Class: R509::SPKI

Inherits:

Object

• Object
• R509::SPKI

Includes:

Helpers

Defined in:

lib/r509/spki.rb

Overview

class for loading/generating SPKAC/SPKI requests (typically generated by the <keygen> tag

Instance Attribute Summary

• #key ⇒ Object readonly

  Returns the value of attribute key.

• #spki ⇒ Object (also: #internal_obj) readonly

  Returns the value of attribute spki.

Instance Method Summary

• #bit_length ⇒ Integer (also: #bit_strength) included from Helpers

  Returns the bit length of the key.

• #curve_name ⇒ String included from Helpers

  Returns the short name of the elliptic curve used to generate the public key if the key is EC.

• #dsa? ⇒ Boolean included from Helpers

  Returns whether the public key is DSA.

• #ec? ⇒ Boolean included from Helpers

  Returns whether the public key is EC.

• #initialize(opts = {}) ⇒ SPKI constructor

  A new instance of SPKI.

• #key_algorithm ⇒ String included from Helpers

  Returns key algorithm (RSA/DSA/EC).

• #public_key ⇒ OpenSSL::PKey::RSA

  Public key.

• #rsa? ⇒ Boolean included from Helpers

  Returns whether the public key is RSA.

• #signature_algorithm ⇒ String

  Returns the signature algorithm (e.g., RSA-SHA1, ecdsa-with-SHA256).

• #to_der ⇒ String included from Helpers

  Converts the object into DER format.

• #to_pem ⇒ String included from Helpers

  Converts the object into PEM format.

• #verify_signature ⇒ Boolean

  Verifies the integrity of the signature on the SPKI.

• #write_der(filename_or_io) ⇒ Object included from Helpers

  Writes the object into DER format.

• #write_pem(filename_or_io) ⇒ Object included from Helpers

  Writes the object into PEM format.

Constructor Details

#initialize(opts = {}) ⇒ SPKI

Returns a new instance of SPKI

Parameters:

• opts (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (opts):

• :spki (String, OpenSSL::Netscape::SPKI) —

  the spki you want to parse

• :key (R509::PrivateKey, String) —

  optional private key to supply. either an unencrypted PEM/DER string or an R509::PrivateKey object (use the latter if you need password/hardware support). if supplied you do not need to pass an spki.

• :message_digest (String) —

  Optional digest. sha1, sha224, sha256, sha384, sha512, md5. Defaults to sha256. Only used if you supply a :key and no :spki

# File 'lib/r509/spki.rb', line 16

def initialize(opts = {})
  if !opts.is_a?(Hash)
    raise ArgumentError, 'Must provide a hash of options'
  elsif !opts.key?(:spki) && !opts.key?(:key)
    raise ArgumentError, 'Must provide either :spki or :key'
  end

  @key = load_private_key(opts)

  if opts.key?(:spki)
    @spki = parse_spki(opts[:spki])
  else
    # create the SPKI from the private key if it wasn't passed in
    @spki = build_spki(opts[:message_digest])
  end
end

Instance Attribute Details

#key ⇒ Object (readonly)

Returns the value of attribute key

# File 'lib/r509/spki.rb', line 12

def key
  @key
end

#spki ⇒ Object (readonly) Also known as: internal_obj

Returns the value of attribute spki

# File 'lib/r509/spki.rb', line 12

def spki
  @spki
end

Instance Method Details

#bit_length ⇒ Integer Also known as: bit_strength Originally defined in module Helpers

Returns the bit length of the key

Returns:

• (Integer) —

  the integer bit length.

#curve_name ⇒ String Originally defined in module Helpers

Returns the short name of the elliptic curve used to generate the public key if the key is EC. If not, raises an error.

Returns:

• (String) —

  elliptic curve name

#dsa? ⇒ Boolean Originally defined in module Helpers

Returns whether the public key is DSA

Returns:

• (Boolean) —

  true if the public key is DSA, false otherwise

#ec? ⇒ Boolean Originally defined in module Helpers

Returns whether the public key is EC

Returns:

• (Boolean) —

  true if the public key is EC, false otherwise

#key_algorithm ⇒ String Originally defined in module Helpers

Returns key algorithm (RSA/DSA/EC)

Returns:

• (String) —

  value of the key algorithm.

#public_key ⇒ OpenSSL::PKey::RSA

Returns public key

Returns:

• (OpenSSL::PKey::RSA) —

  public key

# File 'lib/r509/spki.rb', line 34

def public_key
  @spki.public_key
end

#rsa? ⇒ Boolean Originally defined in module Helpers

Returns whether the public key is RSA

Returns:

• (Boolean) —

  true if the public key is RSA, false otherwise

#signature_algorithm ⇒ String

Returns the signature algorithm (e.g., RSA-SHA1, ecdsa-with-SHA256)

Returns:

• (String) —

  signature algorithm string

# File 'lib/r509/spki.rb', line 49

def signature_algorithm
  data = OpenSSL::ASN1.decode(self.to_der)
  data.entries[1].value.entries[0].value
end

#to_der ⇒ String Originally defined in module Helpers

Converts the object into DER format

Returns:

• (String) —

  the object converted into DER format.

#to_pem ⇒ String Originally defined in module Helpers

Converts the object into PEM format

Returns:

• (String) —

  the object converted into PEM format.

#verify_signature ⇒ Boolean

Verifies the integrity of the signature on the SPKI

Returns:

• (Boolean)

# File 'lib/r509/spki.rb', line 40

def verify_signature
  @spki.verify(public_key)
end

#write_der(filename_or_io) ⇒ Object Originally defined in module Helpers

Writes the object into DER format

Parameters:

• filename_or_io (String, #write) —

  Either a string of the path for the file that you'd like to write, or an IO-like object.

#write_pem(filename_or_io) ⇒ Object Originally defined in module Helpers

Writes the object into PEM format

Parameters:

• filename_or_io (String, #write) —

  Either a string of the path for the file that you'd like to write, or an IO-like object.