module R509::Cert::Extensions

module to contain extension classes for R509::Cert

Constants

R509_EXTENSION_CLASSES

Public Class Methods

get_unknown_extensions(extensions) click to toggle source

Given a list of OpenSSL::X509::Extension objects, returns those without an R509 implementation.

# File lib/r509/cert/extensions/base.rb, line 37
def self.get_unknown_extensions(extensions)
  unknown_extensions = []
  extensions.each do |openssl_extension|
    match_found = false
    R509_EXTENSION_CLASSES.each do |r509_class|
      if  r509_class::OID.downcase == openssl_extension.oid.downcase
        match_found = true
        break
      end
    end
    # if we make it this far (without breaking), we didn't match
    unknown_extensions << openssl_extension unless match_found
  end

  unknown_extensions
end
names_to_h(array) click to toggle source

Takes an array of R509::ASN1::GeneralName objects and returns a hash that can be encoded to YAML (used by to_yaml methods)

# File lib/r509/cert/extensions/base.rb, line 56
def self.names_to_h(array)
  data = []
  array.each do |name|
    value = (name.value.is_a?(R509::Subject)) ? name.value.to_h : name.value
    data.push(

        :type => name.short_type,
        :value => value

    )
  end
  data
end
wrap_openssl_extensions(extensions) click to toggle source

Takes OpenSSL::X509::Extension objects and wraps each in the appropriate R509::Cert::Extensions object, and returns them in a hash. The hash is keyed with the R509 extension class. Extensions without an R509 implementation are ignored (see get_unknown_extensions).

# File lib/r509/cert/extensions/base.rb, line 17
def self.wrap_openssl_extensions(extensions)
  r509_extensions = {}
  extensions.each do |openssl_extension|
    R509_EXTENSION_CLASSES.each do |r509_class|
      if  r509_class::OID.downcase == openssl_extension.oid.downcase
        if r509_extensions.key?(r509_class)
          raise ArgumentError, "Only one extension object allowed per OID"
        end

        r509_extensions[r509_class] = r509_class.new(openssl_extension)
        break
      end
    end
  end

  r509_extensions
end

Private Class Methods

calculate_critical(critical, default) click to toggle source
# File lib/r509/cert/extensions/base.rb, line 119
def self.calculate_critical(critical, default)
  if critical.is_a?(TrueClass) || critical.is_a?(FalseClass)
    critical
  else
    default
  end
end
is_extension?(data) click to toggle source

Method attempts to determine if data being passed to an extension is already an extension/asn.1 data or not.

# File lib/r509/cert/extensions/base.rb, line 129
def self.is_extension?(data)
  return true if data.is_a?(OpenSSL::X509::Extension)
  return false unless data.is_a?(String)
  begin
    OpenSSL::X509::Extension.new(data)
    return true
  rescue
    return false
  end
end
register_class(r509_ext_class) click to toggle source

Registers a class as being an R509 certificate extension class. Registered classes are used by wrap_openssl_extensions to wrap OpenSSL extensions in R509 extensions, based on the OID.

# File lib/r509/cert/extensions/base.rb, line 114
def self.register_class(r509_ext_class)
  raise(ArgumentError, "R509 certificate extensions must have an OID") if r509_ext_class::OID.nil?
  R509_EXTENSION_CLASSES << r509_ext_class
end