Class: OpenSSL::PKey::PKey
Relationships & Source Files | |
Extension / Inclusion / Inheritance Descendants | |
Subclasses:
|
|
Inherits: | Object |
Defined in: | ext/openssl/ossl_pkey.c |
Overview
Class Method Summary
-
PKeyClass.new ⇒ self
constructor
Because PKey is an abstract class, actually calling this method explicitly will raise a
NotImplementedError
.
Instance Method Summary
-
#sign(digest, data) ⇒ String
To sign the
String
data
,digest
, an instance of ::OpenSSL::Digest, must be provided. -
#verify(digest, signature, data) ⇒ String
To verify the
String
signature
,digest
, an instance of ::OpenSSL::Digest, must be provided to re-compute the message digest of the originaldata
, also aString
.
Constructor Details
PKeyClass.new ⇒ self
Because PKey is an abstract class, actually calling this method explicitly will raise a NotImplementedError
.
Instance Method Details
#sign(digest, data) ⇒ String
To sign the String
data
, digest
, an instance of ::OpenSSL::Digest, must be provided. The return value is again a String
containing the signature. A PKeyError is raised should errors occur. Any previous state of the ::OpenSSL::Digest instance is irrelevant to the signature outcome, the digest instance is reset to its initial state during the operation.
Example
data = 'Sign me!'
digest = OpenSSL::Digest::SHA256.new
pkey = OpenSSL::PKey::RSA.new(2048)
signature = pkey.sign(digest, data)
#verify(digest, signature, data) ⇒ String
To verify the String
signature
, digest
, an instance of ::OpenSSL::Digest, must be provided to re-compute the message digest of the original data
, also a String
. The return value is true
if the signature is valid, false
otherwise. A PKeyError is raised should errors occur. Any previous state of the ::OpenSSL::Digest instance is irrelevant to the validation outcome, the digest instance is reset to its initial state during the operation.
Example
data = 'Sign me!'
digest = OpenSSL::Digest::SHA256.new
pkey = OpenSSL::PKey::RSA.new(2048)
signature = pkey.sign(digest, data)
pub_key = pkey.public_key
puts pub_key.verify(digest, signature, data) # => true