Class: Xml::Kit::Certificate

Inherits:
Object
  • Object
show all
Defined in:
lib/xml/kit/certificate.rb

Overview

Constant Summary collapse

BASE64_FORMAT = 
%r(\A([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?\Z)
BEGIN_CERT = 
/-----BEGIN CERTIFICATE-----/
END_CERT = 
/-----END CERTIFICATE-----/

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(value, use: nil) ⇒ Certificate

Returns a new instance of Certificate.



16
17
18
19
 
# File 'lib/xml/kit/certificate.rb', line 16

def initialize(value, use: nil)
  @value = value
  @use = use.nil? ? use : use.downcase.to_sym
end

Instance Attribute Details

#useObject (readonly)

The use can be ‘:signing` or `:encryption`. Use `nil` for both.



11
12
13
 
# File 'lib/xml/kit/certificate.rb', line 11

def use
  @use
end

#valueObject (readonly)

The raw certificate value. This can be a Base64 encoded PEM or just a PEM format.



14
15
16
 
# File 'lib/xml/kit/certificate.rb', line 14

def value
  @value
end

Class Method Details

.base64?(value) ⇒ Boolean

Returns:

  • (Boolean) 


124
125
126
127
128
129
 
# File 'lib/xml/kit/certificate.rb', line 124

def base64?(value)
  return unless value.is_a?(String)

  sanitized_value = strip(value)
  !!sanitized_value.match(BASE64_FORMAT)
end

.strip(value) ⇒ Object 



131
132
133
134
135
136
 
# File 'lib/xml/kit/certificate.rb', line 131

def strip(value)
  value
    .gsub(BEGIN_CERT, '')
    .gsub(END_CERT, '')
    .gsub(/[\r\n]|\\r|\\n|\s/, '')
end

.to_x509(value) ⇒ Object 



117
118
119
120
121
122
 
# File 'lib/xml/kit/certificate.rb', line 117

def to_x509(value)
  return value if value.is_a?(OpenSSL::X509::Certificate)

  value = Base64.decode64(strip(value)) if base64?(value)
  OpenSSL::X509::Certificate.new(value)
end

Instance Method Details

#==(other) ⇒ Object 



63
64
65
 
# File 'lib/xml/kit/certificate.rb', line 63

def ==(other)
  fingerprint == other.fingerprint
end

#active?(time = Time.now) ⇒ Boolean

Returns:

  • (Boolean) 


99
100
101
 
# File 'lib/xml/kit/certificate.rb', line 99

def active?(time = Time.now)
  x509.not_before <= time && !expired?(time)
end

#encryption?Boolean

Returns true if this certificate is used for encryption.

return [Boolean] true or false.

Returns:

  • (Boolean) 


38
39
40
 
# File 'lib/xml/kit/certificate.rb', line 38

def encryption?
  for?(:encryption)
end

#eql?(other) ⇒ Boolean

Returns:

  • (Boolean) 


67
68
69
 
# File 'lib/xml/kit/certificate.rb', line 67

def eql?(other)
  self == other
end

#expired?(time = Time.now) ⇒ Boolean

Returns:

  • (Boolean) 


95
96
97
 
# File 'lib/xml/kit/certificate.rb', line 95

def expired?(time = Time.now)
  x509.not_after <= time
end

#fingerprintXml::Kit::Fingerprint

Returns the certificate fingerprint.

Returns:



22
23
24
 
# File 'lib/xml/kit/certificate.rb', line 22

def fingerprint
  Fingerprint.new(value)
end

#for?(use) ⇒ Boolean

Returns true if this certificate is for the specified use.

Parameters:

  • use (Symbol)

    ‘:signing` or `:encryption`.

Returns:

  • (Boolean)

    true or false.



30
31
32
33
 
# File 'lib/xml/kit/certificate.rb', line 30

def for?(use)
  return true if self.use.nil?
  self.use == use.to_sym
end

#hashObject 



71
72
73
 
# File 'lib/xml/kit/certificate.rb', line 71

def hash
  value.hash
end

#inspectObject 



83
84
85
 
# File 'lib/xml/kit/certificate.rb', line 83

def inspect
  to_h.inspect
end

#not_afterObject 



103
104
105
 
# File 'lib/xml/kit/certificate.rb', line 103

def not_after
  x509.not_after
end

#not_beforeObject 



107
108
109
 
# File 'lib/xml/kit/certificate.rb', line 107

def not_before
  x509.not_before
end

#public_keyOpenSSL::PKey::RSA

Returns the public key.

Returns:

  • (OpenSSL::PKey::RSA)

    the RSA public key.



59
60
61
 
# File 'lib/xml/kit/certificate.rb', line 59

def public_key
  x509.public_key
end

#signing?Boolean

Returns true if this certificate is used for signing.

return [Boolean] true or false.

Returns:

  • (Boolean) 


45
46
47
 
# File 'lib/xml/kit/certificate.rb', line 45

def signing?
  for?(:signing)
end

#strippedObject 



87
88
89
 
# File 'lib/xml/kit/certificate.rb', line 87

def stripped
  self.class.strip(x509.to_pem)
end

#to_hObject 



79
80
81
 
# File 'lib/xml/kit/certificate.rb', line 79

def to_h
  { use: @use, fingerprint: fingerprint.to_s }
end

#to_key_pair(private_key, passphrase: nil, use: nil) ⇒ Object 



91
92
93
 
# File 'lib/xml/kit/certificate.rb', line 91

def to_key_pair(private_key, passphrase: nil, use: nil)
  KeyPair.new(x509.to_pem, private_key.to_s, passphrase, use)
end

#to_sObject 



75
76
77
 
# File 'lib/xml/kit/certificate.rb', line 75

def to_s
  value
end

#to_xml(pretty: false, xml: ::Builder::XmlMarkup.new) ⇒ Object 



111
112
113
114
 
# File 'lib/xml/kit/certificate.rb', line 111

def to_xml(pretty: false, xml: ::Builder::XmlMarkup.new)
  xml = ::Xml::Kit::Template.new(self).to_xml(xml: xml)
  pretty ? Nokogiri::XML(xml).to_xml(indent: 2) : xml
end

#x509Object

Returns the x509 form.

return [OpenSSL::X509::Certificate] the OpenSSL equivalent.



52
53
54
 
# File 'lib/xml/kit/certificate.rb', line 52

def x509
  @x509 ||= self.class.to_x509(value)
end