class R509::OCSP::Response
builds OCSP
responses
Public Class Methods
new(ocsp_response)
click to toggle source
@param ocsp_response [OpenSSL::OCSP::Response]
# File lib/r509/ocsp.rb, line 10 def initialize(ocsp_response) unless ocsp_response.is_a?(OpenSSL::OCSP::Response) raise R509::R509Error, 'You must pass an OpenSSL::OCSP::Response object to the constructor. See R509::OCSP::Response.parse if you are trying to parse' end @ocsp_response = ocsp_response end
parse(ocsp_string)
click to toggle source
@param [String,OpenSSL::OCSP::Response] ocsp_string parses an existing response @return [R509::OCSP::Response]
# File lib/r509/ocsp.rb, line 18 def self.parse(ocsp_string) if ocsp_string.nil? raise R509::R509Error, 'You must pass a DER encoded OCSP response to this method' end R509::OCSP::Response.new(OpenSSL::OCSP::Response.new(ocsp_string)) end
Public Instance Methods
basic()
click to toggle source
@return [OpenSSL::OCSP::BasicResponse]
# File lib/r509/ocsp.rb, line 36 def basic @ocsp_response.basic end
check_nonce(ocsp_request)
click to toggle source
@param [OpenSSL::OCSP::Request] ocsp_request the OCSP
request whose nonce to check @return [R509::OCSP::Request::Nonce::CONSTANT] the status code of the nonce check
# File lib/r509/ocsp.rb, line 66 def check_nonce(ocsp_request) ocsp_request.check_nonce(@ocsp_response.basic) end
status()
click to toggle source
@return [OpenSSL::OCSP] response status of this response
# File lib/r509/ocsp.rb, line 26 def status @ocsp_response.status end
to_der()
click to toggle source
@return [String] der encoded string
# File lib/r509/ocsp.rb, line 31 def to_der @ocsp_response.to_der end
verify(certs)
click to toggle source
@param [Array<OpenSSL::X509::Certificate>,OpenSSL::X509::Certificate] certs A cert or array of certs to verify against @return [Boolean] true if the response is valid according to the given root
# File lib/r509/ocsp.rb, line 42 def verify(certs) store = OpenSSL::X509::Store.new if certs.is_a?(Array) stack = certs certs.each do |cert| store.add_cert(cert) end else stack = [certs] store.add_cert(certs) end # suppress verbosity since #verify will output a warning if it does not match # as well as returning false. we just want the boolean original_verbosity = $VERBOSE $VERBOSE = nil # still a bit unclear on why we add to store and pass in array to verify result = @ocsp_response.basic.verify(stack, store) $VERBOSE = original_verbosity result end