Verifies whether the signature is valid given the message digest input. It does so by validating sig using the public key of this DSA instance.
Deprecated in version 3.0. Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
digestA message digest of the original input data to be signed.
sigA DSA signature value.
Creates a new EC instance with a new random private and public key.
Generates an RSA keypair.
See also OpenSSL::PKey.generate_key.
sizeThe desired key size in bits.
exponentAn odd Integer, normally 3, 17, or 65537.
This method is called automatically when a new SSLSocket is created. However, it is not thread-safe and must be called before creating SSLSocket objects in a multi-threaded program.
Sends “close notify” to the peer and tries to shut down the SSL connection gracefully.
If sync_close is set to true, the underlying IO is also closed.
Creates a new instance of SSLSocket. remotehost_ and remoteport_ are used to open TCPSocket. If localhost_ and localport_ are specified, then those parameters are used on the local end to establish the connection. If context is provided, the SSL Sockets initial params will be taken from the context.
sock = OpenSSL::SSL::SSLSocket.open('localhost', 443) sock.connect # Initiates a connection to localhost:443
with SSLContext:
ctx = OpenSSL::SSL::SSLContext.new sock = OpenSSL::SSL::SSLSocket.open('localhost', 443, context: ctx) sock.connect # Initiates a connection to localhost:443 with SSLContext
Initiates an SSL/TLS handshake with a server.
Waits for a SSL/TLS client to initiate a handshake.
Sends “close notify” to the peer and tries to shut down the SSL connection gracefully.
The X509 certificate for this socket endpoint.
Returns the cipher suite actually used in the current session, or nil if no session has been established.
Works similar to TCPServer#accept.
See IO#close for details.
Performs the certificate verification using the parameters set to stctx.
See also the man page X509_verify_cert(3).
Returns the error code of stctx. This is typically called after verify is done, or from the verification callback set to OpenSSL::X509::Store#verify_callback=.
See also the man page X509_STORE_CTX_get_error(3).
Sets the error code of stctx. This is used by the verification callback set to OpenSSL::X509::Store#verify_callback=.
See also the man page X509_STORE_CTX_set_error(3).
Sets the purpose of the context. This overrides the default value set by Store#purpose=.
See also the man page X509_VERIFY_PARAM_set_purpose(3).
Sets the time used in the verification. If not set, the current time is used.
See also the man page X509_VERIFY_PARAM_set_time(3).
Verifies the signature of the certificate, with the public key key. key must be an instance of OpenSSL::PKey.