r509-middleware-certwriter 0.1

data/spec/fixtures/san.pem

@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEVTCCAz2gAwIBAgIQK5l6hFau2oVFyjrq4Y3tYjANBgkqhkiG9w0BAQUFADBI
+MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
+FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTExMDIxNzAxMDkxM1oXDTExMDIx
+ODAyMzYyNVowXDESMBAGA1UEAxMJbGFuZ3VpLnNoMRAwDgYDVQQHEwdDaGljYWdv
+MREwDwYDVQQIEwhJbGxpbm9pczELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1BhdWwg
+S2VocmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/vt5cvm4ObA
+AUoKXqjT9hWbN7c//piYtypGCvUWPqXElIWSpftMfmyIyujXGVx1TtpjSTX1VORB
+J1N4ZmGsEnyS5Z4jw6kFtKBEA6avIezYfAwUU+GKL5xvJ2iuwPgVzrDwADD1lSio
+worMdqeZMfClVBbeLPE1ZZQrj1YV4ywpfEUVNNkmYLxetT8WyGFmFopiQWv21v0u
+BWfWa1c8wQMrLNSzDot76+CgqC/j9AFcfv75M77WktDlz8zFm142UUe0Clx3DzlO
+k+OepGYLUhRZaGhiP56qW2kgQpeQ+Otiu7NrJP1oa6lP1inzr25aStWtt9+0uJAJ
+LvHisvPV7QIDAQABo4IBJTCCASEwCQYDVR0TBAIwADAdBgNVHQ4EFgQUOnG63iFQ
+miWaAnvO7ve38SmF2FEwHwYDVR0jBBgwFoAUQjK2FvoE/f5dS3rD/fdMQB1aQ68w
+CwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMDQGA1UdHwQtMCswKaAn
+oCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NUQ0EuY3JsMEQGA1UdIAQ9
+MDswOQYMYIZIAYb9ZAEBAgMBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly9zc2wudHJ1
+c3R3YXZlLmNvbS9DQTA2BgNVHREELzAtgglsYW5ndWkuc2iCC3ZpY3RvbHkuY29t
+ghNteXRlYW1nb3Ryb2JiZWQuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQB8t6JEw494
+wMHyPN8K65PmImqdI4qL5W4T141vG+SnynSsyF2gdnwfWC8esoVOBK8LxSxq5dqL
+7DRWwJww5YELWhVGz9BMGqpsUQ8ea1EX2YRkguqhIs9Ox/D0zcE5T0t4CXAoqJoW
+h1A3UBknOgHNtxbBcQUINITj+IIQ99yZdf/X5QnuyRxk+FheUtuR/PGSHi5s0GOh
+aEysvcklQTZXaQ+yeq5mH9LrKlBaEgo2BWnzWuWbudNJ3Pn16MHE4hGesiO/ifu4
+D4ZcDusOOKJISgellMBwEX9njm771lzcVrXrg8IxBwHAmbA5SlTd12DOhrViPuEC
+DhMwdOfwCNq/
+-----END CERTIFICATE-----

data/spec/fixtures/utf.pem

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDcTCCAlmgAwIBAgIVAOwRcCniDRHmYonGNci2hn7WEUjbMA0GCSqGSIb3DQEB
+BQUAMFgxCzAJBgNVBAYTAlVTMREwDwYDVQQIDAhJbGxpbm9pczEQMA4GA1UEBwwH
+Q2hpY2FnbzERMA8GA1UECgwIcjUwOSBMTEMxETAPBgNVBAMMCMO8dGYuY29tMB4X
+DTEyMDczMTA5NTk0OFoXDTEyMDgwNTE1NTk0OFowWDELMAkGA1UEBhMCVVMxETAP
+BgNVBAgMCElsbGlub2lzMRAwDgYDVQQHDAdDaGljYWdvMREwDwYDVQQKDAhyNTA5
+IExMQzERMA8GA1UEAwwIw7x0Zi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQCcM1YlpONMNoK+VZRe/fygehtQoNhc/NEvpD4g9z61jY9JrRAiS/sj
+FqVYUyJIoQ8x2tpiJMqzTfdTXVbXdVi6iuDYGg6oiski3N8wa8Ya2FWEWS0nCdiM
+AYCX5imyHY9qJqRCGo8mzFjdPQ1YL5qEIN8a7to82F81P9D+AWaPeXgvR/AuWNXo
+ZTTWDxf2hHhBI00lMkQYk/JP//jq4vhArnvhP/NjQRMPv+Oc7/oKG0dPGp8IMVt0
+B+Gus/Lte6GFqSt3A4j3JslUR7s5tZMvNoYCHTp70n3So28U7zSFjqtLZ0qYdMnw
++ysrVeemz4iUBjLFDuUoUFETLJCZxN4HAgMBAAGjMjAwMA8GA1UdEwEB/wQFMAMB
+Af8wHQYDVR0OBBYEFIZITcrz5duBFkyK1USyvJn6dBh2MA0GCSqGSIb3DQEBBQUA
+A4IBAQCFzmlRVaLjzo3CzETtNcg3rqItIugXX1xtVBYdmXE+OZu54zEUCKRphave
+4j/fjx7UVRlZJfkpxw77bXcOt+pgAuKogVv8b0jNVLI/IJSqpdLYRmNBmO/z5Tsn
+bJ2anRLxYABxx3QiyxbteJ5kNyqkOXdC92YT0ajYcsI1PYr5bC+yc4oju3dkVHox
+6nbghWIZxbLq08DO3FwbTZk7OOERFYakntaEV7A9HI75pct9fR03lej86wthLCva
+bf4jZw6fbLZTMK8AIGm0dSlkNWzN7XB6xDyxxYoCauZc+TBoZg4hXAzwfgZcX3Rr
+MHJh+Ni/iMiCFSZPcZqauprdCldD
+-----END CERTIFICATE-----

data/spec/fixtures/wildcard.pem

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDpzCCAo+gAwIBAgIFMUeGsoAwDQYJKoZIhvcNAQEFBQAwSDELMAkGA1UEBhMC
+VVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENvcnBvcmF0aW9uMRcwFQYDVQQDEw5T
+ZWN1cmVUcnVzdCBDQTAeFw0wOTA1MjkyMDM0NTdaFw0xMDA1MjkyMDM0NTdaMHcx
+CzAJBgNVBAYTAlVTMREwDwYDVQQIEwhJbGxpbm9pczEQMA4GA1UEBxMHQ2hpY2Fn
+bzEtMCsGA1UEChMkVHJ1c3R3YXZlIChUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4p
+MRQwEgYDVQQDFAsqLnhyYW1wLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
+gYEA16PhTcHPpJcvXj0sO+hYt4z2zKn5XRj0jrDpwzahxUWn0UWfsYxJHtOpSm/p
+O8zM3aCv5YI+0DwVWhzkKzh15nL5XtiyhXz2CSg4IskVqYlHJwLN1TasYpiQ3chj
+0v33GGXg0JjCdX5XM8fl2K/MCHpl6HTNmxHVpr4sghyUBFUCAwEAAaOB7DCB6TAJ
+BgNVHRMEAjAAMB0GA1UdDgQWBBSGo0yuScr4ea0rLYwuTnN/mmD5aDAfBgNVHSME
+GDAWgBRCMrYW+gT9/l1LesP990xAHVpDrzALBgNVHQ8EBAMCBaAwEwYDVR0lBAww
+CgYIKwYBBQUHAwEwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2NybC5zZWN1cmV0
+cnVzdC5jb20vU1RDQS5jcmwwRAYDVR0gBD0wOzA5BgxghkgBhv1kAQECAwEwKTAn
+BggrBgEFBQcCARYbaHR0cDovL3NzbC50cnVzdHdhdmUuY29tL0NBMA0GCSqGSIb3
+DQEBBQUAA4IBAQBxuF3OJYj4e/4flpn2xRB5HTZtdTJGa0xdhs4cuZfDaH1J26kS
+D/DEJSjQijxMmRCkBFzjqet095Nxo/Gk4Ak+A6I49vWfg4EYEGfCHq95D40EoLUl
++P4n4SqGUWuHCdVue8V61qGhMv4t4aqaodO212oykfkwguX1t1QAqBisBd3trUJC
+nqeHRdhPQfwSXbEgwPCnvS6QAngwg1BRCK5NJ2V2ybhaSHZLSzTV+n2sh03j2OAw
+DX1jPcls0lN9TytLZJUkZJjgr/v2yYUlwEGC6ZMHE16ycVAbTxW94LBYKlsCpR3Q
+kArWrEDOOBl5g0Va/FZliL046AN3EM2lYfWa
+-----END CERTIFICATE-----

data/spec/middleware_spec.rb

@@ -0,0 +1,188 @@
+# coding: utf-8
+require "#{File.dirname(__FILE__)}/spec_helper"
+require "sinatra"
+require "logger"
+require "fileutils"
+
+class TestServer < Sinatra::Base
+    configure do
+        set :config_pool, nil
+    end
+
+    error StandardError do
+        env["sinatra.error"].message
+    end
+
+    get "/some/path/?" do
+        "return value"
+    end
+
+    post "/1/certificate/issue/?" do
+        if params["successful"]
+            if params["cert"]
+                params["cert"]
+            else
+                TestFixtures::CERT
+            end
+        elsif params["invalid_body"]
+            "invalid cert body"
+        else
+            raise StandardError.new("Error")
+        end
+    end
+
+    post "/1/certificate/revoke/?" do
+        if params["successful"]
+            "CRL"
+        else
+            raise StandardError.new("Error")
+        end
+    end
+
+    post "/1/certificate/unrevoke/?" do
+        if params["successful"]
+            "CRL"
+        else
+            raise StandardError.new("Error")
+        end
+    end
+end
+
+describe R509::Middleware::Certwriter do
+    before :all do
+        @temp_write_directory = File.join("spec", "temp_write_directory")
+        FileUtils.makedirs(@temp_write_directory)
+    end
+    before :each do
+        @logger = double("logger")
+        @config = double("config")
+        @ca_cert = double("ca_cert")
+        @config_pool = double("config_pool")
+        Dependo::Registry[:log] = @logger
+    end
+    after :each do
+        Dir.entries(@temp_write_directory).select{|x| not x.start_with?(".")}.each do |entry|
+            File.delete(File.join(@temp_write_directory, entry))
+        end
+    end
+    after :all do
+        Dir.delete(@temp_write_directory)
+    end
+    
+    def app
+        test_server = TestServer
+        test_server.send(:set, :config_pool, @config_pool)
+
+        @app ||= R509::Middleware::Certwriter.new(test_server, @config)
+    end
+
+    context "some path" do
+        it "returns some return value" do
+            get "/some/path"
+            last_response.body.should == "return value"
+        end
+    end
+
+    context "issuing" do
+        it "intercepts issuance" do
+            filename = "langui.sh_testy_211653423715.pem"
+            @config.should_receive(:[]).with("certwriter").and_return({"path"=>@temp_write_directory})
+            @logger.should_receive(:info).with("Writing: #{File.join(@temp_write_directory, filename)}")
+
+            post "/1/certificate/issue", :successful => true, :ca => "testy"
+            last_response.status.should == 200
+            last_response.body.should == TestFixtures::CERT
+
+            File.read(File.join(@temp_write_directory, filename)).should == TestFixtures::CERT
+        end
+        it "no certwriter" do
+            filename = "langui.sh_testy_211653423715.pem"
+            @config.should_receive(:[]).with("certwriter").and_return(nil)
+            @logger.should_receive(:error).twice
+
+            post "/1/certificate/issue", :successful => true, :ca => "testy"
+            last_response.status.should == 200
+            last_response.body.should == TestFixtures::CERT
+
+            File.exist?(File.join(@temp_write_directory, filename)).should == false
+        end
+        it "no certwriter path" do
+            filename = "langui.sh_testy_211653423715.pem"
+            @config.should_receive(:[]).with("certwriter").and_return({})
+            @logger.should_receive(:error).twice
+
+            post "/1/certificate/issue", :successful => true, :ca => "testy"
+            last_response.status.should == 200
+            last_response.body.should == TestFixtures::CERT
+
+            File.exist?(File.join(@temp_write_directory, filename)).should == false
+        end
+        it "fails issuance" do
+            post "/1/certificate/issue/"
+            last_response.status.should == 500
+        end
+        it "invalid cert body" do
+            @logger.should_receive(:error).twice
+            post "/1/certificate/issue", :invalid_body => true
+            last_response.status.should == 200
+            last_response.body.should == "invalid cert body"
+        end
+        it "wildcard" do
+            filename = "STAR.xramp.com_testy_211653407360.pem"
+            @config.should_receive(:[]).with("certwriter").and_return({"path"=>@temp_write_directory})
+            @logger.should_receive(:info).with("Writing: #{File.join(@temp_write_directory, filename)}")
+
+            post "/1/certificate/issue", :successful => true, :cert => TestFixtures::WILDCARD, :ca => "testy"
+            last_response.status.should == 200
+            last_response.body.should == TestFixtures::WILDCARD
+
+            File.read(File.join(@temp_write_directory, filename)).should == TestFixtures::WILDCARD.chomp
+        end
+        it "san" do
+            filename = "langui.sh_testy_57953710177023404420300898930034339170.pem"
+            @config.should_receive(:[]).with("certwriter").and_return({"path"=>@temp_write_directory})
+            @logger.should_receive(:info).with("Writing: #{File.join(@temp_write_directory, filename)}")
+
+            post "/1/certificate/issue", :successful => true, :cert => TestFixtures::SAN, :ca => "testy"
+            last_response.status.should == 200
+            last_response.body.should == TestFixtures::SAN
+
+            File.read(File.join(@temp_write_directory, filename)).should == TestFixtures::SAN.chomp
+        end
+        it "non-ascii characters" do
+            filename = "tf.com_testy_1347710705410875939179018156461170725106572413147.pem"
+            @config.should_receive(:[]).with("certwriter").and_return({"path"=>@temp_write_directory})
+            @logger.should_receive(:info).with("Writing: #{File.join(@temp_write_directory, filename)}")
+
+            post "/1/certificate/issue", :successful => true, :cert => TestFixtures::UTF, :ca => "testy"
+            last_response.status.should == 200
+            last_response.body.should == TestFixtures::UTF
+
+            File.read(File.join(@temp_write_directory, filename)).should == TestFixtures::UTF.chomp
+        end
+    end
+
+    context "revoking" do
+        it "intercepts revoke" do
+            post "/1/certificate/revoke", :successful => true, :serial => 1234, :ca => "some_ca"
+            last_response.status.should == 200
+            last_response.body.should == "CRL"
+        end
+        it "fails to revoke" do
+            post "/1/certificate/revoke"
+            last_response.status.should == 500
+        end
+    end
+
+    context "unrevoking" do
+        it "intercepts unrevoke" do
+            post "/1/certificate/unrevoke", :successful => true, :serial => 1234, :ca => "some_ca"
+            last_response.status.should == 200
+            last_response.body.should == "CRL"
+        end
+        it "fails to unrevoke" do
+            post "/1/certificate/unrevoke"
+            last_response.status.should == 500
+        end
+    end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,16 @@
+if (RUBY_VERSION.split('.')[1].to_i > 8)
+    require 'simplecov'
+    SimpleCov.start
+end
+
+$:.unshift File.expand_path("../../lib", __FILE__)
+$:.unshift File.expand_path("../", __FILE__)
+require 'rubygems'
+require 'fixtures'
+require 'rspec'
+require 'rack/test'
+require 'r509/middleware/certwriter'
+
+RSpec.configure do |conf|
+  conf.include Rack::Test::Methods
+end

metadata

@@ -0,0 +1,142 @@
+--- !ruby/object:Gem::Specification
+name: r509-middleware-certwriter
+version: !ruby/object:Gem::Version
+  version: '0.1'
+  prerelease: 
+platform: ruby
+authors:
+- Sean Schulte
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-11-08 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: sinatra
+  requirement: &2154591280 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *2154591280
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: &2154590760 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *2154590760
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: &2154590240 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *2154590240
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: &2154589800 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *2154589800
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: &2154589280 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *2154589280
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: &2154604540 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *2154604540
+description: Rack middleware that writes issued certificates to disk
+email: sirsean@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- Rakefile
+- lib/r509/middleware/certwriter/version.rb
+- lib/r509/middleware/certwriter.rb
+- spec/fixtures/cert1.pem
+- spec/fixtures/san.pem
+- spec/fixtures/utf.pem
+- spec/fixtures/wildcard.pem
+- spec/fixtures.rb
+- spec/middleware_spec.rb
+- spec/spec_helper.rb
+- doc/_index.html
+- doc/class_list.html
+- doc/css/common.css
+- doc/css/full_list.css
+- doc/css/style.css
+- doc/file.README.html
+- doc/file_list.html
+- doc/frames.html
+- doc/index.html
+- doc/js/app.js
+- doc/js/full_list.js
+- doc/js/jquery.js
+- doc/method_list.html
+- doc/R509/Middleware/Certwriter.html
+- doc/R509/Middleware.html
+- doc/R509.html
+- doc/top-level-namespace.html
+homepage: http://vikinghammer.com
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: 1.8.6
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -1561366354408036506
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.10
+signing_key: 
+specification_version: 3
+summary: Rack middleware that writes issued certificates to disk
+test_files: []
+has_rdoc: false