acme-client 0.2.0 → 0.2.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 5ee8283817ef99669367cba5c6e5d62095aa5015
4
- data.tar.gz: 62f8588bfd710561c626064825b7bd0a678b3a49
3
+ metadata.gz: fb284f691ef7182e7aa9ca56ff950373d92380b6
4
+ data.tar.gz: 542ef5706c8265fecf34c3841742c673df8eb4fc
5
5
  SHA512:
6
- metadata.gz: 4cd8d3dcdeb48bd21acc1212bc04f65fb0a37ce797d3553d63dc3730370bce723a68e5683fcf7745eb14916be610dd8009e284c911f75d50d76a7be0135a1dcf
7
- data.tar.gz: 7bb4ff248144d4cbc9f43b752cca79773b6529a0140c81db433cdb2c8653d063ee7933287c0071fdb50daa0817b105c930e4f51a80e6eddcc7d98c3b2898cc14
6
+ metadata.gz: 3453c7ea55e3b646eb313bee04277f14259197c6c7817924848e0635992c8b3a7edb17f176c4da64bdae26c51bf4f341380071b51721a71f144e3903dc759cda
7
+ data.tar.gz: da85a2dc373d4b7eb361f1fe97b7cb0f3c77b52bae6862c3e7e11328e3a505e75536f3fcf5b5db5c53094cd0fcecc58eebf87a5f0c2e9274f367d04c87f48f5a
data/.travis.yml CHANGED
@@ -1,4 +1,5 @@
1
1
  language: ruby
2
+ cache: bundler
2
3
  rvm:
3
4
  - 2.1
4
5
  - 2.2
data/README.md CHANGED
@@ -15,7 +15,7 @@ require 'openssl'
15
15
  private_key = OpenSSL::PKey::RSA.new(2048)
16
16
 
17
17
  # We need an ACME server to talk to, see github.com/letsencrypt/boulder
18
- endpoint = 'https://acme-staging.api.letsencrypt.org'
18
+ endpoint = 'https://acme-v01.api.letsencrypt.org/'
19
19
 
20
20
  # Initialize the client
21
21
  require 'acme-client'
data/acme-client.gemspec CHANGED
@@ -22,6 +22,5 @@ Gem::Specification.new do |spec|
22
22
  spec.add_development_dependency 'webmock', '~> 1.21', '>= 1.21.0'
23
23
 
24
24
  spec.add_runtime_dependency 'faraday', '~> 0.9', '>= 0.9.1'
25
- spec.add_runtime_dependency 'url_safe_base64', '~> 0.2', '>= 0.2.2'
26
25
  spec.add_runtime_dependency 'json-jwt', '~> 1.2', '>= 1.2.3'
27
26
  end
data/lib/acme-client.rb CHANGED
@@ -1,6 +1,5 @@
1
1
  module Acme; end
2
2
 
3
- require 'url_safe_base64'
4
3
  require 'faraday'
5
4
  require 'json'
6
5
  require 'json/jwt'
@@ -14,7 +14,11 @@ class Acme::Certificate
14
14
  x509_chain.map(&:to_pem).join
15
15
  end
16
16
 
17
+ def x509_fullchain
18
+ [x509, *x509_chain]
19
+ end
20
+
17
21
  def fullchain_to_pem
18
- [*x509_chain, x509].map(&:to_pem).join
22
+ x509_fullchain.map(&:to_pem).join
19
23
  end
20
24
  end
data/lib/acme/client.rb CHANGED
@@ -40,11 +40,11 @@ class Acme::Client
40
40
  def new_certificate(csr)
41
41
  payload = {
42
42
  resource: 'new-cert',
43
- csr: UrlSafeBase64.encode64(csr.to_der)
43
+ csr: Base64.urlsafe_encode64(csr.to_der)
44
44
  }
45
45
 
46
46
  response = connection.post(@operation_endpoints.fetch('new-cert'), payload)
47
- ::Acme::Certificate.new(OpenSSL::X509::Certificate.new(response.body), fetch_chain(response).reverse)
47
+ ::Acme::Certificate.new(OpenSSL::X509::Certificate.new(response.body), fetch_chain(response))
48
48
  end
49
49
 
50
50
  def fetch_chain(response, limit=10)
data/lib/acme/crypto.rb CHANGED
@@ -6,31 +6,15 @@ class Acme::Crypto
6
6
  end
7
7
 
8
8
  def generate_signed_jws(header:, payload:)
9
- protection_header = generate_protection_header(header)
10
- payload = encode64(JSON.dump(payload))
11
-
12
- JSON.dump(
13
- {
14
- header: { alg: :RS256, jwk: jwk },
15
- protected: protection_header,
16
- payload: payload,
17
- signature: generate_signature(protection_header, payload)
18
- }
19
- )
20
- end
21
-
22
- def generate_signature(protection_header, payload)
23
- input = "#{protection_header}.#{payload}"
24
- signature = private_key.sign(digest, input)
25
- encode64(signature)
26
- end
27
-
28
- def generate_protection_header(header)
29
- encode64(JSON.dump(header))
9
+ jwt = JSON::JWT.new(payload || {})
10
+ jwt.header.merge!(header || {})
11
+ jwt.header[:jwk] = jwk
12
+ jwt.signature = jwt.sign(private_key, :RS256).signature
13
+ jwt.to_json(syntax: :flattened)
30
14
  end
31
15
 
32
16
  def jwk
33
- JSON::JWK.new(public_key)
17
+ @jwk ||= JSON::JWK.new(public_key)
34
18
  end
35
19
 
36
20
  def thumbprint
@@ -38,14 +22,10 @@ class Acme::Crypto
38
22
  end
39
23
 
40
24
  def public_key
41
- private_key.public_key
25
+ @public_key ||= private_key.public_key
42
26
  end
43
27
 
44
28
  def digest
45
29
  OpenSSL::Digest::SHA256.new
46
30
  end
47
-
48
- def encode64(input)
49
- UrlSafeBase64.encode64(input)
50
- end
51
31
  end
data/lib/acme/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Acme
2
2
  class Client
3
- VERSION = '0.2.0'
3
+ VERSION = '0.2.1'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: acme-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Charles Barbier
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-12-04 00:00:00.000000000 Z
11
+ date: 2015-12-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -118,26 +118,6 @@ dependencies:
118
118
  - - ">="
119
119
  - !ruby/object:Gem::Version
120
120
  version: 0.9.1
121
- - !ruby/object:Gem::Dependency
122
- name: url_safe_base64
123
- requirement: !ruby/object:Gem::Requirement
124
- requirements:
125
- - - "~>"
126
- - !ruby/object:Gem::Version
127
- version: '0.2'
128
- - - ">="
129
- - !ruby/object:Gem::Version
130
- version: 0.2.2
131
- type: :runtime
132
- prerelease: false
133
- version_requirements: !ruby/object:Gem::Requirement
134
- requirements:
135
- - - "~>"
136
- - !ruby/object:Gem::Version
137
- version: '0.2'
138
- - - ">="
139
- - !ruby/object:Gem::Version
140
- version: 0.2.2
141
121
  - !ruby/object:Gem::Dependency
142
122
  name: json-jwt
143
123
  requirement: !ruby/object:Gem::Requirement