sslackey 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +20 -0
- data/.rspec +2 -0
- data/.rvmrc +1 -0
- data/Gemfile +4 -0
- data/LICENSE +22 -0
- data/README.md +46 -0
- data/Rakefile +9 -0
- data/examples/README.md +11 -0
- data/examples/cacert.pem +1570 -0
- data/examples/simple.rb +49 -0
- data/lib/sslackey/authority_checker.rb +107 -0
- data/lib/sslackey/cache/redis_revocation_cache.rb +30 -0
- data/lib/sslackey/revocation_checker.rb +90 -0
- data/lib/sslackey/version.rb +3 -0
- data/lib/sslackey.rb +3 -0
- data/spec/authority_checker_spec.rb +148 -0
- data/spec/cache/redis_revocation_cache_spec.rb +61 -0
- data/spec/fixtures/AkamaiSub3.crl +0 -0
- data/spec/fixtures/cacert.pem +696 -0
- data/spec/fixtures/crl_only_cert.pem +18 -0
- data/spec/fixtures/ocsp_enabled_cert.pem +35 -0
- data/spec/fixtures/sample_certificate_revocation_list.crl +0 -0
- data/spec/fixtures/sample_ocsp_response.der +0 -0
- data/spec/fixtures/ssl.rb +29 -0
- data/spec/revocation_checker_spec.rb +113 -0
- data/spec/spec_helper.rb +22 -0
- data/sslackey.gemspec +35 -0
- metadata +227 -0
@@ -0,0 +1,18 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIICzTCCAjagAwIBAgIOAgAAAAABNw9QCUY2BIQwDQYJKoZIhvcNAQEFBQAwUTEL
|
3
|
+
MAkGA1UEBhMCVVMxIDAeBgNVBAoTF0FrYW1haSBUZWNobm9sb2dpZXMgSW5jMSAw
|
4
|
+
HgYDVQQDExdBa2FtYWkgU3Vib3JkaW5hdGUgQ0EgMzAeFw0xMjA1MDIyMTAwMDha
|
5
|
+
Fw0xMzA1MDIyMTAwMDhaMIGMMQswCQYDVQQGEwJVUzEQMA4GA1UEBxMHUGhvZW5p
|
6
|
+
eDEmMCQGA1UEChMdQW1lcmljYW4gRXhwcmVzcyBUZWNobm9sb2dpZXMxETAPBgNV
|
7
|
+
BAsTCENvbnN1bWVyMRAwDgYDVQQIEwdBcml6b25hMR4wHAYDVQQDFBUqLmFtZXJp
|
8
|
+
Y2FuZXhwcmVzcy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKxhYcYS
|
9
|
+
MHXkKn8yWmV6N3Ac3eJOVfZDH6NEIaNPNgH+5Bzm5xfry8lA0QmRELQafClC8afV
|
10
|
+
JqQuP7aDVZwaSUmk0EPVGIhbKi81CzO3wc9FCxhgySsvoFwxfOQywQd5ewlU/ZNg
|
11
|
+
UKXbqR9Ba1yqJcVOq3axjxmY1OykKKqMHcaJAgMBAAGjbDBqMDkGA1UdHwQyMDAw
|
12
|
+
LqAsoCqGKGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvQWthbWFpU3ViMy5jcmww
|
13
|
+
HQYDVR0OBBYEFP0U8j2HOCBc39gxkO3y79Eb+il+MA4GA1UdDwEB/wQEAwIFIDAN
|
14
|
+
BgkqhkiG9w0BAQUFAAOBgQCDFNSSY9NGGEZbaWx4CAZFRmwBvhcUxDWK+0tLnC3y
|
15
|
+
5NH1+2cEAKpzK4xD8u2bONJaEchM7x6Uc4/lhFPblCX9uIqcKB8EdAuDxr7FTH0S
|
16
|
+
vofrkpwuSWkdY9FGWd0kIyl4hLIi/Fm9mE9zrmDPYkced3MvL5deZAXlL22jxiJR
|
17
|
+
Ew==
|
18
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,35 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIGEzCCBPugAwIBAgIQfJwdpj3YKPYCRiHLu80CyzANBgkqhkiG9w0BAQUFADCB
|
3
|
+
vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
|
4
|
+
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
|
5
|
+
YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv
|
6
|
+
VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew
|
7
|
+
HhcNMTAxMTAyMDAwMDAwWhcNMTIwODE2MjM1OTU5WjCB+TETMBEGCysGAQQBgjc8
|
8
|
+
AgEDEwJVUzEZMBcGCysGAQQBgjc8AgECFAhEZWxhd2FyZTEdMBsGA1UEDxMUUHJp
|
9
|
+
dmF0ZSBPcmdhbml6YXRpb24xEDAOBgNVBAUTBzQ3NTIyODIxCzAJBgNVBAYTAlVT
|
10
|
+
MREwDwYDVQQIFAhOZXcgWW9yazERMA8GA1UEBxQITmV3IFlvcmsxFDASBgNVBAoU
|
11
|
+
C01hbmlsbGEgTExDMTMwMQYDVQQLFCpUZXJtcyBvZiB1c2UgYXQgd3d3LnZlcmlz
|
12
|
+
aWduLmNvbS9ycGEgKGMpMDUxGDAWBgNVBAMUD2FwcC5tYW5pbGxhLmNvbTCCASIw
|
13
|
+
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKnpFmttCpcZxWFc3gQwB0pg7xEf
|
14
|
+
aZnJXYz4EBaLks/Jvr4cR3ytoXchTwTS3y2up2uW2WFvjlcKOI8HacXUtEymbiPb
|
15
|
+
c9RADCCo0G5TJ2DL7fpzOX6N3f+wDOjN//odiDDKn/AZNjtkae3t+jYglDfrYRnc
|
16
|
+
SfGL1Gw3Nj9Jf9MlRamiUzKh75QWHa+3J+oNDHqesR1+pgAhulJge22K8dWkMhjz
|
17
|
+
kbMeKn5JDUq5GL/+dHE56abnoZiSWo64XeqcWN0FGrPniJxLzT/mLgRj7GQLuvf0
|
18
|
+
je0DOjOoqf+IL9pmZ/KB7nUE+h93GZvpqG1ZfqDuI6tLy1S7wfl57kL3NOcCAwEA
|
19
|
+
AaOCAc4wggHKMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMEQGA1UdIAQ9MDswOQYL
|
20
|
+
YIZIAYb4RQEHFwYwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24u
|
21
|
+
Y29tL2NwczA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vRVZJbnRsLWNybC52ZXJp
|
22
|
+
c2lnbi5jb20vRVZJbnRsMjAwNi5jcmwwKAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsG
|
23
|
+
AQUFBwMCBglghkgBhvhCBAEwHwYDVR0jBBgwFoAUTkPIHXbvN1N6T/JYb5TzOOLV
|
24
|
+
vd8wbwYIKwYBBQUHAQEEYzBhMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC52ZXJp
|
25
|
+
c2lnbi5jb20wOQYIKwYBBQUHMAKGLWh0dHA6Ly9FVkludGwtYWlhLnZlcmlzaWdu
|
26
|
+
LmNvbS9FVkludGwyMDA2LmNlcjBuBggrBgEFBQcBDARiMGChXqBcMFowWDBWFglp
|
27
|
+
bWFnZS9naWYwITAfMAcGBSsOAwIaBBRLa7kolgYMu9BSOJsprEsHiyEFGDAmFiRo
|
28
|
+
dHRwOi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvMS5naWYwDQYJKoZIhvcNAQEF
|
29
|
+
BQADggEBAC0BoimlCBynBKmilNsVIxpNa6nWddc9gyAPzlis0LWIwLylmTxPsPa3
|
30
|
+
LDhblWzGN2wzOkarjvnPVzvY66dA9GLabNBrBpAh6HrhVwOE5LKSTAmvEU3pU0Tg
|
31
|
+
Rj6LVCq6xDKP1ayeY3dj8MvPIi76i5QpV9v89wJbw1/CJorKAqDl9XZF6xX8gyuB
|
32
|
+
rdv7dS6nTSb61sEFo9D2tO9u6dgseiwHctmla9AwXLqm3uyqA1HkWvhhTmOg6rMe
|
33
|
+
k2KXQo/gEIMXwONdDp2kZb5QT2aFNskByuKB9CQsn7wBLROBwVzTLibs/fsYamZH
|
34
|
+
65Ih38OovopLwNuIXwgpqp7nsRExRq4=
|
35
|
+
-----END CERTIFICATE-----
|
Binary file
|
Binary file
|
@@ -0,0 +1,29 @@
|
|
1
|
+
#useful utility to generating a certificate revocation list given a certificate you want to be revoked.
|
2
|
+
require 'openssl'
|
3
|
+
require 'active_support/all'
|
4
|
+
|
5
|
+
|
6
|
+
cert = OpenSSL::X509::Certificate.new(File.read("ocsp_enabled_cert.pem"))
|
7
|
+
serial = cert.serial
|
8
|
+
|
9
|
+
puts "cert serial: #{cert.serial}"
|
10
|
+
revoked = OpenSSL::X509::Revoked.new()
|
11
|
+
revoked.serial = serial
|
12
|
+
revoked.time = Time.now
|
13
|
+
|
14
|
+
|
15
|
+
puts "revoked: #{revoked.serial}"
|
16
|
+
|
17
|
+
crl = OpenSSL::X509::CRL.new
|
18
|
+
|
19
|
+
crl.add_revoked(revoked)
|
20
|
+
crl.last_update = 5.days.ago.to_time
|
21
|
+
crl.next_update= 5.days.from_now.to_time
|
22
|
+
|
23
|
+
puts crl.to_text
|
24
|
+
|
25
|
+
der = crl.to_der
|
26
|
+
|
27
|
+
output = File.open("sample_certificate_revocation_list.crl", "w")
|
28
|
+
output.write(der)
|
29
|
+
output.close
|
@@ -0,0 +1,113 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'openssl'
|
3
|
+
require 'tempfile'
|
4
|
+
require 'uri'
|
5
|
+
require 'lib/sslackey/revocation_checker'
|
6
|
+
|
7
|
+
LOGGER = Logger.new(STDERR)
|
8
|
+
|
9
|
+
describe RevocationChecker do
|
10
|
+
|
11
|
+
def load_ocsp_enabled_cert
|
12
|
+
ocsp_enabled_cert = File.read(File.expand_path "../fixtures/ocsp_enabled_cert.pem", __FILE__)
|
13
|
+
OpenSSL::X509::Certificate.new(ocsp_enabled_cert)
|
14
|
+
end
|
15
|
+
|
16
|
+
def load_non_ocsp_cert
|
17
|
+
crl_only_cert = File.read(File.expand_path "../fixtures/crl_only_cert.pem", __FILE__)
|
18
|
+
OpenSSL::X509::Certificate.new(crl_only_cert)
|
19
|
+
end
|
20
|
+
|
21
|
+
def load_sample_ocsp_response
|
22
|
+
File.open(File.expand_path "../fixtures/sample_ocsp_response.der", __FILE__)
|
23
|
+
end
|
24
|
+
|
25
|
+
def load_crl_without_cert_revoked
|
26
|
+
File.read(File.expand_path "../fixtures/AkamaiSub3.crl", __FILE__)
|
27
|
+
end
|
28
|
+
|
29
|
+
def load_crl_with_cert_revoked
|
30
|
+
File.read(File.expand_path "../fixtures/sample_certificate_revocation_list.crl", __FILE__)
|
31
|
+
end
|
32
|
+
|
33
|
+
describe ".setup" do
|
34
|
+
it "caches trusted certificates correctly" do
|
35
|
+
path = File.expand_path "../fixtures/cacert.pem", __FILE__
|
36
|
+
RevocationChecker.setup(path)
|
37
|
+
RevocationChecker.issuers.keys.size.should == 18
|
38
|
+
RevocationChecker.issuers["FC:8A:50:BA:9E:B9:25:5A:7B:55:85:4F:95:00:63:8F:E9:58:6B:43"].serial.should == 121579451771502689459931452667480057963
|
39
|
+
RevocationChecker.issuers_by_name.keys.size.should == 23
|
40
|
+
RevocationChecker.issuers_by_name[301028566].serial.should == 185237570324729778462978133790525665700
|
41
|
+
RevocationChecker.trusted_certs_file_path.should == path
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
describe "#check_revocation_status" do
|
46
|
+
it "skips caching if no cache has been configured" do
|
47
|
+
cert = load_ocsp_enabled_cert
|
48
|
+
RevocationChecker.any_instance.expects(:get_latest_revocation_status).returns :successful
|
49
|
+
checker = RevocationChecker.new
|
50
|
+
checker.check_revocation_status(cert).should == :successful
|
51
|
+
end
|
52
|
+
it "uses the cached response when available" do
|
53
|
+
cert = load_ocsp_enabled_cert
|
54
|
+
cache = mock()
|
55
|
+
cache.expects(:cached_response).with(cert).returns :successful
|
56
|
+
cache.expects(:cache_response).never
|
57
|
+
RevocationChecker.expects(:cache).twice.returns cache
|
58
|
+
AuthorityChecker.any_instance.expects(:validate).never
|
59
|
+
checker = RevocationChecker.new
|
60
|
+
checker.check_revocation_status(cert).should == :successful
|
61
|
+
end
|
62
|
+
|
63
|
+
it "retrieves the latest response and caches it when there's nothing in the cache" do
|
64
|
+
cert = load_ocsp_enabled_cert
|
65
|
+
cache = mock()
|
66
|
+
cache.expects(:cached_response).with(cert).returns nil
|
67
|
+
cache.expects(:cache_response).with(cert, :successful)
|
68
|
+
RevocationChecker.expects(:cache).at_least_once.returns cache
|
69
|
+
AuthorityChecker.any_instance.expects(:validate).returns :successful
|
70
|
+
checker = RevocationChecker.new
|
71
|
+
checker.check_revocation_status(cert).should == :successful
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
|
76
|
+
describe "#get_latest_revocation_status" do
|
77
|
+
before do
|
78
|
+
@revocation_checker = RevocationChecker.new
|
79
|
+
end
|
80
|
+
|
81
|
+
context "when authority key info extension exists" do
|
82
|
+
it "retrieves the issuer certificate using the authority key info" do
|
83
|
+
AuthorityChecker.any_instance.stubs(:validate)
|
84
|
+
RevocationChecker.expects(:issuers).returns "stub issuer cert"
|
85
|
+
cert = load_ocsp_enabled_cert
|
86
|
+
@revocation_checker.get_latest_revocation_status(cert)
|
87
|
+
end
|
88
|
+
end
|
89
|
+
|
90
|
+
context "when authority key info extension does not exist" do
|
91
|
+
it "retrieves the issuer certificate using the issuer name" do
|
92
|
+
RevocationChecker.stubs(:parse_authority_info_access)
|
93
|
+
cert = load_non_ocsp_cert
|
94
|
+
issuers = {1983599852 => "an issuer"}
|
95
|
+
RevocationChecker.expects(:issuers_by_name).returns issuers
|
96
|
+
@revocation_checker.get_latest_revocation_status(cert)
|
97
|
+
end
|
98
|
+
end
|
99
|
+
|
100
|
+
context "when the issuer certificate is not loaded" do
|
101
|
+
it "raises an error" do
|
102
|
+
RevocationChecker.expects(:issuers_by_name).returns Hash.new
|
103
|
+
issuer = stub(:hash => "12345", :to_s => "an issuer")
|
104
|
+
cert = mock()
|
105
|
+
cert.expects(:extensions).returns []
|
106
|
+
cert.expects(:subject).returns "test certificate"
|
107
|
+
cert.expects(:issuer).twice.returns issuer
|
108
|
+
expect{@revocation_checker.get_latest_revocation_status(cert)}.to raise_error /No issuer certificate/
|
109
|
+
end
|
110
|
+
end
|
111
|
+
|
112
|
+
end
|
113
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
$LOAD_PATH.unshift(File.expand_path("../..", __FILE__))
|
2
|
+
|
3
|
+
$: << '.'
|
4
|
+
|
5
|
+
require 'bundler'
|
6
|
+
Bundler.require
|
7
|
+
|
8
|
+
require 'sslackey'
|
9
|
+
require 'rspec'
|
10
|
+
|
11
|
+
require 'active_support/string_inquirer'
|
12
|
+
Dir[File.expand_path(File.join(File.dirname(__FILE__), "support/**/*.rb"))].each { |f| require f }
|
13
|
+
|
14
|
+
RSpec.configure do |config|
|
15
|
+
config.mock_with :mocha
|
16
|
+
end
|
17
|
+
|
18
|
+
RSpec::Matchers.define :include_hash do |expected|
|
19
|
+
match do |actual|
|
20
|
+
actual.present? && actual.slice(*expected.keys) == expected
|
21
|
+
end
|
22
|
+
end
|
data/sslackey.gemspec
ADDED
@@ -0,0 +1,35 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
require File.expand_path('../lib/sslackey/version', __FILE__)
|
3
|
+
|
4
|
+
Gem::Specification.new do |gem|
|
5
|
+
gem.authors = ["Manilla", "Peter Krimmel"]
|
6
|
+
gem.email = ["engineering@manilla.com"]
|
7
|
+
gem.description = %q{Checks a certificate via ocsp or crl to see if it has been revoked}
|
8
|
+
gem.summary = %q{Ruby ssl certificate revocation checking}
|
9
|
+
gem.homepage = "http://chill.manilla.com"
|
10
|
+
|
11
|
+
|
12
|
+
gem.add_runtime_dependency('resque')
|
13
|
+
gem.add_runtime_dependency('activesupport')
|
14
|
+
gem.add_runtime_dependency('redis')
|
15
|
+
gem.add_runtime_dependency('redis-namespace')
|
16
|
+
gem.add_runtime_dependency('i18n')
|
17
|
+
gem.add_runtime_dependency('rake')
|
18
|
+
gem.add_runtime_dependency('httparty')
|
19
|
+
|
20
|
+
gem.add_development_dependency('rspec')
|
21
|
+
gem.add_development_dependency('mocha')
|
22
|
+
gem.add_development_dependency('fuubar')
|
23
|
+
gem.add_development_dependency('awesome_print')
|
24
|
+
gem.add_development_dependency('ruby-debug19')
|
25
|
+
gem.add_development_dependency('highline')
|
26
|
+
|
27
|
+
|
28
|
+
|
29
|
+
gem.files = `git ls-files`.split($\)
|
30
|
+
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
31
|
+
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
32
|
+
gem.name = "sslackey"
|
33
|
+
gem.require_paths = ["lib"]
|
34
|
+
gem.version = Sslackey::VERSION
|
35
|
+
end
|
metadata
ADDED
@@ -0,0 +1,227 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: sslackey
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.6.0
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Manilla
|
9
|
+
- Peter Krimmel
|
10
|
+
autorequire:
|
11
|
+
bindir: bin
|
12
|
+
cert_chain: []
|
13
|
+
date: 2012-07-23 00:00:00.000000000Z
|
14
|
+
dependencies:
|
15
|
+
- !ruby/object:Gem::Dependency
|
16
|
+
name: resque
|
17
|
+
requirement: &2153512620 !ruby/object:Gem::Requirement
|
18
|
+
none: false
|
19
|
+
requirements:
|
20
|
+
- - ! '>='
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: '0'
|
23
|
+
type: :runtime
|
24
|
+
prerelease: false
|
25
|
+
version_requirements: *2153512620
|
26
|
+
- !ruby/object:Gem::Dependency
|
27
|
+
name: activesupport
|
28
|
+
requirement: &2153512200 !ruby/object:Gem::Requirement
|
29
|
+
none: false
|
30
|
+
requirements:
|
31
|
+
- - ! '>='
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: *2153512200
|
37
|
+
- !ruby/object:Gem::Dependency
|
38
|
+
name: redis
|
39
|
+
requirement: &2153511780 !ruby/object:Gem::Requirement
|
40
|
+
none: false
|
41
|
+
requirements:
|
42
|
+
- - ! '>='
|
43
|
+
- !ruby/object:Gem::Version
|
44
|
+
version: '0'
|
45
|
+
type: :runtime
|
46
|
+
prerelease: false
|
47
|
+
version_requirements: *2153511780
|
48
|
+
- !ruby/object:Gem::Dependency
|
49
|
+
name: redis-namespace
|
50
|
+
requirement: &2153511360 !ruby/object:Gem::Requirement
|
51
|
+
none: false
|
52
|
+
requirements:
|
53
|
+
- - ! '>='
|
54
|
+
- !ruby/object:Gem::Version
|
55
|
+
version: '0'
|
56
|
+
type: :runtime
|
57
|
+
prerelease: false
|
58
|
+
version_requirements: *2153511360
|
59
|
+
- !ruby/object:Gem::Dependency
|
60
|
+
name: i18n
|
61
|
+
requirement: &2153510940 !ruby/object:Gem::Requirement
|
62
|
+
none: false
|
63
|
+
requirements:
|
64
|
+
- - ! '>='
|
65
|
+
- !ruby/object:Gem::Version
|
66
|
+
version: '0'
|
67
|
+
type: :runtime
|
68
|
+
prerelease: false
|
69
|
+
version_requirements: *2153510940
|
70
|
+
- !ruby/object:Gem::Dependency
|
71
|
+
name: rake
|
72
|
+
requirement: &2153510520 !ruby/object:Gem::Requirement
|
73
|
+
none: false
|
74
|
+
requirements:
|
75
|
+
- - ! '>='
|
76
|
+
- !ruby/object:Gem::Version
|
77
|
+
version: '0'
|
78
|
+
type: :runtime
|
79
|
+
prerelease: false
|
80
|
+
version_requirements: *2153510520
|
81
|
+
- !ruby/object:Gem::Dependency
|
82
|
+
name: httparty
|
83
|
+
requirement: &2153510100 !ruby/object:Gem::Requirement
|
84
|
+
none: false
|
85
|
+
requirements:
|
86
|
+
- - ! '>='
|
87
|
+
- !ruby/object:Gem::Version
|
88
|
+
version: '0'
|
89
|
+
type: :runtime
|
90
|
+
prerelease: false
|
91
|
+
version_requirements: *2153510100
|
92
|
+
- !ruby/object:Gem::Dependency
|
93
|
+
name: rspec
|
94
|
+
requirement: &2153509680 !ruby/object:Gem::Requirement
|
95
|
+
none: false
|
96
|
+
requirements:
|
97
|
+
- - ! '>='
|
98
|
+
- !ruby/object:Gem::Version
|
99
|
+
version: '0'
|
100
|
+
type: :development
|
101
|
+
prerelease: false
|
102
|
+
version_requirements: *2153509680
|
103
|
+
- !ruby/object:Gem::Dependency
|
104
|
+
name: mocha
|
105
|
+
requirement: &2153509260 !ruby/object:Gem::Requirement
|
106
|
+
none: false
|
107
|
+
requirements:
|
108
|
+
- - ! '>='
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
111
|
+
type: :development
|
112
|
+
prerelease: false
|
113
|
+
version_requirements: *2153509260
|
114
|
+
- !ruby/object:Gem::Dependency
|
115
|
+
name: fuubar
|
116
|
+
requirement: &2153508840 !ruby/object:Gem::Requirement
|
117
|
+
none: false
|
118
|
+
requirements:
|
119
|
+
- - ! '>='
|
120
|
+
- !ruby/object:Gem::Version
|
121
|
+
version: '0'
|
122
|
+
type: :development
|
123
|
+
prerelease: false
|
124
|
+
version_requirements: *2153508840
|
125
|
+
- !ruby/object:Gem::Dependency
|
126
|
+
name: awesome_print
|
127
|
+
requirement: &2153539880 !ruby/object:Gem::Requirement
|
128
|
+
none: false
|
129
|
+
requirements:
|
130
|
+
- - ! '>='
|
131
|
+
- !ruby/object:Gem::Version
|
132
|
+
version: '0'
|
133
|
+
type: :development
|
134
|
+
prerelease: false
|
135
|
+
version_requirements: *2153539880
|
136
|
+
- !ruby/object:Gem::Dependency
|
137
|
+
name: ruby-debug19
|
138
|
+
requirement: &2153539460 !ruby/object:Gem::Requirement
|
139
|
+
none: false
|
140
|
+
requirements:
|
141
|
+
- - ! '>='
|
142
|
+
- !ruby/object:Gem::Version
|
143
|
+
version: '0'
|
144
|
+
type: :development
|
145
|
+
prerelease: false
|
146
|
+
version_requirements: *2153539460
|
147
|
+
- !ruby/object:Gem::Dependency
|
148
|
+
name: highline
|
149
|
+
requirement: &2153539040 !ruby/object:Gem::Requirement
|
150
|
+
none: false
|
151
|
+
requirements:
|
152
|
+
- - ! '>='
|
153
|
+
- !ruby/object:Gem::Version
|
154
|
+
version: '0'
|
155
|
+
type: :development
|
156
|
+
prerelease: false
|
157
|
+
version_requirements: *2153539040
|
158
|
+
description: Checks a certificate via ocsp or crl to see if it has been revoked
|
159
|
+
email:
|
160
|
+
- engineering@manilla.com
|
161
|
+
executables: []
|
162
|
+
extensions: []
|
163
|
+
extra_rdoc_files: []
|
164
|
+
files:
|
165
|
+
- .gitignore
|
166
|
+
- .rspec
|
167
|
+
- .rvmrc
|
168
|
+
- Gemfile
|
169
|
+
- LICENSE
|
170
|
+
- README.md
|
171
|
+
- Rakefile
|
172
|
+
- examples/README.md
|
173
|
+
- examples/cacert.pem
|
174
|
+
- examples/simple.rb
|
175
|
+
- lib/sslackey.rb
|
176
|
+
- lib/sslackey/authority_checker.rb
|
177
|
+
- lib/sslackey/cache/redis_revocation_cache.rb
|
178
|
+
- lib/sslackey/revocation_checker.rb
|
179
|
+
- lib/sslackey/version.rb
|
180
|
+
- spec/authority_checker_spec.rb
|
181
|
+
- spec/cache/redis_revocation_cache_spec.rb
|
182
|
+
- spec/fixtures/AkamaiSub3.crl
|
183
|
+
- spec/fixtures/cacert.pem
|
184
|
+
- spec/fixtures/crl_only_cert.pem
|
185
|
+
- spec/fixtures/ocsp_enabled_cert.pem
|
186
|
+
- spec/fixtures/sample_certificate_revocation_list.crl
|
187
|
+
- spec/fixtures/sample_ocsp_response.der
|
188
|
+
- spec/fixtures/ssl.rb
|
189
|
+
- spec/revocation_checker_spec.rb
|
190
|
+
- spec/spec_helper.rb
|
191
|
+
- sslackey.gemspec
|
192
|
+
homepage: http://chill.manilla.com
|
193
|
+
licenses: []
|
194
|
+
post_install_message:
|
195
|
+
rdoc_options: []
|
196
|
+
require_paths:
|
197
|
+
- lib
|
198
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
199
|
+
none: false
|
200
|
+
requirements:
|
201
|
+
- - ! '>='
|
202
|
+
- !ruby/object:Gem::Version
|
203
|
+
version: '0'
|
204
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
205
|
+
none: false
|
206
|
+
requirements:
|
207
|
+
- - ! '>='
|
208
|
+
- !ruby/object:Gem::Version
|
209
|
+
version: '0'
|
210
|
+
requirements: []
|
211
|
+
rubyforge_project:
|
212
|
+
rubygems_version: 1.8.15
|
213
|
+
signing_key:
|
214
|
+
specification_version: 3
|
215
|
+
summary: Ruby ssl certificate revocation checking
|
216
|
+
test_files:
|
217
|
+
- spec/authority_checker_spec.rb
|
218
|
+
- spec/cache/redis_revocation_cache_spec.rb
|
219
|
+
- spec/fixtures/AkamaiSub3.crl
|
220
|
+
- spec/fixtures/cacert.pem
|
221
|
+
- spec/fixtures/crl_only_cert.pem
|
222
|
+
- spec/fixtures/ocsp_enabled_cert.pem
|
223
|
+
- spec/fixtures/sample_certificate_revocation_list.crl
|
224
|
+
- spec/fixtures/sample_ocsp_response.der
|
225
|
+
- spec/fixtures/ssl.rb
|
226
|
+
- spec/revocation_checker_spec.rb
|
227
|
+
- spec/spec_helper.rb
|