certie 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +7 -0
  2. data/bin/certie +19 -0
  3. data/lib/certie.rb +100 -0
  4. metadata +58 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: d6e1cb8a0e33e9293d80d691f0e8823c67810b388212569e45afcbcd926bfbc9
4
+ data.tar.gz: 3efbdc54c10c9f838d62a257d4427813d24f3f6546531e97a88f3c6a52341d20
5
+ SHA512:
6
+ metadata.gz: 2463d49a316393ad773e4101bf8307d9db69783f4efecaacb84568bbc0a2a993c527356cc95991edb2c3f9cd56d56aa2fe0f4608745da6c6a5d0ac0697cf6f32
7
+ data.tar.gz: 223456217cfc468be901fe28fb161e09ed923cbfaf76905b3681e5d64c0e7bf8bd30e5753cf57eeeec344ea2fe99ddfb731ae60c4158093c4fcaeb8a8b31e0f8
data/bin/certie ADDED
@@ -0,0 +1,19 @@
1
+ #!/usr/bin/env ruby
2
+ require 'certie'
3
+
4
+ def show_usage
5
+ puts "Usage: #{$0} <common_name>"
6
+ puts "Example: #{$0} example.com"
7
+ end
8
+
9
+ ARGV.each do |iterarg|
10
+ if iterarg=='--help'
11
+ show_usage ; exit
12
+ end
13
+ end
14
+
15
+ if ARGV.length == 0
16
+ show_usage ; exit
17
+ end
18
+
19
+ CertificateWrapper.build ARGV[0]
data/lib/certie.rb ADDED
@@ -0,0 +1,100 @@
1
+
2
+ require 'openssl'
3
+
4
+ class CertificateWrapper
5
+ @@subject_prefix = '/C=AE/ST=Dubai/L=Dubai/O=KNR/OU=Software'
6
+
7
+ def self.get_counter_next
8
+ serial = 0
9
+ if File.exists?('serial.txt')
10
+ File.open 'serial.txt', 'r' do |myfile|
11
+ strSerial = myfile.readline
12
+ strSerial.chomp!
13
+ serial = strSerial.to_i
14
+ end
15
+ else
16
+ serial = 0
17
+ end
18
+
19
+ serial += 1
20
+
21
+ File.open 'serial.txt', 'w' do |myfile|
22
+ myfile.print serial.to_s
23
+ end
24
+
25
+ serial
26
+ end
27
+
28
+ def self.create_certificate(cn=nil)
29
+ if cn.nil?
30
+ cn = "ca"
31
+ end
32
+
33
+ subject = @@subject_prefix + '/CN=' + cn
34
+ serial = get_counter_next
35
+
36
+ key = OpenSSL::PKey::RSA.new 2048
37
+ File.open "#{cn}.rsa", 'wb' do |myfile|
38
+ myfile.print key.to_pem
39
+ end
40
+
41
+ cert = OpenSSL::X509::Certificate.new
42
+ cert.version = 2 #This is v3
43
+
44
+ cert.serial = serial
45
+
46
+ cert.subject = OpenSSL::X509::Name.parse subject
47
+ cert.public_key = key.public_key
48
+ cert.not_before = Time.now
49
+ cert.not_after = cert.not_before + (60 * 60 * 24 * 365)
50
+
51
+ ef = OpenSSL::X509::ExtensionFactory.new
52
+
53
+
54
+ if cn == "ca"
55
+ cert.issuer = OpenSSL::X509::Name.parse subject
56
+ ef.subject_certificate = cert
57
+ ef.issuer_certificate = cert
58
+ cert.add_extension ef.create_extension('basicConstraints', 'CA:TRUE', true)
59
+ cert.add_extension ef.create_extension('keyUsage', 'keyCertSign, cRLSign', true)
60
+ cert.add_extension ef.create_extension('subjectKeyIdentifier', 'hash', false )
61
+ cert.add_extension ef.create_extension('authorityKeyIdentifier', 'keyid:always', false)
62
+
63
+ cert.sign key, OpenSSL::Digest.new('SHA256')
64
+
65
+ File.open "#{cn}.cert", 'wb' do |myfile|
66
+ myfile.print cert.to_pem
67
+ end
68
+ else
69
+ rootCert = OpenSSL::X509::Certificate.new File.read 'ca.cert'
70
+ rootKey = OpenSSL::PKey::RSA.new File.read 'ca.rsa'
71
+
72
+ cert.issuer = OpenSSL::X509::Name.parse(@@subject_prefix + '/CN=' + 'ca')
73
+ ef.subject_certificate = cert
74
+ ef.issuer_certificate = rootCert
75
+ # cert.add_extension ef.create_extension('keyUsage', 'digitalSignature', true) # TODO: check if we can set webServer and webClient
76
+ cert.add_extension ef.create_extension('subjectKeyIdentifier', 'hash', false )
77
+
78
+ cert.sign rootKey, OpenSSL::Digest.new('SHA256')
79
+
80
+ File.open "#{cn}.cert", 'wb' do |myfile|
81
+ myfile.print cert.to_pem
82
+ end
83
+ end
84
+
85
+ `openssl pkcs8 -topk8 -inform pem -in "#{cn}.rsa" -out "#{cn}.key" -nocrypt`
86
+ `cat "#{cn}.cert" "#{cn}.key" > "#{cn}.pem"`
87
+ end
88
+
89
+
90
+ def self.build(cn)
91
+ doWeHaveARootCertificate = File.exists? 'ca.cert'
92
+ doWeHaveARootKey = File.exists? 'ca.rsa'
93
+
94
+ if not (doWeHaveARootCertificate and doWeHaveARootKey)
95
+ create_certificate
96
+ end
97
+
98
+ create_certificate cn
99
+ end
100
+ end
metadata ADDED
@@ -0,0 +1,58 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: certie
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.2
5
+ platform: ruby
6
+ authors:
7
+ - Katkam Nitin Reddy
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2020-08-22 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: openssl
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ description:
28
+ email:
29
+ executables:
30
+ - certie
31
+ extensions: []
32
+ extra_rdoc_files: []
33
+ files:
34
+ - bin/certie
35
+ - lib/certie.rb
36
+ homepage:
37
+ licenses: []
38
+ metadata: {}
39
+ post_install_message:
40
+ rdoc_options: []
41
+ require_paths:
42
+ - lib
43
+ required_ruby_version: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ required_rubygems_version: !ruby/object:Gem::Requirement
49
+ requirements:
50
+ - - ">="
51
+ - !ruby/object:Gem::Version
52
+ version: '0'
53
+ requirements: []
54
+ rubygems_version: 3.0.6
55
+ signing_key:
56
+ specification_version: 4
57
+ summary: A utility for generating certificates
58
+ test_files: []