Module: R509::Cert::Extensions

Defined in:: lib/r509/cert/extensions/base.rb,
lib/r509/cert/extensions/key_usage.rb,
lib/r509/cert/extensions/ocsp_no_check.rb,
lib/r509/cert/extensions/name_constraints.rb,
lib/r509/cert/extensions/validation_mixin.rb,
lib/r509/cert/extensions/basic_constraints.rb,
lib/r509/cert/extensions/extended_key_usage.rb,
lib/r509/cert/extensions/policy_constraints.rb,
lib/r509/cert/extensions/inhibit_any_policy.rb,
lib/r509/cert/extensions/certificate_policies.rb,
lib/r509/cert/extensions/authority_info_access.rb,
lib/r509/cert/extensions/subject_key_identifier.rb,
lib/r509/cert/extensions/crl_distribution_points.rb,
lib/r509/cert/extensions/subject_alternative_name.rb,
lib/r509/cert/extensions/authority_key_identifier.rb

Overview

module to contain extension classes for R509::Cert

Defined Under Namespace

Modules: GeneralNamesMixin, ValidationMixin Classes: AuthorityInfoAccess, AuthorityKeyIdentifier, BasicConstraints, CRLDistributionPoints, CertificatePolicies, ExtendedKeyUsage, InhibitAnyPolicy, KeyUsage, NameConstraints, NoticeReference, OCSPNoCheck, PolicyConstraints, PolicyInformation, PolicyQualifiers, SubjectAlternativeName, SubjectKeyIdentifier, UserNotice

Constant Summary

Class Method Summary (collapse)

+ (Object) get_unknown_extensions(extensions)

Given a list of OpenSSL::X509::Extension objects, returns those without an R509 implementation.
+ (Object) names_to_h(array)

Takes an array of R509::ASN1::GeneralName objects and returns a hash that can be encoded to YAML (used by #to_yaml methods).
+ (Object) wrap_openssl_extensions(extensions)

Takes OpenSSL::X509::Extension objects and wraps each in the appropriate R509::Cert::Extensions object, and returns them in a hash.

Class Method Details

+ (`Object`) get_unknown_extensions(extensions)

Given a list of OpenSSL::X509::Extension objects, returns those without an R509 implementation.

# File 'lib/r509/cert/extensions/base.rb', line 37

def self.get_unknown_extensions( extensions )
  unknown_extensions = []
  extensions.each do |openssl_extension|
    match_found = false
    R509_EXTENSION_CLASSES.each do |r509_class|
      if ( r509_class::OID.downcase == openssl_extension.oid.downcase )
        match_found = true
        break
      end
    end
    # if we make it this far (without breaking), we didn't match
    unknown_extensions << openssl_extension unless match_found
  end

  return unknown_extensions
end

+ (`Object`) names_to_h(array)

Takes an array of R509::ASN1::GeneralName objects and returns a hash that can be encoded to YAML (used by #to_yaml methods)

# File 'lib/r509/cert/extensions/base.rb', line 57

def self.names_to_h(array)
  data = []
  array.each do |name|
    value = (name.value.kind_of?(R509::Subject))? name.value.to_h : name.value
    data.push(
      {
        :type => name.short_type,
        :value => value
      }
    )
  end
  data
end

+ (`Object`) wrap_openssl_extensions(extensions)

Takes OpenSSL::X509::Extension objects and wraps each in the appropriate R509::Cert::Extensions object, and returns them in a hash. The hash is keyed with the R509 extension class. Extensions without an R509 implementation are ignored (see #get_unknown_extensions).

# File 'lib/r509/cert/extensions/base.rb', line 17

def self.wrap_openssl_extensions( extensions )
  r509_extensions = {}
  extensions.each do |openssl_extension|
    R509_EXTENSION_CLASSES.each do |r509_class|
      if ( r509_class::OID.downcase == openssl_extension.oid.downcase )
        if r509_extensions.has_key?(r509_class)
          raise ArgumentError.new("Only one extension object allowed per OID")
        end

        r509_extensions[r509_class] = r509_class.new( openssl_extension )
        break
      end
    end
  end

  return r509_extensions
end