FYHTECH

FUN WITH LINUX

cryptorecord 0.9.2 released

17 May 2018

I proudly pronounce the first (pre-)release of cryptorecord. Cryptorecords is a ruby gem that provides an API and scripts for creating crypto-related dns-records(e.g. DANE). Currently it supports TLSA, OPENPGPKEYS and SSHFP but I plan to support other records in future. The API doesn’t create any keys or certificates. It just takes existing keyfiles to create the DNS-records.

Installation

The gem is available on Rubygems. Add this line to your application’s Gemfile:

gem 'cryptorecord'

And then execute:

$ bundle

Or install it yourself as:

$ gem install cryptorecord

Usage

This gem comes with a bunch of handy executables that helps creating the dns-records:

  • openpgpkeysrecord
  • sshfprecord
  • tlsarecord
    Usage: ./openpgpkeysrecord -u -f 
        -h, --help This help screen
        -f PGP-PUBLICKEY-FILE, PGP-Publickey-File
            --publickeyfile
        -u, --uid EMAIL email-address

    
    Usage: ./sshfprecord [options]
        -h, --help This help screen
        -f SSH-HOST-KEY-FILE, SSH-Hostkey-File
            --hostkeyfile
        -H, --host HOST host
        -d, --digest DIGEST HASH-Algorithm
        -r, --read-local-hostkeys Read all local Hostkeys.(like ssh-keygen -r)

    
    Usage: ./tlsarecord [options]
        -h, --help This help screen
        -f, --certfile CERTIFICATE-FILE Certificatefile
        -H, --host HOST host
        -p, --port PORTNUMBER port
        -P, --protocol PROTOCOL protocol(tcp,udp,sctp..)
        -s, --selector SELECTOR Selector for the association. 0 = Full Cert, 1 = SubjectPublicKeyInfo
        -u, --usage USAGE Usage for the association. 0 = PKIX-CA, 1 = PKIX-EE, 2 = DANE-TA, 3 = DANE-EE
        -t, --mtype MTYPE The Matching Type of the association. 0 = Exact Match, 1 = SHA-256, 2 = SHA-512

TLSA-Example

#!/usr/bin/env ruby

require 'cryptorecord'

selector = 0
mtype = 0
usage = 3
port = 443
proto = "tcp"
host = "www.example.com"
tlsa = Cryptorecord::Tlsa.new(:selector => selector, :mtype => mtype, :usage => usage, :port => port, :proto => proto, :host => host )
tlsa.read_file("/etc/ssl/certs/ssl-cert-snakeoil.pem")
puts tlsa

SSHFP-Example

#!/usr/bin/env ruby

require 'cryptorecord'

sshfp = Cryptorecord::Sshfp.new(:digest => 1, :keyfile => '/etc/ssh/ssh_host_rsa_key.pub', :host => 'www.example.com')
puts sshfp

OPENPGPKEYS-Example

#!/usr/bin/env ruby

require 'cryptorecord'

sshfp = Cryptorecord::Openpgpkeys.new(:uid => "hacky@hacktheplanet.com")
sshfp.read_file("resources/hacky.asc")
puts sshfp

Documentation

The documentation can be found at rubydoc.info

[ Programming  Security  Crypto  Network  Ruby  Downloads  Download  ]
User image

My name is Wolfgang Hotwagner. I am a Linux and Information Security enthusiast from Vienna. This blog is about my journey through Computer Science.

Tag Cloud

Multimedia Downloads Crypto Ruby Firewall C Fun Programming Bash Toscom Puppet Debian External Linux Mathematics HackADay Software-Raid TerminalEmulator Suricata Tricks Docker Nagios git Raspberry CVE openssl Database Desktop Security Blog Open-Source Anniversary One-Liner Mail Perl Virtualization PHP Proxy logrotate Network Postgresql LVM vim Certification xmas Kernel Ansible ccc Hardware Sysadmin apache Btrfs Web Shell Zsh News Email CLI Backup

Recent Posts

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 Unported License.

Copyright 2015-present Hoti