mini_ca 1.1.0 → 1.2.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 06bddcecf2ec2c529177bb69a1eba6976782dc5a
4
- data.tar.gz: cf6e2f175bca1fc67a9189d732aa4fd98ff177d8
3
+ metadata.gz: 017ba2353e7b1f0cfc7770644189710f4b665dff
4
+ data.tar.gz: fb8b2ec2b5a20d6f6b64e48be6894bd3308bec73
5
5
  SHA512:
6
- metadata.gz: d250121cf10d9be8eb6920cb875da350c69abcb53f027719f15bb524d6d83cdef6070b92f2cf97a94be5d522308e04dc1e8be5c4ee6a904a8d0c01cdb450e889
7
- data.tar.gz: 91817dd4578ff71c5822175fccb2538e1f22e85b0b4886bbd82cd18d49781af768df65d1eb4ff8e184f2f77fa2732503c70bf8fbe236b8776d400df3acc8e8c8
6
+ metadata.gz: 349e601091f44f72f7674bde29fd5a362bd53bf1e7768be38203f10125b9851860a65d7d61bb781ccd91c659da044f83e7e336d01c580265f08f1170da9cd321
7
+ data.tar.gz: a498bcf442c489c9a05ab1830035e14fea8a8efc0eaea19c9f8b6cbab2b0f3b6f22b334ea66ae0a682a503b80e123992bc6a8c9418f89a8e1903ce7ba492d455
@@ -28,7 +28,7 @@ module MiniCa
28
28
  x509.version = 0x2
29
29
  x509.serial = serial || 0
30
30
 
31
- x509.public_key = send(:private_key).public_key
31
+ x509.public_key = public_key
32
32
 
33
33
  x509.subject = OpenSSL::X509::Name.new
34
34
 
@@ -126,5 +126,20 @@ module MiniCa
126
126
  def private_key_pem
127
127
  private_key.to_pem
128
128
  end
129
+
130
+ def public_key
131
+ case private_key
132
+ when OpenSSL::PKey::RSA
133
+ private_key.public_key
134
+ when OpenSSL::PKey::EC
135
+ # See: https://github.com/ruby/openssl/issues/29#issuecomment-230664793
136
+ # See: https://alexpeattie.com/blog/signing-a-csr-with-ecdsa-in-ruby
137
+ pub = OpenSSL::PKey::EC.new(private_key.group)
138
+ pub.public_key = private_key.public_key
139
+ pub
140
+ else
141
+ raise Error, "Unsupported private_key: #{private_key.class}"
142
+ end
143
+ end
129
144
  end
130
145
  end
@@ -1,3 +1,3 @@
1
1
  module MiniCa
2
- VERSION = '1.1.0'.freeze
2
+ VERSION = '1.2.0'.freeze
3
3
  end
@@ -53,10 +53,28 @@ describe MiniCa::Certificate do
53
53
  end
54
54
  end
55
55
 
56
- it 'initializes with a custom private_key' do
56
+ it 'initializes with a custom private_key (RSA)' do
57
57
  k = OpenSSL::PKey::RSA.new(512)
58
- expect(described_class.new('x', private_key: k).private_key_pem)
59
- .to eq(k.to_pem)
58
+
59
+ crt = described_class.new('x', private_key: k)
60
+ expect(crt.private_key_pem).to eq(k.to_pem)
61
+ expect(crt.x509.check_private_key(k)).to be_truthy
62
+ end
63
+
64
+ it 'initializes with a custom private_key (ECDSA)' do
65
+ k = OpenSSL::PKey::EC.new('prime256v1').tap(&:generate_key)
66
+
67
+ # Ruby < 2.4 lacks a #private? method on EC keys, which is used when
68
+ # signing. We're not going to monkey-patch this for users, but we want to
69
+ # monkey patch it for our own specs.
70
+ maj, min, = RUBY_VERSION.split('.').map { |e| Integer(e) }
71
+ unless maj >= 2 && min >= 4 || maj > 2
72
+ allow(k).to receive(:private?) { k.private_key? }
73
+ end
74
+
75
+ crt = described_class.new('x', private_key: k)
76
+ expect(crt.private_key_pem).to eq(k.to_pem)
77
+ expect(crt.x509.check_private_key(k)).to be_truthy
60
78
  end
61
79
  end
62
80
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mini_ca
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0
4
+ version: 1.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Thomas Orozco