Class: R509::Config::SubjectItemPolicy

Inherits:
Object
  • Object
show all
Defined in:
lib/r509/config.rb

Overview

returns information about the subject item policy for a profile

Instance Attribute Summary (collapse)

Instance Method Summary (collapse)

Constructor Details

- (SubjectItemPolicy) initialize(hash = {})

A new instance of SubjectItemPolicy

Examples:

sample hash

{"CN" => "required",
"O" => "required",
"OU" => "optional",
"ST" => "required",
"C" => "required",
"L" => "required",
"emailAddress" => "optional"}

Parameters:

  • hash (Hash) (defaults to: {})

    of required/optional subject items. These must be in OpenSSL shortname format.



210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
 
# File 'lib/r509/config.rb', line 210

def initialize(hash={})
  if not hash.kind_of?(Hash)
    raise ArgumentError, "Must supply a hash in form 'shortname'=>'required/optional'"
  end
  @required = []
  @optional = []
  if not hash.empty?
    hash.each_pair do |key,value|
      if value == "required"
        @required.push(key)
      elsif value == "optional"
        @optional.push(key)
      else
        raise ArgumentError, "Unknown subject item policy value. Allowed values are required and optional"
      end
    end
  end
end

Instance Attribute Details

- (Object) optional (readonly)

Returns the value of attribute optional



199
200
201
 
# File 'lib/r509/config.rb', line 199

def optional
  @optional
end

- (Object) required (readonly)

Returns the value of attribute required



199
200
201
 
# File 'lib/r509/config.rb', line 199

def required
  @required
end

Instance Method Details

- (R509::Subject) validate_subject(subject)

Validated version of the subject or error

Parameters:

Returns:



231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
 
# File 'lib/r509/config.rb', line 231

def validate_subject(subject)
  # convert the subject components into an array of component names that match
  # those that are on the required list
  supplied = subject.to_a.each do |item|
    @required.include?(item[0])
  end.map do |item|
    item[0]
  end
  # so we can make sure they gave us everything that's required
  diff = @required - supplied
  if not diff.empty?
    raise R509::R509Error, "This profile requires you supply "+@required.join(", ")
  end

  # the validated subject contains only those subject components that are either
  # required or optional
  R509::Subject.new(subject.to_a.select do |item|
    @required.include?(item[0]) or @optional.include?(item[0])
  end)
end