This sets whether or not to serialize types unsupported by the JSON format as strings. If this boolean is false, types unsupported by the JSON format will be serialized as strings. If this boolean is true, types unsupported by the JSON format will raise a JSON::GeneratorError.
Writes data onto the IO, raising a FileOverflow exception if the number of bytes will be more than limit
Writes data onto the IO
Returns the original source code as an array of lines.
Note that this is an API for ruby internal use, debugging, and research. Do not use this for any other purpose. The compatibility is not guaranteed.
Obtains a list of all predefined curves by the OpenSSL. Curve names are returned as sn.
See the OpenSSL documentation for EC_get_builtin_curves().
See the OpenSSL documentation for EC_KEY_get0_private_key()
See the OpenSSL documentation for EC_KEY_set_private_key()
Returns whether this EC instance has a private key. The private key (BN) can be retrieved with EC#private_key.
Encrypt string with the private key. padding defaults to PKCS1_PADDING, which is known to be insecure but is kept for backwards compatibility. The encrypted string output can be decrypted using public_decrypt.
Deprecated in version 3.0. Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and PKey::PKey#verify_recover instead.
Decrypt string, which has been encrypted with the public key, with the private key. padding defaults to PKCS1_PADDING, which is known to be insecure but is kept for backwards compatibility.
Deprecated in version 3.0. Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead.
Verifies data using the Probabilistic Signature Scheme (RSA-PSS).
The return value is true if the signature is valid, false otherwise. RSAError will be raised if an error occurs.
See sign_pss for the signing operation and an example code.
A String containing the message digest algorithm name.
A String. The data to be signed.
The length in octets of the salt. Two special values are reserved: :digest means the digest length, and :auto means automatically determining the length based on the signature.
The hash algorithm used in MGF1.
Sets the list of “supported elliptic curves” for this context.
For a TLS client, the list is directly used in the Supported Elliptic Curves Extension. For a server, the list is used by OpenSSL to determine the set of shared curves. OpenSSL will pick the most appropriate one from it.
ctx1 = OpenSSL::SSL::SSLContext.new ctx1.ecdh_curves = "X25519:P-256:P-224" svr = OpenSSL::SSL::SSLServer.new(tcp_svr, ctx1) Thread.new { svr.accept } ctx2 = OpenSSL::SSL::SSLContext.new ctx2.ecdh_curves = "P-256" cli = OpenSSL::SSL::SSLSocket.new(tcp_sock, ctx2) cli.connect p cli.tmp_key.group.curve_name # => "prime256v1" (is an alias for NIST P-256)
Writes string to the SSL connection in a non-blocking manner. Raises an SSLError if writing would block.
Returns the result of the peer certificates verification. See verify(1) for error values and descriptions.
If no peer certificate was presented X509_V_OK is returned.
Returns the human readable error string corresponding to the error code retrieved by error.
See also the man page X509_verify_cert_error_string(3).
Returns the certificate which caused the error.
See also the man page X509_STORE_CTX_get_current_cert(3).
Returns the CRL which caused the error.
See also the man page X509_STORE_CTX_get_current_crl(3).
Returns a status string for the response.
Returns the ln (long name) of the hash algorithm used to generate the issuerNameHash and the issuerKeyHash values.
Verifies the signature for the data using a public key pkey. Unlike verify, this method will not hash data with digest automatically.
Returns true if the signature is successfully verified, false otherwise. The caller must check the return value.
See sign_raw for the signing operation and an example code.
Added in version 3.0. See also the man page EVP_PKEY_verify(3).
signature
A String containing the signature to be verified.