Sha256: 7b3de49f03f5d1325dff8aaca423d20dd00d3151ca45ec9cfd9f37f28d5cb505
Contents?: true
Size: 1.09 KB
Versions: 3
Compression:
Stored size: 1.09 KB
Contents
Feature: Signature algorithm policy As the operator of a conditionally autosigning certification authority When deciding whether to sign a certificate I want to reject certificate signing requests with weak signature algorithms In order to enforce the use of strong cryptography across our network. Desired rspec output: Certmeister::Policy::SignatureAlgorithm may be configured with a set of strong signature algorithms defaults to ["sha256"] as the set of strong signature algorithms demands a request refuses to authenticate a request with a missing pem refuses to authenticate an invalid pem refuses to authenticate a request with a weak signature algorithm authenticates a request with a strong signature algorithm Use spec/certmeister/policy/key_bits_spec.rb as a guide to specifying the behaviour. Use lib/certmeister/policy/key_bits.rb as a guide to implementing the behaviour. You may find these fixtures useful: fixtures/sha1_4096bit.csr fixtures/sha256_4096bit.csr The signature algorithm of a CSR is provided by the OpenSSL::X509::Request#signature_algorithm method.
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| certmeister-2.3.2 | SignatureAlgorithm.txt |
| certmeister-2.3.1 | SignatureAlgorithm.txt |
| certmeister-2.3.0 | SignatureAlgorithm.txt |