This is for an openvpn setup and currently ive been MANUALY creating
keys with the easy-rsa bat file that comes with it but id like to
automate it.
Is there a ruby libary available that would allow me to create public
and private keys if i already have a CA. Would openvpn recognize these
keys (are keys, keys no matter what language they are created in??? im
not hot on cryptology)
The other option would be to just execute the bat file from my ruby
script and simulate the keyboard to respond to the various prompts. I
havent doent this before so im not sure if this is easier or harder than
above. Any tips or pointers will really help!
--
Posted via http://www.ruby-forum.com/.
I haven't done this myself.
But the common Swiss army knife for this is OpenSSL.
Ruby provides Ruby::OpenSSL. Apparently that library isn't the easiest
to use, but http://rubyforge.org/projects/sslplaypen/ has examples which
may help.
The alternative is to use drive the openssl command line, that may be
easier as there are plenty of examples for generating keys using
OpenSSL. The nascent http://rubyforge.org/projects/simplessl/ used the
openssl command line & might be a good starting point.
Other here may well know better, of course
--
Dave English - da...@lutnos.com
Ruby::OpenSSL is not the friendliest of libraries due to a lack of detailed documentation but you can find some coverage by Romek (the author of SSL PlayPen) and myself in the "Semantic DNS" presentation available at the link in my signature. That's mostly to do with ad hoc key generation in a hybrid crypto system but there may be something there that could be useful for a CA scenario.
Ellie
Eleanor McHugh
Games With Brains
http://slides.games-with-brains.net
----
raise ArgumentError unless @reality.responds_to? :reason
>> I haven't done this myself.
>>
>> But the common Swiss army knife for this is OpenSSL.
>>
>> Ruby provides Ruby::OpenSSL. Apparently that library isn't the
>>easiest to use, but http://rubyforge.org/projects/sslplaypen/ has
>>examples which may help.
>> Other here may well know better, of course
>
>
>Ruby::OpenSSL is not the friendliest of libraries due to a lack of
>detailed documentation but you can find some coverage by Romek (the
>author of SSL PlayPen) and myself in the "Semantic DNS" presentation
>available at the link in my signature. That's mostly to do with ad hoc
>key generation in a hybrid crypto system but there may be something
>there that could be useful for a CA scenario.
Ah, what a small world.
I enjoyed your flashtalk at the BCS earlier this year on Ruby & Unix
file handles. I guess it was a part of your current "The Ruby Guide to
*nix Plumbing", I'll have to have a look at the rest of your slides.
For myself I will have a look through the earlier Semantic web ones too.
Regards
> But the common Swiss army knife for this is OpenSSL.
>
> Ruby provides Ruby::OpenSSL. Apparently that library isn't the easiest
> to use, buthttp://rubyforge.org/projects/sslplaypen/has examples which
> may help.
There are also some example uses of Ruby's OpenSSL library in the Ruby
source tarball:
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/sample/openssl/
It was the five-minute distillation of the usual 45-minute talk. Apparently standing on stage and saying "malloc" a lot is the bit people like most. DL::malloc still makes me smile whenever I use it lol
London could do with a few more multi-language meetups like that.
> For myself I will have a look through the earlier Semantic web ones too.
Just to reiterate so there's no confusion, it's a Semantic DNS presentation: i.e. it discusses some of the basics of how to use the DNS tree as an application platform backed by coverage of crypto and network programming in Ruby. There's some blue sky research it's based on that we keep meaning to write up properly but Romek and I are lousy at that sort of thing :)
Ellie
Eleanor McHugh
Games With Brains
http://slides.games-with-brains.net
http://www.linkedin.com/in/eleanormchugh