eassl 0.1.1635

data/README

@@ -0,0 +1,2 @@
+EaSSL is a library aimed at making openSSL certificate generation and management easier and more ruby-ish.
+

data/Rakefile

@@ -0,0 +1,45 @@
+require 'rake'
+require 'rake/testtask'
+require 'rake/clean'
+require 'rake/gempackagetask'
+require 'rake/rdoctask'
+require 'fileutils'
+include FileUtils
+
+REV = File.read(".svn/entries")[/committed-rev="(\d+)"/, 1] rescue nil
+VERS = ENV['VERSION'] || "0.1" + (REV ? ".#{REV}" : "")
+
+task :default => [:package]
+
+#setup_tests
+
+summary = "EaSSL is a library aimed at making openSSL certificate generation and management easier and more ruby-ish."
+dependencies = []
+spec = Gem::Specification.new do |s|
+    s.name = "eassl"
+    s.version = VERS
+    s.platform = Gem::Platform::RUBY
+    s.author = "Paul Nicholson"
+    s.summary = summary
+#    s.test_file = "test/test_eassl.rb"
+    s.has_rdoc = true
+    s.extra_rdoc_files = [ "README" ]
+    dependencies.each do |dep|
+        s.add_dependency(*dep)
+    end
+    s.files = %w(README Rakefile) +
+    Dir.glob("{bin,doc,test,lib}/**/*")
+
+    s.require_path = "lib"
+    s.autorequire = "eassl"
+end
+
+Rake::GemPackageTask.new(spec) do |p|
+    p.gem_spec = spec
+    p.need_tar = true
+end
+
+task :install do
+    sh %{rake package}
+    sh %{gem install pkg/eassl-#{VERS}}
+end

data/lib/eassl/authority_certificate.rb

@@ -0,0 +1,43 @@
+require 'openssl'
+require 'eassl'
+module EaSSL
+  # Author::    Paul Nicholson  (mailto:paul@webpowerdesign.net)
+  # Co-Author:: Adam Williams (mailto:adam@thewilliams.ws)
+  # Copyright:: Copyright (c) 2006 WebPower Design
+  # License::   Distributes under the same terms as Ruby
+  class AuthorityCertificate
+    def initialize(options)
+      @options = {
+        :key => nil,        #required
+        :name       => {},                #required, CertificateName
+      }.update(options)
+    end
+    
+    def ssl
+      cert = OpenSSL::X509::Certificate.new
+      cert.not_before = Time.now
+      cert.subject = cert.issuer = CertificateName.new({ :common_name => "CA" }.update(@options[:name])).ssl
+      cert.not_after = cert.not_before + (365 * 5) * 24 * 60 * 60
+      cert.public_key = @options[:key].public_key
+      cert.serial = 1
+      cert.version = 2 # X509v3
+      
+      ef = OpenSSL::X509::ExtensionFactory.new
+      ef.subject_certificate = cert
+      ef.issuer_certificate = cert
+      cert.extensions = [
+        ef.create_extension("basicConstraints","CA:TRUE"),
+        ef.create_extension("keyUsage", "cRLSign, keyCertSign"),
+        ef.create_extension("subjectKeyIdentifier", "hash"),
+        ef.create_extension("nsComment", "Ruby/OpenSSL/EaSSL Generated Certificate"),
+      ]
+      cert.add_extension(ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always"))
+      cert.sign(@options[:key].private_key, OpenSSL::Digest::SHA1.new)
+      cert
+    end
+    
+    def method_missing(method)
+      ssl.send(method)
+    end
+  end
+end

data/lib/eassl/certificate.rb

@@ -0,0 +1,65 @@
+require 'openssl'
+require 'eassl'
+module EaSSL
+  # Author::    Paul Nicholson  (mailto:paul@webpowerdesign.net)
+  # Co-Author:: Adam Williams (mailto:adam@thewilliams.ws)
+  # Copyright:: Copyright (c) 2006 WebPower Design
+  # License::   Distributes under the same terms as Ruby
+  class Certificate
+    def initialize(options)
+      @options = {
+        :days_valid       => (365 * 5),
+        :signing_request  => nil,               #required
+        :ca_certificate   => nil,               #required
+        :comment          => "Ruby/OpenSSL/EaSSL Generated Certificate",
+      }.update(options)
+    end
+    
+    def ssl
+      unless @ssl
+        @ssl = OpenSSL::X509::Certificate.new
+        @ssl.not_before = Time.now
+        @ssl.subject = @options[:signing_request].subject
+        @ssl.issuer = @options[:ca_certificate]? @options[:ca_certificate].subject :  @ssl.subject
+        @ssl.not_after = @ssl.not_before + @options[:days_valid] * 24 * 60 * 60
+        @ssl.public_key = @options[:signing_request].public_key
+        @ssl.serial = @options[:serial] || 2
+        @ssl.version = 2 # X509v3
+      
+        ef = OpenSSL::X509::ExtensionFactory.new
+        ef.subject_certificate = @ssl
+        ef.issuer_certificate = @options[:ca_certificate]? @options[:ca_certificate].ssl : @ssl
+        @ssl.extensions = [
+          ef.create_extension("basicConstraints","CA:FALSE"),
+          ef.create_extension("keyUsage", "digitalSignature, keyEncipherment"),
+          ef.create_extension("subjectKeyIdentifier", "hash"),
+          ef.create_extension("extendedKeyUsage", "serverAuth"),
+          ef.create_extension("nsComment", @options[:comment]),
+        ]
+        @ssl.add_extension(ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always"))
+      end
+      @ssl
+    end
+
+    def sign(ca_key)
+      ssl.sign(ca_key.ssl, OpenSSL::Digest::SHA1.new)
+    end
+
+    def to_pem
+      ssl.to_pem
+    end
+    
+    def self.load(pem_file_path)
+      new({}).load(File.read(pem_file_path))
+    end
+
+    def load(pem_string)
+      begin
+        @ssl = OpenSSL::X509::Certificate.new(pem_string)
+      rescue
+        raise "CertificateLoader: Error loading certificate"
+      end
+      self
+    end
+  end
+end

data/lib/eassl/certificate_authority.rb

@@ -0,0 +1,21 @@
+require 'openssl'
+require 'eassl'
+module EaSSL
+  # Author::    Paul Nicholson  (mailto:paul@webpowerdesign.net)
+  # Co-Author:: Adam Williams (mailto:adam@thewilliams.ws)
+  # Copyright:: Copyright (c) 2006 WebPower Design
+  # License::   Distributes under the same terms as Ruby
+  class CertificateAuthority
+    attr_reader :key, :certificate
+    def initialize(options = {})
+      @key = Key.new({:password => 'ca_ssl_password'}.update(options))
+      @certificate = AuthorityCertificate.new(:key => @key)
+    end
+    
+    def create_certificate(signing_request)
+      cert = Certificate.new(:signing_request => signing_request, :ca_certificate => @certificate)
+      cert.sign(@key)
+      cert
+    end
+  end
+end

data/lib/eassl/certificate_name.rb

@@ -0,0 +1,33 @@
+require 'openssl'
+require 'eassl'
+module EaSSL
+  # Author::    Paul Nicholson  (mailto:paul@webpowerdesign.net)
+  # Co-Author:: Adam Williams (mailto:adam@thewilliams.ws)
+  # Copyright:: Copyright (c) 2006 WebPower Design
+  # License::   Distributes under the same terms as Ruby
+  class CertificateName
+    def initialize(options)
+      @options = {
+        :country      => "US",
+        :state        => "North Carolina",
+        :city         => "Fuquay Varina",
+        :organization => "WebPower Design",
+        :department   => "Web Security",
+        :common_name  =>  nil,                     # required
+        :email        => "eassl@rubyforge.org",
+      }.update(options)
+    end
+    
+    def ssl
+      OpenSSL::X509::Name.new([
+        ['C',             @options[:country],      OpenSSL::ASN1::PRINTABLESTRING],
+        ['ST',            @options[:state],        OpenSSL::ASN1::PRINTABLESTRING],
+        ['L',             @options[:city],         OpenSSL::ASN1::PRINTABLESTRING],
+        ['O',             @options[:organization], OpenSSL::ASN1::UTF8STRING],
+        ['OU',            @options[:department],   OpenSSL::ASN1::UTF8STRING],
+        ['CN',            @options[:common_name],  OpenSSL::ASN1::UTF8STRING],
+        ['emailAddress',  @options[:email],        OpenSSL::ASN1::UTF8STRING]
+      ])
+    end
+  end
+end

data/lib/eassl/key.rb

@@ -0,0 +1,64 @@
+require 'openssl'
+require 'eassl'
+module EaSSL
+  # == EaSSL::Key creates and manages openSSL keys
+  #
+  # Author::    Paul Nicholson  (mailto:paul@webpowerdesign.net)
+  # Co-Author:: Adam Williams (mailto:adam@thewilliams.ws)
+  # Copyright:: Copyright (c) 2006 WebPower Design
+  # License::   Distributes under the same terms as Ruby
+  #
+  # ==== Usage
+  #
+  # ===== Availible Methods - including methods provided by openSSL::PKey:
+  # * public_key
+  # * private_key
+  # * to_text
+  class Key
+    # Create new Key using the provided options or using the defaults
+    def initialize(options = {}) #:params: options
+      @options = {
+        :bits => 2048,
+        :password => 'ssl_password',
+      }.update(options)
+    end
+    
+    def ssl
+      unless @ssl
+        $stderr.puts "Generating #{@options[:bits]} bit key\n"  # <Should use some kind of logger on this>
+        @ssl = OpenSSL::PKey::RSA::new(@options[:bits])
+      end
+      @ssl
+    end
+    
+    # This method is used to intercept and pass-thru calls to openSSL methods and instance
+    # variables.
+    def method_missing(method) # :nodoc: 
+      ssl.send(method)
+    end
+    
+    def private_key
+      ssl
+    end
+    
+    # Export the encrypted key, returns a string
+    def to_pem
+      ssl.export(OpenSSL::Cipher::DES.new('EDE3-CBC'), @options[:password])
+    end
+    
+    # Decrypt and load a PEM encoded Key from the file system with the provided password.
+    def self.load(pem_file_path, password=nil)
+      new.load(File.read(pem_file_path), password)
+    end
+    
+    # Decrypt and load a PEM encoded Key from provided string with the provided password.
+    def load(pem_string, password=nil)
+      begin
+        @ssl = OpenSSL::PKey::RSA::new(pem_string, password || @options[:password])
+      rescue
+        raise "KeyLoader: Error decrypting key with password"
+      end
+      self
+    end
+  end
+end

data/lib/eassl/signing_request.rb

@@ -0,0 +1,51 @@
+require 'openssl'
+require 'eassl'
+module EaSSL
+  # Author::    Paul Nicholson  (mailto:paul@webpowerdesign.net)
+  # Co-Author:: Adam Williams (mailto:adam@thewilliams.ws)
+  # Copyright:: Copyright (c) 2006 WebPower Design
+  # License::   Distributes under the same terms as Ruby
+  class SigningRequest
+    def initialize(options = {})
+      @options = {
+        :name       => {},                #required, CertificateName
+        :key        => nil,               #required
+      }.update(options)
+      @options[:key] ||= Key.new(@options)
+    end
+  
+    def ssl
+      unless @ssl
+        @ssl = OpenSSL::X509::Request.new
+        @ssl.version = 0
+        @ssl.subject = CertificateName.new(@options[:name]).ssl
+        @ssl.public_key = key.public_key
+        @ssl.sign(key.private_key, OpenSSL::Digest::MD5.new)
+      end
+      @ssl
+    end
+  
+    def key
+      @options[:key]
+    end
+  
+    # This method is used to intercept and pass-thru calls to openSSL methods and instance
+    # variables.
+    def method_missing(method)
+      ssl.send(method)
+    end
+  
+    def self.load(pem_file_path)
+      new.load(File.read(pem_file_path))
+    end
+  
+    def load(pem_string)
+      begin
+        @ssl = OpenSSL::X509::Request.new(pem_string)
+      rescue
+        raise "SigningRequestLoader: Error loading signing request"
+      end
+      self
+    end
+  end
+end

data/lib/eassl.rb

@@ -0,0 +1,35 @@
+$:.unshift File.expand_path(File.dirname(__FILE__))
+# = About EaSSL
+#
+# Author::    Paul Nicholson  (mailto:paul@webpowerdesign.net)
+# Co-Author:: Adam Williams (mailto:adam@thewilliams.ws)
+# Copyright:: Copyright (c) 2006 WebPower Design
+# License::   Distributes under the same terms as Ruby
+#
+# By requiring <tt>eassl</tt>, you can load the full set of EaSSL classes.
+#
+# For a full list of features and instructions, see the #README.
+#
+# EaSSL is a module containing all of the great EaSSL classes for creating 
+# and managing openSSL keys, signing request, and certificates.
+# 
+# * EaSSL::Key: the class for loading and creating SSL keys
+# * EaSSL::SigningRequest: the class for creating SSL signing requests
+
+module EaSSL
+  VERSION = '0.1'
+  
+  def self.generate_self_signed(options)
+    ca = CertificateAuthority.new({:bits => 1024}.update(options[:ca_options]||{}))
+    sr = SigningRequest.new(options)
+    cert = ca.create_certificate(sr)
+    [ca, sr, cert]
+  end
+end
+
+require 'eassl/key'
+require 'eassl/certificate_name'
+require 'eassl/signing_request'
+require 'eassl/certificate'
+require 'eassl/authority_certificate'
+require 'eassl/certificate_authority'

metadata

@@ -0,0 +1,54 @@
+--- !ruby/object:Gem::Specification 
+rubygems_version: 0.8.11
+specification_version: 1
+name: eassl
+version: !ruby/object:Gem::Version 
+  version: 0.1.1635
+date: 2006-11-16 00:00:00 -05:00
+summary: EaSSL is a library aimed at making openSSL certificate generation and management easier and more ruby-ish.
+require_paths: 
+- lib
+email: 
+homepage: 
+rubyforge_project: 
+description: 
+autorequire: eassl
+default_executable: 
+bindir: bin
+has_rdoc: true
+required_ruby_version: !ruby/object:Gem::Version::Requirement 
+  requirements: 
+  - - ">"
+    - !ruby/object:Gem::Version 
+      version: 0.0.0
+  version: 
+platform: ruby
+signing_key: 
+cert_chain: 
+authors: 
+- Paul Nicholson
+files: 
+- README
+- Rakefile
+- lib/eassl
+- lib/eassl.rb
+- lib/eassl/authority_certificate.rb
+- lib/eassl/certificate.rb
+- lib/eassl/certificate_authority.rb
+- lib/eassl/certificate_name.rb
+- lib/eassl/key.rb
+- lib/eassl/signing_request.rb
+test_files: []
+
+rdoc_options: []
+
+extra_rdoc_files: 
+- README
+executables: []
+
+extensions: []
+
+requirements: []
+
+dependencies: []
+