See ASN1Data#to_der for details.
See ASN1Data#to_der for details.
Generates a private and public key unless a private key already exists. If this DH instance was generated from public DH parameters (e.g. by encoding the result of DH#public_key), then this method needs to be called first in order to generate the per-session keys before performing the actual key exchange.
Deprecated in version 3.0. This method is incompatible with OpenSSL 3.0.0 or later.
See also OpenSSL::PKey.generate_key.
Example:
# DEPRECATED USAGE: This will not work on OpenSSL 3.0 or later dh0 = OpenSSL::PKey::DH.new(2048) dh = dh0.public_key # #public_key only copies the DH parameters (contrary to the name) dh.generate_key! puts dh.private? # => true puts dh0.pub_key == dh.pub_key #=> false # With OpenSSL::PKey.generate_key dh0 = OpenSSL::PKey::DH.new(2048) dh = OpenSSL::PKey.generate_key(dh0) puts dh0.pub_key == dh.pub_key #=> false
Serializes the DH parameters to a DER-encoding
Note that any existing per-session public/private keys will not get encoded, just the Diffie-Hellman parameters will be encoded.
See also public_to_der (X.509 SubjectPublicKeyInfo) and private_to_der (PKCS #8 PrivateKeyInfo or EncryptedPrivateKeyInfo) for serialization with the private or public key components.
Sets p, q, g to the DH instance.
Sets pub_key and priv_key for the DH instance. priv_key may be nil.
Serializes a private or public key to a DER-encoding.
See to_pem for details.
This method is kept for compatibility. This should only be used when the traditional, non-standard OpenSSL format is required.
Consider using public_to_der or private_to_der instead.
Sets p, q, g to the DSA instance.
Sets pub_key and priv_key for the DSA instance. priv_key may be nil.
Obtains a list of all predefined curves by the OpenSSL. Curve names are returned as sn.
See the OpenSSL documentation for EC_get_builtin_curves().
Generates a new random private and public key.
See also the OpenSSL documentation for EC_KEY_generate_key()
ec = OpenSSL::PKey::EC.new("prime256v1") p ec.private_key # => nil ec.generate_key! p ec.private_key # => #<OpenSSL::BN XXXXXX>
Serializes a private or public key to a DER-encoding.
See to_pem for details.
This method is kept for compatibility. This should only be used when the SEC 1/RFC 5915 ECPrivateKey format is required.
Consider using public_to_der or private_to_der instead.
Generates a new random private and public key.
See also the OpenSSL documentation for EC_KEY_generate_key()
ec = OpenSSL::PKey::EC.new("prime256v1") p ec.private_key # => nil ec.generate_key! p ec.private_key # => #<OpenSSL::BN XXXXXX>
Encrypt string with the private key. padding defaults to PKCS1_PADDING, which is known to be insecure but is kept for backwards compatibility. The encrypted string output can be decrypted using public_decrypt.
Deprecated in version 3.0. Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and PKey::PKey#verify_recover instead.
Decrypt string, which has been encrypted with the private key, with the public key. padding defaults to PKCS1_PADDING which is known to be insecure but is kept for backwards compatibility.
Deprecated in version 3.0. Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and PKey::PKey#verify_recover instead.
Encrypt string with the public key. padding defaults to PKCS1_PADDING, which is known to be insecure but is kept for backwards compatibility. The encrypted string output can be decrypted using private_decrypt.
Deprecated in version 3.0. Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead.
Decrypt string, which has been encrypted with the public key, with the private key. padding defaults to PKCS1_PADDING, which is known to be insecure but is kept for backwards compatibility.
Deprecated in version 3.0. Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead.
Serializes a private or public key to a DER-encoding.
See to_pem for details.
This method is kept for compatibility. This should only be used when the PKCS #1 RSAPrivateKey format is required.
Consider using public_to_der or private_to_der instead.
Verifies data using the Probabilistic Signature Scheme (RSA-PSS).
The return value is true if the signature is valid, false otherwise. RSAError will be raised if an error occurs.
See sign_pss for the signing operation and an example code.
A String containing the message digest algorithm name.
A String. The data to be signed.
The length in octets of the salt. Two special values are reserved: :digest means the digest length, and :auto means automatically determining the length based on the signature.
The hash algorithm used in MGF1.
Sets n, e, d for the RSA instance.
Returns the security level for the context.
See also OpenSSL::SSL::SSLContext#security_level=.
Sets the security level for the context. OpenSSL limits parameters according to the level. The “parameters” include: ciphersuites, curves, key sizes, certificate signature algorithms, protocol version and so on. For example, level 1 rejects parameters offering below 80 bits of security, such as ciphersuites using MD5 for the MAC or RSA keys shorter than 1024 bits.
Note that attempts to set such parameters with insufficient security are also blocked. You need to lower the level first.
This feature is not supported in OpenSSL < 1.1.0, and setting the level to other than 0 will raise NotImplementedError. Level 0 means everything is permitted, the same behavior as previous versions of OpenSSL.
See the manpage of SSL_CTX_set_security_level(3) for details.
Close the stream for reading. This method is ignored by OpenSSL as there is no reasonable way to implement it, but exists for compatibility with IO.
Closes the stream for writing. The behavior of this method depends on the version of OpenSSL and the TLS protocol in use.
Sends a ‘close_notify’ alert to the peer.
Does not wait for the peer’s ‘close_notify’ alert in response.
In TLS 1.2 and earlier:
On receipt of a ‘close_notify’ alert, responds with a ‘close_notify’ alert of its own and close down the connection immediately, discarding any pending writes.
Therefore, on TLS 1.2, this method will cause the connection to be completely shut down. On TLS 1.3, the connection will remain open for reading only.
A non-blocking version of sysread. Raises an SSLError if reading would block. If “exception: false” is passed, this method returns a symbol of :wait_readable, :wait_writable, or nil, rather than raising an exception.
Reads length bytes from the SSL connection. If a pre-allocated buffer is provided the data will be written into it.