Class: CertificateAuthority::OCSPHandler
- Inherits:
-
Object
- Object
- CertificateAuthority::OCSPHandler
- Includes:
- Validations
- Defined in:
- lib/certificate_authority/ocsp_handler.rb
Overview
DEPRECATED
Instance Attribute Summary collapse
-
#certificate_ids ⇒ Object
Returns the value of attribute certificate_ids.
-
#certificates ⇒ Object
Returns the value of attribute certificates.
-
#ocsp_request ⇒ Object
Returns the value of attribute ocsp_request.
-
#ocsp_response_body ⇒ Object
Returns the value of attribute ocsp_response_body.
-
#parent ⇒ Object
Returns the value of attribute parent.
Instance Method Summary collapse
- #<<(cert) ⇒ Object
- #extract_certificate_serials ⇒ Object
-
#initialize ⇒ OCSPHandler
constructor
A new instance of OCSPHandler.
- #response ⇒ Object
- #to_der ⇒ Object
- #validate ⇒ Object
Methods included from Validations
Constructor Details
#initialize ⇒ OCSPHandler
Returns a new instance of OCSPHandler.
86 87 88 |
# File 'lib/certificate_authority/ocsp_handler.rb', line 86 def initialize self.certificates = {} end |
Instance Attribute Details
#certificate_ids ⇒ Object
Returns the value of attribute certificate_ids.
74 75 76 |
# File 'lib/certificate_authority/ocsp_handler.rb', line 74 def certificate_ids @certificate_ids end |
#certificates ⇒ Object
Returns the value of attribute certificates.
76 77 78 |
# File 'lib/certificate_authority/ocsp_handler.rb', line 76 def certificates @certificates end |
#ocsp_request ⇒ Object
Returns the value of attribute ocsp_request.
73 74 75 |
# File 'lib/certificate_authority/ocsp_handler.rb', line 73 def ocsp_request @ocsp_request end |
#ocsp_response_body ⇒ Object
Returns the value of attribute ocsp_response_body.
79 80 81 |
# File 'lib/certificate_authority/ocsp_handler.rb', line 79 def ocsp_response_body @ocsp_response_body end |
#parent ⇒ Object
Returns the value of attribute parent.
77 78 79 |
# File 'lib/certificate_authority/ocsp_handler.rb', line 77 def parent @parent end |
Instance Method Details
#<<(cert) ⇒ Object
90 91 92 |
# File 'lib/certificate_authority/ocsp_handler.rb', line 90 def <<(cert) self.certificates[cert.serial_number.number.to_s] = cert end |
#extract_certificate_serials ⇒ Object
94 95 96 97 98 99 100 101 102 103 104 105 |
# File 'lib/certificate_authority/ocsp_handler.rb', line 94 def extract_certificate_serials openssl_request = OpenSSL::OCSP::Request.new(@ocsp_request) if openssl_request.certid.nil? raise "Invalid openssl request" end self.certificate_ids = openssl_request.certid.collect do |cert_id| cert_id.serial end self.certificate_ids end |
#response ⇒ Object
108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 |
# File 'lib/certificate_authority/ocsp_handler.rb', line 108 def response raise "Invalid response" unless valid? openssl_ocsp_response = OpenSSL::OCSP::BasicResponse.new openssl_ocsp_request = OpenSSL::OCSP::Request.new(self.ocsp_request) openssl_ocsp_response.copy_nonce(openssl_ocsp_request) openssl_ocsp_request.certid.each do |cert_id| certificate = self.certificates[cert_id.serial.to_s] openssl_ocsp_response.add_status(cert_id, OpenSSL::OCSP::V_CERTSTATUS_GOOD, 0, 0, 0, 30, nil) end openssl_ocsp_response.sign(OpenSSL::X509::Certificate.new(self.parent.to_pem), self.parent.key_material.private_key, nil, nil) final_response = OpenSSL::OCSP::Response.create(OpenSSL::OCSP::RESPONSE_STATUS_SUCCESSFUL, openssl_ocsp_response) self.ocsp_response_body = final_response self.ocsp_response_body end |
#to_der ⇒ Object
130 131 132 133 |
# File 'lib/certificate_authority/ocsp_handler.rb', line 130 def to_der raise "No signed OCSP response body available" if self.ocsp_response_body.nil? self.ocsp_response_body.to_der end |
#validate ⇒ Object
81 82 83 84 |
# File 'lib/certificate_authority/ocsp_handler.rb', line 81 def validate errors.add :parent, "A parent entity must be set" if parent.nil? all_certificates_available end |