Class: CertValidator::RealOcspValidator::Extractor

Inherits:

Object

• Object
• CertValidator::RealOcspValidator::Extractor

Defined in:

lib/cert_validator/ocsp/extractor.rb

Instance Attribute Summary

• #certificate ⇒ Object readonly

  Returns the value of attribute certificate.

Instance Method Summary

• #decoded_extension ⇒ Object
• #descend_to_string(asn_data) ⇒ Object
• #endpoint ⇒ Object
• #has_ocsp_extension? ⇒ Boolean
• #initialize(cert) ⇒ Extractor constructor

  A new instance of Extractor.

• #ocsp_extension ⇒ Object
• #ocsp_extension_payload ⇒ Object

Constructor Details

#initialize(cert) ⇒ Extractor

Returns a new instance of Extractor.

# File 'lib/cert_validator/ocsp/extractor.rb', line 6

def initialize(cert)
  @certificate = cert
end

Instance Attribute Details

#certificate ⇒ Object (readonly)

Returns the value of attribute certificate.

# File 'lib/cert_validator/ocsp/extractor.rb', line 4

def certificate
  @certificate
end

Instance Method Details

#decoded_extension ⇒ Object

# File 'lib/cert_validator/ocsp/extractor.rb', line 24

def decoded_extension
  @decoded_extension ||= Asn1.new(Asn1.new(ocsp_extension).extension_payload).decode
end

#descend_to_string(asn_data) ⇒ Object

# File 'lib/cert_validator/ocsp/extractor.rb', line 38

def descend_to_string(asn_data)
  return asn_data if asn_data.is_a? String
  seen = Set.new
  current = asn_data
  loop do
    raise RecursiveExtractError.new if seen.include? current
    seen.add current
    current = current.first.value

    return current if current.is_a? String
  end
end

#endpoint ⇒ Object

# File 'lib/cert_validator/ocsp/extractor.rb', line 10

def endpoint
  return nil unless has_ocsp_extension?

  ocsp_extension_payload
end

#has_ocsp_extension? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/cert_validator/ocsp/extractor.rb', line 16

def has_ocsp_extension?
  !! (ocsp_extension && ocsp_extension_payload)
end

#ocsp_extension ⇒ Object

# File 'lib/cert_validator/ocsp/extractor.rb', line 20

def ocsp_extension
  @ocsp_extension ||= certificate.extensions.detect{ |e| e.oid == 'authorityInfoAccess' }
end

#ocsp_extension_payload ⇒ Object

# File 'lib/cert_validator/ocsp/extractor.rb', line 28

def ocsp_extension_payload
  return @ocsp_extension_payload if defined? @ocsp_extension_payload

  intermediate = decoded_extension.value.detect do |v|
    v.first.value == 'OCSP'
  end.value[1].value

  @ocsp_extension_payload = descend_to_string(intermediate)
end