class OpenSSL::Timestamp::Response
Immutable and read-only representation of a timestamp response returned from a timestamp server after receiving an associated Request. Allows access to specific information about the response but also allows to verify the Response.
Constants
- GRANTED
-
Indicates a successful response. Equal to
0. - GRANTED_WITH_MODS
-
Indicates a successful response that probably contains modifications from the initial request. Equal to
1. - REJECTION
-
Indicates a failure. No timestamp token was created. Equal to
2. - REVOCATION_NOTIFICATION
-
Indicates a failure. No timestamp token was created. A certificate has been revoked. Equal to
5. - REVOCATION_WARNING
-
Indicates a failure. No timestamp token was created. Revocation of a certificate is imminent. Equal to
4. - WAITING
-
Indicates a failure. No timestamp token was created. Equal to
3.
Public Class Methods
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9978
def initialize: (File | String response_der) -> void
Public Instance Methods
() → Symbol?
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9888
def failure_info: () -> Symbol?
In cases no timestamp token has been created, this field contains further info about the reason why response creation failed. The method returns either nil (the request was successful and a timestamp token was created) or one of the following: * :BAD_ALG - Indicates that the timestamp server rejects the message imprint algorithm used in the Request * :BAD_REQUEST - Indicates that the timestamp server was not able to process the Request properly * :BAD_DATA_FORMAT - Indicates that the timestamp server was not able to parse certain data in the Request * :TIME_NOT_AVAILABLE - Indicates that the server could not access its time source * :UNACCEPTED_POLICY - Indicates that the requested policy identifier is not recognized or supported by the timestamp server * :UNACCEPTED_EXTENSIION - Indicates that an extension in the Request is not supported by the timestamp server * :ADD_INFO_NOT_AVAILABLE -Indicates that additional information requested is either not understood or currently not available * :SYSTEM_FAILURE - Timestamp creation failed due to an internal error that occurred on the timestamp server
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9898
def status: () -> BN
Returns one of GRANTED, GRANTED_WITH_MODS, REJECTION, WAITING, REVOCATION_WARNING or REVOCATION_NOTIFICATION. A timestamp token has been created only in case status is equal to GRANTED or GRANTED_WITH_MODS.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9907
def status_text: () -> Array[String]?
In cases of failure this field may contain an array of strings further describing the origin of the failure.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9915
def to_der: () -> String
Returns the Response in DER-encoded form.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9924
def token: () -> PKCS7?
If a timestamp token is present, this returns it in the form of a OpenSSL::PKCS7.
() → TokenInfo?
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9932
def token_info: () -> TokenInfo?
Get the response’s token info if present.
() → X509::Certificate?
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9942
def tsa_certificate: () -> X509::Certificate?
If the Request specified to request the TSA certificate (Request#cert_requested = true), then this field contains the certificate of the timestamp authority.
(Request request, X509::Store store, ?X509::Certificate intermediate_cert) → self
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9964
def verify: (Request request, X509::Store store, ?X509::Certificate intermediate_cert) -> self
Verifies a timestamp token by checking the signature, validating the certificate chain implied by tsa_certificate and by checking conformance to a given Request. Mandatory parameters are the Request associated to this Response, and an OpenSSL::X509::Store of trusted roots.
Intermediate certificates can optionally be supplied for creating the certificate chain. These intermediate certificates must all be instances of OpenSSL::X509::Certificate.
If validation fails, several kinds of exceptions can be raised: * TypeError if types don’t fit * TimestampError if something is wrong with the timestamp token itself, if it is not conformant to the Request, or if validation of the timestamp certificate chain fails.