Class: SSLCheck::Certificate
- Inherits:
-
Object
- Object
- SSLCheck::Certificate
- Defined in:
- lib/sslcheck/certificate.rb
Instance Method Summary collapse
- #alternate_common_names ⇒ Object
- #bootstrap_certificate(cert) ⇒ Object
- #common_name ⇒ Object
- #expired? ⇒ Boolean
- #expires_in?(num_days) ⇒ Boolean
-
#initialize(cert, clock = nil) ⇒ Certificate
constructor
A new instance of Certificate.
- #issued? ⇒ Boolean
- #issued_by ⇒ Object
- #issuer ⇒ Object
- #issuer_common_name ⇒ Object
- #issuer_country ⇒ Object
- #issuer_locality ⇒ Object
- #issuer_organization ⇒ Object
- #issuer_state ⇒ Object
- #not_after ⇒ Object
- #not_before ⇒ Object
- #organizational_unit ⇒ Object
- #public_key ⇒ Object
- #subject ⇒ Object
- #to_h ⇒ Object
- #to_s ⇒ Object
- #to_x509 ⇒ Object
- #verify(ca) ⇒ Object
Constructor Details
#initialize(cert, clock = nil) ⇒ Certificate
Returns a new instance of Certificate.
6 7 8 9 |
# File 'lib/sslcheck/certificate.rb', line 6 def initialize(cert, clock=nil) @cert = bootstrap_certificate(cert) @clock = clock || DateTime end |
Instance Method Details
#alternate_common_names ⇒ Object
50 51 52 53 54 55 56 |
# File 'lib/sslcheck/certificate.rb', line 50 def alternate_common_names ext = @cert.extensions.find{|ext| ext.oid == "subjectAltName" } return [] unless ext alternates = ext.value.split(",") names = alternates.map{|a| a.scan(/DNS:(.*)/)[0][0]} names end |
#bootstrap_certificate(cert) ⇒ Object
119 120 121 122 123 |
# File 'lib/sslcheck/certificate.rb', line 119 def bootstrap_certificate(cert) return cert if cert.is_a?(OpenSSL::X509::Certificate) return cert if cert.is_a?(SSLCheck::Certificate) OpenSSL::X509::Certificate.new cert end |
#common_name ⇒ Object
46 47 48 |
# File 'lib/sslcheck/certificate.rb', line 46 def common_name subject.scan(/CN=(.*)/)[0][0] end |
#expired? ⇒ Boolean
107 108 109 |
# File 'lib/sslcheck/certificate.rb', line 107 def expired? @clock.now > not_after end |
#expires_in?(num_days) ⇒ Boolean
111 112 113 |
# File 'lib/sslcheck/certificate.rb', line 111 def expires_in?(num_days) (@clock.now.beginning_of_day + num_days.days) >= not_after.beginning_of_day end |
#issued? ⇒ Boolean
115 116 117 |
# File 'lib/sslcheck/certificate.rb', line 115 def issued? @clock.now > not_before end |
#issued_by ⇒ Object
86 87 88 89 |
# File 'lib/sslcheck/certificate.rb', line 86 def issued_by match = issuer.match("CN=(.*)") match.captures.first if match end |
#issuer ⇒ Object
58 59 60 |
# File 'lib/sslcheck/certificate.rb', line 58 def issuer @cert.issuer.to_s end |
#issuer_common_name ⇒ Object
82 83 84 |
# File 'lib/sslcheck/certificate.rb', line 82 def issuer_common_name issued_by end |
#issuer_country ⇒ Object
62 63 64 65 |
# File 'lib/sslcheck/certificate.rb', line 62 def issuer_country match = issuer.match(/C=([\w\s]+)/) match.captures.first if match end |
#issuer_locality ⇒ Object
72 73 74 75 |
# File 'lib/sslcheck/certificate.rb', line 72 def issuer_locality match = issuer.match(/L=([\w\s]+)/) match.captures.first if match end |
#issuer_organization ⇒ Object
77 78 79 80 |
# File 'lib/sslcheck/certificate.rb', line 77 def issuer_organization match = issuer.match(/O=([^\/]+)/) match.captures.first if match end |
#issuer_state ⇒ Object
67 68 69 70 |
# File 'lib/sslcheck/certificate.rb', line 67 def issuer_state match = issuer.match(/ST=([\w\s]+)/) match.captures.first if match end |
#not_after ⇒ Object
103 104 105 |
# File 'lib/sslcheck/certificate.rb', line 103 def not_after DateTime.parse(@cert.not_after.to_s) end |
#not_before ⇒ Object
99 100 101 |
# File 'lib/sslcheck/certificate.rb', line 99 def not_before DateTime.parse(@cert.not_before.to_s) end |
#organizational_unit ⇒ Object
41 42 43 44 |
# File 'lib/sslcheck/certificate.rb', line 41 def organizational_unit match = subject.match(/OU=([\w\s]+)/) match.captures.first if match end |
#public_key ⇒ Object
91 92 93 |
# File 'lib/sslcheck/certificate.rb', line 91 def public_key @cert.public_key end |
#subject ⇒ Object
37 38 39 |
# File 'lib/sslcheck/certificate.rb', line 37 def subject @cert.subject.to_s end |
#to_h ⇒ Object
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
# File 'lib/sslcheck/certificate.rb', line 15 def to_h { :common_name => common_name, :organization_unit => organizational_unit, :not_before => not_before, :not_after => not_after, :issued => true, :expired => false, :issuer => { :common_name => issuer_common_name, :country => issuer_country, :state => issuer_state, :locality => issuer_locality, :organization => issuer_organization } } end |
#to_s ⇒ Object
33 34 35 |
# File 'lib/sslcheck/certificate.rb', line 33 def to_s @cert.to_s end |
#to_x509 ⇒ Object
11 12 13 |
# File 'lib/sslcheck/certificate.rb', line 11 def to_x509 OpenSSL::X509::Certificate.new @cert.to_s end |
#verify(ca) ⇒ Object
95 96 97 |
# File 'lib/sslcheck/certificate.rb', line 95 def verify(ca) @cert.verify(ca.public_key) end |