Performs the certificate verification using the parameters set to stctx.
See also the man page X509_verify_cert(3).
Returns the error code of stctx. This is typically called after verify is done, or from the verification callback set to OpenSSL::X509::Store#verify_callback=.
See also the man page X509_STORE_CTX_get_error(3).
Sets the error code of stctx. This is used by the verification callback set to OpenSSL::X509::Store#verify_callback=.
See also the man page X509_STORE_CTX_set_error(3).
Sets the purpose of the context. This overrides the default value set by Store#purpose=.
See also the man page X509_VERIFY_PARAM_set_purpose(3).
Sets the time used in the verification. If not set, the current time is used.
See also the man page X509_VERIFY_PARAM_set_time(3).
Verifies the signature of the certificate, with the public key key. key must be an instance of OpenSSL::PKey.
Checks that cert signature is made with PRIVversion of this PUBLIC ‘key’
This adds a new ObjectId to the internal tables. Where object_id is the numerical form, short_name is the short name, and long_name is the long name.
Returns true if successful. Raises an OpenSSL::ASN1::ASN1Error if it fails.
key - the public key to be used for verifying the SPKI signature
Returns true if the signature is valid, false otherwise. To verify an SPKI, the public key contained within the SPKI should be used.
Verifies this request using the given certificates and store. certificates is an array of OpenSSL::X509::Certificate, store is an OpenSSL::X509::Store.
Note that false is returned if the request does not have a signature. Use signed? to check whether the request is signed or not.
Verifies the signature of the response using the given certificates and store. This works in the similar way as OpenSSL::OCSP::Request#verify.
Verifies the signature for the data using a message digest algorithm digest and a public key pkey.
Returns true if the signature is successfully verified, false otherwise. The caller must check the return value.
See sign for the signing operation and an example.
See also the man page EVP_DigestVerify(3).
Derives a shared secret from pkey and peer_pkey. pkey must contain the private components, peer_pkey must contain the public components.
Performs a public key encryption operation using pkey.
See decrypt for the reverse operation.
Added in version 3.0. See also the man page EVP_PKEY_encrypt(3).
data
A String to be encrypted.
options
A Hash that contains algorithm specific control operations to OpenSSL. See OpenSSL’s man page EVP_PKEY_CTX_ctrl_str(3) for details.
Example:
pkey = OpenSSL::PKey.generate_key("RSA", rsa_keygen_bits: 2048) data = "secret data" encrypted = pkey.encrypt(data, rsa_padding_mode: "oaep") decrypted = pkey.decrypt(data, rsa_padding_mode: "oaep") p decrypted #=> "secret data"
Performs a public key decryption operation using pkey.
See encrypt for a description of the parameters and an example.
Added in version 3.0. See also the man page EVP_PKEY_decrypt(3).