-
-
Save indirect/4735969 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -----BEGIN RSA PRIVATE KEY----- | |
| MIIEpAIBAAKCAQEAwijdP3d/kX/2amSFaqswoHQma47ahyf1Be8UM0v33Lospfr3 | |
| FnSgRa2Wfn0lguBw534ls0yVAoFa3ZKs3AkBvWbf0WwJb5WwOWlYxo0IfLT2r+Zm | |
| qlmit0KbRkPpVeW6/4FB/qN+j4S57yFMP9ISbqG1VbxdW3SIwXzYrzRyadQgE1+d | |
| 7pSVCUzXHjYMdqlbK45Zy+aOV4JXloBb7ygLxXEsXRFJK3gDa1I6syPsl22k86MQ | |
| 0bagDEj1KkGS0XuFWUs1Ay+LMpwjLHkZxZm3D8XOv1c81M1ndduS2Al/NBT9SY5q | |
| SaYu14XqdA6Ccc3nkMbNc5sqNgWdKEoLpAt/eQIDAQABAoIBAQCZ8sTbGekweQHt | |
| gh63YV2BHBeKmQ50tB33woWF1uqFPalBQijAyWB7XxRA3wHrMALVypQiAsrz3ZUq | |
| sq4VGZ8jinpVFxC0RUAhhYI6jID6QJKJDmrBD6mRHWL458gPr8QB639kZEZpjZfQ | |
| H9rRj8PFrLqXbG+poFD++frlkPRXK9Tlw5/g1rujr2d/C9IoZ7P2nZVDkKV0An/7 | |
| BtS0sNUXOXSc8fDPX7eUR0/s8AusWgtTFAs9+SCfYkcRbwapBNrxtPk/1WQShB9r | |
| y4/3czlDf4hGNQWvRzMKEdP4qBVgF7UUaDjKzIixO/m6omjc8yVAK33aryIlt0l6 | |
| KWLoEcgxAoGBAOsh5RcT1IudYgXNTqMtj7Jph06xwXyRpMlbyYQyiLaqfDH60wiR | |
| Wt1wL1CBgFlqNXi1DERG7gX5x2eRS4bXkRQG5f8zDeuGorgx03fmSbSrc8Z5jweK | |
| 9r+13Or024cGCF1idxLVk0N7mRTljGCdPEdeGdSvk7hDm9dsHpG9Y5pHAoGBANNk | |
| Ffqa3suhqPvtjMcVsqyRx5xKN8j51IzNkZ6Xhzkpd7pT3W2pvPL2WnH3d5aVdJfG | |
| Omz/a9pUtCpmMDLWDahJ8SCqIBFB4GG8xnu5+UeqInukcWx2r1SatPIMYmqrq163 | |
| AJNJFrSWaLsKEF9G0uuivWB3qeWY0qbFFR/Wbzg/AoGAf/58cXqG+dUbVeMzylnz | |
| 3f/Z+vmCROgXVtETOlYz25OkdaR/Givd1arK5r0H/CR3pRSQ793YlgIpDPSns2hG | |
| /irfKnNFQY+RpkjhP2RpfOLT7Behx05bEXLTJkdR9QdQqF0ASo1eU57Fbv2h07nj | |
| 5UmRMBi/hc+v1q1xWo5I2OMCgYEAhu4TuWqxW3lMy8HNYiZPbid/KhuVkAsnyNhO | |
| YtSF087MRXrSk/UMTmlBQg2bn9q2GUrGcFx5E1uNxKKFkW1gOlM4PolY/qr19mzw | |
| pHkIzN2kNRe57mmzcGVvqjCNgVkigcp964VzoMGBCCJcYPRsHUw7ZR/8qjjp/Nk/ | |
| qprNUzECgYBiTblaLY1qEN5XnALhn4P+5Z8/PVU6ijZhzXzhl1dENcUl3Xd4VHWI | |
| hvuXw2RqC6OSgTvSc+UA/q3xQ/X6qkTYWvm7HbA7hr+bzniWzb+hDCQHSM3T8OMV | |
| QTkHAi4FQDBHZS8MzleJ7RshKFFnTA4JFBL2sexQ8KvBU3iTjs+9ww== | |
| -----END RSA PRIVATE KEY----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -----BEGIN CERTIFICATE----- | |
| MIIDPjCCAiagAwIBAgIBATANBgkqhkiG9w0BAQUFADAqMQ8wDQYDVQQDDAZub2Jv | |
| ZHkxFzAVBgoJkiaJk/IsZAEZFgdleGFtcGxlMB4XDTEzMDIwNzIyNTMyNVoXDTE0 | |
| MDIwNzIyNTMyNVowKjEPMA0GA1UEAwwGbm9ib2R5MRcwFQYKCZImiZPyLGQBGRYH | |
| ZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIo3T93f5F/ | |
| 9mpkhWqrMKB0JmuO2ocn9QXvFDNL99y6LKX69xZ0oEWtln59JYLgcOd+JbNMlQKB | |
| Wt2SrNwJAb1m39FsCW+VsDlpWMaNCHy09q/mZqpZordCm0ZD6VXluv+BQf6jfo+E | |
| ue8hTD/SEm6htVW8XVt0iMF82K80cmnUIBNfne6UlQlM1x42DHapWyuOWcvmjleC | |
| V5aAW+8oC8VxLF0RSSt4A2tSOrMj7JdtpPOjENG2oAxI9SpBktF7hVlLNQMvizKc | |
| Iyx5GcWZtw/Fzr9XPNTNZ3XbktgJfzQU/UmOakmmLteF6nQOgnHN55DGzXObKjYF | |
| nShKC6QLf3kCAwEAAaNvMG0wCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0O | |
| BBYEFAzVeuabj2Dev4Rg5fZL0sFNzFYrMBkGA1UdEQQSMBCBDm5vYm9keUBleGFt | |
| cGxlMBkGA1UdEgQSMBCBDm5vYm9keUBleGFtcGxlMA0GCSqGSIb3DQEBBQUAA4IB | |
| AQCLSvdH/BblNoPwfK1YGlT2eaLOiHQoUcOHqazNN+o2uhZRyGBOQ+nQWjfZtZdP | |
| H28Li+18w489659S1j456TdTrU1n+krr9BDv4kM1sxjLc0rl64FtVc/vHtcGArkM | |
| iFDsrhkLTB/xVXh+1p6FCYXhuvlHSXJfPTUAzMhu54WxociQwtbuwdVrIuRmUgj7 | |
| eCnxDFsMwlAa/VLwfpBuHXbufKfeQhYKujcao2ohAN/tNxsXJr6PPnsKXsqQqpZ4 | |
| bs/+FcSdOtn1lra2G1VZMSukGpQVUKi0z4OaFgbJ5lD316UYYI3iMrYSmoAZP5vK | |
| a10P5fhZJOeHag7gzd3epp9f | |
| -----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'rubygems' | |
| require 'rubygems/package' | |
| spec = Gem::Specification.load 'sign.gemspec' | |
| p spec.signing_key | |
| p spec.cert_chain | |
| package = Gem::Package.new spec.full_name | |
| package.spec = spec | |
| package.build | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # run with ruby-head and rubygems-master | |
| require 'fileutils' | |
| require 'rubygems/security' | |
| require 'rubygems/package' | |
| # repro case | |
| ms = Gem::Security::Policies["MediumSecurity"] | |
| ls = Gem::Security::Policies["LowSecurity"] | |
| # remove the old signed gem | |
| FileUtils.rm_rf("sign-0.gem") | |
| p "build a new signed gem" | |
| p Gem::Package.build(Gem::Specification.load("sign.gemspec")) | |
| p "build a new unsigned gem" | |
| unsigned = Gem::Specification.load("sign.gemspec") | |
| unsigned.name = "unsigned" | |
| unsigned.signing_key = nil | |
| unsigned.cert_chain = [] | |
| p Gem::Package.build(unsigned) | |
| p "read the signed gem's metadata and spec" | |
| g = Gem::Package.new("sign-0.gem") | |
| # low, medium, and high will all fail here | |
| # g.security_policy = ms | |
| g.spec | |
| p "read the unsigned gem's metadata and spec" | |
| g = Gem::Package.new("unsigned-0.gem") | |
| g.security_policy = ms | |
| g.spec # boom |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Gem::Specification.new do |s| | |
| s.name = 'sign' | |
| s.version = 0 | |
| s.summary = 'A test gem for signing' | |
| s.authors = 'Eric Hodel' | |
| s.signing_key = 'gem-private_key.pem' | |
| s.cert_chain = ['gem-public_cert.pem'] | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment