ruby_scep 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +7 -0
  3. data/lib/ruby_scep/pki_message.rb +12 -2
  4. data/lib/ruby_scep/pki_operation.rb +0 -2
  5. data/lib/ruby_scep/version.rb +2 -2
  6. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: e56f6b4dabd8c397c018cff11445b01131357cd9
4
- data.tar.gz: 0755147776bfb23f488df0fa74a42edaf653cdd1
3
+ metadata.gz: be639a9b514a63be0075c577e716aab3076c4e29
4
+ data.tar.gz: 63cc039f8f0cc54436b3688d23e946282b38f562
5
5
  SHA512:
6
- metadata.gz: a1a3200871284c45cb92a1758b5f45557cbda828115df9f7e6fee4f7414c99a3c877b4a3e4312e46f853e251d0801a0fcbfe383d31b7c036103c96c4ea344da8
7
- data.tar.gz: d6221c48fab32c5481ad2df14cc487119ca37e88f43fb24b0487fa39cb8ef0fcc2776e76bb07f05f7e2ebfb8f2c406206ebb5df8ac3f98b39d4468162c22f588
6
+ metadata.gz: 47b704260abacb4787a1db950a1f19995181c04e2bc0d8fe5b13a91956772248ef7382ff5aaed647db0eba7200973c48135ce61ff840dd554d84d387630db0f5
7
+ data.tar.gz: 525f5dc3960a13fc3a4fe42fda7a36f91c36aab60ab430dc6c03698a8e7adf8e2893b67c50fbd646729fd1cc6f4584ecf284986a05ba9f5023401987d947dbe6
data/CHANGELOG.md ADDED
@@ -0,0 +1,7 @@
1
+ Changelog
2
+ =========
3
+
4
+ v0.2.1 (17/10/2017)
5
+ -------------------
6
+
7
+ - Extract the challenge password from the CSR and make it accessible in the PKI message (42f8069)
data/lib/ruby_scep/pki_message.rb CHANGED
@@ -6,7 +6,7 @@ module RubyScep
6
6
  include OpenSSL::ASN1
7
7
 
8
8
  # get OID corresponding name http://oid-info.com/get/<the oid>
9
- # get possible balues for a given OID in the CMS RFC https://www.ietf.org/rfc/rfc3369.txt
9
+ # get possible values for a given OID in the CMS RFC https://www.ietf.org/rfc/rfc3369.txt
10
10
  OID_MESSAGE_TYPE = '2.16.840.1.113733.1.9.2'
11
11
  OID_PKI_STATUS = '2.16.840.1.113733.1.9.3'
12
12
  OID_FAIL_INFO = '2.16.840.1.113733.1.9.4'
@@ -30,7 +30,7 @@ module RubyScep
30
30
  SCEP_PKI_STATUSES = { 'SUCCESS' => 0, 'FAILURE' => 2, 'PENDING' => 3 }
31
31
  SCEP_FAIL_INFOS = { 'badAlg' => 0, 'badMessageCheck' => 1, 'badRequest' => 2, 'badTime' => 3, 'badCertId' => 4 }
32
32
 
33
- attr_accessor :p7, :device_certificate, :enrollment_response
33
+ attr_accessor :p7, :device_certificate, :enrollment_response, :challenge_password
34
34
 
35
35
  def initialize(asn1, p7)
36
36
  signed_attributes = retrieve_signed_attributes(asn1)
@@ -59,6 +59,7 @@ module RubyScep
59
59
  # d. ca certificate
60
60
  # e. digital signature
61
61
  def build_enrollment_response!(csr)
62
+ extract_challenge_password!(csr)
62
63
  generate_device_certificate!(csr)
63
64
  degenerate_sequence = build_degenerate_sequence
64
65
  enveloped_data_sequence = build_enveloped_data_sequence(degenerate_sequence)
@@ -75,6 +76,15 @@ module RubyScep
75
76
  end
76
77
  end
77
78
 
79
+ def extract_challenge_password!(csr)
80
+ raw_attribute = csr.attributes.find { |a| a.oid == 'challengePassword' }
81
+ if raw_attribute.nil?
82
+ @challenge_password = nil
83
+ else
84
+ @challenge_password = raw_attribute.value.value.first.value
85
+ end
86
+ end
87
+
78
88
  # Generates and sets the certificate the device will use to identify itself to the MDM server.
79
89
  # The certificate will be embedded in the PKIMessage response to complete the SCEP process.
80
90
  def generate_device_certificate!(csr)
data/lib/ruby_scep/pki_operation.rb CHANGED
@@ -32,8 +32,6 @@ module RubyScep
32
32
  def decrypt_pki_envelope(pki_message)
33
33
  encrypted_p7 = OpenSSL::PKCS7.new(pki_message.p7.data)
34
34
  raw_csr = encrypted_p7.decrypt(RubyScep.configuration.ca_key, RubyScep.configuration.ca, OpenSSL::PKCS7::BINARY)
35
- # this is the moment when we could extract the device info from the CSR (device id and challenge password)
36
- # see https://github.com/AppBlade/TestHub/blob/master/app/controllers/scep_controller.rb#L57
37
35
  OpenSSL::X509::Request.new(raw_csr)
38
36
  end
39
37
  end
data/lib/ruby_scep/version.rb CHANGED
@@ -3,7 +3,7 @@
3
3
 
4
4
  module RubyScep
5
5
  module Version
6
- STRING = '0.2.0'
6
+ STRING = '0.2.1'
7
7
 
8
8
  module_function
9
9
 
@@ -11,4 +11,4 @@ module RubyScep
11
11
  STRING
12
12
  end
13
13
  end
14
- end
14
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby_scep
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Christophe Valentin
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-09-10 00:00:00.000000000 Z
11
+ date: 2017-10-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec
@@ -60,6 +60,7 @@ extra_rdoc_files:
60
60
  - README.md
61
61
  files:
62
62
  - ".circleci/config.yml"
63
+ - CHANGELOG.md
63
64
  - Gemfile.lock
64
65
  - License
65
66
  - README.md
@@ -101,7 +102,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
101
102
  version: '0'
102
103
  requirements: []
103
104
  rubyforge_project:
104
- rubygems_version: 2.6.13
105
+ rubygems_version: 2.6.14
105
106
  signing_key:
106
107
  specification_version: 4
107
108
  summary: Ruby implementation of SCEP