r509 0.9.2 → 0.10.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +2 -0
- data/CONTRIBUTING.mdown +21 -0
- data/LICENSE +13 -0
- data/README.mdown +548 -0
- data/Rakefile +5 -0
- data/bin/r509 +16 -17
- data/doc/R509.html +42 -26
- data/doc/R509/ASN1.html +22 -16
- data/doc/R509/ASN1/GeneralName.html +180 -173
- data/doc/R509/ASN1/GeneralNames.html +390 -62
- data/doc/R509/CRL.html +9 -7
- data/doc/R509/CRL/Administrator.html +208 -623
- data/doc/R509/CRL/FileReaderWriter.html +856 -0
- data/doc/R509/CRL/ReaderWriter.html +524 -0
- data/doc/R509/CRL/SignedList.html +29 -42
- data/doc/R509/CSR.html +248 -333
- data/doc/R509/Cert.html +364 -491
- data/doc/R509/Cert/Extensions.html +134 -43
- data/doc/R509/Cert/Extensions/AuthorityInfoAccess.html +335 -65
- data/doc/R509/Cert/Extensions/AuthorityKeyIdentifier.html +201 -102
- data/doc/R509/Cert/Extensions/BasicConstraints.html +297 -68
- data/doc/R509/Cert/Extensions/CRLDistributionPoints.html +690 -77
- data/doc/R509/Cert/Extensions/CertificatePolicies.html +293 -43
- data/doc/R509/Cert/Extensions/ExtendedKeyUsage.html +321 -173
- data/doc/R509/Cert/Extensions/GeneralNamesMixin.html +656 -0
- data/doc/R509/Cert/Extensions/InhibitAnyPolicy.html +270 -42
- data/doc/R509/Cert/Extensions/KeyUsage.html +334 -184
- data/doc/R509/Cert/Extensions/NameConstraints.html +363 -93
- data/doc/R509/{ASN1 → Cert/Extensions}/NoticeReference.html +209 -48
- data/doc/R509/Cert/Extensions/OCSPNoCheck.html +244 -17
- data/doc/R509/Cert/Extensions/PolicyConstraints.html +322 -71
- data/doc/R509/{ASN1 → Cert/Extensions}/PolicyInformation.html +204 -43
- data/doc/R509/{ASN1 → Cert/Extensions}/PolicyQualifiers.html +205 -48
- data/doc/R509/Cert/Extensions/SubjectAlternativeName.html +348 -143
- data/doc/R509/Cert/Extensions/SubjectKeyIdentifier.html +165 -13
- data/doc/R509/{ASN1 → Cert/Extensions}/UserNotice.html +204 -43
- data/doc/R509/Cert/Extensions/ValidationMixin.html +120 -0
- data/doc/R509/CertificateAuthority.html +9 -7
- data/doc/R509/CertificateAuthority/OptionsBuilder.html +475 -0
- data/doc/R509/CertificateAuthority/Signer.html +149 -198
- data/doc/R509/Config.html +10 -8
- data/doc/R509/Config/CAConfig.html +708 -625
- data/doc/R509/Config/CAConfigPool.html +179 -31
- data/doc/R509/Config/CertProfile.html +1544 -0
- data/doc/R509/Config/SubjectItemPolicy.html +437 -99
- data/doc/R509/Engine.html +14 -28
- data/doc/R509/Helpers.html +1014 -0
- data/doc/R509/MessageDigest.html +73 -25
- data/doc/R509/NameSanitizer.html +39 -39
- data/doc/R509/OCSP.html +5 -5
- data/doc/R509/OCSP/Request.html +5 -5
- data/doc/R509/OCSP/Request/Nonce.html +5 -5
- data/doc/R509/OCSP/Response.html +7 -7
- data/doc/R509/OIDMapper.html +121 -6
- data/doc/R509/PrivateKey.html +226 -227
- data/doc/R509/R509Error.html +5 -5
- data/doc/R509/SPKI.html +244 -342
- data/doc/R509/Subject.html +241 -70
- data/doc/R509/Validity.html +5 -5
- data/doc/R509/Validity/Checker.html +5 -5
- data/doc/R509/Validity/DefaultChecker.html +5 -9
- data/doc/R509/Validity/DefaultWriter.html +5 -9
- data/doc/R509/Validity/Status.html +5 -5
- data/doc/R509/Validity/Writer.html +5 -5
- data/doc/_index.html +92 -30
- data/doc/class_list.html +2 -2
- data/doc/file.CONTRIBUTING.html +96 -0
- data/doc/file.LICENSE.html +87 -0
- data/doc/file.README.html +279 -389
- data/doc/file.YAML.html +243 -0
- data/doc/file.r509.html +298 -105
- data/doc/file_list.html +11 -2
- data/doc/frames.html +1 -1
- data/doc/index.html +279 -389
- data/doc/js/full_list.js +6 -1
- data/doc/method_list.html +869 -1139
- data/doc/top-level-namespace.html +103 -5
- data/lib/r509.rb +7 -2
- data/lib/r509/asn1.rb +97 -135
- data/lib/r509/cert.rb +17 -106
- data/lib/r509/cert/extensions.rb +13 -676
- data/lib/r509/cert/extensions/authority_info_access.rb +128 -0
- data/lib/r509/cert/extensions/authority_key_identifier.rb +100 -0
- data/lib/r509/cert/extensions/base.rb +142 -0
- data/lib/r509/cert/extensions/basic_constraints.rb +119 -0
- data/lib/r509/cert/extensions/certificate_policies.rb +262 -0
- data/lib/r509/cert/extensions/crl_distribution_points.rb +98 -0
- data/lib/r509/cert/extensions/extended_key_usage.rb +189 -0
- data/lib/r509/cert/extensions/inhibit_any_policy.rb +70 -0
- data/lib/r509/cert/extensions/key_usage.rb +209 -0
- data/lib/r509/cert/extensions/name_constraints.rb +179 -0
- data/lib/r509/cert/extensions/ocsp_no_check.rb +56 -0
- data/lib/r509/cert/extensions/policy_constraints.rb +122 -0
- data/lib/r509/cert/extensions/subject_alternative_name.rb +88 -0
- data/lib/r509/cert/extensions/subject_key_identifier.rb +56 -0
- data/lib/r509/cert/extensions/validation_mixin.rb +42 -0
- data/lib/r509/certificate_authority/options_builder.rb +142 -0
- data/lib/r509/certificate_authority/signer.rb +189 -0
- data/lib/r509/config.rb +3 -600
- data/lib/r509/config/ca_config.rb +414 -0
- data/lib/r509/config/cert_profile.rb +110 -0
- data/lib/r509/config/subject_item_policy.rb +118 -0
- data/lib/r509/crl/administrator.rb +169 -0
- data/lib/r509/crl/reader_writer.rb +109 -0
- data/lib/r509/crl/signed_list.rb +135 -0
- data/lib/r509/csr.rb +35 -116
- data/lib/r509/engine.rb +21 -11
- data/lib/r509/helpers.rb +110 -0
- data/lib/r509/io_helpers.rb +18 -13
- data/lib/r509/message_digest.rb +13 -3
- data/lib/r509/oid_mapper.rb +14 -0
- data/lib/r509/private_key.rb +74 -50
- data/lib/r509/spki.rb +50 -113
- data/lib/r509/subject.rb +24 -2
- data/lib/r509/trollop.rb +788 -0
- data/lib/r509/version.rb +1 -1
- data/r509.yaml +289 -96
- data/spec/asn1_spec.rb +171 -98
- data/spec/cert/extensions/authority_info_access_spec.rb +247 -0
- data/spec/cert/extensions/authority_key_identifier_spec.rb +85 -0
- data/spec/cert/extensions/base_spec.rb +172 -0
- data/spec/cert/extensions/basic_constraints_spec.rb +185 -0
- data/spec/cert/extensions/certificate_policies_spec.rb +288 -0
- data/spec/cert/extensions/crl_distribution_points_spec.rb +149 -0
- data/spec/cert/extensions/extended_key_usage_spec.rb +174 -0
- data/spec/cert/extensions/inhibit_any_policy_spec.rb +92 -0
- data/spec/cert/extensions/key_usage_spec.rb +172 -0
- data/spec/cert/extensions/name_constraints_spec.rb +335 -0
- data/spec/cert/extensions/ocsp_no_check_spec.rb +76 -0
- data/spec/cert/extensions/policy_constraints_spec.rb +155 -0
- data/spec/cert/extensions/subject_alternative_name_spec.rb +354 -0
- data/spec/cert/extensions/subject_key_identifier_spec.rb +64 -0
- data/spec/cert_spec.rb +11 -9
- data/spec/certificate_authority/options_builder_spec.rb +307 -0
- data/spec/certificate_authority/signer_spec.rb +278 -0
- data/spec/config/ca_config_spec.rb +405 -0
- data/spec/config/cert_profile_spec.rb +88 -0
- data/spec/config/subject_item_policy_spec.rb +81 -0
- data/spec/crl/administrator_spec.rb +199 -0
- data/spec/crl/reader_writer_spec.rb +97 -0
- data/spec/crl/signed_list_spec.rb +84 -0
- data/spec/csr_spec.rb +43 -36
- data/spec/engine_spec.rb +51 -0
- data/spec/fixtures.rb +40 -40
- data/spec/fixtures/cert1.pem +1 -1
- data/spec/fixtures/config_pool_test_minimal.yaml +11 -15
- data/spec/fixtures/config_test.yaml +96 -59
- data/spec/fixtures/config_test_dsa.yaml +29 -35
- data/spec/fixtures/config_test_ec.yaml +29 -35
- data/spec/fixtures/config_test_engine_key.yaml +7 -7
- data/spec/fixtures/config_test_engine_no_key_name.yaml +6 -6
- data/spec/fixtures/config_test_minimal.yaml +3 -5
- data/spec/fixtures/config_test_password.yaml +4 -6
- data/spec/fixtures/config_test_various.yaml +147 -137
- data/spec/fixtures/crl_list_file.txt +1 -1
- data/spec/fixtures/test_ca_crl.cer +20 -0
- data/spec/fixtures/test_ca_crl.key +28 -0
- data/spec/fixtures/test_ca_crl.p12 +0 -0
- data/spec/message_digest_spec.rb +6 -0
- data/spec/oid_mapper_spec.rb +11 -0
- data/spec/private_key_spec.rb +19 -18
- data/spec/spec_helper.rb +10 -6
- data/spec/spki_spec.rb +38 -19
- data/spec/subject_spec.rb +16 -0
- metadata +108 -59
- metadata.gz.sig +0 -0
- data/README.md +0 -638
- data/doc/R509/Config/CAProfile.html +0 -1015
- data/doc/R509/IOHelpers.html +0 -564
- data/lib/r509/certificate_authority.rb +0 -407
- data/lib/r509/crl.rb +0 -351
- data/spec/cert/extensions_spec.rb +0 -1095
- data/spec/certificate_authority_spec.rb +0 -681
- data/spec/config_spec.rb +0 -562
- data/spec/crl_spec.rb +0 -226
@@ -1,2 +1,2 @@
|
|
1
1
|
12345,1323983885,0
|
2
|
-
12346,1323983885,
|
2
|
+
12346,1323983885,
|
@@ -0,0 +1,20 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIDWzCCAkOgAwIBAgITBia3x8B+RLAeUWfUrgVQDQb+wjANBgkqhkiG9w0BAQUF
|
3
|
+
ADBeMQswCQYDVQQGEwJVUzERMA8GA1UECAwISWxsaW5vaXMxEDAOBgNVBAcMB0No
|
4
|
+
aWNhZ28xGDAWBgNVBAoMD1J1YnkgQ0EgUHJvamVjdDEQMA4GA1UEAwwHVGVzdCBD
|
5
|
+
QTAeFw0xMzA2MjAxNzU5MTJaFw0zMzA2MTUyMzU5MTJaMGExCzAJBgNVBAYTAlVT
|
6
|
+
MREwDwYDVQQIDAhJbGxpbm9pczEQMA4GA1UEBwwHQ2hpY2FnbzERMA8GA1UECgwI
|
7
|
+
cjUwOSBMTEMxGjAYBgNVBAMMEXI1MDkgQ1JMIERlbGVnYXRlMIIBIjANBgkqhkiG
|
8
|
+
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29HVdc8ULnpkyEUqBpvcInXgXKOJfH2MpQo0
|
9
|
+
gUE37t2/LFQvNw0tyXXkV7PIfUD+4RM4KkwcL8LuC161JH8WyW0V2SVjX56O/GPK
|
10
|
+
8qqtoXTwfY2A/kUEU3n9qYnyjAC36Oxq8OFE1zf26seAQxw0s73rw/iD4HevFE14
|
11
|
+
YUXh2OMvnGGhP0wMVEssU+RC+9qPpttLvYUogTtpE2gWbmYKIBZwQHH92T9HpCjK
|
12
|
+
yreZM40aL5vxZziRHqF9WQGjADzVxUjvYLjkgHWdMX5x5feK5UhKAK5t3Zi7MaYq
|
13
|
+
rcSsy0GdNBy9Io2ZljFr2VJnBeMYa168wsnOPMAb8ghX8Tl9LwIDAQABow8wDTAL
|
14
|
+
BgNVHQ8EBAMCAQIwDQYJKoZIhvcNAQEFBQADggEBAKW0dl4RxI/0Zfswma+qMt3Q
|
15
|
+
6G7BGv4iW3mGmN0nFFbIaf2VzdrXdA67hqgF00doeddRYM1LJquJkkZrn1OMYth9
|
16
|
+
5iBsYylUVruoZ7Jr+/VN5yaMm4Md4JdpH2q61nUk2Jfmi1zV0snkvlQnc8/XrBlD
|
17
|
+
ZQQd4B2YCBKwrZaqGRD8w5DhEjdw+flsZkfCqZZQYynHwxHCm77w42rPZY8jUkYX
|
18
|
+
9VqJvBQgEoLABhVp248PucnRX9ltmT0R/VwS6v/RiicxECxYlT8KQrASNg8do5RC
|
19
|
+
EERjhGBKhiHE8y0N54fstYhCfdte5hcIlsSMIJKhaCbVww68OoGQKv+B/AcSa8U=
|
20
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,28 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
MIIEpAIBAAKCAQEA29HVdc8ULnpkyEUqBpvcInXgXKOJfH2MpQo0gUE37t2/LFQv
|
3
|
+
Nw0tyXXkV7PIfUD+4RM4KkwcL8LuC161JH8WyW0V2SVjX56O/GPK8qqtoXTwfY2A
|
4
|
+
/kUEU3n9qYnyjAC36Oxq8OFE1zf26seAQxw0s73rw/iD4HevFE14YUXh2OMvnGGh
|
5
|
+
P0wMVEssU+RC+9qPpttLvYUogTtpE2gWbmYKIBZwQHH92T9HpCjKyreZM40aL5vx
|
6
|
+
ZziRHqF9WQGjADzVxUjvYLjkgHWdMX5x5feK5UhKAK5t3Zi7MaYqrcSsy0GdNBy9
|
7
|
+
Io2ZljFr2VJnBeMYa168wsnOPMAb8ghX8Tl9LwIDAQABAoIBAGx/2fjYSYHXb79a
|
8
|
+
RDAW5kUsIZ4YKliEL9OWgev6oP0J/r6GnvdxTdROmHKhjqgkWKoHroVSI+d/M7fw
|
9
|
+
+0AUas7pRQt1ZONhg/oX16iHjkRPUBTor27R6hy57fas3Ec2Y5BYgUB8MFp6iSnB
|
10
|
+
ZxG47lp5t9F27MDy0jwXMP/yWlOOhUJmtO+4YBTreLbuQ8OEUh0M0FlqrrhxOVwP
|
11
|
+
UWsibVx1es8nFydxCIv+XQsMkyobnMMlv68exxf0I+8T5wEGWAXelRCkqWQ7OqUv
|
12
|
+
Fh4JtYVePcH9VwQbJ3wOug3/bJtMWeHuDI75t7j8+jGvURhNAUdmy15Bj/ncvrtr
|
13
|
+
4MLRbeECgYEA85NJt/xjJduYLKHeVWyBjskNJiz7uayxuAbPCV5U0A1Im/yFgAqZ
|
14
|
+
uiZpNzKewchxuIfLlDZbM6sEbsRRHalNnIy84J+20uNST5HDG16RUhNseUSFCBNe
|
15
|
+
jToFbMEUF2vaF6C/TTfeJtggrr9PEMkhOjgRzJo7h7/bLoLHranq4CUCgYEA5whV
|
16
|
+
fKGdBeU3+L5om/gQb34OHKbUhO7QBDLdQeiP6MI3uTHVVTRa6JabUo/iqTYf+wF5
|
17
|
+
iqRDFs5YTTO6spF8pzD19FvzBCcvBlT6l3pDd6npNnFt/Nb3pHYDBCm12XFQX0EP
|
18
|
+
g0ATFEKiVHVT8SnftPMiPoecUBWIVGjOSqANbcMCgYEAh3DNOytyjmiPM7JGiUWu
|
19
|
+
vRD66NF2oAZxRB01HsZ/brkUOPiv20UJukMFmpXhRWwKIEwSXbXj/NUJv/YWDOJJ
|
20
|
+
r9VqaZUl+hpBeNFapmttbzAxzzTUrGro1qr+vTyXyXZFbYILHgsE0qC3e7QRaQoO
|
21
|
+
Get3qkfQ9mkunaxHEEA9xKkCgYAVur7vnfO63jhJeP81zDsfgWeqYjaS2jNOccpF
|
22
|
+
rK38YmgDTyCVhvsV7TRmq4nSCHkxjo3z8EcvGfFMMZVZvj1PLFe1yAAvX9AYdF2t
|
23
|
+
aZ523tBEgp6prT5VhZP7DEFCVloM232uBpTEzw+dift/L0UPK98IqpCVJ7FO3xyo
|
24
|
+
AC3DKQKBgQCdeoNVNSDpldkG4euQ/yOxduu+kGur4+DHtMVhNbuPkRpitw7smz/w
|
25
|
+
eqN7MfbHnDiM28RgQomNQIELTQh7nu9mQoPkSeFuuV6VuWzF+a0UgIJ4jqW54LRQ
|
26
|
+
JT/k43tBz6+2uV+hWTTZG7864flenuXg0W4v/uHoVI0LW8SXS8728Q==
|
27
|
+
-----END RSA PRIVATE KEY-----
|
28
|
+
|
Binary file
|
data/spec/message_digest_spec.rb
CHANGED
@@ -103,6 +103,12 @@ describe R509::MessageDigest do
|
|
103
103
|
md.name.should == "dss1"
|
104
104
|
md.digest.kind_of?(OpenSSL::Digest::DSS1).should == true
|
105
105
|
end
|
106
|
+
it "creates a default digest with no params or nil" do
|
107
|
+
md = R509::MessageDigest.new
|
108
|
+
md.name.should == R509::MessageDigest::DEFAULT_MD.downcase
|
109
|
+
md = R509::MessageDigest.new(nil)
|
110
|
+
md.name.should == R509::MessageDigest::DEFAULT_MD.downcase
|
111
|
+
end
|
106
112
|
it "exception on unknown digest -> name" do
|
107
113
|
expect{ R509::MessageDigest.new(12345) }.to raise_error(ArgumentError)
|
108
114
|
end
|
data/spec/oid_mapper_spec.rb
CHANGED
@@ -17,6 +17,7 @@ describe R509::OIDMapper do
|
|
17
17
|
subject_new = R509::Subject.new [['myOIDName','random_oid']]
|
18
18
|
subject_new['myOIDName'].should == 'random_oid'
|
19
19
|
end
|
20
|
+
|
20
21
|
it "registers a batch of new oids" do
|
21
22
|
expect { R509::Subject.new [['testOIDName','random_oid']] }.to raise_error(OpenSSL::X509::NameError,'invalid field name')
|
22
23
|
expect { R509::Subject.new [['anotherOIDName','second_random']] }.to raise_error(OpenSSL::X509::NameError,'invalid field name')
|
@@ -28,4 +29,14 @@ describe R509::OIDMapper do
|
|
28
29
|
subject_new['testOIDName'].should == 'random_oid'
|
29
30
|
subject_new['anotherOIDName'].should == 'second_random'
|
30
31
|
end
|
32
|
+
|
33
|
+
it "registers a batch of oids from YAML" do
|
34
|
+
expect { R509::Subject.new [['thirdOIDName','random_oid']] }.to raise_error(OpenSSL::X509::NameError,'invalid field name')
|
35
|
+
expect { R509::Subject.new [['fourthOIDName','second_random']] }.to raise_error(OpenSSL::X509::NameError,'invalid field name')
|
36
|
+
yaml_data = "---\ncustom_oids:\n- :oid: 1.4.3.2.1.2.3.4.4.4.5\n :short_name: thirdOIDName\n- :oid: 1.4.3.2.1.2.5.4.4.4.5\n :short_name: fourthOIDName\n"
|
37
|
+
R509::OIDMapper.register_from_yaml("custom_oids", yaml_data)
|
38
|
+
subject_new = R509::Subject.new [['thirdOIDName','random_oid'],['fourthOIDName','second_random']]
|
39
|
+
subject_new['thirdOIDName'].should == 'random_oid'
|
40
|
+
subject_new['fourthOIDName'].should == 'second_random'
|
41
|
+
end
|
31
42
|
end
|
data/spec/private_key_spec.rb
CHANGED
@@ -34,10 +34,11 @@ describe R509::PrivateKey do
|
|
34
34
|
it "generates a default 2048-bit RSA key when nothing is passed to the constructor" do
|
35
35
|
private_key = R509::PrivateKey.new
|
36
36
|
private_key.rsa?.should == true
|
37
|
+
private_key.bit_length.should == 2048
|
37
38
|
private_key.bit_strength.should == 2048
|
38
39
|
end
|
39
40
|
it "defaults to RSA" do
|
40
|
-
private_key = R509::PrivateKey.new(:
|
41
|
+
private_key = R509::PrivateKey.new(:bit_length=>1024)
|
41
42
|
private_key.key.kind_of?(OpenSSL::PKey::RSA).should == true
|
42
43
|
end
|
43
44
|
it "loads a pre-existing RSA key" do
|
@@ -45,14 +46,14 @@ describe R509::PrivateKey do
|
|
45
46
|
private_key.to_pem.should == @key_csr
|
46
47
|
@key_csr.should_not == nil
|
47
48
|
end
|
48
|
-
it "generates an RSA key at the default bit
|
49
|
-
private_key = R509::PrivateKey.new(:type =>
|
50
|
-
private_key.
|
49
|
+
it "generates an RSA key at the default bit length (2048)" do
|
50
|
+
private_key = R509::PrivateKey.new(:type => "rsa")
|
51
|
+
private_key.bit_length.should == 2048
|
51
52
|
private_key.key.n.to_i.to_s(2).size.should == 2048
|
52
53
|
end
|
53
|
-
it "generates an RSA key at a custom bit
|
54
|
-
private_key = R509::PrivateKey.new(:type =>
|
55
|
-
private_key.
|
54
|
+
it "generates an RSA key at a custom bit length" do
|
55
|
+
private_key = R509::PrivateKey.new(:type => "rsa", :bit_length => 512)
|
56
|
+
private_key.bit_length.should == 512
|
56
57
|
private_key.key.n.to_i.to_s(2).size.should == 512
|
57
58
|
end
|
58
59
|
it "loads a pre-existing DSA key" do
|
@@ -61,21 +62,21 @@ describe R509::PrivateKey do
|
|
61
62
|
private_key.key.to_pem.should == @dsa_key
|
62
63
|
@dsa_key.should_not == nil
|
63
64
|
end
|
64
|
-
it "generates a DSA key at the default bit
|
65
|
-
private_key = R509::PrivateKey.new(:type =>
|
65
|
+
it "generates a DSA key at the default bit length (2048)" do
|
66
|
+
private_key = R509::PrivateKey.new(:type => "dsa")
|
66
67
|
private_key.dsa?.should == true
|
67
|
-
private_key.
|
68
|
+
private_key.bit_length.should == 2048
|
68
69
|
private_key.key.p.to_i.to_s(2).size.should == 2048
|
69
70
|
end
|
70
|
-
it "generates a DSA key at a custom bit
|
71
|
-
private_key = R509::PrivateKey.new(:type =>
|
72
|
-
private_key.
|
71
|
+
it "generates a DSA key at a custom bit length" do
|
72
|
+
private_key = R509::PrivateKey.new(:type => "dsa", :bit_length => 512)
|
73
|
+
private_key.bit_length.should == 512
|
73
74
|
private_key.key.p.to_i.to_s(2).size.should == 512
|
74
75
|
end
|
75
76
|
it "has an exponent of 65537 for new RSA keys" do
|
76
77
|
#this test actually checks ruby's underlying libs to make sure they're
|
77
78
|
#doing what they're supposed to be doing.
|
78
|
-
private_key = R509::PrivateKey.new(:type =>
|
79
|
+
private_key = R509::PrivateKey.new(:type => "rsa", :bit_length => 512)
|
79
80
|
private_key.key.e.should == 65537
|
80
81
|
end
|
81
82
|
it "returns the public key" do
|
@@ -238,12 +239,12 @@ describe R509::PrivateKey do
|
|
238
239
|
end
|
239
240
|
|
240
241
|
it "generates an elliptic curve key using the default curve (secp384r1)" do
|
241
|
-
private_key = R509::PrivateKey.new(:type =>
|
242
|
+
private_key = R509::PrivateKey.new(:type => "ec")
|
242
243
|
private_key.curve_name.should == 'secp384r1'
|
243
244
|
end
|
244
245
|
|
245
246
|
it "generates an elliptic curve key using a specified curve" do
|
246
|
-
private_key = R509::PrivateKey.new(:type =>
|
247
|
+
private_key = R509::PrivateKey.new(:type => "ec", :curve_name => 'sect283r1')
|
247
248
|
private_key.curve_name.should == 'sect283r1'
|
248
249
|
end
|
249
250
|
|
@@ -264,9 +265,9 @@ describe R509::PrivateKey do
|
|
264
265
|
private_key.to_der.should == @ec_key_der
|
265
266
|
end
|
266
267
|
|
267
|
-
it "returns error for
|
268
|
+
it "returns error for bit_length" do
|
268
269
|
private_key = R509::PrivateKey.new(:key => @ec_key_pem)
|
269
|
-
expect { private_key.
|
270
|
+
expect { private_key.bit_length }.to raise_error(R509::R509Error,'Bit length is not available for EC at this time.')
|
270
271
|
end
|
271
272
|
|
272
273
|
|
data/spec/spec_helper.rb
CHANGED
@@ -1,9 +1,9 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
1
|
+
require 'simplecov'
|
2
|
+
SimpleCov.start
|
3
|
+
begin
|
4
|
+
require 'coveralls'
|
5
|
+
Coveralls.wear!
|
6
|
+
rescue LoadError
|
7
7
|
end
|
8
8
|
|
9
9
|
$:.unshift File.expand_path("../../lib", __FILE__)
|
@@ -21,3 +21,7 @@ if not R509.ec_supported?
|
|
21
21
|
c.filter_run_excluding :ec => true
|
22
22
|
end
|
23
23
|
end
|
24
|
+
|
25
|
+
RSpec.configure do |config|
|
26
|
+
config.alias_it_should_behave_like_to :it_validates, "it validates"
|
27
|
+
end
|
data/spec/spki_spec.rb
CHANGED
@@ -18,6 +18,12 @@ shared_examples_for "create spki with private key" do
|
|
18
18
|
it "generates a spki with custom digest" do
|
19
19
|
spki = R509::SPKI.new(:key => @key, :message_digest => "sha256")
|
20
20
|
spki.to_pem.should_not be_nil
|
21
|
+
case
|
22
|
+
when @key.rsa?
|
23
|
+
spki.signature_algorithm.should(match(/sha256/i))
|
24
|
+
when @key.dsa?
|
25
|
+
spki.signature_algorithm.should(match(/sha1/i))
|
26
|
+
end
|
21
27
|
spki.verify_signature
|
22
28
|
end
|
23
29
|
|
@@ -37,6 +43,18 @@ shared_examples_for "spki + private key" do
|
|
37
43
|
expect { R509::SPKI.new(:key => @key, :spki => @spki) }.to_not raise_error
|
38
44
|
end
|
39
45
|
|
46
|
+
it "returns the correct signature_algorithm" do
|
47
|
+
spki = R509::SPKI.new( :spki => @spki, :key => @key )
|
48
|
+
case
|
49
|
+
when @key.rsa?
|
50
|
+
spki.signature_algorithm.should(match(/RSA/i))
|
51
|
+
when @key.dsa?
|
52
|
+
spki.signature_algorithm.should(match(/DSA/i))
|
53
|
+
when @key.ec?
|
54
|
+
spki.signature_algorithm.should(match(/ecdsa/i))
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
40
58
|
it "errors if they don't match" do
|
41
59
|
expect { R509::SPKI.new(:key => @key, :spki => @spki2) }.to raise_error(R509::R509Error,'Key does not match SPKI.')
|
42
60
|
end
|
@@ -61,14 +79,14 @@ describe R509::SPKI do
|
|
61
79
|
context "rsa" do
|
62
80
|
context "no existing spki" do
|
63
81
|
before :all do
|
64
|
-
@key = R509::PrivateKey.new(:type =>
|
82
|
+
@key = R509::PrivateKey.new(:type => "rsa", :bit_length => 1024)
|
65
83
|
end
|
66
84
|
include_examples "create spki with private key"
|
67
85
|
end
|
68
86
|
context "existing spki + private key" do
|
69
87
|
before :all do
|
70
|
-
@key = R509::PrivateKey.new(:type =>
|
71
|
-
@key2 = R509::PrivateKey.new(:type =>
|
88
|
+
@key = R509::PrivateKey.new(:type => "rsa", :bit_length => 512)
|
89
|
+
@key2 = R509::PrivateKey.new(:type => "rsa", :bit_length => 512)
|
72
90
|
@spki = R509::SPKI.new(:key => @key).to_pem
|
73
91
|
@spki2 = R509::SPKI.new(:key => @key2).to_pem
|
74
92
|
end
|
@@ -78,14 +96,14 @@ describe R509::SPKI do
|
|
78
96
|
context "dsa" do
|
79
97
|
context "no existing spki" do
|
80
98
|
before :all do
|
81
|
-
@key = R509::PrivateKey.new(:type =>
|
99
|
+
@key = R509::PrivateKey.new(:type => "dsa", :bit_length => 1024)
|
82
100
|
end
|
83
101
|
include_examples "create spki with private key"
|
84
102
|
end
|
85
103
|
context "existing spki + private key" do
|
86
104
|
before :all do
|
87
|
-
@key = R509::PrivateKey.new(:type =>
|
88
|
-
@key2 = R509::PrivateKey.new(:type =>
|
105
|
+
@key = R509::PrivateKey.new(:type => "dsa", :bit_length => 512)
|
106
|
+
@key2 = R509::PrivateKey.new(:type => "dsa", :bit_length => 512)
|
89
107
|
@spki = R509::SPKI.new(:key => @key).to_pem
|
90
108
|
@spki2 = R509::SPKI.new(:key => @key2).to_pem
|
91
109
|
end
|
@@ -95,14 +113,14 @@ describe R509::SPKI do
|
|
95
113
|
context "elliptic curve", :ec => true do
|
96
114
|
context "no existing spki" do
|
97
115
|
before :all do
|
98
|
-
@key = R509::PrivateKey.new(:type =>
|
116
|
+
@key = R509::PrivateKey.new(:type => "EC")
|
99
117
|
end
|
100
118
|
include_examples "create spki with private key"
|
101
119
|
end
|
102
120
|
context "existing spki + private key" do
|
103
121
|
before :all do
|
104
|
-
@key = R509::PrivateKey.new(:type =>
|
105
|
-
@key2 = R509::PrivateKey.new(:type =>
|
122
|
+
@key = R509::PrivateKey.new(:type => "ec")
|
123
|
+
@key2 = R509::PrivateKey.new(:type => "ec")
|
106
124
|
@spki = R509::SPKI.new(:key => @key).to_pem
|
107
125
|
@spki2 = R509::SPKI.new(:key => @key2).to_pem
|
108
126
|
end
|
@@ -156,23 +174,24 @@ describe R509::SPKI do
|
|
156
174
|
end
|
157
175
|
it "returns error when asking for curve_name on non-ec" do
|
158
176
|
spki = R509::SPKI.new( :spki => @spki )
|
159
|
-
expect { spki.curve_name }.to raise_error(R509::R509Error,'Curve name is only available with EC
|
177
|
+
expect { spki.curve_name }.to raise_error(R509::R509Error,'Curve name is only available with EC')
|
160
178
|
end
|
161
179
|
it "returns RSA key algorithm for RSA" do
|
162
180
|
spki = R509::SPKI.new( :spki => @spki )
|
163
|
-
spki.key_algorithm.should ==
|
181
|
+
spki.key_algorithm.should == "RSA"
|
164
182
|
end
|
165
|
-
it "gets RSA bit
|
183
|
+
it "gets RSA bit length" do
|
166
184
|
spki = R509::SPKI.new( :spki => @spki )
|
185
|
+
spki.bit_length.should == 2048
|
167
186
|
spki.bit_strength.should == 2048
|
168
187
|
end
|
169
188
|
it "loads a DSA spkac" do
|
170
189
|
spki = R509::SPKI.new( :spki => @spki_dsa )
|
171
190
|
spki.to_pem.should == @spki_dsa
|
172
191
|
end
|
173
|
-
it "gets DSA bit
|
192
|
+
it "gets DSA bit length" do
|
174
193
|
spki = R509::SPKI.new( :spki => @spki_dsa )
|
175
|
-
spki.
|
194
|
+
spki.bit_length.should == 2048
|
176
195
|
end
|
177
196
|
it "dsa?" do
|
178
197
|
spki = R509::SPKI.new( :spki => @spki_dsa )
|
@@ -181,7 +200,7 @@ describe R509::SPKI do
|
|
181
200
|
end
|
182
201
|
it "returns DSA key algorithm for DSA" do
|
183
202
|
spki = R509::SPKI.new( :spki => @spki_dsa )
|
184
|
-
spki.key_algorithm.should ==
|
203
|
+
spki.key_algorithm.should == "DSA"
|
185
204
|
end
|
186
205
|
|
187
206
|
context "elliptic curve", :ec => true do
|
@@ -193,13 +212,13 @@ describe R509::SPKI do
|
|
193
212
|
spki = R509::SPKI.new( :spki => @spki_ec )
|
194
213
|
spki.curve_name.should == 'secp384r1'
|
195
214
|
end
|
196
|
-
it "raises error on bit
|
215
|
+
it "raises error on bit length" do
|
197
216
|
spki = R509::SPKI.new( :spki => @spki_ec )
|
198
|
-
expect { spki.
|
217
|
+
expect { spki.bit_length }.to raise_error(R509::R509Error,'Bit length is not available for EC at this time.')
|
199
218
|
end
|
200
219
|
it "returns the key algorithm" do
|
201
220
|
spki = R509::SPKI.new( :spki => @spki_ec )
|
202
|
-
spki.key_algorithm.should ==
|
221
|
+
spki.key_algorithm.should == "EC"
|
203
222
|
end
|
204
223
|
it "returns the public key" do
|
205
224
|
spki = R509::SPKI.new( :spki => @spki_ec )
|
@@ -230,7 +249,7 @@ describe R509::SPKI do
|
|
230
249
|
end
|
231
250
|
it "returns RSA key algorithm for RSA CSR" do
|
232
251
|
spki = R509::SPKI.new( :spki => @spki )
|
233
|
-
spki.key_algorithm.should ==
|
252
|
+
spki.key_algorithm.should == "RSA"
|
234
253
|
end
|
235
254
|
end
|
236
255
|
end
|
data/spec/subject_spec.rb
CHANGED
@@ -20,6 +20,10 @@ describe R509::Subject do
|
|
20
20
|
subject = R509::Subject.new([["CN", "domain.com"], ["O", "my org"]])
|
21
21
|
subject.name.to_s.should == "/CN=domain.com/O=my org"
|
22
22
|
end
|
23
|
+
it "initializes with a subject hash, and gets the name" do
|
24
|
+
subject = R509::Subject.new(:CN => "domain.com", :O => "my org", :"1.2.3.4.4.5.6.7" => "what")
|
25
|
+
subject.name.to_s.should == "/CN=domain.com/O=my org/1.2.3.4.4.5.6.7=what"
|
26
|
+
end
|
23
27
|
it "initializes with a name, gets the name" do
|
24
28
|
name = OpenSSL::X509::Name.new([["CN", "domain.com"], ["O", "my org"], ["OU", "my unit"]])
|
25
29
|
subject = R509::Subject.new(name)
|
@@ -110,6 +114,18 @@ describe R509::Subject do
|
|
110
114
|
subject["CN"].should == 'normaldomain.com'
|
111
115
|
end
|
112
116
|
|
117
|
+
it "builds a hash" do
|
118
|
+
args = { :CN => "domain.com", :O => "my org", :"1.2.3.4.4.5.6.7" => "what" }
|
119
|
+
subject = R509::Subject.new(args)
|
120
|
+
subject.to_h.should == args
|
121
|
+
end
|
122
|
+
|
123
|
+
it "builds yaml" do
|
124
|
+
args = { :CN => "domain.com", :O => "my org", :"1.2.3.4.4.5.6.7" => "what" }
|
125
|
+
subject = R509::Subject.new(args)
|
126
|
+
YAML.load(subject.to_yaml).should == args
|
127
|
+
end
|
128
|
+
|
113
129
|
context "dynamic getter/setter behaviors" do
|
114
130
|
it "recognizes getters for a standard subject oid" do
|
115
131
|
subject = R509::Subject.new [['CN','testCN']]
|
metadata
CHANGED
@@ -1,78 +1,77 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: r509
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
5
|
-
prerelease:
|
4
|
+
version: 0.10.0
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
8
7
|
- Paul Kehrer
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
|
-
cert_chain:
|
12
|
-
|
10
|
+
cert_chain:
|
11
|
+
- |
|
12
|
+
-----BEGIN CERTIFICATE-----
|
13
|
+
MIIDhTCCAm2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMRYwFAYDVQQDDA1wYXVs
|
14
|
+
Lmwua2VocmVyMRUwEwYKCZImiZPyLGQBGRYFZ21haWwxEzARBgoJkiaJk/IsZAEZ
|
15
|
+
FgNjb20wHhcNMTMxMjA2MDAzNTU0WhcNMTQxMjA2MDAzNTU0WjBEMRYwFAYDVQQD
|
16
|
+
DA1wYXVsLmwua2VocmVyMRUwEwYKCZImiZPyLGQBGRYFZ21haWwxEzARBgoJkiaJ
|
17
|
+
k/IsZAEZFgNjb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLVC6U
|
18
|
+
0ZyX4C4HllJxHW0Uq39bvRvfNXc0RXMSvIRklxjupx3EICVATpAJzg4qBxbpxRTe
|
19
|
+
XcsmuYfaZAriSH2M97C2sBJnVEAr63ws2vmBQKw9cXHV3RjQTeqQUTQudE790DTI
|
20
|
+
7pc1ObprB4pM2j3O6JtPVzmJ/PGACjtyg4bys6bx7JQJW5liunK26mS6w6mAAcAV
|
21
|
+
scAz7oh6fmOI0OSS45l3ycOEh5sb42cZzs7TNzcvVmEppTRa4wBP4/eDTuohxlPH
|
22
|
+
skuIPWcdU6YTo2LWwqEaGgUItj8lRqXGDcEZ1FhKyZ6HUD3l1zPGxojW8BKr0Svj
|
23
|
+
/cMP+y0YH5OeoD+vAgMBAAGjgYEwfzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAd
|
24
|
+
BgNVHQ4EFgQURv1xuy9aKzcxwxkGiL/e4UYCWGowIgYDVR0RBBswGYEXcGF1bC5s
|
25
|
+
LmtlaHJlckBnbWFpbC5jb20wIgYDVR0SBBswGYEXcGF1bC5sLmtlaHJlckBnbWFp
|
26
|
+
bC5jb20wDQYJKoZIhvcNAQEFBQADggEBADsnINhvXWJ8r7U02fzbmOitcDZOlCnN
|
27
|
+
jtyYfzDbYtEnQCpBCHhpNC8SVI3OUgGJbrb5Debs0f1UxrYsGn0u8LsLu6xmst+D
|
28
|
+
zZdxtzvnsqowLw2dCzXow0CGwBGcWq38Wqn0v/ez3otQBj2GGGV0jyLUoRWfMwTK
|
29
|
+
dqbGuJ0s/ZORipbl4jdfucPbrGPQHmf8/H8w0/kH7tBnhcyGI1exBSQexiu2qRqP
|
30
|
+
wQ9nsK5DoJSWf5vG8Xu/TEnv2Gu8z6T4wBrbIr20EYu6lb0i5ekGhrHOcaPRI6X9
|
31
|
+
lYMLMTFSyjE66v5QiUlZ9V4oV6O/MPS9fXPxog3TCsYpgfsgA+RlO8I=
|
32
|
+
-----END CERTIFICATE-----
|
33
|
+
date: 2014-01-26 00:00:00.000000000 Z
|
13
34
|
dependencies:
|
14
|
-
- !ruby/object:Gem::Dependency
|
15
|
-
name: trollop
|
16
|
-
requirement: !ruby/object:Gem::Requirement
|
17
|
-
none: false
|
18
|
-
requirements:
|
19
|
-
- - ! '>='
|
20
|
-
- !ruby/object:Gem::Version
|
21
|
-
version: '0'
|
22
|
-
type: :runtime
|
23
|
-
prerelease: false
|
24
|
-
version_requirements: !ruby/object:Gem::Requirement
|
25
|
-
none: false
|
26
|
-
requirements:
|
27
|
-
- - ! '>='
|
28
|
-
- !ruby/object:Gem::Version
|
29
|
-
version: '0'
|
30
35
|
- !ruby/object:Gem::Dependency
|
31
36
|
name: rspec
|
32
37
|
requirement: !ruby/object:Gem::Requirement
|
33
|
-
none: false
|
34
38
|
requirements:
|
35
|
-
- -
|
39
|
+
- - '>='
|
36
40
|
- !ruby/object:Gem::Version
|
37
41
|
version: '0'
|
38
42
|
type: :development
|
39
43
|
prerelease: false
|
40
44
|
version_requirements: !ruby/object:Gem::Requirement
|
41
|
-
none: false
|
42
45
|
requirements:
|
43
|
-
- -
|
46
|
+
- - '>='
|
44
47
|
- !ruby/object:Gem::Version
|
45
48
|
version: '0'
|
46
49
|
- !ruby/object:Gem::Dependency
|
47
50
|
name: rake
|
48
51
|
requirement: !ruby/object:Gem::Requirement
|
49
|
-
none: false
|
50
52
|
requirements:
|
51
|
-
- -
|
53
|
+
- - '>='
|
52
54
|
- !ruby/object:Gem::Version
|
53
55
|
version: '0'
|
54
56
|
type: :development
|
55
57
|
prerelease: false
|
56
58
|
version_requirements: !ruby/object:Gem::Requirement
|
57
|
-
none: false
|
58
59
|
requirements:
|
59
|
-
- -
|
60
|
+
- - '>='
|
60
61
|
- !ruby/object:Gem::Version
|
61
62
|
version: '0'
|
62
63
|
- !ruby/object:Gem::Dependency
|
63
64
|
name: simplecov
|
64
65
|
requirement: !ruby/object:Gem::Requirement
|
65
|
-
none: false
|
66
66
|
requirements:
|
67
|
-
- -
|
67
|
+
- - '>='
|
68
68
|
- !ruby/object:Gem::Version
|
69
69
|
version: '0'
|
70
70
|
type: :development
|
71
71
|
prerelease: false
|
72
72
|
version_requirements: !ruby/object:Gem::Requirement
|
73
|
-
none: false
|
74
73
|
requirements:
|
75
|
-
- -
|
74
|
+
- - '>='
|
76
75
|
- !ruby/object:Gem::Version
|
77
76
|
version: '0'
|
78
77
|
description: A module that allows you to create CSRs, issue certs off a CA, view the
|
@@ -84,19 +83,43 @@ executables:
|
|
84
83
|
extensions: []
|
85
84
|
extra_rdoc_files: []
|
86
85
|
files:
|
87
|
-
- README.
|
86
|
+
- README.mdown
|
87
|
+
- CONTRIBUTING.mdown
|
88
|
+
- LICENSE
|
88
89
|
- r509.yaml
|
89
90
|
- Rakefile
|
90
91
|
- lib/r509/asn1.rb
|
92
|
+
- lib/r509/cert/extensions/authority_info_access.rb
|
93
|
+
- lib/r509/cert/extensions/authority_key_identifier.rb
|
94
|
+
- lib/r509/cert/extensions/base.rb
|
95
|
+
- lib/r509/cert/extensions/basic_constraints.rb
|
96
|
+
- lib/r509/cert/extensions/certificate_policies.rb
|
97
|
+
- lib/r509/cert/extensions/crl_distribution_points.rb
|
98
|
+
- lib/r509/cert/extensions/extended_key_usage.rb
|
99
|
+
- lib/r509/cert/extensions/inhibit_any_policy.rb
|
100
|
+
- lib/r509/cert/extensions/key_usage.rb
|
101
|
+
- lib/r509/cert/extensions/name_constraints.rb
|
102
|
+
- lib/r509/cert/extensions/ocsp_no_check.rb
|
103
|
+
- lib/r509/cert/extensions/policy_constraints.rb
|
104
|
+
- lib/r509/cert/extensions/subject_alternative_name.rb
|
105
|
+
- lib/r509/cert/extensions/subject_key_identifier.rb
|
106
|
+
- lib/r509/cert/extensions/validation_mixin.rb
|
91
107
|
- lib/r509/cert/extensions.rb
|
92
108
|
- lib/r509/cert.rb
|
93
|
-
- lib/r509/certificate_authority.rb
|
109
|
+
- lib/r509/certificate_authority/options_builder.rb
|
110
|
+
- lib/r509/certificate_authority/signer.rb
|
111
|
+
- lib/r509/config/ca_config.rb
|
112
|
+
- lib/r509/config/cert_profile.rb
|
113
|
+
- lib/r509/config/subject_item_policy.rb
|
94
114
|
- lib/r509/config.rb
|
95
|
-
- lib/r509/crl.rb
|
115
|
+
- lib/r509/crl/administrator.rb
|
116
|
+
- lib/r509/crl/reader_writer.rb
|
117
|
+
- lib/r509/crl/signed_list.rb
|
96
118
|
- lib/r509/csr.rb
|
97
119
|
- lib/r509/ec-hack.rb
|
98
120
|
- lib/r509/engine.rb
|
99
121
|
- lib/r509/exceptions.rb
|
122
|
+
- lib/r509/helpers.rb
|
100
123
|
- lib/r509/io_helpers.rb
|
101
124
|
- lib/r509/message_digest.rb
|
102
125
|
- lib/r509/ocsp.rb
|
@@ -104,18 +127,38 @@ files:
|
|
104
127
|
- lib/r509/private_key.rb
|
105
128
|
- lib/r509/spki.rb
|
106
129
|
- lib/r509/subject.rb
|
130
|
+
- lib/r509/trollop.rb
|
107
131
|
- lib/r509/validity.rb
|
108
132
|
- lib/r509/version.rb
|
109
133
|
- lib/r509.rb
|
110
134
|
- bin/r509
|
111
135
|
- bin/r509-parse
|
112
136
|
- spec/asn1_spec.rb
|
113
|
-
- spec/cert/
|
137
|
+
- spec/cert/extensions/authority_info_access_spec.rb
|
138
|
+
- spec/cert/extensions/authority_key_identifier_spec.rb
|
139
|
+
- spec/cert/extensions/base_spec.rb
|
140
|
+
- spec/cert/extensions/basic_constraints_spec.rb
|
141
|
+
- spec/cert/extensions/certificate_policies_spec.rb
|
142
|
+
- spec/cert/extensions/crl_distribution_points_spec.rb
|
143
|
+
- spec/cert/extensions/extended_key_usage_spec.rb
|
144
|
+
- spec/cert/extensions/inhibit_any_policy_spec.rb
|
145
|
+
- spec/cert/extensions/key_usage_spec.rb
|
146
|
+
- spec/cert/extensions/name_constraints_spec.rb
|
147
|
+
- spec/cert/extensions/ocsp_no_check_spec.rb
|
148
|
+
- spec/cert/extensions/policy_constraints_spec.rb
|
149
|
+
- spec/cert/extensions/subject_alternative_name_spec.rb
|
150
|
+
- spec/cert/extensions/subject_key_identifier_spec.rb
|
114
151
|
- spec/cert_spec.rb
|
115
|
-
- spec/
|
116
|
-
- spec/
|
117
|
-
- spec/
|
152
|
+
- spec/certificate_authority/options_builder_spec.rb
|
153
|
+
- spec/certificate_authority/signer_spec.rb
|
154
|
+
- spec/config/ca_config_spec.rb
|
155
|
+
- spec/config/cert_profile_spec.rb
|
156
|
+
- spec/config/subject_item_policy_spec.rb
|
157
|
+
- spec/crl/administrator_spec.rb
|
158
|
+
- spec/crl/reader_writer_spec.rb
|
159
|
+
- spec/crl/signed_list_spec.rb
|
118
160
|
- spec/csr_spec.rb
|
161
|
+
- spec/engine_spec.rb
|
119
162
|
- spec/fixtures/cert1.der
|
120
163
|
- spec/fixtures/cert1.pem
|
121
164
|
- spec/fixtures/cert1_public_key_modulus.txt
|
@@ -193,6 +236,9 @@ files:
|
|
193
236
|
- spec/fixtures/test_ca.cer
|
194
237
|
- spec/fixtures/test_ca.key
|
195
238
|
- spec/fixtures/test_ca.p12
|
239
|
+
- spec/fixtures/test_ca_crl.cer
|
240
|
+
- spec/fixtures/test_ca_crl.key
|
241
|
+
- spec/fixtures/test_ca_crl.p12
|
196
242
|
- spec/fixtures/test_ca_des3.key
|
197
243
|
- spec/fixtures/test_ca_ec.cer
|
198
244
|
- spec/fixtures/test_ca_ec.key
|
@@ -224,8 +270,11 @@ files:
|
|
224
270
|
- doc/css/common.css
|
225
271
|
- doc/css/full_list.css
|
226
272
|
- doc/css/style.css
|
273
|
+
- doc/file.CONTRIBUTING.html
|
274
|
+
- doc/file.LICENSE.html
|
227
275
|
- doc/file.r509.html
|
228
276
|
- doc/file.README.html
|
277
|
+
- doc/file.YAML.html
|
229
278
|
- doc/file_list.html
|
230
279
|
- doc/frames.html
|
231
280
|
- doc/index.html
|
@@ -235,10 +284,6 @@ files:
|
|
235
284
|
- doc/method_list.html
|
236
285
|
- doc/R509/ASN1/GeneralName.html
|
237
286
|
- doc/R509/ASN1/GeneralNames.html
|
238
|
-
- doc/R509/ASN1/NoticeReference.html
|
239
|
-
- doc/R509/ASN1/PolicyInformation.html
|
240
|
-
- doc/R509/ASN1/PolicyQualifiers.html
|
241
|
-
- doc/R509/ASN1/UserNotice.html
|
242
287
|
- doc/R509/ASN1.html
|
243
288
|
- doc/R509/Cert/Extensions/AuthorityInfoAccess.html
|
244
289
|
- doc/R509/Cert/Extensions/AuthorityKeyIdentifier.html
|
@@ -246,28 +291,37 @@ files:
|
|
246
291
|
- doc/R509/Cert/Extensions/CertificatePolicies.html
|
247
292
|
- doc/R509/Cert/Extensions/CRLDistributionPoints.html
|
248
293
|
- doc/R509/Cert/Extensions/ExtendedKeyUsage.html
|
294
|
+
- doc/R509/Cert/Extensions/GeneralNamesMixin.html
|
249
295
|
- doc/R509/Cert/Extensions/InhibitAnyPolicy.html
|
250
296
|
- doc/R509/Cert/Extensions/KeyUsage.html
|
251
297
|
- doc/R509/Cert/Extensions/NameConstraints.html
|
298
|
+
- doc/R509/Cert/Extensions/NoticeReference.html
|
252
299
|
- doc/R509/Cert/Extensions/OCSPNoCheck.html
|
253
300
|
- doc/R509/Cert/Extensions/PolicyConstraints.html
|
301
|
+
- doc/R509/Cert/Extensions/PolicyInformation.html
|
302
|
+
- doc/R509/Cert/Extensions/PolicyQualifiers.html
|
254
303
|
- doc/R509/Cert/Extensions/SubjectAlternativeName.html
|
255
304
|
- doc/R509/Cert/Extensions/SubjectKeyIdentifier.html
|
305
|
+
- doc/R509/Cert/Extensions/UserNotice.html
|
306
|
+
- doc/R509/Cert/Extensions/ValidationMixin.html
|
256
307
|
- doc/R509/Cert/Extensions.html
|
257
308
|
- doc/R509/Cert.html
|
309
|
+
- doc/R509/CertificateAuthority/OptionsBuilder.html
|
258
310
|
- doc/R509/CertificateAuthority/Signer.html
|
259
311
|
- doc/R509/CertificateAuthority.html
|
260
312
|
- doc/R509/Config/CAConfig.html
|
261
313
|
- doc/R509/Config/CAConfigPool.html
|
262
|
-
- doc/R509/Config/
|
314
|
+
- doc/R509/Config/CertProfile.html
|
263
315
|
- doc/R509/Config/SubjectItemPolicy.html
|
264
316
|
- doc/R509/Config.html
|
265
317
|
- doc/R509/CRL/Administrator.html
|
318
|
+
- doc/R509/CRL/FileReaderWriter.html
|
319
|
+
- doc/R509/CRL/ReaderWriter.html
|
266
320
|
- doc/R509/CRL/SignedList.html
|
267
321
|
- doc/R509/CRL.html
|
268
322
|
- doc/R509/CSR.html
|
269
323
|
- doc/R509/Engine.html
|
270
|
-
- doc/R509/
|
324
|
+
- doc/R509/Helpers.html
|
271
325
|
- doc/R509/MessageDigest.html
|
272
326
|
- doc/R509/NameSanitizer.html
|
273
327
|
- doc/R509/OCSP/Request/Nonce.html
|
@@ -288,39 +342,34 @@ files:
|
|
288
342
|
- doc/R509.html
|
289
343
|
- doc/top-level-namespace.html
|
290
344
|
homepage: http://r509.org
|
291
|
-
licenses:
|
345
|
+
licenses:
|
346
|
+
- Apache 2.0
|
347
|
+
metadata: {}
|
292
348
|
post_install_message:
|
293
349
|
rdoc_options: []
|
294
350
|
require_paths:
|
295
351
|
- lib
|
296
352
|
required_ruby_version: !ruby/object:Gem::Requirement
|
297
|
-
none: false
|
298
353
|
requirements:
|
299
|
-
- -
|
354
|
+
- - '>='
|
300
355
|
- !ruby/object:Gem::Version
|
301
356
|
version: 1.9.3
|
302
357
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
303
|
-
none: false
|
304
358
|
requirements:
|
305
|
-
- -
|
359
|
+
- - '>='
|
306
360
|
- !ruby/object:Gem::Version
|
307
361
|
version: '0'
|
308
|
-
segments:
|
309
|
-
- 0
|
310
|
-
hash: -4196809951687890655
|
311
362
|
requirements: []
|
312
363
|
rubyforge_project:
|
313
|
-
rubygems_version:
|
364
|
+
rubygems_version: 2.0.3
|
314
365
|
signing_key:
|
315
|
-
specification_version:
|
316
|
-
summary: A (relatively) simple X.509 certification authority
|
366
|
+
specification_version: 4
|
367
|
+
summary: A (relatively) simple X.509 certification authority API
|
317
368
|
test_files:
|
318
369
|
- spec/asn1_spec.rb
|
319
370
|
- spec/cert_spec.rb
|
320
|
-
- spec/certificate_authority_spec.rb
|
321
|
-
- spec/config_spec.rb
|
322
|
-
- spec/crl_spec.rb
|
323
371
|
- spec/csr_spec.rb
|
372
|
+
- spec/engine_spec.rb
|
324
373
|
- spec/message_digest_spec.rb
|
325
374
|
- spec/ocsp_spec.rb
|
326
375
|
- spec/oid_mapper_spec.rb
|