Skip to content

cotag/ruby-tls

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

56 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ruby-tls

Ruby-TLS decouples the management of encrypted communications, putting you in charge of the transport layer. It can be used as an alternative to Ruby's SSLSocket.

Build Status

Install the gem

Install it with RubyGems

gem install ruby-tls

or add this to your Gemfile if you use Bundler:

gem "ruby-tls"

Windows users will require an installation of OpenSSL (32bit or 64bit matching the Ruby installation)

Usage

require 'rubygems'
require 'ruby-tls'

class transport
  def initialize
    is_server = true
    callback_obj = self
    options = {
      verify_peer: true,
      private_key: '/file/path.pem',
      cert_chain: '/file/path.crt',
      ciphers: 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!CAMELLIA:@STRENGTH' # (default)
      # protocols: ["h2", "http/1.1"], # Can be used where OpenSSL >= 1.0.2 (Application Level Protocol negotiation)
      # fallback: "http/1.1", # Optional fallback to a default protocol when either client or server doesn't support ALPN
      # client_ca: '/file/path.pem'
    }
    @ssl_layer = RubyTls::SSL::Box.new(is_server, callback_obj, options)
  end

  def close_cb
    puts "The transport layer should be shutdown"
  end

  def dispatch_cb(data)
    puts "Clear text data that has been decrypted"
  end

  def transmit_cb(data)
    puts "Encrypted data for transmission to remote"
    # @tcp.send data
  end

  def handshake_cb(protocol)
    puts "initial handshake has completed"
  end

  def verify_cb(cert)
    # Return true or false
    is_cert_valid? cert
  end

  def start_tls
    # Start SSL negotiation when you are ready
    @ssl_layer.start
  end

  def send(data)
    @ssl_layer.encrypt(data)
  end
end

#
# Create a new TLS connection
#
connection = transport.new

#
# Init the handshake
#
connection.start_tls

#
# Start sending data to the remote, this will trigger the
# transmit_cb with encrypted data to send.
#
connection.send('client request')

#
# Similarly when data is received from the remote it should be
# passed to connection.decrypt where the dispatch_cb will be
# called with clear text
#

License and copyright

MIT

Releases

No releases published

Packages

No packages published

Languages