Returns the serial number of the certificate for which status is being requested.
To verify the String
signature
, digest
, an instance of OpenSSL::Digest
, must be provided to re-compute the message digest of the original data
, also a String
. The return value is true
if the signature is valid, false
otherwise. A PKeyError
is raised should errors occur. Any previous state of the Digest
instance is irrelevant to the validation outcome, the digest instance is reset to its initial state during the operation.
data = 'Sign me!' digest = OpenSSL::Digest::SHA256.new pkey = OpenSSL::PKey::RSA.new(2048) signature = pkey.sign(digest, data) pub_key = pkey.public_key puts pub_key.verify(digest, signature, data) # => true
Indicates whether this DSA
instance has a private key associated with it or not. The private key may be retrieved with DSA#private_key.
Verifies whether the signature is valid given the message digest input. It does so by validating sig
using the public key of this DSA
instance.
digest
is a message digest of the original input data to be signed
sig
is a DSA
signature value
dsa = OpenSSL::PKey::DSA.new(2048) doc = "Sign me" digest = OpenSSL::Digest::SHA1.digest(doc) sig = dsa.syssign(digest) puts dsa.sysverify(digest, sig) # => true
Returns whether this EC
instance has a private key. The private key (BN
) can be retrieved with EC#private_key
.
Does this keypair contain a private key?
Checks that cert signature is made with PRIVversion of this PUBLIC ‘key’
Sets the store’s purpose to purpose
. If specified, the verifications on the store will check every untrusted certificate’s extensions are consistent with the purpose. The purpose is specified by constants:
X509::PURPOSE_SSL_CLIENT
X509::PURPOSE_SSL_SERVER
X509::PURPOSE_NS_SSL_SERVER
X509::PURPOSE_SMIME_SIGN
X509::PURPOSE_SMIME_ENCRYPT
X509::PURPOSE_CRL_SIGN
X509::PURPOSE_ANY
X509::PURPOSE_OCSP_HELPER
X509::PURPOSE_TIMESTAMP_SIGN
Performs a certificate verification on the OpenSSL::X509::Certificate
cert
.
chain
can be an array of OpenSSL::X509::Certificate
that is used to construct the certificate chain.
If a block is given, it overrides the callback set by verify_callback=
.
After finishing the verification, the error information can be retrieved by error
, error_string
, and the resuting complete certificate chain can be retrieved by chain
.
Returns true
if the objects in the directory may be deleted, or the directory may be purged.
Returns true
if the STOR command may be applied to the file.
Writes the node to some output.
The node to write
A class implementing <<
. Pass in an Output
object to change the output encoding.