RubyGems - rspec-ssltls - Versions diffs - 0.0.4 → 0.0.5 - Mend

rspec-ssltls 0.0.4 → 0.0.5

Files changed (6) hide show

checksums.yaml +4 -4
data/README.md +9 -0
data/lib/rspec_ssltls/have_certificate.rb +38 -0
data/lib/rspec_ssltls/version.rb +1 -1
data/spec/rspec_ssltls/have_certificate_spec.rb +62 -0
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7635f72b8316eb0801a357f252c363202ea50a8a
-  data.tar.gz: 5609957cc3fc4cb58dee2b719bce7405075e9722
+  metadata.gz: d4e6b41ab56f558b87703db57059c0f92818cf81
+  data.tar.gz: ff9624c700828c5840f2350ae571cffe33d7f2ca
 SHA512:
-  metadata.gz: 1a1e4b32a265f40da8651b5868952f27c24513a8ba8a79d522d4ecc12871cc1b15a5ee35f651ae4c94e6c9b7aecbf13dd8113ae16ab75bbb850c97b09912d931
-  data.tar.gz: fbbcaf923ef47cad4f88fd3888df07090dc9e8f129d326e5a36f6cb01822ef9acd86ce05d5c802d8e4210c8fb7149b5670a55c5bfd42686d060f9564e1f2e704
+  metadata.gz: 74a720c9dc8eb7fd047a439b1e2b653fa6c4b11836ed97d16738861b9d10e7607414b0ff323fab67e06a776ab624afe0ea2b14fe9996415e333212eb82b59e8e
+  data.tar.gz: 7f277309217156481b16f343d3111750f96abd6009b42fc91c6e3fffb8ed6daf5414c7d6e95249fff8581842af1737499fcb829c7594c2460683c859c2da1a87

data/README.md CHANGED Viewed

@@ -21,6 +21,15 @@ describe 'www.example.com:443' do
   it { is_expected.to have_certificate.subject(CN: '*.example.com') }
   it { is_expected.to have_certificate.issuer(CN: 'ca.example.org') }
   it { is_expected.to have_certificate.chain(0).subject(CN: '*.example.com') }
+  it do
+    is_expected.to have_certificate
+      .subject(CN: '*.example.com').valid_at('2020/09/12 19:00:05 JST')
+  end
+  it do
+    is_expected.to have_certificate
+      .subject(CN: '*.example.com')
+      .valid_in('2014/09/12 19:00:05 UTC', '2015/10/01 00:00:00 UTC')
+  end
   it { is_expected.to support_protocol('TLSv1_2') }
   it { is_expected.to support_cipher('AES256-SHA').protocol('TLSv1') }
   it { is_expected.to support_cipher('DES-CBC3-SHA').protocol('SSLv3') }

data/lib/rspec_ssltls/have_certificate.rb CHANGED Viewed

@@ -1,5 +1,6 @@
 require 'rspec_ssltls'
 require 'uri'
+require 'time'
 RSpec::Matchers.define :have_certificate do
   match do |dest|
@@ -31,10 +32,25 @@ RSpec::Matchers.define :have_certificate do
       RspecSsltls::Util.add_string(@chain_string, "chain[#{n}]")
   end
+  chain :valid_at do |t|
+    @chain_string =
+      RspecSsltls::Util.add_string(@chain_string, "valiid at #{t}")
+    @t1 = t
+    @t2 = t
+  end
+  chain :valid_in do |t1, t2|
+    @chain_string = RspecSsltls::Util
+      .add_string(@chain_string, "valiid in #{t1} - #{t2}")
+    @t1 = t1
+    @t2 = t2
+  end
   def valid_cert?
     @result_cert = {}
     @result_cert.merge!(subject: valid_identifier?(:subject, @subject))
     @result_cert.merge!(issuer:  valid_identifier?(:issuer, @issuer))
+    @result_cert.merge!(valid_in: valid_in?)
     @result_cert.values.all? { |r| r == true }
   end
@@ -68,6 +84,28 @@ RSpec::Matchers.define :have_certificate do
       RspecSsltls::Util.add_string(@chain_string, "#{key} #{kv}", ' ')
   end
+  def valid_in?
+    return true unless @t1 && @t2
+    fail 'Input time range is incorrect' if @t2 < @t1
+    parse_time
+    if @t1 == @t2
+      @result_string += "  expected: valid in #{@t1} .. #{@t2}\n"
+    else
+      @result_string += "  expected: valid at #{@t1}\n"
+    end
+    @result_string +=
+      "  actual: valid in #{@peer_cert.not_before} .. #{@peer_cert.not_after}\n"
+    (@peer_cert.not_before..@peer_cert.not_after).cover?(@t1) &&
+      (@peer_cert.not_before..@peer_cert.not_after).cover?(@t2)
+  end
+  def parse_time
+    @t1 = Time.parse(@t1) unless @t1.respond_to?(:getutc)
+    @t2 = Time.parse(@t2) unless @t2.respond_to?(:getutc)
+  end
   description do
     "have a certificate#{@chain_string}"
   end

data/lib/rspec_ssltls/version.rb CHANGED Viewed

@@ -1,4 +1,4 @@
 # Easily test your SSL/TLS with RSpec.
 module RspecSsltls
-  VERSION = '0.0.4'
+  VERSION = '0.0.5'
 end

data/spec/rspec_ssltls/have_certificate_spec.rb CHANGED Viewed

@@ -22,6 +22,8 @@ example_ca_cert_name =
                           ])
 example_ca_cert = OpenSSL::X509::Certificate.new
 example_ca_cert.subject = example_ca_cert_name
+example_ca_cert.not_before = Time.utc(0, 0, 0, 1, 10, 2014, nil, nil, nil, nil)
+example_ca_cert.not_after  = Time.utc(0, 0, 0, 1, 10, 2022, nil, nil, nil, nil)
 example_cert_name =
   OpenSSL::X509::Name.new([%w(C JP),
@@ -33,6 +35,8 @@ example_cert_name =
 example_cert = OpenSSL::X509::Certificate.new
 example_cert.subject = example_cert_name
 example_cert.issuer = example_ca_cert_name
+example_cert.not_before = Time.utc(5, 0, 19, 12, 9, 2014, nil, nil, nil, nil)
+example_cert.not_after  = Time.utc(0, 0, 0, 1, 10, 2015, nil, nil, nil, nil)
 describe 'rspec-ssltls matchers' do
   describe '#have_certificate' do
@@ -127,5 +131,63 @@ describe 'rspec-ssltls matchers' do
                                               OU: 'Example Div.'
                                               )
     end
+    it 'can evalutate having certificate subject valid_at' do
+      stub_ssl_socket(peer_cert_chain: [example_cert])
+      expect('www.example.com:443').to have_certificate
+        .subject(CN: '*.example.com')
+        .valid_at('2014/10/01 09:34 JST')
+      expect('www.example.com:443').to have_certificate
+        .subject(CN: '*.example.com',
+                 C:  'JP',
+                 ST: 'Tokyo',
+                 O:  'Example Co., Ltd.',
+                 OU: 'Example Div.'
+                 )
+        .valid_at('2014/10/01 09:34 JST')
+      expect('www.example.com:443').not_to have_certificate
+        .subject(CN: '*.example.com')
+        .valid_at('2014/09/01 12:34 JST')
+    end
+    # show default description
+    it do
+      stub_ssl_socket(peer_cert_chain: [example_cert])
+      expect('www.example.com:443').to have_certificate
+        .subject(CN: '*.example.com')
+        .valid_at('2014/10/01 09:34 JST')
+    end
+    it 'can evalutate having certificate subject valid_in' do
+      stub_ssl_socket(peer_cert_chain: [example_cert])
+      expect('www.example.com:443').to have_certificate
+        .subject(CN: '*.example.com')
+        .valid_in('2014/09/12 19:00:05 UTC', '2015/10/01 00:00:00 UTC')
+      expect('www.example.com:443').to have_certificate
+        .subject(CN: '*.example.com',
+                 C:  'JP',
+                 ST: 'Tokyo',
+                 O:  'Example Co., Ltd.',
+                 OU: 'Example Div.'
+                 )
+        .valid_in('2014/09/12 19:00:05 UTC', '2015/10/01 00:00:00 UTC')
+      expect('www.example.com:443').not_to have_certificate
+        .subject(CN: '*.example.com')
+        .valid_in('2014/09/12 19:00:05 UTC', '2025/10/01 00:00:00 UTC')
+      expect('www.example.com:443').not_to have_certificate
+        .subject(CN: '*.example.com')
+        .valid_in(Time.parse('2014/09/12 19:00:05 UTC'),
+                  Time.parse('2025/10/01 00:00:00 UTC'))
+    end
+    # show default description
+    it do
+      stub_ssl_socket(peer_cert_chain: [example_cert])
+      expect('www.example.com:443').to have_certificate
+        .subject(CN: '*.example.com')
+        .valid_in('2014/09/12 19:00:05 UTC', '2015/10/01 00:00:00 UTC')
+    end
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rspec-ssltls
 version: !ruby/object:Gem::Version
-  version: 0.0.4
+  version: 0.0.5
 platform: ruby
 authors:
 - OTA Hiroshi
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-10-23 00:00:00.000000000 Z
+date: 2014-10-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec