Class: R509::SPKI

Inherits:

Object

• Object
• R509::SPKI

Includes:

Helpers, IOHelpers

Defined in:

lib/r509/spki.rb

Overview

class for loading/generating SPKAC/SPKI requests (typically generated by the <keygen> tag

Instance Attribute Summary

• #key ⇒ Object readonly

  Returns the value of attribute key.

• #spki ⇒ Object (also: #internal_obj) readonly

  Returns the value of attribute spki.

Instance Method Summary

• #initialize(opts = {}) ⇒ SPKI constructor

  A new instance of SPKI.

• #public_key ⇒ OpenSSL::PKey::RSA

  Public key.

• #signature_algorithm ⇒ String

  Returns the signature algorithm (e.g., RSA-SHA1, ecdsa-with-SHA256).

• #verify_signature ⇒ Boolean

  Verifies the integrity of the signature on the SPKI.

Methods included from Helpers

#bit_length, #curve_name, #dsa?, #ec?, #key_algorithm, #load_private_key, #rsa?, #to_der, #to_pem, #write_der, #write_pem

Methods included from IOHelpers

#read_data, read_data, write_data, #write_data

Constructor Details

#initialize(opts = {}) ⇒ SPKI

Returns a new instance of SPKI.

Parameters:

• opts (Hash) (defaults to: {}) —

  a customizable set of options

Options Hash (opts):

• :spki (String, OpenSSL::Netscape::SPKI) —

  the spki you want to parse

• :key (R509::PrivateKey, String) —

  optional private key to supply. either an unencrypted PEM/DER string or an R509::PrivateKey object (use the latter if you need password/hardware support). if supplied you do not need to pass an spki.

• :message_digest (String) —

  Optional digest. sha1, sha224, sha256, sha384, sha512, md5. Defaults to sha256. Only used if you supply a :key and no :spki

# File 'lib/r509/spki.rb', line 16

def initialize(opts = {})
  if !opts.is_a?(Hash)
    raise ArgumentError, 'Must provide a hash of options'
  elsif !opts.key?(:spki) && !opts.key?(:key)
    raise ArgumentError, 'Must provide either :spki or :key'
  end

  @key = load_private_key(opts)

  if opts.key?(:spki)
    @spki = parse_spki(opts[:spki])
  else
    # create the SPKI from the private key if it wasn't passed in
    @spki = build_spki(opts[:message_digest])
  end
end

Instance Attribute Details

#key ⇒ Object (readonly)

Returns the value of attribute key.

# File 'lib/r509/spki.rb', line 12

def key
  @key
end

#spki ⇒ Object (readonly) Also known as: internal_obj

Returns the value of attribute spki.

# File 'lib/r509/spki.rb', line 12

def spki
  @spki
end

Instance Method Details

#public_key ⇒ OpenSSL::PKey::RSA

Returns public key.

Returns:

• (OpenSSL::PKey::RSA) —

  public key

# File 'lib/r509/spki.rb', line 34

def public_key
  @spki.public_key
end

#signature_algorithm ⇒ String

Returns the signature algorithm (e.g., RSA-SHA1, ecdsa-with-SHA256)

Returns:

• (String) —

  signature algorithm string

# File 'lib/r509/spki.rb', line 49

def signature_algorithm
  data = OpenSSL::ASN1.decode(self.to_der)
  data.entries[1].value.entries[0].value
end

#verify_signature ⇒ Boolean

Verifies the integrity of the signature on the SPKI

Returns:

• (Boolean)

# File 'lib/r509/spki.rb', line 40

def verify_signature
  @spki.verify(public_key)
end