rspec-ssltls 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -0
- data/lib/rspec_ssltls/have_certificate.rb +9 -2
- data/lib/rspec_ssltls/util.rb +2 -2
- data/lib/rspec_ssltls/version.rb +1 -1
- data/spec/rspec_ssltls/have_certificate_spec.rb +39 -6
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7635f72b8316eb0801a357f252c363202ea50a8a
|
4
|
+
data.tar.gz: 5609957cc3fc4cb58dee2b719bce7405075e9722
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1a1e4b32a265f40da8651b5868952f27c24513a8ba8a79d522d4ecc12871cc1b15a5ee35f651ae4c94e6c9b7aecbf13dd8113ae16ab75bbb850c97b09912d931
|
7
|
+
data.tar.gz: fbbcaf923ef47cad4f88fd3888df07090dc9e8f129d326e5a36f6cb01822ef9acd86ce05d5c802d8e4210c8fb7149b5670a55c5bfd42686d060f9564e1f2e704
|
data/README.md
CHANGED
@@ -20,6 +20,7 @@ require 'spec_helper'
|
|
20
20
|
describe 'www.example.com:443' do
|
21
21
|
it { is_expected.to have_certificate.subject(CN: '*.example.com') }
|
22
22
|
it { is_expected.to have_certificate.issuer(CN: 'ca.example.org') }
|
23
|
+
it { is_expected.to have_certificate.chain(0).subject(CN: '*.example.com') }
|
23
24
|
it { is_expected.to support_protocol('TLSv1_2') }
|
24
25
|
it { is_expected.to support_cipher('AES256-SHA').protocol('TLSv1') }
|
25
26
|
it { is_expected.to support_cipher('DES-CBC3-SHA').protocol('SSLv3') }
|
@@ -5,13 +5,14 @@ RSpec::Matchers.define :have_certificate do
|
|
5
5
|
match do |dest|
|
6
6
|
@chain_string ||= ''
|
7
7
|
@result_string ||= ''
|
8
|
+
@chain_number ||= 0
|
8
9
|
uri = URI.parse('https://' + dest)
|
9
10
|
socket = TCPSocket.open(uri.host, uri.port)
|
10
11
|
ssl_context = OpenSSL::SSL::SSLContext.new
|
11
12
|
ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ssl_context)
|
12
13
|
ssl_socket.sync_close = true
|
13
14
|
ssl_socket.connect
|
14
|
-
@peer_cert = ssl_socket.
|
15
|
+
@peer_cert = ssl_socket.peer_cert_chain[@chain_number]
|
15
16
|
ssl_socket.close
|
16
17
|
@peer_cert ? valid_cert? : false
|
17
18
|
end
|
@@ -24,6 +25,12 @@ RSpec::Matchers.define :have_certificate do
|
|
24
25
|
id_chain(:issuer, id)
|
25
26
|
end
|
26
27
|
|
28
|
+
chain :chain do |n|
|
29
|
+
@chain_number = n
|
30
|
+
@chain_string =
|
31
|
+
RspecSsltls::Util.add_string(@chain_string, "chain[#{n}]")
|
32
|
+
end
|
33
|
+
|
27
34
|
def valid_cert?
|
28
35
|
@result_cert = {}
|
29
36
|
@result_cert.merge!(subject: valid_identifier?(:subject, @subject))
|
@@ -58,7 +65,7 @@ RSpec::Matchers.define :have_certificate do
|
|
58
65
|
instance_variable_set("@#{key}", id)
|
59
66
|
kv = id.each_pair.map { |k, v| "#{k}=\"#{v}\"" }.join(', ')
|
60
67
|
@chain_string =
|
61
|
-
RspecSsltls::Util.add_string(@chain_string, "#{key} #{kv}")
|
68
|
+
RspecSsltls::Util.add_string(@chain_string, "#{key} #{kv}", ' ')
|
62
69
|
end
|
63
70
|
|
64
71
|
description do
|
data/lib/rspec_ssltls/util.rb
CHANGED
@@ -2,11 +2,11 @@
|
|
2
2
|
module RspecSsltls
|
3
3
|
# Utility class
|
4
4
|
class Util
|
5
|
-
def self.add_string(target, addition)
|
5
|
+
def self.add_string(target, addition, separator = ', ')
|
6
6
|
if target.nil?
|
7
7
|
' ' + addition
|
8
8
|
else
|
9
|
-
target +
|
9
|
+
target + separator + addition
|
10
10
|
end
|
11
11
|
end
|
12
12
|
|
data/lib/rspec_ssltls/version.rb
CHANGED
@@ -37,13 +37,13 @@ example_cert.issuer = example_ca_cert_name
|
|
37
37
|
describe 'rspec-ssltls matchers' do
|
38
38
|
describe '#have_certificate' do
|
39
39
|
it 'can evalutate having certificate' do
|
40
|
-
stub_ssl_socket(
|
40
|
+
stub_ssl_socket(peer_cert_chain: [nil])
|
41
41
|
expect('www.example.com:443').not_to have_certificate
|
42
|
-
stub_ssl_socket(
|
42
|
+
stub_ssl_socket(peer_cert_chain: [example_cert])
|
43
43
|
expect('www.example.com:443').to have_certificate
|
44
44
|
end
|
45
45
|
it 'can evalutate having certificate subject' do
|
46
|
-
stub_ssl_socket(
|
46
|
+
stub_ssl_socket(peer_cert_chain: [example_cert])
|
47
47
|
expect('www.example.com:443')
|
48
48
|
.to have_certificate.subject(CN: '*.example.com')
|
49
49
|
expect('www.example.com:443')
|
@@ -59,7 +59,7 @@ describe 'rspec-ssltls matchers' do
|
|
59
59
|
|
60
60
|
# show default description
|
61
61
|
it do
|
62
|
-
stub_ssl_socket(
|
62
|
+
stub_ssl_socket(peer_cert_chain: [example_cert])
|
63
63
|
expect('www.example.com:443')
|
64
64
|
.to have_certificate.subject(CN: '*.example.com',
|
65
65
|
C: 'JP',
|
@@ -70,7 +70,7 @@ describe 'rspec-ssltls matchers' do
|
|
70
70
|
end
|
71
71
|
|
72
72
|
it 'can evalutate having certificate issuer' do
|
73
|
-
stub_ssl_socket(
|
73
|
+
stub_ssl_socket(peer_cert_chain: [example_cert])
|
74
74
|
expect('www.example.com:443')
|
75
75
|
.to have_certificate.issuer(CN: 'ca.example.org')
|
76
76
|
expect('www.example.com:443')
|
@@ -86,7 +86,7 @@ describe 'rspec-ssltls matchers' do
|
|
86
86
|
|
87
87
|
# show default description
|
88
88
|
it do
|
89
|
-
stub_ssl_socket(
|
89
|
+
stub_ssl_socket(peer_cert_chain: [example_cert])
|
90
90
|
expect('www.example.com:443')
|
91
91
|
.to have_certificate.issuer(CN: 'ca.example.org',
|
92
92
|
C: 'US',
|
@@ -94,5 +94,38 @@ describe 'rspec-ssltls matchers' do
|
|
94
94
|
OU: 'Example Org. Div.'
|
95
95
|
)
|
96
96
|
end
|
97
|
+
|
98
|
+
it 'can evalutate having certificate in chain' do
|
99
|
+
stub_ssl_socket(peer_cert_chain: [nil])
|
100
|
+
expect('www.example.com:443').not_to have_certificate.chain(0)
|
101
|
+
stub_ssl_socket(peer_cert_chain: [example_cert])
|
102
|
+
expect('www.example.com:443').to have_certificate.chain(0)
|
103
|
+
end
|
104
|
+
it 'can evalutate having certificate subject in chain' do
|
105
|
+
stub_ssl_socket(peer_cert_chain: [example_cert])
|
106
|
+
expect('www.example.com:443')
|
107
|
+
.to have_certificate.chain(0).subject(CN: '*.example.com')
|
108
|
+
expect('www.example.com:443')
|
109
|
+
.to have_certificate.chain(0).subject(CN: '*.example.com',
|
110
|
+
C: 'JP',
|
111
|
+
ST: 'Tokyo',
|
112
|
+
O: 'Example Co., Ltd.',
|
113
|
+
OU: 'Example Div.'
|
114
|
+
)
|
115
|
+
expect('www.example.com:443')
|
116
|
+
.not_to have_certificate.chain(0).subject(CN: 'www.example.com')
|
117
|
+
end
|
118
|
+
|
119
|
+
# show default description
|
120
|
+
it do
|
121
|
+
stub_ssl_socket(peer_cert_chain: [example_cert])
|
122
|
+
expect('www.example.com:443')
|
123
|
+
.to have_certificate.chain(0).subject(CN: '*.example.com',
|
124
|
+
C: 'JP',
|
125
|
+
ST: 'Tokyo',
|
126
|
+
O: 'Example Co., Ltd.',
|
127
|
+
OU: 'Example Div.'
|
128
|
+
)
|
129
|
+
end
|
97
130
|
end
|
98
131
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rspec-ssltls
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- OTA Hiroshi
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-10-
|
11
|
+
date: 2014-10-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rspec
|