certmeister 2.3.1 → 2.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/certmeister/policy/key_bits.rb +4 -4
  3. data/lib/certmeister/policy/signature_algorithm.rb +4 -4
  4. data/lib/certmeister/version.rb +1 -1
  5. data/spec/certmeister/policy/key_bits_spec.rb +7 -7
  6. data/spec/certmeister/policy/signature_algorithm_spec.rb +8 -8
  7. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c967efa83cd0adfe1e243a0657bd5c6fcd8ae4b0
4
- data.tar.gz: c07532570922dae8220d405d7462a4063a0cd81d
3
+ metadata.gz: 57b06eaa4b7a7fdde5a2ee77bafb1cd782fe5057
4
+ data.tar.gz: 69737d5b2cc1dd24d4f2462b59da40f2cb59a727
5
5
  SHA512:
6
- metadata.gz: e01b93712919b4d2a89663ba64aa824dfd1d30a9c32c73c93621bc1eeeecaa6c14584c9a6a6840d501b66ba0c006dcda5c577d3802c5531e523320fac070cc49
7
- data.tar.gz: 79596deaaf71134e9a68c74cfa363e67c6e489bb9be4ddeb245dc088f1105e4975e289982357bedbc7f46decc02744425cf57d5a0154e83a74ab8f5c8b3b2e59
6
+ metadata.gz: 8b9eb7606d1d3995d0a717b7323652df8d8340e9d8026874b2d5b29c5d4f4aaa349b277716845a4b1483116e7a5c1f017f2aa5d290be95e4a6c6114943bca9ca
7
+ data.tar.gz: 1ac8f97652db718aed87602916ef17b68a0e704e12e3265515cf360a13c7838ce06713d10e80b0752518a87ae683b469503b1126c561cbe5cf58dcbd5bec3f18
data/lib/certmeister/policy/key_bits.rb CHANGED
@@ -17,10 +17,10 @@ module Certmeister
17
17
  end
18
18
 
19
19
  def authenticate(request)
20
- if not request[:pem]
21
- Certmeister::Policy::Response.new(false, "missing pem")
20
+ if not request[:csr]
21
+ Certmeister::Policy::Response.new(false, "missing csr")
22
22
  else
23
- cert = OpenSSL::X509::Request.new(request[:pem])
23
+ cert = OpenSSL::X509::Request.new(request[:csr])
24
24
  pkey = cert.public_key
25
25
  kbits = pkey.n.num_bytes * 8
26
26
  if kbits < @min_key_bits
@@ -30,7 +30,7 @@ module Certmeister
30
30
  end
31
31
  end
32
32
  rescue OpenSSL::X509::RequestError => e
33
- Certmeister::Policy::Response.new(false, "invalid pem (#{e.message})")
33
+ Certmeister::Policy::Response.new(false, "invalid csr (#{e.message})")
34
34
  end
35
35
 
36
36
  private
data/lib/certmeister/policy/signature_algorithm.rb CHANGED
@@ -17,10 +17,10 @@ module Certmeister
17
17
  end
18
18
 
19
19
  def authenticate(request)
20
- if not request[:pem]
21
- return Certmeister::Policy::Response.new(false, "missing pem")
20
+ if not request[:csr]
21
+ return Certmeister::Policy::Response.new(false, "missing csr")
22
22
  else
23
- cert = OpenSSL::X509::Request.new(request[:pem])
23
+ cert = OpenSSL::X509::Request.new(request[:csr])
24
24
  signature_algorithm = cert.signature_algorithm
25
25
  if signature_algorithm = check_for_supported_signature_algorithm(signature_algorithm)
26
26
  check_signature_algorithm_strength(signature_algorithm)
@@ -29,7 +29,7 @@ module Certmeister
29
29
  end
30
30
  end
31
31
  rescue OpenSSL::X509::RequestError => e
32
- return Certmeister::Policy::Response.new(false, "invalid pem (#{e.message})")
32
+ return Certmeister::Policy::Response.new(false, "invalid csr (#{e.message})")
33
33
  end
34
34
 
35
35
  private
data/lib/certmeister/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Certmeister
2
2
 
3
- VERSION = '2.3.1' unless defined?(VERSION)
3
+ VERSION = '2.3.2' unless defined?(VERSION)
4
4
 
5
5
  end
data/spec/certmeister/policy/key_bits_spec.rb CHANGED
@@ -19,29 +19,29 @@ describe Certmeister::Policy::KeyBits do
19
19
  expect { subject.authenticate }.to raise_error(ArgumentError)
20
20
  end
21
21
 
22
- it "refuses to authenticate a request with a missing pem" do
22
+ it "refuses to authenticate a request with a missing csr" do
23
23
  response = subject.authenticate({anything: 'something'})
24
24
  expect(response).to_not be_authenticated
25
- expect(response.error).to eql "missing pem"
25
+ expect(response.error).to eql "missing csr"
26
26
  end
27
27
 
28
- it "refuses to authenticate an invalid pem" do
28
+ it "refuses to authenticate an invalid csr" do
29
29
  pem = "bad input"
30
- response = subject.authenticate({pem: pem})
30
+ response = subject.authenticate({csr: pem})
31
31
  expect(response).to_not be_authenticated
32
- expect(response.error).to eql "invalid pem (not enough data)"
32
+ expect(response.error).to eql "invalid csr (not enough data)"
33
33
  end
34
34
 
35
35
  it "refuses to authenticate a request for a key with too few bits" do
36
36
  pem = File.read('fixtures/sha256_1024bit.csr')
37
- response = subject.authenticate({pem: pem})
37
+ response = subject.authenticate({csr: pem})
38
38
  expect(response).to_not be_authenticated
39
39
  expect(response.error).to eql "weak key"
40
40
  end
41
41
 
42
42
  it "authenticates a request for a key with sufficient bits" do
43
43
  pem = File.read('fixtures/sha256_4096bit.csr')
44
- response = subject.authenticate({pem: pem})
44
+ response = subject.authenticate({csr: pem})
45
45
  expect(response).to be_authenticated
46
46
  end
47
47
 
data/spec/certmeister/policy/signature_algorithm_spec.rb CHANGED
@@ -19,35 +19,35 @@ describe Certmeister::Policy::SignatureAlgorithm do
19
19
  expect { subject.authenticate }.to raise_error(ArgumentError)
20
20
  end
21
21
 
22
- it "refuses to authenticate a request with a missing pem" do
22
+ it "refuses to authenticate a request with a missing csr" do
23
23
  response = subject.authenticate({anything: 'something'})
24
24
  expect(response).to_not be_authenticated
25
- expect(response.error).to eql "missing pem"
25
+ expect(response.error).to eql "missing csr"
26
26
  end
27
27
 
28
- it "refuses to authenticate an invalid pem" do
28
+ it "refuses to authenticate an invalid csr" do
29
29
  pem = "bad input"
30
- response = subject.authenticate({pem: pem})
30
+ response = subject.authenticate({csr: pem})
31
31
  expect(response).to_not be_authenticated
32
- expect(response.error).to eql "invalid pem (not enough data)"
32
+ expect(response.error).to eql "invalid csr (not enough data)"
33
33
  end
34
34
 
35
35
  it "refuses to authenticate a request with a weak signature algorithm" do
36
36
  pem = File.read('fixtures/sha1_4096bit.csr')
37
- response = subject.authenticate({pem: pem})
37
+ response = subject.authenticate({csr: pem})
38
38
  expect(response).to_not be_authenticated
39
39
  expect(response.error).to eql "weak signature algorithm"
40
40
  end
41
41
 
42
42
  it "authenticates a request with a strong signature algorithm" do
43
43
  pem = File.read('fixtures/sha256_4096bit.csr')
44
- response = subject.authenticate({pem: pem})
44
+ response = subject.authenticate({csr: pem})
45
45
  expect(response).to be_authenticated
46
46
  end
47
47
 
48
48
  it "refuses to authenticate a request with an unknown/unsupported signature algorithm" do
49
49
  pem = File.read('fixtures/ecdsa.csr')
50
- response = subject.authenticate({pem: pem})
50
+ response = subject.authenticate({csr: pem})
51
51
  expect(response).to_not be_authenticated
52
52
  expect(response.error).to eql "unknown/unsupported signature algorithm (ecdsa-with-SHA384)"
53
53
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: certmeister
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.1
4
+ version: 2.3.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sheldon Hearn