RubyGems - tttls1.3 - Versions diffs - 0.2.9 → 0.2.14 - Mend

tttls1.3 0.2.9 → 0.2.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (41) hide show

checksums.yaml +4 -4
data/.github/workflows/ci.yml +32 -0
data/.rubocop.yml +9 -2
data/Gemfile +1 -1
data/README.md +5 -1
data/Rakefile +66 -7
data/example/helper.rb +6 -8
data/example/https_client.rb +1 -1
data/example/https_client_using_0rtt.rb +3 -3
data/example/https_client_using_hrr.rb +1 -1
data/example/https_client_using_hrr_and_ticket.rb +2 -2
data/example/https_client_using_status_request.rb +31 -0
data/example/https_client_using_ticket.rb +2 -2
data/example/https_server.rb +6 -5
data/interop/client_spec.rb +8 -8
data/interop/helper.rb +10 -2
data/interop/server_spec.rb +14 -10
data/lib/tttls1.3.rb +1 -0
data/lib/tttls1.3/client.rb +97 -12
data/lib/tttls1.3/connection.rb +45 -12
data/lib/tttls1.3/cryptograph.rb +1 -1
data/lib/tttls1.3/cryptograph/aead.rb +20 -7
data/lib/tttls1.3/message.rb +1 -1
data/lib/tttls1.3/message/alert.rb +2 -2
data/lib/tttls1.3/message/extension/status_request.rb +73 -17
data/lib/tttls1.3/message/extensions.rb +35 -12
data/lib/tttls1.3/server.rb +40 -13
data/lib/tttls1.3/utils.rb +15 -0
data/lib/tttls1.3/version.rb +1 -1
data/spec/extensions_spec.rb +16 -0
data/spec/fixtures/rsa_rsa.crt +15 -15
data/spec/fixtures/rsa_rsa.key +25 -25
data/spec/fixtures/rsa_rsa_ocsp.crt +18 -0
data/spec/fixtures/rsa_rsa_ocsp.key +27 -0
data/spec/server_hello_spec.rb +1 -1
data/spec/spec_helper.rb +35 -1
data/spec/status_request_spec.rb +77 -10
data/tttls1.3.gemspec +1 -1
metadata +14 -10
data/.travis.yml +0 -18
data/interop/Dockerfile +0 -28

data/spec/fixtures/rsa_rsa.crt CHANGED

@@ -1,18 +1,18 @@
 -----BEGIN CERTIFICATE-----
-MIIC2TCCAcGgAwIBAgIJAM8aTIrMzHgzMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV
-BAMMB3Rlc3QtY2EwHhcNMTkwNTI1MDEzODAyWhcNMjAwNTI0MDEzODAyWjAUMRIw
+MIIC2TCCAcGgAwIBAgIJALo0YKZBVqYnMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV
+BAMMB3Rlc3QtY2EwHhcNMjAwNzE1MTU0NTE4WhcNMzAwNzEzMTU0NTE4WjAUMRIw
 EAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQDb9cGc2hOrLp3VWpxw8WgDqEL3LzZ5a6iYwibeR4AEB5FJLhS3Wvxa1xOS510C
-Kyfk/0znJvN9y+C8tFpB1BAN1OpPvaMPcYWx9CfEeoXaA5+QtU0MWJV7uYMtEUEx
-mEOvDKK1ZvHhw7xUzwcJTFRo6ZY6LqjiozlSPkTrVRIWoy7qEzXnOza36xX18xVt
-azvJBBudtTrjjBfQv2DJdF44icWqOBvAwg54BAbaH3bZ1WOg5oRnOPeVumYbPBsl
-dCDs67S1+RHKMEjRTk7gzuGog9lxJVMluU7iyreROD9+GvJEY3ra2KH96rtIgzo6
-KFHlC4Ih18zRfJZePgMGi5zVAgMBAAGjMDAuMAkGA1UdEwQCMAAwCwYDVR0PBAQD
-AgWgMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDANBgkqhkiG9w0BAQsFAAOCAQEAAjDs
-4PgPL2Tn8+TxFWEPjh3VUB2kNyYK4LFA/ooN81pDLmm9/qc0FcUs16YQIqYdZICc
-vE83z3RlTmSjsynaRXxYh0VGVE2g2pWiPzEGTGE5HJy2JOtidMiacskmvetbTyYd
-TLdTEFiAlXF9e24OanglmFr9QnA/Z/zQkuIb4t7KN8Dufsi3ljkoJ+puuPxrEQj0
-4BfBo381jK5WULHJ2G9pz5pvy1GZLfj1tQyG2wkI/vV2tjFN+LLO7NCY3V6RjvEZ
-bH4ZdAQz9fbbp7eCXImP+OJYt97Q3RZFJjUWhmh4qFebelkeN3RnmWSFrgjh0O67
-pyNwVv0//MYIEhMUVQ==
+AQC65xzvPQrsXXRVsQ4rcrmvOF0gdWV38JKlhHUrS50//T0S55FUSBkuVXUDCZDx
+dOf0y/5HaMb3hm68+ld5B/oNtoPlJWW6Sgc8OLERQy9qGpwR0mXND4SnZ9or7RDV
+8tAEg/Hzq5rm6Xy2WClSR+nHg2tVh2Szde39j7o8ivJpHPzfEyZh37y9oIiY2/FP
+QpbAe8n3Ses04D3jhZRoysdcuneWuG3h5DJ9X4IhZUBM54nEO5IQElyYnF6xY/Lt
+Gykf8+ydiuAZpZF5FGGfoiKB7XdIwhSlK1XRFeBbHRqyAFjpSNtqy6RPdJINLseb
+wG6DNSxcLm91C6ZJaaqu7Qp1AgMBAAGjMDAuMAkGA1UdEwQCMAAwCwYDVR0PBAQD
+AgWgMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDANBgkqhkiG9w0BAQsFAAOCAQEALqaQ
+J5H9jB2VmIEDxhXAQTeqW1Hmp0oHhL1XcAvNS+JILjFfAdjMe/3Kei3hQJv8j8sE
+uck3o7iA4kcE0ydUzO7TM7efjqcksyZrmWSB0xj+NHjcybwhD4Selr1vBSCU0IHN
+Ap+zYbBX7eQawm2lIzniBvS6MmP+dgZjhy73FVQ4oSz+wTcg1iPkhulYL4iV/HSG
+fND5gUvlRbLHGTETpCdq7iJNOpNl/OYboJLPvVpx8H7Jc+L2bQl05fj/koO35xaL
+JuZGj5aVOKw45WvqERpe1RI3077dWE6bAr9DzrW13IqmFMbPD817pcB6+ILZnMAF
+RhobWRU6PA4TdDP8bg==
 -----END CERTIFICATE-----

data/spec/fixtures/rsa_rsa.key CHANGED

@@ -1,27 +1,27 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEA2/XBnNoTqy6d1VqccPFoA6hC9y82eWuomMIm3keABAeRSS4U
-t1r8WtcTkuddAisn5P9M5ybzfcvgvLRaQdQQDdTqT72jD3GFsfQnxHqF2gOfkLVN
-DFiVe7mDLRFBMZhDrwyitWbx4cO8VM8HCUxUaOmWOi6o4qM5Uj5E61USFqMu6hM1
-5zs2t+sV9fMVbWs7yQQbnbU644wX0L9gyXReOInFqjgbwMIOeAQG2h922dVjoOaE
-Zzj3lbpmGzwbJXQg7Ou0tfkRyjBI0U5O4M7hqIPZcSVTJblO4sq3kTg/fhryRGN6
-2tih/eq7SIM6OihR5QuCIdfM0XyWXj4DBouc1QIDAQABAoIBAA6EEGvuhF/Gqsna
-ufpGJCwhnZG8fubScQTrwy7mHw+lBDSFIv7atU61ZOhL9npfKLnXE1cp3eXOX510
-dYRkn06aX4A1rp4lSsJsr3cq8sxpcs1U+am36t2IZ5zAx8GjH8xclBxOl+XjSfl6
-1CcL74Ig8DYUwDZ8uRqxW1EAgzoVGXTMjXqEtP+X3WcFP/XNdzGWeFheowk0iwOn
-DIM6tIELbExbSK8RxhTrKQKv+rTm373ntwSrtvDLlAz1kR9p0a6XeeAn3VVkVYaE
-cu6MRuA2b24EYcEDQgbU2KsUke2vZ1i5hl5ptuc8+iubXCj2SICilBeVQNXLIr2j
-sIzd8x0CgYEA+nH5IIt9pnlqRkFm8Y4bH4cvTk7xMWKj1tuRvP0Vdmw+KsqCxWNR
-w1KuUZ0tj6lzQez0o/jpFWqtxDTV5r3vj/6nrFcLXClENe65pQMByaduoKUGn6VK
-lE7xO0JMRRIqPwRH3vyazcUuVnFtPToBfV82fSvKt9R/xb7lTA8cWk8CgYEA4Naw
-LLwIaL8Drq8BCwJUIrSuZCKcS8542AA+Qz3ivTIMbZshiSE27cLTurFQhpjC7fu3
-V3DQWbQLk3wdg3wAVA7uADlqwCY9SdKo8HstUBaM/GVgPSfxEIRohSHN6KY5NP0r
-tAWKDEcvfuiiV+YFtwz1tXVZl0OpvRpRxzYHYZsCgYEAsziqkjqgYWiTv9D/zS7n
-hAlmtgBSJAg1vQUF5xupp0RQvKiNKponocJiUq9LMnqNq4jZjRoMGrJrxXQV+njD
-neUbsn3b+EjjskCzAz4Con858KYH9mj/1OAlS0XndKpKJyx2DkHwuf44ac3j4aPH
-+yMOyEZ1XFYqVaWFS4eov4sCgYEAppvwaPXddWE2pVdhenr7RcyF/gX3s+UIf2eO
-u908C97ufroaG7fVMFLS+uEyPsssh5WjwtQCULaubVfntutIgwGdM+VYSZMMj4vf
-THS6m0Jarx2gNzFF3WuA2Ea4gtHKSo3guMHyDi8h7vUMd/4n9gFQgmq3PPQS7+J0
-/x32UkkCgYBboPnH4jVSqN0vfFtvsGhxXW4lxJQab6bMQ58DvhitKh8O1r+WCbCY
-ynhyc7ne7DCLfyH1Blv8jG+tjBNaDQgoGIuJ+Bpmwon0T2hUqCQbts12a3ZEffP9
-Wmk8MKKy7fu4RDFh0KHai1Fqa3AmVn8Jhq+kCGbueSOMkRwy0tCetg==
+MIIEowIBAAKCAQEAuucc7z0K7F10VbEOK3K5rzhdIHVld/CSpYR1K0udP/09EueR
+VEgZLlV1AwmQ8XTn9Mv+R2jG94ZuvPpXeQf6DbaD5SVlukoHPDixEUMvahqcEdJl
+zQ+Ep2faK+0Q1fLQBIPx86ua5ul8tlgpUkfpx4NrVYdks3Xt/Y+6PIryaRz83xMm
+Yd+8vaCImNvxT0KWwHvJ90nrNOA944WUaMrHXLp3lrht4eQyfV+CIWVATOeJxDuS
+EBJcmJxesWPy7RspH/PsnYrgGaWReRRhn6Iige13SMIUpStV0RXgWx0asgBY6Ujb
+asukT3SSDS7Hm8BugzUsXC5vdQumSWmqru0KdQIDAQABAoIBABPIjNaB9psIVV0Q
+rbhJn3/9jlX2NzRX4Z3lhGV9znpMet96ZXavXwL5hrY4mAAG6NqPkS3L2Guw7h3Q
+vduQzZYQAKwLplXuqg9kzNFP9D/d6zEzvRTUlK0HoB9QK50J45zmvoCVZIMWqd2/
+PTh5ZjR5I65c83rPe86AHS11Y61edr+vvGtI07kvj7EzR3jie0Lzzpj7TbmjTt5U
+v9rskcxjulQOmp8t/3ouptUhi16PRXPof0yzRGo6rrCUoQ7Cuy1dbFZ96dIBxrt4
+h9suE6MtpXdsGfI5FZPOKHqUcw8hZfUgeOYm4OTV3vBYie0xJ77i9YgqR+UwymjA
+NK4AOY0CgYEA553JtUvl8py76HjL3DxfbU38Dq22AF9sdUAs9Xwy9B8Y6R9SyrPI
+nab+3EE0gz5NnFLFCILK4A7ewe3OB3bE7/P4mc7JlUWM2LAcBz7K50seIKD3r+cj
+VzLHarOBi/VZ0pe1lDj/cuQ6cXTLHbKtk2XGCRnCBMJlog4ruFMYJ+sCgYEAzpRD
+3YtuQcT0rtvK05BcdWD3nGgsrAauLvKz80LIu4zX9nfz/H6lNRpZYJ2jrLR1ikbX
+XVWIsNlWizAuWEbGokUEYDTuhkh3591nrdPyB6/0Lm2Snl+q7mKIUFrZ08MXe7U8
+Z/qPq2VLVSzCyoGX0l4GuNymgDH6NVR/i5yQXx8CgYBNJ1OUz+aWbb1ukCagg3/q
+QksPfLAe6aqQWENhtvCmP2Gl7mg+26qdUY6eQh5DBdMGms/FqQP5pRpxEU1LUTYD
+FIsgeTDPR67GU8vSYglnCK/NgLFhaCZumpyxH4Cs5Zr5Os4ixOXbGMmbF6O9jdKi
+Qgm46FqoCTWfyQapTQzD5wKBgGQV4WuNCjZDPmkZhANMhf84o77bmgkek3WbkSPi
+z25OprN7GnLSySgZRARTW+Fo7Sm5eM53impkYlG9XjbW05X66kvSWV4l7jIgSwMl
+FLY0wZFc9RRWNXKZuoF0AuVeOBpvjHy0ILdhtEXoEdgbQXtios8d2G1zyU3dSo5R
+pIDxAoGBAIlXeI9tB0X9ywXKylI3CyHi8ex/k6o4WTj/5fH4bYp4faHBRm78Ho81
+Ih9rewMw7fMC3YUN3rcyvHRQqbJ2Wcxpyf0k45GMxTRasoVXCXgV/sMNCHh/ddZM
+Gf5ZTeq10gJPofBlPObg5VrlCLRnIFaNI4izpq2A+/FqTrEvSGlf
 -----END RSA PRIVATE KEY-----

data/spec/fixtures/rsa_rsa_ocsp.crt ADDED

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC4TCCAcmgAwIBAgIJALkL6IyOlMwWMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV
+BAMMB3Rlc3QtY2EwHhcNMTkxMTI2MDczMzExWhcNMjkxMTIzMDczMzExWjAUMRIw
+EAYDVQQDDAl0ZXN0LW9jc3AwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDapLrB5S2yXQ9Wt/O9SZzoMW8IChsPgtZYC8h4Z/bcbqRb/6Bq5YfcYxq84cD/
+8xn7e8R2OCNgva8GBlMy7d0czt3ysLnNlZ+dPu7MU4yS/R40LOhMGEf71mf6PLqj
+1ecaEclgbIhyIGHlUXQIAnhhpAwzHxKVAhcgBgQFs8NgNViAE3BpjyUW0qXE5RUY
+BQ7V9/Kn/fnsfOk6jMF20V2Kxn5Sj/c+D59+vFX3FmQyqsTKoAKoUuNsFOvHGV0d
+gxLggE5wq4AodrA40MY95HgCZ2rDfEKgfc9rKhLGz6s0etGFMVtjqK6YvpQYUOaS
+8JStLrGF1eINoJJFibIf69v9AgMBAAGjODA2MAkGA1UdEwQCMAAwEwYDVR0lBAww
+CgYIKwYBBQUHAwkwFAYDVR0RBA0wC4IJdGVzdC1vY3NwMA0GCSqGSIb3DQEBCwUA
+A4IBAQBHC6jRQyZhBJIdfP9CGpNO1dNHicwpFJ61ofwgzW1jEkVfBtVpqvEaEbYE
+LVxru1s8VY281trhwRuZkDRv5hB/CUUbdPICwQlkyCdUoYURrJEm/mirK9494AGh
+f33S+bMXZGAYLYoPYlSGj8EpL1Do3nvJK8//coRJlTEBcfgIIUlRMaeOiGrg3zpM
+1KGxO3GtG1mpod7BEMv3ZGI85p8wXF4N2Z+phBoAyRGW+R4VW3tF5bbqiKlRr3Lt
+HNsuXHSQykKpxD085eeQLTZGVESrCcmNv8XvVxwGE1r0kmlwexADNvP3HDXseie+
+8QFIt+zvJb/lDy4xbCT/M4a7L9Gn
+-----END CERTIFICATE-----

data/spec/fixtures/rsa_rsa_ocsp.key ADDED

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA2qS6weUtsl0PVrfzvUmc6DFvCAobD4LWWAvIeGf23G6kW/+g
+auWH3GMavOHA//MZ+3vEdjgjYL2vBgZTMu3dHM7d8rC5zZWfnT7uzFOMkv0eNCzo
+TBhH+9Zn+jy6o9XnGhHJYGyIciBh5VF0CAJ4YaQMMx8SlQIXIAYEBbPDYDVYgBNw
+aY8lFtKlxOUVGAUO1ffyp/357HzpOozBdtFdisZ+Uo/3Pg+ffrxV9xZkMqrEyqAC
+qFLjbBTrxxldHYMS4IBOcKuAKHawONDGPeR4Amdqw3xCoH3PayoSxs+rNHrRhTFb
+Y6iumL6UGFDmkvCUrS6xhdXiDaCSRYmyH+vb/QIDAQABAoIBAQC/s1D/siYHzeol
++XFelI1bVARqwxmI1wmB9wrU7yqViPjYpN+M+iTNyaLm2vUyNH6ibZkKohv6tTUh
+DiiibcXBfWtCX0r5gueIomYThmmpcv6pdnpSRbPPjeRqlhZ6kZBn3hJ3VZGoptXO
+j0UxxKCx03jS1bqgJU4LSNr7+OojjeKh8D9bxwCizhGx9239QwChtQTPr4U3aeTb
+Qwx8WtNH/2zvpdylyXW/eg8MO4WPYXpxWSGQnRJG5knPa7hF+iRnszysbUPNBVUd
+TUQJHBdtukt+7hDbPyMpMu0DwpqhOqsEk2avacWuCYEEE/SWmJ/mvLokbfECSUpy
+ZqfXJPLNAoGBAPtd+m2YVmLJmjO2skv+zGG5KhHNF2cY6xLQWuHW/yChNjSzpLYm
+YygyOd4hBH39ieQkBRs0QOX9S5Dzv6ERU1cr0CVDJeb9TQ9UTxXc01paJ+aoZNr5
+uHoGO16xBR4tmidc4HmbHDFSwmRAFhkooHM9MVACUFABIdWqwEwSZa/HAoGBAN6s
+WhPrsDyRAfKFV9bwD1P5aMPu6pjWOFO3bRIisPRtVzilamCkKvXCh1SyYHaNRjjG
+fQYEZeCZTxHi7GxZltRG5DRsmm8rDz6E4OrTQMHfQNDiuw78uZZ9+YYwaIM3nt1i
+/lN2hs79zj/HPf5qX9rw+CarOL0bdW97a/Monx4bAoGAeMqXXfT3hi9E15bypQxD
+IK6/JaC9n0BdLkRLd/09ymtNxhORkipuOdGw9yo8o2Kj0arxfTol+Z83oedP7dGK
+j/gw5McYvqB4WGZ2PpZIRkHOrMu883FPEexOuVktkWvuiP3brPQ5nwYa/dvCAsMA
+H4CHYuBJwbhZjvinwaaRkN8CgYA9sQh/zmOUVCRy+Yh9jyLgBBCHgDDUyTzvzLjW
+NnBKN+TbV9DiF3mjfxKZX5YkIj3bSvqmaR+Em1Txwqn31tZX15AwCgq7U/W0P4JE
+7ORbEixV8wsaOuB8FkjEabL677T+5wdJPmRZAq5asyu0yenmsa4+oF9m3S2rBknB
+I3b6EwKBgQD1+0+xdGomMeKHg8jWuDytdlWmNXmbiV0g2yOm533jG67vGDPfgd0H
+PNC62d7r5EhIVJwQZmW/GdOfZ7tI91XN+GjNyslr9t299hoMeRMT+Db2U+mQvKuS
+Oz+MHhO8YnOz9GFbQShqiCFj4zTU/0Ga/BY8Y52lURftt/QIXo+7Vg==
+-----END RSA PRIVATE KEY-----

data/spec/server_hello_spec.rb CHANGED

@@ -187,7 +187,7 @@ RSpec.describe ServerHello do
     let(:message) do
       sh = ServerHello.deserialize(TESTBINARY_SERVER_HELLO)
       extensions = sh.instance_variable_get(:@extensions)
-      extensions[ExtensionType::SUPPORTED_VERSIONS] = nil
+      extensions.delete(ExtensionType::SUPPORTED_VERSIONS)
       sh.instance_variable_set(:@extensions, extensions)
       sh
     end

data/spec/spec_helper.rb CHANGED

@@ -4,6 +4,7 @@
 RSpec.configure(&:disable_monkey_patching!)
 # rubocop: disable Style/MixinUsage
+require 'date'
 require 'tttls1.3'
 include TTTLS13
 include TTTLS13::Error
@@ -41,10 +42,43 @@ TESTBINARY_SERVER_NAME = <
   00 0d 00 00 0a 67 69 74     68 75 62 2e 63 6f 6d
 BIN
-TESTBINARY_STATUS_REQUEST = <<BIN.split.map(&:hex).map(&:chr).join
+TESTBINARY_OCSP_STATUS_REQUEST = <<BIN.split.map(&:hex).map(&:chr).join
   01 00 00 00 00
 BIN
+TESTBINARY_OCSP_RESPONSE = <<BIN.split.map(&:hex).map(&:chr).join
+  01 00 01 d0 30 82 01 cc     0a 01 00 a0 82 01 c5 30
+  82 01 c1 06 09 2b 06 01     05 05 07 30 01 01 04 82
+  01 b2 30 82 01 ae 30 81     97 a1 16 30 14 31 12 30
+  10 06 03 55 04 03 0c 09     74 65 73 74 2d 6f 63 73
+  70 18 0f 32 30 31 39 31     31 32 38 32 30 34 32 32
+  38 5a 30 6c 30 6a 30 42     30 09 06 05 2b 0e 03 02
+  1a 05 00 04 14 71 02 ca     0e ca 3e be d8 31 e6 37
+  40 80 9e 37 f6 da 9f a5     27 04 14 ac c2 63 89 fe
+  4d c6 08 1f 1f 4d 77 9e     12 7a bf 32 b6 d6 12 02
+  09 00 cf 1a 4c 8a cc cc     78 33 80 00 18 0f 32 30
+  31 39 31 31 32 38 32 30     34 32 32 38 5a a0 11 18
+  0f 32 30 32 39 31 31 32     38 32 30 34 32 32 38 5a
+  30 0d 06 09 2a 86 48 86     f7 0d 01 01 05 05 00 03
+  82 01 01 00 42 90 e2 2f     f0 25 3b cf 11 75 56 83
+  c2 dc 10 d1 e8 d3 74 67     9e df db 0e 03 36 9f 64
+  48 61 8b 50 ca 2c dd fc     82 5b 52 d5 9b 06 64 86
+  70 08 c2 0b ca c9 50 b8     42 42 19 80 8f 6e f0 42
+  92 ac 67 4f 74 fa 2a d2     f4 2f 82 15 11 71 4b bd
+  54 d0 21 fb 0a 91 d3 ba     67 5e cb 7d b2 e6 a2 da
+  30 3d b3 92 3d a9 4e 2c     f6 4a 0b 22 96 b2 1d 06
+  c3 0a c7 41 5f 9e 22 c0     e0 3f 52 cc ff be dd 52
+  80 3f 68 36 ce c0 02 df     ae ab 96 a9 be d8 51 b2
+  bd ec f9 e7 98 5e 8a 77     69 b6 f1 60 19 49 f0 58
+  26 70 2f 7b 19 cc d0 13     9e 9c ed 8a 5c 87 34 4c
+  fd bd 0f 41 3f 5c d8 1e     26 ce bb dd 17 a7 a4 37
+  8f d8 19 39 5b c9 17 18     ca c3 7a eb 5d e7 ba a1
+  12 23 d6 cb 22 0e e1 bf     9e 40 9b e3 5c b5 6b e3
+  aa 6e 93 56 4f da da a1     c6 79 13 9d 5c d6 87 2b
+  f7 6a 0f fc 2c 03 b2 41     c4 90 b8 3d 50 1c 8a 9b
+  11 1b 41 83
+BIN
 TESTBINARY_SUPPORTED_GROUPS = <<BIN.split.map(&:hex).map(&:chr).join
   00 06 00 17 00 18 00 19
 BIN

data/spec/status_request_spec.rb CHANGED

@@ -4,10 +4,10 @@
 require_relative 'spec_helper'
 using Refinements
-RSpec.describe StatusRequest do
-  context 'default status_request' do
+RSpec.describe OCSPStatusRequest do
+  context 'default OCSPStatusRequest' do
     let(:extension) do
-      StatusRequest.new
+      OCSPStatusRequest.new
     end
     it 'should be generated' do
@@ -21,9 +21,9 @@ RSpec.describe StatusRequest do
     end
   end
-  context 'valid status_request' do
+  context 'valid OCSPStatusRequest' do
     let(:extension) do
-      StatusRequest.new(responder_id_list: [], request_extensions: '')
+      OCSPStatusRequest.new(responder_id_list: [], request_extensions: [])
     end
     it 'should be generated' do
@@ -37,9 +37,9 @@ RSpec.describe StatusRequest do
     end
   end
-  context 'valid status_request, 0 length request ' do
+  context 'valid OCSPStatusRequest, 0 length request ' do
     let(:extension) do
-      StatusRequest.new(responder_id_list: nil, request_extensions: nil)
+      OCSPStatusRequest.new(responder_id_list: nil, request_extensions: nil)
     end
     it 'should be generated' do
@@ -53,9 +53,9 @@ RSpec.describe StatusRequest do
     end
   end
-  context 'valid status_request binary' do
+  context 'valid OCSPStatusRequest binary' do
     let(:extension) do
-      StatusRequest.deserialize(TESTBINARY_STATUS_REQUEST)
+      OCSPStatusRequest.deserialize(TESTBINARY_OCSP_STATUS_REQUEST)
     end
     it 'should generate valid object' do
@@ -67,7 +67,74 @@ RSpec.describe StatusRequest do
     it 'should generate serializable object' do
       expect(extension.serialize)
         .to eq ExtensionType::STATUS_REQUEST \
-               + TESTBINARY_STATUS_REQUEST.prefix_uint16_length
+               + TESTBINARY_OCSP_STATUS_REQUEST.prefix_uint16_length
+    end
+  end
+end
+RSpec.describe OCSPResponse do
+  context 'valid OCSPResponse whose status is good' do
+    let(:basic_resp) do
+      server_crt = OpenSSL::X509::Certificate.new(
+        File.read(__dir__ + '/fixtures/rsa_rsa.crt')
+      )
+      ca_crt = OpenSSL::X509::Certificate.new(
+        File.read(__dir__ + '/fixtures/rsa_ca.crt')
+      )
+      ocsp_crt = OpenSSL::X509::Certificate.new(
+        File.read(__dir__ + '/fixtures/rsa_rsa_ocsp.crt')
+      )
+      ocsp_key = OpenSSL::PKey.read(
+        File.read(__dir__ + '/fixtures/rsa_rsa_ocsp.key')
+      )
+      br = OpenSSL::OCSP::BasicResponse.new
+      cid = OpenSSL::OCSP::CertificateId.new(server_crt, ca_crt)
+      br.add_status(
+        cid,
+        OpenSSL::OCSP::V_CERTSTATUS_GOOD,
+        0,
+        nil,
+        Time.now,
+        DateTime.now.next_day(1).to_time,
+        []
+      )
+      br.sign(ocsp_crt, ocsp_key)
+      br
+    end
+    let(:ocsp_response) do
+      OpenSSL::OCSP::Response.create(
+        OpenSSL::OCSP::RESPONSE_STATUS_SUCCESSFUL,
+        basic_resp
+      )
+    end
+    let(:extension) do
+      OCSPResponse.new(ocsp_response)
+    end
+    it 'should be generated' do
+      expect(extension.extension_type).to eq ExtensionType::STATUS_REQUEST
+      expect(extension.ocsp_response).to eq ocsp_response
+    end
+    it 'should be serialized' do
+      binary = CertificateStatusType::OCSP \
+               + ocsp_response.to_der.prefix_uint24_length
+      expect(extension.serialize).to eq ExtensionType::STATUS_REQUEST \
+                                        + binary.prefix_uint16_length
+    end
+  end
+  context 'valid OCSPResponse binary' do
+    let(:extension) do
+      OCSPResponse.deserialize(TESTBINARY_OCSP_RESPONSE)
+    end
+    it 'should generate valid object' do
+      expect(extension.extension_type).to eq ExtensionType::STATUS_REQUEST
     end
   end
 end

data/tttls1.3.gemspec CHANGED

@@ -9,7 +9,7 @@ Gem::Specification.new do |spec|
   spec.version       = TTTLS13::VERSION
   spec.authors       = ['thekuwayama']
   spec.email         = ['thekuwayama@gmail.com']
-  spec.summary       = 'TLS 1.3 implementation in Ruby'
+  spec.summary       = 'TLS 1.3 implementation in Ruby (Tiny Trial TLS1.3 aka tttls1.3)'
   spec.description   = spec.summary
   spec.homepage      = 'https://github.com/thekuwayama/tttls1.3'
   spec.license       = 'MIT'

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tttls1.3
 version: !ruby/object:Gem::Version
-  version: 0.2.9
+  version: 0.2.14
 platform: ruby
 authors:
 - thekuwayama
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-09-23 00:00:00.000000000 Z
+date: 2020-07-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -52,17 +52,17 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: TLS 1.3 implementation in Ruby
+description: TLS 1.3 implementation in Ruby (Tiny Trial TLS1.3 aka tttls1.3)
 email:
 - thekuwayama@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ci.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
-- ".travis.yml"
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -73,9 +73,9 @@ files:
 - example/https_client_using_0rtt.rb
 - example/https_client_using_hrr.rb
 - example/https_client_using_hrr_and_ticket.rb
+- example/https_client_using_status_request.rb
 - example/https_client_using_ticket.rb
 - example/https_server.rb
-- interop/Dockerfile
 - interop/client_spec.rb
 - interop/helper.rb
 - interop/server_spec.rb
@@ -145,6 +145,8 @@ files:
 - spec/fixtures/rsa_ca.key
 - spec/fixtures/rsa_rsa.crt
 - spec/fixtures/rsa_rsa.key
+- spec/fixtures/rsa_rsa_ocsp.crt
+- spec/fixtures/rsa_rsa_ocsp.key
 - spec/fixtures/rsa_rsassaPss.crt
 - spec/fixtures/rsa_rsassaPss.key
 - spec/fixtures/rsa_secp256r1.crt
@@ -177,7 +179,7 @@ homepage: https://github.com/thekuwayama/tttls1.3
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -192,10 +194,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key:
+rubygems_version: 3.1.2
+signing_key:
 specification_version: 4
-summary: TLS 1.3 implementation in Ruby
+summary: TLS 1.3 implementation in Ruby (Tiny Trial TLS1.3 aka tttls1.3)
 test_files:
 - spec/aead_spec.rb
 - spec/alert_spec.rb
@@ -218,6 +220,8 @@ test_files:
 - spec/fixtures/rsa_ca.key
 - spec/fixtures/rsa_rsa.crt
 - spec/fixtures/rsa_rsa.key
+- spec/fixtures/rsa_rsa_ocsp.crt
+- spec/fixtures/rsa_rsa_ocsp.key
 - spec/fixtures/rsa_rsassaPss.crt
 - spec/fixtures/rsa_rsassaPss.key
 - spec/fixtures/rsa_secp256r1.crt

data/.travis.yml DELETED

@@ -1,18 +0,0 @@
-sudo: false
-language: ruby
-rvm:
-  - 2.6.3
-  - 2.6.4
-  - 2.7.0-preview1
-matrix:
-  allow_failures:
-    - rvm: ruby-2.7.0-preview1
-before_install:
-  - gem install bundler -v 2.0.1
-  - bundle install
-script: bundle exec rake

data/interop/Dockerfile DELETED

@@ -1,28 +0,0 @@
-FROM ubuntu:18.04
-ARG version="1.1.1c"
-RUN apt-get update && apt-get install -y --no-install-recommends \
-        autoconf \
-        bison \
-        build-essential \
-        ca-certificates \
-        curl \
-        gzip \
-        libreadline-dev \
-        patch \
-        pkg-config \
-        sed \
-        zlib1g-dev
-RUN mkdir -p /build/openssl
-RUN curl -s https://www.openssl.org/source/openssl-${version}.tar.gz | tar -C /build/openssl -xzf - && \
-        cd /build/openssl/openssl-${version} && \
-        ./Configure \
-        --prefix=/opt/openssl/openssl-${version} \
-        enable-crypto-mdebug enable-crypto-mdebug-backtrace \
-        linux-x86_64 && \
-        make && make install_sw
-ENV LD_LIBRARY_PATH /opt/openssl/openssl-${version}/lib
-ENV PATH /opt/openssl/openssl-${version}/bin:$PATH