digest, hmac, ts, x509: use IO.binread in examples where appropriate

rhenium · rhenium · commit 93213b2730a4 · 2020-05-13T18:19:38.000+09:00
IO.read may mangle line separator, which will corrupt binary data including DER-encoded X.509 certificates and such. Fixes: #243
diff --git a/ext/openssl/ossl_digest.c b/ext/openssl/ossl_digest.c
@@ -372,15 +372,15 @@ Init_ossl_digest(void)
      *
      * === Hashing a file
      *
-     *   data = File.read('document')
+     *   data = File.binread('document')
      *   sha256 = OpenSSL::Digest.new('SHA256')
      *   digest = sha256.digest(data)
      *
      * === Hashing several pieces of data at once
      *
-     *   data1 = File.read('file1')
-     *   data2 = File.read('file2')
-     *   data3 = File.read('file3')
+     *   data1 = File.binread('file1')
+     *   data2 = File.binread('file2')
+     *   data3 = File.binread('file3')
      *   sha256 = OpenSSL::Digest.new('SHA256')
      *   sha256 << data1
      *   sha256 << data2
@@ -389,11 +389,11 @@ Init_ossl_digest(void)
      *
      * === Reuse a Digest instance
      *
-     *   data1 = File.read('file1')
+     *   data1 = File.binread('file1')
      *   sha256 = OpenSSL::Digest.new('SHA256')
      *   digest1 = sha256.digest(data1)
      *
-     *   data2 = File.read('file2')
+     *   data2 = File.binread('file2')
      *   sha256.reset
      *   digest2 = sha256.digest(data2)
      *
diff --git a/ext/openssl/ossl_hmac.c b/ext/openssl/ossl_hmac.c
@@ -350,8 +350,8 @@ Init_ossl_hmac(void)
      *
      * === HMAC-SHA256 using incremental interface
      *
-     *   data1 = File.read("file1")
-     *   data2 = File.read("file2")
+     *   data1 = File.binread("file1")
+     *   data2 = File.binread("file2")
      *   key = "key"
      *   digest = OpenSSL::Digest.new('SHA256')
      *   hmac = OpenSSL::HMAC.new(key, digest)
diff --git a/ext/openssl/ossl_ts.c b/ext/openssl/ossl_ts.c
@@ -1280,7 +1280,7 @@ Init_ossl_ts(void)
      * ===Create a Response:
      *      #Assumes ts.p12 is a PKCS#12-compatible file with a private key
      *      #and a certificate that has an extended key usage of 'timeStamping'
-     *      p12 = OpenSSL::PKCS12.new(File.open('ts.p12', 'rb'), 'pwd')
+     *      p12 = OpenSSL::PKCS12.new(File.binread('ts.p12'), 'pwd')
      *      md = OpenSSL::Digest.new('SHA1')
      *      hash = md.digest(data) #some binary data to be timestamped
      *      req = OpenSSL::Timestamp::Request.new
@@ -1295,16 +1295,16 @@ Init_ossl_ts(void)
      *
      * ===Verify a timestamp response:
      *      #Assume we have a timestamp token in a file called ts.der
-     *      ts = OpenSSL::Timestamp::Response.new(File.open('ts.der', 'rb')
+     *      ts = OpenSSL::Timestamp::Response.new(File.binread('ts.der'))
      *      #Assume we have the Request for this token in a file called req.der
-     *      req = OpenSSL::Timestamp::Request.new(File.open('req.der', 'rb')
+     *      req = OpenSSL::Timestamp::Request.new(File.binread('req.der'))
      *      # Assume the associated root CA certificate is contained in a
      *      # DER-encoded file named root.cer
-     *      root = OpenSSL::X509::Certificate.new(File.open('root.cer', 'rb')
+     *      root = OpenSSL::X509::Certificate.new(File.binread('root.cer'))
      *      # get the necessary intermediate certificates, available in
      *      # DER-encoded form in inter1.cer and inter2.cer
-     *      inter1 = OpenSSL::X509::Certificate.new(File.open('inter1.cer', 'rb')
-     *      inter2 = OpenSSL::X509::Certificate.new(File.open('inter2.cer', 'rb')
+     *      inter1 = OpenSSL::X509::Certificate.new(File.binread('inter1.cer'))
+     *      inter2 = OpenSSL::X509::Certificate.new(File.binread('inter2.cer'))
      *      ts.verify(req, root, inter1, inter2) -> ts or raises an exception if validation fails
      *
      */
@@ -1437,9 +1437,9 @@ Init_ossl_ts(void)
      * timestamping certificate.
      *
      *      req = OpenSSL::Timestamp::Request.new(raw_bytes)
-     *      p12 = OpenSSL::PKCS12.new(File.open('ts.p12', 'rb'), 'pwd')
-     *      inter1 = OpenSSL::X509::Certificate.new(File.open('inter1.cer', 'rb')
-     *      inter2 = OpenSSL::X509::Certificate.new(File.open('inter2.cer', 'rb')
+     *      p12 = OpenSSL::PKCS12.new(File.binread('ts.p12'), 'pwd')
+     *      inter1 = OpenSSL::X509::Certificate.new(File.binread('inter1.cer'))
+     *      inter2 = OpenSSL::X509::Certificate.new(File.binread('inter2.cer'))
      *      fac = OpenSSL::Timestamp::Factory.new
      *      fac.gen_time = Time.now
      *      fac.serial_number = 1
diff --git a/ext/openssl/ossl_x509cert.c b/ext/openssl/ossl_x509cert.c
@@ -730,7 +730,7 @@ Init_ossl_x509cert(void)
      * Certificate is capable of handling DER-encoded certificates and
      * certificates encoded in OpenSSL's PEM format.
      *
-     *   raw = File.read "cert.cer" # DER- or PEM-encoded
+     *   raw = File.binread "cert.cer" # DER- or PEM-encoded
      *   certificate = OpenSSL::X509::Certificate.new raw
      *
      * === Saving a certificate to a file

Original file line number	Diff line number	Diff line change
`@@ -372,15 +372,15 @@ Init_ossl_digest(void)`
`372`	`372`	`*`
`373`	`373`	`* === Hashing a file`
`374`	`374`	`*`
`375`		`- * data = File.read('document')`
	`375`	`+ * data = File.binread('document')`
`376`	`376`	`* sha256 = OpenSSL::Digest.new('SHA256')`
`377`	`377`	`* digest = sha256.digest(data)`
`378`	`378`	`*`
`379`	`379`	`* === Hashing several pieces of data at once`
`380`	`380`	`*`
`381`		`- * data1 = File.read('file1')`
`382`		`- * data2 = File.read('file2')`
`383`		`- * data3 = File.read('file3')`
	`381`	`+ * data1 = File.binread('file1')`
	`382`	`+ * data2 = File.binread('file2')`
	`383`	`+ * data3 = File.binread('file3')`
`384`	`384`	`* sha256 = OpenSSL::Digest.new('SHA256')`
`385`	`385`	`* sha256 << data1`
`386`	`386`	`* sha256 << data2`
`@@ -389,11 +389,11 @@ Init_ossl_digest(void)`
`389`	`389`	`*`
`390`	`390`	`* === Reuse a Digest instance`
`391`	`391`	`*`
`392`		`- * data1 = File.read('file1')`
	`392`	`+ * data1 = File.binread('file1')`
`393`	`393`	`* sha256 = OpenSSL::Digest.new('SHA256')`
`394`	`394`	`* digest1 = sha256.digest(data1)`
`395`	`395`	`*`
`396`		`- * data2 = File.read('file2')`
	`396`	`+ * data2 = File.binread('file2')`
`397`	`397`	`* sha256.reset`
`398`	`398`	`* digest2 = sha256.digest(data2)`
`399`	`399`	`*`
Original file line number	Diff line number	Diff line change
`@@ -350,8 +350,8 @@ Init_ossl_hmac(void)`
`350`	`350`	`*`
`351`	`351`	`* === HMAC-SHA256 using incremental interface`
`352`	`352`	`*`
`353`		`- * data1 = File.read("file1")`
`354`		`- * data2 = File.read("file2")`
	`353`	`+ * data1 = File.binread("file1")`
	`354`	`+ * data2 = File.binread("file2")`
`355`	`355`	`* key = "key"`
`356`	`356`	`* digest = OpenSSL::Digest.new('SHA256')`
`357`	`357`	`* hmac = OpenSSL::HMAC.new(key, digest)`
Original file line number	Diff line number	Diff line change
`@@ -730,7 +730,7 @@ Init_ossl_x509cert(void)`
`730`	`730`	`* Certificate is capable of handling DER-encoded certificates and`
`731`	`731`	`* certificates encoded in OpenSSL's PEM format.`
`732`	`732`	`*`
`733`		`- * raw = File.read "cert.cer" # DER- or PEM-encoded`
	`733`	`+ * raw = File.binread "cert.cer" # DER- or PEM-encoded`
`734`	`734`	`* certificate = OpenSSL::X509::Certificate.new raw`
`735`	`735`	`*`
`736`	`736`	`* === Saving a certificate to a file`