acme-client 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +1 -0
- data/README.md +1 -1
- data/acme-client.gemspec +0 -1
- data/lib/acme-client.rb +0 -1
- data/lib/acme/certificate.rb +5 -1
- data/lib/acme/client.rb +2 -2
- data/lib/acme/crypto.rb +7 -27
- data/lib/acme/version.rb +1 -1
- metadata +2 -22
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fb284f691ef7182e7aa9ca56ff950373d92380b6
|
|
4
|
+
data.tar.gz: 542ef5706c8265fecf34c3841742c673df8eb4fc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3453c7ea55e3b646eb313bee04277f14259197c6c7817924848e0635992c8b3a7edb17f176c4da64bdae26c51bf4f341380071b51721a71f144e3903dc759cda
|
|
7
|
+
data.tar.gz: da85a2dc373d4b7eb361f1fe97b7cb0f3c77b52bae6862c3e7e11328e3a505e75536f3fcf5b5db5c53094cd0fcecc58eebf87a5f0c2e9274f367d04c87f48f5a
|
data/.travis.yml
CHANGED
data/README.md
CHANGED
|
@@ -15,7 +15,7 @@ require 'openssl'
|
|
|
15
15
|
private_key = OpenSSL::PKey::RSA.new(2048)
|
|
16
16
|
|
|
17
17
|
# We need an ACME server to talk to, see github.com/letsencrypt/boulder
|
|
18
|
-
endpoint = 'https://acme-
|
|
18
|
+
endpoint = 'https://acme-v01.api.letsencrypt.org/'
|
|
19
19
|
|
|
20
20
|
# Initialize the client
|
|
21
21
|
require 'acme-client'
|
data/acme-client.gemspec
CHANGED
|
@@ -22,6 +22,5 @@ Gem::Specification.new do |spec|
|
|
|
22
22
|
spec.add_development_dependency 'webmock', '~> 1.21', '>= 1.21.0'
|
|
23
23
|
|
|
24
24
|
spec.add_runtime_dependency 'faraday', '~> 0.9', '>= 0.9.1'
|
|
25
|
-
spec.add_runtime_dependency 'url_safe_base64', '~> 0.2', '>= 0.2.2'
|
|
26
25
|
spec.add_runtime_dependency 'json-jwt', '~> 1.2', '>= 1.2.3'
|
|
27
26
|
end
|
data/lib/acme-client.rb
CHANGED
data/lib/acme/certificate.rb
CHANGED
data/lib/acme/client.rb
CHANGED
|
@@ -40,11 +40,11 @@ class Acme::Client
|
|
|
40
40
|
def new_certificate(csr)
|
|
41
41
|
payload = {
|
|
42
42
|
resource: 'new-cert',
|
|
43
|
-
csr:
|
|
43
|
+
csr: Base64.urlsafe_encode64(csr.to_der)
|
|
44
44
|
}
|
|
45
45
|
|
|
46
46
|
response = connection.post(@operation_endpoints.fetch('new-cert'), payload)
|
|
47
|
-
::Acme::Certificate.new(OpenSSL::X509::Certificate.new(response.body), fetch_chain(response)
|
|
47
|
+
::Acme::Certificate.new(OpenSSL::X509::Certificate.new(response.body), fetch_chain(response))
|
|
48
48
|
end
|
|
49
49
|
|
|
50
50
|
def fetch_chain(response, limit=10)
|
data/lib/acme/crypto.rb
CHANGED
|
@@ -6,31 +6,15 @@ class Acme::Crypto
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
def generate_signed_jws(header:, payload:)
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
header: { alg: :RS256, jwk: jwk },
|
|
15
|
-
protected: protection_header,
|
|
16
|
-
payload: payload,
|
|
17
|
-
signature: generate_signature(protection_header, payload)
|
|
18
|
-
}
|
|
19
|
-
)
|
|
20
|
-
end
|
|
21
|
-
|
|
22
|
-
def generate_signature(protection_header, payload)
|
|
23
|
-
input = "#{protection_header}.#{payload}"
|
|
24
|
-
signature = private_key.sign(digest, input)
|
|
25
|
-
encode64(signature)
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
def generate_protection_header(header)
|
|
29
|
-
encode64(JSON.dump(header))
|
|
9
|
+
jwt = JSON::JWT.new(payload || {})
|
|
10
|
+
jwt.header.merge!(header || {})
|
|
11
|
+
jwt.header[:jwk] = jwk
|
|
12
|
+
jwt.signature = jwt.sign(private_key, :RS256).signature
|
|
13
|
+
jwt.to_json(syntax: :flattened)
|
|
30
14
|
end
|
|
31
15
|
|
|
32
16
|
def jwk
|
|
33
|
-
JSON::JWK.new(public_key)
|
|
17
|
+
@jwk ||= JSON::JWK.new(public_key)
|
|
34
18
|
end
|
|
35
19
|
|
|
36
20
|
def thumbprint
|
|
@@ -38,14 +22,10 @@ class Acme::Crypto
|
|
|
38
22
|
end
|
|
39
23
|
|
|
40
24
|
def public_key
|
|
41
|
-
private_key.public_key
|
|
25
|
+
@public_key ||= private_key.public_key
|
|
42
26
|
end
|
|
43
27
|
|
|
44
28
|
def digest
|
|
45
29
|
OpenSSL::Digest::SHA256.new
|
|
46
30
|
end
|
|
47
|
-
|
|
48
|
-
def encode64(input)
|
|
49
|
-
UrlSafeBase64.encode64(input)
|
|
50
|
-
end
|
|
51
31
|
end
|
data/lib/acme/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: acme-client
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Charles Barbier
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-12-
|
|
11
|
+
date: 2015-12-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -118,26 +118,6 @@ dependencies:
|
|
|
118
118
|
- - ">="
|
|
119
119
|
- !ruby/object:Gem::Version
|
|
120
120
|
version: 0.9.1
|
|
121
|
-
- !ruby/object:Gem::Dependency
|
|
122
|
-
name: url_safe_base64
|
|
123
|
-
requirement: !ruby/object:Gem::Requirement
|
|
124
|
-
requirements:
|
|
125
|
-
- - "~>"
|
|
126
|
-
- !ruby/object:Gem::Version
|
|
127
|
-
version: '0.2'
|
|
128
|
-
- - ">="
|
|
129
|
-
- !ruby/object:Gem::Version
|
|
130
|
-
version: 0.2.2
|
|
131
|
-
type: :runtime
|
|
132
|
-
prerelease: false
|
|
133
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
134
|
-
requirements:
|
|
135
|
-
- - "~>"
|
|
136
|
-
- !ruby/object:Gem::Version
|
|
137
|
-
version: '0.2'
|
|
138
|
-
- - ">="
|
|
139
|
-
- !ruby/object:Gem::Version
|
|
140
|
-
version: 0.2.2
|
|
141
121
|
- !ruby/object:Gem::Dependency
|
|
142
122
|
name: json-jwt
|
|
143
123
|
requirement: !ruby/object:Gem::Requirement
|