Class: R509::Cert::Extensions::BasicConstraints

Inherits:
OpenSSL::X509::Extension
  • Object
show all
Defined in:
lib/r509/cert/extensions.rb

Overview

Implements the BasicConstraints certificate extension, with methods to provide access to the components and meaning of the extension's contents.

Constant Summary

OID =

friendly name for BasicConstraints OID

"basicConstraints"

Instance Attribute Summary (collapse)

Instance Method Summary (collapse)

Constructor Details

- (BasicConstraints) initialize(*args)

See OpenSSL::X509::Extension#initialize



33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/r509/cert/extensions.rb', line 33

def initialize(*args)
  super(*args)

  data = R509::ASN1.get_extension_payload(self)
  @is_ca = false
  #   BasicConstraints ::= SEQUENCE {
  #        cA                      BOOLEAN DEFAULT FALSE,
  #        pathLenConstraint       INTEGER (0..MAX) OPTIONAL }
  data.entries.each do |entry|
    if entry.kind_of?(OpenSSL::ASN1::Boolean)
      # since the boolean is optional it may not be present
      @is_ca = entry.value
    else
      # There are only two kinds of entries permitted so anything
      # else is an integer pathlength
      @path_length = entry.value
    end
  end
end

Instance Attribute Details

- (Object) path_length (readonly)

Returns the value of attribute path_length



30
31
32
 
# File 'lib/r509/cert/extensions.rb', line 30

def path_length
  @path_length
end

Instance Method Details

- (Boolean) allows_sub_ca?

Returns true if the path length allows this certificate to be used to create subordinate signing certificates beneath it. Does not check if there is a pathlen restriction in the cert chain above the current cert

Returns:

  • (Boolean) 


60
61
62
63
 
# File 'lib/r509/cert/extensions.rb', line 60

def allows_sub_ca?()
  return false if @path_length.nil?
  return @path_length > 0
end

- (Boolean) is_ca?

Returns:

  • (Boolean) 


53
54
55
 
# File 'lib/r509/cert/extensions.rb', line 53

def is_ca?()
  return @is_ca == true
end