
+
require 'openssl'
|
|
3
|
+
|
|
4
|
+
class CertificateWrapper
|
|
5
|
+
@@subject_prefix = '/C=AE/ST=Dubai/L=Dubai/O=KNR/OU=Software'
|
|
6
|
+
|
|
7
|
+
def self.get_counter_next
|
|
8
|
+
serial = 0
|
|
9
|
+
if File.exists?('serial.txt')
|
|
10
|
+
File.open 'serial.txt', 'r' do |myfile|
|
|
11
|
+
strSerial = myfile.readline
|
|
12
|
+
strSerial.chomp!
|
|
13
|
+
serial = strSerial.to_i
|
|
14
|
+
end
|
|
15
|
+
else
|
|
16
|
+
serial = 0
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
serial += 1
|
|
20
|
+
|
|
21
|
+
File.open 'serial.txt', 'w' do |myfile|
|
|
22
|
+
myfile.print serial.to_s
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
serial
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def self.create_certificate(cn=nil)
|
|
29
|
+
if cn.nil?
|
|
30
|
+
cn = "ca"
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
subject = @@subject_prefix + '/CN=' + cn
|
|
34
|
+
serial = get_counter_next
|
|
35
|
+
|
|
36
|
+
key = OpenSSL::PKey::RSA.new 2048
|
|
37
|
+
File.open "#{cn}.rsa", 'wb' do |myfile|
|
|
38
|
+
myfile.print key.to_pem
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
cert = OpenSSL::X509::Certificate.new
|
|
42
|
+
cert.version = 2 #This is v3
|
|
43
|
+
|
|
44
|
+
cert.serial = serial
|
|
45
|
+
|
|
46
|
+
cert.subject = OpenSSL::X509::Name.parse subject
|
|
47
|
+
cert.public_key = key.public_key
|
|
48
|
+
cert.not_before = Time.now
|
|
49
|
+
cert.not_after = cert.not_before + (60 * 60 * 24 * 365)
|
|
50
|
+
|
|
51
|
+
ef = OpenSSL::X509::ExtensionFactory.new
|
|
52
|
+
|
|
53
|
+
|
|
54
|
+
if cn == "ca"
|
|
55
|
+
cert.issuer = OpenSSL::X509::Name.parse subject
|
|
56
|
+
ef.subject_certificate = cert
|
|
57
|
+
ef.issuer_certificate = cert
|
|
58
|
+
cert.add_extension ef.create_extension('basicConstraints', 'CA:TRUE', true)
|
|
59
|
+
cert.add_extension ef.create_extension('keyUsage', 'keyCertSign, cRLSign', true)
|
|
60
|
+
cert.add_extension ef.create_extension('subjectKeyIdentifier', 'hash', false )
|
|
61
|
+
cert.add_extension ef.create_extension('authorityKeyIdentifier', 'keyid:always', false)
|
|
62
|
+
|
|
63
|
+
cert.sign key, OpenSSL::Digest.new('SHA256')
|
|
64
|
+
|
|
65
|
+
File.open "#{cn}.cert", 'wb' do |myfile|
|
|
66
|
+
myfile.print cert.to_pem
|
|
67
|
+
end
|
|
68
|
+
else
|
|
69
|
+
rootCert = OpenSSL::X509::Certificate.new File.read 'ca.cert'
|
|
70
|
+
rootKey = OpenSSL::PKey::RSA.new File.read 'ca.rsa'
|
|
71
|
+
|
|
72
|
+
cert.issuer = OpenSSL::X509::Name.parse(@@subject_prefix + '/CN=' + 'ca')
|
|
73
|
+
ef.subject_certificate = cert
|
|
74
|
+
ef.issuer_certificate = rootCert
|
|
75
|
+
# cert.add_extension ef.create_extension('keyUsage', 'digitalSignature', true) # TODO: check if we can set webServer and webClient
|
|
76
|
+
cert.add_extension ef.create_extension('subjectKeyIdentifier', 'hash', false )
|
|
77
|
+
|
|
78
|
+
cert.sign rootKey, OpenSSL::Digest.new('SHA256')
|
|
79
|
+
|
|
80
|
+
File.open "#{cn}.cert", 'wb' do |myfile|
|
|
81
|
+
myfile.print cert.to_pem
|
|
82
|
+
end
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
`openssl pkcs8 -topk8 -inform pem -in "#{cn}.rsa" -out "#{cn}.key" -nocrypt`
|
|
86
|
+
`cat "#{cn}.cert" "#{cn}.key" > "#{cn}.pem"`
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
|
|
90
|
+
def self.build(cn)
|
|
91
|
+
doWeHaveARootCertificate = File.exists? 'ca.cert'
|
|
92
|
+
doWeHaveARootKey = File.exists? 'ca.rsa'
|
|
93
|
+
|
|
94
|
+
if not (doWeHaveARootCertificate and doWeHaveARootKey)
|
|
95
|
+
create_certificate
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
create_certificate cn
|
|
99
|
+
end
|
|
100
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: certie
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.2
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- Katkam Nitin Reddy
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: bin
|
|
10
|
+
cert_chain: []
|
|
11
|
+
date: 2020-08-22 00:00:00.000000000 Z
|
|
12
|
+
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: openssl
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - ">="
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: '0'
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - ">="
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: '0'
|
|
27
|
+
description:
|
|
28
|
+
email:
|
|
29
|
+
executables:
|
|
30
|
+
- certie
|
|
31
|
+
extensions: []
|
|
32
|
+
extra_rdoc_files: []
|
|
33
|
+
files:
|
|
34
|
+
- bin/certie
|
|
35
|
+
- lib/certie.rb
|
|
36
|
+
homepage:
|
|
37
|
+
licenses: []
|
|
38
|
+
metadata: {}
|
|
39
|
+
post_install_message:
|
|
40
|
+
rdoc_options: []
|
|
41
|
+
require_paths:
|
|
42
|
+
- lib
|
|
43
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
44
|
+
requirements:
|
|
45
|
+
- - ">="
|
|
46
|
+
- !ruby/object:Gem::Version
|
|
47
|
+
version: '0'
|
|
48
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
49
|
+
requirements:
|
|
50
|
+
- - ">="
|
|
51
|
+
- !ruby/object:Gem::Version
|
|
52
|
+
version: '0'
|
|
53
|
+
requirements: []
|
|
54
|
+
rubygems_version: 3.0.6
|
|
55
|
+
signing_key:
|
|
56
|
+
specification_version: 4
|
|
57
|
+
summary: A utility for generating certificates
|
|
58
|
+
test_files: []
|