module Ronin::Support::Network::SSL::LocalCert

Represents the certificate used for local SSL server sockets.

@api private

Constants

PATH

The cached ‘~/.local/share/ronin/ronin-support/ssl.crt`.

Public Class Methods

fetch() click to toggle source

Fetches the default SSL certificate used for all SSL server sockets.

@return [Crypto::Cert]

The default SSL certificate.
# File lib/ronin/support/network/ssl/local_cert.rb, line 87
def self.fetch
  if File.file?(PATH) then load
  else                     generate
  end
end
generate() click to toggle source

Generates a new self-signed SSL certificate using the {LocalKey local key} and saves it to ‘~/.local/share/ronin/ssl.crt`.

@return [Crypto::Cert]

The newly generated certificate.

@note

The file will be created with chmod umask of `0644`
(aka `-rw-r--r--`).
# File lib/ronin/support/network/ssl/local_cert.rb, line 50
def self.generate
  cert = Crypto::Cert.generate(
    key: LocalKey.fetch,
    subject: {
      common_name:         'localhost',
      organization:        'ronin-rb',
      organizational_unit: 'ronin-support'
    },
    extensions: {
      'subjectAltName' => subject_alt_name
    }
  )

  FileUtils.mkdir_p(File.dirname(PATH))
  FileUtils.touch(PATH)
  FileUtils.chmod(0644,PATH)

  cert.save(PATH)
  return cert
end
load() click to toggle source

Loads the local certificate from ‘~/.local/share/ronin/ssl.crt`.

@return [Crypto::Cert]

The loaded certificate.
# File lib/ronin/support/network/ssl/local_cert.rb, line 77
def self.load
  Crypto::Cert.load_file(PATH)
end
subject_alt_name() click to toggle source

The value for the ‘subjectAltName` extension.

@return [String]

# File lib/ronin/support/network/ssl/local_cert.rb, line 98
def self.subject_alt_name
  string = String.new("DNS: localhost")

  # append the additional local IP addresses
  IP.local_addresses.each do |address|
    string << ", IP: #{address}"
  end

  return string
end