summaryrefslogtreecommitdiff
path: root/sample/openssl
diff options
context:
space:
mode:
authorKazuki Yamaguchi <k@rhe.jp>2021-02-25 16:49:11 +0900
committerKazuki Yamaguchi <k@rhe.jp>2021-03-16 19:37:06 +0900
commite35d3623de47b1a8d699f431460fbcba36de84f2 (patch)
treeea4c2e2e6a9911e52b9ba16a2efd58e5259ba7d8 /sample/openssl
parenta3f97007bbd1012a4b7662b8166118b81b52527a (diff)
[ruby/openssl] sample: avoid "include OpenSSL"
It is not a common practice and should not be done since it causes name clash: for example, Digest and Random are provided by other standard libraries of Ruby. Fixes: https://github.com/ruby/openssl/issues/419 https://github.com/ruby/openssl/commit/6a6444984b
Notes
Notes: Merged: https://github.com/ruby/ruby/pull/4275
Diffstat (limited to 'sample/openssl')
-rw-r--r--sample/openssl/cert2text.rb7
-rw-r--r--sample/openssl/certstore.rb7
-rw-r--r--sample/openssl/gen_csr.rb10
-rw-r--r--sample/openssl/smime_read.rb11
-rw-r--r--sample/openssl/smime_write.rb15
5 files changed, 23 insertions, 27 deletions
diff --git a/sample/openssl/cert2text.rb b/sample/openssl/cert2text.rb
index 50da224..fe14e51 100644
--- a/sample/openssl/cert2text.rb
+++ b/sample/openssl/cert2text.rb
@@ -1,10 +1,13 @@
#!/usr/bin/env ruby
require 'openssl'
-include OpenSSL::X509
def cert2text(cert_str)
- [Certificate, CRL, Request].each do |klass|
+ [
+ OpenSSL::X509::Certificate,
+ OpenSSL::X509::CRL,
+ OpenSSL::X509::Request,
+ ].each do |klass|
begin
puts klass.new(cert_str).to_text
return
diff --git a/sample/openssl/certstore.rb b/sample/openssl/certstore.rb
index c6e8f81..72e59f6 100644
--- a/sample/openssl/certstore.rb
+++ b/sample/openssl/certstore.rb
@@ -3,9 +3,6 @@ require 'crlstore'
class CertStore
- include OpenSSL
- include X509
-
attr_reader :self_signed_ca
attr_reader :other_ca
attr_reader :ee
@@ -17,11 +14,11 @@ class CertStore
@c_store = CHashDir.new(@certs_dir)
@c_store.hash_dir(true)
@crl_store = CrlStore.new(@c_store)
- @x509store = Store.new
+ @x509store = OpenSSL::X509::Store.new
@self_signed_ca = @other_ca = @ee = @crl = nil
# Uncomment this line to let OpenSSL to check CRL for each certs.
- # @x509store.flags = V_FLAG_CRL_CHECK | V_FLAG_CRL_CHECK_ALL
+ # @x509store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK | OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
add_path
scan_certs
diff --git a/sample/openssl/gen_csr.rb b/sample/openssl/gen_csr.rb
index 2602b68..baac990 100644
--- a/sample/openssl/gen_csr.rb
+++ b/sample/openssl/gen_csr.rb
@@ -3,8 +3,6 @@
require 'optparse'
require 'openssl'
-include OpenSSL
-
def usage
myname = File::basename($0)
$stderr.puts <<EOS
@@ -21,13 +19,13 @@ keyout = options["keyout"] || "keypair.pem"
$stdout.sync = true
name_str = ARGV.shift or usage()
-name = X509::Name.parse(name_str)
+name = OpenSSL::X509::Name.parse(name_str)
keypair = nil
if keypair_file
- keypair = PKey.read(File.read(keypair_file))
+ keypair = OpenSSL::PKey.read(File.read(keypair_file))
else
- keypair = PKey::RSA.new(1024) { putc "." }
+ keypair = OpenSSL::PKey::RSA.new(1024) { putc "." }
puts
puts "Writing #{keyout}..."
File.open(keyout, "w", 0400) do |f|
@@ -37,7 +35,7 @@ end
puts "Generating CSR for #{name_str}"
-req = X509::Request.new
+req = OpenSSL::X509::Request.new
req.version = 0
req.subject = name
req.public_key = keypair.public_key
diff --git a/sample/openssl/smime_read.rb b/sample/openssl/smime_read.rb
index a70105f..b617c6e 100644
--- a/sample/openssl/smime_read.rb
+++ b/sample/openssl/smime_read.rb
@@ -1,6 +1,5 @@
require 'optparse'
require 'openssl'
-include OpenSSL
options = ARGV.getopts("c:k:C:")
@@ -10,14 +9,14 @@ ca_path = options["C"]
data = $stdin.read
-cert = X509::Certificate.new(File::read(cert_file))
-key = PKey::read(File::read(key_file))
-p7enc = PKCS7::read_smime(data)
+cert = OpenSSL::X509::Certificate.new(File::read(cert_file))
+key = OpenSSL::PKey::read(File::read(key_file))
+p7enc = OpenSSL::PKCS7::read_smime(data)
data = p7enc.decrypt(key, cert)
-store = X509::Store.new
+store = OpenSSL::X509::Store.new
store.add_path(ca_path)
-p7sig = PKCS7::read_smime(data)
+p7sig = OpenSSL::PKCS7::read_smime(data)
if p7sig.verify([], store)
puts p7sig.data
end
diff --git a/sample/openssl/smime_write.rb b/sample/openssl/smime_write.rb
index 20c933b..e1254d8 100644
--- a/sample/openssl/smime_write.rb
+++ b/sample/openssl/smime_write.rb
@@ -1,6 +1,5 @@
require 'openssl'
require 'optparse'
-include OpenSSL
options = ARGV.getopts("c:k:r:")
@@ -8,16 +7,16 @@ cert_file = options["c"]
key_file = options["k"]
rcpt_file = options["r"]
-cert = X509::Certificate.new(File::read(cert_file))
-key = PKey::read(File::read(key_file))
+cert = OpenSSL::X509::Certificate.new(File::read(cert_file))
+key = OpenSSL::PKey::read(File::read(key_file))
data = "Content-Type: text/plain\r\n"
data << "\r\n"
data << "This is a clear-signed message.\r\n"
-p7sig = PKCS7::sign(cert, key, data, [], PKCS7::DETACHED)
-smime0 = PKCS7::write_smime(p7sig)
+p7sig = OpenSSL::PKCS7::sign(cert, key, data, [], OpenSSL::PKCS7::DETACHED)
+smime0 = OpenSSL::PKCS7::write_smime(p7sig)
-rcpt = X509::Certificate.new(File::read(rcpt_file))
-p7enc = PKCS7::encrypt([rcpt], smime0)
-print PKCS7::write_smime(p7enc)
+rcpt = OpenSSL::X509::Certificate.new(File::read(rcpt_file))
+p7enc = OpenSSL::PKCS7::encrypt([rcpt], smime0)
+print OpenSSL::PKCS7::write_smime(p7enc)