varanus 0.2.1 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 21d141fb4a79d1be189992feb7ef7aec763e488024e516736dc2e9e9398bbb57
-  data.tar.gz: 2eee7f27b14b98d0d1fcd061b16943be273c0f219a54440fbbab8fca601aebb7
+  metadata.gz: 230026bcb2def2b083ca884cd2302daf51407b6d57aa212c66d208d29a335b11
+  data.tar.gz: 69728f0eb64f2735e32bfa4b1d77e8bd4fde87b47f3f6e029a7ccbe441d85f3f
 SHA512:
-  metadata.gz: 376cb245e647b3efc042495142c80c72e90d2fe4155d214560ca6788d3d2e0a619c4a91d37e304cf79d914e24bf79117256243f9023a206d4b93ff9439700248
-  data.tar.gz: b83f3beb482ab7660d9fa0ffb4a8ee0593113823746f07a7aeb617c8900cbb27a773d9a7109917efc852d2de92a8f898f3a80d8af740ee29cc84c4b217b564da
+  metadata.gz: 6708842c8291bedf4b3d71d29b7437aba40ea1d1148e090f023eff5ba130abe8e74f278c95a67d39ca8346e37574a576f693e9caee946b02a68f58e4811ac636
+  data.tar.gz: 6db3621c1415feafb91eb3eb46407a240942f142d5b5aea3024bd44c644bf2232d73155c5908da51f7e85f6affc23533626e281d12848c8cd9293b4265517695

data/.rubocop.yml

@@ -1,9 +1,15 @@
 AllCops:
-  TargetRubyVersion: 2.3
+  NewCops: disable
+  TargetRubyVersion: 2.5
 
 Bundler/OrderedGems:
   AutoCorrect: false
 
+Layout/LineLength:
+  Max: 90
+  Exclude:
+    - 'test/**/*'
+
 Metrics/AbcSize:
   Max: 25
   Exclude:
@@ -14,11 +20,6 @@ Metrics/ClassLength:
   Exclude:
     - 'test/**/*'
 
-Metrics/LineLength:
-  Max: 90
-  Exclude:
-    - 'test/**/*'
-
 Metrics/MethodLength:
   Max: 20
   Exclude:

data/CHANGELOG.md

@@ -1,4 +1,7 @@
-### 0.2.1 (2018-22-13)
+### 0.3.0 (2020-08-24)
+* Add support for new 'Short Life' certs
+
+### 0.2.1 (2018-11-13)
 * Increase timeout value for SSL requests
 
 ### 0.2.0 (2018-11-09)

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    varanus (0.2.0)
+    varanus (0.3.0)
       faraday
       faraday_middleware
       savon (~> 2.0)
@@ -14,7 +14,7 @@ GEM
     akami (1.3.1)
       gyoku (>= 0.4.0)
       nokogiri
-    ast (2.4.0)
+    ast (2.4.1)
     builder (3.2.3)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
@@ -29,7 +29,6 @@ GEM
     httpi (2.4.4)
       rack
       socksify
-    jaro_winkler (1.5.1)
     json (2.1.0)
     metaclass (0.0.4)
     mini_portile2 (2.3.0)
@@ -42,23 +41,27 @@ GEM
     nokogiri (1.8.5)
       mini_portile2 (~> 2.3.0)
     nori (2.6.0)
-    parallel (1.12.1)
-    parser (2.5.3.0)
-      ast (~> 2.4.0)
-    powerpack (0.1.2)
+    parallel (1.19.2)
+    parser (2.7.1.4)
+      ast (~> 2.4.1)
     public_suffix (3.0.3)
     rack (2.0.6)
     rainbow (3.0.0)
     rake (10.5.0)
-    rubocop (0.60.0)
-      jaro_winkler (~> 1.5.1)
+    regexp_parser (1.7.1)
+    rexml (3.2.4)
+    rubocop (0.89.1)
       parallel (~> 1.10)
-      parser (>= 2.5, != 2.5.1.1)
-      powerpack (~> 0.1)
+      parser (>= 2.7.1.1)
       rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.7)
+      rexml
+      rubocop-ast (>= 0.3.0, < 1.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (~> 1.4.0)
-    ruby-progressbar (1.10.0)
+      unicode-display_width (>= 1.4.0, < 2.0)
+    rubocop-ast (0.3.0)
+      parser (>= 2.7.1.4)
+    ruby-progressbar (1.10.1)
     safe_yaml (1.0.4)
     savon (2.12.0)
       akami (~> 1.2)
@@ -74,7 +77,7 @@ GEM
       simplecov-html (~> 0.10.0)
     simplecov-html (0.10.2)
     socksify (1.7.1)
-    unicode-display_width (1.4.0)
+    unicode-display_width (1.7.0)
     wasabi (3.5.0)
       httpi (~> 2.0)
       nokogiri (>= 1.4.2)
@@ -100,4 +103,4 @@ DEPENDENCIES
   yard
 
 BUNDLED WITH
-   1.17.1
+   1.17.3

data/docker-compose.yml

@@ -1,7 +1,7 @@
 version: '3'
 services:
   console:
-    image: ruby:2.3
+    image: ruby:2.5
     volumes:
       - .:/app:z
     hostname: varanus-dev

data/lib/varanus/ssl.rb

@@ -11,19 +11,15 @@ class Varanus::SSL
   # Returns the option from #certificate_types that best matches the csr.
   # @param csr [Varanus::SSL::CSR]
   # @return [Hash] The option from {#certificate_types} that best matches the csr
-  def certificate_type_from_csr csr
-    # first exclude certificate types we don't want
-    types = certificate_types.reject do |ct|
-      ct['name'] =~ /\b(?:EV|ECC|AMT|Elite)\b/
-    end
-    if csr.all_names.any? { |n| n.start_with?('*.') }
-      types.find { |ct| ct['name'] =~ /Wildcard.+SSL/i }
-    elsif csr.subject_alt_names.any?
-      types.find { |ct| ct['name'] =~ /Multi.?Domain.+SSL/i }
-    else
-      types.find do |ct|
-        ct['name'] =~ /\bSSL\b/ && ct['name'] !~ /(?:Multi.?Domain|Wildcard)/i
-      end
+  def certificate_type_from_csr csr, days = nil
+    types = certificate_types_standard(days)
+    return types.first if types.length <= 1
+
+    regexp = cert_type_regexp(csr)
+    return types.find { |ct| ct['name'] =~ regexp } if regexp
+
+    types.find do |ct|
+      ct['name'] =~ /\bSSL\b/ && ct['name'] !~ /(?:Multi.?Domain|Wildcard)/i
     end
   end
 
@@ -33,6 +29,18 @@ class Varanus::SSL
     @certificate_types ||= get('types')
   end
 
+  # Return Array of certificate types based on standard sorting.
+  # @param days [Integer] if present, only include types that support the given day count
+  # @return [Array<Hash>]
+  def certificate_types_standard days = nil
+    types = certificate_types.reject do |ct|
+      ct['name'] =~ /\b(?:EV|ECC|AMT|Elite)\b/
+    end
+    types = types.select! { |t| t['terms'].include? days } unless days.nil?
+
+    types
+  end
+
   # Retrieves the cert.
   # @param id [Integer] As returned by {#sign}
   # @param type [String]
@@ -75,6 +83,7 @@ class Varanus::SSL
   #   specified, lowest allowed for the cert type will be used)
   # @return [Integer] Id of SSL cert.
   def sign csr, org_id, opts = {}
+    opts[:days] ||= opts[:years] * 365 unless opts[:years].nil?
     csr = Varanus::SSL::CSR.new(csr) unless csr.is_a?(Varanus::SSL::CSR)
     cert_type_id = opts_to_cert_type_id opts, csr
     args = {
@@ -92,6 +101,14 @@ class Varanus::SSL
 
   private
 
+  def cert_type_regexp csr
+    return /Wildcard.+SSL/i if csr.all_names.any? { |n| n.start_with?('*.') }
+
+    return /Multi.?Domain.+SSL/i if csr.subject_alt_names.any?
+
+    nil
+  end
+
   def check_result result
     body = result.body
     return unless body.is_a?(Hash)
@@ -132,7 +149,7 @@ class Varanus::SSL
     when String
       certificate_types.find { |ct| ct['name'] == opts[:cert_type] }['id']
     else
-      certificate_type_from_csr(csr)['id']
+      certificate_type_from_csr(csr, opts[:days])['id']
     end
   end
 
@@ -144,7 +161,6 @@ class Varanus::SSL
 
   def opts_to_term opts, cert_type_id
     term = opts[:days]
-    term ||= opts[:years] * 365 unless opts[:years].nil?
     term ||= certificate_types.find { |ct| ct['id'] == cert_type_id }['terms'].min
     term
   end

data/lib/varanus/ssl/csr.rb

@@ -25,18 +25,23 @@ class Varanus::SSL::CSR
     request = OpenSSL::X509::Request.new
     request.version = 0
     request.subject = OpenSSL::X509::Name.parse subject.map { |k, v| "/#{k}=#{v}" }.join
+    request.add_attribute names_to_san_attribute(names)
+    request.public_key = key.public_key
+
+    request.sign(key, OpenSSL::Digest::SHA256.new)
+
+    [key, Varanus::SSL::CSR.new(request)]
+  end
 
-    # Set Subject Alternate Names
+  # :nodoc:
+  # Create a Subject Alternate Names attribute from an Array of dns names
+  def self.names_to_san_attribute names
     ef = OpenSSL::X509::ExtensionFactory.new
     name_str = names.map { |n| "DNS:#{n}" }.join(', ')
     ext = ef.create_extension('subjectAltName', name_str, false)
     seq = OpenSSL::ASN1::Sequence([ext])
     ext_req = OpenSSL::ASN1::Set([seq])
-    request.add_attribute OpenSSL::X509::Attribute.new('extReq', ext_req)
-
-    request.public_key = key.public_key
-    request.sign(key, OpenSSL::Digest::SHA256.new)
-    [key, Varanus::SSL::CSR.new(request)]
+    OpenSSL::X509::Attribute.new('extReq', ext_req)
   end
 
   # Common Name (CN) for cert.

data/lib/varanus/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 class Varanus
-  VERSION = '0.2.1'
+  VERSION = '0.3.0'
 end

data/varanus.gemspec

@@ -4,7 +4,6 @@ lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'varanus/version'
 
-# rubocop:disable Metrics/BlockLength
 Gem::Specification.new do |spec|
   spec.name          = 'varanus'
   spec.version       = Varanus::VERSION
@@ -28,7 +27,7 @@ Gem::Specification.new do |spec|
     `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
   spec.require_paths = ['lib']
-  spec.required_ruby_version = '>= 2.3.0'
+  spec.required_ruby_version = '>= 2.5.0'
 
   spec.add_development_dependency 'bundler', '~> 1.16'
   spec.add_development_dependency 'minitest', '~> 5.0'
@@ -44,4 +43,3 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency 'faraday_middleware'
   spec.add_runtime_dependency 'savon', '~> 2.0'
 end
-# rubocop:enable Metrics/BlockLength

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: varanus
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.3.0
 platform: ruby
 authors:
 - Sean Dilda
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-11-13 00:00:00.000000000 Z
+date: 2020-08-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -222,15 +222,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.3.0
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.8
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Interface for Sectigo's (formerly Comodo CA) API.