Class: Ccrypto::X509CSR

Inherits:
Object
  • Object
show all
Includes:
TR::CondUtils, TeLogger::TeLogHelper
Defined in:
lib/ccrypto/ruby/ext/x509_csr.rb

Instance Method Summary collapse

Constructor Details

#initialize(csr) ⇒ X509CSR

Returns a new instance of X509CSR.



10
11
12
 
# File 'lib/ccrypto/ruby/ext/x509_csr.rb', line 10

def initialize(csr)
  @nativeCSR = csr
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(mtd, *args, &block) ⇒ Object 



35
36
37
 
# File 'lib/ccrypto/ruby/ext/x509_csr.rb', line 35

def method_missing(mtd, *args, &block)
  @nativeCSR.send(mtd, *args, &block)
end

Instance Method Details

#csr_infoObject 



39
40
41
42
43
44
 
# File 'lib/ccrypto/ruby/ext/x509_csr.rb', line 39

def csr_info
  if @csrInfo.nil?
    @csrInfo = parseCSR(@nativeCSR)
  end
  @csrInfo
end

#equal?(csr) ⇒ Boolean

Returns:

  • (Boolean) 


18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'lib/ccrypto/ruby/ext/x509_csr.rb', line 18

def equal?(csr)
  if not_empty?(csr)
    case csr
    when String
      @nativeCSR.to_der == csr
    when OpenSSL::X509::Request
      @nativeCSR.to_der == csr.to_der
    when Ccrypto::X509CSR
      @nativeCSR.to_der == csr.to_bin
    else
      raise X509CSRException, "Unknown CSR type #{csr.class}"
    end
  else 
    @nativeCSR == csr
  end
end

#parseCSR(csrBin) ⇒ Object

Raises:

  • (X509CSRSignatureInvalid) 


46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
 
# File 'lib/ccrypto/ruby/ext/x509_csr.rb', line 46

def parseCSR(csrBin)

  case csrBin
  when String
    csr = OpenSSL::X509::Request.new(csrBin)
  when Ccrypto::X509CSR
    csr = csrBin.nativeCSR
  else
    raise X509CSREngineException, "Unknown CSR to parse #{csrBin}"
  end

  raise X509CSRSignatureInvalid, "CSR signature is not valid!" if not csr.verify(csr.public_key)

  certProf = Ccrypto::X509::CertProfile.new

  csr.subject.to_a.each do |k,v,a|
    case k
    when "CN"
      certProf.owner_name = v
    when "O"
      certProf.org = v
    when "OU"
      certProf.org_unit = v
    when "emailAddress"
      certProf.email = v
    end
  end

  certProf.public_key = csr.public_key 
  csr.attributes.each do |att|
    teLogger.debug "Processing attribute ID #{att.oid}"
    #p att.oid
    #p att.value

    att.value.each do |v|
      case v
      when OpenSSL::ASN1::Sequence
        v.value.each do |vv|
          #p vv.value[0]
          #p vv.value[1]
          tv = OpenSSL::ASN1.decode(vv.value[1].value)
          case tv
          when OpenSSL::ASN1::Sequence
            tvv = tv.to_a
            tvv.each do |tt|
              case tt.tag
              when 1
                # email
                certProf.email = tt.value
              when 2
                # dns
                certProf.dns_name = tt.value
              when 6
                # uri
                certProf.uri = tt.value
              when 7
                # ip address
                v = tt.value
                case v.size
                when 4
                  ip = v.unpack('C*').join('.')
                when 6
                  ip = v.unpack('n*').map { |o| sprintf("%X", o) }.join(':')
                else
                  raise X509EngineException, "Neither IPv4 or IPv6 is given as IP address attributes"
                end
                certProf.ip_addr = ip

              else
                raise X509EngineException, "Unsupported CSR attributes value #{tt.tag}"
              end
              #p tt.tag
              #p tt.value
            end

          when OpenSSL::ASN1::OctetString
            ## custom extension

            certProf.custom_extension[vv.value[0].value] = { value: vv.value[1].value, type: :string, critical: false }
            #cert.add_extension(OpenSSL::X509::Extension.new(vv.value[0].value,vv.value[1].value, false))

          else
            teLogger.error "Unsupported extension type #{tv.class} in target CSR"
            #raise X509EngineException, "Unknown extension type #{tv.class}"
          end
        end

      when OpenSSL::ASN1::OctetString
      #  ## custom attributes
      #  cert.add_extension(OpenSSL::X509::Extension.new(att.oid,v.value, false))

      #  certProf.custom_attributes[att.oid] = { value: v.value, type: :string }
        certProf.custom_extension[att.oid] = { value: v.value, type: :string, critical: false }

      else
        #raise X509EngineException, "Given attribute #{att.oid} has value of type #{v.class}. Not able to handle"
        teLogger.error "Given attribute #{att.oid} has value of type #{v.class}. Not able to handle"
      end
    end

  end

  certProf

end

#to_binObject 



14
15
16
 
# File 'lib/ccrypto/ruby/ext/x509_csr.rb', line 14

def to_bin
  @nativeCSR.to_der
end