123456789_123456789_123456789_123456789_123456789_

Class: OpenSSL::PKey::PKey

Relationships & Source Files
Extension / Inclusion / Inheritance Descendants
Subclasses:
DH, DSA, EC, RSA
Inherits: Object
Defined in: ext/openssl/ossl_pkey_dh.c,
ext/openssl/ossl_pkey.c,
ext/openssl/ossl_pkey_dsa.c,
ext/openssl/ossl_pkey_ec.c,
ext/openssl/ossl_pkey_rsa.c

Overview

An abstract class that bundles signature creation (PKey#sign) and validation (PKey#verify) that is common to all implementations except DH

Class Method Summary

  • PKeyClass.new ⇒ self constructor

    Because PKey is an abstract class, actually calling this method explicitly will raise a NotImplementedError.

Instance Method Summary

Constructor Details

PKeyClass.newself

Because PKey is an abstract class, actually calling this method explicitly will raise a NotImplementedError.

Instance Method Details

#sign(digest, data) ⇒ String

To sign the String data, digest, an instance of ::OpenSSL::Digest, must be provided. The return value is again a String containing the signature. A PKeyError is raised should errors occur. Any previous state of the ::OpenSSL::Digest instance is irrelevant to the signature outcome, the digest instance is reset to its initial state during the operation.

Example

data = 'Sign me!'
digest = OpenSSL::Digest::SHA256.new
pkey = OpenSSL::PKey::RSA.new(2048)
signature = pkey.sign(digest, data)

#verify(digest, signature, data) ⇒ String

To verify the String signature, digest, an instance of ::OpenSSL::Digest, must be provided to re-compute the message digest of the original data, also a String. The return value is true if the signature is valid, false otherwise. A PKeyError is raised should errors occur. Any previous state of the ::OpenSSL::Digest instance is irrelevant to the validation outcome, the digest instance is reset to its initial state during the operation.

Example

data = 'Sign me!'
digest = OpenSSL::Digest::SHA256.new
pkey = OpenSSL::PKey::RSA.new(2048)
signature = pkey.sign(digest, data)
pub_key = pkey.public_key
puts pub_key.verify(digest, signature, data) # => true