Module: Ronin::Support::Network::SSL

Included in:

TLS

Defined in:

lib/ronin/support/network/ssl.rb,
lib/ronin/support/network/ssl/mixin.rb,
lib/ronin/support/network/ssl/proxy.rb,
lib/ronin/support/network/ssl/local_key.rb,
lib/ronin/support/network/ssl/local_cert.rb

Overview

Top-level SSL methods.

Defined Under Namespace

Modules: LocalCert, LocalKey, Mixin Classes: Proxy

Constant Summary

VERSIONS =

SSL/TLS versions

{
  1   => :TLSv1,
  1.1 => :TLSv1_1,
  1.2 => :TLSv1_2
}

VERIFY =

SSL verify modes

{
  none:                 OpenSSL::SSL::VERIFY_NONE,
  peer:                 OpenSSL::SSL::VERIFY_PEER,
  fail_if_no_peer_cert: OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT,
  client_once:          OpenSSL::SSL::VERIFY_CLIENT_ONCE,
  true               => OpenSSL::SSL::VERIFY_PEER,
  false              => OpenSSL::SSL::VERIFY_NONE
}

Class Method Summary

• .cert ⇒ Crypto::Cert

  The default SSL certificate used for all SSL server sockets.

• .cert=(new_cert) ⇒ Crypto::Cert, OpenSSL::X509::Certificate

  Overrides the default SSL certificate.

• .context(version: nil, verify: :none, key: nil, key_file: nil, cert: nil, cert_file: nil, ca_bundle: nil) ⇒ OpenSSL::SSL::SSLContext

  Creates a new SSL Context.

• .key ⇒ Crypto::Key::RSA

  The default RSA key used for all SSL server sockets.

• .key=(new_key) ⇒ Crypto::Key::RSA, OpenSSL::PKey::RSA

  Overrides the default RSA key.

Class Method Details

.cert ⇒ Crypto::Cert

The default SSL certificate used for all SSL server sockets.

# File 'lib/ronin/support/network/ssl.rb', line 78

def self.cert
  @cert ||= LocalCert.fetch
end

.cert=(new_cert) ⇒ Crypto::Cert, OpenSSL::X509::Certificate

Overrides the default SSL certificate.

# File 'lib/ronin/support/network/ssl.rb', line 91

def self.cert=(new_cert)
  @cert = new_cert
end

.context(version: nil, verify: :none, key: nil, key_file: nil, cert: nil, cert_file: nil, ca_bundle: nil) ⇒ OpenSSL::SSL::SSLContext

Creates a new SSL Context.

Raises:

• (ArgumentError) —

  cert_file: or cert: keyword arguments also require a key_file: or key: keyword argument.

Since:

• 1.0.0

# File 'lib/ronin/support/network/ssl.rb', line 136

def self.context(version:   nil,
                 verify:    :none,
                 key:       nil,
                 key_file:  nil,
                 cert:      nil,
                 cert_file: nil,
                 ca_bundle: nil)
  context = OpenSSL::SSL::SSLContext.new

  if version
    context.ssl_version = VERSIONS.fetch(version,version)
  end

  context.verify_mode = VERIFY[verify]

  if (key_file || key) && (cert_file || cert)
    context.key  = if key_file then Crypto::Key.load_file(key_file)
                   else             key
                   end

    context.cert = if cert_file then Crypto::Cert.load_file(cert_file)
                   else              cert
                   end
  elsif (key_file || key) || (cert_file || cert)
    raise(ArgumentError,"cert_file: and cert: keyword arguments also require a key_file: or key: keyword argument")
  end

  if ca_bundle
    if File.file?(ca_bundle)
      context.ca_file = ca_bundle
    elsif File.directory?(ca_bundle)
      context.ca_path = ca_bundle
    end
  end

  return context
end

.key ⇒ Crypto::Key::RSA

The default RSA key used for all SSL server sockets.

# File 'lib/ronin/support/network/ssl.rb', line 55

def self.key
  @key ||= LocalKey.fetch
end

.key=(new_key) ⇒ Crypto::Key::RSA, OpenSSL::PKey::RSA

Overrides the default RSA key.

# File 'lib/ronin/support/network/ssl.rb', line 68

def self.key=(new_key)
  @key = new_key
end