Class: ZATCA::Signing::CSR

Inherits:

Object

• Object
• ZATCA::Signing::CSR

Defined in:

lib/zatca/signing/csr.rb

Instance Attribute Summary

• #csr_options ⇒ Object readonly

  Returns the value of attribute csr_options.

• #key ⇒ Object readonly

  Returns the value of attribute key.

• #mode ⇒ Object readonly

  Returns the value of attribute mode.

Instance Method Summary

• #generate(csr_options: {}) ⇒ Object

  Returns a hash with two keys - csr - csr_without_headers.

• #initialize(csr_options:, mode: :production, private_key_path: nil, private_key_password: nil) ⇒ CSR constructor

  For security purposes, please provide your own private key.

Constructor Details

#initialize(csr_options:, mode: :production, private_key_path: nil, private_key_password: nil) ⇒ CSR

For security purposes, please provide your own private key. If you don’t provide one, a new unsecure one will be generated for testing purposes.

# File 'lib/zatca/signing/csr.rb', line 6

def initialize(
  csr_options:,
  mode: :production,
  private_key_path: nil,
  private_key_password: nil
)
  @csr_options = default_csr_options.merge(csr_options)
  @mode = mode.to_sym
  @private_key_path = private_key_path
  @private_key_password = private_key_password
  @generated_private_key_path = nil
end

Instance Attribute Details

#csr_options ⇒ Object (readonly)

Returns the value of attribute csr_options.

# File 'lib/zatca/signing/csr.rb', line 2

def csr_options
  @csr_options
end

#key ⇒ Object (readonly)

Returns the value of attribute key.

# File 'lib/zatca/signing/csr.rb', line 2

def key
  @key
end

#mode ⇒ Object (readonly)

Returns the value of attribute mode.

# File 'lib/zatca/signing/csr.rb', line 2

def mode
  @mode
end

Instance Method Details

#generate(csr_options: {}) ⇒ Object

Returns a hash with two keys

• csr

• csr_without_headers

# File 'lib/zatca/signing/csr.rb', line 22

def generate(csr_options: {})
  set_key
  write_csr_config

  command = generate_openssl_csr_command

  # Run the command and return the output
  output = `#{command}`

  cleanup_leftover_files

  output

  # TODO: Ruby version
  # request = OpenSSL::X509::Request.new
  # request.version = 0
  # request.subject = OpenSSL::X509::Name.new([
  #   ["C", csr_options[:country], OpenSSL::ASN1::PRINTABLESTRING],
  #   ["O", csr_options[:organization], OpenSSL::ASN1::UTF8STRING],
  #   ["OU", csr_options[:organization_unit], OpenSSL::ASN1::UTF8STRING],
  #   ["CN", csr_options[:common_name], OpenSSL::ASN1::UTF8STRING]
  # ])

  # extensions = [
  #   OpenSSL::X509::ExtensionFactory.new.create_extension("subjectAltName")
  # ]

  # # add SAN extension to the CSR
  # attribute_values = OpenSSL::ASN1::Set [OpenSSL::ASN1::Sequence(extensions)]
  # [
  #   OpenSSL::X509::Attribute.new("SN", attribute_values),
  #   OpenSSL::X509::Attribute.new("UID", attribute_values),
  #   OpenSSL::X509::Attribute.new("title", attribute_values),
  #   OpenSSL::X509::Attribute.new("registeredAddress", attribute_values),
  #   OpenSSL::X509::Attribute.new("businessCategory", attribute_values)
  # ]

  # attribute_values.each do |attribute|
  #   request.add_attribute attribute
  # end

  # request.public_key = public_key
  # csr = request.sign(key, OpenSSL::Digest.new("SHA256"))
  # csr_pem = csr.to_pem
  # csr_without_headers = csr_pem
  #   .to_s
  #   .gsub("-----BEGIN CERTIFICATE REQUEST-----", "")
  #   .gsub("-----END CERTIFICATE REQUEST-----", "")
  #   .delete("\n")

  # {
  #   csr: csr_pem,
  #   csr_without_headers: csr_without_headers
  # }
end