Class: Serverspec::Type::X509Certificate
- Inherits:
-
Base
- Object
- Base
- Serverspec::Type::X509Certificate
show all
- Defined in:
- lib/serverspec/type/x509_certificate.rb
Instance Attribute Summary
Attributes inherited from Base
#name
Instance Method Summary
collapse
Methods inherited from Base
#initialize, #inspect, #to_ary, #to_s
Instance Method Details
#alias ⇒ Object
25
26
27
|
# File 'lib/serverspec/type/x509_certificate.rb', line 25
def alias
run_openssl_command_with("-alias -noout").stdout.chomp
end
|
#certificate? ⇒ Boolean
5
6
7
|
# File 'lib/serverspec/type/x509_certificate.rb', line 5
def certificate?
(run_openssl_command_with("-noout").exit_status == 0)
end
|
#email ⇒ Object
17
18
19
|
# File 'lib/serverspec/type/x509_certificate.rb', line 17
def email
run_openssl_command_with("-email -noout").stdout.chomp
end
|
#fingerprint ⇒ Object
21
22
23
|
# File 'lib/serverspec/type/x509_certificate.rb', line 21
def fingerprint
run_openssl_command_with("-fingerprint -noout").stdout.chomp
end
|
#has_purpose?(p) ⇒ Boolean
38
39
40
41
42
|
# File 'lib/serverspec/type/x509_certificate.rb', line 38
def has_purpose?(p)
grep_str = "#{p} : Yes"
( run_openssl_command_with("-purpose -noout | grep -wq \"#{grep_str}\"").
exit_status == 0 )
end
|
#issuer ⇒ Object
13
14
15
|
# File 'lib/serverspec/type/x509_certificate.rb', line 13
def issuer
run_openssl_command_with("-issuer -noout").stdout.chomp.gsub(/^issuer= /,'')
end
|
#keylength ⇒ Object
Modern openssl use following output format for key length: Public-Key: (4096 bit) while ancient (0.9.8 for example) use RSA Public Key: (2048 bit)
33
34
35
36
|
# File 'lib/serverspec/type/x509_certificate.rb', line 33
def keylength
len_str = run_openssl_command_with("-text -noout | grep -E 'Public(-| )Key: \\([[:digit:]]+ bit\\)'").stdout.chomp
len_str.gsub(/^.*\(/,'').gsub(/ bit\)$/,'').to_i
end
|
#subject ⇒ Object
9
10
11
|
# File 'lib/serverspec/type/x509_certificate.rb', line 9
def subject
run_openssl_command_with("-subject -noout").stdout.chomp.gsub(/^subject= /,'')
end
|
#valid? ⇒ Boolean
44
45
46
47
48
49
50
51
52
|
# File 'lib/serverspec/type/x509_certificate.rb', line 44
def valid?
runner_res = run_openssl_command_with("-startdate -enddate -noout")
return false if runner_res.exit_status != 0
date_map = parse_dates_str_to_map(runner_res.stdout)
now = Time.now
( now >= date_map[:notBefore] && now <= date_map[:notAfter])
end
|
#validity_in_days ⇒ Object
54
55
56
57
58
59
60
61
|
# File 'lib/serverspec/type/x509_certificate.rb', line 54
def validity_in_days
runner_res = run_openssl_command_with("-enddate -noout")
return 0 if runner_res.exit_status != 0
date_map = parse_dates_str_to_map(runner_res.stdout)
diff = date_map[:notAfter] - Time.now
( diff/(60*60*24) )
end
|