Skip to content

Commit

Permalink
Adds ability to programatically generate CSRs
Browse files Browse the repository at this point in the history
  • Loading branch information
@cchandler
cchandler committed Sep 14, 2012
1 parent 78038c2 commit dc3126f
Show file tree
Hide file tree
Showing 2 changed files with 49 additions and 0 deletions.
11 changes: 11 additions & 0 deletions lib/certificate_authority/signing_request.rb
View file
Expand Up @@ -14,6 +14,17 @@ def to_cert
cert
end

def to_x509_csr
raise "Must specify a DN/subject on csr" if @distinguished_name.nil?
raise "Invalid DN in request" unless @distinguished_name.valid?
raise "CSR must have key material" if @key_material.nil?
raise "CSR must include a public key on key material" if @key_material.public_key.nil?
opensslcsr = OpenSSL::X509::Request.new
opensslcsr.subject = @distinguished_name.to_x509_name
opensslcsr.public_key = @key_material.public_key
opensslcsr
end

def self.from_x509_csr(raw_csr)
csr = SigningRequest.new
openssl_csr = OpenSSL::X509::Request.new(raw_csr)
Expand Down
38 changes: 38 additions & 0 deletions spec/units/signing_request_spec.rb
View file
Expand Up @@ -96,4 +96,42 @@
@csr.should be_a(CertificateAuthority::SigningRequest)
end
end

describe "Generating CSRs" do
it "should generate a csr" do
csr = CertificateAuthority::SigningRequest.new
dn = CertificateAuthority::DistinguishedName.new
dn.common_name = "localhost"
csr.distinguished_name = dn
key_pair =<<EOF
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCxiGVfRrf90CHmvXa+XYWE4m7LZ1slc6cxIYyIgZuQ5T8AeqUa
kbyYY4wMUR2gZ4pDPs/WGs8fW66q23qmHSr1bQ6HaL8znbD7UL/IiiyiW8I11orb
rhimIx1A606qi8/0gQc+H851gzUusd5xgKP2X+oPxYx3VG3dpksLnNK1IwIDAQAB
AoGAfrNNRbX+0dGcoERPXoT4KWJAmEHnNs9XXyUGWtXE5J/3Wqws8M1Zv5gr9w5d
CoFal6tYQQFZGJQiECYbXjoq0VT8ApWfuO/mCXyXfmnLFEU8EJjmXtXzn2yyPfoY
At7O8QwvG0bwtw1SqNf7cRtlOEIqoLMtdyaVv4C5ffyheIECQQDVdVf2Sk113Kke
PREzEb6XZ0n2ugSG8fWJh2QKUI4RXhg7bDzHhSpexeKsJdoet8NJOUEsXMoqLSzK
bBnSD63RAkEA1OogtDCkpwkvqC63a7hyDP7qRVHFuVeSA1fu+6BFS0xblkgvcPXT
J7WbWYcP+lqcLjXWeFsqe5qS6sDCsAhsswJAIumZZHgMqU1Y/9AfIwow8RR8vXT5
TpT+gur5CtLYGbEZJ4bxffSi1HNrOprKTSHjN/O8XCQlELboz4bUxk24MQJAcsaX
xKsoR4dTMoWkiSRQDyNoJOA1B3nmk3jWsryuPi42fSgCsxFBt/lVeoitm1c3NE3/
hLgYibNFGdm52e1gswJBAMwYuImbl6AVLv0Y41smxIkvfAzlyNfTAsp7GqLoMhYN
q/0KoyI2Ge3+NnmJI/eaiYs8qC2HjrgdX9ZDSUCWfpQ=
-----END RSA PRIVATE KEY-----
EOF
k = CertificateAuthority::KeyMaterial.from_x509_key_pair(key_pair)
csr.key_material = k
expected =<<EOF
-----BEGIN CERTIFICATE REQUEST-----
MIHHMIG8AgAwFDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUA
A4GNADCBiQKBgQCxiGVfRrf90CHmvXa+XYWE4m7LZ1slc6cxIYyIgZuQ5T8AeqUa
kbyYY4wMUR2gZ4pDPs/WGs8fW66q23qmHSr1bQ6HaL8znbD7UL/IiiyiW8I11orb
rhimIx1A606qi8/0gQc+H851gzUusd5xgKP2X+oPxYx3VG3dpksLnNK1IwIDAQAB
oAAwAwYBAAMBAA==
-----END CERTIFICATE REQUEST-----
EOF
csr.to_x509_csr.to_pem.should == expected
end
end
end

0 comments on commit dc3126f

Please sign in to comment.