certificate_authority 0.1.3 → 0.1.4
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +92 -86
- data/VERSION.yml +2 -2
- data/certificate_authority.gemspec +9 -7
- data/lib/certificate_authority.rb +1 -1
- data/lib/certificate_authority/certificate.rb +60 -38
- data/lib/certificate_authority/certificate_revocation_list.rb +12 -12
- data/lib/certificate_authority/distinguished_name.rb +33 -14
- data/lib/certificate_authority/extensions.rb +77 -63
- data/lib/certificate_authority/key_material.rb +48 -15
- data/lib/certificate_authority/ocsp_handler.rb +24 -24
- data/lib/certificate_authority/pkcs11_key_material.rb +13 -13
- data/lib/certificate_authority/serial_number.rb +3 -3
- data/lib/certificate_authority/signing_entity.rb +5 -7
- data/spec/units/certificate_revocation_list_spec.rb +16 -16
- data/spec/units/certificate_spec.rb +149 -84
- data/spec/units/distinguished_name_spec.rb +26 -5
- data/spec/units/extensions_spec.rb +72 -10
- data/spec/units/key_material_spec.rb +69 -65
- data/spec/units/ocsp_handler_spec.rb +20 -20
- data/spec/units/pkcs11_key_material_spec.rb +41 -0
- data/spec/units/serial_number_spec.rb +4 -4
- metadata +50 -53
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
require File.dirname(__FILE__) + '/units_helper'
|
|
2
|
+
|
|
3
|
+
## Anything that requires crypto hardware needs to be tagged as 'pkcs11'
|
|
4
|
+
describe CertificateAuthority::Pkcs11KeyMaterial, :pkcs11 => true do
|
|
5
|
+
before(:each) do
|
|
6
|
+
@key_material_in_hardware = CertificateAuthority::Pkcs11KeyMaterial.new
|
|
7
|
+
@key_material_in_hardware.token_id = "46"
|
|
8
|
+
@key_material_in_hardware.pkcs11_lib = "/usr/lib/libeTPkcs11.so"
|
|
9
|
+
@key_material_in_hardware.openssl_pkcs11_engine_lib = "/usr/lib/engines/engine_pkcs11.so"
|
|
10
|
+
@key_material_in_hardware.pin = "11111111"
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
it "should identify as being in hardware", :pkcs11 => true do
|
|
14
|
+
@key_material_in_hardware.is_in_hardware?.should be_true
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
it "should return a Pkey ref if the private key is requested", :pkcs11 => true do
|
|
18
|
+
@key_material_in_hardware.private_key.class.should == OpenSSL::PKey::RSA
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
it "should return a Pkey ref if the public key is requested", :pkcs11 => true do
|
|
22
|
+
@key_material_in_hardware.public_key.class.should == OpenSSL::PKey::RSA
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
it "should accept an ID for on-token objects", :pkcs11 => true do
|
|
26
|
+
@key_material_in_hardware.respond_to?(:token_id).should be_true
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
it "should accept a path to a shared library for a PKCS11 driver", :pkcs11 => true do
|
|
30
|
+
@key_material_in_hardware.respond_to?(:pkcs11_lib).should be_true
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
it "should accept a path to OpenSSL's dynamic PKCS11 engine (provided by libengine-pkcs11-openssl)", :pkcs11 => true do
|
|
34
|
+
@key_material_in_hardware.respond_to?(:openssl_pkcs11_engine_lib).should be_true
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
it "should accept an optional PIN to authenticate to the token", :pkcs11 => true do
|
|
38
|
+
@key_material_in_hardware.respond_to?(:pin).should be_true
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
end
|
|
@@ -4,17 +4,17 @@ describe CertificateAuthority::SerialNumber do
|
|
|
4
4
|
before(:each) do
|
|
5
5
|
@serial_number = CertificateAuthority::SerialNumber.new
|
|
6
6
|
end
|
|
7
|
-
|
|
7
|
+
|
|
8
8
|
it "should support basic integer serial numbers", :rfc3280 => true do
|
|
9
9
|
@serial_number.number = 25
|
|
10
10
|
@serial_number.should be_valid
|
|
11
11
|
@serial_number.number = "abc"
|
|
12
12
|
@serial_number.should_not be_valid
|
|
13
13
|
end
|
|
14
|
-
|
|
14
|
+
|
|
15
15
|
it "should not allow negative serial numbers", :rfc3280 => true do
|
|
16
16
|
@serial_number.number = -5
|
|
17
17
|
@serial_number.should_not be_valid
|
|
18
18
|
end
|
|
19
|
-
|
|
20
|
-
end
|
|
19
|
+
|
|
20
|
+
end
|
metadata
CHANGED
|
@@ -1,70 +1,67 @@
|
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: certificate_authority
|
|
3
|
-
version: !ruby/object:Gem::Version
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.1.4
|
|
4
5
|
prerelease:
|
|
5
|
-
version: 0.1.3
|
|
6
6
|
platform: ruby
|
|
7
|
-
authors:
|
|
7
|
+
authors:
|
|
8
8
|
- Chris Chandler
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
- !ruby/object:Gem::Dependency
|
|
12
|
+
date: 2012-08-12 00:00:00.000000000 Z
|
|
13
|
+
dependencies:
|
|
14
|
+
- !ruby/object:Gem::Dependency
|
|
16
15
|
name: activemodel
|
|
17
|
-
requirement: &
|
|
16
|
+
requirement: &70202335505760 !ruby/object:Gem::Requirement
|
|
18
17
|
none: false
|
|
19
|
-
requirements:
|
|
18
|
+
requirements:
|
|
20
19
|
- - ~>
|
|
21
|
-
- !ruby/object:Gem::Version
|
|
20
|
+
- !ruby/object:Gem::Version
|
|
22
21
|
version: 3.0.6
|
|
23
22
|
type: :runtime
|
|
24
23
|
prerelease: false
|
|
25
|
-
version_requirements: *
|
|
26
|
-
- !ruby/object:Gem::Dependency
|
|
24
|
+
version_requirements: *70202335505760
|
|
25
|
+
- !ruby/object:Gem::Dependency
|
|
27
26
|
name: rspec
|
|
28
|
-
requirement: &
|
|
27
|
+
requirement: &70202335504500 !ruby/object:Gem::Requirement
|
|
29
28
|
none: false
|
|
30
|
-
requirements:
|
|
31
|
-
- -
|
|
32
|
-
- !ruby/object:Gem::Version
|
|
33
|
-
version:
|
|
29
|
+
requirements:
|
|
30
|
+
- - ! '>='
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
32
|
+
version: '0'
|
|
34
33
|
type: :development
|
|
35
34
|
prerelease: false
|
|
36
|
-
version_requirements: *
|
|
37
|
-
- !ruby/object:Gem::Dependency
|
|
35
|
+
version_requirements: *70202335504500
|
|
36
|
+
- !ruby/object:Gem::Dependency
|
|
38
37
|
name: jeweler
|
|
39
|
-
requirement: &
|
|
38
|
+
requirement: &70202335503240 !ruby/object:Gem::Requirement
|
|
40
39
|
none: false
|
|
41
|
-
requirements:
|
|
40
|
+
requirements:
|
|
42
41
|
- - ~>
|
|
43
|
-
- !ruby/object:Gem::Version
|
|
42
|
+
- !ruby/object:Gem::Version
|
|
44
43
|
version: 1.5.2
|
|
45
44
|
type: :development
|
|
46
45
|
prerelease: false
|
|
47
|
-
version_requirements: *
|
|
48
|
-
- !ruby/object:Gem::Dependency
|
|
46
|
+
version_requirements: *70202335503240
|
|
47
|
+
- !ruby/object:Gem::Dependency
|
|
49
48
|
name: rcov
|
|
50
|
-
requirement: &
|
|
49
|
+
requirement: &70202335502120 !ruby/object:Gem::Requirement
|
|
51
50
|
none: false
|
|
52
|
-
requirements:
|
|
53
|
-
- -
|
|
54
|
-
- !ruby/object:Gem::Version
|
|
55
|
-
version:
|
|
51
|
+
requirements:
|
|
52
|
+
- - ! '>='
|
|
53
|
+
- !ruby/object:Gem::Version
|
|
54
|
+
version: '0'
|
|
56
55
|
type: :development
|
|
57
56
|
prerelease: false
|
|
58
|
-
version_requirements: *
|
|
57
|
+
version_requirements: *70202335502120
|
|
59
58
|
description:
|
|
60
59
|
email: chris@flatterline.com
|
|
61
60
|
executables: []
|
|
62
|
-
|
|
63
61
|
extensions: []
|
|
64
|
-
|
|
65
|
-
extra_rdoc_files:
|
|
62
|
+
extra_rdoc_files:
|
|
66
63
|
- README.rdoc
|
|
67
|
-
files:
|
|
64
|
+
files:
|
|
68
65
|
- Gemfile
|
|
69
66
|
- Gemfile.lock
|
|
70
67
|
- README.rdoc
|
|
@@ -90,40 +87,39 @@ files:
|
|
|
90
87
|
- spec/units/extensions_spec.rb
|
|
91
88
|
- spec/units/key_material_spec.rb
|
|
92
89
|
- spec/units/ocsp_handler_spec.rb
|
|
90
|
+
- spec/units/pkcs11_key_material_spec.rb
|
|
93
91
|
- spec/units/serial_number_spec.rb
|
|
94
92
|
- spec/units/signing_entity_spec.rb
|
|
95
93
|
- spec/units/units_helper.rb
|
|
96
94
|
homepage: http://github.com/cchandler/certificate_authority
|
|
97
|
-
licenses:
|
|
95
|
+
licenses:
|
|
98
96
|
- MIT
|
|
99
97
|
post_install_message:
|
|
100
98
|
rdoc_options: []
|
|
101
|
-
|
|
102
|
-
require_paths:
|
|
99
|
+
require_paths:
|
|
103
100
|
- lib
|
|
104
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
|
101
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
105
102
|
none: false
|
|
106
|
-
requirements:
|
|
107
|
-
- -
|
|
108
|
-
- !ruby/object:Gem::Version
|
|
109
|
-
|
|
110
|
-
segments:
|
|
103
|
+
requirements:
|
|
104
|
+
- - ! '>='
|
|
105
|
+
- !ruby/object:Gem::Version
|
|
106
|
+
version: '0'
|
|
107
|
+
segments:
|
|
111
108
|
- 0
|
|
112
|
-
|
|
113
|
-
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
109
|
+
hash: -130755063379488458
|
|
110
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
114
111
|
none: false
|
|
115
|
-
requirements:
|
|
116
|
-
- -
|
|
117
|
-
- !ruby/object:Gem::Version
|
|
118
|
-
version:
|
|
112
|
+
requirements:
|
|
113
|
+
- - ! '>='
|
|
114
|
+
- !ruby/object:Gem::Version
|
|
115
|
+
version: '0'
|
|
119
116
|
requirements: []
|
|
120
|
-
|
|
121
117
|
rubyforge_project:
|
|
122
|
-
rubygems_version: 1.
|
|
118
|
+
rubygems_version: 1.8.15
|
|
123
119
|
signing_key:
|
|
124
120
|
specification_version: 3
|
|
125
121
|
summary: Ruby gem for managing the core functions outlined in RFC-3280 for PKI
|
|
126
|
-
test_files:
|
|
122
|
+
test_files:
|
|
127
123
|
- spec/spec_helper.rb
|
|
128
124
|
- spec/units/certificate_authority_spec.rb
|
|
129
125
|
- spec/units/certificate_revocation_list_spec.rb
|
|
@@ -132,6 +128,7 @@ test_files:
|
|
|
132
128
|
- spec/units/extensions_spec.rb
|
|
133
129
|
- spec/units/key_material_spec.rb
|
|
134
130
|
- spec/units/ocsp_handler_spec.rb
|
|
131
|
+
- spec/units/pkcs11_key_material_spec.rb
|
|
135
132
|
- spec/units/serial_number_spec.rb
|
|
136
133
|
- spec/units/signing_entity_spec.rb
|
|
137
134
|
- spec/units/units_helper.rb
|