1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[ruby/openssl] sample: avoid "include OpenSSL"

Browse Source 
It is not a common practice and should not be done since it causes name
clash: for example, Digest and Random are provided by other standard
libraries of Ruby.

Fixes: https://github.com/ruby/openssl/issues/419

https://github.com/ruby/openssl/commit/6a6444984b
This commit is contained in:
Kazuki Yamaguchi 2021-02-25 16:49:11 +09:00
parent a3f97007bb
commit e35d3623de
Notes: git 2021-03-16 20:38:41 +09:00 
Merged: https://github.com/ruby/ruby/pull/4275
5 changed files with 23 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sample/openssl/cert2text.rb
View File

@ -1,10 +1,13 @@
#!/usr/bin/env ruby #!/usr/bin/env ruby
require 'openssl' require 'openssl'
include OpenSSL::X509
def cert2text(cert_str) def cert2text(cert_str)
[Certificate, CRL, Request].each do |klass| [
OpenSSL::X509::Certificate,
OpenSSL::X509::CRL,
OpenSSL::X509::Request,
].each do |klass|
begin begin
puts klass.new(cert_str).to_text puts klass.new(cert_str).to_text
return return

7
sample/openssl/certstore.rb
View File

@ -3,9 +3,6 @@ require 'crlstore'
class CertStore class CertStore
include OpenSSL
include X509
attr_reader :self_signed_ca attr_reader :self_signed_ca
attr_reader :other_ca attr_reader :other_ca
attr_reader :ee attr_reader :ee
@ -17,11 +14,11 @@ class CertStore
@c_store = CHashDir.new(@certs_dir) @c_store = CHashDir.new(@certs_dir)
@c_store.hash_dir(true) @c_store.hash_dir(true)
@crl_store = CrlStore.new(@c_store) @crl_store = CrlStore.new(@c_store)
@x509store = Store.new @x509store = OpenSSL::X509::Store.new
@self_signed_ca = @other_ca = @ee = @crl = nil @self_signed_ca = @other_ca = @ee = @crl = nil
# Uncomment this line to let OpenSSL to check CRL for each certs. # Uncomment this line to let OpenSSL to check CRL for each certs.
# @x509store.flags = V_FLAG_CRL_CHECK | V_FLAG_CRL_CHECK_ALL # @x509store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK | OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
add_path add_path
scan_certs scan_certs

10
sample/openssl/gen_csr.rb
View File

@ -3,8 +3,6 @@
require 'optparse' require 'optparse'
require 'openssl' require 'openssl'
include OpenSSL
def usage def usage
myname = File::basename($0) myname = File::basename($0)
$stderr.puts <<EOS $stderr.puts <<EOS
@ -21,13 +19,13 @@ keyout = options["keyout"] || "keypair.pem"
$stdout.sync = true $stdout.sync = true
name_str = ARGV.shift or usage() name_str = ARGV.shift or usage()
name = X509::Name.parse(name_str) name = OpenSSL::X509::Name.parse(name_str)
keypair = nil keypair = nil
if keypair_file if keypair_file
keypair = PKey.read(File.read(keypair_file)) keypair = OpenSSL::PKey.read(File.read(keypair_file))
else else
keypair = PKey::RSA.new(1024) { putc "." } keypair = OpenSSL::PKey::RSA.new(1024) { putc "." }
puts puts
puts "Writing #{keyout}..." puts "Writing #{keyout}..."
File.open(keyout, "w", 0400) do |f| File.open(keyout, "w", 0400) do |f|
@ -37,7 +35,7 @@ end
puts "Generating CSR for #{name_str}" puts "Generating CSR for #{name_str}"
req = X509::Request.new req = OpenSSL::X509::Request.new
req.version = 0 req.version = 0
req.subject = name req.subject = name
req.public_key = keypair.public_key req.public_key = keypair.public_key

11
sample/openssl/smime_read.rb
View File

@ -1,6 +1,5 @@
require 'optparse' require 'optparse'
require 'openssl' require 'openssl'
include OpenSSL
options = ARGV.getopts("c:k:C:") options = ARGV.getopts("c:k:C:")
@ -10,14 +9,14 @@ ca_path = options["C"]
data = $stdin.read data = $stdin.read
cert = X509::Certificate.new(File::read(cert_file)) cert = OpenSSL::X509::Certificate.new(File::read(cert_file))
key = PKey::read(File::read(key_file)) key = OpenSSL::PKey::read(File::read(key_file))
p7enc = PKCS7::read_smime(data) p7enc = OpenSSL::PKCS7::read_smime(data)
data = p7enc.decrypt(key, cert) data = p7enc.decrypt(key, cert)
store = X509::Store.new store = OpenSSL::X509::Store.new
store.add_path(ca_path) store.add_path(ca_path)
p7sig = PKCS7::read_smime(data) p7sig = OpenSSL::PKCS7::read_smime(data)
if p7sig.verify([], store) if p7sig.verify([], store)
puts p7sig.data puts p7sig.data
end end

15
sample/openssl/smime_write.rb
View File

@ -1,6 +1,5 @@
require 'openssl' require 'openssl'
require 'optparse' require 'optparse'
include OpenSSL
options = ARGV.getopts("c:k:r:") options = ARGV.getopts("c:k:r:")
@ -8,16 +7,16 @@ cert_file = options["c"]
key_file = options["k"] key_file = options["k"]
rcpt_file = options["r"] rcpt_file = options["r"]
cert = X509::Certificate.new(File::read(cert_file)) cert = OpenSSL::X509::Certificate.new(File::read(cert_file))
key = PKey::read(File::read(key_file)) key = OpenSSL::PKey::read(File::read(key_file))
data = "Content-Type: text/plain\r\n" data = "Content-Type: text/plain\r\n"
data << "\r\n" data << "\r\n"
data << "This is a clear-signed message.\r\n" data << "This is a clear-signed message.\r\n"
p7sig = PKCS7::sign(cert, key, data, [], PKCS7::DETACHED) p7sig = OpenSSL::PKCS7::sign(cert, key, data, [], OpenSSL::PKCS7::DETACHED)
smime0 = PKCS7::write_smime(p7sig) smime0 = OpenSSL::PKCS7::write_smime(p7sig)
rcpt = X509::Certificate.new(File::read(rcpt_file)) rcpt = OpenSSL::X509::Certificate.new(File::read(rcpt_file))
p7enc = PKCS7::encrypt([rcpt], smime0) p7enc = OpenSSL::PKCS7::encrypt([rcpt], smime0)
print PKCS7::write_smime(p7enc) print OpenSSL::PKCS7::write_smime(p7enc)