Returns the result of the peer certificates verification. See verify(1) for error values and descriptions.
If no peer certificate was presented X509_V_OK is returned.
Adds a new entry with the given oid
and value
to this name. The oid
is an object identifier defined in ASN.1. Some common OIDs are:
Adds a certificate status for certificate_id
. status
is the status, and must be one of these:
OpenSSL::OCSP::V_CERTSTATUS_GOOD
OpenSSL::OCSP::V_CERTSTATUS_REVOKED
OpenSSL::OCSP::V_CERTSTATUS_UNKNOWN
reason
and revocation_time
can be given only when status
is OpenSSL::OCSP::V_CERTSTATUS_REVOKED. reason
describes the reason for the revocation, and must be one of OpenSSL::OCSP::REVOKED_STATUS_* constants. revocation_time
is the time when the certificate is revoked.
this_update
and next_update
indicate the time at which ths status is verified to be correct and the time at or before which newer information will be available, respectively. next_update
is optional.
extensions
is an Array of OpenSSL::X509::Extension
to be included in the SingleResponse
. This is also optional.
Note that the times, revocation_time
, this_update
and next_update
can be specified in either of Integer
or Time
object. If they are Integer
, it is treated as the relative seconds from the current time.
Returns the status of the certificate identified by the certid. The return value may be one of these constant:
V_CERTSTATUS_GOOD
V_CERTSTATUS_REVOKED
V_CERTSTATUS_UNKNOWN
When the status is V_CERTSTATUS_REVOKED, the time at which the certificate was revoked can be retrieved by revocation_time
.
Returns the ln (long name) of the hash algorithm used to generate the issuerNameHash and the issuerKeyHash values.
See the OpenSSL
documentation for EC_KEY_get0_private_key()
See the OpenSSL
documentation for EC_KEY_set_private_key()
Returns whether this EC
instance has a private key. The private key (BN
) can be retrieved with EC#private_key
.
Encrypt string
with the private key. padding
defaults to PKCS1_PADDING. The encrypted string output can be decrypted using public_decrypt
.
Decrypt string
, which has been encrypted with the public key, with the private key. padding
defaults to PKCS1_PADDING.
General callback for OpenSSL
verify