Linux server1.dn-server.com 4.18.0-553.89.1.lve.el8.x86_64 #1 SMP Wed Dec 10 13:58:50 UTC 2025 x86_64
LiteSpeed
Server IP : 195.201.204.189 & Your IP : 216.73.216.222
Domains :
Cant Read [ /etc/named.conf ]
User : beriska1
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
opt /
alt /
ruby19 /
share /
ri /
1.9.1 /
system /
OpenSSL /
Delete
Unzip
Name
Size
Permission
Date
Action
ASN1
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
BN
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
BNError
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
Buffering
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
Cipher
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
Config
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
ConfigError
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
Digest
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
Engine
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
HMAC
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
HMACError
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
Netscape
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
OCSP
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
OpenSSLError
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
PKCS12
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
PKCS5
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
PKCS7
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
PKey
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
Random
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
SSL
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
X509
[ DIR ]
drwxr-xr-x
2026-05-01 04:24
cdesc-OpenSSL.ri
13.62
KB
-rw-r--r--
2023-07-26 17:26
debug%3d-c.ri
317
B
-rw-r--r--
2023-07-26 17:26
debug-c.ri
186
B
-rw-r--r--
2023-07-26 17:26
errors-c.ri
390
B
-rw-r--r--
2023-07-26 17:26
Save
Rename
U:RDoc::NormalModule[iI"OpenSSL:EF@0o:RDoc::Markup::Document:@parts[o;;[ S:RDoc::Markup::Heading: leveli: textI"]$RCSfile$ -- Ruby-space definitions that completes C-space funcs for X509 and subclasses;To:RDoc::Markup::BlankLine S; ; i;I" Info;To:RDoc::Markup::Verbatim;[I""'OpenSSL for Ruby 2' project ;FI";Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz> ;FI"All rights reserved. ;FS; ; i;I"Licence;To; ;[I">This program is licenced under the same licence as Ruby. ;FI"(See the file 'LICENCE'.) ;FS; ; i;I"Version;To; ;[I"<$Id: x509-internal.rb 32663 2011-07-25 04:51:26Z nahi $;F: @fileI"-ext/openssl/lib/openssl/x509-internal.rb;To;;[�o:RDoc::Markup::Paragraph;[I"NOpenSSL provides SSL, TLS and general purpose cryptography. It wraps the;TI".OpenSSL[http://www.openssl.org/] library.;T@S; ; i;I" Examples;T@o;;[I"6All examples assume you have loaded OpenSSL with:;T@o; ;[I"require 'openssl' ;Fo;;[I"NThese examples build atop each other. For example the key created in the;TI"/next is used in throughout these examples.;T@S; ; i;I" Keys;T@S; ; i;I"Creating a Key;T@o;;[I"MThis example creates a 2048 bit RSA keypair and writes it to the current;TI"directory.;T@o; ;[ I"'key = OpenSSL::PKey::RSA.new 2048 ;FI" ;FI"Aopen 'private_key.pem', 'w' do |io| io.write key.to_pem end ;FI"Kopen 'public_key.pem', 'w' do |io| io.write key.public_key.to_pem end ;FS; ; i;I"Exporting a Key;T@o;;[I"LKeys saved to disk without encryption are not secure as anyone who gets;TI"Nahold of the key may use it unless it is encrypted. In order to securely;TI"7export a key you may export it with a pass phrase.;T@o; ;[ I"8cipher = OpenSSL::Cipher::Cipher.new 'AES-128-CBC' ;FI"5pass_phrase = 'my secure pass phrase goes here' ;FI" ;FI"1key_secure = key.export cipher, pass_phrase ;FI" ;FI",open 'private.secure.pem', 'w' do |io| ;FI" io.write key_secure ;FI" end ;Fo;;[I"AOpenSSL::Cipher.ciphers returns a list of available ciphers.;T@S; ; i;I"Loading a Key;T@o;;[I"*A key can also be loaded from a file.;T@o; ;[I"?key2 = OpenSSL::PKey::RSA.new File.read 'private_key.pem' ;FI"key2.public? # => true ;Fo;;[I"or;T@o; ;[I">key3 = OpenSSL::PKey::RSA.new File.read 'public_key.pem' ;FI"key3.private? # => false ;FS; ; i;I"Loading an Encrypted Key;T@o;;[I"POpenSSL will prompt you for your pass phrase when loading an encrypted key.;TI"OIf you will not be able to type in the pass phrase you may provide it when;TI"loading the key:;T@o; ;[I"/key4_pem = File.read 'private.secure.pem' ;FI"9key4 = OpenSSL::PKey::RSA.new key4_pem, pass_phrase ;FS; ; i;I"RSA Encryption;T@o;;[I"MRSA provides ecryption and decryption using the public and private keys.;TI"PYou can use a variety of padding methods depending upon the intended use of;TI"encrypted data.;T@S; ; i;I"Encryption;T@o;;[I"KDocuments encrypted with the public key can only be decrypted with the;TI"private key.;T@o; ;[I"Apublic_encrypted = key.public_encrypt 'top secret document' ;Fo;;[I"LDocuments encrypted with the private key can only be decrypted with the;TI"public key.;T@o; ;[I"Gprivate_encrypted = key.private_encrypt 'public release document' ;FS; ; i;I"Decryption;T@o;;[I"6Use the opposite key type do decrypt the document;T@o; ;[I"6top_secret = key.public_decrypt public_encrypted ;FI" ;FI"<public_release = key.private_decrypt private_encrypted ;FS; ; i;I"&PKCS #5 Password-based Encryption;T@o;;[I"BPKCS #5 is a password-based encryption standard documented at;TI"QRFC2898[http://www.ietf.org/rfc/rfc2898.txt]. It allows a short password or;TI"=passphrase to be used to create a secure encryption key.;T@o;;[I"NPKCS #5 uses a Cipher, a pass phrase and a salt to generate an encryption;TI" key.;T@o; ;[I"5pass_phrase = 'my secure pass phrase goes here' ;FI"salt = '8 octets' ;FS; ; i;I"Encryption;T@o;;[I"+First set up the cipher for encryption;T@o; ;[I";encrypter = OpenSSL::Cipher::Cipher.new 'AES-128-CBC' ;FI"encrypter.encrypt ;FI"0encrypter.pkcs5_keyivgen pass_phrase, salt ;Fo;;[I"3Then pass the data you want to encrypt through;T@o; ;[I"8encrypted = encrypter.update 'top secret document' ;FI""encrypted << encrypter.final ;FS; ; i;I"Decryption;T@o;;[I"4Use a new Cipher instance set up for decryption;T@o; ;[I";decrypter = OpenSSL::Cipher::Cipher.new 'AES-128-CBC' ;FI"decrypter.decrypt ;FI"0decrypter.pkcs5_keyivgen pass_phrase, salt ;Fo;;[I"3Then pass the data you want to decrypt through;T@o; ;[I"(plain = decrypter.update encrypted ;FI"plain << decrypter.final ;FS; ; i;I"X509 Certificates;T@S; ; i;I"Creating a Certificate;T@o;;[I"OThis example creates a self-signed certificate using an RSA key and a SHA1;TI"signature.;T@o; ;[I"=name = OpenSSL::X509::Name.parse 'CN=nobody/DC=example' ;FI" ;FI"+cert = OpenSSL::X509::Certificate.new ;FI"cert.version = 2 ;FI"cert.serial = 0 ;FI" cert.not_before = Time.now ;FI"&cert.not_after = Time.now + 3600 ;FI" ;FI"&cert.public_key = key.public_key ;FI"cert.subject = name ;FS; ; i;I"Certificate Extensions;T@o;;[I"3You can add extensions to the certificate with;TI"OOpenSSL::SSL::ExtensionFactory to indicate the purpose of the certificate.;T@o; ;[I"Gextension_factory = OpenSSL::X509::ExtensionFactory.new nil, cert ;FI" ;FI"Gextension_factory.create_extension 'basicConstraints', 'CA:FALSE' ;FI"4extension_factory.create_extension 'keyUsage', ;FI"; 'keyEncipherment,dataEncipherment,digitalSignature' ;FI"Gextension_factory.create_extension 'subjectKeyIdentifier', 'hash' ;FS; ; i;I"Signing a Certificate;T@o;;[ I"QTo sign a certificate set the issuer and use OpenSSL::X509::Certificate#sign;TI"Rwith a digest algorithm. This creates a self-signed cert because we're using;TI"Lthe same name and key to sign the certificate as was used to create the;TI"certificate.;T@o; ;[ I"cert.issuer = name ;FI".cert.sign key, OpenSSL::Digest::SHA1.new ;FI" ;FI"Bopen 'certificate.pem', 'w' do |io| io.write cert.to_pem end ;FS; ; i;I"Loading a Certificate;T@o;;[I"7Like a key, a cert can also be loaded from a file.;T@o; ;[I"Hcert2 = OpenSSL::X509::Certificate.new File.read 'certificate.pem' ;FS; ; i;I"Verifying a Certificate;T@o;;[I"OCertificate#verify will return true when a certificate was signed with the;TI"given public key.;T@o; ;[I"Eraise 'certificate can not be verified' unless cert2.verify key ;FS; ; i;I"Certificate Authority;T@o;;[ I"MA certificate authority (CA) is a trusted third party that allows you to;TI"Pverify the ownership of unknown certificates. The CA issues key signatures;TI"Othat indicate it trusts the user of that key. A user encountering the key;TI";can verify the signature by using the CA's public key.;T@S; ; i;I"CA Key;T@o;;[I"PCA keys are valuable, so we encrypt and save it to disk and make sure it is;TI"!not readable by other users.;T@o; ;[I"*ca_key = OpenSSL::PKey::RSA.new 2048 ;FI" ;FI"8cipher = OpenSSL::Cipher::Cipher.new 'AES-128-CBC' ;FI" ;FI"*open 'ca_key.pem', 'w', 0400 do |io| ;FI"0 io.write key.export(cipher, pass_phrase) ;FI" end ;FS; ; i;I"CA Certificate;T@o;;[I"QA CA certificate is created the same way we created a certificate above, but;TI"with different extensions.;T@o; ;[I"<ca_name = OpenSSL::X509::Name.parse 'CN=ca/DC=example' ;FI" ;FI".ca_cert = OpenSSL::X509::Certificate.new ;FI"ca_cert.serial = 0 ;FI"ca_cert.version = 2 ;FI"#ca_cert.not_before = Time.now ;FI"*ca_cert.not_after = Time.now + 86400 ;FI" ;FI",ca_cert.public_key = ca_key.public_key ;FI"ca_cert.subject = ca_name ;FI"ca_cert.issuer = ca_name ;FI" ;FI"=extension_factory = OpenSSL::X509::ExtensionFactory.new ;FI"5extension_factory.subject_certificate = ca_cert ;FI"4extension_factory.issuer_certificate = ca_cert ;FI" ;FI"Gextension_factory.create_extension 'subjectKeyIdentifier', 'hash' ;Fo;;[I"?This extension indicates the CA's key may be used as a CA.;T@o; ;[I"Lextension_factory.create_extension 'basicConstraints', 'CA:TRUE', true ;Fo;;[I"NThis extension indicates the CA's key may be used to verify signatures on;TI"3both certificates and certificate revocations.;T@o; ;[I"Pextension_factory.create_extension 'keyUsage', 'cRLSign,keyCertSign', true ;Fo;;[I"*Root CA certificates are self-signed.;T@o; ;[I"4ca_cert.sign ca_key, OpenSSL::Digest::SHA1.new ;Fo;;[I"LThe CA certificate is saved to disk so it may be distributed to all the;TI")users of the keys this CA will sign.;T@o; ;[I"%open 'ca_cert.pem', 'w' do |io| ;FI" io.write ca_cert.to_pem ;FI" end ;FS; ; i;I" Certificate Signing Request;T@o;;[I"LThe CA signs keys through a Certificate Signing Request (CSR). The CSR;TI"<contains the information necessary to identify the key.;T@o; ;[ I"&csr = OpenSSL::X509::Request.new ;FI"csr.version = 0 ;FI"csr.subject = name ;FI"%csr.public_key = key.public_key ;FI"-csr.sign key, OpenSSL::Digest::SHA1.new ;Fo;;[I";A CSR is saved to disk and sent to the CA for signing.;T@o; ;[I"!open 'csr.pem', 'w' do |io| ;FI" io.write csr.to_pem ;FI" end ;FS; ; i;I"&Creating a Certificate from a CSR;T@o;;[I"MUpon receiving a CSR the CA will verify it before signing it. A minimal;TI"8verification would be to check the CSR's signature.;T@o; ;[I":csr = OpenSSL::X509::Request.new File.read 'csr.pem' ;FI" ;FI"Fraise 'CSR can not be verified' unless csr.verify csr.public_key ;Fo;;[I"LAfter verification a certificate is created, marked for various usages,;TI":signed with the CA key and returned to the requester.;T@o; ;[I"/csr_cert = OpenSSL::X509::Certificate.new ;FI"csr_cert.serial = 0 ;FI"csr_cert.version = 2 ;FI"$csr_cert.not_before = Time.now ;FI")csr_cert.not_after = Time.now + 600 ;FI" ;FI"$csr_cert.subject = csr.subject ;FI"*csr_cert.public_key = csr.public_key ;FI"'csr_cert.issuer = ca_cert.subject ;FI" ;FI"=extension_factory = OpenSSL::X509::ExtensionFactory.new ;FI"6extension_factory.subject_certificate = csr_cert ;FI"4extension_factory.issuer_certificate = ca_cert ;FI" ;FI"Gextension_factory.create_extension 'basicConstraints', 'CA:FALSE' ;FI"4extension_factory.create_extension 'keyUsage', ;FI"; 'keyEncipherment,dataEncipherment,digitalSignature' ;FI"Gextension_factory.create_extension 'subjectKeyIdentifier', 'hash' ;FI" ;FI"5csr_cert.sign ca_key, OpenSSL::Digest::SHA1.new ;FI" ;FI"&open 'csr_cert.pem', 'w' do |io| ;FI" io.write csr_cert.to_pem ;FI" end ;FS; ; i;I"SSL and TLS Connections;T@o;;[I"RUsing our created key and certificate we can create an SSL or TLS connection.;TI"4An SSLContext is used to set up an SSL session.;T@o; ;[I",context = OpenSSL::SSL::SSLContext.new ;FS; ; i;I"SSL Server;T@o;;[I"JAn SSL server requires the certificate and private key to communicate;TI"securely with its clients:;T@o; ;[I"context.cert = cert ;FI"context.key = key ;Fo;;[I"PThen create an SSLServer with a TCP server socket and the context. Use the;TI"+SSLServer like an ordinary TCP server.;T@o; ;[I"require 'socket' ;FI" ;FI"%tcp_server = TCPServer.new 5000 ;FI"Bssl_server = OpenSSL::SSL::SSLServer.new tcp_server, context ;FI" ;FI" loop do ;FI"* ssl_connection = ssl_server.accept ;FI" ;FI" data = connection.gets ;FI" ;FI"' response = "I got #{data.dump}" ;FI" puts response ;FI" ;FI", connection.puts "I got #{data.dump}" ;FI" connection.close ;FI" end ;FS; ; i;I"SSL client;T@o;;[I"@An SSL client is created with a TCP socket and the context.;TI"MSSLSocket#connect must be called to initiate the SSL handshake and start;TI"Oencryption. A key and certificate are not required for the client socket.;T@o; ;[ I"require 'socket' ;FI" ;FI"2tcp_client = TCPSocket.new 'localhost', 5000 ;FI"Essl_client = OpenSSL::SSL::SSLSocket.new client_socket, context ;FI"ssl_client.connect ;FI" ;FI"%ssl_client.puts "hello server!" ;FI"puts ssl_client.gets ;FS; ; i;I"Peer Verification;T@o;;[I"OAn unverified SSL connection does not provide much security. For enhanced;TI"Jsecurity the client or server can verify the certificate of its peer.;T@o;;[I"NThe client can be modified to verify the server's certificate against the;TI")certificate authority's certificate:;T@o; ;[I"%context.ca_file = 'ca_cert.pem' ;FI"5context.verify_mode = OpenSSL::SSL::VERIFY_PEER ;FI" ;FI"require 'socket' ;FI" ;FI"2tcp_client = TCPSocket.new 'localhost', 5000 ;FI"Essl_client = OpenSSL::SSL::SSLSocket.new client_socket, context ;FI"ssl_client.connect ;FI" ;FI"%ssl_client.puts "hello server!" ;FI"puts ssl_client.gets ;Fo;;[I"PIf the server certificate is invalid or <tt>context.ca_file</tt> is not set;TI"Cwhen verifying peers an OpenSSL::SSL::SSLError will be raised.;T;I"ext/openssl/ossl.c;T;0[ [[I"VERSION;To;;[o;;[I"#OpenSSL ruby extension version;T;0@�[I"OPENSSL_VERSION;To;;[o;;[I"AVersion of OpenSSL the ruby OpenSSL extension was built with;T;0@�[I"OPENSSL_VERSION_NUMBER;To;;[o;;[I"HVersion number of OpenSSL the ruby OpenSSL extension was built with;TI"(base 16);T;0@�[ [[I" class;F[[:public[[I" debug;T@�[I"debug=;T@�[I"errors;T@�[:protected[ [:private[ [I" instance;F[[;[ [;[ [;[