Class: OpenSSL::Timestamp::Request

Inherits:

Object

• Object
• OpenSSL::Timestamp::Request

Defined in:

ext/openssl/ossl_ts.c,
ext/openssl/ossl_ts.c

Overview

Allows to create timestamp requests or parse existing ones. A Request is also needed for creating timestamps from scratch with Factory. When created from scratch, some default values are set:

• version is set to 1

• cert_requested is set to true

• algorithm, message_imprint, policy_id, and nonce are set to false

Instance Method Summary

• #algorithm ⇒ Object

  Returns the ‘short name’ of the object identifier that represents the algorithm that was used to create the message imprint digest.

• #algorithm=(algo) ⇒ Object

  Allows to set the object identifier or the ‘short name’ of the algorithm that was used to create the message imprint digest.

• #cert_requested=(requested) ⇒ Object

  Specify whether the response shall contain the timestamp authority’s certificate or not.

• #cert_requested? ⇒ Boolean

  Indicates whether the response shall contain the timestamp authority’s certificate or not.

• #initialize(*args) ⇒ Object constructor

  When creating a Request with the File or string parameter, the corresponding File or string must be DER-encoded.

• #message_imprint ⇒ Object

  Returns the message imprint (digest) of the data to be timestamped.

• #message_imprint=(hash) ⇒ Object

  Set the message imprint digest.

• #nonce ⇒ Object

  Returns the nonce (number used once) that the server shall include in its response.

• #nonce=(num) ⇒ Object

  Sets the nonce (number used once) that the server shall include in its response.

• #policy_id ⇒ Object

  Returns the ‘short name’ of the object identifier that represents the timestamp policy under which the server shall create the timestamp.

• #policy_id=(oid) ⇒ Object

  Allows to set the object identifier that represents the timestamp policy under which the server shall create the timestamp.

• #to_der ⇒ Object

  DER-encodes this Request.

• #version ⇒ Object

  Returns the version of this request.

• #version=(version) ⇒ Object

  Sets the version number for this Request.

Constructor Details

#initialize(*args) ⇒ Object

When creating a Request with the File or string parameter, the corresponding File or string must be DER-encoded.

call-seq:

OpenSSL::Timestamp::Request.new(file)    -> request
OpenSSL::Timestamp::Request.new(string)  -> request
OpenSSL::Timestamp::Request.new          -> empty request

# File 'ext/openssl/ossl_ts.c', line 199

static VALUE
ossl_ts_req_initialize(int argc, VALUE *argv, VALUE self)
{
    TS_REQ *ts_req = DATA_PTR(self);
    BIO *in;
    VALUE arg;

    if(rb_scan_args(argc, argv, "01", &arg) == 0) {
        return self;
    }

    arg = ossl_to_der_if_possible(arg);
    in = ossl_obj2bio(&arg);
    ts_req = d2i_TS_REQ_bio(in, &ts_req);
    BIO_free(in);
    if (!ts_req) {
        DATA_PTR(self) = NULL;
        ossl_raise(eTimestampError, "Error when decoding the timestamp request");
    }
    DATA_PTR(self) = ts_req;

    return self;
}

Instance Method Details

#algorithm ⇒ Object

Returns the ‘short name’ of the object identifier that represents the algorithm that was used to create the message imprint digest.

call-seq:
     request.algorithm    -> string

# File 'ext/openssl/ossl_ts.c', line 230

static VALUE
ossl_ts_req_get_algorithm(VALUE self)
{
    TS_REQ *req;
    TS_MSG_IMPRINT *mi;
    X509_ALGOR *algor;

    GetTSRequest(self, req);
    mi = TS_REQ_get_msg_imprint(req);
    algor = TS_MSG_IMPRINT_get_algo(mi);
    return get_asn1obj(algor->algorithm);
}

#algorithm=(algo) ⇒ Object

Allows to set the object identifier or the ‘short name’ of the algorithm that was used to create the message imprint digest.

Example:

    request.algorithm = "SHA1"

call-seq:
     request.algorithm = "string"    -> string

# File 'ext/openssl/ossl_ts.c', line 253

static VALUE
ossl_ts_req_set_algorithm(VALUE self, VALUE algo)
{
    TS_REQ *req;
    TS_MSG_IMPRINT *mi;
    ASN1_OBJECT *obj;
    X509_ALGOR *algor;

    GetTSRequest(self, req);
    obj = obj_to_asn1obj(algo);
    mi = TS_REQ_get_msg_imprint(req);
    algor = TS_MSG_IMPRINT_get_algo(mi);
    if (!X509_ALGOR_set0(algor, obj, V_ASN1_NULL, NULL)) {
        ASN1_OBJECT_free(obj);
        ossl_raise(eTimestampError, "X509_ALGOR_set0");
    }

    return algo;
}

#cert_requested=(requested) ⇒ Object

Specify whether the response shall contain the timestamp authority’s certificate or not. The default value is true.

call-seq:

request.cert_requested = boolean -> true or false

# File 'ext/openssl/ossl_ts.c', line 467

static VALUE
ossl_ts_req_set_cert_requested(VALUE self, VALUE requested)
{
    TS_REQ *req;

    GetTSRequest(self, req);
    TS_REQ_set_cert_req(req, RTEST(requested));

    return requested;
}

#cert_requested? ⇒ Boolean

Indicates whether the response shall contain the timestamp authority’s certificate or not.

call-seq:

request.cert_requested?  -> true or false

Returns:

• (Boolean)

# File 'ext/openssl/ossl_ts.c', line 451

static VALUE
ossl_ts_req_get_cert_requested(VALUE self)
{
    TS_REQ *req;

    GetTSRequest(self, req);
    return TS_REQ_get_cert_req(req) ? Qtrue: Qfalse;
}

#message_imprint ⇒ Object

Returns the message imprint (digest) of the data to be timestamped.

call-seq:

request.message_imprint    -> string or nil

# File 'ext/openssl/ossl_ts.c', line 279

static VALUE
ossl_ts_req_get_msg_imprint(VALUE self)
{
    TS_REQ *req;
    TS_MSG_IMPRINT *mi;
    ASN1_OCTET_STRING *hashed_msg;
    VALUE ret;

    GetTSRequest(self, req);
    mi = TS_REQ_get_msg_imprint(req);
    hashed_msg = TS_MSG_IMPRINT_get_msg(mi);

    ret = rb_str_new((const char *)hashed_msg->data, hashed_msg->length);

    return ret;
}

#message_imprint=(hash) ⇒ Object

Set the message imprint digest.

call-seq:
     request.message_imprint = "string"    -> string

# File 'ext/openssl/ossl_ts.c', line 302

static VALUE
ossl_ts_req_set_msg_imprint(VALUE self, VALUE hash)
{
    TS_REQ *req;
    TS_MSG_IMPRINT *mi;
    StringValue(hash);

    GetTSRequest(self, req);
    mi = TS_REQ_get_msg_imprint(req);
    if (!TS_MSG_IMPRINT_set_msg(mi, (unsigned char *)RSTRING_PTR(hash), RSTRING_LENINT(hash)))
        ossl_raise(eTimestampError, "TS_MSG_IMPRINT_set_msg");

    return hash;
}

#nonce ⇒ Object

Returns the nonce (number used once) that the server shall include in its response.

call-seq:

request.nonce    -> BN or nil

# File 'ext/openssl/ossl_ts.c', line 408

static VALUE
ossl_ts_req_get_nonce(VALUE self)
{
    TS_REQ *req;
    const ASN1_INTEGER * nonce;

    GetTSRequest(self, req);
    if (!(nonce = TS_REQ_get_nonce(req)))
        return Qnil;
    return asn1integer_to_num(nonce);
}

#nonce=(num) ⇒ Object

Sets the nonce (number used once) that the server shall include in its response. If the nonce is set, the server must return the same nonce value in a valid Response.

call-seq:

request.nonce = number    -> BN

# File 'ext/openssl/ossl_ts.c', line 428

static VALUE
ossl_ts_req_set_nonce(VALUE self, VALUE num)
{
    TS_REQ *req;
    ASN1_INTEGER *nonce;
    int ok;

    GetTSRequest(self, req);
    nonce = num_to_asn1integer(num, NULL);
    ok = TS_REQ_set_nonce(req, nonce);
    ASN1_INTEGER_free(nonce);
    if (!ok)
        ossl_raise(eTimestampError, NULL);
    return num;
}

#policy_id ⇒ Object

Returns the ‘short name’ of the object identifier that represents the timestamp policy under which the server shall create the timestamp.

call-seq:

request.policy_id    -> string or nil

# File 'ext/openssl/ossl_ts.c', line 361

static VALUE
ossl_ts_req_get_policy_id(VALUE self)
{
    TS_REQ *req;

    GetTSRequest(self, req);
    if (!TS_REQ_get_policy_id(req))
        return Qnil;
    return get_asn1obj(TS_REQ_get_policy_id(req));
}

#policy_id=(oid) ⇒ Object

Allows to set the object identifier that represents the timestamp policy under which the server shall create the timestamp. This may be left nil, implying that the timestamp server will issue the timestamp using some default policy.

Example:

request.policy_id = "1.2.3.4.5"

call-seq:

request.policy_id = "string"   -> string

# File 'ext/openssl/ossl_ts.c', line 384

static VALUE
ossl_ts_req_set_policy_id(VALUE self, VALUE oid)
{
    TS_REQ *req;
    ASN1_OBJECT *obj;
    int ok;

    GetTSRequest(self, req);
    obj = obj_to_asn1obj(oid);
    ok = TS_REQ_set_policy_id(req, obj);
    ASN1_OBJECT_free(obj);
    if (!ok)
        ossl_raise(eTimestampError, "TS_REQ_set_policy_id");

    return oid;
}

#to_der ⇒ Object

DER-encodes this Request.

call-seq:

request.to_der    -> DER-encoded string

# File 'ext/openssl/ossl_ts.c', line 484

static VALUE
ossl_ts_req_to_der(VALUE self)
{
    TS_REQ *req;
    TS_MSG_IMPRINT *mi;
    X509_ALGOR *algo;
    ASN1_OCTET_STRING *hashed_msg;

    GetTSRequest(self, req);
    mi = TS_REQ_get_msg_imprint(req);

    algo = TS_MSG_IMPRINT_get_algo(mi);
    if (OBJ_obj2nid(algo->algorithm) == NID_undef)
        ossl_raise(eTimestampError, "Message imprint missing algorithm");

    hashed_msg = TS_MSG_IMPRINT_get_msg(mi);
    if (!hashed_msg->length)
        ossl_raise(eTimestampError, "Message imprint missing hashed message");

    return asn1_to_der((void *)req, (int (*)(void *, unsigned char **))i2d_TS_REQ);
}

#version ⇒ Object

Returns the version of this request. 1 is the default value.

call-seq:

request.version -> Integer

# File 'ext/openssl/ossl_ts.c', line 323

static VALUE
ossl_ts_req_get_version(VALUE self)
{
    TS_REQ *req;

    GetTSRequest(self, req);
    return LONG2NUM(TS_REQ_get_version(req));
}

#version=(version) ⇒ Object

Sets the version number for this Request. This should be 1 for compliant servers.

call-seq:

request.version = number    -> Integer

# File 'ext/openssl/ossl_ts.c', line 339

static VALUE
ossl_ts_req_set_version(VALUE self, VALUE version)
{
    TS_REQ *req;
    long ver;

    if ((ver = NUM2LONG(version)) < 0)
        ossl_raise(eTimestampError, "version must be >= 0!");
    GetTSRequest(self, req);
    if (!TS_REQ_set_version(req, ver))
        ossl_raise(eTimestampError, "TS_REQ_set_version");

    return version;
}