Class: Vcert::FakeConnection
- Inherits:
-
Object
- Object
- Vcert::FakeConnection
- Defined in:
- lib/fake/fake.rb
Instance Method Summary collapse
-
#initialize ⇒ FakeConnection
constructor
A new instance of FakeConnection.
- #policy(zone_tag) ⇒ Object
- #renew(request, generate_new_key: true) ⇒ Object
- #request(zone_tag, request) ⇒ Object
- #retrieve(request) ⇒ Object
- #zone_configuration(zone_tag) ⇒ Object
Constructor Details
#initialize ⇒ FakeConnection
Returns a new instance of FakeConnection.
7 8 9 |
# File 'lib/fake/fake.rb', line 7 def initialize() @cert_cache = {} end |
Instance Method Details
#policy(zone_tag) ⇒ Object
36 37 38 39 40 41 42 43 |
# File 'lib/fake/fake.rb', line 36 def policy(zone_tag) key_types = [1024, 2048, 4096, 8192].map {|s| Vcert::KeyType.new("rsa", s) } + Vcert::SUPPORTED_CURVES.map {|c| Vcert::KeyType.new("ecdsa", c) } Vcert::Policy.new(policy_id: zone_tag, name: zone_tag, system_generated: false, creation_date: nil, subject_cn_regexes: [".*"], subject_o_regexes: [".*"], subject_ou_regexes: [".*"], subject_st_regexes: [".*"], subject_l_regexes: [".*"], subject_c_regexes: [".*"], san_regexes: [".*"], key_types: key_types) end |
#renew(request, generate_new_key: true) ⇒ Object
56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 |
# File 'lib/fake/fake.rb', line 56 def renew(request, generate_new_key: true) if request.thumbprint if generate_new_key new_key = OpenSSL::PKey::RSA.new 2048 csr = OpenSSL::X509::Request.new csr.subject = @cert_cache[request.thumbprint].subject csr.public_key = new_key.public_key csr.sign new_key, OpenSSL::Digest::SHA256.new return Base64.encode64(csr.to_pem), new_key.to_pem else raise Vcert::VcertError, "can not be implemented" end end unless generate_new_key return request.id, request.private_key end new_key = OpenSSL::PKey::RSA.new 2048 csr = OpenSSL::X509::Request.new Base64.decode64(request.id) csr.public_key = new_key.public_key csr.sign new_key, OpenSSL::Digest::SHA256.new return Base64.encode64(csr.to_pem), new_key.to_pem end |
#request(zone_tag, request) ⇒ Object
11 12 13 |
# File 'lib/fake/fake.rb', line 11 def request(zone_tag, request) request.id = Base64.encode64(request.csr) end |
#retrieve(request) ⇒ Object
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
# File 'lib/fake/fake.rb', line 15 def retrieve(request) csrpem = Base64.decode64(request.id) csr = OpenSSL::X509::Request.new(csrpem) root_ca = OpenSSL::X509::Certificate.new ROOT_CA root_key = OpenSSL::PKey::RSA.new ROOT_KEY cert = OpenSSL::X509::Certificate.new cert.version = 2 cert.serial = (Time.new.to_f() * 100).to_i cert.subject = csr.subject cert.issuer = root_ca.subject cert.not_before = Time.now cert.public_key = csr.public_key cert.not_after = cert.not_before + 1 * 365 * 24 * 60 * 60 # todo: add extensions cert.sign(root_key, OpenSSL::Digest::SHA256.new) c = Vcert::Certificate.new cert:cert.to_pem, chain: [ROOT_CA], private_key: request.private_key thumbprint = OpenSSL::Digest::SHA1.new(cert.to_der).to_s @cert_cache[thumbprint] = cert c end |
#zone_configuration(zone_tag) ⇒ Object
45 46 47 48 49 50 51 52 53 54 |
# File 'lib/fake/fake.rb', line 45 def zone_configuration(zone_tag) Vcert::ZoneConfiguration.new( country: Vcert::CertField.new("US"), province: Vcert::CertField.new("Utah"), locality: Vcert::CertField.new("Salt Lake City"), organization: Vcert::CertField.new("Venafi"), organizational_unit: Vcert::CertField.new("DevOps"), key_type: Vcert::CertField.new(Vcert::KeyType.new("rsa", 2048), locked: true), ) end |