class R509::Cert::Extensions::CRLDistributionPoints

RFC 5280 Description (see: www.ietf.org/rfc/rfc5280.txt)

The CRL distribution points extension identifies how CRL information is obtained. The extension SHOULD be non-critical, but this profile RECOMMENDS support for this extension by CAs and applications. Further discussion of CRL management is contained in Section 5.

You can use this extension to parse an existing extension for easy access to the contents or create a new one.

Constants

OID

friendly name for CDP OID

Public Class Methods

new(arg) click to toggle source

This method takes a hash or an existing Extension object to parse.

@option arg :value [Array,R509::ASN1::GeneralNames] Array of hashes (see examples) or GeneralNames object @option arg :critical [Boolean] (false) @example

R509::Cert::Extensions::CRLDistributionPoints.new(
  :value => [
    { :type => "URI", :value => "http://crl.domain.com/test.crl" }
)

@example

name = R509::ASN1::GeneralName.new(:type => "URI", :value => "http://crl.domain.com/test.crl")
R509::Cert::Extensions::CRLDistributionPoints.new(
  :value => [name]
)
Calls superclass method
# File lib/r509/cert/extensions/crl_distribution_points.rb, line 38
def initialize(arg)
  unless R509::Cert::Extensions.is_extension?(arg)
    arg = build_extension(arg)
  end

  super(arg)
  parse_extension
end

Public Instance Methods

to_h() click to toggle source

@return [Hash]

# File lib/r509/cert/extensions/crl_distribution_points.rb, line 48
def to_h
  {
    :critical => self.critical?,
    :value => R509::Cert::Extensions.names_to_h(@general_names.names)
  }
end
to_yaml() click to toggle source

@return [YAML]

# File lib/r509/cert/extensions/crl_distribution_points.rb, line 56
def to_yaml
  self.to_h.to_yaml
end

Private Instance Methods

build_extension(arg) click to toggle source
# File lib/r509/cert/extensions/crl_distribution_points.rb, line 80
def build_extension(arg)
  validate_crl_distribution_points(arg)
  validate_location('crl_distribution_points', arg[:value])
  serialize = R509::ASN1::GeneralNames.new(arg[:value]).serialize_names
  ef = OpenSSL::X509::ExtensionFactory.new
  ef.config = OpenSSL::Config.parse(serialize[:conf])
  critical = R509::Cert::Extensions.calculate_critical(arg[:critical], false)
  ef.create_extension("crlDistributionPoints", serialize[:extension_string], critical)
end
parse_extension() click to toggle source
# File lib/r509/cert/extensions/crl_distribution_points.rb, line 62
def parse_extension
  @general_names = R509::ASN1::GeneralNames.new
  data = R509::ASN1.get_extension_payload(self)
  data.entries.each do |distribution_point|
    #   DistributionPoint ::= SEQUENCE {
    #        distributionPoint       [0]     DistributionPointName OPTIONAL,
    #        reasons                 [1]     ReasonFlags OPTIONAL,
    #        cRLIssuer               [2]     GeneralNames OPTIONAL }
    #   DistributionPointName ::= CHOICE {
    #        fullName                [0]     GeneralNames,
    #        nameRelativeToCRLIssuer [1]     RelativeDistinguishedName }
    # We're only going to handle DistributionPointName [0] for now
    # so grab entries[0] and then get the fullName with value[0]
    # and the value of that ASN1Data with value[0] again
    @general_names.add_item(distribution_point.entries[0].value[0].value[0])
  end
end
validate_crl_distribution_points(arg) click to toggle source
# File lib/r509/cert/extensions/crl_distribution_points.rb, line 90
def validate_crl_distribution_points(arg)
  raise ArgumentError, "You must pass a hash with a :value key" unless arg.is_a?(Hash)
end