今回は CSR を作りたいなというお話でして
色々ググったりして
RubyOpenSSLDigitalSignatureSample - Hironobu's Tips List
ここで秘密鍵のこと習ったり
Ruby のソース眺めたりして
結果こんな感じになりました
require 'openssl'
include OpenSSL
# RSA key pair を作る、引数は鍵長と exponent
pkey = PKey::RSA.new(1024, 65537)
# Subject 用にお名前を用意する
# oid と名前の pair を沢山渡す
# oid はどれ? という場合は http://www.alvestrand.no/objectid/2.5.4.html
# new でも渡せるし追加もできる
subject = X509::Name.new([['2.5.4.6', 'JP'], ['2.5.4.8', 'Tokyo']])
subject.add_entry('2.5.4.7', 'Chiyoda-ku')
subject.add_entry('2.5.4.10', 'example')
subject.add_entry('2.5.4.3', "www.example.com")
# subject = "/C=JP/ST=Tokyo/L=Chiyoda-ku/O=example/CN=www.example.com"
# 空の CSR を作って秘密鍵と Subject を登録
req = X509::Request.new()
req.public_key = pkey
req.subject = subject
# 最後に署名して終わり、鍵と hash 関数を与える
req.sign(pkey, OpenSSL::Digest::SHA1.new)
puts req.to_text
#Certificate Request:
# Data:
# Version: 0 (0x0)
# Subject: C=JP, ST=Tokyo, L=Chiyoda-ku, O=example, CN=www.example.com
# Subject Public Key Info:
# Public Key Algorithm: rsaEncryption
# RSA Public Key: (1024 bit)
# Modulus (1024 bit):
# 00:c3:a5:c1:63:63:0d:79:0e:94:e2:82:4f:97:97:
# 07:9a:26:86:8c:27:14:ef:99:ed:9e:9e:46:03:10:
# 9e:e9:6a:af:69:8a:11:47:29:55:c5:68:59:14:70:
# ce:6a:91:34:9a:59:98:1e:59:09:a3:f5:30:69:b6:
# bf:09:c2:24:5c:96:16:81:ef:4e:ae:51:70:0f:14:
# 03:9e:17:18:9c:c1:2c:c1:cb:5d:7f:9e:1b:4a:0d:
# 92:11:47:42:cc:71:23:54:0d:60:ec:79:4d:27:20:
# dd:f0:1f:31:06:c6:88:86:31:d5:a1:ba:91:5a:bb:
# 08:a5:29:4e:89:99:35:58:cd
# Exponent: 65537 (0x10001)
# Attributes:
# a0:00
# Signature Algorithm: sha1WithRSAEncryption
# 8b:df:fb:0f:5c:33:56:22:06:c7:1d:8d:df:a0:d3:fc:ea:ea:
# ff:bd:69:12:b5:f5:56:b2:9a:e0:38:2c:57:0e:99:33:97:93:
# 66:50:b4:68:d6:a4:9d:dc:71:77:48:1a:4c:a5:41:6a:33:29:
# 98:5a:ae:75:61:1f:0e:38:42:ab:29:e3:41:dd:bb:88:bf:d1:
# 27:2e:8e:91:c7:a8:a8:4a:f8:7c:dd:86:d5:48:94:19:a1:c0:
# 8a:bb:94:c2:c3:7b:50:7c:a2:9d:d3:45:45:59:cd:5c:d9:b6:
# a0:a6:db:13:32:75:27:3d:b6:84:a1:bb:30:6c:9b:8a:13:f7:
# ac:43
もうちょっとがんばって
- Extension 書く
- 日本語入れてみる
まぁそういうのは追い追い
0 件のコメント:
コメントを投稿