summaryrefslogtreecommitdiff
path: root/sample/openssl
diff options
context:
space:
mode:
Diffstat (limited to 'sample/openssl')
-rw-r--r--sample/openssl/c_rehash.rb5
-rw-r--r--sample/openssl/cert2text.rb7
-rw-r--r--sample/openssl/certstore.rb7
-rw-r--r--sample/openssl/echo_cli.rb2
-rw-r--r--sample/openssl/echo_svr.rb8
-rw-r--r--sample/openssl/gen_csr.rb14
-rw-r--r--sample/openssl/smime_read.rb11
-rw-r--r--sample/openssl/smime_write.rb15
8 files changed, 32 insertions, 37 deletions
diff --git a/sample/openssl/c_rehash.rb b/sample/openssl/c_rehash.rb
index cd6c9d5fd4..8b005bbb84 100644
--- a/sample/openssl/c_rehash.rb
+++ b/sample/openssl/c_rehash.rb
@@ -1,7 +1,6 @@
#!/usr/bin/env ruby
require 'openssl'
-require 'digest/md5'
class CHashDir
include Enumerable
@@ -157,11 +156,11 @@ private
end
def hash_name(name)
- sprintf("%x", name.hash)
+ sprintf("%08x", name.hash)
end
def fingerprint(der)
- Digest::MD5.hexdigest(der).upcase
+ OpenSSL::Digest.hexdigest('MD5', der).upcase
end
end
diff --git a/sample/openssl/cert2text.rb b/sample/openssl/cert2text.rb
index 50da224e76..fe14e51d3a 100644
--- a/sample/openssl/cert2text.rb
+++ b/sample/openssl/cert2text.rb
@@ -1,10 +1,13 @@
#!/usr/bin/env ruby
require 'openssl'
-include OpenSSL::X509
def cert2text(cert_str)
- [Certificate, CRL, Request].each do |klass|
+ [
+ OpenSSL::X509::Certificate,
+ OpenSSL::X509::CRL,
+ OpenSSL::X509::Request,
+ ].each do |klass|
begin
puts klass.new(cert_str).to_text
return
diff --git a/sample/openssl/certstore.rb b/sample/openssl/certstore.rb
index c6e8f816bc..72e59f6dad 100644
--- a/sample/openssl/certstore.rb
+++ b/sample/openssl/certstore.rb
@@ -3,9 +3,6 @@ require 'crlstore'
class CertStore
- include OpenSSL
- include X509
-
attr_reader :self_signed_ca
attr_reader :other_ca
attr_reader :ee
@@ -17,11 +14,11 @@ class CertStore
@c_store = CHashDir.new(@certs_dir)
@c_store.hash_dir(true)
@crl_store = CrlStore.new(@c_store)
- @x509store = Store.new
+ @x509store = OpenSSL::X509::Store.new
@self_signed_ca = @other_ca = @ee = @crl = nil
# Uncomment this line to let OpenSSL to check CRL for each certs.
- # @x509store.flags = V_FLAG_CRL_CHECK | V_FLAG_CRL_CHECK_ALL
+ # @x509store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK | OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
add_path
scan_certs
diff --git a/sample/openssl/echo_cli.rb b/sample/openssl/echo_cli.rb
index 069a21ec94..3fbadf3361 100644
--- a/sample/openssl/echo_cli.rb
+++ b/sample/openssl/echo_cli.rb
@@ -15,7 +15,7 @@ ca_path = options["C"]
ctx = OpenSSL::SSL::SSLContext.new()
if cert_file && key_file
ctx.cert = OpenSSL::X509::Certificate.new(File::read(cert_file))
- ctx.key = OpenSSL::PKey::RSA.new(File::read(key_file))
+ ctx.key = OpenSSL::PKey.read(File::read(key_file))
end
if ca_path
ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
diff --git a/sample/openssl/echo_svr.rb b/sample/openssl/echo_svr.rb
index 719de6be84..f20fb52bf5 100644
--- a/sample/openssl/echo_svr.rb
+++ b/sample/openssl/echo_svr.rb
@@ -13,9 +13,9 @@ ca_path = options["C"]
if cert_file && key_file
cert = OpenSSL::X509::Certificate.new(File::read(cert_file))
- key = OpenSSL::PKey::RSA.new(File::read(key_file))
+ key = OpenSSL::PKey.read(File::read(key_file))
else
- key = OpenSSL::PKey::RSA.new(512){ print "." }
+ key = OpenSSL::PKey::RSA.new(2048){ print "." }
puts
cert = OpenSSL::X509::Certificate.new
cert.version = 2
@@ -25,7 +25,7 @@ else
cert.issuer = name
cert.not_before = Time.now
cert.not_after = Time.now + 3600
- cert.public_key = key.public_key
+ cert.public_key = key
ef = OpenSSL::X509::ExtensionFactory.new(nil,cert)
cert.extensions = [
ef.create_extension("basicConstraints","CA:FALSE"),
@@ -37,7 +37,7 @@ else
ef.issuer_certificate = cert
cert.add_extension ef.create_extension("authorityKeyIdentifier",
"keyid:always,issuer:always")
- cert.sign(key, OpenSSL::Digest::SHA1.new)
+ cert.sign(key, "SHA1")
end
ctx = OpenSSL::SSL::SSLContext.new()
diff --git a/sample/openssl/gen_csr.rb b/sample/openssl/gen_csr.rb
index 4228707fdb..34b23fec1c 100644
--- a/sample/openssl/gen_csr.rb
+++ b/sample/openssl/gen_csr.rb
@@ -3,8 +3,6 @@
require 'optparse'
require 'openssl'
-include OpenSSL
-
def usage
myname = File::basename($0)
$stderr.puts <<EOS
@@ -21,13 +19,13 @@ keyout = options["keyout"] || "keypair.pem"
$stdout.sync = true
name_str = ARGV.shift or usage()
-name = X509::Name.parse(name_str)
+name = OpenSSL::X509::Name.parse(name_str)
keypair = nil
if keypair_file
- keypair = PKey::RSA.new(File.open(keypair_file).read)
+ keypair = OpenSSL::PKey.read(File.read(keypair_file))
else
- keypair = PKey::RSA.new(1024) { putc "." }
+ keypair = OpenSSL::PKey::RSA.new(2048) { putc "." }
puts
puts "Writing #{keyout}..."
File.open(keyout, "w", 0400) do |f|
@@ -37,11 +35,11 @@ end
puts "Generating CSR for #{name_str}"
-req = X509::Request.new
+req = OpenSSL::X509::Request.new
req.version = 0
req.subject = name
-req.public_key = keypair.public_key
-req.sign(keypair, Digest::MD5.new)
+req.public_key = keypair
+req.sign(keypair, "MD5")
puts "Writing #{csrout}..."
File.open(csrout, "w") do |f|
diff --git a/sample/openssl/smime_read.rb b/sample/openssl/smime_read.rb
index 17394f9b8d..b617c6e3a5 100644
--- a/sample/openssl/smime_read.rb
+++ b/sample/openssl/smime_read.rb
@@ -1,6 +1,5 @@
require 'optparse'
require 'openssl'
-include OpenSSL
options = ARGV.getopts("c:k:C:")
@@ -10,14 +9,14 @@ ca_path = options["C"]
data = $stdin.read
-cert = X509::Certificate.new(File::read(cert_file))
-key = PKey::RSA.new(File::read(key_file))
-p7enc = PKCS7::read_smime(data)
+cert = OpenSSL::X509::Certificate.new(File::read(cert_file))
+key = OpenSSL::PKey::read(File::read(key_file))
+p7enc = OpenSSL::PKCS7::read_smime(data)
data = p7enc.decrypt(key, cert)
-store = X509::Store.new
+store = OpenSSL::X509::Store.new
store.add_path(ca_path)
-p7sig = PKCS7::read_smime(data)
+p7sig = OpenSSL::PKCS7::read_smime(data)
if p7sig.verify([], store)
puts p7sig.data
end
diff --git a/sample/openssl/smime_write.rb b/sample/openssl/smime_write.rb
index 5a5236c750..e1254d8748 100644
--- a/sample/openssl/smime_write.rb
+++ b/sample/openssl/smime_write.rb
@@ -1,6 +1,5 @@
require 'openssl'
require 'optparse'
-include OpenSSL
options = ARGV.getopts("c:k:r:")
@@ -8,16 +7,16 @@ cert_file = options["c"]
key_file = options["k"]
rcpt_file = options["r"]
-cert = X509::Certificate.new(File::read(cert_file))
-key = PKey::RSA.new(File::read(key_file))
+cert = OpenSSL::X509::Certificate.new(File::read(cert_file))
+key = OpenSSL::PKey::read(File::read(key_file))
data = "Content-Type: text/plain\r\n"
data << "\r\n"
data << "This is a clear-signed message.\r\n"
-p7sig = PKCS7::sign(cert, key, data, [], PKCS7::DETACHED)
-smime0 = PKCS7::write_smime(p7sig)
+p7sig = OpenSSL::PKCS7::sign(cert, key, data, [], OpenSSL::PKCS7::DETACHED)
+smime0 = OpenSSL::PKCS7::write_smime(p7sig)
-rcpt = X509::Certificate.new(File::read(rcpt_file))
-p7enc = PKCS7::encrypt([rcpt], smime0)
-print PKCS7::write_smime(p7enc)
+rcpt = OpenSSL::X509::Certificate.new(File::read(rcpt_file))
+p7enc = OpenSSL::PKCS7::encrypt([rcpt], smime0)
+print OpenSSL::PKCS7::write_smime(p7enc)
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-22 18:35:30 +0000