Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →

cryptorecord

Package Overview

Dependencies

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

cryptorecord

1.0.0
Rubygems

Version published: 3 years ago

Maintainers: 1

Created: 3 years ago

Source

Cryptorecord

This gem provides an API and scripts for creating crypto-related dns-records(e.g. DANE).

At the moment the following records are supported:

TLSA
SSHFP
OPENPGPKEYS

This API does neither create nor provide any public keys/certificates. It just uses existing keys to create the dns-records.

Installation

Add this line to your application's Gemfile:

gem 'cryptorecord'

And then execute:

$ bundle

Or install it yourself as:

$ gem install cryptorecord

Docker

Build Image

docker build -t cryptorecord .

Run container

Lets mount the certificate in /certs and run tlsarecord using this cert:

podman run --rm -v /etc/ssl/certs/ssl-cert-snakeoil.pem:/certs/ssl-cert-snakeoil.pem cryptorecord tlsarecord -f /certs/ssl-cert-snakeoil.pem

Usage

This gem comes with some example scripts like:

openpgpkeysrecord
sshfprecord
tlsarecord

Usage: ./openpgpkeysrecord -u <email> -f <gpgkeyfile>
    -h, --help                       This help screen
    -f PGP-PUBLICKEY-FILE,           PGP-Publickey-File
        --publickeyfile
    -u, --uid EMAIL                  email-address

Usage: ./sshfprecord [ options ]
    -h, --help                       This help screen
    -f SSH-HOST-KEY-FILE,            SSH-Hostkey-File
        --hostkeyfile
    -H, --host HOST                  host
    -d, --digest DIGEST              HASH-Algorithm
    -r, --read-local-hostkeys        Read all local Hostkeys.(like ssh-keygen -r)

Usage: ./tlsarecord [ options ]
    -h, --help                       This help screen
    -f, --certfile CERTIFICATE-FILE  Certificatefile
    -H, --host HOST                  host
    -p, --port PORTNUMBER            port
    -P, --protocol PROTOCOL          protocol(tcp,udp,sctp..)
    -s, --selector SELECTOR          Selector for the association. 0 = Full Cert, 1 = SubjectPublicKeyInfo
    -u, --usage USAGE                Usage for the association. 0 = PKIX-CA, 1 = PKIX-EE, 2 = DANE-TA, 3 = DANE-EE
    -t, --mtype MTYPE                The Matching Type of the association. 0 = Exact Match, 1 = SHA-256, 2 = SHA-512

TLSA Example

#!/usr/bin/env ruby

require 'cryptorecord'

selector = 0
mtype = 0
usage = 3
port = 443
proto = "tcp"
host = "www.example.com"
tlsa = Cryptorecord::Tlsa.new(:selector => selector, :mtype => mtype, :usage => usage, :port => port, :proto => proto, :host => host )
tlsa.read_file("/etc/ssl/certs/ssl-cert-snakeoil.pem")
puts tlsa

SSHFP Example

#!/usr/bin/env ruby

require 'cryptorecord'

sshfp = Cryptorecord::Sshfp.new(:digest => 1, :keyfile => '/etc/ssh/ssh_host_rsa_key.pub', :host => 'www.example.com')
puts sshfp

OPENPGPKEYS Example

#!/usr/bin/env ruby

require 'cryptorecord'

opk = Cryptorecord::Openpgpkey.new(:uid => "hacky@hacktheplanet.com")
opk.read_file("resources/hacky.asc")
puts opk

Documentation

rubydoc.info

Resources

Development

After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install.

Run tests

docker run --rm --entrypoint "rake" cryptorecord

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/whotwagner/cryptorecord. This project is intended to be a safe, welcoming space for collaboration.

FAQs

What is cryptorecord?

Is cryptorecord well maintained?

Package last updated on 21 May 2022

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install