rbs 1.3.3 → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +26 -0
- data/Rakefile +4 -0
- data/core/array.rbs +8 -7
- data/core/enumerable.rbs +11 -10
- data/core/enumerator.rbs +2 -2
- data/core/exception.rbs +1 -0
- data/core/false_class.rbs +4 -4
- data/core/float.rbs +1 -1
- data/core/global_variables.rbs +180 -0
- data/core/hash.rbs +7 -7
- data/core/integer.rbs +1 -2
- data/core/io.rbs +7 -3
- data/core/kernel.rbs +25 -2
- data/core/object.rbs +1 -1
- data/core/range.rbs +11 -9
- data/core/true_class.rbs +4 -4
- data/lib/rbs.rb +1 -0
- data/lib/rbs/cli.rb +1 -0
- data/lib/rbs/errors.rb +16 -0
- data/lib/rbs/parser.rb +1 -1
- data/lib/rbs/parser.y +1 -1
- data/lib/rbs/prototype/rb.rb +8 -1
- data/lib/rbs/prototype/runtime.rb +1 -1
- data/lib/rbs/type_alias_dependency.rb +88 -0
- data/lib/rbs/validator.rb +5 -0
- data/lib/rbs/version.rb +1 -1
- data/sig/errors.rbs +9 -0
- data/sig/type_alias_dependency.rbs +22 -0
- data/sig/validator.rbs +2 -0
- data/stdlib/openssl/0/openssl.rbs +3711 -0
- data/stdlib/pathname/0/pathname.rbs +2 -2
- data/stdlib/rubygems/0/rubygems.rbs +1 -1
- data/stdlib/securerandom/0/securerandom.rbs +3 -1
- data/stdlib/uri/0/generic.rbs +3 -3
- metadata +6 -2
data/core/integer.rbs
CHANGED
@@ -361,8 +361,7 @@ class Integer < Numeric
|
|
361
361
|
# 18.floor(-1) #=> 10
|
362
362
|
# (-18).floor(-1) #=> -20
|
363
363
|
#
|
364
|
-
def floor: () -> Integer
|
365
|
-
| (int digits) -> (Integer | Float)
|
364
|
+
def floor: (?int digits) -> Integer
|
366
365
|
|
367
366
|
# Returns the greatest common divisor of the two integers. The result is always
|
368
367
|
# positive. 0.gcd(x) and x.gcd(0) return x.abs.
|
data/core/io.rbs
CHANGED
@@ -534,8 +534,8 @@ class IO < Object
|
|
534
534
|
#
|
535
535
|
def read: (?Integer? length, ?String outbuf) -> String?
|
536
536
|
|
537
|
-
def read_nonblock: (Integer len) -> String
|
538
|
-
| (Integer len, ?String buf) -> String
|
537
|
+
def read_nonblock: (Integer len, ?String buf, ?exception: true) -> String
|
538
|
+
| (Integer len, ?String buf, exception: false) -> (String | :wait_readable | nil)
|
539
539
|
|
540
540
|
# Reads a byte as with `IO#getbyte`, but raises an `EOFError` on end of
|
541
541
|
# file.
|
@@ -704,6 +704,9 @@ class IO < Object
|
|
704
704
|
#
|
705
705
|
def write: (*_ToS string) -> Integer
|
706
706
|
|
707
|
+
def write_nonblock: (_ToS s, ?exception: true) -> Integer
|
708
|
+
| (_ToS s, exception: false) -> (Integer | :wait_writable | nil)
|
709
|
+
|
707
710
|
# Opens the file, optionally seeks to the given *offset*, then returns *length*
|
708
711
|
# bytes (defaulting to the rest of the file). #binread ensures the file is
|
709
712
|
# closed before returning. The open mode would be `"rb:ASCII-8BIT"`.
|
@@ -746,7 +749,8 @@ class IO < Object
|
|
746
749
|
|
747
750
|
def self.readlines: (String name, ?String sep, ?Integer limit, ?external_encoding: String external_encoding, ?internal_encoding: String internal_encoding, ?encoding: String encoding, ?textmode: untyped textmode, ?binmode: untyped binmode, ?autoclose: untyped autoclose, ?mode: String mode) -> ::Array[String]
|
748
751
|
|
749
|
-
def self.select: (::Array[io]? read_array, ?::Array[io]? write_array, ?::Array[io]? error_array
|
752
|
+
def self.select: [X, Y, Z] (::Array[X & io]? read_array, ?::Array[Y & io]? write_array, ?::Array[Z & io]? error_array) -> [Array[X], Array[Y], Array[Z]]
|
753
|
+
| [X, Y, Z] (::Array[X & io]? read_array, ?::Array[Y & io]? write_array, ?::Array[Z & io]? error_array, Numeric? timeout) -> [Array[X], Array[Y], Array[Z]]?
|
750
754
|
|
751
755
|
def self.sysopen: (String path, ?String mode, ?String perm) -> Integer
|
752
756
|
|
data/core/kernel.rbs
CHANGED
@@ -113,6 +113,7 @@ module Kernel : BasicObject
|
|
113
113
|
def self?.Array: (NilClass x) -> [ ]
|
114
114
|
| [T] (::Array[T] x) -> ::Array[T]
|
115
115
|
| [T] (::Range[T] x) -> ::Array[T]
|
116
|
+
| [T] (_Each[T] x) -> ::Array[T]
|
116
117
|
| [K, V] (::Hash[K, V] x) -> ::Array[[K, V]]
|
117
118
|
| [T] (T x) -> ::Array[T]
|
118
119
|
|
@@ -127,7 +128,15 @@ module Kernel : BasicObject
|
|
127
128
|
|
128
129
|
def self?.Rational: (Numeric | String | Object x, ?Numeric | String y, ?exception: bool exception) -> Rational
|
129
130
|
|
130
|
-
|
131
|
+
# Returns *arg* as a String.
|
132
|
+
#
|
133
|
+
# First tries to call its `to_str` method, then its `to_s` method.
|
134
|
+
#
|
135
|
+
# String(self) #=> "main"
|
136
|
+
# String(self.class) #=> "Object"
|
137
|
+
# String(123456) #=> "123456"
|
138
|
+
#
|
139
|
+
def self?.String: (_ToStr | _ToS x) -> String
|
131
140
|
|
132
141
|
# Returns the called name of the current method as a
|
133
142
|
# [Symbol](https://ruby-doc.org/core-2.6.3/Symbol.html). If called
|
@@ -463,6 +472,19 @@ module Kernel : BasicObject
|
|
463
472
|
# ```
|
464
473
|
def self?.exec: (*String args) -> bot
|
465
474
|
|
475
|
+
type redirect_fd = Integer # redirect to the file descriptor in parent process
|
476
|
+
| :in | :out | :err # standard input / output / error
|
477
|
+
| IO # the file descriptor specified as io.fileno
|
478
|
+
| String # redirect to file with open(string, File::RDONLY)
|
479
|
+
| [String] # # redirect to file with open(string, File::RDONLY)
|
480
|
+
| [String, string | int] # redirect to file with open(string, open_mode, 0644)
|
481
|
+
| [String, string | int, int] # redirect to file with open(string, open_mode, perm)
|
482
|
+
| [:child, int] # redirect to the redirected file descriptor
|
483
|
+
| :close # close the file descriptor in child process
|
484
|
+
|
485
|
+
def self?.spawn: (String command, *String args, ?unsetenv_others: boolish, ?pgroup?: (true | Integer), ?umask: Integer, ?in: redirect_fd, ?out: redirect_fd, ?err: redirect_fd, ?close_others: boolish, ?chdir: String) -> Integer
|
486
|
+
| (Hash[string, string?] env, String command, *String args, ?unsetenv_others: boolish, ?pgroup?: (true | Integer), ?umask: Integer, ?in: redirect_fd, ?out: redirect_fd, ?err: redirect_fd, ?close_others: boolish, ?chdir: String) -> Integer
|
487
|
+
|
466
488
|
# Executes *command…* in a subshell. *command…* is one of following forms.
|
467
489
|
#
|
468
490
|
# commandline : command line string which is passed to the standard shell
|
@@ -488,7 +510,8 @@ module Kernel : BasicObject
|
|
488
510
|
# *
|
489
511
|
#
|
490
512
|
# See `Kernel.exec` for the standard shell.
|
491
|
-
def self?.system: (*String args) -> (NilClass | FalseClass | TrueClass)
|
513
|
+
def self?.system: (String command, *String args, ?unsetenv_others: boolish, ?pgroup?: (true | Integer), ?umask: Integer, ?in: redirect_fd, ?out: redirect_fd, ?err: redirect_fd, ?close_others: boolish, ?chdir: String) -> (NilClass | FalseClass | TrueClass)
|
514
|
+
| (Hash[string, string?] env, String command, *String args, ?unsetenv_others: boolish, ?pgroup?: (true | Integer), ?umask: Integer, ?in: redirect_fd, ?out: redirect_fd, ?err: redirect_fd, ?close_others: boolish, ?chdir: String) -> (NilClass | FalseClass | TrueClass)
|
492
515
|
end
|
493
516
|
|
494
517
|
Kernel::RUBYGEMS_ACTIVATION_MONITOR: untyped
|
data/core/object.rbs
CHANGED
@@ -206,7 +206,7 @@ class Object < BasicObject
|
|
206
206
|
# enum.size # => 42
|
207
207
|
#
|
208
208
|
def enum_for: (Symbol method, *untyped args) ?{ (*untyped args) -> Integer } -> Enumerator[untyped, untyped]
|
209
|
-
| (
|
209
|
+
| () ?{ () -> Integer } -> Enumerator[untyped, self]
|
210
210
|
|
211
211
|
# Creates a new Enumerator which will enumerate by calling `method` on `obj`,
|
212
212
|
# passing `args` if any.
|
data/core/range.rbs
CHANGED
@@ -101,7 +101,9 @@ class Range[out Elem] < Object
|
|
101
101
|
# ```
|
102
102
|
def begin: () -> Elem # Begin-less ranges have type of Range[Integer?]
|
103
103
|
|
104
|
-
def bsearch:
|
104
|
+
def bsearch: () -> ::Enumerator[Elem, Elem?]
|
105
|
+
| () { (Elem) -> (true | false) } -> Elem?
|
106
|
+
| () { (Elem) -> ::Integer } -> Elem?
|
105
107
|
|
106
108
|
def cover?: (untyped obj) -> bool
|
107
109
|
|
@@ -132,7 +134,7 @@ class Range[out Elem] < Object
|
|
132
134
|
# (10..20).first(3) #=> [10, 11, 12]
|
133
135
|
# ```
|
134
136
|
def first: () -> Elem
|
135
|
-
| (
|
137
|
+
| (Integer n) -> ::Array[Elem]
|
136
138
|
|
137
139
|
# Compute a hash-code for this range. Two ranges with equal begin and end
|
138
140
|
# points (using `eql?` ), and the same
|
@@ -165,7 +167,7 @@ class Range[out Elem] < Object
|
|
165
167
|
# (10...20).last(3) #=> [17, 18, 19]
|
166
168
|
# ```
|
167
169
|
def last: () -> Elem
|
168
|
-
| (
|
170
|
+
| (Integer n) -> ::Array[Elem]
|
169
171
|
|
170
172
|
# Returns the maximum value in the range. Returns `nil` if the begin value
|
171
173
|
# of the range larger than the end value. Returns `nil` if the begin value
|
@@ -178,9 +180,9 @@ class Range[out Elem] < Object
|
|
178
180
|
# (10..20).max #=> 20
|
179
181
|
# ```
|
180
182
|
def max: () -> Elem
|
181
|
-
| () { (Elem
|
182
|
-
| (
|
183
|
-
| (
|
183
|
+
| () { (Elem a, Elem b) -> Integer } -> Elem
|
184
|
+
| (Integer n) -> ::Array[Elem]
|
185
|
+
| (Integer n) { (Elem a, Elem b) -> Integer } -> ::Array[Elem]
|
184
186
|
|
185
187
|
# Returns the minimum value in the range. Returns `nil` if the begin value
|
186
188
|
# of the range is larger than the end value. Returns `nil` if the begin
|
@@ -193,9 +195,9 @@ class Range[out Elem] < Object
|
|
193
195
|
# (10..20).min #=> 10
|
194
196
|
# ```
|
195
197
|
def min: () -> Elem
|
196
|
-
| () { (Elem
|
197
|
-
| (
|
198
|
-
| (
|
198
|
+
| () { (Elem a, Elem b) -> Integer } -> Elem
|
199
|
+
| (Integer n) -> ::Array[Elem]
|
200
|
+
| (Integer n) { (Elem a, Elem b) -> Integer } -> ::Array[Elem]
|
199
201
|
|
200
202
|
# Returns the number of elements in the range. Both the begin and the end
|
201
203
|
# of the [Range](Range.downloaded.ruby_doc) must be
|
data/core/true_class.rbs
CHANGED
@@ -5,13 +5,13 @@
|
|
5
5
|
class TrueClass
|
6
6
|
public
|
7
7
|
|
8
|
-
def !: () ->
|
8
|
+
def !: () -> false
|
9
9
|
|
10
10
|
# And---Returns `false` if *obj* is `nil` or `false`, `true` otherwise.
|
11
11
|
#
|
12
12
|
def &: (nil) -> false
|
13
13
|
| (false) -> false
|
14
|
-
| (untyped obj) ->
|
14
|
+
| (untyped obj) -> true
|
15
15
|
|
16
16
|
# Case Equality -- For class Object, effectively the same as calling `#==`, but
|
17
17
|
# typically overridden by descendants to provide meaningful semantics in `case`
|
@@ -24,7 +24,7 @@ class TrueClass
|
|
24
24
|
#
|
25
25
|
def ^: (nil) -> true
|
26
26
|
| (false) -> true
|
27
|
-
| (untyped obj) ->
|
27
|
+
| (untyped obj) -> false
|
28
28
|
|
29
29
|
alias inspect to_s
|
30
30
|
|
@@ -42,5 +42,5 @@ class TrueClass
|
|
42
42
|
#
|
43
43
|
# or
|
44
44
|
#
|
45
|
-
def |: (
|
45
|
+
def |: (untyped obj) -> true
|
46
46
|
end
|
data/lib/rbs.rb
CHANGED
data/lib/rbs/cli.rb
CHANGED
data/lib/rbs/errors.rb
CHANGED
@@ -386,4 +386,20 @@ module RBS
|
|
386
386
|
end
|
387
387
|
end
|
388
388
|
end
|
389
|
+
|
390
|
+
class RecursiveTypeAliasError < LoadingError
|
391
|
+
attr_reader :alias_names
|
392
|
+
attr_reader :location
|
393
|
+
|
394
|
+
def initialize(alias_names:, location:)
|
395
|
+
@alias_names = alias_names
|
396
|
+
@location = location
|
397
|
+
|
398
|
+
super "#{Location.to_string location}: Recursive type alias definition found for: #{name}"
|
399
|
+
end
|
400
|
+
|
401
|
+
def name
|
402
|
+
@alias_names.map(&:name).join(', ')
|
403
|
+
end
|
404
|
+
end
|
389
405
|
end
|
data/lib/rbs/parser.rb
CHANGED
@@ -326,7 +326,7 @@ def next_token
|
|
326
326
|
new_token(:tUKEYWORD, input.matched.chop.to_sym)
|
327
327
|
when input.scan(/[A-Z]\w*[?!]:/)
|
328
328
|
new_token(:tUKEYWORD_Q_E, input.matched.chop.to_sym)
|
329
|
-
when input.scan(/\$[A-Za-z_]\w
|
329
|
+
when input.scan(/\$([A-Za-z_]\w*|[~*$?!@\/\\;,.=:<>"&`'+]|\d+|-[0-9_A-Za-z])/)
|
330
330
|
new_token(:tGLOBALIDENT)
|
331
331
|
when input.scan(/@[a-zA-Z_]\w*/)
|
332
332
|
new_token(:tIVAR, input.matched.to_sym)
|
data/lib/rbs/parser.y
CHANGED
@@ -1708,7 +1708,7 @@ def next_token
|
|
1708
1708
|
new_token(:tUKEYWORD, input.matched.chop.to_sym)
|
1709
1709
|
when input.scan(/[A-Z]\w*[?!]:/)
|
1710
1710
|
new_token(:tUKEYWORD_Q_E, input.matched.chop.to_sym)
|
1711
|
-
when input.scan(/\$[A-Za-z_]\w
|
1711
|
+
when input.scan(/\$([A-Za-z_]\w*|[~*$?!@\/\\;,.=:<>"&`'+]|\d+|-[0-9_A-Za-z])/)
|
1712
1712
|
new_token(:tGLOBALIDENT)
|
1713
1713
|
when input.scan(/@[a-zA-Z_]\w*/)
|
1714
1714
|
new_token(:tIVAR, input.matched.to_sym)
|
data/lib/rbs/prototype/rb.rb
CHANGED
@@ -319,9 +319,16 @@ module RBS
|
|
319
319
|
const_to_name(node.children[0])
|
320
320
|
end
|
321
321
|
|
322
|
+
value_node = node.children.last
|
323
|
+
type = if value_node.nil?
|
324
|
+
# Give up type prediction when node is MASGN.
|
325
|
+
Types::Bases::Any.new(location: nil)
|
326
|
+
else
|
327
|
+
node_type(value_node)
|
328
|
+
end
|
322
329
|
decls << AST::Declarations::Constant.new(
|
323
330
|
name: const_name,
|
324
|
-
type:
|
331
|
+
type: type,
|
325
332
|
location: nil,
|
326
333
|
comment: comments[node.first_lineno - 1]
|
327
334
|
)
|
@@ -87,7 +87,7 @@ module RBS
|
|
87
87
|
unless const_name(mix)
|
88
88
|
RBS.logger.warn("Skipping anonymous module #{mix} included in #{mod}")
|
89
89
|
else
|
90
|
-
module_name = module_full_name = to_type_name(const_name(mix))
|
90
|
+
module_name = module_full_name = to_type_name(const_name(mix), full_name: true)
|
91
91
|
if module_full_name.namespace == type_name.namespace
|
92
92
|
module_name = TypeName.new(name: module_full_name.name, namespace: Namespace.empty)
|
93
93
|
end
|
@@ -0,0 +1,88 @@
|
|
1
|
+
module RBS
|
2
|
+
class TypeAliasDependency
|
3
|
+
attr_reader :env
|
4
|
+
|
5
|
+
# Direct dependencies corresponds to a directed graph
|
6
|
+
# with vertices as types and directions based on assignment of types
|
7
|
+
attr_reader :direct_dependencies
|
8
|
+
# A hash which stores the transitive closure
|
9
|
+
# of the directed graph
|
10
|
+
attr_reader :dependencies
|
11
|
+
|
12
|
+
def initialize(env:)
|
13
|
+
@env = env
|
14
|
+
end
|
15
|
+
|
16
|
+
# Check if an alias type definition is circular & prohibited
|
17
|
+
def circular_definition?(alias_name)
|
18
|
+
# Construct transitive closure, if not constructed already
|
19
|
+
transitive_closure() unless @dependencies
|
20
|
+
|
21
|
+
# Check for recursive type alias
|
22
|
+
@dependencies[alias_name][alias_name]
|
23
|
+
end
|
24
|
+
|
25
|
+
def build_dependencies
|
26
|
+
return if @direct_dependencies
|
27
|
+
|
28
|
+
# Initialize hash(a directed graph)
|
29
|
+
@direct_dependencies = {}
|
30
|
+
# Initialize dependencies as an empty hash
|
31
|
+
@dependencies = {}
|
32
|
+
# Iterate over alias declarations inserted into environment
|
33
|
+
env.alias_decls.each do |name, entry|
|
34
|
+
# Construct a directed graph by recursively extracting type aliases
|
35
|
+
@direct_dependencies[name] = direct_dependency(entry.decl.type)
|
36
|
+
# Initialize dependencies with an empty hash
|
37
|
+
@dependencies[name] = {}
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def transitive_closure
|
42
|
+
# Construct a graph of direct dependencies
|
43
|
+
build_dependencies()
|
44
|
+
# Construct transitive closure by using DFS(recursive technique)
|
45
|
+
@direct_dependencies.each_key do |name|
|
46
|
+
dependency(name, name)
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
private
|
51
|
+
|
52
|
+
# Constructs directed graph recursively
|
53
|
+
def direct_dependency(type, result = Set[])
|
54
|
+
case type
|
55
|
+
when RBS::Types::Union, RBS::Types::Intersection, RBS::Types::Optional
|
56
|
+
# Iterate over nested types & extract type aliases recursively
|
57
|
+
type.each_type do |nested_type|
|
58
|
+
direct_dependency(nested_type, result)
|
59
|
+
end
|
60
|
+
when RBS::Types::Alias
|
61
|
+
# Append type name if the type is an alias
|
62
|
+
result << type.name
|
63
|
+
end
|
64
|
+
|
65
|
+
result
|
66
|
+
end
|
67
|
+
|
68
|
+
# Recursive function to construct transitive closure
|
69
|
+
def dependency(start, vertex, nested = nil)
|
70
|
+
if (start == vertex)
|
71
|
+
if (@direct_dependencies[start].include?(vertex) || nested)
|
72
|
+
# Mark a vertex as connected to itself
|
73
|
+
# if it is connected as an edge || a path(traverse multiple edges)
|
74
|
+
@dependencies[start][vertex] = true
|
75
|
+
end
|
76
|
+
else
|
77
|
+
# Mark a pair of vertices as connected while recursively performing DFS
|
78
|
+
@dependencies[start][vertex] = true
|
79
|
+
end
|
80
|
+
|
81
|
+
# Iterate over the direct dependencies of the vertex
|
82
|
+
@direct_dependencies[vertex]&.each do |type_name|
|
83
|
+
# Invoke the function unless it is already checked
|
84
|
+
dependency(start, type_name, start == type_name) unless @dependencies[start][type_name]
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|
88
|
+
end
|
data/lib/rbs/validator.rb
CHANGED
@@ -53,5 +53,10 @@ module RBS
|
|
53
53
|
validate_type(type, context: context)
|
54
54
|
end
|
55
55
|
end
|
56
|
+
|
57
|
+
def validate_type_alias(entry:)
|
58
|
+
@type_alias_dependency ||= TypeAliasDependency.new(env: env)
|
59
|
+
raise RecursiveTypeAliasError.new(alias_names: [entry.decl.name], location: entry.decl.location) if @type_alias_dependency.circular_definition?(entry.decl.name)
|
60
|
+
end
|
56
61
|
end
|
57
62
|
end
|
data/lib/rbs/version.rb
CHANGED
data/sig/errors.rbs
CHANGED
@@ -196,4 +196,13 @@ module RBS
|
|
196
196
|
|
197
197
|
def mixin_name: () -> String
|
198
198
|
end
|
199
|
+
|
200
|
+
class RecursiveTypeAliasError < LoadingError
|
201
|
+
attr_reader alias_names: Array[TypeName]
|
202
|
+
attr_reader location: Location
|
203
|
+
|
204
|
+
def initialize: (alias_names: Array[TypeName], location: Location) -> void
|
205
|
+
|
206
|
+
def name: () -> String
|
207
|
+
end
|
199
208
|
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
module RBS
|
2
|
+
class TypeAliasDependency
|
3
|
+
attr_reader env: Environment
|
4
|
+
|
5
|
+
attr_reader direct_dependencies: Hash[TypeName, Set[TypeName]]
|
6
|
+
attr_reader dependencies: Hash[TypeName, Hash[TypeName, bool]]
|
7
|
+
|
8
|
+
def initialize: (env: Environment) -> void
|
9
|
+
|
10
|
+
def circular_definition?: (TypeName alias_name) -> bool
|
11
|
+
|
12
|
+
def build_dependencies: () -> void
|
13
|
+
|
14
|
+
def transitive_closure: () -> void
|
15
|
+
|
16
|
+
private
|
17
|
+
|
18
|
+
def direct_dependency: (Types::t `type`, ?Set[TypeName] result) -> Set[TypeName]
|
19
|
+
|
20
|
+
def dependency: (TypeName start, TypeName vertex, ?boolish nested) -> void
|
21
|
+
end
|
22
|
+
end
|
data/sig/validator.rbs
CHANGED
@@ -8,5 +8,7 @@ module RBS
|
|
8
8
|
def absolute_type: (Types::t, context: TypeNameResolver::context) { (Types::t) -> TypeName } -> Types::t
|
9
9
|
|
10
10
|
def validate_type: (Types::t, context: TypeNameResolver::context) -> void
|
11
|
+
|
12
|
+
def validate_type_alias: (entry: Environment::SingleEntry[TypeName, AST::Declarations::Alias]) -> void
|
11
13
|
end
|
12
14
|
end
|
@@ -0,0 +1,3711 @@
|
|
1
|
+
# OpenSSL provides SSL, TLS and general purpose cryptography. It wraps the
|
2
|
+
# [OpenSSL](https://www.openssl.org/) library.
|
3
|
+
#
|
4
|
+
# # Examples
|
5
|
+
#
|
6
|
+
# All examples assume you have loaded OpenSSL with:
|
7
|
+
#
|
8
|
+
# require 'openssl'
|
9
|
+
#
|
10
|
+
# These examples build atop each other. For example the key created in the next
|
11
|
+
# is used in throughout these examples.
|
12
|
+
#
|
13
|
+
# ## Keys
|
14
|
+
#
|
15
|
+
# ### Creating a Key
|
16
|
+
#
|
17
|
+
# This example creates a 2048 bit RSA keypair and writes it to the current
|
18
|
+
# directory.
|
19
|
+
#
|
20
|
+
# key = OpenSSL::PKey::RSA.new 2048
|
21
|
+
#
|
22
|
+
# open 'private_key.pem', 'w' do |io| io.write key.to_pem end
|
23
|
+
# open 'public_key.pem', 'w' do |io| io.write key.public_key.to_pem end
|
24
|
+
#
|
25
|
+
# ### Exporting a Key
|
26
|
+
#
|
27
|
+
# Keys saved to disk without encryption are not secure as anyone who gets ahold
|
28
|
+
# of the key may use it unless it is encrypted. In order to securely export a
|
29
|
+
# key you may export it with a pass phrase.
|
30
|
+
#
|
31
|
+
# cipher = OpenSSL::Cipher.new 'AES-256-CBC'
|
32
|
+
# pass_phrase = 'my secure pass phrase goes here'
|
33
|
+
#
|
34
|
+
# key_secure = key.export cipher, pass_phrase
|
35
|
+
#
|
36
|
+
# open 'private.secure.pem', 'w' do |io|
|
37
|
+
# io.write key_secure
|
38
|
+
# end
|
39
|
+
#
|
40
|
+
# OpenSSL::Cipher.ciphers returns a list of available ciphers.
|
41
|
+
#
|
42
|
+
# ### Loading a Key
|
43
|
+
#
|
44
|
+
# A key can also be loaded from a file.
|
45
|
+
#
|
46
|
+
# key2 = OpenSSL::PKey::RSA.new File.read 'private_key.pem'
|
47
|
+
# key2.public? # => true
|
48
|
+
# key2.private? # => true
|
49
|
+
#
|
50
|
+
# or
|
51
|
+
#
|
52
|
+
# key3 = OpenSSL::PKey::RSA.new File.read 'public_key.pem'
|
53
|
+
# key3.public? # => true
|
54
|
+
# key3.private? # => false
|
55
|
+
#
|
56
|
+
# ### Loading an Encrypted Key
|
57
|
+
#
|
58
|
+
# OpenSSL will prompt you for your pass phrase when loading an encrypted key. If
|
59
|
+
# you will not be able to type in the pass phrase you may provide it when
|
60
|
+
# loading the key:
|
61
|
+
#
|
62
|
+
# key4_pem = File.read 'private.secure.pem'
|
63
|
+
# pass_phrase = 'my secure pass phrase goes here'
|
64
|
+
# key4 = OpenSSL::PKey::RSA.new key4_pem, pass_phrase
|
65
|
+
#
|
66
|
+
# ## RSA Encryption
|
67
|
+
#
|
68
|
+
# RSA provides encryption and decryption using the public and private keys. You
|
69
|
+
# can use a variety of padding methods depending upon the intended use of
|
70
|
+
# encrypted data.
|
71
|
+
#
|
72
|
+
# ### Encryption & Decryption
|
73
|
+
#
|
74
|
+
# Asymmetric public/private key encryption is slow and victim to attack in cases
|
75
|
+
# where it is used without padding or directly to encrypt larger chunks of data.
|
76
|
+
# Typical use cases for RSA encryption involve "wrapping" a symmetric key with
|
77
|
+
# the public key of the recipient who would "unwrap" that symmetric key again
|
78
|
+
# using their private key. The following illustrates a simplified example of
|
79
|
+
# such a key transport scheme. It shouldn't be used in practice, though,
|
80
|
+
# standardized protocols should always be preferred.
|
81
|
+
#
|
82
|
+
# wrapped_key = key.public_encrypt key
|
83
|
+
#
|
84
|
+
# A symmetric key encrypted with the public key can only be decrypted with the
|
85
|
+
# corresponding private key of the recipient.
|
86
|
+
#
|
87
|
+
# original_key = key.private_decrypt wrapped_key
|
88
|
+
#
|
89
|
+
# By default PKCS#1 padding will be used, but it is also possible to use other
|
90
|
+
# forms of padding, see PKey::RSA for further details.
|
91
|
+
#
|
92
|
+
# ### Signatures
|
93
|
+
#
|
94
|
+
# Using "private_encrypt" to encrypt some data with the private key is
|
95
|
+
# equivalent to applying a digital signature to the data. A verifying party may
|
96
|
+
# validate the signature by comparing the result of decrypting the signature
|
97
|
+
# with "public_decrypt" to the original data. However, OpenSSL::PKey already has
|
98
|
+
# methods "sign" and "verify" that handle digital signatures in a standardized
|
99
|
+
# way - "private_encrypt" and "public_decrypt" shouldn't be used in practice.
|
100
|
+
#
|
101
|
+
# To sign a document, a cryptographically secure hash of the document is
|
102
|
+
# computed first, which is then signed using the private key.
|
103
|
+
#
|
104
|
+
# signature = key.sign 'SHA256', document
|
105
|
+
#
|
106
|
+
# To validate the signature, again a hash of the document is computed and the
|
107
|
+
# signature is decrypted using the public key. The result is then compared to
|
108
|
+
# the hash just computed, if they are equal the signature was valid.
|
109
|
+
#
|
110
|
+
# if key.verify 'SHA256', signature, document
|
111
|
+
# puts 'Valid'
|
112
|
+
# else
|
113
|
+
# puts 'Invalid'
|
114
|
+
# end
|
115
|
+
#
|
116
|
+
# ## PBKDF2 Password-based Encryption
|
117
|
+
#
|
118
|
+
# If supported by the underlying OpenSSL version used, Password-based Encryption
|
119
|
+
# should use the features of PKCS5. If not supported or if required by legacy
|
120
|
+
# applications, the older, less secure methods specified in RFC 2898 are also
|
121
|
+
# supported (see below).
|
122
|
+
#
|
123
|
+
# PKCS5 supports PBKDF2 as it was specified in PKCS#5
|
124
|
+
# [v2.0](http://www.rsa.com/rsalabs/node.asp?id=2127). It still uses a password,
|
125
|
+
# a salt, and additionally a number of iterations that will slow the key
|
126
|
+
# derivation process down. The slower this is, the more work it requires being
|
127
|
+
# able to brute-force the resulting key.
|
128
|
+
#
|
129
|
+
# ### Encryption
|
130
|
+
#
|
131
|
+
# The strategy is to first instantiate a Cipher for encryption, and then to
|
132
|
+
# generate a random IV plus a key derived from the password using PBKDF2. PKCS
|
133
|
+
# #5 v2.0 recommends at least 8 bytes for the salt, the number of iterations
|
134
|
+
# largely depends on the hardware being used.
|
135
|
+
#
|
136
|
+
# cipher = OpenSSL::Cipher.new 'AES-256-CBC'
|
137
|
+
# cipher.encrypt
|
138
|
+
# iv = cipher.random_iv
|
139
|
+
#
|
140
|
+
# pwd = 'some hopefully not to easily guessable password'
|
141
|
+
# salt = OpenSSL::Random.random_bytes 16
|
142
|
+
# iter = 20000
|
143
|
+
# key_len = cipher.key_len
|
144
|
+
# digest = OpenSSL::Digest.new('SHA256')
|
145
|
+
#
|
146
|
+
# key = OpenSSL::PKCS5.pbkdf2_hmac(pwd, salt, iter, key_len, digest)
|
147
|
+
# cipher.key = key
|
148
|
+
#
|
149
|
+
# Now encrypt the data:
|
150
|
+
#
|
151
|
+
# encrypted = cipher.update document
|
152
|
+
# encrypted << cipher.final
|
153
|
+
#
|
154
|
+
# ### Decryption
|
155
|
+
#
|
156
|
+
# Use the same steps as before to derive the symmetric AES key, this time
|
157
|
+
# setting the Cipher up for decryption.
|
158
|
+
#
|
159
|
+
# cipher = OpenSSL::Cipher.new 'AES-256-CBC'
|
160
|
+
# cipher.decrypt
|
161
|
+
# cipher.iv = iv # the one generated with #random_iv
|
162
|
+
#
|
163
|
+
# pwd = 'some hopefully not to easily guessable password'
|
164
|
+
# salt = ... # the one generated above
|
165
|
+
# iter = 20000
|
166
|
+
# key_len = cipher.key_len
|
167
|
+
# digest = OpenSSL::Digest.new('SHA256')
|
168
|
+
#
|
169
|
+
# key = OpenSSL::PKCS5.pbkdf2_hmac(pwd, salt, iter, key_len, digest)
|
170
|
+
# cipher.key = key
|
171
|
+
#
|
172
|
+
# Now decrypt the data:
|
173
|
+
#
|
174
|
+
# decrypted = cipher.update encrypted
|
175
|
+
# decrypted << cipher.final
|
176
|
+
#
|
177
|
+
# ## PKCS #5 Password-based Encryption
|
178
|
+
#
|
179
|
+
# PKCS #5 is a password-based encryption standard documented at
|
180
|
+
# [RFC2898](http://www.ietf.org/rfc/rfc2898.txt). It allows a short password or
|
181
|
+
# passphrase to be used to create a secure encryption key. If possible, PBKDF2
|
182
|
+
# as described above should be used if the circumstances allow it.
|
183
|
+
#
|
184
|
+
# PKCS #5 uses a Cipher, a pass phrase and a salt to generate an encryption key.
|
185
|
+
#
|
186
|
+
# pass_phrase = 'my secure pass phrase goes here'
|
187
|
+
# salt = '8 octets'
|
188
|
+
#
|
189
|
+
# ### Encryption
|
190
|
+
#
|
191
|
+
# First set up the cipher for encryption
|
192
|
+
#
|
193
|
+
# encryptor = OpenSSL::Cipher.new 'AES-256-CBC'
|
194
|
+
# encryptor.encrypt
|
195
|
+
# encryptor.pkcs5_keyivgen pass_phrase, salt
|
196
|
+
#
|
197
|
+
# Then pass the data you want to encrypt through
|
198
|
+
#
|
199
|
+
# encrypted = encryptor.update 'top secret document'
|
200
|
+
# encrypted << encryptor.final
|
201
|
+
#
|
202
|
+
# ### Decryption
|
203
|
+
#
|
204
|
+
# Use a new Cipher instance set up for decryption
|
205
|
+
#
|
206
|
+
# decryptor = OpenSSL::Cipher.new 'AES-256-CBC'
|
207
|
+
# decryptor.decrypt
|
208
|
+
# decryptor.pkcs5_keyivgen pass_phrase, salt
|
209
|
+
#
|
210
|
+
# Then pass the data you want to decrypt through
|
211
|
+
#
|
212
|
+
# plain = decryptor.update encrypted
|
213
|
+
# plain << decryptor.final
|
214
|
+
#
|
215
|
+
# ## X509 Certificates
|
216
|
+
#
|
217
|
+
# ### Creating a Certificate
|
218
|
+
#
|
219
|
+
# This example creates a self-signed certificate using an RSA key and a SHA1
|
220
|
+
# signature.
|
221
|
+
#
|
222
|
+
# key = OpenSSL::PKey::RSA.new 2048
|
223
|
+
# name = OpenSSL::X509::Name.parse '/CN=nobody/DC=example'
|
224
|
+
#
|
225
|
+
# cert = OpenSSL::X509::Certificate.new
|
226
|
+
# cert.version = 2
|
227
|
+
# cert.serial = 0
|
228
|
+
# cert.not_before = Time.now
|
229
|
+
# cert.not_after = Time.now + 3600
|
230
|
+
#
|
231
|
+
# cert.public_key = key.public_key
|
232
|
+
# cert.subject = name
|
233
|
+
#
|
234
|
+
# ### Certificate Extensions
|
235
|
+
#
|
236
|
+
# You can add extensions to the certificate with OpenSSL::SSL::ExtensionFactory
|
237
|
+
# to indicate the purpose of the certificate.
|
238
|
+
#
|
239
|
+
# extension_factory = OpenSSL::X509::ExtensionFactory.new nil, cert
|
240
|
+
#
|
241
|
+
# cert.add_extension \
|
242
|
+
# extension_factory.create_extension('basicConstraints', 'CA:FALSE', true)
|
243
|
+
#
|
244
|
+
# cert.add_extension \
|
245
|
+
# extension_factory.create_extension(
|
246
|
+
# 'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature')
|
247
|
+
#
|
248
|
+
# cert.add_extension \
|
249
|
+
# extension_factory.create_extension('subjectKeyIdentifier', 'hash')
|
250
|
+
#
|
251
|
+
# The list of supported extensions (and in some cases their possible values) can
|
252
|
+
# be derived from the "objects.h" file in the OpenSSL source code.
|
253
|
+
#
|
254
|
+
# ### Signing a Certificate
|
255
|
+
#
|
256
|
+
# To sign a certificate set the issuer and use OpenSSL::X509::Certificate#sign
|
257
|
+
# with a digest algorithm. This creates a self-signed cert because we're using
|
258
|
+
# the same name and key to sign the certificate as was used to create the
|
259
|
+
# certificate.
|
260
|
+
#
|
261
|
+
# cert.issuer = name
|
262
|
+
# cert.sign key, OpenSSL::Digest.new('SHA1')
|
263
|
+
#
|
264
|
+
# open 'certificate.pem', 'w' do |io| io.write cert.to_pem end
|
265
|
+
#
|
266
|
+
# ### Loading a Certificate
|
267
|
+
#
|
268
|
+
# Like a key, a cert can also be loaded from a file.
|
269
|
+
#
|
270
|
+
# cert2 = OpenSSL::X509::Certificate.new File.read 'certificate.pem'
|
271
|
+
#
|
272
|
+
# ### Verifying a Certificate
|
273
|
+
#
|
274
|
+
# Certificate#verify will return true when a certificate was signed with the
|
275
|
+
# given public key.
|
276
|
+
#
|
277
|
+
# raise 'certificate can not be verified' unless cert2.verify key
|
278
|
+
#
|
279
|
+
# ## Certificate Authority
|
280
|
+
#
|
281
|
+
# A certificate authority (CA) is a trusted third party that allows you to
|
282
|
+
# verify the ownership of unknown certificates. The CA issues key signatures
|
283
|
+
# that indicate it trusts the user of that key. A user encountering the key can
|
284
|
+
# verify the signature by using the CA's public key.
|
285
|
+
#
|
286
|
+
# ### CA Key
|
287
|
+
#
|
288
|
+
# CA keys are valuable, so we encrypt and save it to disk and make sure it is
|
289
|
+
# not readable by other users.
|
290
|
+
#
|
291
|
+
# ca_key = OpenSSL::PKey::RSA.new 2048
|
292
|
+
# pass_phrase = 'my secure pass phrase goes here'
|
293
|
+
#
|
294
|
+
# cipher = OpenSSL::Cipher.new 'AES-256-CBC'
|
295
|
+
#
|
296
|
+
# open 'ca_key.pem', 'w', 0400 do |io|
|
297
|
+
# io.write ca_key.export(cipher, pass_phrase)
|
298
|
+
# end
|
299
|
+
#
|
300
|
+
# ### CA Certificate
|
301
|
+
#
|
302
|
+
# A CA certificate is created the same way we created a certificate above, but
|
303
|
+
# with different extensions.
|
304
|
+
#
|
305
|
+
# ca_name = OpenSSL::X509::Name.parse '/CN=ca/DC=example'
|
306
|
+
#
|
307
|
+
# ca_cert = OpenSSL::X509::Certificate.new
|
308
|
+
# ca_cert.serial = 0
|
309
|
+
# ca_cert.version = 2
|
310
|
+
# ca_cert.not_before = Time.now
|
311
|
+
# ca_cert.not_after = Time.now + 86400
|
312
|
+
#
|
313
|
+
# ca_cert.public_key = ca_key.public_key
|
314
|
+
# ca_cert.subject = ca_name
|
315
|
+
# ca_cert.issuer = ca_name
|
316
|
+
#
|
317
|
+
# extension_factory = OpenSSL::X509::ExtensionFactory.new
|
318
|
+
# extension_factory.subject_certificate = ca_cert
|
319
|
+
# extension_factory.issuer_certificate = ca_cert
|
320
|
+
#
|
321
|
+
# ca_cert.add_extension \
|
322
|
+
# extension_factory.create_extension('subjectKeyIdentifier', 'hash')
|
323
|
+
#
|
324
|
+
# This extension indicates the CA's key may be used as a CA.
|
325
|
+
#
|
326
|
+
# ca_cert.add_extension \
|
327
|
+
# extension_factory.create_extension('basicConstraints', 'CA:TRUE', true)
|
328
|
+
#
|
329
|
+
# This extension indicates the CA's key may be used to verify signatures on both
|
330
|
+
# certificates and certificate revocations.
|
331
|
+
#
|
332
|
+
# ca_cert.add_extension \
|
333
|
+
# extension_factory.create_extension(
|
334
|
+
# 'keyUsage', 'cRLSign,keyCertSign', true)
|
335
|
+
#
|
336
|
+
# Root CA certificates are self-signed.
|
337
|
+
#
|
338
|
+
# ca_cert.sign ca_key, OpenSSL::Digest.new('SHA1')
|
339
|
+
#
|
340
|
+
# The CA certificate is saved to disk so it may be distributed to all the users
|
341
|
+
# of the keys this CA will sign.
|
342
|
+
#
|
343
|
+
# open 'ca_cert.pem', 'w' do |io|
|
344
|
+
# io.write ca_cert.to_pem
|
345
|
+
# end
|
346
|
+
#
|
347
|
+
# ### Certificate Signing Request
|
348
|
+
#
|
349
|
+
# The CA signs keys through a Certificate Signing Request (CSR). The CSR
|
350
|
+
# contains the information necessary to identify the key.
|
351
|
+
#
|
352
|
+
# csr = OpenSSL::X509::Request.new
|
353
|
+
# csr.version = 0
|
354
|
+
# csr.subject = name
|
355
|
+
# csr.public_key = key.public_key
|
356
|
+
# csr.sign key, OpenSSL::Digest.new('SHA1')
|
357
|
+
#
|
358
|
+
# A CSR is saved to disk and sent to the CA for signing.
|
359
|
+
#
|
360
|
+
# open 'csr.pem', 'w' do |io|
|
361
|
+
# io.write csr.to_pem
|
362
|
+
# end
|
363
|
+
#
|
364
|
+
# ### Creating a Certificate from a CSR
|
365
|
+
#
|
366
|
+
# Upon receiving a CSR the CA will verify it before signing it. A minimal
|
367
|
+
# verification would be to check the CSR's signature.
|
368
|
+
#
|
369
|
+
# csr = OpenSSL::X509::Request.new File.read 'csr.pem'
|
370
|
+
#
|
371
|
+
# raise 'CSR can not be verified' unless csr.verify csr.public_key
|
372
|
+
#
|
373
|
+
# After verification a certificate is created, marked for various usages, signed
|
374
|
+
# with the CA key and returned to the requester.
|
375
|
+
#
|
376
|
+
# csr_cert = OpenSSL::X509::Certificate.new
|
377
|
+
# csr_cert.serial = 0
|
378
|
+
# csr_cert.version = 2
|
379
|
+
# csr_cert.not_before = Time.now
|
380
|
+
# csr_cert.not_after = Time.now + 600
|
381
|
+
#
|
382
|
+
# csr_cert.subject = csr.subject
|
383
|
+
# csr_cert.public_key = csr.public_key
|
384
|
+
# csr_cert.issuer = ca_cert.subject
|
385
|
+
#
|
386
|
+
# extension_factory = OpenSSL::X509::ExtensionFactory.new
|
387
|
+
# extension_factory.subject_certificate = csr_cert
|
388
|
+
# extension_factory.issuer_certificate = ca_cert
|
389
|
+
#
|
390
|
+
# csr_cert.add_extension \
|
391
|
+
# extension_factory.create_extension('basicConstraints', 'CA:FALSE')
|
392
|
+
#
|
393
|
+
# csr_cert.add_extension \
|
394
|
+
# extension_factory.create_extension(
|
395
|
+
# 'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature')
|
396
|
+
#
|
397
|
+
# csr_cert.add_extension \
|
398
|
+
# extension_factory.create_extension('subjectKeyIdentifier', 'hash')
|
399
|
+
#
|
400
|
+
# csr_cert.sign ca_key, OpenSSL::Digest.new('SHA1')
|
401
|
+
#
|
402
|
+
# open 'csr_cert.pem', 'w' do |io|
|
403
|
+
# io.write csr_cert.to_pem
|
404
|
+
# end
|
405
|
+
#
|
406
|
+
# ## SSL and TLS Connections
|
407
|
+
#
|
408
|
+
# Using our created key and certificate we can create an SSL or TLS connection.
|
409
|
+
# An SSLContext is used to set up an SSL session.
|
410
|
+
#
|
411
|
+
# context = OpenSSL::SSL::SSLContext.new
|
412
|
+
#
|
413
|
+
# ### SSL Server
|
414
|
+
#
|
415
|
+
# An SSL server requires the certificate and private key to communicate securely
|
416
|
+
# with its clients:
|
417
|
+
#
|
418
|
+
# context.cert = cert
|
419
|
+
# context.key = key
|
420
|
+
#
|
421
|
+
# Then create an SSLServer with a TCP server socket and the context. Use the
|
422
|
+
# SSLServer like an ordinary TCP server.
|
423
|
+
#
|
424
|
+
# require 'socket'
|
425
|
+
#
|
426
|
+
# tcp_server = TCPServer.new 5000
|
427
|
+
# ssl_server = OpenSSL::SSL::SSLServer.new tcp_server, context
|
428
|
+
#
|
429
|
+
# loop do
|
430
|
+
# ssl_connection = ssl_server.accept
|
431
|
+
#
|
432
|
+
# data = connection.gets
|
433
|
+
#
|
434
|
+
# response = "I got #{data.dump}"
|
435
|
+
# puts response
|
436
|
+
#
|
437
|
+
# connection.puts "I got #{data.dump}"
|
438
|
+
# connection.close
|
439
|
+
# end
|
440
|
+
#
|
441
|
+
# ### SSL client
|
442
|
+
#
|
443
|
+
# An SSL client is created with a TCP socket and the context. SSLSocket#connect
|
444
|
+
# must be called to initiate the SSL handshake and start encryption. A key and
|
445
|
+
# certificate are not required for the client socket.
|
446
|
+
#
|
447
|
+
# Note that SSLSocket#close doesn't close the underlying socket by default. Set
|
448
|
+
# SSLSocket#sync_close to true if you want.
|
449
|
+
#
|
450
|
+
# require 'socket'
|
451
|
+
#
|
452
|
+
# tcp_socket = TCPSocket.new 'localhost', 5000
|
453
|
+
# ssl_client = OpenSSL::SSL::SSLSocket.new tcp_socket, context
|
454
|
+
# ssl_client.sync_close = true
|
455
|
+
# ssl_client.connect
|
456
|
+
#
|
457
|
+
# ssl_client.puts "hello server!"
|
458
|
+
# puts ssl_client.gets
|
459
|
+
#
|
460
|
+
# ssl_client.close # shutdown the TLS connection and close tcp_socket
|
461
|
+
#
|
462
|
+
# ### Peer Verification
|
463
|
+
#
|
464
|
+
# An unverified SSL connection does not provide much security. For enhanced
|
465
|
+
# security the client or server can verify the certificate of its peer.
|
466
|
+
#
|
467
|
+
# The client can be modified to verify the server's certificate against the
|
468
|
+
# certificate authority's certificate:
|
469
|
+
#
|
470
|
+
# context.ca_file = 'ca_cert.pem'
|
471
|
+
# context.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
472
|
+
#
|
473
|
+
# require 'socket'
|
474
|
+
#
|
475
|
+
# tcp_socket = TCPSocket.new 'localhost', 5000
|
476
|
+
# ssl_client = OpenSSL::SSL::SSLSocket.new tcp_socket, context
|
477
|
+
# ssl_client.connect
|
478
|
+
#
|
479
|
+
# ssl_client.puts "hello server!"
|
480
|
+
# puts ssl_client.gets
|
481
|
+
#
|
482
|
+
# If the server certificate is invalid or `context.ca_file` is not set when
|
483
|
+
# verifying peers an OpenSSL::SSL::SSLError will be raised.
|
484
|
+
module OpenSSL
|
485
|
+
# Returns a Digest subclass by *name*
|
486
|
+
#
|
487
|
+
# require 'openssl'
|
488
|
+
#
|
489
|
+
# OpenSSL::Digest("MD5")
|
490
|
+
# # => OpenSSL::Digest::MD5
|
491
|
+
#
|
492
|
+
# Digest("Foo")
|
493
|
+
# # => NameError: wrong constant name Foo
|
494
|
+
#
|
495
|
+
def self.Digest: (String name) -> singleton(Digest)
|
496
|
+
|
497
|
+
def self.debug: () -> bool
|
498
|
+
|
499
|
+
# Turns on or off debug mode. With debug mode, all erros added to the OpenSSL
|
500
|
+
# error queue will be printed to stderr.
|
501
|
+
#
|
502
|
+
def self.debug=: [U] (boolish) -> U
|
503
|
+
|
504
|
+
# See any remaining errors held in queue.
|
505
|
+
#
|
506
|
+
# Any errors you see here are probably due to a bug in Ruby's OpenSSL
|
507
|
+
# implementation.
|
508
|
+
#
|
509
|
+
def self.errors: () -> Array[String]
|
510
|
+
|
511
|
+
def self.fips_mode: () -> bool
|
512
|
+
|
513
|
+
# Turns FIPS mode on or off. Turning on FIPS mode will obviously only have an
|
514
|
+
# effect for FIPS-capable installations of the OpenSSL library. Trying to do so
|
515
|
+
# otherwise will result in an error.
|
516
|
+
#
|
517
|
+
# ### Examples
|
518
|
+
# OpenSSL.fips_mode = true # turn FIPS mode on
|
519
|
+
# OpenSSL.fips_mode = false # and off again
|
520
|
+
#
|
521
|
+
def self.fips_mode=: [U] (boolish) -> U
|
522
|
+
|
523
|
+
# Constant time memory comparison for fixed length strings, such as results of
|
524
|
+
# HMAC calculations.
|
525
|
+
#
|
526
|
+
# Returns `true` if the strings are identical, `false` if they are of the same
|
527
|
+
# length but not identical. If the length is different, `ArgumentError` is
|
528
|
+
# raised.
|
529
|
+
#
|
530
|
+
def self.fixed_length_secure_compare: (String, String) -> bool
|
531
|
+
|
532
|
+
# Constant time memory comparison. Inputs are hashed using SHA-256 to mask the
|
533
|
+
# length of the secret. Returns `true` if the strings are identical, `false`
|
534
|
+
# otherwise.
|
535
|
+
#
|
536
|
+
#
|
537
|
+
def self.secure_compare: (String a, String b) -> bool
|
538
|
+
|
539
|
+
OPENSSL_FIPS: bool
|
540
|
+
|
541
|
+
OPENSSL_LIBRARY_VERSION: String
|
542
|
+
|
543
|
+
OPENSSL_VERSION: String
|
544
|
+
|
545
|
+
OPENSSL_VERSION_NUMBER: Integer
|
546
|
+
|
547
|
+
VERSION: String
|
548
|
+
|
549
|
+
module ASN1
|
550
|
+
type tagging = :IMPLICIT | :EXPLICIT
|
551
|
+
|
552
|
+
type tag_class = :UNIVERSAL | :CONTEXT_SPECIFIC | :APPLICATION | :PRIVATE
|
553
|
+
|
554
|
+
def self.BMPString: (String value, ?bn tag, ?tagging tagging) -> BMPString
|
555
|
+
|
556
|
+
def self.BitString: (String value, ?bn tag, ?tagging tagging) -> BitString
|
557
|
+
|
558
|
+
def self.Boolean: (boolish value, ?bn tag, ?tagging tagging) -> Boolean
|
559
|
+
|
560
|
+
def self.EndOfContent: () -> EndOfContent
|
561
|
+
|
562
|
+
def self.Enumerated: (bn value, ?bn tag, ?tagging tagging) -> Enumerated
|
563
|
+
|
564
|
+
def self.GeneralString: (String value, ?bn tag, ?tagging tagging) -> GeneralString
|
565
|
+
|
566
|
+
def self.GeneralizedTime: (::Time value, ?bn tag, ?tagging tagging) -> GeneralizedTime
|
567
|
+
|
568
|
+
def self.GraphicString: (String value, ?bn tag, ?tagging tagging) -> GraphicString
|
569
|
+
|
570
|
+
def self.IA5String: (String value, ?bn tag, ?tagging tagging) -> IA5String
|
571
|
+
|
572
|
+
def self.ISO64String: (String value, ?bn tag, ?tagging tagging) -> ISO64String
|
573
|
+
|
574
|
+
def self.Integer: (bn value, ?bn tag, ?tagging tagging) -> Integer
|
575
|
+
|
576
|
+
def self.Null: (nil) -> Null
|
577
|
+
|
578
|
+
def self.NumericString: (String value, ?bn tag, ?tagging tagging) -> NumericString
|
579
|
+
|
580
|
+
def self.ObjectId: (String value, ?bn tag, ?tagging tagging) -> ObjectId
|
581
|
+
|
582
|
+
def self.OctetString: (String value, ?bn tag, ?tagging tagging) -> OctetString
|
583
|
+
|
584
|
+
def self.PrintableString: (String value, ?bn tag, ?tagging tagging) -> PrintableString
|
585
|
+
|
586
|
+
def self.Sequence: (Array[ASN1Data] value, ?bn tag, ?tagging tagging) -> Sequence
|
587
|
+
|
588
|
+
def self.Set: (Array[ASN1Data] value, ?bn tag, ?tagging tagging) -> Set
|
589
|
+
|
590
|
+
def self.T61String: (String value, ?bn tag, ?tagging tagging) -> T61String
|
591
|
+
|
592
|
+
def self.UTCTime: (::Time value, ?bn tag, ?tagging tagging) -> UTCTime
|
593
|
+
|
594
|
+
def self.UTF8String: (String value, ?bn tag, ?tagging tagging) -> UTF8String
|
595
|
+
|
596
|
+
def self.UniversalString: (String value, ?bn tag, ?tagging tagging) -> UniversalString
|
597
|
+
|
598
|
+
def self.VideotexString: (String value, ?bn tag, ?tagging tagging) -> VideotexString
|
599
|
+
|
600
|
+
def self.decode: (String | _ToDer der) -> ASN1Data
|
601
|
+
|
602
|
+
def self.decode_all: (String | _ToDer der) -> Array[ASN1Data]
|
603
|
+
|
604
|
+
def self.traverse: (String | _ToDer der) { (::Integer, ::Integer, ::Integer, ::Integer, bool, tag_class, ::Integer) -> void } -> void
|
605
|
+
|
606
|
+
BIT_STRING: Integer
|
607
|
+
|
608
|
+
BMPSTRING: Integer
|
609
|
+
|
610
|
+
BOOLEAN: Integer
|
611
|
+
|
612
|
+
CHARACTER_STRING: Integer
|
613
|
+
|
614
|
+
EMBEDDED_PDV: Integer
|
615
|
+
|
616
|
+
ENUMERATED: Integer
|
617
|
+
|
618
|
+
EOC: Integer
|
619
|
+
|
620
|
+
EXTERNAL: Integer
|
621
|
+
|
622
|
+
GENERALIZEDTIME: Integer
|
623
|
+
|
624
|
+
GENERALSTRING: Integer
|
625
|
+
|
626
|
+
GRAPHICSTRING: Integer
|
627
|
+
|
628
|
+
IA5STRING: Integer
|
629
|
+
|
630
|
+
INTEGER: Integer
|
631
|
+
|
632
|
+
ISO64STRING: Integer
|
633
|
+
|
634
|
+
NULL: Integer
|
635
|
+
|
636
|
+
NUMERICSTRING: Integer
|
637
|
+
|
638
|
+
OBJECT: Integer
|
639
|
+
|
640
|
+
OBJECT_DESCRIPTOR: Integer
|
641
|
+
|
642
|
+
OCTET_STRING: Integer
|
643
|
+
|
644
|
+
PRINTABLESTRING: Integer
|
645
|
+
|
646
|
+
REAL: Integer
|
647
|
+
|
648
|
+
RELATIVE_OID: Integer
|
649
|
+
|
650
|
+
SEQUENCE: Integer
|
651
|
+
|
652
|
+
SET: Integer
|
653
|
+
|
654
|
+
T61STRING: Integer
|
655
|
+
|
656
|
+
UNIVERSALSTRING: Integer
|
657
|
+
|
658
|
+
UNIVERSAL_TAG_NAME: Array[untyped]
|
659
|
+
|
660
|
+
UTCTIME: Integer
|
661
|
+
|
662
|
+
UTF8STRING: Integer
|
663
|
+
|
664
|
+
VIDEOTEXSTRING: Integer
|
665
|
+
|
666
|
+
interface _ToDer
|
667
|
+
def to_der: () -> String
|
668
|
+
end
|
669
|
+
|
670
|
+
class ASN1Data
|
671
|
+
public
|
672
|
+
|
673
|
+
def indefinite_length: () -> bool
|
674
|
+
|
675
|
+
def indefinite_length=: [U] (boolish) -> U
|
676
|
+
|
677
|
+
alias infinite_length indefinite_length
|
678
|
+
|
679
|
+
alias infinite_length= indefinite_length=
|
680
|
+
|
681
|
+
def tag: () -> bn
|
682
|
+
|
683
|
+
def tag=: (::Integer) -> ::Integer
|
684
|
+
| (BN) -> BN
|
685
|
+
|
686
|
+
def tag_class: () -> tag_class
|
687
|
+
|
688
|
+
def tag_class=: (tag_class) -> tag_class
|
689
|
+
|
690
|
+
def to_der: () -> String
|
691
|
+
|
692
|
+
def value: () -> untyped
|
693
|
+
|
694
|
+
def value=: (untyped) -> untyped
|
695
|
+
|
696
|
+
private
|
697
|
+
|
698
|
+
def initialize: (untyped value, ::Integer tag, tag_class tag_class) -> void
|
699
|
+
end
|
700
|
+
|
701
|
+
class ASN1Error < OpenSSL::OpenSSLError
|
702
|
+
end
|
703
|
+
|
704
|
+
class BMPString < OpenSSL::ASN1::Primitive
|
705
|
+
end
|
706
|
+
|
707
|
+
class BitString < OpenSSL::ASN1::Primitive
|
708
|
+
public
|
709
|
+
|
710
|
+
def unused_bits: () -> ::Integer
|
711
|
+
|
712
|
+
def unused_bits=: (::Integer) -> ::Integer
|
713
|
+
|
714
|
+
def value: () -> String
|
715
|
+
|
716
|
+
def value=: (String) -> String
|
717
|
+
end
|
718
|
+
|
719
|
+
class Boolean < OpenSSL::ASN1::Primitive
|
720
|
+
def value: () -> bool
|
721
|
+
|
722
|
+
def value=: [U] (boolish) -> U
|
723
|
+
end
|
724
|
+
|
725
|
+
class Constructive < OpenSSL::ASN1::ASN1Data
|
726
|
+
include Enumerable[ASN1Data]
|
727
|
+
|
728
|
+
public
|
729
|
+
|
730
|
+
def each: () ?{ (ASN1Data) -> void }-> self
|
731
|
+
|
732
|
+
def tagging: () -> tagging?
|
733
|
+
|
734
|
+
def tagging=: (tagging) -> tagging
|
735
|
+
|
736
|
+
def to_der: () -> String
|
737
|
+
|
738
|
+
private
|
739
|
+
|
740
|
+
def initialize: (Array[ASN1Data]) -> void
|
741
|
+
end
|
742
|
+
|
743
|
+
class EndOfContent < OpenSSL::ASN1::ASN1Data
|
744
|
+
public
|
745
|
+
|
746
|
+
def to_der: () -> String
|
747
|
+
|
748
|
+
private
|
749
|
+
|
750
|
+
def initialize: () -> void
|
751
|
+
end
|
752
|
+
|
753
|
+
class Enumerated < OpenSSL::ASN1::Primitive
|
754
|
+
def value: () -> ::Integer
|
755
|
+
|
756
|
+
def value=: (::Integer) -> ::Integer
|
757
|
+
end
|
758
|
+
|
759
|
+
class GeneralString < OpenSSL::ASN1::Primitive
|
760
|
+
def value: () -> String
|
761
|
+
|
762
|
+
def value=: (String) -> String
|
763
|
+
end
|
764
|
+
|
765
|
+
class GeneralizedTime < OpenSSL::ASN1::Primitive
|
766
|
+
def value: () -> Time
|
767
|
+
|
768
|
+
def value=: (Time) -> Time
|
769
|
+
end
|
770
|
+
|
771
|
+
class GraphicString < OpenSSL::ASN1::Primitive
|
772
|
+
def value: () -> String
|
773
|
+
|
774
|
+
def value=: (String) -> String
|
775
|
+
end
|
776
|
+
|
777
|
+
class IA5String < OpenSSL::ASN1::Primitive
|
778
|
+
def value: () -> String
|
779
|
+
|
780
|
+
def value=: (String) -> String
|
781
|
+
end
|
782
|
+
|
783
|
+
class ISO64String < OpenSSL::ASN1::Primitive
|
784
|
+
def value: () -> String
|
785
|
+
|
786
|
+
def value=: (String) -> String
|
787
|
+
end
|
788
|
+
|
789
|
+
class Integer < OpenSSL::ASN1::Primitive
|
790
|
+
def value: () -> ::Integer
|
791
|
+
|
792
|
+
def value=: (::Integer) -> ::Integer
|
793
|
+
end
|
794
|
+
|
795
|
+
class Null < OpenSSL::ASN1::Primitive
|
796
|
+
def value: () -> nil
|
797
|
+
|
798
|
+
def value=: (nil) -> nil
|
799
|
+
end
|
800
|
+
|
801
|
+
class NumericString < OpenSSL::ASN1::Primitive
|
802
|
+
def value: () -> String
|
803
|
+
|
804
|
+
def value=: (String) -> String
|
805
|
+
end
|
806
|
+
|
807
|
+
class ObjectId < OpenSSL::ASN1::Primitive
|
808
|
+
def self.register: (String object_id, String short_name, String ong_name) -> bool
|
809
|
+
|
810
|
+
def value: () -> String
|
811
|
+
|
812
|
+
def value=: (String) -> String
|
813
|
+
|
814
|
+
public
|
815
|
+
|
816
|
+
def ==: (ObjectId other) -> bool
|
817
|
+
|
818
|
+
def ln: () -> String?
|
819
|
+
|
820
|
+
alias long_name ln
|
821
|
+
|
822
|
+
def oid: () -> String
|
823
|
+
|
824
|
+
alias short_name sn
|
825
|
+
|
826
|
+
def sn: () -> String?
|
827
|
+
end
|
828
|
+
|
829
|
+
class OctetString < OpenSSL::ASN1::Primitive
|
830
|
+
def value: () -> String
|
831
|
+
|
832
|
+
def value=: (String) -> String
|
833
|
+
end
|
834
|
+
|
835
|
+
class Primitive < OpenSSL::ASN1::ASN1Data
|
836
|
+
public
|
837
|
+
|
838
|
+
def tagging: () -> tagging?
|
839
|
+
|
840
|
+
def tagging=: (tagging) -> tagging
|
841
|
+
|
842
|
+
def to_der: () -> String
|
843
|
+
|
844
|
+
private
|
845
|
+
|
846
|
+
def initialize: (untyped value, ?Integer tag, ?tagging tagging) -> void
|
847
|
+
end
|
848
|
+
|
849
|
+
class PrintableString < OpenSSL::ASN1::Primitive
|
850
|
+
def value: () -> String
|
851
|
+
|
852
|
+
def value=: (String) -> String
|
853
|
+
end
|
854
|
+
|
855
|
+
class Sequence < OpenSSL::ASN1::Constructive
|
856
|
+
def value: () -> Array[ASN1Data]
|
857
|
+
|
858
|
+
def value=: (Array[ASN1Data]) -> Array[ASN1Data]
|
859
|
+
end
|
860
|
+
|
861
|
+
class Set < OpenSSL::ASN1::Constructive
|
862
|
+
end
|
863
|
+
|
864
|
+
class T61String < OpenSSL::ASN1::Primitive
|
865
|
+
def value: () -> String
|
866
|
+
|
867
|
+
def value=: (String) -> String
|
868
|
+
end
|
869
|
+
|
870
|
+
class UTCTime < OpenSSL::ASN1::Primitive
|
871
|
+
def value: () -> Time
|
872
|
+
|
873
|
+
def value=: (Time) -> Time
|
874
|
+
end
|
875
|
+
|
876
|
+
class UTF8String < OpenSSL::ASN1::Primitive
|
877
|
+
def value: () -> String
|
878
|
+
|
879
|
+
def value=: (String) -> String
|
880
|
+
end
|
881
|
+
|
882
|
+
class UniversalString < OpenSSL::ASN1::Primitive
|
883
|
+
def value: () -> String
|
884
|
+
|
885
|
+
def value=: (String) -> String
|
886
|
+
end
|
887
|
+
|
888
|
+
class VideotexString < OpenSSL::ASN1::Primitive
|
889
|
+
def value: () -> String
|
890
|
+
|
891
|
+
def value=: (String) -> String
|
892
|
+
end
|
893
|
+
end
|
894
|
+
|
895
|
+
type bn = BN | ::Integer
|
896
|
+
|
897
|
+
class BN
|
898
|
+
include Comparable
|
899
|
+
|
900
|
+
def self.generate_prime: (::Integer bits, ?boolish safe, ?bn add, ?bn rem) -> instance
|
901
|
+
|
902
|
+
def self.pseudo_rand: (*untyped) -> untyped
|
903
|
+
|
904
|
+
def self.pseudo_rand_range: (untyped) -> untyped
|
905
|
+
|
906
|
+
def self.rand: (*untyped) -> untyped
|
907
|
+
|
908
|
+
def self.rand_range: (untyped) -> untyped
|
909
|
+
|
910
|
+
public
|
911
|
+
|
912
|
+
def %: (int) -> instance
|
913
|
+
|
914
|
+
def *: (int) -> instance
|
915
|
+
|
916
|
+
def **: (int) -> instance
|
917
|
+
|
918
|
+
def +: (int) -> instance
|
919
|
+
|
920
|
+
def +@: () -> instance
|
921
|
+
|
922
|
+
def -: (int) -> instance
|
923
|
+
|
924
|
+
def -@: () -> instance
|
925
|
+
|
926
|
+
def /: (int) -> [instance, instance]
|
927
|
+
|
928
|
+
def <<: (int) -> instance
|
929
|
+
|
930
|
+
alias <=> cmp
|
931
|
+
|
932
|
+
def ==: (untyped) -> bool
|
933
|
+
|
934
|
+
alias === ==
|
935
|
+
|
936
|
+
def >>: (int) -> int
|
937
|
+
|
938
|
+
def bit_set?: (int) -> bool
|
939
|
+
|
940
|
+
def clear_bit!: (int) -> void
|
941
|
+
|
942
|
+
def cmp: (Integer) -> Integer
|
943
|
+
|
944
|
+
def coerce: (::Integer) -> Array[Integer]
|
945
|
+
| (BN) -> Array[BN]
|
946
|
+
|
947
|
+
def copy: (int) -> instance
|
948
|
+
|
949
|
+
def eql?: (untyped other) -> bool
|
950
|
+
|
951
|
+
def gcd: (int) -> instance
|
952
|
+
|
953
|
+
def hash: () -> Integer
|
954
|
+
|
955
|
+
def lshift!: (int bits) -> self
|
956
|
+
|
957
|
+
def mask_bits!: (int) -> void
|
958
|
+
|
959
|
+
def mod_add: (int, int) -> instance
|
960
|
+
|
961
|
+
def mod_exp: (int, int) -> instance
|
962
|
+
|
963
|
+
def mod_inverse: (int) -> instance
|
964
|
+
|
965
|
+
def mod_mul: (int, int) -> instance
|
966
|
+
|
967
|
+
def mod_sqr: (int) -> instance
|
968
|
+
|
969
|
+
def mod_sub: (int, int) -> instance
|
970
|
+
|
971
|
+
def negative?: () -> bool
|
972
|
+
|
973
|
+
def num_bits: () -> ::Integer
|
974
|
+
|
975
|
+
def num_bytes: () -> ::Integer
|
976
|
+
|
977
|
+
def odd?: () -> bool
|
978
|
+
|
979
|
+
def one?: () -> bool
|
980
|
+
|
981
|
+
def pretty_print: (untyped q) -> untyped
|
982
|
+
|
983
|
+
def prime?: (?int checks) -> bool
|
984
|
+
|
985
|
+
def prime_fasttest?: (?int checks, ?int trial_div) -> bool
|
986
|
+
|
987
|
+
def rshift!: (int bits) -> self
|
988
|
+
|
989
|
+
def set_bit!: (int bit) -> self
|
990
|
+
|
991
|
+
def sqr: () -> instance
|
992
|
+
|
993
|
+
def to_bn: () -> self
|
994
|
+
|
995
|
+
def to_i: () -> ::Integer
|
996
|
+
|
997
|
+
alias to_int to_i
|
998
|
+
|
999
|
+
def to_s: () -> String
|
1000
|
+
| (0) -> String
|
1001
|
+
| (2) -> String
|
1002
|
+
| (10) -> String
|
1003
|
+
| (16) -> String
|
1004
|
+
| (int base) -> String
|
1005
|
+
|
1006
|
+
def ucmp: (int bn2) -> ::Integer
|
1007
|
+
|
1008
|
+
def zero?: () -> bool
|
1009
|
+
|
1010
|
+
private
|
1011
|
+
|
1012
|
+
def initialize: (instance) -> void
|
1013
|
+
| (int) -> void
|
1014
|
+
| (String) -> void
|
1015
|
+
| (String, 0 | 2 | 10 | 16) -> void
|
1016
|
+
|
1017
|
+
def initialize_copy: (instance other) -> instance
|
1018
|
+
end
|
1019
|
+
|
1020
|
+
class BNError < OpenSSL::OpenSSLError
|
1021
|
+
end
|
1022
|
+
|
1023
|
+
module Buffering
|
1024
|
+
include Enumerable[untyped]
|
1025
|
+
|
1026
|
+
public
|
1027
|
+
|
1028
|
+
def <<: (String s) -> self
|
1029
|
+
|
1030
|
+
def close: () -> void
|
1031
|
+
|
1032
|
+
def each: (?String eol) ?{ (String) -> void } -> void
|
1033
|
+
|
1034
|
+
def each_byte: () ?{ (Integer) -> void } -> void
|
1035
|
+
|
1036
|
+
alias each_line each
|
1037
|
+
|
1038
|
+
alias eof eof?
|
1039
|
+
|
1040
|
+
def eof?: () -> bool
|
1041
|
+
|
1042
|
+
def flush: () -> self
|
1043
|
+
|
1044
|
+
def getc: () -> String?
|
1045
|
+
|
1046
|
+
def gets: (?(String | Regexp) eol, ?Integer limit) -> String?
|
1047
|
+
|
1048
|
+
def print: (*untyped args) -> nil
|
1049
|
+
|
1050
|
+
def printf: (String format_string, *untyped args) -> nil
|
1051
|
+
|
1052
|
+
def puts: (*untyped args) -> nil
|
1053
|
+
|
1054
|
+
def read: (?Integer? size, ?String buf) -> String?
|
1055
|
+
|
1056
|
+
def read_nonblock: (Integer maxlen, ?String buf, ?exception: true) -> String
|
1057
|
+
| (Integer maxlen, ?String buf, exception: false) -> (String | :wait_writable | :wait_readable | nil)
|
1058
|
+
|
1059
|
+
def readchar: () -> String
|
1060
|
+
|
1061
|
+
def readline: (?String eol) -> String
|
1062
|
+
|
1063
|
+
def readlines: (?String eol) -> ::Array[String]
|
1064
|
+
|
1065
|
+
def readpartial: (Integer maxlen, ?String buf) -> String
|
1066
|
+
|
1067
|
+
def sync: () -> bool
|
1068
|
+
|
1069
|
+
def sync=: (boolish) -> void
|
1070
|
+
|
1071
|
+
def ungetc: (String c) -> String
|
1072
|
+
|
1073
|
+
def write: (*_ToS s) -> Integer
|
1074
|
+
|
1075
|
+
def write_nonblock: (_ToS s, ?exception: true) -> Integer
|
1076
|
+
| (_ToS s, exception: false) -> (Integer | :wait_writable | :wait_readable | nil)
|
1077
|
+
|
1078
|
+
private
|
1079
|
+
|
1080
|
+
def consume_rbuff: (?untyped size) -> untyped
|
1081
|
+
|
1082
|
+
def do_write: (untyped s) -> untyped
|
1083
|
+
|
1084
|
+
def fill_rbuff: () -> untyped
|
1085
|
+
|
1086
|
+
BLOCK_SIZE: Integer
|
1087
|
+
|
1088
|
+
class Buffer < String
|
1089
|
+
BINARY: Encoding
|
1090
|
+
|
1091
|
+
def <<: (String string) -> self
|
1092
|
+
|
1093
|
+
alias concat <<
|
1094
|
+
end
|
1095
|
+
end
|
1096
|
+
|
1097
|
+
class Cipher
|
1098
|
+
def self.ciphers: () -> Array[String]
|
1099
|
+
|
1100
|
+
public
|
1101
|
+
|
1102
|
+
def auth_data=: (String) -> String
|
1103
|
+
|
1104
|
+
def auth_tag: (?Integer tag_len) -> String
|
1105
|
+
|
1106
|
+
def auth_tag=: (String) -> String
|
1107
|
+
|
1108
|
+
def auth_tag_len=: (Integer) -> Integer
|
1109
|
+
|
1110
|
+
def authenticated?: () -> bool
|
1111
|
+
|
1112
|
+
def block_size: () -> Integer
|
1113
|
+
|
1114
|
+
def decrypt: () -> self
|
1115
|
+
|
1116
|
+
def encrypt: () -> self
|
1117
|
+
|
1118
|
+
def final: () -> String
|
1119
|
+
|
1120
|
+
def iv=: (String iv) -> String
|
1121
|
+
|
1122
|
+
def iv_len: () -> Integer
|
1123
|
+
|
1124
|
+
def iv_len=: (Integer) -> Integer
|
1125
|
+
|
1126
|
+
def key=: (String key) -> String
|
1127
|
+
|
1128
|
+
def key_len: () -> Integer
|
1129
|
+
|
1130
|
+
def key_len=: (Integer) -> Integer
|
1131
|
+
|
1132
|
+
def name: () -> String
|
1133
|
+
|
1134
|
+
def padding=: (Integer) -> Integer
|
1135
|
+
|
1136
|
+
def pkcs5_keyivgen: (String pass, ?String salt, ?Integer iterations, ?String digest) -> void
|
1137
|
+
|
1138
|
+
def random_iv: () -> String
|
1139
|
+
|
1140
|
+
def random_key: () -> String
|
1141
|
+
|
1142
|
+
def reset: () -> self
|
1143
|
+
|
1144
|
+
def update: (String data, ?String buffer) -> String
|
1145
|
+
|
1146
|
+
private
|
1147
|
+
|
1148
|
+
def ciphers: () -> Array[String]
|
1149
|
+
|
1150
|
+
def initialize: (String cipher_name) -> void
|
1151
|
+
|
1152
|
+
def initialize_copy: (untyped) -> untyped
|
1153
|
+
|
1154
|
+
class AES < OpenSSL::Cipher
|
1155
|
+
private
|
1156
|
+
|
1157
|
+
def initialize: (*_ToS args) -> void
|
1158
|
+
end
|
1159
|
+
|
1160
|
+
class AES128 < OpenSSL::Cipher
|
1161
|
+
private
|
1162
|
+
|
1163
|
+
def initialize: (?_ToS mode) -> void
|
1164
|
+
end
|
1165
|
+
|
1166
|
+
class AES192 < OpenSSL::Cipher
|
1167
|
+
private
|
1168
|
+
|
1169
|
+
def initialize: (?_ToS mode) -> void
|
1170
|
+
end
|
1171
|
+
|
1172
|
+
class AES256 < OpenSSL::Cipher
|
1173
|
+
private
|
1174
|
+
|
1175
|
+
def initialize: (?_ToS mode) -> void
|
1176
|
+
end
|
1177
|
+
|
1178
|
+
class BF < OpenSSL::Cipher
|
1179
|
+
private
|
1180
|
+
|
1181
|
+
def initialize: (*_ToS args) -> void
|
1182
|
+
end
|
1183
|
+
|
1184
|
+
class CAST5 < OpenSSL::Cipher
|
1185
|
+
private
|
1186
|
+
|
1187
|
+
def initialize: (*_ToS args) -> void
|
1188
|
+
end
|
1189
|
+
|
1190
|
+
class Cipher < OpenSSL::Cipher
|
1191
|
+
end
|
1192
|
+
|
1193
|
+
class CipherError < OpenSSL::OpenSSLError
|
1194
|
+
end
|
1195
|
+
|
1196
|
+
class DES < OpenSSL::Cipher
|
1197
|
+
private
|
1198
|
+
|
1199
|
+
def initialize: (*_ToS args) -> void
|
1200
|
+
end
|
1201
|
+
|
1202
|
+
class IDEA < OpenSSL::Cipher
|
1203
|
+
private
|
1204
|
+
|
1205
|
+
def initialize: (*_ToS args) -> void
|
1206
|
+
end
|
1207
|
+
|
1208
|
+
class RC2 < OpenSSL::Cipher
|
1209
|
+
private
|
1210
|
+
|
1211
|
+
def initialize: (*_ToS args) -> void
|
1212
|
+
end
|
1213
|
+
|
1214
|
+
class RC4 < OpenSSL::Cipher
|
1215
|
+
private
|
1216
|
+
|
1217
|
+
def initialize: (*_ToS args) -> void
|
1218
|
+
end
|
1219
|
+
|
1220
|
+
class RC5 < OpenSSL::Cipher
|
1221
|
+
private
|
1222
|
+
|
1223
|
+
def initialize: (*_ToS args) -> void
|
1224
|
+
end
|
1225
|
+
end
|
1226
|
+
|
1227
|
+
class Config
|
1228
|
+
include Enumerable[[String, String, String]]
|
1229
|
+
|
1230
|
+
def self.load: (?_ToS filename) -> instance
|
1231
|
+
|
1232
|
+
def self.parse: (String string) -> instance
|
1233
|
+
|
1234
|
+
def self.parse_config: (IO io) -> Hash[String, Hash[String, String]]
|
1235
|
+
|
1236
|
+
public
|
1237
|
+
|
1238
|
+
def []: (String section) -> Hash[String, String]
|
1239
|
+
|
1240
|
+
def []=: (String section, _Each[[String, String]] pairs) -> _Each[[String, String]]
|
1241
|
+
|
1242
|
+
def add_value: (String section, untyped key, untyped value) -> untyped
|
1243
|
+
|
1244
|
+
def each: () { ([String, String, String] args0) -> void } -> self
|
1245
|
+
|
1246
|
+
def get_value: (String section, String key) -> String?
|
1247
|
+
|
1248
|
+
def inspect: () -> String
|
1249
|
+
|
1250
|
+
def section: (String name) -> Hash[String, String]
|
1251
|
+
|
1252
|
+
def sections: () -> Array[String]
|
1253
|
+
|
1254
|
+
def to_s: () -> String
|
1255
|
+
|
1256
|
+
private
|
1257
|
+
|
1258
|
+
def initialize: (?_ToS filename) -> void
|
1259
|
+
|
1260
|
+
def initialize_copy: (instance other) -> void
|
1261
|
+
|
1262
|
+
DEFAULT_CONFIG_FILE: String
|
1263
|
+
end
|
1264
|
+
|
1265
|
+
class ConfigError < OpenSSL::OpenSSLError
|
1266
|
+
end
|
1267
|
+
|
1268
|
+
class Digest
|
1269
|
+
def self.digest: (String name, String data) -> String
|
1270
|
+
|
1271
|
+
public
|
1272
|
+
|
1273
|
+
alias << update
|
1274
|
+
|
1275
|
+
def block_length: () -> Integer
|
1276
|
+
|
1277
|
+
def digest: () -> String
|
1278
|
+
|
1279
|
+
def digest_length: () -> Integer
|
1280
|
+
|
1281
|
+
def hexdigest: () -> String
|
1282
|
+
|
1283
|
+
def name: () -> String
|
1284
|
+
|
1285
|
+
def reset: () -> self
|
1286
|
+
|
1287
|
+
def update: (String data) -> self
|
1288
|
+
|
1289
|
+
private
|
1290
|
+
|
1291
|
+
def finish: (*untyped) -> untyped
|
1292
|
+
|
1293
|
+
def initialize: (String name, ?String data) -> void
|
1294
|
+
|
1295
|
+
def initialize_copy: (instance) -> void
|
1296
|
+
|
1297
|
+
class Digest < OpenSSL::Digest
|
1298
|
+
end
|
1299
|
+
|
1300
|
+
class DigestError < OpenSSL::OpenSSLError
|
1301
|
+
end
|
1302
|
+
|
1303
|
+
class MD4 < OpenSSL::Digest
|
1304
|
+
def self.digest: (String data) -> String
|
1305
|
+
|
1306
|
+
def self.hexdigest: (String data) -> String
|
1307
|
+
|
1308
|
+
private
|
1309
|
+
|
1310
|
+
def initialize: (?String data) -> void
|
1311
|
+
end
|
1312
|
+
|
1313
|
+
class MD5 < OpenSSL::Digest
|
1314
|
+
def self.digest: (String data) -> String
|
1315
|
+
|
1316
|
+
def self.hexdigest: (String data) -> String
|
1317
|
+
|
1318
|
+
private
|
1319
|
+
|
1320
|
+
def initialize: (?String data) -> void
|
1321
|
+
end
|
1322
|
+
|
1323
|
+
class RIPEMD160 < OpenSSL::Digest
|
1324
|
+
def self.digest: (String data) -> String
|
1325
|
+
|
1326
|
+
def self.hexdigest: (String data) -> String
|
1327
|
+
|
1328
|
+
private
|
1329
|
+
|
1330
|
+
def initialize: (?String data) -> void
|
1331
|
+
end
|
1332
|
+
|
1333
|
+
class SHA1 < OpenSSL::Digest
|
1334
|
+
def self.digest: (String data) -> String
|
1335
|
+
|
1336
|
+
def self.hexdigest: (String data) -> String
|
1337
|
+
|
1338
|
+
private
|
1339
|
+
|
1340
|
+
def initialize: (?String data) -> void
|
1341
|
+
end
|
1342
|
+
|
1343
|
+
class SHA224 < OpenSSL::Digest
|
1344
|
+
def self.digest: (String data) -> String
|
1345
|
+
|
1346
|
+
def self.hexdigest: (String data) -> String
|
1347
|
+
|
1348
|
+
private
|
1349
|
+
|
1350
|
+
def initialize: (?String data) -> void
|
1351
|
+
end
|
1352
|
+
|
1353
|
+
class SHA256 < OpenSSL::Digest
|
1354
|
+
def self.digest: (String data) -> String
|
1355
|
+
|
1356
|
+
def self.hexdigest: (String data) -> String
|
1357
|
+
|
1358
|
+
private
|
1359
|
+
|
1360
|
+
def initialize: (?String data) -> void
|
1361
|
+
end
|
1362
|
+
|
1363
|
+
class SHA384 < OpenSSL::Digest
|
1364
|
+
def self.digest: (String data) -> String
|
1365
|
+
|
1366
|
+
def self.hexdigest: (String data) -> String
|
1367
|
+
|
1368
|
+
private
|
1369
|
+
|
1370
|
+
def initialize: (?String data) -> void
|
1371
|
+
end
|
1372
|
+
|
1373
|
+
class SHA512 < OpenSSL::Digest
|
1374
|
+
def self.digest: (String data) -> String
|
1375
|
+
|
1376
|
+
def self.hexdigest: (String data) -> String
|
1377
|
+
|
1378
|
+
private
|
1379
|
+
|
1380
|
+
def initialize: (?String data) -> void
|
1381
|
+
end
|
1382
|
+
end
|
1383
|
+
|
1384
|
+
class Engine
|
1385
|
+
def self.by_id: (String name) -> instance
|
1386
|
+
|
1387
|
+
def self.cleanup: () -> void
|
1388
|
+
|
1389
|
+
def self.engines: () -> Array[instance]
|
1390
|
+
|
1391
|
+
def self.load: (?String name) -> (true | nil)
|
1392
|
+
|
1393
|
+
public
|
1394
|
+
|
1395
|
+
def cipher: (String cipher) -> Cipher
|
1396
|
+
|
1397
|
+
def cmds: () -> Array[[String, String, String]]
|
1398
|
+
|
1399
|
+
def ctrl_cmd: (String cmd, ?String value) -> self
|
1400
|
+
|
1401
|
+
def digest: (String digest) -> Digest
|
1402
|
+
|
1403
|
+
def finish: () -> nil
|
1404
|
+
|
1405
|
+
def id: () -> String
|
1406
|
+
|
1407
|
+
def inspect: () -> String
|
1408
|
+
|
1409
|
+
def load_private_key: (?String id, ?String data) -> PKey::PKey
|
1410
|
+
|
1411
|
+
def load_public_key: (?String id, ?String data) -> PKey::PKey
|
1412
|
+
|
1413
|
+
def name: () -> String
|
1414
|
+
|
1415
|
+
def set_default: (Integer flag) -> bool
|
1416
|
+
|
1417
|
+
METHOD_ALL: Integer
|
1418
|
+
|
1419
|
+
METHOD_CIPHERS: Integer
|
1420
|
+
|
1421
|
+
METHOD_DH: Integer
|
1422
|
+
|
1423
|
+
METHOD_DIGESTS: Integer
|
1424
|
+
|
1425
|
+
METHOD_DSA: Integer
|
1426
|
+
|
1427
|
+
METHOD_NONE: Integer
|
1428
|
+
|
1429
|
+
METHOD_RAND: Integer
|
1430
|
+
|
1431
|
+
METHOD_RSA: Integer
|
1432
|
+
|
1433
|
+
class EngineError < OpenSSL::OpenSSLError
|
1434
|
+
end
|
1435
|
+
end
|
1436
|
+
|
1437
|
+
module ExtConfig
|
1438
|
+
HAVE_TLSEXT_HOST_NAME: bool
|
1439
|
+
|
1440
|
+
OPENSSL_NO_SOCK: bool
|
1441
|
+
end
|
1442
|
+
|
1443
|
+
class HMAC
|
1444
|
+
def self.digest: (String algo, String key, String data) -> String
|
1445
|
+
|
1446
|
+
def self.hexdigest: (String algo, String key, String data) -> String
|
1447
|
+
|
1448
|
+
public
|
1449
|
+
|
1450
|
+
alias << update
|
1451
|
+
|
1452
|
+
def ==: (instance other) -> bool
|
1453
|
+
|
1454
|
+
def digest: () -> String
|
1455
|
+
|
1456
|
+
def hexdigest: () -> String
|
1457
|
+
|
1458
|
+
alias inspect hexdigest
|
1459
|
+
|
1460
|
+
def reset: () -> self
|
1461
|
+
|
1462
|
+
alias to_s hexdigest
|
1463
|
+
|
1464
|
+
def update: (String data) -> self
|
1465
|
+
|
1466
|
+
private
|
1467
|
+
|
1468
|
+
def initialize: (String key, Digest digest) -> void
|
1469
|
+
|
1470
|
+
def initialize_copy: (instance) -> void
|
1471
|
+
end
|
1472
|
+
|
1473
|
+
class HMACError < OpenSSL::OpenSSLError
|
1474
|
+
end
|
1475
|
+
|
1476
|
+
module KDF
|
1477
|
+
def self.hkdf: (String ikm, salt: String, info: String, length: Integer, hash: String) -> String
|
1478
|
+
|
1479
|
+
def self.pbkdf2_hmac: (String pass, salt: String, iterations: Integer, length: Integer, hash: String | Digest) -> String
|
1480
|
+
|
1481
|
+
def self.scrypt: (String pass, salt: String, N: Integer, r: Integer, p: Integer, length: Integer) -> String
|
1482
|
+
|
1483
|
+
private
|
1484
|
+
|
1485
|
+
def hkdf: (*untyped) -> untyped
|
1486
|
+
|
1487
|
+
def pbkdf2_hmac: (*untyped) -> untyped
|
1488
|
+
|
1489
|
+
def scrypt: (*untyped) -> untyped
|
1490
|
+
|
1491
|
+
class KDFError < OpenSSL::OpenSSLError
|
1492
|
+
end
|
1493
|
+
end
|
1494
|
+
|
1495
|
+
module Marshal
|
1496
|
+
def self.included: (untyped base) -> untyped
|
1497
|
+
|
1498
|
+
public
|
1499
|
+
|
1500
|
+
def _dump: (untyped _level) -> untyped
|
1501
|
+
|
1502
|
+
module ClassMethods
|
1503
|
+
public
|
1504
|
+
|
1505
|
+
def _load: (untyped string) -> untyped
|
1506
|
+
end
|
1507
|
+
end
|
1508
|
+
|
1509
|
+
module Netscape
|
1510
|
+
class SPKI
|
1511
|
+
public
|
1512
|
+
|
1513
|
+
def challenge: () -> String
|
1514
|
+
|
1515
|
+
def challenge=: (String) -> String
|
1516
|
+
|
1517
|
+
def public_key: () -> PKey::PKey
|
1518
|
+
|
1519
|
+
def public_key=: (PKey::PKey) -> PKey::PKey
|
1520
|
+
|
1521
|
+
def sign: (PKey::PKey key, Digest digest) -> instance
|
1522
|
+
|
1523
|
+
def to_der: () -> String
|
1524
|
+
|
1525
|
+
def to_pem: () -> String
|
1526
|
+
|
1527
|
+
alias to_s to_pem
|
1528
|
+
|
1529
|
+
def to_text: () -> String
|
1530
|
+
|
1531
|
+
def verify: (PKey::PKey key) -> bool
|
1532
|
+
|
1533
|
+
private
|
1534
|
+
|
1535
|
+
def initialize: (?String request) -> void
|
1536
|
+
end
|
1537
|
+
|
1538
|
+
class SPKIError < OpenSSL::OpenSSLError
|
1539
|
+
end
|
1540
|
+
end
|
1541
|
+
|
1542
|
+
module OCSP
|
1543
|
+
NOCASIGN: Integer
|
1544
|
+
|
1545
|
+
NOCERTS: Integer
|
1546
|
+
|
1547
|
+
NOCHAIN: Integer
|
1548
|
+
|
1549
|
+
NOCHECKS: Integer
|
1550
|
+
|
1551
|
+
NODELEGATED: Integer
|
1552
|
+
|
1553
|
+
NOEXPLICIT: Integer
|
1554
|
+
|
1555
|
+
NOINTERN: Integer
|
1556
|
+
|
1557
|
+
NOSIGS: Integer
|
1558
|
+
|
1559
|
+
NOTIME: Integer
|
1560
|
+
|
1561
|
+
NOVERIFY: Integer
|
1562
|
+
|
1563
|
+
RESPID_KEY: Integer
|
1564
|
+
|
1565
|
+
RESPONSE_STATUS_INTERNALERROR: Integer
|
1566
|
+
|
1567
|
+
RESPONSE_STATUS_MALFORMEDREQUEST: Integer
|
1568
|
+
|
1569
|
+
RESPONSE_STATUS_SIGREQUIRED: Integer
|
1570
|
+
|
1571
|
+
RESPONSE_STATUS_SUCCESSFUL: Integer
|
1572
|
+
|
1573
|
+
RESPONSE_STATUS_TRYLATER: Integer
|
1574
|
+
|
1575
|
+
RESPONSE_STATUS_UNAUTHORIZED: Integer
|
1576
|
+
|
1577
|
+
REVOKED_STATUS_AFFILIATIONCHANGED: Integer
|
1578
|
+
|
1579
|
+
REVOKED_STATUS_CACOMPROMISE: Integer
|
1580
|
+
|
1581
|
+
REVOKED_STATUS_CERTIFICATEHOLD: Integer
|
1582
|
+
|
1583
|
+
REVOKED_STATUS_CESSATIONOFOPERATION: Integer
|
1584
|
+
|
1585
|
+
REVOKED_STATUS_KEYCOMPROMISE: Integer
|
1586
|
+
|
1587
|
+
REVOKED_STATUS_NOSTATUS: Integer
|
1588
|
+
|
1589
|
+
REVOKED_STATUS_REMOVEFROMCRL: Integer
|
1590
|
+
|
1591
|
+
REVOKED_STATUS_SUPERSEDED: Integer
|
1592
|
+
|
1593
|
+
REVOKED_STATUS_UNSPECIFIED: Integer
|
1594
|
+
|
1595
|
+
TRUSTOTHER: Integer
|
1596
|
+
|
1597
|
+
V_CERTSTATUS_GOOD: Integer
|
1598
|
+
|
1599
|
+
V_CERTSTATUS_REVOKED: Integer
|
1600
|
+
|
1601
|
+
V_CERTSTATUS_UNKNOWN: Integer
|
1602
|
+
|
1603
|
+
V_RESPID_KEY: Integer
|
1604
|
+
|
1605
|
+
V_RESPID_NAME: Integer
|
1606
|
+
|
1607
|
+
type ocsp_status = Integer
|
1608
|
+
|
1609
|
+
class BasicResponse
|
1610
|
+
public
|
1611
|
+
|
1612
|
+
def add_nonce: (?String nonce) -> self
|
1613
|
+
|
1614
|
+
def add_status: (CertificateId certificate_id, ocsp_status status, Integer? reason, Integer? revocation_time, ?(Integer | Time) this_update, ?(Integer | Time) next_update, ?Array[X509::Extension] extensions) -> self
|
1615
|
+
|
1616
|
+
def copy_nonce: (Request request) -> Integer
|
1617
|
+
|
1618
|
+
def find_response: (CertificateId certificate_id) -> SingleResponse?
|
1619
|
+
|
1620
|
+
def responses: () -> Array[SingleResponse]
|
1621
|
+
|
1622
|
+
def sign: (X509::Certificate cert, PKey::PKey key, ?Array[X509::Certificate] certs, ?Integer flags, ?Digest digest) -> self
|
1623
|
+
|
1624
|
+
def status: () -> Integer
|
1625
|
+
|
1626
|
+
def to_der: () -> String
|
1627
|
+
|
1628
|
+
def verify: (Array[X509::Certificate] certs, X509::Store store, ?Integer flags) -> bool
|
1629
|
+
|
1630
|
+
private
|
1631
|
+
|
1632
|
+
def initialize: (?String der) -> void
|
1633
|
+
|
1634
|
+
def initialize_copy: (instance) -> void
|
1635
|
+
end
|
1636
|
+
|
1637
|
+
class CertificateId
|
1638
|
+
public
|
1639
|
+
|
1640
|
+
def cmp: (instance other) -> bool
|
1641
|
+
|
1642
|
+
def cmp_issuer: (instance other) -> bool
|
1643
|
+
|
1644
|
+
def hash_algorithm: () -> String
|
1645
|
+
|
1646
|
+
def issuer_key_hash: () -> String
|
1647
|
+
|
1648
|
+
def issuer_name_hash: () -> String
|
1649
|
+
|
1650
|
+
def serial: () -> Integer
|
1651
|
+
|
1652
|
+
def to_der: () -> String
|
1653
|
+
|
1654
|
+
private
|
1655
|
+
|
1656
|
+
def initialize: (String | ASN1::_ToDer der) -> void
|
1657
|
+
| (X509::Certificate subject, X509::Certificate issuer, ?Digest digest) -> void
|
1658
|
+
|
1659
|
+
def initialize_copy: (instance) -> void
|
1660
|
+
end
|
1661
|
+
|
1662
|
+
class OCSPError < OpenSSL::OpenSSLError
|
1663
|
+
end
|
1664
|
+
|
1665
|
+
class Request
|
1666
|
+
public
|
1667
|
+
|
1668
|
+
def add_certid: (CertificateId certificate_id) -> self
|
1669
|
+
|
1670
|
+
def add_nonce: (?String nonce) -> self
|
1671
|
+
|
1672
|
+
def certid: () -> Array[CertificateId]
|
1673
|
+
|
1674
|
+
def check_nonce: (Response response) -> (-1 | 0 | 1 | 2 | 3)
|
1675
|
+
|
1676
|
+
def sign: (X509::Certificate cert, PKey::PKey key, ?Array[X509::Certificate] certs, ?Integer flags, ?Digest digest) -> self
|
1677
|
+
|
1678
|
+
def signed?: () -> bool
|
1679
|
+
|
1680
|
+
def to_der: () -> String
|
1681
|
+
|
1682
|
+
def verify: (Array[X509::Certificate] certs, X509::Store store, ?Integer flags) -> bool
|
1683
|
+
|
1684
|
+
private
|
1685
|
+
|
1686
|
+
def initialize: (?String der) -> void
|
1687
|
+
|
1688
|
+
def initialize_copy: (instance) -> void
|
1689
|
+
end
|
1690
|
+
|
1691
|
+
class Response
|
1692
|
+
def self.create: (Integer status, ?BasicResponse response) -> instance
|
1693
|
+
|
1694
|
+
public
|
1695
|
+
|
1696
|
+
def basic: () -> BasicResponse?
|
1697
|
+
|
1698
|
+
def status: () -> Integer
|
1699
|
+
|
1700
|
+
def status_string: () -> String
|
1701
|
+
|
1702
|
+
def to_der: () -> String
|
1703
|
+
|
1704
|
+
private
|
1705
|
+
|
1706
|
+
def initialize: (?String der) -> void
|
1707
|
+
|
1708
|
+
def initialize_copy: (instance) -> void
|
1709
|
+
end
|
1710
|
+
|
1711
|
+
class SingleResponse
|
1712
|
+
public
|
1713
|
+
|
1714
|
+
def cert_status: () -> ocsp_status
|
1715
|
+
|
1716
|
+
def certid: () -> CertificateId
|
1717
|
+
|
1718
|
+
def check_validity: (?Integer nsec, ?Integer maxsec) -> bool
|
1719
|
+
|
1720
|
+
def extensions: () -> Array[X509::Certificate]
|
1721
|
+
|
1722
|
+
def next_update: () -> Time?
|
1723
|
+
|
1724
|
+
def revocation_reason: () -> Integer?
|
1725
|
+
|
1726
|
+
def revocation_time: () -> Time?
|
1727
|
+
|
1728
|
+
def this_update: () -> Time
|
1729
|
+
|
1730
|
+
def to_der: () -> String
|
1731
|
+
|
1732
|
+
private
|
1733
|
+
|
1734
|
+
def initialize: (String der) -> void
|
1735
|
+
|
1736
|
+
def initialize_copy: (instance) -> void
|
1737
|
+
end
|
1738
|
+
end
|
1739
|
+
|
1740
|
+
class OpenSSLError < StandardError
|
1741
|
+
end
|
1742
|
+
|
1743
|
+
class PKCS12
|
1744
|
+
def self.create: (String pass, String name, PKey::PKey key, X509::Certificate cert, ?Array[X509::Certificate]? ca, ?String? key_pbe, ?String? cert_pbe, ?Integer? key_iter, ?Integer? mac_iter, ?Integer? keytype) -> instance
|
1745
|
+
|
1746
|
+
public
|
1747
|
+
|
1748
|
+
def ca_certs: () -> Array[X509::Certificate]?
|
1749
|
+
|
1750
|
+
def certificate: () -> X509::Certificate
|
1751
|
+
|
1752
|
+
def key: () -> PKey::PKey
|
1753
|
+
|
1754
|
+
def to_der: () -> String
|
1755
|
+
|
1756
|
+
private
|
1757
|
+
|
1758
|
+
def initialize: (?String der, ?String pass) -> void
|
1759
|
+
|
1760
|
+
def initialize_copy: (instance) -> void
|
1761
|
+
|
1762
|
+
class PKCS12Error < OpenSSL::OpenSSLError
|
1763
|
+
end
|
1764
|
+
end
|
1765
|
+
|
1766
|
+
module PKCS5
|
1767
|
+
def self.pbkdf2_hmac: (String pass, String salt, Integer iter, Integer keylen, String | Digest digest) -> String
|
1768
|
+
|
1769
|
+
def self.pbkdf2_hmac_sha1: (String pass, String salt, Integer iter, Integer keylen) -> String
|
1770
|
+
|
1771
|
+
private
|
1772
|
+
|
1773
|
+
def pbkdf2_hmac: (untyped pass, untyped salt, untyped iter, untyped keylen, untyped digest) -> untyped
|
1774
|
+
|
1775
|
+
def pbkdf2_hmac_sha1: (untyped pass, untyped salt, untyped iter, untyped keylen) -> untyped
|
1776
|
+
end
|
1777
|
+
|
1778
|
+
class PKCS7
|
1779
|
+
def self.encrypt: (X509::Certificate certs, String data, ?Cipher cipher, ?Integer flags) -> instance
|
1780
|
+
|
1781
|
+
def self.read_smime: (String ) -> instance
|
1782
|
+
|
1783
|
+
def self.sign: (X509::Certificate certs,PKey::PKey key, String data, ?OpenSSL::Cipher cipher, ?Integer flags) -> instance
|
1784
|
+
|
1785
|
+
def self.write_smime: (instance pkcs7, ?String data, ?Integer flags) -> String
|
1786
|
+
|
1787
|
+
public
|
1788
|
+
|
1789
|
+
def add_certificate: (X509::Certificate cert) -> self
|
1790
|
+
|
1791
|
+
def add_crl: (X509::CRL crl) -> self
|
1792
|
+
|
1793
|
+
def add_data: (String data) -> self
|
1794
|
+
|
1795
|
+
def add_recipient: (RecipientInfo recipient) -> self
|
1796
|
+
|
1797
|
+
def add_signer: (SignerInfo signer) -> self
|
1798
|
+
|
1799
|
+
def certificates: () -> Array[X509::Certificate]?
|
1800
|
+
|
1801
|
+
def certificates=: (Array[X509::Certificate]) -> self
|
1802
|
+
|
1803
|
+
def cipher=: (Cipher cipher) -> self
|
1804
|
+
|
1805
|
+
def crls: () -> Array[X509::CRL]?
|
1806
|
+
|
1807
|
+
def crls=: (Array[X509::CRL]) -> self
|
1808
|
+
|
1809
|
+
def data: () -> String?
|
1810
|
+
|
1811
|
+
alias data= add_data
|
1812
|
+
|
1813
|
+
def decrypt: (PKey::PKey p1, ?PKey::PKey p2, ?PKey::PKey p3) -> String
|
1814
|
+
|
1815
|
+
def detached: () -> bool
|
1816
|
+
|
1817
|
+
def detached=: [U] (boolish) -> U
|
1818
|
+
|
1819
|
+
def detached?: () -> bool
|
1820
|
+
|
1821
|
+
def error_string: () -> String?
|
1822
|
+
|
1823
|
+
def error_string=: (String) -> String
|
1824
|
+
|
1825
|
+
def recipients: () -> Array[RecipientInfo]
|
1826
|
+
|
1827
|
+
def signers: () -> Array[SignerInfo]
|
1828
|
+
|
1829
|
+
def to_der: () -> String
|
1830
|
+
|
1831
|
+
def to_pem: () -> String
|
1832
|
+
|
1833
|
+
alias to_s to_pem
|
1834
|
+
|
1835
|
+
def type: () -> String?
|
1836
|
+
|
1837
|
+
def type=: (String) -> String
|
1838
|
+
|
1839
|
+
def verify: (PKey::PKey p1, PKey::PKey p2, ?PKey::PKey p3, ?PKey::PKey p4) -> bool
|
1840
|
+
|
1841
|
+
private
|
1842
|
+
|
1843
|
+
def initialize: (?String der) -> void
|
1844
|
+
|
1845
|
+
def initialize_copy: (instance) -> untyped
|
1846
|
+
|
1847
|
+
BINARY: Integer
|
1848
|
+
|
1849
|
+
DETACHED: Integer
|
1850
|
+
|
1851
|
+
NOATTR: Integer
|
1852
|
+
|
1853
|
+
NOCERTS: Integer
|
1854
|
+
|
1855
|
+
NOCHAIN: Integer
|
1856
|
+
|
1857
|
+
NOINTERN: Integer
|
1858
|
+
|
1859
|
+
NOSIGS: Integer
|
1860
|
+
|
1861
|
+
NOSMIMECAP: Integer
|
1862
|
+
|
1863
|
+
NOVERIFY: Integer
|
1864
|
+
|
1865
|
+
TEXT: Integer
|
1866
|
+
|
1867
|
+
class PKCS7Error < OpenSSL::OpenSSLError
|
1868
|
+
end
|
1869
|
+
|
1870
|
+
class RecipientInfo
|
1871
|
+
public
|
1872
|
+
|
1873
|
+
def enc_key: () -> PKey::PKey
|
1874
|
+
|
1875
|
+
def issuer: () -> X509::Name
|
1876
|
+
|
1877
|
+
def serial: () -> Integer
|
1878
|
+
|
1879
|
+
private
|
1880
|
+
|
1881
|
+
def initialize: (X509::Certificate certificate) -> void
|
1882
|
+
end
|
1883
|
+
|
1884
|
+
class SignerInfo
|
1885
|
+
public
|
1886
|
+
|
1887
|
+
def issuer: () -> X509::Name
|
1888
|
+
|
1889
|
+
def serial: () -> Integer
|
1890
|
+
|
1891
|
+
def signed_time: () -> Time?
|
1892
|
+
|
1893
|
+
private
|
1894
|
+
|
1895
|
+
def initialize: (X509::Certificate certificate, PKey::PKey key, Digest digest) -> void
|
1896
|
+
end
|
1897
|
+
end
|
1898
|
+
|
1899
|
+
module PKey
|
1900
|
+
def self?.read: (String | IO pem, ?String password) -> PKey
|
1901
|
+
|
1902
|
+
class DH < OpenSSL::PKey::PKey
|
1903
|
+
include OpenSSL::Marshal
|
1904
|
+
|
1905
|
+
extend OpenSSL::Marshal::ClassMethods
|
1906
|
+
|
1907
|
+
def self.generate: (Integer size, ?Integer generator) -> instance
|
1908
|
+
|
1909
|
+
public
|
1910
|
+
|
1911
|
+
def compute_key: (bn pub_bn) -> String
|
1912
|
+
|
1913
|
+
def export: () -> String
|
1914
|
+
|
1915
|
+
def g: () -> BN?
|
1916
|
+
|
1917
|
+
def generate_key!: () -> self
|
1918
|
+
|
1919
|
+
def p: () -> BN
|
1920
|
+
|
1921
|
+
def params: () -> Hash[String, BN]
|
1922
|
+
|
1923
|
+
def params_ok?: () -> bool
|
1924
|
+
|
1925
|
+
def priv_key: () -> BN
|
1926
|
+
|
1927
|
+
def private?: () -> bool
|
1928
|
+
|
1929
|
+
def pub_key: () -> BN
|
1930
|
+
|
1931
|
+
def public?: () -> bool
|
1932
|
+
|
1933
|
+
def public_key: () -> instance
|
1934
|
+
|
1935
|
+
def q: () -> BN
|
1936
|
+
|
1937
|
+
def set_key: (bn pub_key, bn? priv_key) -> self
|
1938
|
+
|
1939
|
+
def set_pqg: (bn p, bn q, bn g) -> self
|
1940
|
+
|
1941
|
+
def to_der: () -> String
|
1942
|
+
|
1943
|
+
alias to_pem export
|
1944
|
+
|
1945
|
+
alias to_s export
|
1946
|
+
|
1947
|
+
def to_text: () -> String
|
1948
|
+
|
1949
|
+
private
|
1950
|
+
|
1951
|
+
def initialize: (Integer size, ?Integer generator) -> void
|
1952
|
+
| (String pem) -> void
|
1953
|
+
| () -> void
|
1954
|
+
|
1955
|
+
def initialize_copy: (instance) -> void
|
1956
|
+
end
|
1957
|
+
|
1958
|
+
class DHError < OpenSSL::PKey::PKeyError
|
1959
|
+
end
|
1960
|
+
|
1961
|
+
class DSA < OpenSSL::PKey::PKey
|
1962
|
+
include OpenSSL::Marshal
|
1963
|
+
|
1964
|
+
extend OpenSSL::Marshal::ClassMethods
|
1965
|
+
|
1966
|
+
def self.generate: (Integer size) -> instance
|
1967
|
+
|
1968
|
+
public
|
1969
|
+
|
1970
|
+
def export: (String cipher, String password) -> String
|
1971
|
+
| () -> String
|
1972
|
+
|
1973
|
+
def g: () -> BN
|
1974
|
+
|
1975
|
+
def p: () -> BN
|
1976
|
+
|
1977
|
+
def params: () -> Hash[String, BN]
|
1978
|
+
|
1979
|
+
def priv_key: () -> BN
|
1980
|
+
|
1981
|
+
def private?: () -> bool
|
1982
|
+
|
1983
|
+
def pub_key: () -> BN
|
1984
|
+
|
1985
|
+
def public?: () -> bool
|
1986
|
+
|
1987
|
+
def public_key: () -> instance
|
1988
|
+
|
1989
|
+
def q: () -> BN
|
1990
|
+
|
1991
|
+
def set_key: (bn pub_key, bn? priv_key) -> self
|
1992
|
+
|
1993
|
+
def set_pqg: (bn p, bn q, bn g) -> self
|
1994
|
+
|
1995
|
+
def syssign: (String digest) -> String
|
1996
|
+
|
1997
|
+
def sysverify: (String digest, String data) -> bool
|
1998
|
+
|
1999
|
+
def to_der: () -> String
|
2000
|
+
|
2001
|
+
alias to_pem export
|
2002
|
+
|
2003
|
+
alias to_s export
|
2004
|
+
|
2005
|
+
def to_text: () -> String
|
2006
|
+
|
2007
|
+
private
|
2008
|
+
|
2009
|
+
def initialize: (String pem, ?String pass) -> void
|
2010
|
+
| (?Integer size) -> void
|
2011
|
+
|
2012
|
+
def initialize_copy: (instance) -> void
|
2013
|
+
end
|
2014
|
+
|
2015
|
+
class DSAError < OpenSSL::PKey::PKeyError
|
2016
|
+
end
|
2017
|
+
|
2018
|
+
class EC < OpenSSL::PKey::PKey
|
2019
|
+
include OpenSSL::Marshal
|
2020
|
+
|
2021
|
+
extend OpenSSL::Marshal::ClassMethods
|
2022
|
+
|
2023
|
+
def self.builtin_curves: () -> Array[[String, String]]
|
2024
|
+
|
2025
|
+
def self.generate: (String | Group pem_or_der_or_group_or_curve_name) -> instance
|
2026
|
+
|
2027
|
+
public
|
2028
|
+
|
2029
|
+
def check_key: () -> true
|
2030
|
+
|
2031
|
+
def dh_compute_key: (instance public_key) -> String
|
2032
|
+
|
2033
|
+
def dsa_sign_asn1: (String digest) -> String
|
2034
|
+
|
2035
|
+
def dsa_verify_asn1: (String digest, String signature) -> bool
|
2036
|
+
|
2037
|
+
def export: (String cipher, String password) -> String
|
2038
|
+
| () -> String
|
2039
|
+
|
2040
|
+
alias generate_key generate_key!
|
2041
|
+
|
2042
|
+
def generate_key!: () -> self
|
2043
|
+
|
2044
|
+
def group: () -> Group?
|
2045
|
+
|
2046
|
+
def group=: (Group) -> Group
|
2047
|
+
|
2048
|
+
def private?: () -> bool
|
2049
|
+
|
2050
|
+
def private_key: () -> BN?
|
2051
|
+
|
2052
|
+
def private_key=: (bn priv_key) -> self
|
2053
|
+
|
2054
|
+
alias private_key? private?
|
2055
|
+
|
2056
|
+
def public?: () -> bool
|
2057
|
+
|
2058
|
+
def public_key: () -> Point?
|
2059
|
+
|
2060
|
+
def public_key=: (bn priv_key) -> self
|
2061
|
+
|
2062
|
+
alias public_key? public?
|
2063
|
+
|
2064
|
+
def to_der: () -> String
|
2065
|
+
|
2066
|
+
alias to_pem export
|
2067
|
+
|
2068
|
+
def to_text: () -> String
|
2069
|
+
|
2070
|
+
private
|
2071
|
+
|
2072
|
+
def initialize: (instance ec_key) -> void
|
2073
|
+
| (Group group) -> void
|
2074
|
+
| (String pem_or_der_or_curve, ?String pass) -> void
|
2075
|
+
|
2076
|
+
def initialize_copy: (instance) -> void
|
2077
|
+
|
2078
|
+
EXPLICIT_CURVE: Integer
|
2079
|
+
|
2080
|
+
NAMED_CURVE: Integer
|
2081
|
+
|
2082
|
+
type ec_method = :GFp_simple | :GFp_mont | :GFp_nist | :GF2m_simple
|
2083
|
+
|
2084
|
+
type point_conversion_format = :compressed | :uncompressed | :hybrid
|
2085
|
+
|
2086
|
+
class Group
|
2087
|
+
public
|
2088
|
+
|
2089
|
+
alias == eql?
|
2090
|
+
|
2091
|
+
def asn1_flag: () -> Integer
|
2092
|
+
|
2093
|
+
def asn1_flag=: (Integer) -> Integer
|
2094
|
+
|
2095
|
+
def cofactor: () -> BN
|
2096
|
+
|
2097
|
+
def curve_name: () -> String
|
2098
|
+
|
2099
|
+
def degree: () -> Integer
|
2100
|
+
|
2101
|
+
def eql?: (instance other) -> bool
|
2102
|
+
|
2103
|
+
def generator: () -> Point?
|
2104
|
+
|
2105
|
+
def order: () -> BN
|
2106
|
+
|
2107
|
+
def point_conversion_form: () -> point_conversion_format
|
2108
|
+
|
2109
|
+
def point_conversion_form=: (point_conversion_format format) -> point_conversion_format
|
2110
|
+
|
2111
|
+
def seed: () -> String?
|
2112
|
+
|
2113
|
+
def seed=: (String seed) -> String
|
2114
|
+
|
2115
|
+
def set_generator: ( Point generator, Integer order, Integer cofactor) -> self
|
2116
|
+
|
2117
|
+
def to_der: () -> String
|
2118
|
+
|
2119
|
+
def to_pem: () -> String
|
2120
|
+
|
2121
|
+
def to_text: () -> String
|
2122
|
+
|
2123
|
+
private
|
2124
|
+
|
2125
|
+
def initialize: (instance group) -> void
|
2126
|
+
| (String pem_or_der_encoded) -> void
|
2127
|
+
| (ec_method ec_method) -> void
|
2128
|
+
| (:GFp | :GF2m ec_method, Integer bignum_p, Integer bignum_a, Integer bignum_b) -> void
|
2129
|
+
|
2130
|
+
def initialize_copy: (instance) -> void
|
2131
|
+
|
2132
|
+
class Error < OpenSSL::OpenSSLError
|
2133
|
+
end
|
2134
|
+
end
|
2135
|
+
|
2136
|
+
class Point
|
2137
|
+
public
|
2138
|
+
|
2139
|
+
alias == eql?
|
2140
|
+
|
2141
|
+
def add: (instance point) -> instance
|
2142
|
+
|
2143
|
+
def eql?: (instance other) -> bool
|
2144
|
+
|
2145
|
+
def group: () -> Group
|
2146
|
+
|
2147
|
+
def infinity?: () -> bool
|
2148
|
+
|
2149
|
+
def invert!: () -> self
|
2150
|
+
|
2151
|
+
def make_affine!: () -> self
|
2152
|
+
|
2153
|
+
def mul: (bn bn1, ?bn bn2) -> instance
|
2154
|
+
| (Array[bn] bns, Array[instance], ?bn bn2) -> instance
|
2155
|
+
|
2156
|
+
def on_curve?: () -> bool
|
2157
|
+
|
2158
|
+
def set_to_infinity!: () -> self
|
2159
|
+
|
2160
|
+
def to_bn: (?point_conversion_format conversion_form) -> BN
|
2161
|
+
|
2162
|
+
def to_octet_string: (point_conversion_format) -> String
|
2163
|
+
|
2164
|
+
private
|
2165
|
+
|
2166
|
+
def initialize: (instance point) -> void
|
2167
|
+
| (Group group, ?(String | BN) encoded_point) -> void
|
2168
|
+
|
2169
|
+
def initialize_copy: (instance) -> void
|
2170
|
+
|
2171
|
+
class Error < OpenSSL::OpenSSLError
|
2172
|
+
end
|
2173
|
+
end
|
2174
|
+
end
|
2175
|
+
|
2176
|
+
class ECError < OpenSSL::PKey::PKeyError
|
2177
|
+
end
|
2178
|
+
|
2179
|
+
class PKey
|
2180
|
+
public
|
2181
|
+
|
2182
|
+
def inspect: () -> String
|
2183
|
+
|
2184
|
+
def oid: () -> String
|
2185
|
+
|
2186
|
+
def private_to_der: (String cipher, String password) -> String
|
2187
|
+
| () -> String
|
2188
|
+
|
2189
|
+
def private_to_pem: (String cipher, String password) -> String
|
2190
|
+
| () -> String
|
2191
|
+
|
2192
|
+
def public_to_der: () -> String
|
2193
|
+
|
2194
|
+
def public_to_pem: () -> String
|
2195
|
+
|
2196
|
+
def sign: (Digest digest, String data) -> String
|
2197
|
+
|
2198
|
+
def verify: (Digest digest, String signature, String data) -> bool
|
2199
|
+
|
2200
|
+
private
|
2201
|
+
|
2202
|
+
def initialize: () -> void
|
2203
|
+
end
|
2204
|
+
|
2205
|
+
class PKeyError < OpenSSL::OpenSSLError
|
2206
|
+
end
|
2207
|
+
|
2208
|
+
class RSA < OpenSSL::PKey::PKey
|
2209
|
+
include OpenSSL::Marshal
|
2210
|
+
|
2211
|
+
extend OpenSSL::Marshal::ClassMethods
|
2212
|
+
|
2213
|
+
def self.generate: (Integer size, ?Integer exponent) -> instance
|
2214
|
+
|
2215
|
+
public
|
2216
|
+
|
2217
|
+
def d: () -> BN?
|
2218
|
+
|
2219
|
+
def dmp1: () -> BN?
|
2220
|
+
|
2221
|
+
def dmq1: () -> BN?
|
2222
|
+
|
2223
|
+
def e: () -> BN?
|
2224
|
+
|
2225
|
+
def export: (String cipher, String password) -> String
|
2226
|
+
| () -> String
|
2227
|
+
|
2228
|
+
def iqmp: () -> BN?
|
2229
|
+
|
2230
|
+
def n: () -> BN?
|
2231
|
+
|
2232
|
+
def p: () -> BN?
|
2233
|
+
|
2234
|
+
def params: () -> Hash[String, BN]
|
2235
|
+
|
2236
|
+
def private?: () -> bool
|
2237
|
+
|
2238
|
+
def private_decrypt: (String data, ?Integer padding) -> String
|
2239
|
+
|
2240
|
+
def private_encrypt: (String data, ?Integer padding) -> String
|
2241
|
+
|
2242
|
+
def public?: () -> bool
|
2243
|
+
|
2244
|
+
def public_decrypt: (String data, ?Integer padding) -> String
|
2245
|
+
|
2246
|
+
def public_encrypt: (String data, ?Integer padding) -> String
|
2247
|
+
|
2248
|
+
def public_key: () -> instance
|
2249
|
+
|
2250
|
+
def q: () -> BN?
|
2251
|
+
|
2252
|
+
def set_crt_params: (bn dmp1, bn dmq1, bn iqmp) -> self
|
2253
|
+
|
2254
|
+
def set_factors: (bn p, bn q) -> self
|
2255
|
+
|
2256
|
+
def set_key: (bn n, bn e, bn d) -> self
|
2257
|
+
|
2258
|
+
def sign_pss: (String digest, String data, salt_length: :digest | :max | Integer, mgf1_hash: String) -> String
|
2259
|
+
|
2260
|
+
def to_der: () -> String
|
2261
|
+
|
2262
|
+
alias to_pem export
|
2263
|
+
|
2264
|
+
alias to_s export
|
2265
|
+
|
2266
|
+
def to_text: () -> String
|
2267
|
+
|
2268
|
+
def verify_pss: (String digest, String signature, String data, salt_length: :auto | :digest | Integer, mgf1_hash: String) -> bool
|
2269
|
+
|
2270
|
+
private
|
2271
|
+
|
2272
|
+
def initialize: (Integer key_size) -> void
|
2273
|
+
| (String encoded_key, ?String pass_phrase) -> void
|
2274
|
+
|
2275
|
+
def initialize_copy: (instance) -> void
|
2276
|
+
|
2277
|
+
NO_PADDING: Integer
|
2278
|
+
|
2279
|
+
PKCS1_OAEP_PADDING: Integer
|
2280
|
+
|
2281
|
+
PKCS1_PADDING: Integer
|
2282
|
+
|
2283
|
+
SSLV23_PADDING: Integer
|
2284
|
+
end
|
2285
|
+
|
2286
|
+
class RSAError < OpenSSL::PKey::PKeyError
|
2287
|
+
end
|
2288
|
+
end
|
2289
|
+
|
2290
|
+
module Random
|
2291
|
+
def self.load_random_file: (String filename) -> true
|
2292
|
+
|
2293
|
+
def self.random_add: (String str, Numeric entropy) -> self
|
2294
|
+
|
2295
|
+
def self.random_bytes: (Integer length) -> String
|
2296
|
+
|
2297
|
+
def self.seed: (String seed) -> String
|
2298
|
+
|
2299
|
+
def self.status?: () -> bool
|
2300
|
+
|
2301
|
+
def self.write_random_file: (String filename) -> true
|
2302
|
+
|
2303
|
+
class RandomError < OpenSSL::OpenSSLError
|
2304
|
+
end
|
2305
|
+
end
|
2306
|
+
|
2307
|
+
module SSL
|
2308
|
+
def self.verify_certificate_identity: (X509::Certificate cert, String hostname) -> bool
|
2309
|
+
|
2310
|
+
def self.verify_hostname: (String hostname, String san) -> bool
|
2311
|
+
|
2312
|
+
def self.verify_wildcard: (String domain_component, String san_component) -> bool
|
2313
|
+
|
2314
|
+
OP_ALL: Integer
|
2315
|
+
|
2316
|
+
OP_ALLOW_NO_DHE_KEX: Integer
|
2317
|
+
|
2318
|
+
OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: Integer
|
2319
|
+
|
2320
|
+
OP_CIPHER_SERVER_PREFERENCE: Integer
|
2321
|
+
|
2322
|
+
OP_CRYPTOPRO_TLSEXT_BUG: Integer
|
2323
|
+
|
2324
|
+
OP_DONT_INSERT_EMPTY_FRAGMENTS: Integer
|
2325
|
+
|
2326
|
+
OP_EPHEMERAL_RSA: Integer
|
2327
|
+
|
2328
|
+
OP_LEGACY_SERVER_CONNECT: Integer
|
2329
|
+
|
2330
|
+
OP_MICROSOFT_BIG_SSLV3_BUFFER: Integer
|
2331
|
+
|
2332
|
+
OP_MICROSOFT_SESS_ID_BUG: Integer
|
2333
|
+
|
2334
|
+
OP_MSIE_SSLV2_RSA_PADDING: Integer
|
2335
|
+
|
2336
|
+
OP_NETSCAPE_CA_DN_BUG: Integer
|
2337
|
+
|
2338
|
+
OP_NETSCAPE_CHALLENGE_BUG: Integer
|
2339
|
+
|
2340
|
+
OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG: Integer
|
2341
|
+
|
2342
|
+
OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: Integer
|
2343
|
+
|
2344
|
+
OP_NO_COMPRESSION: Integer
|
2345
|
+
|
2346
|
+
OP_NO_ENCRYPT_THEN_MAC: Integer
|
2347
|
+
|
2348
|
+
OP_NO_RENEGOTIATION: Integer
|
2349
|
+
|
2350
|
+
OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION: Integer
|
2351
|
+
|
2352
|
+
OP_NO_SSLv2: Integer
|
2353
|
+
|
2354
|
+
OP_NO_SSLv3: Integer
|
2355
|
+
|
2356
|
+
OP_NO_TICKET: Integer
|
2357
|
+
|
2358
|
+
OP_NO_TLSv1: Integer
|
2359
|
+
|
2360
|
+
OP_NO_TLSv1_1: Integer
|
2361
|
+
|
2362
|
+
OP_NO_TLSv1_2: Integer
|
2363
|
+
|
2364
|
+
OP_NO_TLSv1_3: Integer
|
2365
|
+
|
2366
|
+
OP_PKCS1_CHECK_1: Integer
|
2367
|
+
|
2368
|
+
OP_PKCS1_CHECK_2: Integer
|
2369
|
+
|
2370
|
+
OP_SAFARI_ECDHE_ECDSA_BUG: Integer
|
2371
|
+
|
2372
|
+
OP_SINGLE_DH_USE: Integer
|
2373
|
+
|
2374
|
+
OP_SINGLE_ECDH_USE: Integer
|
2375
|
+
|
2376
|
+
OP_SSLEAY_080_CLIENT_DH_BUG: Integer
|
2377
|
+
|
2378
|
+
OP_SSLREF2_REUSE_CERT_TYPE_BUG: Integer
|
2379
|
+
|
2380
|
+
OP_TLSEXT_PADDING: Integer
|
2381
|
+
|
2382
|
+
OP_TLS_BLOCK_PADDING_BUG: Integer
|
2383
|
+
|
2384
|
+
OP_TLS_D5_BUG: Integer
|
2385
|
+
|
2386
|
+
OP_TLS_ROLLBACK_BUG: Integer
|
2387
|
+
|
2388
|
+
SSL2_VERSION: Integer
|
2389
|
+
|
2390
|
+
SSL3_VERSION: Integer
|
2391
|
+
|
2392
|
+
TLS1_1_VERSION: Integer
|
2393
|
+
|
2394
|
+
TLS1_2_VERSION: Integer
|
2395
|
+
|
2396
|
+
TLS1_3_VERSION: Integer
|
2397
|
+
|
2398
|
+
TLS1_VERSION: Integer
|
2399
|
+
|
2400
|
+
VERIFY_CLIENT_ONCE: Integer
|
2401
|
+
|
2402
|
+
VERIFY_FAIL_IF_NO_PEER_CERT: Integer
|
2403
|
+
|
2404
|
+
VERIFY_NONE: Integer
|
2405
|
+
|
2406
|
+
VERIFY_PEER: Integer
|
2407
|
+
|
2408
|
+
type tls_version = Symbol | Integer
|
2409
|
+
|
2410
|
+
type verify_mode = Integer
|
2411
|
+
|
2412
|
+
class SSLContext
|
2413
|
+
public
|
2414
|
+
|
2415
|
+
def add_certificate: (X509::Certificate certificate, PKey::PKey pkey, ?Array[X509::Certificate] extra_certs) -> self
|
2416
|
+
|
2417
|
+
def alpn_protocols: () -> Array[String]?
|
2418
|
+
|
2419
|
+
def alpn_protocols=: (Array[String]) -> Array[String]
|
2420
|
+
|
2421
|
+
def alpn_select_cb: () -> (^(Array[String]) -> String? | nil)
|
2422
|
+
|
2423
|
+
def alpn_select_cb=: (^(Array[String]) -> String? alpn_select_callback) -> void
|
2424
|
+
|
2425
|
+
def ca_file: () -> String
|
2426
|
+
|
2427
|
+
def ca_file=: (String ca_file) -> String
|
2428
|
+
|
2429
|
+
def ca_path: () -> String?
|
2430
|
+
|
2431
|
+
def ca_path=: (String ca_path) -> String
|
2432
|
+
|
2433
|
+
def cert: () -> X509::Certificate?
|
2434
|
+
|
2435
|
+
def cert=: ( X509::Certificate cert) -> X509::Certificate
|
2436
|
+
|
2437
|
+
def cert_store: () -> X509::Store?
|
2438
|
+
|
2439
|
+
def cert_store=: (X509::Store store) -> X509::Store
|
2440
|
+
|
2441
|
+
def ciphers: () -> Array[[String, String, Integer, Integer]]
|
2442
|
+
|
2443
|
+
def ciphers=: (Array[[String, String, Integer, Integer]] ciphers) -> void
|
2444
|
+
| (Array[String] ciphers) -> void
|
2445
|
+
| (String colon_sep_ciphers) -> void
|
2446
|
+
|
2447
|
+
def client_ca: () -> (Array[X509::Certificate] | X509::Certificate)
|
2448
|
+
|
2449
|
+
def client_ca=: (Array[X509::Certificate] | X509::Certificate client_ca) -> void
|
2450
|
+
|
2451
|
+
def client_cert_cb: () -> (^(Session) -> [X509::Certificate, PKey::PKey]? | nil)
|
2452
|
+
|
2453
|
+
def client_cert_cb=: (^(Session) -> [X509::Certificate, PKey::PKey]? client_cert_cb) -> void
|
2454
|
+
|
2455
|
+
def ecdh_curves=: (String ecdh_curves) -> String
|
2456
|
+
|
2457
|
+
def enable_fallback_scsv: () -> nil
|
2458
|
+
|
2459
|
+
def extra_chain_cert: () -> Array[X509::Certificate]?
|
2460
|
+
|
2461
|
+
def extra_chain_cert=: (Array[X509::Certificate] extra_certs) -> Array[X509::Certificate]
|
2462
|
+
|
2463
|
+
def flush_sessions: (Time time) -> self
|
2464
|
+
|
2465
|
+
alias freeze setup
|
2466
|
+
|
2467
|
+
def key: () -> PKey::PKey?
|
2468
|
+
|
2469
|
+
def key=: (PKey::PKey) -> PKey::PKey
|
2470
|
+
|
2471
|
+
def max_version=: (tls_version version) -> tls_version
|
2472
|
+
|
2473
|
+
def min_version=: (tls_version version) -> tls_version
|
2474
|
+
|
2475
|
+
def npn_protocols: () -> untyped
|
2476
|
+
|
2477
|
+
def npn_protocols=: (untyped) -> untyped
|
2478
|
+
|
2479
|
+
def npn_select_cb: () -> untyped
|
2480
|
+
|
2481
|
+
def npn_select_cb=: (untyped) -> untyped
|
2482
|
+
|
2483
|
+
def options: () -> Integer
|
2484
|
+
|
2485
|
+
def options=: (Integer ssl_options) -> Integer
|
2486
|
+
|
2487
|
+
def renegotiation_cb: () -> (^(SSLSocket) -> void | nil)
|
2488
|
+
|
2489
|
+
def renegotiation_cb=: (^(SSLSocket) -> void) -> void
|
2490
|
+
|
2491
|
+
def security_level: () -> Integer
|
2492
|
+
|
2493
|
+
def security_level=: (Integer sec_level) -> Integer
|
2494
|
+
|
2495
|
+
def servername_cb: () -> (^(SSLSocket, String) -> SSLContext? | nil)
|
2496
|
+
|
2497
|
+
def servername_cb=: (^(SSLSocket, String) -> SSLContext?) -> ^(SSLSocket, String) -> SSLContext?
|
2498
|
+
|
2499
|
+
def session_add: (Session) -> bool
|
2500
|
+
|
2501
|
+
def session_cache_mode: () -> Integer
|
2502
|
+
|
2503
|
+
def session_cache_mode=: (Integer) -> Integer
|
2504
|
+
|
2505
|
+
def session_cache_size: () -> Integer
|
2506
|
+
|
2507
|
+
def session_cache_size=: (Integer) -> Integer
|
2508
|
+
|
2509
|
+
def session_cache_stats: () -> Hash[Symbol, Integer]
|
2510
|
+
|
2511
|
+
def session_get_cb: () -> (^(SSLSocket, Integer) -> Session? | nil)
|
2512
|
+
|
2513
|
+
def session_get_cb=: (^(SSLSocket, Integer) -> Session?) -> void
|
2514
|
+
|
2515
|
+
def session_id_context: () -> Integer?
|
2516
|
+
|
2517
|
+
def session_id_context=: (Integer) -> Integer
|
2518
|
+
|
2519
|
+
def session_new_cb: () -> (^(SSLSocket) -> untyped | nil)
|
2520
|
+
|
2521
|
+
def session_new_cb=: (^(SSLSocket) -> untyped) -> ^(SSLSocket) -> untyped
|
2522
|
+
|
2523
|
+
def session_remove: (Session session) -> bool
|
2524
|
+
|
2525
|
+
def session_remove_cb: () -> (^(SSLContext, Session) -> void | nil)
|
2526
|
+
|
2527
|
+
def session_remove_cb=: (^(SSLContext, Session) -> void ) -> void
|
2528
|
+
|
2529
|
+
def set_params: (?untyped params) -> untyped
|
2530
|
+
|
2531
|
+
def setup: () -> untyped
|
2532
|
+
|
2533
|
+
alias ssl_timeout timeout
|
2534
|
+
|
2535
|
+
alias ssl_timeout= timeout=
|
2536
|
+
|
2537
|
+
def ssl_version=: (tls_version meth) -> tls_version
|
2538
|
+
|
2539
|
+
def timeout: () -> Integer?
|
2540
|
+
|
2541
|
+
def timeout=: (Integer) -> Integer
|
2542
|
+
|
2543
|
+
def tmp_dh_callback: () -> (^(Session, Integer, Integer) -> PKey::DH | nil)
|
2544
|
+
|
2545
|
+
def tmp_dh_callback=: (^(Session, Integer, Integer) -> PKey::DH) -> void
|
2546
|
+
|
2547
|
+
def verify_callback: () -> (^(bool, X509::StoreContext) -> untyped | nil)
|
2548
|
+
|
2549
|
+
def verify_callback=: (^(bool, X509::StoreContext) -> untyped) -> void
|
2550
|
+
|
2551
|
+
def verify_depth: () -> Integer?
|
2552
|
+
|
2553
|
+
def verify_depth=: (Integer) -> Integer
|
2554
|
+
|
2555
|
+
def verify_hostname: () -> bool?
|
2556
|
+
|
2557
|
+
def verify_hostname=: [U] (boolish) -> U
|
2558
|
+
|
2559
|
+
def verify_mode: () -> verify_mode?
|
2560
|
+
|
2561
|
+
def verify_mode=: (verify_mode) -> verify_mode
|
2562
|
+
|
2563
|
+
private
|
2564
|
+
|
2565
|
+
def initialize: (?tls_version version) -> void
|
2566
|
+
|
2567
|
+
def set_minmax_proto_version: (untyped, untyped) -> untyped
|
2568
|
+
|
2569
|
+
DEFAULT_CERT_STORE: X509::Store
|
2570
|
+
|
2571
|
+
DEFAULT_PARAMS: Hash[Symbol, untyped]
|
2572
|
+
|
2573
|
+
DEFAULT_TMP_DH_CALLBACK: Proc
|
2574
|
+
|
2575
|
+
METHODS: Array[Symbol]
|
2576
|
+
|
2577
|
+
SESSION_CACHE_BOTH: Integer
|
2578
|
+
|
2579
|
+
SESSION_CACHE_CLIENT: Integer
|
2580
|
+
|
2581
|
+
SESSION_CACHE_NO_AUTO_CLEAR: Integer
|
2582
|
+
|
2583
|
+
SESSION_CACHE_NO_INTERNAL: Integer
|
2584
|
+
|
2585
|
+
SESSION_CACHE_NO_INTERNAL_LOOKUP: Integer
|
2586
|
+
|
2587
|
+
SESSION_CACHE_NO_INTERNAL_STORE: Integer
|
2588
|
+
|
2589
|
+
SESSION_CACHE_OFF: Integer
|
2590
|
+
|
2591
|
+
SESSION_CACHE_SERVER: Integer
|
2592
|
+
end
|
2593
|
+
|
2594
|
+
class SSLError < OpenSSL::OpenSSLError
|
2595
|
+
end
|
2596
|
+
|
2597
|
+
class SSLErrorWaitReadable < OpenSSL::SSL::SSLError
|
2598
|
+
include IO::WaitReadable
|
2599
|
+
end
|
2600
|
+
|
2601
|
+
class SSLErrorWaitWritable < OpenSSL::SSL::SSLError
|
2602
|
+
include IO::WaitWritable
|
2603
|
+
end
|
2604
|
+
|
2605
|
+
class SSLServer
|
2606
|
+
include OpenSSL::SSL::SocketForwarder
|
2607
|
+
|
2608
|
+
public
|
2609
|
+
|
2610
|
+
def accept: () -> SSLSocket
|
2611
|
+
|
2612
|
+
def close: () -> nil
|
2613
|
+
|
2614
|
+
def listen: (Integer backlog) -> void
|
2615
|
+
|
2616
|
+
def shutdown: (Symbol | String | Integer how) -> void
|
2617
|
+
|
2618
|
+
def start_immediately: () -> bool
|
2619
|
+
|
2620
|
+
def start_immediately=: [U] (boolish) -> U
|
2621
|
+
|
2622
|
+
def to_io: () -> (TCPServer | UNIXServer)
|
2623
|
+
|
2624
|
+
private
|
2625
|
+
|
2626
|
+
def initialize: (TCPServer | UNIXServer svr, untyped ctx) -> void
|
2627
|
+
end
|
2628
|
+
|
2629
|
+
class SSLSocket
|
2630
|
+
include OpenSSL::SSL::SocketForwarder
|
2631
|
+
|
2632
|
+
include OpenSSL::Buffering
|
2633
|
+
|
2634
|
+
def self.open: (untyped remote_host, untyped remote_port, ?untyped local_host, ?untyped local_port, ?context: untyped) -> untyped
|
2635
|
+
|
2636
|
+
public
|
2637
|
+
|
2638
|
+
def accept: () -> self
|
2639
|
+
|
2640
|
+
def accept_nonblock: (?exception: true) -> self
|
2641
|
+
| (exception: false) -> (self | :wait_readable | :wait_writable)
|
2642
|
+
|
2643
|
+
def alpn_protocol: () -> String?
|
2644
|
+
|
2645
|
+
def cert: () -> X509::Certificate?
|
2646
|
+
|
2647
|
+
def cipher: () -> [String, String, Integer, Integer]?
|
2648
|
+
|
2649
|
+
def client_ca: () -> (Array[X509::Name] | Array[X509::Certificate] | X509::Certificate)
|
2650
|
+
|
2651
|
+
def connect: () -> self
|
2652
|
+
|
2653
|
+
def connect_nonblock: (?exception: true) -> self
|
2654
|
+
| (exception: false) -> (self | :wait_readable | :wait_writable)
|
2655
|
+
|
2656
|
+
def context: () -> SSLContext
|
2657
|
+
|
2658
|
+
def finished_message: () -> String?
|
2659
|
+
|
2660
|
+
def hostname: () -> String?
|
2661
|
+
|
2662
|
+
def hostname=: (String) -> String
|
2663
|
+
|
2664
|
+
def io: () -> BasicSocket
|
2665
|
+
|
2666
|
+
def npn_protocol: () -> String?
|
2667
|
+
|
2668
|
+
def peer_cert: () -> X509::Certificate?
|
2669
|
+
|
2670
|
+
def peer_cert_chain: () -> Array[X509::Certificate]?
|
2671
|
+
|
2672
|
+
def peer_finished_message: () -> String?
|
2673
|
+
|
2674
|
+
def pending: () -> Integer
|
2675
|
+
|
2676
|
+
def post_connection_check: (String hostname) -> true
|
2677
|
+
|
2678
|
+
def session: () -> Session?
|
2679
|
+
|
2680
|
+
def session=: (Session) -> Session
|
2681
|
+
|
2682
|
+
def session_reused?: () -> bool
|
2683
|
+
|
2684
|
+
def ssl_version: () -> tls_version
|
2685
|
+
|
2686
|
+
def state: () -> String
|
2687
|
+
|
2688
|
+
def sync_close: () -> bool
|
2689
|
+
|
2690
|
+
def sync_close=: [U] (boolish) -> U
|
2691
|
+
|
2692
|
+
def sysclose: () -> nil
|
2693
|
+
|
2694
|
+
def sysread: (Integer length, ?String buffer) -> String
|
2695
|
+
|
2696
|
+
def syswrite: (String data) -> Integer
|
2697
|
+
|
2698
|
+
def tmp_key: () -> PKey::PKey?
|
2699
|
+
|
2700
|
+
alias to_io io
|
2701
|
+
|
2702
|
+
def verify_result: () -> Integer
|
2703
|
+
|
2704
|
+
private
|
2705
|
+
|
2706
|
+
def client_cert_cb: () -> untyped
|
2707
|
+
|
2708
|
+
def initialize: (*untyped) -> void
|
2709
|
+
|
2710
|
+
def session_get_cb: () -> untyped
|
2711
|
+
|
2712
|
+
def session_new_cb: () -> untyped
|
2713
|
+
|
2714
|
+
def stop: () -> untyped
|
2715
|
+
|
2716
|
+
def sysread_nonblock: (*untyped) -> untyped
|
2717
|
+
|
2718
|
+
def syswrite_nonblock: (*untyped) -> untyped
|
2719
|
+
|
2720
|
+
def tmp_dh_callback: () -> untyped
|
2721
|
+
|
2722
|
+
def tmp_ecdh_callback: () -> untyped
|
2723
|
+
|
2724
|
+
def using_anon_cipher?: () -> untyped
|
2725
|
+
end
|
2726
|
+
|
2727
|
+
class Session
|
2728
|
+
public
|
2729
|
+
|
2730
|
+
def ==: (instance other) -> bool
|
2731
|
+
|
2732
|
+
def id: () -> String
|
2733
|
+
|
2734
|
+
def time: () -> Time
|
2735
|
+
|
2736
|
+
def time=: (Time | Integer start_time) -> Time
|
2737
|
+
|
2738
|
+
def timeout: () -> Integer
|
2739
|
+
|
2740
|
+
def timeout=: (Integer timeout) -> Integer
|
2741
|
+
|
2742
|
+
def to_der: () -> String
|
2743
|
+
|
2744
|
+
def to_pem: () -> String
|
2745
|
+
|
2746
|
+
def to_text: () -> String
|
2747
|
+
|
2748
|
+
private
|
2749
|
+
|
2750
|
+
def initialize: (SSLSocket | String sock_or_str) -> void
|
2751
|
+
|
2752
|
+
def initialize_copy: (instance) -> void
|
2753
|
+
|
2754
|
+
class SessionError < OpenSSL::OpenSSLError
|
2755
|
+
end
|
2756
|
+
end
|
2757
|
+
|
2758
|
+
module SocketForwarder
|
2759
|
+
public
|
2760
|
+
|
2761
|
+
def addr: () -> Addrinfo?
|
2762
|
+
|
2763
|
+
def closed?: () -> untyped
|
2764
|
+
|
2765
|
+
def do_not_reverse_lookup=: (boolish flag) -> boolish
|
2766
|
+
|
2767
|
+
def fcntl: (*untyped args) -> untyped
|
2768
|
+
|
2769
|
+
def fileno: () -> Integer
|
2770
|
+
|
2771
|
+
def getsockopt: (Symbol | Integer level, Symbol | Integer optname) -> (Integer | boolish | String)
|
2772
|
+
|
2773
|
+
def peeraddr: () -> untyped
|
2774
|
+
|
2775
|
+
def setsockopt: (untyped level, untyped optname, untyped optval) -> untyped
|
2776
|
+
end
|
2777
|
+
end
|
2778
|
+
|
2779
|
+
module Timestamp
|
2780
|
+
class Factory
|
2781
|
+
public
|
2782
|
+
|
2783
|
+
def additional_certs: () -> Array[X509::Certificate]?
|
2784
|
+
|
2785
|
+
def additional_certs=: (Array[X509::Certificate]? certs) -> Array[X509::Certificate]?
|
2786
|
+
|
2787
|
+
def allowed_digests: () -> Array[String | Digest]?
|
2788
|
+
|
2789
|
+
def allowed_digests=: (Array[String | Digest]) -> Array[String | Digest]
|
2790
|
+
|
2791
|
+
def create_timestamp: (PKey::PKey key, X509::Certificate cert, Request request) -> Response
|
2792
|
+
|
2793
|
+
def default_policy_id: () -> String?
|
2794
|
+
|
2795
|
+
def default_policy_id=: (String) -> String
|
2796
|
+
|
2797
|
+
def gen_time: () -> Time?
|
2798
|
+
|
2799
|
+
def gen_time=: (Time) -> Time
|
2800
|
+
|
2801
|
+
def serial_number: () -> Integer?
|
2802
|
+
|
2803
|
+
def serial_number=: (Integer) -> Integer
|
2804
|
+
end
|
2805
|
+
|
2806
|
+
class Request
|
2807
|
+
public
|
2808
|
+
|
2809
|
+
def algorithm: () -> String
|
2810
|
+
|
2811
|
+
def algorithm=: (String) -> String
|
2812
|
+
|
2813
|
+
def cert_requested=: [U] (boolish) -> U
|
2814
|
+
|
2815
|
+
def cert_requested?: () -> bool
|
2816
|
+
|
2817
|
+
def message_imprint: () -> String?
|
2818
|
+
|
2819
|
+
def message_imprint=: (String) -> String
|
2820
|
+
|
2821
|
+
def nonce: () -> BN?
|
2822
|
+
|
2823
|
+
def nonce=: (bn nonce) -> BN
|
2824
|
+
|
2825
|
+
def policy_id: () -> String?
|
2826
|
+
|
2827
|
+
def policy_id=: (String policy_id) -> String
|
2828
|
+
|
2829
|
+
def to_der: () -> String
|
2830
|
+
|
2831
|
+
def version: () -> Integer
|
2832
|
+
|
2833
|
+
def version=: (Integer) -> Integer
|
2834
|
+
|
2835
|
+
private
|
2836
|
+
|
2837
|
+
def initialize: (?(File | String) request_der) -> void
|
2838
|
+
end
|
2839
|
+
|
2840
|
+
class Response
|
2841
|
+
public
|
2842
|
+
|
2843
|
+
def failure_info: () -> Symbol?
|
2844
|
+
|
2845
|
+
def status: () -> BN
|
2846
|
+
|
2847
|
+
def status_text: () -> Array[String]?
|
2848
|
+
|
2849
|
+
def to_der: () -> String
|
2850
|
+
|
2851
|
+
def token: () -> PKCS7?
|
2852
|
+
|
2853
|
+
def token_info: () -> TokenInfo?
|
2854
|
+
|
2855
|
+
def tsa_certificate: () -> X509::Certificate?
|
2856
|
+
|
2857
|
+
def verify: (Request request, X509::Store store, ?X509::Certificate intermediate_cert) -> instance
|
2858
|
+
|
2859
|
+
private
|
2860
|
+
|
2861
|
+
def initialize: (File | String response_der) -> void
|
2862
|
+
|
2863
|
+
GRANTED: Integer
|
2864
|
+
|
2865
|
+
GRANTED_WITH_MODS: Integer
|
2866
|
+
|
2867
|
+
REJECTION: Integer
|
2868
|
+
|
2869
|
+
REVOCATION_NOTIFICATION: Integer
|
2870
|
+
|
2871
|
+
REVOCATION_WARNING: Integer
|
2872
|
+
|
2873
|
+
WAITING: Integer
|
2874
|
+
end
|
2875
|
+
|
2876
|
+
class TimestampError < OpenSSL::OpenSSLError
|
2877
|
+
end
|
2878
|
+
|
2879
|
+
class TokenInfo
|
2880
|
+
public
|
2881
|
+
|
2882
|
+
def algorithm: () -> String?
|
2883
|
+
|
2884
|
+
def gen_time: () -> Time
|
2885
|
+
|
2886
|
+
def message_imprint: () -> String
|
2887
|
+
|
2888
|
+
def nonce: () -> BN?
|
2889
|
+
|
2890
|
+
def ordering: () -> bool?
|
2891
|
+
|
2892
|
+
def policy_id: () -> String?
|
2893
|
+
|
2894
|
+
def serial_number: () -> BN?
|
2895
|
+
|
2896
|
+
def to_der: () -> String
|
2897
|
+
|
2898
|
+
def version: () -> Integer
|
2899
|
+
|
2900
|
+
private
|
2901
|
+
|
2902
|
+
def initialize: (File | String token_der) -> void
|
2903
|
+
end
|
2904
|
+
end
|
2905
|
+
|
2906
|
+
module X509
|
2907
|
+
DEFAULT_CERT_AREA: String
|
2908
|
+
|
2909
|
+
DEFAULT_CERT_DIR: String
|
2910
|
+
|
2911
|
+
DEFAULT_CERT_DIR_ENV: String
|
2912
|
+
|
2913
|
+
DEFAULT_CERT_FILE: String
|
2914
|
+
|
2915
|
+
DEFAULT_CERT_FILE_ENV: String
|
2916
|
+
|
2917
|
+
DEFAULT_PRIVATE_DIR: String
|
2918
|
+
|
2919
|
+
PURPOSE_ANY: Integer
|
2920
|
+
|
2921
|
+
PURPOSE_CRL_SIGN: Integer
|
2922
|
+
|
2923
|
+
PURPOSE_NS_SSL_SERVER: Integer
|
2924
|
+
|
2925
|
+
PURPOSE_OCSP_HELPER: Integer
|
2926
|
+
|
2927
|
+
PURPOSE_SMIME_ENCRYPT: Integer
|
2928
|
+
|
2929
|
+
PURPOSE_SMIME_SIGN: Integer
|
2930
|
+
|
2931
|
+
PURPOSE_SSL_CLIENT: Integer
|
2932
|
+
|
2933
|
+
PURPOSE_SSL_SERVER: Integer
|
2934
|
+
|
2935
|
+
PURPOSE_TIMESTAMP_SIGN: Integer
|
2936
|
+
|
2937
|
+
TRUST_COMPAT: Integer
|
2938
|
+
|
2939
|
+
TRUST_EMAIL: Integer
|
2940
|
+
|
2941
|
+
TRUST_OBJECT_SIGN: Integer
|
2942
|
+
|
2943
|
+
TRUST_OCSP_REQUEST: Integer
|
2944
|
+
|
2945
|
+
TRUST_OCSP_SIGN: Integer
|
2946
|
+
|
2947
|
+
TRUST_SSL_CLIENT: Integer
|
2948
|
+
|
2949
|
+
TRUST_SSL_SERVER: Integer
|
2950
|
+
|
2951
|
+
TRUST_TSA: Integer
|
2952
|
+
|
2953
|
+
V_ERR_AKID_ISSUER_SERIAL_MISMATCH: Integer
|
2954
|
+
|
2955
|
+
V_ERR_AKID_SKID_MISMATCH: Integer
|
2956
|
+
|
2957
|
+
V_ERR_APPLICATION_VERIFICATION: Integer
|
2958
|
+
|
2959
|
+
V_ERR_CA_KEY_TOO_SMALL: Integer
|
2960
|
+
|
2961
|
+
V_ERR_CA_MD_TOO_WEAK: Integer
|
2962
|
+
|
2963
|
+
V_ERR_CERT_CHAIN_TOO_LONG: Integer
|
2964
|
+
|
2965
|
+
V_ERR_CERT_HAS_EXPIRED: Integer
|
2966
|
+
|
2967
|
+
V_ERR_CERT_NOT_YET_VALID: Integer
|
2968
|
+
|
2969
|
+
V_ERR_CERT_REJECTED: Integer
|
2970
|
+
|
2971
|
+
V_ERR_CERT_REVOKED: Integer
|
2972
|
+
|
2973
|
+
V_ERR_CERT_SIGNATURE_FAILURE: Integer
|
2974
|
+
|
2975
|
+
V_ERR_CERT_UNTRUSTED: Integer
|
2976
|
+
|
2977
|
+
V_ERR_CRL_HAS_EXPIRED: Integer
|
2978
|
+
|
2979
|
+
V_ERR_CRL_NOT_YET_VALID: Integer
|
2980
|
+
|
2981
|
+
V_ERR_CRL_PATH_VALIDATION_ERROR: Integer
|
2982
|
+
|
2983
|
+
V_ERR_CRL_SIGNATURE_FAILURE: Integer
|
2984
|
+
|
2985
|
+
V_ERR_DANE_NO_MATCH: Integer
|
2986
|
+
|
2987
|
+
V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: Integer
|
2988
|
+
|
2989
|
+
V_ERR_DIFFERENT_CRL_SCOPE: Integer
|
2990
|
+
|
2991
|
+
V_ERR_EE_KEY_TOO_SMALL: Integer
|
2992
|
+
|
2993
|
+
V_ERR_EMAIL_MISMATCH: Integer
|
2994
|
+
|
2995
|
+
V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: Integer
|
2996
|
+
|
2997
|
+
V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: Integer
|
2998
|
+
|
2999
|
+
V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: Integer
|
3000
|
+
|
3001
|
+
V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: Integer
|
3002
|
+
|
3003
|
+
V_ERR_EXCLUDED_VIOLATION: Integer
|
3004
|
+
|
3005
|
+
V_ERR_HOSTNAME_MISMATCH: Integer
|
3006
|
+
|
3007
|
+
V_ERR_INVALID_CA: Integer
|
3008
|
+
|
3009
|
+
V_ERR_INVALID_CALL: Integer
|
3010
|
+
|
3011
|
+
V_ERR_INVALID_EXTENSION: Integer
|
3012
|
+
|
3013
|
+
V_ERR_INVALID_NON_CA: Integer
|
3014
|
+
|
3015
|
+
V_ERR_INVALID_POLICY_EXTENSION: Integer
|
3016
|
+
|
3017
|
+
V_ERR_INVALID_PURPOSE: Integer
|
3018
|
+
|
3019
|
+
V_ERR_IP_ADDRESS_MISMATCH: Integer
|
3020
|
+
|
3021
|
+
V_ERR_KEYUSAGE_NO_CERTSIGN: Integer
|
3022
|
+
|
3023
|
+
V_ERR_KEYUSAGE_NO_CRL_SIGN: Integer
|
3024
|
+
|
3025
|
+
V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE: Integer
|
3026
|
+
|
3027
|
+
V_ERR_NO_EXPLICIT_POLICY: Integer
|
3028
|
+
|
3029
|
+
V_ERR_NO_VALID_SCTS: Integer
|
3030
|
+
|
3031
|
+
V_ERR_OCSP_CERT_UNKNOWN: Integer
|
3032
|
+
|
3033
|
+
V_ERR_OCSP_VERIFY_FAILED: Integer
|
3034
|
+
|
3035
|
+
V_ERR_OCSP_VERIFY_NEEDED: Integer
|
3036
|
+
|
3037
|
+
V_ERR_OUT_OF_MEM: Integer
|
3038
|
+
|
3039
|
+
V_ERR_PATH_LENGTH_EXCEEDED: Integer
|
3040
|
+
|
3041
|
+
V_ERR_PATH_LOOP: Integer
|
3042
|
+
|
3043
|
+
V_ERR_PERMITTED_VIOLATION: Integer
|
3044
|
+
|
3045
|
+
V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: Integer
|
3046
|
+
|
3047
|
+
V_ERR_PROXY_PATH_LENGTH_EXCEEDED: Integer
|
3048
|
+
|
3049
|
+
V_ERR_PROXY_SUBJECT_NAME_VIOLATION: Integer
|
3050
|
+
|
3051
|
+
V_ERR_SELF_SIGNED_CERT_IN_CHAIN: Integer
|
3052
|
+
|
3053
|
+
V_ERR_STORE_LOOKUP: Integer
|
3054
|
+
|
3055
|
+
V_ERR_SUBJECT_ISSUER_MISMATCH: Integer
|
3056
|
+
|
3057
|
+
V_ERR_SUBTREE_MINMAX: Integer
|
3058
|
+
|
3059
|
+
V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256: Integer
|
3060
|
+
|
3061
|
+
V_ERR_SUITE_B_INVALID_ALGORITHM: Integer
|
3062
|
+
|
3063
|
+
V_ERR_SUITE_B_INVALID_CURVE: Integer
|
3064
|
+
|
3065
|
+
V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM: Integer
|
3066
|
+
|
3067
|
+
V_ERR_SUITE_B_INVALID_VERSION: Integer
|
3068
|
+
|
3069
|
+
V_ERR_SUITE_B_LOS_NOT_ALLOWED: Integer
|
3070
|
+
|
3071
|
+
V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: Integer
|
3072
|
+
|
3073
|
+
V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: Integer
|
3074
|
+
|
3075
|
+
V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: Integer
|
3076
|
+
|
3077
|
+
V_ERR_UNABLE_TO_GET_CRL: Integer
|
3078
|
+
|
3079
|
+
V_ERR_UNABLE_TO_GET_CRL_ISSUER: Integer
|
3080
|
+
|
3081
|
+
V_ERR_UNABLE_TO_GET_ISSUER_CERT: Integer
|
3082
|
+
|
3083
|
+
V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: Integer
|
3084
|
+
|
3085
|
+
V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: Integer
|
3086
|
+
|
3087
|
+
V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: Integer
|
3088
|
+
|
3089
|
+
V_ERR_UNHANDLED_CRITICAL_EXTENSION: Integer
|
3090
|
+
|
3091
|
+
V_ERR_UNNESTED_RESOURCE: Integer
|
3092
|
+
|
3093
|
+
V_ERR_UNSPECIFIED: Integer
|
3094
|
+
|
3095
|
+
V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: Integer
|
3096
|
+
|
3097
|
+
V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: Integer
|
3098
|
+
|
3099
|
+
V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Integer
|
3100
|
+
|
3101
|
+
V_ERR_UNSUPPORTED_NAME_SYNTAX: Integer
|
3102
|
+
|
3103
|
+
V_FLAG_ALLOW_PROXY_CERTS: Integer
|
3104
|
+
|
3105
|
+
V_FLAG_CHECK_SS_SIGNATURE: Integer
|
3106
|
+
|
3107
|
+
V_FLAG_CRL_CHECK: Integer
|
3108
|
+
|
3109
|
+
V_FLAG_CRL_CHECK_ALL: Integer
|
3110
|
+
|
3111
|
+
V_FLAG_EXPLICIT_POLICY: Integer
|
3112
|
+
|
3113
|
+
V_FLAG_EXTENDED_CRL_SUPPORT: Integer
|
3114
|
+
|
3115
|
+
V_FLAG_IGNORE_CRITICAL: Integer
|
3116
|
+
|
3117
|
+
V_FLAG_INHIBIT_ANY: Integer
|
3118
|
+
|
3119
|
+
V_FLAG_INHIBIT_MAP: Integer
|
3120
|
+
|
3121
|
+
V_FLAG_NOTIFY_POLICY: Integer
|
3122
|
+
|
3123
|
+
V_FLAG_NO_ALT_CHAINS: Integer
|
3124
|
+
|
3125
|
+
V_FLAG_NO_CHECK_TIME: Integer
|
3126
|
+
|
3127
|
+
V_FLAG_PARTIAL_CHAIN: Integer
|
3128
|
+
|
3129
|
+
V_FLAG_POLICY_CHECK: Integer
|
3130
|
+
|
3131
|
+
V_FLAG_SUITEB_128_LOS: Integer
|
3132
|
+
|
3133
|
+
V_FLAG_SUITEB_128_LOS_ONLY: Integer
|
3134
|
+
|
3135
|
+
V_FLAG_SUITEB_192_LOS: Integer
|
3136
|
+
|
3137
|
+
V_FLAG_TRUSTED_FIRST: Integer
|
3138
|
+
|
3139
|
+
V_FLAG_USE_CHECK_TIME: Integer
|
3140
|
+
|
3141
|
+
V_FLAG_USE_DELTAS: Integer
|
3142
|
+
|
3143
|
+
V_FLAG_X509_STRICT: Integer
|
3144
|
+
|
3145
|
+
V_OK: Integer
|
3146
|
+
|
3147
|
+
class Attribute
|
3148
|
+
include OpenSSL::Marshal
|
3149
|
+
|
3150
|
+
extend OpenSSL::Marshal::ClassMethods
|
3151
|
+
|
3152
|
+
public
|
3153
|
+
|
3154
|
+
def ==: (instance other) -> bool
|
3155
|
+
|
3156
|
+
def oid: () -> String
|
3157
|
+
|
3158
|
+
def oid=: (String) -> String
|
3159
|
+
|
3160
|
+
def to_der: () -> String
|
3161
|
+
|
3162
|
+
def value: () -> ASN1::Set
|
3163
|
+
|
3164
|
+
def value=: (ASN1::ASN1Data) -> ASN1::Set
|
3165
|
+
|
3166
|
+
private
|
3167
|
+
|
3168
|
+
def initialize: (String der) -> void
|
3169
|
+
| (String oid, ASN1::ASN1Data value) -> void
|
3170
|
+
|
3171
|
+
def initialize_copy: (instance) -> void
|
3172
|
+
end
|
3173
|
+
|
3174
|
+
class AttributeError < OpenSSL::OpenSSLError
|
3175
|
+
end
|
3176
|
+
|
3177
|
+
class CRL
|
3178
|
+
include OpenSSL::X509::Extension::AuthorityKeyIdentifier
|
3179
|
+
|
3180
|
+
include OpenSSL::Marshal
|
3181
|
+
|
3182
|
+
extend OpenSSL::Marshal::ClassMethods
|
3183
|
+
|
3184
|
+
public
|
3185
|
+
|
3186
|
+
def ==: (instance other) -> bool
|
3187
|
+
|
3188
|
+
def add_extension: (Extension ext) -> Extension
|
3189
|
+
|
3190
|
+
def add_revoked: (Revoked revoked) -> Revoked
|
3191
|
+
|
3192
|
+
def extensions: () -> Array[Extension]
|
3193
|
+
|
3194
|
+
def extensions=: (Array[Extension] extensions) -> Array[Extension]
|
3195
|
+
|
3196
|
+
def issuer: () -> X509::Name
|
3197
|
+
|
3198
|
+
def issuer=: (X509::Name issuer) -> X509::Name
|
3199
|
+
|
3200
|
+
def last_update: () -> Time?
|
3201
|
+
|
3202
|
+
def last_update=: (Time last_update) -> Time
|
3203
|
+
|
3204
|
+
def next_update: () -> Time?
|
3205
|
+
|
3206
|
+
def next_update=: (Time next_update) -> Time
|
3207
|
+
|
3208
|
+
def revoked: () -> Array[Revoked]
|
3209
|
+
|
3210
|
+
def revoked=: (Array[Revoked]) -> Array[Revoked]
|
3211
|
+
|
3212
|
+
def sign: (PKey::PKey key, Digest digest) -> String
|
3213
|
+
|
3214
|
+
def signature_algorithm: () -> String
|
3215
|
+
|
3216
|
+
def to_der: () -> String
|
3217
|
+
|
3218
|
+
def to_pem: () -> String
|
3219
|
+
|
3220
|
+
alias to_s to_pem
|
3221
|
+
|
3222
|
+
def to_text: () -> String
|
3223
|
+
|
3224
|
+
def verify: (PKey::PKey key) -> bool
|
3225
|
+
|
3226
|
+
def version: () -> Integer
|
3227
|
+
|
3228
|
+
def version=: (Integer) -> Integer
|
3229
|
+
|
3230
|
+
private
|
3231
|
+
|
3232
|
+
def initialize: (?String der) -> void
|
3233
|
+
|
3234
|
+
def initialize_copy: (instance) -> void
|
3235
|
+
end
|
3236
|
+
|
3237
|
+
class CRLError < OpenSSL::OpenSSLError
|
3238
|
+
end
|
3239
|
+
|
3240
|
+
class Certificate
|
3241
|
+
include OpenSSL::X509::Extension::AuthorityInfoAccess
|
3242
|
+
|
3243
|
+
include OpenSSL::X509::Extension::CRLDistributionPoints
|
3244
|
+
|
3245
|
+
include OpenSSL::X509::Extension::AuthorityKeyIdentifier
|
3246
|
+
|
3247
|
+
include OpenSSL::X509::Extension::SubjectKeyIdentifier
|
3248
|
+
|
3249
|
+
include OpenSSL::Marshal
|
3250
|
+
|
3251
|
+
extend OpenSSL::Marshal::ClassMethods
|
3252
|
+
|
3253
|
+
public
|
3254
|
+
|
3255
|
+
def ==: (instance other) -> bool
|
3256
|
+
|
3257
|
+
def add_extension: (Extension ext) -> Extension
|
3258
|
+
|
3259
|
+
def check_private_key: (PKey::PKey key) -> bool
|
3260
|
+
|
3261
|
+
def extensions: () -> Array[Extension]
|
3262
|
+
|
3263
|
+
def extensions=: (Array[Extension]) -> Array[Extension]
|
3264
|
+
|
3265
|
+
def inspect: () -> String
|
3266
|
+
|
3267
|
+
def issuer: () -> Name
|
3268
|
+
|
3269
|
+
def issuer=: (Name) -> Name
|
3270
|
+
|
3271
|
+
def not_after: () -> Time?
|
3272
|
+
|
3273
|
+
def not_after=: (Time) -> Time
|
3274
|
+
|
3275
|
+
def not_before: () -> Time?
|
3276
|
+
|
3277
|
+
def not_before=: (Time) -> Time
|
3278
|
+
|
3279
|
+
def pretty_print: (untyped q) -> untyped
|
3280
|
+
|
3281
|
+
def public_key: () -> PKey::PKey
|
3282
|
+
|
3283
|
+
def public_key=: (PKey::PKey pkey) -> PKey::PKey
|
3284
|
+
|
3285
|
+
def serial: () -> BN
|
3286
|
+
|
3287
|
+
def serial=: (bn serial) -> bn
|
3288
|
+
|
3289
|
+
def sign: (PKey::PKey key, String digest) -> String
|
3290
|
+
|
3291
|
+
def signature_algorithm: () -> String
|
3292
|
+
|
3293
|
+
def subject: () -> Name
|
3294
|
+
|
3295
|
+
def subject=: (Name) -> Name
|
3296
|
+
|
3297
|
+
def to_der: () -> String
|
3298
|
+
|
3299
|
+
def to_pem: () -> String
|
3300
|
+
|
3301
|
+
alias to_s to_pem
|
3302
|
+
|
3303
|
+
def to_text: () -> String
|
3304
|
+
|
3305
|
+
def verify: (PKey::PKey key) -> bool
|
3306
|
+
|
3307
|
+
def version: () -> Integer
|
3308
|
+
|
3309
|
+
def version=: (Integer) -> Integer
|
3310
|
+
|
3311
|
+
private
|
3312
|
+
|
3313
|
+
def initialize: (?String pem) -> void
|
3314
|
+
|
3315
|
+
def initialize_copy: (instance) -> void
|
3316
|
+
end
|
3317
|
+
|
3318
|
+
class CertificateError < OpenSSL::OpenSSLError
|
3319
|
+
end
|
3320
|
+
|
3321
|
+
class Extension
|
3322
|
+
include OpenSSL::Marshal
|
3323
|
+
|
3324
|
+
extend OpenSSL::Marshal::ClassMethods
|
3325
|
+
|
3326
|
+
public
|
3327
|
+
|
3328
|
+
def ==: (instance other) -> bool
|
3329
|
+
|
3330
|
+
def critical=: [U] (boolish) -> U
|
3331
|
+
|
3332
|
+
def critical?: () -> bool
|
3333
|
+
|
3334
|
+
def oid: () -> String
|
3335
|
+
|
3336
|
+
def oid=: (String oid) -> String
|
3337
|
+
|
3338
|
+
def to_a: () -> [String, String, bool]
|
3339
|
+
|
3340
|
+
def to_der: () -> String
|
3341
|
+
|
3342
|
+
def to_h: () -> Hash[String, untyped]
|
3343
|
+
|
3344
|
+
def to_s: () -> String
|
3345
|
+
|
3346
|
+
def value: () -> String
|
3347
|
+
|
3348
|
+
def value=: (String | ASN1::_ToDer data) -> String
|
3349
|
+
|
3350
|
+
def value_der: () -> String
|
3351
|
+
|
3352
|
+
private
|
3353
|
+
|
3354
|
+
def initialize: (String der) -> void
|
3355
|
+
| (String oid, String value, ?boolish critical) -> void
|
3356
|
+
|
3357
|
+
def initialize_copy: (instance) -> void
|
3358
|
+
|
3359
|
+
module AuthorityInfoAccess
|
3360
|
+
include OpenSSL::X509::Extension::Helpers
|
3361
|
+
|
3362
|
+
public
|
3363
|
+
|
3364
|
+
def ca_issuer_uris: () -> Array[String]?
|
3365
|
+
|
3366
|
+
def ocsp_uris: () -> Array[String]?
|
3367
|
+
|
3368
|
+
private
|
3369
|
+
|
3370
|
+
def parse_aia_asn1: () -> untyped
|
3371
|
+
end
|
3372
|
+
|
3373
|
+
module AuthorityKeyIdentifier
|
3374
|
+
include OpenSSL::X509::Extension::Helpers
|
3375
|
+
|
3376
|
+
public
|
3377
|
+
|
3378
|
+
def authority_key_identifier: () -> String?
|
3379
|
+
end
|
3380
|
+
|
3381
|
+
module CRLDistributionPoints
|
3382
|
+
include OpenSSL::X509::Extension::Helpers
|
3383
|
+
|
3384
|
+
public
|
3385
|
+
|
3386
|
+
def crl_uris: () -> Array[String]?
|
3387
|
+
end
|
3388
|
+
|
3389
|
+
module Helpers
|
3390
|
+
public
|
3391
|
+
|
3392
|
+
def find_extension: (String oid) -> Extension?
|
3393
|
+
end
|
3394
|
+
|
3395
|
+
module SubjectKeyIdentifier
|
3396
|
+
include OpenSSL::X509::Extension::Helpers
|
3397
|
+
|
3398
|
+
public
|
3399
|
+
|
3400
|
+
def subject_key_identifier: () -> String?
|
3401
|
+
end
|
3402
|
+
end
|
3403
|
+
|
3404
|
+
class ExtensionError < OpenSSL::OpenSSLError
|
3405
|
+
end
|
3406
|
+
|
3407
|
+
class ExtensionFactory
|
3408
|
+
public
|
3409
|
+
|
3410
|
+
def config: () -> Config?
|
3411
|
+
|
3412
|
+
def config=: (Config config) -> Config
|
3413
|
+
|
3414
|
+
def create_ext: (String oid, String value, ?boolish critical) -> Extension
|
3415
|
+
|
3416
|
+
def create_ext_from_array: ([String, String] | [String, String, boolish] ary) -> Extension
|
3417
|
+
|
3418
|
+
def create_ext_from_hash: (Hash[String, String | boolish] hash) -> Extension
|
3419
|
+
|
3420
|
+
def create_ext_from_string: (String str) -> Extension
|
3421
|
+
|
3422
|
+
def create_extension: (String oid, String value, ?boolish critical) -> Extension
|
3423
|
+
|
3424
|
+
def crl: () -> CRL?
|
3425
|
+
|
3426
|
+
def crl=: (CRL crl) -> CRL
|
3427
|
+
|
3428
|
+
def issuer_certificate: () -> Certificate?
|
3429
|
+
|
3430
|
+
def issuer_certificate=: (Certificate cert) -> Certificate
|
3431
|
+
|
3432
|
+
def subject_certificate: () -> Certificate?
|
3433
|
+
|
3434
|
+
def subject_certificate=: (Certificate cert) -> Certificate
|
3435
|
+
|
3436
|
+
def subject_request: () -> Request?
|
3437
|
+
|
3438
|
+
def subject_request=: (Request request) -> Request
|
3439
|
+
|
3440
|
+
private
|
3441
|
+
|
3442
|
+
def initialize: (?Certificate? issuer_cert, ?Certificate? subject_cert, ?Request? request, ?CRL? crl) -> void
|
3443
|
+
end
|
3444
|
+
|
3445
|
+
class Name
|
3446
|
+
type distinguished_name = [String, String]
|
3447
|
+
|
3448
|
+
type template = Hash[String, Integer]
|
3449
|
+
|
3450
|
+
include OpenSSL::Marshal
|
3451
|
+
|
3452
|
+
include Comparable
|
3453
|
+
|
3454
|
+
extend OpenSSL::Marshal::ClassMethods
|
3455
|
+
|
3456
|
+
alias self.parse self.parse_openssl
|
3457
|
+
|
3458
|
+
def self.parse_openssl: (String str, ?template template) -> instance
|
3459
|
+
|
3460
|
+
def self.parse_rfc2253: (String str, ?template template) -> instance
|
3461
|
+
|
3462
|
+
public
|
3463
|
+
|
3464
|
+
alias <=> cmp
|
3465
|
+
|
3466
|
+
def add_entry: (String oid, String value, ?loc: Integer, ?set: Integer) -> self
|
3467
|
+
|
3468
|
+
def cmp: (untyped other) -> Integer?
|
3469
|
+
|
3470
|
+
def eql?: (instance other) -> bool
|
3471
|
+
|
3472
|
+
def hash: () -> Integer
|
3473
|
+
|
3474
|
+
def hash_old: () -> Integer
|
3475
|
+
|
3476
|
+
def inspect: () -> String
|
3477
|
+
|
3478
|
+
def pretty_print: (untyped q) -> untyped
|
3479
|
+
|
3480
|
+
def to_a: () -> Array[[String, String, Integer]]
|
3481
|
+
|
3482
|
+
def to_der: () -> String
|
3483
|
+
|
3484
|
+
def to_s: (?format format) -> String
|
3485
|
+
|
3486
|
+
def to_utf8: () -> String
|
3487
|
+
|
3488
|
+
private
|
3489
|
+
|
3490
|
+
def initialize: (distinguished_name name, template template) -> void
|
3491
|
+
| (Array[distinguished_name] names) -> void
|
3492
|
+
| (?String der) -> void
|
3493
|
+
|
3494
|
+
def initialize_copy: (instance) -> void
|
3495
|
+
|
3496
|
+
COMPAT: Integer
|
3497
|
+
|
3498
|
+
DEFAULT_OBJECT_TYPE: Integer
|
3499
|
+
|
3500
|
+
MULTILINE: Integer
|
3501
|
+
|
3502
|
+
OBJECT_TYPE_TEMPLATE: template
|
3503
|
+
|
3504
|
+
ONELINE: Integer
|
3505
|
+
|
3506
|
+
RFC2253: Integer
|
3507
|
+
|
3508
|
+
type format = Integer
|
3509
|
+
|
3510
|
+
module RFC2253DN
|
3511
|
+
def self.expand_hexstring: (untyped str) -> untyped
|
3512
|
+
|
3513
|
+
def self.expand_pair: (untyped str) -> untyped
|
3514
|
+
|
3515
|
+
def self.expand_value: (untyped str1, untyped str2, untyped str3) -> untyped
|
3516
|
+
|
3517
|
+
def self.scan: (untyped dn) -> untyped
|
3518
|
+
|
3519
|
+
private
|
3520
|
+
|
3521
|
+
def expand_hexstring: (untyped str) -> untyped
|
3522
|
+
|
3523
|
+
def expand_pair: (untyped str) -> untyped
|
3524
|
+
|
3525
|
+
def expand_value: (untyped str1, untyped str2, untyped str3) -> untyped
|
3526
|
+
|
3527
|
+
def scan: (String dn) -> Array[distinguished_name]
|
3528
|
+
|
3529
|
+
AttributeType: Regexp
|
3530
|
+
|
3531
|
+
AttributeValue: Regexp
|
3532
|
+
|
3533
|
+
HexChar: Regexp
|
3534
|
+
|
3535
|
+
HexPair: Regexp
|
3536
|
+
|
3537
|
+
HexString: Regexp
|
3538
|
+
|
3539
|
+
Pair: Regexp
|
3540
|
+
|
3541
|
+
QuoteChar: Regexp
|
3542
|
+
|
3543
|
+
Special: String
|
3544
|
+
|
3545
|
+
StringChar: Regexp
|
3546
|
+
|
3547
|
+
TypeAndValue: Regexp
|
3548
|
+
end
|
3549
|
+
end
|
3550
|
+
|
3551
|
+
class NameError < OpenSSL::OpenSSLError
|
3552
|
+
end
|
3553
|
+
|
3554
|
+
class Request
|
3555
|
+
include OpenSSL::Marshal
|
3556
|
+
|
3557
|
+
extend OpenSSL::Marshal::ClassMethods
|
3558
|
+
|
3559
|
+
public
|
3560
|
+
|
3561
|
+
def ==: (untyped other) -> bool
|
3562
|
+
|
3563
|
+
def add_attribute: (Attribute attribute) -> Attribute
|
3564
|
+
|
3565
|
+
def attributes: () -> Array[Attribute]
|
3566
|
+
|
3567
|
+
def attributes=: (Array[Attribute] attributes) -> Array[Attribute]
|
3568
|
+
|
3569
|
+
def public_key: () -> PKey::PKey
|
3570
|
+
|
3571
|
+
def public_key=: (PKey::PKey public_key) -> PKey::PKey
|
3572
|
+
|
3573
|
+
def sign: (PKey::PKey key, Digest | String digest) -> String
|
3574
|
+
|
3575
|
+
def signature_algorithm: () -> String
|
3576
|
+
|
3577
|
+
def subject: () -> Name
|
3578
|
+
|
3579
|
+
def subject=: (Name subject) -> Name
|
3580
|
+
|
3581
|
+
def to_der: () -> String
|
3582
|
+
|
3583
|
+
def to_pem: () -> String
|
3584
|
+
|
3585
|
+
alias to_s to_pem
|
3586
|
+
|
3587
|
+
def to_text: () -> String
|
3588
|
+
|
3589
|
+
def verify: (PKey::PKey key) -> bool
|
3590
|
+
|
3591
|
+
def version: () -> Integer
|
3592
|
+
|
3593
|
+
def version=: (Integer version) -> Integer
|
3594
|
+
|
3595
|
+
private
|
3596
|
+
|
3597
|
+
def initialize: (?String der) -> void
|
3598
|
+
|
3599
|
+
def initialize_copy: (instance) -> void
|
3600
|
+
end
|
3601
|
+
|
3602
|
+
class RequestError < OpenSSL::OpenSSLError
|
3603
|
+
end
|
3604
|
+
|
3605
|
+
class Revoked
|
3606
|
+
public
|
3607
|
+
|
3608
|
+
def ==: (untyped other) -> bool
|
3609
|
+
|
3610
|
+
def add_extension: (Extension ext) -> Extension
|
3611
|
+
|
3612
|
+
def extensions: () -> Array[Extension]
|
3613
|
+
|
3614
|
+
def extensions=: (Array[Extension] extensions) -> Array[Extension]
|
3615
|
+
|
3616
|
+
def serial: () -> Integer
|
3617
|
+
|
3618
|
+
def serial=: (Integer integer) -> Integer
|
3619
|
+
|
3620
|
+
def time: () -> Time?
|
3621
|
+
|
3622
|
+
def time=: (Time time) -> Time
|
3623
|
+
|
3624
|
+
def to_der: () -> String
|
3625
|
+
|
3626
|
+
private
|
3627
|
+
|
3628
|
+
def initialize: (*untyped) -> void
|
3629
|
+
|
3630
|
+
def initialize_copy: (instance) -> void
|
3631
|
+
end
|
3632
|
+
|
3633
|
+
class RevokedError < OpenSSL::OpenSSLError
|
3634
|
+
end
|
3635
|
+
|
3636
|
+
class Store
|
3637
|
+
public
|
3638
|
+
|
3639
|
+
def add_cert: (Certificate certificate) -> self
|
3640
|
+
|
3641
|
+
def add_crl: (CRL crl) -> self
|
3642
|
+
|
3643
|
+
def add_file: (String file) -> self
|
3644
|
+
|
3645
|
+
def add_path: (String path) -> self
|
3646
|
+
|
3647
|
+
def chain: () -> Array[Certificate]?
|
3648
|
+
|
3649
|
+
def error: () -> Integer?
|
3650
|
+
|
3651
|
+
def error_string: () -> String?
|
3652
|
+
|
3653
|
+
def flags=: (Integer flags) -> Integer
|
3654
|
+
|
3655
|
+
def purpose=: (Integer purpose) -> Integer
|
3656
|
+
|
3657
|
+
def set_default_paths: () -> nil
|
3658
|
+
|
3659
|
+
def time=: (Time time) -> Time
|
3660
|
+
|
3661
|
+
def trust=: (Integer trust) -> Integer
|
3662
|
+
|
3663
|
+
def verify: (Certificate certificate, ?Array[Certificate] chain) ?{ (bool preverify_ok, StoreContext store_ctx) -> boolish } -> boolish
|
3664
|
+
|
3665
|
+
def verify_callback: () -> (^(bool preverify_ok, StoreContext store_ctx) -> boolish | nil)
|
3666
|
+
|
3667
|
+
def verify_callback=: [U] (^(bool preverify_ok, StoreContext store_ctx) -> boolish) -> U
|
3668
|
+
|
3669
|
+
private
|
3670
|
+
|
3671
|
+
def initialize: () -> void
|
3672
|
+
end
|
3673
|
+
|
3674
|
+
class StoreContext
|
3675
|
+
public
|
3676
|
+
|
3677
|
+
def chain: () -> Array[Certificate]?
|
3678
|
+
|
3679
|
+
def cleanup: () -> void
|
3680
|
+
|
3681
|
+
def current_cert: () -> Certificate
|
3682
|
+
|
3683
|
+
def current_crl: () -> CRL
|
3684
|
+
|
3685
|
+
def error: () -> Integer?
|
3686
|
+
|
3687
|
+
def error=: (Integer error) -> Integer
|
3688
|
+
|
3689
|
+
def error_depth: () -> Integer
|
3690
|
+
|
3691
|
+
def error_string: () -> String?
|
3692
|
+
|
3693
|
+
def flags=: (Integer flags) -> Integer
|
3694
|
+
|
3695
|
+
def purpose=: (Integer purpose) -> Integer
|
3696
|
+
|
3697
|
+
def time=: (Time time) -> Time
|
3698
|
+
|
3699
|
+
def trust=: (Integer trust) -> Integer
|
3700
|
+
|
3701
|
+
def verify: () -> bool
|
3702
|
+
|
3703
|
+
private
|
3704
|
+
|
3705
|
+
def initialize: (Store store, ?Certificate cert, ?Array[Certificate] chain) -> void
|
3706
|
+
end
|
3707
|
+
|
3708
|
+
class StoreError < OpenSSL::OpenSSLError
|
3709
|
+
end
|
3710
|
+
end
|
3711
|
+
end
|