Add a certificate to trusted certificate list.
Handles POST requests
Returns AST nodes under this one. Each kind of node has different children, depending on what kind of node it is.
The returned array may contain other nodes or nil.
This method is called automatically when a new SSLSocket is created. However, it is not thread-safe and must be called before creating SSLSocket objects in a multi-threaded program.
Reads length bytes from the SSL connection. If a pre-allocated buffer is provided the data will be written into it.
Verifies the signature of the certificate, with the public key key. key must be an instance of OpenSSL::PKey.
Checks that cert signature is made with PRIVversion of this PUBLIC ‘key’
key - the public key to be used for verifying the SPKI signature
Returns true if the signature is valid, false otherwise. To verify an SPKI, the public key contained within the SPKI should be used.
Verifies this request using the given certificates and store. certificates is an array of OpenSSL::X509::Certificate, store is an OpenSSL::X509::Store.
Note that false is returned if the request does not have a signature. Use signed? to check whether the request is signed or not.
Creates an OpenSSL::OCSP::Response from status and basic_response.
Verifies the signature of the response using the given certificates and store. This works in the similar way as OpenSSL::OCSP::Request#verify.
To verify the String signature, digest, an instance of OpenSSL::Digest, must be provided to re-compute the message digest of the original data, also a String. The return value is true if the signature is valid, false otherwise. A PKeyError is raised should errors occur. Any previous state of the Digest instance is irrelevant to the validation outcome, the digest instance is reset to its initial state during the operation.
data = 'Sign me!' digest = OpenSSL::Digest::SHA256.new pkey = OpenSSL::PKey::RSA.new(2048) signature = pkey.sign(digest, data) pub_key = pkey.public_key puts pub_key.verify(digest, signature, data) # => true