blob: 590d5be17c3987ddc29a9520eef782f42741ffe5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
module CertificateAuthority
class SigningRequest
attr_accessor :distinguished_name
attr_accessor :key_material
attr_accessor :raw_body
attr_accessor :openssl_csr
attr_accessor :digest
def to_cert
cert = Certificate.new
if !@distinguished_name.nil?
cert.distinguished_name = @distinguished_name
end
cert.key_material = @key_material
cert
end
def to_pem
to_x509_csr.to_pem
end
def to_x509_csr
raise "Must specify a DN/subject on csr" if @distinguished_name.nil?
raise "Invalid DN in request" unless @distinguished_name.valid?
raise "CSR must have key material" if @key_material.nil?
raise "CSR must include a public key on key material" if @key_material.public_key.nil?
opensslcsr = OpenSSL::X509::Request.new
opensslcsr.subject = @distinguished_name.to_x509_name
opensslcsr.public_key = @key_material.public_key
opensslcsr.sign @key_material.private_key, OpenSSL::Digest::Digest.new(@digest || "SHA512")
opensslcsr
end
def self.from_x509_csr(raw_csr)
csr = SigningRequest.new
openssl_csr = OpenSSL::X509::Request.new(raw_csr)
csr.distinguished_name = DistinguishedName.from_openssl openssl_csr.subject
csr.raw_body = raw_csr
csr.openssl_csr = openssl_csr
key_material = SigningRequestKeyMaterial.new
key_material.public_key = openssl_csr.public_key
csr.key_material = key_material
csr
end
def self.from_netscape_spkac(raw_spkac)
openssl_spkac = OpenSSL::Netscape::SPKI.new raw_spkac
csr = SigningRequest.new
csr.raw_body = raw_spkac
key_material = SigningRequestKeyMaterial.new
key_material.public_key = openssl_spkac.public_key
csr
end
end
end
|
