easyrsa 0.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +4 -0
- data/.rock.yml +5 -0
- data/Gemfile +3 -0
- data/LICENSE.txt +22 -0
- data/Rakefile +17 -0
- data/easyrsa.gemspec +34 -0
- data/lib/easyrsa.rb +24 -0
- data/lib/easyrsa/certificate.rb +136 -0
- data/lib/easyrsa/config.rb +37 -0
- data/lib/easyrsa/version.rb +3 -0
- data/spec/cacert.pem +18 -0
- data/spec/cakey.pem +15 -0
- data/spec/easyrsa/01_config_spec.rb +35 -0
- data/spec/easyrsa/02_certificate_spec.rb +76 -0
- data/spec/spec_helper.rb +36 -0
- metadata +148 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 9ada5a7e2f566650ae8026337014a26b49edbdab
|
4
|
+
data.tar.gz: 65e56567acfec259aaa97c4316ce120e6efeea02
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 4f6cd1854b8cf83e0eff3b076949fc2749356b8f59c0be413cc29bc1ce376d685f66d6dff8333c126692f0ff7f1629d93d9b2cab68b1bca4bb525ed5813bc2d1
|
7
|
+
data.tar.gz: 7a03dc59b07b8b892870f358c00f8a6f2732f04738e089e502f3ca73a816074c4ee991b16394c959d4863bfa0374292a320f84d5506b5d10c827cba364c7fa90
|
data/.gitignore
ADDED
data/.rock.yml
ADDED
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2015 Mike Mackintosh
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/Rakefile
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
#encoding: utf-8
|
2
|
+
require "bundler/gem_tasks"
|
3
|
+
require 'rspec/core/rake_task'
|
4
|
+
|
5
|
+
task default: :test
|
6
|
+
|
7
|
+
RSpec::Core::RakeTask.new do |spec|
|
8
|
+
spec.verbose = false
|
9
|
+
spec.pattern = './spec/{*/**/}*_spec.rb'
|
10
|
+
end
|
11
|
+
|
12
|
+
task :test do
|
13
|
+
ENV['RACK_ENV'] = 'test'
|
14
|
+
|
15
|
+
require './spec/spec_helper'
|
16
|
+
Rake::Task['spec'].invoke
|
17
|
+
end
|
data/easyrsa.gemspec
ADDED
@@ -0,0 +1,34 @@
|
|
1
|
+
# Created by hand, like a real man
|
2
|
+
# coding: utf-8
|
3
|
+
lib = File.expand_path('../lib', __FILE__)
|
4
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
5
|
+
require 'easyrsa/version'
|
6
|
+
|
7
|
+
Gem::Specification.new do |s|
|
8
|
+
|
9
|
+
s.name = 'easyrsa'
|
10
|
+
s.version = EasyRSA::VERSION
|
11
|
+
s.date = '2015-04-07'
|
12
|
+
s.summary = "EasyRSA interface for generating OpenVPN certificates"
|
13
|
+
s.description = "Easily generate OpenVPN certificates without needing the easyrsa packaged scripts"
|
14
|
+
s.authors = ["Mike Mackintosh"]
|
15
|
+
s.email = 'm@zyp.io'
|
16
|
+
s.homepage =
|
17
|
+
'http://github.com/mikemackintosh/ruby-easyrsa'
|
18
|
+
|
19
|
+
s.license = 'MIT'
|
20
|
+
|
21
|
+
s.require_paths = ["lib"]
|
22
|
+
s.files = `git ls-files -z`.split("\x0")
|
23
|
+
s.executables = s.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
24
|
+
s.test_files = s.files.grep(%r{^(test|spec|features)/})
|
25
|
+
|
26
|
+
s.add_dependency 'openssl'
|
27
|
+
s.add_dependency 'fattr'
|
28
|
+
|
29
|
+
s.add_development_dependency "bundler"
|
30
|
+
s.add_development_dependency "rake"
|
31
|
+
s.add_development_dependency "rspec"
|
32
|
+
s.add_development_dependency "webmock"
|
33
|
+
|
34
|
+
end
|
data/lib/easyrsa.rb
ADDED
@@ -0,0 +1,24 @@
|
|
1
|
+
require 'openssl'
|
2
|
+
require 'fattr'
|
3
|
+
|
4
|
+
require 'easyrsa/version'
|
5
|
+
require 'easyrsa/config'
|
6
|
+
require 'easyrsa/certificate'
|
7
|
+
|
8
|
+
module EasyRSA
|
9
|
+
|
10
|
+
extend self
|
11
|
+
|
12
|
+
def configure
|
13
|
+
block_given? ? yield(Config) : Config
|
14
|
+
%w(email server country city company orgunit).each do |key|
|
15
|
+
if EasyRSA::Config.instance_variable_get("@#{key}").nil?
|
16
|
+
raise EasyRSA::Config::RequiredOptionMissing,
|
17
|
+
"Configuration parameter missing: '#{key}'. " +
|
18
|
+
"Please add it to the EasyRSA.configure block"
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
alias_method :config, :configure
|
23
|
+
|
24
|
+
end
|
@@ -0,0 +1,136 @@
|
|
1
|
+
module EasyRSA
|
2
|
+
class Certificate
|
3
|
+
|
4
|
+
class UnableToReadCACert < RuntimeError ; end
|
5
|
+
class UnableToReadCAKey < RuntimeError ; end
|
6
|
+
class BitLengthToWeak < RuntimeError ; end
|
7
|
+
class MissingParameter < RuntimeError ; end
|
8
|
+
|
9
|
+
def initialize(ca_crt, ca_key, id=nil, email=nil, bits=4096, &block)
|
10
|
+
|
11
|
+
# ID to generate cert for
|
12
|
+
if id.eql? nil
|
13
|
+
raise EasyRSA::Certificate::MissingParameter,
|
14
|
+
"Please provide an 'id', also known as a subject, for the certificates' CN field."
|
15
|
+
end
|
16
|
+
@id = id
|
17
|
+
|
18
|
+
# ID to generate cert for
|
19
|
+
if email.eql? nil
|
20
|
+
raise EasyRSA::Certificate::MissingParameter,
|
21
|
+
"Please provide an 'email', also known as a subject, for the certificates' emailAddress field."
|
22
|
+
end
|
23
|
+
@email = email
|
24
|
+
|
25
|
+
# Validate the existence of the ca_cert file
|
26
|
+
unless File.exist? ca_crt
|
27
|
+
raise EasyRSA::Certificate::UnableToReadCACert,
|
28
|
+
"Certificate Authority Certificate does not exist or is not readable: '#{ca_crt}'. " +
|
29
|
+
"Please check it's existence and permissions"
|
30
|
+
end
|
31
|
+
@ca_cert = OpenSSL::X509::Certificate.new File.read ca_crt
|
32
|
+
|
33
|
+
# Validate the existence of the ca_key file
|
34
|
+
unless File.exist? ca_key
|
35
|
+
raise EasyRSA::Certificate::UnableToReadCAKey,
|
36
|
+
"Certificate Authority Key does not exist or is not readable: '#{ca_key}'. " +
|
37
|
+
"Please check it's existence and permissions"
|
38
|
+
end
|
39
|
+
@ca_key = OpenSSL::PKey::RSA.new File.read ca_key
|
40
|
+
|
41
|
+
# Generate Private Key and new Certificate
|
42
|
+
if bits < 2048
|
43
|
+
raise EasyRSA::Certificate::BitLengthToWeak,
|
44
|
+
"Please select a bit length greater than 2048. Default is 4096. You chose '#{bits}'"
|
45
|
+
end
|
46
|
+
@key = OpenSSL::PKey::RSA.new(bits)
|
47
|
+
|
48
|
+
# Instantiate a new certificate
|
49
|
+
@cert = OpenSSL::X509::Certificate.new
|
50
|
+
|
51
|
+
# This cert should never be valid before now
|
52
|
+
@cert.not_before = Time.now
|
53
|
+
|
54
|
+
# Set it to version
|
55
|
+
@cert.version = 2
|
56
|
+
|
57
|
+
instance_eval(&block) if block_given?
|
58
|
+
end
|
59
|
+
|
60
|
+
def generate(validfor=10)
|
61
|
+
|
62
|
+
# Set the expiration date
|
63
|
+
@cert.not_after = years_from_now(validfor)
|
64
|
+
|
65
|
+
# Add the public key
|
66
|
+
@cert.public_key = @key.public_key
|
67
|
+
|
68
|
+
# Generate and assign the serial
|
69
|
+
@cert.serial = gen_serial
|
70
|
+
|
71
|
+
# Generate subject
|
72
|
+
gen_subject
|
73
|
+
|
74
|
+
# Generate issuer
|
75
|
+
gen_issuer
|
76
|
+
|
77
|
+
# Add extensions
|
78
|
+
add_extensions
|
79
|
+
|
80
|
+
# Sign the cert
|
81
|
+
sign_cert_with_ca
|
82
|
+
|
83
|
+
{ key: @key.to_pem, crt: @cert.to_pem }
|
84
|
+
|
85
|
+
end
|
86
|
+
|
87
|
+
private
|
88
|
+
|
89
|
+
# Cert subject for End-User
|
90
|
+
def gen_subject
|
91
|
+
@cert.subject = OpenSSL::X509::Name.parse("/C=#{EasyRSA::Config.country}/" \
|
92
|
+
"L=#{EasyRSA::Config.city}/O=#{EasyRSA::Config.company}/OU=#{EasyRSA::Config.orgunit}/CN=#{@id}/" \
|
93
|
+
"name=#{@id}/emailAddress=#{@email}")
|
94
|
+
end
|
95
|
+
|
96
|
+
# Cert issuer details
|
97
|
+
def gen_issuer
|
98
|
+
@cert.issuer = OpenSSL::X509::Name.parse("/C=#{EasyRSA::Config.country}/" \
|
99
|
+
"L=#{EasyRSA::Config.city}/O=#{EasyRSA::Config.company}/OU=#{EasyRSA::Config.orgunit}/" \
|
100
|
+
"CN=#{EasyRSA::Config.server}/name=#{EasyRSA::Config.orgunit}/" \
|
101
|
+
"emailAddress=#{EasyRSA::Config.email}")
|
102
|
+
end
|
103
|
+
|
104
|
+
def add_extensions
|
105
|
+
ef = OpenSSL::X509::ExtensionFactory.new
|
106
|
+
ef.subject_certificate = @cert
|
107
|
+
ef.issuer_certificate = @ca_cert
|
108
|
+
|
109
|
+
@cert.extensions = [
|
110
|
+
ef.create_extension('basicConstraints', 'CA:FALSE'),
|
111
|
+
ef.create_extension('nsCertType', 'client, objsign'),
|
112
|
+
ef.create_extension('nsComment', 'Easy-RSA Generated Certificate'),
|
113
|
+
ef.create_extension('subjectKeyIdentifier', 'hash'),
|
114
|
+
ef.create_extension('extendedKeyUsage', 'clientAuth'),
|
115
|
+
ef.create_extension('keyUsage', 'digitalSignature')
|
116
|
+
]
|
117
|
+
|
118
|
+
@cert.add_extension ef.create_extension('authorityKeyIdentifier',
|
119
|
+
'keyid,issuer:always')
|
120
|
+
end
|
121
|
+
|
122
|
+
def gen_serial
|
123
|
+
# Must always be unique, so we do date and @id's chars
|
124
|
+
"#{Time.now.strftime("%Y%m%d%H%M%S")}#{@id.unpack('c*').join.to_i}".to_i
|
125
|
+
end
|
126
|
+
|
127
|
+
def years_from_now(i = 10)
|
128
|
+
Time.now + i * 365 * 24 * 60 * 60
|
129
|
+
end
|
130
|
+
|
131
|
+
def sign_cert_with_ca
|
132
|
+
@cert.sign @ca_key, OpenSSL::Digest::SHA256.new
|
133
|
+
end
|
134
|
+
|
135
|
+
end
|
136
|
+
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
module EasyRSA
|
2
|
+
module Config
|
3
|
+
|
4
|
+
class RequiredOptionMissing < RuntimeError ; end
|
5
|
+
|
6
|
+
extend self
|
7
|
+
|
8
|
+
attr_accessor :email, :server, :country, :city, :company, :orgunit
|
9
|
+
|
10
|
+
# Configure easyrsa from a hash. This is usually called after parsing a
|
11
|
+
# yaml config file such as easyrsa.yaml.
|
12
|
+
#
|
13
|
+
# @example Configure easyrsa.
|
14
|
+
# config.from_hash({})
|
15
|
+
#
|
16
|
+
# @param [ Hash ] options The settings to use.
|
17
|
+
def from_hash(options = {})
|
18
|
+
options.each_pair do |name, value|
|
19
|
+
send("#{name}=", value) if respond_to?("#{name}=")
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
# Load the settings from a compliant easyrsa.yml file. This can be used for
|
24
|
+
# easy setup with frameworks other than Rails.
|
25
|
+
#
|
26
|
+
# @example Configure easyrsa.
|
27
|
+
# easyrsa.load!("/path/to/easyrsa.yml")
|
28
|
+
#
|
29
|
+
# @param [ String ] path The path to the file.
|
30
|
+
def load!(path)
|
31
|
+
settings = YAML.load(ERB.new(File.new(path).read).result)
|
32
|
+
if settings.present?
|
33
|
+
from_hash(settings)
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
data/spec/cacert.pem
ADDED
@@ -0,0 +1,18 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIC4TCCAkqgAwIBAgIJANYWnRgYyYmsMA0GCSqGSIb3DQEBBQUAMFUxCzAJBgNV
|
3
|
+
BAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazEYMBYGA1UEChMPTWlrZSBNYWNraW50
|
4
|
+
b3NoMRkwFwYDVQQLExBSdWJ5IEVhc3lSU0EgR2VtMB4XDTE1MDQwODAzMjYxOVoX
|
5
|
+
DTI1MDQwNTAzMjYxOVowVTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE5ldyBZb3Jr
|
6
|
+
MRgwFgYDVQQKEw9NaWtlIE1hY2tpbnRvc2gxGTAXBgNVBAsTEFJ1YnkgRWFzeVJT
|
7
|
+
QSBHZW0wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANN0bDqnyWMKNsLgC9Sf
|
8
|
+
QW/3mZHrAnuptkYaGcj3b3MHqVbtijYyCD9EtbSsFKftFjJeXNJiRQuWTvEfGl2C
|
9
|
+
c8wZMDfrA19TpXyfeLYOFfnZb1U3TK1a6tDvrHjbhhiPAQDTfS1mr9bgeac40EiJ
|
10
|
+
kYtptF4vcphyCOUC2QOi/nhZAgMBAAGjgbgwgbUwHQYDVR0OBBYEFAJpK6ilbgsM
|
11
|
+
NM38fl/HSlCBr9njMIGFBgNVHSMEfjB8gBQCaSuopW4LDDTN/H5fx0pQga/Z46FZ
|
12
|
+
pFcwVTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE5ldyBZb3JrMRgwFgYDVQQKEw9N
|
13
|
+
aWtlIE1hY2tpbnRvc2gxGTAXBgNVBAsTEFJ1YnkgRWFzeVJTQSBHZW2CCQDWFp0Y
|
14
|
+
GMmJrDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAHOVU2vP1a+E/DOf
|
15
|
+
Jy0UUTuK5hPO1IaT1byN5rWaTFRftpHLsFLnZLTeJkXKd7IcYkwvRFYmUHDHlm7O
|
16
|
+
4WQiErwmstW967IZbCuUoYKYBEtFlGGzoy2tHdhPVCT8egjqQMs99HaMObNa3kgh
|
17
|
+
UMxNUqagZQTruqWTDUOXycX/7QXA
|
18
|
+
-----END CERTIFICATE-----
|
data/spec/cakey.pem
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
MIICXAIBAAKBgQDTdGw6p8ljCjbC4AvUn0Fv95mR6wJ7qbZGGhnI929zB6lW7Yo2
|
3
|
+
Mgg/RLW0rBSn7RYyXlzSYkULlk7xHxpdgnPMGTA36wNfU6V8n3i2DhX52W9VN0yt
|
4
|
+
WurQ76x424YYjwEA030tZq/W4HmnONBIiZGLabReL3KYcgjlAtkDov54WQIDAQAB
|
5
|
+
AoGAB6c7E5RnEZKZEMyTIQryj17izAk5echWtIrVTBTIj91DH8ZRLkz5R3DxMqzX
|
6
|
+
wowuNXx815B+90BlcwyxI5lJH5Ug5ClUDUhATsrLEnGR+Eg5NLG5K4oXgnQUGTN7
|
7
|
+
t7MKVUTzRWPc8p9V9Z7asIOMXax+cyaEGVixz9JJfYP8pEECQQDuleHAjZtWA/X/
|
8
|
+
UhOY3RjYdSSsb5MkDtpPo5WovAgH/7Ek6hx90/FKw5YynGTeskqDvlXlLEMKT1Cl
|
9
|
+
9s05kCq1AkEA4uOWQAWsNuA54SMMJ+cWTF1h30a7wD5VNmx5C2e5dRX/5Oknc512
|
10
|
+
m0Ky0zpu3bfWLL8+lJvTYHoQQD/p10hJlQJBAOptlUvJGGeVLsK4WA8suDwAJo/U
|
11
|
+
dgTJH1N/Tg9k6pNJdzrpWiN8/CtVMSD7sNVs5HC8tdOgASOBOaJJde9oq70CQGp/
|
12
|
+
fUUr5HwVn9VniAsq0zKhGpGdN/+ywni7Tc3msAyfeO/P6O7B2KxkEGBJq0RzSBrU
|
13
|
+
4eELi5pbcUlXNsIQckkCQCVQSfWFNkgax/tHFSALdOUkZl+Gy84bGmXPgw4TzQTr
|
14
|
+
49egzjRvMks+Ej0vO1m8+Zff+9s8qPpeiQI78aY4VLI=
|
15
|
+
-----END RSA PRIVATE KEY-----
|
@@ -0,0 +1,35 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), '..', 'spec_helper')
|
2
|
+
|
3
|
+
describe EasyRSA::Config, 'Should' do
|
4
|
+
include_context "shared environment"
|
5
|
+
|
6
|
+
it 'throw error when missing required configure parameters' do
|
7
|
+
|
8
|
+
expect {
|
9
|
+
EasyRSA.configure do |issuer|
|
10
|
+
issuer.email = @email
|
11
|
+
issuer.server = @server
|
12
|
+
issuer.city = @city
|
13
|
+
issuer.company = @company
|
14
|
+
issuer.orgunit = @orgunit
|
15
|
+
end
|
16
|
+
}.to raise_error(EasyRSA::Config::RequiredOptionMissing)
|
17
|
+
|
18
|
+
end
|
19
|
+
|
20
|
+
it 'configure correctly' do
|
21
|
+
|
22
|
+
expect {
|
23
|
+
EasyRSA.configure do |issuer|
|
24
|
+
issuer.email = @email
|
25
|
+
issuer.server = @server
|
26
|
+
issuer.country = @country
|
27
|
+
issuer.city = @city
|
28
|
+
issuer.company = @company
|
29
|
+
issuer.orgunit = @orgunit
|
30
|
+
end
|
31
|
+
}.not_to raise_error
|
32
|
+
|
33
|
+
end
|
34
|
+
|
35
|
+
end
|
@@ -0,0 +1,76 @@
|
|
1
|
+
require File.join(File.dirname(__FILE__), '..', 'spec_helper')
|
2
|
+
|
3
|
+
describe EasyRSA::Certificate, 'Should' do
|
4
|
+
include_context "shared environment"
|
5
|
+
|
6
|
+
before do
|
7
|
+
EasyRSA.configure do |issuer|
|
8
|
+
issuer.email = @email
|
9
|
+
issuer.server = @server
|
10
|
+
issuer.country = @country
|
11
|
+
issuer.city = @city
|
12
|
+
issuer.company = @company
|
13
|
+
issuer.orgunit = @orgunit
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
it 'throw error when arguments are missing' do
|
18
|
+
|
19
|
+
expect {
|
20
|
+
EasyRSA::Certificate.new('ca.crt', 'ca.key')
|
21
|
+
}.to raise_error(EasyRSA::Certificate::MissingParameter)
|
22
|
+
|
23
|
+
end
|
24
|
+
|
25
|
+
it 'throw error when invalid ca cert is passed' do
|
26
|
+
|
27
|
+
expect {
|
28
|
+
EasyRSA::Certificate.new('ca.crt', 'ca.key', 'blah', 'blah@blah')
|
29
|
+
}.to raise_error(EasyRSA::Certificate::UnableToReadCACert)
|
30
|
+
|
31
|
+
end
|
32
|
+
|
33
|
+
it 'throw error when invalid ca key is passed' do
|
34
|
+
|
35
|
+
expect {
|
36
|
+
EasyRSA::Certificate.new('ca.crt', 'ca.key', 'blah', 'blah@blah')
|
37
|
+
}.to raise_error(EasyRSA::Certificate::UnableToReadCACert)
|
38
|
+
|
39
|
+
end
|
40
|
+
|
41
|
+
it 'throw error when invalid ca key is passed' do
|
42
|
+
|
43
|
+
expect {
|
44
|
+
EasyRSA::Certificate.new(@ca_cert, @ca_key, 'blah', 'blah@blah', 512)
|
45
|
+
}.to raise_error(EasyRSA::Certificate::BitLengthToWeak)
|
46
|
+
|
47
|
+
end
|
48
|
+
|
49
|
+
it 'return keys successfully' do
|
50
|
+
|
51
|
+
easyrsa = EasyRSA::Certificate.new(@ca_cert, @ca_key, 'mike', 'mike@ruby-easyrsa.gem')
|
52
|
+
g = easyrsa.generate
|
53
|
+
|
54
|
+
expect(g[:key]).to include('BEGIN RSA PRIVATE KEY')
|
55
|
+
expect(g[:crt]).to include('BEGIN CERTIFICATE')
|
56
|
+
|
57
|
+
end
|
58
|
+
|
59
|
+
|
60
|
+
it 'return successful in a block as well' do
|
61
|
+
g = {}
|
62
|
+
EasyRSA::Certificate.new(@ca_cert, @ca_key, 'mike', 'mike@ruby-easyrsa.gem') do |c|
|
63
|
+
c.generate.each do |k, v|
|
64
|
+
g[k] = v
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
expect(g[:key]).to include('BEGIN RSA PRIVATE KEY')
|
69
|
+
expect(g[:crt]).to include('BEGIN CERTIFICATE')
|
70
|
+
|
71
|
+
end
|
72
|
+
|
73
|
+
end
|
74
|
+
|
75
|
+
@client_id = "sexyhorse"
|
76
|
+
@client_email = "sexyhorse@zyp.io"
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,36 @@
|
|
1
|
+
require 'rspec/core'
|
2
|
+
|
3
|
+
require File.join(File.dirname(__FILE__), '..', 'lib', 'easyrsa')
|
4
|
+
|
5
|
+
# Create the share API context
|
6
|
+
# so we can pass stuff between
|
7
|
+
# the different tests
|
8
|
+
RSpec.shared_context "shared environment", :a => :b do
|
9
|
+
|
10
|
+
before(:all) do
|
11
|
+
|
12
|
+
@email = 'm@zyp.io'
|
13
|
+
@server = 'easyrsa-gem-test'
|
14
|
+
@country = 'US'
|
15
|
+
@city = 'New York'
|
16
|
+
@company = 'Mike Mackintosh'
|
17
|
+
@orgunit = 'EasyRSA Gem Test'
|
18
|
+
|
19
|
+
@ca_key = File.join(File.dirname(__FILE__), 'cakey.pem')
|
20
|
+
@ca_key_pass = 'aaaa'
|
21
|
+
@ca_cert = File.join(File.dirname(__FILE__), 'cacert.pem')
|
22
|
+
|
23
|
+
@client_id = "sexyhorse"
|
24
|
+
@client_email = "sexyhorse@zyp.io"
|
25
|
+
|
26
|
+
end
|
27
|
+
|
28
|
+
end
|
29
|
+
|
30
|
+
# Seems to run tests more than once if we do RSpec.configure more than once
|
31
|
+
#unless RSpec.configuration.color_enabled == true
|
32
|
+
RSpec.configure do |config|
|
33
|
+
config.color = true
|
34
|
+
config.formatter = :documentation
|
35
|
+
end
|
36
|
+
#end
|
metadata
ADDED
@@ -0,0 +1,148 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: easyrsa
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.8.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Mike Mackintosh
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2015-04-07 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: openssl
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - '>='
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - '>='
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: fattr
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - '>='
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - '>='
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: bundler
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - '>='
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - '>='
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rake
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - '>='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - '>='
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: rspec
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - '>='
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - '>='
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: webmock
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - '>='
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - '>='
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
description: Easily generate OpenVPN certificates without needing the easyrsa packaged
|
98
|
+
scripts
|
99
|
+
email: m@zyp.io
|
100
|
+
executables: []
|
101
|
+
extensions: []
|
102
|
+
extra_rdoc_files: []
|
103
|
+
files:
|
104
|
+
- .gitignore
|
105
|
+
- .rock.yml
|
106
|
+
- Gemfile
|
107
|
+
- LICENSE.txt
|
108
|
+
- Rakefile
|
109
|
+
- easyrsa.gemspec
|
110
|
+
- lib/easyrsa.rb
|
111
|
+
- lib/easyrsa/certificate.rb
|
112
|
+
- lib/easyrsa/config.rb
|
113
|
+
- lib/easyrsa/version.rb
|
114
|
+
- spec/cacert.pem
|
115
|
+
- spec/cakey.pem
|
116
|
+
- spec/easyrsa/01_config_spec.rb
|
117
|
+
- spec/easyrsa/02_certificate_spec.rb
|
118
|
+
- spec/spec_helper.rb
|
119
|
+
homepage: http://github.com/mikemackintosh/ruby-easyrsa
|
120
|
+
licenses:
|
121
|
+
- MIT
|
122
|
+
metadata: {}
|
123
|
+
post_install_message:
|
124
|
+
rdoc_options: []
|
125
|
+
require_paths:
|
126
|
+
- lib
|
127
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
128
|
+
requirements:
|
129
|
+
- - '>='
|
130
|
+
- !ruby/object:Gem::Version
|
131
|
+
version: '0'
|
132
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
133
|
+
requirements:
|
134
|
+
- - '>='
|
135
|
+
- !ruby/object:Gem::Version
|
136
|
+
version: '0'
|
137
|
+
requirements: []
|
138
|
+
rubyforge_project:
|
139
|
+
rubygems_version: 2.0.14
|
140
|
+
signing_key:
|
141
|
+
specification_version: 4
|
142
|
+
summary: EasyRSA interface for generating OpenVPN certificates
|
143
|
+
test_files:
|
144
|
+
- spec/cacert.pem
|
145
|
+
- spec/cakey.pem
|
146
|
+
- spec/easyrsa/01_config_spec.rb
|
147
|
+
- spec/easyrsa/02_certificate_spec.rb
|
148
|
+
- spec/spec_helper.rb
|