mypki 4.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 29b0e1ca9d86843362a76292865c1d5e0e7c4b39
+  data.tar.gz: f38a3df9e6f9e2ff3ad5eaf999b822bb91bee9ff
+SHA512:
+  metadata.gz: 09ec984e8eeb92bc2210c66f7465d62a1420016a0a6f4cb161b3037eb19be248cf2a34d4776ad1fa9d0561b27ca0c9ca322004f881b0f5c4dd8e53c9403e3eff
+  data.tar.gz: 819fa0717376a6af75f66af6b71838b5065f92f0c7ba72a9270ffb3ff00c5510da991483b80e304831d8723353dd0d8d1bd8dd8822def4c4604878ced4c6b393

data/.gitignore

@@ -0,0 +1,2 @@
+pkg/
+Gemfile.lock

data/Gemfile

@@ -0,0 +1,8 @@
+source 'http://rubygems.org'
+
+# Specify your gem's dependencies in mypki.gemspec
+gemspec
+
+gem 'iruby', group: 'development'
+gem 'erector', group: 'development'
+gem 'ffi-rzmq', group: 'development'

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) [year] [fullname]
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,83 @@
+# MyPKI
+
+PKI-enables Ruby's OpenSSL libraries, which PKI-enables most libraries and gems written in Ruby.
+
+## Installation 
+
+```
+ $ gem install mypki 
+```
+
+## Usage
+
+Simply `require 'mypki'` at the top of your script. If you don't want to PKI-enable everything, see the *Adapters* section.
+
+## Configuration
+
+By default, MyPKI saves PKI information in the `.mypki`. Passwords are never saved to the configuration. If a configuration does not exist, MyPKI will prompt you for your PKI path the first time it is run. Should you need to change things, run the mypki utility:
+
+```
+$ mypki --reconfigure
+```
+
+MyPKI support P12s, PEMs, and key pairs. The P12 loader supports a `password` field in it's section of the ~/.mypki configuration file. I don't recommend keeping your password in the MyPKI config file. 
+
+## Headless configuration 
+
+If you are using MyPKI on a server, then you can specify the location of the MyPKI configuration file by setting the `MYPKI_CONFIG` environment variable.
+
+## The MyPKI Utility
+
+MyPKI ships with a command-line utility that will PKI-enable any other command-line tool written in Ruby. For example, to PKI the `geminabox` uploader:
+
+```
+$ mypki gem inabox my-gem-1.0.0.gem
+```
+
+IF you do this often, you can alias a command like this:
+
+```
+alias gem='mypki gem'
+```
+
+## Adapters
+
+By default, MyPKI PKI-enables all OpenSSL contexts. If you would only like to PKI-enable a particular library, you can use an adapter. For example:
+
+```ruby
+require 'mypki/adapters/httpclient'
+```
+
+The following adapters are available:
+
+* httpclient
+* http_persistent
+* net_http
+* openssl (default)
+
+## How does MyPKI work?
+
+MyPKI modifies `OpenSSL::SSL::SSLContext` to use your PKCS#12 certificate and key. If you're working in a context where you want to be specific about what is PKI-enabled, you can. Here's an example of using my PKI to PKI-enable only `HTTPClient`.
+
+```ruby
+require 'mypki/core'
+require 'httpclient'
+
+class HTTPClient
+  class SSLSocketWrap
+    def create_openssl_socket socket
+      context = MyPKI::Context.new
+      @context.set_context(context)
+      ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, context)
+    end
+  end
+end
+```
+
+## A note about PEMs
+
+If you're trying to configure with PEM and are getting errors, make sure that your client certificates (and **only** your client certificates) are included in your PEM. For example:
+
+```
+$ openssl pkcs12 -in pki.p12 -clcerts -out pki.pem
+```

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+task :default => :spec

data/exe/mypki

@@ -0,0 +1,57 @@
+#! /usr/bin/env ruby
+require 'mypki'
+require 'trollop'
+
+args = []
+
+while arg = ARGV.first
+  if arg == '--'
+    ARGV.shift 
+    break
+  elsif arg.start_with? '-'
+    args << ARGV.shift
+  else
+    break
+  end
+end
+
+options = Trollop::options args do
+  version MyPKI::VERSION
+  banner "MyPKI #{MyPKI::VERSION}: PKI-enables Ruby's OpenSSL libraries, which PKI-enables most libraries and gems written in Ruby.\n\nUSAGE:"
+  opt :ssh, "Also configure ssh to use your PKI"
+  opt :init, "Don't lazy-load, immediately prompting for a password if needed"
+  opt :no_verify, "Don't verify the certificate", depends: [:reconfigure]
+  opt :reconfigure, "Configure MyPKI, deleting any existing configuration"
+end
+
+if options[:reconfigure]
+  MyPKI.init reconfigure: true, no_verify: options[:no_verify]
+end
+
+if options[:init]
+  MyPKI.init
+end
+
+ARGV.shift args.size 
+
+if ARGV.empty?
+  Trollop::die "you must specify a program or option"
+end
+
+executable = ARGV.shift
+    
+path = if File.file?(executable) && File.executable?(executable)
+  executable
+elsif ENV['PATH']
+  path = ENV['PATH'].split(File::PATH_SEPARATOR).find do |p|
+    abs_path = File.join(p, executable)
+    File.file?(abs_path) && File.executable?(abs_path)
+  end
+  path && File.expand_path(executable, path)
+end
+
+if path.nil?
+  raise "Could not find #{executable}"
+else
+  exec "/usr/bin/env ruby -r mypki #{path} #{ARGV.join(' ')}"
+end

data/lib/mypki.rb

@@ -0,0 +1,5 @@
+# there are some jruby configurations that must be
+# made before openssl is loaded
+require 'mypki/jruby' if RUBY_PLATFORM == 'java'
+require 'mypki/core'
+require 'mypki/adapters/openssl'

data/lib/mypki/adapters/http_persistent.rb

@@ -0,0 +1,13 @@
+require 'net/http/persistent'
+
+class Net::HTTP::Persistent
+  alias :old_initialize :initialize
+
+  def initialize *args
+    old_initialize *args
+    context = MyPKI::Context.new
+    self.private_key = context.key
+    self.certificate = context.cert
+    self.verify_mode = context.verify_mode
+  end
+end

data/lib/mypki/adapters/httpclient.rb

@@ -0,0 +1,12 @@
+require 'mypki/core'
+require 'httpclient'
+
+class HTTPClient
+  class SSLSocketWrap
+    def create_openssl_socket socket
+      context = MyPKI::Context.new
+      @context.set_context(context)
+      ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, context)
+    end
+  end
+end

data/lib/mypki/adapters/net_http.rb

@@ -0,0 +1,19 @@
+require 'mypki/core'
+require 'net/https'
+
+class Net::HTTP
+  alias :old_initialize :initialize
+
+  def initialize *args, &block
+    old_initialize *args, &block
+    context = MyPKI::Context.new
+    
+    SSL_ATTRIBUTES.each do |method|
+      if [context,self].all? {|o| o.respond_to? method}
+        if value = context.send(method)
+          send "#{method}=", value
+        end
+      end
+    end
+  end
+end

data/lib/mypki/adapters/openssl.rb

@@ -0,0 +1,8 @@
+require 'openssl'
+require 'mypki/core'
+
+class OpenSSL::SSL::SSLContext
+  def self.new
+    MyPKI::Context.new
+  end
+end

data/lib/mypki/configuration.rb

@@ -0,0 +1,78 @@
+require 'multi_json'
+
+module MyPKI
+  class Configuration < Hash
+    include Prompter
+    attr_reader :options
+  
+    def initialize path, **options
+      @options = options
+      @path = File.expand_path path
+      @loaders = loaders.map{|loader| loader.new options}
+      
+      if File.exist? @path        
+        begin 
+          merge! MultiJson.load(File.read(@path))
+          @loaders.each {|l| l.load self}
+        rescue => ex
+          raise "Bad MyPKI configuration (#{ex.message})"
+        end
+      else      
+        retriable on_retry: proc { warn $! } do
+          clear 
+          create
+        end
+      end
+    end
+    
+    def create
+      pki = file_prompt 'Path to your PKI: '
+      
+      @loaders.each do |loader| 
+        loader.configure self, pki
+        loader.load self unless options[:no_verify]
+      end
+      
+      if Instance.cert.nil? and Instance.key.nil? and not options[:no_verify]
+        fail 'Unknown PKI type - add an extension or try another file'
+      end
+      
+      if File.writable? File.dirname(@path)
+        File.write @path, MultiJson.dump(Hash[keys.zip(values)], :pretty => true)
+      else
+        warn "warning: #{File.dirname(@path)} is not writable! MyPKI will not save a configuration."
+      end
+    end
+    
+    class << self
+      attr_accessor :loaders
+    end
+   
+    def loaders
+      self.class.loaders ||= []
+    end
+    
+    module Loader
+      # options passed to MyPKI.init
+      attr_reader :options
+    
+      def initialize options
+        @options = options
+      end
+    
+      # once a config is established, it is passed to each loader to load
+      # whatever they need
+      def load config
+      end
+      
+      # runs during configuration, before anything has been loaded,
+      # to give loaders a chance to insert anything they need into the config
+      def configure config, path
+      end
+    
+      def self.included klass
+        (Configuration.loaders ||= []) << klass
+      end
+    end
+  end
+end

data/lib/mypki/core.rb

@@ -0,0 +1,76 @@
+require 'set'
+require 'metaid'
+require 'openssl'
+
+require 'mypki/version'
+require 'mypki/prompter'
+require 'mypki/configuration'
+
+require 'mypki/loaders/p12'
+require 'mypki/loaders/pem'
+require 'mypki/loaders/ca'
+require 'mypki/loaders/ssh'
+
+module MyPKI
+  Instance = OpenSSL::SSL::SSLContext.new 
+
+  Instance.instance_eval do 
+    @verify_mode = OpenSSL::SSL::VERIFY_NONE
+    @immutable_attributes = [:verify_mode].to_set
+    
+    meta_eval do
+      (instance_methods - methods).each do |method|
+        if method['=']
+          getter, setter = method[0..-2].to_sym, method
+          alias_method :"original_#{setter}", setter
+          
+          # keep track of set attributes
+          define_method setter do |*args, &block|
+            @immutable_attributes << getter
+            send :"original_#{setter}", *args, &block
+          end
+        end
+      end
+    end
+  end
+  
+  class Context
+    def self.new **options
+      if Instance.key.nil? or Instance.cert.nil?
+        Configuration.new ENV['MYPKI_CONFIG']||'~/.mypki', **options
+      end
+    
+      context = Instance.dup
+      
+      context.instance_eval do
+        # make immutable attributes immutable
+        @immutable_attributes.each do |getter|
+          meta_def("#{getter}=") {|*a,&b| send getter}
+        end
+        
+        # don't allow set_params to bypass setters
+        meta_def :set_params do |params|
+          params.each {|k,v| send "#{k}=", v}
+        end
+      end
+      
+      context
+    end
+  end
+
+  module_function 
+
+  def init reconfigure: false, **options
+    if reconfigure
+      path = File.expand_path(ENV['MYPKI_CONFIG'] || '~/.mypki')
+      File.delete path if File.exist? path
+    end
+    
+    Context.new **options; true
+  end
+
+  def dn
+    init
+    Instance.cert.subject.to_s
+  end
+end

data/lib/mypki/jruby.rb

@@ -0,0 +1,14 @@
+java_import 'javax.crypto.JceSecurity'
+
+# disable SNI since our servers don't support them
+java.lang.System.set_property 'jsse.enableSNIExtension', 'false'
+
+# we must remove cryptographic restrictions to communicate 
+# with our servers
+begin
+    isRestricted = JceSecurity.java_class.declared_field 'isRestricted'
+    isRestricted.accessible = true
+    isRestricted.set_value nil, false
+rescue => ex
+    warn "Could not remove cryptographic restrictions: #{ex.message}"
+end

data/lib/mypki/loaders/ca.rb

@@ -0,0 +1,39 @@
+require 'retriable/core_ext/kernel'
+
+module MyPKI
+  class CA
+    include Prompter
+    include Configuration::Loader
+    
+    DEFAULT_PATH = '/etc/pki/tls/certs/ca-bundle.crt'
+
+    def configure config, path
+      if File.readable? DEFAULT_PATH
+        config['ca'] = DEFAULT_PATH
+      elsif config['ca'].nil?
+        prompt = "Path to CA chains (press enter to skip): "
+        path = file_prompt prompt, required: false
+        
+        if path.nil?
+          config['ca'] = ''
+        else
+          if File.directory? path
+            fail "'#{path}' is a directory"
+          elsif not File.readable? path
+            fail "Cannot read '#{path}'"
+          else
+            config['ca'] = path
+          end
+        end
+      end
+    end
+    
+    def load config
+      unless config['ca'].empty?
+        Instance.cert_store = OpenSSL::X509::Store.new
+        Instance.cert_store.add_file config['ca']
+        Instance.verify_mode = OpenSSL::SSL::VERIFY_PEER
+      end
+    end
+  end
+end

data/lib/mypki/loaders/p12.rb

@@ -0,0 +1,31 @@
+require 'retriable/core_ext/kernel'
+
+module MyPKI
+  class P12
+    include Prompter
+    include Configuration::Loader
+  
+    def configure config, path
+      if path.end_with? '.p12' or path.end_with? '.pfx'
+        config['p12'] = { 'path' => path }
+      end
+    end
+  
+    def load config
+      if config['p12']
+        p12 = File.read config['p12']['path']
+        
+        begin 
+          retriable do
+            password = config['p12']['password']
+            password ||= pass_prompt 'Enter P12 pass phrase:'
+            pki = OpenSSL::PKCS12.new(p12, password)
+            Instance.key, Instance.cert = pki.key, pki.certificate
+          end
+        rescue OpenSSL::PKCS12::PKCS12Error
+          fail "Error: bad password"
+        end
+      end
+    end
+  end
+end

data/lib/mypki/loaders/pem.rb

@@ -0,0 +1,61 @@
+require 'retriable/core_ext/kernel'
+
+module MyPKI
+  class PEM
+    include Prompter
+    include Configuration::Loader
+    
+    def configure config, path
+      if %w[pem id_rsa key crt cert].any? {|ext| path.end_with? ext}
+        contents = File.read path
+        config['pem'] = {}
+        has_cert = false
+        
+        if contents['PRIVATE KEY']
+          config['pem']['path'] = path
+        end
+
+        if contents['BEGIN CERTIFICATE']
+          has_cert = true
+        end
+
+        if config['pem']['path']
+          unless has_cert
+            config['pem']['cert'] = file_prompt('Path to your certificate: ')
+          end
+        elsif has_cert
+          config['pem']['cert'] = path
+          config['pem']['path'] = file_prompt('Path to your private key: ')
+        end
+      end
+    end
+    
+    def load config 
+      if config['pem']
+        pem = File.read config['pem']['path']
+        cert = (config['pem']['cert'])? File.read(config['pem']['cert']) : pem
+        
+        begin 
+          Instance.cert = OpenSSL::X509::Certificate.new cert
+        rescue OpenSSL::X509::CertificateError
+          config['pem'] = {}
+          Instance.key = Instance.cert = nil
+          fail "No certificate found! Regenerate with --nocerts or provide a .key and .crt file separately."
+        end
+        
+        begin 
+          retriable do 
+            if pem['ENCRYPTED']
+              password = pass_prompt('PEM Passphrase:')
+              Instance.key = OpenSSL::PKey::RSA.new pem, password
+            else
+              Instance.key = OpenSSL::PKey::RSA.new pem
+            end
+          end
+        rescue OpenSSL::PKey::RSAError
+          fail "Error: bad password"
+        end
+      end
+    end
+  end
+end

data/lib/mypki/loaders/ssh.rb

@@ -0,0 +1,52 @@
+require 'fileutils'
+require 'shellwords'
+
+module MyPKI
+  class SSH
+    include Prompter
+    include Configuration::Loader
+  
+    def initialize options
+      super options
+      
+      if options[:ssh]
+        Prompter.send :alias_method, :original, :pass_prompt
+        Prompter.send(:define_method, :pass_prompt) do |*a| 
+          options[:password] = original *a
+        end
+      end
+    end
+    
+    def load config
+      if options[:ssh] and Instance.cert and Instance.key
+        ssh_path = File.expand_path '~/.ssh/'
+        FileUtils.mkdir ssh_path unless File.exist? ssh_path
+        FileUtils.chmod 0700, ssh_path
+        
+        key_path = File.expand_path '~/.ssh/id_rsa'
+        pub_path = File.expand_path '~/.ssh/id_rsa.pub'
+        authorized_keys = File.expand_path '~/.ssh/authorized_keys'
+        
+        if password = options.delete(:password)
+          pass = Shellwords.escape password
+          result = `echo "#{Instance.key.to_pem}" | \
+          openssl pkcs8 -topk8 -out #{key_path} -v2 des3 -passout pass:#{pass} 2>&1`
+        else
+          result = `echo "#{Instance.key.to_pem}" | \
+          openssl pkcs8 -topk8 -out #{key_path} -v2 des3 -nocrypt 2>&1`
+        end
+        
+        fail result unless result.empty?
+        FileUtils.chmod 0600, key_path
+        
+        if password
+          `ssh-keygen -f #{key_path} -y -P #{pass} > #{pub_path}`
+        else
+          `ssh-keygen -f #{key_path} -y > #{pub_path}`
+        end
+        
+        FileUtils.cp pub_path, authorized_keys 
+      end
+    end
+  end
+end

data/lib/mypki/prompter.rb

@@ -0,0 +1,43 @@
+require 'retriable/core_ext/kernel'
+
+module MyPKI
+  module Prompter
+    def prompter 
+      if defined? IRuby and defined? IRuby::VERSION
+        require 'mypki/prompters/iruby'
+        @prompter = IRubyPrompter.new
+      elsif RUBY_PLATFORM == 'java'
+        require 'mypki/prompters/jruby'
+        @prompter = JRubyPrompter.new
+      else
+        require 'mypki/prompters/cli'
+        @prompter = CommandLinePrompter.new
+      end
+    end
+    
+    def file_prompt prompt, required: true
+      file = prompter.file_prompt(prompt)
+
+      if file.nil? or file.empty?
+        required ? fail('cancelled') : nil
+      else
+        expanded = File.expand_path file.strip
+                
+        if File.directory? expanded
+          fail "'#{expanded}' is a directory"
+        end
+        
+        unless File.readable? expanded
+          fail "Cannot read '#{expanded}'"
+        end
+        
+        expanded
+      end
+    end    
+    
+    def pass_prompt prompt
+      pass = prompter.pass_prompt(prompt)
+      pass.strip if pass
+    end
+  end
+end

data/lib/mypki/prompters/cli.rb

@@ -0,0 +1,23 @@
+module MyPKI
+  module Prompter
+    class CommandLinePrompter
+      def file_prompt prompt
+        require 'readline'
+        Readline.completion_append_character = ''
+        
+        Readline.completion_proc = proc do |key|
+          path = File.expand_path key
+          path += '/' if key.end_with? '/'
+          Dir["#{path}*"]
+        end
+        
+        Readline.readline(prompt, true)
+      end
+    
+      def pass_prompt prompt
+        require 'highline/import'
+        ask("#{prompt} ") {|q| q.echo = false}
+      end
+    end
+  end
+end

data/lib/mypki/prompters/iruby.rb

@@ -0,0 +1,69 @@
+require 'shellwords'
+
+module MyPKI
+  module Prompter
+    class IRubyPrompter
+      def file_prompt prompt
+
+        if prompt['PKI']
+          title = 'Configure MyPKI'
+          prompt = 'Your script requires access to a PKI-enabled resource. Please select the PKI certificate you would like to use to access that resource.'
+          label = :certificate
+
+        elsif prompt['certificate']
+          title = 'Missing Certificate'
+          prompt = "You're missing a certificate. If you have a certificate to go with your key, upload it below. Press Cancel to start over."
+          label = :certificate
+
+         elsif prompt['private key']
+          title = 'Missing Private Key'
+          prompt = "You're missing a private key. If you have a private key to go with your certificate, upload it below. Press Cancel to start over."
+          label = :private_key
+
+        elsif prompt['CA']
+          title = 'Add Trust Chains (Optional)'
+          prompt = 'Please select the trust chain you would like to use to authenticate servers. Hit cancel if you do not want to verify servers.'
+          label = :chains
+          
+        else
+          abort "IRuby integration is missing a corresponding graphical prompt for '#{prompt}'"
+        end
+
+        iruby_file_prompt title, prompt, label
+      end
+      
+      def pass_prompt prompt
+        response = IRuby.popup 'PKI Password' do 
+          password
+          cancel
+          button
+        end
+        response[:password] if response
+      end
+
+      private 
+
+      def iruby_file_prompt title, prompt, label
+        response = IRuby.popup title do 
+          text prompt
+          html { br; br }
+          file label
+          cancel
+          button
+        end
+        
+        if response && response[label]
+          filename = File.join(Dir.home, ".#{response[label][:name]}")
+          File.write(filename, response[label][:data])
+          
+          if RUBY_PLATFORM['cygwin']
+            win_path = `cygpath -d #{Shellwords.escape(filename)}`.strip
+            `ATTRIB +H  #{win_path.gsub("\\", "\\\\")}`
+          end
+          
+          filename
+        end
+      end
+    end
+  end
+end

data/lib/mypki/prompters/jruby.rb

@@ -0,0 +1,13 @@
+require 'mypki/prompters/readline'
+require 'mypki/jruby/jline-2.12.1.jar'
+java_import 'jline.console.ConsoleReader'
+
+module MyPKI
+  module Prompter
+    class JRubyPrompter < ReadlinePrompter
+      def pass_prompt prompt
+        ConsoleReader.new.read_line prompt, ' '.ord
+      end
+    end
+  end
+end

data/lib/mypki/version.rb

@@ -0,0 +1,3 @@
+module MyPKI
+  VERSION = "4.0.0"
+end

data/mypki.gemspec

@@ -0,0 +1,30 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'mypki/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "mypki"
+  spec.version       = MyPKI::VERSION
+  spec.authors       = ["Kyle King"]
+  spec.email         = ["kylejking@gmail.com"]
+
+  spec.summary       = %q{PKI-enable Ruby}
+  spec.description   = %q{PKI-enables Ruby's OpenSSL libraries, which PKI-enables most libraries and gems written in Ruby.}
+  spec.homepage      = "https://github.com/jupyter-gallery/mypki"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency 'multi_json'
+  spec.add_dependency 'trollop'
+  spec.add_dependency 'metaid'
+  spec.add_dependency 'highline'
+  spec.add_dependency 'retriable'
+
+  spec.add_development_dependency "pry"
+  spec.add_development_dependency "bundler"
+  spec.add_development_dependency "rake"
+end

metadata

@@ -0,0 +1,181 @@
+--- !ruby/object:Gem::Specification
+name: mypki
+version: !ruby/object:Gem::Version
+  version: 4.0.0
+platform: ruby
+authors:
+- Kyle King
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2016-05-06 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: multi_json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: trollop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: metaid
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: highline
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: retriable
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: PKI-enables Ruby's OpenSSL libraries, which PKI-enables most libraries
+  and gems written in Ruby.
+email:
+- kylejking@gmail.com
+executables:
+- mypki
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- exe/mypki
+- lib/mypki.rb
+- lib/mypki/adapters/http_persistent.rb
+- lib/mypki/adapters/httpclient.rb
+- lib/mypki/adapters/net_http.rb
+- lib/mypki/adapters/openssl.rb
+- lib/mypki/configuration.rb
+- lib/mypki/core.rb
+- lib/mypki/jruby.rb
+- lib/mypki/loaders/ca.rb
+- lib/mypki/loaders/p12.rb
+- lib/mypki/loaders/pem.rb
+- lib/mypki/loaders/ssh.rb
+- lib/mypki/prompter.rb
+- lib/mypki/prompters/cli.rb
+- lib/mypki/prompters/iruby.rb
+- lib/mypki/prompters/jruby.rb
+- lib/mypki/version.rb
+- mypki.gemspec
+homepage: https://github.com/jupyter-gallery/mypki
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5.1
+signing_key: 
+specification_version: 4
+summary: PKI-enable Ruby
+test_files: []