ssltool 0.0.6 → 0.0.7

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/bin/console +4 -2
  2. data/bin/ssltool-filter-certs +1 -1
  3. data/lib/ssltool/certificate.rb +1 -1
  4. data/lib/ssltool/chain_resolution.rb +2 -2
  5. data/lib/ssltool/key_helper.rb +19 -1
  6. data/lib/ssltool/pem_scanner.rb +13 -0
  7. metadata +1 -1
data/bin/console CHANGED
@@ -6,8 +6,10 @@ require "yaml"
6
6
 
7
7
  require_relative "../lib/ssltool/certificate_store"
8
8
 
9
- $all = SSLTool::Certificate.scan(IO.read("var/all-the-certs.pem")) rescue []
10
- $store = SSLTool::CertificateStore.new("file://#{File.dirname(__FILE__)}/../var/pools")
9
+ include SSLTool
10
+
11
+ $all = Certificate.scan(IO.read("var/all-the-certs.pem")) rescue []
12
+ $store = CertificateStore.new("file://#{File.dirname(__FILE__)}/../var/pools")
11
13
  $trusted = $store.trusted_pool
12
14
  $pool = $store.intermediate_pool
13
15
  $excluded = $store.excluded_pool
data/bin/ssltool-filter-certs CHANGED
@@ -6,7 +6,7 @@
6
6
 
7
7
  require_relative "../lib/ssltool/certificate"
8
8
 
9
- certs = SSLTool::PEMScanner.new(ARGF.read).cert_strings.uniq.map do |s|
9
+ certs = SSLTool::PEMScanner.scan(ARGF.read).cert_strings.uniq.map do |s|
10
10
  begin
11
11
  SSLTool::Certificate.new(s)
12
12
  rescue => e
data/lib/ssltool/certificate.rb CHANGED
@@ -22,7 +22,7 @@ module SSLTool
22
22
 
23
23
  # returns an array of Certificate objects created from cert strings found in s
24
24
  def self.scan(s)
25
- PEMScanner.new(s).certificates.uniq
25
+ PEMScanner.certs_from(s).uniq
26
26
  end
27
27
 
28
28
  ### signing
data/lib/ssltool/chain_resolution.rb CHANGED
@@ -17,9 +17,9 @@ module SSLTool
17
17
  end
18
18
 
19
19
  def initialize(original_chain, certificate_store)
20
- @original_chain = original_chain.dup.freeze
20
+ @original_chain = original_chain.uniq.freeze
21
21
  @certificate_store = certificate_store
22
- @domain_certs, @other_certs = original_chain.partition(&:for_domain_name?)
22
+ @domain_certs, @other_certs = @original_chain.partition(&:for_domain_name?)
23
23
  @original_chain.empty? and raise ZeroCertsChainResolutionError
24
24
  case @domain_certs.length
25
25
  when 1; # pass
data/lib/ssltool/key_helper.rb CHANGED
@@ -4,10 +4,21 @@ require_relative 'pem_scanner'
4
4
 
5
5
  module SSLTool
6
6
  module KeyHelper
7
+
8
+ class KeyNotPresentError < ArgumentError; end
9
+
10
+ class KeyNotFoundError < StandardError
11
+ attr_reader :cert, :keys
12
+ def initialize(cert, keys)
13
+ @cert, @keys = cert, keys
14
+ super("None of the given #{keys.length} keys match the certificate #{cert.subject}.")
15
+ end
16
+ end
17
+
7
18
  extend self
8
19
 
9
20
  def scan(s)
10
- SSLTool::PEMScanner.new(s).keys
21
+ PEMScanner.keys_from(s)
11
22
  end
12
23
 
13
24
  def keys(*pems)
@@ -18,5 +29,12 @@ module SSLTool
18
29
  keys.find { |key| cert.check_private_key(key) }
19
30
  end
20
31
 
32
+ def find_private_key_for_certificate!(cert, keys)
33
+ raise KeyNotPresentError if keys.empty?
34
+ key = find_private_key_for_certificate(cert, keys)
35
+ return key if key
36
+ raise KeyNotFoundError.new(cert, keys)
37
+ end
38
+
21
39
  end
22
40
  end
data/lib/ssltool/pem_scanner.rb CHANGED
@@ -10,6 +10,19 @@ module SSLTool
10
10
  -----END.*?-----
11
11
  )/x
12
12
 
13
+ class << self
14
+ alias_method :[], :new
15
+ alias_method :scan, :new
16
+
17
+ def keys_from(s)
18
+ scan(s).keys
19
+ end
20
+
21
+ def certs_from(s)
22
+ scan(s).certs
23
+ end
24
+ end
25
+
13
26
  def initialize(s)
14
27
  s = s.dup.force_encoding('BINARY').gsub(/\r\n?/, "\n").gsub(/\s+\n/, "\n")
15
28
  @pem_strings, @garbage_strings = s.split(RX_PEM_BLOCK).map(&:strip).reject(&:empty?).partition { |s| s =~ RX_PEM_BLOCK }
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ssltool
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.6
4
+ version: 0.0.7
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors: