RubyGems - ruby-paseto - Versions diffs - 0.1.1 → 0.2.0 - Mend

ruby-paseto 0.1.1 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (82) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +13 -1
data/README.md +55 -50
data/lib/paseto/asn1/ecdsa_signature.rb +2 -2
data/lib/paseto/asymmetric_key.rb +7 -4
data/lib/paseto/configuration/decode_configuration.rb +7 -7
data/lib/paseto/interface/key.rb +5 -2
data/lib/paseto/interface/pbkd.rb +4 -20
data/lib/paseto/interface/pie.rb +5 -26
data/lib/paseto/interface/pke.rb +15 -51
data/lib/paseto/interface/version.rb +30 -117
data/lib/paseto/operations/id/i_dv3.rb +1 -1
data/lib/paseto/operations/id/i_dv4.rb +1 -1
data/lib/paseto/operations/pbkd/p_b_k_dv3.rb +4 -5
data/lib/paseto/operations/pbkd/p_b_k_dv4.rb +3 -4
data/lib/paseto/operations/pbkw.rb +6 -6
data/lib/paseto/operations/pke/p_k_ev3.rb +23 -25
data/lib/paseto/operations/pke/p_k_ev4.rb +33 -34
data/lib/paseto/operations/pke.rb +9 -10
data/lib/paseto/operations/wrap.rb +1 -1
data/lib/paseto/paserk.rb +1 -1
data/lib/paseto/paserk_types.rb +3 -3
data/lib/paseto/protocol/version3.rb +17 -16
data/lib/paseto/protocol/version4.rb +17 -16
data/lib/paseto/symmetric_key.rb +16 -10
data/lib/paseto/token.rb +17 -15
data/lib/paseto/token_types.rb +2 -2
data/lib/paseto/util.rb +2 -3
data/lib/paseto/v3/local.rb +1 -1
data/lib/paseto/v3/public.rb +8 -69
data/lib/paseto/v4/local.rb +3 -3
data/lib/paseto/v4/public.rb +3 -6
data/lib/paseto/validator.rb +1 -1
data/lib/paseto/version.rb +1 -1
data/lib/paseto/versions.rb +2 -2
data/lib/paseto/wrappers/pie/pie_v3.rb +18 -21
data/lib/paseto/wrappers/pie/pie_v4.rb +17 -20
data/lib/paseto/wrappers/pie.rb +3 -17
data/lib/paseto.rb +2 -5
data/paseto.gemspec +5 -17
data/sorbet/rbi/annotations/.gitattributes +1 -0
data/sorbet/rbi/annotations/rainbow.rbi +4 -4
data/sorbet/rbi/gems/.gitattributes +1 -0
data/sorbet/rbi/gems/diff-lcs@1.5.0.rbi +1 -1
data/sorbet/rbi/gems/docile@1.4.0.rbi +1 -1
data/sorbet/rbi/gems/{ffi@1.15.5.rbi → ffi@1.16.3.rbi} +260 -117
data/sorbet/rbi/gems/{oj@3.13.23.rbi → oj@3.16.1.rbi} +28 -37
data/sorbet/rbi/gems/{rake@13.0.6.rbi → rake@13.1.0.rbi} +75 -69
data/sorbet/rbi/gems/rbnacl@7.1.1.rbi +2 -2
data/sorbet/rbi/gems/{rspec-core@3.12.0.rbi → rspec-core@3.12.2.rbi} +31 -113
data/sorbet/rbi/gems/{rspec-expectations@3.12.0.rbi → rspec-expectations@3.12.3.rbi} +204 -194
data/sorbet/rbi/gems/{rspec-mocks@3.12.0.rbi → rspec-mocks@3.12.6.rbi} +225 -215
data/sorbet/rbi/gems/{rspec-support@3.12.0.rbi → rspec-support@3.12.1.rbi} +35 -43
data/sorbet/rbi/gems/rspec@3.12.0.rbi +22 -28
data/sorbet/rbi/gems/simplecov-html@0.12.3.rbi +41 -44
data/sorbet/rbi/gems/{simplecov@0.21.2.rbi → simplecov@0.22.0.rbi} +62 -49
data/sorbet/rbi/gems/simplecov_json_formatter@0.1.4.rbi +232 -2
data/sorbet/rbi/gems/{timecop@0.9.6.rbi → timecop@0.9.8.rbi} +13 -16
data/sorbet/rbi/shims/multi_json.rbi +2 -0
data/sorbet/rbi/shims/openssl.rbi +0 -8
data/sorbet/rbi/todo.rbi +5 -1
data/sorbet/tapioca/config.yml +1 -1
metadata +20 -191
data/sorbet/rbi/gems/ast@2.4.2.rbi +0 -584
data/sorbet/rbi/gems/io-console@0.5.11.rbi +0 -8
data/sorbet/rbi/gems/irb@1.5.1.rbi +0 -342
data/sorbet/rbi/gems/json@2.6.3.rbi +0 -1541
data/sorbet/rbi/gems/multi_json@1.15.0.rbi +0 -267
data/sorbet/rbi/gems/netrc@0.11.0.rbi +0 -158
data/sorbet/rbi/gems/openssl@3.0.1.rbi +0 -1735
data/sorbet/rbi/gems/parallel@1.22.1.rbi +0 -277
data/sorbet/rbi/gems/rainbow@3.1.1.rbi +0 -407
data/sorbet/rbi/gems/regexp_parser@2.6.1.rbi +0 -3481
data/sorbet/rbi/gems/reline@0.3.1.rbi +0 -8
data/sorbet/rbi/gems/rexml@3.2.5.rbi +0 -4717
data/sorbet/rbi/gems/ruby-progressbar@1.11.0.rbi +0 -1239
data/sorbet/rbi/gems/thor@1.2.1.rbi +0 -3956
data/sorbet/rbi/gems/unicode-display_width@2.3.0.rbi +0 -48
data/sorbet/rbi/gems/webrick@1.7.0.rbi +0 -2555
data/sorbet/rbi/gems/yard-sorbet@0.7.0.rbi +0 -391
data/sorbet/rbi/gems/yard@0.9.28.rbi +0 -17816
data/sorbet/rbi/gems/zeitwerk@2.6.6.rbi +0 -950

data/sorbet/rbi/gems/openssl@3.0.1.rbi DELETED Viewed

@@ -1,1735 +0,0 @@
-# typed: false
-# DO NOT EDIT MANUALLY
-# This is an autogenerated file for types exported from the `openssl` gem.
-# Please instead update this file by running `bin/tapioca gem openssl`.
-# --
-# Add double dispatch to Integer
-# ++
-class Integer < ::Numeric
-  # Casts an Integer as an OpenSSL::BN
-  #
-  # See `man bn` for more info.
-  #
-  # source://openssl//openssl/bn.rb#37
-  def to_bn; end
-end
-Integer::GMP_VERSION = T.let(T.unsafe(nil), String)
-module OpenSSL
-  private
-  # Returns a Digest subclass by _name_
-  #
-  #   require 'openssl'
-  #
-  #   OpenSSL::Digest("MD5")
-  #   # => OpenSSL::Digest::MD5
-  #
-  #   Digest("Foo")
-  #   # => NameError: wrong constant name Foo
-  #
-  # source://openssl//openssl/digest.rb#67
-  def Digest(name); end
-  class << self
-    # Returns a Digest subclass by _name_
-    #
-    #   require 'openssl'
-    #
-    #   OpenSSL::Digest("MD5")
-    #   # => OpenSSL::Digest::MD5
-    #
-    #   Digest("Foo")
-    #   # => NameError: wrong constant name Foo
-    #
-    # source://openssl//openssl/digest.rb#67
-    def Digest(name); end
-    # call-seq:
-    #   OpenSSL.secure_compare(string, string) -> boolean
-    #
-    # Constant time memory comparison. Inputs are hashed using SHA-256 to mask
-    # the length of the secret. Returns +true+ if the strings are identical,
-    # +false+ otherwise.
-    #
-    # source://openssl//openssl.rb#32
-    def secure_compare(a, b); end
-  end
-end
-class OpenSSL::BN
-  include ::Comparable
-  # source://openssl//openssl/bn.rb#20
-  def pretty_print(q); end
-end
-OpenSSL::BN::CONSTTIME = T.let(T.unsafe(nil), Integer)
-# OpenSSL IO buffering mix-in module.
-#
-# This module allows an OpenSSL::SSL::SSLSocket to behave like an IO.
-#
-# You typically won't use this module directly, you can see it implemented in
-# OpenSSL::SSL::SSLSocket.
-module OpenSSL::Buffering
-  include ::Enumerable
-  # Creates an instance of OpenSSL's buffering IO module.
-  #
-  # source://openssl//openssl/buffering.rb#63
-  def initialize(*_arg0); end
-  # Writes _s_ to the stream.  _s_ will be converted to a String using
-  # +.to_s+ method.
-  #
-  # source://openssl//openssl/buffering.rb#422
-  def <<(s); end
-  # Closes the SSLSocket and flushes any unwritten data.
-  #
-  # source://openssl//openssl/buffering.rb#483
-  def close; end
-  # Executes the block for every line in the stream where lines are separated
-  # by _eol_.
-  #
-  # See also #gets
-  #
-  # source://openssl//openssl/buffering.rb#259
-  def each(eol = T.unsafe(nil)); end
-  # Calls the given block once for each byte in the stream.
-  #
-  # source://openssl//openssl/buffering.rb#300
-  def each_byte; end
-  # Executes the block for every line in the stream where lines are separated
-  # by _eol_.
-  #
-  # See also #gets
-  #
-  # source://openssl//openssl/buffering.rb#259
-  def each_line(eol = T.unsafe(nil)); end
-  # Returns true if the stream is at file which means there is no more data to
-  # be read.
-  #
-  # @return [Boolean]
-  #
-  # source://openssl//openssl/buffering.rb#331
-  def eof; end
-  # Returns true if the stream is at file which means there is no more data to
-  # be read.
-  #
-  # @return [Boolean]
-  #
-  # source://openssl//openssl/buffering.rb#331
-  def eof?; end
-  # Flushes buffered data to the SSLSocket.
-  #
-  # source://openssl//openssl/buffering.rb#471
-  def flush; end
-  # call-seq:
-  #   ssl.getbyte => 81
-  #
-  # Get the next 8bit byte from `ssl`.  Returns `nil` on EOF
-  #
-  # source://openssl//openssl/buffering.rb#108
-  def getbyte; end
-  # Reads one character from the stream.  Returns nil if called at end of
-  # file.
-  #
-  # source://openssl//openssl/buffering.rb#293
-  def getc; end
-  # Reads the next "line" from the stream.  Lines are separated by _eol_.  If
-  # _limit_ is provided the result will not be longer than the given number of
-  # bytes.
-  #
-  # _eol_ may be a String or Regexp.
-  #
-  # Unlike IO#gets the line read will not be assigned to +$_+.
-  #
-  # Unlike IO#gets the separator must be provided if a limit is provided.
-  #
-  # source://openssl//openssl/buffering.rb#235
-  def gets(eol = T.unsafe(nil), limit = T.unsafe(nil)); end
-  # Writes _args_ to the stream.
-  #
-  # See IO#print for full details.
-  #
-  # source://openssl//openssl/buffering.rb#450
-  def print(*args); end
-  # Formats and writes to the stream converting parameters under control of
-  # the format string.
-  #
-  # See Kernel#sprintf for format string details.
-  #
-  # source://openssl//openssl/buffering.rb#463
-  def printf(s, *args); end
-  # Writes _args_ to the stream along with a record separator.
-  #
-  # See IO#puts for full details.
-  #
-  # source://openssl//openssl/buffering.rb#432
-  def puts(*args); end
-  # Reads _size_ bytes from the stream.  If _buf_ is provided it must
-  # reference a string which will receive the data.
-  #
-  # See IO#read for full details.
-  #
-  # source://openssl//openssl/buffering.rb#119
-  def read(size = T.unsafe(nil), buf = T.unsafe(nil)); end
-  # Reads at most _maxlen_ bytes in the non-blocking manner.
-  #
-  # When no data can be read without blocking it raises
-  # OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
-  #
-  # IO::WaitReadable means SSL needs to read internally so read_nonblock
-  # should be called again when the underlying IO is readable.
-  #
-  # IO::WaitWritable means SSL needs to write internally so read_nonblock
-  # should be called again after the underlying IO is writable.
-  #
-  # OpenSSL::Buffering#read_nonblock needs two rescue clause as follows:
-  #
-  #   # emulates blocking read (readpartial).
-  #   begin
-  #     result = ssl.read_nonblock(maxlen)
-  #   rescue IO::WaitReadable
-  #     IO.select([io])
-  #     retry
-  #   rescue IO::WaitWritable
-  #     IO.select(nil, [io])
-  #     retry
-  #   end
-  #
-  # Note that one reason that read_nonblock writes to the underlying IO is
-  # when the peer requests a new TLS/SSL handshake.  See openssl the FAQ for
-  # more details.  http://www.openssl.org/support/faq.html
-  #
-  # By specifying a keyword argument _exception_ to +false+, you can indicate
-  # that read_nonblock should not raise an IO::Wait*able exception, but
-  # return the symbol +:wait_writable+ or +:wait_readable+ instead. At EOF,
-  # it will return +nil+ instead of raising EOFError.
-  #
-  # source://openssl//openssl/buffering.rb#204
-  def read_nonblock(maxlen, buf = T.unsafe(nil), exception: T.unsafe(nil)); end
-  # Reads a one-character string from the stream.  Raises an EOFError at end
-  # of file.
-  #
-  # @raise [EOFError]
-  #
-  # source://openssl//openssl/buffering.rb#310
-  def readchar; end
-  # Reads a line from the stream which is separated by _eol_.
-  #
-  # Raises EOFError if at end of file.
-  #
-  # @raise [EOFError]
-  #
-  # source://openssl//openssl/buffering.rb#284
-  def readline(eol = T.unsafe(nil)); end
-  # Reads lines from the stream which are separated by _eol_.
-  #
-  # See also #gets
-  #
-  # source://openssl//openssl/buffering.rb#271
-  def readlines(eol = T.unsafe(nil)); end
-  # Reads at most _maxlen_ bytes from the stream.  If _buf_ is provided it
-  # must reference a string which will receive the data.
-  #
-  # See IO#readpartial for full details.
-  #
-  # source://openssl//openssl/buffering.rb#146
-  def readpartial(maxlen, buf = T.unsafe(nil)); end
-  # The "sync mode" of the SSLSocket.
-  #
-  # See IO#sync for full details.
-  #
-  # source://openssl//openssl/buffering.rb#53
-  def sync; end
-  # The "sync mode" of the SSLSocket.
-  #
-  # See IO#sync for full details.
-  #
-  # source://openssl//openssl/buffering.rb#53
-  def sync=(_arg0); end
-  # Pushes character _c_ back onto the stream such that a subsequent buffered
-  # character read will return it.
-  #
-  # Unlike IO#getc multiple bytes may be pushed back onto the stream.
-  #
-  # Has no effect on unbuffered reads (such as #sysread).
-  #
-  # source://openssl//openssl/buffering.rb#323
-  def ungetc(c); end
-  # Writes _s_ to the stream.  If the argument is not a String it will be
-  # converted using +.to_s+ method.  Returns the number of bytes written.
-  #
-  # source://openssl//openssl/buffering.rb#369
-  def write(*s); end
-  # Writes _s_ in the non-blocking manner.
-  #
-  # If there is buffered data, it is flushed first.  This may block.
-  #
-  # write_nonblock returns number of bytes written to the SSL connection.
-  #
-  # When no data can be written without blocking it raises
-  # OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
-  #
-  # IO::WaitReadable means SSL needs to read internally so write_nonblock
-  # should be called again after the underlying IO is readable.
-  #
-  # IO::WaitWritable means SSL needs to write internally so write_nonblock
-  # should be called again after underlying IO is writable.
-  #
-  # So OpenSSL::Buffering#write_nonblock needs two rescue clause as follows.
-  #
-  #   # emulates blocking write.
-  #   begin
-  #     result = ssl.write_nonblock(str)
-  #   rescue IO::WaitReadable
-  #     IO.select([io])
-  #     retry
-  #   rescue IO::WaitWritable
-  #     IO.select(nil, [io])
-  #     retry
-  #   end
-  #
-  # Note that one reason that write_nonblock reads from the underlying IO
-  # is when the peer requests a new TLS/SSL handshake.  See the openssl FAQ
-  # for more details.  http://www.openssl.org/support/faq.html
-  #
-  # By specifying a keyword argument _exception_ to +false+, you can indicate
-  # that write_nonblock should not raise an IO::Wait*able exception, but
-  # return the symbol +:wait_writable+ or +:wait_readable+ instead.
-  #
-  # source://openssl//openssl/buffering.rb#413
-  def write_nonblock(s, exception: T.unsafe(nil)); end
-  private
-  # Consumes _size_ bytes from the buffer
-  #
-  # source://openssl//openssl/buffering.rb#91
-  def consume_rbuff(size = T.unsafe(nil)); end
-  # Writes _s_ to the buffer.  When the buffer is full or #sync is true the
-  # buffer is flushed to the underlying socket.
-  #
-  # source://openssl//openssl/buffering.rb#346
-  def do_write(s); end
-  # Fills the buffer from the underlying SSLSocket
-  #
-  # source://openssl//openssl/buffering.rb#78
-  def fill_rbuff; end
-end
-# A buffer which will retain binary encoding.
-class OpenSSL::Buffering::Buffer < ::String
-  # @return [Buffer] a new instance of Buffer
-  #
-  # source://openssl//openssl/buffering.rb#29
-  def initialize; end
-  # source://openssl//openssl/buffering.rb#35
-  def <<(string); end
-  # source://openssl//openssl/buffering.rb#35
-  def concat(string); end
-end
-# source://openssl//openssl/buffering.rb#27
-OpenSSL::Buffering::Buffer::BINARY = T.let(T.unsafe(nil), Encoding)
-class OpenSSL::Cipher
-  # call-seq:
-  #   cipher.random_iv -> iv
-  #
-  # Generate a random IV with OpenSSL::Random.random_bytes and sets it to the
-  # cipher, and returns it.
-  #
-  # You must call #encrypt or #decrypt before calling this method.
-  #
-  # source://openssl//openssl/cipher.rb#55
-  def random_iv; end
-  # call-seq:
-  #   cipher.random_key -> key
-  #
-  # Generate a random key with OpenSSL::Random.random_bytes and sets it to
-  # the cipher, and returns it.
-  #
-  # You must call #encrypt or #decrypt before calling this method.
-  #
-  # source://openssl//openssl/cipher.rb#43
-  def random_key; end
-end
-class OpenSSL::Cipher::AES < ::OpenSSL::Cipher
-  # source://openssl//openssl/cipher.rb#19
-  def initialize(*args); end
-end
-class OpenSSL::Cipher::AES128 < ::OpenSSL::Cipher
-  # source://openssl//openssl/cipher.rb#29
-  def initialize(mode = T.unsafe(nil)); end
-end
-class OpenSSL::Cipher::AES192 < ::OpenSSL::Cipher
-  # source://openssl//openssl/cipher.rb#29
-  def initialize(mode = T.unsafe(nil)); end
-end
-class OpenSSL::Cipher::AES256 < ::OpenSSL::Cipher
-  # source://openssl//openssl/cipher.rb#29
-  def initialize(mode = T.unsafe(nil)); end
-end
-class OpenSSL::Cipher::BF < ::OpenSSL::Cipher
-  # source://openssl//openssl/cipher.rb#19
-  def initialize(*args); end
-end
-class OpenSSL::Cipher::CAST5 < ::OpenSSL::Cipher
-  # source://openssl//openssl/cipher.rb#19
-  def initialize(*args); end
-end
-# Deprecated.
-#
-# This class is only provided for backwards compatibility.
-# Use OpenSSL::Cipher.
-class OpenSSL::Cipher::Cipher < ::OpenSSL::Cipher; end
-class OpenSSL::Cipher::DES < ::OpenSSL::Cipher
-  # source://openssl//openssl/cipher.rb#19
-  def initialize(*args); end
-end
-class OpenSSL::Cipher::IDEA < ::OpenSSL::Cipher
-  # source://openssl//openssl/cipher.rb#19
-  def initialize(*args); end
-end
-class OpenSSL::Cipher::RC2 < ::OpenSSL::Cipher
-  # source://openssl//openssl/cipher.rb#19
-  def initialize(*args); end
-end
-class OpenSSL::Cipher::RC4 < ::OpenSSL::Cipher
-  # source://openssl//openssl/cipher.rb#19
-  def initialize(*args); end
-end
-class OpenSSL::Cipher::RC5 < ::OpenSSL::Cipher
-  # source://openssl//openssl/cipher.rb#19
-  def initialize(*args); end
-end
-class OpenSSL::Config
-  include ::Enumerable
-end
-class OpenSSL::Digest < ::Digest::Class
-  class << self
-    # Return the hash value computed with _name_ Digest. _name_ is either the
-    # long name or short name of a supported digest algorithm.
-    #
-    # === Examples
-    #
-    #   OpenSSL::Digest.digest("SHA256", "abc")
-    #
-    # which is equivalent to:
-    #
-    #   OpenSSL::Digest.digest('SHA256', "abc")
-    #
-    # source://openssl//openssl/digest.rb#29
-    def digest(name, data); end
-  end
-end
-# Deprecated.
-#
-# This class is only provided for backwards compatibility.
-# Use OpenSSL::Digest instead.
-class OpenSSL::Digest::Digest < ::OpenSSL::Digest; end
-class OpenSSL::Digest::MD4 < ::OpenSSL::Digest
-  # source://openssl//openssl/digest.rb#35
-  def initialize(data = T.unsafe(nil)); end
-  class << self
-    # source://openssl//openssl/digest.rb#41
-    def digest(data); end
-    # source://openssl//openssl/digest.rb#42
-    def hexdigest(data); end
-  end
-end
-class OpenSSL::Digest::MD5 < ::OpenSSL::Digest
-  # source://openssl//openssl/digest.rb#35
-  def initialize(data = T.unsafe(nil)); end
-  class << self
-    # source://openssl//openssl/digest.rb#41
-    def digest(data); end
-    # source://openssl//openssl/digest.rb#42
-    def hexdigest(data); end
-  end
-end
-class OpenSSL::Digest::RIPEMD160 < ::OpenSSL::Digest
-  # source://openssl//openssl/digest.rb#35
-  def initialize(data = T.unsafe(nil)); end
-  class << self
-    # source://openssl//openssl/digest.rb#41
-    def digest(data); end
-    # source://openssl//openssl/digest.rb#42
-    def hexdigest(data); end
-  end
-end
-class OpenSSL::Digest::SHA1 < ::OpenSSL::Digest
-  # source://openssl//openssl/digest.rb#35
-  def initialize(data = T.unsafe(nil)); end
-  class << self
-    # source://openssl//openssl/digest.rb#41
-    def digest(data); end
-    # source://openssl//openssl/digest.rb#42
-    def hexdigest(data); end
-  end
-end
-class OpenSSL::Digest::SHA224 < ::OpenSSL::Digest
-  # source://openssl//openssl/digest.rb#35
-  def initialize(data = T.unsafe(nil)); end
-  class << self
-    # source://openssl//openssl/digest.rb#41
-    def digest(data); end
-    # source://openssl//openssl/digest.rb#42
-    def hexdigest(data); end
-  end
-end
-class OpenSSL::Digest::SHA256 < ::OpenSSL::Digest
-  # source://openssl//openssl/digest.rb#35
-  def initialize(data = T.unsafe(nil)); end
-  class << self
-    # source://openssl//openssl/digest.rb#41
-    def digest(data); end
-    # source://openssl//openssl/digest.rb#42
-    def hexdigest(data); end
-  end
-end
-class OpenSSL::Digest::SHA384 < ::OpenSSL::Digest
-  # source://openssl//openssl/digest.rb#35
-  def initialize(data = T.unsafe(nil)); end
-  class << self
-    # source://openssl//openssl/digest.rb#41
-    def digest(data); end
-    # source://openssl//openssl/digest.rb#42
-    def hexdigest(data); end
-  end
-end
-class OpenSSL::Digest::SHA512 < ::OpenSSL::Digest
-  # source://openssl//openssl/digest.rb#35
-  def initialize(data = T.unsafe(nil)); end
-  class << self
-    # source://openssl//openssl/digest.rb#41
-    def digest(data); end
-    # source://openssl//openssl/digest.rb#42
-    def hexdigest(data); end
-  end
-end
-class OpenSSL::HMAC
-  # Securely compare with another HMAC instance in constant time.
-  #
-  # source://openssl//openssl/hmac.rb#6
-  def ==(other); end
-  # :call-seq:
-  #    hmac.base64digest -> string
-  #
-  # Returns the authentication code an a Base64-encoded string.
-  #
-  # source://openssl//openssl/hmac.rb#17
-  def base64digest; end
-  class << self
-    # :call-seq:
-    #    HMAC.base64digest(digest, key, data) -> aString
-    #
-    # Returns the authentication code as a Base64-encoded string. The _digest_
-    # parameter specifies the digest algorithm to use. This may be a String
-    # representing the algorithm name or an instance of OpenSSL::Digest.
-    #
-    # === Example
-    #  key = 'key'
-    #  data = 'The quick brown fox jumps over the lazy dog'
-    #
-    #  hmac = OpenSSL::HMAC.base64digest('SHA1', key, data)
-    #  #=> "3nybhbi3iqa8ino29wqQcBydtNk="
-    #
-    # source://openssl//openssl/hmac.rb#73
-    def base64digest(digest, key, data); end
-    # :call-seq:
-    #    HMAC.digest(digest, key, data) -> aString
-    #
-    # Returns the authentication code as a binary string. The _digest_ parameter
-    # specifies the digest algorithm to use. This may be a String representing
-    # the algorithm name or an instance of OpenSSL::Digest.
-    #
-    # === Example
-    #  key = 'key'
-    #  data = 'The quick brown fox jumps over the lazy dog'
-    #
-    #  hmac = OpenSSL::HMAC.digest('SHA1', key, data)
-    #  #=> "\xDE|\x9B\x85\xB8\xB7\x8A\xA6\xBC\x8Az6\xF7\n\x90p\x1C\x9D\xB4\xD9"
-    #
-    # source://openssl//openssl/hmac.rb#35
-    def digest(digest, key, data); end
-    # :call-seq:
-    #    HMAC.hexdigest(digest, key, data) -> aString
-    #
-    # Returns the authentication code as a hex-encoded string. The _digest_
-    # parameter specifies the digest algorithm to use. This may be a String
-    # representing the algorithm name or an instance of OpenSSL::Digest.
-    #
-    # === Example
-    #  key = 'key'
-    #  data = 'The quick brown fox jumps over the lazy dog'
-    #
-    #  hmac = OpenSSL::HMAC.hexdigest('SHA1', key, data)
-    #  #=> "de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9"
-    #
-    # source://openssl//openssl/hmac.rb#54
-    def hexdigest(digest, key, data); end
-  end
-end
-module OpenSSL::Marshal
-  mixes_in_class_methods ::OpenSSL::Marshal::ClassMethods
-  # source://openssl//openssl/marshal.rb#26
-  def _dump(_level); end
-  class << self
-    # @private
-    #
-    # source://openssl//openssl/marshal.rb#16
-    def included(base); end
-  end
-end
-module OpenSSL::Marshal::ClassMethods
-  # source://openssl//openssl/marshal.rb#21
-  def _load(string); end
-end
-module OpenSSL::PKCS5
-  private
-  # OpenSSL::PKCS5.pbkdf2_hmac has been renamed to OpenSSL::KDF.pbkdf2_hmac.
-  # This method is provided for backwards compatibility.
-  #
-  # source://openssl//openssl/pkcs5.rb#13
-  def pbkdf2_hmac(pass, salt, iter, keylen, digest); end
-  # source://openssl//openssl/pkcs5.rb#18
-  def pbkdf2_hmac_sha1(pass, salt, iter, keylen); end
-  class << self
-    # OpenSSL::PKCS5.pbkdf2_hmac has been renamed to OpenSSL::KDF.pbkdf2_hmac.
-    # This method is provided for backwards compatibility.
-    #
-    # source://openssl//openssl/pkcs5.rb#13
-    def pbkdf2_hmac(pass, salt, iter, keylen, digest); end
-    # source://openssl//openssl/pkcs5.rb#18
-    def pbkdf2_hmac_sha1(pass, salt, iter, keylen); end
-  end
-end
-class OpenSSL::PKey::DH < ::OpenSSL::PKey::PKey
-  include ::OpenSSL::Marshal
-  extend ::OpenSSL::Marshal::ClassMethods
-  # :call-seq:
-  #    dh.compute_key(pub_bn) -> string
-  #
-  # Returns a String containing a shared secret computed from the other
-  # party's public value.
-  #
-  # This method is provided for backwards compatibility, and calls #derive
-  # internally.
-  #
-  # === Parameters
-  # * _pub_bn_ is a OpenSSL::BN, *not* the DH instance returned by
-  #   DH#public_key as that contains the DH parameters only.
-  #
-  # source://openssl//openssl/pkey.rb#49
-  def compute_key(pub_bn); end
-  # :call-seq:
-  #    dh.generate_key! -> self
-  #
-  # Generates a private and public key unless a private key already exists.
-  # If this DH instance was generated from public \DH parameters (e.g. by
-  # encoding the result of DH#public_key), then this method needs to be
-  # called first in order to generate the per-session keys before performing
-  # the actual key exchange.
-  #
-  # <b>Deprecated in version 3.0</b>. This method is incompatible with
-  # OpenSSL 3.0.0 or later.
-  #
-  # See also OpenSSL::PKey.generate_key.
-  #
-  # Example:
-  #   # DEPRECATED USAGE: This will not work on OpenSSL 3.0 or later
-  #   dh0 = OpenSSL::PKey::DH.new(2048)
-  #   dh = dh0.public_key # #public_key only copies the DH parameters (contrary to the name)
-  #   dh.generate_key!
-  #   puts dh.private? # => true
-  #   puts dh0.pub_key == dh.pub_key #=> false
-  #
-  #   # With OpenSSL::PKey.generate_key
-  #   dh0 = OpenSSL::PKey::DH.new(2048)
-  #   dh = OpenSSL::PKey.generate_key(dh0)
-  #   puts dh0.pub_key == dh.pub_key #=> false
-  #
-  # source://openssl//openssl/pkey.rb#91
-  def generate_key!; end
-  # :call-seq:
-  #    dh.public_key -> dhnew
-  #
-  # Returns a new DH instance that carries just the \DH parameters.
-  #
-  # Contrary to the method name, the returned DH object contains only
-  # parameters and not the public key.
-  #
-  # This method is provided for backwards compatibility. In most cases, there
-  # is no need to call this method.
-  #
-  # For the purpose of re-generating the key pair while keeping the
-  # parameters, check OpenSSL::PKey.generate_key.
-  #
-  # Example:
-  #   # OpenSSL::PKey::DH.generate by default generates a random key pair
-  #   dh1 = OpenSSL::PKey::DH.generate(2048)
-  #   p dh1.priv_key #=> #<OpenSSL::BN 1288347...>
-  #   dhcopy = dh1.public_key
-  #   p dhcopy.priv_key #=> nil
-  #
-  # source://openssl//openssl/pkey.rb#33
-  def public_key; end
-  class << self
-    # :call-seq:
-    #    DH.generate(size, generator = 2) -> dh
-    #
-    # Creates a new DH instance from scratch by generating random parameters
-    # and a key pair.
-    #
-    # See also OpenSSL::PKey.generate_parameters and
-    # OpenSSL::PKey.generate_key.
-    #
-    # +size+::
-    #   The desired key size in bits.
-    # +generator+::
-    #   The generator.
-    #
-    # source://openssl//openssl/pkey.rb#118
-    def generate(size, generator = T.unsafe(nil), &blk); end
-    # Handle DH.new(size, generator) form here; new(str) and new() forms
-    # are handled by #initialize
-    #
-    # source://openssl//openssl/pkey.rb#128
-    def new(*args, &blk); end
-  end
-end
-class OpenSSL::PKey::DSA < ::OpenSSL::PKey::PKey
-  include ::OpenSSL::Marshal
-  extend ::OpenSSL::Marshal::ClassMethods
-  # :call-seq:
-  #    dsa.public_key -> dsanew
-  #
-  # Returns a new DSA instance that carries just the \DSA parameters and the
-  # public key.
-  #
-  # This method is provided for backwards compatibility. In most cases, there
-  # is no need to call this method.
-  #
-  # For the purpose of serializing the public key, to PEM or DER encoding of
-  # X.509 SubjectPublicKeyInfo format, check PKey#public_to_pem and
-  # PKey#public_to_der.
-  #
-  # source://openssl//openssl/pkey.rb#153
-  def public_key; end
-  # :call-seq:
-  #    dsa.syssign(string) -> string
-  #
-  # Computes and returns the \DSA signature of +string+, where +string+ is
-  # expected to be an already-computed message digest of the original input
-  # data. The signature is issued using the private key of this DSA instance.
-  #
-  # <b>Deprecated in version 3.0</b>.
-  # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
-  #
-  # +string+::
-  #   A message digest of the original input data to be signed.
-  #
-  # Example:
-  #   dsa = OpenSSL::PKey::DSA.new(2048)
-  #   doc = "Sign me"
-  #   digest = OpenSSL::Digest.digest('SHA1', doc)
-  #
-  #   # With legacy #syssign and #sysverify:
-  #   sig = dsa.syssign(digest)
-  #   p dsa.sysverify(digest, sig) #=> true
-  #
-  #   # With #sign_raw and #verify_raw:
-  #   sig = dsa.sign_raw(nil, digest)
-  #   p dsa.verify_raw(nil, sig, digest) #=> true
-  #
-  # source://openssl//openssl/pkey.rb#220
-  def syssign(string); end
-  # :call-seq:
-  #    dsa.sysverify(digest, sig) -> true | false
-  #
-  # Verifies whether the signature is valid given the message digest input.
-  # It does so by validating +sig+ using the public key of this DSA instance.
-  #
-  # <b>Deprecated in version 3.0</b>.
-  # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
-  #
-  # +digest+::
-  #   A message digest of the original input data to be signed.
-  # +sig+::
-  #   A \DSA signature value.
-  #
-  # source://openssl//openssl/pkey.rb#243
-  def sysverify(digest, sig); end
-  class << self
-    # :call-seq:
-    #    DSA.generate(size) -> dsa
-    #
-    # Creates a new DSA instance by generating a private/public key pair
-    # from scratch.
-    #
-    # See also OpenSSL::PKey.generate_parameters and
-    # OpenSSL::PKey.generate_key.
-    #
-    # +size+::
-    #   The desired key size in bits.
-    #
-    # source://openssl//openssl/pkey.rb#169
-    def generate(size, &blk); end
-    # Handle DSA.new(size) form here; new(str) and new() forms
-    # are handled by #initialize
-    #
-    # source://openssl//openssl/pkey.rb#186
-    def new(*args, &blk); end
-  end
-end
-class OpenSSL::PKey::EC < ::OpenSSL::PKey::PKey
-  include ::OpenSSL::Marshal
-  extend ::OpenSSL::Marshal::ClassMethods
-  # :call-seq:
-  #    ec.dh_compute_key(pubkey) -> string
-  #
-  # Derives a shared secret by ECDH. _pubkey_ must be an instance of
-  # OpenSSL::PKey::EC::Point and must belong to the same group.
-  #
-  # This method is provided for backwards compatibility, and calls #derive
-  # internally.
-  #
-  # source://openssl//openssl/pkey.rb#284
-  def dh_compute_key(pubkey); end
-  # :call-seq:
-  #    key.dsa_sign_asn1(data) -> String
-  #
-  # <b>Deprecated in version 3.0</b>.
-  # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
-  #
-  # source://openssl//openssl/pkey.rb#259
-  def dsa_sign_asn1(data); end
-  # :call-seq:
-  #    key.dsa_verify_asn1(data, sig) -> true | false
-  #
-  # <b>Deprecated in version 3.0</b>.
-  # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
-  #
-  # source://openssl//openssl/pkey.rb#270
-  def dsa_verify_asn1(data, sig); end
-end
-OpenSSL::PKey::EC::EXPLICIT_CURVE = T.let(T.unsafe(nil), Integer)
-class OpenSSL::PKey::EC::Point
-  # :call-seq:
-  #    point.to_bn([conversion_form]) -> OpenSSL::BN
-  #
-  # Returns the octet string representation of the EC point as an instance of
-  # OpenSSL::BN.
-  #
-  # If _conversion_form_ is not given, the _point_conversion_form_ attribute
-  # set to the group is used.
-  #
-  # See #to_octet_string for more information.
-  #
-  # source://openssl//openssl/pkey.rb#307
-  def to_bn(conversion_form = T.unsafe(nil)); end
-end
-class OpenSSL::PKey::RSA < ::OpenSSL::PKey::PKey
-  include ::OpenSSL::Marshal
-  extend ::OpenSSL::Marshal::ClassMethods
-  # :call-seq:
-  #    rsa.private_decrypt(string)          -> String
-  #    rsa.private_decrypt(string, padding) -> String
-  #
-  # Decrypt +string+, which has been encrypted with the public key, with the
-  # private key. +padding+ defaults to PKCS1_PADDING.
-  #
-  # <b>Deprecated in version 3.0</b>.
-  # Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead.
-  #
-  # source://openssl//openssl/pkey.rb#435
-  def private_decrypt(data, padding = T.unsafe(nil)); end
-  # :call-seq:
-  #    rsa.private_encrypt(string)          -> String
-  #    rsa.private_encrypt(string, padding) -> String
-  #
-  # Encrypt +string+ with the private key.  +padding+ defaults to
-  # PKCS1_PADDING. The encrypted string output can be decrypted using
-  # #public_decrypt.
-  #
-  # <b>Deprecated in version 3.0</b>.
-  # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and
-  # PKey::PKey#verify_recover instead.
-  #
-  # source://openssl//openssl/pkey.rb#372
-  def private_encrypt(string, padding = T.unsafe(nil)); end
-  # :call-seq:
-  #    rsa.public_decrypt(string)          -> String
-  #    rsa.public_decrypt(string, padding) -> String
-  #
-  # Decrypt +string+, which has been encrypted with the private key, with the
-  # public key.  +padding+ defaults to PKCS1_PADDING.
-  #
-  # <b>Deprecated in version 3.0</b>.
-  # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and
-  # PKey::PKey#verify_recover instead.
-  #
-  # source://openssl//openssl/pkey.rb#394
-  def public_decrypt(string, padding = T.unsafe(nil)); end
-  # :call-seq:
-  #    rsa.public_encrypt(string)          -> String
-  #    rsa.public_encrypt(string, padding) -> String
-  #
-  # Encrypt +string+ with the public key.  +padding+ defaults to
-  # PKCS1_PADDING. The encrypted string output can be decrypted using
-  # #private_decrypt.
-  #
-  # <b>Deprecated in version 3.0</b>.
-  # Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead.
-  #
-  # source://openssl//openssl/pkey.rb#415
-  def public_encrypt(data, padding = T.unsafe(nil)); end
-  # :call-seq:
-  #    rsa.public_key -> rsanew
-  #
-  # Returns a new RSA instance that carries just the public key components.
-  #
-  # This method is provided for backwards compatibility. In most cases, there
-  # is no need to call this method.
-  #
-  # For the purpose of serializing the public key, to PEM or DER encoding of
-  # X.509 SubjectPublicKeyInfo format, check PKey#public_to_pem and
-  # PKey#public_to_der.
-  #
-  # source://openssl//openssl/pkey.rb#327
-  def public_key; end
-  private
-  # source://openssl//openssl/pkey.rb#452
-  def translate_padding_mode(num); end
-  class << self
-    # :call-seq:
-    #    RSA.generate(size, exponent = 65537) -> RSA
-    #
-    # Generates an \RSA keypair.
-    #
-    # See also OpenSSL::PKey.generate_key.
-    #
-    # +size+::
-    #   The desired key size in bits.
-    # +exponent+::
-    #   An odd Integer, normally 3, 17, or 65537.
-    #
-    # source://openssl//openssl/pkey.rb#343
-    def generate(size, exp = T.unsafe(nil), &blk); end
-    # Handle RSA.new(size, exponent) form here; new(str) and new() forms
-    # are handled by #initialize
-    #
-    # source://openssl//openssl/pkey.rb#352
-    def new(*args, &blk); end
-  end
-end
-module OpenSSL::SSL
-  private
-  # source://openssl//openssl/ssl.rb#273
-  def verify_certificate_identity(cert, hostname); end
-  # source://openssl//openssl/ssl.rb#306
-  def verify_hostname(hostname, san); end
-  # source://openssl//openssl/ssl.rb#339
-  def verify_wildcard(domain_component, san_component); end
-  class << self
-    # source://openssl//openssl/ssl.rb#273
-    def verify_certificate_identity(cert, hostname); end
-    # source://openssl//openssl/ssl.rb#306
-    def verify_hostname(hostname, san); end
-    # source://openssl//openssl/ssl.rb#339
-    def verify_wildcard(domain_component, san_component); end
-  end
-end
-OpenSSL::SSL::OP_ALLOW_CLIENT_RENEGOTIATION = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_ALLOW_NO_DHE_KEX = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_CLEANSE_PLAINTEXT = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_CRYPTOPRO_TLSEXT_BUG = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_DISABLE_TLSEXT_CA_NAMES = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_ENABLE_KTLS = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_ENABLE_MIDDLEBOX_COMPAT = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_IGNORE_UNEXPECTED_EOF = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_LEGACY_SERVER_CONNECT = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_NO_ANTI_REPLAY = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_NO_ENCRYPT_THEN_MAC = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_NO_RENEGOTIATION = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_NO_TLSv1_3 = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_PRIORITIZE_CHACHA = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_SAFARI_ECDHE_ECDSA_BUG = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::OP_TLSEXT_PADDING = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::SSL2_VERSION = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::SSL3_VERSION = T.let(T.unsafe(nil), Integer)
-class OpenSSL::SSL::SSLContext
-  # call-seq:
-  #    SSLContext.new           -> ctx
-  #    SSLContext.new(:TLSv1)   -> ctx
-  #    SSLContext.new("SSLv23") -> ctx
-  #
-  # Creates a new SSL context.
-  #
-  # If an argument is given, #ssl_version= is called with the value. Note
-  # that this form is deprecated. New applications should use #min_version=
-  # and #max_version= as necessary.
-  #
-  # @return [SSLContext] a new instance of SSLContext
-  #
-  # source://openssl//openssl/ssl.rb#124
-  def initialize(version = T.unsafe(nil)); end
-  # call-seq:
-  #    ctx.max_version = OpenSSL::SSL::TLS1_2_VERSION
-  #    ctx.max_version = :TLS1_2
-  #    ctx.max_version = nil
-  #
-  # Sets the upper bound of the supported SSL/TLS protocol version. See
-  # #min_version= for the possible values.
-  #
-  # source://openssl//openssl/ssl.rb#187
-  def max_version=(version); end
-  # call-seq:
-  #    ctx.min_version = OpenSSL::SSL::TLS1_2_VERSION
-  #    ctx.min_version = :TLS1_2
-  #    ctx.min_version = nil
-  #
-  # Sets the lower bound on the supported SSL/TLS protocol version. The
-  # version may be specified by an integer constant named
-  # OpenSSL::SSL::*_VERSION, a Symbol, or +nil+ which means "any version".
-  #
-  # Be careful that you don't overwrite OpenSSL::SSL::OP_NO_{SSL,TLS}v*
-  # options by #options= once you have called #min_version= or
-  # #max_version=.
-  #
-  # === Example
-  #   ctx = OpenSSL::SSL::SSLContext.new
-  #   ctx.min_version = OpenSSL::SSL::TLS1_1_VERSION
-  #   ctx.max_version = OpenSSL::SSL::TLS1_2_VERSION
-  #
-  #   sock = OpenSSL::SSL::SSLSocket.new(tcp_sock, ctx)
-  #   sock.connect # Initiates a connection using either TLS 1.1 or TLS 1.2
-  #
-  # source://openssl//openssl/ssl.rb#175
-  def min_version=(version); end
-  # A callback invoked at connect time to distinguish between multiple
-  # server names.
-  #
-  # The callback is invoked with an SSLSocket and a server name.  The
-  # callback must return an SSLContext for the server name or nil.
-  #
-  # source://openssl//openssl/ssl.rb#112
-  def servername_cb; end
-  # A callback invoked at connect time to distinguish between multiple
-  # server names.
-  #
-  # The callback is invoked with an SSLSocket and a server name.  The
-  # callback must return an SSLContext for the server name or nil.
-  #
-  # source://openssl//openssl/ssl.rb#112
-  def servername_cb=(_arg0); end
-  # call-seq:
-  #   ctx.set_params(params = {}) -> params
-  #
-  # Sets saner defaults optimized for the use with HTTP-like protocols.
-  #
-  # If a Hash _params_ is given, the parameters are overridden with it.
-  # The keys in _params_ must be assignment methods on SSLContext.
-  #
-  # If the verify_mode is not VERIFY_NONE and ca_file, ca_path and
-  # cert_store are not set then the system default certificate store is
-  # used.
-  #
-  # source://openssl//openssl/ssl.rb#143
-  def set_params(params = T.unsafe(nil)); end
-  # call-seq:
-  #    ctx.ssl_version = :TLSv1
-  #    ctx.ssl_version = "SSLv23"
-  #
-  # Sets the SSL/TLS protocol version for the context. This forces
-  # connections to use only the specified protocol version. This is
-  # deprecated and only provided for backwards compatibility. Use
-  # #min_version= and #max_version= instead.
-  #
-  # === History
-  # As the name hints, this used to call the SSL_CTX_set_ssl_version()
-  # function which sets the SSL method used for connections created from
-  # the context. As of Ruby/OpenSSL 2.1, this accessor method is
-  # implemented to call #min_version= and #max_version= instead.
-  #
-  # source://openssl//openssl/ssl.rb#206
-  def ssl_version=(meth); end
-  # A callback invoked when DH parameters are required for ephemeral DH key
-  # exchange.
-  #
-  # The callback is invoked with the SSLSocket, a
-  # flag indicating the use of an export cipher and the keylength
-  # required.
-  #
-  # The callback must return an OpenSSL::PKey::DH instance of the correct
-  # key length.
-  #
-  # <b>Deprecated in version 3.0.</b> Use #tmp_dh= instead.
-  #
-  # source://openssl//openssl/ssl.rb#105
-  def tmp_dh_callback; end
-  # A callback invoked when DH parameters are required for ephemeral DH key
-  # exchange.
-  #
-  # The callback is invoked with the SSLSocket, a
-  # flag indicating the use of an export cipher and the keylength
-  # required.
-  #
-  # The callback must return an OpenSSL::PKey::DH instance of the correct
-  # key length.
-  #
-  # <b>Deprecated in version 3.0.</b> Use #tmp_dh= instead.
-  #
-  # source://openssl//openssl/ssl.rb#105
-  def tmp_dh_callback=(_arg0); end
-end
-# source://openssl//openssl/ssl.rb#34
-OpenSSL::SSL::SSLContext::DEFAULT_2048 = T.let(T.unsafe(nil), OpenSSL::PKey::DH)
-# source://openssl//openssl/ssl.rb#46
-OpenSSL::SSL::SSLContext::DEFAULT_TMP_DH_CALLBACK = T.let(T.unsafe(nil), Proc)
-# The list of available SSL/TLS methods. This constant is only provided
-# for backwards compatibility.
-#
-# source://openssl//openssl/ssl.rb#232
-OpenSSL::SSL::SSLContext::METHODS = T.let(T.unsafe(nil), Array)
-# source://openssl//openssl/ssl.rb#220
-OpenSSL::SSL::SSLContext::METHODS_MAP = T.let(T.unsafe(nil), Hash)
-class OpenSSL::SSL::SSLErrorWaitReadable < ::OpenSSL::SSL::SSLError
-  include ::IO::WaitReadable
-end
-class OpenSSL::SSL::SSLErrorWaitWritable < ::OpenSSL::SSL::SSLError
-  include ::IO::WaitWritable
-end
-# SSLServer represents a TCP/IP server socket with Secure Sockets Layer.
-class OpenSSL::SSL::SSLServer
-  include ::OpenSSL::SSL::SocketForwarder
-  # Creates a new instance of SSLServer.
-  # * _srv_ is an instance of TCPServer.
-  # * _ctx_ is an instance of OpenSSL::SSL::SSLContext.
-  #
-  # @return [SSLServer] a new instance of SSLServer
-  #
-  # source://openssl//openssl/ssl.rb#488
-  def initialize(svr, ctx); end
-  # Works similar to TCPServer#accept.
-  #
-  # source://openssl//openssl/ssl.rb#516
-  def accept; end
-  # See IO#close for details.
-  #
-  # source://openssl//openssl/ssl.rb#537
-  def close; end
-  # See TCPServer#listen for details.
-  #
-  # source://openssl//openssl/ssl.rb#506
-  def listen(backlog = T.unsafe(nil)); end
-  # See BasicSocket#shutdown for details.
-  #
-  # source://openssl//openssl/ssl.rb#511
-  def shutdown(how = T.unsafe(nil)); end
-  # When true then #accept works exactly the same as TCPServer#accept
-  #
-  # source://openssl//openssl/ssl.rb#483
-  def start_immediately; end
-  # When true then #accept works exactly the same as TCPServer#accept
-  #
-  # source://openssl//openssl/ssl.rb#483
-  def start_immediately=(_arg0); end
-  # Returns the TCPServer passed to the SSLServer when initialized.
-  #
-  # source://openssl//openssl/ssl.rb#501
-  def to_io; end
-end
-class OpenSSL::SSL::SSLSocket
-  include ::Enumerable
-  include ::OpenSSL::Buffering
-  include ::OpenSSL::SSL::SocketForwarder
-  # The SSLContext object used in this connection.
-  #
-  # source://openssl//openssl/ssl.rb#368
-  def context; end
-  # Returns the value of attribute hostname.
-  #
-  # source://openssl//openssl/ssl.rb#361
-  def hostname; end
-  # The underlying IO object.
-  #
-  # source://openssl//openssl/ssl.rb#364
-  def io; end
-  # call-seq:
-  #   ssl.post_connection_check(hostname) -> true
-  #
-  # Perform hostname verification following RFC 6125.
-  #
-  # This method MUST be called after calling #connect to ensure that the
-  # hostname of a remote peer has been verified.
-  #
-  # source://openssl//openssl/ssl.rb#394
-  def post_connection_check(hostname); end
-  # call-seq:
-  #   ssl.session -> aSession
-  #
-  # Returns the SSLSession object currently used, or nil if the session is
-  # not established.
-  #
-  # source://openssl//openssl/ssl.rb#415
-  def session; end
-  # Whether to close the underlying socket as well, when the SSL/TLS
-  # connection is shut down. This defaults to +false+.
-  #
-  # source://openssl//openssl/ssl.rb#372
-  def sync_close; end
-  # Whether to close the underlying socket as well, when the SSL/TLS
-  # connection is shut down. This defaults to +false+.
-  #
-  # source://openssl//openssl/ssl.rb#372
-  def sync_close=(_arg0); end
-  # call-seq:
-  #    ssl.sysclose => nil
-  #
-  # Sends "close notify" to the peer and tries to shut down the SSL
-  # connection gracefully.
-  #
-  # If sync_close is set to +true+, the underlying IO is also closed.
-  #
-  # source://openssl//openssl/ssl.rb#381
-  def sysclose; end
-  # The underlying IO object.
-  #
-  # source://openssl//openssl/ssl.rb#364
-  def to_io; end
-  private
-  # source://openssl//openssl/ssl.rb#429
-  def client_cert_cb; end
-  # source://openssl//openssl/ssl.rb#441
-  def session_get_cb; end
-  # source://openssl//openssl/ssl.rb#437
-  def session_new_cb; end
-  # source://openssl//openssl/ssl.rb#433
-  def tmp_dh_callback; end
-  # @return [Boolean]
-  #
-  # source://openssl//openssl/ssl.rb#423
-  def using_anon_cipher?; end
-  class << self
-    # call-seq:
-    #   open(remote_host, remote_port, local_host=nil, local_port=nil, context: nil)
-    #
-    # Creates a new instance of SSLSocket.
-    # _remote\_host_ and _remote\_port_ are used to open TCPSocket.
-    # If _local\_host_ and _local\_port_ are specified,
-    # then those parameters are used on the local end to establish the connection.
-    # If _context_ is provided,
-    # the SSL Sockets initial params will be taken from the context.
-    #
-    # === Examples
-    #
-    #   sock = OpenSSL::SSL::SSLSocket.open('localhost', 443)
-    #   sock.connect # Initiates a connection to localhost:443
-    #
-    # with SSLContext:
-    #
-    #   ctx = OpenSSL::SSL::SSLContext.new
-    #   sock = OpenSSL::SSL::SSLSocket.open('localhost', 443, context: ctx)
-    #   sock.connect # Initiates a connection to localhost:443 with SSLContext
-    #
-    # source://openssl//openssl/ssl.rb#467
-    def open(remote_host, remote_port, local_host = T.unsafe(nil), local_port = T.unsafe(nil), context: T.unsafe(nil)); end
-  end
-end
-module OpenSSL::SSL::SocketForwarder
-  # source://openssl//openssl/ssl.rb#244
-  def addr; end
-  # @return [Boolean]
-  #
-  # source://openssl//openssl/ssl.rb#264
-  def closed?; end
-  # source://openssl//openssl/ssl.rb#268
-  def do_not_reverse_lookup=(flag); end
-  # source://openssl//openssl/ssl.rb#260
-  def fcntl(*args); end
-  # The file descriptor for the socket.
-  #
-  # source://openssl//openssl/ssl.rb#240
-  def fileno; end
-  # source://openssl//openssl/ssl.rb#256
-  def getsockopt(level, optname); end
-  # source://openssl//openssl/ssl.rb#248
-  def peeraddr; end
-  # source://openssl//openssl/ssl.rb#252
-  def setsockopt(level, optname, optval); end
-end
-OpenSSL::SSL::TLS1_1_VERSION = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::TLS1_2_VERSION = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::TLS1_3_VERSION = T.let(T.unsafe(nil), Integer)
-OpenSSL::SSL::TLS1_VERSION = T.let(T.unsafe(nil), Integer)
-module OpenSSL::Timestamp; end
-class OpenSSL::Timestamp::Factory
-  def additional_certs; end
-  def additional_certs=(_arg0); end
-  def allowed_digests; end
-  def allowed_digests=(_arg0); end
-  def create_timestamp(_arg0, _arg1, _arg2); end
-  def default_policy_id; end
-  def default_policy_id=(_arg0); end
-  def gen_time; end
-  def gen_time=(_arg0); end
-  def serial_number; end
-  def serial_number=(_arg0); end
-end
-class OpenSSL::Timestamp::Request
-  def initialize(*_arg0); end
-  def algorithm; end
-  def algorithm=(_arg0); end
-  def cert_requested=(_arg0); end
-  def cert_requested?; end
-  def message_imprint; end
-  def message_imprint=(_arg0); end
-  def nonce; end
-  def nonce=(_arg0); end
-  def policy_id; end
-  def policy_id=(_arg0); end
-  def to_der; end
-  def version; end
-  def version=(_arg0); end
-end
-class OpenSSL::Timestamp::Response
-  def initialize(_arg0); end
-  def failure_info; end
-  def status; end
-  def status_text; end
-  def to_der; end
-  def token; end
-  def token_info; end
-  def tsa_certificate; end
-  def verify(*_arg0); end
-end
-OpenSSL::Timestamp::Response::GRANTED = T.let(T.unsafe(nil), Integer)
-OpenSSL::Timestamp::Response::GRANTED_WITH_MODS = T.let(T.unsafe(nil), Integer)
-OpenSSL::Timestamp::Response::REJECTION = T.let(T.unsafe(nil), Integer)
-OpenSSL::Timestamp::Response::REVOCATION_NOTIFICATION = T.let(T.unsafe(nil), Integer)
-OpenSSL::Timestamp::Response::REVOCATION_WARNING = T.let(T.unsafe(nil), Integer)
-OpenSSL::Timestamp::Response::WAITING = T.let(T.unsafe(nil), Integer)
-class OpenSSL::Timestamp::TimestampError < ::OpenSSL::OpenSSLError; end
-class OpenSSL::Timestamp::TokenInfo
-  def initialize(_arg0); end
-  def algorithm; end
-  def gen_time; end
-  def message_imprint; end
-  def nonce; end
-  def ordering; end
-  def policy_id; end
-  def serial_number; end
-  def to_der; end
-  def version; end
-end
-class OpenSSL::X509::Attribute
-  include ::OpenSSL::Marshal
-  extend ::OpenSSL::Marshal::ClassMethods
-  # source://openssl//openssl/x509.rb#330
-  def ==(other); end
-end
-class OpenSSL::X509::CRL
-  include ::OpenSSL::Marshal
-  include ::OpenSSL::X509::Extension::Helpers
-  include ::OpenSSL::X509::Extension::AuthorityKeyIdentifier
-  extend ::OpenSSL::Marshal::ClassMethods
-  # source://openssl//openssl/x509.rb#369
-  def ==(other); end
-end
-class OpenSSL::X509::Certificate
-  include ::OpenSSL::Marshal
-  include ::OpenSSL::X509::Extension::Helpers
-  include ::OpenSSL::X509::Extension::SubjectKeyIdentifier
-  include ::OpenSSL::X509::Extension::AuthorityKeyIdentifier
-  include ::OpenSSL::X509::Extension::CRLDistributionPoints
-  include ::OpenSSL::X509::Extension::AuthorityInfoAccess
-  extend ::OpenSSL::Marshal::ClassMethods
-  # source://openssl//openssl/x509.rb#349
-  def pretty_print(q); end
-  class << self
-    # source://openssl//openssl/x509.rb#360
-    def load_file(path); end
-  end
-end
-class OpenSSL::X509::Extension
-  include ::OpenSSL::Marshal
-  extend ::OpenSSL::Marshal::ClassMethods
-  # source://openssl//openssl/x509.rb#48
-  def ==(other); end
-  # source://openssl//openssl/x509.rb#64
-  def to_a; end
-  # {"oid"=>sn|ln, "value"=>value, "critical"=>true|false}
-  #
-  # source://openssl//openssl/x509.rb#60
-  def to_h; end
-  # "oid = critical, value"
-  #
-  # source://openssl//openssl/x509.rb#53
-  def to_s; end
-end
-module OpenSSL::X509::Extension::AuthorityInfoAccess
-  include ::OpenSSL::X509::Extension::Helpers
-  # Get the information and services for the issuer from the certificate's
-  # authority information access extension exteension, as described in RFC5280
-  # Section 4.2.2.1.
-  #
-  # Returns an array of strings or nil or raises ASN1::ASN1Error.
-  #
-  # source://openssl//openssl/x509.rb#162
-  def ca_issuer_uris; end
-  # Get the URIs for OCSP from the certificate's authority information access
-  # extension exteension, as described in RFC5280 Section 4.2.2.1.
-  #
-  # Returns an array of strings or nil or raises ASN1::ASN1Error.
-  #
-  # source://openssl//openssl/x509.rb#177
-  def ocsp_uris; end
-  private
-  # source://openssl//openssl/x509.rb#190
-  def parse_aia_asn1; end
-end
-module OpenSSL::X509::Extension::AuthorityKeyIdentifier
-  include ::OpenSSL::X509::Extension::Helpers
-  # Get the issuing certificate's key identifier from the
-  # authorityKeyIdentifier extension, as described in RFC5280
-  # Section 4.2.1.1
-  #
-  # Returns the binary String keyIdentifier or nil or raises
-  # ASN1::ASN1Error.
-  #
-  # source://openssl//openssl/x509.rb#104
-  def authority_key_identifier; end
-end
-module OpenSSL::X509::Extension::CRLDistributionPoints
-  include ::OpenSSL::X509::Extension::Helpers
-  # Get the distributionPoint fullName URI from the certificate's CRL
-  # distribution points extension, as described in RFC5280 Section
-  # 4.2.1.13
-  #
-  # Returns an array of strings or nil or raises ASN1::ASN1Error.
-  #
-  # source://openssl//openssl/x509.rb#129
-  def crl_uris; end
-end
-module OpenSSL::X509::Extension::Helpers
-  # source://openssl//openssl/x509.rb#69
-  def find_extension(oid); end
-end
-module OpenSSL::X509::Extension::SubjectKeyIdentifier
-  include ::OpenSSL::X509::Extension::Helpers
-  # Get the subject's key identifier from the subjectKeyIdentifier
-  # exteension, as described in RFC5280 Section 4.2.1.2.
-  #
-  # Returns the binary String key identifier or nil or raises
-  # ASN1::ASN1Error.
-  #
-  # source://openssl//openssl/x509.rb#82
-  def subject_key_identifier; end
-end
-class OpenSSL::X509::Name
-  include ::Comparable
-  include ::OpenSSL::Marshal
-  extend ::OpenSSL::Marshal::ClassMethods
-  # source://openssl//openssl/x509.rb#319
-  def pretty_print(q); end
-  class << self
-    # Parses the string representation of a distinguished name. Two
-    # different forms are supported:
-    #
-    # - \OpenSSL format (<tt>X509_NAME_oneline()</tt>) used by
-    #   <tt>#to_s</tt>. For example: <tt>/DC=com/DC=example/CN=nobody</tt>
-    # - \OpenSSL format (<tt>X509_NAME_print()</tt>)
-    #   used by <tt>#to_s(OpenSSL::X509::Name::COMPAT)</tt>. For example:
-    #   <tt>DC=com, DC=example, CN=nobody</tt>
-    #
-    # Neither of them is standardized and has quirks and inconsistencies
-    # in handling of escaped characters or multi-valued RDNs.
-    #
-    # Use of this method is discouraged in new applications. See
-    # Name.parse_rfc2253 and #to_utf8 for the alternative.
-    #
-    # source://openssl//openssl/x509.rb#305
-    def parse(str, template = T.unsafe(nil)); end
-    # Parses the string representation of a distinguished name. Two
-    # different forms are supported:
-    #
-    # - \OpenSSL format (<tt>X509_NAME_oneline()</tt>) used by
-    #   <tt>#to_s</tt>. For example: <tt>/DC=com/DC=example/CN=nobody</tt>
-    # - \OpenSSL format (<tt>X509_NAME_print()</tt>)
-    #   used by <tt>#to_s(OpenSSL::X509::Name::COMPAT)</tt>. For example:
-    #   <tt>DC=com, DC=example, CN=nobody</tt>
-    #
-    # Neither of them is standardized and has quirks and inconsistencies
-    # in handling of escaped characters or multi-valued RDNs.
-    #
-    # Use of this method is discouraged in new applications. See
-    # Name.parse_rfc2253 and #to_utf8 for the alternative.
-    #
-    # source://openssl//openssl/x509.rb#305
-    def parse_openssl(str, template = T.unsafe(nil)); end
-    # Parses the UTF-8 string representation of a distinguished name,
-    # according to RFC 2253.
-    #
-    # See also #to_utf8 for the opposite operation.
-    #
-    # source://openssl//openssl/x509.rb#286
-    def parse_rfc2253(str, template = T.unsafe(nil)); end
-  end
-end
-module OpenSSL::X509::Name::RFC2253DN
-  private
-  # source://openssl//openssl/x509.rb#237
-  def expand_hexstring(str); end
-  # source://openssl//openssl/x509.rb#225
-  def expand_pair(str); end
-  # source://openssl//openssl/x509.rb#244
-  def expand_value(str1, str2, str3); end
-  # source://openssl//openssl/x509.rb#251
-  def scan(dn); end
-  class << self
-    # source://openssl//openssl/x509.rb#237
-    def expand_hexstring(str); end
-    # source://openssl//openssl/x509.rb#225
-    def expand_pair(str); end
-    # source://openssl//openssl/x509.rb#244
-    def expand_value(str1, str2, str3); end
-    # source://openssl//openssl/x509.rb#251
-    def scan(dn); end
-  end
-end
-class OpenSSL::X509::Request
-  include ::OpenSSL::Marshal
-  extend ::OpenSSL::Marshal::ClassMethods
-  # source://openssl//openssl/x509.rb#385
-  def ==(other); end
-end
-class OpenSSL::X509::Revoked
-  # source://openssl//openssl/x509.rb#376
-  def ==(other); end
-end