devcert 1.0.0 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/devcert/cli.rb +34 -6
  3. data/lib/devcert/export.rb +1 -1
  4. data/lib/devcert/genca.rb +13 -4
  5. data/lib/devcert/issue.rb +16 -5
  6. data/lib/devcert/util.rb +34 -9
  7. data/lib/devcert/version.rb +1 -1
  8. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 793a477e3f93c1fee0c6f0ba7e5ae1f0259fc162
4
- data.tar.gz: 84d588c31894cc0e1749b044907f88f3dbec542f
3
+ metadata.gz: 524bdedd2d34226aadd340479748ed1db37d4467
4
+ data.tar.gz: 2e26e8060d094d6b33adc0ceba90844e50e915d2
5
5
  SHA512:
6
- metadata.gz: 314254b2fbd1d4d6033e8def3419a7388d336b6e0eb332a2bd8dbb33bba47b64170bce0b4da5ffca86ecd7873b01953ecaed0c609869bb4598bf0bbcba7a3268
7
- data.tar.gz: 8f25a98c9c67265fb78367c4da903b140880c04b7098f559d48a9960dcd422e8620317d0f06d375d23eee36dc5146aa0a6a137703a8eba1207c9d2df2eba6718
6
+ metadata.gz: f10dfa18dc5a94131ddfccdaab39901bc0036e3df02e365b2aed76eef0c912391c619a4a6ef2a746726e10cd9ab0a13d1f06a8142d10b13bfaf2ceba5f983860
7
+ data.tar.gz: 1a519f09de81ed0927f0a697f1ced2c6a64b8e83b36d598f08a404d1481d826469dbdbcaa353e2bde41d1ffbdf4133f3392194efdb88ea10b35221c56a152fe8
data/lib/devcert/cli.rb CHANGED
@@ -15,22 +15,36 @@ module DevCert
15
15
  desc: 'Output directory'
16
16
  )
17
17
  method_option(
18
- :key_size,
18
+ :key_type,
19
+ enum: ['rsa', 'ec'],
20
+ default: 'rsa',
21
+ desc: 'Key type'
22
+ )
23
+ method_option(
24
+ :rsa_key_size,
19
25
  type: :numeric,
20
26
  default: 2048,
21
27
  desc: 'RSA key size in bits'
22
28
  )
29
+ method_option(
30
+ :ec_key_size,
31
+ enum: ['256', '384'],
32
+ default: '256',
33
+ desc: 'EC key size in bits'
34
+ )
23
35
  method_option(
24
36
  :validity,
25
37
  type: :numeric,
26
- default: 90,
38
+ default: 180,
27
39
  desc: 'CA certificate validity in days'
28
40
  )
29
41
  def genca(ca_name)
30
42
  ::DevCert::GenCA.generate_ca(
31
43
  ca_name,
32
44
  options[:output],
33
- options[:key_size],
45
+ options[:key_type],
46
+ options[:rsa_key_size],
47
+ options[:ec_key_size],
34
48
  options[:validity]
35
49
  )
36
50
  end
@@ -74,15 +88,27 @@ module DevCert
74
88
  desc: 'Domain list'
75
89
  )
76
90
  method_option(
77
- :key_size,
91
+ :key_type,
92
+ enum: ['rsa', 'ec'],
93
+ default: 'rsa',
94
+ desc: 'Key type'
95
+ )
96
+ method_option(
97
+ :rsa_key_size,
78
98
  type: :numeric,
79
99
  default: 2048,
80
100
  desc: 'RSA key size in bits'
81
101
  )
102
+ method_option(
103
+ :ec_key_size,
104
+ enum: ['256', '384'],
105
+ default: '256',
106
+ desc: 'EC key size in bits'
107
+ )
82
108
  method_option(
83
109
  :validity,
84
110
  type: :numeric,
85
- default: 90,
111
+ default: 180,
86
112
  desc: 'Certificate validity in days'
87
113
  )
88
114
  def issue(ca_bundle_path)
@@ -90,7 +116,9 @@ module DevCert
90
116
  ::File.absolute_path(ca_bundle_path, ::Dir.pwd),
91
117
  options[:domains],
92
118
  options[:output],
93
- options[:key_size],
119
+ options[:key_type],
120
+ options[:rsa_key_size],
121
+ options[:ec_key_size],
94
122
  options[:validity]
95
123
  )
96
124
  end
data/lib/devcert/export.rb CHANGED
@@ -3,7 +3,7 @@ require 'devcert/util'
3
3
  module DevCert
4
4
  module Export
5
5
  def self.export(bundle_path, type, output_dir)
6
- bundle = ::DevCert::Util.load_bundle bundle_path
6
+ bundle = ::DevCert::Util.load_bundle(bundle_path)
7
7
  case type
8
8
  when 'private_key'
9
9
  private_key_path = ::File.join(
data/lib/devcert/genca.rb CHANGED
@@ -3,10 +3,19 @@ require 'devcert/util'
3
3
 
4
4
  module DevCert
5
5
  module GenCA
6
- def self.generate_ca(common_name, output_dir, key_size, validity)
6
+ def self.generate_ca(common_name, output_dir, key_type, rsa_key_size,
7
+ ec_key_size, validity)
7
8
  defaults = ::DevCert::Util.get_defaults
8
9
 
9
- ca_key = ::OpenSSL::PKey::RSA.new key_size
10
+ ca_key = nil
11
+ public_key = nil
12
+ if key_type == 'rsa'
13
+ ca_key, public_key = ::DevCert::Util.generate_rsa_key(rsa_key_size)
14
+ elsif key_type == 'ec'
15
+ ca_key, public_key = ::DevCert::Util.generate_ec_key(ec_key_size.to_i)
16
+ else
17
+ raise 'Unsupported key type/size'
18
+ end
10
19
 
11
20
  ca_name = ::OpenSSL::X509::Name.new(
12
21
  [
@@ -24,7 +33,7 @@ module DevCert
24
33
  ca_cert.not_before = ::Time.now
25
34
  ca_cert.not_after = ::Time.now + 60 * 60 * 24 * validity
26
35
 
27
- ca_cert.public_key = ca_key.public_key
36
+ ca_cert.public_key = public_key
28
37
  ca_cert.subject = ca_name
29
38
  ca_cert.issuer = ca_name
30
39
 
@@ -65,7 +74,7 @@ module DevCert
65
74
  output_dir,
66
75
  "#{::DevCert::Util.normalize_name(common_name)}.devcert"
67
76
  )
68
- ::DevCert::Util.save_bundle bundle_path, common_name, ca_key, ca_cert
77
+ ::DevCert::Util.save_bundle(bundle_path, common_name, ca_key, ca_cert)
69
78
  puts "devcert bundle: #{bundle_path}"
70
79
  end
71
80
  end
data/lib/devcert/issue.rb CHANGED
@@ -3,12 +3,23 @@ require 'devcert/util'
3
3
 
4
4
  module DevCert
5
5
  module Issue
6
- def self.issue(ca_bundle_path, domains, output_dir, key_size, validity)
7
- ca_bundle = ::DevCert::Util.load_bundle ca_bundle_path
6
+ def self.issue(ca_bundle_path, domains, output_dir, key_type, rsa_key_size,
7
+ ec_key_size, validity)
8
+ ca_bundle = ::DevCert::Util.load_bundle(ca_bundle_path)
8
9
  defaults = ::DevCert::Util.get_defaults
9
10
  common_name = domains[0]
10
11
 
11
- server_key = OpenSSL::PKey::RSA.new key_size
12
+ server_key = nil
13
+ public_key = nil
14
+ if key_type == 'rsa'
15
+ server_key, public_key = ::DevCert::Util.generate_rsa_key(rsa_key_size)
16
+ elsif key_type == 'ec'
17
+ server_key, public_key = ::DevCert::Util.generate_ec_key(
18
+ ec_key_size.to_i
19
+ )
20
+ else
21
+ raise 'Unsupported key type/size'
22
+ end
12
23
 
13
24
  server_name = OpenSSL::X509::Name.new [
14
25
  ['CN', common_name],
@@ -25,7 +36,7 @@ module DevCert
25
36
  server_cert.not_after = Time.now + 60 * 60 * 24 * validity
26
37
 
27
38
  server_cert.subject = server_name
28
- server_cert.public_key = server_key.public_key
39
+ server_cert.public_key = public_key
29
40
  server_cert.issuer = ca_bundle[:certificate].subject
30
41
 
31
42
  extension_factory = OpenSSL::X509::ExtensionFactory.new
@@ -65,7 +76,7 @@ module DevCert
65
76
  )
66
77
  )
67
78
 
68
- server_cert.sign ca_bundle[:private_key], OpenSSL::Digest::SHA256.new
79
+ server_cert.sign(ca_bundle[:private_key], OpenSSL::Digest::SHA256.new)
69
80
 
70
81
  bundle_path = ::File.join(
71
82
  output_dir,
data/lib/devcert/util.rb CHANGED
@@ -2,12 +2,14 @@ require 'yaml'
2
2
  require 'openssl'
3
3
  require 'securerandom'
4
4
 
5
+ ::OpenSSL::PKey::EC.send(:alias_method, :private?, :private_key?)
6
+
5
7
  module DevCert
6
8
  module Util
7
9
  def self.get_defaults
8
- path = ::File.absolute_path 'defaults.yaml', ::Dir.pwd
10
+ path = ::File.absolute_path('defaults.yaml', ::Dir.pwd)
9
11
  data = \
10
- if ::File.exist? path
12
+ if ::File.exist?(path)
11
13
  ::YAML.load(::File.open(path)).fetch('devcert', {})
12
14
  else
13
15
  {}
@@ -33,23 +35,23 @@ module DevCert
33
35
  }
34
36
 
35
37
  open path, 'w' do |io|
36
- io.write bundle.to_yaml
38
+ io.write(bundle.to_yaml)
37
39
  end
38
40
  end
39
41
 
40
42
  def self.export(path, entity)
41
43
  open path, 'w' do |io|
42
- io.write entity.to_pem
44
+ io.write(entity.to_pem)
43
45
  end
44
46
  end
45
47
 
46
48
  def self.load_bundle(path)
47
- full_path = ::File.absolute_path path, __dir__
48
- if ::File.exist? full_path
49
- data = ::YAML.load ::File.open full_path
49
+ full_path = ::File.absolute_path(path, __dir__)
50
+ if ::File.exist?(full_path)
51
+ data = ::YAML.load(::File.open(full_path))
50
52
  {
51
53
  common_name: data[:common_name],
52
- private_key: ::OpenSSL::PKey::RSA.new(data[:private_key]),
54
+ private_key: ::OpenSSL::PKey.read(data[:private_key]),
53
55
  certificate: ::OpenSSL::X509::Certificate.new(data[:certificate])
54
56
  }
55
57
  else
@@ -61,7 +63,30 @@ module DevCert
61
63
  machine_bytes = ['foo'].pack('p').size
62
64
  machine_bits = machine_bytes * 8
63
65
  machine_max_signed = 2**(machine_bits - 1) - 1
64
- ::SecureRandom.random_number machine_max_signed
66
+ ::SecureRandom.random_number(machine_max_signed)
67
+ end
68
+
69
+ def self.generate_rsa_key(size)
70
+ key = ::OpenSSL::PKey::RSA.new(size)
71
+ return key, key.public_key
72
+ end
73
+
74
+ def self.generate_ec_key(size)
75
+ curve_name = nil
76
+ if size == 256
77
+ curve_name = 'prime256v1'
78
+ elsif curve_name == 384
79
+ curve_name = 'secp384r1'
80
+ end
81
+
82
+ raise 'Unsupported curve!' if curve_name.nil?
83
+
84
+ private_key = ::OpenSSL::PKey::EC.new(curve_name)
85
+ public_key = ::OpenSSL::PKey::EC.new(curve_name)
86
+
87
+ private_key.generate_key
88
+ public_key.public_key = private_key.public_key
89
+ return private_key, public_key
65
90
  end
66
91
  end
67
92
  end
data/lib/devcert/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module DevCert
2
- VERSION = '1.0.0'
2
+ VERSION = '2.0.0'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devcert
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Alexander Pyatkin
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-09-21 00:00:00.000000000 Z
11
+ date: 2017-03-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thor
@@ -87,7 +87,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
87
87
  version: '0'
88
88
  requirements: []
89
89
  rubyforge_project:
90
- rubygems_version: 2.5.1
90
+ rubygems_version: 2.6.8
91
91
  signing_key:
92
92
  specification_version: 4
93
93
  summary: Create development SSL/TLS certificates without a hassle