rbs 1.3.3 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/core/integer.rbs CHANGED
@@ -361,8 +361,7 @@ class Integer < Numeric
361
361
  # 18.floor(-1) #=> 10
362
362
  # (-18).floor(-1) #=> -20
363
363
  #
364
- def floor: () -> Integer
365
- | (int digits) -> (Integer | Float)
364
+ def floor: (?int digits) -> Integer
366
365
 
367
366
  # Returns the greatest common divisor of the two integers. The result is always
368
367
  # positive. 0.gcd(x) and x.gcd(0) return x.abs.
data/core/io.rbs CHANGED
@@ -534,8 +534,8 @@ class IO < Object
534
534
  #
535
535
  def read: (?Integer? length, ?String outbuf) -> String?
536
536
 
537
- def read_nonblock: (Integer len) -> String
538
- | (Integer len, ?String buf) -> String
537
+ def read_nonblock: (Integer len, ?String buf, ?exception: true) -> String
538
+ | (Integer len, ?String buf, exception: false) -> (String | :wait_readable | nil)
539
539
 
540
540
  # Reads a byte as with `IO#getbyte`, but raises an `EOFError` on end of
541
541
  # file.
@@ -704,6 +704,9 @@ class IO < Object
704
704
  #
705
705
  def write: (*_ToS string) -> Integer
706
706
 
707
+ def write_nonblock: (_ToS s, ?exception: true) -> Integer
708
+ | (_ToS s, exception: false) -> (Integer | :wait_writable | nil)
709
+
707
710
  # Opens the file, optionally seeks to the given *offset*, then returns *length*
708
711
  # bytes (defaulting to the rest of the file). #binread ensures the file is
709
712
  # closed before returning. The open mode would be `"rb:ASCII-8BIT"`.
@@ -746,7 +749,8 @@ class IO < Object
746
749
 
747
750
  def self.readlines: (String name, ?String sep, ?Integer limit, ?external_encoding: String external_encoding, ?internal_encoding: String internal_encoding, ?encoding: String encoding, ?textmode: untyped textmode, ?binmode: untyped binmode, ?autoclose: untyped autoclose, ?mode: String mode) -> ::Array[String]
748
751
 
749
- def self.select: (::Array[io]? read_array, ?::Array[io]? write_array, ?::Array[io]? error_array, ?Numeric? timeout) -> ::Array[::Array[io]]?
752
+ def self.select: [X, Y, Z] (::Array[X & io]? read_array, ?::Array[Y & io]? write_array, ?::Array[Z & io]? error_array) -> [Array[X], Array[Y], Array[Z]]
753
+ | [X, Y, Z] (::Array[X & io]? read_array, ?::Array[Y & io]? write_array, ?::Array[Z & io]? error_array, Numeric? timeout) -> [Array[X], Array[Y], Array[Z]]?
750
754
 
751
755
  def self.sysopen: (String path, ?String mode, ?String perm) -> Integer
752
756
 
data/core/kernel.rbs CHANGED
@@ -113,6 +113,7 @@ module Kernel : BasicObject
113
113
  def self?.Array: (NilClass x) -> [ ]
114
114
  | [T] (::Array[T] x) -> ::Array[T]
115
115
  | [T] (::Range[T] x) -> ::Array[T]
116
+ | [T] (_Each[T] x) -> ::Array[T]
116
117
  | [K, V] (::Hash[K, V] x) -> ::Array[[K, V]]
117
118
  | [T] (T x) -> ::Array[T]
118
119
 
@@ -127,7 +128,15 @@ module Kernel : BasicObject
127
128
 
128
129
  def self?.Rational: (Numeric | String | Object x, ?Numeric | String y, ?exception: bool exception) -> Rational
129
130
 
130
- def self?.String: (Object x) -> String
131
+ # Returns *arg* as a String.
132
+ #
133
+ # First tries to call its `to_str` method, then its `to_s` method.
134
+ #
135
+ # String(self) #=> "main"
136
+ # String(self.class) #=> "Object"
137
+ # String(123456) #=> "123456"
138
+ #
139
+ def self?.String: (_ToStr | _ToS x) -> String
131
140
 
132
141
  # Returns the called name of the current method as a
133
142
  # [Symbol](https://ruby-doc.org/core-2.6.3/Symbol.html). If called
@@ -463,6 +472,19 @@ module Kernel : BasicObject
463
472
  # ```
464
473
  def self?.exec: (*String args) -> bot
465
474
 
475
+ type redirect_fd = Integer # redirect to the file descriptor in parent process
476
+ | :in | :out | :err # standard input / output / error
477
+ | IO # the file descriptor specified as io.fileno
478
+ | String # redirect to file with open(string, File::RDONLY)
479
+ | [String] # # redirect to file with open(string, File::RDONLY)
480
+ | [String, string | int] # redirect to file with open(string, open_mode, 0644)
481
+ | [String, string | int, int] # redirect to file with open(string, open_mode, perm)
482
+ | [:child, int] # redirect to the redirected file descriptor
483
+ | :close # close the file descriptor in child process
484
+
485
+ def self?.spawn: (String command, *String args, ?unsetenv_others: boolish, ?pgroup?: (true | Integer), ?umask: Integer, ?in: redirect_fd, ?out: redirect_fd, ?err: redirect_fd, ?close_others: boolish, ?chdir: String) -> Integer
486
+ | (Hash[string, string?] env, String command, *String args, ?unsetenv_others: boolish, ?pgroup?: (true | Integer), ?umask: Integer, ?in: redirect_fd, ?out: redirect_fd, ?err: redirect_fd, ?close_others: boolish, ?chdir: String) -> Integer
487
+
466
488
  # Executes *command…* in a subshell. *command…* is one of following forms.
467
489
  #
468
490
  # commandline : command line string which is passed to the standard shell
@@ -488,7 +510,8 @@ module Kernel : BasicObject
488
510
  # *
489
511
  #
490
512
  # See `Kernel.exec` for the standard shell.
491
- def self?.system: (*String args) -> (NilClass | FalseClass | TrueClass)
513
+ def self?.system: (String command, *String args, ?unsetenv_others: boolish, ?pgroup?: (true | Integer), ?umask: Integer, ?in: redirect_fd, ?out: redirect_fd, ?err: redirect_fd, ?close_others: boolish, ?chdir: String) -> (NilClass | FalseClass | TrueClass)
514
+ | (Hash[string, string?] env, String command, *String args, ?unsetenv_others: boolish, ?pgroup?: (true | Integer), ?umask: Integer, ?in: redirect_fd, ?out: redirect_fd, ?err: redirect_fd, ?close_others: boolish, ?chdir: String) -> (NilClass | FalseClass | TrueClass)
492
515
  end
493
516
 
494
517
  Kernel::RUBYGEMS_ACTIVATION_MONITOR: untyped
data/core/object.rbs CHANGED
@@ -206,7 +206,7 @@ class Object < BasicObject
206
206
  # enum.size # => 42
207
207
  #
208
208
  def enum_for: (Symbol method, *untyped args) ?{ (*untyped args) -> Integer } -> Enumerator[untyped, untyped]
209
- | (*untyped args) ?{ (*untyped args) -> Integer } -> Enumerator[untyped, untyped]
209
+ | () ?{ () -> Integer } -> Enumerator[untyped, self]
210
210
 
211
211
  # Creates a new Enumerator which will enumerate by calling `method` on `obj`,
212
212
  # passing `args` if any.
data/core/range.rbs CHANGED
@@ -101,7 +101,9 @@ class Range[out Elem] < Object
101
101
  # ```
102
102
  def begin: () -> Elem # Begin-less ranges have type of Range[Integer?]
103
103
 
104
- def bsearch: [U] () { (Elem) -> boolish } -> U?
104
+ def bsearch: () -> ::Enumerator[Elem, Elem?]
105
+ | () { (Elem) -> (true | false) } -> Elem?
106
+ | () { (Elem) -> ::Integer } -> Elem?
105
107
 
106
108
  def cover?: (untyped obj) -> bool
107
109
 
@@ -132,7 +134,7 @@ class Range[out Elem] < Object
132
134
  # (10..20).first(3) #=> [10, 11, 12]
133
135
  # ```
134
136
  def first: () -> Elem
135
- | (?Integer n) -> ::Array[Elem]
137
+ | (Integer n) -> ::Array[Elem]
136
138
 
137
139
  # Compute a hash-code for this range. Two ranges with equal begin and end
138
140
  # points (using `eql?` ), and the same
@@ -165,7 +167,7 @@ class Range[out Elem] < Object
165
167
  # (10...20).last(3) #=> [17, 18, 19]
166
168
  # ```
167
169
  def last: () -> Elem
168
- | (?Integer n) -> ::Array[Elem]
170
+ | (Integer n) -> ::Array[Elem]
169
171
 
170
172
  # Returns the maximum value in the range. Returns `nil` if the begin value
171
173
  # of the range larger than the end value. Returns `nil` if the begin value
@@ -178,9 +180,9 @@ class Range[out Elem] < Object
178
180
  # (10..20).max #=> 20
179
181
  # ```
180
182
  def max: () -> Elem
181
- | () { (Elem arg0, Elem arg1) -> Integer } -> Elem
182
- | (?Integer n) -> ::Array[Elem]
183
- | (?Integer n) { (Elem arg0, Elem arg1) -> Integer } -> ::Array[Elem]
183
+ | () { (Elem a, Elem b) -> Integer } -> Elem
184
+ | (Integer n) -> ::Array[Elem]
185
+ | (Integer n) { (Elem a, Elem b) -> Integer } -> ::Array[Elem]
184
186
 
185
187
  # Returns the minimum value in the range. Returns `nil` if the begin value
186
188
  # of the range is larger than the end value. Returns `nil` if the begin
@@ -193,9 +195,9 @@ class Range[out Elem] < Object
193
195
  # (10..20).min #=> 10
194
196
  # ```
195
197
  def min: () -> Elem
196
- | () { (Elem arg0, Elem arg1) -> Integer } -> Elem
197
- | (?Integer n) -> ::Array[Elem]
198
- | (?Integer n) { (Elem arg0, Elem arg1) -> Integer } -> ::Array[Elem]
198
+ | () { (Elem a, Elem b) -> Integer } -> Elem
199
+ | (Integer n) -> ::Array[Elem]
200
+ | (Integer n) { (Elem a, Elem b) -> Integer } -> ::Array[Elem]
199
201
 
200
202
  # Returns the number of elements in the range. Both the begin and the end
201
203
  # of the [Range](Range.downloaded.ruby_doc) must be
data/core/true_class.rbs CHANGED
@@ -5,13 +5,13 @@
5
5
  class TrueClass
6
6
  public
7
7
 
8
- def !: () -> bool
8
+ def !: () -> false
9
9
 
10
10
  # And---Returns `false` if *obj* is `nil` or `false`, `true` otherwise.
11
11
  #
12
12
  def &: (nil) -> false
13
13
  | (false) -> false
14
- | (untyped obj) -> bool
14
+ | (untyped obj) -> true
15
15
 
16
16
  # Case Equality -- For class Object, effectively the same as calling `#==`, but
17
17
  # typically overridden by descendants to provide meaningful semantics in `case`
@@ -24,7 +24,7 @@ class TrueClass
24
24
  #
25
25
  def ^: (nil) -> true
26
26
  | (false) -> true
27
- | (untyped obj) -> bool
27
+ | (untyped obj) -> false
28
28
 
29
29
  alias inspect to_s
30
30
 
@@ -42,5 +42,5 @@ class TrueClass
42
42
  #
43
43
  # or
44
44
  #
45
- def |: (boolish obj) -> bool
45
+ def |: (untyped obj) -> true
46
46
  end
data/lib/rbs.rb CHANGED
@@ -44,6 +44,7 @@ require "rbs/factory"
44
44
  require "rbs/repository"
45
45
  require "rbs/ancestor_graph"
46
46
  require "rbs/locator"
47
+ require "rbs/type_alias_dependency"
47
48
 
48
49
  begin
49
50
  require "rbs/parser"
data/lib/rbs/cli.rb CHANGED
@@ -451,6 +451,7 @@ EOU
451
451
  builder.expand_alias(name).tap do |type|
452
452
  validator.validate_type type, context: [Namespace.root]
453
453
  end
454
+ validator.validate_type_alias(entry: decl)
454
455
  end
455
456
  end
456
457
 
data/lib/rbs/errors.rb CHANGED
@@ -386,4 +386,20 @@ module RBS
386
386
  end
387
387
  end
388
388
  end
389
+
390
+ class RecursiveTypeAliasError < LoadingError
391
+ attr_reader :alias_names
392
+ attr_reader :location
393
+
394
+ def initialize(alias_names:, location:)
395
+ @alias_names = alias_names
396
+ @location = location
397
+
398
+ super "#{Location.to_string location}: Recursive type alias definition found for: #{name}"
399
+ end
400
+
401
+ def name
402
+ @alias_names.map(&:name).join(', ')
403
+ end
404
+ end
389
405
  end
data/lib/rbs/parser.rb CHANGED
@@ -326,7 +326,7 @@ def next_token
326
326
  new_token(:tUKEYWORD, input.matched.chop.to_sym)
327
327
  when input.scan(/[A-Z]\w*[?!]:/)
328
328
  new_token(:tUKEYWORD_Q_E, input.matched.chop.to_sym)
329
- when input.scan(/\$[A-Za-z_]\w*/)
329
+ when input.scan(/\$([A-Za-z_]\w*|[~*$?!@\/\\;,.=:<>"&`'+]|\d+|-[0-9_A-Za-z])/)
330
330
  new_token(:tGLOBALIDENT)
331
331
  when input.scan(/@[a-zA-Z_]\w*/)
332
332
  new_token(:tIVAR, input.matched.to_sym)
data/lib/rbs/parser.y CHANGED
@@ -1708,7 +1708,7 @@ def next_token
1708
1708
  new_token(:tUKEYWORD, input.matched.chop.to_sym)
1709
1709
  when input.scan(/[A-Z]\w*[?!]:/)
1710
1710
  new_token(:tUKEYWORD_Q_E, input.matched.chop.to_sym)
1711
- when input.scan(/\$[A-Za-z_]\w*/)
1711
+ when input.scan(/\$([A-Za-z_]\w*|[~*$?!@\/\\;,.=:<>"&`'+]|\d+|-[0-9_A-Za-z])/)
1712
1712
  new_token(:tGLOBALIDENT)
1713
1713
  when input.scan(/@[a-zA-Z_]\w*/)
1714
1714
  new_token(:tIVAR, input.matched.to_sym)
@@ -319,9 +319,16 @@ module RBS
319
319
  const_to_name(node.children[0])
320
320
  end
321
321
 
322
+ value_node = node.children.last
323
+ type = if value_node.nil?
324
+ # Give up type prediction when node is MASGN.
325
+ Types::Bases::Any.new(location: nil)
326
+ else
327
+ node_type(value_node)
328
+ end
322
329
  decls << AST::Declarations::Constant.new(
323
330
  name: const_name,
324
- type: node_type(node.children.last),
331
+ type: type,
325
332
  location: nil,
326
333
  comment: comments[node.first_lineno - 1]
327
334
  )
@@ -87,7 +87,7 @@ module RBS
87
87
  unless const_name(mix)
88
88
  RBS.logger.warn("Skipping anonymous module #{mix} included in #{mod}")
89
89
  else
90
- module_name = module_full_name = to_type_name(const_name(mix))
90
+ module_name = module_full_name = to_type_name(const_name(mix), full_name: true)
91
91
  if module_full_name.namespace == type_name.namespace
92
92
  module_name = TypeName.new(name: module_full_name.name, namespace: Namespace.empty)
93
93
  end
@@ -0,0 +1,88 @@
1
+ module RBS
2
+ class TypeAliasDependency
3
+ attr_reader :env
4
+
5
+ # Direct dependencies corresponds to a directed graph
6
+ # with vertices as types and directions based on assignment of types
7
+ attr_reader :direct_dependencies
8
+ # A hash which stores the transitive closure
9
+ # of the directed graph
10
+ attr_reader :dependencies
11
+
12
+ def initialize(env:)
13
+ @env = env
14
+ end
15
+
16
+ # Check if an alias type definition is circular & prohibited
17
+ def circular_definition?(alias_name)
18
+ # Construct transitive closure, if not constructed already
19
+ transitive_closure() unless @dependencies
20
+
21
+ # Check for recursive type alias
22
+ @dependencies[alias_name][alias_name]
23
+ end
24
+
25
+ def build_dependencies
26
+ return if @direct_dependencies
27
+
28
+ # Initialize hash(a directed graph)
29
+ @direct_dependencies = {}
30
+ # Initialize dependencies as an empty hash
31
+ @dependencies = {}
32
+ # Iterate over alias declarations inserted into environment
33
+ env.alias_decls.each do |name, entry|
34
+ # Construct a directed graph by recursively extracting type aliases
35
+ @direct_dependencies[name] = direct_dependency(entry.decl.type)
36
+ # Initialize dependencies with an empty hash
37
+ @dependencies[name] = {}
38
+ end
39
+ end
40
+
41
+ def transitive_closure
42
+ # Construct a graph of direct dependencies
43
+ build_dependencies()
44
+ # Construct transitive closure by using DFS(recursive technique)
45
+ @direct_dependencies.each_key do |name|
46
+ dependency(name, name)
47
+ end
48
+ end
49
+
50
+ private
51
+
52
+ # Constructs directed graph recursively
53
+ def direct_dependency(type, result = Set[])
54
+ case type
55
+ when RBS::Types::Union, RBS::Types::Intersection, RBS::Types::Optional
56
+ # Iterate over nested types & extract type aliases recursively
57
+ type.each_type do |nested_type|
58
+ direct_dependency(nested_type, result)
59
+ end
60
+ when RBS::Types::Alias
61
+ # Append type name if the type is an alias
62
+ result << type.name
63
+ end
64
+
65
+ result
66
+ end
67
+
68
+ # Recursive function to construct transitive closure
69
+ def dependency(start, vertex, nested = nil)
70
+ if (start == vertex)
71
+ if (@direct_dependencies[start].include?(vertex) || nested)
72
+ # Mark a vertex as connected to itself
73
+ # if it is connected as an edge || a path(traverse multiple edges)
74
+ @dependencies[start][vertex] = true
75
+ end
76
+ else
77
+ # Mark a pair of vertices as connected while recursively performing DFS
78
+ @dependencies[start][vertex] = true
79
+ end
80
+
81
+ # Iterate over the direct dependencies of the vertex
82
+ @direct_dependencies[vertex]&.each do |type_name|
83
+ # Invoke the function unless it is already checked
84
+ dependency(start, type_name, start == type_name) unless @dependencies[start][type_name]
85
+ end
86
+ end
87
+ end
88
+ end
data/lib/rbs/validator.rb CHANGED
@@ -53,5 +53,10 @@ module RBS
53
53
  validate_type(type, context: context)
54
54
  end
55
55
  end
56
+
57
+ def validate_type_alias(entry:)
58
+ @type_alias_dependency ||= TypeAliasDependency.new(env: env)
59
+ raise RecursiveTypeAliasError.new(alias_names: [entry.decl.name], location: entry.decl.location) if @type_alias_dependency.circular_definition?(entry.decl.name)
60
+ end
56
61
  end
57
62
  end
data/lib/rbs/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module RBS
2
- VERSION = "1.3.3"
2
+ VERSION = "1.4.0"
3
3
  end
data/sig/errors.rbs CHANGED
@@ -196,4 +196,13 @@ module RBS
196
196
 
197
197
  def mixin_name: () -> String
198
198
  end
199
+
200
+ class RecursiveTypeAliasError < LoadingError
201
+ attr_reader alias_names: Array[TypeName]
202
+ attr_reader location: Location
203
+
204
+ def initialize: (alias_names: Array[TypeName], location: Location) -> void
205
+
206
+ def name: () -> String
207
+ end
199
208
  end
@@ -0,0 +1,22 @@
1
+ module RBS
2
+ class TypeAliasDependency
3
+ attr_reader env: Environment
4
+
5
+ attr_reader direct_dependencies: Hash[TypeName, Set[TypeName]]
6
+ attr_reader dependencies: Hash[TypeName, Hash[TypeName, bool]]
7
+
8
+ def initialize: (env: Environment) -> void
9
+
10
+ def circular_definition?: (TypeName alias_name) -> bool
11
+
12
+ def build_dependencies: () -> void
13
+
14
+ def transitive_closure: () -> void
15
+
16
+ private
17
+
18
+ def direct_dependency: (Types::t `type`, ?Set[TypeName] result) -> Set[TypeName]
19
+
20
+ def dependency: (TypeName start, TypeName vertex, ?boolish nested) -> void
21
+ end
22
+ end
data/sig/validator.rbs CHANGED
@@ -8,5 +8,7 @@ module RBS
8
8
  def absolute_type: (Types::t, context: TypeNameResolver::context) { (Types::t) -> TypeName } -> Types::t
9
9
 
10
10
  def validate_type: (Types::t, context: TypeNameResolver::context) -> void
11
+
12
+ def validate_type_alias: (entry: Environment::SingleEntry[TypeName, AST::Declarations::Alias]) -> void
11
13
  end
12
14
  end
@@ -0,0 +1,3711 @@
1
+ # OpenSSL provides SSL, TLS and general purpose cryptography. It wraps the
2
+ # [OpenSSL](https://www.openssl.org/) library.
3
+ #
4
+ # # Examples
5
+ #
6
+ # All examples assume you have loaded OpenSSL with:
7
+ #
8
+ # require 'openssl'
9
+ #
10
+ # These examples build atop each other. For example the key created in the next
11
+ # is used in throughout these examples.
12
+ #
13
+ # ## Keys
14
+ #
15
+ # ### Creating a Key
16
+ #
17
+ # This example creates a 2048 bit RSA keypair and writes it to the current
18
+ # directory.
19
+ #
20
+ # key = OpenSSL::PKey::RSA.new 2048
21
+ #
22
+ # open 'private_key.pem', 'w' do |io| io.write key.to_pem end
23
+ # open 'public_key.pem', 'w' do |io| io.write key.public_key.to_pem end
24
+ #
25
+ # ### Exporting a Key
26
+ #
27
+ # Keys saved to disk without encryption are not secure as anyone who gets ahold
28
+ # of the key may use it unless it is encrypted. In order to securely export a
29
+ # key you may export it with a pass phrase.
30
+ #
31
+ # cipher = OpenSSL::Cipher.new 'AES-256-CBC'
32
+ # pass_phrase = 'my secure pass phrase goes here'
33
+ #
34
+ # key_secure = key.export cipher, pass_phrase
35
+ #
36
+ # open 'private.secure.pem', 'w' do |io|
37
+ # io.write key_secure
38
+ # end
39
+ #
40
+ # OpenSSL::Cipher.ciphers returns a list of available ciphers.
41
+ #
42
+ # ### Loading a Key
43
+ #
44
+ # A key can also be loaded from a file.
45
+ #
46
+ # key2 = OpenSSL::PKey::RSA.new File.read 'private_key.pem'
47
+ # key2.public? # => true
48
+ # key2.private? # => true
49
+ #
50
+ # or
51
+ #
52
+ # key3 = OpenSSL::PKey::RSA.new File.read 'public_key.pem'
53
+ # key3.public? # => true
54
+ # key3.private? # => false
55
+ #
56
+ # ### Loading an Encrypted Key
57
+ #
58
+ # OpenSSL will prompt you for your pass phrase when loading an encrypted key. If
59
+ # you will not be able to type in the pass phrase you may provide it when
60
+ # loading the key:
61
+ #
62
+ # key4_pem = File.read 'private.secure.pem'
63
+ # pass_phrase = 'my secure pass phrase goes here'
64
+ # key4 = OpenSSL::PKey::RSA.new key4_pem, pass_phrase
65
+ #
66
+ # ## RSA Encryption
67
+ #
68
+ # RSA provides encryption and decryption using the public and private keys. You
69
+ # can use a variety of padding methods depending upon the intended use of
70
+ # encrypted data.
71
+ #
72
+ # ### Encryption & Decryption
73
+ #
74
+ # Asymmetric public/private key encryption is slow and victim to attack in cases
75
+ # where it is used without padding or directly to encrypt larger chunks of data.
76
+ # Typical use cases for RSA encryption involve "wrapping" a symmetric key with
77
+ # the public key of the recipient who would "unwrap" that symmetric key again
78
+ # using their private key. The following illustrates a simplified example of
79
+ # such a key transport scheme. It shouldn't be used in practice, though,
80
+ # standardized protocols should always be preferred.
81
+ #
82
+ # wrapped_key = key.public_encrypt key
83
+ #
84
+ # A symmetric key encrypted with the public key can only be decrypted with the
85
+ # corresponding private key of the recipient.
86
+ #
87
+ # original_key = key.private_decrypt wrapped_key
88
+ #
89
+ # By default PKCS#1 padding will be used, but it is also possible to use other
90
+ # forms of padding, see PKey::RSA for further details.
91
+ #
92
+ # ### Signatures
93
+ #
94
+ # Using "private_encrypt" to encrypt some data with the private key is
95
+ # equivalent to applying a digital signature to the data. A verifying party may
96
+ # validate the signature by comparing the result of decrypting the signature
97
+ # with "public_decrypt" to the original data. However, OpenSSL::PKey already has
98
+ # methods "sign" and "verify" that handle digital signatures in a standardized
99
+ # way - "private_encrypt" and "public_decrypt" shouldn't be used in practice.
100
+ #
101
+ # To sign a document, a cryptographically secure hash of the document is
102
+ # computed first, which is then signed using the private key.
103
+ #
104
+ # signature = key.sign 'SHA256', document
105
+ #
106
+ # To validate the signature, again a hash of the document is computed and the
107
+ # signature is decrypted using the public key. The result is then compared to
108
+ # the hash just computed, if they are equal the signature was valid.
109
+ #
110
+ # if key.verify 'SHA256', signature, document
111
+ # puts 'Valid'
112
+ # else
113
+ # puts 'Invalid'
114
+ # end
115
+ #
116
+ # ## PBKDF2 Password-based Encryption
117
+ #
118
+ # If supported by the underlying OpenSSL version used, Password-based Encryption
119
+ # should use the features of PKCS5. If not supported or if required by legacy
120
+ # applications, the older, less secure methods specified in RFC 2898 are also
121
+ # supported (see below).
122
+ #
123
+ # PKCS5 supports PBKDF2 as it was specified in PKCS#5
124
+ # [v2.0](http://www.rsa.com/rsalabs/node.asp?id=2127). It still uses a password,
125
+ # a salt, and additionally a number of iterations that will slow the key
126
+ # derivation process down. The slower this is, the more work it requires being
127
+ # able to brute-force the resulting key.
128
+ #
129
+ # ### Encryption
130
+ #
131
+ # The strategy is to first instantiate a Cipher for encryption, and then to
132
+ # generate a random IV plus a key derived from the password using PBKDF2. PKCS
133
+ # #5 v2.0 recommends at least 8 bytes for the salt, the number of iterations
134
+ # largely depends on the hardware being used.
135
+ #
136
+ # cipher = OpenSSL::Cipher.new 'AES-256-CBC'
137
+ # cipher.encrypt
138
+ # iv = cipher.random_iv
139
+ #
140
+ # pwd = 'some hopefully not to easily guessable password'
141
+ # salt = OpenSSL::Random.random_bytes 16
142
+ # iter = 20000
143
+ # key_len = cipher.key_len
144
+ # digest = OpenSSL::Digest.new('SHA256')
145
+ #
146
+ # key = OpenSSL::PKCS5.pbkdf2_hmac(pwd, salt, iter, key_len, digest)
147
+ # cipher.key = key
148
+ #
149
+ # Now encrypt the data:
150
+ #
151
+ # encrypted = cipher.update document
152
+ # encrypted << cipher.final
153
+ #
154
+ # ### Decryption
155
+ #
156
+ # Use the same steps as before to derive the symmetric AES key, this time
157
+ # setting the Cipher up for decryption.
158
+ #
159
+ # cipher = OpenSSL::Cipher.new 'AES-256-CBC'
160
+ # cipher.decrypt
161
+ # cipher.iv = iv # the one generated with #random_iv
162
+ #
163
+ # pwd = 'some hopefully not to easily guessable password'
164
+ # salt = ... # the one generated above
165
+ # iter = 20000
166
+ # key_len = cipher.key_len
167
+ # digest = OpenSSL::Digest.new('SHA256')
168
+ #
169
+ # key = OpenSSL::PKCS5.pbkdf2_hmac(pwd, salt, iter, key_len, digest)
170
+ # cipher.key = key
171
+ #
172
+ # Now decrypt the data:
173
+ #
174
+ # decrypted = cipher.update encrypted
175
+ # decrypted << cipher.final
176
+ #
177
+ # ## PKCS #5 Password-based Encryption
178
+ #
179
+ # PKCS #5 is a password-based encryption standard documented at
180
+ # [RFC2898](http://www.ietf.org/rfc/rfc2898.txt). It allows a short password or
181
+ # passphrase to be used to create a secure encryption key. If possible, PBKDF2
182
+ # as described above should be used if the circumstances allow it.
183
+ #
184
+ # PKCS #5 uses a Cipher, a pass phrase and a salt to generate an encryption key.
185
+ #
186
+ # pass_phrase = 'my secure pass phrase goes here'
187
+ # salt = '8 octets'
188
+ #
189
+ # ### Encryption
190
+ #
191
+ # First set up the cipher for encryption
192
+ #
193
+ # encryptor = OpenSSL::Cipher.new 'AES-256-CBC'
194
+ # encryptor.encrypt
195
+ # encryptor.pkcs5_keyivgen pass_phrase, salt
196
+ #
197
+ # Then pass the data you want to encrypt through
198
+ #
199
+ # encrypted = encryptor.update 'top secret document'
200
+ # encrypted << encryptor.final
201
+ #
202
+ # ### Decryption
203
+ #
204
+ # Use a new Cipher instance set up for decryption
205
+ #
206
+ # decryptor = OpenSSL::Cipher.new 'AES-256-CBC'
207
+ # decryptor.decrypt
208
+ # decryptor.pkcs5_keyivgen pass_phrase, salt
209
+ #
210
+ # Then pass the data you want to decrypt through
211
+ #
212
+ # plain = decryptor.update encrypted
213
+ # plain << decryptor.final
214
+ #
215
+ # ## X509 Certificates
216
+ #
217
+ # ### Creating a Certificate
218
+ #
219
+ # This example creates a self-signed certificate using an RSA key and a SHA1
220
+ # signature.
221
+ #
222
+ # key = OpenSSL::PKey::RSA.new 2048
223
+ # name = OpenSSL::X509::Name.parse '/CN=nobody/DC=example'
224
+ #
225
+ # cert = OpenSSL::X509::Certificate.new
226
+ # cert.version = 2
227
+ # cert.serial = 0
228
+ # cert.not_before = Time.now
229
+ # cert.not_after = Time.now + 3600
230
+ #
231
+ # cert.public_key = key.public_key
232
+ # cert.subject = name
233
+ #
234
+ # ### Certificate Extensions
235
+ #
236
+ # You can add extensions to the certificate with OpenSSL::SSL::ExtensionFactory
237
+ # to indicate the purpose of the certificate.
238
+ #
239
+ # extension_factory = OpenSSL::X509::ExtensionFactory.new nil, cert
240
+ #
241
+ # cert.add_extension \
242
+ # extension_factory.create_extension('basicConstraints', 'CA:FALSE', true)
243
+ #
244
+ # cert.add_extension \
245
+ # extension_factory.create_extension(
246
+ # 'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature')
247
+ #
248
+ # cert.add_extension \
249
+ # extension_factory.create_extension('subjectKeyIdentifier', 'hash')
250
+ #
251
+ # The list of supported extensions (and in some cases their possible values) can
252
+ # be derived from the "objects.h" file in the OpenSSL source code.
253
+ #
254
+ # ### Signing a Certificate
255
+ #
256
+ # To sign a certificate set the issuer and use OpenSSL::X509::Certificate#sign
257
+ # with a digest algorithm. This creates a self-signed cert because we're using
258
+ # the same name and key to sign the certificate as was used to create the
259
+ # certificate.
260
+ #
261
+ # cert.issuer = name
262
+ # cert.sign key, OpenSSL::Digest.new('SHA1')
263
+ #
264
+ # open 'certificate.pem', 'w' do |io| io.write cert.to_pem end
265
+ #
266
+ # ### Loading a Certificate
267
+ #
268
+ # Like a key, a cert can also be loaded from a file.
269
+ #
270
+ # cert2 = OpenSSL::X509::Certificate.new File.read 'certificate.pem'
271
+ #
272
+ # ### Verifying a Certificate
273
+ #
274
+ # Certificate#verify will return true when a certificate was signed with the
275
+ # given public key.
276
+ #
277
+ # raise 'certificate can not be verified' unless cert2.verify key
278
+ #
279
+ # ## Certificate Authority
280
+ #
281
+ # A certificate authority (CA) is a trusted third party that allows you to
282
+ # verify the ownership of unknown certificates. The CA issues key signatures
283
+ # that indicate it trusts the user of that key. A user encountering the key can
284
+ # verify the signature by using the CA's public key.
285
+ #
286
+ # ### CA Key
287
+ #
288
+ # CA keys are valuable, so we encrypt and save it to disk and make sure it is
289
+ # not readable by other users.
290
+ #
291
+ # ca_key = OpenSSL::PKey::RSA.new 2048
292
+ # pass_phrase = 'my secure pass phrase goes here'
293
+ #
294
+ # cipher = OpenSSL::Cipher.new 'AES-256-CBC'
295
+ #
296
+ # open 'ca_key.pem', 'w', 0400 do |io|
297
+ # io.write ca_key.export(cipher, pass_phrase)
298
+ # end
299
+ #
300
+ # ### CA Certificate
301
+ #
302
+ # A CA certificate is created the same way we created a certificate above, but
303
+ # with different extensions.
304
+ #
305
+ # ca_name = OpenSSL::X509::Name.parse '/CN=ca/DC=example'
306
+ #
307
+ # ca_cert = OpenSSL::X509::Certificate.new
308
+ # ca_cert.serial = 0
309
+ # ca_cert.version = 2
310
+ # ca_cert.not_before = Time.now
311
+ # ca_cert.not_after = Time.now + 86400
312
+ #
313
+ # ca_cert.public_key = ca_key.public_key
314
+ # ca_cert.subject = ca_name
315
+ # ca_cert.issuer = ca_name
316
+ #
317
+ # extension_factory = OpenSSL::X509::ExtensionFactory.new
318
+ # extension_factory.subject_certificate = ca_cert
319
+ # extension_factory.issuer_certificate = ca_cert
320
+ #
321
+ # ca_cert.add_extension \
322
+ # extension_factory.create_extension('subjectKeyIdentifier', 'hash')
323
+ #
324
+ # This extension indicates the CA's key may be used as a CA.
325
+ #
326
+ # ca_cert.add_extension \
327
+ # extension_factory.create_extension('basicConstraints', 'CA:TRUE', true)
328
+ #
329
+ # This extension indicates the CA's key may be used to verify signatures on both
330
+ # certificates and certificate revocations.
331
+ #
332
+ # ca_cert.add_extension \
333
+ # extension_factory.create_extension(
334
+ # 'keyUsage', 'cRLSign,keyCertSign', true)
335
+ #
336
+ # Root CA certificates are self-signed.
337
+ #
338
+ # ca_cert.sign ca_key, OpenSSL::Digest.new('SHA1')
339
+ #
340
+ # The CA certificate is saved to disk so it may be distributed to all the users
341
+ # of the keys this CA will sign.
342
+ #
343
+ # open 'ca_cert.pem', 'w' do |io|
344
+ # io.write ca_cert.to_pem
345
+ # end
346
+ #
347
+ # ### Certificate Signing Request
348
+ #
349
+ # The CA signs keys through a Certificate Signing Request (CSR). The CSR
350
+ # contains the information necessary to identify the key.
351
+ #
352
+ # csr = OpenSSL::X509::Request.new
353
+ # csr.version = 0
354
+ # csr.subject = name
355
+ # csr.public_key = key.public_key
356
+ # csr.sign key, OpenSSL::Digest.new('SHA1')
357
+ #
358
+ # A CSR is saved to disk and sent to the CA for signing.
359
+ #
360
+ # open 'csr.pem', 'w' do |io|
361
+ # io.write csr.to_pem
362
+ # end
363
+ #
364
+ # ### Creating a Certificate from a CSR
365
+ #
366
+ # Upon receiving a CSR the CA will verify it before signing it. A minimal
367
+ # verification would be to check the CSR's signature.
368
+ #
369
+ # csr = OpenSSL::X509::Request.new File.read 'csr.pem'
370
+ #
371
+ # raise 'CSR can not be verified' unless csr.verify csr.public_key
372
+ #
373
+ # After verification a certificate is created, marked for various usages, signed
374
+ # with the CA key and returned to the requester.
375
+ #
376
+ # csr_cert = OpenSSL::X509::Certificate.new
377
+ # csr_cert.serial = 0
378
+ # csr_cert.version = 2
379
+ # csr_cert.not_before = Time.now
380
+ # csr_cert.not_after = Time.now + 600
381
+ #
382
+ # csr_cert.subject = csr.subject
383
+ # csr_cert.public_key = csr.public_key
384
+ # csr_cert.issuer = ca_cert.subject
385
+ #
386
+ # extension_factory = OpenSSL::X509::ExtensionFactory.new
387
+ # extension_factory.subject_certificate = csr_cert
388
+ # extension_factory.issuer_certificate = ca_cert
389
+ #
390
+ # csr_cert.add_extension \
391
+ # extension_factory.create_extension('basicConstraints', 'CA:FALSE')
392
+ #
393
+ # csr_cert.add_extension \
394
+ # extension_factory.create_extension(
395
+ # 'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature')
396
+ #
397
+ # csr_cert.add_extension \
398
+ # extension_factory.create_extension('subjectKeyIdentifier', 'hash')
399
+ #
400
+ # csr_cert.sign ca_key, OpenSSL::Digest.new('SHA1')
401
+ #
402
+ # open 'csr_cert.pem', 'w' do |io|
403
+ # io.write csr_cert.to_pem
404
+ # end
405
+ #
406
+ # ## SSL and TLS Connections
407
+ #
408
+ # Using our created key and certificate we can create an SSL or TLS connection.
409
+ # An SSLContext is used to set up an SSL session.
410
+ #
411
+ # context = OpenSSL::SSL::SSLContext.new
412
+ #
413
+ # ### SSL Server
414
+ #
415
+ # An SSL server requires the certificate and private key to communicate securely
416
+ # with its clients:
417
+ #
418
+ # context.cert = cert
419
+ # context.key = key
420
+ #
421
+ # Then create an SSLServer with a TCP server socket and the context. Use the
422
+ # SSLServer like an ordinary TCP server.
423
+ #
424
+ # require 'socket'
425
+ #
426
+ # tcp_server = TCPServer.new 5000
427
+ # ssl_server = OpenSSL::SSL::SSLServer.new tcp_server, context
428
+ #
429
+ # loop do
430
+ # ssl_connection = ssl_server.accept
431
+ #
432
+ # data = connection.gets
433
+ #
434
+ # response = "I got #{data.dump}"
435
+ # puts response
436
+ #
437
+ # connection.puts "I got #{data.dump}"
438
+ # connection.close
439
+ # end
440
+ #
441
+ # ### SSL client
442
+ #
443
+ # An SSL client is created with a TCP socket and the context. SSLSocket#connect
444
+ # must be called to initiate the SSL handshake and start encryption. A key and
445
+ # certificate are not required for the client socket.
446
+ #
447
+ # Note that SSLSocket#close doesn't close the underlying socket by default. Set
448
+ # SSLSocket#sync_close to true if you want.
449
+ #
450
+ # require 'socket'
451
+ #
452
+ # tcp_socket = TCPSocket.new 'localhost', 5000
453
+ # ssl_client = OpenSSL::SSL::SSLSocket.new tcp_socket, context
454
+ # ssl_client.sync_close = true
455
+ # ssl_client.connect
456
+ #
457
+ # ssl_client.puts "hello server!"
458
+ # puts ssl_client.gets
459
+ #
460
+ # ssl_client.close # shutdown the TLS connection and close tcp_socket
461
+ #
462
+ # ### Peer Verification
463
+ #
464
+ # An unverified SSL connection does not provide much security. For enhanced
465
+ # security the client or server can verify the certificate of its peer.
466
+ #
467
+ # The client can be modified to verify the server's certificate against the
468
+ # certificate authority's certificate:
469
+ #
470
+ # context.ca_file = 'ca_cert.pem'
471
+ # context.verify_mode = OpenSSL::SSL::VERIFY_PEER
472
+ #
473
+ # require 'socket'
474
+ #
475
+ # tcp_socket = TCPSocket.new 'localhost', 5000
476
+ # ssl_client = OpenSSL::SSL::SSLSocket.new tcp_socket, context
477
+ # ssl_client.connect
478
+ #
479
+ # ssl_client.puts "hello server!"
480
+ # puts ssl_client.gets
481
+ #
482
+ # If the server certificate is invalid or `context.ca_file` is not set when
483
+ # verifying peers an OpenSSL::SSL::SSLError will be raised.
484
+ module OpenSSL
485
+ # Returns a Digest subclass by *name*
486
+ #
487
+ # require 'openssl'
488
+ #
489
+ # OpenSSL::Digest("MD5")
490
+ # # => OpenSSL::Digest::MD5
491
+ #
492
+ # Digest("Foo")
493
+ # # => NameError: wrong constant name Foo
494
+ #
495
+ def self.Digest: (String name) -> singleton(Digest)
496
+
497
+ def self.debug: () -> bool
498
+
499
+ # Turns on or off debug mode. With debug mode, all erros added to the OpenSSL
500
+ # error queue will be printed to stderr.
501
+ #
502
+ def self.debug=: [U] (boolish) -> U
503
+
504
+ # See any remaining errors held in queue.
505
+ #
506
+ # Any errors you see here are probably due to a bug in Ruby's OpenSSL
507
+ # implementation.
508
+ #
509
+ def self.errors: () -> Array[String]
510
+
511
+ def self.fips_mode: () -> bool
512
+
513
+ # Turns FIPS mode on or off. Turning on FIPS mode will obviously only have an
514
+ # effect for FIPS-capable installations of the OpenSSL library. Trying to do so
515
+ # otherwise will result in an error.
516
+ #
517
+ # ### Examples
518
+ # OpenSSL.fips_mode = true # turn FIPS mode on
519
+ # OpenSSL.fips_mode = false # and off again
520
+ #
521
+ def self.fips_mode=: [U] (boolish) -> U
522
+
523
+ # Constant time memory comparison for fixed length strings, such as results of
524
+ # HMAC calculations.
525
+ #
526
+ # Returns `true` if the strings are identical, `false` if they are of the same
527
+ # length but not identical. If the length is different, `ArgumentError` is
528
+ # raised.
529
+ #
530
+ def self.fixed_length_secure_compare: (String, String) -> bool
531
+
532
+ # Constant time memory comparison. Inputs are hashed using SHA-256 to mask the
533
+ # length of the secret. Returns `true` if the strings are identical, `false`
534
+ # otherwise.
535
+ #
536
+ #
537
+ def self.secure_compare: (String a, String b) -> bool
538
+
539
+ OPENSSL_FIPS: bool
540
+
541
+ OPENSSL_LIBRARY_VERSION: String
542
+
543
+ OPENSSL_VERSION: String
544
+
545
+ OPENSSL_VERSION_NUMBER: Integer
546
+
547
+ VERSION: String
548
+
549
+ module ASN1
550
+ type tagging = :IMPLICIT | :EXPLICIT
551
+
552
+ type tag_class = :UNIVERSAL | :CONTEXT_SPECIFIC | :APPLICATION | :PRIVATE
553
+
554
+ def self.BMPString: (String value, ?bn tag, ?tagging tagging) -> BMPString
555
+
556
+ def self.BitString: (String value, ?bn tag, ?tagging tagging) -> BitString
557
+
558
+ def self.Boolean: (boolish value, ?bn tag, ?tagging tagging) -> Boolean
559
+
560
+ def self.EndOfContent: () -> EndOfContent
561
+
562
+ def self.Enumerated: (bn value, ?bn tag, ?tagging tagging) -> Enumerated
563
+
564
+ def self.GeneralString: (String value, ?bn tag, ?tagging tagging) -> GeneralString
565
+
566
+ def self.GeneralizedTime: (::Time value, ?bn tag, ?tagging tagging) -> GeneralizedTime
567
+
568
+ def self.GraphicString: (String value, ?bn tag, ?tagging tagging) -> GraphicString
569
+
570
+ def self.IA5String: (String value, ?bn tag, ?tagging tagging) -> IA5String
571
+
572
+ def self.ISO64String: (String value, ?bn tag, ?tagging tagging) -> ISO64String
573
+
574
+ def self.Integer: (bn value, ?bn tag, ?tagging tagging) -> Integer
575
+
576
+ def self.Null: (nil) -> Null
577
+
578
+ def self.NumericString: (String value, ?bn tag, ?tagging tagging) -> NumericString
579
+
580
+ def self.ObjectId: (String value, ?bn tag, ?tagging tagging) -> ObjectId
581
+
582
+ def self.OctetString: (String value, ?bn tag, ?tagging tagging) -> OctetString
583
+
584
+ def self.PrintableString: (String value, ?bn tag, ?tagging tagging) -> PrintableString
585
+
586
+ def self.Sequence: (Array[ASN1Data] value, ?bn tag, ?tagging tagging) -> Sequence
587
+
588
+ def self.Set: (Array[ASN1Data] value, ?bn tag, ?tagging tagging) -> Set
589
+
590
+ def self.T61String: (String value, ?bn tag, ?tagging tagging) -> T61String
591
+
592
+ def self.UTCTime: (::Time value, ?bn tag, ?tagging tagging) -> UTCTime
593
+
594
+ def self.UTF8String: (String value, ?bn tag, ?tagging tagging) -> UTF8String
595
+
596
+ def self.UniversalString: (String value, ?bn tag, ?tagging tagging) -> UniversalString
597
+
598
+ def self.VideotexString: (String value, ?bn tag, ?tagging tagging) -> VideotexString
599
+
600
+ def self.decode: (String | _ToDer der) -> ASN1Data
601
+
602
+ def self.decode_all: (String | _ToDer der) -> Array[ASN1Data]
603
+
604
+ def self.traverse: (String | _ToDer der) { (::Integer, ::Integer, ::Integer, ::Integer, bool, tag_class, ::Integer) -> void } -> void
605
+
606
+ BIT_STRING: Integer
607
+
608
+ BMPSTRING: Integer
609
+
610
+ BOOLEAN: Integer
611
+
612
+ CHARACTER_STRING: Integer
613
+
614
+ EMBEDDED_PDV: Integer
615
+
616
+ ENUMERATED: Integer
617
+
618
+ EOC: Integer
619
+
620
+ EXTERNAL: Integer
621
+
622
+ GENERALIZEDTIME: Integer
623
+
624
+ GENERALSTRING: Integer
625
+
626
+ GRAPHICSTRING: Integer
627
+
628
+ IA5STRING: Integer
629
+
630
+ INTEGER: Integer
631
+
632
+ ISO64STRING: Integer
633
+
634
+ NULL: Integer
635
+
636
+ NUMERICSTRING: Integer
637
+
638
+ OBJECT: Integer
639
+
640
+ OBJECT_DESCRIPTOR: Integer
641
+
642
+ OCTET_STRING: Integer
643
+
644
+ PRINTABLESTRING: Integer
645
+
646
+ REAL: Integer
647
+
648
+ RELATIVE_OID: Integer
649
+
650
+ SEQUENCE: Integer
651
+
652
+ SET: Integer
653
+
654
+ T61STRING: Integer
655
+
656
+ UNIVERSALSTRING: Integer
657
+
658
+ UNIVERSAL_TAG_NAME: Array[untyped]
659
+
660
+ UTCTIME: Integer
661
+
662
+ UTF8STRING: Integer
663
+
664
+ VIDEOTEXSTRING: Integer
665
+
666
+ interface _ToDer
667
+ def to_der: () -> String
668
+ end
669
+
670
+ class ASN1Data
671
+ public
672
+
673
+ def indefinite_length: () -> bool
674
+
675
+ def indefinite_length=: [U] (boolish) -> U
676
+
677
+ alias infinite_length indefinite_length
678
+
679
+ alias infinite_length= indefinite_length=
680
+
681
+ def tag: () -> bn
682
+
683
+ def tag=: (::Integer) -> ::Integer
684
+ | (BN) -> BN
685
+
686
+ def tag_class: () -> tag_class
687
+
688
+ def tag_class=: (tag_class) -> tag_class
689
+
690
+ def to_der: () -> String
691
+
692
+ def value: () -> untyped
693
+
694
+ def value=: (untyped) -> untyped
695
+
696
+ private
697
+
698
+ def initialize: (untyped value, ::Integer tag, tag_class tag_class) -> void
699
+ end
700
+
701
+ class ASN1Error < OpenSSL::OpenSSLError
702
+ end
703
+
704
+ class BMPString < OpenSSL::ASN1::Primitive
705
+ end
706
+
707
+ class BitString < OpenSSL::ASN1::Primitive
708
+ public
709
+
710
+ def unused_bits: () -> ::Integer
711
+
712
+ def unused_bits=: (::Integer) -> ::Integer
713
+
714
+ def value: () -> String
715
+
716
+ def value=: (String) -> String
717
+ end
718
+
719
+ class Boolean < OpenSSL::ASN1::Primitive
720
+ def value: () -> bool
721
+
722
+ def value=: [U] (boolish) -> U
723
+ end
724
+
725
+ class Constructive < OpenSSL::ASN1::ASN1Data
726
+ include Enumerable[ASN1Data]
727
+
728
+ public
729
+
730
+ def each: () ?{ (ASN1Data) -> void }-> self
731
+
732
+ def tagging: () -> tagging?
733
+
734
+ def tagging=: (tagging) -> tagging
735
+
736
+ def to_der: () -> String
737
+
738
+ private
739
+
740
+ def initialize: (Array[ASN1Data]) -> void
741
+ end
742
+
743
+ class EndOfContent < OpenSSL::ASN1::ASN1Data
744
+ public
745
+
746
+ def to_der: () -> String
747
+
748
+ private
749
+
750
+ def initialize: () -> void
751
+ end
752
+
753
+ class Enumerated < OpenSSL::ASN1::Primitive
754
+ def value: () -> ::Integer
755
+
756
+ def value=: (::Integer) -> ::Integer
757
+ end
758
+
759
+ class GeneralString < OpenSSL::ASN1::Primitive
760
+ def value: () -> String
761
+
762
+ def value=: (String) -> String
763
+ end
764
+
765
+ class GeneralizedTime < OpenSSL::ASN1::Primitive
766
+ def value: () -> Time
767
+
768
+ def value=: (Time) -> Time
769
+ end
770
+
771
+ class GraphicString < OpenSSL::ASN1::Primitive
772
+ def value: () -> String
773
+
774
+ def value=: (String) -> String
775
+ end
776
+
777
+ class IA5String < OpenSSL::ASN1::Primitive
778
+ def value: () -> String
779
+
780
+ def value=: (String) -> String
781
+ end
782
+
783
+ class ISO64String < OpenSSL::ASN1::Primitive
784
+ def value: () -> String
785
+
786
+ def value=: (String) -> String
787
+ end
788
+
789
+ class Integer < OpenSSL::ASN1::Primitive
790
+ def value: () -> ::Integer
791
+
792
+ def value=: (::Integer) -> ::Integer
793
+ end
794
+
795
+ class Null < OpenSSL::ASN1::Primitive
796
+ def value: () -> nil
797
+
798
+ def value=: (nil) -> nil
799
+ end
800
+
801
+ class NumericString < OpenSSL::ASN1::Primitive
802
+ def value: () -> String
803
+
804
+ def value=: (String) -> String
805
+ end
806
+
807
+ class ObjectId < OpenSSL::ASN1::Primitive
808
+ def self.register: (String object_id, String short_name, String ong_name) -> bool
809
+
810
+ def value: () -> String
811
+
812
+ def value=: (String) -> String
813
+
814
+ public
815
+
816
+ def ==: (ObjectId other) -> bool
817
+
818
+ def ln: () -> String?
819
+
820
+ alias long_name ln
821
+
822
+ def oid: () -> String
823
+
824
+ alias short_name sn
825
+
826
+ def sn: () -> String?
827
+ end
828
+
829
+ class OctetString < OpenSSL::ASN1::Primitive
830
+ def value: () -> String
831
+
832
+ def value=: (String) -> String
833
+ end
834
+
835
+ class Primitive < OpenSSL::ASN1::ASN1Data
836
+ public
837
+
838
+ def tagging: () -> tagging?
839
+
840
+ def tagging=: (tagging) -> tagging
841
+
842
+ def to_der: () -> String
843
+
844
+ private
845
+
846
+ def initialize: (untyped value, ?Integer tag, ?tagging tagging) -> void
847
+ end
848
+
849
+ class PrintableString < OpenSSL::ASN1::Primitive
850
+ def value: () -> String
851
+
852
+ def value=: (String) -> String
853
+ end
854
+
855
+ class Sequence < OpenSSL::ASN1::Constructive
856
+ def value: () -> Array[ASN1Data]
857
+
858
+ def value=: (Array[ASN1Data]) -> Array[ASN1Data]
859
+ end
860
+
861
+ class Set < OpenSSL::ASN1::Constructive
862
+ end
863
+
864
+ class T61String < OpenSSL::ASN1::Primitive
865
+ def value: () -> String
866
+
867
+ def value=: (String) -> String
868
+ end
869
+
870
+ class UTCTime < OpenSSL::ASN1::Primitive
871
+ def value: () -> Time
872
+
873
+ def value=: (Time) -> Time
874
+ end
875
+
876
+ class UTF8String < OpenSSL::ASN1::Primitive
877
+ def value: () -> String
878
+
879
+ def value=: (String) -> String
880
+ end
881
+
882
+ class UniversalString < OpenSSL::ASN1::Primitive
883
+ def value: () -> String
884
+
885
+ def value=: (String) -> String
886
+ end
887
+
888
+ class VideotexString < OpenSSL::ASN1::Primitive
889
+ def value: () -> String
890
+
891
+ def value=: (String) -> String
892
+ end
893
+ end
894
+
895
+ type bn = BN | ::Integer
896
+
897
+ class BN
898
+ include Comparable
899
+
900
+ def self.generate_prime: (::Integer bits, ?boolish safe, ?bn add, ?bn rem) -> instance
901
+
902
+ def self.pseudo_rand: (*untyped) -> untyped
903
+
904
+ def self.pseudo_rand_range: (untyped) -> untyped
905
+
906
+ def self.rand: (*untyped) -> untyped
907
+
908
+ def self.rand_range: (untyped) -> untyped
909
+
910
+ public
911
+
912
+ def %: (int) -> instance
913
+
914
+ def *: (int) -> instance
915
+
916
+ def **: (int) -> instance
917
+
918
+ def +: (int) -> instance
919
+
920
+ def +@: () -> instance
921
+
922
+ def -: (int) -> instance
923
+
924
+ def -@: () -> instance
925
+
926
+ def /: (int) -> [instance, instance]
927
+
928
+ def <<: (int) -> instance
929
+
930
+ alias <=> cmp
931
+
932
+ def ==: (untyped) -> bool
933
+
934
+ alias === ==
935
+
936
+ def >>: (int) -> int
937
+
938
+ def bit_set?: (int) -> bool
939
+
940
+ def clear_bit!: (int) -> void
941
+
942
+ def cmp: (Integer) -> Integer
943
+
944
+ def coerce: (::Integer) -> Array[Integer]
945
+ | (BN) -> Array[BN]
946
+
947
+ def copy: (int) -> instance
948
+
949
+ def eql?: (untyped other) -> bool
950
+
951
+ def gcd: (int) -> instance
952
+
953
+ def hash: () -> Integer
954
+
955
+ def lshift!: (int bits) -> self
956
+
957
+ def mask_bits!: (int) -> void
958
+
959
+ def mod_add: (int, int) -> instance
960
+
961
+ def mod_exp: (int, int) -> instance
962
+
963
+ def mod_inverse: (int) -> instance
964
+
965
+ def mod_mul: (int, int) -> instance
966
+
967
+ def mod_sqr: (int) -> instance
968
+
969
+ def mod_sub: (int, int) -> instance
970
+
971
+ def negative?: () -> bool
972
+
973
+ def num_bits: () -> ::Integer
974
+
975
+ def num_bytes: () -> ::Integer
976
+
977
+ def odd?: () -> bool
978
+
979
+ def one?: () -> bool
980
+
981
+ def pretty_print: (untyped q) -> untyped
982
+
983
+ def prime?: (?int checks) -> bool
984
+
985
+ def prime_fasttest?: (?int checks, ?int trial_div) -> bool
986
+
987
+ def rshift!: (int bits) -> self
988
+
989
+ def set_bit!: (int bit) -> self
990
+
991
+ def sqr: () -> instance
992
+
993
+ def to_bn: () -> self
994
+
995
+ def to_i: () -> ::Integer
996
+
997
+ alias to_int to_i
998
+
999
+ def to_s: () -> String
1000
+ | (0) -> String
1001
+ | (2) -> String
1002
+ | (10) -> String
1003
+ | (16) -> String
1004
+ | (int base) -> String
1005
+
1006
+ def ucmp: (int bn2) -> ::Integer
1007
+
1008
+ def zero?: () -> bool
1009
+
1010
+ private
1011
+
1012
+ def initialize: (instance) -> void
1013
+ | (int) -> void
1014
+ | (String) -> void
1015
+ | (String, 0 | 2 | 10 | 16) -> void
1016
+
1017
+ def initialize_copy: (instance other) -> instance
1018
+ end
1019
+
1020
+ class BNError < OpenSSL::OpenSSLError
1021
+ end
1022
+
1023
+ module Buffering
1024
+ include Enumerable[untyped]
1025
+
1026
+ public
1027
+
1028
+ def <<: (String s) -> self
1029
+
1030
+ def close: () -> void
1031
+
1032
+ def each: (?String eol) ?{ (String) -> void } -> void
1033
+
1034
+ def each_byte: () ?{ (Integer) -> void } -> void
1035
+
1036
+ alias each_line each
1037
+
1038
+ alias eof eof?
1039
+
1040
+ def eof?: () -> bool
1041
+
1042
+ def flush: () -> self
1043
+
1044
+ def getc: () -> String?
1045
+
1046
+ def gets: (?(String | Regexp) eol, ?Integer limit) -> String?
1047
+
1048
+ def print: (*untyped args) -> nil
1049
+
1050
+ def printf: (String format_string, *untyped args) -> nil
1051
+
1052
+ def puts: (*untyped args) -> nil
1053
+
1054
+ def read: (?Integer? size, ?String buf) -> String?
1055
+
1056
+ def read_nonblock: (Integer maxlen, ?String buf, ?exception: true) -> String
1057
+ | (Integer maxlen, ?String buf, exception: false) -> (String | :wait_writable | :wait_readable | nil)
1058
+
1059
+ def readchar: () -> String
1060
+
1061
+ def readline: (?String eol) -> String
1062
+
1063
+ def readlines: (?String eol) -> ::Array[String]
1064
+
1065
+ def readpartial: (Integer maxlen, ?String buf) -> String
1066
+
1067
+ def sync: () -> bool
1068
+
1069
+ def sync=: (boolish) -> void
1070
+
1071
+ def ungetc: (String c) -> String
1072
+
1073
+ def write: (*_ToS s) -> Integer
1074
+
1075
+ def write_nonblock: (_ToS s, ?exception: true) -> Integer
1076
+ | (_ToS s, exception: false) -> (Integer | :wait_writable | :wait_readable | nil)
1077
+
1078
+ private
1079
+
1080
+ def consume_rbuff: (?untyped size) -> untyped
1081
+
1082
+ def do_write: (untyped s) -> untyped
1083
+
1084
+ def fill_rbuff: () -> untyped
1085
+
1086
+ BLOCK_SIZE: Integer
1087
+
1088
+ class Buffer < String
1089
+ BINARY: Encoding
1090
+
1091
+ def <<: (String string) -> self
1092
+
1093
+ alias concat <<
1094
+ end
1095
+ end
1096
+
1097
+ class Cipher
1098
+ def self.ciphers: () -> Array[String]
1099
+
1100
+ public
1101
+
1102
+ def auth_data=: (String) -> String
1103
+
1104
+ def auth_tag: (?Integer tag_len) -> String
1105
+
1106
+ def auth_tag=: (String) -> String
1107
+
1108
+ def auth_tag_len=: (Integer) -> Integer
1109
+
1110
+ def authenticated?: () -> bool
1111
+
1112
+ def block_size: () -> Integer
1113
+
1114
+ def decrypt: () -> self
1115
+
1116
+ def encrypt: () -> self
1117
+
1118
+ def final: () -> String
1119
+
1120
+ def iv=: (String iv) -> String
1121
+
1122
+ def iv_len: () -> Integer
1123
+
1124
+ def iv_len=: (Integer) -> Integer
1125
+
1126
+ def key=: (String key) -> String
1127
+
1128
+ def key_len: () -> Integer
1129
+
1130
+ def key_len=: (Integer) -> Integer
1131
+
1132
+ def name: () -> String
1133
+
1134
+ def padding=: (Integer) -> Integer
1135
+
1136
+ def pkcs5_keyivgen: (String pass, ?String salt, ?Integer iterations, ?String digest) -> void
1137
+
1138
+ def random_iv: () -> String
1139
+
1140
+ def random_key: () -> String
1141
+
1142
+ def reset: () -> self
1143
+
1144
+ def update: (String data, ?String buffer) -> String
1145
+
1146
+ private
1147
+
1148
+ def ciphers: () -> Array[String]
1149
+
1150
+ def initialize: (String cipher_name) -> void
1151
+
1152
+ def initialize_copy: (untyped) -> untyped
1153
+
1154
+ class AES < OpenSSL::Cipher
1155
+ private
1156
+
1157
+ def initialize: (*_ToS args) -> void
1158
+ end
1159
+
1160
+ class AES128 < OpenSSL::Cipher
1161
+ private
1162
+
1163
+ def initialize: (?_ToS mode) -> void
1164
+ end
1165
+
1166
+ class AES192 < OpenSSL::Cipher
1167
+ private
1168
+
1169
+ def initialize: (?_ToS mode) -> void
1170
+ end
1171
+
1172
+ class AES256 < OpenSSL::Cipher
1173
+ private
1174
+
1175
+ def initialize: (?_ToS mode) -> void
1176
+ end
1177
+
1178
+ class BF < OpenSSL::Cipher
1179
+ private
1180
+
1181
+ def initialize: (*_ToS args) -> void
1182
+ end
1183
+
1184
+ class CAST5 < OpenSSL::Cipher
1185
+ private
1186
+
1187
+ def initialize: (*_ToS args) -> void
1188
+ end
1189
+
1190
+ class Cipher < OpenSSL::Cipher
1191
+ end
1192
+
1193
+ class CipherError < OpenSSL::OpenSSLError
1194
+ end
1195
+
1196
+ class DES < OpenSSL::Cipher
1197
+ private
1198
+
1199
+ def initialize: (*_ToS args) -> void
1200
+ end
1201
+
1202
+ class IDEA < OpenSSL::Cipher
1203
+ private
1204
+
1205
+ def initialize: (*_ToS args) -> void
1206
+ end
1207
+
1208
+ class RC2 < OpenSSL::Cipher
1209
+ private
1210
+
1211
+ def initialize: (*_ToS args) -> void
1212
+ end
1213
+
1214
+ class RC4 < OpenSSL::Cipher
1215
+ private
1216
+
1217
+ def initialize: (*_ToS args) -> void
1218
+ end
1219
+
1220
+ class RC5 < OpenSSL::Cipher
1221
+ private
1222
+
1223
+ def initialize: (*_ToS args) -> void
1224
+ end
1225
+ end
1226
+
1227
+ class Config
1228
+ include Enumerable[[String, String, String]]
1229
+
1230
+ def self.load: (?_ToS filename) -> instance
1231
+
1232
+ def self.parse: (String string) -> instance
1233
+
1234
+ def self.parse_config: (IO io) -> Hash[String, Hash[String, String]]
1235
+
1236
+ public
1237
+
1238
+ def []: (String section) -> Hash[String, String]
1239
+
1240
+ def []=: (String section, _Each[[String, String]] pairs) -> _Each[[String, String]]
1241
+
1242
+ def add_value: (String section, untyped key, untyped value) -> untyped
1243
+
1244
+ def each: () { ([String, String, String] args0) -> void } -> self
1245
+
1246
+ def get_value: (String section, String key) -> String?
1247
+
1248
+ def inspect: () -> String
1249
+
1250
+ def section: (String name) -> Hash[String, String]
1251
+
1252
+ def sections: () -> Array[String]
1253
+
1254
+ def to_s: () -> String
1255
+
1256
+ private
1257
+
1258
+ def initialize: (?_ToS filename) -> void
1259
+
1260
+ def initialize_copy: (instance other) -> void
1261
+
1262
+ DEFAULT_CONFIG_FILE: String
1263
+ end
1264
+
1265
+ class ConfigError < OpenSSL::OpenSSLError
1266
+ end
1267
+
1268
+ class Digest
1269
+ def self.digest: (String name, String data) -> String
1270
+
1271
+ public
1272
+
1273
+ alias << update
1274
+
1275
+ def block_length: () -> Integer
1276
+
1277
+ def digest: () -> String
1278
+
1279
+ def digest_length: () -> Integer
1280
+
1281
+ def hexdigest: () -> String
1282
+
1283
+ def name: () -> String
1284
+
1285
+ def reset: () -> self
1286
+
1287
+ def update: (String data) -> self
1288
+
1289
+ private
1290
+
1291
+ def finish: (*untyped) -> untyped
1292
+
1293
+ def initialize: (String name, ?String data) -> void
1294
+
1295
+ def initialize_copy: (instance) -> void
1296
+
1297
+ class Digest < OpenSSL::Digest
1298
+ end
1299
+
1300
+ class DigestError < OpenSSL::OpenSSLError
1301
+ end
1302
+
1303
+ class MD4 < OpenSSL::Digest
1304
+ def self.digest: (String data) -> String
1305
+
1306
+ def self.hexdigest: (String data) -> String
1307
+
1308
+ private
1309
+
1310
+ def initialize: (?String data) -> void
1311
+ end
1312
+
1313
+ class MD5 < OpenSSL::Digest
1314
+ def self.digest: (String data) -> String
1315
+
1316
+ def self.hexdigest: (String data) -> String
1317
+
1318
+ private
1319
+
1320
+ def initialize: (?String data) -> void
1321
+ end
1322
+
1323
+ class RIPEMD160 < OpenSSL::Digest
1324
+ def self.digest: (String data) -> String
1325
+
1326
+ def self.hexdigest: (String data) -> String
1327
+
1328
+ private
1329
+
1330
+ def initialize: (?String data) -> void
1331
+ end
1332
+
1333
+ class SHA1 < OpenSSL::Digest
1334
+ def self.digest: (String data) -> String
1335
+
1336
+ def self.hexdigest: (String data) -> String
1337
+
1338
+ private
1339
+
1340
+ def initialize: (?String data) -> void
1341
+ end
1342
+
1343
+ class SHA224 < OpenSSL::Digest
1344
+ def self.digest: (String data) -> String
1345
+
1346
+ def self.hexdigest: (String data) -> String
1347
+
1348
+ private
1349
+
1350
+ def initialize: (?String data) -> void
1351
+ end
1352
+
1353
+ class SHA256 < OpenSSL::Digest
1354
+ def self.digest: (String data) -> String
1355
+
1356
+ def self.hexdigest: (String data) -> String
1357
+
1358
+ private
1359
+
1360
+ def initialize: (?String data) -> void
1361
+ end
1362
+
1363
+ class SHA384 < OpenSSL::Digest
1364
+ def self.digest: (String data) -> String
1365
+
1366
+ def self.hexdigest: (String data) -> String
1367
+
1368
+ private
1369
+
1370
+ def initialize: (?String data) -> void
1371
+ end
1372
+
1373
+ class SHA512 < OpenSSL::Digest
1374
+ def self.digest: (String data) -> String
1375
+
1376
+ def self.hexdigest: (String data) -> String
1377
+
1378
+ private
1379
+
1380
+ def initialize: (?String data) -> void
1381
+ end
1382
+ end
1383
+
1384
+ class Engine
1385
+ def self.by_id: (String name) -> instance
1386
+
1387
+ def self.cleanup: () -> void
1388
+
1389
+ def self.engines: () -> Array[instance]
1390
+
1391
+ def self.load: (?String name) -> (true | nil)
1392
+
1393
+ public
1394
+
1395
+ def cipher: (String cipher) -> Cipher
1396
+
1397
+ def cmds: () -> Array[[String, String, String]]
1398
+
1399
+ def ctrl_cmd: (String cmd, ?String value) -> self
1400
+
1401
+ def digest: (String digest) -> Digest
1402
+
1403
+ def finish: () -> nil
1404
+
1405
+ def id: () -> String
1406
+
1407
+ def inspect: () -> String
1408
+
1409
+ def load_private_key: (?String id, ?String data) -> PKey::PKey
1410
+
1411
+ def load_public_key: (?String id, ?String data) -> PKey::PKey
1412
+
1413
+ def name: () -> String
1414
+
1415
+ def set_default: (Integer flag) -> bool
1416
+
1417
+ METHOD_ALL: Integer
1418
+
1419
+ METHOD_CIPHERS: Integer
1420
+
1421
+ METHOD_DH: Integer
1422
+
1423
+ METHOD_DIGESTS: Integer
1424
+
1425
+ METHOD_DSA: Integer
1426
+
1427
+ METHOD_NONE: Integer
1428
+
1429
+ METHOD_RAND: Integer
1430
+
1431
+ METHOD_RSA: Integer
1432
+
1433
+ class EngineError < OpenSSL::OpenSSLError
1434
+ end
1435
+ end
1436
+
1437
+ module ExtConfig
1438
+ HAVE_TLSEXT_HOST_NAME: bool
1439
+
1440
+ OPENSSL_NO_SOCK: bool
1441
+ end
1442
+
1443
+ class HMAC
1444
+ def self.digest: (String algo, String key, String data) -> String
1445
+
1446
+ def self.hexdigest: (String algo, String key, String data) -> String
1447
+
1448
+ public
1449
+
1450
+ alias << update
1451
+
1452
+ def ==: (instance other) -> bool
1453
+
1454
+ def digest: () -> String
1455
+
1456
+ def hexdigest: () -> String
1457
+
1458
+ alias inspect hexdigest
1459
+
1460
+ def reset: () -> self
1461
+
1462
+ alias to_s hexdigest
1463
+
1464
+ def update: (String data) -> self
1465
+
1466
+ private
1467
+
1468
+ def initialize: (String key, Digest digest) -> void
1469
+
1470
+ def initialize_copy: (instance) -> void
1471
+ end
1472
+
1473
+ class HMACError < OpenSSL::OpenSSLError
1474
+ end
1475
+
1476
+ module KDF
1477
+ def self.hkdf: (String ikm, salt: String, info: String, length: Integer, hash: String) -> String
1478
+
1479
+ def self.pbkdf2_hmac: (String pass, salt: String, iterations: Integer, length: Integer, hash: String | Digest) -> String
1480
+
1481
+ def self.scrypt: (String pass, salt: String, N: Integer, r: Integer, p: Integer, length: Integer) -> String
1482
+
1483
+ private
1484
+
1485
+ def hkdf: (*untyped) -> untyped
1486
+
1487
+ def pbkdf2_hmac: (*untyped) -> untyped
1488
+
1489
+ def scrypt: (*untyped) -> untyped
1490
+
1491
+ class KDFError < OpenSSL::OpenSSLError
1492
+ end
1493
+ end
1494
+
1495
+ module Marshal
1496
+ def self.included: (untyped base) -> untyped
1497
+
1498
+ public
1499
+
1500
+ def _dump: (untyped _level) -> untyped
1501
+
1502
+ module ClassMethods
1503
+ public
1504
+
1505
+ def _load: (untyped string) -> untyped
1506
+ end
1507
+ end
1508
+
1509
+ module Netscape
1510
+ class SPKI
1511
+ public
1512
+
1513
+ def challenge: () -> String
1514
+
1515
+ def challenge=: (String) -> String
1516
+
1517
+ def public_key: () -> PKey::PKey
1518
+
1519
+ def public_key=: (PKey::PKey) -> PKey::PKey
1520
+
1521
+ def sign: (PKey::PKey key, Digest digest) -> instance
1522
+
1523
+ def to_der: () -> String
1524
+
1525
+ def to_pem: () -> String
1526
+
1527
+ alias to_s to_pem
1528
+
1529
+ def to_text: () -> String
1530
+
1531
+ def verify: (PKey::PKey key) -> bool
1532
+
1533
+ private
1534
+
1535
+ def initialize: (?String request) -> void
1536
+ end
1537
+
1538
+ class SPKIError < OpenSSL::OpenSSLError
1539
+ end
1540
+ end
1541
+
1542
+ module OCSP
1543
+ NOCASIGN: Integer
1544
+
1545
+ NOCERTS: Integer
1546
+
1547
+ NOCHAIN: Integer
1548
+
1549
+ NOCHECKS: Integer
1550
+
1551
+ NODELEGATED: Integer
1552
+
1553
+ NOEXPLICIT: Integer
1554
+
1555
+ NOINTERN: Integer
1556
+
1557
+ NOSIGS: Integer
1558
+
1559
+ NOTIME: Integer
1560
+
1561
+ NOVERIFY: Integer
1562
+
1563
+ RESPID_KEY: Integer
1564
+
1565
+ RESPONSE_STATUS_INTERNALERROR: Integer
1566
+
1567
+ RESPONSE_STATUS_MALFORMEDREQUEST: Integer
1568
+
1569
+ RESPONSE_STATUS_SIGREQUIRED: Integer
1570
+
1571
+ RESPONSE_STATUS_SUCCESSFUL: Integer
1572
+
1573
+ RESPONSE_STATUS_TRYLATER: Integer
1574
+
1575
+ RESPONSE_STATUS_UNAUTHORIZED: Integer
1576
+
1577
+ REVOKED_STATUS_AFFILIATIONCHANGED: Integer
1578
+
1579
+ REVOKED_STATUS_CACOMPROMISE: Integer
1580
+
1581
+ REVOKED_STATUS_CERTIFICATEHOLD: Integer
1582
+
1583
+ REVOKED_STATUS_CESSATIONOFOPERATION: Integer
1584
+
1585
+ REVOKED_STATUS_KEYCOMPROMISE: Integer
1586
+
1587
+ REVOKED_STATUS_NOSTATUS: Integer
1588
+
1589
+ REVOKED_STATUS_REMOVEFROMCRL: Integer
1590
+
1591
+ REVOKED_STATUS_SUPERSEDED: Integer
1592
+
1593
+ REVOKED_STATUS_UNSPECIFIED: Integer
1594
+
1595
+ TRUSTOTHER: Integer
1596
+
1597
+ V_CERTSTATUS_GOOD: Integer
1598
+
1599
+ V_CERTSTATUS_REVOKED: Integer
1600
+
1601
+ V_CERTSTATUS_UNKNOWN: Integer
1602
+
1603
+ V_RESPID_KEY: Integer
1604
+
1605
+ V_RESPID_NAME: Integer
1606
+
1607
+ type ocsp_status = Integer
1608
+
1609
+ class BasicResponse
1610
+ public
1611
+
1612
+ def add_nonce: (?String nonce) -> self
1613
+
1614
+ def add_status: (CertificateId certificate_id, ocsp_status status, Integer? reason, Integer? revocation_time, ?(Integer | Time) this_update, ?(Integer | Time) next_update, ?Array[X509::Extension] extensions) -> self
1615
+
1616
+ def copy_nonce: (Request request) -> Integer
1617
+
1618
+ def find_response: (CertificateId certificate_id) -> SingleResponse?
1619
+
1620
+ def responses: () -> Array[SingleResponse]
1621
+
1622
+ def sign: (X509::Certificate cert, PKey::PKey key, ?Array[X509::Certificate] certs, ?Integer flags, ?Digest digest) -> self
1623
+
1624
+ def status: () -> Integer
1625
+
1626
+ def to_der: () -> String
1627
+
1628
+ def verify: (Array[X509::Certificate] certs, X509::Store store, ?Integer flags) -> bool
1629
+
1630
+ private
1631
+
1632
+ def initialize: (?String der) -> void
1633
+
1634
+ def initialize_copy: (instance) -> void
1635
+ end
1636
+
1637
+ class CertificateId
1638
+ public
1639
+
1640
+ def cmp: (instance other) -> bool
1641
+
1642
+ def cmp_issuer: (instance other) -> bool
1643
+
1644
+ def hash_algorithm: () -> String
1645
+
1646
+ def issuer_key_hash: () -> String
1647
+
1648
+ def issuer_name_hash: () -> String
1649
+
1650
+ def serial: () -> Integer
1651
+
1652
+ def to_der: () -> String
1653
+
1654
+ private
1655
+
1656
+ def initialize: (String | ASN1::_ToDer der) -> void
1657
+ | (X509::Certificate subject, X509::Certificate issuer, ?Digest digest) -> void
1658
+
1659
+ def initialize_copy: (instance) -> void
1660
+ end
1661
+
1662
+ class OCSPError < OpenSSL::OpenSSLError
1663
+ end
1664
+
1665
+ class Request
1666
+ public
1667
+
1668
+ def add_certid: (CertificateId certificate_id) -> self
1669
+
1670
+ def add_nonce: (?String nonce) -> self
1671
+
1672
+ def certid: () -> Array[CertificateId]
1673
+
1674
+ def check_nonce: (Response response) -> (-1 | 0 | 1 | 2 | 3)
1675
+
1676
+ def sign: (X509::Certificate cert, PKey::PKey key, ?Array[X509::Certificate] certs, ?Integer flags, ?Digest digest) -> self
1677
+
1678
+ def signed?: () -> bool
1679
+
1680
+ def to_der: () -> String
1681
+
1682
+ def verify: (Array[X509::Certificate] certs, X509::Store store, ?Integer flags) -> bool
1683
+
1684
+ private
1685
+
1686
+ def initialize: (?String der) -> void
1687
+
1688
+ def initialize_copy: (instance) -> void
1689
+ end
1690
+
1691
+ class Response
1692
+ def self.create: (Integer status, ?BasicResponse response) -> instance
1693
+
1694
+ public
1695
+
1696
+ def basic: () -> BasicResponse?
1697
+
1698
+ def status: () -> Integer
1699
+
1700
+ def status_string: () -> String
1701
+
1702
+ def to_der: () -> String
1703
+
1704
+ private
1705
+
1706
+ def initialize: (?String der) -> void
1707
+
1708
+ def initialize_copy: (instance) -> void
1709
+ end
1710
+
1711
+ class SingleResponse
1712
+ public
1713
+
1714
+ def cert_status: () -> ocsp_status
1715
+
1716
+ def certid: () -> CertificateId
1717
+
1718
+ def check_validity: (?Integer nsec, ?Integer maxsec) -> bool
1719
+
1720
+ def extensions: () -> Array[X509::Certificate]
1721
+
1722
+ def next_update: () -> Time?
1723
+
1724
+ def revocation_reason: () -> Integer?
1725
+
1726
+ def revocation_time: () -> Time?
1727
+
1728
+ def this_update: () -> Time
1729
+
1730
+ def to_der: () -> String
1731
+
1732
+ private
1733
+
1734
+ def initialize: (String der) -> void
1735
+
1736
+ def initialize_copy: (instance) -> void
1737
+ end
1738
+ end
1739
+
1740
+ class OpenSSLError < StandardError
1741
+ end
1742
+
1743
+ class PKCS12
1744
+ def self.create: (String pass, String name, PKey::PKey key, X509::Certificate cert, ?Array[X509::Certificate]? ca, ?String? key_pbe, ?String? cert_pbe, ?Integer? key_iter, ?Integer? mac_iter, ?Integer? keytype) -> instance
1745
+
1746
+ public
1747
+
1748
+ def ca_certs: () -> Array[X509::Certificate]?
1749
+
1750
+ def certificate: () -> X509::Certificate
1751
+
1752
+ def key: () -> PKey::PKey
1753
+
1754
+ def to_der: () -> String
1755
+
1756
+ private
1757
+
1758
+ def initialize: (?String der, ?String pass) -> void
1759
+
1760
+ def initialize_copy: (instance) -> void
1761
+
1762
+ class PKCS12Error < OpenSSL::OpenSSLError
1763
+ end
1764
+ end
1765
+
1766
+ module PKCS5
1767
+ def self.pbkdf2_hmac: (String pass, String salt, Integer iter, Integer keylen, String | Digest digest) -> String
1768
+
1769
+ def self.pbkdf2_hmac_sha1: (String pass, String salt, Integer iter, Integer keylen) -> String
1770
+
1771
+ private
1772
+
1773
+ def pbkdf2_hmac: (untyped pass, untyped salt, untyped iter, untyped keylen, untyped digest) -> untyped
1774
+
1775
+ def pbkdf2_hmac_sha1: (untyped pass, untyped salt, untyped iter, untyped keylen) -> untyped
1776
+ end
1777
+
1778
+ class PKCS7
1779
+ def self.encrypt: (X509::Certificate certs, String data, ?Cipher cipher, ?Integer flags) -> instance
1780
+
1781
+ def self.read_smime: (String ) -> instance
1782
+
1783
+ def self.sign: (X509::Certificate certs,PKey::PKey key, String data, ?OpenSSL::Cipher cipher, ?Integer flags) -> instance
1784
+
1785
+ def self.write_smime: (instance pkcs7, ?String data, ?Integer flags) -> String
1786
+
1787
+ public
1788
+
1789
+ def add_certificate: (X509::Certificate cert) -> self
1790
+
1791
+ def add_crl: (X509::CRL crl) -> self
1792
+
1793
+ def add_data: (String data) -> self
1794
+
1795
+ def add_recipient: (RecipientInfo recipient) -> self
1796
+
1797
+ def add_signer: (SignerInfo signer) -> self
1798
+
1799
+ def certificates: () -> Array[X509::Certificate]?
1800
+
1801
+ def certificates=: (Array[X509::Certificate]) -> self
1802
+
1803
+ def cipher=: (Cipher cipher) -> self
1804
+
1805
+ def crls: () -> Array[X509::CRL]?
1806
+
1807
+ def crls=: (Array[X509::CRL]) -> self
1808
+
1809
+ def data: () -> String?
1810
+
1811
+ alias data= add_data
1812
+
1813
+ def decrypt: (PKey::PKey p1, ?PKey::PKey p2, ?PKey::PKey p3) -> String
1814
+
1815
+ def detached: () -> bool
1816
+
1817
+ def detached=: [U] (boolish) -> U
1818
+
1819
+ def detached?: () -> bool
1820
+
1821
+ def error_string: () -> String?
1822
+
1823
+ def error_string=: (String) -> String
1824
+
1825
+ def recipients: () -> Array[RecipientInfo]
1826
+
1827
+ def signers: () -> Array[SignerInfo]
1828
+
1829
+ def to_der: () -> String
1830
+
1831
+ def to_pem: () -> String
1832
+
1833
+ alias to_s to_pem
1834
+
1835
+ def type: () -> String?
1836
+
1837
+ def type=: (String) -> String
1838
+
1839
+ def verify: (PKey::PKey p1, PKey::PKey p2, ?PKey::PKey p3, ?PKey::PKey p4) -> bool
1840
+
1841
+ private
1842
+
1843
+ def initialize: (?String der) -> void
1844
+
1845
+ def initialize_copy: (instance) -> untyped
1846
+
1847
+ BINARY: Integer
1848
+
1849
+ DETACHED: Integer
1850
+
1851
+ NOATTR: Integer
1852
+
1853
+ NOCERTS: Integer
1854
+
1855
+ NOCHAIN: Integer
1856
+
1857
+ NOINTERN: Integer
1858
+
1859
+ NOSIGS: Integer
1860
+
1861
+ NOSMIMECAP: Integer
1862
+
1863
+ NOVERIFY: Integer
1864
+
1865
+ TEXT: Integer
1866
+
1867
+ class PKCS7Error < OpenSSL::OpenSSLError
1868
+ end
1869
+
1870
+ class RecipientInfo
1871
+ public
1872
+
1873
+ def enc_key: () -> PKey::PKey
1874
+
1875
+ def issuer: () -> X509::Name
1876
+
1877
+ def serial: () -> Integer
1878
+
1879
+ private
1880
+
1881
+ def initialize: (X509::Certificate certificate) -> void
1882
+ end
1883
+
1884
+ class SignerInfo
1885
+ public
1886
+
1887
+ def issuer: () -> X509::Name
1888
+
1889
+ def serial: () -> Integer
1890
+
1891
+ def signed_time: () -> Time?
1892
+
1893
+ private
1894
+
1895
+ def initialize: (X509::Certificate certificate, PKey::PKey key, Digest digest) -> void
1896
+ end
1897
+ end
1898
+
1899
+ module PKey
1900
+ def self?.read: (String | IO pem, ?String password) -> PKey
1901
+
1902
+ class DH < OpenSSL::PKey::PKey
1903
+ include OpenSSL::Marshal
1904
+
1905
+ extend OpenSSL::Marshal::ClassMethods
1906
+
1907
+ def self.generate: (Integer size, ?Integer generator) -> instance
1908
+
1909
+ public
1910
+
1911
+ def compute_key: (bn pub_bn) -> String
1912
+
1913
+ def export: () -> String
1914
+
1915
+ def g: () -> BN?
1916
+
1917
+ def generate_key!: () -> self
1918
+
1919
+ def p: () -> BN
1920
+
1921
+ def params: () -> Hash[String, BN]
1922
+
1923
+ def params_ok?: () -> bool
1924
+
1925
+ def priv_key: () -> BN
1926
+
1927
+ def private?: () -> bool
1928
+
1929
+ def pub_key: () -> BN
1930
+
1931
+ def public?: () -> bool
1932
+
1933
+ def public_key: () -> instance
1934
+
1935
+ def q: () -> BN
1936
+
1937
+ def set_key: (bn pub_key, bn? priv_key) -> self
1938
+
1939
+ def set_pqg: (bn p, bn q, bn g) -> self
1940
+
1941
+ def to_der: () -> String
1942
+
1943
+ alias to_pem export
1944
+
1945
+ alias to_s export
1946
+
1947
+ def to_text: () -> String
1948
+
1949
+ private
1950
+
1951
+ def initialize: (Integer size, ?Integer generator) -> void
1952
+ | (String pem) -> void
1953
+ | () -> void
1954
+
1955
+ def initialize_copy: (instance) -> void
1956
+ end
1957
+
1958
+ class DHError < OpenSSL::PKey::PKeyError
1959
+ end
1960
+
1961
+ class DSA < OpenSSL::PKey::PKey
1962
+ include OpenSSL::Marshal
1963
+
1964
+ extend OpenSSL::Marshal::ClassMethods
1965
+
1966
+ def self.generate: (Integer size) -> instance
1967
+
1968
+ public
1969
+
1970
+ def export: (String cipher, String password) -> String
1971
+ | () -> String
1972
+
1973
+ def g: () -> BN
1974
+
1975
+ def p: () -> BN
1976
+
1977
+ def params: () -> Hash[String, BN]
1978
+
1979
+ def priv_key: () -> BN
1980
+
1981
+ def private?: () -> bool
1982
+
1983
+ def pub_key: () -> BN
1984
+
1985
+ def public?: () -> bool
1986
+
1987
+ def public_key: () -> instance
1988
+
1989
+ def q: () -> BN
1990
+
1991
+ def set_key: (bn pub_key, bn? priv_key) -> self
1992
+
1993
+ def set_pqg: (bn p, bn q, bn g) -> self
1994
+
1995
+ def syssign: (String digest) -> String
1996
+
1997
+ def sysverify: (String digest, String data) -> bool
1998
+
1999
+ def to_der: () -> String
2000
+
2001
+ alias to_pem export
2002
+
2003
+ alias to_s export
2004
+
2005
+ def to_text: () -> String
2006
+
2007
+ private
2008
+
2009
+ def initialize: (String pem, ?String pass) -> void
2010
+ | (?Integer size) -> void
2011
+
2012
+ def initialize_copy: (instance) -> void
2013
+ end
2014
+
2015
+ class DSAError < OpenSSL::PKey::PKeyError
2016
+ end
2017
+
2018
+ class EC < OpenSSL::PKey::PKey
2019
+ include OpenSSL::Marshal
2020
+
2021
+ extend OpenSSL::Marshal::ClassMethods
2022
+
2023
+ def self.builtin_curves: () -> Array[[String, String]]
2024
+
2025
+ def self.generate: (String | Group pem_or_der_or_group_or_curve_name) -> instance
2026
+
2027
+ public
2028
+
2029
+ def check_key: () -> true
2030
+
2031
+ def dh_compute_key: (instance public_key) -> String
2032
+
2033
+ def dsa_sign_asn1: (String digest) -> String
2034
+
2035
+ def dsa_verify_asn1: (String digest, String signature) -> bool
2036
+
2037
+ def export: (String cipher, String password) -> String
2038
+ | () -> String
2039
+
2040
+ alias generate_key generate_key!
2041
+
2042
+ def generate_key!: () -> self
2043
+
2044
+ def group: () -> Group?
2045
+
2046
+ def group=: (Group) -> Group
2047
+
2048
+ def private?: () -> bool
2049
+
2050
+ def private_key: () -> BN?
2051
+
2052
+ def private_key=: (bn priv_key) -> self
2053
+
2054
+ alias private_key? private?
2055
+
2056
+ def public?: () -> bool
2057
+
2058
+ def public_key: () -> Point?
2059
+
2060
+ def public_key=: (bn priv_key) -> self
2061
+
2062
+ alias public_key? public?
2063
+
2064
+ def to_der: () -> String
2065
+
2066
+ alias to_pem export
2067
+
2068
+ def to_text: () -> String
2069
+
2070
+ private
2071
+
2072
+ def initialize: (instance ec_key) -> void
2073
+ | (Group group) -> void
2074
+ | (String pem_or_der_or_curve, ?String pass) -> void
2075
+
2076
+ def initialize_copy: (instance) -> void
2077
+
2078
+ EXPLICIT_CURVE: Integer
2079
+
2080
+ NAMED_CURVE: Integer
2081
+
2082
+ type ec_method = :GFp_simple | :GFp_mont | :GFp_nist | :GF2m_simple
2083
+
2084
+ type point_conversion_format = :compressed | :uncompressed | :hybrid
2085
+
2086
+ class Group
2087
+ public
2088
+
2089
+ alias == eql?
2090
+
2091
+ def asn1_flag: () -> Integer
2092
+
2093
+ def asn1_flag=: (Integer) -> Integer
2094
+
2095
+ def cofactor: () -> BN
2096
+
2097
+ def curve_name: () -> String
2098
+
2099
+ def degree: () -> Integer
2100
+
2101
+ def eql?: (instance other) -> bool
2102
+
2103
+ def generator: () -> Point?
2104
+
2105
+ def order: () -> BN
2106
+
2107
+ def point_conversion_form: () -> point_conversion_format
2108
+
2109
+ def point_conversion_form=: (point_conversion_format format) -> point_conversion_format
2110
+
2111
+ def seed: () -> String?
2112
+
2113
+ def seed=: (String seed) -> String
2114
+
2115
+ def set_generator: ( Point generator, Integer order, Integer cofactor) -> self
2116
+
2117
+ def to_der: () -> String
2118
+
2119
+ def to_pem: () -> String
2120
+
2121
+ def to_text: () -> String
2122
+
2123
+ private
2124
+
2125
+ def initialize: (instance group) -> void
2126
+ | (String pem_or_der_encoded) -> void
2127
+ | (ec_method ec_method) -> void
2128
+ | (:GFp | :GF2m ec_method, Integer bignum_p, Integer bignum_a, Integer bignum_b) -> void
2129
+
2130
+ def initialize_copy: (instance) -> void
2131
+
2132
+ class Error < OpenSSL::OpenSSLError
2133
+ end
2134
+ end
2135
+
2136
+ class Point
2137
+ public
2138
+
2139
+ alias == eql?
2140
+
2141
+ def add: (instance point) -> instance
2142
+
2143
+ def eql?: (instance other) -> bool
2144
+
2145
+ def group: () -> Group
2146
+
2147
+ def infinity?: () -> bool
2148
+
2149
+ def invert!: () -> self
2150
+
2151
+ def make_affine!: () -> self
2152
+
2153
+ def mul: (bn bn1, ?bn bn2) -> instance
2154
+ | (Array[bn] bns, Array[instance], ?bn bn2) -> instance
2155
+
2156
+ def on_curve?: () -> bool
2157
+
2158
+ def set_to_infinity!: () -> self
2159
+
2160
+ def to_bn: (?point_conversion_format conversion_form) -> BN
2161
+
2162
+ def to_octet_string: (point_conversion_format) -> String
2163
+
2164
+ private
2165
+
2166
+ def initialize: (instance point) -> void
2167
+ | (Group group, ?(String | BN) encoded_point) -> void
2168
+
2169
+ def initialize_copy: (instance) -> void
2170
+
2171
+ class Error < OpenSSL::OpenSSLError
2172
+ end
2173
+ end
2174
+ end
2175
+
2176
+ class ECError < OpenSSL::PKey::PKeyError
2177
+ end
2178
+
2179
+ class PKey
2180
+ public
2181
+
2182
+ def inspect: () -> String
2183
+
2184
+ def oid: () -> String
2185
+
2186
+ def private_to_der: (String cipher, String password) -> String
2187
+ | () -> String
2188
+
2189
+ def private_to_pem: (String cipher, String password) -> String
2190
+ | () -> String
2191
+
2192
+ def public_to_der: () -> String
2193
+
2194
+ def public_to_pem: () -> String
2195
+
2196
+ def sign: (Digest digest, String data) -> String
2197
+
2198
+ def verify: (Digest digest, String signature, String data) -> bool
2199
+
2200
+ private
2201
+
2202
+ def initialize: () -> void
2203
+ end
2204
+
2205
+ class PKeyError < OpenSSL::OpenSSLError
2206
+ end
2207
+
2208
+ class RSA < OpenSSL::PKey::PKey
2209
+ include OpenSSL::Marshal
2210
+
2211
+ extend OpenSSL::Marshal::ClassMethods
2212
+
2213
+ def self.generate: (Integer size, ?Integer exponent) -> instance
2214
+
2215
+ public
2216
+
2217
+ def d: () -> BN?
2218
+
2219
+ def dmp1: () -> BN?
2220
+
2221
+ def dmq1: () -> BN?
2222
+
2223
+ def e: () -> BN?
2224
+
2225
+ def export: (String cipher, String password) -> String
2226
+ | () -> String
2227
+
2228
+ def iqmp: () -> BN?
2229
+
2230
+ def n: () -> BN?
2231
+
2232
+ def p: () -> BN?
2233
+
2234
+ def params: () -> Hash[String, BN]
2235
+
2236
+ def private?: () -> bool
2237
+
2238
+ def private_decrypt: (String data, ?Integer padding) -> String
2239
+
2240
+ def private_encrypt: (String data, ?Integer padding) -> String
2241
+
2242
+ def public?: () -> bool
2243
+
2244
+ def public_decrypt: (String data, ?Integer padding) -> String
2245
+
2246
+ def public_encrypt: (String data, ?Integer padding) -> String
2247
+
2248
+ def public_key: () -> instance
2249
+
2250
+ def q: () -> BN?
2251
+
2252
+ def set_crt_params: (bn dmp1, bn dmq1, bn iqmp) -> self
2253
+
2254
+ def set_factors: (bn p, bn q) -> self
2255
+
2256
+ def set_key: (bn n, bn e, bn d) -> self
2257
+
2258
+ def sign_pss: (String digest, String data, salt_length: :digest | :max | Integer, mgf1_hash: String) -> String
2259
+
2260
+ def to_der: () -> String
2261
+
2262
+ alias to_pem export
2263
+
2264
+ alias to_s export
2265
+
2266
+ def to_text: () -> String
2267
+
2268
+ def verify_pss: (String digest, String signature, String data, salt_length: :auto | :digest | Integer, mgf1_hash: String) -> bool
2269
+
2270
+ private
2271
+
2272
+ def initialize: (Integer key_size) -> void
2273
+ | (String encoded_key, ?String pass_phrase) -> void
2274
+
2275
+ def initialize_copy: (instance) -> void
2276
+
2277
+ NO_PADDING: Integer
2278
+
2279
+ PKCS1_OAEP_PADDING: Integer
2280
+
2281
+ PKCS1_PADDING: Integer
2282
+
2283
+ SSLV23_PADDING: Integer
2284
+ end
2285
+
2286
+ class RSAError < OpenSSL::PKey::PKeyError
2287
+ end
2288
+ end
2289
+
2290
+ module Random
2291
+ def self.load_random_file: (String filename) -> true
2292
+
2293
+ def self.random_add: (String str, Numeric entropy) -> self
2294
+
2295
+ def self.random_bytes: (Integer length) -> String
2296
+
2297
+ def self.seed: (String seed) -> String
2298
+
2299
+ def self.status?: () -> bool
2300
+
2301
+ def self.write_random_file: (String filename) -> true
2302
+
2303
+ class RandomError < OpenSSL::OpenSSLError
2304
+ end
2305
+ end
2306
+
2307
+ module SSL
2308
+ def self.verify_certificate_identity: (X509::Certificate cert, String hostname) -> bool
2309
+
2310
+ def self.verify_hostname: (String hostname, String san) -> bool
2311
+
2312
+ def self.verify_wildcard: (String domain_component, String san_component) -> bool
2313
+
2314
+ OP_ALL: Integer
2315
+
2316
+ OP_ALLOW_NO_DHE_KEX: Integer
2317
+
2318
+ OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: Integer
2319
+
2320
+ OP_CIPHER_SERVER_PREFERENCE: Integer
2321
+
2322
+ OP_CRYPTOPRO_TLSEXT_BUG: Integer
2323
+
2324
+ OP_DONT_INSERT_EMPTY_FRAGMENTS: Integer
2325
+
2326
+ OP_EPHEMERAL_RSA: Integer
2327
+
2328
+ OP_LEGACY_SERVER_CONNECT: Integer
2329
+
2330
+ OP_MICROSOFT_BIG_SSLV3_BUFFER: Integer
2331
+
2332
+ OP_MICROSOFT_SESS_ID_BUG: Integer
2333
+
2334
+ OP_MSIE_SSLV2_RSA_PADDING: Integer
2335
+
2336
+ OP_NETSCAPE_CA_DN_BUG: Integer
2337
+
2338
+ OP_NETSCAPE_CHALLENGE_BUG: Integer
2339
+
2340
+ OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG: Integer
2341
+
2342
+ OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: Integer
2343
+
2344
+ OP_NO_COMPRESSION: Integer
2345
+
2346
+ OP_NO_ENCRYPT_THEN_MAC: Integer
2347
+
2348
+ OP_NO_RENEGOTIATION: Integer
2349
+
2350
+ OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION: Integer
2351
+
2352
+ OP_NO_SSLv2: Integer
2353
+
2354
+ OP_NO_SSLv3: Integer
2355
+
2356
+ OP_NO_TICKET: Integer
2357
+
2358
+ OP_NO_TLSv1: Integer
2359
+
2360
+ OP_NO_TLSv1_1: Integer
2361
+
2362
+ OP_NO_TLSv1_2: Integer
2363
+
2364
+ OP_NO_TLSv1_3: Integer
2365
+
2366
+ OP_PKCS1_CHECK_1: Integer
2367
+
2368
+ OP_PKCS1_CHECK_2: Integer
2369
+
2370
+ OP_SAFARI_ECDHE_ECDSA_BUG: Integer
2371
+
2372
+ OP_SINGLE_DH_USE: Integer
2373
+
2374
+ OP_SINGLE_ECDH_USE: Integer
2375
+
2376
+ OP_SSLEAY_080_CLIENT_DH_BUG: Integer
2377
+
2378
+ OP_SSLREF2_REUSE_CERT_TYPE_BUG: Integer
2379
+
2380
+ OP_TLSEXT_PADDING: Integer
2381
+
2382
+ OP_TLS_BLOCK_PADDING_BUG: Integer
2383
+
2384
+ OP_TLS_D5_BUG: Integer
2385
+
2386
+ OP_TLS_ROLLBACK_BUG: Integer
2387
+
2388
+ SSL2_VERSION: Integer
2389
+
2390
+ SSL3_VERSION: Integer
2391
+
2392
+ TLS1_1_VERSION: Integer
2393
+
2394
+ TLS1_2_VERSION: Integer
2395
+
2396
+ TLS1_3_VERSION: Integer
2397
+
2398
+ TLS1_VERSION: Integer
2399
+
2400
+ VERIFY_CLIENT_ONCE: Integer
2401
+
2402
+ VERIFY_FAIL_IF_NO_PEER_CERT: Integer
2403
+
2404
+ VERIFY_NONE: Integer
2405
+
2406
+ VERIFY_PEER: Integer
2407
+
2408
+ type tls_version = Symbol | Integer
2409
+
2410
+ type verify_mode = Integer
2411
+
2412
+ class SSLContext
2413
+ public
2414
+
2415
+ def add_certificate: (X509::Certificate certificate, PKey::PKey pkey, ?Array[X509::Certificate] extra_certs) -> self
2416
+
2417
+ def alpn_protocols: () -> Array[String]?
2418
+
2419
+ def alpn_protocols=: (Array[String]) -> Array[String]
2420
+
2421
+ def alpn_select_cb: () -> (^(Array[String]) -> String? | nil)
2422
+
2423
+ def alpn_select_cb=: (^(Array[String]) -> String? alpn_select_callback) -> void
2424
+
2425
+ def ca_file: () -> String
2426
+
2427
+ def ca_file=: (String ca_file) -> String
2428
+
2429
+ def ca_path: () -> String?
2430
+
2431
+ def ca_path=: (String ca_path) -> String
2432
+
2433
+ def cert: () -> X509::Certificate?
2434
+
2435
+ def cert=: ( X509::Certificate cert) -> X509::Certificate
2436
+
2437
+ def cert_store: () -> X509::Store?
2438
+
2439
+ def cert_store=: (X509::Store store) -> X509::Store
2440
+
2441
+ def ciphers: () -> Array[[String, String, Integer, Integer]]
2442
+
2443
+ def ciphers=: (Array[[String, String, Integer, Integer]] ciphers) -> void
2444
+ | (Array[String] ciphers) -> void
2445
+ | (String colon_sep_ciphers) -> void
2446
+
2447
+ def client_ca: () -> (Array[X509::Certificate] | X509::Certificate)
2448
+
2449
+ def client_ca=: (Array[X509::Certificate] | X509::Certificate client_ca) -> void
2450
+
2451
+ def client_cert_cb: () -> (^(Session) -> [X509::Certificate, PKey::PKey]? | nil)
2452
+
2453
+ def client_cert_cb=: (^(Session) -> [X509::Certificate, PKey::PKey]? client_cert_cb) -> void
2454
+
2455
+ def ecdh_curves=: (String ecdh_curves) -> String
2456
+
2457
+ def enable_fallback_scsv: () -> nil
2458
+
2459
+ def extra_chain_cert: () -> Array[X509::Certificate]?
2460
+
2461
+ def extra_chain_cert=: (Array[X509::Certificate] extra_certs) -> Array[X509::Certificate]
2462
+
2463
+ def flush_sessions: (Time time) -> self
2464
+
2465
+ alias freeze setup
2466
+
2467
+ def key: () -> PKey::PKey?
2468
+
2469
+ def key=: (PKey::PKey) -> PKey::PKey
2470
+
2471
+ def max_version=: (tls_version version) -> tls_version
2472
+
2473
+ def min_version=: (tls_version version) -> tls_version
2474
+
2475
+ def npn_protocols: () -> untyped
2476
+
2477
+ def npn_protocols=: (untyped) -> untyped
2478
+
2479
+ def npn_select_cb: () -> untyped
2480
+
2481
+ def npn_select_cb=: (untyped) -> untyped
2482
+
2483
+ def options: () -> Integer
2484
+
2485
+ def options=: (Integer ssl_options) -> Integer
2486
+
2487
+ def renegotiation_cb: () -> (^(SSLSocket) -> void | nil)
2488
+
2489
+ def renegotiation_cb=: (^(SSLSocket) -> void) -> void
2490
+
2491
+ def security_level: () -> Integer
2492
+
2493
+ def security_level=: (Integer sec_level) -> Integer
2494
+
2495
+ def servername_cb: () -> (^(SSLSocket, String) -> SSLContext? | nil)
2496
+
2497
+ def servername_cb=: (^(SSLSocket, String) -> SSLContext?) -> ^(SSLSocket, String) -> SSLContext?
2498
+
2499
+ def session_add: (Session) -> bool
2500
+
2501
+ def session_cache_mode: () -> Integer
2502
+
2503
+ def session_cache_mode=: (Integer) -> Integer
2504
+
2505
+ def session_cache_size: () -> Integer
2506
+
2507
+ def session_cache_size=: (Integer) -> Integer
2508
+
2509
+ def session_cache_stats: () -> Hash[Symbol, Integer]
2510
+
2511
+ def session_get_cb: () -> (^(SSLSocket, Integer) -> Session? | nil)
2512
+
2513
+ def session_get_cb=: (^(SSLSocket, Integer) -> Session?) -> void
2514
+
2515
+ def session_id_context: () -> Integer?
2516
+
2517
+ def session_id_context=: (Integer) -> Integer
2518
+
2519
+ def session_new_cb: () -> (^(SSLSocket) -> untyped | nil)
2520
+
2521
+ def session_new_cb=: (^(SSLSocket) -> untyped) -> ^(SSLSocket) -> untyped
2522
+
2523
+ def session_remove: (Session session) -> bool
2524
+
2525
+ def session_remove_cb: () -> (^(SSLContext, Session) -> void | nil)
2526
+
2527
+ def session_remove_cb=: (^(SSLContext, Session) -> void ) -> void
2528
+
2529
+ def set_params: (?untyped params) -> untyped
2530
+
2531
+ def setup: () -> untyped
2532
+
2533
+ alias ssl_timeout timeout
2534
+
2535
+ alias ssl_timeout= timeout=
2536
+
2537
+ def ssl_version=: (tls_version meth) -> tls_version
2538
+
2539
+ def timeout: () -> Integer?
2540
+
2541
+ def timeout=: (Integer) -> Integer
2542
+
2543
+ def tmp_dh_callback: () -> (^(Session, Integer, Integer) -> PKey::DH | nil)
2544
+
2545
+ def tmp_dh_callback=: (^(Session, Integer, Integer) -> PKey::DH) -> void
2546
+
2547
+ def verify_callback: () -> (^(bool, X509::StoreContext) -> untyped | nil)
2548
+
2549
+ def verify_callback=: (^(bool, X509::StoreContext) -> untyped) -> void
2550
+
2551
+ def verify_depth: () -> Integer?
2552
+
2553
+ def verify_depth=: (Integer) -> Integer
2554
+
2555
+ def verify_hostname: () -> bool?
2556
+
2557
+ def verify_hostname=: [U] (boolish) -> U
2558
+
2559
+ def verify_mode: () -> verify_mode?
2560
+
2561
+ def verify_mode=: (verify_mode) -> verify_mode
2562
+
2563
+ private
2564
+
2565
+ def initialize: (?tls_version version) -> void
2566
+
2567
+ def set_minmax_proto_version: (untyped, untyped) -> untyped
2568
+
2569
+ DEFAULT_CERT_STORE: X509::Store
2570
+
2571
+ DEFAULT_PARAMS: Hash[Symbol, untyped]
2572
+
2573
+ DEFAULT_TMP_DH_CALLBACK: Proc
2574
+
2575
+ METHODS: Array[Symbol]
2576
+
2577
+ SESSION_CACHE_BOTH: Integer
2578
+
2579
+ SESSION_CACHE_CLIENT: Integer
2580
+
2581
+ SESSION_CACHE_NO_AUTO_CLEAR: Integer
2582
+
2583
+ SESSION_CACHE_NO_INTERNAL: Integer
2584
+
2585
+ SESSION_CACHE_NO_INTERNAL_LOOKUP: Integer
2586
+
2587
+ SESSION_CACHE_NO_INTERNAL_STORE: Integer
2588
+
2589
+ SESSION_CACHE_OFF: Integer
2590
+
2591
+ SESSION_CACHE_SERVER: Integer
2592
+ end
2593
+
2594
+ class SSLError < OpenSSL::OpenSSLError
2595
+ end
2596
+
2597
+ class SSLErrorWaitReadable < OpenSSL::SSL::SSLError
2598
+ include IO::WaitReadable
2599
+ end
2600
+
2601
+ class SSLErrorWaitWritable < OpenSSL::SSL::SSLError
2602
+ include IO::WaitWritable
2603
+ end
2604
+
2605
+ class SSLServer
2606
+ include OpenSSL::SSL::SocketForwarder
2607
+
2608
+ public
2609
+
2610
+ def accept: () -> SSLSocket
2611
+
2612
+ def close: () -> nil
2613
+
2614
+ def listen: (Integer backlog) -> void
2615
+
2616
+ def shutdown: (Symbol | String | Integer how) -> void
2617
+
2618
+ def start_immediately: () -> bool
2619
+
2620
+ def start_immediately=: [U] (boolish) -> U
2621
+
2622
+ def to_io: () -> (TCPServer | UNIXServer)
2623
+
2624
+ private
2625
+
2626
+ def initialize: (TCPServer | UNIXServer svr, untyped ctx) -> void
2627
+ end
2628
+
2629
+ class SSLSocket
2630
+ include OpenSSL::SSL::SocketForwarder
2631
+
2632
+ include OpenSSL::Buffering
2633
+
2634
+ def self.open: (untyped remote_host, untyped remote_port, ?untyped local_host, ?untyped local_port, ?context: untyped) -> untyped
2635
+
2636
+ public
2637
+
2638
+ def accept: () -> self
2639
+
2640
+ def accept_nonblock: (?exception: true) -> self
2641
+ | (exception: false) -> (self | :wait_readable | :wait_writable)
2642
+
2643
+ def alpn_protocol: () -> String?
2644
+
2645
+ def cert: () -> X509::Certificate?
2646
+
2647
+ def cipher: () -> [String, String, Integer, Integer]?
2648
+
2649
+ def client_ca: () -> (Array[X509::Name] | Array[X509::Certificate] | X509::Certificate)
2650
+
2651
+ def connect: () -> self
2652
+
2653
+ def connect_nonblock: (?exception: true) -> self
2654
+ | (exception: false) -> (self | :wait_readable | :wait_writable)
2655
+
2656
+ def context: () -> SSLContext
2657
+
2658
+ def finished_message: () -> String?
2659
+
2660
+ def hostname: () -> String?
2661
+
2662
+ def hostname=: (String) -> String
2663
+
2664
+ def io: () -> BasicSocket
2665
+
2666
+ def npn_protocol: () -> String?
2667
+
2668
+ def peer_cert: () -> X509::Certificate?
2669
+
2670
+ def peer_cert_chain: () -> Array[X509::Certificate]?
2671
+
2672
+ def peer_finished_message: () -> String?
2673
+
2674
+ def pending: () -> Integer
2675
+
2676
+ def post_connection_check: (String hostname) -> true
2677
+
2678
+ def session: () -> Session?
2679
+
2680
+ def session=: (Session) -> Session
2681
+
2682
+ def session_reused?: () -> bool
2683
+
2684
+ def ssl_version: () -> tls_version
2685
+
2686
+ def state: () -> String
2687
+
2688
+ def sync_close: () -> bool
2689
+
2690
+ def sync_close=: [U] (boolish) -> U
2691
+
2692
+ def sysclose: () -> nil
2693
+
2694
+ def sysread: (Integer length, ?String buffer) -> String
2695
+
2696
+ def syswrite: (String data) -> Integer
2697
+
2698
+ def tmp_key: () -> PKey::PKey?
2699
+
2700
+ alias to_io io
2701
+
2702
+ def verify_result: () -> Integer
2703
+
2704
+ private
2705
+
2706
+ def client_cert_cb: () -> untyped
2707
+
2708
+ def initialize: (*untyped) -> void
2709
+
2710
+ def session_get_cb: () -> untyped
2711
+
2712
+ def session_new_cb: () -> untyped
2713
+
2714
+ def stop: () -> untyped
2715
+
2716
+ def sysread_nonblock: (*untyped) -> untyped
2717
+
2718
+ def syswrite_nonblock: (*untyped) -> untyped
2719
+
2720
+ def tmp_dh_callback: () -> untyped
2721
+
2722
+ def tmp_ecdh_callback: () -> untyped
2723
+
2724
+ def using_anon_cipher?: () -> untyped
2725
+ end
2726
+
2727
+ class Session
2728
+ public
2729
+
2730
+ def ==: (instance other) -> bool
2731
+
2732
+ def id: () -> String
2733
+
2734
+ def time: () -> Time
2735
+
2736
+ def time=: (Time | Integer start_time) -> Time
2737
+
2738
+ def timeout: () -> Integer
2739
+
2740
+ def timeout=: (Integer timeout) -> Integer
2741
+
2742
+ def to_der: () -> String
2743
+
2744
+ def to_pem: () -> String
2745
+
2746
+ def to_text: () -> String
2747
+
2748
+ private
2749
+
2750
+ def initialize: (SSLSocket | String sock_or_str) -> void
2751
+
2752
+ def initialize_copy: (instance) -> void
2753
+
2754
+ class SessionError < OpenSSL::OpenSSLError
2755
+ end
2756
+ end
2757
+
2758
+ module SocketForwarder
2759
+ public
2760
+
2761
+ def addr: () -> Addrinfo?
2762
+
2763
+ def closed?: () -> untyped
2764
+
2765
+ def do_not_reverse_lookup=: (boolish flag) -> boolish
2766
+
2767
+ def fcntl: (*untyped args) -> untyped
2768
+
2769
+ def fileno: () -> Integer
2770
+
2771
+ def getsockopt: (Symbol | Integer level, Symbol | Integer optname) -> (Integer | boolish | String)
2772
+
2773
+ def peeraddr: () -> untyped
2774
+
2775
+ def setsockopt: (untyped level, untyped optname, untyped optval) -> untyped
2776
+ end
2777
+ end
2778
+
2779
+ module Timestamp
2780
+ class Factory
2781
+ public
2782
+
2783
+ def additional_certs: () -> Array[X509::Certificate]?
2784
+
2785
+ def additional_certs=: (Array[X509::Certificate]? certs) -> Array[X509::Certificate]?
2786
+
2787
+ def allowed_digests: () -> Array[String | Digest]?
2788
+
2789
+ def allowed_digests=: (Array[String | Digest]) -> Array[String | Digest]
2790
+
2791
+ def create_timestamp: (PKey::PKey key, X509::Certificate cert, Request request) -> Response
2792
+
2793
+ def default_policy_id: () -> String?
2794
+
2795
+ def default_policy_id=: (String) -> String
2796
+
2797
+ def gen_time: () -> Time?
2798
+
2799
+ def gen_time=: (Time) -> Time
2800
+
2801
+ def serial_number: () -> Integer?
2802
+
2803
+ def serial_number=: (Integer) -> Integer
2804
+ end
2805
+
2806
+ class Request
2807
+ public
2808
+
2809
+ def algorithm: () -> String
2810
+
2811
+ def algorithm=: (String) -> String
2812
+
2813
+ def cert_requested=: [U] (boolish) -> U
2814
+
2815
+ def cert_requested?: () -> bool
2816
+
2817
+ def message_imprint: () -> String?
2818
+
2819
+ def message_imprint=: (String) -> String
2820
+
2821
+ def nonce: () -> BN?
2822
+
2823
+ def nonce=: (bn nonce) -> BN
2824
+
2825
+ def policy_id: () -> String?
2826
+
2827
+ def policy_id=: (String policy_id) -> String
2828
+
2829
+ def to_der: () -> String
2830
+
2831
+ def version: () -> Integer
2832
+
2833
+ def version=: (Integer) -> Integer
2834
+
2835
+ private
2836
+
2837
+ def initialize: (?(File | String) request_der) -> void
2838
+ end
2839
+
2840
+ class Response
2841
+ public
2842
+
2843
+ def failure_info: () -> Symbol?
2844
+
2845
+ def status: () -> BN
2846
+
2847
+ def status_text: () -> Array[String]?
2848
+
2849
+ def to_der: () -> String
2850
+
2851
+ def token: () -> PKCS7?
2852
+
2853
+ def token_info: () -> TokenInfo?
2854
+
2855
+ def tsa_certificate: () -> X509::Certificate?
2856
+
2857
+ def verify: (Request request, X509::Store store, ?X509::Certificate intermediate_cert) -> instance
2858
+
2859
+ private
2860
+
2861
+ def initialize: (File | String response_der) -> void
2862
+
2863
+ GRANTED: Integer
2864
+
2865
+ GRANTED_WITH_MODS: Integer
2866
+
2867
+ REJECTION: Integer
2868
+
2869
+ REVOCATION_NOTIFICATION: Integer
2870
+
2871
+ REVOCATION_WARNING: Integer
2872
+
2873
+ WAITING: Integer
2874
+ end
2875
+
2876
+ class TimestampError < OpenSSL::OpenSSLError
2877
+ end
2878
+
2879
+ class TokenInfo
2880
+ public
2881
+
2882
+ def algorithm: () -> String?
2883
+
2884
+ def gen_time: () -> Time
2885
+
2886
+ def message_imprint: () -> String
2887
+
2888
+ def nonce: () -> BN?
2889
+
2890
+ def ordering: () -> bool?
2891
+
2892
+ def policy_id: () -> String?
2893
+
2894
+ def serial_number: () -> BN?
2895
+
2896
+ def to_der: () -> String
2897
+
2898
+ def version: () -> Integer
2899
+
2900
+ private
2901
+
2902
+ def initialize: (File | String token_der) -> void
2903
+ end
2904
+ end
2905
+
2906
+ module X509
2907
+ DEFAULT_CERT_AREA: String
2908
+
2909
+ DEFAULT_CERT_DIR: String
2910
+
2911
+ DEFAULT_CERT_DIR_ENV: String
2912
+
2913
+ DEFAULT_CERT_FILE: String
2914
+
2915
+ DEFAULT_CERT_FILE_ENV: String
2916
+
2917
+ DEFAULT_PRIVATE_DIR: String
2918
+
2919
+ PURPOSE_ANY: Integer
2920
+
2921
+ PURPOSE_CRL_SIGN: Integer
2922
+
2923
+ PURPOSE_NS_SSL_SERVER: Integer
2924
+
2925
+ PURPOSE_OCSP_HELPER: Integer
2926
+
2927
+ PURPOSE_SMIME_ENCRYPT: Integer
2928
+
2929
+ PURPOSE_SMIME_SIGN: Integer
2930
+
2931
+ PURPOSE_SSL_CLIENT: Integer
2932
+
2933
+ PURPOSE_SSL_SERVER: Integer
2934
+
2935
+ PURPOSE_TIMESTAMP_SIGN: Integer
2936
+
2937
+ TRUST_COMPAT: Integer
2938
+
2939
+ TRUST_EMAIL: Integer
2940
+
2941
+ TRUST_OBJECT_SIGN: Integer
2942
+
2943
+ TRUST_OCSP_REQUEST: Integer
2944
+
2945
+ TRUST_OCSP_SIGN: Integer
2946
+
2947
+ TRUST_SSL_CLIENT: Integer
2948
+
2949
+ TRUST_SSL_SERVER: Integer
2950
+
2951
+ TRUST_TSA: Integer
2952
+
2953
+ V_ERR_AKID_ISSUER_SERIAL_MISMATCH: Integer
2954
+
2955
+ V_ERR_AKID_SKID_MISMATCH: Integer
2956
+
2957
+ V_ERR_APPLICATION_VERIFICATION: Integer
2958
+
2959
+ V_ERR_CA_KEY_TOO_SMALL: Integer
2960
+
2961
+ V_ERR_CA_MD_TOO_WEAK: Integer
2962
+
2963
+ V_ERR_CERT_CHAIN_TOO_LONG: Integer
2964
+
2965
+ V_ERR_CERT_HAS_EXPIRED: Integer
2966
+
2967
+ V_ERR_CERT_NOT_YET_VALID: Integer
2968
+
2969
+ V_ERR_CERT_REJECTED: Integer
2970
+
2971
+ V_ERR_CERT_REVOKED: Integer
2972
+
2973
+ V_ERR_CERT_SIGNATURE_FAILURE: Integer
2974
+
2975
+ V_ERR_CERT_UNTRUSTED: Integer
2976
+
2977
+ V_ERR_CRL_HAS_EXPIRED: Integer
2978
+
2979
+ V_ERR_CRL_NOT_YET_VALID: Integer
2980
+
2981
+ V_ERR_CRL_PATH_VALIDATION_ERROR: Integer
2982
+
2983
+ V_ERR_CRL_SIGNATURE_FAILURE: Integer
2984
+
2985
+ V_ERR_DANE_NO_MATCH: Integer
2986
+
2987
+ V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: Integer
2988
+
2989
+ V_ERR_DIFFERENT_CRL_SCOPE: Integer
2990
+
2991
+ V_ERR_EE_KEY_TOO_SMALL: Integer
2992
+
2993
+ V_ERR_EMAIL_MISMATCH: Integer
2994
+
2995
+ V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: Integer
2996
+
2997
+ V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: Integer
2998
+
2999
+ V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: Integer
3000
+
3001
+ V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: Integer
3002
+
3003
+ V_ERR_EXCLUDED_VIOLATION: Integer
3004
+
3005
+ V_ERR_HOSTNAME_MISMATCH: Integer
3006
+
3007
+ V_ERR_INVALID_CA: Integer
3008
+
3009
+ V_ERR_INVALID_CALL: Integer
3010
+
3011
+ V_ERR_INVALID_EXTENSION: Integer
3012
+
3013
+ V_ERR_INVALID_NON_CA: Integer
3014
+
3015
+ V_ERR_INVALID_POLICY_EXTENSION: Integer
3016
+
3017
+ V_ERR_INVALID_PURPOSE: Integer
3018
+
3019
+ V_ERR_IP_ADDRESS_MISMATCH: Integer
3020
+
3021
+ V_ERR_KEYUSAGE_NO_CERTSIGN: Integer
3022
+
3023
+ V_ERR_KEYUSAGE_NO_CRL_SIGN: Integer
3024
+
3025
+ V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE: Integer
3026
+
3027
+ V_ERR_NO_EXPLICIT_POLICY: Integer
3028
+
3029
+ V_ERR_NO_VALID_SCTS: Integer
3030
+
3031
+ V_ERR_OCSP_CERT_UNKNOWN: Integer
3032
+
3033
+ V_ERR_OCSP_VERIFY_FAILED: Integer
3034
+
3035
+ V_ERR_OCSP_VERIFY_NEEDED: Integer
3036
+
3037
+ V_ERR_OUT_OF_MEM: Integer
3038
+
3039
+ V_ERR_PATH_LENGTH_EXCEEDED: Integer
3040
+
3041
+ V_ERR_PATH_LOOP: Integer
3042
+
3043
+ V_ERR_PERMITTED_VIOLATION: Integer
3044
+
3045
+ V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: Integer
3046
+
3047
+ V_ERR_PROXY_PATH_LENGTH_EXCEEDED: Integer
3048
+
3049
+ V_ERR_PROXY_SUBJECT_NAME_VIOLATION: Integer
3050
+
3051
+ V_ERR_SELF_SIGNED_CERT_IN_CHAIN: Integer
3052
+
3053
+ V_ERR_STORE_LOOKUP: Integer
3054
+
3055
+ V_ERR_SUBJECT_ISSUER_MISMATCH: Integer
3056
+
3057
+ V_ERR_SUBTREE_MINMAX: Integer
3058
+
3059
+ V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256: Integer
3060
+
3061
+ V_ERR_SUITE_B_INVALID_ALGORITHM: Integer
3062
+
3063
+ V_ERR_SUITE_B_INVALID_CURVE: Integer
3064
+
3065
+ V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM: Integer
3066
+
3067
+ V_ERR_SUITE_B_INVALID_VERSION: Integer
3068
+
3069
+ V_ERR_SUITE_B_LOS_NOT_ALLOWED: Integer
3070
+
3071
+ V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: Integer
3072
+
3073
+ V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: Integer
3074
+
3075
+ V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: Integer
3076
+
3077
+ V_ERR_UNABLE_TO_GET_CRL: Integer
3078
+
3079
+ V_ERR_UNABLE_TO_GET_CRL_ISSUER: Integer
3080
+
3081
+ V_ERR_UNABLE_TO_GET_ISSUER_CERT: Integer
3082
+
3083
+ V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: Integer
3084
+
3085
+ V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: Integer
3086
+
3087
+ V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: Integer
3088
+
3089
+ V_ERR_UNHANDLED_CRITICAL_EXTENSION: Integer
3090
+
3091
+ V_ERR_UNNESTED_RESOURCE: Integer
3092
+
3093
+ V_ERR_UNSPECIFIED: Integer
3094
+
3095
+ V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: Integer
3096
+
3097
+ V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: Integer
3098
+
3099
+ V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Integer
3100
+
3101
+ V_ERR_UNSUPPORTED_NAME_SYNTAX: Integer
3102
+
3103
+ V_FLAG_ALLOW_PROXY_CERTS: Integer
3104
+
3105
+ V_FLAG_CHECK_SS_SIGNATURE: Integer
3106
+
3107
+ V_FLAG_CRL_CHECK: Integer
3108
+
3109
+ V_FLAG_CRL_CHECK_ALL: Integer
3110
+
3111
+ V_FLAG_EXPLICIT_POLICY: Integer
3112
+
3113
+ V_FLAG_EXTENDED_CRL_SUPPORT: Integer
3114
+
3115
+ V_FLAG_IGNORE_CRITICAL: Integer
3116
+
3117
+ V_FLAG_INHIBIT_ANY: Integer
3118
+
3119
+ V_FLAG_INHIBIT_MAP: Integer
3120
+
3121
+ V_FLAG_NOTIFY_POLICY: Integer
3122
+
3123
+ V_FLAG_NO_ALT_CHAINS: Integer
3124
+
3125
+ V_FLAG_NO_CHECK_TIME: Integer
3126
+
3127
+ V_FLAG_PARTIAL_CHAIN: Integer
3128
+
3129
+ V_FLAG_POLICY_CHECK: Integer
3130
+
3131
+ V_FLAG_SUITEB_128_LOS: Integer
3132
+
3133
+ V_FLAG_SUITEB_128_LOS_ONLY: Integer
3134
+
3135
+ V_FLAG_SUITEB_192_LOS: Integer
3136
+
3137
+ V_FLAG_TRUSTED_FIRST: Integer
3138
+
3139
+ V_FLAG_USE_CHECK_TIME: Integer
3140
+
3141
+ V_FLAG_USE_DELTAS: Integer
3142
+
3143
+ V_FLAG_X509_STRICT: Integer
3144
+
3145
+ V_OK: Integer
3146
+
3147
+ class Attribute
3148
+ include OpenSSL::Marshal
3149
+
3150
+ extend OpenSSL::Marshal::ClassMethods
3151
+
3152
+ public
3153
+
3154
+ def ==: (instance other) -> bool
3155
+
3156
+ def oid: () -> String
3157
+
3158
+ def oid=: (String) -> String
3159
+
3160
+ def to_der: () -> String
3161
+
3162
+ def value: () -> ASN1::Set
3163
+
3164
+ def value=: (ASN1::ASN1Data) -> ASN1::Set
3165
+
3166
+ private
3167
+
3168
+ def initialize: (String der) -> void
3169
+ | (String oid, ASN1::ASN1Data value) -> void
3170
+
3171
+ def initialize_copy: (instance) -> void
3172
+ end
3173
+
3174
+ class AttributeError < OpenSSL::OpenSSLError
3175
+ end
3176
+
3177
+ class CRL
3178
+ include OpenSSL::X509::Extension::AuthorityKeyIdentifier
3179
+
3180
+ include OpenSSL::Marshal
3181
+
3182
+ extend OpenSSL::Marshal::ClassMethods
3183
+
3184
+ public
3185
+
3186
+ def ==: (instance other) -> bool
3187
+
3188
+ def add_extension: (Extension ext) -> Extension
3189
+
3190
+ def add_revoked: (Revoked revoked) -> Revoked
3191
+
3192
+ def extensions: () -> Array[Extension]
3193
+
3194
+ def extensions=: (Array[Extension] extensions) -> Array[Extension]
3195
+
3196
+ def issuer: () -> X509::Name
3197
+
3198
+ def issuer=: (X509::Name issuer) -> X509::Name
3199
+
3200
+ def last_update: () -> Time?
3201
+
3202
+ def last_update=: (Time last_update) -> Time
3203
+
3204
+ def next_update: () -> Time?
3205
+
3206
+ def next_update=: (Time next_update) -> Time
3207
+
3208
+ def revoked: () -> Array[Revoked]
3209
+
3210
+ def revoked=: (Array[Revoked]) -> Array[Revoked]
3211
+
3212
+ def sign: (PKey::PKey key, Digest digest) -> String
3213
+
3214
+ def signature_algorithm: () -> String
3215
+
3216
+ def to_der: () -> String
3217
+
3218
+ def to_pem: () -> String
3219
+
3220
+ alias to_s to_pem
3221
+
3222
+ def to_text: () -> String
3223
+
3224
+ def verify: (PKey::PKey key) -> bool
3225
+
3226
+ def version: () -> Integer
3227
+
3228
+ def version=: (Integer) -> Integer
3229
+
3230
+ private
3231
+
3232
+ def initialize: (?String der) -> void
3233
+
3234
+ def initialize_copy: (instance) -> void
3235
+ end
3236
+
3237
+ class CRLError < OpenSSL::OpenSSLError
3238
+ end
3239
+
3240
+ class Certificate
3241
+ include OpenSSL::X509::Extension::AuthorityInfoAccess
3242
+
3243
+ include OpenSSL::X509::Extension::CRLDistributionPoints
3244
+
3245
+ include OpenSSL::X509::Extension::AuthorityKeyIdentifier
3246
+
3247
+ include OpenSSL::X509::Extension::SubjectKeyIdentifier
3248
+
3249
+ include OpenSSL::Marshal
3250
+
3251
+ extend OpenSSL::Marshal::ClassMethods
3252
+
3253
+ public
3254
+
3255
+ def ==: (instance other) -> bool
3256
+
3257
+ def add_extension: (Extension ext) -> Extension
3258
+
3259
+ def check_private_key: (PKey::PKey key) -> bool
3260
+
3261
+ def extensions: () -> Array[Extension]
3262
+
3263
+ def extensions=: (Array[Extension]) -> Array[Extension]
3264
+
3265
+ def inspect: () -> String
3266
+
3267
+ def issuer: () -> Name
3268
+
3269
+ def issuer=: (Name) -> Name
3270
+
3271
+ def not_after: () -> Time?
3272
+
3273
+ def not_after=: (Time) -> Time
3274
+
3275
+ def not_before: () -> Time?
3276
+
3277
+ def not_before=: (Time) -> Time
3278
+
3279
+ def pretty_print: (untyped q) -> untyped
3280
+
3281
+ def public_key: () -> PKey::PKey
3282
+
3283
+ def public_key=: (PKey::PKey pkey) -> PKey::PKey
3284
+
3285
+ def serial: () -> BN
3286
+
3287
+ def serial=: (bn serial) -> bn
3288
+
3289
+ def sign: (PKey::PKey key, String digest) -> String
3290
+
3291
+ def signature_algorithm: () -> String
3292
+
3293
+ def subject: () -> Name
3294
+
3295
+ def subject=: (Name) -> Name
3296
+
3297
+ def to_der: () -> String
3298
+
3299
+ def to_pem: () -> String
3300
+
3301
+ alias to_s to_pem
3302
+
3303
+ def to_text: () -> String
3304
+
3305
+ def verify: (PKey::PKey key) -> bool
3306
+
3307
+ def version: () -> Integer
3308
+
3309
+ def version=: (Integer) -> Integer
3310
+
3311
+ private
3312
+
3313
+ def initialize: (?String pem) -> void
3314
+
3315
+ def initialize_copy: (instance) -> void
3316
+ end
3317
+
3318
+ class CertificateError < OpenSSL::OpenSSLError
3319
+ end
3320
+
3321
+ class Extension
3322
+ include OpenSSL::Marshal
3323
+
3324
+ extend OpenSSL::Marshal::ClassMethods
3325
+
3326
+ public
3327
+
3328
+ def ==: (instance other) -> bool
3329
+
3330
+ def critical=: [U] (boolish) -> U
3331
+
3332
+ def critical?: () -> bool
3333
+
3334
+ def oid: () -> String
3335
+
3336
+ def oid=: (String oid) -> String
3337
+
3338
+ def to_a: () -> [String, String, bool]
3339
+
3340
+ def to_der: () -> String
3341
+
3342
+ def to_h: () -> Hash[String, untyped]
3343
+
3344
+ def to_s: () -> String
3345
+
3346
+ def value: () -> String
3347
+
3348
+ def value=: (String | ASN1::_ToDer data) -> String
3349
+
3350
+ def value_der: () -> String
3351
+
3352
+ private
3353
+
3354
+ def initialize: (String der) -> void
3355
+ | (String oid, String value, ?boolish critical) -> void
3356
+
3357
+ def initialize_copy: (instance) -> void
3358
+
3359
+ module AuthorityInfoAccess
3360
+ include OpenSSL::X509::Extension::Helpers
3361
+
3362
+ public
3363
+
3364
+ def ca_issuer_uris: () -> Array[String]?
3365
+
3366
+ def ocsp_uris: () -> Array[String]?
3367
+
3368
+ private
3369
+
3370
+ def parse_aia_asn1: () -> untyped
3371
+ end
3372
+
3373
+ module AuthorityKeyIdentifier
3374
+ include OpenSSL::X509::Extension::Helpers
3375
+
3376
+ public
3377
+
3378
+ def authority_key_identifier: () -> String?
3379
+ end
3380
+
3381
+ module CRLDistributionPoints
3382
+ include OpenSSL::X509::Extension::Helpers
3383
+
3384
+ public
3385
+
3386
+ def crl_uris: () -> Array[String]?
3387
+ end
3388
+
3389
+ module Helpers
3390
+ public
3391
+
3392
+ def find_extension: (String oid) -> Extension?
3393
+ end
3394
+
3395
+ module SubjectKeyIdentifier
3396
+ include OpenSSL::X509::Extension::Helpers
3397
+
3398
+ public
3399
+
3400
+ def subject_key_identifier: () -> String?
3401
+ end
3402
+ end
3403
+
3404
+ class ExtensionError < OpenSSL::OpenSSLError
3405
+ end
3406
+
3407
+ class ExtensionFactory
3408
+ public
3409
+
3410
+ def config: () -> Config?
3411
+
3412
+ def config=: (Config config) -> Config
3413
+
3414
+ def create_ext: (String oid, String value, ?boolish critical) -> Extension
3415
+
3416
+ def create_ext_from_array: ([String, String] | [String, String, boolish] ary) -> Extension
3417
+
3418
+ def create_ext_from_hash: (Hash[String, String | boolish] hash) -> Extension
3419
+
3420
+ def create_ext_from_string: (String str) -> Extension
3421
+
3422
+ def create_extension: (String oid, String value, ?boolish critical) -> Extension
3423
+
3424
+ def crl: () -> CRL?
3425
+
3426
+ def crl=: (CRL crl) -> CRL
3427
+
3428
+ def issuer_certificate: () -> Certificate?
3429
+
3430
+ def issuer_certificate=: (Certificate cert) -> Certificate
3431
+
3432
+ def subject_certificate: () -> Certificate?
3433
+
3434
+ def subject_certificate=: (Certificate cert) -> Certificate
3435
+
3436
+ def subject_request: () -> Request?
3437
+
3438
+ def subject_request=: (Request request) -> Request
3439
+
3440
+ private
3441
+
3442
+ def initialize: (?Certificate? issuer_cert, ?Certificate? subject_cert, ?Request? request, ?CRL? crl) -> void
3443
+ end
3444
+
3445
+ class Name
3446
+ type distinguished_name = [String, String]
3447
+
3448
+ type template = Hash[String, Integer]
3449
+
3450
+ include OpenSSL::Marshal
3451
+
3452
+ include Comparable
3453
+
3454
+ extend OpenSSL::Marshal::ClassMethods
3455
+
3456
+ alias self.parse self.parse_openssl
3457
+
3458
+ def self.parse_openssl: (String str, ?template template) -> instance
3459
+
3460
+ def self.parse_rfc2253: (String str, ?template template) -> instance
3461
+
3462
+ public
3463
+
3464
+ alias <=> cmp
3465
+
3466
+ def add_entry: (String oid, String value, ?loc: Integer, ?set: Integer) -> self
3467
+
3468
+ def cmp: (untyped other) -> Integer?
3469
+
3470
+ def eql?: (instance other) -> bool
3471
+
3472
+ def hash: () -> Integer
3473
+
3474
+ def hash_old: () -> Integer
3475
+
3476
+ def inspect: () -> String
3477
+
3478
+ def pretty_print: (untyped q) -> untyped
3479
+
3480
+ def to_a: () -> Array[[String, String, Integer]]
3481
+
3482
+ def to_der: () -> String
3483
+
3484
+ def to_s: (?format format) -> String
3485
+
3486
+ def to_utf8: () -> String
3487
+
3488
+ private
3489
+
3490
+ def initialize: (distinguished_name name, template template) -> void
3491
+ | (Array[distinguished_name] names) -> void
3492
+ | (?String der) -> void
3493
+
3494
+ def initialize_copy: (instance) -> void
3495
+
3496
+ COMPAT: Integer
3497
+
3498
+ DEFAULT_OBJECT_TYPE: Integer
3499
+
3500
+ MULTILINE: Integer
3501
+
3502
+ OBJECT_TYPE_TEMPLATE: template
3503
+
3504
+ ONELINE: Integer
3505
+
3506
+ RFC2253: Integer
3507
+
3508
+ type format = Integer
3509
+
3510
+ module RFC2253DN
3511
+ def self.expand_hexstring: (untyped str) -> untyped
3512
+
3513
+ def self.expand_pair: (untyped str) -> untyped
3514
+
3515
+ def self.expand_value: (untyped str1, untyped str2, untyped str3) -> untyped
3516
+
3517
+ def self.scan: (untyped dn) -> untyped
3518
+
3519
+ private
3520
+
3521
+ def expand_hexstring: (untyped str) -> untyped
3522
+
3523
+ def expand_pair: (untyped str) -> untyped
3524
+
3525
+ def expand_value: (untyped str1, untyped str2, untyped str3) -> untyped
3526
+
3527
+ def scan: (String dn) -> Array[distinguished_name]
3528
+
3529
+ AttributeType: Regexp
3530
+
3531
+ AttributeValue: Regexp
3532
+
3533
+ HexChar: Regexp
3534
+
3535
+ HexPair: Regexp
3536
+
3537
+ HexString: Regexp
3538
+
3539
+ Pair: Regexp
3540
+
3541
+ QuoteChar: Regexp
3542
+
3543
+ Special: String
3544
+
3545
+ StringChar: Regexp
3546
+
3547
+ TypeAndValue: Regexp
3548
+ end
3549
+ end
3550
+
3551
+ class NameError < OpenSSL::OpenSSLError
3552
+ end
3553
+
3554
+ class Request
3555
+ include OpenSSL::Marshal
3556
+
3557
+ extend OpenSSL::Marshal::ClassMethods
3558
+
3559
+ public
3560
+
3561
+ def ==: (untyped other) -> bool
3562
+
3563
+ def add_attribute: (Attribute attribute) -> Attribute
3564
+
3565
+ def attributes: () -> Array[Attribute]
3566
+
3567
+ def attributes=: (Array[Attribute] attributes) -> Array[Attribute]
3568
+
3569
+ def public_key: () -> PKey::PKey
3570
+
3571
+ def public_key=: (PKey::PKey public_key) -> PKey::PKey
3572
+
3573
+ def sign: (PKey::PKey key, Digest | String digest) -> String
3574
+
3575
+ def signature_algorithm: () -> String
3576
+
3577
+ def subject: () -> Name
3578
+
3579
+ def subject=: (Name subject) -> Name
3580
+
3581
+ def to_der: () -> String
3582
+
3583
+ def to_pem: () -> String
3584
+
3585
+ alias to_s to_pem
3586
+
3587
+ def to_text: () -> String
3588
+
3589
+ def verify: (PKey::PKey key) -> bool
3590
+
3591
+ def version: () -> Integer
3592
+
3593
+ def version=: (Integer version) -> Integer
3594
+
3595
+ private
3596
+
3597
+ def initialize: (?String der) -> void
3598
+
3599
+ def initialize_copy: (instance) -> void
3600
+ end
3601
+
3602
+ class RequestError < OpenSSL::OpenSSLError
3603
+ end
3604
+
3605
+ class Revoked
3606
+ public
3607
+
3608
+ def ==: (untyped other) -> bool
3609
+
3610
+ def add_extension: (Extension ext) -> Extension
3611
+
3612
+ def extensions: () -> Array[Extension]
3613
+
3614
+ def extensions=: (Array[Extension] extensions) -> Array[Extension]
3615
+
3616
+ def serial: () -> Integer
3617
+
3618
+ def serial=: (Integer integer) -> Integer
3619
+
3620
+ def time: () -> Time?
3621
+
3622
+ def time=: (Time time) -> Time
3623
+
3624
+ def to_der: () -> String
3625
+
3626
+ private
3627
+
3628
+ def initialize: (*untyped) -> void
3629
+
3630
+ def initialize_copy: (instance) -> void
3631
+ end
3632
+
3633
+ class RevokedError < OpenSSL::OpenSSLError
3634
+ end
3635
+
3636
+ class Store
3637
+ public
3638
+
3639
+ def add_cert: (Certificate certificate) -> self
3640
+
3641
+ def add_crl: (CRL crl) -> self
3642
+
3643
+ def add_file: (String file) -> self
3644
+
3645
+ def add_path: (String path) -> self
3646
+
3647
+ def chain: () -> Array[Certificate]?
3648
+
3649
+ def error: () -> Integer?
3650
+
3651
+ def error_string: () -> String?
3652
+
3653
+ def flags=: (Integer flags) -> Integer
3654
+
3655
+ def purpose=: (Integer purpose) -> Integer
3656
+
3657
+ def set_default_paths: () -> nil
3658
+
3659
+ def time=: (Time time) -> Time
3660
+
3661
+ def trust=: (Integer trust) -> Integer
3662
+
3663
+ def verify: (Certificate certificate, ?Array[Certificate] chain) ?{ (bool preverify_ok, StoreContext store_ctx) -> boolish } -> boolish
3664
+
3665
+ def verify_callback: () -> (^(bool preverify_ok, StoreContext store_ctx) -> boolish | nil)
3666
+
3667
+ def verify_callback=: [U] (^(bool preverify_ok, StoreContext store_ctx) -> boolish) -> U
3668
+
3669
+ private
3670
+
3671
+ def initialize: () -> void
3672
+ end
3673
+
3674
+ class StoreContext
3675
+ public
3676
+
3677
+ def chain: () -> Array[Certificate]?
3678
+
3679
+ def cleanup: () -> void
3680
+
3681
+ def current_cert: () -> Certificate
3682
+
3683
+ def current_crl: () -> CRL
3684
+
3685
+ def error: () -> Integer?
3686
+
3687
+ def error=: (Integer error) -> Integer
3688
+
3689
+ def error_depth: () -> Integer
3690
+
3691
+ def error_string: () -> String?
3692
+
3693
+ def flags=: (Integer flags) -> Integer
3694
+
3695
+ def purpose=: (Integer purpose) -> Integer
3696
+
3697
+ def time=: (Time time) -> Time
3698
+
3699
+ def trust=: (Integer trust) -> Integer
3700
+
3701
+ def verify: () -> bool
3702
+
3703
+ private
3704
+
3705
+ def initialize: (Store store, ?Certificate cert, ?Array[Certificate] chain) -> void
3706
+ end
3707
+
3708
+ class StoreError < OpenSSL::OpenSSLError
3709
+ end
3710
+ end
3711
+ end