diff --git a/openssl/src/aes.rs b/openssl/src/aes.rs index 4a71d2e0..ab4e36fd 100644 --- a/openssl/src/aes.rs +++ b/openssl/src/aes.rs @@ -59,8 +59,6 @@ use ffi; use libc::{c_int, c_uint, size_t}; use std::{mem, ptr}; -use symm::Mode; - /// Provides Error handling for parsing keys. #[derive(Debug)] pub struct KeyError(()); @@ -119,37 +117,6 @@ impl AesKey { } } -/// Performs AES IGE encryption or decryption -/// -/// AES IGE (Infinite Garble Extension) is a form of AES block cipher utilized in -/// OpenSSL. Infinite Garble referes to propogating forward errors. IGE, like other -/// block ciphers implemented for AES requires an initalization vector. The IGE mode -/// allows a stream of blocks to be encrypted or decrypted without having the entire -/// plaintext available. For more information, visit [AES IGE Encryption]. -/// -/// This block cipher uses 16 byte blocks. The rust implmentation will panic -/// if the input or output does not meet this 16-byte boundry. Attention must -/// be made in this low level implementation to pad the value to the 128-bit boundry. -/// -/// [AES IGE Encryption]: http://www.links.org/files/openssl-ige.pdf -/// -/// # Panics -/// -/// Panics if `in_` is not the same length as `out`, if that length is not a multiple of 16, or if -/// `iv` is not at least 32 bytes. -pub fn aes_ige(in_: &[u8], out: &mut [u8], key: &AesKey, iv: &mut [u8], mode: Mode) { - unsafe { - assert!(in_.len() == out.len()); - assert!(in_.len() % ffi::AES_BLOCK_SIZE as usize == 0); - assert!(iv.len() >= ffi::AES_BLOCK_SIZE as usize * 2); - - let mode = match mode { - Mode::Encrypt => ffi::AES_ENCRYPT, - Mode::Decrypt => ffi::AES_DECRYPT, - }; - } -} - /// Wrap a key, according to [RFC 3394](https://tools.ietf.org/html/rfc3394) /// /// * `key`: The key-encrypting-key to use. Must be a encrypting key diff --git a/openssl/src/bio.rs b/openssl/src/bio.rs index 4c2f1ff2..51724e3f 100644 --- a/openssl/src/bio.rs +++ b/openssl/src/bio.rs @@ -66,10 +66,6 @@ impl MemBio { slice::from_raw_parts(ptr as *const _ as *const _, len as usize) } } - - pub unsafe fn from_ptr(bio: *mut ffi::BIO) -> MemBio { - MemBio(bio) - } } cfg_if! { diff --git a/openssl/src/dsa.rs b/openssl/src/dsa.rs index 6889f361..875552bb 100644 --- a/openssl/src/dsa.rs +++ b/openssl/src/dsa.rs @@ -7,7 +7,7 @@ use ffi; use foreign_types::{ForeignType, ForeignTypeRef}; -use libc::{c_int, c_uint}; +use libc::c_uint; use std::fmt; use std::mem; use std::ptr; diff --git a/openssl/src/error.rs b/openssl/src/error.rs index 9aea94de..2876ac83 100644 --- a/openssl/src/error.rs +++ b/openssl/src/error.rs @@ -15,7 +15,7 @@ //! Err(e) => println!("Parsing Error: {:?}", e), //! } //! ``` -use libc::{c_char, c_uint, c_ulong}; +use libc::{c_char, c_uint}; use std::borrow::Cow; use std::error; use std::ffi::CStr; diff --git a/openssl/src/pkcs7.rs b/openssl/src/pkcs7.rs index c6249dd8..ccb897a5 100644 --- a/openssl/src/pkcs7.rs +++ b/openssl/src/pkcs7.rs @@ -1,4 +1,4 @@ -use bio::{MemBio, MemBioSlice}; +use bio::MemBioSlice; use error::ErrorStack; use ffi; use foreign_types::ForeignTypeRef; @@ -6,8 +6,6 @@ use libc::c_int; use pkey::{HasPrivate, PKeyRef}; use stack::StackRef; use std::ptr; -use symm::Cipher; -use x509::store::X509StoreRef; use x509::{X509Ref, X509}; use {cvt, cvt_p}; diff --git a/openssl/src/pkey.rs b/openssl/src/pkey.rs index 7ff28a63..f5688bb7 100644 --- a/openssl/src/pkey.rs +++ b/openssl/src/pkey.rs @@ -59,8 +59,6 @@ use dsa::Dsa; use ec::EcKey; use error::ErrorStack; use rsa::Rsa; -#[cfg(ossl110)] -use symm::Cipher; use util::{invoke_passwd_cb, CallbackState}; use {cvt, cvt_p}; @@ -393,28 +391,6 @@ impl PKey { } impl PKey { - #[cfg(ossl110)] - fn generate_eddsa(nid: c_int) -> Result, ErrorStack> { - unsafe { - let kctx = cvt_p(ffi::EVP_PKEY_CTX_new_id(nid, ptr::null_mut()))?; - let ret = cvt(ffi::EVP_PKEY_keygen_init(kctx)); - if let Err(e) = ret { - ffi::EVP_PKEY_CTX_free(kctx); - return Err(e); - } - let mut key = ptr::null_mut(); - let ret = cvt(ffi::EVP_PKEY_keygen(kctx, &mut key)); - - ffi::EVP_PKEY_CTX_free(kctx); - - if let Err(e) = ret { - return Err(e); - } - - Ok(PKey::from_ptr(key)) - } - } - /// Generates a new private Ed25519 key #[cfg(ossl111)] pub fn generate_x25519() -> Result, ErrorStack> { diff --git a/openssl/src/ssl/callbacks.rs b/openssl/src/ssl/callbacks.rs index 2fcf8aac..5d35b0f6 100644 --- a/openssl/src/ssl/callbacks.rs +++ b/openssl/src/ssl/callbacks.rs @@ -480,66 +480,6 @@ where (*callback)(ssl, slice) as c_int } -pub extern "C" fn raw_cookie_generate( - ssl: *mut ffi::SSL, - cookie: *mut c_uchar, - cookie_len: *mut c_uint, -) -> c_int -where - F: Fn(&mut SslRef, &mut [u8]) -> Result + 'static + Sync + Send, -{ - pub const DTLS1_COOKIE_LENGTH: c_uint = 256; - - unsafe { - let ssl = SslRef::from_ptr_mut(ssl); - let callback = ssl - .ssl_context() - .ex_data(SslContext::cached_ex_index::()) - .expect("BUG: cookie generate callback missing") as *const F; - // We subtract 1 from DTLS1_COOKIE_LENGTH as the ostensible value, 256, is erroneous but retained for - // compatibility. See comments in dtls1.h. - let slice = slice::from_raw_parts_mut(cookie as *mut u8, DTLS1_COOKIE_LENGTH as usize - 1); - match (*callback)(ssl, slice) { - Ok(len) => { - *cookie_len = len as c_uint; - 1 - } - Err(e) => { - e.put(); - 0 - } - } - } -} - -cfg_if! { - if #[cfg(any(ossl110, libressl280))] { - type CookiePtr = *const c_uchar; - } else { - type CookiePtr = *mut c_uchar; - } -} - -pub extern "C" fn raw_cookie_verify( - ssl: *mut ffi::SSL, - cookie: CookiePtr, - cookie_len: c_uint, -) -> c_int -where - F: Fn(&mut SslRef, &[u8]) -> bool + 'static + Sync + Send, -{ - unsafe { - let ssl = SslRef::from_ptr_mut(ssl); - let callback = ssl - .ssl_context() - .ex_data(SslContext::cached_ex_index::()) - .expect("BUG: cookie verify callback missing") as *const F; - let slice = - slice::from_raw_parts(cookie as *const c_uchar as *const u8, cookie_len as usize); - (*callback)(ssl, slice) as c_int - } -} - #[cfg(ossl111)] pub struct CustomExtAddState(Option); diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs index 563f9c41..96ec4588 100644 --- a/openssl/src/ssl/mod.rs +++ b/openssl/src/ssl/mod.rs @@ -59,7 +59,7 @@ //! ``` use ffi; use foreign_types::{ForeignType, ForeignTypeRef, Opaque}; -use libc::{c_char, c_int, c_long, c_uchar, c_uint, c_ulong, c_void}; +use libc::{c_char, c_int, c_long, c_uchar, c_uint, c_void}; use std::any::TypeId; use std::cmp; use std::collections::HashMap; @@ -2999,7 +2999,7 @@ impl SslRef { let mut p = ptr::null(); let len = ffi::SSL_get_tlsext_status_ocsp_resp(self.as_ptr(), &mut p); - if len < 0 { + if len == 0 { None } else { Some(slice::from_raw_parts(p as *const u8, len as usize)) diff --git a/openssl/src/stack.rs b/openssl/src/stack.rs index 54e76169..043ee178 100644 --- a/openssl/src/stack.rs +++ b/openssl/src/stack.rs @@ -1,6 +1,6 @@ use ffi; use foreign_types::{ForeignType, ForeignTypeRef, Opaque}; -use libc::{c_int, size_t}; +use libc::size_t; use std::borrow::Borrow; use std::convert::AsRef; use std::fmt; @@ -10,7 +10,7 @@ use std::mem; use std::ops::{Deref, DerefMut, Index, IndexMut, Range}; use error::ErrorStack; -use {cvt, cvt_0, cvt_p}; +use {cvt_0, cvt_p}; use ffi::{ sk_free as OPENSSL_sk_free, sk_new_null as OPENSSL_sk_new_null, sk_num as OPENSSL_sk_num, diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs index 103d7694..0aa75582 100644 --- a/openssl/src/x509/mod.rs +++ b/openssl/src/x509/mod.rs @@ -1514,6 +1514,7 @@ cfg_if! { } } +#[allow(bad_style)] unsafe fn X509_OBJECT_free(x: *mut ffi::X509_OBJECT) { ffi::X509_OBJECT_free_contents(x); ffi::OPENSSL_free(x as *mut libc::c_void);