Class: Sigstore::Internal::X509::Extension

Inherits:

Object

• Object
• Sigstore::Internal::X509::Extension

Defined in:

lib/sigstore/internal/x509.rb

Direct Known Subclasses

BasicConstraints, ExtendedKeyUsage, FulcioIssuer, KeyUsage, PrecertificateSignedCertificateTimestamps, SubjectAlternativeName, SubjectKeyIdentifier

Defined Under Namespace

Classes: BasicConstraints, ExtendedKeyUsage, FulcioIssuer, KeyUsage, PrecertificateSignedCertificateTimestamps, SubjectAlternativeName, SubjectKeyIdentifier

Class Attribute Summary

• .oid ⇒ Object

  Returns the value of attribute oid.

• .schema ⇒ Object

  Returns the value of attribute schema.

Instance Method Summary

• #critical? ⇒ Boolean
• #initialize(extension) ⇒ Extension constructor

  A new instance of Extension.

• #shift_bitstring(value) ⇒ Object
• #shift_value(value, klass) ⇒ Object

Constructor Details

#initialize(extension) ⇒ Extension

Returns a new instance of Extension.

# File 'lib/sigstore/internal/x509.rb', line 229

def initialize(extension)
  @extension = extension
  value = shift_value([OpenSSL::ASN1.decode(extension.to_der)], OpenSSL::ASN1::Sequence)
  @oid = value.shift

  unless @extension.is_a?(OpenSSL::X509::Extension) && @oid.oid == self.class.oid.oid
    raise ArgumentError,
          "Invalid extension: #{@extension.inspect} is not a #{@oid.inspect} " \
          "(#{self.class} / #{self.class.oid.inspect})"
  end

  @critical = false
  @critical = value.shift.value if value.first.is_a?(OpenSSL::ASN1::Boolean)
  raise ArgumentError, "Mis-parsed the critical bit" unless @critical == @extension.critical?

  contents = shift_value(value, OpenSSL::ASN1::OctetString)
  raise ArgumentError, "Invalid extension: extra fields left in #{self}: #{value}" unless value.empty?

  parse_value(OpenSSL::ASN1.decode(contents))
rescue OpenSSL::ASN1::ASN1Error => e
  raise ArgumentError, "Invalid extension: #{e.message} for #{self.class.oid}\n#{extension.inspect}"
end

Class Attribute Details

.oid ⇒ Object

Returns the value of attribute oid.

# File 'lib/sigstore/internal/x509.rb', line 226

def oid
  @oid
end

.schema ⇒ Object

Returns the value of attribute schema.

# File 'lib/sigstore/internal/x509.rb', line 226

def schema
  @schema
end

Instance Method Details

#critical? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/sigstore/internal/x509.rb', line 252

def critical?
  @extension.critical?
end

#shift_bitstring(value) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/sigstore/internal/x509.rb', line 263

def shift_bitstring(value)
  raise ArgumentError, "Invalid bit string: #{value.inspect}" unless value.is_a?(OpenSSL::ASN1::BitString)

  value.value.each_byte.flat_map do |byte|
    [byte & 0b1000_0000 != 0, byte & 0b0100_0000 != 0, byte & 0b0010_0000 != 0, byte & 0b0001_0000 != 0,
     byte & 0b0000_1000 != 0, byte & 0b0000_0100 != 0, byte & 0b0000_0010 != 0, byte & 0b0000_0001 != 0]
  end[..-value.unused_bits.succ]
end

#shift_value(value, klass) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/sigstore/internal/x509.rb', line 256

def shift_value(value, klass)
  v = value.shift
  raise ArgumentError, "Invalid extension: #{v} is not a #{klass}" unless v.is_a?(klass)

  v.value
end