exception to wait for writing. see IO.select
.
Provides classes and methods to request, create and validate RFC3161-compliant timestamps. Request
may be used to either create requests from scratch or to parse existing requests that again can be used to request timestamps from a timestamp server, e.g. via the net/http. The resulting timestamp response may be parsed using Response
.
Please note that Response
is read-only and immutable. To create a Response
, an instance of Factory
as well as a valid Request
are needed.
#Assumes ts.p12 is a PKCS#12-compatible file with a private key #and a certificate that has an extended key usage of 'timeStamping' p12 = OpenSSL::PKCS12.new(File.binread('ts.p12'), 'pwd') md = OpenSSL::Digest.new('SHA1') hash = md.digest(data) #some binary data to be timestamped req = OpenSSL::Timestamp::Request.new req.algorithm = 'SHA1' req.message_imprint = hash req.policy_id = "1.2.3.4.5" req.nonce = 42 fac = OpenSSL::Timestamp::Factory.new fac.gen_time = Time.now fac.serial_number = 1 timestamp = fac.create_timestamp(p12.key, p12.certificate, req)
#Assume we have a timestamp token in a file called ts.der ts = OpenSSL::Timestamp::Response.new(File.binread('ts.der')) #Assume we have the Request for this token in a file called req.der req = OpenSSL::Timestamp::Request.new(File.binread('req.der')) # Assume the associated root CA certificate is contained in a # DER-encoded file named root.cer root = OpenSSL::X509::Certificate.new(File.binread('root.cer')) # get the necessary intermediate certificates, available in # DER-encoded form in inter1.cer and inter2.cer inter1 = OpenSSL::X509::Certificate.new(File.binread('inter1.cer')) inter2 = OpenSSL::X509::Certificate.new(File.binread('inter2.cer')) ts.verify(req, root, inter1, inter2) -> ts or raises an exception if validation fails
Socket::Constants
provides socket-related constants. All possible socket constants are listed in the documentation but they may not all be present on your platform.
If the underlying platform doesn’t define a constant the corresponding Ruby constant is not defined.
Mixin for holding meta-information.
Acceptable argument classes. Now contains DecimalInteger, OctalInteger and DecimalNumeric. See Acceptable argument classes (in source code).
Mixin methods for local and remote Gem::Command
options.
The top-level class representing any ASN.1 object. When parsed by ASN1.decode
, tagged values are always represented by an instance of ASN1Data
.
ASN1Data
for parsing tagged values When encoding an ASN.1 type it is inherently clear what original type (e.g. INTEGER, OCTET STRING etc.) this value has, regardless of its tagging. But opposed to the time an ASN.1 type is to be encoded, when parsing them it is not possible to deduce the “real type” of tagged values. This is why tagged values are generally parsed into ASN1Data
instances, but with a different outcome for implicit and explicit tagging.
An implicitly 1-tagged INTEGER value will be parsed as an ASN1Data
with
tag equal to 1
tag_class equal to :CONTEXT_SPECIFIC
value equal to a String
that carries the raw encoding of the INTEGER.
This implies that a subsequent decoding step is required to completely decode implicitly tagged values.
An explicitly 1-tagged INTEGER value will be parsed as an ASN1Data
with
tag equal to 1
tag_class equal to :CONTEXT_SPECIFIC
value equal to an Array
with one single element, an instance of OpenSSL::ASN1::Integer
, i.e. the inner element is the non-tagged primitive value, and the tagging is represented in the outer ASN1Data
int = OpenSSL::ASN1::Integer.new(1, 0, :IMPLICIT) # implicit 0-tagged seq = OpenSSL::ASN1::Sequence.new( [int] ) der = seq.to_der asn1 = OpenSSL::ASN1.decode(der) # pp asn1 => #<OpenSSL::ASN1::Sequence:0x87326e0 # @indefinite_length=false, # @tag=16, # @tag_class=:UNIVERSAL, # @tagging=nil, # @value= # [#<OpenSSL::ASN1::ASN1Data:0x87326f4 # @indefinite_length=false, # @tag=0, # @tag_class=:CONTEXT_SPECIFIC, # @value="\x01">]> raw_int = asn1.value[0] # manually rewrite tag and tag class to make it an UNIVERSAL value raw_int.tag = OpenSSL::ASN1::INTEGER raw_int.tag_class = :UNIVERSAL int2 = OpenSSL::ASN1.decode(raw_int) puts int2.value # => 1
int = OpenSSL::ASN1::Integer.new(1, 0, :EXPLICIT) # explicit 0-tagged seq = OpenSSL::ASN1::Sequence.new( [int] ) der = seq.to_der asn1 = OpenSSL::ASN1.decode(der) # pp asn1 => #<OpenSSL::ASN1::Sequence:0x87326e0 # @indefinite_length=false, # @tag=16, # @tag_class=:UNIVERSAL, # @tagging=nil, # @value= # [#<OpenSSL::ASN1::ASN1Data:0x87326f4 # @indefinite_length=false, # @tag=0, # @tag_class=:CONTEXT_SPECIFIC, # @value= # [#<OpenSSL::ASN1::Integer:0x85bf308 # @indefinite_length=false, # @tag=2, # @tag_class=:UNIVERSAL # @tagging=nil, # @value=1>]>]> int2 = asn1.value[0].value[0] puts int2.value # => 1
Generic exception class of the Timestamp
module.
This class represents a YAML Alias. It points to an anchor
.
A Psych::Nodes::Alias
is a terminal node and may have no children.
This class represents a YAML Scalar.
This node type is a terminal node and should not have any children.
TimeStamp
struct
Dummy session storage class.
Implements session storage place holder. No actual storage will be done.
Raised when encoding is invalid.
Switch
that can omit argument.