# typed: false
# DO NOT EDIT MANUALLY
# This is an autogenerated file for types exported from the `openssl` gem.
# Please instead update this file by running `bin/tapioca gem openssl`.
# --
# Add double dispatch to Integer
# ++
class Integer < ::Numeric
# Casts an Integer as an OpenSSL::BN
#
# See `man bn` for more info.
#
# source://openssl//openssl/bn.rb#37
def to_bn; end
end
Integer::GMP_VERSION = T.let(T.unsafe(nil), String)
module OpenSSL
private
# Returns a Digest subclass by _name_
#
# require 'openssl'
#
# OpenSSL::Digest("MD5")
# # => OpenSSL::Digest::MD5
#
# Digest("Foo")
# # => NameError: wrong constant name Foo
#
# source://openssl//openssl/digest.rb#67
def Digest(name); end
class << self
# Returns a Digest subclass by _name_
#
# require 'openssl'
#
# OpenSSL::Digest("MD5")
# # => OpenSSL::Digest::MD5
#
# Digest("Foo")
# # => NameError: wrong constant name Foo
#
# source://openssl//openssl/digest.rb#67
def Digest(name); end
# call-seq:
# OpenSSL.secure_compare(string, string) -> boolean
#
# Constant time memory comparison. Inputs are hashed using SHA-256 to mask
# the length of the secret. Returns +true+ if the strings are identical,
# +false+ otherwise.
#
# source://openssl//openssl.rb#32
def secure_compare(a, b); end
end
end
class OpenSSL::BN
include ::Comparable
# source://openssl//openssl/bn.rb#20
def pretty_print(q); end
end
OpenSSL::BN::CONSTTIME = T.let(T.unsafe(nil), Integer)
# OpenSSL IO buffering mix-in module.
#
# This module allows an OpenSSL::SSL::SSLSocket to behave like an IO.
#
# You typically won't use this module directly, you can see it implemented in
# OpenSSL::SSL::SSLSocket.
module OpenSSL::Buffering
include ::Enumerable
# Creates an instance of OpenSSL's buffering IO module.
#
# source://openssl//openssl/buffering.rb#63
def initialize(*_arg0); end
# Writes _s_ to the stream. _s_ will be converted to a String using
# +.to_s+ method.
#
# source://openssl//openssl/buffering.rb#422
def <<(s); end
# Closes the SSLSocket and flushes any unwritten data.
#
# source://openssl//openssl/buffering.rb#483
def close; end
# Executes the block for every line in the stream where lines are separated
# by _eol_.
#
# See also #gets
#
# source://openssl//openssl/buffering.rb#259
def each(eol = T.unsafe(nil)); end
# Calls the given block once for each byte in the stream.
#
# source://openssl//openssl/buffering.rb#300
def each_byte; end
# Executes the block for every line in the stream where lines are separated
# by _eol_.
#
# See also #gets
#
# source://openssl//openssl/buffering.rb#259
def each_line(eol = T.unsafe(nil)); end
# Returns true if the stream is at file which means there is no more data to
# be read.
#
# @return [Boolean]
#
# source://openssl//openssl/buffering.rb#331
def eof; end
# Returns true if the stream is at file which means there is no more data to
# be read.
#
# @return [Boolean]
#
# source://openssl//openssl/buffering.rb#331
def eof?; end
# Flushes buffered data to the SSLSocket.
#
# source://openssl//openssl/buffering.rb#471
def flush; end
# call-seq:
# ssl.getbyte => 81
#
# Get the next 8bit byte from `ssl`. Returns `nil` on EOF
#
# source://openssl//openssl/buffering.rb#108
def getbyte; end
# Reads one character from the stream. Returns nil if called at end of
# file.
#
# source://openssl//openssl/buffering.rb#293
def getc; end
# Reads the next "line" from the stream. Lines are separated by _eol_. If
# _limit_ is provided the result will not be longer than the given number of
# bytes.
#
# _eol_ may be a String or Regexp.
#
# Unlike IO#gets the line read will not be assigned to +$_+.
#
# Unlike IO#gets the separator must be provided if a limit is provided.
#
# source://openssl//openssl/buffering.rb#235
def gets(eol = T.unsafe(nil), limit = T.unsafe(nil)); end
# Writes _args_ to the stream.
#
# See IO#print for full details.
#
# source://openssl//openssl/buffering.rb#450
def print(*args); end
# Formats and writes to the stream converting parameters under control of
# the format string.
#
# See Kernel#sprintf for format string details.
#
# source://openssl//openssl/buffering.rb#463
def printf(s, *args); end
# Writes _args_ to the stream along with a record separator.
#
# See IO#puts for full details.
#
# source://openssl//openssl/buffering.rb#432
def puts(*args); end
# Reads _size_ bytes from the stream. If _buf_ is provided it must
# reference a string which will receive the data.
#
# See IO#read for full details.
#
# source://openssl//openssl/buffering.rb#119
def read(size = T.unsafe(nil), buf = T.unsafe(nil)); end
# Reads at most _maxlen_ bytes in the non-blocking manner.
#
# When no data can be read without blocking it raises
# OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
#
# IO::WaitReadable means SSL needs to read internally so read_nonblock
# should be called again when the underlying IO is readable.
#
# IO::WaitWritable means SSL needs to write internally so read_nonblock
# should be called again after the underlying IO is writable.
#
# OpenSSL::Buffering#read_nonblock needs two rescue clause as follows:
#
# # emulates blocking read (readpartial).
# begin
# result = ssl.read_nonblock(maxlen)
# rescue IO::WaitReadable
# IO.select([io])
# retry
# rescue IO::WaitWritable
# IO.select(nil, [io])
# retry
# end
#
# Note that one reason that read_nonblock writes to the underlying IO is
# when the peer requests a new TLS/SSL handshake. See openssl the FAQ for
# more details. http://www.openssl.org/support/faq.html
#
# By specifying a keyword argument _exception_ to +false+, you can indicate
# that read_nonblock should not raise an IO::Wait*able exception, but
# return the symbol +:wait_writable+ or +:wait_readable+ instead. At EOF,
# it will return +nil+ instead of raising EOFError.
#
# source://openssl//openssl/buffering.rb#204
def read_nonblock(maxlen, buf = T.unsafe(nil), exception: T.unsafe(nil)); end
# Reads a one-character string from the stream. Raises an EOFError at end
# of file.
#
# @raise [EOFError]
#
# source://openssl//openssl/buffering.rb#310
def readchar; end
# Reads a line from the stream which is separated by _eol_.
#
# Raises EOFError if at end of file.
#
# @raise [EOFError]
#
# source://openssl//openssl/buffering.rb#284
def readline(eol = T.unsafe(nil)); end
# Reads lines from the stream which are separated by _eol_.
#
# See also #gets
#
# source://openssl//openssl/buffering.rb#271
def readlines(eol = T.unsafe(nil)); end
# Reads at most _maxlen_ bytes from the stream. If _buf_ is provided it
# must reference a string which will receive the data.
#
# See IO#readpartial for full details.
#
# source://openssl//openssl/buffering.rb#146
def readpartial(maxlen, buf = T.unsafe(nil)); end
# The "sync mode" of the SSLSocket.
#
# See IO#sync for full details.
#
# source://openssl//openssl/buffering.rb#53
def sync; end
# The "sync mode" of the SSLSocket.
#
# See IO#sync for full details.
#
# source://openssl//openssl/buffering.rb#53
def sync=(_arg0); end
# Pushes character _c_ back onto the stream such that a subsequent buffered
# character read will return it.
#
# Unlike IO#getc multiple bytes may be pushed back onto the stream.
#
# Has no effect on unbuffered reads (such as #sysread).
#
# source://openssl//openssl/buffering.rb#323
def ungetc(c); end
# Writes _s_ to the stream. If the argument is not a String it will be
# converted using +.to_s+ method. Returns the number of bytes written.
#
# source://openssl//openssl/buffering.rb#369
def write(*s); end
# Writes _s_ in the non-blocking manner.
#
# If there is buffered data, it is flushed first. This may block.
#
# write_nonblock returns number of bytes written to the SSL connection.
#
# When no data can be written without blocking it raises
# OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
#
# IO::WaitReadable means SSL needs to read internally so write_nonblock
# should be called again after the underlying IO is readable.
#
# IO::WaitWritable means SSL needs to write internally so write_nonblock
# should be called again after underlying IO is writable.
#
# So OpenSSL::Buffering#write_nonblock needs two rescue clause as follows.
#
# # emulates blocking write.
# begin
# result = ssl.write_nonblock(str)
# rescue IO::WaitReadable
# IO.select([io])
# retry
# rescue IO::WaitWritable
# IO.select(nil, [io])
# retry
# end
#
# Note that one reason that write_nonblock reads from the underlying IO
# is when the peer requests a new TLS/SSL handshake. See the openssl FAQ
# for more details. http://www.openssl.org/support/faq.html
#
# By specifying a keyword argument _exception_ to +false+, you can indicate
# that write_nonblock should not raise an IO::Wait*able exception, but
# return the symbol +:wait_writable+ or +:wait_readable+ instead.
#
# source://openssl//openssl/buffering.rb#413
def write_nonblock(s, exception: T.unsafe(nil)); end
private
# Consumes _size_ bytes from the buffer
#
# source://openssl//openssl/buffering.rb#91
def consume_rbuff(size = T.unsafe(nil)); end
# Writes _s_ to the buffer. When the buffer is full or #sync is true the
# buffer is flushed to the underlying socket.
#
# source://openssl//openssl/buffering.rb#346
def do_write(s); end
# Fills the buffer from the underlying SSLSocket
#
# source://openssl//openssl/buffering.rb#78
def fill_rbuff; end
end
# A buffer which will retain binary encoding.
class OpenSSL::Buffering::Buffer < ::String
# @return [Buffer] a new instance of Buffer
#
# source://openssl//openssl/buffering.rb#29
def initialize; end
# source://openssl//openssl/buffering.rb#35
def <<(string); end
# source://openssl//openssl/buffering.rb#35
def concat(string); end
end
# source://openssl//openssl/buffering.rb#27
OpenSSL::Buffering::Buffer::BINARY = T.let(T.unsafe(nil), Encoding)
class OpenSSL::Cipher
# call-seq:
# cipher.random_iv -> iv
#
# Generate a random IV with OpenSSL::Random.random_bytes and sets it to the
# cipher, and returns it.
#
# You must call #encrypt or #decrypt before calling this method.
#
# source://openssl//openssl/cipher.rb#55
def random_iv; end
# call-seq:
# cipher.random_key -> key
#
# Generate a random key with OpenSSL::Random.random_bytes and sets it to
# the cipher, and returns it.
#
# You must call #encrypt or #decrypt before calling this method.
#
# source://openssl//openssl/cipher.rb#43
def random_key; end
end
class OpenSSL::Cipher::AES < ::OpenSSL::Cipher
# source://openssl//openssl/cipher.rb#19
def initialize(*args); end
end
class OpenSSL::Cipher::AES128 < ::OpenSSL::Cipher
# source://openssl//openssl/cipher.rb#29
def initialize(mode = T.unsafe(nil)); end
end
class OpenSSL::Cipher::AES192 < ::OpenSSL::Cipher
# source://openssl//openssl/cipher.rb#29
def initialize(mode = T.unsafe(nil)); end
end
class OpenSSL::Cipher::AES256 < ::OpenSSL::Cipher
# source://openssl//openssl/cipher.rb#29
def initialize(mode = T.unsafe(nil)); end
end
class OpenSSL::Cipher::BF < ::OpenSSL::Cipher
# source://openssl//openssl/cipher.rb#19
def initialize(*args); end
end
class OpenSSL::Cipher::CAST5 < ::OpenSSL::Cipher
# source://openssl//openssl/cipher.rb#19
def initialize(*args); end
end
# Deprecated.
#
# This class is only provided for backwards compatibility.
# Use OpenSSL::Cipher.
class OpenSSL::Cipher::Cipher < ::OpenSSL::Cipher; end
class OpenSSL::Cipher::DES < ::OpenSSL::Cipher
# source://openssl//openssl/cipher.rb#19
def initialize(*args); end
end
class OpenSSL::Cipher::IDEA < ::OpenSSL::Cipher
# source://openssl//openssl/cipher.rb#19
def initialize(*args); end
end
class OpenSSL::Cipher::RC2 < ::OpenSSL::Cipher
# source://openssl//openssl/cipher.rb#19
def initialize(*args); end
end
class OpenSSL::Cipher::RC4 < ::OpenSSL::Cipher
# source://openssl//openssl/cipher.rb#19
def initialize(*args); end
end
class OpenSSL::Cipher::RC5 < ::OpenSSL::Cipher
# source://openssl//openssl/cipher.rb#19
def initialize(*args); end
end
class OpenSSL::Config
include ::Enumerable
end
class OpenSSL::Digest < ::Digest::Class
class << self
# Return the hash value computed with _name_ Digest. _name_ is either the
# long name or short name of a supported digest algorithm.
#
# === Examples
#
# OpenSSL::Digest.digest("SHA256", "abc")
#
# which is equivalent to:
#
# OpenSSL::Digest.digest('SHA256', "abc")
#
# source://openssl//openssl/digest.rb#29
def digest(name, data); end
end
end
# Deprecated.
#
# This class is only provided for backwards compatibility.
# Use OpenSSL::Digest instead.
class OpenSSL::Digest::Digest < ::OpenSSL::Digest; end
class OpenSSL::Digest::MD4 < ::OpenSSL::Digest
# source://openssl//openssl/digest.rb#35
def initialize(data = T.unsafe(nil)); end
class << self
# source://openssl//openssl/digest.rb#41
def digest(data); end
# source://openssl//openssl/digest.rb#42
def hexdigest(data); end
end
end
class OpenSSL::Digest::MD5 < ::OpenSSL::Digest
# source://openssl//openssl/digest.rb#35
def initialize(data = T.unsafe(nil)); end
class << self
# source://openssl//openssl/digest.rb#41
def digest(data); end
# source://openssl//openssl/digest.rb#42
def hexdigest(data); end
end
end
class OpenSSL::Digest::RIPEMD160 < ::OpenSSL::Digest
# source://openssl//openssl/digest.rb#35
def initialize(data = T.unsafe(nil)); end
class << self
# source://openssl//openssl/digest.rb#41
def digest(data); end
# source://openssl//openssl/digest.rb#42
def hexdigest(data); end
end
end
class OpenSSL::Digest::SHA1 < ::OpenSSL::Digest
# source://openssl//openssl/digest.rb#35
def initialize(data = T.unsafe(nil)); end
class << self
# source://openssl//openssl/digest.rb#41
def digest(data); end
# source://openssl//openssl/digest.rb#42
def hexdigest(data); end
end
end
class OpenSSL::Digest::SHA224 < ::OpenSSL::Digest
# source://openssl//openssl/digest.rb#35
def initialize(data = T.unsafe(nil)); end
class << self
# source://openssl//openssl/digest.rb#41
def digest(data); end
# source://openssl//openssl/digest.rb#42
def hexdigest(data); end
end
end
class OpenSSL::Digest::SHA256 < ::OpenSSL::Digest
# source://openssl//openssl/digest.rb#35
def initialize(data = T.unsafe(nil)); end
class << self
# source://openssl//openssl/digest.rb#41
def digest(data); end
# source://openssl//openssl/digest.rb#42
def hexdigest(data); end
end
end
class OpenSSL::Digest::SHA384 < ::OpenSSL::Digest
# source://openssl//openssl/digest.rb#35
def initialize(data = T.unsafe(nil)); end
class << self
# source://openssl//openssl/digest.rb#41
def digest(data); end
# source://openssl//openssl/digest.rb#42
def hexdigest(data); end
end
end
class OpenSSL::Digest::SHA512 < ::OpenSSL::Digest
# source://openssl//openssl/digest.rb#35
def initialize(data = T.unsafe(nil)); end
class << self
# source://openssl//openssl/digest.rb#41
def digest(data); end
# source://openssl//openssl/digest.rb#42
def hexdigest(data); end
end
end
class OpenSSL::HMAC
# Securely compare with another HMAC instance in constant time.
#
# source://openssl//openssl/hmac.rb#6
def ==(other); end
# :call-seq:
# hmac.base64digest -> string
#
# Returns the authentication code an a Base64-encoded string.
#
# source://openssl//openssl/hmac.rb#17
def base64digest; end
class << self
# :call-seq:
# HMAC.base64digest(digest, key, data) -> aString
#
# Returns the authentication code as a Base64-encoded string. The _digest_
# parameter specifies the digest algorithm to use. This may be a String
# representing the algorithm name or an instance of OpenSSL::Digest.
#
# === Example
# key = 'key'
# data = 'The quick brown fox jumps over the lazy dog'
#
# hmac = OpenSSL::HMAC.base64digest('SHA1', key, data)
# #=> "3nybhbi3iqa8ino29wqQcBydtNk="
#
# source://openssl//openssl/hmac.rb#73
def base64digest(digest, key, data); end
# :call-seq:
# HMAC.digest(digest, key, data) -> aString
#
# Returns the authentication code as a binary string. The _digest_ parameter
# specifies the digest algorithm to use. This may be a String representing
# the algorithm name or an instance of OpenSSL::Digest.
#
# === Example
# key = 'key'
# data = 'The quick brown fox jumps over the lazy dog'
#
# hmac = OpenSSL::HMAC.digest('SHA1', key, data)
# #=> "\xDE|\x9B\x85\xB8\xB7\x8A\xA6\xBC\x8Az6\xF7\n\x90p\x1C\x9D\xB4\xD9"
#
# source://openssl//openssl/hmac.rb#35
def digest(digest, key, data); end
# :call-seq:
# HMAC.hexdigest(digest, key, data) -> aString
#
# Returns the authentication code as a hex-encoded string. The _digest_
# parameter specifies the digest algorithm to use. This may be a String
# representing the algorithm name or an instance of OpenSSL::Digest.
#
# === Example
# key = 'key'
# data = 'The quick brown fox jumps over the lazy dog'
#
# hmac = OpenSSL::HMAC.hexdigest('SHA1', key, data)
# #=> "de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9"
#
# source://openssl//openssl/hmac.rb#54
def hexdigest(digest, key, data); end
end
end
module OpenSSL::Marshal
mixes_in_class_methods ::OpenSSL::Marshal::ClassMethods
# source://openssl//openssl/marshal.rb#26
def _dump(_level); end
class << self
# @private
#
# source://openssl//openssl/marshal.rb#16
def included(base); end
end
end
module OpenSSL::Marshal::ClassMethods
# source://openssl//openssl/marshal.rb#21
def _load(string); end
end
module OpenSSL::PKCS5
private
# OpenSSL::PKCS5.pbkdf2_hmac has been renamed to OpenSSL::KDF.pbkdf2_hmac.
# This method is provided for backwards compatibility.
#
# source://openssl//openssl/pkcs5.rb#13
def pbkdf2_hmac(pass, salt, iter, keylen, digest); end
# source://openssl//openssl/pkcs5.rb#18
def pbkdf2_hmac_sha1(pass, salt, iter, keylen); end
class << self
# OpenSSL::PKCS5.pbkdf2_hmac has been renamed to OpenSSL::KDF.pbkdf2_hmac.
# This method is provided for backwards compatibility.
#
# source://openssl//openssl/pkcs5.rb#13
def pbkdf2_hmac(pass, salt, iter, keylen, digest); end
# source://openssl//openssl/pkcs5.rb#18
def pbkdf2_hmac_sha1(pass, salt, iter, keylen); end
end
end
class OpenSSL::PKey::DH < ::OpenSSL::PKey::PKey
include ::OpenSSL::Marshal
extend ::OpenSSL::Marshal::ClassMethods
# :call-seq:
# dh.compute_key(pub_bn) -> string
#
# Returns a String containing a shared secret computed from the other
# party's public value.
#
# This method is provided for backwards compatibility, and calls #derive
# internally.
#
# === Parameters
# * _pub_bn_ is a OpenSSL::BN, *not* the DH instance returned by
# DH#public_key as that contains the DH parameters only.
#
# source://openssl//openssl/pkey.rb#49
def compute_key(pub_bn); end
# :call-seq:
# dh.generate_key! -> self
#
# Generates a private and public key unless a private key already exists.
# If this DH instance was generated from public \DH parameters (e.g. by
# encoding the result of DH#public_key), then this method needs to be
# called first in order to generate the per-session keys before performing
# the actual key exchange.
#
# Deprecated in version 3.0. This method is incompatible with
# OpenSSL 3.0.0 or later.
#
# See also OpenSSL::PKey.generate_key.
#
# Example:
# # DEPRECATED USAGE: This will not work on OpenSSL 3.0 or later
# dh0 = OpenSSL::PKey::DH.new(2048)
# dh = dh0.public_key # #public_key only copies the DH parameters (contrary to the name)
# dh.generate_key!
# puts dh.private? # => true
# puts dh0.pub_key == dh.pub_key #=> false
#
# # With OpenSSL::PKey.generate_key
# dh0 = OpenSSL::PKey::DH.new(2048)
# dh = OpenSSL::PKey.generate_key(dh0)
# puts dh0.pub_key == dh.pub_key #=> false
#
# source://openssl//openssl/pkey.rb#91
def generate_key!; end
# :call-seq:
# dh.public_key -> dhnew
#
# Returns a new DH instance that carries just the \DH parameters.
#
# Contrary to the method name, the returned DH object contains only
# parameters and not the public key.
#
# This method is provided for backwards compatibility. In most cases, there
# is no need to call this method.
#
# For the purpose of re-generating the key pair while keeping the
# parameters, check OpenSSL::PKey.generate_key.
#
# Example:
# # OpenSSL::PKey::DH.generate by default generates a random key pair
# dh1 = OpenSSL::PKey::DH.generate(2048)
# p dh1.priv_key #=> #
# dhcopy = dh1.public_key
# p dhcopy.priv_key #=> nil
#
# source://openssl//openssl/pkey.rb#33
def public_key; end
class << self
# :call-seq:
# DH.generate(size, generator = 2) -> dh
#
# Creates a new DH instance from scratch by generating random parameters
# and a key pair.
#
# See also OpenSSL::PKey.generate_parameters and
# OpenSSL::PKey.generate_key.
#
# +size+::
# The desired key size in bits.
# +generator+::
# The generator.
#
# source://openssl//openssl/pkey.rb#118
def generate(size, generator = T.unsafe(nil), &blk); end
# Handle DH.new(size, generator) form here; new(str) and new() forms
# are handled by #initialize
#
# source://openssl//openssl/pkey.rb#128
def new(*args, &blk); end
end
end
class OpenSSL::PKey::DSA < ::OpenSSL::PKey::PKey
include ::OpenSSL::Marshal
extend ::OpenSSL::Marshal::ClassMethods
# :call-seq:
# dsa.public_key -> dsanew
#
# Returns a new DSA instance that carries just the \DSA parameters and the
# public key.
#
# This method is provided for backwards compatibility. In most cases, there
# is no need to call this method.
#
# For the purpose of serializing the public key, to PEM or DER encoding of
# X.509 SubjectPublicKeyInfo format, check PKey#public_to_pem and
# PKey#public_to_der.
#
# source://openssl//openssl/pkey.rb#153
def public_key; end
# :call-seq:
# dsa.syssign(string) -> string
#
# Computes and returns the \DSA signature of +string+, where +string+ is
# expected to be an already-computed message digest of the original input
# data. The signature is issued using the private key of this DSA instance.
#
# Deprecated in version 3.0.
# Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
#
# +string+::
# A message digest of the original input data to be signed.
#
# Example:
# dsa = OpenSSL::PKey::DSA.new(2048)
# doc = "Sign me"
# digest = OpenSSL::Digest.digest('SHA1', doc)
#
# # With legacy #syssign and #sysverify:
# sig = dsa.syssign(digest)
# p dsa.sysverify(digest, sig) #=> true
#
# # With #sign_raw and #verify_raw:
# sig = dsa.sign_raw(nil, digest)
# p dsa.verify_raw(nil, sig, digest) #=> true
#
# source://openssl//openssl/pkey.rb#220
def syssign(string); end
# :call-seq:
# dsa.sysverify(digest, sig) -> true | false
#
# Verifies whether the signature is valid given the message digest input.
# It does so by validating +sig+ using the public key of this DSA instance.
#
# Deprecated in version 3.0.
# Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
#
# +digest+::
# A message digest of the original input data to be signed.
# +sig+::
# A \DSA signature value.
#
# source://openssl//openssl/pkey.rb#243
def sysverify(digest, sig); end
class << self
# :call-seq:
# DSA.generate(size) -> dsa
#
# Creates a new DSA instance by generating a private/public key pair
# from scratch.
#
# See also OpenSSL::PKey.generate_parameters and
# OpenSSL::PKey.generate_key.
#
# +size+::
# The desired key size in bits.
#
# source://openssl//openssl/pkey.rb#169
def generate(size, &blk); end
# Handle DSA.new(size) form here; new(str) and new() forms
# are handled by #initialize
#
# source://openssl//openssl/pkey.rb#186
def new(*args, &blk); end
end
end
class OpenSSL::PKey::EC < ::OpenSSL::PKey::PKey
include ::OpenSSL::Marshal
extend ::OpenSSL::Marshal::ClassMethods
# :call-seq:
# ec.dh_compute_key(pubkey) -> string
#
# Derives a shared secret by ECDH. _pubkey_ must be an instance of
# OpenSSL::PKey::EC::Point and must belong to the same group.
#
# This method is provided for backwards compatibility, and calls #derive
# internally.
#
# source://openssl//openssl/pkey.rb#284
def dh_compute_key(pubkey); end
# :call-seq:
# key.dsa_sign_asn1(data) -> String
#
# Deprecated in version 3.0.
# Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
#
# source://openssl//openssl/pkey.rb#259
def dsa_sign_asn1(data); end
# :call-seq:
# key.dsa_verify_asn1(data, sig) -> true | false
#
# Deprecated in version 3.0.
# Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
#
# source://openssl//openssl/pkey.rb#270
def dsa_verify_asn1(data, sig); end
end
OpenSSL::PKey::EC::EXPLICIT_CURVE = T.let(T.unsafe(nil), Integer)
class OpenSSL::PKey::EC::Point
# :call-seq:
# point.to_bn([conversion_form]) -> OpenSSL::BN
#
# Returns the octet string representation of the EC point as an instance of
# OpenSSL::BN.
#
# If _conversion_form_ is not given, the _point_conversion_form_ attribute
# set to the group is used.
#
# See #to_octet_string for more information.
#
# source://openssl//openssl/pkey.rb#307
def to_bn(conversion_form = T.unsafe(nil)); end
end
class OpenSSL::PKey::RSA < ::OpenSSL::PKey::PKey
include ::OpenSSL::Marshal
extend ::OpenSSL::Marshal::ClassMethods
# :call-seq:
# rsa.private_decrypt(string) -> String
# rsa.private_decrypt(string, padding) -> String
#
# Decrypt +string+, which has been encrypted with the public key, with the
# private key. +padding+ defaults to PKCS1_PADDING.
#
# Deprecated in version 3.0.
# Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead.
#
# source://openssl//openssl/pkey.rb#435
def private_decrypt(data, padding = T.unsafe(nil)); end
# :call-seq:
# rsa.private_encrypt(string) -> String
# rsa.private_encrypt(string, padding) -> String
#
# Encrypt +string+ with the private key. +padding+ defaults to
# PKCS1_PADDING. The encrypted string output can be decrypted using
# #public_decrypt.
#
# Deprecated in version 3.0.
# Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and
# PKey::PKey#verify_recover instead.
#
# source://openssl//openssl/pkey.rb#372
def private_encrypt(string, padding = T.unsafe(nil)); end
# :call-seq:
# rsa.public_decrypt(string) -> String
# rsa.public_decrypt(string, padding) -> String
#
# Decrypt +string+, which has been encrypted with the private key, with the
# public key. +padding+ defaults to PKCS1_PADDING.
#
# Deprecated in version 3.0.
# Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and
# PKey::PKey#verify_recover instead.
#
# source://openssl//openssl/pkey.rb#394
def public_decrypt(string, padding = T.unsafe(nil)); end
# :call-seq:
# rsa.public_encrypt(string) -> String
# rsa.public_encrypt(string, padding) -> String
#
# Encrypt +string+ with the public key. +padding+ defaults to
# PKCS1_PADDING. The encrypted string output can be decrypted using
# #private_decrypt.
#
# Deprecated in version 3.0.
# Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead.
#
# source://openssl//openssl/pkey.rb#415
def public_encrypt(data, padding = T.unsafe(nil)); end
# :call-seq:
# rsa.public_key -> rsanew
#
# Returns a new RSA instance that carries just the public key components.
#
# This method is provided for backwards compatibility. In most cases, there
# is no need to call this method.
#
# For the purpose of serializing the public key, to PEM or DER encoding of
# X.509 SubjectPublicKeyInfo format, check PKey#public_to_pem and
# PKey#public_to_der.
#
# source://openssl//openssl/pkey.rb#327
def public_key; end
private
# source://openssl//openssl/pkey.rb#452
def translate_padding_mode(num); end
class << self
# :call-seq:
# RSA.generate(size, exponent = 65537) -> RSA
#
# Generates an \RSA keypair.
#
# See also OpenSSL::PKey.generate_key.
#
# +size+::
# The desired key size in bits.
# +exponent+::
# An odd Integer, normally 3, 17, or 65537.
#
# source://openssl//openssl/pkey.rb#343
def generate(size, exp = T.unsafe(nil), &blk); end
# Handle RSA.new(size, exponent) form here; new(str) and new() forms
# are handled by #initialize
#
# source://openssl//openssl/pkey.rb#352
def new(*args, &blk); end
end
end
module OpenSSL::SSL
private
# source://openssl//openssl/ssl.rb#273
def verify_certificate_identity(cert, hostname); end
# source://openssl//openssl/ssl.rb#306
def verify_hostname(hostname, san); end
# source://openssl//openssl/ssl.rb#339
def verify_wildcard(domain_component, san_component); end
class << self
# source://openssl//openssl/ssl.rb#273
def verify_certificate_identity(cert, hostname); end
# source://openssl//openssl/ssl.rb#306
def verify_hostname(hostname, san); end
# source://openssl//openssl/ssl.rb#339
def verify_wildcard(domain_component, san_component); end
end
end
OpenSSL::SSL::OP_ALLOW_CLIENT_RENEGOTIATION = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_ALLOW_NO_DHE_KEX = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_CLEANSE_PLAINTEXT = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_CRYPTOPRO_TLSEXT_BUG = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_DISABLE_TLSEXT_CA_NAMES = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_ENABLE_KTLS = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_ENABLE_MIDDLEBOX_COMPAT = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_IGNORE_UNEXPECTED_EOF = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_LEGACY_SERVER_CONNECT = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_NO_ANTI_REPLAY = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_NO_ENCRYPT_THEN_MAC = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_NO_RENEGOTIATION = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_NO_TLSv1_3 = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_PRIORITIZE_CHACHA = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_SAFARI_ECDHE_ECDSA_BUG = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::OP_TLSEXT_PADDING = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::SSL2_VERSION = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::SSL3_VERSION = T.let(T.unsafe(nil), Integer)
class OpenSSL::SSL::SSLContext
# call-seq:
# SSLContext.new -> ctx
# SSLContext.new(:TLSv1) -> ctx
# SSLContext.new("SSLv23") -> ctx
#
# Creates a new SSL context.
#
# If an argument is given, #ssl_version= is called with the value. Note
# that this form is deprecated. New applications should use #min_version=
# and #max_version= as necessary.
#
# @return [SSLContext] a new instance of SSLContext
#
# source://openssl//openssl/ssl.rb#124
def initialize(version = T.unsafe(nil)); end
# call-seq:
# ctx.max_version = OpenSSL::SSL::TLS1_2_VERSION
# ctx.max_version = :TLS1_2
# ctx.max_version = nil
#
# Sets the upper bound of the supported SSL/TLS protocol version. See
# #min_version= for the possible values.
#
# source://openssl//openssl/ssl.rb#187
def max_version=(version); end
# call-seq:
# ctx.min_version = OpenSSL::SSL::TLS1_2_VERSION
# ctx.min_version = :TLS1_2
# ctx.min_version = nil
#
# Sets the lower bound on the supported SSL/TLS protocol version. The
# version may be specified by an integer constant named
# OpenSSL::SSL::*_VERSION, a Symbol, or +nil+ which means "any version".
#
# Be careful that you don't overwrite OpenSSL::SSL::OP_NO_{SSL,TLS}v*
# options by #options= once you have called #min_version= or
# #max_version=.
#
# === Example
# ctx = OpenSSL::SSL::SSLContext.new
# ctx.min_version = OpenSSL::SSL::TLS1_1_VERSION
# ctx.max_version = OpenSSL::SSL::TLS1_2_VERSION
#
# sock = OpenSSL::SSL::SSLSocket.new(tcp_sock, ctx)
# sock.connect # Initiates a connection using either TLS 1.1 or TLS 1.2
#
# source://openssl//openssl/ssl.rb#175
def min_version=(version); end
# A callback invoked at connect time to distinguish between multiple
# server names.
#
# The callback is invoked with an SSLSocket and a server name. The
# callback must return an SSLContext for the server name or nil.
#
# source://openssl//openssl/ssl.rb#112
def servername_cb; end
# A callback invoked at connect time to distinguish between multiple
# server names.
#
# The callback is invoked with an SSLSocket and a server name. The
# callback must return an SSLContext for the server name or nil.
#
# source://openssl//openssl/ssl.rb#112
def servername_cb=(_arg0); end
# call-seq:
# ctx.set_params(params = {}) -> params
#
# Sets saner defaults optimized for the use with HTTP-like protocols.
#
# If a Hash _params_ is given, the parameters are overridden with it.
# The keys in _params_ must be assignment methods on SSLContext.
#
# If the verify_mode is not VERIFY_NONE and ca_file, ca_path and
# cert_store are not set then the system default certificate store is
# used.
#
# source://openssl//openssl/ssl.rb#143
def set_params(params = T.unsafe(nil)); end
# call-seq:
# ctx.ssl_version = :TLSv1
# ctx.ssl_version = "SSLv23"
#
# Sets the SSL/TLS protocol version for the context. This forces
# connections to use only the specified protocol version. This is
# deprecated and only provided for backwards compatibility. Use
# #min_version= and #max_version= instead.
#
# === History
# As the name hints, this used to call the SSL_CTX_set_ssl_version()
# function which sets the SSL method used for connections created from
# the context. As of Ruby/OpenSSL 2.1, this accessor method is
# implemented to call #min_version= and #max_version= instead.
#
# source://openssl//openssl/ssl.rb#206
def ssl_version=(meth); end
# A callback invoked when DH parameters are required for ephemeral DH key
# exchange.
#
# The callback is invoked with the SSLSocket, a
# flag indicating the use of an export cipher and the keylength
# required.
#
# The callback must return an OpenSSL::PKey::DH instance of the correct
# key length.
#
# Deprecated in version 3.0. Use #tmp_dh= instead.
#
# source://openssl//openssl/ssl.rb#105
def tmp_dh_callback; end
# A callback invoked when DH parameters are required for ephemeral DH key
# exchange.
#
# The callback is invoked with the SSLSocket, a
# flag indicating the use of an export cipher and the keylength
# required.
#
# The callback must return an OpenSSL::PKey::DH instance of the correct
# key length.
#
# Deprecated in version 3.0. Use #tmp_dh= instead.
#
# source://openssl//openssl/ssl.rb#105
def tmp_dh_callback=(_arg0); end
end
# source://openssl//openssl/ssl.rb#34
OpenSSL::SSL::SSLContext::DEFAULT_2048 = T.let(T.unsafe(nil), OpenSSL::PKey::DH)
# source://openssl//openssl/ssl.rb#46
OpenSSL::SSL::SSLContext::DEFAULT_TMP_DH_CALLBACK = T.let(T.unsafe(nil), Proc)
# The list of available SSL/TLS methods. This constant is only provided
# for backwards compatibility.
#
# source://openssl//openssl/ssl.rb#232
OpenSSL::SSL::SSLContext::METHODS = T.let(T.unsafe(nil), Array)
# source://openssl//openssl/ssl.rb#220
OpenSSL::SSL::SSLContext::METHODS_MAP = T.let(T.unsafe(nil), Hash)
class OpenSSL::SSL::SSLErrorWaitReadable < ::OpenSSL::SSL::SSLError
include ::IO::WaitReadable
end
class OpenSSL::SSL::SSLErrorWaitWritable < ::OpenSSL::SSL::SSLError
include ::IO::WaitWritable
end
# SSLServer represents a TCP/IP server socket with Secure Sockets Layer.
class OpenSSL::SSL::SSLServer
include ::OpenSSL::SSL::SocketForwarder
# Creates a new instance of SSLServer.
# * _srv_ is an instance of TCPServer.
# * _ctx_ is an instance of OpenSSL::SSL::SSLContext.
#
# @return [SSLServer] a new instance of SSLServer
#
# source://openssl//openssl/ssl.rb#488
def initialize(svr, ctx); end
# Works similar to TCPServer#accept.
#
# source://openssl//openssl/ssl.rb#516
def accept; end
# See IO#close for details.
#
# source://openssl//openssl/ssl.rb#537
def close; end
# See TCPServer#listen for details.
#
# source://openssl//openssl/ssl.rb#506
def listen(backlog = T.unsafe(nil)); end
# See BasicSocket#shutdown for details.
#
# source://openssl//openssl/ssl.rb#511
def shutdown(how = T.unsafe(nil)); end
# When true then #accept works exactly the same as TCPServer#accept
#
# source://openssl//openssl/ssl.rb#483
def start_immediately; end
# When true then #accept works exactly the same as TCPServer#accept
#
# source://openssl//openssl/ssl.rb#483
def start_immediately=(_arg0); end
# Returns the TCPServer passed to the SSLServer when initialized.
#
# source://openssl//openssl/ssl.rb#501
def to_io; end
end
class OpenSSL::SSL::SSLSocket
include ::Enumerable
include ::OpenSSL::Buffering
include ::OpenSSL::SSL::SocketForwarder
# The SSLContext object used in this connection.
#
# source://openssl//openssl/ssl.rb#368
def context; end
# Returns the value of attribute hostname.
#
# source://openssl//openssl/ssl.rb#361
def hostname; end
# The underlying IO object.
#
# source://openssl//openssl/ssl.rb#364
def io; end
# call-seq:
# ssl.post_connection_check(hostname) -> true
#
# Perform hostname verification following RFC 6125.
#
# This method MUST be called after calling #connect to ensure that the
# hostname of a remote peer has been verified.
#
# source://openssl//openssl/ssl.rb#394
def post_connection_check(hostname); end
# call-seq:
# ssl.session -> aSession
#
# Returns the SSLSession object currently used, or nil if the session is
# not established.
#
# source://openssl//openssl/ssl.rb#415
def session; end
# Whether to close the underlying socket as well, when the SSL/TLS
# connection is shut down. This defaults to +false+.
#
# source://openssl//openssl/ssl.rb#372
def sync_close; end
# Whether to close the underlying socket as well, when the SSL/TLS
# connection is shut down. This defaults to +false+.
#
# source://openssl//openssl/ssl.rb#372
def sync_close=(_arg0); end
# call-seq:
# ssl.sysclose => nil
#
# Sends "close notify" to the peer and tries to shut down the SSL
# connection gracefully.
#
# If sync_close is set to +true+, the underlying IO is also closed.
#
# source://openssl//openssl/ssl.rb#381
def sysclose; end
# The underlying IO object.
#
# source://openssl//openssl/ssl.rb#364
def to_io; end
private
# source://openssl//openssl/ssl.rb#429
def client_cert_cb; end
# source://openssl//openssl/ssl.rb#441
def session_get_cb; end
# source://openssl//openssl/ssl.rb#437
def session_new_cb; end
# source://openssl//openssl/ssl.rb#433
def tmp_dh_callback; end
# @return [Boolean]
#
# source://openssl//openssl/ssl.rb#423
def using_anon_cipher?; end
class << self
# call-seq:
# open(remote_host, remote_port, local_host=nil, local_port=nil, context: nil)
#
# Creates a new instance of SSLSocket.
# _remote\_host_ and _remote\_port_ are used to open TCPSocket.
# If _local\_host_ and _local\_port_ are specified,
# then those parameters are used on the local end to establish the connection.
# If _context_ is provided,
# the SSL Sockets initial params will be taken from the context.
#
# === Examples
#
# sock = OpenSSL::SSL::SSLSocket.open('localhost', 443)
# sock.connect # Initiates a connection to localhost:443
#
# with SSLContext:
#
# ctx = OpenSSL::SSL::SSLContext.new
# sock = OpenSSL::SSL::SSLSocket.open('localhost', 443, context: ctx)
# sock.connect # Initiates a connection to localhost:443 with SSLContext
#
# source://openssl//openssl/ssl.rb#467
def open(remote_host, remote_port, local_host = T.unsafe(nil), local_port = T.unsafe(nil), context: T.unsafe(nil)); end
end
end
module OpenSSL::SSL::SocketForwarder
# source://openssl//openssl/ssl.rb#244
def addr; end
# @return [Boolean]
#
# source://openssl//openssl/ssl.rb#264
def closed?; end
# source://openssl//openssl/ssl.rb#268
def do_not_reverse_lookup=(flag); end
# source://openssl//openssl/ssl.rb#260
def fcntl(*args); end
# The file descriptor for the socket.
#
# source://openssl//openssl/ssl.rb#240
def fileno; end
# source://openssl//openssl/ssl.rb#256
def getsockopt(level, optname); end
# source://openssl//openssl/ssl.rb#248
def peeraddr; end
# source://openssl//openssl/ssl.rb#252
def setsockopt(level, optname, optval); end
end
OpenSSL::SSL::TLS1_1_VERSION = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::TLS1_2_VERSION = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::TLS1_3_VERSION = T.let(T.unsafe(nil), Integer)
OpenSSL::SSL::TLS1_VERSION = T.let(T.unsafe(nil), Integer)
module OpenSSL::Timestamp; end
class OpenSSL::Timestamp::Factory
def additional_certs; end
def additional_certs=(_arg0); end
def allowed_digests; end
def allowed_digests=(_arg0); end
def create_timestamp(_arg0, _arg1, _arg2); end
def default_policy_id; end
def default_policy_id=(_arg0); end
def gen_time; end
def gen_time=(_arg0); end
def serial_number; end
def serial_number=(_arg0); end
end
class OpenSSL::Timestamp::Request
def initialize(*_arg0); end
def algorithm; end
def algorithm=(_arg0); end
def cert_requested=(_arg0); end
def cert_requested?; end
def message_imprint; end
def message_imprint=(_arg0); end
def nonce; end
def nonce=(_arg0); end
def policy_id; end
def policy_id=(_arg0); end
def to_der; end
def version; end
def version=(_arg0); end
end
class OpenSSL::Timestamp::Response
def initialize(_arg0); end
def failure_info; end
def status; end
def status_text; end
def to_der; end
def token; end
def token_info; end
def tsa_certificate; end
def verify(*_arg0); end
end
OpenSSL::Timestamp::Response::GRANTED = T.let(T.unsafe(nil), Integer)
OpenSSL::Timestamp::Response::GRANTED_WITH_MODS = T.let(T.unsafe(nil), Integer)
OpenSSL::Timestamp::Response::REJECTION = T.let(T.unsafe(nil), Integer)
OpenSSL::Timestamp::Response::REVOCATION_NOTIFICATION = T.let(T.unsafe(nil), Integer)
OpenSSL::Timestamp::Response::REVOCATION_WARNING = T.let(T.unsafe(nil), Integer)
OpenSSL::Timestamp::Response::WAITING = T.let(T.unsafe(nil), Integer)
class OpenSSL::Timestamp::TimestampError < ::OpenSSL::OpenSSLError; end
class OpenSSL::Timestamp::TokenInfo
def initialize(_arg0); end
def algorithm; end
def gen_time; end
def message_imprint; end
def nonce; end
def ordering; end
def policy_id; end
def serial_number; end
def to_der; end
def version; end
end
class OpenSSL::X509::Attribute
include ::OpenSSL::Marshal
extend ::OpenSSL::Marshal::ClassMethods
# source://openssl//openssl/x509.rb#330
def ==(other); end
end
class OpenSSL::X509::CRL
include ::OpenSSL::Marshal
include ::OpenSSL::X509::Extension::Helpers
include ::OpenSSL::X509::Extension::AuthorityKeyIdentifier
extend ::OpenSSL::Marshal::ClassMethods
# source://openssl//openssl/x509.rb#369
def ==(other); end
end
class OpenSSL::X509::Certificate
include ::OpenSSL::Marshal
include ::OpenSSL::X509::Extension::Helpers
include ::OpenSSL::X509::Extension::SubjectKeyIdentifier
include ::OpenSSL::X509::Extension::AuthorityKeyIdentifier
include ::OpenSSL::X509::Extension::CRLDistributionPoints
include ::OpenSSL::X509::Extension::AuthorityInfoAccess
extend ::OpenSSL::Marshal::ClassMethods
# source://openssl//openssl/x509.rb#349
def pretty_print(q); end
class << self
# source://openssl//openssl/x509.rb#360
def load_file(path); end
end
end
class OpenSSL::X509::Extension
include ::OpenSSL::Marshal
extend ::OpenSSL::Marshal::ClassMethods
# source://openssl//openssl/x509.rb#48
def ==(other); end
# source://openssl//openssl/x509.rb#64
def to_a; end
# {"oid"=>sn|ln, "value"=>value, "critical"=>true|false}
#
# source://openssl//openssl/x509.rb#60
def to_h; end
# "oid = critical, value"
#
# source://openssl//openssl/x509.rb#53
def to_s; end
end
module OpenSSL::X509::Extension::AuthorityInfoAccess
include ::OpenSSL::X509::Extension::Helpers
# Get the information and services for the issuer from the certificate's
# authority information access extension exteension, as described in RFC5280
# Section 4.2.2.1.
#
# Returns an array of strings or nil or raises ASN1::ASN1Error.
#
# source://openssl//openssl/x509.rb#162
def ca_issuer_uris; end
# Get the URIs for OCSP from the certificate's authority information access
# extension exteension, as described in RFC5280 Section 4.2.2.1.
#
# Returns an array of strings or nil or raises ASN1::ASN1Error.
#
# source://openssl//openssl/x509.rb#177
def ocsp_uris; end
private
# source://openssl//openssl/x509.rb#190
def parse_aia_asn1; end
end
module OpenSSL::X509::Extension::AuthorityKeyIdentifier
include ::OpenSSL::X509::Extension::Helpers
# Get the issuing certificate's key identifier from the
# authorityKeyIdentifier extension, as described in RFC5280
# Section 4.2.1.1
#
# Returns the binary String keyIdentifier or nil or raises
# ASN1::ASN1Error.
#
# source://openssl//openssl/x509.rb#104
def authority_key_identifier; end
end
module OpenSSL::X509::Extension::CRLDistributionPoints
include ::OpenSSL::X509::Extension::Helpers
# Get the distributionPoint fullName URI from the certificate's CRL
# distribution points extension, as described in RFC5280 Section
# 4.2.1.13
#
# Returns an array of strings or nil or raises ASN1::ASN1Error.
#
# source://openssl//openssl/x509.rb#129
def crl_uris; end
end
module OpenSSL::X509::Extension::Helpers
# source://openssl//openssl/x509.rb#69
def find_extension(oid); end
end
module OpenSSL::X509::Extension::SubjectKeyIdentifier
include ::OpenSSL::X509::Extension::Helpers
# Get the subject's key identifier from the subjectKeyIdentifier
# exteension, as described in RFC5280 Section 4.2.1.2.
#
# Returns the binary String key identifier or nil or raises
# ASN1::ASN1Error.
#
# source://openssl//openssl/x509.rb#82
def subject_key_identifier; end
end
class OpenSSL::X509::Name
include ::Comparable
include ::OpenSSL::Marshal
extend ::OpenSSL::Marshal::ClassMethods
# source://openssl//openssl/x509.rb#319
def pretty_print(q); end
class << self
# Parses the string representation of a distinguished name. Two
# different forms are supported:
#
# - \OpenSSL format (X509_NAME_oneline()) used by
# #to_s. For example: /DC=com/DC=example/CN=nobody
# - \OpenSSL format (X509_NAME_print())
# used by #to_s(OpenSSL::X509::Name::COMPAT). For example:
# DC=com, DC=example, CN=nobody
#
# Neither of them is standardized and has quirks and inconsistencies
# in handling of escaped characters or multi-valued RDNs.
#
# Use of this method is discouraged in new applications. See
# Name.parse_rfc2253 and #to_utf8 for the alternative.
#
# source://openssl//openssl/x509.rb#305
def parse(str, template = T.unsafe(nil)); end
# Parses the string representation of a distinguished name. Two
# different forms are supported:
#
# - \OpenSSL format (X509_NAME_oneline()) used by
# #to_s. For example: /DC=com/DC=example/CN=nobody
# - \OpenSSL format (X509_NAME_print())
# used by #to_s(OpenSSL::X509::Name::COMPAT). For example:
# DC=com, DC=example, CN=nobody
#
# Neither of them is standardized and has quirks and inconsistencies
# in handling of escaped characters or multi-valued RDNs.
#
# Use of this method is discouraged in new applications. See
# Name.parse_rfc2253 and #to_utf8 for the alternative.
#
# source://openssl//openssl/x509.rb#305
def parse_openssl(str, template = T.unsafe(nil)); end
# Parses the UTF-8 string representation of a distinguished name,
# according to RFC 2253.
#
# See also #to_utf8 for the opposite operation.
#
# source://openssl//openssl/x509.rb#286
def parse_rfc2253(str, template = T.unsafe(nil)); end
end
end
module OpenSSL::X509::Name::RFC2253DN
private
# source://openssl//openssl/x509.rb#237
def expand_hexstring(str); end
# source://openssl//openssl/x509.rb#225
def expand_pair(str); end
# source://openssl//openssl/x509.rb#244
def expand_value(str1, str2, str3); end
# source://openssl//openssl/x509.rb#251
def scan(dn); end
class << self
# source://openssl//openssl/x509.rb#237
def expand_hexstring(str); end
# source://openssl//openssl/x509.rb#225
def expand_pair(str); end
# source://openssl//openssl/x509.rb#244
def expand_value(str1, str2, str3); end
# source://openssl//openssl/x509.rb#251
def scan(dn); end
end
end
class OpenSSL::X509::Request
include ::OpenSSL::Marshal
extend ::OpenSSL::Marshal::ClassMethods
# source://openssl//openssl/x509.rb#385
def ==(other); end
end
class OpenSSL::X509::Revoked
# source://openssl//openssl/x509.rb#376
def ==(other); end
end