class CertificateAuthority::Extensions::BasicConstraints

Specifies whether an X.509v3 certificate can act as a CA, signing other certificates to be verified. If set, a path length constraint can also be specified. Reference: Section 4.2.1.10 of RFC3280 tools.ietf.org/html/rfc3280#section-4.2.1.10

Constants

OPENSSL_IDENTIFIER

Attributes

ca[RW]
critical[RW]
path_len[RW]

Public Class Methods

new() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 49
def initialize
  @critical = false
  @ca = false
end
parse(value, critical) click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 78
def self.parse(value, critical)
  obj = self.new
  return obj if value.nil?
  obj.critical = critical
  value.split(/,\s*/).each do |v|
    c = v.split(':', 2)
    obj.ca = (c.last.upcase == "TRUE") if c.first == "CA"
    obj.path_len = c.last.to_i if c.first == "pathlen"
  end
  obj
end

Public Instance Methods

==(o) click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 74
def ==(o)
  o.class == self.class && o.state == state
end
is_ca?() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 58
def is_ca?
  @ca
end
openssl_identifier() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 54
def openssl_identifier
  OPENSSL_IDENTIFIER
end
path_len=(value) click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 62
def path_len=(value)
  raise "path_len must be a non-negative integer" if value < 0 or !value.is_a?(Fixnum)
  @path_len = value
end
to_s() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 67
def to_s
  res = []
  res << "CA:#{@ca}"
  res << "pathlen:#{@path_len}" unless @path_len.nil?
  res.join(',')
end
validate() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 40
def validate
  unless [true, false].include? self.critical
    errors.add :critical, 'must be true or false'
  end
  unless [true, false].include? self.ca
    errors.add :ca, 'must be true or false'
  end
end

Protected Instance Methods

state() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 91
def state
  [@critical,@ca,@path_len]
end