mt-ruby-tls 2.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/README.md +102 -0
- data/lib/mt-ruby-tls/ssl.rb +864 -0
- data/lib/mt-ruby-tls/version.rb +5 -0
- data/lib/mt-ruby-tls.rb +6 -0
- data/mt-ruby-tls.gemspec +31 -0
- data/spec/alpn_spec.rb +415 -0
- data/spec/client.crt +31 -0
- data/spec/client.key +51 -0
- data/spec/comms_spec.rb +120 -0
- data/spec/verify_spec.rb +267 -0
- metadata +121 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 7e9001628b707d2570991328ffbf315669bdb05a83329575acf49679cb226843
|
4
|
+
data.tar.gz: faea4a2a16c6af705a856bbe813227713a32dc3526615dcb50e4dd62340cf077
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: a2d50a058a66d8ae7139e8ad667e5bf6509a2f07c6c34cbe198ae5fc90526a3409fcac3a10372c537f4148ded93ae40bee01fb06a14ff9bda6c78c16c37252e8
|
7
|
+
data.tar.gz: 729d4621152c1d30296d283dbf85cc7e3eca101cb946c9184c2e0f5d94075591ca58e5c722df484d04e185c58a6c0cccc046cb5f4a9f12ba10d53122d741a8af
|
data/README.md
ADDED
@@ -0,0 +1,102 @@
|
|
1
|
+
# mt-ruby-tls
|
2
|
+
|
3
|
+
mt-ruby-tls decouples the management of encrypted communications, putting you in charge of the transport layer. It can be used as an alternative to Ruby's SSLSocket.
|
4
|
+
|
5
|
+
[![Build Status](https://travis-ci.org/cotag/mt-ruby-tls.svg?branch=master)](https://travis-ci.org/cotag/mt-ruby-tls)
|
6
|
+
|
7
|
+
|
8
|
+
## Install the gem
|
9
|
+
|
10
|
+
Install it with [RubyGems](https://rubygems.org/)
|
11
|
+
|
12
|
+
gem install mt-ruby-tls
|
13
|
+
|
14
|
+
or add this to your Gemfile if you use [Bundler](http://gembundler.com/):
|
15
|
+
|
16
|
+
gem "mt-ruby-tls"
|
17
|
+
|
18
|
+
|
19
|
+
Windows users will require an installation of OpenSSL (32bit or 64bit matching the Ruby installation)
|
20
|
+
|
21
|
+
|
22
|
+
## Usage
|
23
|
+
|
24
|
+
```ruby
|
25
|
+
require 'rubygems'
|
26
|
+
require 'mt-ruby-tls'
|
27
|
+
|
28
|
+
class transport
|
29
|
+
def initialize
|
30
|
+
is_server = true
|
31
|
+
callback_obj = self
|
32
|
+
options = {
|
33
|
+
verify_peer: true,
|
34
|
+
private_key: '/file/path.pem',
|
35
|
+
cert_chain: '/file/path.crt',
|
36
|
+
ciphers: 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!CAMELLIA:@STRENGTH' # (default)
|
37
|
+
# protocols: ["h2", "http/1.1"], # Can be used where OpenSSL >= 1.0.2 (Application Level Protocol negotiation)
|
38
|
+
# fallback: "http/1.1", # Optional fallback to a default protocol when either client or server doesn't support ALPN
|
39
|
+
# client_ca: '/file/path.pem'
|
40
|
+
}
|
41
|
+
@ssl_layer = MTRubyTls::SSL::Box.new(is_server, callback_obj, options)
|
42
|
+
end
|
43
|
+
|
44
|
+
def close_cb
|
45
|
+
puts "The transport layer should be shutdown"
|
46
|
+
end
|
47
|
+
|
48
|
+
def dispatch_cb(data)
|
49
|
+
puts "Clear text data that has been decrypted"
|
50
|
+
end
|
51
|
+
|
52
|
+
def transmit_cb(data)
|
53
|
+
puts "Encrypted data for transmission to remote"
|
54
|
+
# @tcp.send data
|
55
|
+
end
|
56
|
+
|
57
|
+
def handshake_cb(protocol)
|
58
|
+
puts "initial handshake has completed"
|
59
|
+
end
|
60
|
+
|
61
|
+
def verify_cb(cert)
|
62
|
+
# Return true or false
|
63
|
+
is_cert_valid? cert
|
64
|
+
end
|
65
|
+
|
66
|
+
def start_tls
|
67
|
+
# Start SSL negotiation when you are ready
|
68
|
+
@ssl_layer.start
|
69
|
+
end
|
70
|
+
|
71
|
+
def send(data)
|
72
|
+
@ssl_layer.encrypt(data)
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
#
|
77
|
+
# Create a new TLS connection
|
78
|
+
#
|
79
|
+
connection = transport.new
|
80
|
+
|
81
|
+
#
|
82
|
+
# Init the handshake
|
83
|
+
#
|
84
|
+
connection.start_tls
|
85
|
+
|
86
|
+
#
|
87
|
+
# Start sending data to the remote, this will trigger the
|
88
|
+
# transmit_cb with encrypted data to send.
|
89
|
+
#
|
90
|
+
connection.send('client request')
|
91
|
+
|
92
|
+
#
|
93
|
+
# Similarly when data is received from the remote it should be
|
94
|
+
# passed to connection.decrypt where the dispatch_cb will be
|
95
|
+
# called with clear text
|
96
|
+
#
|
97
|
+
```
|
98
|
+
|
99
|
+
|
100
|
+
## License and copyright
|
101
|
+
|
102
|
+
MIT
|