Class: R509::CRL::SignedList

Inherits:

Object

• Object
• R509::CRL::SignedList

Defined in:

lib/r509/crl/signed_list.rb

Overview

Parses CRLs

Instance Attribute Summary

• #crl ⇒ Object readonly

  Returns the value of attribute crl.

• #issuer ⇒ Object readonly

  Returns the value of attribute issuer.

Class Method Summary

• .load_from_file(filename) ⇒ R509::CRL::SignedList

  Helper method to quickly load a CRL from the filesystem.

Instance Method Summary

• #initialize(crl) ⇒ SignedList constructor

  A new instance of SignedList.

• #last_update ⇒ Time

  Returns the signing time of the CRL.

• #next_update ⇒ Time

  Returns the next update time for the CRL.

• #revoked ⇒ Hash

  Hash of serial => { :time, :reason } hashes.

• #revoked?(serial) ⇒ Boolean
• #revoked_cert(serial) ⇒ Hash

  Hash with :time and :reason.

• #signature_algorithm ⇒ String
• #to_der ⇒ String

  Returns the CRL in DER format.

• #to_pem ⇒ String (also: #to_s)

  Returns the CRL in PEM format.

• #verify(public_key) ⇒ Boolean

  Pass a public key to verify that the CRL is signed by a specific certificate (call cert.public_key on that object).

• #write_der(filename_or_io) ⇒ Object

  Writes the CRL into the PEM format.

• #write_pem(filename_or_io) ⇒ Object

  Writes the CRL into the PEM format.

Constructor Details

#initialize(crl) ⇒ SignedList

Returns a new instance of SignedList

Parameters:

• crl (String, OpenSSL::X509::CRL)

# File 'lib/r509/crl/signed_list.rb', line 16

def initialize(crl)
  @crl = OpenSSL::X509::CRL.new(crl)
  @issuer = R509::Subject.new(@crl.issuer)
end

Instance Attribute Details

#crl ⇒ Object (readonly)

Returns the value of attribute crl

# File 'lib/r509/crl/signed_list.rb', line 13

def crl
  @crl
end

#issuer ⇒ Object (readonly)

Returns the value of attribute issuer

# File 'lib/r509/crl/signed_list.rb', line 13

def issuer
  @issuer
end

Class Method Details

.load_from_file(filename) ⇒ R509::CRL::SignedList

Helper method to quickly load a CRL from the filesystem

Parameters:

• filename (String) —

  Path to file you want to load

Returns:

• (R509::CRL::SignedList) —

  CRL object

# File 'lib/r509/crl/signed_list.rb', line 25

def self.load_from_file(filename)
  R509::CRL::SignedList.new(IOHelpers.read_data(filename))
end

Instance Method Details

#last_update ⇒ Time

Returns the signing time of the CRL

Returns:

• (Time) —

  when the CRL was signed

# File 'lib/r509/crl/signed_list.rb', line 53

def last_update
  @crl.last_update
end

#next_update ⇒ Time

Returns the next update time for the CRL

Returns:

• (Time) —

  when it will be updated next

# File 'lib/r509/crl/signed_list.rb', line 60

def next_update
  @crl.next_update
end

#revoked ⇒ Hash

Returns hash of serial => { :time, :reason } hashes

Returns:

• (Hash) —

  hash of serial => { :time, :reason } hashes

# File 'lib/r509/crl/signed_list.rb', line 99

def revoked
  revoked_list = {}
  @crl.revoked.each do |revoked|
    reason = get_reason(revoked)
    revoked_list[revoked.serial.to_i] = { :time => revoked.time, :reason => reason }
  end

  revoked_list
end

#revoked?(serial) ⇒ Boolean

Parameters:

• serial (Integer) —

  number

Returns:

• (Boolean)

# File 'lib/r509/crl/signed_list.rb', line 74

def revoked?(serial)
  if @crl.revoked.find { |revoked| revoked.serial == serial.to_i }
    true
  else
    false
  end
end

#revoked_cert(serial) ⇒ Hash

Returns hash with :time and :reason

Parameters:

• serial (Integer) —

  number

Returns:

• (Hash) —

  hash with :time and :reason

# File 'lib/r509/crl/signed_list.rb', line 111

def revoked_cert(serial)
  revoked = @crl.revoked.find { |r| r.serial == serial }
  if revoked
    reason = get_reason(revoked)
    { :time => revoked.time, :reason => reason }
  else
    nil
  end
end

#signature_algorithm ⇒ String

Returns:

• (String)

# File 'lib/r509/crl/signed_list.rb', line 30

def signature_algorithm
  @crl.signature_algorithm
end

#to_der ⇒ String

Returns the CRL in DER format

Returns:

• (String) —

  the CRL in DER format

# File 'lib/r509/crl/signed_list.rb', line 94

def to_der
  @crl.to_der
end

#to_pem ⇒ String Also known as: to_s

Returns the CRL in PEM format

Returns:

• (String) —

  the CRL in PEM format

# File 'lib/r509/crl/signed_list.rb', line 85

def to_pem
  @crl.to_pem
end

#verify(public_key) ⇒ Boolean

Pass a public key to verify that the CRL is signed by a specific certificate (call cert.public_key on that object)

Parameters:

• public_key (OpenSSL::PKey::PKey)

Returns:

• (Boolean)

# File 'lib/r509/crl/signed_list.rb', line 68

def verify(public_key)
  @crl.verify(public_key)
end

#write_der(filename_or_io) ⇒ Object

Writes the CRL into the PEM format

Parameters:

• filename_or_io (String, #write) —

  Either a string of the path for the file that you'd like to write, or an IO-like object.

# File 'lib/r509/crl/signed_list.rb', line 46

def write_der(filename_or_io)
  write_data(filename_or_io, @crl.to_der)
end

#write_pem(filename_or_io) ⇒ Object

Writes the CRL into the PEM format

Parameters:

• filename_or_io (String, #write) —

  Either a string of the path for the file that you'd like to write, or an IO-like object.

# File 'lib/r509/crl/signed_list.rb', line 38

def write_pem(filename_or_io)
  write_data(filename_or_io, @crl.to_pem)
end