trocla 0.2.1 → 0.2.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +57 -0
- data/README.md +2 -52
- data/ext/redhat/rubygem-trocla.spec +5 -1
- data/lib/VERSION +1 -1
- data/lib/trocla.rb +2 -2
- data/spec/trocla/formats/x509_spec.rb +23 -15
- data/trocla.gemspec +3 -2
- metadata +2 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2e1b4a70e3f5d9a045b4c945df80608031e28494
|
4
|
+
data.tar.gz: 00399faf99af08b4b59692436ce47393c92f965e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e49851f86f6cef4a4bb949395cfccf7dd51a607c5a244f6a5cdb34df73102cb56f20046c9bb9fd78e972ae75d616564d47cad7164ce49a35303b895e6d4f4844
|
7
|
+
data.tar.gz: 2479cafecbaa81311a1fdba714dc4b176cd8d0962a854ef0779e9ac435a2014ebdfcf1c8bb18df1befefe6ba1e39f26d036e62840a70682e918f31d4d336f342
|
data/CHANGELOG.md
ADDED
@@ -0,0 +1,57 @@
|
|
1
|
+
# Changelog
|
2
|
+
|
3
|
+
## to 0.2.2
|
4
|
+
|
5
|
+
1. Bugfix to render output correctly also on an already existing set
|
6
|
+
1. Fix tests not working around midnight, due to timezone differences
|
7
|
+
|
8
|
+
## to 0.2.1
|
9
|
+
|
10
|
+
1. New Feature: Introduce a way to render specific formats, mainly this allows you to control the output of a specific format. See the x509 format for more information.
|
11
|
+
|
12
|
+
## to 0.2.0
|
13
|
+
|
14
|
+
1. New feature profiles: Introduce profiles to make it easy to have a default set of properties. See the profiles section for more information.
|
15
|
+
1. New feature expiration: Make it possible that keys can have an expiration. See the expiration section for more information.
|
16
|
+
1. Increase default password length to 16.
|
17
|
+
1. Add a console safe password charset. It should provide a subset of chars that are easier to type on a physical keyboard.
|
18
|
+
1. Fix a bug with encryptions while deleting all formats.
|
19
|
+
1. Introduce pluggable stores, so in the future we are able to talk to different backends and not only moneta. For testing and inspiration a simple in memory storage backend was added.
|
20
|
+
1. CHANGE: moneta's configuration for `adapter` & `adapter_options` now live under store_options in the configuration file. Till 0.3.0 old configuration entries will still be accepted.
|
21
|
+
1. CHANGE: ssl_options is now known as encryption_options. Till 0.3.0 old configuration entries will still be accepted.
|
22
|
+
1. Improve randomness when creating a serial number.
|
23
|
+
1. Add a new charset: hexadecimal
|
24
|
+
1. Add support for name constraints within the x509 format
|
25
|
+
1. Clarify documentation of the set action, as well as introduce `--no-format` for the set action.
|
26
|
+
|
27
|
+
## to 0.1.3
|
28
|
+
|
29
|
+
1. CHANGE: Self signed certificates are no longer CAs by default, actually they have never been due to a bug. If you want that a certificate is also a CA, you *must* pass `become_ca: true` to the options hash. But this makes it actually possible, that you can even have certificate chains. Thanks for initial hint to [Adrien Bréfort](https://github.com/abrefort)
|
30
|
+
1. Default keysize is now 4096
|
31
|
+
1. SECURITY: Do not increment serial, rather choose a random one.
|
32
|
+
1. Fixing setting of altnames, was not possible due to bug, till now.
|
33
|
+
1. Add extended tests for the x509 format, that describe all the internal specialities and should give an idea how it can be used.
|
34
|
+
1. Add cli option to list all formats
|
35
|
+
|
36
|
+
## to 0.1.1
|
37
|
+
|
38
|
+
1. fix storing data longer that public Keysize -11. Thanks [Timo Goebel](https://github.com/timogoebel)
|
39
|
+
1. add a numeric only charset. Thanks [Jonas Genannt](https://github.com/hggh)
|
40
|
+
1. fix reading key expire time. Thanks [asquelt](https://github.com/asquelt)
|
41
|
+
|
42
|
+
## to 0.1.0
|
43
|
+
|
44
|
+
1. Supporting encryption of the backends. Many thanks to Thomas Gelf
|
45
|
+
1. Adding a windows safe password charset
|
46
|
+
|
47
|
+
## to 0.0.12
|
48
|
+
|
49
|
+
1. change from sha1 signature for the x509 format to sha2
|
50
|
+
1. Fix an issue where shellsafe characters might have already been initialized with shell-unsafe characters. Plz review any shell-safe character passwords regarding this problem. See the [fix](https://github.com/duritong/trocla/pull/19) for more information. Thanks [asquelt](https://github.com/asquelt) for the fix.
|
51
|
+
|
52
|
+
## to 0.0.8
|
53
|
+
|
54
|
+
1. be sure to update as well the moneta gem, trocla now uses the official moneta releases and supports current avaiable versions.
|
55
|
+
1. Options for moneta's backends have changed. For example, if you are using the yaml-backend you will likely need to change the adapter option `:path:` to `:file:` to match moneta's new API.
|
56
|
+
1. **IMPORTANT:** If you are using the yaml backend you need to migrate the current data *before* using the new trocla version! You can migrate the datastore by using the following two sed commands: `sed -i 's/^\s\{3\}/ /' /PATH/TO/trocla_data.yaml` && `sed -i '/^\s\{2\}value\:/d' /PATH/TO/trocla_data.yaml`.
|
57
|
+
1. **SECURITY:** Previous versions of trocla used quite a simple random generator. Especially in combination with the puppet `fqdn_rand` function, you likely have very predictable random passwords and I recommend you to regenerate all randomly generated passwords! Now!
|
data/README.md
CHANGED
@@ -308,60 +308,10 @@ encryption_options:
|
|
308
308
|
|
309
309
|
## Update & Changes
|
310
310
|
|
311
|
-
|
312
|
-
|
313
|
-
1. New Feature: Introduce a way to render specific formats, mainly this allows you to control the output of a specific format. See the x509 format for more information.
|
314
|
-
|
315
|
-
### to 0.2.0
|
316
|
-
|
317
|
-
1. New feature profiles: Introduce profiles to make it easy to have a default set of properties. See the profiles section for more information.
|
318
|
-
1. New feature expiration: Make it possible that keys can have an expiration. See the expiration section for more information.
|
319
|
-
1. Increase default password length to 16.
|
320
|
-
1. Add a console safe password charset. It should provide a subset of chars that are easier to type on a physical keyboard.
|
321
|
-
1. Fix a bug with encryptions while deleting all formats.
|
322
|
-
1. Introduce pluggable stores, so in the future we are able to talk to different backends and not only moneta. For testing and inspiration a simple in memory storage backend was added.
|
323
|
-
1. CHANGE: moneta's configuration for `adapter` & `adapter_options` now live under store_options in the configuration file. Till 0.3.0 old configuration entries will still be accepted.
|
324
|
-
1. CHANGE: ssl_options is now known as encryption_options. Till 0.3.0 old configuration entries will still be accepted.
|
325
|
-
1. Improve randomness when creating a serial number.
|
326
|
-
1. Add a new charset: hexadecimal
|
327
|
-
1. Add support for name constraints within the x509 format
|
328
|
-
1. Clarify documentation of the set action, as well as introduce `--no-format` for the set action.
|
329
|
-
|
330
|
-
### to 0.1.3
|
331
|
-
|
332
|
-
1. CHANGE: Self signed certificates are no longer CAs by default, actually they have never been due to a bug. If you want that a certificate is also a CA, you *must* pass `become_ca: true` to the options hash. But this makes it actually possible, that you can even have certificate chains. Thanks for initial hint to [Adrien Bréfort](https://github.com/abrefort)
|
333
|
-
1. Default keysize is now 4096
|
334
|
-
1. SECURITY: Do not increment serial, rather choose a random one.
|
335
|
-
1. Fixing setting of altnames, was not possible due to bug, till now.
|
336
|
-
1. Add extended tests for the x509 format, that describe all the internal specialities and should give an idea how it can be used.
|
337
|
-
1. Add cli option to list all formats
|
338
|
-
|
339
|
-
### to 0.1.1
|
340
|
-
|
341
|
-
1. fix storing data longer that public Keysize -11. Thanks [Timo Goebel](https://github.com/timogoebel)
|
342
|
-
1. add a numeric only charset. Thanks [Jonas Genannt](https://github.com/hggh)
|
343
|
-
1. fix reading key expire time. Thanks [asquelt](https://github.com/asquelt)
|
344
|
-
|
345
|
-
### to 0.1.0
|
346
|
-
|
347
|
-
1. Supporting encryption of the backends. Many thanks to Thomas Gelf
|
348
|
-
1. Adding a windows safe password charset
|
349
|
-
|
350
|
-
### to 0.0.12
|
351
|
-
|
352
|
-
1. change from sha1 signature for the x509 format to sha2
|
353
|
-
1. Fix an issue where shellsafe characters might have already been initialized with shell-unsafe characters. Plz review any shell-safe character passwords regarding this problem. See the [fix](https://github.com/duritong/trocla/pull/19) for more information. Thanks [asquelt](https://github.com/asquelt) for the fix.
|
354
|
-
|
355
|
-
### to 0.0.8
|
356
|
-
|
357
|
-
1. be sure to update as well the moneta gem, trocla now uses the official moneta releases and supports current avaiable versions.
|
358
|
-
1. Options for moneta's backends have changed. For example, if you are using the yaml-backend you will likely need to change the adapter option `:path:` to `:file:` to match moneta's new API.
|
359
|
-
1. **IMPORTANT:** If you are using the yaml backend you need to migrate the current data *before* using the new trocla version! You can migrate the datastore by using the following two sed commands: `sed -i 's/^\s\{3\}/ /' /PATH/TO/trocla_data.yaml` && `sed -i '/^\s\{2\}value\:/d' /PATH/TO/trocla_data.yaml`.
|
360
|
-
1. **SECURITY:** Previous versions of trocla used quite a simple random generator. Especially in combination with the puppet `fqdn_rand` function, you likely have very predictable random passwords and I recommend you to regenerate all randomly generated passwords! Now!
|
361
|
-
1. We now support reading passwords from files, which means that you can now also easily add multi-line passwords. Have a look at the documentation above.
|
311
|
+
See [Changelog](CHANGELOG.md)
|
362
312
|
|
363
313
|
## Contributing to trocla
|
364
|
-
|
314
|
+
|
365
315
|
* Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
|
366
316
|
* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
|
367
317
|
* Fork the project
|
@@ -2,7 +2,7 @@
|
|
2
2
|
%global gem_name trocla
|
3
3
|
|
4
4
|
Name: rubygem-%{gem_name}
|
5
|
-
Version: 0.2.
|
5
|
+
Version: 0.2.1
|
6
6
|
Release: 1%{?dist}
|
7
7
|
Summary: Trocla a simple password generator and storage
|
8
8
|
Group: Development/Languages
|
@@ -15,7 +15,9 @@ Requires: rubygem-highline
|
|
15
15
|
BuildRequires: rubygem-moneta = 0.7.20
|
16
16
|
BuildRequires: rubygem-bcrypt
|
17
17
|
BuildRequires: rubygem-highline
|
18
|
+
%if 0%{?rhel} >= 7
|
18
19
|
BuildRequires: ruby(release)
|
20
|
+
%endif
|
19
21
|
BuildRequires: rubygems-devel
|
20
22
|
BuildRequires: ruby
|
21
23
|
# BuildRequires: rubygem(mocha)
|
@@ -89,6 +91,7 @@ popd
|
|
89
91
|
%{gem_instdir}/.rspec
|
90
92
|
%exclude %{gem_instdir}/.travis.yml
|
91
93
|
%exclude %{gem_instdir}/.rspec
|
94
|
+
%exclude %{gem_instdir}/ext/redhat/%{name}.spec
|
92
95
|
%license %{gem_instdir}/LICENSE.txt
|
93
96
|
%{gem_instdir}/bin
|
94
97
|
%{gem_libdir}
|
@@ -103,6 +106,7 @@ popd
|
|
103
106
|
%doc %{gem_instdir}/.document
|
104
107
|
%{gem_instdir}/Gemfile
|
105
108
|
%doc %{gem_instdir}/README.md
|
109
|
+
%doc %{gem_instdir}/CHANGELOG.md
|
106
110
|
%{gem_instdir}/Rakefile
|
107
111
|
%{gem_instdir}/spec
|
108
112
|
%{gem_instdir}/trocla.gemspec
|
data/lib/VERSION
CHANGED
data/lib/trocla.rb
CHANGED
@@ -24,11 +24,11 @@ class Trocla
|
|
24
24
|
|
25
25
|
raise "Format #{format} is not supported! Supported formats: #{Trocla::Formats.all.join(', ')}" unless Trocla::Formats::available?(format)
|
26
26
|
|
27
|
-
unless (password=get_password(key,format)).nil?
|
27
|
+
unless (password=get_password(key,format,options)).nil?
|
28
28
|
return password
|
29
29
|
end
|
30
30
|
|
31
|
-
plain_pwd = get_password(key,'plain')
|
31
|
+
plain_pwd = get_password(key,'plain',options)
|
32
32
|
if options['random'] && plain_pwd.nil?
|
33
33
|
plain_pwd = Trocla::Util.random_str(options['length'].to_i,options['charset'])
|
34
34
|
set_password(key,'plain',plain_pwd,options) unless format == 'plain'
|
@@ -42,7 +42,7 @@ describe "Trocla::Format::X509" do
|
|
42
42
|
# default size
|
43
43
|
# https://stackoverflow.com/questions/13747212/determine-key-size-from-public-key-pem-format
|
44
44
|
expect(cert.public_key.n.num_bytes * 8).to eq(4096)
|
45
|
-
expect((Date.parse(cert.not_after.to_s) - Date.today).to_i).to eq(365)
|
45
|
+
expect((Date.parse(cert.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
|
46
46
|
# it's a self signed cert and NOT a CA
|
47
47
|
expect(verify(cert,cert)).to be false
|
48
48
|
|
@@ -60,7 +60,7 @@ describe "Trocla::Format::X509" do
|
|
60
60
|
ca = OpenSSL::X509::Certificate.new(ca_str)
|
61
61
|
# selfsigned?
|
62
62
|
expect(ca.issuer.to_s).to eq(ca.subject.to_s)
|
63
|
-
expect((Date.parse(ca.not_after.to_s) - Date.today).to_i).to eq(365)
|
63
|
+
expect((Date.parse(ca.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
|
64
64
|
expect(verify(ca,ca)).to be true
|
65
65
|
|
66
66
|
v = ca.extensions.find{|e| e.oid == 'basicConstraints' }.value
|
@@ -80,7 +80,7 @@ describe "Trocla::Format::X509" do
|
|
80
80
|
cert_str = @trocla.password('mycert', 'x509', cert_options)
|
81
81
|
cert = OpenSSL::X509::Certificate.new(cert_str)
|
82
82
|
expect(cert.issuer.to_s).to eq(@ca.subject.to_s)
|
83
|
-
expect((Date.parse(cert.not_after.to_s) - Date.today).to_i).to eq(365)
|
83
|
+
expect((Date.parse(cert.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
|
84
84
|
expect(verify(@ca,cert)).to be true
|
85
85
|
|
86
86
|
v = cert.extensions.find{|e| e.oid == 'basicConstraints' }.value
|
@@ -100,6 +100,14 @@ describe "Trocla::Format::X509" do
|
|
100
100
|
expect(cert_str).to match(/-----BEGIN CERTIFICATE-----/)
|
101
101
|
expect(cert_str).not_to match(/-----BEGIN RSA PRIVATE KEY-----/)
|
102
102
|
end
|
103
|
+
it 'supports fetching only the cert even a second time' do
|
104
|
+
cert_str = @trocla.password('mycert', 'x509', cert_options.merge('render' => {'certonly' => true }))
|
105
|
+
expect(cert_str).to match(/-----BEGIN CERTIFICATE-----/)
|
106
|
+
expect(cert_str).not_to match(/-----BEGIN RSA PRIVATE KEY-----/)
|
107
|
+
cert_str = @trocla.password('mycert', 'x509', cert_options.merge('render' => {'certonly' => true }))
|
108
|
+
expect(cert_str).to match(/-----BEGIN CERTIFICATE-----/)
|
109
|
+
expect(cert_str).not_to match(/-----BEGIN RSA PRIVATE KEY-----/)
|
110
|
+
end
|
103
111
|
|
104
112
|
it 'does not simply increment the serial' do
|
105
113
|
cert_str = @trocla.password('mycert', 'x509', cert_options)
|
@@ -118,7 +126,7 @@ describe "Trocla::Format::X509" do
|
|
118
126
|
}))
|
119
127
|
cert = OpenSSL::X509::Certificate.new(cert_str)
|
120
128
|
expect(cert.issuer.to_s).to eq(@ca.subject.to_s)
|
121
|
-
expect((Date.parse(cert.not_after.to_s) - Date.today).to_i).to eq(365)
|
129
|
+
expect((Date.parse(cert.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
|
122
130
|
expect(verify(@ca,cert)).to be true
|
123
131
|
|
124
132
|
expect(cert.extensions.find{|e| e.oid == 'basicConstraints' }.value).to eq('CA:TRUE')
|
@@ -134,7 +142,7 @@ describe "Trocla::Format::X509" do
|
|
134
142
|
}))
|
135
143
|
ca2 = OpenSSL::X509::Certificate.new(ca2_str)
|
136
144
|
expect(ca2.issuer.to_s).to eq(@ca.subject.to_s)
|
137
|
-
expect((Date.parse(ca2.not_after.to_s) - Date.today).to_i).to eq(365)
|
145
|
+
expect((Date.parse(ca2.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
|
138
146
|
pending_for(:engine => 'jruby',:reason => 'NameConstraints verification seem to be broken in jRuby: https://github.com/jruby/jruby/issues/3502') do
|
139
147
|
expect(verify(@ca,ca2)).to be true
|
140
148
|
end
|
@@ -154,7 +162,7 @@ describe "Trocla::Format::X509" do
|
|
154
162
|
valid_cert = OpenSSL::X509::Certificate.new(valid_cert_str)
|
155
163
|
expect(valid_cert.issuer.to_s).to eq(ca2.subject.to_s)
|
156
164
|
expect(verify([@ca,ca2],valid_cert)).to be true
|
157
|
-
expect((Date.parse(valid_cert.not_after.to_s) - Date.today).to_i).to eq(365)
|
165
|
+
expect((Date.parse(valid_cert.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
|
158
166
|
|
159
167
|
false_cert_str = @trocla.password('myfalseexamplecert','x509', {
|
160
168
|
'subject' => '/C=ZZ/O=Trocla Inc./CN=foo.example.net/emailAddress=example@example.com',
|
@@ -164,7 +172,7 @@ describe "Trocla::Format::X509" do
|
|
164
172
|
false_cert = OpenSSL::X509::Certificate.new(false_cert_str)
|
165
173
|
expect(false_cert.issuer.to_s).to eq(ca2.subject.to_s)
|
166
174
|
expect(verify([@ca,ca2],false_cert)).to be false
|
167
|
-
expect((Date.parse(false_cert.not_after.to_s) - Date.today).to_i).to eq(365)
|
175
|
+
expect((Date.parse(false_cert.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
|
168
176
|
end
|
169
177
|
|
170
178
|
it 'supports simple name constraints for CAs with leading dots' do
|
@@ -174,7 +182,7 @@ describe "Trocla::Format::X509" do
|
|
174
182
|
}))
|
175
183
|
ca2 = OpenSSL::X509::Certificate.new(ca2_str)
|
176
184
|
expect(ca2.issuer.to_s).to eq(@ca.subject.to_s)
|
177
|
-
expect((Date.parse(ca2.not_after.to_s) - Date.today).to_i).to eq(365)
|
185
|
+
expect((Date.parse(ca2.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
|
178
186
|
pending_for(:engine => 'jruby',:reason => 'NameConstraints verification seem to be broken in jRuby: https://github.com/jruby/jruby/issues/3502') do
|
179
187
|
expect(verify(@ca,ca2)).to be true
|
180
188
|
end
|
@@ -191,7 +199,7 @@ describe "Trocla::Format::X509" do
|
|
191
199
|
})
|
192
200
|
valid_cert = OpenSSL::X509::Certificate.new(valid_cert_str)
|
193
201
|
expect(valid_cert.issuer.to_s).to eq(ca2.subject.to_s)
|
194
|
-
expect((Date.parse(valid_cert.not_after.to_s) - Date.today).to_i).to eq(365)
|
202
|
+
expect((Date.parse(valid_cert.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
|
195
203
|
# workaround broken openssl
|
196
204
|
if %x{openssl version} =~ /1\.0\.[2-9]/
|
197
205
|
expect(verify([@ca,ca2],valid_cert)).to be true
|
@@ -207,7 +215,7 @@ describe "Trocla::Format::X509" do
|
|
207
215
|
})
|
208
216
|
false_cert = OpenSSL::X509::Certificate.new(false_cert_str)
|
209
217
|
expect(false_cert.issuer.to_s).to eq(ca2.subject.to_s)
|
210
|
-
expect((Date.parse(false_cert.not_after.to_s) - Date.today).to_i).to eq(365)
|
218
|
+
expect((Date.parse(false_cert.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
|
211
219
|
expect(verify([@ca,ca2],false_cert)).to be false
|
212
220
|
end
|
213
221
|
|
@@ -217,7 +225,7 @@ describe "Trocla::Format::X509" do
|
|
217
225
|
}))
|
218
226
|
ca2 = OpenSSL::X509::Certificate.new(ca2_str)
|
219
227
|
expect(ca2.issuer.to_s).to eq(@ca.subject.to_s)
|
220
|
-
expect((Date.parse(ca2.not_after.to_s) - Date.today).to_i).to eq(365)
|
228
|
+
expect((Date.parse(ca2.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
|
221
229
|
expect(verify(@ca,ca2)).to be true
|
222
230
|
|
223
231
|
cert2_str = @trocla.password('mycert', 'x509', {
|
@@ -227,7 +235,7 @@ describe "Trocla::Format::X509" do
|
|
227
235
|
})
|
228
236
|
cert2 = OpenSSL::X509::Certificate.new(cert2_str)
|
229
237
|
expect(cert2.issuer.to_s).to eq(ca2.subject.to_s)
|
230
|
-
expect((Date.parse(cert2.not_after.to_s) - Date.today).to_i).to eq(365)
|
238
|
+
expect((Date.parse(cert2.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
|
231
239
|
skip_for(:engine => 'jruby',:reason => 'Chained CA validation seems to be broken on jruby atm.') do
|
232
240
|
expect(verify([@ca,ca2],cert2)).to be true
|
233
241
|
end
|
@@ -258,7 +266,7 @@ describe "Trocla::Format::X509" do
|
|
258
266
|
hash_match = (defined?(RUBY_ENGINE) &&RUBY_ENGINE == 'jruby') ? 'RSA-SHA1' : 'sha1WithRSAEncryption'
|
259
267
|
expect(cert.signature_algorithm).to eq(hash_match)
|
260
268
|
expect(cert.not_before).to be < Time.now
|
261
|
-
expect((Date.parse(cert.not_after.to_s) - Date.today).to_i).to eq(3650)
|
269
|
+
expect((Date.parse(cert.not_after.localtime.to_s) - Date.today).to_i).to eq(3650)
|
262
270
|
# https://stackoverflow.com/questions/13747212/determine-key-size-from-public-key-pem-format
|
263
271
|
expect(cert.public_key.n.num_bytes * 8).to eq(2048)
|
264
272
|
expect(verify(@ca,cert)).to be true
|
@@ -278,7 +286,7 @@ describe "Trocla::Format::X509" do
|
|
278
286
|
cert_str = @trocla.password('mycert', 'x509', co)
|
279
287
|
cert = OpenSSL::X509::Certificate.new(cert_str)
|
280
288
|
expect(cert.issuer.to_s).to eq(@ca.subject.to_s)
|
281
|
-
expect((Date.parse(cert.not_after.to_s) - Date.today).to_i).to eq(365)
|
289
|
+
expect((Date.parse(cert.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
|
282
290
|
expect(verify(@ca,cert)).to be true
|
283
291
|
expect(cert.extensions.find{|e| e.oid == 'subjectAltName' }).to be_nil
|
284
292
|
end
|
@@ -299,7 +307,7 @@ describe "Trocla::Format::X509" do
|
|
299
307
|
expect(cert.subject.to_s).not_to match(/#{field}=#{co[field]}/)
|
300
308
|
end
|
301
309
|
expect(cert.subject.to_s).not_to match(/(Email|emailAddress)=#{co['emailAddress']}/)
|
302
|
-
expect((Date.parse(cert.not_after.to_s) - Date.today).to_i).to eq(365)
|
310
|
+
expect((Date.parse(cert.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
|
303
311
|
expect(verify(@ca,cert)).to be true
|
304
312
|
end
|
305
313
|
end
|
data/trocla.gemspec
CHANGED
@@ -2,11 +2,11 @@
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
3
3
|
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
|
4
4
|
# -*- encoding: utf-8 -*-
|
5
|
-
# stub: trocla 0.2.
|
5
|
+
# stub: trocla 0.2.2 ruby lib
|
6
6
|
|
7
7
|
Gem::Specification.new do |s|
|
8
8
|
s.name = "trocla"
|
9
|
-
s.version = "0.2.
|
9
|
+
s.version = "0.2.2"
|
10
10
|
|
11
11
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
12
12
|
s.require_paths = ["lib"]
|
@@ -23,6 +23,7 @@ Gem::Specification.new do |s|
|
|
23
23
|
".document",
|
24
24
|
".rspec",
|
25
25
|
".travis.yml",
|
26
|
+
"CHANGELOG.md",
|
26
27
|
"Gemfile",
|
27
28
|
"LICENSE.txt",
|
28
29
|
"README.md",
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: trocla
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- mh
|
@@ -121,6 +121,7 @@ files:
|
|
121
121
|
- ".document"
|
122
122
|
- ".rspec"
|
123
123
|
- ".travis.yml"
|
124
|
+
- CHANGELOG.md
|
124
125
|
- Gemfile
|
125
126
|
- LICENSE.txt
|
126
127
|
- README.md
|