Class: R509::Cert::Extensions::KeyUsage

Inherits:
OpenSSL::X509::Extension
  • Object
show all
Defined in:
lib/r509/cert/extensions.rb

Overview

Implements the KeyUsage certificate extension, with methods to provide access to the components and meaning of the extension's contents.

Constant Summary

OID =

friendly name for KeyUsage OID

"keyUsage"
AU_DIGITAL_SIGNATURE =

The OpenSSL friendly name for the "digitalSignature" key use.

"Digital Signature"
AU_NON_REPUDIATION =

The OpenSSL friendly name for the "nonRepudiation" key use.

"Non Repudiation"
AU_KEY_ENCIPHERMENT =

The OpenSSL friendly name for the "keyEncipherment" key use.

"Key Encipherment"
AU_DATA_ENCIPHERMENT =

The OpenSSL friendly name for the "dataEncipherment" key use.

"Data Encipherment"
AU_KEY_AGREEMENT =

The OpenSSL friendly name for the "keyAgreement" key use.

"Key Agreement"
AU_CERTIFICATE_SIGN =

The OpenSSL friendly name for the "keyCertSign" key use.

"Certificate Sign"
AU_CRL_SIGN =

The OpenSSL friendly name for the "cRLSign" key use.

"CRL Sign"
AU_ENCIPHER_ONLY =

The OpenSSL friendly name for the "encipherOnly" key use.

"Encipher Only"
AU_DECIPHER_ONLY =

The OpenSSL friendly name for the "decipherOnly" key use.

"Decipher Only"

Instance Attribute Summary (collapse)

Instance Method Summary (collapse)

Constructor Details

- (KeyUsage) initialize(*args)

See OpenSSL::X509::Extension#initialize



86
87
88
89
90
# File 'lib/r509/cert/extensions.rb', line 86

def initialize(*args)
  super(*args)

  @allowed_uses = self.value.split(",").map {|use| use.strip}
end

Instance Attribute Details

- (Object) allowed_uses (readonly)

An array of the key uses allowed. See the AU_* constants in this class.



83
84
85
# File 'lib/r509/cert/extensions.rb', line 83

def allowed_uses
  @allowed_uses
end

Instance Method Details

- (Boolean) allows?(friendly_use_name)

Returns true if the given use is allowed by this extension.

Parameters:

  • friendly_use_name (string)

    One of the AU_* constants in this class.

Returns:

  • (Boolean)


94
95
96
# File 'lib/r509/cert/extensions.rb', line 94

def allows?( friendly_use_name )
  @allowed_uses.include?( friendly_use_name )
end

- (Boolean) certificate_sign?

Returns:

  • (Boolean)


118
119
120
# File 'lib/r509/cert/extensions.rb', line 118

def certificate_sign?
  allows?( AU_CERTIFICATE_SIGN )
end

- (Boolean) crl_sign?

Returns:

  • (Boolean)


122
123
124
# File 'lib/r509/cert/extensions.rb', line 122

def crl_sign?
  allows?( AU_CRL_SIGN )
end

- (Boolean) data_encipherment?

Returns:

  • (Boolean)


110
111
112
# File 'lib/r509/cert/extensions.rb', line 110

def data_encipherment?
  allows?( AU_DATA_ENCIPHERMENT )
end

- (Boolean) decipher_only?

Returns:

  • (Boolean)


130
131
132
# File 'lib/r509/cert/extensions.rb', line 130

def decipher_only?
  allows?( AU_DECIPHER_ONLY )
end

- (Boolean) digital_signature?

Returns:

  • (Boolean)


98
99
100
# File 'lib/r509/cert/extensions.rb', line 98

def digital_signature?
  allows?( AU_DIGITAL_SIGNATURE )
end

- (Boolean) encipher_only?

Returns:

  • (Boolean)


126
127
128
# File 'lib/r509/cert/extensions.rb', line 126

def encipher_only?
  allows?( AU_ENCIPHER_ONLY )
end

- (Boolean) key_agreement?

Returns:

  • (Boolean)


114
115
116
# File 'lib/r509/cert/extensions.rb', line 114

def key_agreement?
  allows?( AU_KEY_AGREEMENT )
end

- (Boolean) key_encipherment?

Returns:

  • (Boolean)


106
107
108
# File 'lib/r509/cert/extensions.rb', line 106

def key_encipherment?
  allows?( AU_KEY_ENCIPHERMENT )
end

- (Boolean) non_repudiation?

Returns:

  • (Boolean)


102
103
104
# File 'lib/r509/cert/extensions.rb', line 102

def non_repudiation?
  allows?( AU_NON_REPUDIATION )
end