class CertificateAuthority::Extensions::CrlDistributionPoints

Specifies where CRL information be be retrieved. This extension isn't critical, but is recommended for proper CAs. Reference: Section 4.2.1.14 of RFC3280 tools.ietf.org/html/rfc3280#section-4.2.1.14

Constants

OPENSSL_IDENTIFIER

Attributes

critical[RW]
uris[RW]

Public Class Methods

new() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 108
def initialize
  @critical = false
  @uris = []
end
parse(value, critical) click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 146
def self.parse(value, critical)
  obj = self.new
  return obj if value.nil?
  obj.critical = critical
  value.split(/,\s*/).each do |v|
    c = v.split(':', 2)
    obj.uris << c.last if c.first == "URI"
  end
  obj
end

Public Instance Methods

==(o) click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 142
def ==(o)
  o.class == self.class && o.state == state
end
config_extensions() click to toggle source

NB: At this time it seems OpenSSL's extension handlers don't support any of the config options the docs claim to support… everything comes back “missing value” on GENERAL NAME. Even if copied verbatim

# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 120
def config_extensions
  {
    # "custom_crl_fields" => {"fullname" => "URI:#{fullname}"},
    # "issuer_sect" => {"CN" => "crlissuer.com", "C" => "US", "O" => "shudder"}
  }
end
openssl_identifier() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 113
def openssl_identifier
  OPENSSL_IDENTIFIER
end
to_s() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 134
def to_s
  res = []
  @uris.each do |uri|
    res << "URI:#{uri}"
  end
  res.join(',')
end
uri=(value) click to toggle source

This is for legacy support. Technically it can (and probably should) be an array. But if someone is calling the old accessor we shouldn't necessarily break it.

# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 130
def uri=(value)
  @uris << value
end

Protected Instance Methods

state() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/extensions.rb, line 158
def state
  [@critical,@uri]
end