chef-vault-pki 0.1.0

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    YTNjZmU0Mzc0ZWZhYjdkNTgwMjlhODNhYjlkOTc5M2JjYWY0ZmY0MA==
+  data.tar.gz: !binary |-
+    ZWUwODczNDcxNzgyYzg5MjM5ZjlkOWVkNjExZjRmYzVjMzY3ZGUxZg==
+SHA512:
+  metadata.gz: !binary |-
+    ODA5NTVmYTgyOWRkZGRiNWQxZDhhNzRiYWNhOGM0YjZlMzE3YzczNTc3MDk0
+    ZTc3YTI1ZDViZTIyNTM5NzQwYzY2MjNjYzhhMzNiMTRhNTkxMWM2OTk2NTg5
+    MTMxNmM5ZGU5OGRkM2UxMGI5YjQ3OTNlZTM4NTliYTg1NGFhNjc=
+  data.tar.gz: !binary |-
+    NjI4OWQ2OTJiNzllYzI2NzJhZDhkMGJjZmMyZWY4OGMwYTQ5MzcwN2IwZTU4
+    NDI4YjkwZGYxNzRiNmEwY2Y2ZjExNmNmZmQ1YjA4YjBhY2U5MjVlYWZiNWQx
+    YzRjYWE0MDdmNzlmNzhlMjJjMWNkMWMzNjY2ZTk3ZDc5ZTUwN2E=

data/bin/chef-vault-pki

@@ -0,0 +1,72 @@
+#!/usr/bin/env ruby
+
+require 'openssl'
+require 'base64'
+require 'optparse'
+
+version = '0.1.0'
+options = {
+  :name => "chef_vault_pki_ca",
+  :expire => 3655,
+  :output => 'json'
+}
+
+OptionParser.new do |opts|
+  opts.banner = "Usage chef-vault-pki [options]"
+
+  opts.on("-n", "--name NAME", "NAME for SSL certificate. Defaults to #{options[:name]}") do |n|
+    options[:name] = n
+  end
+
+  opts.on("-e", "--expires DAYS", "Certificate expires in DAYS days. Defaults to #{options[:expire]}") do |e|
+    options[:expire] = e
+  end
+
+  opts.on("-o", "--output FORMAT", "Output format (json,text). Defaults to #{options[:output]}") do |o|
+    options[:output] = o
+  end
+
+  opts.on("-h", "--help", "Show this message") do
+    puts opts
+    exit
+  end
+
+  opts.on("-v", "--version", "Show version") do
+    puts "Version #{version}"
+    exit
+  end
+
+end.parse!
+
+key = OpenSSL::PKey::RSA.new 2048
+
+name = OpenSSL::X509::Name.parse "CN=#{options[:name]}"
+
+expires = Time.now + (options[:expire] * 3600 * 24)
+
+cert = OpenSSL::X509::Certificate.new
+cert.version = 3
+cert.serial = 0
+cert.not_before = Time.now
+cert.not_after = expires
+cert.public_key = key.public_key
+cert.subject = name
+cert.issuer = name
+#cert.sign key, OpenSSL::Digest::SHA1.new
+extension_factory = OpenSSL::X509::ExtensionFactory.new
+extension_factory.subject_certificate = cert
+extension_factory.issuer_certificate = cert
+extension_factory.create_extension 'subjectKeyIdentifier', 'hash'
+extension_factory.create_extension 'basicConstraints', 'CA:TRUE', true
+extension_factory.create_extension 'keyUsage', 'cRLSign,keyCertSign', true
+cert.sign key, OpenSSL::Digest::SHA1.new
+
+case options[:output].downcase
+when 'json'
+  require 'json'
+  puts ({ :cert => cert.to_pem, :key => key.to_pem }.to_json)
+else
+  puts cert.to_pem
+  puts key.to_pem
+end
+

metadata

@@ -0,0 +1,45 @@
+--- !ruby/object:Gem::Specification
+name: chef-vault-pki
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Fraser Scott
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-02-21 00:00:00.000000000 Z
+dependencies: []
+description: Generate a CA for chef_vault_pki cookbook
+email: fraser.scott@gmail.com
+executables:
+- chef-vault-pki
+extensions: []
+extra_rdoc_files: []
+files:
+- bin/chef-vault-pki
+homepage: https://github.com/zeroXten/chef-vault-pki
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.1
+signing_key: 
+specification_version: 4
+summary: Generate a CA for chef_vault_pki cookbook
+test_files: []