class OpenSSL::Netscape::SPKI
A Simple Public Key Infrastructure implementation (pronounced “spooky”). The structure is defined as PublicKeyAndChallenge ::= SEQUENCE { spki SubjectPublicKeyInfo, challenge IA5STRING }
SignedPublicKeyAndChallenge ::= SEQUENCE {
publicKeyAndChallenge PublicKeyAndChallenge,
signatureAlgorithm AlgorithmIdentifier,
signature BIT STRING
}
where the definitions of SubjectPublicKeyInfo and AlgorithmIdentifier can be found in RFC5280. SPKI is typically used in browsers for generating a public/private key pair and a subsequent certificate request, using the HTML <keygen> element.
Examples
Creating an SPKI
key = OpenSSL::PKey::RSA.new 2048 spki = OpenSSL::Netscape::SPKI.new spki.challenge = "RandomChallenge" spki.public_key = key.public_key spki.sign(key, OpenSSL::Digest.new('SHA256')) #send a request containing this to a server generating a certificate
Verifying an SPKI request
request = #... spki = OpenSSL::Netscape::SPKI.new request unless spki.verify(spki.public_key) # signature is invalid end #proceed
Public Class Methods
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4288
def initialize: (?String request) -> void
Parameters
-
request - optional raw request, either in PEM or DER format.
Public Instance Methods
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4189
def challenge: () -> String
Returns the challenge string associated with this SPKI.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4201
def challenge=: (String) -> String
Parameters
-
str - the challenge string to be set for this instance
Sets the challenge to be associated with the SPKI. May be used by the server, e.g. to prevent replay.
() → PKey::PKey
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4209
def public_key: () -> PKey::PKey
Returns the public key associated with the SPKI, an instance of OpenSSL::PKey.
(PKey::PKey) → PKey::PKey
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4222
def public_key=: (PKey::PKey) -> PKey::PKey
Parameters
-
pub - the public key to be set for this instance
Sets the public key to be associated with the SPKI, an instance of OpenSSL::PKey. This should be the public key corresponding to the private key used for signing the SPKI.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4236
def sign: (PKey::PKey key, Digest digest) -> self
Parameters
-
key - the private key to be used for signing this instance
-
digest - the digest to be used for signing this instance
To sign an SPKI, the private key corresponding to the public key set for this instance should be used, in addition to a digest algorithm in the form of an OpenSSL::Digest. The private key should be an instance of OpenSSL::PKey.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4244
def to_der: () -> String
Returns the DER encoding of this SPKI.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4252
def to_pem: () -> String
Returns the PEM encoding of this SPKI.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4265
def to_text: () -> String
Returns a textual representation of this SPKI, useful for debugging purposes.
(PKey::PKey key) → bool
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 4277
def verify: (PKey::PKey key) -> bool
Parameters
-
key - the public key to be used for verifying the
SPKIsignature
Returns true if the signature is valid, false otherwise. To verify an SPKI, the public key contained within the SPKI should be used.