Asks the user to answer question with an answer from the given list.
Add the –platform option to the option parser.
Returns AST nodes under this one. Each kind of node has different children, depending on what kind of node it is.
The returned array may contain other nodes or nil.
Verifies whether the signature is valid given the message digest input. It does so by validating sig using the public key of this DSA instance.
Deprecated in version 3.0. Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
digest
A message digest of the original input data to be signed.
sig
A DSA signature value.
This method is called automatically when a new SSLSocket is created. However, it is not thread-safe and must be called before creating SSLSocket objects in a multi-threaded program.
Reads length bytes from the SSL connection. If a pre-allocated buffer is provided the data will be written into it.
Performs the certificate verification using the parameters set to stctx.
See also the man page X509_verify_cert(3).
Verifies the signature of the certificate, with the public key key. key must be an instance of OpenSSL::PKey.
Checks that cert signature is made with PRIVversion of this PUBLIC ‘key’
key - the public key to be used for verifying the SPKI signature
Returns true if the signature is valid, false otherwise. To verify an SPKI, the public key contained within the SPKI should be used.
Verifies this request using the given certificates and store. certificates is an array of OpenSSL::X509::Certificate, store is an OpenSSL::X509::Store.
Note that false is returned if the request does not have a signature. Use signed? to check whether the request is signed or not.
Creates an OpenSSL::OCSP::Response from status and basic_response.
Verifies the signature of the response using the given certificates and store. This works in the similar way as OpenSSL::OCSP::Request#verify.
Verifies the signature for the data using a message digest algorithm digest and a public key pkey.
Returns true if the signature is successfully verified, false otherwise. The caller must check the return value.
See sign for the signing operation and an example.
See also the man page EVP_DigestVerify(3).
Derives a shared secret from pkey and peer_pkey. pkey must contain the private components, peer_pkey must contain the public components.
Verifies a timestamp token by checking the signature, validating the certificate chain implied by tsa_certificate and by checking conformance to a given Request. Mandatory parameters are the Request associated to this Response, and an OpenSSL::X509::Store of trusted roots.
Intermediate certificates can optionally be supplied for creating the certificate chain. These intermediate certificates must all be instances of OpenSSL::X509::Certificate.
If validation fails, several kinds of exceptions can be raised:
TypeError if types don’t fit
TimestampError if something is wrong with the timestamp token itself, if it is not conformant to the Request, or if validation of the timestamp certificate chain fails.
Performs a certificate verification on the OpenSSL::X509::Certificate cert.
chain can be an array of OpenSSL::X509::Certificate that is used to construct the certificate chain.
If a block is given, it overrides the callback set by verify_callback=.
After finishing the verification, the error information can be retrieved by error, error_string, and the resulting complete certificate chain can be retrieved by chain.
The type of the token.