class OpenSSL::OCSP::Request
An OpenSSL::OCSP::Request contains the certificate information for determining if a certificate has been revoked or not. A Request can be created for a certificate or from a DER-encoded request created elsewhere.
Public Class Methods
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4925
def initialize: (?String der) -> void
Creates a new OpenSSL::OCSP::Request. The request may be created empty or from a request_der string.
Public Instance Methods
(CertificateId certificate_id) → self
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4815
def add_certid: (CertificateId certificate_id) -> self
Adds certificate_id to the request.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4827
def add_nonce: (?String nonce) -> self
Adds a nonce to the OCSP request. If no nonce is given a random one will be generated.
The nonce is used to prevent replay attacks but some servers do not support it.
() → Array[CertificateId]
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4835
def certid: () -> Array[CertificateId]
Returns all certificate IDs in this request.
(Response response) → (-1 | 0 | 1 | 2 | 3)
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4865
def check_nonce: (Response response) -> (-1 | 0 | 1 | 2 | 3)
Checks the nonce validity for this request and response.
The return value is one of the following:
- -1
-
nonce in request only.
- 0
-
nonces both present and not equal.
- 1
-
nonces present and equal.
- 2
-
nonces both absent.
- 3
-
nonce present in response only.
For most responses, clients can check result > 0. If a responder doesnโt handle nonces result.nonzero? may be necessary. A result of 0 is always an error.
(self) → void
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4932
def initialize_copy: (self) -> void
(X509::Certificate cert, PKey::PKey key, ?Array[X509::Certificate] certs, ?Integer flags, ?Digest digest) → self
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4883
def sign: (X509::Certificate cert, PKey::PKey key, ?Array[X509::Certificate] certs, ?Integer flags, ?Digest digest) -> self
Signs this OCSP request using cert, key and optional digest. If digest is not specified, SHA-1 is used. certs is an optional Array of additional certificates which are included in the request in addition to the signer certificate. Note that if certs is nil or not given, flag OpenSSL::OCSP::NOCERTS is enabled. Pass an empty array to include only the signer certificate.
flags is a bitwise OR of the following constants:
OpenSSL::OCSP::NOCERTS-
Donโt include any certificates in the request. certs will be ignored.
() → bool
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4892
def signed?: () -> bool
Returns true if the request is signed, false otherwise. Note that the validity of the signature is not checked. Use verify to verify that.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4900
def to_der: () -> String
Returns this request as a DER-encoded string
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4913
def verify: (Array[X509::Certificate] certs, X509::Store store, ?Integer flags) -> bool
Verifies this request using the given certificates and store. certificates is an array of OpenSSL::X509::Certificate, store is an OpenSSL::X509::Store.
Note that false is returned if the request does not have a signature. Use
signed? to check whether the request is signed or not.