Results for: "pstore"

Serializes a private or public key to a PEM-encoding.

When the key contains public components only

Serializes it into an X.509 SubjectPublicKeyInfo. The parameters cipher and password are ignored.

A PEM-encoded key will look like:

-----BEGIN PUBLIC KEY-----
[...]
-----END PUBLIC KEY-----

Consider using public_to_pem instead. This serializes the key into an X.509 SubjectPublicKeyInfo regardless of whether it is a public key or a private key.

When the key contains private components, and no parameters are given

Serializes it into a traditional OpenSSL DSAPrivateKey.

A PEM-encoded key will look like:

-----BEGIN DSA PRIVATE KEY-----
[...]
-----END DSA PRIVATE KEY-----

When the key contains private components, and cipher and password are given

Serializes it into a traditional OpenSSL DSAPrivateKey and encrypts it in OpenSSL’s traditional PEM encryption format. cipher must be a cipher name understood by OpenSSL::Cipher.new or an instance of OpenSSL::Cipher.

An encrypted PEM-encoded key will look like:

-----BEGIN DSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,733F5302505B34701FC41F5C0746E4C0

[...]
-----END DSA PRIVATE KEY-----

Note that this format uses MD5 to derive the encryption key, and hence will not be available on FIPS-compliant systems.

This method is kept for compatibility. This should only be used when the traditional, non-standard OpenSSL format is required.

Consider using public_to_pem (X.509 SubjectPublicKeyInfo) or private_to_pem (PKCS #8 PrivateKeyInfo or EncryptedPrivateKeyInfo) instead.

Serializes a private or public key to a PEM-encoding.

When the key contains public components only

Serializes it into an X.509 SubjectPublicKeyInfo. The parameters cipher and password are ignored.

A PEM-encoded key will look like:

-----BEGIN PUBLIC KEY-----
[...]
-----END PUBLIC KEY-----

Consider using public_to_pem instead. This serializes the key into an X.509 SubjectPublicKeyInfo regardless of whether it is a public key or a private key.

When the key contains private components, and no parameters are given

Serializes it into a traditional OpenSSL DSAPrivateKey.

A PEM-encoded key will look like:

-----BEGIN DSA PRIVATE KEY-----
[...]
-----END DSA PRIVATE KEY-----

When the key contains private components, and cipher and password are given

Serializes it into a traditional OpenSSL DSAPrivateKey and encrypts it in OpenSSL’s traditional PEM encryption format. cipher must be a cipher name understood by OpenSSL::Cipher.new or an instance of OpenSSL::Cipher.

An encrypted PEM-encoded key will look like:

-----BEGIN DSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,733F5302505B34701FC41F5C0746E4C0

[...]
-----END DSA PRIVATE KEY-----

Note that this format uses MD5 to derive the encryption key, and hence will not be available on FIPS-compliant systems.

This method is kept for compatibility. This should only be used when the traditional, non-standard OpenSSL format is required.

Consider using public_to_pem (X.509 SubjectPublicKeyInfo) or private_to_pem (PKCS #8 PrivateKeyInfo or EncryptedPrivateKeyInfo) instead.

Serializes a private or public key to a PEM-encoding.

When the key contains public components only

Serializes it into an X.509 SubjectPublicKeyInfo. The parameters cipher and password are ignored.

A PEM-encoded key will look like:

-----BEGIN PUBLIC KEY-----
[...]
-----END PUBLIC KEY-----

Consider using public_to_pem instead. This serializes the key into an X.509 SubjectPublicKeyInfo regardless of whether it is a public key or a private key.

When the key contains private components, and no parameters are given

Serializes it into a SEC 1/RFC 5915 ECPrivateKey.

A PEM-encoded key will look like:

-----BEGIN EC PRIVATE KEY-----
[...]
-----END EC PRIVATE KEY-----

When the key contains private components, and cipher and password are given

Serializes it into a SEC 1/RFC 5915 ECPrivateKey and encrypts it in OpenSSL’s traditional PEM encryption format. cipher must be a cipher name understood by OpenSSL::Cipher.new or an instance of OpenSSL::Cipher.

An encrypted PEM-encoded key will look like:

-----BEGIN EC PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,733F5302505B34701FC41F5C0746E4C0

[...]
-----END EC PRIVATE KEY-----

Note that this format uses MD5 to derive the encryption key, and hence will not be available on FIPS-compliant systems.

This method is kept for compatibility. This should only be used when the SEC 1/RFC 5915 ECPrivateKey format is required.

Consider using public_to_pem (X.509 SubjectPublicKeyInfo) or private_to_pem (PKCS #8 PrivateKeyInfo or EncryptedPrivateKeyInfo) instead.

Serializes a private or public key to a PEM-encoding.

When the key contains public components only

Serializes it into an X.509 SubjectPublicKeyInfo. The parameters cipher and password are ignored.

A PEM-encoded key will look like:

-----BEGIN PUBLIC KEY-----
[...]
-----END PUBLIC KEY-----

Consider using public_to_pem instead. This serializes the key into an X.509 SubjectPublicKeyInfo regardless of whether the key is a public key or a private key.

When the key contains private components, and no parameters are given

Serializes it into a PKCS #1 RSAPrivateKey.

A PEM-encoded key will look like:

-----BEGIN RSA PRIVATE KEY-----
[...]
-----END RSA PRIVATE KEY-----

When the key contains private components, and cipher and password are given

Serializes it into a PKCS #1 RSAPrivateKey and encrypts it in OpenSSL’s traditional PEM encryption format. cipher must be a cipher name understood by OpenSSL::Cipher.new or an instance of OpenSSL::Cipher.

An encrypted PEM-encoded key will look like:

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,733F5302505B34701FC41F5C0746E4C0

[...]
-----END RSA PRIVATE KEY-----

Note that this format uses MD5 to derive the encryption key, and hence will not be available on FIPS-compliant systems.

This method is kept for compatibility. This should only be used when the PKCS #1 RSAPrivateKey format is required.

Consider using public_to_pem (X.509 SubjectPublicKeyInfo) or private_to_pem (PKCS #8 PrivateKeyInfo or EncryptedPrivateKeyInfo) instead.

Serializes a private or public key to a PEM-encoding.

When the key contains public components only

Serializes it into an X.509 SubjectPublicKeyInfo. The parameters cipher and password are ignored.

A PEM-encoded key will look like:

-----BEGIN PUBLIC KEY-----
[...]
-----END PUBLIC KEY-----

Consider using public_to_pem instead. This serializes the key into an X.509 SubjectPublicKeyInfo regardless of whether the key is a public key or a private key.

When the key contains private components, and no parameters are given

Serializes it into a PKCS #1 RSAPrivateKey.

A PEM-encoded key will look like:

-----BEGIN RSA PRIVATE KEY-----
[...]
-----END RSA PRIVATE KEY-----

When the key contains private components, and cipher and password are given

Serializes it into a PKCS #1 RSAPrivateKey and encrypts it in OpenSSL’s traditional PEM encryption format. cipher must be a cipher name understood by OpenSSL::Cipher.new or an instance of OpenSSL::Cipher.

An encrypted PEM-encoded key will look like:

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,733F5302505B34701FC41F5C0746E4C0

[...]
-----END RSA PRIVATE KEY-----

Note that this format uses MD5 to derive the encryption key, and hence will not be available on FIPS-compliant systems.

This method is kept for compatibility. This should only be used when the PKCS #1 RSAPrivateKey format is required.

Consider using public_to_pem (X.509 SubjectPublicKeyInfo) or private_to_pem (PKCS #8 PrivateKeyInfo or EncryptedPrivateKeyInfo) instead.

This method is called automatically when a new SSLSocket is created. However, it is not thread-safe and must be called before creating SSLSocket objects in a multi-threaded program.

Reads length bytes from the SSL connection. If a pre-allocated buffer is provided the data will be written into it.

A description of the current connection state. This is for diagnostic purposes only.

Sets the server hostname used for SNI. This needs to be set before SSLSocket#connect.

See TCPServer#listen for details.

Returns a String representation of the Distinguished Name. format is one of:

• OpenSSL::X509::Name::COMPAT

• OpenSSL::X509::Name::RFC2253

• OpenSSL::X509::Name::ONELINE

• OpenSSL::X509::Name::MULTILINE

If format is omitted, the largely broken and traditional OpenSSL format (X509_NAME_oneline() format) is chosen.

Use of this method is discouraged. None of the formats other than OpenSSL::X509::Name::RFC2253 is standardized and may show an inconsistent behavior through OpenSSL versions.

It is recommended to use to_utf8 instead, which is equivalent to calling name.to_s(OpenSSL::X509::Name::RFC2253).force_encoding("UTF-8").

Returns an Array representation of the distinguished name suitable for passing to ::new

Returns the error code of stctx. This is typically called after verify is done, or from the verification callback set to OpenSSL::X509::Store#verify_callback=.

See also the man page X509_STORE_CTX_get_error(3).

Sets the error code of stctx. This is used by the verification callback set to OpenSSL::X509::Store#verify_callback=.

See also the man page X509_STORE_CTX_set_error(3).

Sets the trust settings of the context. This overrides the default value set by Store#trust=.

See also the man page X509_VERIFY_PARAM_set_trust(3).

Returns the PEM encoding of this SPKI.

Creates an OpenSSL::OCSP::Response from status and basic_response.