r509 0.9.1 → 0.9.2
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +3 -4
- data/doc/R509.html +10 -10
- data/doc/R509/ASN1.html +1 -1
- data/doc/R509/ASN1/GeneralName.html +1 -1
- data/doc/R509/ASN1/GeneralNames.html +1 -1
- data/doc/R509/ASN1/NoticeReference.html +1 -1
- data/doc/R509/ASN1/PolicyInformation.html +1 -1
- data/doc/R509/ASN1/PolicyQualifiers.html +1 -1
- data/doc/R509/ASN1/UserNotice.html +1 -1
- data/doc/R509/CRL.html +1 -1
- data/doc/R509/CRL/Administrator.html +1 -1
- data/doc/R509/CRL/SignedList.html +1 -1
- data/doc/R509/CSR.html +1 -1
- data/doc/R509/Cert.html +1 -1
- data/doc/R509/Cert/Extensions.html +1 -1
- data/doc/R509/Cert/Extensions/AuthorityInfoAccess.html +1 -1
- data/doc/R509/Cert/Extensions/AuthorityKeyIdentifier.html +1 -1
- data/doc/R509/Cert/Extensions/BasicConstraints.html +1 -1
- data/doc/R509/Cert/Extensions/CRLDistributionPoints.html +1 -1
- data/doc/R509/Cert/Extensions/CertificatePolicies.html +1 -1
- data/doc/R509/Cert/Extensions/ExtendedKeyUsage.html +1 -1
- data/doc/R509/Cert/Extensions/InhibitAnyPolicy.html +1 -1
- data/doc/R509/Cert/Extensions/KeyUsage.html +1 -1
- data/doc/R509/Cert/Extensions/NameConstraints.html +1 -1
- data/doc/R509/Cert/Extensions/OCSPNoCheck.html +1 -1
- data/doc/R509/Cert/Extensions/PolicyConstraints.html +1 -1
- data/doc/R509/Cert/Extensions/SubjectAlternativeName.html +1 -1
- data/doc/R509/Cert/Extensions/SubjectKeyIdentifier.html +1 -1
- data/doc/R509/CertificateAuthority.html +1 -1
- data/doc/R509/CertificateAuthority/Signer.html +1 -1
- data/doc/R509/Config.html +1 -1
- data/doc/R509/Config/CAConfig.html +61 -61
- data/doc/R509/Config/CAConfigPool.html +16 -16
- data/doc/R509/Config/CAProfile.html +31 -31
- data/doc/R509/Config/SubjectItemPolicy.html +13 -13
- data/doc/R509/Engine.html +416 -0
- data/doc/R509/IOHelpers.html +1 -1
- data/doc/R509/MessageDigest.html +1 -1
- data/doc/R509/NameSanitizer.html +1 -1
- data/doc/R509/OCSP.html +1 -1
- data/doc/R509/OCSP/Request.html +1 -1
- data/doc/R509/OCSP/Request/Nonce.html +1 -1
- data/doc/R509/OCSP/Response.html +1 -1
- data/doc/R509/OIDMapper.html +1 -1
- data/doc/R509/PrivateKey.html +1 -1
- data/doc/R509/R509Error.html +1 -1
- data/doc/R509/SPKI.html +1 -1
- data/doc/R509/Subject.html +1 -1
- data/doc/R509/Validity.html +1 -1
- data/doc/R509/Validity/Checker.html +1 -1
- data/doc/R509/Validity/DefaultChecker.html +1 -1
- data/doc/R509/Validity/DefaultWriter.html +1 -1
- data/doc/R509/Validity/Status.html +1 -1
- data/doc/R509/Validity/Writer.html +1 -1
- data/doc/_index.html +8 -1
- data/doc/class_list.html +1 -1
- data/doc/file.README.html +4 -5
- data/doc/file.r509.html +1 -1
- data/doc/index.html +4 -5
- data/doc/method_list.html +443 -419
- data/doc/top-level-namespace.html +1 -1
- data/lib/r509.rb +1 -0
- data/lib/r509/config.rb +2 -1
- data/lib/r509/engine.rb +36 -0
- data/lib/r509/version.rb +1 -1
- data/spec/certificate_authority_spec.rb +4 -1
- data/spec/fixtures/config_test_various.yaml +2 -1
- metadata +5 -3
@@ -103,7 +103,7 @@
|
|
103
103
|
</div>
|
104
104
|
|
105
105
|
<div id="footer">
|
106
|
-
Generated on
|
106
|
+
Generated on Tue Apr 23 10:46:04 2013 by
|
107
107
|
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
108
108
|
0.8.5 (ruby-1.9.3).
|
109
109
|
</div>
|
data/lib/r509.rb
CHANGED
data/lib/r509/config.rb
CHANGED
@@ -4,6 +4,7 @@ require 'r509/exceptions'
|
|
4
4
|
require 'r509/io_helpers'
|
5
5
|
require 'r509/subject'
|
6
6
|
require 'r509/private_key'
|
7
|
+
require 'r509/engine'
|
7
8
|
require 'fileutils'
|
8
9
|
require 'pathname'
|
9
10
|
|
@@ -522,7 +523,7 @@ module R509
|
|
522
523
|
engine = ca_cert_hash['engine']
|
523
524
|
else
|
524
525
|
#this path can't be tested by unit tests. bah!
|
525
|
-
engine =
|
526
|
+
engine = R509::Engine.instance.load(ca_cert_hash['engine'])
|
526
527
|
end
|
527
528
|
ca_key = R509::PrivateKey.new(
|
528
529
|
:engine => engine,
|
data/lib/r509/engine.rb
ADDED
@@ -0,0 +1,36 @@
|
|
1
|
+
require 'singleton'
|
2
|
+
require 'openssl'
|
3
|
+
|
4
|
+
module R509
|
5
|
+
# a singleton class to store loaded OpenSSL Engines
|
6
|
+
class Engine
|
7
|
+
include Singleton
|
8
|
+
|
9
|
+
def initialize
|
10
|
+
@engines = {}
|
11
|
+
end
|
12
|
+
|
13
|
+
# @param hash Takes a hash with SO_PATH and ID
|
14
|
+
# @return OpenSSL::Engine object
|
15
|
+
def load(hash)
|
16
|
+
if not hash.has_key?("SO_PATH") or not hash.has_key?("ID")
|
17
|
+
raise ArgumentError, "You must supply a hash with both SO_PATH and ID"
|
18
|
+
end
|
19
|
+
if @engines.has_key?(hash["ID"])
|
20
|
+
@engines[hash["ID"]]
|
21
|
+
else
|
22
|
+
OpenSSL::Engine.load
|
23
|
+
@engines[hash["ID"]] = OpenSSL::Engine.by_id("dynamic") do |e|
|
24
|
+
e.ctrl_cmd("SO_PATH",hash["SO_PATH"])
|
25
|
+
e.ctrl_cmd("ID",hash["ID"])
|
26
|
+
e.ctrl_cmd("LOAD")
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
# Takes an engine ID and returns the engine object
|
32
|
+
def [](key)
|
33
|
+
@engines[key]
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
data/lib/r509/version.rb
CHANGED
@@ -165,7 +165,7 @@ describe R509::CertificateAuthority::Signer do
|
|
165
165
|
ca = R509::CertificateAuthority::Signer.new(config)
|
166
166
|
cert = ca.sign(:csr => csr, :profile_name => 'server')
|
167
167
|
cert.certificate_policies.should_not be_nil
|
168
|
-
cert.certificate_policies.policies.count.should ==
|
168
|
+
cert.certificate_policies.policies.count.should == 3
|
169
169
|
p0 = cert.certificate_policies.policies[0]
|
170
170
|
p0.policy_identifier.should == "2.16.840.1.99999.21.234"
|
171
171
|
p0.policy_qualifiers.cps_uris.should == ["http://example.com/cps", "http://haha.com"]
|
@@ -185,6 +185,9 @@ describe R509::CertificateAuthority::Signer do
|
|
185
185
|
un2 = p1.policy_qualifiers.user_notices[1]
|
186
186
|
un2.notice_reference.should be_nil
|
187
187
|
un2.explicit_text.should == "another user notice"
|
188
|
+
p2 = cert.certificate_policies.policies[2]
|
189
|
+
p2.policy_identifier.should == "2.16.840.1.99999.0"
|
190
|
+
p2.policy_qualifiers.should be_nil
|
188
191
|
end
|
189
192
|
it "issues a certificate with an authority key identifier" do
|
190
193
|
csr = R509::CSR.new(:csr => @csr)
|
@@ -64,7 +64,8 @@ multi_policy_ca: {
|
|
64
64
|
{ policy_identifier: "2.16.840.1.99999.21.235",
|
65
65
|
cps_uris: ["http://example.com/cps2"],
|
66
66
|
user_notices: [ { explicit_text: "this is a bad thing", organization: "another org", notice_numbers: "3,2,1" },{ explicit_text: "another user notice"} ]
|
67
|
-
}
|
67
|
+
},
|
68
|
+
{ policy_identifier: "2.16.840.1.99999.0" }
|
68
69
|
]
|
69
70
|
}
|
70
71
|
}
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: r509
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.9.
|
4
|
+
version: 0.9.2
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2013-04-
|
12
|
+
date: 2013-04-23 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: trollop
|
@@ -95,6 +95,7 @@ files:
|
|
95
95
|
- lib/r509/crl.rb
|
96
96
|
- lib/r509/csr.rb
|
97
97
|
- lib/r509/ec-hack.rb
|
98
|
+
- lib/r509/engine.rb
|
98
99
|
- lib/r509/exceptions.rb
|
99
100
|
- lib/r509/io_helpers.rb
|
100
101
|
- lib/r509/message_digest.rb
|
@@ -265,6 +266,7 @@ files:
|
|
265
266
|
- doc/R509/CRL/SignedList.html
|
266
267
|
- doc/R509/CRL.html
|
267
268
|
- doc/R509/CSR.html
|
269
|
+
- doc/R509/Engine.html
|
268
270
|
- doc/R509/IOHelpers.html
|
269
271
|
- doc/R509/MessageDigest.html
|
270
272
|
- doc/R509/NameSanitizer.html
|
@@ -305,7 +307,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
305
307
|
version: '0'
|
306
308
|
segments:
|
307
309
|
- 0
|
308
|
-
hash:
|
310
|
+
hash: -4196809951687890655
|
309
311
|
requirements: []
|
310
312
|
rubyforge_project:
|
311
313
|
rubygems_version: 1.8.23
|