Class: R509::Cert::Extensions::ExtendedKeyUsage

Inherits:
OpenSSL::X509::Extension
  • Object
show all
Defined in:
lib/r509/cert/extensions.rb

Overview

Implements the ExtendedKeyUsage certificate extension, with methods to provide access to the components and meaning of the extension's contents.

Constant Summary

OID =

friendly name for EKU OID

"extendedKeyUsage"
AU_WEB_SERVER_AUTH =

The OpenSSL friendly name for the "serverAuth" extended key use.

"TLS Web Server Authentication"
AU_WEB_CLIENT_AUTH =

The OpenSSL friendly name for the "clientAuth" extended key use.

"TLS Web Client Authentication"
AU_CODE_SIGNING =

The OpenSSL friendly name for the "codeSigning" extended key use.

"Code Signing"
AU_EMAIL_PROTECTION =

The OpenSSL friendly name for the "emailProtection" extended key use.

"E-mail Protection"

Instance Attribute Summary (collapse)

Instance Method Summary (collapse)

Constructor Details

- (ExtendedKeyUsage) initialize(*args)

See OpenSSL::X509::Extension#initialize



155
156
157
158
159
# File 'lib/r509/cert/extensions.rb', line 155

def initialize(*args)
  super(*args)

  @allowed_uses = self.value.split(",").map {|use| use.strip}
end

Instance Attribute Details

- (Object) allowed_uses (readonly)

An array of the key uses allowed. See the AU_* constants in this class.



152
153
154
# File 'lib/r509/cert/extensions.rb', line 152

def allowed_uses
  @allowed_uses
end

Instance Method Details

- (Boolean) allows?(friendly_use_name)

Returns true if the given use is allowed by this extension.

Parameters:

  • friendly_use_name (string)

    One of the AU_* constants in this class.

Returns:

  • (Boolean)


163
164
165
# File 'lib/r509/cert/extensions.rb', line 163

def allows?( friendly_use_name )
  @allowed_uses.include?( friendly_use_name )
end

- (Boolean) code_signing?

Returns:

  • (Boolean)


175
176
177
# File 'lib/r509/cert/extensions.rb', line 175

def code_signing?
  allows?( AU_CODE_SIGNING )
end

- (Boolean) email_protection?

Returns:

  • (Boolean)


179
180
181
# File 'lib/r509/cert/extensions.rb', line 179

def email_protection?
  allows?( AU_EMAIL_PROTECTION )
end

- (Boolean) web_client_authentication?

Returns:

  • (Boolean)


171
172
173
# File 'lib/r509/cert/extensions.rb', line 171

def web_client_authentication?
  allows?( AU_WEB_CLIENT_AUTH )
end

- (Boolean) web_server_authentication?

Returns:

  • (Boolean)


167
168
169
# File 'lib/r509/cert/extensions.rb', line 167

def web_server_authentication?
  allows?( AU_WEB_SERVER_AUTH )
end