Class: Xml::Kit::Certificate
- Inherits:
-
Object
- Object
- Xml::Kit::Certificate
show all
- Includes:
- Templatable
- Defined in:
- lib/xml/kit/certificate.rb
Overview
Constant Summary
collapse
- BASE64_FORMAT =
%r(\A([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?\Z).freeze
- BEGIN_CERT =
/-----BEGIN CERTIFICATE-----/.freeze
- END_CERT =
/-----END CERTIFICATE-----/.freeze
Instance Attribute Summary collapse
Attributes included from Templatable
#digest_method, #embed_signature, #encrypt, #encryption_certificate, #signature_method, #signing_key_pair
Class Method Summary
collapse
Instance Method Summary
collapse
#asymmetric_cipher, #encrypt_data_for, #encrypt_key_for, #encrypt_with, #encryption_for, #render, #sign_with, #signature_for, #symmetric_cipher, #to_xml
Constructor Details
#initialize(value, use: nil) ⇒ Certificate
Returns a new instance of Certificate.
19
20
21
22
|
# File 'lib/xml/kit/certificate.rb', line 19
def initialize(value, use: nil)
@value = value
@use = use.nil? ? use : use.downcase.to_sym
end
|
Instance Attribute Details
#use ⇒ Object
The use can be ‘:signing` or `:encryption`. Use `nil` for both.
14
15
16
|
# File 'lib/xml/kit/certificate.rb', line 14
def use
@use
end
|
#value ⇒ Object
The raw certificate value. This can be a Base64 encoded PEM or just a PEM format.
17
18
19
|
# File 'lib/xml/kit/certificate.rb', line 17
def value
@value
end
|
Class Method Details
.base64?(value) ⇒ Boolean
127
128
129
130
131
132
|
# File 'lib/xml/kit/certificate.rb', line 127
def base64?(value)
return unless value.is_a?(String)
sanitized_value = strip(value)
!!sanitized_value.match(BASE64_FORMAT)
end
|
.strip(value) ⇒ Object
134
135
136
137
138
139
|
# File 'lib/xml/kit/certificate.rb', line 134
def strip(value)
value
.gsub(BEGIN_CERT, '')
.gsub(END_CERT, '')
.gsub(/[\r\n]|\\r|\\n|\s/, '')
end
|
.to_x509(value) ⇒ Object
120
121
122
123
124
125
|
# File 'lib/xml/kit/certificate.rb', line 120
def to_x509(value)
return value if value.is_a?(OpenSSL::X509::Certificate)
value = Base64.decode64(strip(value)) if base64?(value)
OpenSSL::X509::Certificate.new(value)
end
|
Instance Method Details
#==(other) ⇒ Object
67
68
69
|
# File 'lib/xml/kit/certificate.rb', line 67
def ==(other)
fingerprint == other.fingerprint
end
|
#active?(time = Time.now) ⇒ Boolean
103
104
105
|
# File 'lib/xml/kit/certificate.rb', line 103
def active?(time = Time.now)
x509.not_before <= time && !expired?(time)
end
|
#encryption? ⇒ Boolean
Returns true if this certificate is used for encryption.
return [Boolean] true or false.
42
43
44
|
# File 'lib/xml/kit/certificate.rb', line 42
def encryption?
for?(:encryption)
end
|
#eql?(other) ⇒ Boolean
71
72
73
|
# File 'lib/xml/kit/certificate.rb', line 71
def eql?(other)
self == other
end
|
#expired?(time = Time.now) ⇒ Boolean
99
100
101
|
# File 'lib/xml/kit/certificate.rb', line 99
def expired?(time = Time.now)
x509.not_after <= time
end
|
Returns the certificate fingerprint.
25
26
27
|
# File 'lib/xml/kit/certificate.rb', line 25
def fingerprint
Fingerprint.new(value)
end
|
#for?(use) ⇒ Boolean
Returns true if this certificate is for the specified use.
33
34
35
36
37
|
# File 'lib/xml/kit/certificate.rb', line 33
def for?(use)
return true if self.use.nil?
self.use == use.to_sym
end
|
#hash ⇒ Object
75
76
77
|
# File 'lib/xml/kit/certificate.rb', line 75
def hash
value.hash
end
|
#inspect ⇒ Object
87
88
89
|
# File 'lib/xml/kit/certificate.rb', line 87
def inspect
to_h.inspect
end
|
#key_info ⇒ Object
115
116
117
|
# File 'lib/xml/kit/certificate.rb', line 115
def key_info
@key_info ||= KeyInfo.new(x509: x509)
end
|
#not_after ⇒ Object
107
108
109
|
# File 'lib/xml/kit/certificate.rb', line 107
def not_after
x509.not_after
end
|
#not_before ⇒ Object
111
112
113
|
# File 'lib/xml/kit/certificate.rb', line 111
def not_before
x509.not_before
end
|
#public_key ⇒ OpenSSL::PKey::RSA
63
64
65
|
# File 'lib/xml/kit/certificate.rb', line 63
def public_key
x509.public_key
end
|
#signing? ⇒ Boolean
Returns true if this certificate is used for signing.
return [Boolean] true or false.
49
50
51
|
# File 'lib/xml/kit/certificate.rb', line 49
def signing?
for?(:signing)
end
|
#stripped ⇒ Object
91
92
93
|
# File 'lib/xml/kit/certificate.rb', line 91
def stripped
self.class.strip(x509.to_pem)
end
|
#to_h ⇒ Object
83
84
85
|
# File 'lib/xml/kit/certificate.rb', line 83
def to_h
{ use: @use, fingerprint: fingerprint.to_s }
end
|
#to_key_pair(private_key, passphrase: nil, use: nil) ⇒ Object
95
96
97
|
# File 'lib/xml/kit/certificate.rb', line 95
def to_key_pair(private_key, passphrase: nil, use: nil)
KeyPair.new(x509.to_pem, private_key.to_s, passphrase, use)
end
|
#to_s ⇒ Object
79
80
81
|
# File 'lib/xml/kit/certificate.rb', line 79
def to_s
value
end
|
#x509 ⇒ Object
Returns the x509 form.
return [OpenSSL::X509::Certificate] the OpenSSL equivalent.
56
57
58
|
# File 'lib/xml/kit/certificate.rb', line 56
def x509
@x509 ||= self.class.to_x509(value)
end
|