class CertificateAuthority::OCSPHandler

DEPRECATED

Attributes

certificate_ids[RW]
certificates[RW]
ocsp_request[RW]
ocsp_response_body[RW]
parent[RW]

Public Class Methods

new() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb, line 86
def initialize
  self.certificates = {}
end

Public Instance Methods

<<(cert) click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb, line 90
def <<(cert)
  self.certificates[cert.serial_number.number.to_s] = cert
end
extract_certificate_serials() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb, line 94
def extract_certificate_serials
  openssl_request = OpenSSL::OCSP::Request.new(@ocsp_request)

  self.certificate_ids = openssl_request.certid.collect do |cert_id|
    cert_id.serial
  end

  self.certificate_ids
end
response() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb, line 105
def response
  raise "Invalid response" unless valid?

  openssl_ocsp_response = OpenSSL::OCSP::BasicResponse.new
  openssl_ocsp_request = OpenSSL::OCSP::Request.new(self.ocsp_request)
  openssl_ocsp_response.copy_nonce(openssl_ocsp_request)

  openssl_ocsp_request.certid.each do |cert_id|
    certificate = self.certificates[cert_id.serial.to_s]

    openssl_ocsp_response.add_status(cert_id,
    OpenSSL::OCSP::V_CERTSTATUS_GOOD, 0,
      0, 0, 30, nil)
  end


  openssl_ocsp_response.sign(OpenSSL::X509::Certificate.new(self.parent.to_pem), self.parent.key_material.private_key, nil, nil)
  final_response = OpenSSL::OCSP::Response.create(OpenSSL::OCSP::RESPONSE_STATUS_SUCCESSFUL, openssl_ocsp_response)
  self.ocsp_response_body = final_response
  self.ocsp_response_body
end
to_der() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb, line 127
def to_der
  raise "No signed OCSP response body available" if self.ocsp_response_body.nil?
  self.ocsp_response_body.to_der
end
validate() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb, line 81
def validate
  errors.add :parent, "A parent entity must be set" if parent.nil?
  all_certificates_available
end

Private Instance Methods

all_certificates_available() click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb, line 134
def all_certificates_available
  openssl_ocsp_request = OpenSSL::OCSP::Request.new(self.ocsp_request)

  openssl_ocsp_request.certid.each do |cert_id|
    certificate = self.certificates[cert_id.serial.to_s]
    errors.add(:base, "Certificate #{cert_id.serial} has not been added yet") if certificate.nil?
  end
end