class CertificateAuthority::OCSPHandler
DEPRECATED
Attributes
certificate_ids[RW]
certificates[RW]
ocsp_request[RW]
ocsp_response_body[RW]
parent[RW]
Public Class Methods
new()
click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb, line 86 def initialize self.certificates = {} end
Public Instance Methods
<<(cert)
click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb, line 90 def <<(cert) self.certificates[cert.serial_number.number.to_s] = cert end
extract_certificate_serials()
click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb, line 94 def extract_certificate_serials openssl_request = OpenSSL::OCSP::Request.new(@ocsp_request) self.certificate_ids = openssl_request.certid.collect do |cert_id| cert_id.serial end self.certificate_ids end
response()
click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb, line 105 def response raise "Invalid response" unless valid? openssl_ocsp_response = OpenSSL::OCSP::BasicResponse.new openssl_ocsp_request = OpenSSL::OCSP::Request.new(self.ocsp_request) openssl_ocsp_response.copy_nonce(openssl_ocsp_request) openssl_ocsp_request.certid.each do |cert_id| certificate = self.certificates[cert_id.serial.to_s] openssl_ocsp_response.add_status(cert_id, OpenSSL::OCSP::V_CERTSTATUS_GOOD, 0, 0, 0, 30, nil) end openssl_ocsp_response.sign(OpenSSL::X509::Certificate.new(self.parent.to_pem), self.parent.key_material.private_key, nil, nil) final_response = OpenSSL::OCSP::Response.create(OpenSSL::OCSP::RESPONSE_STATUS_SUCCESSFUL, openssl_ocsp_response) self.ocsp_response_body = final_response self.ocsp_response_body end
to_der()
click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb, line 127 def to_der raise "No signed OCSP response body available" if self.ocsp_response_body.nil? self.ocsp_response_body.to_der end
validate()
click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb, line 81 def validate errors.add :parent, "A parent entity must be set" if parent.nil? all_certificates_available end
Private Instance Methods
all_certificates_available()
click to toggle source
# File vendor/certificate_authority/lib/certificate_authority/ocsp_handler.rb, line 134 def all_certificates_available openssl_ocsp_request = OpenSSL::OCSP::Request.new(self.ocsp_request) openssl_ocsp_request.certid.each do |cert_id| certificate = self.certificates[cert_id.serial.to_s] errors.add(:base, "Certificate #{cert_id.serial} has not been added yet") if certificate.nil? end end