RubyGems - r509-ocsp-responder - Versions diffs - 0.3.1 - Mend

r509-ocsp-responder 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (55) hide show

data/README.md +77 -0
data/Rakefile +38 -0
data/doc/R509.html +115 -0
data/doc/R509/Ocsp.html +130 -0
data/doc/R509/Ocsp/Helper.html +126 -0
data/doc/R509/Ocsp/Helper/RequestChecker.html +739 -0
data/doc/R509/Ocsp/Helper/ResponseSigner.html +583 -0
data/doc/R509/Ocsp/Responder.html +129 -0
data/doc/R509/Ocsp/Responder/OcspConfig.html +289 -0
data/doc/R509/Ocsp/Responder/Server.html +128 -0
data/doc/R509/Ocsp/Responder/StatusError.html +134 -0
data/doc/R509/Ocsp/Signer.html +584 -0
data/doc/_index.html +197 -0
data/doc/class_list.html +53 -0
data/doc/css/common.css +1 -0
data/doc/css/full_list.css +57 -0
data/doc/css/style.css +328 -0
data/doc/file.README.html +156 -0
data/doc/file_list.html +55 -0
data/doc/frames.html +28 -0
data/doc/index.html +156 -0
data/doc/js/app.js +214 -0
data/doc/js/full_list.js +173 -0
data/doc/js/jquery.js +4 -0
data/doc/method_list.html +164 -0
data/doc/top-level-namespace.html +112 -0
data/lib/r509/ocsp/responder/ocsp-config.rb +35 -0
data/lib/r509/ocsp/responder/server.rb +169 -0
data/lib/r509/ocsp/responder/version.rb +7 -0
data/lib/r509/ocsp/signer.rb +244 -0
data/spec/fixtures.rb +196 -0
data/spec/fixtures/cert1.pem +24 -0
data/spec/fixtures/config_test_various.yaml +46 -0
data/spec/fixtures/ocsptest.r509.local.pem +27 -0
data/spec/fixtures/second_ca.cer +26 -0
data/spec/fixtures/second_ca.key +27 -0
data/spec/fixtures/stca.pem +22 -0
data/spec/fixtures/stca_ocsp_request.der +0 -0
data/spec/fixtures/stca_ocsp_response.der +0 -0
data/spec/fixtures/test_ca.cer +22 -0
data/spec/fixtures/test_ca.key +28 -0
data/spec/fixtures/test_ca_ocsp.cer +26 -0
data/spec/fixtures/test_ca_ocsp.key +27 -0
data/spec/fixtures/test_ca_ocsp_chain.txt +48 -0
data/spec/fixtures/test_ca_request.der +0 -0
data/spec/fixtures/test_ca_response.der +0 -0
data/spec/fixtures/test_ca_subroot.cer +25 -0
data/spec/fixtures/test_ca_subroot.key +27 -0
data/spec/fixtures/test_ca_subroot_ocsp.cer +25 -0
data/spec/fixtures/test_ca_subroot_ocsp.key +27 -0
data/spec/fixtures/test_config.yaml +17 -0
data/spec/server_spec.rb +400 -0
data/spec/signer_spec.rb +275 -0
data/spec/spec_helper.rb +18 -0
metadata +259 -0

data/doc/R509/Ocsp/Helper/RequestChecker.html ADDED

@@ -0,0 +1,739 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>
+  Class: R509::Ocsp::Helper::RequestChecker
+    &mdash; Documentation by YARD 0.8.2.1
+</title>
+  <link rel="stylesheet" href="../../../css/style.css" type="text/css" media="screen" charset="utf-8" />
+  <link rel="stylesheet" href="../../../css/common.css" type="text/css" media="screen" charset="utf-8" />
+<script type="text/javascript" charset="utf-8">
+  hasFrames = window.top.frames.main ? true : false;
+  relpath = '../../../';
+  framesUrl = "../../../frames.html#!" + escape(window.location.href);
+</script>
+  <script type="text/javascript" charset="utf-8" src="../../../js/jquery.js"></script>
+  <script type="text/javascript" charset="utf-8" src="../../../js/app.js"></script>
+  </head>
+  <body>
+    <div id="header">
+      <div id="menu">
+    <a href="../../../_index.html">Index (R)</a> &raquo;
+    <span class='title'><span class='object_link'><a href="../../../R509.html" title="R509 (module)">R509</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../Ocsp.html" title="R509::Ocsp (module)">Ocsp</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Helper.html" title="R509::Ocsp::Helper (module)">Helper</a></span></span>
+     &raquo;
+    <span class="title">RequestChecker</span>
+  <div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
+</div>
+      <div id="search">
+    <a class="full_list_link" id="class_list_link"
+        href="../../../class_list.html">
+      Class List
+    </a>
+    <a class="full_list_link" id="method_list_link"
+        href="../../../method_list.html">
+      Method List
+    </a>
+    <a class="full_list_link" id="file_list_link"
+        href="../../../file_list.html">
+      File List
+    </a>
+</div>
+      <div class="clear"></div>
+    </div>
+    <iframe id="search_frame"></iframe>
+    <div id="content"><h1>Class: R509::Ocsp::Helper::RequestChecker
+</h1>
+<dl class="box">
+    <dt class="r1">Inherits:</dt>
+    <dd class="r1">
+      <span class="inheritName">Object</span>
+        <ul class="fullTree">
+          <li>Object</li>
+            <li class="next">R509::Ocsp::Helper::RequestChecker</li>
+        </ul>
+        <a href="#" class="inheritanceTree">show all</a>
+      </dd>
+      <dt class="r2">Includes:</dt>
+      <dd class="r2">Dependo::Mixin</dd>
+    <dt class="r1 last">Defined in:</dt>
+    <dd class="r1 last">lib/r509/ocsp/signer.rb</dd>
+</dl>
+<div class="clear"></div>
+<h2>Overview</h2><div class="docstring">
+  <div class="discussion">
+<p>checks requests for validity against a set of configs</p>
+  </div>
+</div>
+<div class="tags">
+</div>
+  <h2>Instance Attribute Summary <small>(<a href="#" class="summary_toggle">collapse</a>)</small></h2>
+  <ul class="summary">
+      <li class="public ">
+  <span class="summary_signature">
+      <a href="#configs-instance_method" title="#configs (instance method)">- (Object) <strong>configs</strong> </a>
+  </span>
+      <span class="note title readonly">readonly</span>
+    <span class="summary_desc"><div class='inline'>
+<p>Returns the value of attribute configs.</p>
+</div></span>
+</li>
+      <li class="public ">
+  <span class="summary_signature">
+      <a href="#configs_hash-instance_method" title="#configs_hash (instance method)">- (Object) <strong>configs_hash</strong> </a>
+  </span>
+      <span class="note title readonly">readonly</span>
+    <span class="summary_desc"><div class='inline'>
+<p>Returns the value of attribute configs_hash.</p>
+</div></span>
+</li>
+  </ul>
+    <h2>
+      Instance Method Summary
+      <small>(<a href="#" class="summary_toggle">collapse</a>)</small>
+    </h2>
+    <ul class="summary">
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#check_statuses-instance_method" title="#check_statuses (instance method)">- (Hash) <strong>check_statuses</strong>(request) </a>
+  </span>
+    <span class="summary_desc"><div class='inline'>
+<p>Loads and checks a raw OCSP request.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#initialize-instance_method" title="#initialize (instance method)">- (RequestChecker) <strong>initialize</strong>(configs, validity_checker) </a>
+  </span>
+    <span class="note title constructor">constructor</span>
+    <span class="summary_desc"><div class='inline'>
+<p>A new instance of RequestChecker.</p>
+</div></span>
+</li>
+        <li class="public ">
+  <span class="summary_signature">
+      <a href="#validate_statuses-instance_method" title="#validate_statuses (instance method)">- (Boolean) <strong>validate_statuses</strong>(statuses) </a>
+  </span>
+    <span class="summary_desc"><div class='inline'>
+<p>Determines whether the statuses constitute a request that is compliant.</p>
+</div></span>
+</li>
+    </ul>
+  <div id="constructor_details" class="method_details_list">
+  <h2>Constructor Details</h2>
+    <div class="method_details first">
+  <h3 class="signature first" id="initialize-instance_method">
+    - (<tt><span class='object_link'><a href="" title="R509::Ocsp::Helper::RequestChecker (class)">RequestChecker</a></span></tt>) <strong>initialize</strong>(configs, validity_checker)
+</h3><div class="docstring">
+  <div class="discussion">
+<p>A new instance of RequestChecker</p>
+  </div>
+</div>
+<div class="tags">
+  <p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>configs</span>
+        <span class='type'>(<tt>R509::Config::CaConfigPool</tt>)</span>
+        &mdash;
+        <div class='inline'>
+<p>CaConfigPool object</p>
+</div>
+    </li>
+    <li>
+        <span class='name'>validity_checker</span>
+        <span class='type'>(<tt>R509::Validity::Checker</tt>)</span>
+        &mdash;
+        <div class='inline'>
+<p>an implementation of the R509::Validity::Checker class</p>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+81
+82
+83
+84
+85
+86
+87
+88
+89
+90
+91</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/ocsp/signer.rb', line 62</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_configs'>configs</span><span class='comma'>,</span> <span class='id identifier rubyid_validity_checker'>validity_checker</span><span class='rparen'>)</span>
+    <span class='kw'>unless</span> <span class='id identifier rubyid_configs'>configs</span><span class='period'>.</span><span class='id identifier rubyid_kind_of?'>kind_of?</span><span class='lparen'>(</span><span class='const'>R509</span><span class='op'>::</span><span class='const'>Config</span><span class='op'>::</span><span class='const'>CaConfigPool</span><span class='rparen'>)</span>
+        <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Must pass R509::Config::CaConfigPool object</span><span class='tstring_end'>&quot;</span></span>
+    <span class='kw'>end</span>
+    <span class='kw'>if</span> <span class='id identifier rubyid_configs'>configs</span><span class='period'>.</span><span class='id identifier rubyid_all'>all</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span>
+        <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Must be at least one R509::Config object</span><span class='tstring_end'>&quot;</span></span>
+    <span class='kw'>end</span>
+    <span class='ivar'>@configs</span> <span class='op'>=</span> <span class='id identifier rubyid_configs'>configs</span><span class='period'>.</span><span class='id identifier rubyid_all'>all</span>
+    <span class='id identifier rubyid_test_cid'>test_cid</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>OCSP</span><span class='op'>::</span><span class='const'>CertificateId</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Certificate</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='comma'>,</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Certificate</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='rparen'>)</span>
+    <span class='kw'>if</span> <span class='id identifier rubyid_test_cid'>test_cid</span><span class='period'>.</span><span class='id identifier rubyid_respond_to?'>respond_to?</span><span class='lparen'>(</span><span class='symbol'>:issuer_key_hash</span><span class='rparen'>)</span>
+        <span class='ivar'>@configs_hash</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span>
+        <span class='ivar'>@configs</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_config'>config</span><span class='op'>|</span>
+            <span class='id identifier rubyid_ee_cert'>ee_cert</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Certificate</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
+            <span class='id identifier rubyid_ee_cert'>ee_cert</span><span class='period'>.</span><span class='id identifier rubyid_issuer'>issuer</span> <span class='op'>=</span> <span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span><span class='period'>.</span><span class='id identifier rubyid_subject'>subject</span>
+            <span class='comment'># per RFC 5019
+</span>            <span class='comment'># Clients MUST use SHA1 as the hashing algorithm for the
+</span>            <span class='comment'># CertID.issuerNameHash and the CertID.issuerKeyHash values.
+</span>            <span class='comment'># so we can safely assume that our inbound hashes will be SHA1
+</span>            <span class='id identifier rubyid_issuer_certid'>issuer_certid</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>OCSP</span><span class='op'>::</span><span class='const'>CertificateId</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='id identifier rubyid_ee_cert'>ee_cert</span><span class='comma'>,</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span><span class='comma'>,</span><span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>Digest</span><span class='op'>::</span><span class='const'>SHA1</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='rparen'>)</span>
+            <span class='ivar'>@configs_hash</span><span class='lbracket'>[</span><span class='id identifier rubyid_issuer_certid'>issuer_certid</span><span class='period'>.</span><span class='id identifier rubyid_issuer_key_hash'>issuer_key_hash</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_config'>config</span>
+        <span class='kw'>end</span>
+    <span class='kw'>end</span>
+    <span class='ivar'>@validity_checker</span> <span class='op'>=</span> <span class='id identifier rubyid_validity_checker'>validity_checker</span>
+    <span class='kw'>if</span> <span class='ivar'>@validity_checker</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
+        <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Must supply a R509::Validity::Checker</span><span class='tstring_end'>&quot;</span></span>
+    <span class='kw'>end</span>
+    <span class='kw'>if</span> <span class='kw'>not</span> <span class='ivar'>@validity_checker</span><span class='period'>.</span><span class='id identifier rubyid_respond_to?'>respond_to?</span><span class='lparen'>(</span><span class='symbol'>:check</span><span class='rparen'>)</span>
+        <span class='id identifier rubyid_raise'>raise</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>R509Error</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>The validity checker must have a check method</span><span class='tstring_end'>&quot;</span></span>
+    <span class='kw'>end</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+</div>
+  <div id="instance_attr_details" class="attr_details">
+    <h2>Instance Attribute Details</h2>
+      <span id=""></span>
+      <div class="method_details first">
+  <h3 class="signature first" id="configs-instance_method">
+    - (<tt>Object</tt>) <strong>configs</strong>  <span class="extras">(readonly)</span>
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Returns the value of attribute configs</p>
+  </div>
+</div>
+<div class="tags">
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+58
+59
+60</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/ocsp/signer.rb', line 58</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_configs'>configs</span>
+  <span class='ivar'>@configs</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <span id=""></span>
+      <div class="method_details ">
+  <h3 class="signature " id="configs_hash-instance_method">
+    - (<tt>Object</tt>) <strong>configs_hash</strong>  <span class="extras">(readonly)</span>
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Returns the value of attribute configs_hash</p>
+  </div>
+</div>
+<div class="tags">
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+58
+59
+60</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/ocsp/signer.rb', line 58</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_configs_hash'>configs_hash</span>
+  <span class='ivar'>@configs_hash</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+  </div>
+  <div id="instance_method_details" class="method_details_list">
+    <h2>Instance Method Details</h2>
+      <div class="method_details first">
+  <h3 class="signature first" id="check_statuses-instance_method">
+    - (<tt>Hash</tt>) <strong>check_statuses</strong>(request)
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Loads and checks a raw OCSP request</p>
+  </div>
+</div>
+<div class="tags">
+  <p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>request</span>
+        <span class='type'>(<tt>OpenSSL::OCSP::Request</tt>)</span>
+        &mdash;
+        <div class='inline'>
+<p>OpenSSL OCSP Request object</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Returns:</p>
+<ul class="return">
+    <li>
+        <span class='type'>(<tt>Hash</tt>)</span>
+        &mdash;
+        <div class='inline'>
+<p>hash from the check_status method</p>
+</div>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+97
+98
+99
+100
+101
+102
+103
+104
+105
+106
+107
+108
+109
+110
+111
+112
+113
+114
+115
+116
+117
+118</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/ocsp/signer.rb', line 97</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_check_statuses'>check_statuses</span><span class='lparen'>(</span><span class='id identifier rubyid_request'>request</span><span class='rparen'>)</span>
+    <span class='id identifier rubyid_request'>request</span><span class='period'>.</span><span class='id identifier rubyid_certid'>certid</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_certid'>certid</span><span class='op'>|</span>
+        <span class='kw'>if</span> <span class='id identifier rubyid_certid'>certid</span><span class='period'>.</span><span class='id identifier rubyid_respond_to?'>respond_to?</span><span class='lparen'>(</span><span class='symbol'>:issuer_key_hash</span><span class='rparen'>)</span>
+            <span class='id identifier rubyid_validated_config'>validated_config</span> <span class='op'>=</span> <span class='ivar'>@configs_hash</span><span class='lbracket'>[</span><span class='id identifier rubyid_certid'>certid</span><span class='period'>.</span><span class='id identifier rubyid_issuer_key_hash'>issuer_key_hash</span><span class='rbracket'>]</span>
+        <span class='kw'>else</span>
+            <span class='id identifier rubyid_validated_config'>validated_config</span> <span class='op'>=</span> <span class='ivar'>@configs</span><span class='period'>.</span><span class='id identifier rubyid_find'>find</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_config'>config</span><span class='op'>|</span>
+                <span class='comment'>#we need to create an OCSP::CertificateId object that has the right
+</span>                <span class='comment'>#issuer so we can pass it to #cmp_issuer. This is annoying because
+</span>                <span class='comment'>#CertificateId wants a cert and its issuer, but we don't want to
+</span>                <span class='comment'>#force users to provide an end entity cert just to make this comparison
+</span>                <span class='comment'>#work. So, we create a fake new cert and pass it in.
+</span>                <span class='id identifier rubyid_ee_cert'>ee_cert</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Certificate</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
+                <span class='id identifier rubyid_ee_cert'>ee_cert</span><span class='period'>.</span><span class='id identifier rubyid_issuer'>issuer</span> <span class='op'>=</span> <span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span><span class='period'>.</span><span class='id identifier rubyid_subject'>subject</span>
+                <span class='id identifier rubyid_issuer_certid'>issuer_certid</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>OCSP</span><span class='op'>::</span><span class='const'>CertificateId</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='id identifier rubyid_ee_cert'>ee_cert</span><span class='comma'>,</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span><span class='rparen'>)</span>
+                <span class='id identifier rubyid_certid'>certid</span><span class='period'>.</span><span class='id identifier rubyid_cmp_issuer'>cmp_issuer</span><span class='lparen'>(</span><span class='id identifier rubyid_issuer_certid'>issuer_certid</span><span class='rparen'>)</span>
+            <span class='kw'>end</span>
+        <span class='kw'>end</span>
+        <span class='id identifier rubyid_log'>log</span><span class='period'>.</span><span class='id identifier rubyid_info'>info</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_validated_config'>validated_config</span><span class='period'>.</span><span class='id identifier rubyid_ca_cert'>ca_cert</span><span class='period'>.</span><span class='id identifier rubyid_subject'>subject</span><span class='period'>.</span><span class='id identifier rubyid_to_s'>to_s</span><span class='rbrace'>}</span><span class='tstring_content'> found for issuer</span><span class='tstring_end'>&quot;</span></span> <span class='kw'>if</span> <span class='id identifier rubyid_validated_config'>validated_config</span>
+        <span class='id identifier rubyid_check_status'>check_status</span><span class='lparen'>(</span><span class='id identifier rubyid_certid'>certid</span><span class='comma'>,</span> <span class='id identifier rubyid_validated_config'>validated_config</span><span class='rparen'>)</span>
+    <span class='rbrace'>}</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+      <div class="method_details ">
+  <h3 class="signature " id="validate_statuses-instance_method">
+    - (<tt>Boolean</tt>) <strong>validate_statuses</strong>(statuses)
+</h3><div class="docstring">
+  <div class="discussion">
+<p>Determines whether the statuses constitute a request that is compliant. No
+config means we don't know the CA, different configs means there are
+requests from two different CAs in there. Both are invalid.</p>
+  </div>
+</div>
+<div class="tags">
+  <p class="tag_title">Parameters:</p>
+<ul class="param">
+    <li>
+        <span class='name'>statuses</span>
+        <span class='type'>(<tt>Array&lt;Hash&gt;</tt>)</span>
+        &mdash;
+        <div class='inline'>
+<p>array of hashes from check_statuses</p>
+</div>
+    </li>
+</ul>
+<p class="tag_title">Returns:</p>
+<ul class="return">
+    <li>
+        <span class='type'>(<tt>Boolean</tt>)</span>
+    </li>
+</ul>
+</div><table class="source_code">
+  <tr>
+    <td>
+      <pre class="lines">
+126
+127
+128
+129
+130
+131
+132
+133
+134
+135
+136
+137
+138
+139
+140
+141
+142
+143</pre>
+    </td>
+    <td>
+      <pre class="code"><span class="info file"># File 'lib/r509/ocsp/signer.rb', line 126</span>
+<span class='kw'>def</span> <span class='id identifier rubyid_validate_statuses'>validate_statuses</span><span class='lparen'>(</span><span class='id identifier rubyid_statuses'>statuses</span><span class='rparen'>)</span>
+    <span class='id identifier rubyid_validity'>validity</span> <span class='op'>=</span> <span class='kw'>true</span>
+    <span class='id identifier rubyid_config'>config</span> <span class='op'>=</span> <span class='kw'>nil</span>
+    <span class='id identifier rubyid_statuses'>statuses</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_status'>status</span><span class='op'>|</span>
+        <span class='kw'>if</span> <span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:config</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
+            <span class='id identifier rubyid_validity'>validity</span> <span class='op'>=</span> <span class='kw'>false</span>
+        <span class='kw'>end</span>
+        <span class='kw'>if</span> <span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
+            <span class='id identifier rubyid_config'>config</span> <span class='op'>=</span> <span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:config</span><span class='rbracket'>]</span>
+        <span class='kw'>end</span>
+        <span class='kw'>if</span> <span class='id identifier rubyid_config'>config</span> <span class='op'>!=</span> <span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:config</span><span class='rbracket'>]</span>
+            <span class='id identifier rubyid_validity'>validity</span> <span class='op'>=</span> <span class='kw'>false</span>
+        <span class='kw'>end</span>
+    <span class='kw'>end</span>
+    <span class='id identifier rubyid_validity'>validity</span>
+<span class='kw'>end</span></pre>
+    </td>
+  </tr>
+</table>
+</div>
+  </div>
+</div>
+    <div id="footer">
+  Generated on Thu Nov  8 14:33:52 2012 by
+  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.8.2.1 (ruby-1.9.3).
+</div>
+  </body>
+</html>