min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rustfmt

This commit is contained in:
Steven Fackler 2019-02-22 10:14:15 -07:00
parent 7f4ceb51a4
commit 7eee39f1ec
40 changed files with 451 additions and 328 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
openssl-sys/build/main.rs
View File

@ -404,7 +404,8 @@ VERSION(OPENSSL, OPENSSL_VERSION_NUMBER)
VERSION(LIBRESSL, LIBRESSL_VERSION_NUMBER) VERSION(LIBRESSL, LIBRESSL_VERSION_NUMBER)
#endif #endif
" "
).unwrap(); )
.unwrap();
for define in DEFINES { for define in DEFINES {
write!( write!(
@ -415,7 +416,8 @@ RUST_CONF_{define}
#endif #endif
", ",
define = define define = define
).unwrap(); )
.unwrap();
} }
file.flush().unwrap(); file.flush().unwrap();

7
openssl-sys/src/dh.rs
View File

@ -15,10 +15,5 @@ extern "C" {
pub fn DH_get_2048_256() -> *mut DH; pub fn DH_get_2048_256() -> *mut DH;
#[cfg(any(ossl110, libressl273))] #[cfg(any(ossl110, libressl273))]
pub fn DH_set0_pqg( pub fn DH_set0_pqg(dh: *mut DH, p: *mut BIGNUM, q: *mut BIGNUM, g: *mut BIGNUM) -> c_int;
dh: *mut DH,
p: *mut BIGNUM,
q: *mut BIGNUM,
g: *mut BIGNUM,
) -> c_int;
} }

13
openssl-sys/src/dsa.rs
View File

@ -49,18 +49,9 @@ extern "C" {
q: *mut *const BIGNUM, q: *mut *const BIGNUM,
); );
#[cfg(any(ossl110, libressl273))] #[cfg(any(ossl110, libressl273))]
pub fn DSA_set0_pqg( pub fn DSA_set0_pqg(d: *mut DSA, p: *mut BIGNUM, q: *mut BIGNUM, q: *mut BIGNUM) -> c_int;
d: *mut DSA,
p: *mut BIGNUM,
q: *mut BIGNUM,
q: *mut BIGNUM,
) -> c_int;
#[cfg(any(ossl110, libressl273))] #[cfg(any(ossl110, libressl273))]
pub fn DSA_get0_key( pub fn DSA_get0_key(d: *const DSA, pub_key: *mut *const BIGNUM, priv_key: *mut *const BIGNUM);
d: *const DSA,
pub_key: *mut *const BIGNUM,
priv_key: *mut *const BIGNUM,
);
#[cfg(any(ossl110, libressl273))] #[cfg(any(ossl110, libressl273))]
pub fn DSA_set0_key(d: *mut DSA, pub_key: *mut BIGNUM, priv_key: *mut BIGNUM) -> c_int; pub fn DSA_set0_key(d: *mut DSA, pub_key: *mut BIGNUM, priv_key: *mut BIGNUM) -> c_int;
} }

13
openssl-sys/src/lib.rs
View File

@ -25,8 +25,8 @@ pub use object::*;
pub use ocsp::*; pub use ocsp::*;
pub use ossl_typ::*; pub use ossl_typ::*;
pub use pem::*; pub use pem::*;
pub use pkcs7::*;
pub use pkcs12::*; pub use pkcs12::*;
pub use pkcs7::*;
pub use rand::*; pub use rand::*;
pub use rsa::*; pub use rsa::*;
pub use safestack::*; pub use safestack::*;
@ -62,8 +62,8 @@ mod object;
mod ocsp; mod ocsp;
mod ossl_typ; mod ossl_typ;
mod pem; mod pem;
mod pkcs7;
mod pkcs12; mod pkcs12;
mod pkcs7;
mod rand; mod rand;
mod rsa; mod rsa;
mod safestack; mod safestack;
@ -78,9 +78,12 @@ mod x509_vfy;
mod x509v3; mod x509v3;
// FIXME remove // FIXME remove
pub type PasswordCallback = pub type PasswordCallback = unsafe extern "C" fn(
unsafe extern "C" fn(buf: *mut c_char, size: c_int, rwflag: c_int, user_data: *mut c_void) buf: *mut c_char,
-> c_int; size: c_int,
rwflag: c_int,
user_data: *mut c_void,
) -> c_int;
#[cfg(ossl110)] #[cfg(ossl110)]
pub fn init() { pub fn init() {

2
openssl-sys/src/macros.rs
View File

@ -65,5 +65,5 @@ macro_rules! stack {
} }
} }
} }
} };
} }

2
openssl-sys/src/ossl_typ.rs
View File

@ -346,7 +346,7 @@ pub enum X509_STORE_CTX {}
cfg_if! { cfg_if! {
if #[cfg(any(ossl110, libressl280))] { if #[cfg(any(ossl110, libressl280))] {
pub enum X509_VERIFY_PARAM {} pub enum X509_VERIFY_PARAM {}
} else if #[cfg(libressl251)] { } else if #[cfg(libressl251)] {
#[repr(C)] #[repr(C)]
pub struct X509_VERIFY_PARAM { pub struct X509_VERIFY_PARAM {

11
openssl-sys/src/pem.rs
View File

@ -2,9 +2,14 @@ use libc::*;
use *; use *;
pub type pem_password_cb = pub type pem_password_cb = Option<
Option<unsafe extern "C" fn(buf: *mut c_char, size: c_int, rwflag: c_int, user_data: *mut c_void) unsafe extern "C" fn(
-> c_int>; buf: *mut c_char,
size: c_int,
rwflag: c_int,
user_data: *mut c_void,
) -> c_int,
>;
extern "C" { extern "C" {
pub fn PEM_read_bio_X509( pub fn PEM_read_bio_X509(

4
openssl-sys/src/rsa.rs
View File

@ -143,9 +143,7 @@ extern "C" {
k: *mut RSA, k: *mut RSA,
pad: c_int, pad: c_int,
) -> c_int; ) -> c_int;
pub fn RSA_check_key( pub fn RSA_check_key(r: *const ::RSA) -> c_int;
r: *const ::RSA,
) -> c_int;
pub fn RSA_free(rsa: *mut RSA); pub fn RSA_free(rsa: *mut RSA);
pub fn RSA_up_ref(rsa: *mut RSA) -> c_int; pub fn RSA_up_ref(rsa: *mut RSA) -> c_int;

38
openssl-sys/src/ssl.rs
View File

@ -526,16 +526,22 @@ extern "C" {
pub fn SSL_CTX_set_stateless_cookie_generate_cb( pub fn SSL_CTX_set_stateless_cookie_generate_cb(
s: *mut SSL_CTX, s: *mut SSL_CTX,
cb: Option< cb: Option<
unsafe extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut size_t) unsafe extern "C" fn(
-> c_int, ssl: *mut SSL,
cookie: *mut c_uchar,
cookie_len: *mut size_t,
) -> c_int,
>, >,
); );
#[cfg(ossl111)] #[cfg(ossl111)]
pub fn SSL_CTX_set_stateless_cookie_verify_cb( pub fn SSL_CTX_set_stateless_cookie_verify_cb(
s: *mut SSL_CTX, s: *mut SSL_CTX,
cb: Option< cb: Option<
unsafe extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: size_t) unsafe extern "C" fn(
-> c_int, ssl: *mut SSL,
cookie: *const c_uchar,
cookie_len: size_t,
) -> c_int,
>, >,
); );
@ -609,8 +615,14 @@ extern "C" {
pub fn SSL_CTX_set_psk_client_callback( pub fn SSL_CTX_set_psk_client_callback(
ssl: *mut SSL_CTX, ssl: *mut SSL_CTX,
psk_client_cb: Option< psk_client_cb: Option<
extern "C" fn(*mut SSL, *const c_char, *mut c_char, c_uint, *mut c_uchar, c_uint) extern "C" fn(
-> c_uint, *mut SSL,
*const c_char,
*mut c_char,
c_uint,
*mut c_uchar,
c_uint,
) -> c_uint,
>, >,
); );
pub fn SSL_CTX_set_psk_server_callback( pub fn SSL_CTX_set_psk_server_callback(
@ -1212,15 +1224,21 @@ extern "C" {
#[cfg(not(ossl110))] #[cfg(not(ossl110))]
pub fn SSL_CTX_set_tmp_ecdh_callback( pub fn SSL_CTX_set_tmp_ecdh_callback(
ctx: *mut ::SSL_CTX, ctx: *mut ::SSL_CTX,
ecdh: unsafe extern "C" fn(ssl: *mut ::SSL, is_export: c_int, keylength: c_int) ecdh: unsafe extern "C" fn(
-> *mut ::EC_KEY, ssl: *mut ::SSL,
is_export: c_int,
keylength: c_int,
) -> *mut ::EC_KEY,
); );
// FIXME should take an option // FIXME should take an option
#[cfg(not(ossl110))] #[cfg(not(ossl110))]
pub fn SSL_set_tmp_ecdh_callback( pub fn SSL_set_tmp_ecdh_callback(
ssl: *mut SSL, ssl: *mut SSL,
ecdh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) ecdh: unsafe extern "C" fn(
-> *mut EC_KEY, ssl: *mut SSL,
is_export: c_int,
keylength: c_int,
) -> *mut EC_KEY,
); );
} }

2
openssl-sys/src/tls1.rs
View File

@ -1,6 +1,6 @@
use libc::*; use libc::*;
use std::ptr;
use std::mem; use std::mem;
use std::ptr;
use *; use *;

34
openssl/examples/mk_certs.rs
View File

@ -9,9 +9,11 @@ use openssl::error::ErrorStack;
use openssl::hash::MessageDigest; use openssl::hash::MessageDigest;
use openssl::pkey::{PKey, PKeyRef, Private}; use openssl::pkey::{PKey, PKeyRef, Private};
use openssl::rsa::Rsa; use openssl::rsa::Rsa;
use openssl::x509::{X509, X509NameBuilder, X509Ref, X509Req, X509ReqBuilder, X509VerifyResult}; use openssl::x509::extension::{
use openssl::x509::extension::{AuthorityKeyIdentifier, BasicConstraints, KeyUsage, AuthorityKeyIdentifier, BasicConstraints, KeyUsage, SubjectAlternativeName,
SubjectAlternativeName, SubjectKeyIdentifier}; SubjectKeyIdentifier,
};
use openssl::x509::{X509NameBuilder, X509Ref, X509Req, X509ReqBuilder, X509VerifyResult, X509};
/// Make a CA certificate and private key /// Make a CA certificate and private key
fn mk_ca_cert() -> Result<(X509, PKey<Private>), ErrorStack> { fn mk_ca_cert() -> Result<(X509, PKey<Private>), ErrorStack> {
@ -42,11 +44,13 @@ fn mk_ca_cert() -> Result<(X509, PKey<Private>), ErrorStack> {
cert_builder.set_not_after(&not_after)?; cert_builder.set_not_after(&not_after)?;
cert_builder.append_extension(BasicConstraints::new().critical().ca().build()?)?; cert_builder.append_extension(BasicConstraints::new().critical().ca().build()?)?;
cert_builder.append_extension(KeyUsage::new() cert_builder.append_extension(
.critical() KeyUsage::new()
.key_cert_sign() .critical()
.crl_sign() .key_cert_sign()
.build()?)?; .crl_sign()
.build()?,
)?;
let subject_key_identifier = let subject_key_identifier =
SubjectKeyIdentifier::new().build(&cert_builder.x509v3_context(None, None))?; SubjectKeyIdentifier::new().build(&cert_builder.x509v3_context(None, None))?;
@ -104,12 +108,14 @@ fn mk_ca_signed_cert(
cert_builder.append_extension(BasicConstraints::new().build()?)?; cert_builder.append_extension(BasicConstraints::new().build()?)?;
cert_builder.append_extension(KeyUsage::new() cert_builder.append_extension(
.critical() KeyUsage::new()
.non_repudiation() .critical()
.digital_signature() .non_repudiation()
.key_encipherment() .digital_signature()
.build()?)?; .key_encipherment()
.build()?,
)?;
let subject_key_identifier = let subject_key_identifier =
SubjectKeyIdentifier::new().build(&cert_builder.x509v3_context(Some(ca_cert), None))?; SubjectKeyIdentifier::new().build(&cert_builder.x509v3_context(Some(ca_cert), None))?;

57
openssl/src/bn.rs
View File

@ -423,7 +423,8 @@ impl BigNumRef {
bits.into(), bits.into(),
msb.0, msb.0,
odd as c_int, odd as c_int,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -439,7 +440,8 @@ impl BigNumRef {
bits.into(), bits.into(),
msb.0, msb.0,
odd as c_int, odd as c_int,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -485,7 +487,8 @@ impl BigNumRef {
add.map(|n| n.as_ptr()).unwrap_or(ptr::null_mut()), add.map(|n| n.as_ptr()).unwrap_or(ptr::null_mut()),
rem.map(|n| n.as_ptr()).unwrap_or(ptr::null_mut()), rem.map(|n| n.as_ptr()).unwrap_or(ptr::null_mut()),
ptr::null_mut(), ptr::null_mut(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -508,7 +511,8 @@ impl BigNumRef {
a.as_ptr(), a.as_ptr(),
b.as_ptr(), b.as_ptr(),
ctx.as_ptr(), ctx.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -532,7 +536,8 @@ impl BigNumRef {
a.as_ptr(), a.as_ptr(),
b.as_ptr(), b.as_ptr(),
ctx.as_ptr(), ctx.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -554,7 +559,8 @@ impl BigNumRef {
a.as_ptr(), a.as_ptr(),
b.as_ptr(), b.as_ptr(),
ctx.as_ptr(), ctx.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -577,7 +583,8 @@ impl BigNumRef {
a.as_ptr(), a.as_ptr(),
b.as_ptr(), b.as_ptr(),
ctx.as_ptr(), ctx.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -608,7 +615,8 @@ impl BigNumRef {
a.as_ptr(), a.as_ptr(),
m.as_ptr(), m.as_ptr(),
ctx.as_ptr(), ctx.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -631,7 +639,8 @@ impl BigNumRef {
b.as_ptr(), b.as_ptr(),
m.as_ptr(), m.as_ptr(),
ctx.as_ptr(), ctx.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -654,7 +663,8 @@ impl BigNumRef {
b.as_ptr(), b.as_ptr(),
m.as_ptr(), m.as_ptr(),
ctx.as_ptr(), ctx.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -677,7 +687,8 @@ impl BigNumRef {
b.as_ptr(), b.as_ptr(),
m.as_ptr(), m.as_ptr(),
ctx.as_ptr(), ctx.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -698,7 +709,8 @@ impl BigNumRef {
a.as_ptr(), a.as_ptr(),
m.as_ptr(), m.as_ptr(),
ctx.as_ptr(), ctx.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -719,7 +731,8 @@ impl BigNumRef {
a.as_ptr(), a.as_ptr(),
p.as_ptr(), p.as_ptr(),
ctx.as_ptr(), ctx.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -742,7 +755,8 @@ impl BigNumRef {
p.as_ptr(), p.as_ptr(),
m.as_ptr(), m.as_ptr(),
ctx.as_ptr(), ctx.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -759,7 +773,8 @@ impl BigNumRef {
a.as_ptr(), a.as_ptr(),
n.as_ptr(), n.as_ptr(),
ctx.as_ptr(), ctx.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -780,7 +795,8 @@ impl BigNumRef {
a.as_ptr(), a.as_ptr(),
b.as_ptr(), b.as_ptr(),
ctx.as_ptr(), ctx.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -803,7 +819,8 @@ impl BigNumRef {
checks.into(), checks.into(),
ctx.as_ptr(), ctx.as_ptr(),
ptr::null_mut(), ptr::null_mut(),
)).map(|r| r != 0) ))
.map(|r| r != 0)
} }
} }
@ -833,7 +850,8 @@ impl BigNumRef {
ctx.as_ptr(), ctx.as_ptr(),
do_trial_division as c_int, do_trial_division as c_int,
ptr::null_mut(), ptr::null_mut(),
)).map(|r| r != 0) ))
.map(|r| r != 0)
} }
} }
@ -1089,7 +1107,8 @@ impl BigNum {
n.as_ptr(), n.as_ptr(),
n.len() as c_int, n.len() as c_int,
ptr::null_mut(), ptr::null_mut(),
)).map(|p| BigNum::from_ptr(p)) ))
.map(|p| BigNum::from_ptr(p))
} }
} }
} }

2
openssl/src/cms.rs
View File

@ -14,7 +14,7 @@ use error::ErrorStack;
use libc::c_uint; use libc::c_uint;
use pkey::{HasPrivate, PKeyRef}; use pkey::{HasPrivate, PKeyRef};
use stack::StackRef; use stack::StackRef;
use x509::{X509, X509Ref}; use x509::{X509Ref, X509};
use {cvt, cvt_p}; use {cvt, cvt_p};
bitflags! { bitflags! {

7
openssl/src/derive.rs
View File

@ -1,12 +1,12 @@
//! Shared secret derivation. //! Shared secret derivation.
use ffi; use ffi;
use foreign_types::ForeignTypeRef;
use std::marker::PhantomData; use std::marker::PhantomData;
use std::ptr; use std::ptr;
use foreign_types::ForeignTypeRef;
use {cvt, cvt_p};
use error::ErrorStack; use error::ErrorStack;
use pkey::{HasPrivate, HasPublic, PKeyRef}; use pkey::{HasPrivate, HasPublic, PKeyRef};
use {cvt, cvt_p};
/// A type used to derive a shared secret between two keys. /// A type used to derive a shared secret between two keys.
pub struct Deriver<'a>(*mut ffi::EVP_PKEY_CTX, PhantomData<&'a ()>); pub struct Deriver<'a>(*mut ffi::EVP_PKEY_CTX, PhantomData<&'a ()>);
@ -72,7 +72,8 @@ impl<'a> Deriver<'a> {
self.0, self.0,
buf.as_mut_ptr() as *mut _, buf.as_mut_ptr() as *mut _,
&mut len, &mut len,
)).map(|_| len) ))
.map(|_| len)
} }
} }

3
openssl/src/dh.rs
View File

@ -164,7 +164,8 @@ mod tests {
).unwrap(); ).unwrap();
let q = BigNum::from_hex_str( let q = BigNum::from_hex_str(
"8CF83642A709A097B447997640129DA299B1A47D1EB3750BA308B0FE64F5FBD3", "8CF83642A709A097B447997640129DA299B1A47D1EB3750BA308B0FE64F5FBD3",
).unwrap(); )
.unwrap();
let dh = Dh::from_params(p, g, q).unwrap(); let dh = Dh::from_params(p, g, q).unwrap();
ctx.set_tmp_dh(&dh).unwrap(); ctx.set_tmp_dh(&dh).unwrap();
} }

12
openssl/src/dsa.rs
View File

@ -9,8 +9,8 @@ use ffi;
use foreign_types::{ForeignType, ForeignTypeRef}; use foreign_types::{ForeignType, ForeignTypeRef};
use libc::c_int; use libc::c_int;
use std::fmt; use std::fmt;
use std::ptr;
use std::mem; use std::mem;
use std::ptr;
use bn::{BigNum, BigNumRef}; use bn::{BigNum, BigNumRef};
use error::ErrorStack; use error::ErrorStack;
@ -321,9 +321,9 @@ cfg_if! {
mod test { mod test {
use super::*; use super::*;
use bn::BigNumContext; use bn::BigNumContext;
use sign::{Signer, Verifier};
use hash::MessageDigest; use hash::MessageDigest;
use pkey::PKey; use pkey::PKey;
use sign::{Signer, Verifier};
#[test] #[test]
pub fn test_generate() { pub fn test_generate() {
@ -390,14 +390,18 @@ mod test {
BigNumRef::to_owned(q).unwrap(), BigNumRef::to_owned(q).unwrap(),
BigNumRef::to_owned(g).unwrap(), BigNumRef::to_owned(g).unwrap(),
BigNumRef::to_owned(priv_key).unwrap(), BigNumRef::to_owned(priv_key).unwrap(),
BigNumRef::to_owned(pub_key).unwrap()).unwrap(); BigNumRef::to_owned(pub_key).unwrap(),
)
.unwrap();
let priv_key = PKey::from_dsa(priv_key).unwrap(); let priv_key = PKey::from_dsa(priv_key).unwrap();
let pub_key = Dsa::from_public_components( let pub_key = Dsa::from_public_components(
BigNumRef::to_owned(p).unwrap(), BigNumRef::to_owned(p).unwrap(),
BigNumRef::to_owned(q).unwrap(), BigNumRef::to_owned(q).unwrap(),
BigNumRef::to_owned(g).unwrap(), BigNumRef::to_owned(g).unwrap(),
BigNumRef::to_owned(pub_key).unwrap()).unwrap(); BigNumRef::to_owned(pub_key).unwrap(),
)
.unwrap();
let pub_key = PKey::from_dsa(pub_key).unwrap(); let pub_key = PKey::from_dsa(pub_key).unwrap();
let mut signer = Signer::new(MessageDigest::sha256(), &priv_key).unwrap(); let mut signer = Signer::new(MessageDigest::sha256(), &priv_key).unwrap();

7
openssl/src/ecdsa.rs
View File

@ -73,7 +73,8 @@ impl EcdsaSig {
data.len() as c_int, data.len() as c_int,
self.as_ptr(), self.as_ptr(),
eckey.as_ptr(), eckey.as_ptr(),
)).map(|x| x == 1) ))
.map(|x| x == 1)
} }
} }
@ -110,7 +111,7 @@ impl EcdsaSig {
from_der, from_der,
EcdsaSig, EcdsaSig,
ffi::d2i_ECDSA_SIG ffi::d2i_ECDSA_SIG
} }
} }
impl EcdsaSigRef { impl EcdsaSigRef {
@ -120,7 +121,7 @@ impl EcdsaSigRef {
/// This corresponds to [`i2d_ECDSA_SIG`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_ECDSA_SIG.html /// This corresponds to [`i2d_ECDSA_SIG`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_ECDSA_SIG.html
to_der, to_der,
ffi::i2d_ECDSA_SIG ffi::i2d_ECDSA_SIG
} }
} }
cfg_if! { cfg_if! {

6
openssl/src/error.rs
View File

@ -16,13 +16,13 @@
//! } //! }
//! ``` //! ```
use libc::{c_char, c_int, c_ulong}; use libc::{c_char, c_int, c_ulong};
use std::fmt; use std::borrow::Cow;
use std::error; use std::error;
use std::ffi::CStr; use std::ffi::CStr;
use std::fmt;
use std::io; use std::io;
use std::str;
use std::ptr; use std::ptr;
use std::borrow::Cow; use std::str;
use ffi; use ffi;

31
openssl/src/hash.rs
View File

@ -254,7 +254,7 @@ impl Hasher {
/// Writes the hash of the data into the supplied buf and resets the XOF hasher. /// Writes the hash of the data into the supplied buf and resets the XOF hasher.
/// The hash will be as long as the buf. /// The hash will be as long as the buf.
#[cfg(ossl111)] #[cfg(ossl111)]
pub fn finish_xof(&mut self, buf: &mut[u8]) -> Result<(), ErrorStack> { pub fn finish_xof(&mut self, buf: &mut [u8]) -> Result<(), ErrorStack> {
if self.state == Finalized { if self.state == Finalized {
self.init()?; self.init()?;
} }
@ -366,7 +366,7 @@ pub fn hash(t: MessageDigest, data: &[u8]) -> Result<DigestBytes, ErrorStack> {
/// Computes the hash of the `data` with the XOF hasher `t` and stores it in `buf`. /// Computes the hash of the `data` with the XOF hasher `t` and stores it in `buf`.
#[cfg(ossl111)] #[cfg(ossl111)]
pub fn hash_xof(t: MessageDigest, data: &[u8], buf: &mut[u8]) -> Result<(), ErrorStack> { pub fn hash_xof(t: MessageDigest, data: &[u8], buf: &mut [u8]) -> Result<(), ErrorStack> {
let mut h = Hasher::new(t)?; let mut h = Hasher::new(t)?;
h.update(data)?; h.update(data)?;
h.finish_xof(buf) h.finish_xof(buf)
@ -388,7 +388,12 @@ mod tests {
fn hash_xof_test(hashtype: MessageDigest, hashtest: &(&str, &str)) { fn hash_xof_test(hashtype: MessageDigest, hashtest: &(&str, &str)) {
let expected = Vec::from_hex(hashtest.1).unwrap(); let expected = Vec::from_hex(hashtest.1).unwrap();
let mut buf = vec![0; expected.len()]; let mut buf = vec![0; expected.len()];
hash_xof(hashtype, &Vec::from_hex(hashtest.0).unwrap(), buf.as_mut_slice()).unwrap(); hash_xof(
hashtype,
&Vec::from_hex(hashtest.0).unwrap(),
buf.as_mut_slice(),
)
.unwrap();
assert_eq!(buf, expected); assert_eq!(buf, expected);
} }
@ -499,8 +504,9 @@ mod tests {
#[cfg(ossl111)] #[cfg(ossl111)]
#[test] #[test]
fn test_sha3_224() { fn test_sha3_224() {
let tests = [("416c6c20796f75722062617365206172652062656c6f6e6720746f207573", let tests = [(
"1de092dd9fbcbbf450f26264f4778abd48af851f2832924554c56913" "416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
"1de092dd9fbcbbf450f26264f4778abd48af851f2832924554c56913",
)]; )];
for test in tests.iter() { for test in tests.iter() {
@ -511,8 +517,9 @@ mod tests {
#[cfg(ossl111)] #[cfg(ossl111)]
#[test] #[test]
fn test_sha3_256() { fn test_sha3_256() {
let tests = [("416c6c20796f75722062617365206172652062656c6f6e6720746f207573", let tests = [(
"b38e38f08bc1c0091ed4b5f060fe13e86aa4179578513ad11a6e3abba0062f61" "416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
"b38e38f08bc1c0091ed4b5f060fe13e86aa4179578513ad11a6e3abba0062f61",
)]; )];
for test in tests.iter() { for test in tests.iter() {
@ -549,8 +556,9 @@ mod tests {
#[cfg(ossl111)] #[cfg(ossl111)]
#[test] #[test]
fn test_shake_128() { fn test_shake_128() {
let tests = [("416c6c20796f75722062617365206172652062656c6f6e6720746f207573", let tests = [(
"49d0697ff508111d8b84f15e46daf135" "416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
"49d0697ff508111d8b84f15e46daf135",
)]; )];
for test in tests.iter() { for test in tests.iter() {
@ -561,8 +569,9 @@ mod tests {
#[cfg(ossl111)] #[cfg(ossl111)]
#[test] #[test]
fn test_shake_256() { fn test_shake_256() {
let tests = [("416c6c20796f75722062617365206172652062656c6f6e6720746f207573", let tests = [(
"4e2dfdaa75d1e049d0eaeffe28e76b17cea47b650fb8826fe48b94664326a697" "416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
"4e2dfdaa75d1e049d0eaeffe28e76b17cea47b650fb8826fe48b94664326a697",
)]; )];
for test in tests.iter() { for test in tests.iter() {

60
openssl/src/lib.rs
View File

@ -1,51 +1,51 @@
//! Bindings to OpenSSL //! Bindings to OpenSSL
//! //!
//! This crate provides a safe interface to the popular OpenSSL cryptography library. OpenSSL versions 1.0.1 through //! This crate provides a safe interface to the popular OpenSSL cryptography library. OpenSSL versions 1.0.1 through
//! 1.1.1 and LibreSSL versions 2.5 through 2.8 are supported. //! 1.1.1 and LibreSSL versions 2.5 through 2.8 are supported.
//! //!
//! # Building //! # Building
//! //!
//! Both OpenSSL libraries and headers are required to build this crate. There are multiple options available to locate //! Both OpenSSL libraries and headers are required to build this crate. There are multiple options available to locate
//! OpenSSL. //! OpenSSL.
//! //!
//! ## Vendored //! ## Vendored
//! //!
//! If the `vendored` Cargo feature is enabled, the `openssl-src` crate will be used to compile and statically link to //! If the `vendored` Cargo feature is enabled, the `openssl-src` crate will be used to compile and statically link to
//! a copy of OpenSSL. The build process requires a C compiler, perl, and make. The OpenSSL version will generally track //! a copy of OpenSSL. The build process requires a C compiler, perl, and make. The OpenSSL version will generally track
//! the newest OpenSSL release, and changes to the version are *not* considered breaking changes. //! the newest OpenSSL release, and changes to the version are *not* considered breaking changes.
//! //!
//! ```toml //! ```toml
//! [dependencies] //! [dependencies]
//! openssl = { version = "0.10", features = ["vendored"] } //! openssl = { version = "0.10", features = ["vendored"] }
//! ``` //! ```
//! //!
//! The vendored copy will not be configured to automatically find the system's root certificates, but the //! The vendored copy will not be configured to automatically find the system's root certificates, but the
//! `openssl-probe` crate can be used to do that instead. //! `openssl-probe` crate can be used to do that instead.
//! //!
//! ## Automatic //! ## Automatic
//! //!
//! The `openssl-sys` crate will automatically detect OpenSSL installations via Homebrew on macOS and vcpkg on Windows. //! The `openssl-sys` crate will automatically detect OpenSSL installations via Homebrew on macOS and vcpkg on Windows.
//! Additionally, it will use `pkg-config` on Unix-like systems to find the system installation. //! Additionally, it will use `pkg-config` on Unix-like systems to find the system installation.
//! //!
//! ```not_rust //! ```not_rust
//! # macOS //! # macOS
//! $ brew install openssl@1.1 //! $ brew install openssl@1.1
//! //!
//! # Arch Linux //! # Arch Linux
//! $ sudo pacman -S pkg-config openssl //! $ sudo pacman -S pkg-config openssl
//! //!
//! # Debian and Ubuntu //! # Debian and Ubuntu
//! $ sudo apt-get install pkg-config libssl-dev //! $ sudo apt-get install pkg-config libssl-dev
//! //!
//! # Fedora //! # Fedora
//! $ sudo dnf install pkg-config openssl-devel //! $ sudo dnf install pkg-config openssl-devel
//! ``` //! ```
//! //!
//! ## Manual //! ## Manual
//! //!
//! A set of environment variables can be used to point `openssl-sys` towards an OpenSSL installation. They will //! A set of environment variables can be used to point `openssl-sys` towards an OpenSSL installation. They will
//! override the automatic detection logic. //! override the automatic detection logic.
//! //!
//! * `OPENSSL_DIR` - If specified, the directory of an OpenSSL installation. The directory should contain `lib` and //! * `OPENSSL_DIR` - If specified, the directory of an OpenSSL installation. The directory should contain `lib` and
//! `include` subdirectories containing the libraries and headers respectively. //! `include` subdirectories containing the libraries and headers respectively.
//! * `OPENSSL_LIB_DIR` and `OPENSSL_INCLUDE_DIR` - If specified, the directories containing the OpenSSL libraries and //! * `OPENSSL_LIB_DIR` and `OPENSSL_INCLUDE_DIR` - If specified, the directories containing the OpenSSL libraries and
@ -56,53 +56,53 @@
//! //!
//! Additionally, these variables can be prefixed with the upper-cased target architecture (e.g. //! Additionally, these variables can be prefixed with the upper-cased target architecture (e.g.
//! `X86_64_UNKNOWN_LINUX_GNU_OPENSSL_DIR`), which can be useful when cross compiling. //! `X86_64_UNKNOWN_LINUX_GNU_OPENSSL_DIR`), which can be useful when cross compiling.
//! //!
//! # Feature Detection //! # Feature Detection
//! //!
//! APIs have been added to and removed from the various supported OpenSSL versions, and this library exposes the //! APIs have been added to and removed from the various supported OpenSSL versions, and this library exposes the
//! functionality available in the version being linked against. This means that methods, constants, and even modules //! functionality available in the version being linked against. This means that methods, constants, and even modules
//! will be present when building against one version of OpenSSL but not when building against another! APIs will //! will be present when building against one version of OpenSSL but not when building against another! APIs will
//! document any version-specific availability restrictions. //! document any version-specific availability restrictions.
//! //!
//! A build script can be used to detect the OpenSSL or LibreSSL version at compile time if needed. The `openssl-sys` //! A build script can be used to detect the OpenSSL or LibreSSL version at compile time if needed. The `openssl-sys`
//! crate propagates the version via the `DEP_OPENSSL_VERSION_NUMBER` and `DEP_OPENSSL_LIBRESSL_VERSION_NUMBER` //! crate propagates the version via the `DEP_OPENSSL_VERSION_NUMBER` and `DEP_OPENSSL_LIBRESSL_VERSION_NUMBER`
//! environment variables to build scripts. The version format is a hex-encoding of the OpenSSL release version: //! environment variables to build scripts. The version format is a hex-encoding of the OpenSSL release version:
//! `0xMNNFFPPS`. For example, version 1.0.2g's encoding is `0x1_00_02_07_0`. //! `0xMNNFFPPS`. For example, version 1.0.2g's encoding is `0x1_00_02_07_0`.
//! //!
//! For example, let's say we want to adjust the TLSv1.3 cipher suites used by a client, but also want to compile //! For example, let's say we want to adjust the TLSv1.3 cipher suites used by a client, but also want to compile
//! against OpenSSL versions that don't support TLSv1.3: //! against OpenSSL versions that don't support TLSv1.3:
//! //!
//! Cargo.toml: //! Cargo.toml:
//! //!
//! ```toml //! ```toml
//! [dependencies] //! [dependencies]
//! openssl-sys = "0.9" //! openssl-sys = "0.9"
//! openssl = "0.10" //! openssl = "0.10"
//! ``` //! ```
//! //!
//! build.rs: //! build.rs:
//! //!
//! ``` //! ```
//! use std::env; //! use std::env;
//! //!
//! fn main() { //! fn main() {
//! if let Ok(v) = env::var("DEP_OPENSSL_VERSION_NUMBER") { //! if let Ok(v) = env::var("DEP_OPENSSL_VERSION_NUMBER") {
//! let version = u64::from_str_radix(&v, 16).unwrap(); //! let version = u64::from_str_radix(&v, 16).unwrap();
//! //!
//! if version >= 0x1_01_01_00_0 { //! if version >= 0x1_01_01_00_0 {
//! println!("cargo:rustc-cfg=openssl111"); //! println!("cargo:rustc-cfg=openssl111");
//! } //! }
//! } //! }
//! } //! }
//! ``` //! ```
//! //!
//! lib.rs: //! lib.rs:
//! //!
//! ``` //! ```
//! use openssl::ssl::{SslConnector, SslMethod}; //! use openssl::ssl::{SslConnector, SslMethod};
//! //!
//! let mut ctx = SslConnector::builder(SslMethod::tls()).unwrap(); //! let mut ctx = SslConnector::builder(SslMethod::tls()).unwrap();
//! //!
//! // set_ciphersuites was added in OpenSSL 1.1.1, so we can only call it when linking against that version //! // set_ciphersuites was added in OpenSSL 1.1.1, so we can only call it when linking against that version
//! #[cfg(openssl111)] //! #[cfg(openssl111)]
//! ctx.set_ciphersuites("TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256").unwrap(); //! ctx.set_ciphersuites("TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256").unwrap();

2
openssl/src/memcmp.rs
View File

@ -29,8 +29,8 @@
//! assert!(!eq(&a, &b)); //! assert!(!eq(&a, &b));
//! assert!(!eq(&a, &c)); //! assert!(!eq(&a, &c));
//! ``` //! ```
use libc::size_t;
use ffi; use ffi;
use libc::size_t;
/// Returns `true` iff `a` and `b` contain the same bytes. /// Returns `true` iff `a` and `b` contain the same bytes.
/// ///

18
openssl/src/ocsp.rs
View File

@ -1,16 +1,16 @@
use ffi; use ffi;
use foreign_types::ForeignTypeRef; use foreign_types::ForeignTypeRef;
use libc::{c_int, c_long, c_ulong}; use libc::{c_int, c_long, c_ulong};
use std::ptr;
use std::mem; use std::mem;
use std::ptr;
use {cvt, cvt_p};
use asn1::Asn1GeneralizedTimeRef; use asn1::Asn1GeneralizedTimeRef;
use error::ErrorStack; use error::ErrorStack;
use hash::MessageDigest; use hash::MessageDigest;
use stack::StackRef; use stack::StackRef;
use x509::store::X509StoreRef; use x509::store::X509StoreRef;
use x509::{X509, X509Ref}; use x509::{X509Ref, X509};
use {cvt, cvt_p};
bitflags! { bitflags! {
pub struct OcspFlag: c_ulong { pub struct OcspFlag: c_ulong {
@ -130,7 +130,8 @@ impl<'a> OcspStatus<'a> {
self.next_update.as_ptr(), self.next_update.as_ptr(),
nsec as c_long, nsec as c_long,
maxsec.map(|n| n as c_long).unwrap_or(-1), maxsec.map(|n| n as c_long).unwrap_or(-1),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
} }
@ -160,7 +161,8 @@ impl OcspBasicResponseRef {
certs.as_ptr(), certs.as_ptr(),
store.as_ptr(), store.as_ptr(),
flags.bits(), flags.bits(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -222,7 +224,8 @@ impl OcspCertId {
digest.as_ptr(), digest.as_ptr(),
subject.as_ptr(), subject.as_ptr(),
issuer.as_ptr(), issuer.as_ptr(),
)).map(OcspCertId) ))
.map(OcspCertId)
} }
} }
} }
@ -249,7 +252,8 @@ impl OcspResponse {
cvt_p(ffi::OCSP_response_create( cvt_p(ffi::OCSP_response_create(
status.as_raw(), status.as_raw(),
body.map(|r| r.as_ptr()).unwrap_or(ptr::null_mut()), body.map(|r| r.as_ptr()).unwrap_or(ptr::null_mut()),
)).map(OcspResponse) ))
.map(OcspResponse)
} }
} }

7
openssl/src/pkcs12.rs
View File

@ -10,7 +10,7 @@ use error::ErrorStack;
use nid::Nid; use nid::Nid;
use pkey::{HasPrivate, PKey, PKeyRef, Private}; use pkey::{HasPrivate, PKey, PKeyRef, Private};
use stack::Stack; use stack::Stack;
use x509::{X509, X509Ref}; use x509::{X509Ref, X509};
use {cvt, cvt_p}; use {cvt, cvt_p};
foreign_type_and_impl_send_sync! { foreign_type_and_impl_send_sync! {
@ -196,7 +196,8 @@ impl Pkcs12Builder {
self.iter, self.iter,
self.mac_iter, self.mac_iter,
keytype, keytype,
)).map(Pkcs12) ))
.map(Pkcs12)
} }
} }
} }
@ -211,7 +212,7 @@ mod test {
use pkey::PKey; use pkey::PKey;
use rsa::Rsa; use rsa::Rsa;
use x509::extension::KeyUsage; use x509::extension::KeyUsage;
use x509::{X509, X509Name}; use x509::{X509Name, X509};
use super::*; use super::*;

28
openssl/src/pkcs5.rs
View File

@ -1,11 +1,11 @@
use ffi;
use libc::c_int; use libc::c_int;
use std::ptr; use std::ptr;
use ffi;
use cvt; use cvt;
use error::ErrorStack;
use hash::MessageDigest; use hash::MessageDigest;
use symm::Cipher; use symm::Cipher;
use error::ErrorStack;
#[derive(Clone, Eq, PartialEq, Hash, Debug)] #[derive(Clone, Eq, PartialEq, Hash, Debug)]
pub struct KeyIvPair { pub struct KeyIvPair {
@ -59,7 +59,8 @@ pub fn bytes_to_key(
))?; ))?;
let mut key = vec![0; len as usize]; let mut key = vec![0; len as usize];
let iv_ptr = iv.as_mut() let iv_ptr = iv
.as_mut()
.map(|v| v.as_mut_ptr()) .map(|v| v.as_mut_ptr())
.unwrap_or(ptr::null_mut()); .unwrap_or(ptr::null_mut());
@ -101,7 +102,8 @@ pub fn pbkdf2_hmac(
hash.as_ptr(), hash.as_ptr(),
key.len() as c_int, key.len() as c_int,
key.as_mut_ptr(), key.as_mut_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -131,7 +133,8 @@ pub fn scrypt(
maxmem, maxmem,
key.as_mut_ptr() as *mut _, key.as_mut_ptr() as *mut _,
key.len(), key.len(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -161,7 +164,8 @@ mod tests {
80000, 80000,
MessageDigest::sha256(), MessageDigest::sha256(),
&mut buf, &mut buf,
).unwrap(); )
.unwrap();
assert_eq!( assert_eq!(
buf, buf,
&[ &[
@ -198,7 +202,8 @@ mod tests {
1, 1,
MessageDigest::sha512(), MessageDigest::sha512(),
&mut buf, &mut buf,
).unwrap(); )
.unwrap();
assert_eq!( assert_eq!(
&buf[..], &buf[..],
&[ &[
@ -219,7 +224,8 @@ mod tests {
50, 50,
MessageDigest::sha512(), MessageDigest::sha512(),
&mut buf, &mut buf,
).unwrap(); )
.unwrap();
assert_eq!( assert_eq!(
&buf[..], &buf[..],
&[ &[
@ -262,7 +268,8 @@ mod tests {
&data, &data,
Some(&salt), Some(&salt),
1, 1,
).unwrap(), )
.unwrap(),
super::KeyIvPair { super::KeyIvPair {
key: expected_key, key: expected_key,
iv: Some(expected_iv), iv: Some(expected_iv),
@ -290,7 +297,8 @@ mod tests {
1, 1,
0, 0,
&mut actual, &mut actual,
).unwrap(); )
.unwrap();
assert_eq!(hex::encode(&actual[..]), expected); assert_eq!(hex::encode(&actual[..]), expected);
} }
} }

18
openssl/src/pkcs7.rs
View File

@ -110,7 +110,8 @@ impl Pkcs7 {
input_bio.as_ptr(), input_bio.as_ptr(),
cipher.as_ptr(), cipher.as_ptr(),
flags.bits, flags.bits,
)).map(Pkcs7) ))
.map(Pkcs7)
} }
} }
@ -142,7 +143,8 @@ impl Pkcs7 {
certs.as_ptr(), certs.as_ptr(),
input_bio.as_ptr(), input_bio.as_ptr(),
flags.bits, flags.bits,
)).map(Pkcs7) ))
.map(Pkcs7)
} }
} }
} }
@ -162,7 +164,8 @@ impl Pkcs7Ref {
self.as_ptr(), self.as_ptr(),
input_bio.as_ptr(), input_bio.as_ptr(),
flags.bits, flags.bits,
)).map(|_| output.get_buf().to_owned()) ))
.map(|_| output.get_buf().to_owned())
} }
} }
@ -206,7 +209,8 @@ impl Pkcs7Ref {
cert.as_ptr(), cert.as_ptr(),
output.as_ptr(), output.as_ptr(),
flags.bits, flags.bits,
)).map(|_| output.get_buf().to_owned()) ))
.map(|_| output.get_buf().to_owned())
} }
} }
@ -244,7 +248,8 @@ impl Pkcs7Ref {
indata_bio_ptr, indata_bio_ptr,
out_bio.as_ptr(), out_bio.as_ptr(),
flags.bits, flags.bits,
)).map(|_| ())? ))
.map(|_| ())?
} }
if let Some(data) = out { if let Some(data) = out {
@ -328,7 +333,8 @@ mod tests {
Some(message.as_bytes()), Some(message.as_bytes()),
Some(&mut output), Some(&mut output),
flags, flags,
).expect("should succeed"); )
.expect("should succeed");
assert_eq!(message.clone().into_bytes(), output); assert_eq!(message.clone().into_bytes(), output);
assert_eq!( assert_eq!(

40
openssl/src/pkey.rs
View File

@ -45,21 +45,21 @@
//! } //! }
//! ``` //! ```
use libc::c_int;
use std::ptr;
use std::mem;
use std::ffi::CString;
use ffi; use ffi;
use foreign_types::{ForeignType, ForeignTypeRef}; use foreign_types::{ForeignType, ForeignTypeRef};
use libc::c_int;
use std::ffi::CString;
use std::mem;
use std::ptr;
use {cvt, cvt_p};
use bio::MemBioSlice; use bio::MemBioSlice;
use dh::Dh; use dh::Dh;
use dsa::Dsa; use dsa::Dsa;
use ec::EcKey; use ec::EcKey;
use rsa::Rsa;
use error::ErrorStack; use error::ErrorStack;
use rsa::Rsa;
use util::{invoke_passwd_cb, CallbackState}; use util::{invoke_passwd_cb, CallbackState};
use {cvt, cvt_p};
/// A tag type indicating that a key only has parameters. /// A tag type indicating that a key only has parameters.
pub enum Params {} pub enum Params {}
@ -97,22 +97,14 @@ pub unsafe trait HasParams {}
unsafe impl HasParams for Params {} unsafe impl HasParams for Params {}
unsafe impl<T> HasParams for T unsafe impl<T> HasParams for T where T: HasPublic {}
where
T: HasPublic,
{
}
/// A trait indicating that a key has public components. /// A trait indicating that a key has public components.
pub unsafe trait HasPublic {} pub unsafe trait HasPublic {}
unsafe impl HasPublic for Public {} unsafe impl HasPublic for Public {}
unsafe impl<T> HasPublic for T unsafe impl<T> HasPublic for T where T: HasPrivate {}
where
T: HasPrivate,
{
}
/// A trait indicating that a key has private components. /// A trait indicating that a key has private components.
pub unsafe trait HasPrivate {} pub unsafe trait HasPrivate {}
@ -488,7 +480,8 @@ impl PKey<Private> {
ptr::null_mut(), ptr::null_mut(),
Some(invoke_passwd_cb::<F>), Some(invoke_passwd_cb::<F>),
&mut cb as *mut _ as *mut _, &mut cb as *mut _ as *mut _,
)).map(|p| PKey::from_ptr(p)) ))
.map(|p| PKey::from_ptr(p))
} }
} }
@ -511,7 +504,8 @@ impl PKey<Private> {
ptr::null_mut(), ptr::null_mut(),
None, None,
passphrase.as_ptr() as *const _ as *mut _, passphrase.as_ptr() as *const _ as *mut _,
)).map(|p| PKey::from_ptr(p)) ))
.map(|p| PKey::from_ptr(p))
} }
} }
} }
@ -544,12 +538,12 @@ impl PKey<Public> {
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use symm::Cipher;
use dh::Dh; use dh::Dh;
use dsa::Dsa; use dsa::Dsa;
use ec::EcKey; use ec::EcKey;
use rsa::Rsa;
use nid::Nid; use nid::Nid;
use rsa::Rsa;
use symm::Cipher;
use super::*; use super::*;
@ -557,7 +551,8 @@ mod tests {
fn test_to_password() { fn test_to_password() {
let rsa = Rsa::generate(2048).unwrap(); let rsa = Rsa::generate(2048).unwrap();
let pkey = PKey::from_rsa(rsa).unwrap(); let pkey = PKey::from_rsa(rsa).unwrap();
let pem = pkey.private_key_to_pem_pkcs8_passphrase(Cipher::aes_128_cbc(), b"foobar") let pem = pkey
.private_key_to_pem_pkcs8_passphrase(Cipher::aes_128_cbc(), b"foobar")
.unwrap(); .unwrap();
PKey::private_key_from_pem_passphrase(&pem, b"foobar").unwrap(); PKey::private_key_from_pem_passphrase(&pem, b"foobar").unwrap();
assert!(PKey::private_key_from_pem_passphrase(&pem, b"fizzbuzz").is_err()); assert!(PKey::private_key_from_pem_passphrase(&pem, b"fizzbuzz").is_err());
@ -577,7 +572,8 @@ mod tests {
password_queried = true; password_queried = true;
password[..6].copy_from_slice(b"mypass"); password[..6].copy_from_slice(b"mypass");
Ok(6) Ok(6)
}).unwrap(); })
.unwrap();
assert!(password_queried); assert!(password_queried);
} }

5
openssl/src/rsa.rs
View File

@ -286,7 +286,7 @@ where
/// [`RSA_check_key`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_check_key.html /// [`RSA_check_key`]: https://www.openssl.org/docs/man1.1.0/crypto/RSA_check_key.html
pub fn check_key(&self) -> Result<bool, ErrorStack> { pub fn check_key(&self) -> Result<bool, ErrorStack> {
unsafe { unsafe {
let result = ffi::RSA_check_key(self.as_ptr()) as i32; let result = ffi::RSA_check_key(self.as_ptr()) as i32;
if result == -1 { if result == -1 {
Err(ErrorStack::get()) Err(ErrorStack::get())
} else { } else {
@ -789,7 +789,8 @@ mod test {
password_queried = true; password_queried = true;
password[..6].copy_from_slice(b"mypass"); password[..6].copy_from_slice(b"mypass");
Ok(6) Ok(6)
}).unwrap(); })
.unwrap();
assert!(password_queried); assert!(password_queried);
} }

30
openssl/src/sha.rs
View File

@ -16,15 +16,15 @@
//! ```rust //! ```rust
//! extern crate openssl; //! extern crate openssl;
//! extern crate hex; //! extern crate hex;
//! //!
//! use openssl::sha; //! use openssl::sha;
//! //!
//! fn main() { //! fn main() {
//! let mut hasher = sha::Sha256::new(); //! let mut hasher = sha::Sha256::new();
//! //!
//! hasher.update(b"Hello, "); //! hasher.update(b"Hello, ");
//! hasher.update(b"world"); //! hasher.update(b"world");
//! //!
//! let hash = hasher.finish(); //! let hash = hasher.finish();
//! println!("Hashed \"Hello, world\" to {}", hex::encode(hash)); //! println!("Hashed \"Hello, world\" to {}", hex::encode(hash));
//! } //! }
@ -45,8 +45,8 @@
//! println!("Hash = {}", hex::encode(hash)); //! println!("Hash = {}", hex::encode(hash));
//! } //! }
//! ``` //! ```
use libc::c_void;
use ffi; use ffi;
use libc::c_void;
use std::mem; use std::mem;
/// Computes the SHA1 hash of some data. /// Computes the SHA1 hash of some data.
@ -347,16 +347,18 @@ mod test {
#[test] #[test]
fn standalone_384() { fn standalone_384() {
let data = b"abc"; let data = b"abc";
let expected = "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e\ let expected =
7cc2358baeca134c825a7"; "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e\
7cc2358baeca134c825a7";
assert_eq!(hex::encode(&sha384(data)[..]), expected); assert_eq!(hex::encode(&sha384(data)[..]), expected);
} }
#[test] #[test]
fn struct_384() { fn struct_384() {
let expected = "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e\ let expected =
7cc2358baeca134c825a7"; "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e\
7cc2358baeca134c825a7";
let mut hasher = Sha384::new(); let mut hasher = Sha384::new();
hasher.update(b"a"); hasher.update(b"a");
@ -367,16 +369,18 @@ mod test {
#[test] #[test]
fn standalone_512() { fn standalone_512() {
let data = b"abc"; let data = b"abc";
let expected = "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274\ let expected =
fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f"; "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274\
fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f";
assert_eq!(hex::encode(&sha512(data)[..]), expected); assert_eq!(hex::encode(&sha512(data)[..]), expected);
} }
#[test] #[test]
fn struct_512() { fn struct_512() {
let expected = "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274\ let expected =
fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f"; "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274\
fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f";
let mut hasher = Sha512::new(); let mut hasher = Sha512::new();
hasher.update(b"a"); hasher.update(b"a");

24
openssl/src/sign.rs
View File

@ -208,7 +208,8 @@ impl<'a> Signer<'a> {
cvt(ffi::EVP_PKEY_CTX_set_rsa_padding( cvt(ffi::EVP_PKEY_CTX_set_rsa_padding(
self.pctx, self.pctx,
padding.as_raw(), padding.as_raw(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -224,7 +225,8 @@ impl<'a> Signer<'a> {
cvt(ffi::EVP_PKEY_CTX_set_rsa_pss_saltlen( cvt(ffi::EVP_PKEY_CTX_set_rsa_pss_saltlen(
self.pctx, self.pctx,
len.as_raw(), len.as_raw(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -240,7 +242,8 @@ impl<'a> Signer<'a> {
cvt(ffi::EVP_PKEY_CTX_set_rsa_mgf1_md( cvt(ffi::EVP_PKEY_CTX_set_rsa_mgf1_md(
self.pctx, self.pctx,
md.as_ptr() as *mut _, md.as_ptr() as *mut _,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -255,7 +258,8 @@ impl<'a> Signer<'a> {
self.md_ctx, self.md_ctx,
buf.as_ptr() as *const _, buf.as_ptr() as *const _,
buf.len(), buf.len(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -403,7 +407,8 @@ impl<'a> Verifier<'a> {
cvt(ffi::EVP_PKEY_CTX_set_rsa_padding( cvt(ffi::EVP_PKEY_CTX_set_rsa_padding(
self.pctx, self.pctx,
padding.as_raw(), padding.as_raw(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -419,7 +424,8 @@ impl<'a> Verifier<'a> {
cvt(ffi::EVP_PKEY_CTX_set_rsa_pss_saltlen( cvt(ffi::EVP_PKEY_CTX_set_rsa_pss_saltlen(
self.pctx, self.pctx,
len.as_raw(), len.as_raw(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -435,7 +441,8 @@ impl<'a> Verifier<'a> {
cvt(ffi::EVP_PKEY_CTX_set_rsa_mgf1_md( cvt(ffi::EVP_PKEY_CTX_set_rsa_mgf1_md(
self.pctx, self.pctx,
md.as_ptr() as *mut _, md.as_ptr() as *mut _,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -450,7 +457,8 @@ impl<'a> Verifier<'a> {
self.md_ctx, self.md_ctx,
buf.as_ptr() as *const _, buf.as_ptr() as *const _,
buf.len(), buf.len(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }

2
openssl/src/ssl/callbacks.rs
View File

@ -23,7 +23,7 @@ use pkey::Params;
#[cfg(any(ossl102, libressl261))] #[cfg(any(ossl102, libressl261))]
use ssl::AlpnError; use ssl::AlpnError;
#[cfg(ossl111)] #[cfg(ossl111)]
use ssl::{ExtensionContext, ClientHelloResponse}; use ssl::{ClientHelloResponse, ExtensionContext};
use ssl::{SniError, Ssl, SslAlert, SslContext, SslContextRef, SslRef, SslSession, SslSessionRef}; use ssl::{SniError, Ssl, SslAlert, SslContext, SslContextRef, SslRef, SslSession, SslSessionRef};
#[cfg(ossl111)] #[cfg(ossl111)]
use x509::X509Ref; use x509::X509Ref;

2
openssl/src/ssl/error.rs
View File

@ -42,7 +42,7 @@ impl ErrorCode {
pub const SSL: ErrorCode = ErrorCode(ffi::SSL_ERROR_SSL); pub const SSL: ErrorCode = ErrorCode(ffi::SSL_ERROR_SSL);
/// The client hello callback indicated that it needed to be retried. /// The client hello callback indicated that it needed to be retried.
/// ///
/// Requires OpenSSL 1.1.1 or newer. /// Requires OpenSSL 1.1.1 or newer.
#[cfg(ossl111)] #[cfg(ossl111)]
pub const WANT_CLIENT_HELLO_CB: ErrorCode = ErrorCode(ffi::SSL_ERROR_WANT_CLIENT_HELLO_CB); pub const WANT_CLIENT_HELLO_CB: ErrorCode = ErrorCode(ffi::SSL_ERROR_WANT_CLIENT_HELLO_CB);

121
openssl/src/ssl/mod.rs
View File

@ -830,7 +830,8 @@ impl SslContextBuilder {
self.as_ptr(), self.as_ptr(),
file.as_ptr() as *const _, file.as_ptr() as *const _,
ptr::null(), ptr::null(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -868,7 +869,8 @@ impl SslContextBuilder {
self.as_ptr(), self.as_ptr(),
sid_ctx.as_ptr(), sid_ctx.as_ptr(),
sid_ctx.len() as c_uint, sid_ctx.len() as c_uint,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -892,7 +894,8 @@ impl SslContextBuilder {
self.as_ptr(), self.as_ptr(),
file.as_ptr() as *const _, file.as_ptr() as *const _,
file_type.as_raw(), file_type.as_raw(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -914,7 +917,8 @@ impl SslContextBuilder {
cvt(ffi::SSL_CTX_use_certificate_chain_file( cvt(ffi::SSL_CTX_use_certificate_chain_file(
self.as_ptr(), self.as_ptr(),
file.as_ptr() as *const _, file.as_ptr() as *const _,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -961,7 +965,8 @@ impl SslContextBuilder {
self.as_ptr(), self.as_ptr(),
file.as_ptr() as *const _, file.as_ptr() as *const _,
file_type.as_raw(), file_type.as_raw(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -993,7 +998,8 @@ impl SslContextBuilder {
cvt(ffi::SSL_CTX_set_cipher_list( cvt(ffi::SSL_CTX_set_cipher_list(
self.as_ptr(), self.as_ptr(),
cipher_list.as_ptr() as *const _, cipher_list.as_ptr() as *const _,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -1016,7 +1022,8 @@ impl SslContextBuilder {
cvt(ffi::SSL_CTX_set_ciphersuites( cvt(ffi::SSL_CTX_set_ciphersuites(
self.as_ptr(), self.as_ptr(),
cipher_list.as_ptr() as *const _, cipher_list.as_ptr() as *const _,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -1083,7 +1090,8 @@ impl SslContextBuilder {
cvt(ffi::SSL_CTX_set_min_proto_version( cvt(ffi::SSL_CTX_set_min_proto_version(
self.as_ptr(), self.as_ptr(),
version.map_or(0, |v| v.0 as _), version.map_or(0, |v| v.0 as _),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -1103,7 +1111,8 @@ impl SslContextBuilder {
cvt(ffi::SSL_CTX_set_max_proto_version( cvt(ffi::SSL_CTX_set_max_proto_version(
self.as_ptr(), self.as_ptr(),
version.map_or(0, |v| v.0 as _), version.map_or(0, |v| v.0 as _),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -1282,7 +1291,8 @@ impl SslContextBuilder {
cvt( cvt(
ffi::SSL_CTX_set_tlsext_status_cb(self.as_ptr(), Some(raw_tlsext_status::<F>)) ffi::SSL_CTX_set_tlsext_status_cb(self.as_ptr(), Some(raw_tlsext_status::<F>))
as c_int, as c_int,
).map(|_| ()) )
.map(|_| ())
} }
} }
@ -1309,10 +1319,7 @@ impl SslContextBuilder {
} }
} }
#[deprecated( #[deprecated(since = "0.10.10", note = "renamed to `set_psk_client_callback`")]
since = "0.10.10",
note = "renamed to `set_psk_client_callback`"
)]
#[cfg(not(osslconf = "OPENSSL_NO_PSK"))] #[cfg(not(osslconf = "OPENSSL_NO_PSK"))]
pub fn set_psk_callback<F>(&mut self, callback: F) pub fn set_psk_callback<F>(&mut self, callback: F)
where where
@ -1564,14 +1571,21 @@ impl SslContextBuilder {
parse_cb: ParseFn, parse_cb: ParseFn,
) -> Result<(), ErrorStack> ) -> Result<(), ErrorStack>
where where
AddFn: Fn(&mut SslRef, ExtensionContext, Option<(usize, &X509Ref)>) AddFn: Fn(
-> Result<Option<T>, SslAlert> &mut SslRef,
ExtensionContext,
Option<(usize, &X509Ref)>,
) -> Result<Option<T>, SslAlert>
+ 'static + 'static
+ Sync + Sync
+ Send, + Send,
T: AsRef<[u8]> + 'static + Sync + Send, T: AsRef<[u8]> + 'static + Sync + Send,
ParseFn: Fn(&mut SslRef, ExtensionContext, &[u8], Option<(usize, &X509Ref)>) ParseFn: Fn(
-> Result<(), SslAlert> &mut SslRef,
ExtensionContext,
&[u8],
Option<(usize, &X509Ref)>,
) -> Result<(), SslAlert>
+ 'static + 'static
+ Sync + Sync
+ Send, + Send,
@ -1617,9 +1631,9 @@ impl SslContextBuilder {
} }
/// Sets a callback which will be invoked just after the client's hello message is received. /// Sets a callback which will be invoked just after the client's hello message is received.
/// ///
/// Requires OpenSSL 1.1.1 or newer. /// Requires OpenSSL 1.1.1 or newer.
/// ///
/// This corresponds to [`SSL_CTX_set_client_hello_cb`]. /// This corresponds to [`SSL_CTX_set_client_hello_cb`].
/// ///
/// [`SSL_CTX_set_client_hello_cb`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html /// [`SSL_CTX_set_client_hello_cb`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html
@ -2753,7 +2767,8 @@ impl SslRef {
context, context,
contextlen, contextlen,
use_context, use_context,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -2783,7 +2798,8 @@ impl SslRef {
label.len(), label.len(),
context.as_ptr() as *const c_uchar, context.as_ptr() as *const c_uchar,
context.len(), context.len(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -2861,7 +2877,8 @@ impl SslRef {
self.as_ptr(), self.as_ptr(),
p as *mut c_uchar, p as *mut c_uchar,
response.len() as c_long, response.len() as c_long,
) as c_int).map(|_| ()) ) as c_int)
.map(|_| ())
} }
} }
@ -2977,29 +2994,27 @@ impl SslRef {
} }
/// Determines if the client's hello message is in the SSLv2 format. /// Determines if the client's hello message is in the SSLv2 format.
/// ///
/// This can only be used inside of the client hello callback. Otherwise, `false` is returned. /// This can only be used inside of the client hello callback. Otherwise, `false` is returned.
/// ///
/// Requires OpenSSL 1.1.1 or newer. /// Requires OpenSSL 1.1.1 or newer.
/// ///
/// This corresponds to [`SSL_client_hello_isv2`]. /// This corresponds to [`SSL_client_hello_isv2`].
/// ///
/// [`SSL_client_hello_isv2`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html /// [`SSL_client_hello_isv2`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html
#[cfg(ossl111)] #[cfg(ossl111)]
pub fn client_hello_isv2(&self) -> bool { pub fn client_hello_isv2(&self) -> bool {
unsafe { unsafe { ffi::SSL_client_hello_isv2(self.as_ptr()) != 0 }
ffi::SSL_client_hello_isv2(self.as_ptr()) != 0
}
} }
/// Returns the legacy version field of the client's hello message. /// Returns the legacy version field of the client's hello message.
/// ///
/// This can only be used inside of the client hello callback. Otherwise, `None` is returned. /// This can only be used inside of the client hello callback. Otherwise, `None` is returned.
/// ///
/// Requires OpenSSL 1.1.1 or newer. /// Requires OpenSSL 1.1.1 or newer.
/// ///
/// This corresponds to [`SSL_client_hello_get0_legacy_version`]. /// This corresponds to [`SSL_client_hello_get0_legacy_version`].
/// ///
/// [`SSL_client_hello_get0_legacy_version`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html /// [`SSL_client_hello_get0_legacy_version`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html
#[cfg(ossl111)] #[cfg(ossl111)]
pub fn client_hello_legacy_version(&self) -> Option<SslVersion> { pub fn client_hello_legacy_version(&self) -> Option<SslVersion> {
@ -3014,13 +3029,13 @@ impl SslRef {
} }
/// Returns the random field of the client's hello message. /// Returns the random field of the client's hello message.
/// ///
/// This can only be used inside of the client hello callback. Otherwise, `None` is returend. /// This can only be used inside of the client hello callback. Otherwise, `None` is returend.
/// ///
/// Requires OpenSSL 1.1.1 or newer. /// Requires OpenSSL 1.1.1 or newer.
/// ///
/// This corresponds to [`SSL_client_hello_get0_random`]. /// This corresponds to [`SSL_client_hello_get0_random`].
/// ///
/// [`SSL_client_hello_get0_random`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html /// [`SSL_client_hello_get0_random`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html
#[cfg(ossl111)] #[cfg(ossl111)]
pub fn client_hello_random(&self) -> Option<&[u8]> { pub fn client_hello_random(&self) -> Option<&[u8]> {
@ -3036,13 +3051,13 @@ impl SslRef {
} }
/// Returns the session ID field of the client's hello message. /// Returns the session ID field of the client's hello message.
/// ///
/// This can only be used inside of the client hello callback. Otherwise, `None` is returend. /// This can only be used inside of the client hello callback. Otherwise, `None` is returend.
/// ///
/// Requires OpenSSL 1.1.1 or newer. /// Requires OpenSSL 1.1.1 or newer.
/// ///
/// This corresponds to [`SSL_client_hello_get0_session_id`]. /// This corresponds to [`SSL_client_hello_get0_session_id`].
/// ///
/// [`SSL_client_hello_get0_session_id`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html /// [`SSL_client_hello_get0_session_id`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html
#[cfg(ossl111)] #[cfg(ossl111)]
pub fn client_hello_session_id(&self) -> Option<&[u8]> { pub fn client_hello_session_id(&self) -> Option<&[u8]> {
@ -3058,13 +3073,13 @@ impl SslRef {
} }
/// Returns the ciphers field of the client's hello message. /// Returns the ciphers field of the client's hello message.
/// ///
/// This can only be used inside of the client hello callback. Otherwise, `None` is returend. /// This can only be used inside of the client hello callback. Otherwise, `None` is returend.
/// ///
/// Requires OpenSSL 1.1.1 or newer. /// Requires OpenSSL 1.1.1 or newer.
/// ///
/// This corresponds to [`SSL_client_hello_get0_ciphers`]. /// This corresponds to [`SSL_client_hello_get0_ciphers`].
/// ///
/// [`SSL_client_hello_get0_ciphers`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html /// [`SSL_client_hello_get0_ciphers`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html
#[cfg(ossl111)] #[cfg(ossl111)]
pub fn client_hello_ciphers(&self) -> Option<&[u8]> { pub fn client_hello_ciphers(&self) -> Option<&[u8]> {
@ -3080,13 +3095,13 @@ impl SslRef {
} }
/// Returns the compression methods field of the client's hello message. /// Returns the compression methods field of the client's hello message.
/// ///
/// This can only be used inside of the client hello callback. Otherwise, `None` is returend. /// This can only be used inside of the client hello callback. Otherwise, `None` is returend.
/// ///
/// Requires OpenSSL 1.1.1 or newer. /// Requires OpenSSL 1.1.1 or newer.
/// ///
/// This corresponds to [`SSL_client_hello_get0_compression_methods`]. /// This corresponds to [`SSL_client_hello_get0_compression_methods`].
/// ///
/// [`SSL_client_hello_get0_compression_methods`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html /// [`SSL_client_hello_get0_compression_methods`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_client_hello_cb.html
#[cfg(ossl111)] #[cfg(ossl111)]
pub fn client_hello_compression_methods(&self) -> Option<&[u8]> { pub fn client_hello_compression_methods(&self) -> Option<&[u8]> {
@ -3363,13 +3378,13 @@ impl<S: Read + Write> Read for SslStream<S> {
Ok(n) => return Ok(n), Ok(n) => return Ok(n),
Err(ref e) if e.code() == ErrorCode::ZERO_RETURN => return Ok(0), Err(ref e) if e.code() == ErrorCode::ZERO_RETURN => return Ok(0),
Err(ref e) if e.code() == ErrorCode::SYSCALL && e.io_error().is_none() => { Err(ref e) if e.code() == ErrorCode::SYSCALL && e.io_error().is_none() => {
return Ok(0) return Ok(0);
} }
Err(ref e) if e.code() == ErrorCode::WANT_READ && e.io_error().is_none() => {} Err(ref e) if e.code() == ErrorCode::WANT_READ && e.io_error().is_none() => {}
Err(e) => { Err(e) => {
return Err(e return Err(e
.into_io_error() .into_io_error()
.unwrap_or_else(|e| io::Error::new(io::ErrorKind::Other, e))) .unwrap_or_else(|e| io::Error::new(io::ErrorKind::Other, e)));
} }
} }
} }
@ -3385,7 +3400,7 @@ impl<S: Read + Write> Write for SslStream<S> {
Err(e) => { Err(e) => {
return Err(e return Err(e
.into_io_error() .into_io_error()
.unwrap_or_else(|e| io::Error::new(io::ErrorKind::Other, e))) .unwrap_or_else(|e| io::Error::new(io::ErrorKind::Other, e)));
} }
} }
} }

49
openssl/src/ssl/test.rs
View File

@ -29,7 +29,7 @@ use ssl::{
}; };
#[cfg(any(ossl102, ossl110))] #[cfg(any(ossl102, ossl110))]
use x509::verify::X509CheckFlags; use x509::verify::X509CheckFlags;
use x509::{X509, X509Name, X509StoreContext, X509VerifyResult}; use x509::{X509Name, X509StoreContext, X509VerifyResult, X509};
use std::net::UdpSocket; use std::net::UdpSocket;
@ -683,10 +683,9 @@ fn test_alpn_server_advertise_multiple() {
ctx.set_alpn_select_callback(|_, client| { ctx.set_alpn_select_callback(|_, client| {
ssl::select_next_proto(b"\x08http/1.1\x08spdy/3.1", client).ok_or(ssl::AlpnError::NOACK) ssl::select_next_proto(b"\x08http/1.1\x08spdy/3.1", client).ok_or(ssl::AlpnError::NOACK)
}); });
assert!( assert!(ctx
ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM) .set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.is_ok() .is_ok());
);
ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM) ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.build() ctx.build()
@ -731,10 +730,9 @@ fn test_alpn_server_select_none_fatal() {
ssl::select_next_proto(b"\x08http/1.1\x08spdy/3.1", client) ssl::select_next_proto(b"\x08http/1.1\x08spdy/3.1", client)
.ok_or(ssl::AlpnError::ALERT_FATAL) .ok_or(ssl::AlpnError::ALERT_FATAL)
}); });
assert!( assert!(ctx
ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM) .set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.is_ok() .is_ok());
);
ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM) ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.build() ctx.build()
@ -764,10 +762,9 @@ fn test_alpn_server_select_none() {
ctx.set_alpn_select_callback(|_, client| { ctx.set_alpn_select_callback(|_, client| {
ssl::select_next_proto(b"\x08http/1.1\x08spdy/3.1", client).ok_or(ssl::AlpnError::NOACK) ssl::select_next_proto(b"\x08http/1.1\x08spdy/3.1", client).ok_or(ssl::AlpnError::NOACK)
}); });
assert!( assert!(ctx
ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM) .set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.is_ok() .is_ok());
);
ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM) ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.build() ctx.build()
@ -1018,14 +1015,12 @@ fn connector_no_hostname_still_verifies() {
let connector = SslConnector::builder(SslMethod::tls()).unwrap().build(); let connector = SslConnector::builder(SslMethod::tls()).unwrap().build();
assert!( assert!(connector
connector .configure()
.configure() .unwrap()
.unwrap() .verify_hostname(false)
.verify_hostname(false) .connect("fizzbuzz.com", tcp)
.connect("fizzbuzz.com", tcp) .is_err());
.is_err()
);
} }
#[test] #[test]
@ -1375,7 +1370,8 @@ fn status_callbacks() {
let response = response.to_der().unwrap(); let response = response.to_der().unwrap();
ssl.set_ocsp_status(&response).unwrap(); ssl.set_ocsp_status(&response).unwrap();
Ok(true) Ok(true)
}).unwrap(); })
.unwrap();
let ssl = Ssl::new(&ctx.build()).unwrap(); let ssl = Ssl::new(&ctx.build()).unwrap();
let mut stream = ssl.accept(stream).unwrap(); let mut stream = ssl.accept(stream).unwrap();
stream.write_all(&[0]).unwrap(); stream.write_all(&[0]).unwrap();
@ -1388,7 +1384,8 @@ fn status_callbacks() {
let response = OcspResponse::from_der(ssl.ocsp_status().unwrap()).unwrap(); let response = OcspResponse::from_der(ssl.ocsp_status().unwrap()).unwrap();
assert_eq!(response.status(), OcspResponseStatus::UNAUTHORIZED); assert_eq!(response.status(), OcspResponseStatus::UNAUTHORIZED);
Ok(true) Ok(true)
}).unwrap(); })
.unwrap();
let mut ssl = Ssl::new(&ctx.build()).unwrap(); let mut ssl = Ssl::new(&ctx.build()).unwrap();
ssl.set_status_type(StatusType::OCSP).unwrap(); ssl.set_status_type(StatusType::OCSP).unwrap();
let mut stream = ssl.connect(stream).unwrap(); let mut stream = ssl.connect(stream).unwrap();
@ -1539,7 +1536,8 @@ fn custom_extensions() {
FOUND_EXTENSION.store(data == b"hello", Ordering::SeqCst); FOUND_EXTENSION.store(data == b"hello", Ordering::SeqCst);
Ok(()) Ok(())
}, },
).unwrap(); )
.unwrap();
let ssl = Ssl::new(&ctx.build()).unwrap(); let ssl = Ssl::new(&ctx.build()).unwrap();
let mut stream = ssl.accept(stream).unwrap(); let mut stream = ssl.accept(stream).unwrap();
stream.write_all(&[0]).unwrap(); stream.write_all(&[0]).unwrap();
@ -1552,7 +1550,8 @@ fn custom_extensions() {
ssl::ExtensionContext::CLIENT_HELLO, ssl::ExtensionContext::CLIENT_HELLO,
|_, _, _| Ok(Some(b"hello")), |_, _, _| Ok(Some(b"hello")),
|_, _, _, _| unreachable!(), |_, _, _, _| unreachable!(),
).unwrap(); )
.unwrap();
let ssl = Ssl::new(&ctx.build()).unwrap(); let ssl = Ssl::new(&ctx.build()).unwrap();
let mut stream = ssl.connect(stream).unwrap(); let mut stream = ssl.connect(stream).unwrap();
stream.read_exact(&mut [0]).unwrap(); stream.read_exact(&mut [0]).unwrap();

48
openssl/src/symm.rs
View File

@ -422,7 +422,8 @@ impl Crypter {
ffi::EVP_CTRL_GCM_SET_TAG, ffi::EVP_CTRL_GCM_SET_TAG,
tag.len() as c_int, tag.len() as c_int,
tag.as_ptr() as *mut _, tag.as_ptr() as *mut _,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -439,7 +440,8 @@ impl Crypter {
ffi::EVP_CTRL_GCM_SET_TAG, ffi::EVP_CTRL_GCM_SET_TAG,
tag_len as c_int, tag_len as c_int,
ptr::null_mut(), ptr::null_mut(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -457,7 +459,8 @@ impl Crypter {
&mut len, &mut len,
ptr::null_mut(), ptr::null_mut(),
data_len as c_int, data_len as c_int,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -476,7 +479,8 @@ impl Crypter {
&mut len, &mut len,
input.as_ptr(), input.as_ptr(),
input.len() as c_int, input.len() as c_int,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -551,7 +555,8 @@ impl Crypter {
ffi::EVP_CTRL_GCM_GET_TAG, ffi::EVP_CTRL_GCM_GET_TAG,
tag.len() as c_int, tag.len() as c_int,
tag.as_mut_ptr() as *mut _, tag.as_mut_ptr() as *mut _,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
} }
@ -770,7 +775,8 @@ mod tests {
super::Mode::Encrypt, super::Mode::Encrypt,
&k0, &k0,
None, None,
).unwrap(); )
.unwrap();
c.pad(false); c.pad(false);
let mut r0 = vec![0; c0.len() + super::Cipher::aes_256_ecb().block_size()]; let mut r0 = vec![0; c0.len() + super::Cipher::aes_256_ecb().block_size()];
let count = c.update(&p0, &mut r0).unwrap(); let count = c.update(&p0, &mut r0).unwrap();
@ -783,7 +789,8 @@ mod tests {
super::Mode::Decrypt, super::Mode::Decrypt,
&k0, &k0,
None, None,
).unwrap(); )
.unwrap();
c.pad(false); c.pad(false);
let mut p1 = vec![0; r0.len() + super::Cipher::aes_256_ecb().block_size()]; let mut p1 = vec![0; r0.len() + super::Cipher::aes_256_ecb().block_size()];
let count = c.update(&r0, &mut p1).unwrap(); let count = c.update(&r0, &mut p1).unwrap();
@ -812,7 +819,8 @@ mod tests {
super::Mode::Decrypt, super::Mode::Decrypt,
&data, &data,
Some(&iv), Some(&iv),
).unwrap(); )
.unwrap();
cr.pad(false); cr.pad(false);
let mut unciphered_data = vec![0; data.len() + super::Cipher::aes_256_cbc().block_size()]; let mut unciphered_data = vec![0; data.len() + super::Cipher::aes_256_cbc().block_size()];
let count = cr.update(&ciphered_data, &mut unciphered_data).unwrap(); let count = cr.update(&ciphered_data, &mut unciphered_data).unwrap();
@ -1094,7 +1102,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(), &Vec::from_hex(aad).unwrap(),
&Vec::from_hex(pt).unwrap(), &Vec::from_hex(pt).unwrap(),
&mut actual_tag, &mut actual_tag,
).unwrap(); )
.unwrap();
assert_eq!(ct, hex::encode(out)); assert_eq!(ct, hex::encode(out));
assert_eq!(tag, hex::encode(actual_tag)); assert_eq!(tag, hex::encode(actual_tag));
@ -1105,7 +1114,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(), &Vec::from_hex(aad).unwrap(),
&Vec::from_hex(ct).unwrap(), &Vec::from_hex(ct).unwrap(),
&Vec::from_hex(tag).unwrap(), &Vec::from_hex(tag).unwrap(),
).unwrap(); )
.unwrap();
assert_eq!(pt, hex::encode(out)); assert_eq!(pt, hex::encode(out));
} }
@ -1127,7 +1137,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(), &Vec::from_hex(aad).unwrap(),
&Vec::from_hex(pt).unwrap(), &Vec::from_hex(pt).unwrap(),
&mut actual_tag, &mut actual_tag,
).unwrap(); )
.unwrap();
assert_eq!(ct, hex::encode(out)); assert_eq!(ct, hex::encode(out));
assert_eq!(tag, hex::encode(actual_tag)); assert_eq!(tag, hex::encode(actual_tag));
@ -1139,7 +1150,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(), &Vec::from_hex(aad).unwrap(),
&Vec::from_hex(ct).unwrap(), &Vec::from_hex(ct).unwrap(),
&Vec::from_hex(tag).unwrap(), &Vec::from_hex(tag).unwrap(),
).unwrap(); )
.unwrap();
assert_eq!(pt, hex::encode(out)); assert_eq!(pt, hex::encode(out));
} }
@ -1181,7 +1193,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(), &Vec::from_hex(aad).unwrap(),
&Vec::from_hex(pt).unwrap(), &Vec::from_hex(pt).unwrap(),
&mut actual_tag, &mut actual_tag,
).unwrap(); )
.unwrap();
assert_eq!(ct, hex::encode(out)); assert_eq!(ct, hex::encode(out));
assert_eq!(tag, hex::encode(actual_tag)); assert_eq!(tag, hex::encode(actual_tag));
@ -1193,7 +1206,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(), &Vec::from_hex(aad).unwrap(),
&Vec::from_hex(ct).unwrap(), &Vec::from_hex(ct).unwrap(),
&Vec::from_hex(tag).unwrap(), &Vec::from_hex(tag).unwrap(),
).unwrap(); )
.unwrap();
assert_eq!(pt, hex::encode(out)); assert_eq!(pt, hex::encode(out));
} }
@ -1256,7 +1270,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(), &Vec::from_hex(aad).unwrap(),
&Vec::from_hex(pt).unwrap(), &Vec::from_hex(pt).unwrap(),
&mut actual_tag, &mut actual_tag,
).unwrap(); )
.unwrap();
assert_eq!(ct, hex::encode(out)); assert_eq!(ct, hex::encode(out));
assert_eq!(tag, hex::encode(actual_tag)); assert_eq!(tag, hex::encode(actual_tag));
@ -1267,7 +1282,8 @@ mod tests {
&Vec::from_hex(aad).unwrap(), &Vec::from_hex(aad).unwrap(),
&Vec::from_hex(ct).unwrap(), &Vec::from_hex(ct).unwrap(),
&Vec::from_hex(tag).unwrap(), &Vec::from_hex(tag).unwrap(),
).unwrap(); )
.unwrap();
assert_eq!(pt, hex::encode(out)); assert_eq!(pt, hex::encode(out));
} }
} }

6
openssl/src/x509/extension.rs
View File

@ -1,4 +1,4 @@
//! Add extensions to an `X509` certificate or certificate request. //! Add extensions to an `X509` certificate or certificate request.
//! //!
//! The extensions defined for X.509 v3 certificates provide methods for //! The extensions defined for X.509 v3 certificates provide methods for
//! associating additional attributes with users or public keys and for //! associating additional attributes with users or public keys and for
@ -11,11 +11,11 @@
//! extern crate openssl; //! extern crate openssl;
//! //!
//! use openssl::x509::extension::BasicConstraints; //! use openssl::x509::extension::BasicConstraints;
//! use openssl::x509::X509Extension; //! use openssl::x509::X509Extension;
//! //!
//! fn main() { //! fn main() {
//! let mut bc = BasicConstraints::new(); //! let mut bc = BasicConstraints::new();
//! let bc = bc.critical().ca().pathlen(1); //! let bc = bc.critical().ca().pathlen(1);
//! //!
//! let extension: X509Extension = bc.build().unwrap(); //! let extension: X509Extension = bc.build().unwrap();
//! } //! }

26
openssl/src/x509/mod.rs
View File

@ -255,7 +255,8 @@ impl X509Builder {
cvt(ffi::X509_set_serialNumber( cvt(ffi::X509_set_serialNumber(
self.0.as_ptr(), self.0.as_ptr(),
serial_number.as_ptr(), serial_number.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -265,7 +266,8 @@ impl X509Builder {
cvt(ffi::X509_set_issuer_name( cvt(ffi::X509_set_issuer_name(
self.0.as_ptr(), self.0.as_ptr(),
issuer_name.as_ptr(), issuer_name.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -292,7 +294,8 @@ impl X509Builder {
cvt(ffi::X509_set_subject_name( cvt(ffi::X509_set_subject_name(
self.0.as_ptr(), self.0.as_ptr(),
subject_name.as_ptr(), subject_name.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -756,7 +759,8 @@ impl X509NameBuilder {
value.len() as c_int, value.len() as c_int,
-1, -1,
0, 0,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -776,7 +780,8 @@ impl X509NameBuilder {
value.len() as c_int, value.len() as c_int,
-1, -1,
0, 0,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -830,7 +835,7 @@ impl X509NameRef {
X509NameEntries { X509NameEntries {
name: self, name: self,
nid: None, nid: None,
loc: -1 loc: -1,
} }
} }
} }
@ -945,7 +950,8 @@ impl X509ReqBuilder {
cvt(ffi::X509_REQ_set_subject_name( cvt(ffi::X509_REQ_set_subject_name(
self.0.as_ptr(), self.0.as_ptr(),
subject_name.as_ptr(), subject_name.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -994,7 +1000,8 @@ impl X509ReqBuilder {
cvt(ffi::X509_REQ_add_extensions( cvt(ffi::X509_REQ_add_extensions(
self.0.as_ptr(), self.0.as_ptr(),
extensions.as_ptr(), extensions.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -1012,7 +1019,8 @@ impl X509ReqBuilder {
self.0.as_ptr(), self.0.as_ptr(),
key.as_ptr(), key.as_ptr(),
hash.as_ptr(), hash.as_ptr(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }

23
openssl/src/x509/tests.rs
View File

@ -12,7 +12,7 @@ use x509::extension::{
SubjectKeyIdentifier, SubjectKeyIdentifier,
}; };
use x509::store::X509StoreBuilder; use x509::store::X509StoreBuilder;
use x509::{X509, X509Name, X509Req, X509StoreContext, X509VerifyResult}; use x509::{X509Name, X509Req, X509StoreContext, X509VerifyResult, X509};
fn pkey() -> PKey<Private> { fn pkey() -> PKey<Private> {
let rsa = Rsa::generate(2048).unwrap(); let rsa = Rsa::generate(2048).unwrap();
@ -87,7 +87,10 @@ fn test_nameref_iterator() {
let mut all_entries = subject.entries(); let mut all_entries = subject.entries();
let email = all_entries.next().unwrap(); let email = all_entries.next().unwrap();
assert_eq!(email.object().nid().as_raw(), Nid::PKCS9_EMAILADDRESS.as_raw()); assert_eq!(
email.object().nid().as_raw(),
Nid::PKCS9_EMAILADDRESS.as_raw()
);
assert_eq!(email.data().as_slice(), b"test@example.com"); assert_eq!(email.data().as_slice(), b"test@example.com");
let cn = all_entries.next().unwrap(); let cn = all_entries.next().unwrap();
@ -334,16 +337,12 @@ fn test_verify_cert() {
let store = store_bldr.build(); let store = store_bldr.build();
let mut context = X509StoreContext::new().unwrap(); let mut context = X509StoreContext::new().unwrap();
assert!( assert!(context
context .init(&store, &cert, &chain, |c| c.verify_cert())
.init(&store, &cert, &chain, |c| c.verify_cert()) .unwrap());
.unwrap() assert!(context
); .init(&store, &cert, &chain, |c| c.verify_cert())
assert!( .unwrap());
context
.init(&store, &cert, &chain, |c| c.verify_cert())
.unwrap()
);
} }
#[test] #[test]

6
openssl/src/x509/verify.rs
View File

@ -56,7 +56,8 @@ impl X509VerifyParamRef {
self.as_ptr(), self.as_ptr(),
host.as_ptr() as *const _, host.as_ptr() as *const _,
host.len(), host.len(),
)).map(|_| ()) ))
.map(|_| ())
} }
} }
@ -82,7 +83,8 @@ impl X509VerifyParamRef {
self.as_ptr(), self.as_ptr(),
buf.as_ptr() as *const _, buf.as_ptr() as *const _,
len, len,
)).map(|_| ()) ))
.map(|_| ())
} }
} }
} }

5
systest/build.rs
View File

@ -91,7 +91,10 @@ fn main() {
cfg.skip_type(|s| { cfg.skip_type(|s| {
// function pointers are declared without a `*` in openssl so their // function pointers are declared without a `*` in openssl so their
// sizeof is 1 which isn't what we want. // sizeof is 1 which isn't what we want.
s == "PasswordCallback" || s == "pem_password_cb" || s == "bio_info_cb" || s.starts_with("CRYPTO_EX_") s == "PasswordCallback"
|| s == "pem_password_cb"
|| s == "bio_info_cb"
|| s.starts_with("CRYPTO_EX_")
}); });
cfg.skip_struct(|s| s == "ProbeResult"); cfg.skip_struct(|s| s == "ProbeResult");
cfg.skip_fn(move |s| { cfg.skip_fn(move |s| {

2
systest/src/main.rs
View File

@ -1,7 +1,7 @@
#![allow(bad_style)] #![allow(bad_style)]
extern crate openssl_sys;
extern crate libc; extern crate libc;
extern crate openssl_sys;
use libc::*; use libc::*;
use openssl_sys::*; use openssl_sys::*;