Merge branch 'ky/sample-updates'

* ky/sample-updates:
  sample: update obsolete API use
  sample: avoid "include OpenSSL"

Author: rhenium

sample/c_rehash.rb

@@ -1,7 +1,6 @@
 #!/usr/bin/env ruby
 
 require 'openssl'
-require 'digest/md5'
 
 class CHashDir
   include Enumerable
@@ -161,7 +160,7 @@ def hash_name(name)
   end
 
   def fingerprint(der)
-    Digest.hexdigest('MD5', der).upcase
+    OpenSSL::Digest.hexdigest('MD5', der).upcase
   end
 end
 

sample/cert2text.rb

@@ -1,10 +1,13 @@
 #!/usr/bin/env ruby
 
 require 'openssl'
-include OpenSSL::X509
 
 def cert2text(cert_str)
-  [Certificate, CRL, Request].each do |klass|
+  [
+    OpenSSL::X509::Certificate,
+    OpenSSL::X509::CRL,
+    OpenSSL::X509::Request,
+  ].each do |klass|
     begin
       puts klass.new(cert_str).to_text
       return

sample/certstore.rb

@@ -3,9 +3,6 @@
 
 
 class CertStore
-  include OpenSSL
-  include X509
-
   attr_reader :self_signed_ca
   attr_reader :other_ca
   attr_reader :ee
@@ -17,11 +14,11 @@ def initialize(certs_dir)
     @c_store = CHashDir.new(@certs_dir)
     @c_store.hash_dir(true)
     @crl_store = CrlStore.new(@c_store)
-    @x509store = Store.new
+    @x509store = OpenSSL::X509::Store.new
     @self_signed_ca = @other_ca = @ee = @crl = nil
 
     # Uncomment this line to let OpenSSL to check CRL for each certs.
-    # @x509store.flags = V_FLAG_CRL_CHECK | V_FLAG_CRL_CHECK_ALL
+    # @x509store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK | OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
 
     add_path
     scan_certs

sample/echo_svr.rb

@@ -15,7 +15,7 @@
   cert = OpenSSL::X509::Certificate.new(File::read(cert_file))
   key  = OpenSSL::PKey.read(File::read(key_file))
 else
-  key = OpenSSL::PKey::RSA.new(512){ print "." }
+  key = OpenSSL::PKey::RSA.new(2048){ print "." }
   puts
   cert = OpenSSL::X509::Certificate.new
   cert.version = 2
@@ -25,7 +25,7 @@
   cert.issuer = name
   cert.not_before = Time.now
   cert.not_after = Time.now + 3600
-  cert.public_key = key.public_key
+  cert.public_key = key
   ef = OpenSSL::X509::ExtensionFactory.new(nil,cert)
   cert.extensions = [
     ef.create_extension("basicConstraints","CA:FALSE"),
@@ -37,7 +37,7 @@
   ef.issuer_certificate = cert
   cert.add_extension ef.create_extension("authorityKeyIdentifier",
                                          "keyid:always,issuer:always")
-  cert.sign(key, OpenSSL::Digest.new('SHA1'))
+  cert.sign(key, "SHA1")
 end
 
 ctx = OpenSSL::SSL::SSLContext.new()

sample/gen_csr.rb

@@ -3,8 +3,6 @@
 require 'optparse'
 require 'openssl'
 
-include OpenSSL
-
 def usage
   myname = File::basename($0)
   $stderr.puts <<EOS
@@ -21,13 +19,13 @@ def usage
 
 $stdout.sync = true
 name_str = ARGV.shift or usage()
-name = X509::Name.parse(name_str)
+name = OpenSSL::X509::Name.parse(name_str)
 
 keypair = nil
 if keypair_file
-  keypair = PKey.read(File.read(keypair_file))
+  keypair = OpenSSL::PKey.read(File.read(keypair_file))
 else
-  keypair = PKey::RSA.new(1024) { putc "." }
+  keypair = OpenSSL::PKey::RSA.new(2048) { putc "." }
   puts
   puts "Writing #{keyout}..."
   File.open(keyout, "w", 0400) do |f|
@@ -37,11 +35,11 @@ def usage
 
 puts "Generating CSR for #{name_str}"
 
-req = X509::Request.new
+req = OpenSSL::X509::Request.new
 req.version = 0
 req.subject = name
-req.public_key = keypair.public_key
-req.sign(keypair, Digest.new('MD5'))
+req.public_key = keypair
+req.sign(keypair, "MD5")
 
 puts "Writing #{csrout}..."
 File.open(csrout, "w") do |f|

sample/smime_read.rb

@@ -1,6 +1,5 @@
 require 'optparse'
 require 'openssl'
-include OpenSSL
 
 options = ARGV.getopts("c:k:C:")
 
@@ -10,14 +9,14 @@
 
 data = $stdin.read
 
-cert = X509::Certificate.new(File::read(cert_file))
-key = PKey::read(File::read(key_file))
-p7enc = PKCS7::read_smime(data)
+cert = OpenSSL::X509::Certificate.new(File::read(cert_file))
+key = OpenSSL::PKey::read(File::read(key_file))
+p7enc = OpenSSL::PKCS7::read_smime(data)
 data = p7enc.decrypt(key, cert)
 
-store = X509::Store.new
+store = OpenSSL::X509::Store.new
 store.add_path(ca_path)
-p7sig = PKCS7::read_smime(data)
+p7sig = OpenSSL::PKCS7::read_smime(data)
 if p7sig.verify([], store)
   puts p7sig.data
 end

sample/smime_write.rb

@@ -1,23 +1,22 @@
 require 'openssl'
 require 'optparse'
-include OpenSSL
 
 options = ARGV.getopts("c:k:r:")
 
 cert_file = options["c"]
 key_file  = options["k"]
 rcpt_file = options["r"]
 
-cert = X509::Certificate.new(File::read(cert_file))
-key = PKey::read(File::read(key_file))
+cert = OpenSSL::X509::Certificate.new(File::read(cert_file))
+key = OpenSSL::PKey::read(File::read(key_file))
 
 data  = "Content-Type: text/plain\r\n"
 data << "\r\n"
 data << "This is a clear-signed message.\r\n"
 
-p7sig  = PKCS7::sign(cert, key, data, [], PKCS7::DETACHED)
-smime0 = PKCS7::write_smime(p7sig)
+p7sig  = OpenSSL::PKCS7::sign(cert, key, data, [], OpenSSL::PKCS7::DETACHED)
+smime0 = OpenSSL::PKCS7::write_smime(p7sig)
 
-rcpt  = X509::Certificate.new(File::read(rcpt_file))
-p7enc = PKCS7::encrypt([rcpt], smime0)
-print PKCS7::write_smime(p7enc)
+rcpt  = OpenSSL::X509::Certificate.new(File::read(rcpt_file))
+p7enc = OpenSSL::PKCS7::encrypt([rcpt], smime0)
+print OpenSSL::PKCS7::write_smime(p7enc)