Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

DNS and IP entries added to subjectAltNames x509 extensions #11

Merged
merged 2 commits into from

2 participants

Eric Monti Chris Chandler
Eric Monti

Added accessors for ips and dns_names to the object, changed 'to_s' accordingly. Confirm my assumptions in the specs, though, I'm not an expert on this.

Eric Monti

heh ignore this pull, i left my intentional red spec in by accident when i committed

Eric Monti

ok good to go.

Chris Chandler
Owner

I like it. I've been meaning to add the additionally supported types on SubjectAlternativeName for a while. Thanks :-) !

Chris Chandler cchandler merged commit 6a892b5 into from
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Jan 23, 2012
Commits on Jan 24, 2012
  1. remove my intentional red spec ;)

    Eric Monti authored
This page is out of date. Refresh to see the latest.
27 lib/certificate_authority/extensions.rb
View
@@ -156,26 +156,39 @@ def to_s
class SubjectAlternativeName
include ExtensionAPI
- attr_accessor :uris
+ attr_accessor :uris, :dns_names, :ips
def initialize
self.uris = []
+ self.dns_names = []
+ self.ips = []
end
def uris=(value)
raise "URIs must be an array" unless value.is_a?(Array)
@uris = value
end
-
+
+ def dns_names=(value)
+ raise "DNS names must be an array" unless value.is_a?(Array)
+ @dns_names = value
+ end
+
+ def ips=(value)
+ raise "IPs must be an array" unless value.is_a?(Array)
+ @ips = value
+ end
+
def openssl_identifier
"subjectAltName"
end
def to_s
- if self.uris.empty?
- return ""
- end
- "URI:#{self.uris.join(',URI:')}"
+ res = self.uris.map {|u| "URI:#{u}" }
+ res += self.dns_names.map {|d| "DNS:#{d}" }
+ res += self.ips.map {|i| "IP:#{i}" }
+
+ return res.join(',')
end
end
@@ -250,4 +263,4 @@ def to_s
end
end
-end
+end
66 spec/units/extensions_spec.rb
View
@@ -40,7 +40,7 @@
lambda {subjectAltName.uris = "not an array"}.should raise_error
end
- it "should generate a proper OpenSSL extension string" do
+ it "should generate a proper OpenSSL extension string for URIs" do
subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
subjectAltName.uris = ["http://localhost.altname.example.com"]
subjectAltName.to_s.should == "URI:http://localhost.altname.example.com"
@@ -49,5 +49,67 @@
subjectAltName.to_s.should == "URI:http://localhost.altname.example.com,URI:http://other.example.com"
end
+
+ it "should respond to :dns_names" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+ subjectAltName.respond_to?(:dns_names).should be_true
+ end
+
+ it "should require 'dns_names' to be an Array" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+ lambda {subjectAltName.dns_names = "not an array"}.should raise_error
+ end
+
+ it "should generate a proper OpenSSL extension string for DNS names" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+ subjectAltName.dns_names = ["localhost.altname.example.com"]
+ subjectAltName.to_s.should == "DNS:localhost.altname.example.com"
+
+ subjectAltName.dns_names = ["localhost.altname.example.com", "other.example.com"]
+ subjectAltName.to_s.should == "DNS:localhost.altname.example.com,DNS:other.example.com"
+ end
+
+ it "should respond to :ips" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+ subjectAltName.respond_to?(:ips).should be_true
+ end
+
+ it "should require 'ips' to be an Array" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+ lambda {subjectAltName.ips = "not an array"}.should raise_error
+ end
+
+ it "should generate a proper OpenSSL extension string for IPs" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+ subjectAltName.ips = ["1.2.3.4"]
+ subjectAltName.to_s.should == "IP:1.2.3.4"
+
+ subjectAltName.ips = ["1.2.3.4", "5.6.7.8"]
+ subjectAltName.to_s.should == "IP:1.2.3.4,IP:5.6.7.8"
+ end
+
+ it "should generate a proper OpenSSL extension string for URIs IPs and DNS names together" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+ subjectAltName.ips = ["1.2.3.4"]
+ subjectAltName.to_s.should == "IP:1.2.3.4"
+
+ subjectAltName.dns_names = ["localhost.altname.example.com"]
+ subjectAltName.to_s.should == "DNS:localhost.altname.example.com,IP:1.2.3.4"
+
+ subjectAltName.dns_names = ["localhost.altname.example.com", "other.example.com"]
+ subjectAltName.to_s.should == "DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4"
+
+ subjectAltName.ips = ["1.2.3.4", "5.6.7.8"]
+ subjectAltName.to_s.should == "DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4,IP:5.6.7.8"
+
+ subjectAltName.uris = ["http://localhost.altname.example.com"]
+ subjectAltName.to_s.should == "URI:http://localhost.altname.example.com,DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4,IP:5.6.7.8"
+
+ subjectAltName.uris = ["http://localhost.altname.example.com", "http://other.altname.example.com"]
+ subjectAltName.to_s.should == "URI:http://localhost.altname.example.com,URI:http://other.altname.example.com,DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4,IP:5.6.7.8"
+
+ end
+
+
end
-end
+end
Something went wrong with that request. Please try again.