Class: R509::Cert::Extensions::ExtendedKeyUsage

Inherits:

OpenSSL::X509::Extension

• Object
• OpenSSL::X509::Extension
• R509::Cert::Extensions::ExtendedKeyUsage

show all

Includes:

ValidationMixin

Defined in:

lib/r509/cert/extensions/extended_key_usage.rb

Overview

Constant Summary

OID =

friendly name for EKU OID

"extendedKeyUsage"

AU_WEB_SERVER_AUTH =

The OpenSSL short name for TLS Web Server Authentication

"serverAuth"

AU_WEB_CLIENT_AUTH =

The OpenSSL short name for TLS Web Client Authentication

"clientAuth"

AU_CODE_SIGNING =

The OpenSSL short name for Code Signing

"codeSigning"

AU_EMAIL_PROTECTION =

The OpenSSL short name for E-mail Protection

"emailProtection"

AU_OCSP_SIGNING =

The OpenSSL short name for OCSP Signing

"OCSPSigning"

AU_TIME_STAMPING =

The OpenSSL short name for Time Stamping

"timeStamping"

AU_ANY_EXTENDED_KEY_USAGE =

The OpenSSL short name for Any Extended Key Usage

"anyExtendedKeyUsage"

Instance Attribute Summary (collapse)

• - (Array^?) allowed_uses readonly

  an array (of strings) of the extended key uses allowed.

Instance Method Summary (collapse)

• - (Boolean) allows?(friendly_use_name)

  Returns true if the given use is allowed by this extension.

• - (Boolean) any_extended_key_usage?
• - (Boolean) code_signing?
• - (Boolean) email_protection?
• - (ExtendedKeyUsage) initialize(arg) constructor

  This method takes a hash or an existing Extension object to parse.

• - (Boolean) ocsp_signing?
• - (Boolean) time_stamping?
• - (Hash) to_h
• - (YAML) to_yaml
• - (Boolean) web_client_authentication?
• - (Boolean) web_server_authentication?

serverAuth
clientAuth
codeSigning
emailProtection
OCSPSigning
timeStamping
anyExtendedKeyUsage
msCodeInd (not part of RFC 5280)
msCodeCom (not part of RFC 5280)
msCTLSign (not part of RFC 5280)
msSGC (not part of RFC 5280)
msEFS (not part of RFC 5280)
nsSGC (not part of RFC 5280)

R509::Cert::Extensions::ExtendedKeyUsage.new(
  :critical => false,
  :value => ['clientAuth,'serverAuth']
)

66
67
68
69
70
71
72
73

# File 'lib/r509/cert/extensions/extended_key_usage.rb', line 66

def initialize(arg)
  if not R509::Cert::Extensions.is_extension?(arg)
    arg = build_extension(arg)
  end

  super(arg)
  parse_extension
end

40
41
42

# File 'lib/r509/cert/extensions/extended_key_usage.rb', line 40

def allowed_uses
  @allowed_uses
end

77
78
79

# File 'lib/r509/cert/extensions/extended_key_usage.rb', line 77

def allows?( friendly_use_name )
  @allowed_uses.include?( friendly_use_name )
end

105
106
107

# File 'lib/r509/cert/extensions/extended_key_usage.rb', line 105

def any_extended_key_usage?
  (@any_extended_key_usage == true)
end

89
90
91

# File 'lib/r509/cert/extensions/extended_key_usage.rb', line 89

def code_signing?
  (@code_signing == true)
end

93
94
95

# File 'lib/r509/cert/extensions/extended_key_usage.rb', line 93

def email_protection?
  (@email_protection == true)
end

97
98
99

# File 'lib/r509/cert/extensions/extended_key_usage.rb', line 97

def ocsp_signing?
  (@ocsp_signing == true)
end

101
102
103

# File 'lib/r509/cert/extensions/extended_key_usage.rb', line 101

def time_stamping?
  (@time_stamping == true)
end

110
111
112

# File 'lib/r509/cert/extensions/extended_key_usage.rb', line 110

def to_h
  { :value => @allowed_uses, :critical => self.critical?  }
end

115
116
117

# File 'lib/r509/cert/extensions/extended_key_usage.rb', line 115

def to_yaml
  self.to_h.to_yaml
end

85
86
87

# File 'lib/r509/cert/extensions/extended_key_usage.rb', line 85

def web_client_authentication?
  (@web_client_authentication == true)
end

81
82
83

# File 'lib/r509/cert/extensions/extended_key_usage.rb', line 81

def web_server_authentication?
  (@web_server_authentication == true)
end