Update cookbooks and add wordpress cookbook

2016-02-19 18:09:49 +01:00
parent 9ba973e3ac
commit 820b0ab3f8
606 changed files with 22421 additions and 14084 deletions
--- a/cookbooks/openssl/libraries/helpers.rb
+++ b/cookbooks/openssl/libraries/helpers.rb
@@ -0,0 +1,60 @@
+module OpenSSLCookbook
+  # Helper functions for the OpenSSL cookbook.
+  module Helpers
+    def self.included(_base)
+      require 'openssl' unless defined?(OpenSSL)
+    end
+
+    # Path helpers
+    def get_key_filename(cert_filename)
+      cert_file_path, cert_filename = ::File.split(cert_filename)
+      cert_filename = ::File.basename(cert_filename, ::File.extname(cert_filename))
+      cert_file_path + ::File::SEPARATOR + cert_filename + '.key'
+    end
+
+    # Validation helpers
+    def key_length_valid?(number)
+      number >= 1024 && number & (number - 1) == 0
+    end
+
+    def dhparam_pem_valid?(dhparam_pem_path)
+      # Check if the dhparam.pem file exists
+      # Verify the dhparam.pem file contains a key
+      return false unless File.exist?(dhparam_pem_path)
+      dhparam = OpenSSL::PKey::DH.new File.read(dhparam_pem_path)
+      dhparam.params_ok?
+    end
+
+    def key_file_valid?(key_file_path, key_password = nil)
+      # Check if the key file exists
+      # Verify the key file contains a private key
+      return false unless File.exist?(key_file_path)
+      key = OpenSSL::PKey::RSA.new File.read(key_file_path), key_password
+      key.private?
+    end
+
+    # Generators
+    def gen_dhparam(key_length, generator)
+      fail ArgumentError, 'Key length must be a power of 2 greater than or equal to 1024' unless key_length_valid?(key_length)
+      fail TypeError, 'Generator must be an integer' unless generator.is_a?(Integer)
+
+      OpenSSL::PKey::DH.new(key_length, generator)
+    end
+
+    def gen_rsa_key(key_length)
+      fail ArgumentError, 'Key length must be a power of 2 greater than or equal to 1024' unless key_length_valid?(key_length)
+
+      OpenSSL::PKey::RSA.new(key_length)
+    end
+
+    # Key manipulation helpers
+    # Returns a pem string
+    def encrypt_rsa_key(rsa_key, key_password)
+      fail TypeError, 'rsa_key must be a Ruby OpenSSL::PKey::RSA object' unless rsa_key.is_a?(OpenSSL::PKey::RSA)
+      fail TypeError, 'RSA key password must be a string' unless key_password.is_a?(String)
+
+      cipher = OpenSSL::Cipher::Cipher.new('des3')
+      rsa_key.to_pem(cipher, key_password)
+    end
+  end
+end