Class: R509::Cert::Extensions::KeyUsage

Inherits:
OpenSSL::X509::Extension
  • Object
show all
Defined in:
lib/r509/cert/extensions.rb

Overview

Implements the KeyUsage certificate extension, with methods to provide access to the components and meaning of the extension's contents.

Constant Summary

OID = 
"keyUsage"
AU_DIGITAL_SIGNATURE =

The OpenSSL friendly name for the "digitalSignature" key use.

"Digital Signature"
AU_NON_REPUDIATION =

The OpenSSL friendly name for the "nonRepudiation" key use.

"Non Repudiation"
AU_KEY_ENCIPHERMENT =

The OpenSSL friendly name for the "keyEncipherment" key use.

"Key Encipherment"
AU_DATA_ENCIPHERMENT =

The OpenSSL friendly name for the "dataEncipherment" key use.

"Data Encipherment"
AU_KEY_AGREEMENT =

The OpenSSL friendly name for the "keyAgreement" key use.

"Key Agreement"
AU_CERTIFICATE_SIGN =

The OpenSSL friendly name for the "keyCertSign" key use.

"Certificate Sign"
AU_CRL_SIGN =

The OpenSSL friendly name for the "cRLSign" key use.

"CRL Sign"
AU_ENCIPHER_ONLY =

The OpenSSL friendly name for the "encipherOnly" key use.

"Encipher Only"
AU_DECIPHER_ONLY =

The OpenSSL friendly name for the "decipherOnly" key use.

"Decipher Only"

Instance Attribute Summary (collapse)

Instance Method Summary (collapse)

Constructor Details

- (KeyUsage) initialize(*args)

See OpenSSL::X509::Extension#initialize



83
84
85
86
87
 
# File 'lib/r509/cert/extensions.rb', line 83

def initialize(*args)
  super(*args)

  @allowed_uses = self.value.split(",").map {|use| use.strip}
end

Instance Attribute Details

- (Object) allowed_uses (readonly)

An array of the key uses allowed. See the AU_* constants in this class.



80
81
82
 
# File 'lib/r509/cert/extensions.rb', line 80

def allowed_uses
  @allowed_uses
end

Instance Method Details

- (Boolean) allows?(friendly_use_name)

Returns true if the given use is allowed by this extension.

Parameters:

  • friendly_use_name (string)

    One of the AU_* constants in this class.

Returns:

  • (Boolean) 


91
92
93
 
# File 'lib/r509/cert/extensions.rb', line 91

def allows?( friendly_use_name )
  @allowed_uses.include?( friendly_use_name )
end

- (Boolean) certificate_sign?

Returns:

  • (Boolean) 


115
116
117
 
# File 'lib/r509/cert/extensions.rb', line 115

def certificate_sign?
  allows?( AU_CERTIFICATE_SIGN )
end

- (Boolean) crl_sign?

Returns:

  • (Boolean) 


119
120
121
 
# File 'lib/r509/cert/extensions.rb', line 119

def crl_sign?
  allows?( AU_CRL_SIGN )
end

- (Boolean) data_encipherment?

Returns:

  • (Boolean) 


107
108
109
 
# File 'lib/r509/cert/extensions.rb', line 107

def data_encipherment?
  allows?( AU_DATA_ENCIPHERMENT )
end

- (Boolean) decipher_only?

Returns:

  • (Boolean) 


127
128
129
 
# File 'lib/r509/cert/extensions.rb', line 127

def decipher_only?
  allows?( AU_DECIPHER_ONLY )
end

- (Boolean) digital_signature?

Returns:

  • (Boolean) 


95
96
97
 
# File 'lib/r509/cert/extensions.rb', line 95

def digital_signature?
  allows?( AU_DIGITAL_SIGNATURE )
end

- (Boolean) encipher_only?

Returns:

  • (Boolean) 


123
124
125
 
# File 'lib/r509/cert/extensions.rb', line 123

def encipher_only?
  allows?( AU_ENCIPHER_ONLY )
end

- (Boolean) key_agreement?

Returns:

  • (Boolean) 


111
112
113
 
# File 'lib/r509/cert/extensions.rb', line 111

def key_agreement?
  allows?( AU_KEY_AGREEMENT )
end

- (Boolean) key_encipherment?

Returns:

  • (Boolean) 


103
104
105
 
# File 'lib/r509/cert/extensions.rb', line 103

def key_encipherment?
  allows?( AU_KEY_ENCIPHERMENT )
end

- (Boolean) non_repudiation?

Returns:

  • (Boolean) 


99
100
101
 
# File 'lib/r509/cert/extensions.rb', line 99

def non_repudiation?
  allows?( AU_NON_REPUDIATION )
end