Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DNS and IP entries added to subjectAltNames x509 extensions #11

Merged
merged 2 commits into from
Jan 31, 2012
Merged

DNS and IP entries added to subjectAltNames x509 extensions #11

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6d620fd
added DNS and IP entries to subjectAltName x509 extension
Jan 23, 2012
d4bc26b
remove my intentional red spec ;)
Jan 24, 2012
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 20 additions & 7 deletions lib/certificate_authority/extensions.rb
View file
Open in desktop
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -156,26 +156,39 @@ def to_s
class SubjectAlternativeName class SubjectAlternativeName
include ExtensionAPI include ExtensionAPI


attr_accessor :uris attr_accessor :uris, :dns_names, :ips


def initialize def initialize
self.uris = [] self.uris = []
self.dns_names = []
self.ips = []
end end


def uris=(value) def uris=(value)
raise "URIs must be an array" unless value.is_a?(Array) raise "URIs must be an array" unless value.is_a?(Array)
@uris = value @uris = value
end end


def dns_names=(value)
raise "DNS names must be an array" unless value.is_a?(Array)
@dns_names = value
end

def ips=(value)
raise "IPs must be an array" unless value.is_a?(Array)
@ips = value
end

def openssl_identifier def openssl_identifier
"subjectAltName" "subjectAltName"
end end


def to_s def to_s
if self.uris.empty? res = self.uris.map {|u| "URI:#{u}" }
return "" res += self.dns_names.map {|d| "DNS:#{d}" }
end res += self.ips.map {|i| "IP:#{i}" }
"URI:#{self.uris.join(',URI:')}"
return res.join(',')
end end
end end


Expand Down Expand Up @@ -250,4 +263,4 @@ def to_s
end end


end end
end end
66 changes: 64 additions & 2 deletions spec/units/extensions_spec.rb
View file
Open in desktop
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@
lambda {subjectAltName.uris = "not an array"}.should raise_error lambda {subjectAltName.uris = "not an array"}.should raise_error
end end


it "should generate a proper OpenSSL extension string" do it "should generate a proper OpenSSL extension string for URIs" do
subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
subjectAltName.uris = ["http://localhost.altname.example.com"] subjectAltName.uris = ["http://localhost.altname.example.com"]
subjectAltName.to_s.should == "URI:http://localhost.altname.example.com" subjectAltName.to_s.should == "URI:http://localhost.altname.example.com"
Expand All @@ -49,5 +49,67 @@
subjectAltName.to_s.should == "URI:http://localhost.altname.example.com,URI:http://other.example.com" subjectAltName.to_s.should == "URI:http://localhost.altname.example.com,URI:http://other.example.com"
end end



it "should respond to :dns_names" do
subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
subjectAltName.respond_to?(:dns_names).should be_true
end

it "should require 'dns_names' to be an Array" do
subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
lambda {subjectAltName.dns_names = "not an array"}.should raise_error
end

it "should generate a proper OpenSSL extension string for DNS names" do
subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
subjectAltName.dns_names = ["localhost.altname.example.com"]
subjectAltName.to_s.should == "DNS:localhost.altname.example.com"

subjectAltName.dns_names = ["localhost.altname.example.com", "other.example.com"]
subjectAltName.to_s.should == "DNS:localhost.altname.example.com,DNS:other.example.com"
end

it "should respond to :ips" do
subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
subjectAltName.respond_to?(:ips).should be_true
end

it "should require 'ips' to be an Array" do
subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
lambda {subjectAltName.ips = "not an array"}.should raise_error
end

it "should generate a proper OpenSSL extension string for IPs" do
subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
subjectAltName.ips = ["1.2.3.4"]
subjectAltName.to_s.should == "IP:1.2.3.4"

subjectAltName.ips = ["1.2.3.4", "5.6.7.8"]
subjectAltName.to_s.should == "IP:1.2.3.4,IP:5.6.7.8"
end

it "should generate a proper OpenSSL extension string for URIs IPs and DNS names together" do
subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
subjectAltName.ips = ["1.2.3.4"]
subjectAltName.to_s.should == "IP:1.2.3.4"

subjectAltName.dns_names = ["localhost.altname.example.com"]
subjectAltName.to_s.should == "DNS:localhost.altname.example.com,IP:1.2.3.4"

subjectAltName.dns_names = ["localhost.altname.example.com", "other.example.com"]
subjectAltName.to_s.should == "DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4"

subjectAltName.ips = ["1.2.3.4", "5.6.7.8"]
subjectAltName.to_s.should == "DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4,IP:5.6.7.8"

subjectAltName.uris = ["http://localhost.altname.example.com"]
subjectAltName.to_s.should == "URI:http://localhost.altname.example.com,DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4,IP:5.6.7.8"

subjectAltName.uris = ["http://localhost.altname.example.com", "http://other.altname.example.com"]
subjectAltName.to_s.should == "URI:http://localhost.altname.example.com,URI:http://other.altname.example.com,DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4,IP:5.6.7.8"

end


end end
end end