Class: EaSSL::AuthorityCertificate

Inherits:
Object
  • Object
show all
Defined in:
lib/eassl/authority_certificate.rb

Overview

Author

Paul Nicholson ([email protected])

Co-Author

Adam Williams ([email protected])

Copyright

Copyright © 2006 WebPower Design

License

Distributes under the same terms as Ruby

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(options) ⇒ AuthorityCertificate

Returns a new instance of AuthorityCertificate.



9
10
11
12
13
14
# File 'lib/eassl/authority_certificate.rb', line 9

def initialize(options)
  @options = {
    :key => nil, #required
    :name => {}, #required, CertificateName
  }.update(options)
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(method) ⇒ Object



42
43
44
# File 'lib/eassl/authority_certificate.rb', line 42

def method_missing(method)
  ssl.send(method)
end

Class Method Details

.load(pem_file_path) ⇒ Object



55
56
57
# File 'lib/eassl/authority_certificate.rb', line 55

def self.load(pem_file_path)
  new({}).load(File.read(pem_file_path))
end

Instance Method Details

#load(pem_string) ⇒ Object



46
47
48
49
50
51
52
53
# File 'lib/eassl/authority_certificate.rb', line 46

def load(pem_string)
  begin
    @ssl = OpenSSL::X509::Certificate.new(pem_string)
  rescue
    raise "CertificateLoader: Error loading certificate"
  end
  self
end

#sslObject



16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# File 'lib/eassl/authority_certificate.rb', line 16

def ssl
  unless @ssl
    cert = OpenSSL::X509::Certificate.new
    cert.not_before = Time.now
    cert.subject = cert.issuer = CertificateName.new({ :common_name => "CA" }.update(@options[:name])).name
    cert.not_after = cert.not_before + (365 * 5) * 24 * 60 * 60
    cert.public_key = @options[:key].public_key
    cert.serial = 1
    cert.version = 2 # X509v3

    ef = OpenSSL::X509::ExtensionFactory.new
    ef.subject_certificate = cert
    ef.issuer_certificate = cert
    cert.extensions = [
      ef.create_extension("basicConstraints","CA:TRUE"),
      ef.create_extension("keyUsage", "cRLSign, keyCertSign"),
      ef.create_extension("subjectKeyIdentifier", "hash"),
      ef.create_extension("nsComment", "Ruby/OpenSSL/EaSSL Generated Certificate"),
    ]
    cert.add_extension(ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always"))
    cert.sign(@options[:key].private_key, OpenSSL::Digest::SHA1.new)
    @ssl = cert
  end
  @ssl
end