Module: Ronin::Support::Network::SSL::LocalCert Private

Defined in:

lib/ronin/support/network/ssl/local_cert.rb

Overview

This module is part of a private API. You should avoid using this module if possible, as it may be removed or be changed in the future.

Represents the certificate used for local SSL server sockets.

Constant Summary

PATH =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

The cached ~/.local/share/ronin/ronin-support/ssl.crt.

File.join(Home::LOCAL_SHARE_DIR,'ronin','ronin-support','ssl.crt')

Class Method Summary

• .fetch ⇒ Crypto::Cert private

  Fetches the default SSL certificate used for all SSL server sockets.

• .generate ⇒ Crypto::Cert private

  Generates a new self-signed SSL certificate using the local key and saves it to ~/.local/share/ronin/ssl.crt.

• .load ⇒ Crypto::Cert private

  Loads the local certificate from ~/.local/share/ronin/ssl.crt.

• .subject_alt_name ⇒ String private

  The value for the subjectAltName extension.

Class Method Details

.fetch ⇒ Crypto::Cert

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Fetches the default SSL certificate used for all SSL server sockets.

Returns:

• (Crypto::Cert) —

  The default SSL certificate.

# File 'lib/ronin/support/network/ssl/local_cert.rb', line 87

def self.fetch
  if File.file?(PATH) then load
  else                     generate
  end
end

.generate ⇒ Crypto::Cert

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Note:

The file will be created with chmod umask of 0644 (aka -rw-r--r--).

Generates a new self-signed SSL certificate using the local key and saves it to ~/.local/share/ronin/ssl.crt.

Returns:

• (Crypto::Cert) —

  The newly generated certificate.

# File 'lib/ronin/support/network/ssl/local_cert.rb', line 50

def self.generate
  cert = Crypto::Cert.generate(
    key: LocalKey.fetch,
    subject: {
      common_name:         'localhost',
      organization:        'ronin-rb',
      organizational_unit: 'ronin-support'
    },
    extensions: {
      'subjectAltName' => subject_alt_name
    }
  )

  FileUtils.mkdir_p(File.dirname(PATH))
  FileUtils.touch(PATH)
  FileUtils.chmod(0644,PATH)

  cert.save(PATH)
  return cert
end

.load ⇒ Crypto::Cert

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Loads the local certificate from ~/.local/share/ronin/ssl.crt.

Returns:

• (Crypto::Cert) —

  The loaded certificate.

# File 'lib/ronin/support/network/ssl/local_cert.rb', line 77

def self.load
  Crypto::Cert.load_file(PATH)
end

.subject_alt_name ⇒ String

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

The value for the subjectAltName extension.

Returns:

• (String)

# File 'lib/ronin/support/network/ssl/local_cert.rb', line 98

def self.subject_alt_name
  string = String.new("DNS: localhost")

  # append the additional local IP addresses
  IP.local_addresses.each do |address|
    string << ", IP: #{address}"
  end

  return string
end