define methodname as instance method of current module, using ERB
object or eRuby file
define methodname as instance method of current module, using ERB
object or eRuby file
Determines if current environment is eglible for update suggestion.
Obtains a list of all predefined curves by the OpenSSL
. Curve names are returned as sn.
See the OpenSSL
documentation for EC_get_builtin_curves().
Encrypt string
with the private key. padding
defaults to PKCS1_PADDING
, which is known to be insecure but is kept for backwards compatibility. The encrypted string output can be decrypted using public_decrypt
.
Deprecated in version 3.0. Consider using PKey::PKey#sign_raw
and PKey::PKey#verify_raw
, and PKey::PKey#verify_recover
instead.
Encrypt string
with the public key. padding
defaults to PKCS1_PADDING
, which is known to be insecure but is kept for backwards compatibility. The encrypted string output can be decrypted using private_decrypt
.
Deprecated in version 3.0. Consider using PKey::PKey#encrypt
and PKey::PKey#decrypt
instead.
Sets p, q for the RSA
instance.
Adds a certificate to the context. pkey must be a corresponding private key with certificate.
Multiple certificates with different public key type can be added by repeated calls of this method, and OpenSSL
will choose the most appropriate certificate during the handshake.
cert=
, key=
, and extra_chain_cert=
are old accessor methods for setting certificate and internally call this method.
A certificate. An instance of OpenSSL::X509::Certificate
.
The private key for certificate. An instance of OpenSSL::PKey::PKey
.
Optional. An array of OpenSSL::X509::Certificate
. When sending a certificate chain, the certificates specified by this are sent following certificate, in the order in the array.
rsa_cert = OpenSSL::X509::Certificate.new(...) rsa_pkey = OpenSSL::PKey.read(...) ca_intermediate_cert = OpenSSL::X509::Certificate.new(...) ctx.add_certificate(rsa_cert, rsa_pkey, [ca_intermediate_cert]) ecdsa_cert = ... ecdsa_pkey = ... another_ca_cert = ... ctx.add_certificate(ecdsa_cert, ecdsa_pkey, [another_ca_cert])
Initiates the SSL/TLS handshake as a server in non-blocking manner.
# emulates blocking accept begin ssl.accept_nonblock rescue IO::WaitReadable IO.select([s2]) retry rescue IO::WaitWritable IO.select(nil, [s2]) retry end
By specifying a keyword argument exception to false
, you can indicate that accept_nonblock
should not raise an IO::WaitReadable
or IO::WaitWritable
exception, but return the symbol :wait_readable
or :wait_writable
instead.
A non-blocking version of sysread
. Raises an SSLError
if reading would block. If “exception: false” is passed, this method returns a symbol of :wait_readable, :wait_writable, or nil, rather than raising an exception.
Reads length bytes from the SSL
connection. If a pre-allocated buffer is provided the data will be written into it.
Writes string to the SSL
connection in a non-blocking manner. Raises an SSLError
if writing would block.