certificate_authority 0.1.3 → 0.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.rdoc +92 -86
- data/VERSION.yml +2 -2
- data/certificate_authority.gemspec +9 -7
- data/lib/certificate_authority.rb +1 -1
- data/lib/certificate_authority/certificate.rb +60 -38
- data/lib/certificate_authority/certificate_revocation_list.rb +12 -12
- data/lib/certificate_authority/distinguished_name.rb +33 -14
- data/lib/certificate_authority/extensions.rb +77 -63
- data/lib/certificate_authority/key_material.rb +48 -15
- data/lib/certificate_authority/ocsp_handler.rb +24 -24
- data/lib/certificate_authority/pkcs11_key_material.rb +13 -13
- data/lib/certificate_authority/serial_number.rb +3 -3
- data/lib/certificate_authority/signing_entity.rb +5 -7
- data/spec/units/certificate_revocation_list_spec.rb +16 -16
- data/spec/units/certificate_spec.rb +149 -84
- data/spec/units/distinguished_name_spec.rb +26 -5
- data/spec/units/extensions_spec.rb +72 -10
- data/spec/units/key_material_spec.rb +69 -65
- data/spec/units/ocsp_handler_spec.rb +20 -20
- data/spec/units/pkcs11_key_material_spec.rb +41 -0
- data/spec/units/serial_number_spec.rb +4 -4
- metadata +50 -53
@@ -0,0 +1,41 @@
|
|
1
|
+
require File.dirname(__FILE__) + '/units_helper'
|
2
|
+
|
3
|
+
## Anything that requires crypto hardware needs to be tagged as 'pkcs11'
|
4
|
+
describe CertificateAuthority::Pkcs11KeyMaterial, :pkcs11 => true do
|
5
|
+
before(:each) do
|
6
|
+
@key_material_in_hardware = CertificateAuthority::Pkcs11KeyMaterial.new
|
7
|
+
@key_material_in_hardware.token_id = "46"
|
8
|
+
@key_material_in_hardware.pkcs11_lib = "/usr/lib/libeTPkcs11.so"
|
9
|
+
@key_material_in_hardware.openssl_pkcs11_engine_lib = "/usr/lib/engines/engine_pkcs11.so"
|
10
|
+
@key_material_in_hardware.pin = "11111111"
|
11
|
+
end
|
12
|
+
|
13
|
+
it "should identify as being in hardware", :pkcs11 => true do
|
14
|
+
@key_material_in_hardware.is_in_hardware?.should be_true
|
15
|
+
end
|
16
|
+
|
17
|
+
it "should return a Pkey ref if the private key is requested", :pkcs11 => true do
|
18
|
+
@key_material_in_hardware.private_key.class.should == OpenSSL::PKey::RSA
|
19
|
+
end
|
20
|
+
|
21
|
+
it "should return a Pkey ref if the public key is requested", :pkcs11 => true do
|
22
|
+
@key_material_in_hardware.public_key.class.should == OpenSSL::PKey::RSA
|
23
|
+
end
|
24
|
+
|
25
|
+
it "should accept an ID for on-token objects", :pkcs11 => true do
|
26
|
+
@key_material_in_hardware.respond_to?(:token_id).should be_true
|
27
|
+
end
|
28
|
+
|
29
|
+
it "should accept a path to a shared library for a PKCS11 driver", :pkcs11 => true do
|
30
|
+
@key_material_in_hardware.respond_to?(:pkcs11_lib).should be_true
|
31
|
+
end
|
32
|
+
|
33
|
+
it "should accept a path to OpenSSL's dynamic PKCS11 engine (provided by libengine-pkcs11-openssl)", :pkcs11 => true do
|
34
|
+
@key_material_in_hardware.respond_to?(:openssl_pkcs11_engine_lib).should be_true
|
35
|
+
end
|
36
|
+
|
37
|
+
it "should accept an optional PIN to authenticate to the token", :pkcs11 => true do
|
38
|
+
@key_material_in_hardware.respond_to?(:pin).should be_true
|
39
|
+
end
|
40
|
+
|
41
|
+
end
|
@@ -4,17 +4,17 @@ describe CertificateAuthority::SerialNumber do
|
|
4
4
|
before(:each) do
|
5
5
|
@serial_number = CertificateAuthority::SerialNumber.new
|
6
6
|
end
|
7
|
-
|
7
|
+
|
8
8
|
it "should support basic integer serial numbers", :rfc3280 => true do
|
9
9
|
@serial_number.number = 25
|
10
10
|
@serial_number.should be_valid
|
11
11
|
@serial_number.number = "abc"
|
12
12
|
@serial_number.should_not be_valid
|
13
13
|
end
|
14
|
-
|
14
|
+
|
15
15
|
it "should not allow negative serial numbers", :rfc3280 => true do
|
16
16
|
@serial_number.number = -5
|
17
17
|
@serial_number.should_not be_valid
|
18
18
|
end
|
19
|
-
|
20
|
-
end
|
19
|
+
|
20
|
+
end
|
metadata
CHANGED
@@ -1,70 +1,67 @@
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
2
|
name: certificate_authority
|
3
|
-
version: !ruby/object:Gem::Version
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.4
|
4
5
|
prerelease:
|
5
|
-
version: 0.1.3
|
6
6
|
platform: ruby
|
7
|
-
authors:
|
7
|
+
authors:
|
8
8
|
- Chris Chandler
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
- !ruby/object:Gem::Dependency
|
12
|
+
date: 2012-08-12 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
16
15
|
name: activemodel
|
17
|
-
requirement: &
|
16
|
+
requirement: &70202335505760 !ruby/object:Gem::Requirement
|
18
17
|
none: false
|
19
|
-
requirements:
|
18
|
+
requirements:
|
20
19
|
- - ~>
|
21
|
-
- !ruby/object:Gem::Version
|
20
|
+
- !ruby/object:Gem::Version
|
22
21
|
version: 3.0.6
|
23
22
|
type: :runtime
|
24
23
|
prerelease: false
|
25
|
-
version_requirements: *
|
26
|
-
- !ruby/object:Gem::Dependency
|
24
|
+
version_requirements: *70202335505760
|
25
|
+
- !ruby/object:Gem::Dependency
|
27
26
|
name: rspec
|
28
|
-
requirement: &
|
27
|
+
requirement: &70202335504500 !ruby/object:Gem::Requirement
|
29
28
|
none: false
|
30
|
-
requirements:
|
31
|
-
- -
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version:
|
29
|
+
requirements:
|
30
|
+
- - ! '>='
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: '0'
|
34
33
|
type: :development
|
35
34
|
prerelease: false
|
36
|
-
version_requirements: *
|
37
|
-
- !ruby/object:Gem::Dependency
|
35
|
+
version_requirements: *70202335504500
|
36
|
+
- !ruby/object:Gem::Dependency
|
38
37
|
name: jeweler
|
39
|
-
requirement: &
|
38
|
+
requirement: &70202335503240 !ruby/object:Gem::Requirement
|
40
39
|
none: false
|
41
|
-
requirements:
|
40
|
+
requirements:
|
42
41
|
- - ~>
|
43
|
-
- !ruby/object:Gem::Version
|
42
|
+
- !ruby/object:Gem::Version
|
44
43
|
version: 1.5.2
|
45
44
|
type: :development
|
46
45
|
prerelease: false
|
47
|
-
version_requirements: *
|
48
|
-
- !ruby/object:Gem::Dependency
|
46
|
+
version_requirements: *70202335503240
|
47
|
+
- !ruby/object:Gem::Dependency
|
49
48
|
name: rcov
|
50
|
-
requirement: &
|
49
|
+
requirement: &70202335502120 !ruby/object:Gem::Requirement
|
51
50
|
none: false
|
52
|
-
requirements:
|
53
|
-
- -
|
54
|
-
- !ruby/object:Gem::Version
|
55
|
-
version:
|
51
|
+
requirements:
|
52
|
+
- - ! '>='
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
56
55
|
type: :development
|
57
56
|
prerelease: false
|
58
|
-
version_requirements: *
|
57
|
+
version_requirements: *70202335502120
|
59
58
|
description:
|
60
59
|
email: chris@flatterline.com
|
61
60
|
executables: []
|
62
|
-
|
63
61
|
extensions: []
|
64
|
-
|
65
|
-
extra_rdoc_files:
|
62
|
+
extra_rdoc_files:
|
66
63
|
- README.rdoc
|
67
|
-
files:
|
64
|
+
files:
|
68
65
|
- Gemfile
|
69
66
|
- Gemfile.lock
|
70
67
|
- README.rdoc
|
@@ -90,40 +87,39 @@ files:
|
|
90
87
|
- spec/units/extensions_spec.rb
|
91
88
|
- spec/units/key_material_spec.rb
|
92
89
|
- spec/units/ocsp_handler_spec.rb
|
90
|
+
- spec/units/pkcs11_key_material_spec.rb
|
93
91
|
- spec/units/serial_number_spec.rb
|
94
92
|
- spec/units/signing_entity_spec.rb
|
95
93
|
- spec/units/units_helper.rb
|
96
94
|
homepage: http://github.com/cchandler/certificate_authority
|
97
|
-
licenses:
|
95
|
+
licenses:
|
98
96
|
- MIT
|
99
97
|
post_install_message:
|
100
98
|
rdoc_options: []
|
101
|
-
|
102
|
-
require_paths:
|
99
|
+
require_paths:
|
103
100
|
- lib
|
104
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
101
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
105
102
|
none: false
|
106
|
-
requirements:
|
107
|
-
- -
|
108
|
-
- !ruby/object:Gem::Version
|
109
|
-
|
110
|
-
segments:
|
103
|
+
requirements:
|
104
|
+
- - ! '>='
|
105
|
+
- !ruby/object:Gem::Version
|
106
|
+
version: '0'
|
107
|
+
segments:
|
111
108
|
- 0
|
112
|
-
|
113
|
-
required_rubygems_version: !ruby/object:Gem::Requirement
|
109
|
+
hash: -130755063379488458
|
110
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
114
111
|
none: false
|
115
|
-
requirements:
|
116
|
-
- -
|
117
|
-
- !ruby/object:Gem::Version
|
118
|
-
version:
|
112
|
+
requirements:
|
113
|
+
- - ! '>='
|
114
|
+
- !ruby/object:Gem::Version
|
115
|
+
version: '0'
|
119
116
|
requirements: []
|
120
|
-
|
121
117
|
rubyforge_project:
|
122
|
-
rubygems_version: 1.
|
118
|
+
rubygems_version: 1.8.15
|
123
119
|
signing_key:
|
124
120
|
specification_version: 3
|
125
121
|
summary: Ruby gem for managing the core functions outlined in RFC-3280 for PKI
|
126
|
-
test_files:
|
122
|
+
test_files:
|
127
123
|
- spec/spec_helper.rb
|
128
124
|
- spec/units/certificate_authority_spec.rb
|
129
125
|
- spec/units/certificate_revocation_list_spec.rb
|
@@ -132,6 +128,7 @@ test_files:
|
|
132
128
|
- spec/units/extensions_spec.rb
|
133
129
|
- spec/units/key_material_spec.rb
|
134
130
|
- spec/units/ocsp_handler_spec.rb
|
131
|
+
- spec/units/pkcs11_key_material_spec.rb
|
135
132
|
- spec/units/serial_number_spec.rb
|
136
133
|
- spec/units/signing_entity_spec.rb
|
137
134
|
- spec/units/units_helper.rb
|