Set
the default id conversion object.
This is expected to be an instance such as DRb::DRbIdConv
that responds to to_id
and to_obj
that can convert objects to and from DRb
references.
See DRbServer#default_id_conv.
Shortcut for defining multiple delegator methods, but with no provision for using a different name. The following two code samples have the same effect:
def_delegators :@records, :size, :<<, :map def_delegator :@records, :size def_delegator :@records, :<< def_delegator :@records, :map
Defines a method method which delegates to accessor (i.e. it calls the method of the same name in accessor). If new_name is provided, it is used as the name for the delegate method.
Adds a certificate to the context. pkey must be a corresponding private key with certificate.
Multiple certificates with different public key type can be added by repeated calls of this method, and OpenSSL
will choose the most appropriate certificate during the handshake.
cert=
, key=
, and extra_chain_cert=
are old accessor methods for setting certificate and internally call this method.
A certificate. An instance of OpenSSL::X509::Certificate
.
The private key for certificate. An instance of OpenSSL::PKey::PKey
.
Optional. An array of OpenSSL::X509::Certificate
. When sending a certificate chain, the certificates specified by this are sent following certificate, in the order in the array.
rsa_cert = OpenSSL::X509::Certificate.new(...) rsa_pkey = OpenSSL::PKey.read(...) ca_intermediate_cert = OpenSSL::X509::Certificate.new(...) ctx.add_certificate(rsa_cert, rsa_pkey, [ca_intermediate_cert]) ecdsa_cert = ... ecdsa_pkey = ... another_ca_cert = ... ctx.add_certificate(ecdsa_cert, ecdsa_pkey, [another_ca_cert])
OpenSSL
before the version 1.0.2 could handle only one extra chain across all key types. Calling this method discards the chain set previously.
Creates a new X509::Extension
with passed values. See also x509v3_config(5).
Generates a private and public key unless a private key already exists. If this DH
instance was generated from public DH
parameters (e.g. by encoding the result of DH#public_key
), then this method needs to be called first in order to generate the per-session keys before performing the actual key exchange.
dh = OpenSSL::PKey::DH.new(2048) public_key = dh.public_key #contains no private/public key yet public_key.generate_key! puts public_key.private? # => true
See the OpenSSL
documentation for EC_KEY_get0_private_key()
See the OpenSSL
documentation for EC_KEY_set_private_key()
Generates a new random private and public key.
See also the OpenSSL
documentation for EC_KEY_generate_key()
ec = OpenSSL::PKey::EC.new("prime256v1") p ec.private_key # => nil ec.generate_key! p ec.private_key # => #<OpenSSL::BN XXXXXX>
Returns whether this EC
instance has a private key. The private key (BN
) can be retrieved with EC#private_key
.
Generates a new random private and public key.
See also the OpenSSL
documentation for EC_KEY_generate_key()
ec = OpenSSL::PKey::EC.new("prime256v1") p ec.private_key # => nil ec.generate_key! p ec.private_key # => #<OpenSSL::BN XXXXXX>
Encrypt string with the private key. padding defaults to PKCS1_PADDING. The encrypted string output can be decrypted using public_decrypt
.
Decrypt string, which has been encrypted with the public key, with the private key. padding defaults to PKCS1_PADDING.
Adds path as the hash dir to be looked up by the store.