Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/cotag/ruby-tls

Generic TLS for ruby
https://github.com/cotag/ruby-tls

Last synced: about 1 year ago
JSON representation

Generic TLS for ruby

Awesome Lists containing this project

README 

          
# ruby-tls



Ruby-TLS decouples the management of encrypted communications, putting you in charge of the transport layer. It can be used as an alternative to Ruby's SSLSocket.



[![Build Status](https://travis-ci.org/cotag/ruby-tls.svg?branch=master)](https://travis-ci.org/cotag/ruby-tls)



## Install the gem



Install it with [RubyGems](https://rubygems.org/)



    gem install ruby-tls



or add this to your Gemfile if you use [Bundler](http://gembundler.com/):



    gem "ruby-tls"



Windows users will require an installation of OpenSSL (32bit or 64bit matching the Ruby installation)



## Usage



```ruby

require 'rubygems'

require 'ruby-tls'



class transport

  def initialize

    is_server = true

    callback_obj = self

    options = {

      verify_peer: true,

      private_key: '/file/path.pem',

      cert_chain: '/file/path.crt',

      ciphers: 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!CAMELLIA:@STRENGTH' # (default)

      # protocols: ["h2", "http/1.1"], # Can be used where OpenSSL >= 1.0.2 (Application Level Protocol negotiation)

      # fallback: "http/1.1", # Optional fallback to a default protocol when either client or server doesn't support ALPN

      # client_ca: '/file/path.pem'

    }

    @ssl_layer = RubyTls::SSL::Box.new(is_server, callback_obj, options)

  end



  def close_cb

    puts "The transport layer should be shutdown"

  end



  def dispatch_cb(data)

    puts "Clear text data that has been decrypted"

  end



  def transmit_cb(data)

    puts "Encrypted data for transmission to remote"

    # @tcp.send data

  end



  def handshake_cb(protocol)

    puts "initial handshake has completed"

  end



  def verify_cb(cert)

    # Return true or false

    is_cert_valid? cert

  end



  def start_tls

    # Start SSL negotiation when you are ready

    @ssl_layer.start

  end



  def send(data)

    @ssl_layer.encrypt(data)

  end

end



#

# Create a new TLS connection

#

connection = transport.new



#

# Init the handshake

#

connection.start_tls



#

# Start sending data to the remote, this will trigger the

# transmit_cb with encrypted data to send.

#

connection.send('client request')



#

# Similarly when data is received from the remote it should be

# passed to connection.decrypt where the dispatch_cb will be

# called with clear text

#

```



## License and copyright



MIT