mt-ruby-tls 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,267 @@
1
+ require 'mt-ruby-tls'
2
+
3
+
4
+ describe MTRubyTls do
5
+
6
+ class Client2
7
+ def initialize(client_data, dir)
8
+ @client_data = client_data
9
+ @ssl = MTRubyTls::SSL::Box.new(false, self, private_key: dir + 'client.key', cert_chain: dir + 'client.crt', host_name: 'just.testing.com')
10
+ end
11
+
12
+ attr_reader :ssl
13
+ attr_accessor :stop
14
+ attr_accessor :server
15
+
16
+ def close_cb
17
+ @client_data << 'close'
18
+ @stop = true
19
+ end
20
+
21
+ def dispatch_cb(data)
22
+ @client_data << data
23
+ end
24
+
25
+ def transmit_cb(data)
26
+ if not @server.started
27
+ @server.started = true
28
+ @server.ssl.start
29
+ end
30
+ @server.ssl.decrypt(data) unless @stop
31
+ end
32
+
33
+ def handshake_cb(protocol)
34
+ @client_data << 'ready'
35
+ end
36
+ end
37
+
38
+ describe MTRubyTls::SSL::Box do
39
+ before :each do
40
+ @dir = File.dirname(File.expand_path(__FILE__)) + '/'
41
+ @cert_from_file = File.read(@dir + 'client.crt')
42
+ end
43
+
44
+ it "should verify the peer" do
45
+ @server_data = []
46
+ @client_data = []
47
+
48
+
49
+ class Server2
50
+ def initialize(client, server_data)
51
+ @client = client
52
+ @server_data = server_data
53
+ @ssl = MTRubyTls::SSL::Box.new(true, self, verify_peer: true)
54
+ end
55
+
56
+ attr_reader :ssl
57
+ attr_accessor :started
58
+ attr_accessor :stop
59
+ attr_accessor :cert_from_server
60
+
61
+ def close_cb
62
+ @server_data << 'close'
63
+ @stop = true
64
+ end
65
+
66
+ def dispatch_cb(data)
67
+ @server_data << data
68
+ end
69
+
70
+ def transmit_cb(data)
71
+ @client.ssl.decrypt(data) unless @stop
72
+ end
73
+
74
+ def handshake_cb(protocol)
75
+ @server_data << 'ready'
76
+ end
77
+
78
+ def verify_cb(cert)
79
+ @server_data << 'verify'
80
+ @cert_from_server = cert
81
+ true
82
+ end
83
+ end
84
+
85
+
86
+ @client = Client2.new(@client_data, @dir)
87
+ @server = Server2.new(@client, @server_data)
88
+ @client.server = @server
89
+
90
+ @client.ssl.start
91
+ @client.ssl.cleanup
92
+ @server.ssl.cleanup
93
+
94
+ expect(@client_data).to eq(['ready'])
95
+ expect(@server_data).to eq(['ready', 'verify', 'verify', 'verify'])
96
+ expect(@server.cert_from_server).to eq(@cert_from_file)
97
+ end
98
+
99
+
100
+ it "should verify the hostname" do
101
+ @server_data = []
102
+ @client_data = []
103
+
104
+ class Server3
105
+ def initialize(client, server_data)
106
+ @client = client
107
+ @server_data = server_data
108
+ @ssl = MTRubyTls::SSL::Box.new(true, self, host_name: 'just.testing.com')
109
+ end
110
+
111
+ attr_reader :ssl
112
+ attr_accessor :started
113
+ attr_accessor :stop
114
+ attr_accessor :cert_from_server
115
+
116
+ def close_cb
117
+ @server_data << 'close'
118
+ @stop = true
119
+ end
120
+
121
+ def dispatch_cb(data)
122
+ @server_data << data
123
+ end
124
+
125
+ def transmit_cb(data)
126
+ @client.ssl.decrypt(data) unless @stop
127
+ end
128
+
129
+ def handshake_cb(protocol)
130
+ @server_data << 'ready'
131
+ end
132
+ end
133
+
134
+
135
+ @client = Client2.new(@client_data, @dir)
136
+ @server = Server3.new(@client, @server_data)
137
+ @client.server = @server
138
+
139
+ @client.ssl.start
140
+ @client.ssl.cleanup
141
+ @server.ssl.cleanup
142
+
143
+ expect(@client_data).to eq(['ready'])
144
+ expect(@server_data).to eq(['ready'])
145
+ end
146
+
147
+ it "should fail if host name not found" do
148
+ @server_data = []
149
+ @client_data = []
150
+
151
+ class Server4
152
+ def initialize(client, server_data)
153
+ @client = client
154
+ @server_data = server_data
155
+ @ssl = MTRubyTls::SSL::Box.new(true, self, host_name: 'testing.com')
156
+ end
157
+
158
+ attr_reader :ssl
159
+ attr_accessor :started
160
+ attr_accessor :stop
161
+ attr_accessor :cert_from_server
162
+
163
+ def close_cb
164
+ @server_data << 'close'
165
+ @stop = true
166
+ end
167
+
168
+ def dispatch_cb(data)
169
+ @server_data << data
170
+ end
171
+
172
+ def transmit_cb(data)
173
+ @client.ssl.decrypt(data) unless @stop
174
+ end
175
+
176
+ def handshake_cb(protocol)
177
+ @server_data << 'ready'
178
+ end
179
+ end
180
+
181
+
182
+ @client = Client2.new(@client_data, @dir)
183
+ @server = Server4.new(@client, @server_data)
184
+ @client.server = @server
185
+
186
+ @client.ssl.start
187
+ @client.ssl.cleanup
188
+ @server.ssl.cleanup
189
+
190
+ expect(@client_data).to eq([])
191
+ expect(@server_data).to eq(['close'])
192
+ end
193
+
194
+ it "test actually adding a second context" do
195
+ @server_data = []
196
+ @client_data = []
197
+
198
+ @client = Client2.new(@client_data, @dir)
199
+ @server = Server4.new(@client, @server_data)
200
+ @client.server = @server
201
+ @server.ssl.add_host host_name: 'just.testing.com'
202
+
203
+ @client.ssl.start
204
+ @client.ssl.cleanup
205
+ @server.ssl.cleanup
206
+
207
+ expect(@client_data).to eq(['ready'])
208
+ expect(@server_data).to eq(['ready'])
209
+ end
210
+
211
+
212
+ it "should deny the connection" do
213
+ @server_data = []
214
+ @client_data = []
215
+
216
+ class Server3
217
+ def initialize(client, server_data)
218
+ @client = client
219
+ @server_data = server_data
220
+ @ssl = MTRubyTls::SSL::Box.new(true, self, verify_peer: true)
221
+ end
222
+
223
+ attr_reader :ssl
224
+ attr_accessor :started
225
+ attr_accessor :stop
226
+ attr_accessor :cert_from_server
227
+
228
+ def close_cb
229
+ @server_data << 'close'
230
+ @stop = true
231
+ end
232
+
233
+ def dispatch_cb(data)
234
+ @server_data << data
235
+ end
236
+
237
+ def transmit_cb(data)
238
+ @client.ssl.decrypt(data) unless @stop
239
+ end
240
+
241
+ def handshake_cb(protocol)
242
+ @server_data << 'ready'
243
+ end
244
+
245
+ def verify_cb(cert)
246
+ @server_data << 'verify'
247
+ @cert_from_server = cert
248
+ false
249
+ end
250
+ end
251
+
252
+ @client = Client2.new(@client_data, @dir)
253
+ @server = Server3.new(@client, @server_data)
254
+ @client.server = @server
255
+
256
+ @client.ssl.start
257
+ @client.ssl.cleanup
258
+ @server.ssl.cleanup
259
+
260
+ expect(@client_data).to eq(['ready'])
261
+ expect(@server_data).to eq(['ready', 'verify', 'close'])
262
+
263
+ expect(@server.cert_from_server).to eq(@cert_from_file)
264
+ end
265
+ end
266
+ end
267
+
metadata ADDED
@@ -0,0 +1,121 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: mt-ruby-tls
3
+ version: !ruby/object:Gem::Version
4
+ version: 2.4.0
5
+ platform: ruby
6
+ authors:
7
+ - Giallombardo Nathan
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2022-03-22 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: ffi-compiler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '1.0'
20
+ - - "<"
21
+ - !ruby/object:Gem::Version
22
+ version: '2.0'
23
+ type: :runtime
24
+ prerelease: false
25
+ version_requirements: !ruby/object:Gem::Requirement
26
+ requirements:
27
+ - - ">="
28
+ - !ruby/object:Gem::Version
29
+ version: '1.0'
30
+ - - "<"
31
+ - !ruby/object:Gem::Version
32
+ version: '2.0'
33
+ - !ruby/object:Gem::Dependency
34
+ name: concurrent-ruby
35
+ requirement: !ruby/object:Gem::Requirement
36
+ requirements:
37
+ - - "~>"
38
+ - !ruby/object:Gem::Version
39
+ version: '1.0'
40
+ type: :runtime
41
+ prerelease: false
42
+ version_requirements: !ruby/object:Gem::Requirement
43
+ requirements:
44
+ - - "~>"
45
+ - !ruby/object:Gem::Version
46
+ version: '1.0'
47
+ - !ruby/object:Gem::Dependency
48
+ name: rspec
49
+ requirement: !ruby/object:Gem::Requirement
50
+ requirements:
51
+ - - "~>"
52
+ - !ruby/object:Gem::Version
53
+ version: '3.5'
54
+ type: :development
55
+ prerelease: false
56
+ version_requirements: !ruby/object:Gem::Requirement
57
+ requirements:
58
+ - - "~>"
59
+ - !ruby/object:Gem::Version
60
+ version: '3.5'
61
+ - !ruby/object:Gem::Dependency
62
+ name: yard
63
+ requirement: !ruby/object:Gem::Requirement
64
+ requirements:
65
+ - - "~>"
66
+ - !ruby/object:Gem::Version
67
+ version: '0.9'
68
+ type: :development
69
+ prerelease: false
70
+ version_requirements: !ruby/object:Gem::Requirement
71
+ requirements:
72
+ - - "~>"
73
+ - !ruby/object:Gem::Version
74
+ version: '0.9'
75
+ description: " Allows transport layers outside Ruby TCP to be secured.\n"
76
+ email:
77
+ - nathan.giallombardo@mapotempo.com
78
+ executables: []
79
+ extensions: []
80
+ extra_rdoc_files:
81
+ - README.md
82
+ files:
83
+ - README.md
84
+ - lib/mt-ruby-tls.rb
85
+ - lib/mt-ruby-tls/ssl.rb
86
+ - lib/mt-ruby-tls/version.rb
87
+ - mt-ruby-tls.gemspec
88
+ - spec/alpn_spec.rb
89
+ - spec/client.crt
90
+ - spec/client.key
91
+ - spec/comms_spec.rb
92
+ - spec/verify_spec.rb
93
+ homepage: https://github.com/Mapotempo/mt-ruby-tls
94
+ licenses:
95
+ - MIT
96
+ metadata: {}
97
+ post_install_message:
98
+ rdoc_options: []
99
+ require_paths:
100
+ - lib
101
+ required_ruby_version: !ruby/object:Gem::Requirement
102
+ requirements:
103
+ - - ">="
104
+ - !ruby/object:Gem::Version
105
+ version: '0'
106
+ required_rubygems_version: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - ">="
109
+ - !ruby/object:Gem::Version
110
+ version: '0'
111
+ requirements: []
112
+ rubygems_version: 3.1.6
113
+ signing_key:
114
+ specification_version: 4
115
+ summary: Abstract TLS for Ruby
116
+ test_files:
117
+ - spec/alpn_spec.rb
118
+ - spec/client.crt
119
+ - spec/client.key
120
+ - spec/comms_spec.rb
121
+ - spec/verify_spec.rb