RubyGems - trocla - Versions diffs - 0.2.0 → 0.2.1 - Mend

trocla 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml +4 -4
data/Gemfile +1 -0
data/README.md +13 -1
data/ext/redhat/rubygem-trocla.spec +114 -0
data/lib/VERSION +1 -1
data/lib/trocla/formats/x509.rb +14 -6
data/lib/trocla/formats.rb +3 -0
data/lib/trocla.rb +18 -7
data/spec/trocla/formats/x509_spec.rb +11 -0
data/trocla.gemspec +4 -3
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5013d3c6ab75dc39bbbb5f7c8a77b19f7b5bed1c
-  data.tar.gz: bffc23e9979133c7303c7fde6b4b7a24fe367f8b
+  metadata.gz: 6a30592b5fe0cb877e7020fb82130f82f268092f
+  data.tar.gz: 66ffb4cc0e40748893b4d5252bae9dbc0ab5ef92
 SHA512:
-  metadata.gz: 009e2b762c641a8f10be76d673a3860b98cd3dd91a27b77da5d0775c9312da26f454c1c54a039bc9011d25c6c77dd6813b87007e0a71dcab35839fb09d5a3457
-  data.tar.gz: e873f4ac50bebf1ab00eddb06b3c9cca0040783a46195391f7064cebba0b2c47648454cef391e20831c405ff6280d2354f249050eb5605452f8e1f3f5becbdc7
+  metadata.gz: fd70d9212f4e9c3edf09fd8fcc18b21cb5be10cb1bcd0a0425619d09e9d26102d86fc6a3b298cf53039396f476dc14fd1de28fe52db7285020e4f38bc3fb8717
+  data.tar.gz: 264bbb90b3ee22407c239633d2fe949e9634aab726c13cf10c2b79346ad91add53f6f98f7a8a608b98881e7d4e5d1807a6c1ce3533e65060fddef15b2d35a9ec

data/Gemfile CHANGED Viewed

@@ -27,6 +27,7 @@ group :development do
     gem "rspec", "~> 2.4"
     gem "rdoc", "~> 3.8"
     gem "jeweler", "~> 1.6"
+    gem "addressable", "~> 2.3.8"
   end
   gem 'rspec-pending_for'
 end

data/README.md CHANGED Viewed

@@ -69,6 +69,7 @@ Valid global options are:
 * profiles: a profile name or an array of profiles matching a profile_name in your configuration. Learn more about profiles below.
 * random: boolean - Whether we allow creation of random passwords or we expect a password to be preset. Default: true - or whatever you define in your global settings.
 * expires: An integer indicating the amount of seconds a value (e.g. password) is available. After expiration a value will not be available anymore and trying to `get` this key will return no value (nil). Meaning that calling create after expiration, would create a new password automatically. There is more about expiration in the storage backends section.
+* render: A hash providing flags for formats to render the output specifially. This is a global option, but support depends on a per format basis.
 Example:
@@ -201,9 +202,16 @@ Additional options are:
                       openssl versions have a bug with [leading dots](https://rt.openssl.org/Ticket/Display.html?id=3562) for name
                       constraints. So using them might not work everywhere as expected.
+Output render options are:
+    certonly If set to true the x509 format will return only the certificate
+    keyonly  If set to true the x509 format will return only the private key
 ## Installation
-Simply build and install the gem.
+* Debian has trocla within its sid-release: `apt-get install trocla`
+* For RHEL/CentOS 7 there is a [copr reporisotry](https://copr.fedoraproject.org/coprs/duritong/trocla/). Follow the help there to integrate the repository and install trocla.
+* Trocla is also distributed as gem: `gem install trocla`
 ## Configuration
@@ -300,6 +308,10 @@ encryption_options:
 ## Update & Changes
+### to 0.2.1
+1. New Feature: Introduce a way to render specific formats, mainly this allows you to control the output of a specific format. See the x509 format for more information.
 ### to 0.2.0
 1. New feature profiles: Introduce profiles to make it easy to have a default set of properties. See the profiles section for more information.

data/ext/redhat/rubygem-trocla.spec ADDED Viewed

@@ -0,0 +1,114 @@
+# Generated from trocla-0.1.2.gem by gem2rpm -*- rpm-spec -*-
+%global gem_name trocla
+Name: rubygem-%{gem_name}
+Version: 0.2.0
+Release: 1%{?dist}
+Summary: Trocla a simple password generator and storage
+Group: Development/Languages
+License: GPLv3
+URL: https://tech.immerda.ch/2011/12/trocla-get-hashed-passwords-out-of-puppet-manifests/
+Source0: https://rubygems.org/gems/%{gem_name}-%{version}.gem
+Requires: rubygem-moneta
+Requires: rubygem-bcrypt
+Requires: rubygem-highline
+BuildRequires: rubygem-moneta = 0.7.20
+BuildRequires: rubygem-bcrypt
+BuildRequires: rubygem-highline
+BuildRequires: ruby(release)
+BuildRequires: rubygems-devel
+BuildRequires: ruby
+# BuildRequires: rubygem(mocha)
+# BuildRequires: rubygem(rspec) => 2.4
+# BuildRequires: rubygem(rspec) < 3
+# BuildRequires: rubygem(jeweler) => 1.6
+# BuildRequires: rubygem(jeweler) < 2
+BuildArch: noarch
+%description
+Trocla helps you to generate random passwords and to store them in various
+formats (plain, MD5, bcrypt) for later retrival.
+%package doc
+Summary: Documentation for %{name}
+Group: Documentation
+Requires: %{name} = %{version}-%{release}
+BuildArch: noarch
+%description doc
+Documentation for %{name}.
+%prep
+gem unpack %{SOURCE0}
+%setup -q -D -T -n  %{gem_name}-%{version}
+gem spec %{SOURCE0} -l --ruby > %{gem_name}.gemspec
+%build
+# Create the gem as gem install only works on a gem file
+gem build %{gem_name}.gemspec
+# %%gem_install compiles any C extensions and installs the gem into ./%%gem_dir
+# by default, so that we can move it into the buildroot in %%install
+%gem_install
+%install
+mkdir -p %{buildroot}%{gem_dir}
+cp -a .%{gem_dir}/* \
+        %{buildroot}%{gem_dir}/
+mkdir -p %{buildroot}%{_bindir}
+mkdir -p %{buildroot}%{_sysconfdir}
+mkdir -p %{buildroot}/%{_sharedstatedir}/%{gem_name}
+touch %{buildroot}/%{_sharedstatedir}/%{gem_name}/%{gem_name}_data.yaml
+cp -pa .%{_bindir}/* \
+        %{buildroot}%{_bindir}/
+chmod a+x %{buildroot}%{gem_instdir}/bin/%{gem_name}
+cat <<EOF > %{buildroot}/%{_sysconfdir}/%{gem_name}rc.yaml
+---
+adapter: :YAML
+adapter_options:
+      :file: '%{_sharedstatedir}/%{gem_name}/%{gem_name}_data.yaml'
+EOF
+# Run the test suite
+%check
+pushd .%{gem_instdir}
+popd
+%files
+%dir %{gem_instdir}
+%{_bindir}/trocla
+%{gem_instdir}/.rspec
+%exclude %{gem_instdir}/.travis.yml
+%exclude %{gem_instdir}/.rspec
+%license %{gem_instdir}/LICENSE.txt
+%{gem_instdir}/bin
+%{gem_libdir}
+%exclude %{gem_cache}
+%{gem_spec}
+%config(noreplace) %{_sysconfdir}/%{gem_name}rc.yaml
+%dir %attr(755, root, root) %{_sharedstatedir}/%{gem_name}
+%config(noreplace) %attr(660, root, root) %{_sharedstatedir}/%{gem_name}/%{gem_name}_data.yaml
+%files doc
+%doc %{gem_docdir}
+%doc %{gem_instdir}/.document
+%{gem_instdir}/Gemfile
+%doc %{gem_instdir}/README.md
+%{gem_instdir}/Rakefile
+%{gem_instdir}/spec
+%{gem_instdir}/trocla.gemspec
+%changelog
+* Mon Dec 21 2015 mh - 0.2.0-1
+- Release of v0.2.0
+* Sun Jun 21 2015 mh - 0.1.2-1
+- Initial package

data/lib/VERSION CHANGED Viewed

@@ -1,4 +1,4 @@
 major:0
 minor:2
-patch:0
+patch:1
 build:

data/lib/trocla/formats/x509.rb CHANGED Viewed

@@ -49,6 +49,7 @@ class Trocla::Formats::X509 < Trocla::Formats::Base
       raise "Private key for #{subject} creation failed: #{e.message}"
     end
+    cert = nil
     if sign_with # certificate signed with CA
       begin
         ca_str = trocla.get_password(sign_with,'x509')
@@ -68,14 +69,12 @@ class Trocla::Formats::X509 < Trocla::Formats::Base
       end
       begin
-        csr_cert = mkcert(caserial, request.subject, ca, request.public_key, days, altnames, name_constraints, become_ca)
-        csr_cert.sign(cakey, signature(hash))
+        cert = mkcert(caserial, request.subject, ca, request.public_key, days, altnames, name_constraints, become_ca)
+        cert.sign(cakey, signature(hash))
         addserial(sign_with, caserial)
       rescue Exception => e
         raise "Certificate #{subject} signing failed: #{e.message}"
       end
-      key.to_pem + csr_cert.to_pem
     else # self-signed certificate
       begin
         subj = OpenSSL::X509::Name.parse(subject)
@@ -84,12 +83,21 @@ class Trocla::Formats::X509 < Trocla::Formats::Base
       rescue Exception => e
         raise "Self-signed certificate #{subject} creation failed: #{e.message}"
       end
+    end
+    key.to_pem + cert.to_pem
+  end
-      key.to_pem + cert.to_pem
+  def render(output,render_options={})
+    if render_options['keyonly']
+      OpenSSL::PKey::RSA.new(output).to_pem
+    elsif render_options['certonly']
+      OpenSSL::X509::Certificate.new(output).to_pem
+    else
+      super(output,render_options)
     end
   end
-  private
+  private
   # nice help: https://gist.github.com/mitfik/1922961
   def signature(hash = 'sha2')

data/lib/trocla/formats.rb CHANGED Viewed

@@ -5,6 +5,9 @@ class Trocla::Formats
     def initialize(trocla)
       @trocla = trocla
     end
+    def render(output,render_options={})
+      output
+    end
   end
   class << self

data/lib/trocla.rb CHANGED Viewed

@@ -35,11 +35,14 @@ class Trocla
     elsif !options['random'] && plain_pwd.nil?
       raise "Password must be present as plaintext if you don't want a random password"
     end
-    set_password(key,format,self.formats(format).format(plain_pwd,options),options)
+    set_password(key,
+      format,
+      self.formats(format).format(plain_pwd,options),
+      options)
   end
-  def get_password(key, format)
-    decrypt(store.get(key,format))
+  def get_password(key, format, options={})
+    render(format,decrypt(store.get(key,format)),options)
   end
   def reset_password(key,format,options={})
@@ -47,20 +50,20 @@ class Trocla
     password(key,format,options)
   end
-  def delete_password(key,format=nil)
+  def delete_password(key,format=nil,options={})
     v = store.delete(key,format)
     if v.is_a?(Hash)
       Hash[*v.map do |f,encrypted_value|
-        [f,decrypt(encrypted_value)]
+        [f,render(format,decrypt(encrypted_value),options)]
       end.flatten]
     else
-      decrypt(v)
+      render(format,decrypt(v),options)
     end
   end
   def set_password(key,format,password,options={})
     store.set(key,format,encrypt(password),options)
-    password
+    render(format,password,options)
   end
   def formats(format)
@@ -116,6 +119,14 @@ class Trocla
     encryption.decrypt(value)
   end
+  def render(format,output,options={})
+    if format && output && f=self.formats(format)
+      f.render(output,options['render']||{})
+    else
+      output
+    end
+  end
   def default_config
     require 'yaml'
     YAML.load(File.read(File.expand_path(File.join(File.dirname(__FILE__),'trocla','default_config.yaml'))))

data/spec/trocla/formats/x509_spec.rb CHANGED Viewed

@@ -90,6 +90,17 @@ describe "Trocla::Format::X509" do
       expect(ku).not_to match(/CRL Sign/)
     end
+    it 'supports fetching only the key' do
+      cert_str = @trocla.password('mycert', 'x509', cert_options.merge('render' => {'keyonly' => true }))
+      expect(cert_str).not_to match(/-----BEGIN CERTIFICATE-----/)
+      expect(cert_str).to match(/-----BEGIN RSA PRIVATE KEY-----/)
+    end
+    it 'supports fetching only the cert' do
+      cert_str = @trocla.password('mycert', 'x509', cert_options.merge('render' => {'certonly' => true }))
+      expect(cert_str).to match(/-----BEGIN CERTIFICATE-----/)
+      expect(cert_str).not_to match(/-----BEGIN RSA PRIVATE KEY-----/)
+    end
     it 'does not simply increment the serial' do
       cert_str = @trocla.password('mycert', 'x509', cert_options)
       cert1 = OpenSSL::X509::Certificate.new(cert_str)

data/trocla.gemspec CHANGED Viewed

@@ -2,16 +2,16 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
-# stub: trocla 0.2.0 ruby lib
+# stub: trocla 0.2.1 ruby lib
 Gem::Specification.new do |s|
   s.name = "trocla"
-  s.version = "0.2.0"
+  s.version = "0.2.1"
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib"]
   s.authors = ["mh"]
-  s.date = "2015-12-21"
+  s.date = "2016-01-27"
   s.description = "Trocla helps you to generate random passwords and to store them in various formats (plain, MD5, bcrypt) for later retrival."
   s.email = "mh+trocla@immerda.ch"
   s.executables = ["trocla"]
@@ -28,6 +28,7 @@ Gem::Specification.new do |s|
     "README.md",
     "Rakefile",
     "bin/trocla",
+    "ext/redhat/rubygem-trocla.spec",
     "lib/VERSION",
     "lib/trocla.rb",
     "lib/trocla/default_config.yaml",

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: trocla
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.1
 platform: ruby
 authors:
 - mh
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-12-21 00:00:00.000000000 Z
+date: 2016-01-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: moneta
@@ -126,6 +126,7 @@ files:
 - README.md
 - Rakefile
 - bin/trocla
+- ext/redhat/rubygem-trocla.spec
 - lib/VERSION
 - lib/trocla.rb
 - lib/trocla/default_config.yaml