sofia 0.1.0

data/sorbet/rbi/gems/openssl@4.0.0.rbi

@@ -0,0 +1,1908 @@
+# typed: false
+
+# DO NOT EDIT MANUALLY
+# This is an autogenerated file for types exported from the `openssl` gem.
+# Please instead update this file by running `bin/tapioca gem openssl`.
+
+
+# --
+# Add double dispatch to Integer
+# ++
+#
+# source://openssl//lib/openssl/bn.rb#33
+class Integer < ::Numeric
+  # Casts an Integer as an OpenSSL::BN
+  #
+  # See `man bn` for more info.
+  #
+  # source://openssl//lib/openssl/bn.rb#37
+  def to_bn; end
+end
+
+Integer::GMP_VERSION = T.let(T.unsafe(nil), String)
+
+# source://openssl//lib/openssl/bn.rb#16
+module OpenSSL
+  private
+
+  # Returns a Digest subclass by _name_
+  #
+  #   require 'openssl'
+  #
+  #   OpenSSL::Digest("MD5")
+  #   # => OpenSSL::Digest::MD5
+  #
+  #   OpenSSL::Digest("Foo")
+  #   # => NameError: wrong constant name Foo
+  #
+  # source://openssl//lib/openssl/digest.rb#63
+  def Digest(name); end
+
+  class << self
+    # Returns a Digest subclass by _name_
+    #
+    #   require 'openssl'
+    #
+    #   OpenSSL::Digest("MD5")
+    #   # => OpenSSL::Digest::MD5
+    #
+    #   OpenSSL::Digest("Foo")
+    #   # => NameError: wrong constant name Foo
+    #
+    # source://openssl//lib/openssl/digest.rb#63
+    def Digest(name); end
+
+    # :call-seq:
+    #    OpenSSL.secure_compare(string, string) -> true or false
+    #
+    # Constant time memory comparison. Inputs are hashed using SHA-256 to mask
+    # the length of the secret. Returns +true+ if the strings are identical,
+    # +false+ otherwise.
+    #
+    # This method is expensive due to the SHA-256 hashing. In most cases, where
+    # the input lengths are known to be equal or are not sensitive,
+    # OpenSSL.fixed_length_secure_compare should be used instead.
+    #
+    # source://openssl//lib/openssl.rb#36
+    def secure_compare(a, b); end
+  end
+end
+
+class OpenSSL::ASN1::Constructive < ::OpenSSL::ASN1::ASN1Data
+  include ::Enumerable
+end
+
+# source://openssl//lib/openssl/bn.rb#17
+class OpenSSL::BN
+  include ::Comparable
+
+  # source://openssl//lib/openssl/bn.rb#20
+  def pretty_print(q); end
+end
+
+OpenSSL::BN::CONSTTIME = T.let(T.unsafe(nil), Integer)
+
+# OpenSSL IO buffering mix-in module.
+#
+# This module allows an OpenSSL::SSL::SSLSocket to behave like an IO.
+#
+# You typically won't use this module directly, you can see it implemented in
+# OpenSSL::SSL::SSLSocket.
+#
+# source://openssl//lib/openssl/buffering.rb#22
+module OpenSSL::Buffering
+  include ::ActiveSupport::ToJsonWithActiveSupportEncoder
+  include ::Enumerable
+
+  # Creates an instance of OpenSSL's buffering IO module.
+  #
+  # source://openssl//lib/openssl/buffering.rb#59
+  def initialize(*_arg0); end
+
+  # Writes _s_ to the stream.  _s_ will be converted to a String using
+  # +.to_s+ method.
+  #
+  # source://openssl//lib/openssl/buffering.rb#440
+  def <<(s); end
+
+  # Closes the SSLSocket and flushes any unwritten data.
+  #
+  # source://openssl//lib/openssl/buffering.rb#501
+  def close; end
+
+  # Executes the block for every line in the stream where lines are separated
+  # by _eol_.
+  #
+  # See also #gets
+  #
+  # source://openssl//lib/openssl/buffering.rb#262
+  def each(eol = T.unsafe(nil)); end
+
+  # Calls the given block once for each byte in the stream.
+  #
+  # source://openssl//lib/openssl/buffering.rb#303
+  def each_byte; end
+
+  # Executes the block for every line in the stream where lines are separated
+  # by _eol_.
+  #
+  # See also #gets
+  #
+  # source://openssl//lib/openssl/buffering.rb#262
+  def each_line(eol = T.unsafe(nil)); end
+
+  # Returns true if the stream is at file which means there is no more data to
+  # be read.
+  #
+  # @return [Boolean]
+  #
+  # source://openssl//lib/openssl/buffering.rb#334
+  def eof; end
+
+  # Returns true if the stream is at file which means there is no more data to
+  # be read.
+  #
+  # @return [Boolean]
+  #
+  # source://openssl//lib/openssl/buffering.rb#334
+  def eof?; end
+
+  # Flushes buffered data to the SSLSocket.
+  #
+  # source://openssl//lib/openssl/buffering.rb#489
+  def flush; end
+
+  # call-seq:
+  #   ssl.getbyte => 81
+  #
+  # Get the next 8bit byte from `ssl`.  Returns `nil` on EOF
+  #
+  # source://openssl//lib/openssl/buffering.rb#102
+  def getbyte; end
+
+  # Reads one character from the stream.  Returns nil if called at end of
+  # file.
+  #
+  # source://openssl//lib/openssl/buffering.rb#296
+  def getc; end
+
+  # Reads the next "line" from the stream.  Lines are separated by _eol_.  If
+  # _limit_ is provided the result will not be longer than the given number of
+  # bytes.
+  #
+  # _eol_ may be a String or Regexp.
+  #
+  # Unlike IO#gets the line read will not be assigned to +$_+.
+  #
+  # Unlike IO#gets the separator must be provided if a limit is provided.
+  #
+  # source://openssl//lib/openssl/buffering.rb#234
+  def gets(eol = T.unsafe(nil), limit = T.unsafe(nil), chomp: T.unsafe(nil)); end
+
+  # Writes _args_ to the stream.
+  #
+  # See IO#print for full details.
+  #
+  # source://openssl//lib/openssl/buffering.rb#468
+  def print(*args); end
+
+  # Formats and writes to the stream converting parameters under control of
+  # the format string.
+  #
+  # See Kernel#sprintf for format string details.
+  #
+  # source://openssl//lib/openssl/buffering.rb#481
+  def printf(s, *args); end
+
+  # Writes _args_ to the stream along with a record separator.
+  #
+  # See IO#puts for full details.
+  #
+  # source://openssl//lib/openssl/buffering.rb#450
+  def puts(*args); end
+
+  # Reads _size_ bytes from the stream.  If _buf_ is provided it must
+  # reference a string which will receive the data.
+  #
+  # See IO#read for full details.
+  #
+  # source://openssl//lib/openssl/buffering.rb#118
+  def read(size = T.unsafe(nil), buf = T.unsafe(nil)); end
+
+  # Reads at most _maxlen_ bytes in the non-blocking manner.
+  #
+  # When no data can be read without blocking it raises
+  # OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
+  #
+  # IO::WaitReadable means SSL needs to read internally so read_nonblock
+  # should be called again when the underlying IO is readable.
+  #
+  # IO::WaitWritable means SSL needs to write internally so read_nonblock
+  # should be called again after the underlying IO is writable.
+  #
+  # OpenSSL::Buffering#read_nonblock needs two rescue clause as follows:
+  #
+  #   # emulates blocking read (readpartial).
+  #   begin
+  #     result = ssl.read_nonblock(maxlen)
+  #   rescue IO::WaitReadable
+  #     IO.select([io])
+  #     retry
+  #   rescue IO::WaitWritable
+  #     IO.select(nil, [io])
+  #     retry
+  #   end
+  #
+  # Note that one reason that read_nonblock writes to the underlying IO is
+  # when the peer requests a new TLS/SSL handshake.  See openssl the FAQ for
+  # more details.  http://www.openssl.org/support/faq.html
+  #
+  # By specifying a keyword argument _exception_ to +false+, you can indicate
+  # that read_nonblock should not raise an IO::Wait*able exception, but
+  # return the symbol +:wait_writable+ or +:wait_readable+ instead. At EOF,
+  # it will return +nil+ instead of raising EOFError.
+  #
+  # source://openssl//lib/openssl/buffering.rb#203
+  def read_nonblock(maxlen, buf = T.unsafe(nil), exception: T.unsafe(nil)); end
+
+  # Get the next 8bit byte. Raises EOFError on EOF
+  #
+  # @raise [EOFError]
+  #
+  # source://openssl//lib/openssl/buffering.rb#107
+  def readbyte; end
+
+  # Reads a one-character string from the stream.  Raises an EOFError at end
+  # of file.
+  #
+  # @raise [EOFError]
+  #
+  # source://openssl//lib/openssl/buffering.rb#313
+  def readchar; end
+
+  # Reads a line from the stream which is separated by _eol_.
+  #
+  # Raises EOFError if at end of file.
+  #
+  # @raise [EOFError]
+  #
+  # source://openssl//lib/openssl/buffering.rb#287
+  def readline(eol = T.unsafe(nil)); end
+
+  # Reads lines from the stream which are separated by _eol_.
+  #
+  # See also #gets
+  #
+  # source://openssl//lib/openssl/buffering.rb#274
+  def readlines(eol = T.unsafe(nil)); end
+
+  # Reads at most _maxlen_ bytes from the stream.  If _buf_ is provided it
+  # must reference a string which will receive the data.
+  #
+  # See IO#readpartial for full details.
+  #
+  # source://openssl//lib/openssl/buffering.rb#145
+  def readpartial(maxlen, buf = T.unsafe(nil)); end
+
+  # The "sync mode" of the SSLSocket.
+  #
+  # See IO#sync for full details.
+  #
+  # source://openssl//lib/openssl/buffering.rb#49
+  def sync; end
+
+  # The "sync mode" of the SSLSocket.
+  #
+  # See IO#sync for full details.
+  #
+  # source://openssl//lib/openssl/buffering.rb#49
+  def sync=(_arg0); end
+
+  # Pushes character _c_ back onto the stream such that a subsequent buffered
+  # character read will return it.
+  #
+  # Unlike IO#getc multiple bytes may be pushed back onto the stream.
+  #
+  # Has no effect on unbuffered reads (such as #sysread).
+  #
+  # source://openssl//lib/openssl/buffering.rb#326
+  def ungetc(c); end
+
+  # Writes _s_ to the stream.  If the argument is not a String it will be
+  # converted using +.to_s+ method.  Returns the number of bytes written.
+  #
+  # source://openssl//lib/openssl/buffering.rb#387
+  def write(*s); end
+
+  # Writes _s_ in the non-blocking manner.
+  #
+  # If there is buffered data, it is flushed first.  This may block.
+  #
+  # write_nonblock returns number of bytes written to the SSL connection.
+  #
+  # When no data can be written without blocking it raises
+  # OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
+  #
+  # IO::WaitReadable means SSL needs to read internally so write_nonblock
+  # should be called again after the underlying IO is readable.
+  #
+  # IO::WaitWritable means SSL needs to write internally so write_nonblock
+  # should be called again after underlying IO is writable.
+  #
+  # So OpenSSL::Buffering#write_nonblock needs two rescue clause as follows.
+  #
+  #   # emulates blocking write.
+  #   begin
+  #     result = ssl.write_nonblock(str)
+  #   rescue IO::WaitReadable
+  #     IO.select([io])
+  #     retry
+  #   rescue IO::WaitWritable
+  #     IO.select(nil, [io])
+  #     retry
+  #   end
+  #
+  # Note that one reason that write_nonblock reads from the underlying IO
+  # is when the peer requests a new TLS/SSL handshake.  See the openssl FAQ
+  # for more details.  http://www.openssl.org/support/faq.html
+  #
+  # By specifying a keyword argument _exception_ to +false+, you can indicate
+  # that write_nonblock should not raise an IO::Wait*able exception, but
+  # return the symbol +:wait_writable+ or +:wait_readable+ instead.
+  #
+  # source://openssl//lib/openssl/buffering.rb#431
+  def write_nonblock(s, exception: T.unsafe(nil)); end
+
+  private
+
+  # Consumes _size_ bytes from the buffer
+  #
+  # source://openssl//lib/openssl/buffering.rb#87
+  def consume_rbuff(size = T.unsafe(nil)); end
+
+  # Writes _s_ to the buffer.  When the buffer is full or #sync is true the
+  # buffer is flushed to the underlying socket.
+  #
+  # source://openssl//lib/openssl/buffering.rb#349
+  def do_write(s); end
+
+  # Fills the buffer from the underlying SSLSocket
+  #
+  # source://openssl//lib/openssl/buffering.rb#74
+  def fill_rbuff; end
+end
+
+# A buffer which will retain binary encoding.
+#
+# source://openssl//lib/openssl/buffering.rb#26
+class OpenSSL::Buffering::Buffer < ::String; end
+
+# source://openssl//lib/openssl/cipher.rb#16
+class OpenSSL::Cipher
+  # call-seq:
+  #   cipher.random_iv -> iv
+  #
+  # Generate a random IV with OpenSSL::Random.random_bytes and sets it to the
+  # cipher, and returns it.
+  #
+  # You must call #encrypt or #decrypt before calling this method.
+  #
+  # source://openssl//lib/openssl/cipher.rb#55
+  def random_iv; end
+
+  # call-seq:
+  #   cipher.random_key -> key
+  #
+  # Generate a random key with OpenSSL::Random.random_bytes and sets it to
+  # the cipher, and returns it.
+  #
+  # You must call #encrypt or #decrypt before calling this method.
+  #
+  # source://openssl//lib/openssl/cipher.rb#43
+  def random_key; end
+end
+
+# source://openssl//lib/openssl/cipher.rb#18
+class OpenSSL::Cipher::AES < ::OpenSSL::Cipher
+  # source://openssl//lib/openssl/cipher.rb#19
+  def initialize(*args); end
+end
+
+# source://openssl//lib/openssl/cipher.rb#28
+class OpenSSL::Cipher::AES128 < ::OpenSSL::Cipher
+  # source://openssl//lib/openssl/cipher.rb#29
+  def initialize(mode = T.unsafe(nil)); end
+end
+
+# source://openssl//lib/openssl/cipher.rb#28
+class OpenSSL::Cipher::AES192 < ::OpenSSL::Cipher
+  # source://openssl//lib/openssl/cipher.rb#29
+  def initialize(mode = T.unsafe(nil)); end
+end
+
+# source://openssl//lib/openssl/cipher.rb#28
+class OpenSSL::Cipher::AES256 < ::OpenSSL::Cipher
+  # source://openssl//lib/openssl/cipher.rb#29
+  def initialize(mode = T.unsafe(nil)); end
+end
+
+class OpenSSL::Cipher::AuthTagError < ::OpenSSL::Cipher::CipherError; end
+
+# source://openssl//lib/openssl/cipher.rb#18
+class OpenSSL::Cipher::BF < ::OpenSSL::Cipher
+  # source://openssl//lib/openssl/cipher.rb#19
+  def initialize(*args); end
+end
+
+# source://openssl//lib/openssl/cipher.rb#18
+class OpenSSL::Cipher::CAST5 < ::OpenSSL::Cipher
+  # source://openssl//lib/openssl/cipher.rb#19
+  def initialize(*args); end
+end
+
+# Deprecated.
+#
+# This class is only provided for backwards compatibility.
+# Use OpenSSL::Cipher.
+#
+# source://openssl//lib/openssl/cipher.rb#64
+class OpenSSL::Cipher::Cipher < ::OpenSSL::Cipher; end
+
+# source://openssl//lib/openssl/cipher.rb#18
+class OpenSSL::Cipher::DES < ::OpenSSL::Cipher
+  # source://openssl//lib/openssl/cipher.rb#19
+  def initialize(*args); end
+end
+
+# source://openssl//lib/openssl/cipher.rb#18
+class OpenSSL::Cipher::IDEA < ::OpenSSL::Cipher
+  # source://openssl//lib/openssl/cipher.rb#19
+  def initialize(*args); end
+end
+
+# source://openssl//lib/openssl/cipher.rb#18
+class OpenSSL::Cipher::RC2 < ::OpenSSL::Cipher
+  # source://openssl//lib/openssl/cipher.rb#19
+  def initialize(*args); end
+end
+
+# source://openssl//lib/openssl/cipher.rb#18
+class OpenSSL::Cipher::RC4 < ::OpenSSL::Cipher
+  # source://openssl//lib/openssl/cipher.rb#19
+  def initialize(*args); end
+end
+
+# source://openssl//lib/openssl/cipher.rb#18
+class OpenSSL::Cipher::RC5 < ::OpenSSL::Cipher
+  # source://openssl//lib/openssl/cipher.rb#19
+  def initialize(*args); end
+end
+
+class OpenSSL::Config
+  include ::Enumerable
+end
+
+# source://openssl//lib/openssl/digest.rb#16
+class OpenSSL::Digest < ::Digest::Class
+  class << self
+    # Return the hash value computed with _name_ Digest. _name_ is either the
+    # long name or short name of a supported digest algorithm.
+    #
+    # === Example
+    #
+    #   OpenSSL::Digest.digest("SHA256", "abc")
+    #
+    # source://openssl//lib/openssl/digest.rb#25
+    def digest(name, data); end
+  end
+end
+
+# Deprecated.
+#
+# This class is only provided for backwards compatibility.
+# Use OpenSSL::Digest instead.
+#
+# source://openssl//lib/openssl/digest.rb#48
+class OpenSSL::Digest::Digest < ::OpenSSL::Digest; end
+
+# source://openssl//lib/openssl/digest.rb#30
+class OpenSSL::Digest::MD4 < ::OpenSSL::Digest
+  # source://openssl//lib/openssl/digest.rb#31
+  def initialize(data = T.unsafe(nil)); end
+
+  class << self
+    # source://openssl//lib/openssl/digest.rb#37
+    def digest(data); end
+
+    # source://openssl//lib/openssl/digest.rb#38
+    def hexdigest(data); end
+  end
+end
+
+# source://openssl//lib/openssl/digest.rb#30
+class OpenSSL::Digest::MD5 < ::OpenSSL::Digest
+  # source://openssl//lib/openssl/digest.rb#31
+  def initialize(data = T.unsafe(nil)); end
+
+  class << self
+    # source://openssl//lib/openssl/digest.rb#37
+    def digest(data); end
+
+    # source://openssl//lib/openssl/digest.rb#38
+    def hexdigest(data); end
+  end
+end
+
+# source://openssl//lib/openssl/digest.rb#30
+class OpenSSL::Digest::RIPEMD160 < ::OpenSSL::Digest
+  # source://openssl//lib/openssl/digest.rb#31
+  def initialize(data = T.unsafe(nil)); end
+
+  class << self
+    # source://openssl//lib/openssl/digest.rb#37
+    def digest(data); end
+
+    # source://openssl//lib/openssl/digest.rb#38
+    def hexdigest(data); end
+  end
+end
+
+# source://openssl//lib/openssl/digest.rb#30
+class OpenSSL::Digest::SHA1 < ::OpenSSL::Digest
+  # source://openssl//lib/openssl/digest.rb#31
+  def initialize(data = T.unsafe(nil)); end
+
+  class << self
+    # source://openssl//lib/openssl/digest.rb#37
+    def digest(data); end
+
+    # source://openssl//lib/openssl/digest.rb#38
+    def hexdigest(data); end
+  end
+end
+
+# source://openssl//lib/openssl/digest.rb#30
+class OpenSSL::Digest::SHA224 < ::OpenSSL::Digest
+  # source://openssl//lib/openssl/digest.rb#31
+  def initialize(data = T.unsafe(nil)); end
+
+  class << self
+    # source://openssl//lib/openssl/digest.rb#37
+    def digest(data); end
+
+    # source://openssl//lib/openssl/digest.rb#38
+    def hexdigest(data); end
+  end
+end
+
+# source://openssl//lib/openssl/digest.rb#30
+class OpenSSL::Digest::SHA256 < ::OpenSSL::Digest
+  # source://openssl//lib/openssl/digest.rb#31
+  def initialize(data = T.unsafe(nil)); end
+
+  class << self
+    # source://openssl//lib/openssl/digest.rb#37
+    def digest(data); end
+
+    # source://openssl//lib/openssl/digest.rb#38
+    def hexdigest(data); end
+  end
+end
+
+# source://openssl//lib/openssl/digest.rb#30
+class OpenSSL::Digest::SHA384 < ::OpenSSL::Digest
+  # source://openssl//lib/openssl/digest.rb#31
+  def initialize(data = T.unsafe(nil)); end
+
+  class << self
+    # source://openssl//lib/openssl/digest.rb#37
+    def digest(data); end
+
+    # source://openssl//lib/openssl/digest.rb#38
+    def hexdigest(data); end
+  end
+end
+
+# source://openssl//lib/openssl/digest.rb#30
+class OpenSSL::Digest::SHA512 < ::OpenSSL::Digest
+  # source://openssl//lib/openssl/digest.rb#31
+  def initialize(data = T.unsafe(nil)); end
+
+  class << self
+    # source://openssl//lib/openssl/digest.rb#37
+    def digest(data); end
+
+    # source://openssl//lib/openssl/digest.rb#38
+    def hexdigest(data); end
+  end
+end
+
+# source://openssl//lib/openssl/hmac.rb#4
+class OpenSSL::HMAC
+  # Securely compare with another HMAC instance in constant time.
+  #
+  # source://openssl//lib/openssl/hmac.rb#6
+  def ==(other); end
+
+  # :call-seq:
+  #    hmac.base64digest -> string
+  #
+  # Returns the authentication code an a Base64-encoded string.
+  #
+  # source://openssl//lib/openssl/hmac.rb#17
+  def base64digest; end
+
+  class << self
+    # :call-seq:
+    #    HMAC.base64digest(digest, key, data) -> aString
+    #
+    # Returns the authentication code as a Base64-encoded string. The _digest_
+    # parameter specifies the digest algorithm to use. This may be a String
+    # representing the algorithm name or an instance of OpenSSL::Digest.
+    #
+    # === Example
+    #  key = 'key'
+    #  data = 'The quick brown fox jumps over the lazy dog'
+    #
+    #  hmac = OpenSSL::HMAC.base64digest('SHA1', key, data)
+    #  #=> "3nybhbi3iqa8ino29wqQcBydtNk="
+    #
+    # source://openssl//lib/openssl/hmac.rb#73
+    def base64digest(digest, key, data); end
+
+    # :call-seq:
+    #    HMAC.digest(digest, key, data) -> aString
+    #
+    # Returns the authentication code as a binary string. The _digest_ parameter
+    # specifies the digest algorithm to use. This may be a String representing
+    # the algorithm name or an instance of OpenSSL::Digest.
+    #
+    # === Example
+    #  key = 'key'
+    #  data = 'The quick brown fox jumps over the lazy dog'
+    #
+    #  hmac = OpenSSL::HMAC.digest('SHA1', key, data)
+    #  #=> "\xDE|\x9B\x85\xB8\xB7\x8A\xA6\xBC\x8Az6\xF7\n\x90p\x1C\x9D\xB4\xD9"
+    #
+    # source://openssl//lib/openssl/hmac.rb#35
+    def digest(digest, key, data); end
+
+    # :call-seq:
+    #    HMAC.hexdigest(digest, key, data) -> aString
+    #
+    # Returns the authentication code as a hex-encoded string. The _digest_
+    # parameter specifies the digest algorithm to use. This may be a String
+    # representing the algorithm name or an instance of OpenSSL::Digest.
+    #
+    # === Example
+    #  key = 'key'
+    #  data = 'The quick brown fox jumps over the lazy dog'
+    #
+    #  hmac = OpenSSL::HMAC.hexdigest('SHA1', key, data)
+    #  #=> "de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9"
+    #
+    # source://openssl//lib/openssl/hmac.rb#54
+    def hexdigest(digest, key, data); end
+  end
+end
+
+# source://openssl//lib/openssl/marshal.rb#15
+module OpenSSL::Marshal
+  mixes_in_class_methods ::OpenSSL::Marshal::ClassMethods
+
+  # source://openssl//lib/openssl/marshal.rb#26
+  def _dump(_level); end
+
+  class << self
+    # @private
+    #
+    # source://openssl//lib/openssl/marshal.rb#16
+    def included(base); end
+  end
+end
+
+# source://openssl//lib/openssl/marshal.rb#20
+module OpenSSL::Marshal::ClassMethods
+  # source://openssl//lib/openssl/marshal.rb#21
+  def _load(string); end
+end
+
+OpenSSL::PKCS12::KEY_EX = T.let(T.unsafe(nil), Integer)
+OpenSSL::PKCS12::KEY_SIG = T.let(T.unsafe(nil), Integer)
+
+# source://openssl//lib/openssl/pkcs5.rb#8
+module OpenSSL::PKCS5
+  private
+
+  # OpenSSL::PKCS5.pbkdf2_hmac has been renamed to OpenSSL::KDF.pbkdf2_hmac.
+  # This method is provided for backwards compatibility.
+  #
+  # source://openssl//lib/openssl/pkcs5.rb#13
+  def pbkdf2_hmac(pass, salt, iter, keylen, digest); end
+
+  # source://openssl//lib/openssl/pkcs5.rb#18
+  def pbkdf2_hmac_sha1(pass, salt, iter, keylen); end
+
+  class << self
+    # OpenSSL::PKCS5.pbkdf2_hmac has been renamed to OpenSSL::KDF.pbkdf2_hmac.
+    # This method is provided for backwards compatibility.
+    #
+    # source://openssl//lib/openssl/pkcs5.rb#13
+    def pbkdf2_hmac(pass, salt, iter, keylen, digest); end
+
+    # source://openssl//lib/openssl/pkcs5.rb#18
+    def pbkdf2_hmac_sha1(pass, salt, iter, keylen); end
+  end
+end
+
+OpenSSL::PKCS7::Signer = OpenSSL::PKCS7::SignerInfo
+
+# source://openssl//lib/openssl/pkey.rb#13
+class OpenSSL::PKey::DH < ::OpenSSL::PKey::PKey
+  include ::OpenSSL::Marshal
+  extend ::OpenSSL::Marshal::ClassMethods
+
+  # :call-seq:
+  #    dh.compute_key(pub_bn) -> string
+  #
+  # Returns a String containing a shared secret computed from the other
+  # party's public value.
+  #
+  # This method is provided for backwards compatibility, and calls #derive
+  # internally.
+  #
+  # === Parameters
+  # * _pub_bn_ is a OpenSSL::BN, *not* the DH instance returned by
+  #   DH#public_key as that contains the DH parameters only.
+  #
+  # source://openssl//lib/openssl/pkey.rb#64
+  def compute_key(pub_bn); end
+
+  # :call-seq:
+  #    dh.generate_key! -> self
+  #
+  # Generates a private and public key unless a private key already exists.
+  # If this DH instance was generated from public \DH parameters (e.g. by
+  # encoding the result of DH#public_key), then this method needs to be
+  # called first in order to generate the per-session keys before performing
+  # the actual key exchange.
+  #
+  # <b>Deprecated in version 3.0</b>. This method is incompatible with
+  # OpenSSL 3.0.0 or later.
+  #
+  # See also OpenSSL::PKey.generate_key.
+  #
+  # Example:
+  #   # DEPRECATED USAGE: This will not work on OpenSSL 3.0 or later
+  #   dh0 = OpenSSL::PKey::DH.new(2048)
+  #   dh = dh0.public_key # #public_key only copies the DH parameters (contrary to the name)
+  #   dh.generate_key!
+  #   puts dh.private? # => true
+  #   puts dh0.pub_key == dh.pub_key #=> false
+  #
+  #   # With OpenSSL::PKey.generate_key
+  #   dh0 = OpenSSL::PKey::DH.new(2048)
+  #   dh = OpenSSL::PKey.generate_key(dh0)
+  #   puts dh0.pub_key == dh.pub_key #=> false
+  #
+  # source://openssl//lib/openssl/pkey.rb#106
+  def generate_key!; end
+
+  # :call-seq:
+  #    dh.params -> hash
+  #
+  # Stores all parameters of key to a Hash.
+  #
+  # The hash has keys 'p', 'q', 'g', 'pub_key', and 'priv_key'.
+  #
+  # source://openssl//lib/openssl/pkey.rb#46
+  def params; end
+
+  # :call-seq:
+  #    dh.public_key -> dhnew
+  #
+  # Returns a new DH instance that carries just the \DH parameters.
+  #
+  # Contrary to the method name, the returned DH object contains only
+  # parameters and not the public key.
+  #
+  # This method is provided for backwards compatibility. In most cases, there
+  # is no need to call this method.
+  #
+  # For the purpose of re-generating the key pair while keeping the
+  # parameters, check OpenSSL::PKey.generate_key.
+  #
+  # Example:
+  #   # OpenSSL::PKey::DH.generate by default generates a random key pair
+  #   dh1 = OpenSSL::PKey::DH.generate(2048)
+  #   p dh1.priv_key #=> #<OpenSSL::BN 1288347...>
+  #   dhcopy = dh1.public_key
+  #   p dhcopy.priv_key #=> nil
+  #
+  # source://openssl//lib/openssl/pkey.rb#36
+  def public_key; end
+
+  class << self
+    # :call-seq:
+    #    DH.generate(size, generator = 2) -> dh
+    #
+    # Creates a new DH instance from scratch by generating random parameters
+    # and a key pair.
+    #
+    # See also OpenSSL::PKey.generate_parameters and
+    # OpenSSL::PKey.generate_key.
+    #
+    # +size+::
+    #   The desired key size in bits.
+    # +generator+::
+    #   The generator.
+    #
+    # source://openssl//lib/openssl/pkey.rb#133
+    def generate(size, generator = T.unsafe(nil), &blk); end
+
+    # Handle DH.new(size, generator) form here; new(str) and new() forms
+    # are handled by #initialize
+    #
+    # source://openssl//lib/openssl/pkey.rb#143
+    def new(*args, &blk); end
+  end
+end
+
+# source://openssl//lib/openssl/pkey.rb#156
+class OpenSSL::PKey::DSA < ::OpenSSL::PKey::PKey
+  include ::OpenSSL::Marshal
+  extend ::OpenSSL::Marshal::ClassMethods
+
+  # :call-seq:
+  #    dsa.params -> hash
+  #
+  # Stores all parameters of key to a Hash.
+  #
+  # The hash has keys 'p', 'q', 'g', 'pub_key', and 'priv_key'.
+  #
+  # source://openssl//lib/openssl/pkey.rb#181
+  def params; end
+
+  # :call-seq:
+  #    dsa.public_key -> dsanew
+  #
+  # Returns a new DSA instance that carries just the \DSA parameters and the
+  # public key.
+  #
+  # This method is provided for backwards compatibility. In most cases, there
+  # is no need to call this method.
+  #
+  # For the purpose of serializing the public key, to PEM or DER encoding of
+  # X.509 SubjectPublicKeyInfo format, check PKey#public_to_pem and
+  # PKey#public_to_der.
+  #
+  # source://openssl//lib/openssl/pkey.rb#171
+  def public_key; end
+
+  # :call-seq:
+  #    dsa.syssign(string) -> string
+  #
+  # Computes and returns the \DSA signature of +string+, where +string+ is
+  # expected to be an already-computed message digest of the original input
+  # data. The signature is issued using the private key of this DSA instance.
+  #
+  # <b>Deprecated in version 3.0</b>.
+  # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
+  #
+  # +string+::
+  #   A message digest of the original input data to be signed.
+  #
+  # Example:
+  #   dsa = OpenSSL::PKey::DSA.new(2048)
+  #   doc = "Sign me"
+  #   digest = OpenSSL::Digest.digest('SHA1', doc)
+  #
+  #   # With legacy #syssign and #sysverify:
+  #   sig = dsa.syssign(digest)
+  #   p dsa.sysverify(digest, sig) #=> true
+  #
+  #   # With #sign_raw and #verify_raw:
+  #   sig = dsa.sign_raw(nil, digest)
+  #   p dsa.verify_raw(nil, sig, digest) #=> true
+  #
+  # source://openssl//lib/openssl/pkey.rb#250
+  def syssign(string); end
+
+  # :call-seq:
+  #    dsa.sysverify(digest, sig) -> true | false
+  #
+  # Verifies whether the signature is valid given the message digest input.
+  # It does so by validating +sig+ using the public key of this DSA instance.
+  #
+  # <b>Deprecated in version 3.0</b>.
+  # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
+  #
+  # +digest+::
+  #   A message digest of the original input data to be signed.
+  # +sig+::
+  #   A \DSA signature value.
+  #
+  # source://openssl//lib/openssl/pkey.rb#269
+  def sysverify(digest, sig); end
+
+  class << self
+    # :call-seq:
+    #    DSA.generate(size) -> dsa
+    #
+    # Creates a new DSA instance by generating a private/public key pair
+    # from scratch.
+    #
+    # See also OpenSSL::PKey.generate_parameters and
+    # OpenSSL::PKey.generate_key.
+    #
+    # +size+::
+    #   The desired key size in bits.
+    #
+    # source://openssl//lib/openssl/pkey.rb#199
+    def generate(size, &blk); end
+
+    # Handle DSA.new(size) form here; new(str) and new() forms
+    # are handled by #initialize
+    #
+    # source://openssl//lib/openssl/pkey.rb#216
+    def new(*args, &blk); end
+  end
+end
+
+# source://openssl//lib/openssl/pkey.rb#278
+class OpenSSL::PKey::EC < ::OpenSSL::PKey::PKey
+  include ::OpenSSL::Marshal
+  extend ::OpenSSL::Marshal::ClassMethods
+
+  # :call-seq:
+  #    ec.dh_compute_key(pubkey) -> string
+  #
+  # Derives a shared secret by ECDH. _pubkey_ must be an instance of
+  # OpenSSL::PKey::EC::Point and must belong to the same group.
+  #
+  # This method is provided for backwards compatibility, and calls #derive
+  # internally.
+  #
+  # source://openssl//lib/openssl/pkey.rb#307
+  def dh_compute_key(pubkey); end
+
+  # :call-seq:
+  #    key.dsa_sign_asn1(data) -> String
+  #
+  # <b>Deprecated in version 3.0</b>.
+  # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
+  #
+  # source://openssl//lib/openssl/pkey.rb#286
+  def dsa_sign_asn1(data); end
+
+  # :call-seq:
+  #    key.dsa_verify_asn1(data, sig) -> true | false
+  #
+  # <b>Deprecated in version 3.0</b>.
+  # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
+  #
+  # source://openssl//lib/openssl/pkey.rb#295
+  def dsa_verify_asn1(data, sig); end
+end
+
+OpenSSL::PKey::EC::EXPLICIT_CURVE = T.let(T.unsafe(nil), Integer)
+
+# source://openssl//lib/openssl/pkey.rb#319
+class OpenSSL::PKey::EC::Point
+  # :call-seq:
+  #    point.to_bn([conversion_form]) -> OpenSSL::BN
+  #
+  # Returns the octet string representation of the EC point as an instance of
+  # OpenSSL::BN.
+  #
+  # If _conversion_form_ is not given, the _point_conversion_form_ attribute
+  # set to the group is used.
+  #
+  # See #to_octet_string for more information.
+  #
+  # source://openssl//lib/openssl/pkey.rb#330
+  def to_bn(conversion_form = T.unsafe(nil)); end
+end
+
+# source://openssl//lib/openssl/pkey.rb#339
+class OpenSSL::PKey::RSA < ::OpenSSL::PKey::PKey
+  include ::OpenSSL::Marshal
+  extend ::OpenSSL::Marshal::ClassMethods
+
+  # :call-seq:
+  #    rsa.params -> hash
+  #
+  # Stores all parameters of key to a Hash.
+  #
+  # The hash has keys 'n', 'e', 'd', 'p', 'q', 'dmp1', 'dmq1', and 'iqmp'.
+  #
+  # source://openssl//lib/openssl/pkey.rb#363
+  def params; end
+
+  # :call-seq:
+  #    rsa.private_decrypt(string)          -> String
+  #    rsa.private_decrypt(string, padding) -> String
+  #
+  # Decrypt +string+, which has been encrypted with the public key, with the
+  # private key. +padding+ defaults to PKCS1_PADDING, which is known to be
+  # insecure but is kept for backwards compatibility.
+  #
+  # <b>Deprecated in version 3.0</b>.
+  # Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead.
+  #
+  # source://openssl//lib/openssl/pkey.rb#465
+  def private_decrypt(data, padding = T.unsafe(nil)); end
+
+  # :call-seq:
+  #    rsa.private_encrypt(string)          -> String
+  #    rsa.private_encrypt(string, padding) -> String
+  #
+  # Encrypt +string+ with the private key.  +padding+ defaults to
+  # PKCS1_PADDING, which is known to be insecure but is kept for backwards
+  # compatibility. The encrypted string output can be decrypted using
+  # #public_decrypt.
+  #
+  # <b>Deprecated in version 3.0</b>.
+  # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and
+  # PKey::PKey#verify_recover instead.
+  #
+  # source://openssl//lib/openssl/pkey.rb#411
+  def private_encrypt(string, padding = T.unsafe(nil)); end
+
+  # :call-seq:
+  #    rsa.public_decrypt(string)          -> String
+  #    rsa.public_decrypt(string, padding) -> String
+  #
+  # Decrypt +string+, which has been encrypted with the private key, with the
+  # public key.  +padding+ defaults to PKCS1_PADDING which is known to be
+  # insecure but is kept for backwards compatibility.
+  #
+  # <b>Deprecated in version 3.0</b>.
+  # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw, and
+  # PKey::PKey#verify_recover instead.
+  #
+  # source://openssl//lib/openssl/pkey.rb#430
+  def public_decrypt(string, padding = T.unsafe(nil)); end
+
+  # :call-seq:
+  #    rsa.public_encrypt(string)          -> String
+  #    rsa.public_encrypt(string, padding) -> String
+  #
+  # Encrypt +string+ with the public key.  +padding+ defaults to
+  # PKCS1_PADDING, which is known to be insecure but is kept for backwards
+  # compatibility. The encrypted string output can be decrypted using
+  # #private_decrypt.
+  #
+  # <b>Deprecated in version 3.0</b>.
+  # Consider using PKey::PKey#encrypt and PKey::PKey#decrypt instead.
+  #
+  # source://openssl//lib/openssl/pkey.rb#448
+  def public_encrypt(data, padding = T.unsafe(nil)); end
+
+  # :call-seq:
+  #    rsa.public_key -> rsanew
+  #
+  # Returns a new RSA instance that carries just the public key components.
+  #
+  # This method is provided for backwards compatibility. In most cases, there
+  # is no need to call this method.
+  #
+  # For the purpose of serializing the public key, to PEM or DER encoding of
+  # X.509 SubjectPublicKeyInfo format, check PKey#public_to_pem and
+  # PKey#public_to_der.
+  #
+  # source://openssl//lib/openssl/pkey.rb#353
+  def public_key; end
+
+  private
+
+  # source://openssl//lib/openssl/pkey.rb#478
+  def translate_padding_mode(num); end
+
+  class << self
+    # :call-seq:
+    #    RSA.generate(size, exponent = 65537) -> RSA
+    #
+    # Generates an \RSA keypair.
+    #
+    # See also OpenSSL::PKey.generate_key.
+    #
+    # +size+::
+    #   The desired key size in bits.
+    # +exponent+::
+    #   An odd Integer, normally 3, 17, or 65537.
+    #
+    # source://openssl//lib/openssl/pkey.rb#381
+    def generate(size, exp = T.unsafe(nil), &blk); end
+
+    # Handle RSA.new(size, exponent) form here; new(str) and new() forms
+    # are handled by #initialize
+    #
+    # source://openssl//lib/openssl/pkey.rb#390
+    def new(*args, &blk); end
+  end
+end
+
+class OpenSSL::Provider
+  def inspect; end
+  def name; end
+  def unload; end
+
+  class << self
+    def load(_arg0); end
+    def provider_names; end
+  end
+end
+
+class OpenSSL::Provider::ProviderError < ::OpenSSL::OpenSSLError; end
+
+# source://openssl//lib/openssl/ssl.rb#22
+module OpenSSL::SSL
+  private
+
+  # source://openssl//lib/openssl/ssl.rb#249
+  def verify_certificate_identity(cert, hostname); end
+
+  # source://openssl//lib/openssl/ssl.rb#282
+  def verify_hostname(hostname, san); end
+
+  # source://openssl//lib/openssl/ssl.rb#315
+  def verify_wildcard(domain_component, san_component); end
+
+  class << self
+    # source://openssl//lib/openssl/ssl.rb#249
+    def verify_certificate_identity(cert, hostname); end
+
+    # source://openssl//lib/openssl/ssl.rb#282
+    def verify_hostname(hostname, san); end
+
+    # source://openssl//lib/openssl/ssl.rb#315
+    def verify_wildcard(domain_component, san_component); end
+  end
+end
+
+OpenSSL::SSL::OP_ALLOW_CLIENT_RENEGOTIATION = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_ALLOW_NO_DHE_KEX = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_CLEANSE_PLAINTEXT = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_CRYPTOPRO_TLSEXT_BUG = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_DISABLE_TLSEXT_CA_NAMES = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_ENABLE_KTLS = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_ENABLE_MIDDLEBOX_COMPAT = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_IGNORE_UNEXPECTED_EOF = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_LEGACY_SERVER_CONNECT = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_NO_ANTI_REPLAY = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_NO_ENCRYPT_THEN_MAC = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_NO_RENEGOTIATION = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_NO_TLSv1_3 = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_PRIORITIZE_CHACHA = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_SAFARI_ECDHE_ECDSA_BUG = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::OP_TLSEXT_PADDING = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::SSL2_VERSION = T.let(T.unsafe(nil), Integer)
+OpenSSL::SSL::SSL3_VERSION = T.let(T.unsafe(nil), Integer)
+
+# source://openssl//lib/openssl/ssl.rb#23
+class OpenSSL::SSL::SSLContext
+  # call-seq:
+  #    SSLContext.new           -> ctx
+  #    SSLContext.new(:TLSv1)   -> ctx
+  #    SSLContext.new("SSLv23") -> ctx
+  #
+  # Creates a new SSL context.
+  #
+  # If an argument is given, #ssl_version= is called with the value. Note
+  # that this form is deprecated. New applications should use #min_version=
+  # and #max_version= as necessary.
+  #
+  # @return [SSLContext] a new instance of SSLContext
+  #
+  # source://openssl//lib/openssl/ssl.rb#94
+  def initialize(version = T.unsafe(nil)); end
+
+  # A callback invoked at connect time to distinguish between multiple
+  # server names.
+  #
+  # The callback is invoked with an SSLSocket and a server name.  The
+  # callback must return an SSLContext for the server name or nil.
+  #
+  # source://openssl//lib/openssl/ssl.rb#82
+  def servername_cb; end
+
+  # A callback invoked at connect time to distinguish between multiple
+  # server names.
+  #
+  # The callback is invoked with an SSLSocket and a server name.  The
+  # callback must return an SSLContext for the server name or nil.
+  #
+  # source://openssl//lib/openssl/ssl.rb#82
+  def servername_cb=(_arg0); end
+
+  # call-seq:
+  #   ctx.set_params(params = {}) -> params
+  #
+  # Sets saner defaults optimized for the use with HTTP-like protocols.
+  #
+  # If a Hash _params_ is given, the parameters are overridden with it.
+  # The keys in _params_ must be assignment methods on SSLContext.
+  #
+  # If the verify_mode is not VERIFY_NONE and ca_file, ca_path and
+  # cert_store are not set then the system default certificate store is
+  # used.
+  #
+  # source://openssl//lib/openssl/ssl.rb#112
+  def set_params(params = T.unsafe(nil)); end
+
+  # call-seq:
+  #    ctx.ssl_version = :TLSv1
+  #    ctx.ssl_version = "SSLv23"
+  #
+  # Sets the SSL/TLS protocol version for the context. This forces
+  # connections to use only the specified protocol version. This is
+  # deprecated and only provided for backwards compatibility. Use
+  # #min_version= and #max_version= instead.
+  #
+  # === History
+  # As the name hints, this used to call the SSL_CTX_set_ssl_version()
+  # function which sets the SSL method used for connections created from
+  # the context. As of Ruby/OpenSSL 2.1, this accessor method is
+  # implemented to call #min_version= and #max_version= instead.
+  #
+  # source://openssl//lib/openssl/ssl.rb#145
+  def ssl_version=(meth); end
+end
+
+# The list of available SSL/TLS methods. This constant is only provided
+# for backwards compatibility.
+#
+# source://openssl//lib/openssl/ssl.rb#170
+OpenSSL::SSL::SSLContext::METHODS = T.let(T.unsafe(nil), Array)
+
+# source://openssl//lib/openssl/ssl.rb#158
+OpenSSL::SSL::SSLContext::METHODS_MAP = T.let(T.unsafe(nil), Hash)
+
+class OpenSSL::SSL::SSLErrorWaitReadable < ::OpenSSL::SSL::SSLError
+  include ::IO::WaitReadable
+end
+
+class OpenSSL::SSL::SSLErrorWaitWritable < ::OpenSSL::SSL::SSLError
+  include ::IO::WaitWritable
+end
+
+# SSLServer represents a TCP/IP server socket with Secure Sockets Layer.
+#
+# source://openssl//lib/openssl/ssl.rb#478
+class OpenSSL::SSL::SSLServer
+  include ::OpenSSL::SSL::SocketForwarder
+
+  # Creates a new instance of SSLServer.
+  # * _srv_ is an instance of TCPServer.
+  # * _ctx_ is an instance of OpenSSL::SSL::SSLContext.
+  #
+  # @return [SSLServer] a new instance of SSLServer
+  #
+  # source://openssl//lib/openssl/ssl.rb#486
+  def initialize(svr, ctx); end
+
+  # Works similar to TCPServer#accept.
+  #
+  # source://openssl//lib/openssl/ssl.rb#514
+  def accept; end
+
+  # See IO#close for details.
+  #
+  # source://openssl//lib/openssl/ssl.rb#535
+  def close; end
+
+  # See TCPServer#listen for details.
+  #
+  # source://openssl//lib/openssl/ssl.rb#504
+  def listen(backlog = T.unsafe(nil)); end
+
+  # See BasicSocket#shutdown for details.
+  #
+  # source://openssl//lib/openssl/ssl.rb#509
+  def shutdown(how = T.unsafe(nil)); end
+
+  # When true then #accept works exactly the same as TCPServer#accept
+  #
+  # source://openssl//lib/openssl/ssl.rb#481
+  def start_immediately; end
+
+  # When true then #accept works exactly the same as TCPServer#accept
+  #
+  # source://openssl//lib/openssl/ssl.rb#481
+  def start_immediately=(_arg0); end
+
+  # Returns the TCPServer passed to the SSLServer when initialized.
+  #
+  # source://openssl//lib/openssl/ssl.rb#499
+  def to_io; end
+end
+
+# source://openssl//lib/openssl/ssl.rb#333
+class OpenSSL::SSL::SSLSocket
+  include ::Enumerable
+  include ::OpenSSL::Buffering
+  include ::OpenSSL::SSL::SocketForwarder
+
+  # Close the stream for reading.
+  # This method is ignored by OpenSSL as there is no reasonable way to
+  # implement it, but exists for compatibility with IO.
+  #
+  # source://openssl//lib/openssl/ssl.rb#400
+  def close_read; end
+
+  # Closes the stream for writing. The behavior of this method depends on
+  # the version of OpenSSL and the TLS protocol in use.
+  #
+  # - Sends a 'close_notify' alert to the peer.
+  # - Does not wait for the peer's 'close_notify' alert in response.
+  #
+  # In TLS 1.2 and earlier:
+  # - On receipt of a 'close_notify' alert, responds with a 'close_notify'
+  #   alert of its own and close down the connection immediately,
+  #   discarding any pending writes.
+  #
+  # Therefore, on TLS 1.2, this method will cause the connection to be
+  # completely shut down. On TLS 1.3, the connection will remain open for
+  # reading only.
+  #
+  # source://openssl//lib/openssl/ssl.rb#419
+  def close_write; end
+
+  # The SSLContext object used in this connection.
+  #
+  # source://openssl//lib/openssl/ssl.rb#344
+  def context; end
+
+  # Returns the value of attribute hostname.
+  #
+  # source://openssl//lib/openssl/ssl.rb#337
+  def hostname; end
+
+  # The underlying IO object.
+  #
+  # source://openssl//lib/openssl/ssl.rb#340
+  def io; end
+
+  # call-seq:
+  #   ssl.post_connection_check(hostname) -> true
+  #
+  # Perform hostname verification following RFC 6125.
+  #
+  # This method MUST be called after calling #connect to ensure that the
+  # hostname of a remote peer has been verified.
+  #
+  # source://openssl//lib/openssl/ssl.rb#370
+  def post_connection_check(hostname); end
+
+  # call-seq:
+  #   ssl.session -> aSession
+  #
+  # Returns the SSLSession object currently used, or nil if the session is
+  # not established.
+  #
+  # source://openssl//lib/openssl/ssl.rb#391
+  def session; end
+
+  # Whether to close the underlying socket as well, when the SSL/TLS
+  # connection is shut down. This defaults to +false+.
+  #
+  # source://openssl//lib/openssl/ssl.rb#348
+  def sync_close; end
+
+  # Whether to close the underlying socket as well, when the SSL/TLS
+  # connection is shut down. This defaults to +false+.
+  #
+  # source://openssl//lib/openssl/ssl.rb#348
+  def sync_close=(_arg0); end
+
+  # call-seq:
+  #    ssl.sysclose => nil
+  #
+  # Sends "close notify" to the peer and tries to shut down the SSL
+  # connection gracefully.
+  #
+  # If sync_close is set to +true+, the underlying IO is also closed.
+  #
+  # source://openssl//lib/openssl/ssl.rb#357
+  def sysclose; end
+
+  # The underlying IO object.
+  #
+  # source://openssl//lib/openssl/ssl.rb#340
+  def to_io; end
+
+  private
+
+  # source://openssl//lib/openssl/ssl.rb#431
+  def client_cert_cb; end
+
+  # source://openssl//lib/openssl/ssl.rb#439
+  def session_get_cb; end
+
+  # source://openssl//lib/openssl/ssl.rb#435
+  def session_new_cb; end
+
+  # @return [Boolean]
+  #
+  # source://openssl//lib/openssl/ssl.rb#425
+  def using_anon_cipher?; end
+
+  class << self
+    # call-seq:
+    #   open(remote_host, remote_port, local_host=nil, local_port=nil, context: nil)
+    #
+    # Creates a new instance of SSLSocket.
+    # _remote\_host_ and _remote\_port_ are used to open TCPSocket.
+    # If _local\_host_ and _local\_port_ are specified,
+    # then those parameters are used on the local end to establish the connection.
+    # If _context_ is provided,
+    # the SSL Sockets initial params will be taken from the context.
+    #
+    # === Examples
+    #
+    #   sock = OpenSSL::SSL::SSLSocket.open('localhost', 443)
+    #   sock.connect # Initiates a connection to localhost:443
+    #
+    # with SSLContext:
+    #
+    #   ctx = OpenSSL::SSL::SSLContext.new
+    #   sock = OpenSSL::SSL::SSLSocket.open('localhost', 443, context: ctx)
+    #   sock.connect # Initiates a connection to localhost:443 with SSLContext
+    #
+    # source://openssl//lib/openssl/ssl.rb#465
+    def open(remote_host, remote_port, local_host = T.unsafe(nil), local_port = T.unsafe(nil), context: T.unsafe(nil)); end
+  end
+end
+
+# source://openssl//lib/openssl/ssl.rb#176
+module OpenSSL::SSL::SocketForwarder
+  # source://openssl//lib/openssl/ssl.rb#182
+  def addr; end
+
+  # source://openssl//lib/openssl/ssl.rb#218
+  def close_on_exec=(value); end
+
+  # @return [Boolean]
+  #
+  # source://openssl//lib/openssl/ssl.rb#222
+  def close_on_exec?; end
+
+  # @return [Boolean]
+  #
+  # source://openssl//lib/openssl/ssl.rb#210
+  def closed?; end
+
+  # source://openssl//lib/openssl/ssl.rb#214
+  def do_not_reverse_lookup=(flag); end
+
+  # source://openssl//lib/openssl/ssl.rb#206
+  def fcntl(*args); end
+
+  # The file descriptor for the socket.
+  #
+  # source://openssl//lib/openssl/ssl.rb#178
+  def fileno; end
+
+  # source://openssl//lib/openssl/ssl.rb#202
+  def getsockopt(level, optname); end
+
+  # source://openssl//lib/openssl/ssl.rb#190
+  def local_address; end
+
+  # source://openssl//lib/openssl/ssl.rb#186
+  def peeraddr; end
+
+  # source://openssl//lib/openssl/ssl.rb#194
+  def remote_address; end
+
+  # source://openssl//lib/openssl/ssl.rb#198
+  def setsockopt(level, optname, optval); end
+
+  # source://openssl//lib/openssl/ssl.rb#239
+  def timeout; end
+
+  # source://openssl//lib/openssl/ssl.rb#243
+  def timeout=(value); end
+
+  # source://openssl//lib/openssl/ssl.rb#226
+  def wait(*args); end
+
+  # source://openssl//lib/openssl/ssl.rb#230
+  def wait_readable(*args); end
+
+  # source://openssl//lib/openssl/ssl.rb#234
+  def wait_writable(*args); end
+end
+
+OpenSSL::SSL::TLS1_VERSION = T.let(T.unsafe(nil), Integer)
+module OpenSSL::Timestamp; end
+
+class OpenSSL::Timestamp::Factory
+  def additional_certs; end
+  def additional_certs=(_arg0); end
+  def allowed_digests; end
+  def allowed_digests=(_arg0); end
+  def create_timestamp(_arg0, _arg1, _arg2); end
+  def default_policy_id; end
+  def default_policy_id=(_arg0); end
+  def gen_time; end
+  def gen_time=(_arg0); end
+  def serial_number; end
+  def serial_number=(_arg0); end
+end
+
+class OpenSSL::Timestamp::Request
+  def initialize(*_arg0); end
+
+  def algorithm; end
+  def algorithm=(_arg0); end
+  def cert_requested=(_arg0); end
+  def cert_requested?; end
+  def message_imprint; end
+  def message_imprint=(_arg0); end
+  def nonce; end
+  def nonce=(_arg0); end
+  def policy_id; end
+  def policy_id=(_arg0); end
+  def to_der; end
+  def to_text; end
+  def version; end
+  def version=(_arg0); end
+end
+
+class OpenSSL::Timestamp::Response
+  def initialize(_arg0); end
+
+  def failure_info; end
+  def status; end
+  def status_text; end
+  def to_der; end
+  def to_text; end
+  def token; end
+  def token_info; end
+  def tsa_certificate; end
+  def verify(*_arg0); end
+end
+
+OpenSSL::Timestamp::Response::GRANTED = T.let(T.unsafe(nil), Integer)
+OpenSSL::Timestamp::Response::GRANTED_WITH_MODS = T.let(T.unsafe(nil), Integer)
+OpenSSL::Timestamp::Response::REJECTION = T.let(T.unsafe(nil), Integer)
+OpenSSL::Timestamp::Response::REVOCATION_NOTIFICATION = T.let(T.unsafe(nil), Integer)
+OpenSSL::Timestamp::Response::REVOCATION_WARNING = T.let(T.unsafe(nil), Integer)
+OpenSSL::Timestamp::Response::WAITING = T.let(T.unsafe(nil), Integer)
+class OpenSSL::Timestamp::TimestampError < ::OpenSSL::OpenSSLError; end
+
+class OpenSSL::Timestamp::TokenInfo
+  def initialize(_arg0); end
+
+  def algorithm; end
+  def gen_time; end
+  def message_imprint; end
+  def nonce; end
+  def ordering; end
+  def policy_id; end
+  def serial_number; end
+  def to_der; end
+  def to_text; end
+  def version; end
+end
+
+# source://openssl//lib/openssl/x509.rb#327
+class OpenSSL::X509::Attribute
+  include ::OpenSSL::Marshal
+  extend ::OpenSSL::Marshal::ClassMethods
+
+  # source://openssl//lib/openssl/x509.rb#330
+  def ==(other); end
+end
+
+# source://openssl//lib/openssl/x509.rb#374
+class OpenSSL::X509::CRL
+  include ::OpenSSL::Marshal
+  include ::OpenSSL::X509::Extension::Helpers
+  include ::OpenSSL::X509::Extension::AuthorityKeyIdentifier
+  extend ::OpenSSL::Marshal::ClassMethods
+
+  # source://openssl//lib/openssl/x509.rb#378
+  def ==(other); end
+end
+
+# source://openssl//lib/openssl/x509.rb#342
+class OpenSSL::X509::Certificate
+  include ::OpenSSL::Marshal
+  include ::OpenSSL::X509::Extension::Helpers
+  include ::OpenSSL::X509::Extension::SubjectKeyIdentifier
+  include ::OpenSSL::X509::Extension::AuthorityKeyIdentifier
+  include ::OpenSSL::X509::Extension::CRLDistributionPoints
+  include ::OpenSSL::X509::Extension::AuthorityInfoAccess
+  extend ::OpenSSL::Marshal::ClassMethods
+
+  # source://openssl//lib/openssl/x509.rb#349
+  def inspect; end
+
+  # source://openssl//lib/openssl/x509.rb#358
+  def pretty_print(q); end
+
+  class << self
+    # source://openssl//lib/openssl/x509.rb#369
+    def load_file(path); end
+  end
+end
+
+# source://openssl//lib/openssl/x509.rb#45
+class OpenSSL::X509::Extension
+  include ::OpenSSL::Marshal
+  extend ::OpenSSL::Marshal::ClassMethods
+
+  # source://openssl//lib/openssl/x509.rb#48
+  def ==(other); end
+
+  # source://openssl//lib/openssl/x509.rb#64
+  def to_a; end
+
+  # {"oid"=>sn|ln, "value"=>value, "critical"=>true|false}
+  #
+  # source://openssl//lib/openssl/x509.rb#60
+  def to_h; end
+
+  # "oid = critical, value"
+  #
+  # source://openssl//lib/openssl/x509.rb#53
+  def to_s; end
+end
+
+# source://openssl//lib/openssl/x509.rb#154
+module OpenSSL::X509::Extension::AuthorityInfoAccess
+  include ::OpenSSL::X509::Extension::Helpers
+
+  # Get the information and services for the issuer from the certificate's
+  # authority information access extension exteension, as described in RFC5280
+  # Section 4.2.2.1.
+  #
+  # Returns an array of strings or nil or raises ASN1::ASN1Error.
+  #
+  # source://openssl//lib/openssl/x509.rb#162
+  def ca_issuer_uris; end
+
+  # Get the URIs for OCSP from the certificate's authority information access
+  # extension exteension, as described in RFC5280 Section 4.2.2.1.
+  #
+  # Returns an array of strings or nil or raises ASN1::ASN1Error.
+  #
+  # source://openssl//lib/openssl/x509.rb#177
+  def ocsp_uris; end
+
+  private
+
+  # source://openssl//lib/openssl/x509.rb#190
+  def parse_aia_asn1; end
+end
+
+# source://openssl//lib/openssl/x509.rb#95
+module OpenSSL::X509::Extension::AuthorityKeyIdentifier
+  include ::OpenSSL::X509::Extension::Helpers
+
+  # Get the issuing certificate's key identifier from the
+  # authorityKeyIdentifier extension, as described in RFC5280
+  # Section 4.2.1.1
+  #
+  # Returns the binary String keyIdentifier or nil or raises
+  # ASN1::ASN1Error.
+  #
+  # source://openssl//lib/openssl/x509.rb#104
+  def authority_key_identifier; end
+end
+
+# source://openssl//lib/openssl/x509.rb#121
+module OpenSSL::X509::Extension::CRLDistributionPoints
+  include ::OpenSSL::X509::Extension::Helpers
+
+  # Get the distributionPoint fullName URI from the certificate's CRL
+  # distribution points extension, as described in RFC 5280 Section
+  # 4.2.1.13.
+  #
+  # Returns an array of strings or nil or raises ASN1::ASN1Error.
+  #
+  # source://openssl//lib/openssl/x509.rb#129
+  def crl_uris; end
+end
+
+# source://openssl//lib/openssl/x509.rb#68
+module OpenSSL::X509::Extension::Helpers
+  # source://openssl//lib/openssl/x509.rb#69
+  def find_extension(oid); end
+end
+
+# source://openssl//lib/openssl/x509.rb#74
+module OpenSSL::X509::Extension::SubjectKeyIdentifier
+  include ::OpenSSL::X509::Extension::Helpers
+
+  # Get the subject's key identifier from the subjectKeyIdentifier
+  # exteension, as described in RFC5280 Section 4.2.1.2.
+  #
+  # Returns the binary String key identifier or nil or raises
+  # ASN1::ASN1Error.
+  #
+  # source://openssl//lib/openssl/x509.rb#82
+  def subject_key_identifier; end
+end
+
+# source://openssl//lib/openssl/x509.rb#19
+class OpenSSL::X509::ExtensionFactory
+  # @raise [ExtensionError]
+  #
+  # source://openssl//lib/openssl/x509.rb#28
+  def create_ext_from_array(ary); end
+
+  # source://openssl//lib/openssl/x509.rb#40
+  def create_ext_from_hash(hash); end
+
+  # "oid = critical, value"
+  #
+  # source://openssl//lib/openssl/x509.rb#33
+  def create_ext_from_string(str); end
+
+  # source://openssl//lib/openssl/x509.rb#20
+  def create_extension(*arg); end
+end
+
+# source://openssl//lib/openssl/x509.rb#204
+class OpenSSL::X509::Name
+  include ::Comparable
+  include ::OpenSSL::Marshal
+  extend ::OpenSSL::Marshal::ClassMethods
+
+  # source://openssl//lib/openssl/x509.rb#319
+  def pretty_print(q); end
+
+  class << self
+    # Parses the string representation of a distinguished name. Two
+    # different forms are supported:
+    #
+    # - \OpenSSL format (<tt>X509_NAME_oneline()</tt>) used by
+    #   <tt>#to_s</tt>. For example: <tt>/DC=com/DC=example/CN=nobody</tt>
+    # - \OpenSSL format (<tt>X509_NAME_print()</tt>)
+    #   used by <tt>#to_s(OpenSSL::X509::Name::COMPAT)</tt>. For example:
+    #   <tt>DC=com, DC=example, CN=nobody</tt>
+    #
+    # Neither of them is standardized and has quirks and inconsistencies
+    # in handling of escaped characters or multi-valued RDNs.
+    #
+    # Use of this method is discouraged in new applications. See
+    # Name.parse_rfc2253 and #to_utf8 for the alternative.
+    #
+    # source://openssl//lib/openssl/x509.rb#305
+    def parse(str, template = T.unsafe(nil)); end
+
+    # Parses the string representation of a distinguished name. Two
+    # different forms are supported:
+    #
+    # - \OpenSSL format (<tt>X509_NAME_oneline()</tt>) used by
+    #   <tt>#to_s</tt>. For example: <tt>/DC=com/DC=example/CN=nobody</tt>
+    # - \OpenSSL format (<tt>X509_NAME_print()</tt>)
+    #   used by <tt>#to_s(OpenSSL::X509::Name::COMPAT)</tt>. For example:
+    #   <tt>DC=com, DC=example, CN=nobody</tt>
+    #
+    # Neither of them is standardized and has quirks and inconsistencies
+    # in handling of escaped characters or multi-valued RDNs.
+    #
+    # Use of this method is discouraged in new applications. See
+    # Name.parse_rfc2253 and #to_utf8 for the alternative.
+    #
+    # source://openssl//lib/openssl/x509.rb#305
+    def parse_openssl(str, template = T.unsafe(nil)); end
+
+    # Parses the UTF-8 string representation of a distinguished name,
+    # according to RFC 2253.
+    #
+    # See also #to_utf8 for the opposite operation.
+    #
+    # source://openssl//lib/openssl/x509.rb#286
+    def parse_rfc2253(str, template = T.unsafe(nil)); end
+  end
+end
+
+# source://openssl//lib/openssl/x509.rb#207
+module OpenSSL::X509::Name::RFC2253DN
+  private
+
+  # source://openssl//lib/openssl/x509.rb#237
+  def expand_hexstring(str); end
+
+  # source://openssl//lib/openssl/x509.rb#225
+  def expand_pair(str); end
+
+  # source://openssl//lib/openssl/x509.rb#244
+  def expand_value(str1, str2, str3); end
+
+  # source://openssl//lib/openssl/x509.rb#251
+  def scan(dn); end
+
+  class << self
+    # source://openssl//lib/openssl/x509.rb#237
+    def expand_hexstring(str); end
+
+    # source://openssl//lib/openssl/x509.rb#225
+    def expand_pair(str); end
+
+    # source://openssl//lib/openssl/x509.rb#244
+    def expand_value(str1, str2, str3); end
+
+    # source://openssl//lib/openssl/x509.rb#251
+    def scan(dn); end
+  end
+end
+
+# source://openssl//lib/openssl/x509.rb#391
+class OpenSSL::X509::Request
+  include ::OpenSSL::Marshal
+  extend ::OpenSSL::Marshal::ClassMethods
+
+  # source://openssl//lib/openssl/x509.rb#394
+  def ==(other); end
+end
+
+# source://openssl//lib/openssl/x509.rb#384
+class OpenSSL::X509::Revoked
+  # source://openssl//lib/openssl/x509.rb#385
+  def ==(other); end
+end
+
+# source://openssl//lib/openssl/x509.rb#336
+class OpenSSL::X509::StoreContext
+  # source://openssl//lib/openssl/x509.rb#337
+  def cleanup; end
+end
+
+OpenSSL::X509::V_ERR_CA_KEY_TOO_SMALL = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_CA_MD_TOO_WEAK = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_CRL_PATH_VALIDATION_ERROR = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_DANE_NO_MATCH = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_DIFFERENT_CRL_SCOPE = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_EE_KEY_TOO_SMALL = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_EMAIL_MISMATCH = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_EXCLUDED_VIOLATION = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_HOSTNAME_MISMATCH = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_INVALID_CALL = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_INVALID_EXTENSION = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_INVALID_NON_CA = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_INVALID_POLICY_EXTENSION = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_IP_ADDRESS_MISMATCH = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_KEYUSAGE_NO_CRL_SIGN = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_NO_EXPLICIT_POLICY = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_NO_VALID_SCTS = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_OCSP_CERT_UNKNOWN = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_OCSP_VERIFY_FAILED = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_OCSP_VERIFY_NEEDED = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_PATH_LOOP = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_PERMITTED_VIOLATION = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_PROXY_PATH_LENGTH_EXCEEDED = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_PROXY_SUBJECT_NAME_VIOLATION = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_STORE_LOOKUP = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_SUBTREE_MINMAX = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_SUITE_B_INVALID_ALGORITHM = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_SUITE_B_INVALID_CURVE = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_SUITE_B_INVALID_VERSION = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_SUITE_B_LOS_NOT_ALLOWED = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_UNABLE_TO_GET_CRL_ISSUER = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_UNHANDLED_CRITICAL_EXTENSION = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_UNNESTED_RESOURCE = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_UNSPECIFIED = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_UNSUPPORTED_CONSTRAINT_TYPE = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_UNSUPPORTED_EXTENSION_FEATURE = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_ERR_UNSUPPORTED_NAME_SYNTAX = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_FLAG_NO_CHECK_TIME = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_FLAG_PARTIAL_CHAIN = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_FLAG_SUITEB_128_LOS = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_FLAG_SUITEB_128_LOS_ONLY = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_FLAG_SUITEB_192_LOS = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_FLAG_TRUSTED_FIRST = T.let(T.unsafe(nil), Integer)
+OpenSSL::X509::V_FLAG_USE_CHECK_TIME = T.let(T.unsafe(nil), Integer)