Class: R509::Config::CertProfile

Inherits:

Object

• Object
• R509::Config::CertProfile

Defined in:

lib/r509/config/cert_profile.rb

Overview

Provides access to configuration profiles

Instance Attribute Summary

• #allowed_mds ⇒ Object readonly

  Returns the value of attribute allowed_mds.

• #authority_info_access ⇒ Object readonly

  Returns the value of attribute authority_info_access.

• #basic_constraints ⇒ Object readonly

  Returns the value of attribute basic_constraints.

• #certificate_policies ⇒ Object readonly

  Returns the value of attribute certificate_policies.

• #crl_distribution_points ⇒ Object readonly

  Returns the value of attribute crl_distribution_points.

• #default_md ⇒ Object readonly

  Returns the value of attribute default_md.

• #extended_key_usage ⇒ Object readonly

  Returns the value of attribute extended_key_usage.

• #inhibit_any_policy ⇒ Object readonly

  Returns the value of attribute inhibit_any_policy.

• #key_usage ⇒ Object readonly

  Returns the value of attribute key_usage.

• #name_constraints ⇒ Object readonly

  Returns the value of attribute name_constraints.

• #ocsp_no_check ⇒ Object readonly

  Returns the value of attribute ocsp_no_check.

• #policy_constraints ⇒ Object readonly

  Returns the value of attribute policy_constraints.

• #subject_item_policy ⇒ Object readonly

  Returns the value of attribute subject_item_policy.

Instance Method Summary

• #initialize(opts = {}) ⇒ CertProfile constructor

  All hash options for CertProfile are optional.

• #to_h ⇒ Hash
• #to_yaml ⇒ YAML

Constructor Details

#initialize(opts = {}) ⇒ CertProfile

All hash options for CertProfile are optional.

Parameters:

• opts (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (opts):

• :basic_constraints (Hash)
• :key_usage (Hash)
• :extended_key_usage (Hash)
• :certificate_policies (Hash)
• :ocsp_no_check (Boolean) —

  Sets OCSP No Check extension in the certificate if true

• :inhibit_any_policy (Hash) —

  Sets the value of the inhibitAnyPolicy extension

• :policy_constraints (Hash) —

  Sets the value of the policyConstraints extension

• :authority_info_access (Hash)
• :crl_distribution_points (Hash)
• :name_constraints (Hash) —

  Sets the value of the nameConstraints extension

• :subject_item_policy (R509::Config::SubjectItemPolicy)
• :default_md (String) — default: SHA256 —

  The hashing algorithm to use.

• :allowed_mds (Array) — default: nil —

  Array of allowed hashes. default_md will be automatically added to this list if it isn't already listed.

# File 'lib/r509/config/cert_profile.rb', line 37

def initialize(opts = {})
  @basic_constraints = R509::Cert::Extensions::BasicConstraints.new(opts[:basic_constraints]) unless opts[:basic_constraints].nil?
  @key_usage = R509::Cert::Extensions::KeyUsage.new(opts[:key_usage]) unless opts[:key_usage].nil?
  @extended_key_usage = R509::Cert::Extensions::ExtendedKeyUsage.new(opts[:extended_key_usage]) unless opts[:extended_key_usage].nil?
  @certificate_policies = R509::Cert::Extensions::CertificatePolicies.new(opts[:certificate_policies]) unless opts[:certificate_policies].nil?
  @inhibit_any_policy = R509::Cert::Extensions::InhibitAnyPolicy.new(opts[:inhibit_any_policy]) unless opts[:inhibit_any_policy].nil?
  @policy_constraints = R509::Cert::Extensions::PolicyConstraints.new(opts[:policy_constraints]) unless opts[:policy_constraints].nil?
  @name_constraints = R509::Cert::Extensions::NameConstraints.new(opts[:name_constraints]) unless opts[:name_constraints].nil?
  @ocsp_no_check = R509::Cert::Extensions::OCSPNoCheck.new(opts[:ocsp_no_check]) unless opts[:ocsp_no_check].nil?
  @authority_info_access = R509::Cert::Extensions::AuthorityInfoAccess.new(opts[:authority_info_access]) unless opts[:authority_info_access].nil?
  @crl_distribution_points = R509::Cert::Extensions::CRLDistributionPoints.new(opts[:crl_distribution_points]) unless opts[:crl_distribution_points].nil?
  @subject_item_policy = validate_subject_item_policy(opts[:subject_item_policy])
  @default_md = validate_md(opts[:default_md] || R509::MessageDigest::DEFAULT_MD)
  @allowed_mds = validate_allowed_mds(opts[:allowed_mds])
end

Instance Attribute Details

#allowed_mds ⇒ Object (readonly)

Returns the value of attribute allowed_mds

# File 'lib/r509/config/cert_profile.rb', line 16

def allowed_mds
  @allowed_mds
end

#authority_info_access ⇒ Object (readonly)

Returns the value of attribute authority_info_access

# File 'lib/r509/config/cert_profile.rb', line 16

def authority_info_access
  @authority_info_access
end

#basic_constraints ⇒ Object (readonly)

Returns the value of attribute basic_constraints

# File 'lib/r509/config/cert_profile.rb', line 16

def basic_constraints
  @basic_constraints
end

#certificate_policies ⇒ Object (readonly)

Returns the value of attribute certificate_policies

# File 'lib/r509/config/cert_profile.rb', line 16

def certificate_policies
  @certificate_policies
end

#crl_distribution_points ⇒ Object (readonly)

Returns the value of attribute crl_distribution_points

# File 'lib/r509/config/cert_profile.rb', line 16

def crl_distribution_points
  @crl_distribution_points
end

#default_md ⇒ Object (readonly)

Returns the value of attribute default_md

# File 'lib/r509/config/cert_profile.rb', line 16

def default_md
  @default_md
end

#extended_key_usage ⇒ Object (readonly)

Returns the value of attribute extended_key_usage

# File 'lib/r509/config/cert_profile.rb', line 16

def extended_key_usage
  @extended_key_usage
end

#inhibit_any_policy ⇒ Object (readonly)

Returns the value of attribute inhibit_any_policy

# File 'lib/r509/config/cert_profile.rb', line 16

def inhibit_any_policy
  @inhibit_any_policy
end

#key_usage ⇒ Object (readonly)

Returns the value of attribute key_usage

# File 'lib/r509/config/cert_profile.rb', line 16

def key_usage
  @key_usage
end

#name_constraints ⇒ Object (readonly)

Returns the value of attribute name_constraints

# File 'lib/r509/config/cert_profile.rb', line 16

def name_constraints
  @name_constraints
end

#ocsp_no_check ⇒ Object (readonly)

Returns the value of attribute ocsp_no_check

# File 'lib/r509/config/cert_profile.rb', line 16

def ocsp_no_check
  @ocsp_no_check
end

#policy_constraints ⇒ Object (readonly)

Returns the value of attribute policy_constraints

# File 'lib/r509/config/cert_profile.rb', line 16

def policy_constraints
  @policy_constraints
end

#subject_item_policy ⇒ Object (readonly)

Returns the value of attribute subject_item_policy

# File 'lib/r509/config/cert_profile.rb', line 16

def subject_item_policy
  @subject_item_policy
end

Instance Method Details

#to_h ⇒ Hash

Returns:

• (Hash)

# File 'lib/r509/config/cert_profile.rb', line 54

def to_h
  hash = {}
  hash["basic_constraints"] = @basic_constraints.to_h unless @basic_constraints.nil?
  hash["key_usage"] = @key_usage.to_h unless @key_usage.nil?
  hash["extended_key_usage"] = @extended_key_usage.to_h unless @extended_key_usage.nil?
  hash["certificate_policies"] = @certificate_policies.to_h unless @certificate_policies.nil?
  hash["inhibit_any_policy"] = @inhibit_any_policy.to_h unless @inhibit_any_policy.nil?
  hash["policy_constraints"] = @policy_constraints.to_h unless @policy_constraints.nil?
  hash["name_constraints"] = @name_constraints.to_h unless @name_constraints.nil?
  hash["ocsp_no_check"] = @ocsp_no_check.to_h unless @ocsp_no_check.nil?
  hash["authority_info_access"] = @authority_info_access.to_h unless @authority_info_access.nil?
  hash["crl_distribution_points"] = @crl_distribution_points.to_h unless @crl_distribution_points.nil?
  hash["subject_item_policy"] = @subject_item_policy.to_h unless @subject_item_policy.nil?
  hash["default_md"] = @default_md unless @default_md.nil?
  hash["allowed_mds"] = @allowed_mds unless @allowed_mds.nil?
  hash
end

#to_yaml ⇒ YAML

Returns:

• (YAML)

# File 'lib/r509/config/cert_profile.rb', line 73

def to_yaml
  self.to_h.to_yaml
end