Results for: "fnmatch"

No documentation available
No documentation available
No documentation available

Generates a private and public key unless a private key already exists. If this DH instance was generated from public DH parameters (e.g. by encoding the result of DH#public_key), then this method needs to be called first in order to generate the per-session keys before performing the actual key exchange.

Deprecated in version 3.0. This method is incompatible with OpenSSL 3.0.0 or later.

See also OpenSSL::PKey.generate_key.

Example:

# DEPRECATED USAGE: This will not work on OpenSSL 3.0 or later
dh0 = OpenSSL::PKey::DH.new(2048)
dh = dh0.public_key # #public_key only copies the DH parameters (contrary to the name)
dh.generate_key!
puts dh.private? # => true
puts dh0.pub_key == dh.pub_key #=> false

# With OpenSSL::PKey.generate_key
dh0 = OpenSSL::PKey::DH.new(2048)
dh = OpenSSL::PKey.generate_key(dh0)
puts dh0.pub_key == dh.pub_key #=> false

See the OpenSSL documentation for EC_KEY_get0_private_key()

See the OpenSSL documentation for EC_KEY_set_private_key()

Generates a new random private and public key.

See also the OpenSSL documentation for EC_KEY_generate_key()

Example

ec = OpenSSL::PKey::EC.new("prime256v1")
p ec.private_key # => nil
ec.generate_key!
p ec.private_key # => #<OpenSSL::BN XXXXXX>

Raises an exception if the key is invalid.

See also the man page EVP_PKEY_public_check(3).

Returns whether this EC instance has a private key. The private key (BN) can be retrieved with EC#private_key.

Generates a new random private and public key.

See also the OpenSSL documentation for EC_KEY_generate_key()

Example

ec = OpenSSL::PKey::EC.new("prime256v1")
p ec.private_key # => nil
ec.generate_key!
p ec.private_key # => #<OpenSSL::BN XXXXXX>

Encrypt string with the private key. padding defaults to PKCS1_PADDING, which is known to be insecure but is kept for backwards compatibility. The encrypted string output can be decrypted using public_decrypt.

Deprecated in version 3.0. Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and PKey::PKey#verify_recover instead.

Decrypt string, which has been encrypted with the public key, with the private key. padding defaults to PKCS1_PADDING, which is known to be insecure but is kept for backwards compatibility.

Deprecated in version 3.0. Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead.

Sets the upper bound of the supported SSL/TLS protocol version. See min_version= for the possible values.

Adds a certificate to the context. pkey must be a corresponding private key with certificate.

Multiple certificates with different public key type can be added by repeated calls of this method, and OpenSSL will choose the most appropriate certificate during the handshake.

cert=, key=, and extra_chain_cert= are old accessor methods for setting certificate and internally call this method.

Parameters

certificate

A certificate. An instance of OpenSSL::X509::Certificate.

pkey

The private key for certificate. An instance of OpenSSL::PKey::PKey.

extra_certs

Optional. An array of OpenSSL::X509::Certificate. When sending a certificate chain, the certificates specified by this are sent following certificate, in the order in the array.

Example

rsa_cert = OpenSSL::X509::Certificate.new(...)
rsa_pkey = OpenSSL::PKey.read(...)
ca_intermediate_cert = OpenSSL::X509::Certificate.new(...)
ctx.add_certificate(rsa_cert, rsa_pkey, [ca_intermediate_cert])

ecdsa_cert = ...
ecdsa_pkey = ...
another_ca_cert = ...
ctx.add_certificate(ecdsa_cert, ecdsa_pkey, [another_ca_cert])
No documentation available
No documentation available
No documentation available

Creates a new X509::Extension with passed values. See also x509v3_config(5).

No documentation available
No documentation available
No documentation available
No documentation available
No documentation available
No documentation available
No documentation available
Search took: 5ms  ·  Total Results: 1890