sslackey 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (28) hide show
  1. data/.gitignore +20 -0
  2. data/.rspec +2 -0
  3. data/.rvmrc +1 -0
  4. data/Gemfile +4 -0
  5. data/LICENSE +22 -0
  6. data/README.md +46 -0
  7. data/Rakefile +9 -0
  8. data/examples/README.md +11 -0
  9. data/examples/cacert.pem +1570 -0
  10. data/examples/simple.rb +49 -0
  11. data/lib/sslackey/authority_checker.rb +107 -0
  12. data/lib/sslackey/cache/redis_revocation_cache.rb +30 -0
  13. data/lib/sslackey/revocation_checker.rb +90 -0
  14. data/lib/sslackey/version.rb +3 -0
  15. data/lib/sslackey.rb +3 -0
  16. data/spec/authority_checker_spec.rb +148 -0
  17. data/spec/cache/redis_revocation_cache_spec.rb +61 -0
  18. data/spec/fixtures/AkamaiSub3.crl +0 -0
  19. data/spec/fixtures/cacert.pem +696 -0
  20. data/spec/fixtures/crl_only_cert.pem +18 -0
  21. data/spec/fixtures/ocsp_enabled_cert.pem +35 -0
  22. data/spec/fixtures/sample_certificate_revocation_list.crl +0 -0
  23. data/spec/fixtures/sample_ocsp_response.der +0 -0
  24. data/spec/fixtures/ssl.rb +29 -0
  25. data/spec/revocation_checker_spec.rb +113 -0
  26. data/spec/spec_helper.rb +22 -0
  27. data/sslackey.gemspec +35 -0
  28. metadata +227 -0
data/.gitignore ADDED
@@ -0,0 +1,20 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ .idea
7
+ *.swp
8
+ Gemfile.lock
9
+ InstalledFiles
10
+ _yardoc
11
+ coverage
12
+ doc/
13
+ lib/bundler/man
14
+ pkg
15
+ rdoc
16
+ spec/reports
17
+ test/tmp
18
+ test/version_tmp
19
+ tmp
20
+ .DS_Store
data/.rspec ADDED
@@ -0,0 +1,2 @@
1
+ --format Fuubar
2
+ --colour
data/.rvmrc ADDED
@@ -0,0 +1 @@
1
+ rvm --create ruby-1.9.2-p290@sslackey
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in sslackey.gemspec
4
+ gemspec
data/LICENSE ADDED
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2012 Peter Krimmel
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,46 @@
1
+ # sslackey
2
+
3
+ Provides Online Certificate Status Protocol (OCSP) and certificate revocation list checking for ssl certificates.
4
+ Ruby ssl verifies the chain of trust for a certificate but does not by default check if the certificate has been revoked.
5
+
6
+
7
+ ## Installation
8
+
9
+ Add this line to your application's Gemfile:
10
+
11
+ gem 'sslackey'
12
+
13
+ And then execute:
14
+
15
+ $ bundle
16
+
17
+ Or install it yourself as:
18
+
19
+ $ gem install sslackey
20
+
21
+ ## Requirements
22
+
23
+ * curl installation
24
+ * openssl installation
25
+ * Redis or implement your own caching mechanism
26
+
27
+ ## Examples
28
+
29
+ ```ruby
30
+ # Setup with your cache and trusted certs
31
+ RevocationChecker.setup File.join(File.dirname(__FILE__), 'cacert.pem')
32
+ RevocationChecker.cache = RedisRevocationCache.new("localhost", "6379")
33
+
34
+ # Start checking certs
35
+ checker = RevocationChecker.new()
36
+ status = checker.check_revocation_status(peer_cert)
37
+
38
+
39
+
40
+ ## Contributing
41
+
42
+ 1. Fork it
43
+ 2. Create your feature branch (`git checkout -b my-new-feature`)
44
+ 3. Commit your changes (`git commit -am 'Added some feature'`)
45
+ 4. Push to the branch (`git push origin my-new-feature`)
46
+ 5. Create new Pull Request
data/Rakefile ADDED
@@ -0,0 +1,9 @@
1
+ #!/usr/bin/env rake
2
+ require "bundler/gem_tasks"
3
+ require 'rspec'
4
+ require 'rspec/core/rake_task'
5
+
6
+
7
+ RSpec::Core::RakeTask.new(:spec) do |spec|
8
+ spec.pattern = 'spec/**/*_spec.rb'
9
+ end
data/examples/README.md ADDED
@@ -0,0 +1,11 @@
1
+ sslackey demo
2
+ -----------
3
+
4
+ This uses net/http and monkee patches openssl to include revocation checking.
5
+ It uses the default redis cache to cache ocsp responses. You will need to install
6
+ redis before using or provide a different caching implementation.
7
+
8
+
9
+
10
+
11
+