devcert 1.0.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/devcert/cli.rb +34 -6
  3. data/lib/devcert/export.rb +1 -1
  4. data/lib/devcert/genca.rb +13 -4
  5. data/lib/devcert/issue.rb +16 -5
  6. data/lib/devcert/util.rb +34 -9
  7. data/lib/devcert/version.rb +1 -1
  8. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 793a477e3f93c1fee0c6f0ba7e5ae1f0259fc162
4
- data.tar.gz: 84d588c31894cc0e1749b044907f88f3dbec542f
3
+ metadata.gz: 524bdedd2d34226aadd340479748ed1db37d4467
4
+ data.tar.gz: 2e26e8060d094d6b33adc0ceba90844e50e915d2
5
5
  SHA512:
6
- metadata.gz: 314254b2fbd1d4d6033e8def3419a7388d336b6e0eb332a2bd8dbb33bba47b64170bce0b4da5ffca86ecd7873b01953ecaed0c609869bb4598bf0bbcba7a3268
7
- data.tar.gz: 8f25a98c9c67265fb78367c4da903b140880c04b7098f559d48a9960dcd422e8620317d0f06d375d23eee36dc5146aa0a6a137703a8eba1207c9d2df2eba6718
6
+ metadata.gz: f10dfa18dc5a94131ddfccdaab39901bc0036e3df02e365b2aed76eef0c912391c619a4a6ef2a746726e10cd9ab0a13d1f06a8142d10b13bfaf2ceba5f983860
7
+ data.tar.gz: 1a519f09de81ed0927f0a697f1ced2c6a64b8e83b36d598f08a404d1481d826469dbdbcaa353e2bde41d1ffbdf4133f3392194efdb88ea10b35221c56a152fe8
data/lib/devcert/cli.rb CHANGED
@@ -15,22 +15,36 @@ module DevCert
15
15
  desc: 'Output directory'
16
16
  )
17
17
  method_option(
18
- :key_size,
18
+ :key_type,
19
+ enum: ['rsa', 'ec'],
20
+ default: 'rsa',
21
+ desc: 'Key type'
22
+ )
23
+ method_option(
24
+ :rsa_key_size,
19
25
  type: :numeric,
20
26
  default: 2048,
21
27
  desc: 'RSA key size in bits'
22
28
  )
29
+ method_option(
30
+ :ec_key_size,
31
+ enum: ['256', '384'],
32
+ default: '256',
33
+ desc: 'EC key size in bits'
34
+ )
23
35
  method_option(
24
36
  :validity,
25
37
  type: :numeric,
26
- default: 90,
38
+ default: 180,
27
39
  desc: 'CA certificate validity in days'
28
40
  )
29
41
  def genca(ca_name)
30
42
  ::DevCert::GenCA.generate_ca(
31
43
  ca_name,
32
44
  options[:output],
33
- options[:key_size],
45
+ options[:key_type],
46
+ options[:rsa_key_size],
47
+ options[:ec_key_size],
34
48
  options[:validity]
35
49
  )
36
50
  end
@@ -74,15 +88,27 @@ module DevCert
74
88
  desc: 'Domain list'
75
89
  )
76
90
  method_option(
77
- :key_size,
91
+ :key_type,
92
+ enum: ['rsa', 'ec'],
93
+ default: 'rsa',
94
+ desc: 'Key type'
95
+ )
96
+ method_option(
97
+ :rsa_key_size,
78
98
  type: :numeric,
79
99
  default: 2048,
80
100
  desc: 'RSA key size in bits'
81
101
  )
102
+ method_option(
103
+ :ec_key_size,
104
+ enum: ['256', '384'],
105
+ default: '256',
106
+ desc: 'EC key size in bits'
107
+ )
82
108
  method_option(
83
109
  :validity,
84
110
  type: :numeric,
85
- default: 90,
111
+ default: 180,
86
112
  desc: 'Certificate validity in days'
87
113
  )
88
114
  def issue(ca_bundle_path)
@@ -90,7 +116,9 @@ module DevCert
90
116
  ::File.absolute_path(ca_bundle_path, ::Dir.pwd),
91
117
  options[:domains],
92
118
  options[:output],
93
- options[:key_size],
119
+ options[:key_type],
120
+ options[:rsa_key_size],
121
+ options[:ec_key_size],
94
122
  options[:validity]
95
123
  )
96
124
  end
data/lib/devcert/export.rb CHANGED
@@ -3,7 +3,7 @@ require 'devcert/util'
3
3
  module DevCert
4
4
  module Export
5
5
  def self.export(bundle_path, type, output_dir)
6
- bundle = ::DevCert::Util.load_bundle bundle_path
6
+ bundle = ::DevCert::Util.load_bundle(bundle_path)
7
7
  case type
8
8
  when 'private_key'
9
9
  private_key_path = ::File.join(
data/lib/devcert/genca.rb CHANGED
@@ -3,10 +3,19 @@ require 'devcert/util'
3
3
 
4
4
  module DevCert
5
5
  module GenCA
6
- def self.generate_ca(common_name, output_dir, key_size, validity)
6
+ def self.generate_ca(common_name, output_dir, key_type, rsa_key_size,
7
+ ec_key_size, validity)
7
8
  defaults = ::DevCert::Util.get_defaults
8
9
 
9
- ca_key = ::OpenSSL::PKey::RSA.new key_size
10
+ ca_key = nil
11
+ public_key = nil
12
+ if key_type == 'rsa'
13
+ ca_key, public_key = ::DevCert::Util.generate_rsa_key(rsa_key_size)
14
+ elsif key_type == 'ec'
15
+ ca_key, public_key = ::DevCert::Util.generate_ec_key(ec_key_size.to_i)
16
+ else
17
+ raise 'Unsupported key type/size'
18
+ end
10
19
 
11
20
  ca_name = ::OpenSSL::X509::Name.new(
12
21
  [
@@ -24,7 +33,7 @@ module DevCert
24
33
  ca_cert.not_before = ::Time.now
25
34
  ca_cert.not_after = ::Time.now + 60 * 60 * 24 * validity
26
35
 
27
- ca_cert.public_key = ca_key.public_key
36
+ ca_cert.public_key = public_key
28
37
  ca_cert.subject = ca_name
29
38
  ca_cert.issuer = ca_name
30
39
 
@@ -65,7 +74,7 @@ module DevCert
65
74
  output_dir,
66
75
  "#{::DevCert::Util.normalize_name(common_name)}.devcert"
67
76
  )
68
- ::DevCert::Util.save_bundle bundle_path, common_name, ca_key, ca_cert
77
+ ::DevCert::Util.save_bundle(bundle_path, common_name, ca_key, ca_cert)
69
78
  puts "devcert bundle: #{bundle_path}"
70
79
  end
71
80
  end
data/lib/devcert/issue.rb CHANGED
@@ -3,12 +3,23 @@ require 'devcert/util'
3
3
 
4
4
  module DevCert
5
5
  module Issue
6
- def self.issue(ca_bundle_path, domains, output_dir, key_size, validity)
7
- ca_bundle = ::DevCert::Util.load_bundle ca_bundle_path
6
+ def self.issue(ca_bundle_path, domains, output_dir, key_type, rsa_key_size,
7
+ ec_key_size, validity)
8
+ ca_bundle = ::DevCert::Util.load_bundle(ca_bundle_path)
8
9
  defaults = ::DevCert::Util.get_defaults
9
10
  common_name = domains[0]
10
11
 
11
- server_key = OpenSSL::PKey::RSA.new key_size
12
+ server_key = nil
13
+ public_key = nil
14
+ if key_type == 'rsa'
15
+ server_key, public_key = ::DevCert::Util.generate_rsa_key(rsa_key_size)
16
+ elsif key_type == 'ec'
17
+ server_key, public_key = ::DevCert::Util.generate_ec_key(
18
+ ec_key_size.to_i
19
+ )
20
+ else
21
+ raise 'Unsupported key type/size'
22
+ end
12
23
 
13
24
  server_name = OpenSSL::X509::Name.new [
14
25
  ['CN', common_name],
@@ -25,7 +36,7 @@ module DevCert
25
36
  server_cert.not_after = Time.now + 60 * 60 * 24 * validity
26
37
 
27
38
  server_cert.subject = server_name
28
- server_cert.public_key = server_key.public_key
39
+ server_cert.public_key = public_key
29
40
  server_cert.issuer = ca_bundle[:certificate].subject
30
41
 
31
42
  extension_factory = OpenSSL::X509::ExtensionFactory.new
@@ -65,7 +76,7 @@ module DevCert
65
76
  )
66
77
  )
67
78
 
68
- server_cert.sign ca_bundle[:private_key], OpenSSL::Digest::SHA256.new
79
+ server_cert.sign(ca_bundle[:private_key], OpenSSL::Digest::SHA256.new)
69
80
 
70
81
  bundle_path = ::File.join(
71
82
  output_dir,
data/lib/devcert/util.rb CHANGED
@@ -2,12 +2,14 @@ require 'yaml'
2
2
  require 'openssl'
3
3
  require 'securerandom'
4
4
 
5
+ ::OpenSSL::PKey::EC.send(:alias_method, :private?, :private_key?)
6
+
5
7
  module DevCert
6
8
  module Util
7
9
  def self.get_defaults
8
- path = ::File.absolute_path 'defaults.yaml', ::Dir.pwd
10
+ path = ::File.absolute_path('defaults.yaml', ::Dir.pwd)
9
11
  data = \
10
- if ::File.exist? path
12
+ if ::File.exist?(path)
11
13
  ::YAML.load(::File.open(path)).fetch('devcert', {})
12
14
  else
13
15
  {}
@@ -33,23 +35,23 @@ module DevCert
33
35
  }
34
36
 
35
37
  open path, 'w' do |io|
36
- io.write bundle.to_yaml
38
+ io.write(bundle.to_yaml)
37
39
  end
38
40
  end
39
41
 
40
42
  def self.export(path, entity)
41
43
  open path, 'w' do |io|
42
- io.write entity.to_pem
44
+ io.write(entity.to_pem)
43
45
  end
44
46
  end
45
47
 
46
48
  def self.load_bundle(path)
47
- full_path = ::File.absolute_path path, __dir__
48
- if ::File.exist? full_path
49
- data = ::YAML.load ::File.open full_path
49
+ full_path = ::File.absolute_path(path, __dir__)
50
+ if ::File.exist?(full_path)
51
+ data = ::YAML.load(::File.open(full_path))
50
52
  {
51
53
  common_name: data[:common_name],
52
- private_key: ::OpenSSL::PKey::RSA.new(data[:private_key]),
54
+ private_key: ::OpenSSL::PKey.read(data[:private_key]),
53
55
  certificate: ::OpenSSL::X509::Certificate.new(data[:certificate])
54
56
  }
55
57
  else
@@ -61,7 +63,30 @@ module DevCert
61
63
  machine_bytes = ['foo'].pack('p').size
62
64
  machine_bits = machine_bytes * 8
63
65
  machine_max_signed = 2**(machine_bits - 1) - 1
64
- ::SecureRandom.random_number machine_max_signed
66
+ ::SecureRandom.random_number(machine_max_signed)
67
+ end
68
+
69
+ def self.generate_rsa_key(size)
70
+ key = ::OpenSSL::PKey::RSA.new(size)
71
+ return key, key.public_key
72
+ end
73
+
74
+ def self.generate_ec_key(size)
75
+ curve_name = nil
76
+ if size == 256
77
+ curve_name = 'prime256v1'
78
+ elsif curve_name == 384
79
+ curve_name = 'secp384r1'
80
+ end
81
+
82
+ raise 'Unsupported curve!' if curve_name.nil?
83
+
84
+ private_key = ::OpenSSL::PKey::EC.new(curve_name)
85
+ public_key = ::OpenSSL::PKey::EC.new(curve_name)
86
+
87
+ private_key.generate_key
88
+ public_key.public_key = private_key.public_key
89
+ return private_key, public_key
65
90
  end
66
91
  end
67
92
  end
data/lib/devcert/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module DevCert
2
- VERSION = '1.0.0'
2
+ VERSION = '2.0.0'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devcert
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Alexander Pyatkin
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-09-21 00:00:00.000000000 Z
11
+ date: 2017-03-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thor
@@ -87,7 +87,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
87
87
  version: '0'
88
88
  requirements: []
89
89
  rubyforge_project:
90
- rubygems_version: 2.5.1
90
+ rubygems_version: 2.6.8
91
91
  signing_key:
92
92
  specification_version: 4
93
93
  summary: Create development SSL/TLS certificates without a hassle