app/controllers/concerns/device_attributes.rb
# frozen_string_literal: true
module DeviceAttributes
extend ActiveSupport::Concern
def certificate
@certificate ||= lambda do
cert = OpenSSL::X509::Certificate.new
cert.version = 2
cert.serial = Random.rand(2**16 - 2) + 1
cert.subject = subject
cert.issuer = issuer
cert.not_before = create_date
cert.not_after = expire_date
cert.public_key = root_key.public_key
cert_ext = OpenSSL::X509::ExtensionFactory.new
cert_ext.subject_certificate = cert
cert_ext.issuer_certificate = cert
cert.add_extension(cert_ext.create_extension("basicConstraints","CA:TRUE",true))
cert.add_extension(cert_ext.create_extension("keyUsage","keyCertSign, cRLSign", true))
cert.add_extension(cert_ext.create_extension("subjectKeyIdentifier","hash",false))
cert.add_extension(cert_ext.create_extension("authorityKeyIdentifier","keyid:always",false))
cert.sign(root_key, digest)
cert
end.call
end
def subject
@subject ||= OpenSSL::X509::Name.parse("/C=CN/O=tryzealot/OU=zealot/CN=#{Setting.site_title} Self-signed Authority")
end
def issuer
@issuer ||= OpenSSL::X509::Name.parse("/C=CN/O=tryzealot/OU=zealot/CN=#{Setting.site_title}")
end
def root_key
@key ||= OpenSSL::PKey::RSA.generate(2048)
end
def digest
@digest ||= OpenSSL::Digest.new('SHA256')
end
def payload_uuid
@payload_uuid ||= Rails.cache.fetch('ios-udid', expires_in: 1.week) { SecureRandom.uuid.upcase }
end
def create_date
Time.now.utc
end
def expire_date
expire_time = 1 * 365 * 24 * 60 * 60 # 1 year
create_date + expire_time
end
end