min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'release-v0.6.7' into release

This commit is contained in:
Steven Fackler 2015-10-14 22:25:48 -04:00
parent cb2c860d02 f318a2c84c
commit 38b0defd91
13 changed files with 153 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -2,7 +2,7 @@
[![Build Status](https://travis-ci.org/sfackler/rust-openssl.svg?branch=master)](https://travis-ci.org/sfackler/rust-openssl) [![Build Status](https://travis-ci.org/sfackler/rust-openssl.svg?branch=master)](https://travis-ci.org/sfackler/rust-openssl)
[Documentation](https://sfackler.github.io/rust-openssl/doc/v0.6.6/openssl). [Documentation](https://sfackler.github.io/rust-openssl/doc/v0.6.7/openssl).
## Building ## Building

4
openssl-sys/Cargo.toml
View File

@ -1,12 +1,12 @@
[package] [package]
name = "openssl-sys" name = "openssl-sys"
version = "0.6.6" version = "0.6.7"
authors = ["Alex Crichton <alex@alexcrichton.com>", authors = ["Alex Crichton <alex@alexcrichton.com>",
"Steven Fackler <sfackler@gmail.com>"] "Steven Fackler <sfackler@gmail.com>"]
license = "MIT" license = "MIT"
description = "FFI bindings to OpenSSL" description = "FFI bindings to OpenSSL"
repository = "https://github.com/sfackler/rust-openssl" repository = "https://github.com/sfackler/rust-openssl"
documentation = "https://sfackler.github.io/rust-openssl/doc/v0.6.6/openssl_sys" documentation = "https://sfackler.github.io/rust-openssl/doc/v0.6.7/openssl_sys"
links = "openssl" links = "openssl"
build = "build.rs" build = "build.rs"

1
openssl-sys/build.rs
View File

@ -62,6 +62,7 @@ fn main() {
let mut include_dirs = vec![]; let mut include_dirs = vec![];
if let Some(include_dir) = include_dir { if let Some(include_dir) = include_dir {
println!("cargo:include={}", include_dir);
include_dirs.push(PathBuf::from(&include_dir)); include_dirs.push(PathBuf::from(&include_dir));
} }

11
openssl-sys/src/lib.rs
View File

@ -1,6 +1,6 @@
#![allow(non_camel_case_types, non_upper_case_globals, non_snake_case)] #![allow(non_camel_case_types, non_upper_case_globals, non_snake_case)]
#![allow(dead_code)] #![allow(dead_code)]
#![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.6.6")] #![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.6.7")]
extern crate libc; extern crate libc;
@ -417,6 +417,9 @@ extern "C" {
#[cfg(feature = "aes_ctr")] #[cfg(feature = "aes_ctr")]
pub fn EVP_aes_128_ctr() -> *const EVP_CIPHER; pub fn EVP_aes_128_ctr() -> *const EVP_CIPHER;
// fn EVP_aes_128_gcm() -> EVP_CIPHER; // fn EVP_aes_128_gcm() -> EVP_CIPHER;
pub fn EVP_aes_128_cfb1() -> *const EVP_CIPHER;
pub fn EVP_aes_128_cfb128() -> *const EVP_CIPHER;
pub fn EVP_aes_128_cfb8() -> *const EVP_CIPHER;
pub fn EVP_aes_256_cbc() -> *const EVP_CIPHER; pub fn EVP_aes_256_cbc() -> *const EVP_CIPHER;
pub fn EVP_aes_256_ecb() -> *const EVP_CIPHER; pub fn EVP_aes_256_ecb() -> *const EVP_CIPHER;
#[cfg(feature = "aes_xts")] #[cfg(feature = "aes_xts")]
@ -424,6 +427,9 @@ extern "C" {
#[cfg(feature = "aes_ctr")] #[cfg(feature = "aes_ctr")]
pub fn EVP_aes_256_ctr() -> *const EVP_CIPHER; pub fn EVP_aes_256_ctr() -> *const EVP_CIPHER;
// fn EVP_aes_256_gcm() -> EVP_CIPHER; // fn EVP_aes_256_gcm() -> EVP_CIPHER;
pub fn EVP_aes_256_cfb1() -> *const EVP_CIPHER;
pub fn EVP_aes_256_cfb128() -> *const EVP_CIPHER;
pub fn EVP_aes_256_cfb8() -> *const EVP_CIPHER;
pub fn EVP_rc4() -> *const EVP_CIPHER; pub fn EVP_rc4() -> *const EVP_CIPHER;
pub fn EVP_BytesToKey(typ: *const EVP_CIPHER, md: *const EVP_MD, pub fn EVP_BytesToKey(typ: *const EVP_CIPHER, md: *const EVP_MD,
@ -487,6 +493,8 @@ extern "C" {
user_data: *mut c_void) -> *mut X509_REQ; user_data: *mut c_void) -> *mut X509_REQ;
pub fn PEM_read_bio_PrivateKey(bio: *mut BIO, out: *mut *mut EVP_PKEY, callback: Option<PasswordCallback>, pub fn PEM_read_bio_PrivateKey(bio: *mut BIO, out: *mut *mut EVP_PKEY, callback: Option<PasswordCallback>,
user_data: *mut c_void) -> *mut X509; user_data: *mut c_void) -> *mut X509;
pub fn PEM_read_bio_PUBKEY(bio: *mut BIO, out: *mut *mut EVP_PKEY, callback: Option<PasswordCallback>,
user_data: *mut c_void) -> *mut X509;
pub fn PEM_write_bio_PrivateKey(bio: *mut BIO, pkey: *mut EVP_PKEY, cipher: *const EVP_CIPHER, pub fn PEM_write_bio_PrivateKey(bio: *mut BIO, pkey: *mut EVP_PKEY, cipher: *const EVP_CIPHER,
kstr: *mut c_char, klen: c_int, kstr: *mut c_char, klen: c_int,
@ -573,6 +581,7 @@ extern "C" {
pub fn SSL_CTX_get_ex_data(ctx: *mut SSL_CTX, idx: c_int) -> *mut c_void; pub fn SSL_CTX_get_ex_data(ctx: *mut SSL_CTX, idx: c_int) -> *mut c_void;
pub fn SSL_CTX_use_certificate_file(ctx: *mut SSL_CTX, cert_file: *const c_char, file_type: c_int) -> c_int; pub fn SSL_CTX_use_certificate_file(ctx: *mut SSL_CTX, cert_file: *const c_char, file_type: c_int) -> c_int;
pub fn SSL_CTX_use_certificate_chain_file(ctx: *mut SSL_CTX, cert_chain_file: *const c_char, file_type: c_int) -> c_int;
pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int; pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int;
pub fn SSL_CTX_use_PrivateKey_file(ctx: *mut SSL_CTX, key_file: *const c_char, file_type: c_int) -> c_int; pub fn SSL_CTX_use_PrivateKey_file(ctx: *mut SSL_CTX, key_file: *const c_char, file_type: c_int) -> c_int;

4
openssl-sys/src/openssl_shim.c
View File

@ -29,7 +29,7 @@ void rust_openssl_set_id_callback() {
#endif #endif
#if OPENSSL_VERSION_NUMBER < 0x1000000L #if OPENSSL_VERSION_NUMBER < 0x10000000L
// Copied from openssl crypto/hmac/hmac.c // Copied from openssl crypto/hmac/hmac.c
int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
{ {
@ -111,7 +111,7 @@ long SSL_CTX_set_tmp_dh_shim(SSL_CTX *ctx, DH *dh) {
return SSL_CTX_set_tmp_dh(ctx, dh); return SSL_CTX_set_tmp_dh(ctx, dh);
} }
#if OPENSSL_VERSION_NUMBER >= 0x1000200L #if OPENSSL_VERSION_NUMBER >= 0x10002000L
int SSL_CTX_set_ecdh_auto_shim(SSL_CTX *ctx, int onoff) { int SSL_CTX_set_ecdh_auto_shim(SSL_CTX *ctx, int onoff) {
return SSL_CTX_set_ecdh_auto(ctx, onoff); return SSL_CTX_set_ecdh_auto(ctx, onoff);
} }

12
openssl-sys/src/probe.rs
View File

@ -57,10 +57,14 @@ pub fn probe() -> ProbeResult {
for certs_dir in find_certs_dirs().iter() { for certs_dir in find_certs_dirs().iter() {
// cert.pem looks to be an openssl 1.0.1 thing, while // cert.pem looks to be an openssl 1.0.1 thing, while
// certs/ca-certificates.crt appears to be a 0.9.8 thing // certs/ca-certificates.crt appears to be a 0.9.8 thing
try(&mut result.cert_file, certs_dir.join("cert.pem")); for cert in [
try(&mut result.cert_file, certs_dir.join("certs/ca-certificates.crt")); "cert.pem",
try(&mut result.cert_file, certs_dir.join("certs/ca-root-nss.crt")); "certs.pem",
"certs/ca-certificates.crt",
"certs/ca-root-nss.crt"
].iter() {
try(&mut result.cert_file, certs_dir.join(cert));
}
try(&mut result.cert_dir, certs_dir.join("certs")); try(&mut result.cert_dir, certs_dir.join("certs"));
} }
result result

6
openssl/Cargo.toml
View File

@ -1,11 +1,11 @@
[package] [package]
name = "openssl" name = "openssl"
version = "0.6.6" version = "0.6.7"
authors = ["Steven Fackler <sfackler@gmail.com>"] authors = ["Steven Fackler <sfackler@gmail.com>"]
license = "Apache-2.0" license = "Apache-2.0"
description = "OpenSSL bindings" description = "OpenSSL bindings"
repository = "https://github.com/sfackler/rust-openssl" repository = "https://github.com/sfackler/rust-openssl"
documentation = "https://sfackler.github.io/rust-openssl/doc/v0.6.6/openssl" documentation = "https://sfackler.github.io/rust-openssl/doc/v0.6.7/openssl"
readme = "../README.md" readme = "../README.md"
keywords = ["crypto", "tls", "ssl", "dtls"] keywords = ["crypto", "tls", "ssl", "dtls"]
@ -24,7 +24,7 @@ ecdh_auto = ["openssl-sys/ecdh_auto"]
[dependencies.openssl-sys] [dependencies.openssl-sys]
path = "../openssl-sys" path = "../openssl-sys"
version = "0.6.6" version = "0.6.7"
[dependencies] [dependencies]
bitflags = ">= 0.2, < 0.4" bitflags = ">= 0.2, < 0.4"

26
openssl/src/crypto/pkey.rs
View File

@ -96,6 +96,22 @@ impl PKey {
} }
} }
/// Reads public key from PEM, takes ownership of handle
pub fn public_key_from_pem<R>(reader: &mut R) -> Result<PKey, SslError> where R: Read {
let mut mem_bio = try!(MemBio::new());
try!(io::copy(reader, &mut mem_bio).map_err(StreamError));
unsafe {
let evp = try_ssl_null!(ffi::PEM_read_bio_PUBKEY(mem_bio.get_handle(),
ptr::null_mut(),
None, ptr::null_mut()));
Ok(PKey {
evp: evp,
parts: Parts::Public,
})
}
}
fn _tostr(&self, f: unsafe extern "C" fn(*mut ffi::RSA, *const *mut u8) -> c_int) -> Vec<u8> { fn _tostr(&self, f: unsafe extern "C" fn(*mut ffi::RSA, *const *mut u8) -> c_int) -> Vec<u8> {
unsafe { unsafe {
let rsa = ffi::EVP_PKEY_get1_RSA(self.evp); let rsa = ffi::EVP_PKEY_get1_RSA(self.evp);
@ -466,6 +482,16 @@ mod tests {
super::PKey::private_key_from_pem(&mut file).unwrap(); super::PKey::private_key_from_pem(&mut file).unwrap();
} }
#[test]
fn test_public_key_from_pem() {
let key_path = Path::new("test/key.pem.pub");
let mut file = File::open(&key_path)
.ok()
.expect("Failed to open `test/key.pem.pub`");
super::PKey::public_key_from_pem(&mut file).unwrap();
}
#[test] #[test]
fn test_encrypt() { fn test_encrypt() {
let mut k0 = super::PKey::new(); let mut k0 = super::PKey::new();

73
openssl/src/crypto/symm.rs
View File

@ -22,6 +22,9 @@ pub enum Type {
#[cfg(feature = "aes_ctr")] #[cfg(feature = "aes_ctr")]
AES_128_CTR, AES_128_CTR,
//AES_128_GCM, //AES_128_GCM,
AES_128_CFB1,
AES_128_CFB128,
AES_128_CFB8,
AES_256_ECB, AES_256_ECB,
AES_256_CBC, AES_256_CBC,
@ -31,6 +34,9 @@ pub enum Type {
#[cfg(feature = "aes_ctr")] #[cfg(feature = "aes_ctr")]
AES_256_CTR, AES_256_CTR,
//AES_256_GCM, //AES_256_GCM,
AES_256_CFB1,
AES_256_CFB128,
AES_256_CFB8,
RC4_128, RC4_128,
} }
@ -292,4 +298,71 @@ mod tests {
cipher_test(super::AES_128_GCM, pt, ct, key, iv); cipher_test(super::AES_128_GCM, pt, ct, key, iv);
}*/ }*/
#[test]
fn test_aes128_cfb1() {
// Lifted from http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
let pt = "6bc1";
let ct = "68b3";
let key = "2b7e151628aed2a6abf7158809cf4f3c";
let iv = "000102030405060708090a0b0c0d0e0f";
cipher_test(super::Type::AES_128_CFB1, pt, ct, key, iv);
}
#[test]
fn test_aes128_cfb128() {
let pt = "6bc1bee22e409f96e93d7e117393172a";
let ct = "3b3fd92eb72dad20333449f8e83cfb4a";
let key = "2b7e151628aed2a6abf7158809cf4f3c";
let iv = "000102030405060708090a0b0c0d0e0f";
cipher_test(super::Type::AES_128_CFB128, pt, ct, key, iv);
}
#[test]
fn test_aes128_cfb8() {
let pt = "6bc1bee22e409f96e93d7e117393172aae2d";
let ct = "3b79424c9c0dd436bace9e0ed4586a4f32b9";
let key = "2b7e151628aed2a6abf7158809cf4f3c";
let iv = "000102030405060708090a0b0c0d0e0f";
cipher_test(super::Type::AES_128_CFB8, pt, ct, key, iv);
}
#[test]
fn test_aes256_cfb1() {
let pt = "6bc1";
let ct = "9029";
let key = "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4";
let iv = "000102030405060708090a0b0c0d0e0f";
cipher_test(super::Type::AES_256_CFB1, pt, ct, key, iv);
}
#[test]
fn test_aes256_cfb128() {
let pt = "6bc1bee22e409f96e93d7e117393172a";
let ct = "dc7e84bfda79164b7ecd8486985d3860";
let key = "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4";
let iv = "000102030405060708090a0b0c0d0e0f";
cipher_test(super::Type::AES_256_CFB128, pt, ct, key, iv);
}
#[test]
fn test_aes256_cfb8() {
let pt = "6bc1bee22e409f96e93d7e117393172aae2d";
let ct = "dc1f1a8520a64db55fcc8ac554844e889700";
let key = "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4";
let iv = "000102030405060708090a0b0c0d0e0f";
cipher_test(super::Type::AES_256_CFB8, pt, ct, key, iv);
}
} }

6
openssl/src/crypto/symm_internal.rs
View File

@ -11,6 +11,9 @@ pub fn evpc(t: symm::Type) -> (*const ffi::EVP_CIPHER, u32, u32) {
#[cfg(feature = "aes_ctr")] #[cfg(feature = "aes_ctr")]
symm::Type::AES_128_CTR => (ffi::EVP_aes_128_ctr(), 16, 0), symm::Type::AES_128_CTR => (ffi::EVP_aes_128_ctr(), 16, 0),
//AES_128_GCM => (EVP_aes_128_gcm(), 16, 16), //AES_128_GCM => (EVP_aes_128_gcm(), 16, 16),
symm::Type::AES_128_CFB1 => (ffi::EVP_aes_128_cfb1(), 16, 16),
symm::Type::AES_128_CFB128 => (ffi::EVP_aes_128_cfb128(), 16, 16),
symm::Type::AES_128_CFB8 => (ffi::EVP_aes_128_cfb8(), 16, 16),
symm::Type::AES_256_ECB => (ffi::EVP_aes_256_ecb(), 32, 16), symm::Type::AES_256_ECB => (ffi::EVP_aes_256_ecb(), 32, 16),
symm::Type::AES_256_CBC => (ffi::EVP_aes_256_cbc(), 32, 16), symm::Type::AES_256_CBC => (ffi::EVP_aes_256_cbc(), 32, 16),
@ -19,6 +22,9 @@ pub fn evpc(t: symm::Type) -> (*const ffi::EVP_CIPHER, u32, u32) {
#[cfg(feature = "aes_ctr")] #[cfg(feature = "aes_ctr")]
symm::Type::AES_256_CTR => (ffi::EVP_aes_256_ctr(), 32, 0), symm::Type::AES_256_CTR => (ffi::EVP_aes_256_ctr(), 32, 0),
//AES_256_GCM => (EVP_aes_256_gcm(), 32, 16), //AES_256_GCM => (EVP_aes_256_gcm(), 32, 16),
symm::Type::AES_256_CFB1 => (ffi::EVP_aes_256_cfb1(), 32, 16),
symm::Type::AES_256_CFB128 => (ffi::EVP_aes_256_cfb128(), 32, 16),
symm::Type::AES_256_CFB8 => (ffi::EVP_aes_256_cfb8(), 32, 16),
symm::Type::RC4_128 => (ffi::EVP_rc4(), 16, 0), symm::Type::RC4_128 => (ffi::EVP_rc4(), 16, 0),
} }

2
openssl/src/lib.rs
View File

@ -1,4 +1,4 @@
#![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.6.6")] #![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.6.7")]
#[macro_use] #[macro_use]
extern crate bitflags; extern crate bitflags;

10
openssl/src/ssl/mod.rs
View File

@ -520,6 +520,16 @@ impl SslContext {
}) })
} }
/// Specifies the file that contains certificate chain
pub fn set_certificate_chain_file<P: AsRef<Path>>(&mut self, file: P, file_type: X509FileType)
-> Result<(),SslError> {
let file = CString::new(file.as_ref().as_os_str().to_str().expect("invalid utf8")).unwrap();
wrap_ssl_result(
unsafe {
ffi::SSL_CTX_use_certificate_chain_file(self.ctx, file.as_ptr(), file_type as c_int)
})
}
/// Specifies the certificate /// Specifies the certificate
pub fn set_certificate(&mut self, cert: &X509) -> Result<(),SslError> { pub fn set_certificate(&mut self, cert: &X509) -> Result<(),SslError> {
wrap_ssl_result( wrap_ssl_result(

9
openssl/test/key.pem.pub Normal file
View File

@ -0,0 +1,9 @@
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1bXMptaIgOL9PVL8a7W
KG/C8+IbxP018eMBQZT0SnPQmXp0Q8Aai/F+AEDE7b5sO5U7WdxU4GRYw0wqkQNF
si78KNfoj2ZMlx6NRfl4UKuzrpGTPgQxuKDYedngPpWcbmW4P3zEL2Y7b18n9NJr
atRUzH1Zh/ReRO525Xadu58aviPw1Mzgse7cKyzb03Gll9noLnYNIIpO8jL+QyrD
8qNmfacmR20U0a6XDTtmsmk7AitGETICbTT0KRf+oAP0yIHoonllPpNLUEPZQjrp
ClS/S/wKdj7gaq9TaMbHULhFMjbCV8cuPu//rUAuWp3riaznZGOVQyn3Dp2CB3ad
yQIDAQAB
-----END PUBLIC KEY-----