mt-ruby-tls 2.4.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +7 -0
  2. data/README.md +102 -0
  3. data/lib/mt-ruby-tls/ssl.rb +864 -0
  4. data/lib/mt-ruby-tls/version.rb +5 -0
  5. data/lib/mt-ruby-tls.rb +6 -0
  6. data/mt-ruby-tls.gemspec +31 -0
  7. data/spec/alpn_spec.rb +415 -0
  8. data/spec/client.crt +31 -0
  9. data/spec/client.key +51 -0
  10. data/spec/comms_spec.rb +120 -0
  11. data/spec/verify_spec.rb +267 -0
  12. metadata +121 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 7e9001628b707d2570991328ffbf315669bdb05a83329575acf49679cb226843
4
+ data.tar.gz: faea4a2a16c6af705a856bbe813227713a32dc3526615dcb50e4dd62340cf077
5
+ SHA512:
6
+ metadata.gz: a2d50a058a66d8ae7139e8ad667e5bf6509a2f07c6c34cbe198ae5fc90526a3409fcac3a10372c537f4148ded93ae40bee01fb06a14ff9bda6c78c16c37252e8
7
+ data.tar.gz: 729d4621152c1d30296d283dbf85cc7e3eca101cb946c9184c2e0f5d94075591ca58e5c722df484d04e185c58a6c0cccc046cb5f4a9f12ba10d53122d741a8af
data/README.md ADDED
@@ -0,0 +1,102 @@
1
+ # mt-ruby-tls
2
+
3
+ mt-ruby-tls decouples the management of encrypted communications, putting you in charge of the transport layer. It can be used as an alternative to Ruby's SSLSocket.
4
+
5
+ [![Build Status](https://travis-ci.org/cotag/mt-ruby-tls.svg?branch=master)](https://travis-ci.org/cotag/mt-ruby-tls)
6
+
7
+
8
+ ## Install the gem
9
+
10
+ Install it with [RubyGems](https://rubygems.org/)
11
+
12
+ gem install mt-ruby-tls
13
+
14
+ or add this to your Gemfile if you use [Bundler](http://gembundler.com/):
15
+
16
+ gem "mt-ruby-tls"
17
+
18
+
19
+ Windows users will require an installation of OpenSSL (32bit or 64bit matching the Ruby installation)
20
+
21
+
22
+ ## Usage
23
+
24
+ ```ruby
25
+ require 'rubygems'
26
+ require 'mt-ruby-tls'
27
+
28
+ class transport
29
+ def initialize
30
+ is_server = true
31
+ callback_obj = self
32
+ options = {
33
+ verify_peer: true,
34
+ private_key: '/file/path.pem',
35
+ cert_chain: '/file/path.crt',
36
+ ciphers: 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!CAMELLIA:@STRENGTH' # (default)
37
+ # protocols: ["h2", "http/1.1"], # Can be used where OpenSSL >= 1.0.2 (Application Level Protocol negotiation)
38
+ # fallback: "http/1.1", # Optional fallback to a default protocol when either client or server doesn't support ALPN
39
+ # client_ca: '/file/path.pem'
40
+ }
41
+ @ssl_layer = MTRubyTls::SSL::Box.new(is_server, callback_obj, options)
42
+ end
43
+
44
+ def close_cb
45
+ puts "The transport layer should be shutdown"
46
+ end
47
+
48
+ def dispatch_cb(data)
49
+ puts "Clear text data that has been decrypted"
50
+ end
51
+
52
+ def transmit_cb(data)
53
+ puts "Encrypted data for transmission to remote"
54
+ # @tcp.send data
55
+ end
56
+
57
+ def handshake_cb(protocol)
58
+ puts "initial handshake has completed"
59
+ end
60
+
61
+ def verify_cb(cert)
62
+ # Return true or false
63
+ is_cert_valid? cert
64
+ end
65
+
66
+ def start_tls
67
+ # Start SSL negotiation when you are ready
68
+ @ssl_layer.start
69
+ end
70
+
71
+ def send(data)
72
+ @ssl_layer.encrypt(data)
73
+ end
74
+ end
75
+
76
+ #
77
+ # Create a new TLS connection
78
+ #
79
+ connection = transport.new
80
+
81
+ #
82
+ # Init the handshake
83
+ #
84
+ connection.start_tls
85
+
86
+ #
87
+ # Start sending data to the remote, this will trigger the
88
+ # transmit_cb with encrypted data to send.
89
+ #
90
+ connection.send('client request')
91
+
92
+ #
93
+ # Similarly when data is received from the remote it should be
94
+ # passed to connection.decrypt where the dispatch_cb will be
95
+ # called with clear text
96
+ #
97
+ ```
98
+
99
+
100
+ ## License and copyright
101
+
102
+ MIT