kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 26 Pull Requests 2 Projects 2 Activity
chef/cookbooks/openssl/libraries/helpers.rb
Greg Karékinian d49f28574c Update openssl cookbook
2017-04-07 18:19:28 +02:00

61 lines
2.1 KiB
Ruby
Raw Blame History

module OpenSSLCookbook
# Helper functions for the OpenSSL cookbook.
module Helpers
def self.included(_base)
require 'openssl' unless defined?(OpenSSL)
end
# Path helpers
def get_key_filename(cert_filename)
cert_file_path, cert_filename = ::File.split(cert_filename)
cert_filename = ::File.basename(cert_filename, ::File.extname(cert_filename))
cert_file_path + ::File::SEPARATOR + cert_filename + '.key'
end
# Validation helpers
def key_length_valid?(number)
number >= 1024 && number & (number - 1) == 0
end
def dhparam_pem_valid?(dhparam_pem_path)
# Check if the dhparam.pem file exists
# Verify the dhparam.pem file contains a key
return false unless ::File.exist?(dhparam_pem_path)
dhparam = OpenSSL::PKey::DH.new File.read(dhparam_pem_path)
dhparam.params_ok?
end
def key_file_valid?(key_file_path, key_password = nil)
# Check if the key file exists
# Verify the key file contains a private key
return false unless ::File.exist?(key_file_path)
key = OpenSSL::PKey::RSA.new File.read(key_file_path), key_password
key.private?
end
# Generators
def gen_dhparam(key_length, generator)
raise ArgumentError, 'Key length must be a power of 2 greater than or equal to 1024' unless key_length_valid?(key_length)
raise TypeError, 'Generator must be an integer' unless generator.is_a?(Integer)
OpenSSL::PKey::DH.new(key_length, generator)
end
def gen_rsa_key(key_length)
raise ArgumentError, 'Key length must be a power of 2 greater than or equal to 1024' unless key_length_valid?(key_length)
OpenSSL::PKey::RSA.new(key_length)
end
# Key manipulation helpers
# Returns a pem string
def encrypt_rsa_key(rsa_key, key_password)
raise TypeError, 'rsa_key must be a Ruby OpenSSL::PKey::RSA object' unless rsa_key.is_a?(OpenSSL::PKey::RSA)
raise TypeError, 'RSA key password must be a string' unless key_password.is_a?(String)
cipher = OpenSSL::Cipher::Cipher.new('des3')
rsa_key.to_pem(cipher, key_password)
end
end
end
Reference in New Issue View Git Blame Copy Permalink