lib/ronin/cli/commands/cert_gen.rb in ronin-2.0.5 vs lib/ronin/cli/commands/cert_gen.rb in ronin-2.1.0.rc1
- old
+ new
@@ -16,11 +16,13 @@
# along with Ronin. If not, see <https://www.gnu.org/licenses/>.
#
require 'ronin/cli/command'
require 'ronin/support/crypto/cert'
+require 'ronin/support/crypto/key'
require 'ronin/support/crypto/key/rsa'
+require 'ronin/support/crypto/key/dsa'
require 'ronin/support/crypto/key/ec'
require 'ronin/support/text/patterns'
require 'ronin/core/cli/logging'
@@ -45,11 +47,11 @@
# -O, --organization NAME The Organization (O) for the certificate
# -U, --organizational-unit NAME The Organizational Unit (OU)
# -L, --locality NAME The locality for the certificate
# -S, --state XX The two-letter State (ST) code for the certificate
# -C, --country XX The two-letter Country (C) code for the certificate
- # -t, --key-type rsa|ec The signing key type
+ # -t, --key-type rsa|dsa|ec The signing key type
# --generate-key PATH Generates and saves a random key (Default: key.pem)
# -k, --key-file FILE Loads the signing key from the FILE
# -H sha256|sha1|md5, The hash algorithm to use for signing (Default: sha256)
# --signing-hash
# --ca-key FILE The Certificate Authority (CA) key
@@ -68,10 +70,12 @@
#
class CertGen < Command
include Core::CLI::Logging
+ command_name 'cert-gen'
+
option :version, value: {
type: Integer,
usage: 'NUM',
default: 2
},
@@ -147,11 +151,11 @@
},
desc: 'The two-letter Country (C) code for the certificate'
option :key_type, short: '-t',
value: {
- type: [:rsa, :ec]
+ type: [:rsa, :dsa, :ec]
},
desc: 'The signing key type'
option :generate_key, value: {
type: String,
@@ -243,10 +247,11 @@
organizational_unit: options[:organizational_unit],
locality: options[:locality],
state: options[:state],
country: options[:country]
},
+ ca: options[:ca],
extensions: extensions
)
if options[:generate_key]
log_info "Saving key to #{options[:generate_key]} ..."
@@ -285,15 +290,17 @@
#
# The `--key-type` key class.
#
# @return [Class<Ronin::Support::Key::RSA>,
+ # Class<Ronin::Support::Key::DSA>,
# Class<Ronin::Support::Key::EC>, nil]
#
def key_class
case options[:key_type]
when :rsa then Support::Crypto::Key::RSA
+ when :dsa then Support::Crypto::Key::DSA
when :ec then Support::Crypto::Key::EC
end
end
#
@@ -346,31 +353,14 @@
# @return [Hash{String => Object}, nil]
#
def extensions
exts = {}
- if (ext = basic_constraints_ext)
- exts['basicConstraints'] = ext
- end
-
if (ext = subject_alt_name_ext)
exts['subjectAltName'] = ext
end
exts unless exts.empty?
- end
-
- #
- # Builds the `basicConstraints` extension.
- #
- # @return [(String, Boolean), nil]
- #
- def basic_constraints_ext
- if options[:ca]
- ['CA:TRUE', true]
- elsif options[:ca_key] || options[:ca_cert]
- ['CA:FALSE', true]
- end
end
IP_REGEXP = Support::Text::Patterns::IP
#