Class: CertificateAuthority::Extensions::BasicConstraints

Inherits:

Object

• Object
• CertificateAuthority::Extensions::BasicConstraints

Includes:

ExtensionAPI, Validations

Defined in:

lib/certificate_authority/extensions.rb

Overview

Specifies whether an X.509v3 certificate can act as a CA, signing other certificates to be verified. If set, a path length constraint can also be specified. Reference: Section 4.2.1.10 of RFC3280 tools.ietf.org/html/rfc3280#section-4.2.1.10

Constant Summary

OPENSSL_IDENTIFIER =

"basicConstraints"

Instance Attribute Summary

• #ca ⇒ Object

  Returns the value of attribute ca.

• #critical ⇒ Object

  Returns the value of attribute critical.

• #path_len ⇒ Object

  Returns the value of attribute path_len.

Class Method Summary

• .parse(value, critical) ⇒ Object

Instance Method Summary

• #==(o) ⇒ Object
• #initialize ⇒ BasicConstraints constructor

  A new instance of BasicConstraints.

• #is_ca? ⇒ Boolean
• #openssl_identifier ⇒ Object
• #to_s ⇒ Object
• #validate ⇒ Object

Methods included from Validations

#errors, #valid?

Methods included from ExtensionAPI

#config_extensions

Constructor Details

#initialize ⇒ BasicConstraints

Returns a new instance of BasicConstraints.

# File 'lib/certificate_authority/extensions.rb', line 49

def initialize
  @critical = false
  @ca = false
end

Instance Attribute Details

#ca ⇒ Object

Returns the value of attribute ca.

# File 'lib/certificate_authority/extensions.rb', line 37

def ca
  @ca
end

#critical ⇒ Object

Returns the value of attribute critical.

# File 'lib/certificate_authority/extensions.rb', line 36

def critical
  @critical
end

#path_len ⇒ Object

Returns the value of attribute path_len.

# File 'lib/certificate_authority/extensions.rb', line 38

def path_len
  @path_len
end

Class Method Details

.parse(value, critical) ⇒ Object

# File 'lib/certificate_authority/extensions.rb', line 78

def self.parse(value, critical)
  obj = self.new
  return obj if value.nil?
  obj.critical = critical
  value.split(/,\s*/).each do |v|
    c = v.split(':', 2)
    obj.ca = (c.last.upcase == "TRUE") if c.first == "CA"
    obj.path_len = c.last.to_i if c.first == "pathlen"
  end
  obj
end

Instance Method Details

#==(o) ⇒ Object

# File 'lib/certificate_authority/extensions.rb', line 74

def ==(o)
  o.class == self.class && o.state == state
end

#is_ca? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/certificate_authority/extensions.rb', line 58

def is_ca?
  @ca
end

#openssl_identifier ⇒ Object

# File 'lib/certificate_authority/extensions.rb', line 54

def openssl_identifier
  OPENSSL_IDENTIFIER
end

#to_s ⇒ Object

# File 'lib/certificate_authority/extensions.rb', line 67

def to_s
  res = []
  res << "CA:#{@ca}"
  res << "pathlen:#{@path_len}" unless @path_len.nil?
  res.join(',')
end

#validate ⇒ Object

# File 'lib/certificate_authority/extensions.rb', line 40

def validate
  unless [true, false].include? self.critical
    errors.add :critical, 'must be true or false'
  end
  unless [true, false].include? self.ca
    errors.add :ca, 'must be true or false'
  end
end