summaryrefslogtreecommitdiff
path: root/vendor/certificate_authority
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2016-06-21 15:08:54 -0700
committerelijah <elijah@riseup.net>2016-06-21 15:08:54 -0700
commit7258edade9422fdfba1311be779d2ba40d2d042c (patch)
treeac7e0a5589865fd56035cca0731d9df31fe2b9bd /vendor/certificate_authority
parent470ddd6f461d5659b746724864f16aaf206532e2 (diff)
remove ActiveModel and ActiveSupport dependency (yeah!)
Diffstat (limited to 'vendor/certificate_authority')
-rw-r--r--vendor/certificate_authority/certificate_authority.gemspec19
-rw-r--r--vendor/certificate_authority/lib/certificate_authority.rb3
-rw-r--r--vendor/certificate_authority/lib/certificate_authority/certificate.rb8
-rw-r--r--vendor/certificate_authority/lib/certificate_authority/certificate_revocation_list.rb12
-rw-r--r--vendor/certificate_authority/lib/certificate_authority/core_extensions.rb46
-rw-r--r--vendor/certificate_authority/lib/certificate_authority/distinguished_name.rb8
-rw-r--r--vendor/certificate_authority/lib/certificate_authority/extensions.rb13
-rw-r--r--vendor/certificate_authority/lib/certificate_authority/key_material.rb20
-rw-r--r--vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb6
-rw-r--r--vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb2
-rw-r--r--vendor/certificate_authority/lib/certificate_authority/serial_number.rb10
-rw-r--r--vendor/certificate_authority/lib/certificate_authority/validations.rb31
12 files changed, 136 insertions, 42 deletions
diff --git a/vendor/certificate_authority/certificate_authority.gemspec b/vendor/certificate_authority/certificate_authority.gemspec
index b7e8676..71ffb4a 100644
--- a/vendor/certificate_authority/certificate_authority.gemspec
+++ b/vendor/certificate_authority/certificate_authority.gemspec
@@ -2,15 +2,17 @@
# DO NOT EDIT THIS FILE DIRECTLY
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
# -*- encoding: utf-8 -*-
+# stub: certificate_authority 0.2.0 ruby lib
Gem::Specification.new do |s|
s.name = "certificate_authority"
s.version = "0.2.0"
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+ s.require_paths = ["lib"]
s.authors = ["Chris Chandler"]
- s.date = "2012-09-16"
- s.email = "chris@flatterline.com"
+ s.date = "2016-06-21"
+ s.email = "squanderingtime@gmail.com"
s.extra_rdoc_files = [
"README.rdoc"
]
@@ -24,6 +26,7 @@ Gem::Specification.new do |s|
"lib/certificate_authority.rb",
"lib/certificate_authority/certificate.rb",
"lib/certificate_authority/certificate_revocation_list.rb",
+ "lib/certificate_authority/core_extensions.rb",
"lib/certificate_authority/distinguished_name.rb",
"lib/certificate_authority/extensions.rb",
"lib/certificate_authority/key_material.rb",
@@ -33,6 +36,7 @@ Gem::Specification.new do |s|
"lib/certificate_authority/serial_number.rb",
"lib/certificate_authority/signing_entity.rb",
"lib/certificate_authority/signing_request.rb",
+ "lib/certificate_authority/validations.rb",
"lib/tasks/certificate_authority.rake",
"spec/samples/certs/DigiCertHighAssuranceEVCA-1.pem",
"spec/samples/certs/apple_wwdr_issued_cert.pem",
@@ -63,27 +67,20 @@ Gem::Specification.new do |s|
]
s.homepage = "https://github.com/cchandler/certificate_authority"
s.licenses = ["MIT"]
- s.require_paths = ["lib"]
- s.rubygems_version = "1.8.15"
+ s.rubygems_version = "2.2.2"
s.summary = "Ruby gem for managing the core functions outlined in RFC-3280 for PKI"
if s.respond_to? :specification_version then
- s.specification_version = 3
+ s.specification_version = 4
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
- s.add_runtime_dependency(%q<activemodel>, [">= 3.0.6"])
- s.add_runtime_dependency(%q<activesupport>, [">= 3.0.6"])
s.add_development_dependency(%q<rspec>, [">= 0"])
s.add_development_dependency(%q<jeweler>, [">= 1.5.2"])
else
- s.add_dependency(%q<activemodel>, [">= 3.0.6"])
- s.add_dependency(%q<activesupport>, [">= 3.0.6"])
s.add_dependency(%q<rspec>, [">= 0"])
s.add_dependency(%q<jeweler>, [">= 1.5.2"])
end
else
- s.add_dependency(%q<activemodel>, [">= 3.0.6"])
- s.add_dependency(%q<activesupport>, [">= 3.0.6"])
s.add_dependency(%q<rspec>, [">= 0"])
s.add_dependency(%q<jeweler>, [">= 1.5.2"])
end
diff --git a/vendor/certificate_authority/lib/certificate_authority.rb b/vendor/certificate_authority/lib/certificate_authority.rb
index a697c1b..c52e4b6 100644
--- a/vendor/certificate_authority/lib/certificate_authority.rb
+++ b/vendor/certificate_authority/lib/certificate_authority.rb
@@ -2,11 +2,12 @@ $:.unshift(File.dirname(__FILE__)) unless $:.include?(File.dirname(__FILE__)) ||
#Exterior requirements
require 'openssl'
-require 'active_model'
#Internal modules
+require 'certificate_authority/core_extensions'
require 'certificate_authority/signing_entity'
require 'certificate_authority/revocable'
+require 'certificate_authority/validations'
require 'certificate_authority/distinguished_name'
require 'certificate_authority/serial_number'
require 'certificate_authority/key_material'
diff --git a/vendor/certificate_authority/lib/certificate_authority/certificate.rb b/vendor/certificate_authority/lib/certificate_authority/certificate.rb
index 496d91e..cdf432c 100644
--- a/vendor/certificate_authority/lib/certificate_authority/certificate.rb
+++ b/vendor/certificate_authority/lib/certificate_authority/certificate.rb
@@ -1,6 +1,6 @@
module CertificateAuthority
class Certificate
- include ActiveModel::Validations
+ include Validations
include Revocable
attr_accessor :distinguished_name
@@ -15,7 +15,7 @@ module CertificateAuthority
attr_accessor :parent
- validate do |certificate|
+ def validate
errors.add :base, "Distinguished name must be valid" unless distinguished_name.valid?
errors.add :base, "Key material must be valid" unless key_material.valid?
errors.add :base, "Serial number must be valid" unless serial_number.valid?
@@ -32,8 +32,8 @@ module CertificateAuthority
self.distinguished_name = DistinguishedName.new
self.serial_number = SerialNumber.new
self.key_material = MemoryKeyMaterial.new
- self.not_before = Time.now
- self.not_after = Time.now + 60 * 60 * 24 * 365 # One year
+ self.not_before = Date.today.utc
+ self.not_after = Date.today.advance(:years => 1).utc
self.parent = self
self.extensions = load_extensions()
diff --git a/vendor/certificate_authority/lib/certificate_authority/certificate_revocation_list.rb b/vendor/certificate_authority/lib/certificate_authority/certificate_revocation_list.rb
index c84d588..cb3aaf7 100644
--- a/vendor/certificate_authority/lib/certificate_authority/certificate_revocation_list.rb
+++ b/vendor/certificate_authority/lib/certificate_authority/certificate_revocation_list.rb
@@ -1,20 +1,22 @@
module CertificateAuthority
class CertificateRevocationList
- include ActiveModel::Validations
+ include Validations
attr_accessor :certificates
attr_accessor :parent
attr_accessor :crl_body
attr_accessor :next_update
+ attr_accessor :last_update_skew_seconds
- validate do |crl|
- errors.add :next_update, "Next update must be a positive value" if crl.next_update < 0
- errors.add :parent, "A parent entity must be set" if crl.parent.nil?
+ def validate
+ errors.add :next_update, "Next update must be a positive value" if self.next_update < 0
+ errors.add :parent, "A parent entity must be set" if self.parent.nil?
end
def initialize
self.certificates = []
self.next_update = 60 * 60 * 4 # 4 hour default
+ self.last_update_skew_seconds = 0
end
def <<(revocable)
@@ -54,7 +56,7 @@ module CertificateAuthority
end
crl.version = 1
- crl.last_update = Time.now
+ crl.last_update = Time.now - self.last_update_skew_seconds
crl.next_update = Time.now + self.next_update
signing_cert = OpenSSL::X509::Certificate.new(self.parent.to_pem)
diff --git a/vendor/certificate_authority/lib/certificate_authority/core_extensions.rb b/vendor/certificate_authority/lib/certificate_authority/core_extensions.rb
new file mode 100644
index 0000000..0508f9a
--- /dev/null
+++ b/vendor/certificate_authority/lib/certificate_authority/core_extensions.rb
@@ -0,0 +1,46 @@
+#
+# ActiveSupport has these modifications. Now that we don't use ActiveSupport,
+# these are added here as a kindness.
+#
+
+require 'date'
+
+unless nil.respond_to?(:blank?)
+ class NilClass
+ def blank?
+ true
+ end
+ end
+end
+
+unless String.respond_to?(:blank?)
+ class String
+ def blank?
+ self.empty?
+ end
+ end
+end
+
+class Date
+
+ def today
+ t = Time.now.utc
+ Date.new(t.year, t.month, t.day)
+ end
+
+ def utc
+ self.to_datetime.to_time.utc
+ end
+
+ unless Date.respond_to?(:advance)
+ def advance(options)
+ options = options.dup
+ d = self
+ d = d >> options.delete(:years) * 12 if options[:years]
+ d = d >> options.delete(:months) if options[:months]
+ d = d + options.delete(:weeks) * 7 if options[:weeks]
+ d = d + options.delete(:days) if options[:days]
+ d
+ end
+ end
+end
diff --git a/vendor/certificate_authority/lib/certificate_authority/distinguished_name.rb b/vendor/certificate_authority/lib/certificate_authority/distinguished_name.rb
index 32d9c1e..3b83582 100644
--- a/vendor/certificate_authority/lib/certificate_authority/distinguished_name.rb
+++ b/vendor/certificate_authority/lib/certificate_authority/distinguished_name.rb
@@ -1,8 +1,12 @@
module CertificateAuthority
class DistinguishedName
- include ActiveModel::Validations
+ include Validations
- validates_presence_of :common_name
+ def validate
+ if self.common_name.nil? || self.common_name.empty?
+ errors.add :common_name, 'cannot be blank'
+ end
+ end
attr_accessor :common_name
alias :cn :common_name
diff --git a/vendor/certificate_authority/lib/certificate_authority/extensions.rb b/vendor/certificate_authority/lib/certificate_authority/extensions.rb
index 7bc4fab..2b9478b 100644
--- a/vendor/certificate_authority/lib/certificate_authority/extensions.rb
+++ b/vendor/certificate_authority/lib/certificate_authority/extensions.rb
@@ -31,13 +31,20 @@ module CertificateAuthority
OPENSSL_IDENTIFIER = "basicConstraints"
include ExtensionAPI
- include ActiveModel::Validations
+ include Validations
attr_accessor :critical
attr_accessor :ca
attr_accessor :path_len
- validates :critical, :inclusion => [true,false]
- validates :ca, :inclusion => [true,false]
+
+ def validate
+ unless [true, false].include? self.critical
+ errors.add :critical, 'must be true or false'
+ end
+ unless [true, false].include? self.ca
+ errors.add :ca, 'must be true or false'
+ end
+ end
def initialize
@critical = false
diff --git a/vendor/certificate_authority/lib/certificate_authority/key_material.rb b/vendor/certificate_authority/lib/certificate_authority/key_material.rb
index 1fd4dd9..ae3a530 100644
--- a/vendor/certificate_authority/lib/certificate_authority/key_material.rb
+++ b/vendor/certificate_authority/lib/certificate_authority/key_material.rb
@@ -38,7 +38,7 @@ module CertificateAuthority
class MemoryKeyMaterial
include KeyMaterial
- include ActiveModel::Validations
+ include Validations
attr_accessor :keypair
attr_accessor :private_key
@@ -47,11 +47,13 @@ module CertificateAuthority
def initialize
end
- validates_each :private_key do |record, attr, value|
- record.errors.add :private_key, "cannot be blank" if record.private_key.nil?
- end
- validates_each :public_key do |record, attr, value|
- record.errors.add :public_key, "cannot be blank" if record.public_key.nil?
+ def validate
+ if private_key.nil?
+ errors.add :private_key, "cannot be blank"
+ end
+ if public_key.nil?
+ errors.add :public_key, "cannot be blank"
+ end
end
def is_in_hardware?
@@ -80,10 +82,10 @@ module CertificateAuthority
class SigningRequestKeyMaterial
include KeyMaterial
- include ActiveModel::Validations
+ include Validations
- validates_each :public_key do |record, attr, value|
- record.errors.add :public_key, "cannot be blank" if record.public_key.nil?
+ def validate
+ errors.add :public_key, "cannot be blank" if public_key.nil?
end
attr_accessor :public_key
diff --git a/vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb b/vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb
index e101f98..0f2661c 100644
--- a/vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb
+++ b/vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb
@@ -68,7 +68,7 @@ module CertificateAuthority
## DEPRECATED
class OCSPHandler
- include ActiveModel::Validations
+ include Validations
attr_accessor :ocsp_request
attr_accessor :certificate_ids
@@ -78,10 +78,10 @@ module CertificateAuthority
attr_accessor :ocsp_response_body
- validate do |crl|
+ def validate
errors.add :parent, "A parent entity must be set" if parent.nil?
+ all_certificates_available
end
- validate :all_certificates_available
def initialize
self.certificates = {}
diff --git a/vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb b/vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb
index d4ebc47..8a83f0e 100644
--- a/vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb
+++ b/vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb
@@ -1,8 +1,6 @@
module CertificateAuthority
class Pkcs11KeyMaterial
include KeyMaterial
- include ActiveModel::Validations
- include ActiveModel::Serialization
attr_accessor :engine
attr_accessor :token_id
diff --git a/vendor/certificate_authority/lib/certificate_authority/serial_number.rb b/vendor/certificate_authority/lib/certificate_authority/serial_number.rb
index b9a43cc..99f3002 100644
--- a/vendor/certificate_authority/lib/certificate_authority/serial_number.rb
+++ b/vendor/certificate_authority/lib/certificate_authority/serial_number.rb
@@ -2,12 +2,18 @@ require 'securerandom'
module CertificateAuthority
class SerialNumber
- include ActiveModel::Validations
+ include Validations
include Revocable
attr_accessor :number
- validates :number, :presence => true, :numericality => {:greater_than => 0}
+ def validate
+ if self.number.nil?
+ errors.add :number, "must not be empty"
+ elsif self.number.to_i <= 0
+ errors.add :number, "must be greater than zero"
+ end
+ end
def initialize
self.number = SecureRandom.random_number(2**128-1)
diff --git a/vendor/certificate_authority/lib/certificate_authority/validations.rb b/vendor/certificate_authority/lib/certificate_authority/validations.rb
new file mode 100644
index 0000000..a429c96
--- /dev/null
+++ b/vendor/certificate_authority/lib/certificate_authority/validations.rb
@@ -0,0 +1,31 @@
+#
+# This is a super simple replacement for ActiveSupport::Validations
+#
+
+module CertificateAuthority
+ class Errors < Array
+ def add(symbol, msg)
+ self.push([symbol, msg])
+ end
+ def full_messages
+ self.map {|i| i[0].to_s + ": " + i[1]}.join("\n")
+ end
+ end
+
+ module Validations
+ def valid?
+ @errors = Errors.new
+ validate
+ errors.empty?
+ end
+
+ # must be overridden
+ def validate
+ raise NotImplementedError
+ end
+
+ def errors
+ @errors ||= Errors.new
+ end
+ end
+end