0.0
Low commit activity in last 3 years
No release in over a year
Allows transport layers outside Ruby TCP to be secured.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

~> 3.5
~> 0.9

Runtime

>= 1.0, < 2.0
 Project Readme

mt-ruby-tls

mt-ruby-tls decouples the management of encrypted communications, putting you in charge of the transport layer. It can be used as an alternative to Ruby's SSLSocket.

Build Status

Install the gem

Install it with RubyGems

gem install mt-ruby-tls

or add this to your Gemfile if you use Bundler:

gem "mt-ruby-tls"

Windows users will require an installation of OpenSSL (32bit or 64bit matching the Ruby installation)

Usage

require 'rubygems'
require 'mt-ruby-tls'

class transport
  def initialize
    is_server = true
    callback_obj = self
    options = {
      verify_peer: true,
      private_key: '/file/path.pem',
      cert_chain: '/file/path.crt',
      ciphers: 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!CAMELLIA:@STRENGTH' # (default)
      # protocols: ["h2", "http/1.1"], # Can be used where OpenSSL >= 1.0.2 (Application Level Protocol negotiation)
      # fallback: "http/1.1", # Optional fallback to a default protocol when either client or server doesn't support ALPN
      # client_ca: '/file/path.pem'
    }
    @ssl_layer = MTRubyTls::SSL::Box.new(is_server, callback_obj, options)
  end

  def close_cb
    puts "The transport layer should be shutdown"
  end

  def dispatch_cb(data)
    puts "Clear text data that has been decrypted"
  end

  def transmit_cb(data)
    puts "Encrypted data for transmission to remote"
    # @tcp.send data
  end

  def handshake_cb(protocol)
    puts "initial handshake has completed"
  end

  def verify_cb(cert)
    # Return true or false
    is_cert_valid? cert
  end

  def start_tls
    # Start SSL negotiation when you are ready
    @ssl_layer.start
  end

  def send(data)
    @ssl_layer.encrypt(data)
  end
end

#
# Create a new TLS connection
#
connection = transport.new

#
# Init the handshake
#
connection.start_tls

#
# Start sending data to the remote, this will trigger the
# transmit_cb with encrypted data to send.
#
connection.send('client request')

#
# Similarly when data is received from the remote it should be
# passed to connection.decrypt where the dispatch_cb will be
# called with clear text
#

License and copyright

MIT