acme-client 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 5ee8283817ef99669367cba5c6e5d62095aa5015
4
- data.tar.gz: 62f8588bfd710561c626064825b7bd0a678b3a49
3
+ metadata.gz: fb284f691ef7182e7aa9ca56ff950373d92380b6
4
+ data.tar.gz: 542ef5706c8265fecf34c3841742c673df8eb4fc
5
5
  SHA512:
6
- metadata.gz: 4cd8d3dcdeb48bd21acc1212bc04f65fb0a37ce797d3553d63dc3730370bce723a68e5683fcf7745eb14916be610dd8009e284c911f75d50d76a7be0135a1dcf
7
- data.tar.gz: 7bb4ff248144d4cbc9f43b752cca79773b6529a0140c81db433cdb2c8653d063ee7933287c0071fdb50daa0817b105c930e4f51a80e6eddcc7d98c3b2898cc14
6
+ metadata.gz: 3453c7ea55e3b646eb313bee04277f14259197c6c7817924848e0635992c8b3a7edb17f176c4da64bdae26c51bf4f341380071b51721a71f144e3903dc759cda
7
+ data.tar.gz: da85a2dc373d4b7eb361f1fe97b7cb0f3c77b52bae6862c3e7e11328e3a505e75536f3fcf5b5db5c53094cd0fcecc58eebf87a5f0c2e9274f367d04c87f48f5a
data/.travis.yml CHANGED
@@ -1,4 +1,5 @@
1
1
  language: ruby
2
+ cache: bundler
2
3
  rvm:
3
4
  - 2.1
4
5
  - 2.2
data/README.md CHANGED
@@ -15,7 +15,7 @@ require 'openssl'
15
15
  private_key = OpenSSL::PKey::RSA.new(2048)
16
16
 
17
17
  # We need an ACME server to talk to, see github.com/letsencrypt/boulder
18
- endpoint = 'https://acme-staging.api.letsencrypt.org'
18
+ endpoint = 'https://acme-v01.api.letsencrypt.org/'
19
19
 
20
20
  # Initialize the client
21
21
  require 'acme-client'
data/acme-client.gemspec CHANGED
@@ -22,6 +22,5 @@ Gem::Specification.new do |spec|
22
22
  spec.add_development_dependency 'webmock', '~> 1.21', '>= 1.21.0'
23
23
 
24
24
  spec.add_runtime_dependency 'faraday', '~> 0.9', '>= 0.9.1'
25
- spec.add_runtime_dependency 'url_safe_base64', '~> 0.2', '>= 0.2.2'
26
25
  spec.add_runtime_dependency 'json-jwt', '~> 1.2', '>= 1.2.3'
27
26
  end
data/lib/acme-client.rb CHANGED
@@ -1,6 +1,5 @@
1
1
  module Acme; end
2
2
 
3
- require 'url_safe_base64'
4
3
  require 'faraday'
5
4
  require 'json'
6
5
  require 'json/jwt'
@@ -14,7 +14,11 @@ class Acme::Certificate
14
14
  x509_chain.map(&:to_pem).join
15
15
  end
16
16
 
17
+ def x509_fullchain
18
+ [x509, *x509_chain]
19
+ end
20
+
17
21
  def fullchain_to_pem
18
- [*x509_chain, x509].map(&:to_pem).join
22
+ x509_fullchain.map(&:to_pem).join
19
23
  end
20
24
  end
data/lib/acme/client.rb CHANGED
@@ -40,11 +40,11 @@ class Acme::Client
40
40
  def new_certificate(csr)
41
41
  payload = {
42
42
  resource: 'new-cert',
43
- csr: UrlSafeBase64.encode64(csr.to_der)
43
+ csr: Base64.urlsafe_encode64(csr.to_der)
44
44
  }
45
45
 
46
46
  response = connection.post(@operation_endpoints.fetch('new-cert'), payload)
47
- ::Acme::Certificate.new(OpenSSL::X509::Certificate.new(response.body), fetch_chain(response).reverse)
47
+ ::Acme::Certificate.new(OpenSSL::X509::Certificate.new(response.body), fetch_chain(response))
48
48
  end
49
49
 
50
50
  def fetch_chain(response, limit=10)
data/lib/acme/crypto.rb CHANGED
@@ -6,31 +6,15 @@ class Acme::Crypto
6
6
  end
7
7
 
8
8
  def generate_signed_jws(header:, payload:)
9
- protection_header = generate_protection_header(header)
10
- payload = encode64(JSON.dump(payload))
11
-
12
- JSON.dump(
13
- {
14
- header: { alg: :RS256, jwk: jwk },
15
- protected: protection_header,
16
- payload: payload,
17
- signature: generate_signature(protection_header, payload)
18
- }
19
- )
20
- end
21
-
22
- def generate_signature(protection_header, payload)
23
- input = "#{protection_header}.#{payload}"
24
- signature = private_key.sign(digest, input)
25
- encode64(signature)
26
- end
27
-
28
- def generate_protection_header(header)
29
- encode64(JSON.dump(header))
9
+ jwt = JSON::JWT.new(payload || {})
10
+ jwt.header.merge!(header || {})
11
+ jwt.header[:jwk] = jwk
12
+ jwt.signature = jwt.sign(private_key, :RS256).signature
13
+ jwt.to_json(syntax: :flattened)
30
14
  end
31
15
 
32
16
  def jwk
33
- JSON::JWK.new(public_key)
17
+ @jwk ||= JSON::JWK.new(public_key)
34
18
  end
35
19
 
36
20
  def thumbprint
@@ -38,14 +22,10 @@ class Acme::Crypto
38
22
  end
39
23
 
40
24
  def public_key
41
- private_key.public_key
25
+ @public_key ||= private_key.public_key
42
26
  end
43
27
 
44
28
  def digest
45
29
  OpenSSL::Digest::SHA256.new
46
30
  end
47
-
48
- def encode64(input)
49
- UrlSafeBase64.encode64(input)
50
- end
51
31
  end
data/lib/acme/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Acme
2
2
  class Client
3
- VERSION = '0.2.0'
3
+ VERSION = '0.2.1'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: acme-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Charles Barbier
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-12-04 00:00:00.000000000 Z
11
+ date: 2015-12-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -118,26 +118,6 @@ dependencies:
118
118
  - - ">="
119
119
  - !ruby/object:Gem::Version
120
120
  version: 0.9.1
121
- - !ruby/object:Gem::Dependency
122
- name: url_safe_base64
123
- requirement: !ruby/object:Gem::Requirement
124
- requirements:
125
- - - "~>"
126
- - !ruby/object:Gem::Version
127
- version: '0.2'
128
- - - ">="
129
- - !ruby/object:Gem::Version
130
- version: 0.2.2
131
- type: :runtime
132
- prerelease: false
133
- version_requirements: !ruby/object:Gem::Requirement
134
- requirements:
135
- - - "~>"
136
- - !ruby/object:Gem::Version
137
- version: '0.2'
138
- - - ">="
139
- - !ruby/object:Gem::Version
140
- version: 0.2.2
141
121
  - !ruby/object:Gem::Dependency
142
122
  name: json-jwt
143
123
  requirement: !ruby/object:Gem::Requirement