pkcs7-cryptographer 1.0.1 → 1.1.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a02040b2706a005f695860704e338946e5cb68c6dcbf92fc7a2bb9c17b9425b2
4
- data.tar.gz: 52a840fb9394002e9400e31a0d4960b0fefcfcab4466ce2535c3afcd2915932a
3
+ metadata.gz: d8e03b7542f2787153a2243935c5a0c748abae6fec0e066ce08ee158f21cf75f
4
+ data.tar.gz: 25baf89c080fb55f909e3d92d22e1ec05810e2ed91d00d47e83e0f6460c75f32
5
5
  SHA512:
6
- metadata.gz: 83d51e4785b3eff57409208a09956c29826e2dde08c75a7b87e340f70b129f2f80614b4c5792e159618354ae97059eff2febd58a01ce08c460758fba0feb9e52
7
- data.tar.gz: 139e5b0e31cdfeed9c67468f92a21dc2f9f36bc3f207fe941df54194e199f43b2681e79072b5e1ea67f33696dd5422c4bf34595377845ea579cccb22487f85fe
6
+ metadata.gz: 527dc589baa95742d7b81d825373efac10f136791f5d97e4970565a3e01e5e5f2c004731d13b59150174858865c295b93ffb8e8210c9ebb714eb0d9840254935
7
+ data.tar.gz: 4e5595dca5adeb1daa3b58a00aeaeb463011c6e86e2a2036a1ba4afeba1268d141d8cf04212be08abdd287636aa6838a1bde49ad0ddd17ea6e647a1718b30895
data/Gemfile.lock CHANGED
@@ -1,15 +1,26 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- pkcs7-cryptographer (1.0.1)
4
+ pkcs7-cryptographer (1.1.1)
5
+ activesupport (>= 6.1.4.1)
5
6
 
6
7
  GEM
7
8
  remote: https://rubygems.org/
8
9
  specs:
10
+ activesupport (6.1.4.1)
11
+ concurrent-ruby (~> 1.0, >= 1.0.2)
12
+ i18n (>= 1.6, < 2)
13
+ minitest (>= 5.1)
14
+ tzinfo (~> 2.0)
15
+ zeitwerk (~> 2.3)
9
16
  ast (2.4.2)
10
17
  coderay (1.1.3)
18
+ concurrent-ruby (1.1.9)
11
19
  diff-lcs (1.4.4)
20
+ i18n (1.8.10)
21
+ concurrent-ruby (~> 1.0)
12
22
  method_source (1.0.0)
23
+ minitest (5.14.4)
13
24
  parallel (1.20.1)
14
25
  parser (3.0.0.0)
15
26
  ast (~> 2.4.1)
@@ -50,7 +61,11 @@ GEM
50
61
  rubocop (~> 1.0)
51
62
  rubocop-ast (>= 1.1.0)
52
63
  ruby-progressbar (1.11.0)
64
+ timecop (0.9.4)
65
+ tzinfo (2.0.4)
66
+ concurrent-ruby (~> 1.0)
53
67
  unicode-display_width (2.0.0)
68
+ zeitwerk (2.4.2)
54
69
 
55
70
  PLATFORMS
56
71
  x86_64-darwin-19
@@ -64,6 +79,7 @@ DEPENDENCIES
64
79
  rubocop (= 1.12.0)
65
80
  rubocop-rake (= 0.5.1)
66
81
  rubocop-rspec (= 2.2.0)
82
+ timecop (= 0.9.4)
67
83
 
68
84
  BUNDLED WITH
69
85
  2.2.3
@@ -21,6 +21,10 @@ module PKCS7
21
21
  wrap_in_class_or_return(key, OpenSSL::PKey::RSA)
22
22
  end
23
23
 
24
+ def certificate_signing_request(request)
25
+ wrap_in_class_or_return(request, OpenSSL::X509::Request)
26
+ end
27
+
24
28
  def pkcs7(pkcs7)
25
29
  wrap_in_class_or_return(pkcs7, OpenSSL::PKCS7)
26
30
  end
@@ -2,6 +2,6 @@
2
2
 
3
3
  module PKCS7
4
4
  class Cryptographer
5
- VERSION = "1.0.1"
5
+ VERSION = "1.1.1"
6
6
  end
7
7
  end
@@ -1,6 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require "openssl"
4
+ require "active_support/all"
4
5
  require_relative "cryptographer/version"
5
6
  require_relative "cryptographer/initializers"
6
7
 
@@ -17,6 +18,10 @@ module PKCS7
17
18
  class Cryptographer
18
19
  include PKCS7::Cryptographer::Initializers
19
20
 
21
+ # CONSTANS
22
+ # --------------------------------------------------------------------------
23
+ CYPHER_ALGORITHM = "aes-256-cbc"
24
+
20
25
  # PUBLIC METHODS
21
26
  # --------------------------------------------------------------------------
22
27
 
@@ -76,13 +81,29 @@ module PKCS7
76
81
  signed_data.data
77
82
  end
78
83
 
84
+ def sign_certificate(
85
+ csr:,
86
+ key:,
87
+ certificate:,
88
+ valid_until: Time.current + 10.years
89
+ )
90
+ valid_until.to_time.utc
91
+ check_csr(csr)
92
+
93
+ sign_csr(csr, key, certificate, valid_until)
94
+ end
95
+
79
96
  private
80
97
 
81
- def encrypt(public_certificate, signed_data)
98
+ def encrypt(
99
+ public_certificate,
100
+ signed_data,
101
+ cypher_algorithm = CYPHER_ALGORITHM
102
+ )
82
103
  OpenSSL::PKCS7.encrypt(
83
104
  [public_certificate],
84
105
  signed_data.to_der,
85
- OpenSSL::Cipher.new("aes-256-cbc"),
106
+ OpenSSL::Cipher.new(cypher_algorithm),
86
107
  OpenSSL::PKCS7::BINARY
87
108
  )
88
109
  end
@@ -95,5 +116,41 @@ module PKCS7
95
116
  OpenSSL::PKCS7::NOINTERN | OpenSSL::PKCS7::NOCHAIN
96
117
  )
97
118
  end
119
+
120
+ def check_csr(signing_request)
121
+ csr = OpenSSL::X509::Request.new signing_request
122
+ raise "CSR can not be verified" unless csr.verify(csr.public_key)
123
+ end
124
+
125
+ def sign_csr(request, key, issuer_certificate, valid_until)
126
+ request = certificate_signing_request(request)
127
+ key = rsa_key(key)
128
+ issuer_certificate = x509_certificate(issuer_certificate)
129
+
130
+ csr_cert = build_certificate_from_csr(
131
+ request,
132
+ issuer_certificate,
133
+ valid_until
134
+ )
135
+ csr_cert.sign(key, OpenSSL::Digest.new("SHA1")) # TODO: review this one
136
+ x509_certificate(csr_cert.to_pem)
137
+ end
138
+
139
+ def build_certificate_from_csr(
140
+ signing_request,
141
+ issuer_certificate,
142
+ valid_until
143
+ )
144
+ certificate = OpenSSL::X509::Certificate.new
145
+ certificate.serial = Time.now.to_i
146
+ certificate.version = 2 # TODO: Check what to put here
147
+ certificate.not_before = Time.current
148
+ certificate.not_after = valid_until
149
+ certificate.subject = signing_request.subject
150
+ certificate.public_key = signing_request.public_key
151
+ certificate.issuer = issuer_certificate.subject
152
+
153
+ certificate
154
+ end
98
155
  end
99
156
  end
@@ -13,7 +13,7 @@ Gem::Specification.new do |spec|
13
13
  "Utility to encrypt and decrypt messages using OpenSSL::PKCS7"
14
14
  spec.homepage = "https://github.com/dmuneras/pkcs7-cryptographer"
15
15
  spec.license = "MIT"
16
- spec.required_ruby_version = Gem::Requirement.new(">= 2.4.0")
16
+ spec.required_ruby_version = Gem::Requirement.new(">= 2.5.0")
17
17
 
18
18
  spec.metadata["homepage_uri"] = spec.homepage
19
19
  spec.metadata["source_code_uri"] = "https://github.com/dmuneras/pkcs7-cryptographer"
@@ -27,6 +27,8 @@ Gem::Specification.new do |spec|
27
27
  spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
28
28
  spec.require_paths = ["lib"]
29
29
 
30
+ spec.add_dependency "activesupport", ">= 6.1.4.1"
31
+
30
32
  spec.add_development_dependency "bundler", ">= 2"
31
33
  spec.add_development_dependency "pry"
32
34
  spec.add_development_dependency "rake", "~> 13.0"
@@ -34,4 +36,5 @@ Gem::Specification.new do |spec|
34
36
  spec.add_development_dependency "rubocop", "1.12.0"
35
37
  spec.add_development_dependency "rubocop-rake", "0.5.1"
36
38
  spec.add_development_dependency "rubocop-rspec", "2.2.0"
39
+ spec.add_development_dependency "timecop", "0.9.4"
37
40
  end
metadata CHANGED
@@ -1,15 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pkcs7-cryptographer
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daniel Munera Sanchez
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-04-23 00:00:00.000000000 Z
11
+ date: 2021-09-20 00:00:00.000000000 Z
12
12
  dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: activesupport
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: 6.1.4.1
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: 6.1.4.1
13
27
  - !ruby/object:Gem::Dependency
14
28
  name: bundler
15
29
  requirement: !ruby/object:Gem::Requirement
@@ -108,6 +122,20 @@ dependencies:
108
122
  - - '='
109
123
  - !ruby/object:Gem::Version
110
124
  version: 2.2.0
125
+ - !ruby/object:Gem::Dependency
126
+ name: timecop
127
+ requirement: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - '='
130
+ - !ruby/object:Gem::Version
131
+ version: 0.9.4
132
+ type: :development
133
+ prerelease: false
134
+ version_requirements: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - '='
137
+ - !ruby/object:Gem::Version
138
+ version: 0.9.4
111
139
  description: Utility to encrypt and decrypt messages using OpenSSL::PKCS7
112
140
  email:
113
141
  - dmunera119@gmail.com
@@ -146,7 +174,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
146
174
  requirements:
147
175
  - - ">="
148
176
  - !ruby/object:Gem::Version
149
- version: 2.4.0
177
+ version: 2.5.0
150
178
  required_rubygems_version: !ruby/object:Gem::Requirement
151
179
  requirements:
152
180
  - - ">="