RubyGems - rspec-ssltls - Versions diffs - 0.0.4 → 0.0.5 - Mend

rspec-ssltls 0.0.4 → 0.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/README.md +9 -0
data/lib/rspec_ssltls/have_certificate.rb +38 -0
data/lib/rspec_ssltls/version.rb +1 -1
data/spec/rspec_ssltls/have_certificate_spec.rb +62 -0
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7635f72b8316eb0801a357f252c363202ea50a8a
-  data.tar.gz: 5609957cc3fc4cb58dee2b719bce7405075e9722
+  metadata.gz: d4e6b41ab56f558b87703db57059c0f92818cf81
+  data.tar.gz: ff9624c700828c5840f2350ae571cffe33d7f2ca
 SHA512:
-  metadata.gz: 1a1e4b32a265f40da8651b5868952f27c24513a8ba8a79d522d4ecc12871cc1b15a5ee35f651ae4c94e6c9b7aecbf13dd8113ae16ab75bbb850c97b09912d931
-  data.tar.gz: fbbcaf923ef47cad4f88fd3888df07090dc9e8f129d326e5a36f6cb01822ef9acd86ce05d5c802d8e4210c8fb7149b5670a55c5bfd42686d060f9564e1f2e704
+  metadata.gz: 74a720c9dc8eb7fd047a439b1e2b653fa6c4b11836ed97d16738861b9d10e7607414b0ff323fab67e06a776ab624afe0ea2b14fe9996415e333212eb82b59e8e
+  data.tar.gz: 7f277309217156481b16f343d3111750f96abd6009b42fc91c6e3fffb8ed6daf5414c7d6e95249fff8581842af1737499fcb829c7594c2460683c859c2da1a87

data/README.md CHANGED Viewed

@@ -21,6 +21,15 @@ describe 'www.example.com:443' do
   it { is_expected.to have_certificate.subject(CN: '*.example.com') }
   it { is_expected.to have_certificate.issuer(CN: 'ca.example.org') }
   it { is_expected.to have_certificate.chain(0).subject(CN: '*.example.com') }
+  it do
+    is_expected.to have_certificate
+      .subject(CN: '*.example.com').valid_at('2020/09/12 19:00:05 JST')
+  end
+  it do
+    is_expected.to have_certificate
+      .subject(CN: '*.example.com')
+      .valid_in('2014/09/12 19:00:05 UTC', '2015/10/01 00:00:00 UTC')
+  end
   it { is_expected.to support_protocol('TLSv1_2') }
   it { is_expected.to support_cipher('AES256-SHA').protocol('TLSv1') }
   it { is_expected.to support_cipher('DES-CBC3-SHA').protocol('SSLv3') }

data/lib/rspec_ssltls/have_certificate.rb CHANGED Viewed

@@ -1,5 +1,6 @@
 require 'rspec_ssltls'
 require 'uri'
+require 'time'
 RSpec::Matchers.define :have_certificate do
   match do |dest|
@@ -31,10 +32,25 @@ RSpec::Matchers.define :have_certificate do
       RspecSsltls::Util.add_string(@chain_string, "chain[#{n}]")
   end
+  chain :valid_at do |t|
+    @chain_string =
+      RspecSsltls::Util.add_string(@chain_string, "valiid at #{t}")
+    @t1 = t
+    @t2 = t
+  end
+  chain :valid_in do |t1, t2|
+    @chain_string = RspecSsltls::Util
+      .add_string(@chain_string, "valiid in #{t1} - #{t2}")
+    @t1 = t1
+    @t2 = t2
+  end
   def valid_cert?
     @result_cert = {}
     @result_cert.merge!(subject: valid_identifier?(:subject, @subject))
     @result_cert.merge!(issuer:  valid_identifier?(:issuer, @issuer))
+    @result_cert.merge!(valid_in: valid_in?)
     @result_cert.values.all? { |r| r == true }
   end
@@ -68,6 +84,28 @@ RSpec::Matchers.define :have_certificate do
       RspecSsltls::Util.add_string(@chain_string, "#{key} #{kv}", ' ')
   end
+  def valid_in?
+    return true unless @t1 && @t2
+    fail 'Input time range is incorrect' if @t2 < @t1
+    parse_time
+    if @t1 == @t2
+      @result_string += "  expected: valid in #{@t1} .. #{@t2}\n"
+    else
+      @result_string += "  expected: valid at #{@t1}\n"
+    end
+    @result_string +=
+      "  actual: valid in #{@peer_cert.not_before} .. #{@peer_cert.not_after}\n"
+    (@peer_cert.not_before..@peer_cert.not_after).cover?(@t1) &&
+      (@peer_cert.not_before..@peer_cert.not_after).cover?(@t2)
+  end
+  def parse_time
+    @t1 = Time.parse(@t1) unless @t1.respond_to?(:getutc)
+    @t2 = Time.parse(@t2) unless @t2.respond_to?(:getutc)
+  end
   description do
     "have a certificate#{@chain_string}"
   end

data/lib/rspec_ssltls/version.rb CHANGED Viewed

@@ -1,4 +1,4 @@
 # Easily test your SSL/TLS with RSpec.
 module RspecSsltls
-  VERSION = '0.0.4'
+  VERSION = '0.0.5'
 end

data/spec/rspec_ssltls/have_certificate_spec.rb CHANGED Viewed

@@ -22,6 +22,8 @@ example_ca_cert_name =
                           ])
 example_ca_cert = OpenSSL::X509::Certificate.new
 example_ca_cert.subject = example_ca_cert_name
+example_ca_cert.not_before = Time.utc(0, 0, 0, 1, 10, 2014, nil, nil, nil, nil)
+example_ca_cert.not_after  = Time.utc(0, 0, 0, 1, 10, 2022, nil, nil, nil, nil)
 example_cert_name =
   OpenSSL::X509::Name.new([%w(C JP),
@@ -33,6 +35,8 @@ example_cert_name =
 example_cert = OpenSSL::X509::Certificate.new
 example_cert.subject = example_cert_name
 example_cert.issuer = example_ca_cert_name
+example_cert.not_before = Time.utc(5, 0, 19, 12, 9, 2014, nil, nil, nil, nil)
+example_cert.not_after  = Time.utc(0, 0, 0, 1, 10, 2015, nil, nil, nil, nil)
 describe 'rspec-ssltls matchers' do
   describe '#have_certificate' do
@@ -127,5 +131,63 @@ describe 'rspec-ssltls matchers' do
                                               OU: 'Example Div.'
                                               )
     end
+    it 'can evalutate having certificate subject valid_at' do
+      stub_ssl_socket(peer_cert_chain: [example_cert])
+      expect('www.example.com:443').to have_certificate
+        .subject(CN: '*.example.com')
+        .valid_at('2014/10/01 09:34 JST')
+      expect('www.example.com:443').to have_certificate
+        .subject(CN: '*.example.com',
+                 C:  'JP',
+                 ST: 'Tokyo',
+                 O:  'Example Co., Ltd.',
+                 OU: 'Example Div.'
+                 )
+        .valid_at('2014/10/01 09:34 JST')
+      expect('www.example.com:443').not_to have_certificate
+        .subject(CN: '*.example.com')
+        .valid_at('2014/09/01 12:34 JST')
+    end
+    # show default description
+    it do
+      stub_ssl_socket(peer_cert_chain: [example_cert])
+      expect('www.example.com:443').to have_certificate
+        .subject(CN: '*.example.com')
+        .valid_at('2014/10/01 09:34 JST')
+    end
+    it 'can evalutate having certificate subject valid_in' do
+      stub_ssl_socket(peer_cert_chain: [example_cert])
+      expect('www.example.com:443').to have_certificate
+        .subject(CN: '*.example.com')
+        .valid_in('2014/09/12 19:00:05 UTC', '2015/10/01 00:00:00 UTC')
+      expect('www.example.com:443').to have_certificate
+        .subject(CN: '*.example.com',
+                 C:  'JP',
+                 ST: 'Tokyo',
+                 O:  'Example Co., Ltd.',
+                 OU: 'Example Div.'
+                 )
+        .valid_in('2014/09/12 19:00:05 UTC', '2015/10/01 00:00:00 UTC')
+      expect('www.example.com:443').not_to have_certificate
+        .subject(CN: '*.example.com')
+        .valid_in('2014/09/12 19:00:05 UTC', '2025/10/01 00:00:00 UTC')
+      expect('www.example.com:443').not_to have_certificate
+        .subject(CN: '*.example.com')
+        .valid_in(Time.parse('2014/09/12 19:00:05 UTC'),
+                  Time.parse('2025/10/01 00:00:00 UTC'))
+    end
+    # show default description
+    it do
+      stub_ssl_socket(peer_cert_chain: [example_cert])
+      expect('www.example.com:443').to have_certificate
+        .subject(CN: '*.example.com')
+        .valid_in('2014/09/12 19:00:05 UTC', '2015/10/01 00:00:00 UTC')
+    end
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rspec-ssltls
 version: !ruby/object:Gem::Version
-  version: 0.0.4
+  version: 0.0.5
 platform: ruby
 authors:
 - OTA Hiroshi
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-10-23 00:00:00.000000000 Z
+date: 2014-10-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec