From 7258edade9422fdfba1311be779d2ba40d2d042c Mon Sep 17 00:00:00 2001 From: elijah Date: Tue, 21 Jun 2016 15:08:54 -0700 Subject: remove ActiveModel and ActiveSupport dependency (yeah!) --- leap_cli.gemspec | 6 --- .../certificate_authority.gemspec | 19 ++++----- .../lib/certificate_authority.rb | 3 +- .../lib/certificate_authority/certificate.rb | 8 ++-- .../certificate_revocation_list.rb | 12 +++--- .../lib/certificate_authority/core_extensions.rb | 46 ++++++++++++++++++++++ .../certificate_authority/distinguished_name.rb | 8 +++- .../lib/certificate_authority/extensions.rb | 13 ++++-- .../lib/certificate_authority/key_material.rb | 20 +++++----- .../lib/certificate_authority/ocsp_handler.rb | 6 +-- .../certificate_authority/pkcs11_key_material.rb | 2 - .../lib/certificate_authority/serial_number.rb | 10 ++++- .../lib/certificate_authority/validations.rb | 31 +++++++++++++++ 13 files changed, 136 insertions(+), 48 deletions(-) create mode 100644 vendor/certificate_authority/lib/certificate_authority/core_extensions.rb create mode 100644 vendor/certificate_authority/lib/certificate_authority/validations.rb diff --git a/leap_cli.gemspec b/leap_cli.gemspec index beeb0a4..104cb0b 100644 --- a/leap_cli.gemspec +++ b/leap_cli.gemspec @@ -72,10 +72,4 @@ spec = Gem::Specification.new do |s| s.add_runtime_dependency('json_pure', '~> 1.8') # pure ruby json, so we can better control output. s.add_runtime_dependency('base32', '~> 0.3') # base32 encoding - ## - ## DEPENDENCIES for VENDORED GEMS - ## - - # certificate_authority - s.add_runtime_dependency("activemodel", '~> 3.0', ">= 3.0.6") end diff --git a/vendor/certificate_authority/certificate_authority.gemspec b/vendor/certificate_authority/certificate_authority.gemspec index b7e8676..71ffb4a 100644 --- a/vendor/certificate_authority/certificate_authority.gemspec +++ b/vendor/certificate_authority/certificate_authority.gemspec @@ -2,15 +2,17 @@ # DO NOT EDIT THIS FILE DIRECTLY # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec' # -*- encoding: utf-8 -*- +# stub: certificate_authority 0.2.0 ruby lib Gem::Specification.new do |s| s.name = "certificate_authority" s.version = "0.2.0" s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version= + s.require_paths = ["lib"] s.authors = ["Chris Chandler"] - s.date = "2012-09-16" - s.email = "chris@flatterline.com" + s.date = "2016-06-21" + s.email = "squanderingtime@gmail.com" s.extra_rdoc_files = [ "README.rdoc" ] @@ -24,6 +26,7 @@ Gem::Specification.new do |s| "lib/certificate_authority.rb", "lib/certificate_authority/certificate.rb", "lib/certificate_authority/certificate_revocation_list.rb", + "lib/certificate_authority/core_extensions.rb", "lib/certificate_authority/distinguished_name.rb", "lib/certificate_authority/extensions.rb", "lib/certificate_authority/key_material.rb", @@ -33,6 +36,7 @@ Gem::Specification.new do |s| "lib/certificate_authority/serial_number.rb", "lib/certificate_authority/signing_entity.rb", "lib/certificate_authority/signing_request.rb", + "lib/certificate_authority/validations.rb", "lib/tasks/certificate_authority.rake", "spec/samples/certs/DigiCertHighAssuranceEVCA-1.pem", "spec/samples/certs/apple_wwdr_issued_cert.pem", @@ -63,27 +67,20 @@ Gem::Specification.new do |s| ] s.homepage = "https://github.com/cchandler/certificate_authority" s.licenses = ["MIT"] - s.require_paths = ["lib"] - s.rubygems_version = "1.8.15" + s.rubygems_version = "2.2.2" s.summary = "Ruby gem for managing the core functions outlined in RFC-3280 for PKI" if s.respond_to? :specification_version then - s.specification_version = 3 + s.specification_version = 4 if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then - s.add_runtime_dependency(%q, [">= 3.0.6"]) - s.add_runtime_dependency(%q, [">= 3.0.6"]) s.add_development_dependency(%q, [">= 0"]) s.add_development_dependency(%q, [">= 1.5.2"]) else - s.add_dependency(%q, [">= 3.0.6"]) - s.add_dependency(%q, [">= 3.0.6"]) s.add_dependency(%q, [">= 0"]) s.add_dependency(%q, [">= 1.5.2"]) end else - s.add_dependency(%q, [">= 3.0.6"]) - s.add_dependency(%q, [">= 3.0.6"]) s.add_dependency(%q, [">= 0"]) s.add_dependency(%q, [">= 1.5.2"]) end diff --git a/vendor/certificate_authority/lib/certificate_authority.rb b/vendor/certificate_authority/lib/certificate_authority.rb index a697c1b..c52e4b6 100644 --- a/vendor/certificate_authority/lib/certificate_authority.rb +++ b/vendor/certificate_authority/lib/certificate_authority.rb @@ -2,11 +2,12 @@ $:.unshift(File.dirname(__FILE__)) unless $:.include?(File.dirname(__FILE__)) || #Exterior requirements require 'openssl' -require 'active_model' #Internal modules +require 'certificate_authority/core_extensions' require 'certificate_authority/signing_entity' require 'certificate_authority/revocable' +require 'certificate_authority/validations' require 'certificate_authority/distinguished_name' require 'certificate_authority/serial_number' require 'certificate_authority/key_material' diff --git a/vendor/certificate_authority/lib/certificate_authority/certificate.rb b/vendor/certificate_authority/lib/certificate_authority/certificate.rb index 496d91e..cdf432c 100644 --- a/vendor/certificate_authority/lib/certificate_authority/certificate.rb +++ b/vendor/certificate_authority/lib/certificate_authority/certificate.rb @@ -1,6 +1,6 @@ module CertificateAuthority class Certificate - include ActiveModel::Validations + include Validations include Revocable attr_accessor :distinguished_name @@ -15,7 +15,7 @@ module CertificateAuthority attr_accessor :parent - validate do |certificate| + def validate errors.add :base, "Distinguished name must be valid" unless distinguished_name.valid? errors.add :base, "Key material must be valid" unless key_material.valid? errors.add :base, "Serial number must be valid" unless serial_number.valid? @@ -32,8 +32,8 @@ module CertificateAuthority self.distinguished_name = DistinguishedName.new self.serial_number = SerialNumber.new self.key_material = MemoryKeyMaterial.new - self.not_before = Time.now - self.not_after = Time.now + 60 * 60 * 24 * 365 # One year + self.not_before = Date.today.utc + self.not_after = Date.today.advance(:years => 1).utc self.parent = self self.extensions = load_extensions() diff --git a/vendor/certificate_authority/lib/certificate_authority/certificate_revocation_list.rb b/vendor/certificate_authority/lib/certificate_authority/certificate_revocation_list.rb index c84d588..cb3aaf7 100644 --- a/vendor/certificate_authority/lib/certificate_authority/certificate_revocation_list.rb +++ b/vendor/certificate_authority/lib/certificate_authority/certificate_revocation_list.rb @@ -1,20 +1,22 @@ module CertificateAuthority class CertificateRevocationList - include ActiveModel::Validations + include Validations attr_accessor :certificates attr_accessor :parent attr_accessor :crl_body attr_accessor :next_update + attr_accessor :last_update_skew_seconds - validate do |crl| - errors.add :next_update, "Next update must be a positive value" if crl.next_update < 0 - errors.add :parent, "A parent entity must be set" if crl.parent.nil? + def validate + errors.add :next_update, "Next update must be a positive value" if self.next_update < 0 + errors.add :parent, "A parent entity must be set" if self.parent.nil? end def initialize self.certificates = [] self.next_update = 60 * 60 * 4 # 4 hour default + self.last_update_skew_seconds = 0 end def <<(revocable) @@ -54,7 +56,7 @@ module CertificateAuthority end crl.version = 1 - crl.last_update = Time.now + crl.last_update = Time.now - self.last_update_skew_seconds crl.next_update = Time.now + self.next_update signing_cert = OpenSSL::X509::Certificate.new(self.parent.to_pem) diff --git a/vendor/certificate_authority/lib/certificate_authority/core_extensions.rb b/vendor/certificate_authority/lib/certificate_authority/core_extensions.rb new file mode 100644 index 0000000..0508f9a --- /dev/null +++ b/vendor/certificate_authority/lib/certificate_authority/core_extensions.rb @@ -0,0 +1,46 @@ +# +# ActiveSupport has these modifications. Now that we don't use ActiveSupport, +# these are added here as a kindness. +# + +require 'date' + +unless nil.respond_to?(:blank?) + class NilClass + def blank? + true + end + end +end + +unless String.respond_to?(:blank?) + class String + def blank? + self.empty? + end + end +end + +class Date + + def today + t = Time.now.utc + Date.new(t.year, t.month, t.day) + end + + def utc + self.to_datetime.to_time.utc + end + + unless Date.respond_to?(:advance) + def advance(options) + options = options.dup + d = self + d = d >> options.delete(:years) * 12 if options[:years] + d = d >> options.delete(:months) if options[:months] + d = d + options.delete(:weeks) * 7 if options[:weeks] + d = d + options.delete(:days) if options[:days] + d + end + end +end diff --git a/vendor/certificate_authority/lib/certificate_authority/distinguished_name.rb b/vendor/certificate_authority/lib/certificate_authority/distinguished_name.rb index 32d9c1e..3b83582 100644 --- a/vendor/certificate_authority/lib/certificate_authority/distinguished_name.rb +++ b/vendor/certificate_authority/lib/certificate_authority/distinguished_name.rb @@ -1,8 +1,12 @@ module CertificateAuthority class DistinguishedName - include ActiveModel::Validations + include Validations - validates_presence_of :common_name + def validate + if self.common_name.nil? || self.common_name.empty? + errors.add :common_name, 'cannot be blank' + end + end attr_accessor :common_name alias :cn :common_name diff --git a/vendor/certificate_authority/lib/certificate_authority/extensions.rb b/vendor/certificate_authority/lib/certificate_authority/extensions.rb index 7bc4fab..2b9478b 100644 --- a/vendor/certificate_authority/lib/certificate_authority/extensions.rb +++ b/vendor/certificate_authority/lib/certificate_authority/extensions.rb @@ -31,13 +31,20 @@ module CertificateAuthority OPENSSL_IDENTIFIER = "basicConstraints" include ExtensionAPI - include ActiveModel::Validations + include Validations attr_accessor :critical attr_accessor :ca attr_accessor :path_len - validates :critical, :inclusion => [true,false] - validates :ca, :inclusion => [true,false] + + def validate + unless [true, false].include? self.critical + errors.add :critical, 'must be true or false' + end + unless [true, false].include? self.ca + errors.add :ca, 'must be true or false' + end + end def initialize @critical = false diff --git a/vendor/certificate_authority/lib/certificate_authority/key_material.rb b/vendor/certificate_authority/lib/certificate_authority/key_material.rb index 1fd4dd9..ae3a530 100644 --- a/vendor/certificate_authority/lib/certificate_authority/key_material.rb +++ b/vendor/certificate_authority/lib/certificate_authority/key_material.rb @@ -38,7 +38,7 @@ module CertificateAuthority class MemoryKeyMaterial include KeyMaterial - include ActiveModel::Validations + include Validations attr_accessor :keypair attr_accessor :private_key @@ -47,11 +47,13 @@ module CertificateAuthority def initialize end - validates_each :private_key do |record, attr, value| - record.errors.add :private_key, "cannot be blank" if record.private_key.nil? - end - validates_each :public_key do |record, attr, value| - record.errors.add :public_key, "cannot be blank" if record.public_key.nil? + def validate + if private_key.nil? + errors.add :private_key, "cannot be blank" + end + if public_key.nil? + errors.add :public_key, "cannot be blank" + end end def is_in_hardware? @@ -80,10 +82,10 @@ module CertificateAuthority class SigningRequestKeyMaterial include KeyMaterial - include ActiveModel::Validations + include Validations - validates_each :public_key do |record, attr, value| - record.errors.add :public_key, "cannot be blank" if record.public_key.nil? + def validate + errors.add :public_key, "cannot be blank" if public_key.nil? end attr_accessor :public_key diff --git a/vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb b/vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb index e101f98..0f2661c 100644 --- a/vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb +++ b/vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb @@ -68,7 +68,7 @@ module CertificateAuthority ## DEPRECATED class OCSPHandler - include ActiveModel::Validations + include Validations attr_accessor :ocsp_request attr_accessor :certificate_ids @@ -78,10 +78,10 @@ module CertificateAuthority attr_accessor :ocsp_response_body - validate do |crl| + def validate errors.add :parent, "A parent entity must be set" if parent.nil? + all_certificates_available end - validate :all_certificates_available def initialize self.certificates = {} diff --git a/vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb b/vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb index d4ebc47..8a83f0e 100644 --- a/vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb +++ b/vendor/certificate_authority/lib/certificate_authority/pkcs11_key_material.rb @@ -1,8 +1,6 @@ module CertificateAuthority class Pkcs11KeyMaterial include KeyMaterial - include ActiveModel::Validations - include ActiveModel::Serialization attr_accessor :engine attr_accessor :token_id diff --git a/vendor/certificate_authority/lib/certificate_authority/serial_number.rb b/vendor/certificate_authority/lib/certificate_authority/serial_number.rb index b9a43cc..99f3002 100644 --- a/vendor/certificate_authority/lib/certificate_authority/serial_number.rb +++ b/vendor/certificate_authority/lib/certificate_authority/serial_number.rb @@ -2,12 +2,18 @@ require 'securerandom' module CertificateAuthority class SerialNumber - include ActiveModel::Validations + include Validations include Revocable attr_accessor :number - validates :number, :presence => true, :numericality => {:greater_than => 0} + def validate + if self.number.nil? + errors.add :number, "must not be empty" + elsif self.number.to_i <= 0 + errors.add :number, "must be greater than zero" + end + end def initialize self.number = SecureRandom.random_number(2**128-1) diff --git a/vendor/certificate_authority/lib/certificate_authority/validations.rb b/vendor/certificate_authority/lib/certificate_authority/validations.rb new file mode 100644 index 0000000..a429c96 --- /dev/null +++ b/vendor/certificate_authority/lib/certificate_authority/validations.rb @@ -0,0 +1,31 @@ +# +# This is a super simple replacement for ActiveSupport::Validations +# + +module CertificateAuthority + class Errors < Array + def add(symbol, msg) + self.push([symbol, msg]) + end + def full_messages + self.map {|i| i[0].to_s + ": " + i[1]}.join("\n") + end + end + + module Validations + def valid? + @errors = Errors.new + validate + errors.empty? + end + + # must be overridden + def validate + raise NotImplementedError + end + + def errors + @errors ||= Errors.new + end + end +end -- cgit v1.2.3