Gets the right public key from a PKey instance
Returns a new DH instance that carries just the DH parameters.
Contrary to the method name, the returned DH object contains only parameters and not the public key.
This method is provided for backwards compatibility. In most cases, there is no need to call this method.
For the purpose of re-generating the key pair while keeping the parameters, check OpenSSL::PKey.generate_key.
Example:
# OpenSSL::PKey::DH.generate by default generates a random key pair dh1 = OpenSSL::PKey::DH.generate(2048) p dh1.priv_key #=> #<OpenSSL::BN 1288347...> dhcopy = dh1.public_key p dhcopy.priv_key #=> nil
Returns a new DSA instance that carries just the DSA parameters and the public key.
This method is provided for backwards compatibility. In most cases, there is no need to call this method.
For the purpose of serializing the public key, to PEM or DER encoding of X.509 SubjectPublicKeyInfo format, check PKey#public_to_pem and PKey#public_to_der.
See the OpenSSL documentation for EC_KEY_get0_public_key()
See the OpenSSL documentation for EC_KEY_set_public_key()
Returns whether this EC instance has a public key. The public key (EC::Point) can be retrieved with EC#public_key.
Returns a new RSA instance that carries just the public key components.
This method is provided for backwards compatibility. In most cases, there is no need to call this method.
For the purpose of serializing the public key, to PEM or DER encoding of X.509 SubjectPublicKeyInfo format, check PKey#public_to_pem and PKey#public_to_der.
Decrypt string, which has been encrypted with the private key, with the public key. padding defaults to PKCS1_PADDING which is known to be insecure but is kept for backwards compatibility.
Deprecated in version 3.0. Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and PKey::PKey#verify_recover instead.
Encrypt string with the public key. padding defaults to PKCS1_PADDING, which is known to be insecure but is kept for backwards compatibility. The encrypted string output can be decrypted using private_decrypt.
Deprecated in version 3.0. Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead.
Adds a certificate to the context. pkey must be a corresponding private key with certificate.
Multiple certificates with different public key type can be added by repeated calls of this method, and OpenSSL will choose the most appropriate certificate during the handshake.
cert=, key=, and extra_chain_cert= are old accessor methods for setting certificate and internally call this method.
A certificate. An instance of OpenSSL::X509::Certificate.
The private key for certificate. An instance of OpenSSL::PKey::PKey.
Optional. An array of OpenSSL::X509::Certificate. When sending a certificate chain, the certificates specified by this are sent following certificate, in the order in the array.
rsa_cert = OpenSSL::X509::Certificate.new(...) rsa_pkey = OpenSSL::PKey.read(...) ca_intermediate_cert = OpenSSL::X509::Certificate.new(...) ctx.add_certificate(rsa_cert, rsa_pkey, [ca_intermediate_cert]) ecdsa_cert = ... ecdsa_pkey = ... another_ca_cert = ... ctx.add_certificate(ecdsa_cert, ecdsa_pkey, [another_ca_cert])
Returns the public key associated with the SPKI, an instance of OpenSSL::PKey.
pub - the public key to be set for this instance
Sets the public key to be associated with the SPKI, an instance of OpenSSL::PKey. This should be the public key corresponding to the private key used for signing the SPKI.
If the Request specified to request the TSA certificate (Request#cert_requested = true), then this field contains the certificate of the timestamp authority.
Returns the timestamp policy object identifier of the policy this timestamp was created under. If status is GRANTED or GRANTED_WITH_MODS, this is never nil.
id = token_info.policy_id puts id -> "1.2.3.4.5"
Allows to set the object identifier that represents the timestamp policy under which the server shall create the timestamp. This may be left nil, implying that the timestamp server will issue the timestamp using some default policy.
request.policy_id = "1.2.3.4.5"
Returns the ‘short name’ of the object identifier that represents the timestamp policy under which the server shall create the timestamp.
Return the 2 dependency objects that conflicted
Enumerates trusted certificates.