Metabrik-Repository
view release on metacpan or search on metacpan
lib/Metabrik/Crypto/X509.pm view on Meta::CPAN
$self->ca_name($ca_name);
$self->ca_lc_name($ca_lc_name);
$self->ca_conf($ca_conf);
$self->ca_directory($ca_directory);
$self->ca_cert($ca_cert);
$self->ca_key($ca_key);
return 1;
}
sub ca_init {
my $self = shift;
my ($ca_name, $ca_directory) = @_;
$ca_name ||= $self->ca_name;
$ca_directory ||= $self->ca_directory;
$self->brik_help_run_undef_arg('ca_init', $ca_name) or return;
$self->brik_help_run_undef_arg('ca_init', $ca_directory) or return;
$self->set_ca_attributes($ca_name)
or return $self->log->error("ca_init: set_ca_attributes failed");
if (-d $ca_directory) {
return $self->log->error("ca_init: ca with name [$ca_name] already exists");
}
else {
mkdir($ca_directory)
or return $self->log->error("ca_init: mkdir1 failed with error [$!]");
mkdir($ca_directory.'/certs')
or return $self->log->error("ca_init: mkdir2 failed with error [$!]");
mkdir($ca_directory.'/csrs')
or return $self->log->error("ca_init: mkdir3 failed with error [$!]");
my $ft = Metabrik::File::Text->new_from_brik_init($self) or return;
$ft->write('', $ca_directory.'/index.txt') or return;
$ft->write('01', $ca_directory.'/serial') or return;
}
$self->log->verbose("ca_init: using directory [$ca_directory]");
my $ca_conf = $self->ca_conf;
my $ca_cert = $self->ca_cert;
my $ca_key = $self->ca_key;
my $ca_lc_name = $self->ca_lc_name;
my $key_size = $self->key_size;
my $email = 'dummy@example.com';
my $organization = 'Dummy Org';
my $content = [
"[ ca ]",
"default_ca = $ca_lc_name",
"",
"[ $ca_lc_name ]",
"dir = $ca_directory",
"certificate = $ca_cert",
"database = \$dir/index.txt",
"#certs = \$dir/cert-csr",
"new_certs_dir = \$dir/certs",
"private_key = $ca_key",
"serial = \$dir/serial",
"default_crl_days = 7",
"default_days = 3650",
"#default_md = md5",
"default_md = sha1",
"policy = ${ca_lc_name}_policy",
"x509_extensions = certificate_extensions",
"",
"[ ${ca_lc_name}_policy ]",
"commonName = supplied",
"stateOrProvinceName = supplied",
"countryName = supplied",
"organizationName = supplied",
"organizationalUnitName = optional",
"emailAddress = optional",
"",
"[ certificate_extensions ]",
"basicConstraints = CA:false",
"",
"[ req ]",
"default_bits = $key_size",
"default_keyfile = $ca_key",
"#default_md = md5",
"default_days = 1800",
"default_md = sha1",
"prompt = no",
"distinguished_name = root_ca_distinguished_name",
"x509_extensions = root_ca_extensions",
"",
"[ root_ca_distinguished_name ]",
"commonName = $ca_name",
"stateOrProvinceName = Paris",
"countryName = FR",
"emailAddress = $email",
"organizationName = $organization",
"",
"[ root_ca_extensions ]",
"basicConstraints = CA:true",
];
my $ft = Metabrik::File::Text->new_from_brik_init($self) or return;
$ft->overwrite(1);
$ft->write($content, $ca_conf)
or return $self->log->error("ca_init: write failed");
$self->log->verbose("ca_init: using conf file [$ca_conf] and cert [$ca_cert]");
my $cmd = "openssl req -x509 -newkey rsa:$key_size ".
"-days 1800 -out $ca_cert -outform PEM -config $ca_conf";
$self->system($cmd) or return;
my $hash = $self->cert_hash($ca_cert) or return;
my $sf = Metabrik::System::File->new_from_brik_init($self) or return;
$sf->link($ca_cert, $ca_directory.'/'.$hash.'.0') or return;
return $ca_cert;
}
( run in 0.698 second using v1.01-cache-2.11-cpan-39bf76dae61 )