r509-ocsp-responder 0.3.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +77 -0
- data/Rakefile +38 -0
- data/doc/R509.html +115 -0
- data/doc/R509/Ocsp.html +130 -0
- data/doc/R509/Ocsp/Helper.html +126 -0
- data/doc/R509/Ocsp/Helper/RequestChecker.html +739 -0
- data/doc/R509/Ocsp/Helper/ResponseSigner.html +583 -0
- data/doc/R509/Ocsp/Responder.html +129 -0
- data/doc/R509/Ocsp/Responder/OcspConfig.html +289 -0
- data/doc/R509/Ocsp/Responder/Server.html +128 -0
- data/doc/R509/Ocsp/Responder/StatusError.html +134 -0
- data/doc/R509/Ocsp/Signer.html +584 -0
- data/doc/_index.html +197 -0
- data/doc/class_list.html +53 -0
- data/doc/css/common.css +1 -0
- data/doc/css/full_list.css +57 -0
- data/doc/css/style.css +328 -0
- data/doc/file.README.html +156 -0
- data/doc/file_list.html +55 -0
- data/doc/frames.html +28 -0
- data/doc/index.html +156 -0
- data/doc/js/app.js +214 -0
- data/doc/js/full_list.js +173 -0
- data/doc/js/jquery.js +4 -0
- data/doc/method_list.html +164 -0
- data/doc/top-level-namespace.html +112 -0
- data/lib/r509/ocsp/responder/ocsp-config.rb +35 -0
- data/lib/r509/ocsp/responder/server.rb +169 -0
- data/lib/r509/ocsp/responder/version.rb +7 -0
- data/lib/r509/ocsp/signer.rb +244 -0
- data/spec/fixtures.rb +196 -0
- data/spec/fixtures/cert1.pem +24 -0
- data/spec/fixtures/config_test_various.yaml +46 -0
- data/spec/fixtures/ocsptest.r509.local.pem +27 -0
- data/spec/fixtures/second_ca.cer +26 -0
- data/spec/fixtures/second_ca.key +27 -0
- data/spec/fixtures/stca.pem +22 -0
- data/spec/fixtures/stca_ocsp_request.der +0 -0
- data/spec/fixtures/stca_ocsp_response.der +0 -0
- data/spec/fixtures/test_ca.cer +22 -0
- data/spec/fixtures/test_ca.key +28 -0
- data/spec/fixtures/test_ca_ocsp.cer +26 -0
- data/spec/fixtures/test_ca_ocsp.key +27 -0
- data/spec/fixtures/test_ca_ocsp_chain.txt +48 -0
- data/spec/fixtures/test_ca_request.der +0 -0
- data/spec/fixtures/test_ca_response.der +0 -0
- data/spec/fixtures/test_ca_subroot.cer +25 -0
- data/spec/fixtures/test_ca_subroot.key +27 -0
- data/spec/fixtures/test_ca_subroot_ocsp.cer +25 -0
- data/spec/fixtures/test_ca_subroot_ocsp.key +27 -0
- data/spec/fixtures/test_config.yaml +17 -0
- data/spec/server_spec.rb +400 -0
- data/spec/signer_spec.rb +275 -0
- data/spec/spec_helper.rb +18 -0
- metadata +259 -0
|
@@ -0,0 +1,583 @@
|
|
|
1
|
+
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
|
2
|
+
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
3
|
+
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
|
4
|
+
<head>
|
|
5
|
+
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
6
|
+
<title>
|
|
7
|
+
Class: R509::Ocsp::Helper::ResponseSigner
|
|
8
|
+
|
|
9
|
+
— Documentation by YARD 0.8.2.1
|
|
10
|
+
|
|
11
|
+
</title>
|
|
12
|
+
|
|
13
|
+
<link rel="stylesheet" href="../../../css/style.css" type="text/css" media="screen" charset="utf-8" />
|
|
14
|
+
|
|
15
|
+
<link rel="stylesheet" href="../../../css/common.css" type="text/css" media="screen" charset="utf-8" />
|
|
16
|
+
|
|
17
|
+
<script type="text/javascript" charset="utf-8">
|
|
18
|
+
hasFrames = window.top.frames.main ? true : false;
|
|
19
|
+
relpath = '../../../';
|
|
20
|
+
framesUrl = "../../../frames.html#!" + escape(window.location.href);
|
|
21
|
+
</script>
|
|
22
|
+
|
|
23
|
+
|
|
24
|
+
<script type="text/javascript" charset="utf-8" src="../../../js/jquery.js"></script>
|
|
25
|
+
|
|
26
|
+
<script type="text/javascript" charset="utf-8" src="../../../js/app.js"></script>
|
|
27
|
+
|
|
28
|
+
|
|
29
|
+
</head>
|
|
30
|
+
<body>
|
|
31
|
+
<div id="header">
|
|
32
|
+
<div id="menu">
|
|
33
|
+
|
|
34
|
+
<a href="../../../_index.html">Index (R)</a> »
|
|
35
|
+
<span class='title'><span class='object_link'><a href="../../../R509.html" title="R509 (module)">R509</a></span></span> » <span class='title'><span class='object_link'><a href="../../Ocsp.html" title="R509::Ocsp (module)">Ocsp</a></span></span> » <span class='title'><span class='object_link'><a href="../Helper.html" title="R509::Ocsp::Helper (module)">Helper</a></span></span>
|
|
36
|
+
»
|
|
37
|
+
<span class="title">ResponseSigner</span>
|
|
38
|
+
|
|
39
|
+
|
|
40
|
+
<div class="noframes"><span class="title">(</span><a href="." target="_top">no frames</a><span class="title">)</span></div>
|
|
41
|
+
</div>
|
|
42
|
+
|
|
43
|
+
<div id="search">
|
|
44
|
+
|
|
45
|
+
<a class="full_list_link" id="class_list_link"
|
|
46
|
+
href="../../../class_list.html">
|
|
47
|
+
Class List
|
|
48
|
+
</a>
|
|
49
|
+
|
|
50
|
+
<a class="full_list_link" id="method_list_link"
|
|
51
|
+
href="../../../method_list.html">
|
|
52
|
+
Method List
|
|
53
|
+
</a>
|
|
54
|
+
|
|
55
|
+
<a class="full_list_link" id="file_list_link"
|
|
56
|
+
href="../../../file_list.html">
|
|
57
|
+
File List
|
|
58
|
+
</a>
|
|
59
|
+
|
|
60
|
+
</div>
|
|
61
|
+
<div class="clear"></div>
|
|
62
|
+
</div>
|
|
63
|
+
|
|
64
|
+
<iframe id="search_frame"></iframe>
|
|
65
|
+
|
|
66
|
+
<div id="content"><h1>Class: R509::Ocsp::Helper::ResponseSigner
|
|
67
|
+
|
|
68
|
+
|
|
69
|
+
|
|
70
|
+
</h1>
|
|
71
|
+
|
|
72
|
+
<dl class="box">
|
|
73
|
+
|
|
74
|
+
<dt class="r1">Inherits:</dt>
|
|
75
|
+
<dd class="r1">
|
|
76
|
+
<span class="inheritName">Object</span>
|
|
77
|
+
|
|
78
|
+
<ul class="fullTree">
|
|
79
|
+
<li>Object</li>
|
|
80
|
+
|
|
81
|
+
<li class="next">R509::Ocsp::Helper::ResponseSigner</li>
|
|
82
|
+
|
|
83
|
+
</ul>
|
|
84
|
+
<a href="#" class="inheritanceTree">show all</a>
|
|
85
|
+
|
|
86
|
+
</dd>
|
|
87
|
+
|
|
88
|
+
|
|
89
|
+
|
|
90
|
+
|
|
91
|
+
|
|
92
|
+
|
|
93
|
+
|
|
94
|
+
|
|
95
|
+
|
|
96
|
+
<dt class="r2 last">Defined in:</dt>
|
|
97
|
+
<dd class="r2 last">lib/r509/ocsp/signer.rb</dd>
|
|
98
|
+
|
|
99
|
+
</dl>
|
|
100
|
+
<div class="clear"></div>
|
|
101
|
+
|
|
102
|
+
<h2>Overview</h2><div class="docstring">
|
|
103
|
+
<div class="discussion">
|
|
104
|
+
|
|
105
|
+
<p>signs OCSP responses</p>
|
|
106
|
+
|
|
107
|
+
|
|
108
|
+
</div>
|
|
109
|
+
</div>
|
|
110
|
+
<div class="tags">
|
|
111
|
+
|
|
112
|
+
|
|
113
|
+
</div>
|
|
114
|
+
|
|
115
|
+
|
|
116
|
+
|
|
117
|
+
|
|
118
|
+
|
|
119
|
+
|
|
120
|
+
|
|
121
|
+
<h2>
|
|
122
|
+
Instance Method Summary
|
|
123
|
+
<small>(<a href="#" class="summary_toggle">collapse</a>)</small>
|
|
124
|
+
</h2>
|
|
125
|
+
|
|
126
|
+
<ul class="summary">
|
|
127
|
+
|
|
128
|
+
<li class="public ">
|
|
129
|
+
<span class="summary_signature">
|
|
130
|
+
|
|
131
|
+
<a href="#create_basic_response-instance_method" title="#create_basic_response (instance method)">- (OpenSSL::OCSP::BasicResponse) <strong>create_basic_response</strong>(request, statuses) </a>
|
|
132
|
+
|
|
133
|
+
|
|
134
|
+
|
|
135
|
+
</span>
|
|
136
|
+
|
|
137
|
+
|
|
138
|
+
|
|
139
|
+
|
|
140
|
+
|
|
141
|
+
|
|
142
|
+
|
|
143
|
+
|
|
144
|
+
|
|
145
|
+
<span class="summary_desc"><div class='inline'>
|
|
146
|
+
<p>It is UNWISE to call this method directly because it assumes that the
|
|
147
|
+
request is validated.</p>
|
|
148
|
+
</div></span>
|
|
149
|
+
|
|
150
|
+
</li>
|
|
151
|
+
|
|
152
|
+
|
|
153
|
+
<li class="public ">
|
|
154
|
+
<span class="summary_signature">
|
|
155
|
+
|
|
156
|
+
<a href="#create_response-instance_method" title="#create_response (instance method)">- (OpenSSL::OCSP::OCSPResponse) <strong>create_response</strong>(response_status, basic_response = nil) </a>
|
|
157
|
+
|
|
158
|
+
|
|
159
|
+
|
|
160
|
+
</span>
|
|
161
|
+
|
|
162
|
+
|
|
163
|
+
|
|
164
|
+
|
|
165
|
+
|
|
166
|
+
|
|
167
|
+
|
|
168
|
+
|
|
169
|
+
|
|
170
|
+
<span class="summary_desc"><div class='inline'>
|
|
171
|
+
<p>Builds final response.</p>
|
|
172
|
+
</div></span>
|
|
173
|
+
|
|
174
|
+
</li>
|
|
175
|
+
|
|
176
|
+
|
|
177
|
+
<li class="public ">
|
|
178
|
+
<span class="summary_signature">
|
|
179
|
+
|
|
180
|
+
<a href="#initialize-instance_method" title="#initialize (instance method)">- (ResponseSigner) <strong>initialize</strong>(options) </a>
|
|
181
|
+
|
|
182
|
+
|
|
183
|
+
|
|
184
|
+
</span>
|
|
185
|
+
|
|
186
|
+
|
|
187
|
+
<span class="note title constructor">constructor</span>
|
|
188
|
+
|
|
189
|
+
|
|
190
|
+
|
|
191
|
+
|
|
192
|
+
|
|
193
|
+
|
|
194
|
+
|
|
195
|
+
|
|
196
|
+
<span class="summary_desc"><div class='inline'>
|
|
197
|
+
<p>A new instance of ResponseSigner.</p>
|
|
198
|
+
</div></span>
|
|
199
|
+
|
|
200
|
+
</li>
|
|
201
|
+
|
|
202
|
+
|
|
203
|
+
</ul>
|
|
204
|
+
|
|
205
|
+
|
|
206
|
+
<div id="constructor_details" class="method_details_list">
|
|
207
|
+
<h2>Constructor Details</h2>
|
|
208
|
+
|
|
209
|
+
<div class="method_details first">
|
|
210
|
+
<h3 class="signature first" id="initialize-instance_method">
|
|
211
|
+
|
|
212
|
+
- (<tt><span class='object_link'><a href="" title="R509::Ocsp::Helper::ResponseSigner (class)">ResponseSigner</a></span></tt>) <strong>initialize</strong>(options)
|
|
213
|
+
|
|
214
|
+
|
|
215
|
+
|
|
216
|
+
|
|
217
|
+
|
|
218
|
+
</h3><div class="docstring">
|
|
219
|
+
<div class="discussion">
|
|
220
|
+
|
|
221
|
+
<p>A new instance of ResponseSigner</p>
|
|
222
|
+
|
|
223
|
+
|
|
224
|
+
</div>
|
|
225
|
+
</div>
|
|
226
|
+
<div class="tags">
|
|
227
|
+
<p class="tag_title">Parameters:</p>
|
|
228
|
+
<ul class="param">
|
|
229
|
+
|
|
230
|
+
<li>
|
|
231
|
+
|
|
232
|
+
<span class='name'>options</span>
|
|
233
|
+
|
|
234
|
+
|
|
235
|
+
<span class='type'>(<tt>Hash</tt>)</span>
|
|
236
|
+
|
|
237
|
+
|
|
238
|
+
|
|
239
|
+
—
|
|
240
|
+
<div class='inline'>
|
|
241
|
+
<p>a customizable set of options</p>
|
|
242
|
+
</div>
|
|
243
|
+
|
|
244
|
+
</li>
|
|
245
|
+
|
|
246
|
+
</ul>
|
|
247
|
+
|
|
248
|
+
|
|
249
|
+
|
|
250
|
+
|
|
251
|
+
<p class="tag_title">Options Hash (<tt>options</tt>):</p>
|
|
252
|
+
<ul class="option">
|
|
253
|
+
|
|
254
|
+
<li>
|
|
255
|
+
<span class="name">:copy_nonce</span>
|
|
256
|
+
<span class="type">(<tt>Boolean</tt>)</span>
|
|
257
|
+
<span class="default">
|
|
258
|
+
|
|
259
|
+
</span>
|
|
260
|
+
|
|
261
|
+
</li>
|
|
262
|
+
|
|
263
|
+
</ul>
|
|
264
|
+
|
|
265
|
+
|
|
266
|
+
|
|
267
|
+
</div><table class="source_code">
|
|
268
|
+
<tr>
|
|
269
|
+
<td>
|
|
270
|
+
<pre class="lines">
|
|
271
|
+
|
|
272
|
+
|
|
273
|
+
172
|
|
274
|
+
173
|
|
275
|
+
174
|
|
276
|
+
175
|
|
277
|
+
176
|
|
278
|
+
177
|
|
279
|
+
178</pre>
|
|
280
|
+
</td>
|
|
281
|
+
<td>
|
|
282
|
+
<pre class="code"><span class="info file"># File 'lib/r509/ocsp/signer.rb', line 172</span>
|
|
283
|
+
|
|
284
|
+
<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_options'>options</span><span class='rparen'>)</span>
|
|
285
|
+
<span class='kw'>if</span> <span class='id identifier rubyid_options'>options</span><span class='period'>.</span><span class='id identifier rubyid_has_key?'>has_key?</span><span class='lparen'>(</span><span class='symbol'>:copy_nonce</span><span class='rparen'>)</span>
|
|
286
|
+
<span class='ivar'>@copy_nonce</span> <span class='op'>=</span> <span class='id identifier rubyid_options'>options</span><span class='lbracket'>[</span><span class='symbol'>:copy_nonce</span><span class='rbracket'>]</span>
|
|
287
|
+
<span class='kw'>else</span>
|
|
288
|
+
<span class='ivar'>@copy_nonce</span> <span class='op'>=</span> <span class='kw'>false</span>
|
|
289
|
+
<span class='kw'>end</span>
|
|
290
|
+
<span class='kw'>end</span></pre>
|
|
291
|
+
</td>
|
|
292
|
+
</tr>
|
|
293
|
+
</table>
|
|
294
|
+
</div>
|
|
295
|
+
|
|
296
|
+
</div>
|
|
297
|
+
|
|
298
|
+
|
|
299
|
+
<div id="instance_method_details" class="method_details_list">
|
|
300
|
+
<h2>Instance Method Details</h2>
|
|
301
|
+
|
|
302
|
+
|
|
303
|
+
<div class="method_details first">
|
|
304
|
+
<h3 class="signature first" id="create_basic_response-instance_method">
|
|
305
|
+
|
|
306
|
+
- (<tt>OpenSSL::OCSP::BasicResponse</tt>) <strong>create_basic_response</strong>(request, statuses)
|
|
307
|
+
|
|
308
|
+
|
|
309
|
+
|
|
310
|
+
|
|
311
|
+
|
|
312
|
+
</h3><div class="docstring">
|
|
313
|
+
<div class="discussion">
|
|
314
|
+
|
|
315
|
+
<p>It is UNWISE to call this method directly because it assumes that the
|
|
316
|
+
request is validated. You probably want to take a look at
|
|
317
|
+
R509::Ocsp::Signer#handle_request</p>
|
|
318
|
+
|
|
319
|
+
|
|
320
|
+
</div>
|
|
321
|
+
</div>
|
|
322
|
+
<div class="tags">
|
|
323
|
+
<p class="tag_title">Parameters:</p>
|
|
324
|
+
<ul class="param">
|
|
325
|
+
|
|
326
|
+
<li>
|
|
327
|
+
|
|
328
|
+
<span class='name'>request</span>
|
|
329
|
+
|
|
330
|
+
|
|
331
|
+
<span class='type'>(<tt>OpenSSL::OCSP::Request</tt>)</span>
|
|
332
|
+
|
|
333
|
+
|
|
334
|
+
|
|
335
|
+
</li>
|
|
336
|
+
|
|
337
|
+
<li>
|
|
338
|
+
|
|
339
|
+
<span class='name'>statuses</span>
|
|
340
|
+
|
|
341
|
+
|
|
342
|
+
<span class='type'>(<tt>Hash</tt>)</span>
|
|
343
|
+
|
|
344
|
+
|
|
345
|
+
|
|
346
|
+
—
|
|
347
|
+
<div class='inline'>
|
|
348
|
+
<p>hash from R509::Ocsp::Helper::RequestChecker#check_statuses</p>
|
|
349
|
+
</div>
|
|
350
|
+
|
|
351
|
+
</li>
|
|
352
|
+
|
|
353
|
+
</ul>
|
|
354
|
+
|
|
355
|
+
<p class="tag_title">Returns:</p>
|
|
356
|
+
<ul class="return">
|
|
357
|
+
|
|
358
|
+
<li>
|
|
359
|
+
|
|
360
|
+
|
|
361
|
+
<span class='type'>(<tt>OpenSSL::OCSP::BasicResponse</tt>)</span>
|
|
362
|
+
|
|
363
|
+
|
|
364
|
+
|
|
365
|
+
</li>
|
|
366
|
+
|
|
367
|
+
</ul>
|
|
368
|
+
|
|
369
|
+
</div><table class="source_code">
|
|
370
|
+
<tr>
|
|
371
|
+
<td>
|
|
372
|
+
<pre class="lines">
|
|
373
|
+
|
|
374
|
+
|
|
375
|
+
186
|
|
376
|
+
187
|
|
377
|
+
188
|
|
378
|
+
189
|
|
379
|
+
190
|
|
380
|
+
191
|
|
381
|
+
192
|
|
382
|
+
193
|
|
383
|
+
194
|
|
384
|
+
195
|
|
385
|
+
196
|
|
386
|
+
197
|
|
387
|
+
198
|
|
388
|
+
199
|
|
389
|
+
200
|
|
390
|
+
201
|
|
391
|
+
202
|
|
392
|
+
203
|
|
393
|
+
204
|
|
394
|
+
205
|
|
395
|
+
206
|
|
396
|
+
207
|
|
397
|
+
208
|
|
398
|
+
209
|
|
399
|
+
210
|
|
400
|
+
211
|
|
401
|
+
212
|
|
402
|
+
213
|
|
403
|
+
214
|
|
404
|
+
215</pre>
|
|
405
|
+
</td>
|
|
406
|
+
<td>
|
|
407
|
+
<pre class="code"><span class="info file"># File 'lib/r509/ocsp/signer.rb', line 186</span>
|
|
408
|
+
|
|
409
|
+
<span class='kw'>def</span> <span class='id identifier rubyid_create_basic_response'>create_basic_response</span><span class='lparen'>(</span><span class='id identifier rubyid_request'>request</span><span class='comma'>,</span><span class='id identifier rubyid_statuses'>statuses</span><span class='rparen'>)</span>
|
|
410
|
+
<span class='id identifier rubyid_basic_response'>basic_response</span> <span class='op'>=</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>OCSP</span><span class='op'>::</span><span class='const'>BasicResponse</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
|
|
411
|
+
|
|
412
|
+
<span class='id identifier rubyid_basic_response'>basic_response</span><span class='period'>.</span><span class='id identifier rubyid_copy_nonce'>copy_nonce</span><span class='lparen'>(</span><span class='id identifier rubyid_request'>request</span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='ivar'>@copy_nonce</span>
|
|
413
|
+
|
|
414
|
+
<span class='id identifier rubyid_statuses'>statuses</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_status'>status</span><span class='op'>|</span>
|
|
415
|
+
<span class='comment'>#revocation time is retarded and is relative to now, so
|
|
416
|
+
</span> <span class='comment'>#let's figure out what that is.
|
|
417
|
+
</span> <span class='kw'>if</span> <span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:status</span><span class='rbracket'>]</span> <span class='op'>==</span> <span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>OCSP</span><span class='op'>::</span><span class='const'>V_CERTSTATUS_REVOKED</span>
|
|
418
|
+
<span class='id identifier rubyid_revocation_time'>revocation_time</span> <span class='op'>=</span> <span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:revocation_time</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span> <span class='op'>-</span> <span class='const'>Time</span><span class='period'>.</span><span class='id identifier rubyid_now'>now</span><span class='period'>.</span><span class='id identifier rubyid_to_i'>to_i</span>
|
|
419
|
+
<span class='kw'>end</span>
|
|
420
|
+
<span class='id identifier rubyid_basic_response'>basic_response</span><span class='period'>.</span><span class='id identifier rubyid_add_status'>add_status</span><span class='lparen'>(</span><span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:certid</span><span class='rbracket'>]</span><span class='comma'>,</span>
|
|
421
|
+
<span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:status</span><span class='rbracket'>]</span><span class='comma'>,</span>
|
|
422
|
+
<span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:revocation_reason</span><span class='rbracket'>]</span><span class='comma'>,</span>
|
|
423
|
+
<span class='id identifier rubyid_revocation_time'>revocation_time</span><span class='comma'>,</span>
|
|
424
|
+
<span class='op'>-</span><span class='int'>1</span><span class='op'>*</span><span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:config</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_ocsp_start_skew_seconds'>ocsp_start_skew_seconds</span><span class='comma'>,</span>
|
|
425
|
+
<span class='id identifier rubyid_status'>status</span><span class='lbracket'>[</span><span class='symbol'>:config</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_ocsp_validity_hours'>ocsp_validity_hours</span><span class='op'>*</span><span class='int'>3600</span><span class='comma'>,</span>
|
|
426
|
+
<span class='lbracket'>[</span><span class='rbracket'>]</span> <span class='comment'>#array of OpenSSL::X509::Extensions
|
|
427
|
+
</span> <span class='rparen'>)</span>
|
|
428
|
+
<span class='kw'>end</span>
|
|
429
|
+
|
|
430
|
+
<span class='comment'>#this method assumes the request data is validated by validate_request so all configs will be the same and
|
|
431
|
+
</span> <span class='comment'>#we can choose to use the first one safely
|
|
432
|
+
</span> <span class='id identifier rubyid_config'>config</span> <span class='op'>=</span> <span class='id identifier rubyid_statuses'>statuses</span><span class='lbracket'>[</span><span class='int'>0</span><span class='rbracket'>]</span><span class='lbracket'>[</span><span class='symbol'>:config</span><span class='rbracket'>]</span>
|
|
433
|
+
|
|
434
|
+
<span class='comment'>#confusing, but R509::Cert contains R509::PrivateKey under #key. PrivateKey#key gives the OpenSSL object
|
|
435
|
+
</span> <span class='comment'>#turns out BasicResponse#sign can take up to 4 params
|
|
436
|
+
</span> <span class='comment'>#cert, key, array of OpenSSL::X509::Certificates, flags (not sure what the enumeration of those are)
|
|
437
|
+
</span> <span class='id identifier rubyid_basic_response'>basic_response</span><span class='period'>.</span><span class='id identifier rubyid_sign'>sign</span><span class='lparen'>(</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ocsp_cert'>ocsp_cert</span><span class='period'>.</span><span class='id identifier rubyid_cert'>cert</span><span class='comma'>,</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ocsp_cert'>ocsp_cert</span><span class='period'>.</span><span class='id identifier rubyid_key'>key</span><span class='period'>.</span><span class='id identifier rubyid_key'>key</span><span class='comma'>,</span><span class='id identifier rubyid_config'>config</span><span class='period'>.</span><span class='id identifier rubyid_ocsp_chain'>ocsp_chain</span><span class='rparen'>)</span>
|
|
438
|
+
<span class='kw'>end</span></pre>
|
|
439
|
+
</td>
|
|
440
|
+
</tr>
|
|
441
|
+
</table>
|
|
442
|
+
</div>
|
|
443
|
+
|
|
444
|
+
<div class="method_details ">
|
|
445
|
+
<h3 class="signature " id="create_response-instance_method">
|
|
446
|
+
|
|
447
|
+
- (<tt>OpenSSL::OCSP::OCSPResponse</tt>) <strong>create_response</strong>(response_status, basic_response = nil)
|
|
448
|
+
|
|
449
|
+
|
|
450
|
+
|
|
451
|
+
|
|
452
|
+
|
|
453
|
+
</h3><div class="docstring">
|
|
454
|
+
<div class="discussion">
|
|
455
|
+
|
|
456
|
+
<p>Builds final response.</p>
|
|
457
|
+
|
|
458
|
+
<p>generated by create_basic_response</p>
|
|
459
|
+
|
|
460
|
+
|
|
461
|
+
</div>
|
|
462
|
+
</div>
|
|
463
|
+
<div class="tags">
|
|
464
|
+
<p class="tag_title">Parameters:</p>
|
|
465
|
+
<ul class="param">
|
|
466
|
+
|
|
467
|
+
<li>
|
|
468
|
+
|
|
469
|
+
<span class='name'>response_status</span>
|
|
470
|
+
|
|
471
|
+
|
|
472
|
+
<span class='type'>(<tt>OpenSSL::OCSP::RESPONSE_STATUS_*</tt>)</span>
|
|
473
|
+
|
|
474
|
+
|
|
475
|
+
|
|
476
|
+
—
|
|
477
|
+
<div class='inline'>
|
|
478
|
+
<p>the primary response status</p>
|
|
479
|
+
</div>
|
|
480
|
+
|
|
481
|
+
</li>
|
|
482
|
+
|
|
483
|
+
<li>
|
|
484
|
+
|
|
485
|
+
<span class='name'>basic_response</span>
|
|
486
|
+
|
|
487
|
+
|
|
488
|
+
<span class='type'>(<tt>OpenSSL::OCSP::BasicResponse</tt>)</span>
|
|
489
|
+
|
|
490
|
+
|
|
491
|
+
<em class="default">(defaults to: <tt>nil</tt>)</em>
|
|
492
|
+
|
|
493
|
+
|
|
494
|
+
—
|
|
495
|
+
<div class='inline'>
|
|
496
|
+
<p>an optional basic response object</p>
|
|
497
|
+
</div>
|
|
498
|
+
|
|
499
|
+
</li>
|
|
500
|
+
|
|
501
|
+
</ul>
|
|
502
|
+
|
|
503
|
+
<p class="tag_title">Returns:</p>
|
|
504
|
+
<ul class="return">
|
|
505
|
+
|
|
506
|
+
<li>
|
|
507
|
+
|
|
508
|
+
|
|
509
|
+
<span class='type'>(<tt>OpenSSL::OCSP::OCSPResponse</tt>)</span>
|
|
510
|
+
|
|
511
|
+
|
|
512
|
+
|
|
513
|
+
</li>
|
|
514
|
+
|
|
515
|
+
</ul>
|
|
516
|
+
|
|
517
|
+
</div><table class="source_code">
|
|
518
|
+
<tr>
|
|
519
|
+
<td>
|
|
520
|
+
<pre class="lines">
|
|
521
|
+
|
|
522
|
+
|
|
523
|
+
223
|
|
524
|
+
224
|
|
525
|
+
225
|
|
526
|
+
226
|
|
527
|
+
227
|
|
528
|
+
228
|
|
529
|
+
229
|
|
530
|
+
230
|
|
531
|
+
231
|
|
532
|
+
232
|
|
533
|
+
233
|
|
534
|
+
234
|
|
535
|
+
235
|
|
536
|
+
236
|
|
537
|
+
237
|
|
538
|
+
238
|
|
539
|
+
239
|
|
540
|
+
240
|
|
541
|
+
241
|
|
542
|
+
242</pre>
|
|
543
|
+
</td>
|
|
544
|
+
<td>
|
|
545
|
+
<pre class="code"><span class="info file"># File 'lib/r509/ocsp/signer.rb', line 223</span>
|
|
546
|
+
|
|
547
|
+
<span class='kw'>def</span> <span class='id identifier rubyid_create_response'>create_response</span><span class='lparen'>(</span><span class='id identifier rubyid_response_status'>response_status</span><span class='comma'>,</span><span class='id identifier rubyid_basic_response'>basic_response</span><span class='op'>=</span><span class='kw'>nil</span><span class='rparen'>)</span>
|
|
548
|
+
|
|
549
|
+
<span class='comment'># first arg is the response status code, comes from this list
|
|
550
|
+
</span> <span class='comment'># these can also be enumerated via OpenSSL::OCSP::RESPONSE_STATUS_*
|
|
551
|
+
</span> <span class='comment'>#OCSPResponseStatus ::= ENUMERATED {
|
|
552
|
+
</span> <span class='comment'># successful (0), --Response has valid confirmations
|
|
553
|
+
</span> <span class='comment'># malformedRequest (1), --Illegal confirmation request
|
|
554
|
+
</span> <span class='comment'># internalError (2), --Internal error in issuer
|
|
555
|
+
</span> <span class='comment'># tryLater (3), --Try again later
|
|
556
|
+
</span> <span class='comment'># --(4) is not used
|
|
557
|
+
</span> <span class='comment'># sigRequired (5), --Must sign the request
|
|
558
|
+
</span> <span class='comment'># unauthorized (6) --Request unauthorized
|
|
559
|
+
</span> <span class='comment'>#}
|
|
560
|
+
</span> <span class='comment'>#
|
|
561
|
+
</span> <span class='const'>R509</span><span class='op'>::</span><span class='const'>Ocsp</span><span class='op'>::</span><span class='const'>Response</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span>
|
|
562
|
+
<span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>OCSP</span><span class='op'>::</span><span class='const'>Response</span><span class='period'>.</span><span class='id identifier rubyid_create'>create</span><span class='lparen'>(</span>
|
|
563
|
+
<span class='id identifier rubyid_response_status'>response_status</span><span class='comma'>,</span> <span class='id identifier rubyid_basic_response'>basic_response</span>
|
|
564
|
+
<span class='rparen'>)</span>
|
|
565
|
+
<span class='rparen'>)</span>
|
|
566
|
+
<span class='kw'>end</span></pre>
|
|
567
|
+
</td>
|
|
568
|
+
</tr>
|
|
569
|
+
</table>
|
|
570
|
+
</div>
|
|
571
|
+
|
|
572
|
+
</div>
|
|
573
|
+
|
|
574
|
+
</div>
|
|
575
|
+
|
|
576
|
+
<div id="footer">
|
|
577
|
+
Generated on Thu Nov 8 14:33:53 2012 by
|
|
578
|
+
<a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
|
579
|
+
0.8.2.1 (ruby-1.9.3).
|
|
580
|
+
</div>
|
|
581
|
+
|
|
582
|
+
</body>
|
|
583
|
+
</html>
|