trocla 0.0.11 → 0.0.12

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9f47b10d377d9df9610ed135f152232c0206d836
-  data.tar.gz: f464646c4b9af0930b230f4eed28aacb124b2998
+  metadata.gz: aedf1283f7a8f2526fa0fbacc4a528fe1ca7766b
+  data.tar.gz: 65c068af80a674b2a7aa3783398e1949b9b6f099
 SHA512:
-  metadata.gz: 6c8299aded1f3c0fff6cb7b2f2569fd8da2ae7c59a5714f1afdb4ca4bc64bef08ebb8f08e3c3563fbc1bdeb220d42d9c2f0919d22655063c84cc9de0f767e1e4
-  data.tar.gz: 45eda8f07fdf7fede2a8b10f58f758068baf41b6fd3deb5a3746d2d5484a71af1a318d2831d9c6a690f67415cfd364d2851d4e0e4b988ee0a13887cb1438bcb5
+  metadata.gz: 512edf03fd9448678710db03cc436790242263407857a3a60f3daeb316dc397c2543722b0a5a077e8714c16f658a4d090eb7c0bddb7b1715a3d46ea49612a6d9
+  data.tar.gz: 902809c87796656c33b21106a9780fee8d84db92fa8fe92a1e60d543a325dfe7f7b2cb31eb7ff60d44ed1ad57d2fb8365a72d645d0acbcb4cd94ac5fc11bfd9a

data/README.md

@@ -127,6 +127,11 @@ Simply build and install the gem.
 
 ## Update & Changes
 
+### to 0.0.12
+
+1. change from sha1 signature for the x509 format to sha2
+1. Fix an issue where shellsafe characters might have already been initialized with shell-unsafe characters. Plz review any shell-safe character passwords regarding this problem. See the [fix](https://github.com/duritong/trocla/pull/19) for more information. Thanks [asquelt](https://github.com/asquelt) for the fix.
+
 ### to 0.0.8
 
 1. be sure to update as well the moneta gem, trocla now uses the official moneta releases and supports current avaiable versions.
@@ -147,6 +152,6 @@ Simply build and install the gem.
 
 ## Copyright
 
-Copyright (c) 2011 mh. See LICENSE.txt for
+Copyright (c) 2014 mh. See LICENSE.txt for
 further details.
 

data/lib/VERSION

@@ -1,4 +1,4 @@
 major:0
 minor:0
-patch:11
+patch:12
 build:

data/lib/trocla/formats/x509.rb

@@ -17,6 +17,7 @@ class Trocla::Formats::X509 < Trocla::Formats::Base
     else
       raise "You need to pass \"subject\" or \"CN\" as an option to use this format"
     end
+    hash = options['hash'] || 'sha2'
     sign_with = options['ca'] || nil
     keysize = options['keysize'] || 2048
     serial = options['serial'] || 1
@@ -42,14 +43,14 @@ class Trocla::Formats::X509 < Trocla::Formats::Base
       begin
         subj = OpenSSL::X509::Name.parse(subject)
         request = mkreq(subj, key.public_key)
-        request.sign(key, OpenSSL::Digest::SHA1.new)
+        request.sign(key, signature(hash))
       rescue Exception => e
         raise "Certificate request #{subject} creation failed: #{e.message}"
       end
 
       begin
         csr_cert = mkcert(caserial, request.subject, ca, request.public_key, days, altnames)
-        csr_cert.sign(cakey, OpenSSL::Digest::SHA1.new)
+        csr_cert.sign(cakey, signature(hash))
         setserial(sign_with, caserial)
       rescue Exception => e
         raise "Certificate #{subject} signing failed: #{e.message}"
@@ -60,7 +61,7 @@ class Trocla::Formats::X509 < Trocla::Formats::Base
       begin
         subj = OpenSSL::X509::Name.parse(subject)
         cert = mkcert(serial, subj, nil, key.public_key, days, altnames)
-        cert.sign(key, OpenSSL::Digest::SHA1.new)
+        cert.sign(key, signature(hash))
       rescue Exception => e
         raise "Self-signed certificate #{subject} creation failed: #{e.message}"
       end
@@ -72,6 +73,22 @@ class Trocla::Formats::X509 < Trocla::Formats::Base
 
   # nice help: https://gist.github.com/mitfik/1922961
 
+  def signature(hash = 'sha2')
+    if hash == 'sha1'
+        OpenSSL::Digest::SHA1.new
+    elsif hash == 'sha224'
+        OpenSSL::Digest::SHA224.new
+    elsif hash == 'sha2' || hash == 'sha256'
+        OpenSSL::Digest::SHA256.new
+    elsif hash == 'sha384'
+        OpenSSL::Digest::SHA384.new
+    elsif hash == 'sha512'
+        OpenSSL::Digest::SHA512.new
+    else
+        raise "Unrecognized hash: #{hash}"
+    end
+  end
+
   def mkkey(len)
     OpenSSL::PKey::RSA.generate(len)
   end

data/lib/trocla/util.rb

@@ -27,7 +27,7 @@ class Trocla
         @chars ||= shellsafe + special_chars
       end
       def shellsafe
-        @chars ||= alphanumeric + shellsafe_chars
+        @shellsafe ||= alphanumeric + shellsafe_chars
       end
       def alphanumeric
         @alphanumeric ||= ('a'..'z').to_a + ('A'..'Z').to_a + ('0'..'9').to_a

data/trocla.gemspec

@@ -2,16 +2,16 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
-# stub: trocla 0.0.11 ruby lib
+# stub: trocla 0.0.12 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "trocla"
-  s.version = "0.0.11"
+  s.version = "0.0.12"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib"]
   s.authors = ["mh"]
-  s.date = "2014-08-21"
+  s.date = "2014-12-25"
   s.description = "Trocla helps you to generate random passwords and to store them in various formats (plain, MD5, bcrypt) for later retrival."
   s.email = "mh+trocla@immerda.ch"
   s.executables = ["trocla"]

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: trocla
 version: !ruby/object:Gem::Version
-  version: 0.0.11
+  version: 0.0.12
 platform: ruby
 authors:
 - mh
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-08-21 00:00:00.000000000 Z
+date: 2014-12-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: moneta