Module: R509::Cert::Extensions

Defined in:: lib/r509/cert/extensions/base.rb,
lib/r509/cert/extensions/key_usage.rb,
lib/r509/cert/extensions/ocsp_no_check.rb,
lib/r509/cert/extensions/validation_mixin.rb,
lib/r509/cert/extensions/name_constraints.rb,
lib/r509/cert/extensions/basic_constraints.rb,
lib/r509/cert/extensions/policy_constraints.rb,
lib/r509/cert/extensions/inhibit_any_policy.rb,
lib/r509/cert/extensions/extended_key_usage.rb,
lib/r509/cert/extensions/certificate_policies.rb,
lib/r509/cert/extensions/authority_info_access.rb,
lib/r509/cert/extensions/subject_key_identifier.rb,
lib/r509/cert/extensions/crl_distribution_points.rb,
lib/r509/cert/extensions/subject_alternative_name.rb,
lib/r509/cert/extensions/authority_key_identifier.rb

Overview

module to contain extension classes for R509::Cert

Defined Under Namespace

Modules: GeneralNamesMixin, ValidationMixin Classes: AuthorityInfoAccess, AuthorityKeyIdentifier, BasicConstraints, CRLDistributionPoints, CertificatePolicies, ExtendedKeyUsage, InhibitAnyPolicy, KeyUsage, NameConstraints, NoticeReference, OCSPNoCheck, PolicyConstraints, PolicyInformation, PolicyQualifiers, SubjectAlternativeName, SubjectKeyIdentifier, UserNotice

Class Method Summary collapse

.get_unknown_extensions(extensions) ⇒ Object

Given a list of OpenSSL::X509::Extension objects, returns those without an R509 implementation.
.names_to_h(array) ⇒ Object

Takes an array of R509::ASN1::GeneralName objects and returns a hash that can be encoded to YAML (used by #to_yaml methods).
.wrap_openssl_extensions(extensions) ⇒ Object

Takes OpenSSL::X509::Extension objects and wraps each in the appropriate R509::Cert::Extensions object, and returns them in a hash.

Class Method Details

.get_unknown_extensions(extensions) ⇒ `Object`

Given a list of OpenSSL::X509::Extension objects, returns those without an R509 implementation.

# File 'lib/r509/cert/extensions/base.rb', line 37

def self.get_unknown_extensions(extensions)
  unknown_extensions = []
  extensions.each do |openssl_extension|
    match_found = false
    R509_EXTENSION_CLASSES.each do |r509_class|
      if  r509_class::OID.downcase == openssl_extension.oid.downcase
        match_found = true
        break
      end
    end
    # if we make it this far (without breaking), we didn't match
    unknown_extensions << openssl_extension unless match_found
  end

  unknown_extensions
end

.names_to_h(array) ⇒ `Object`

Takes an array of R509::ASN1::GeneralName objects and returns a hash that can be encoded to YAML (used by #to_yaml methods)

# File 'lib/r509/cert/extensions/base.rb', line 56

def self.names_to_h(array)
  data = []
  array.each do |name|
    value = (name.value.is_a?(R509::Subject)) ? name.value.to_h : name.value
    data.push(

        :type => name.short_type,
        :value => value

    )
  end
  data
end

.wrap_openssl_extensions(extensions) ⇒ `Object`

Takes OpenSSL::X509::Extension objects and wraps each in the appropriate R509::Cert::Extensions object, and returns them in a hash. The hash is keyed with the R509 extension class. Extensions without an R509 implementation are ignored (see #get_unknown_extensions).

# File 'lib/r509/cert/extensions/base.rb', line 17

def self.wrap_openssl_extensions(extensions)
  r509_extensions = {}
  extensions.each do |openssl_extension|
    R509_EXTENSION_CLASSES.each do |r509_class|
      if  r509_class::OID.downcase == openssl_extension.oid.downcase
        if r509_extensions.key?(r509_class)
          raise ArgumentError, "Only one extension object allowed per OID"
        end

        r509_extensions[r509_class] = r509_class.new(openssl_extension)
        break
      end
    end
  end

  r509_extensions
end