RubyGems - bullion - Versions diffs - 0.7.1 → 0.7.3 - Mend

bullion 0.7.1 → 0.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3e9ebdfc8744eadaf021a1f19f79c12e39b63e87896d21896c546ef875e15955
-  data.tar.gz: a6dd92c1c76bdd65a0e2a58ae90e3db912590d6f2e2e0a522adfeda5bc287e2e
+  metadata.gz: 827d24fcfaf7bca7596c5385117d8bd5c51d23e636a562e64d3401979a08845b
+  data.tar.gz: 01edf02e356c2b1ea2a56420a82a1f8ff1dc02a3cda56a6e19f5f2ed74b16ebb
 SHA512:
-  metadata.gz: a6eaf7ae8d958d3adef49a95fe9d3c53b1610fed2ebdfcee0f13b7b71aacd07ded25e7652b0f1c0f8168d812df8ecbb83642c0679c3c8d26a75cf50207f21c35
-  data.tar.gz: ce2065af090c95f31ed8bfbcc23f4c12f452d3d52fca7f9715877c975e8a0dcb10a6670759277a218edb8b6988cadb9a3f45941f6cda4f71f77ecf084c51db54
+  metadata.gz: f07630d7c8f0535a6010f236cc9b94801b6e4daa3f5787517f3a52747e7d5645d71f5fb18fe24065dba0df49f0c32d2ea784a6ad563b75dd92ba38e42fb628d8
+  data.tar.gz: a5790c1b157d7f237fd691d319e1725ce58e824e905f7ddfe0cfcb0cb6a427560be85fa51709306f7985fcbbf08547d5a49412d71ff0d88c7d7b65144d5d9ccf

data/.gitignore CHANGED Viewed

@@ -6,9 +6,10 @@
 /pkg/
 /spec/reports/
 /tmp/
+/scripts/local_testing/
 # rspec failure tracking
 .rspec_status
 .DS_Store
-*.gem
+*.gem

data/.ruby-version CHANGED Viewed

	@@ -1 +1 @@
1	- 3.2.2
1	+ 3.3.4

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    bullion (0.7.1)
+    bullion (0.7.3)
       dry-configurable (~> 1.1)
       httparty (~> 0.21)
       json (~> 2.6)
@@ -18,142 +18,157 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    acme-client (2.0.16)
+    acme-client (2.0.18)
       faraday (>= 1.0, < 3.0.0)
       faraday-retry (>= 1.0, < 3.0.0)
-    activemodel (7.1.3)
-      activesupport (= 7.1.3)
-    activerecord (7.1.3)
-      activemodel (= 7.1.3)
-      activesupport (= 7.1.3)
+    activemodel (7.2.0)
+      activesupport (= 7.2.0)
+    activerecord (7.2.0)
+      activemodel (= 7.2.0)
+      activesupport (= 7.2.0)
       timeout (>= 0.4.0)
-    activesupport (7.1.3)
+    activesupport (7.2.0)
       base64
       bigdecimal
-      concurrent-ruby (~> 1.0, >= 1.0.2)
+      concurrent-ruby (~> 1.0, >= 1.3.1)
       connection_pool (>= 2.2.5)
       drb
       i18n (>= 1.6, < 2)
+      logger (>= 1.4.2)
       minitest (>= 5.1)
-      mutex_m
-      tzinfo (~> 2.0)
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0, >= 2.0.5)
     ast (2.4.2)
     backport (1.2.0)
     base64 (0.2.0)
     benchmark (0.3.0)
-    bigdecimal (3.1.6)
+    bigdecimal (3.1.8)
     byebug (11.1.3)
-    concurrent-ruby (1.2.3)
+    concurrent-ruby (1.3.4)
     connection_pool (2.4.1)
-    diff-lcs (1.5.0)
-    docile (1.4.0)
-    drb (2.2.0)
-      ruby2_keywords
-    dry-configurable (1.1.0)
+    csv (3.3.0)
+    diff-lcs (1.5.1)
+    docile (1.4.1)
+    drb (2.2.1)
+    dry-configurable (1.2.0)
       dry-core (~> 1.0, < 2)
       zeitwerk (~> 2.6)
     dry-core (1.0.1)
       concurrent-ruby (~> 1.0)
       zeitwerk (~> 2.6)
     e2mmap (0.1.0)
-    faraday (2.9.0)
+    faraday (2.10.1)
       faraday-net_http (>= 2.0, < 3.2)
-    faraday-net_http (3.1.0)
+      logger
+    faraday-net_http (3.1.1)
       net-http
-    faraday-retry (2.2.0)
+    faraday-retry (2.2.1)
       faraday (~> 2.0)
-    httparty (0.21.0)
+    httparty (0.22.0)
+      csv
       mini_mime (>= 1.0.0)
       multi_xml (>= 0.5.2)
-    i18n (1.14.1)
+    i18n (1.14.5)
       concurrent-ruby (~> 1.0)
-    jaro_winkler (1.5.6)
-    json (2.7.1)
-    jwt (2.7.1)
+    jaro_winkler (1.6.0)
+    json (2.7.2)
+    jwt (2.8.2)
+      base64
     kramdown (2.4.0)
       rexml
     kramdown-parser-gfm (1.1.0)
       kramdown (~> 2.0)
     language_server-protocol (3.17.0.3)
+    logger (1.6.0)
     mini_mime (1.1.5)
-    mini_portile2 (2.8.5)
-    minitest (5.21.2)
+    minitest (5.25.0)
     multi_json (1.15.0)
-    multi_xml (0.6.0)
-    mustermann (3.0.0)
+    multi_xml (0.7.1)
+      bigdecimal (~> 3.1)
+    mustermann (3.0.2)
       ruby2_keywords (~> 0.0.1)
-    mutex_m (0.2.0)
-    mysql2 (0.5.5)
+    mysql2 (0.5.6)
     net-http (0.4.1)
       uri
-    nio4r (2.7.0)
-    nokogiri (1.16.0)
-      mini_portile2 (~> 2.8.2)
+    nio4r (2.7.3)
+    nokogiri (1.16.7-aarch64-linux)
+      racc (~> 1.4)
+    nokogiri (1.16.7-arm-linux)
+      racc (~> 1.4)
+    nokogiri (1.16.7-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.16.0-arm64-darwin)
+    nokogiri (1.16.7-x86-linux)
       racc (~> 1.4)
-    nokogiri (1.16.0-x86_64-linux)
+    nokogiri (1.16.7-x86_64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.16.7-x86_64-linux)
       racc (~> 1.4)
     openssl (3.2.0)
-    parallel (1.24.0)
-    parser (3.3.0.5)
+    parallel (1.26.2)
+    parser (3.3.4.2)
       ast (~> 2.4.1)
       racc
-    prometheus-client (4.2.2)
+    prometheus-client (4.2.3)
+      base64
     puma (6.4.2)
       nio4r (~> 2.0)
-    racc (1.7.3)
-    rack (2.2.8)
+    racc (1.8.1)
+    rack (2.2.9)
     rack-protection (3.2.0)
       base64 (>= 0.1.0)
       rack (~> 2.2, >= 2.2.4)
     rack-test (2.1.0)
       rack (>= 1.3)
     rainbow (3.1.1)
-    rake (13.1.0)
+    rake (13.2.1)
     rbs (2.8.4)
-    regexp_parser (2.9.0)
+    regexp_parser (2.9.2)
     reverse_markdown (2.1.1)
       nokogiri
-    rexml (3.2.6)
-    rspec (3.12.0)
-      rspec-core (~> 3.12.0)
-      rspec-expectations (~> 3.12.0)
-      rspec-mocks (~> 3.12.0)
-    rspec-core (3.12.2)
-      rspec-support (~> 3.12.0)
-    rspec-expectations (3.12.3)
+    rexml (3.3.5)
+      strscan
+    rspec (3.13.0)
+      rspec-core (~> 3.13.0)
+      rspec-expectations (~> 3.13.0)
+      rspec-mocks (~> 3.13.0)
+    rspec-core (3.13.0)
+      rspec-support (~> 3.13.0)
+    rspec-expectations (3.13.1)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.6)
+      rspec-support (~> 3.13.0)
+    rspec-mocks (3.13.1)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.12.0)
-    rspec-support (3.12.1)
-    rubocop (1.60.2)
+      rspec-support (~> 3.13.0)
+    rspec-support (3.13.1)
+    rubocop (1.65.1)
       json (~> 2.3)
       language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
       parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
+      regexp_parser (>= 2.4, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.30.0, < 2.0)
+      rubocop-ast (>= 1.31.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.30.0)
-      parser (>= 3.2.1.0)
-    rubocop-capybara (2.20.0)
-      rubocop (~> 1.41)
-    rubocop-factory_bot (2.25.1)
+    rubocop-ast (1.32.0)
+      parser (>= 3.3.1.0)
+    rubocop-capybara (2.21.0)
       rubocop (~> 1.41)
+    rubocop-factory_bot (2.26.1)
+      rubocop (~> 1.61)
     rubocop-rake (0.6.0)
       rubocop (~> 1.0)
-    rubocop-rspec (2.26.1)
+    rubocop-rspec (2.31.0)
       rubocop (~> 1.40)
       rubocop-capybara (~> 2.17)
       rubocop-factory_bot (~> 2.22)
+      rubocop-rspec_rails (~> 2.28)
+    rubocop-rspec_rails (2.29.1)
+      rubocop (~> 1.61)
     ruby-progressbar (1.13.0)
     ruby2_keywords (0.0.5)
+    securerandom (0.3.1)
     simplecov (0.22.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
@@ -193,23 +208,29 @@ GEM
       thor (~> 1.0)
       tilt (~> 2.0)
       yard (~> 0.9, >= 0.9.24)
-    sqlite3 (1.7.1)
-      mini_portile2 (~> 2.8.0)
-    sqlite3 (1.7.1-arm64-darwin)
-    sqlite3 (1.7.1-x86_64-linux)
-    thor (1.3.0)
-    tilt (2.3.0)
+    sqlite3 (1.7.3-aarch64-linux)
+    sqlite3 (1.7.3-arm-linux)
+    sqlite3 (1.7.3-arm64-darwin)
+    sqlite3 (1.7.3-x86-linux)
+    sqlite3 (1.7.3-x86_64-darwin)
+    sqlite3 (1.7.3-x86_64-linux)
+    strscan (3.1.0)
+    thor (1.3.1)
+    tilt (2.4.0)
     timeout (0.4.1)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     unicode-display_width (2.5.0)
     uri (0.13.0)
-    yard (0.9.34)
-    zeitwerk (2.6.12)
+    yard (0.9.36)
+    zeitwerk (2.6.17)
 PLATFORMS
-  arm64-darwin-23
-  ruby
+  aarch64-linux
+  arm-linux
+  arm64-darwin
+  x86-linux
+  x86_64-darwin
   x86_64-linux
 DEPENDENCIES
@@ -229,4 +250,4 @@ DEPENDENCIES
   yard (~> 0.9)
 BUNDLED WITH
-   2.4.13
+   2.5.11

data/Rakefile CHANGED Viewed

@@ -40,9 +40,9 @@ task :prep do
   ENV["CA_SECRET"] = "SomeS3cret"
   ENV["CA_DOMAINS"] = "test.domain"
-  key = OpenSSL::PKey::RSA.new(4096)
-  File.write(File.join(File.expand_path("."), "tmp", "tls.key"),
-             key.to_pem(OpenSSL::Cipher.new("aes-128-cbc"), ENV.fetch("CA_SECRET", nil)))
+  root_key = OpenSSL::PKey::RSA.new(4096)
+  File.write(File.join(File.expand_path("."), "tmp", "root_tls.key"),
+             root_key.to_pem(OpenSSL::Cipher.new("aes-128-cbc"), ENV.fetch("CA_SECRET", nil)))
   root_ca = OpenSSL::X509::Certificate.new
   root_ca.version = 2
@@ -51,7 +51,7 @@ task :prep do
     %w[test domain].reverse.map { |piece| "DC=#{piece}" }.join("/") + "/CN=bullion"
   )
   root_ca.issuer = root_ca.subject # root CA's are "self-signed"
-  root_ca.public_key = key.public_key
+  root_ca.public_key = root_key.public_key
   root_ca.not_before = Time.now
   root_ca.not_after = root_ca.not_before + (5 * 365 * 24 * 60 * 60) # 5 years validity
   ef = OpenSSL::X509::ExtensionFactory.new
@@ -69,8 +69,43 @@ task :prep do
   root_ca.add_extension(
     ef.create_extension("authorityKeyIdentifier", "keyid:always", false)
   )
-  root_ca.sign(key, OpenSSL::Digest.new("SHA256"))
-  File.write(File.join(File.expand_path("."), "tmp", "tls.crt"), root_ca.to_pem)
+  root_ca.sign(root_key, OpenSSL::Digest.new("SHA256"))
+  File.write(File.join(File.expand_path("."), "tmp", "root_tls.crt"), root_ca.to_pem)
+  intermediate_key = OpenSSL::PKey::RSA.new(4096)
+  File.write(File.join(File.expand_path("."), "tmp", "tls.key"),
+             intermediate_key.to_pem(OpenSSL::Cipher.new("aes-128-cbc"), ENV.fetch("CA_SECRET")))
+  int_ca = OpenSSL::X509::Certificate.new
+  int_ca.version = 2
+  int_ca.serial = (2**rand(10..20)) - 1
+  int_ca.subject = OpenSSL::X509::Name.parse(
+    %w[intermediate test domain].reverse.map { |piece| "DC=#{piece}" }.join("/") + "/CN=bullion"
+  )
+  int_ca.issuer = root_ca.subject
+  int_ca.public_key = intermediate_key.public_key
+  int_ca.not_before = Time.now
+  int_ca.not_after = int_ca.not_before + (2 * 365 * 24 * 60 * 60) # 2 years validity
+  ef = OpenSSL::X509::ExtensionFactory.new
+  ef.subject_certificate = int_ca
+  ef.issuer_certificate = root_ca
+  int_ca.add_extension(
+    ef.create_extension("basicConstraints", "CA:TRUE", true)
+  )
+  int_ca.add_extension(
+    ef.create_extension("keyUsage", "keyCertSign, cRLSign", true)
+  )
+  int_ca.add_extension(
+    ef.create_extension("subjectKeyIdentifier", "hash", false)
+  )
+  int_ca.add_extension(
+    ef.create_extension("authorityKeyIdentifier", "keyid:always", false)
+  )
+  int_ca.sign(root_key, OpenSSL::Digest.new("SHA256"))
+  File.write(
+    File.join(File.expand_path("."), "tmp", "tls.crt"),
+    int_ca.to_pem + root_ca.to_pem
+  )
 end
 desc "Runs a backgrounded demo environment"
@@ -87,7 +122,7 @@ end
 desc "Runs a foregrounded demo environment"
 task :foreground_demo do
-  system("rackup -P #{File.expand_path(".")}/tmp/daemon.pid")
+  system("rackup -o 0.0.0.0 -P #{File.expand_path(".")}/tmp/daemon.pid")
 end
 desc "Cleans up test or demo environment"
@@ -98,6 +133,8 @@ task :cleanup do
     end
     FileUtils.rm_f(File.join(File.expand_path("."), "tmp", "tls.crt"))
     FileUtils.rm_f(File.join(File.expand_path("."), "tmp", "tls.key"))
+    FileUtils.rm_f(File.join(File.expand_path("."), "tmp", "root_tls.crt"))
+    FileUtils.rm_f(File.join(File.expand_path("."), "tmp", "root_tls.key"))
     FileUtils.rm_rf(File.join(File.expand_path("."), "tmp", "db"))
     ENV["CA_DIR"] = nil
     ENV["CA_SECRET"] = nil

data/bullion.gemspec CHANGED Viewed

@@ -26,18 +26,18 @@ Gem::Specification.new do |spec|
   spec.required_ruby_version = "~> 3.2"
-  spec.add_runtime_dependency "dry-configurable",     "~> 1.1"
-  spec.add_runtime_dependency "httparty",             "~> 0.21"
-  spec.add_runtime_dependency "json",                 "~> 2.6"
-  spec.add_runtime_dependency "jwt",                  "~> 2.7"
-  spec.add_runtime_dependency "mysql2",               "~> 0.5"
-  spec.add_runtime_dependency "openssl",              "~> 3.0"
-  spec.add_runtime_dependency "prometheus-client",    "~> 4.2"
-  spec.add_runtime_dependency "puma",                 "~> 6.4"
-  spec.add_runtime_dependency "sinatra",              "~> 3.1"
-  spec.add_runtime_dependency "sinatra-activerecord", "~> 2.0"
-  spec.add_runtime_dependency "sinatra-contrib",      "~> 3.1"
-  spec.add_runtime_dependency "sqlite3",              "~> 1.6"
+  spec.add_dependency "dry-configurable",     "~> 1.1"
+  spec.add_dependency "httparty",             "~> 0.21"
+  spec.add_dependency "json",                 "~> 2.6"
+  spec.add_dependency "jwt",                  "~> 2.7"
+  spec.add_dependency "mysql2",               "~> 0.5"
+  spec.add_dependency "openssl",              "~> 3.0"
+  spec.add_dependency "prometheus-client",    "~> 4.2"
+  spec.add_dependency "puma",                 "~> 6.4"
+  spec.add_dependency "sinatra",              "~> 3.1"
+  spec.add_dependency "sinatra-activerecord", "~> 2.0"
+  spec.add_dependency "sinatra-contrib",      "~> 3.1"
+  spec.add_dependency "sqlite3",              "~> 1.6"
   spec.add_development_dependency "acme-client",         "~> 2.0"
   spec.add_development_dependency "bundler",             "~> 2.4"

data/db/schema.rb CHANGED Viewed

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema[7.1].define(version: 2021_01_06_060335) do
+ActiveRecord::Schema[7.2].define(version: 2021_01_06_060335) do
   create_table "accounts", force: :cascade do |t|
     t.boolean "tos_agreed", default: true, null: false
     t.text "public_key", null: false

data/lib/bullion/services/ca.rb CHANGED Viewed

@@ -95,7 +95,7 @@ module Bullion
         content_type "application/x-pem-file"
         attachment "cabundle.pem"
-        Bullion.ca_cert.to_pem
+        Bullion.ca_cert_file
       end
       # Retrieves a Nonce via a HEAD request
@@ -383,7 +383,7 @@ module Bullion
           cert = Models::Certificate.find(params[:id])
-          cert.data + Bullion.ca_cert.to_pem
+          cert.data + Bullion.ca_cert_file
         else
           halt(422, { error: "Order not valid" }.to_json)
         end

data/lib/bullion/version.rb CHANGED Viewed

@@ -4,6 +4,6 @@ module Bullion
   VERSION = [
     0, # major
     7, # minor
-    1 # patch
+    3 # patch
   ].join(".")
 end

data/lib/bullion.rb CHANGED Viewed

@@ -70,8 +70,12 @@ module Bullion
     @ca_key ||= OpenSSL::PKey::RSA.new(File.read(config.ca.key_path), config.ca.secret)
   end
+  def self.ca_cert_file
+    @ca_cert_file ||= File.read(config.ca.cert_path)
+  end
   def self.ca_cert
-    @ca_cert ||= OpenSSL::X509::Certificate.new(File.read(config.ca.cert_path))
+    @ca_cert ||= OpenSSL::X509::Certificate.new(ca_cert_file)
   end
   def self.rotate_keys!

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bullion
 version: !ruby/object:Gem::Version
-  version: 0.7.1
+  version: 0.7.3
 platform: ruby
 authors:
 - Jonathan Gnagy
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-01-31 00:00:00.000000000 Z
+date: 2024-08-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dry-configurable