r509 1.0 → 1.0.1

data/doc/top-level-namespace.html

@@ -196,9 +196,9 @@
 </div>
 
       <div id="footer">
-  Generated on Tue Dec  6 17:27:38 2016 by
+  Generated on Thu Nov  2 12:48:00 2017 by
   <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
-  0.9.5 (ruby-2.4.0).
+  0.9.5 (ruby-2.4.2).
 </div>
 
     </div>

data/lib/r509/message_digest.rb

@@ -4,7 +4,7 @@ module R509
   # MessageDigest allows you to specify MDs in a more friendly fashion
   class MessageDigest
     # a list of message digests that this class understands
-    KNOWN_MDS = ['SHA1', 'SHA224', 'SHA256', 'SHA384', 'SHA512', 'DSS1', 'MD5']
+    KNOWN_MDS = ['SHA1', 'SHA224', 'SHA256', 'SHA384', 'SHA512', 'MD5']
 
     # this constant defines the default message digest if it is not supplied
     # or an invalid digest is passed
@@ -37,7 +37,6 @@ module R509
       when 'sha384' then OpenSSL::Digest::SHA384.new
       when 'sha512' then OpenSSL::Digest::SHA512.new
       when 'md5' then OpenSSL::Digest::MD5.new
-      when 'dss1' then OpenSSL::Digest::DSS1.new
       else
         @name = DEFAULT_MD.downcase
         translate_name_to_digest
@@ -53,7 +52,6 @@ module R509
       when OpenSSL::Digest::SHA384 then 'sha384'
       when OpenSSL::Digest::SHA512 then 'sha512'
       when OpenSSL::Digest::MD5 then 'md5'
-      when OpenSSL::Digest::DSS1 then 'dss1'
       else
         raise ArgumentError, "Unknown digest"
       end

data/lib/r509/oid_mapper.rb

@@ -12,7 +12,12 @@ module R509
       if long_name.nil?
         long_name = short_name
       end
-      OpenSSL::ASN1::ObjectId.register(oid, short_name, long_name)
+
+      begin
+        OpenSSL::ASN1::ObjectId.register(oid, short_name, long_name)
+      rescue OpenSSL::ASN1::ASN1Error
+        false
+      end
     end
 
     # Register a batch of OIDs so we have friendly short names

data/lib/r509/version.rb

@@ -2,5 +2,5 @@
 # support.
 module R509
   # The version of the r509 gem
-  VERSION = "1.0"
+  VERSION = "1.0.1"
 end

data/spec/csr_spec.rb

@@ -78,18 +78,18 @@ describe R509::CSR do
   it "raises an exception if you provide a list of domains with an existing CSR" do
     expect { R509::CSR.new(:csr => @csr, :san_names => ['moredomainsiwanttoadd.com']) }.to raise_error(ArgumentError, 'You can\'t add domains to an existing CSR')
   end
-  it "changes the message_digest to DSS1 when passed a DSA key" do
+  it "changes the message_digest to SHA256 when passed a DSA key" do
     csr = R509::CSR.new(:subject => [["CN", "dsasigned.com"]], :key => @dsa_key)
-    expect(csr.message_digest.name).to eq('dss1')
-    expect(csr.signature_algorithm).to eq('dsaWithSHA1')
+    expect(csr.message_digest.name).to eq('sha256')
+    expect(csr.signature_algorithm).to eq('dsa_with_SHA256')
     # dss1 is actually the same as SHA1
     # Yes this is confusing
     # see http://www.ruby-doc.org/stdlib-1.9.3/libdoc/openssl/rdoc/OpenSSL/PKey/DSA.html
   end
-  it "changes the message_digest to DSS1 when creating a DSA key" do
+  it "changes the message_digest to SHA256 when creating a DSA key" do
     csr = R509::CSR.new(:subject => [["CN", "dsasigned.com"]], :type => "dsa", :bit_length => 512)
-    expect(csr.message_digest.name).to eq('dss1')
-    expect(csr.signature_algorithm).to eq('dsaWithSHA1')
+    expect(csr.message_digest.name).to eq('sha256')
+    expect(csr.signature_algorithm).to eq('dsa_with_SHA256')
     # dss1 is actually the same as SHA1
     # Yes this is confusing
     # see http://www.ruby-doc.org/stdlib-1.9.3/libdoc/openssl/rdoc/OpenSSL/PKey/DSA.html

data/spec/fixtures/csr4.pem

@@ -1,25 +1,25 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIETDCCAzQCADCBijELMAkGA1UEBhMCVVMxHTAbBgNVBAgMFERpc3RyaWN0IE9m
-IENvbHVtYmlhMRMwEQYDVQQHDApXYXNoaW5ndG9uMRMwEQYDVQQKDApNeSBDb21w
-YW55MREwDwYDVQQLDAhPcmcgVW5pdDEfMB0GA1UEAwwWY29uY2VudHJhdG9yLnZw
-bi5sb2NhbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALZFopgI+Obo
-neQN7AWiPRqFxT380fja+eua38n7BkGIadRPtnrolaMMOJQq9u4n8f1lMlCxddCD
-C5nvw+wUP8lDPXZ+47m5eypW21Anw+sGum58edoGtXmVoTMEH+MtYvtzj97ZqI2Z
-yVaph+zivIH5Bz2hKIf2fFnxCeQgaYECryfzWc135WgPwiNhCIOvUqYeRV6PI9PY
-u23QeM8JPuYAHHC87NsEnosRsWzTxF1VF+beS23wgR3BSL8VW3wkGnRnaaukSyVg
-zfJRW/75yhny/4JiHzJYA1uY272fcbpTRbVKH2Vk0IjewjJIj9xthrqLl1Y0KV19
-3PX4StZvi+sCAwEAAaCCAXswGgYKKwYBBAGCNw0CAzEMFgo2LjEuNzYwMC4yMEwG
-CSsGAQQBgjcVFDE/MD0CAQkMIHBkZ2xtdmNpdG1ncjAxLmNvcnAuc2lyaXVzeG0u
-Y29tDA1DT1JQXGZtb25yb2V4DAdjZXJ0cmVxMEwGCisGAQQBgjcNAgExPjA8HiYA
-QwBlAHIAdABpAGYAaQBjAGEAdABlAFQAZQBtAHAAbABhAHQAZR4SAFcAZQBiAFMA
-ZQByAHYAZQByME0GCSqGSIb3DQEJDjFAMD4wPAYDVR0RBDUwM4ILYWRvbWFpbi5j
-b22CEWFub3RoZXJkb21haW4uY29tghFqdXN0YW5leGFtcGxlLmNvbTByBgorBgEE
-AYI3DQICMWQwYgIBAR5aAE0AaQBjAHIAbwBzAG8AZgB0ACAAUgBTAEEAIABTAEMA
-aABhAG4AbgBlAGwAIABDAHIAeQBwAHQAbwBnAHIAYQBwAGgAaQBjACAAUAByAG8A
-dgBpAGQAZQByAwEAMA0GCSqGSIb3DQEBBQUAA4IBAQB3PRUUAwKJ7JC8GnssEf37
-hpFZ3x8WGbuRDmKfeSiKtH/JQpWqFKYn9e0sv9W2/gWxYU02ykPUgMu+ccgh2uqi
-6dp/EmtSBw1sIb41/ie1QcQ9lnrOls6ft6unUAQk/FjKWgsPTPhJCaJiCeFWJj81
-E3zn/2dCoz9K2XTCFGTBBq8Z8V2dmQwZQTa7Gn2hZN7ZqB3Y6MoI77oMTjJV4Gqm
-lqvyW46szlMjAbBFikuy5BftD7xL1s/s+4dJPRroitNTeWgcS7hu41k6FQHbSPff
-9S/qFLRt8NxcukZClkjnDIFpuA5e+eZdL/SX/klALO/Zn1oeeIe3fUii0ihkdHE1
------END CERTIFICATE REQUEST-----
+-----BEGIN NEW CERTIFICATE REQUEST-----
+MIIEKjCCAxICAQAwgYoxCzAJBgNVBAYTAlVTMR0wGwYDVQQIDBREaXN0cmljdCBP
+ZiBDb2x1bWJpYTETMBEGA1UEBwwKV2FzaGluZ3RvbjERMA8GA1UECwwIT3JnIFVu
+aXQxEzARBgNVBAoMCk15IENvbXBhbnkxHzAdBgNVBAMMFmNvbmNlbnRyYXRvci52
+cG4ubG9jYWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5WNJl0Oxh
+pu8A5uybAWjjOyQDr/UXeu+/xylNR3C7y7WEPsA5IUv8aa83lw8ag5+OZjN1lpIw
+dy2yHCm9wzfBaxwd4GnU1jQf8hi9wAQsGrJI194eG0gUEHtVVUEmZAEvbiySfGH8
+9+tL+iemD9Ua1YwDOCErSeqNg9ROZLHw31NuzJawByf5EoKwbZ0G7Rm0T5qUXGW2
+Is8iIq74o2l7haEPSpWeQEXAigyEhB8l2Rr8icuhmVC/IEdz6B2rPe20psMO6vzF
+Apx+WTgm7XzuSfqz0Tv7NABy63dRwGUW3yZn+3yN6EfC5CtkOzm1w2Na1I6wRlVH
+XDJZlj3UxwzTAgMBAAGgggFYMBoGCisGAQQBgjcNAgMxDBYKNi4xLjc2MDEuMjBL
+BgkrBgEEAYI3FRQxPjA8AgEFDBxWQ0hJLUVOLVJHRkZUMS50cnVzdHdhdmUuY29t
+DBBUUlVTVFdBVkVcZGxhbXBhDAdNTUMuRVhFMHIGCisGAQQBgjcNAgIxZDBiAgEB
+HloATQBpAGMAcgBvAHMAbwBmAHQAIABSAFMAQQAgAFMAQwBoAGEAbgBuAGUAbAAg
+AEMAcgB5AHAAdABvAGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIDAQAw
+eQYJKoZIhvcNAQkOMWwwajA8BgNVHREENTAzggthZG9tYWluLmNvbYIRYW5vdGhl
+cmRvbWFpbi5jb22CEWp1c3RhbmV4YW1wbGUuY29tMB0GA1UdDgQWBBQ6Y8EqbqGM
+hQZOg6Z8u5ro9HvFwTALBgNVHQ8EBAMCBSAwDQYJKoZIhvcNAQEFBQADggEBAGdu
+Cz9tnTWtkGSdUjG3u8RlIWtnwNI+lsw2wYperb2r/eWMYCa8o2k/HsmWbISWiqWO
+HmS5VHoItUTimItRpaMwjDHpz1xrpILRW5vY2RZMh6+/DbZJFnXHuIIQF2gk1G8f
+Z4rYm71EGnvETy7xdbQfMIZegvzyBCdWuT/67OrbBWhPL2VIqkqAn5eEfl2nKv30
+SFyz9Yy63b4bBqYDOkmGlAZxFuPIMuxeiwlqzmXavV4mIB8e+qZnvjTzTjk7VnGb
+b9r4r/Dl4nzFq1c6iii5EBGBcPTDBa/6uanM03nPXSudPEDpT33epUotM9+rsQX9
+dPth/F/Do0QBAyOCyS0=
+-----END NEW CERTIFICATE REQUEST-----

data/spec/message_digest_spec.rb

@@ -53,16 +53,6 @@ describe R509::MessageDigest do
     expect(md.name).to eq("md5")
     expect(md.digest.is_a?(OpenSSL::Digest::MD5)).to eq(true)
   end
-  it "translates dss1 name -> digest" do
-    md = R509::MessageDigest.new("dss1")
-    expect(md.name).to eq("dss1")
-    expect(md.digest.is_a?(OpenSSL::Digest::DSS1)).to eq(true)
-  end
-  it "translates DSS1 name -> digest" do
-    md = R509::MessageDigest.new("DSS1")
-    expect(md.name).to eq("dss1")
-    expect(md.digest.is_a?(OpenSSL::Digest::DSS1)).to eq(true)
-  end
   it "translates unknown name -> digest" do
     md = R509::MessageDigest.new("unknown")
     expect(md.name).to eq("sha256")
@@ -98,11 +88,6 @@ describe R509::MessageDigest do
     expect(md.name).to eq("md5")
     expect(md.digest.is_a?(OpenSSL::Digest::MD5)).to eq(true)
   end
-  it "translates dss1 digest -> name" do
-    md = R509::MessageDigest.new(OpenSSL::Digest::DSS1.new)
-    expect(md.name).to eq("dss1")
-    expect(md.digest.is_a?(OpenSSL::Digest::DSS1)).to eq(true)
-  end
   it "creates a default digest with no params or nil" do
     md = R509::MessageDigest.new
     expect(md.name).to eq(R509::MessageDigest::DEFAULT_MD.downcase)

data/spec/oid_mapper_spec.rb

@@ -17,6 +17,11 @@ describe R509::OIDMapper do
     expect(subject_new['myOIDName']).to eq('random_oid')
   end
 
+  it "returns false when registering an oid that already exists" do
+    allow(OpenSSL::ASN1::ObjectId).to receive(:register).and_raise(OpenSSL::ASN1::ASN1Error)
+    expect(R509::OIDMapper.register('1.4.3.2.1.2.7.4.4.4.4', 'someOtherName')).to eq(false)
+  end
+
   it "registers a batch of new oids" do
     expect { R509::Subject.new [['testOIDName', 'random_oid']] }.to raise_error(OpenSSL::X509::NameError, 'invalid field name')
     expect { R509::Subject.new [['anotherOIDName', 'second_random']] }.to raise_error(OpenSSL::X509::NameError, 'invalid field name')

data/spec/spki_spec.rb

@@ -22,7 +22,7 @@ shared_examples_for "create spki with private key" do
     when @key.rsa?
       expect(spki.signature_algorithm).to(match(/sha256/i))
     when @key.dsa?
-      expect(spki.signature_algorithm).to(match(/sha1/i))
+      expect(spki.signature_algorithm).to(match(/sha256/i))
     end
     spki.verify_signature
   end

metadata

@@ -1,35 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: r509
 version: !ruby/object:Gem::Version
-  version: '1.0'
+  version: 1.0.1
 platform: ruby
 authors:
 - Paul Kehrer
 autorequire: 
 bindir: bin
-cert_chain:
-- |
-  -----BEGIN CERTIFICATE-----
-  MIIDPDCCAiSgAwIBAgIBAzANBgkqhkiG9w0BAQUFADBEMRYwFAYDVQQDDA1wYXVs
-  Lmwua2VocmVyMRUwEwYKCZImiZPyLGQBGRYFZ21haWwxEzARBgoJkiaJk/IsZAEZ
-  FgNjb20wHhcNMTYxMjA2MTUzMDAyWhcNMTcxMjA2MTUzMDAyWjBEMRYwFAYDVQQD
-  DA1wYXVsLmwua2VocmVyMRUwEwYKCZImiZPyLGQBGRYFZ21haWwxEzARBgoJkiaJ
-  k/IsZAEZFgNjb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLVC6U
-  0ZyX4C4HllJxHW0Uq39bvRvfNXc0RXMSvIRklxjupx3EICVATpAJzg4qBxbpxRTe
-  XcsmuYfaZAriSH2M97C2sBJnVEAr63ws2vmBQKw9cXHV3RjQTeqQUTQudE790DTI
-  7pc1ObprB4pM2j3O6JtPVzmJ/PGACjtyg4bys6bx7JQJW5liunK26mS6w6mAAcAV
-  scAz7oh6fmOI0OSS45l3ycOEh5sb42cZzs7TNzcvVmEppTRa4wBP4/eDTuohxlPH
-  skuIPWcdU6YTo2LWwqEaGgUItj8lRqXGDcEZ1FhKyZ6HUD3l1zPGxojW8BKr0Svj
-  /cMP+y0YH5OeoD+vAgMBAAGjOTA3MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0G
-  A1UdDgQWBBRG/XG7L1orNzHDGQaIv97hRgJYajANBgkqhkiG9w0BAQUFAAOCAQEA
-  nhyFPJjIrxxka6vXSxaeSSLAJ6q/oeRqHxoJtT46JYPWeeT7j/vjFwS96oY5gWJk
-  STjSuGp+wFKKrdttswO2+GzpoTrOabQMw6kg1Y0hYXjJ5O52EDHmDPFKXK+yOYkK
-  GOAQZ8KXEnczOXTWiigLkwkEI5eH+vCMYSSvVpYlSmsgj6nYjl0K+XxWfXseBLv2
-  rLKOPJOyqpW2fuOxutEfQ3ZvgjeuzUnjXSuOuwZNrQSOODC2sYXyebd7UbjU+AsD
-  eJKxcHs4mnzJUqy/5FZbS/i8lMYMDy0elcc44zd+qDsY7zreRzpoB2XinMWV99vd
-  rHOwDzJDt8KFQ4zf0Bsrvg==
-  -----END CERTIFICATE-----
-date: 2016-12-06 00:00:00.000000000 Z
+cert_chain: []
+date: 2017-11-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -82,9 +61,9 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
-- CONTRIBUTING.mdown
+- CONTRIBUTING.md
 - LICENSE
-- README.mdown
+- README.md
 - Rakefile
 - bin/r509
 - bin/r509-parse
@@ -356,7 +335,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 1.9.3
+      version: '2.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -364,20 +343,20 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.8
+rubygems_version: 2.6.14
 signing_key: 
 specification_version: 4
 summary: A (relatively) simple X.509 certification authority API
 test_files:
+- spec/oid_mapper_spec.rb
 - spec/asn1_spec.rb
 - spec/cert_spec.rb
-- spec/csr_spec.rb
-- spec/engine_spec.rb
-- spec/message_digest_spec.rb
-- spec/ocsp_spec.rb
-- spec/oid_mapper_spec.rb
 - spec/private_key_spec.rb
+- spec/ocsp_spec.rb
+- spec/validity_spec.rb
+- spec/subject_spec.rb
 - spec/r509_spec.rb
+- spec/engine_spec.rb
+- spec/csr_spec.rb
+- spec/message_digest_spec.rb
 - spec/spki_spec.rb
-- spec/subject_spec.rb
-- spec/validity_spec.rb

checksums.yaml.gz.sig

@@ -1 +0,0 @@
-���EwX�Y�����թ"�}R'֔W2`���:ՙnL5�CW���ڼB����N�q+�y.wYFR!&C�*=}=uY�[�':�e����c��Z�K`�T'W��F�y��F%�^KUZ��+�+�&��ؙ�����贳�P��UN8+I8��n�Ctp�'9ۨ(���Z��P�8/`���2���{H���n	�D��YO�