fauthentic 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 84920a8d49a40829e6ab3734dd23a98e74ac5b02
+  data.tar.gz: 94e5db1704ff2e23a04f5b3bda85c07d9d42ab1f
+SHA512:
+  metadata.gz: 7f1af9c7a590ff5e2f2f08e89602c44c5d9de874d7a518029c2dfc44981b66126f9f117c0b89ff4bfa2dbb0534b706701edfa8c944d42f9400dcf301b0a92648
+  data.tar.gz: aa17d03bede3308c0d16f11b69672249b88a5302d97e465f11125344de75670722199800943d2fd6b2ff7e65e4854f1b3f67f4e061718e416d8b208c83195aef

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in fauthentic.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2017 Joe Marty
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,63 @@
+# Fauthentic
+
+Fauthentic is a gem designed for the sole purpose of making it easy to generate
+and handle self-signed SSL certificates in Ruby.
+
+It uses the OpenSSL library, and therefore the primary `generate` method returns
+an object containing a cert and key represented as `OpenSSL::X509::Certificate`
+and `OpenSSL::PKey::RSA`.
+
+## Thanks
+
+Thanks to @nickyp for posting his original [script for generating a self-signed
+certificate](https://gist.github.com/nickyp/886884), from which this library
+grew.
+
+## Usage
+
+It's pretty simple:
+
+**Want a Certificate?**
+
+```ruby
+ssl = Fauthentic.generate
+puts ssl.cert.to_pem
+# => -----BEGIN CERTIFICATE----- ...
+puts ssl.key.to_s
+# => -----BEGIN RSA PRIVATE KEY----- ...
+```
+
+**Want to be more specific?**
+
+```ruby
+opts = {
+  common_name: "my.domain.com", # Default: "example.com"
+  country: "BE",                # "US"
+  state: "saddened",            # nil
+  org: "MyOrg",                 # "Test"
+  org_unit: "Test",             # "Test"
+  email: "totally-secure-team@my.domain.com", # nil
+  expire_in_days: 365           # 30
+}
+ssl = Fauthentic.generate(opts)
+cert_string = ssl.cert.to_pem
+# => "-----BEGIN CERTIFICATE-----..."
+key_string = ssl.key.to_s
+# => "-----BEGIN RSA PRIVATE KEY----- ..."
+```
+
+**Want to read a certificate?**
+
+```ruby
+cert = Fauthentic.parse_cert(cert_string)
+puts Fauthentic.extract_subject(cert)
+# => {C: "US", O: "MyOrg", CN: "my.domain.com", ...}
+```
+
+**Want to make sure a key matches a certificate?**
+Just use the openssl gem's `check_private_key` method:
+
+```ruby
+key = Fauthentic.parse_key(key_string)
+cert.check_private_key(key) # => true
+```

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+task :default => :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "fauthentic"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/fauthentic.gemspec

@@ -0,0 +1,28 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'fauthentic/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "fauthentic"
+  spec.version       = Fauthentic::VERSION
+  spec.authors       = ["Joe Marty"]
+  spec.email         = ["jmarty@iexposure.com"]
+
+  spec.summary       = "A convenience library for self-signed SSL certificates"
+  spec.description   = "Fauthentic allows you to easily generate, read, parse and verify OpenSSL certificates and keys"
+  spec.homepage      = "https://github.com/mltsy/fauthentic"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.14"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.2"
+
+  spec.add_runtime_dependency 'openssl', '~> 2.0'
+end

data/lib/fauthentic.rb

@@ -0,0 +1,61 @@
+require 'fauthentic/version'
+require 'openssl'
+
+module Fauthentic
+  DEFAULT_OPTIONS = {
+    country: "US",
+    state: nil,
+    org: "Fauxthentic",
+    org_unit: "Test",
+    common_name: "test.example.com",
+    email: nil,
+    expire_in_days: 30
+  }
+
+  SslData = Struct.new(:cert, :key)
+
+  def self.generate(opts = {})
+    options = DEFAULT_OPTIONS.merge(opts)
+
+    key = OpenSSL::PKey::RSA.new(2048)
+
+    subject = ""
+    subject << "/C=#{options[:country]}" if options[:country]
+    subject << "/ST=#{options[:state]}" if options[:state]
+    subject << "/O=#{options[:org]}" if options[:org]
+    subject << "/OU=#{options[:org_unit]}" if options[:org_unit]
+    subject << "/CN=#{options[:common_name]}" if options[:common_name]
+    subject << "/emailAddress=#{options[:email]}" if options[:email]
+
+    cert = OpenSSL::X509::Certificate.new
+    cert.subject = cert.issuer = OpenSSL::X509::Name.parse(subject)
+    cert.not_before = Time.now
+    cert.not_after = Time.now + options[:expire_in_days] * 24 * 60 * 60
+    cert.public_key = key.public_key
+    cert.serial = 0x0
+    cert.version = 2
+
+    ef = OpenSSL::X509::ExtensionFactory.new
+    ef.subject_certificate = cert
+    ef.issuer_certificate = cert
+    cert.add_extension ef.create_extension("basicConstraints","CA:TRUE", true)
+    cert.add_extension ef.create_extension("subjectKeyIdentifier", "hash")
+    cert.add_extension ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always")
+
+    cert.sign key, OpenSSL::Digest::SHA256.new
+
+    return SslData.new(cert, key)
+  end
+
+  def self.parse_cert(string)
+    OpenSSL::X509::Certificate.new(string)
+  end
+
+  def self.parse_key(string, pass=nil)
+    OpenSSL::PKey.read(string, pass)
+  end
+
+  def self.extract_subject(cert)
+    Hash[cert.subject.to_a.map{|i| [i[0].to_sym, i[1]]}]
+  end
+end

data/lib/fauthentic/version.rb

@@ -0,0 +1,3 @@
+module Fauthentic
+  VERSION = "0.1.0"
+end

metadata

@@ -0,0 +1,110 @@
+--- !ruby/object:Gem::Specification
+name: fauthentic
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Joe Marty
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2017-06-09 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.14'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.14'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+- !ruby/object:Gem::Dependency
+  name: openssl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+description: Fauthentic allows you to easily generate, read, parse and verify OpenSSL
+  certificates and keys
+email:
+- jmarty@iexposure.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- fauthentic.gemspec
+- lib/fauthentic.rb
+- lib/fauthentic/version.rb
+homepage: https://github.com/mltsy/fauthentic
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.1
+signing_key: 
+specification_version: 4
+summary: A convenience library for self-signed SSL certificates
+test_files: []