class Xml::Kit::Certificate

{include:file:spec/xml/kit/certificate_spec.rb}

Constants

BASE64_FORMAT
BEGIN_CERT
END_CERT

Attributes

use[R]

The use can be `:signing` or `:encryption`. Use `nil` for both.

value[R]

The raw certificate value. This can be a Base64 encoded PEM or just a PEM format.

Public Class Methods

base64?(value) click to toggle source
# File lib/xml/kit/certificate.rb, line 127
def base64?(value)
  return unless value.is_a?(String)

  sanitized_value = strip(value)
  !!sanitized_value.match(BASE64_FORMAT)
end
new(value, use: nil) click to toggle source
# File lib/xml/kit/certificate.rb, line 19
def initialize(value, use: nil)
  @value = value
  @use = use.nil? ? use : use.downcase.to_sym
end
strip(value) click to toggle source
# File lib/xml/kit/certificate.rb, line 134
def strip(value)
  value
    .gsub(BEGIN_CERT, '')
    .gsub(END_CERT, '')
    .gsub(/[\r\n]|\\r|\\n|\s/, '')
end
to_x509(value) click to toggle source
# File lib/xml/kit/certificate.rb, line 120
def to_x509(value)
  return value if value.is_a?(OpenSSL::X509::Certificate)

  value = Base64.decode64(strip(value)) if base64?(value)
  OpenSSL::X509::Certificate.new(value)
end

Public Instance Methods

==(other) click to toggle source
# File lib/xml/kit/certificate.rb, line 67
def ==(other)
  fingerprint == other.fingerprint
end
active?(time = Time.now) click to toggle source
# File lib/xml/kit/certificate.rb, line 103
def active?(time = Time.now)
  x509.not_before <= time && !expired?(time)
end
encryption?() click to toggle source

Returns true if this certificate is used for encryption.

return [Boolean] true or false.

# File lib/xml/kit/certificate.rb, line 42
def encryption?
  for?(:encryption)
end
eql?(other) click to toggle source
# File lib/xml/kit/certificate.rb, line 71
def eql?(other)
  self == other
end
expired?(time = Time.now) click to toggle source
# File lib/xml/kit/certificate.rb, line 99
def expired?(time = Time.now)
  x509.not_after <= time
end
fingerprint() click to toggle source

@return [Xml::Kit::Fingerprint] the certificate fingerprint.

# File lib/xml/kit/certificate.rb, line 25
def fingerprint
  Fingerprint.new(value)
end
for?(use) click to toggle source

Returns true if this certificate is for the specified use.

@param use [Symbol] `:signing` or `:encryption`. @return [Boolean] true or false.

# File lib/xml/kit/certificate.rb, line 33
def for?(use)
  return true if self.use.nil?

  self.use == use.to_sym
end
hash() click to toggle source
# File lib/xml/kit/certificate.rb, line 75
def hash
  value.hash
end
inspect() click to toggle source
# File lib/xml/kit/certificate.rb, line 87
def inspect
  to_h.inspect
end
key_info() click to toggle source
# File lib/xml/kit/certificate.rb, line 115
def key_info
  @key_info ||= KeyInfo.new(x509: x509)
end
not_after() click to toggle source
# File lib/xml/kit/certificate.rb, line 107
def not_after
  x509.not_after
end
not_before() click to toggle source
# File lib/xml/kit/certificate.rb, line 111
def not_before
  x509.not_before
end
public_key() click to toggle source

Returns the public key.

@return [OpenSSL::PKey::RSA] the RSA public key.

# File lib/xml/kit/certificate.rb, line 63
def public_key
  x509.public_key
end
signing?() click to toggle source

Returns true if this certificate is used for signing.

return [Boolean] true or false.

# File lib/xml/kit/certificate.rb, line 49
def signing?
  for?(:signing)
end
stripped() click to toggle source
# File lib/xml/kit/certificate.rb, line 91
def stripped
  self.class.strip(x509.to_pem)
end
to_h() click to toggle source
# File lib/xml/kit/certificate.rb, line 83
def to_h
  { use: @use, fingerprint: fingerprint.to_s }
end
to_key_pair(private_key, passphrase: nil, use: nil) click to toggle source
# File lib/xml/kit/certificate.rb, line 95
def to_key_pair(private_key, passphrase: nil, use: nil)
  KeyPair.new(x509.to_pem, private_key.to_s, passphrase, use)
end
to_s() click to toggle source
# File lib/xml/kit/certificate.rb, line 79
def to_s
  value
end
x509() click to toggle source

Returns the x509 form.

return [OpenSSL::X509::Certificate] the OpenSSL equivalent.

# File lib/xml/kit/certificate.rb, line 56
def x509
  @x509 ||= self.class.to_x509(value)
end