module OpenSSL::X509::Extension::AuthorityInfoAccess

Included modules:
OpenSSL::X509::Extension::Helpers

Public Instance Methods

ca_issuer_uris() Show source
# File ext/openssl/lib/openssl/x509.rb, line 162
def ca_issuer_uris
  aia_asn1 = parse_aia_asn1
  return nil if aia_asn1.nil?

  ca_issuer = aia_asn1.value.select do |authority_info_access|
    authority_info_access.value.first.value == "caIssuers"
  end

  ca_issuer&.map(&:value)&.map(&:last)&.map(&:value)
end

Get the information and services for the issuer from the certificate's authority information access extension exteension, as described in RFC5280 Section 4.2.2.1.

Returns an array of strings or nil or raises ASN1::ASN1Error.

ocsp_uris() Show source
# File ext/openssl/lib/openssl/x509.rb, line 177
def ocsp_uris
  aia_asn1 = parse_aia_asn1
  return nil if aia_asn1.nil?

  ocsp = aia_asn1.value.select do |authority_info_access|
    authority_info_access.value.first.value == "OCSP"
  end

  ocsp&.map(&:value)&.map(&:last)&.map(&:value)
end

Get the URIs for OCSP from the certificate's authority information access extension exteension, as described in RFC5280 Section 4.2.2.1.

Returns an array of strings or nil or raises ASN1::ASN1Error.

Private Instance Methods

parse_aia_asn1() Show source
# File ext/openssl/lib/openssl/x509.rb, line 190
def parse_aia_asn1
  ext = find_extension("authorityInfoAccess")
  return nil if ext.nil?

  aia_asn1 = ASN1.decode(ext.value_der)
  if ext.critical? || aia_asn1.tag_class != :UNIVERSAL || aia_asn1.tag != ASN1::SEQUENCE
    raise ASN1::ASN1Error, "invalid extension"
  end

  aia_asn1
end

Ruby Core © 1993–2020 Yukihiro Matsumoto
Licensed under the Ruby License.
Ruby Standard Library © contributors
Licensed under their own licenses.