diff options
Diffstat (limited to 'lib/rubygems/security')
-rw-r--r-- | lib/rubygems/security/policies.rb | 1 | ||||
-rw-r--r-- | lib/rubygems/security/policy.rb | 44 | ||||
-rw-r--r-- | lib/rubygems/security/signer.rb | 17 | ||||
-rw-r--r-- | lib/rubygems/security/trust_dir.rb | 15 |
4 files changed, 37 insertions, 40 deletions
diff --git a/lib/rubygems/security/policies.rb b/lib/rubygems/security/policies.rb index 49ca8d860d..8f6ad99316 100644 --- a/lib/rubygems/security/policies.rb +++ b/lib/rubygems/security/policies.rb @@ -113,4 +113,3 @@ module Gem::Security }.freeze end - diff --git a/lib/rubygems/security/policy.rb b/lib/rubygems/security/policy.rb index 2e9159797c..1aa6eab18c 100644 --- a/lib/rubygems/security/policy.rb +++ b/lib/rubygems/security/policy.rb @@ -24,7 +24,7 @@ class Gem::Security::Policy # Create a new Gem::Security::Policy object with the given mode and # options. - def initialize name, policy = {}, opt = {} + def initialize(name, policy = {}, opt = {}) require 'openssl' @name = name @@ -55,7 +55,7 @@ class Gem::Security::Policy # Verifies each certificate in +chain+ has signed the following certificate # and is valid for the given +time+. - def check_chain chain, time + def check_chain(chain, time) raise Gem::Security::Exception, 'missing signing chain' unless chain raise Gem::Security::Exception, 'empty signing chain' if chain.empty? @@ -74,7 +74,7 @@ class Gem::Security::Policy # Verifies that +data+ matches the +signature+ created by +public_key+ and # the +digest+ algorithm. - def check_data public_key, digest, signature, data + def check_data(public_key, digest, signature, data) raise Gem::Security::Exception, "invalid signature" unless public_key.verify digest.new, signature, data.digest @@ -85,22 +85,22 @@ class Gem::Security::Policy # Ensures that +signer+ is valid for +time+ and was signed by the +issuer+. # If the +issuer+ is +nil+ no verification is performed. - def check_cert signer, issuer, time + def check_cert(signer, issuer, time) raise Gem::Security::Exception, 'missing signing certificate' unless signer message = "certificate #{signer.subject}" - if not_before = signer.not_before and not_before > time then + if not_before = signer.not_before and not_before > time raise Gem::Security::Exception, "#{message} not valid before #{not_before}" end - if not_after = signer.not_after and not_after < time then + if not_after = signer.not_after and not_after < time raise Gem::Security::Exception, "#{message} not valid after #{not_after}" end - if issuer and not signer.verify issuer.public_key then + if issuer and not signer.verify issuer.public_key raise Gem::Security::Exception, "#{message} was not issued by #{issuer.subject}" end @@ -111,8 +111,8 @@ class Gem::Security::Policy ## # Ensures the public key of +key+ matches the public key in +signer+ - def check_key signer, key - unless signer and key then + def check_key(signer, key) + unless signer and key return true unless @only_signed raise Gem::Security::Exception, 'missing key or signature' @@ -129,7 +129,7 @@ class Gem::Security::Policy # Ensures the root certificate in +chain+ is self-signed and valid for # +time+. - def check_root chain, time + def check_root(chain, time) raise Gem::Security::Exception, 'missing signing chain' unless chain root = chain.first @@ -148,7 +148,7 @@ class Gem::Security::Policy # Ensures the root of +chain+ has a trusted certificate in +trust_dir+ and # the digests of the two certificates match according to +digester+ - def check_trust chain, digester, trust_dir + def check_trust(chain, digester, trust_dir) raise Gem::Security::Exception, 'missing signing chain' unless chain root = chain.first @@ -157,7 +157,7 @@ class Gem::Security::Policy path = Gem::Security.trust_dir.cert_path root - unless File.exist? path then + unless File.exist? path message = "root cert #{root.subject} is not trusted".dup message << " (root of signing cert #{chain.last.subject})" if @@ -183,7 +183,7 @@ class Gem::Security::Policy ## # Extracts the email or subject from +certificate+ - def subject certificate # :nodoc: + def subject(certificate) # :nodoc: certificate.extensions.each do |extension| next unless extension.oid == 'subjectAltName' @@ -208,13 +208,13 @@ class Gem::Security::Policy # # If +key+ is given it is used to validate the signing certificate. - def verify chain, key = nil, digests = {}, signatures = {}, - full_name = '(unknown)' - if signatures.empty? then - if @only_signed then + def verify(chain, key = nil, digests = {}, signatures = {}, + full_name = '(unknown)') + if signatures.empty? + if @only_signed raise Gem::Security::Exception, "unsigned gems are not allowed by the #{name} policy" - elsif digests.empty? then + elsif digests.empty? # lack of signatures is irrelevant if there is nothing to check # against else @@ -232,7 +232,7 @@ class Gem::Security::Policy file_digests.values.first.name == Gem::Security::DIGEST_NAME end - if @verify_data then + if @verify_data raise Gem::Security::Exception, 'no digests provided (probable bug)' if signer_digests.nil? or signer_digests.empty? else @@ -249,9 +249,9 @@ class Gem::Security::Policy check_root chain, time if @verify_root - if @only_trusted then + if @only_trusted check_trust chain, digester, trust_dir - elsif signatures.empty? and digests.empty? then + elsif signatures.empty? and digests.empty? # trust is irrelevant if there's no signatures to verify else alert_warning "#{subject signer} is not trusted for #{full_name}" @@ -280,7 +280,7 @@ class Gem::Security::Policy # Extracts the certificate chain from the +spec+ and calls #verify to ensure # the signatures and certificate chain is valid according to the policy.. - def verify_signatures spec, digests, signatures + def verify_signatures(spec, digests, signatures) chain = spec.cert_chain.map do |cert_pem| OpenSSL::X509::Certificate.new cert_pem end diff --git a/lib/rubygems/security/signer.rb b/lib/rubygems/security/signer.rb index 32dab9fa81..34e86e921a 100644 --- a/lib/rubygems/security/signer.rb +++ b/lib/rubygems/security/signer.rb @@ -65,18 +65,18 @@ class Gem::Security::Signer # +chain+ containing X509 certificates, encoding certificates or paths to # certificates. - def initialize key, cert_chain, passphrase = nil, options = {} + def initialize(key, cert_chain, passphrase = nil, options = {}) @cert_chain = cert_chain @key = key @passphrase = passphrase @options = DEFAULT_OPTIONS.merge(options) - unless @key then + unless @key default_key = File.join Gem.default_key_path @key = default_key if File.exist? default_key end - unless @cert_chain then + unless @cert_chain default_cert = File.join Gem.default_cert_path @cert_chain = [default_cert] if File.exist? default_cert end @@ -89,7 +89,7 @@ class Gem::Security::Signer @key = OpenSSL::PKey::RSA.new(File.read(@key), @passphrase) end - if @cert_chain then + if @cert_chain @cert_chain = @cert_chain.compact.map do |cert| next cert if OpenSSL::X509::Certificate === cert @@ -106,10 +106,10 @@ class Gem::Security::Signer # Extracts the full name of +cert+. If the certificate has a subjectAltName # this value is preferred, otherwise the subject is used. - def extract_name cert # :nodoc: + def extract_name(cert) # :nodoc: subject_alt_name = cert.extensions.find { |e| 'subjectAltName' == e.oid } - if subject_alt_name then + if subject_alt_name /\Aemail:/ =~ subject_alt_name.value $' || subject_alt_name.value @@ -138,12 +138,12 @@ class Gem::Security::Signer ## # Sign data with given digest algorithm - def sign data + def sign(data) return unless @key raise Gem::Security::Exception, 'no certs provided' if @cert_chain.empty? - if @cert_chain.length == 1 and @cert_chain.last.not_after < Time.now then + if @cert_chain.length == 1 and @cert_chain.last.not_after < Time.now re_sign_key( expiration_length: (Gem::Security::ONE_DAY * options[:expiration_length_days]) ) @@ -203,4 +203,3 @@ class Gem::Security::Signer end end - diff --git a/lib/rubygems/security/trust_dir.rb b/lib/rubygems/security/trust_dir.rb index 6d837affa1..98031ea22b 100644 --- a/lib/rubygems/security/trust_dir.rb +++ b/lib/rubygems/security/trust_dir.rb @@ -22,7 +22,7 @@ class Gem::Security::TrustDir # Creates a new TrustDir using +dir+ where the directory and file # permissions will be checked according to +permissions+ - def initialize dir, permissions = DEFAULT_PERMISSIONS + def initialize(dir, permissions = DEFAULT_PERMISSIONS) @dir = dir @permissions = permissions @@ -32,7 +32,7 @@ class Gem::Security::TrustDir ## # Returns the path to the trusted +certificate+ - def cert_path certificate + def cert_path(certificate) name_path certificate.subject end @@ -59,7 +59,7 @@ class Gem::Security::TrustDir # Returns the issuer certificate of the given +certificate+ if it exists in # the trust directory. - def issuer_of certificate + def issuer_of(certificate) path = name_path certificate.issuer return unless File.exist? path @@ -70,7 +70,7 @@ class Gem::Security::TrustDir ## # Returns the path to the trusted certificate with the given ASN.1 +name+ - def name_path name + def name_path(name) digest = @digester.hexdigest name.to_s File.join @dir, "cert-#{digest}.pem" @@ -79,7 +79,7 @@ class Gem::Security::TrustDir ## # Loads the given +certificate_file+ - def load_certificate certificate_file + def load_certificate(certificate_file) pem = File.read certificate_file OpenSSL::X509::Certificate.new pem @@ -88,7 +88,7 @@ class Gem::Security::TrustDir ## # Add a certificate to trusted certificate list. - def trust_cert certificate + def trust_cert(certificate) verify destination = cert_path certificate @@ -105,7 +105,7 @@ class Gem::Security::TrustDir # permissions. def verify - if File.exist? @dir then + if File.exist? @dir raise Gem::Security::Exception, "trust directory #{@dir} is not a directory" unless File.directory? @dir @@ -117,4 +117,3 @@ class Gem::Security::TrustDir end end - |