Class: Xml::Kit::Certificate
- Inherits:
-
Object
- Object
- Xml::Kit::Certificate
- Includes:
- Templatable
- Defined in:
- lib/xml/kit/certificate.rb
Overview
Constant Summary collapse
- BASE64_FORMAT =
rubocop:disable Metrics/LineLength
%r(\A([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?\Z).freeze
- BEGIN_CERT =
rubocop:enable Metrics/LineLength
/-----BEGIN CERTIFICATE-----/.freeze
- END_CERT =
/-----END CERTIFICATE-----/.freeze
Instance Attribute Summary collapse
-
#use ⇒ Object
readonly
The use can be ‘:signing` or `:encryption`.
-
#value ⇒ Object
readonly
The raw certificate value.
Attributes included from Templatable
#embed_signature, #encrypt, #encryption_certificate, #signing_key_pair
Class Method Summary collapse
Instance Method Summary collapse
- #==(other) ⇒ Object
- #active?(time = Time.now) ⇒ Boolean
-
#encryption? ⇒ Boolean
Returns true if this certificate is used for encryption.
- #eql?(other) ⇒ Boolean
- #expired?(time = Time.now) ⇒ Boolean
-
#fingerprint ⇒ Xml::Kit::Fingerprint
The certificate fingerprint.
-
#for?(use) ⇒ Boolean
Returns true if this certificate is for the specified use.
- #hash ⇒ Object
-
#initialize(value, use: nil) ⇒ Certificate
constructor
A new instance of Certificate.
- #inspect ⇒ Object
- #key_info ⇒ Object
- #not_after ⇒ Object
- #not_before ⇒ Object
-
#public_key ⇒ OpenSSL::PKey::RSA
Returns the public key.
-
#signing? ⇒ Boolean
Returns true if this certificate is used for signing.
- #stripped ⇒ Object
- #to_h ⇒ Object
- #to_key_pair(private_key, passphrase: nil, use: nil) ⇒ Object
- #to_s ⇒ Object
-
#x509 ⇒ Object
Returns the x509 form.
Methods included from Templatable
#asymmetric_cipher, #encrypt_data_for, #encrypt_key_for, #encrypt_with, #encryption_for, #render, #sign_with, #signature_for, #symmetric_cipher, #to_xml
Constructor Details
#initialize(value, use: nil) ⇒ Certificate
Returns a new instance of Certificate.
21 22 23 24 |
# File 'lib/xml/kit/certificate.rb', line 21 def initialize(value, use: nil) @value = value @use = use.nil? ? use : use.downcase.to_sym end |
Instance Attribute Details
#use ⇒ Object (readonly)
The use can be ‘:signing` or `:encryption`. Use `nil` for both.
16 17 18 |
# File 'lib/xml/kit/certificate.rb', line 16 def use @use end |
#value ⇒ Object (readonly)
The raw certificate value. This can be a Base64 encoded PEM or just a PEM format.
19 20 21 |
# File 'lib/xml/kit/certificate.rb', line 19 def value @value end |
Class Method Details
.base64?(value) ⇒ Boolean
129 130 131 132 133 134 |
# File 'lib/xml/kit/certificate.rb', line 129 def base64?(value) return unless value.is_a?(String) sanitized_value = strip(value) !!sanitized_value.match(BASE64_FORMAT) end |
.strip(value) ⇒ Object
136 137 138 139 140 141 |
# File 'lib/xml/kit/certificate.rb', line 136 def strip(value) value .gsub(BEGIN_CERT, '') .gsub(END_CERT, '') .gsub(/[\r\n]|\\r|\\n|\s/, '') end |
.to_x509(value) ⇒ Object
122 123 124 125 126 127 |
# File 'lib/xml/kit/certificate.rb', line 122 def to_x509(value) return value if value.is_a?(OpenSSL::X509::Certificate) value = Base64.decode64(strip(value)) if base64?(value) OpenSSL::X509::Certificate.new(value) end |
Instance Method Details
#==(other) ⇒ Object
69 70 71 |
# File 'lib/xml/kit/certificate.rb', line 69 def ==(other) fingerprint == other.fingerprint end |
#active?(time = Time.now) ⇒ Boolean
105 106 107 |
# File 'lib/xml/kit/certificate.rb', line 105 def active?(time = Time.now) x509.not_before <= time && !expired?(time) end |
#encryption? ⇒ Boolean
Returns true if this certificate is used for encryption.
return [Boolean] true or false.
44 45 46 |
# File 'lib/xml/kit/certificate.rb', line 44 def encryption? for?(:encryption) end |
#eql?(other) ⇒ Boolean
73 74 75 |
# File 'lib/xml/kit/certificate.rb', line 73 def eql?(other) self == other end |
#expired?(time = Time.now) ⇒ Boolean
101 102 103 |
# File 'lib/xml/kit/certificate.rb', line 101 def expired?(time = Time.now) x509.not_after <= time end |
#fingerprint ⇒ Xml::Kit::Fingerprint
Returns the certificate fingerprint.
27 28 29 |
# File 'lib/xml/kit/certificate.rb', line 27 def fingerprint Fingerprint.new(value) end |
#for?(use) ⇒ Boolean
Returns true if this certificate is for the specified use.
35 36 37 38 39 |
# File 'lib/xml/kit/certificate.rb', line 35 def for?(use) return true if self.use.nil? self.use == use.to_sym end |
#hash ⇒ Object
77 78 79 |
# File 'lib/xml/kit/certificate.rb', line 77 def hash value.hash end |
#inspect ⇒ Object
89 90 91 |
# File 'lib/xml/kit/certificate.rb', line 89 def inspect to_h.inspect end |
#key_info ⇒ Object
117 118 119 |
# File 'lib/xml/kit/certificate.rb', line 117 def key_info @key_info ||= KeyInfo.new(x509: x509) end |
#not_after ⇒ Object
109 110 111 |
# File 'lib/xml/kit/certificate.rb', line 109 def not_after x509.not_after end |
#not_before ⇒ Object
113 114 115 |
# File 'lib/xml/kit/certificate.rb', line 113 def not_before x509.not_before end |
#public_key ⇒ OpenSSL::PKey::RSA
Returns the public key.
65 66 67 |
# File 'lib/xml/kit/certificate.rb', line 65 def public_key x509.public_key end |
#signing? ⇒ Boolean
Returns true if this certificate is used for signing.
return [Boolean] true or false.
51 52 53 |
# File 'lib/xml/kit/certificate.rb', line 51 def signing? for?(:signing) end |
#stripped ⇒ Object
93 94 95 |
# File 'lib/xml/kit/certificate.rb', line 93 def stripped self.class.strip(x509.to_pem) end |
#to_h ⇒ Object
85 86 87 |
# File 'lib/xml/kit/certificate.rb', line 85 def to_h { use: @use, fingerprint: fingerprint.to_s } end |
#to_key_pair(private_key, passphrase: nil, use: nil) ⇒ Object
97 98 99 |
# File 'lib/xml/kit/certificate.rb', line 97 def to_key_pair(private_key, passphrase: nil, use: nil) KeyPair.new(x509.to_pem, private_key.to_s, passphrase, use) end |
#to_s ⇒ Object
81 82 83 |
# File 'lib/xml/kit/certificate.rb', line 81 def to_s value end |
#x509 ⇒ Object
Returns the x509 form.
return [OpenSSL::X509::Certificate] the OpenSSL equivalent.
58 59 60 |
# File 'lib/xml/kit/certificate.rb', line 58 def x509 @x509 ||= self.class.to_x509(value) end |