Class: EzCrypto::Certificate

Inherits:

Verifier

• Object
• Verifier
• EzCrypto::Certificate

Defined in:

lib/ezsig.rb

Overview

Certificate provides functionality to make it easy to extract information from a Certificate.

This also provides all the same functionality as a Verifier.

Instance Method Summary

• #cert ⇒ Object

  Returns the OpenSSL Certificate object.

• #cert? ⇒ Boolean

  Returns true.

• #cert_digest ⇒ Object

  Returns the SHA1 hex digest of a the DER encoded certificate.

• #extensions ⇒ Object

  Returns the hash of extensions available in the certificate.

• #initialize(cert) ⇒ Certificate constructor

  Intialize with a OpenSSL cert object.

• #issuer ⇒ Object

  Returns a Name object containt the issuer of the certificate.

• #method_missing(method) ⇒ Object

  Any methods defined in Name can be used here.

• #not_after ⇒ Object

  Returns the certificates valid not after date.

• #not_before ⇒ Object

  Returns the certificates valid not before date.

• #serial ⇒ Object

  Returns the issuers serial number for this certificate.

• #subject ⇒ Object

  Returns a Name object containt the subject of the certificate.

• #valid?(time = Time.now.utc) ⇒ Boolean

  Is this certificate valid at this point in time.

Methods inherited from Verifier

decode, #digest, #dsa?, from_file, #public_key, #rsa?, #verify

Constructor Details

#initialize(cert) ⇒ Certificate

Intialize with a OpenSSL cert object.

# File 'lib/ezsig.rb', line 214

def initialize(cert)
  super(cert.public_key)
  @cert=cert
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(method) ⇒ Object

Any methods defined in Name can be used here. This means you can do cert.email rather than cert.subject.email.

# File 'lib/ezsig.rb', line 300

def method_missing(method)
  subject.send method
end

Instance Method Details

#cert ⇒ Object

Returns the OpenSSL Certificate object

# File 'lib/ezsig.rb', line 259

def cert
  @cert
end

#cert? ⇒ Boolean

Returns true

Returns:

• (Boolean)

# File 'lib/ezsig.rb', line 222

def cert?
  true
end

#cert_digest ⇒ Object

Returns the SHA1 hex digest of a the DER encoded certificate. This is useful as a unique identifier.

# File 'lib/ezsig.rb', line 229

def cert_digest
  Digest::SHA1.hexdigest(@cert.to_der)
end

#extensions ⇒ Object

Returns the hash of extensions available in the certificate. These are not always present.

# File 'lib/ezsig.rb', line 289

def extensions
  unless @extensions
    @extensions={}
    cert.extensions.each {|e| @extensions[e.oid]=e.value} if cert.extensions
  end
  @extensions
end

#issuer ⇒ Object

Returns a Name object containt the issuer of the certificate.

# File 'lib/ezsig.rb', line 244

def issuer
  @issuer=EzCrypto::Name.new(@cert.issuer) unless @issuer
  @issuer
end

#not_after ⇒ Object

Returns the certificates valid not after date.

# File 'lib/ezsig.rb', line 273

def not_after
  @cert.not_after
end

#not_before ⇒ Object

Returns the certificates valid not before date.

# File 'lib/ezsig.rb', line 266

def not_before
  @cert.not_before
end

#serial ⇒ Object

Returns the issuers serial number for this certificate

# File 'lib/ezsig.rb', line 252

def serial
  @cert.serial
end

#subject ⇒ Object

Returns a Name object containt the subject of the certificate. The subject in X509 speak is the details of the certificate owner.

# File 'lib/ezsig.rb', line 236

def subject
  @subject=EzCrypto::Name.new(@cert.subject) unless @subject
  @subject
end

#valid?(time = Time.now.utc) ⇒ Boolean

Is this certificate valid at this point in time. Note this only checks if it is valid with respect to time.

It is important to realize that it does not check with any CRL or OCSP services to see if the certificate was 
revoked.

Returns:

• (Boolean)

# File 'lib/ezsig.rb', line 282

def valid?(time=Time.now.utc)
  time.to_i>self.not_before.to_i && time.to_i<self.not_after.to_i
end