min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into x509-docs

This commit is contained in:
Ansley Peduru 2018-01-01 15:40:02 -05:00 committed by GitHub
parent a4c9dd4af3 0dd0df84d7
commit c2430b87f7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 118 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
openssl-sys/src/lib.rs
View File

@ -1284,6 +1284,9 @@ pub const SSL_OP_NO_DTLSv1_2: c_ulong = 0x08000000;
pub const SSL_OP_NO_SSL_MASK: c_ulong = pub const SSL_OP_NO_SSL_MASK: c_ulong =
SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2; SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2;
pub const SSL_FILETYPE_PEM: c_int = X509_FILETYPE_PEM;
pub const SSL_FILETYPE_ASN1: c_int = X509_FILETYPE_ASN1;
pub const TLSEXT_NAMETYPE_host_name: c_int = 0; pub const TLSEXT_NAMETYPE_host_name: c_int = 0;
pub const TLSEXT_STATUSTYPE_ocsp: c_int = 1; pub const TLSEXT_STATUSTYPE_ocsp: c_int = 1;

2
openssl/Cargo.toml
View File

@ -27,5 +27,5 @@ openssl-sys = { version = "0.9.23", path = "../openssl-sys" }
[dev-dependencies] [dev-dependencies]
tempdir = "0.3" tempdir = "0.3"
hex = "0.2" hex = "0.3"
data-encoding = "2.0" data-encoding = "2.0"

4
openssl/src/aes.rs
View File

@ -27,7 +27,7 @@
//! extern crate hex; //! extern crate hex;
//! use openssl::aes::{AesKey, KeyError, aes_ige}; //! use openssl::aes::{AesKey, KeyError, aes_ige};
//! use openssl::symm::Mode; //! use openssl::symm::Mode;
//! use hex::{FromHex, ToHex}; //! use hex::FromHex;
//! //!
//! fn decrypt() -> Result<(), KeyError> { //! fn decrypt() -> Result<(), KeyError> {
//! let raw_key = "000102030405060708090A0B0C0D0E0F"; //! let raw_key = "000102030405060708090A0B0C0D0E0F";
@ -38,7 +38,7 @@
//! let key = AesKey::new_encrypt(&key_as_u8)?; //! let key = AesKey::new_encrypt(&key_as_u8)?;
//! let mut output = vec![0u8; cipher_as_u8.len()]; //! let mut output = vec![0u8; cipher_as_u8.len()];
//! aes_ige(&cipher_as_u8, &mut output, &key, &mut iv_as_u8, Mode::Encrypt); //! aes_ige(&cipher_as_u8, &mut output, &key, &mut iv_as_u8, Mode::Encrypt);
//! assert_eq!(output.to_hex(), "a6ad974d5cea1d36d2f367980907ed32"); //! assert_eq!(hex::encode(output), "a6ad974d5cea1d36d2f367980907ed32");
//! } //! }
//! Ok(()) //! Ok(())
//! } //! }

12
openssl/src/hash.rs
View File

@ -265,20 +265,20 @@ pub fn hash(t: MessageDigest, data: &[u8]) -> Result<DigestBytes, ErrorStack> {
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use hex::{FromHex, ToHex}; use hex::{self, FromHex};
use std::io::prelude::*; use std::io::prelude::*;
use super::*; use super::*;
fn hash_test(hashtype: MessageDigest, hashtest: &(&str, &str)) { fn hash_test(hashtype: MessageDigest, hashtest: &(&str, &str)) {
let res = hash(hashtype, &Vec::from_hex(hashtest.0).unwrap()).unwrap(); let res = hash(hashtype, &Vec::from_hex(hashtest.0).unwrap()).unwrap();
assert_eq!(res.to_hex(), hashtest.1); assert_eq!(hex::encode(res), hashtest.1);
} }
fn hash_recycle_test(h: &mut Hasher, hashtest: &(&str, &str)) { fn hash_recycle_test(h: &mut Hasher, hashtest: &(&str, &str)) {
let _ = h.write_all(&Vec::from_hex(hashtest.0).unwrap()).unwrap(); let _ = h.write_all(&Vec::from_hex(hashtest.0).unwrap()).unwrap();
let res = h.finish().unwrap(); let res = h.finish().unwrap();
assert_eq!(res.to_hex(), hashtest.1); assert_eq!(hex::encode(res), hashtest.1);
} }
// Test vectors from http://www.nsrl.nist.gov/testdata/ // Test vectors from http://www.nsrl.nist.gov/testdata/
@ -344,18 +344,18 @@ mod tests {
let mut h2 = h1.clone(); let mut h2 = h1.clone();
h2.write_all(&inp[p..]).unwrap(); h2.write_all(&inp[p..]).unwrap();
let res = h2.finish().unwrap(); let res = h2.finish().unwrap();
assert_eq!(res.to_hex(), md5_tests[i].1); assert_eq!(hex::encode(res), md5_tests[i].1);
} }
h1.write_all(&inp[p..]).unwrap(); h1.write_all(&inp[p..]).unwrap();
let res = h1.finish().unwrap(); let res = h1.finish().unwrap();
assert_eq!(res.to_hex(), md5_tests[i].1); assert_eq!(hex::encode(res), md5_tests[i].1);
println!("Clone a finished hasher"); println!("Clone a finished hasher");
let mut h3 = h1.clone(); let mut h3 = h1.clone();
h3.write_all(&Vec::from_hex(md5_tests[i + 1].0).unwrap()) h3.write_all(&Vec::from_hex(md5_tests[i + 1].0).unwrap())
.unwrap(); .unwrap();
let res = h3.finish().unwrap(); let res = h3.finish().unwrap();
assert_eq!(res.to_hex(), md5_tests[i + 1].1); assert_eq!(hex::encode(res), md5_tests[i + 1].1);
} }
#[test] #[test]

12
openssl/src/pkcs12.rs
View File

@ -186,7 +186,7 @@ impl Pkcs12Builder {
#[cfg(test)] #[cfg(test)]
mod test { mod test {
use hash::MessageDigest; use hash::MessageDigest;
use hex::ToHex; use hex;
use asn1::Asn1Time; use asn1::Asn1Time;
use rsa::Rsa; use rsa::Rsa;
@ -204,21 +204,19 @@ mod test {
let parsed = pkcs12.parse("mypass").unwrap(); let parsed = pkcs12.parse("mypass").unwrap();
assert_eq!( assert_eq!(
parsed hex::encode(parsed
.cert .cert
.fingerprint(MessageDigest::sha1()) .fingerprint(MessageDigest::sha1())
.unwrap() .unwrap()),
.to_hex(),
"59172d9313e84459bcff27f967e79e6e9217e584" "59172d9313e84459bcff27f967e79e6e9217e584"
); );
let chain = parsed.chain.unwrap(); let chain = parsed.chain.unwrap();
assert_eq!(chain.len(), 1); assert_eq!(chain.len(), 1);
assert_eq!( assert_eq!(
chain[0] hex::encode(chain[0]
.fingerprint(MessageDigest::sha1()) .fingerprint(MessageDigest::sha1())
.unwrap() .unwrap()),
.to_hex(),
"c0cbdf7cdd03c9773e5468e1f6d2da7d5cbb1875" "c0cbdf7cdd03c9773e5468e1f6d2da7d5cbb1875"
); );
} }

4
openssl/src/pkcs5.rs
View File

@ -548,7 +548,7 @@ mod tests {
#[test] #[test]
#[cfg(all(feature = "v110", ossl110))] #[cfg(all(feature = "v110", ossl110))]
fn scrypt() { fn scrypt() {
use hex::ToHex; use hex;
let pass = "pleaseletmein"; let pass = "pleaseletmein";
let salt = "SodiumChloride"; let salt = "SodiumChloride";
@ -565,6 +565,6 @@ mod tests {
0, 0,
&mut actual, &mut actual,
).unwrap(); ).unwrap();
assert_eq!((&actual[..]).to_hex(), expected); assert_eq!(hex::encode(&actual[..]), expected);
} }
} }

28
openssl/src/sha.rs
View File

@ -18,7 +18,6 @@
//! extern crate hex; //! extern crate hex;
//! //!
//! use openssl::sha; //! use openssl::sha;
//! use hex::ToHex;
//! //!
//! fn main() { //! fn main() {
//! let mut hasher = sha::Sha256::new(); //! let mut hasher = sha::Sha256::new();
@ -27,7 +26,7 @@
//! hasher.update(b"world"); //! hasher.update(b"world");
//! //!
//! let hash = hasher.finish(); //! let hash = hasher.finish();
//! println!("Hashed \"Hello, world\" to {}", hash.to_hex()); //! println!("Hashed \"Hello, world\" to {}", hex::encode(hash));
//! } //! }
//! ``` //! ```
//! //!
@ -40,11 +39,10 @@
//! extern crate hex; //! extern crate hex;
//! //!
//! use openssl::sha::sha256; //! use openssl::sha::sha256;
//! use hex::ToHex;
//! //!
//! fn main() { //! fn main() {
//! let hash = sha256(b"your data or message"); //! let hash = sha256(b"your data or message");
//! println!("Hash = {}", hash.to_hex()); //! println!("Hash = {}", hex::encode(hash));
//! } //! }
//! ``` //! ```
use libc::c_void; use libc::c_void;
@ -288,7 +286,7 @@ impl Sha512 {
#[cfg(test)] #[cfg(test)]
mod test { mod test {
use hex::ToHex; use hex;
use super::*; use super::*;
@ -297,7 +295,7 @@ mod test {
let data = b"abc"; let data = b"abc";
let expected = "a9993e364706816aba3e25717850c26c9cd0d89d"; let expected = "a9993e364706816aba3e25717850c26c9cd0d89d";
assert_eq!(sha1(data).to_hex(), expected); assert_eq!(hex::encode(sha1(data)), expected);
} }
#[test] #[test]
@ -307,7 +305,7 @@ mod test {
let mut hasher = Sha1::new(); let mut hasher = Sha1::new();
hasher.update(b"a"); hasher.update(b"a");
hasher.update(b"bc"); hasher.update(b"bc");
assert_eq!(hasher.finish().to_hex(), expected); assert_eq!(hex::encode(hasher.finish()), expected);
} }
#[test] #[test]
@ -315,7 +313,7 @@ mod test {
let data = b"abc"; let data = b"abc";
let expected = "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7"; let expected = "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7";
assert_eq!(sha224(data).to_hex(), expected); assert_eq!(hex::encode(sha224(data)), expected);
} }
#[test] #[test]
@ -325,7 +323,7 @@ mod test {
let mut hasher = Sha224::new(); let mut hasher = Sha224::new();
hasher.update(b"a"); hasher.update(b"a");
hasher.update(b"bc"); hasher.update(b"bc");
assert_eq!(hasher.finish().to_hex(), expected); assert_eq!(hex::encode(hasher.finish()), expected);
} }
#[test] #[test]
@ -333,7 +331,7 @@ mod test {
let data = b"abc"; let data = b"abc";
let expected = "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"; let expected = "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad";
assert_eq!(sha256(data).to_hex(), expected); assert_eq!(hex::encode(sha256(data)), expected);
} }
#[test] #[test]
@ -343,7 +341,7 @@ mod test {
let mut hasher = Sha256::new(); let mut hasher = Sha256::new();
hasher.update(b"a"); hasher.update(b"a");
hasher.update(b"bc"); hasher.update(b"bc");
assert_eq!(hasher.finish().to_hex(), expected); assert_eq!(hex::encode(hasher.finish()), expected);
} }
#[test] #[test]
@ -352,7 +350,7 @@ mod test {
let expected = "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e\ let expected = "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e\
7cc2358baeca134c825a7"; 7cc2358baeca134c825a7";
assert_eq!((&sha384(data)[..]).to_hex(), expected); assert_eq!(hex::encode(&sha384(data)[..]), expected);
} }
#[test] #[test]
@ -363,7 +361,7 @@ mod test {
let mut hasher = Sha384::new(); let mut hasher = Sha384::new();
hasher.update(b"a"); hasher.update(b"a");
hasher.update(b"bc"); hasher.update(b"bc");
assert_eq!((&hasher.finish()[..]).to_hex(), expected); assert_eq!(hex::encode(&hasher.finish()[..]), expected);
} }
#[test] #[test]
@ -372,7 +370,7 @@ mod test {
let expected = "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274\ let expected = "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274\
fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f"; fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f";
assert_eq!((&sha512(data)[..]).to_hex(), expected); assert_eq!(hex::encode(&sha512(data)[..]), expected);
} }
#[test] #[test]
@ -383,6 +381,6 @@ mod test {
let mut hasher = Sha512::new(); let mut hasher = Sha512::new();
hasher.update(b"a"); hasher.update(b"a");
hasher.update(b"bc"); hasher.update(b"bc");
assert_eq!((&hasher.finish()[..]).to_hex(), expected); assert_eq!(hex::encode(&hasher.finish()[..]), expected);
} }
} }

4
openssl/src/sign.rs
View File

@ -382,7 +382,7 @@ unsafe fn EVP_DigestVerifyFinal(
#[cfg(test)] #[cfg(test)]
mod test { mod test {
use hex::{FromHex, ToHex}; use hex::{self, FromHex};
use std::iter; use std::iter;
use hash::MessageDigest; use hash::MessageDigest;
@ -418,7 +418,7 @@ mod test {
signer.update(&Vec::from_hex(INPUT).unwrap()).unwrap(); signer.update(&Vec::from_hex(INPUT).unwrap()).unwrap();
let result = signer.sign_to_vec().unwrap(); let result = signer.sign_to_vec().unwrap();
assert_eq!(result.to_hex(), SIGNATURE); assert_eq!(hex::encode(result), SIGNATURE);
} }
#[test] #[test]

65
openssl/src/ssl/mod.rs
View File

@ -26,17 +26,14 @@
//! To accept connections as a server from remote clients: //! To accept connections as a server from remote clients:
//! //!
//! ```no_run //! ```no_run
//! use openssl::ssl::{SslMethod, SslAcceptor, SslStream}; //! use openssl::ssl::{SslMethod, SslAcceptor, SslStream, SslFiletype};
//! use openssl::x509::X509Filetype;
//! use std::fs::File;
//! use std::io::{Read, Write};
//! use std::net::{TcpListener, TcpStream}; //! use std::net::{TcpListener, TcpStream};
//! use std::sync::Arc; //! use std::sync::Arc;
//! use std::thread; //! use std::thread;
//! //!
//! //!
//! let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap(); //! let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
//! acceptor.set_private_key_file("key.pem", X509Filetype::PEM).unwrap(); //! acceptor.set_private_key_file("key.pem", SslFiletype::PEM).unwrap();
//! acceptor.set_certificate_chain_file("certs.pem").unwrap(); //! acceptor.set_certificate_chain_file("certs.pem").unwrap();
//! acceptor.check_private_key().unwrap(); //! acceptor.check_private_key().unwrap();
//! let acceptor = Arc::new(acceptor.build()); //! let acceptor = Arc::new(acceptor.build());
@ -86,7 +83,7 @@ use dh::{Dh, DhRef};
use ec::EcKeyRef; use ec::EcKeyRef;
#[cfg(any(all(feature = "v101", ossl101), all(feature = "v102", ossl102)))] #[cfg(any(all(feature = "v101", ossl101), all(feature = "v102", ossl102)))]
use ec::EcKey; use ec::EcKey;
use x509::{X509, X509Filetype, X509Name, X509Ref, X509StoreContextRef, X509VerifyResult}; use x509::{X509, X509Name, X509Ref, X509StoreContextRef, X509VerifyResult};
use x509::store::{X509StoreBuilderRef, X509StoreRef}; use x509::store::{X509StoreBuilderRef, X509StoreRef};
#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))]
use x509::store::X509Store; use x509::store::X509Store;
@ -314,6 +311,32 @@ bitflags! {
} }
} }
/// An identifier of the format of a certificate or key file.
#[derive(Copy, Clone)]
pub struct SslFiletype(c_int);
impl SslFiletype {
/// Constructs an `SslFiletype` from a raw OpenSSL value.
pub fn from_raw(raw: c_int) -> SslFiletype {
SslFiletype(raw)
}
/// Returns the raw OpenSSL value represented by this type.
pub fn as_raw(&self) -> c_int {
self.0
}
/// The PEM format.
///
/// This corresponds to `SSL_FILETYPE_PEM`.
pub const PEM: SslFiletype = SslFiletype(ffi::SSL_FILETYPE_PEM);
/// The ASN1 format.
///
/// This corresponds to `SSL_FILETYPE_ASN1`.
pub const ASN1: SslFiletype = SslFiletype(ffi::SSL_FILETYPE_ASN1);
}
/// An identifier of a certificate status type. /// An identifier of a certificate status type.
#[derive(Copy, Clone)] #[derive(Copy, Clone)]
pub struct StatusType(c_int); pub struct StatusType(c_int);
@ -778,7 +801,7 @@ impl SslContextBuilder {
pub fn set_certificate_file<P: AsRef<Path>>( pub fn set_certificate_file<P: AsRef<Path>>(
&mut self, &mut self,
file: P, file: P,
file_type: X509Filetype, file_type: SslFiletype,
) -> Result<(), ErrorStack> { ) -> Result<(), ErrorStack> {
let file = CString::new(file.as_ref().as_os_str().to_str().unwrap()).unwrap(); let file = CString::new(file.as_ref().as_os_str().to_str().unwrap()).unwrap();
unsafe { unsafe {
@ -847,7 +870,7 @@ impl SslContextBuilder {
pub fn set_private_key_file<P: AsRef<Path>>( pub fn set_private_key_file<P: AsRef<Path>>(
&mut self, &mut self,
file: P, file: P,
file_type: X509Filetype, file_type: SslFiletype,
) -> Result<(), ErrorStack> { ) -> Result<(), ErrorStack> {
let file = CString::new(file.as_ref().as_os_str().to_str().unwrap()).unwrap(); let file = CString::new(file.as_ref().as_os_str().to_str().unwrap()).unwrap();
unsafe { unsafe {
@ -2041,9 +2064,10 @@ impl Ssl {
ErrorCode::WANT_READ | ErrorCode::WANT_WRITE => Err(HandshakeError::WouldBlock( ErrorCode::WANT_READ | ErrorCode::WANT_WRITE => Err(HandshakeError::WouldBlock(
MidHandshakeSslStream { stream, error }, MidHandshakeSslStream { stream, error },
)), )),
_ => Err(HandshakeError::Failure( _ => Err(HandshakeError::Failure(MidHandshakeSslStream {
MidHandshakeSslStream { stream, error }, stream,
)), error,
})),
} }
} }
} }
@ -2072,9 +2096,10 @@ impl Ssl {
ErrorCode::WANT_READ | ErrorCode::WANT_WRITE => Err(HandshakeError::WouldBlock( ErrorCode::WANT_READ | ErrorCode::WANT_WRITE => Err(HandshakeError::WouldBlock(
MidHandshakeSslStream { stream, error }, MidHandshakeSslStream { stream, error },
)), )),
_ => Err(HandshakeError::Failure( _ => Err(HandshakeError::Failure(MidHandshakeSslStream {
MidHandshakeSslStream { stream, error }, stream,
)), error,
})),
} }
} }
} }
@ -2319,10 +2344,8 @@ impl<S: Read + Write> Read for SslStream<S> {
} }
Err(ref e) if e.code() == ErrorCode::WANT_READ && e.io_error().is_none() => {} Err(ref e) if e.code() == ErrorCode::WANT_READ && e.io_error().is_none() => {}
Err(e) => { Err(e) => {
return Err( return Err(e.into_io_error()
e.into_io_error() .unwrap_or_else(|e| io::Error::new(io::ErrorKind::Other, e)))
.unwrap_or_else(|e| io::Error::new(io::ErrorKind::Other, e)),
)
} }
} }
} }
@ -2336,10 +2359,8 @@ impl<S: Read + Write> Write for SslStream<S> {
Ok(n) => return Ok(n), Ok(n) => return Ok(n),
Err(ref e) if e.code() == ErrorCode::WANT_READ && e.io_error().is_none() => {} Err(ref e) if e.code() == ErrorCode::WANT_READ && e.io_error().is_none() => {}
Err(e) => { Err(e) => {
return Err( return Err(e.into_io_error()
e.into_io_error() .unwrap_or_else(|e| io::Error::new(io::ErrorKind::Other, e)))
.unwrap_or_else(|e| io::Error::new(io::ErrorKind::Other, e)),
)
} }
} }
} }

44
openssl/src/ssl/test.rs
View File

@ -19,8 +19,8 @@ use hash::MessageDigest;
use ocsp::{OcspResponse, OcspResponseStatus}; use ocsp::{OcspResponse, OcspResponseStatus};
use ssl; use ssl;
use ssl::{Error, HandshakeError, ShutdownResult, Ssl, SslAcceptor, SslConnector, SslContext, use ssl::{Error, HandshakeError, ShutdownResult, Ssl, SslAcceptor, SslConnector, SslContext,
SslMethod, SslStream, SslVerifyMode, StatusType}; SslFiletype, SslMethod, SslStream, SslVerifyMode, StatusType};
use x509::{X509, X509Filetype, X509Name, X509StoreContext, X509VerifyResult}; use x509::{X509, X509Name, X509StoreContext, X509VerifyResult};
#[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))] #[cfg(any(all(feature = "v102", ossl102), all(feature = "v110", ossl110)))]
use x509::verify::X509CheckFlags; use x509::verify::X509CheckFlags;
use pkey::PKey; use pkey::PKey;
@ -347,9 +347,9 @@ fn test_write_hits_stream() {
let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
ctx.set_verify(SslVerifyMode::PEER); ctx.set_verify(SslVerifyMode::PEER);
ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
let stream = listener.accept().unwrap().0; let stream = listener.accept().unwrap().0;
let mut stream = Ssl::new(&ctx.build()).unwrap().accept(stream).unwrap(); let mut stream = Ssl::new(&ctx.build()).unwrap().accept(stream).unwrap();
@ -552,10 +552,10 @@ fn test_alpn_server_advertise_multiple() {
ssl::select_next_proto(b"\x08http/1.1\x08spdy/3.1", client).ok_or(ssl::AlpnError::NOACK) ssl::select_next_proto(b"\x08http/1.1\x08spdy/3.1", client).ok_or(ssl::AlpnError::NOACK)
}); });
assert!( assert!(
ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.is_ok() .is_ok()
); );
ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.build() ctx.build()
}; };
@ -595,10 +595,10 @@ fn test_alpn_server_select_none_fatal() {
.ok_or(ssl::AlpnError::ALERT_FATAL) .ok_or(ssl::AlpnError::ALERT_FATAL)
}); });
assert!( assert!(
ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.is_ok() .is_ok()
); );
ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.build() ctx.build()
}; };
@ -628,10 +628,10 @@ fn test_alpn_server_select_none() {
ssl::select_next_proto(b"\x08http/1.1\x08spdy/3.1", client).ok_or(ssl::AlpnError::NOACK) ssl::select_next_proto(b"\x08http/1.1\x08spdy/3.1", client).ok_or(ssl::AlpnError::NOACK)
}); });
assert!( assert!(
ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.is_ok() .is_ok()
); );
ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.build() ctx.build()
}; };
@ -962,9 +962,9 @@ fn shutdown() {
thread::spawn(move || { thread::spawn(move || {
let stream = listener.accept().unwrap().0; let stream = listener.accept().unwrap().0;
let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
let ssl = Ssl::new(&ctx.build()).unwrap(); let ssl = Ssl::new(&ctx.build()).unwrap();
let mut stream = ssl.accept(stream).unwrap(); let mut stream = ssl.accept(stream).unwrap();
@ -1020,9 +1020,9 @@ fn tmp_dh_callback() {
thread::spawn(move || { thread::spawn(move || {
let stream = listener.accept().unwrap().0; let stream = listener.accept().unwrap().0;
let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.set_tmp_dh_callback(|_, _, _| { ctx.set_tmp_dh_callback(|_, _, _| {
CALLED_BACK.store(true, Ordering::SeqCst); CALLED_BACK.store(true, Ordering::SeqCst);
@ -1057,9 +1057,9 @@ fn tmp_ecdh_callback() {
thread::spawn(move || { thread::spawn(move || {
let stream = listener.accept().unwrap().0; let stream = listener.accept().unwrap().0;
let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.set_tmp_ecdh_callback(|_, _, _| { ctx.set_tmp_ecdh_callback(|_, _, _| {
CALLED_BACK.store(true, Ordering::SeqCst); CALLED_BACK.store(true, Ordering::SeqCst);
@ -1088,9 +1088,9 @@ fn tmp_dh_callback_ssl() {
thread::spawn(move || { thread::spawn(move || {
let stream = listener.accept().unwrap().0; let stream = listener.accept().unwrap().0;
let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
let mut ssl = Ssl::new(&ctx.build()).unwrap(); let mut ssl = Ssl::new(&ctx.build()).unwrap();
ssl.set_tmp_dh_callback(|_, _, _| { ssl.set_tmp_dh_callback(|_, _, _| {
@ -1125,9 +1125,9 @@ fn tmp_ecdh_callback_ssl() {
thread::spawn(move || { thread::spawn(move || {
let stream = listener.accept().unwrap().0; let stream = listener.accept().unwrap().0;
let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
let mut ssl = Ssl::new(&ctx.build()).unwrap(); let mut ssl = Ssl::new(&ctx.build()).unwrap();
ssl.set_tmp_ecdh_callback(|_, _, _| { ssl.set_tmp_ecdh_callback(|_, _, _| {
@ -1180,9 +1180,9 @@ fn status_callbacks() {
let guard = thread::spawn(move || { let guard = thread::spawn(move || {
let stream = listener.accept().unwrap().0; let stream = listener.accept().unwrap().0;
let mut ctx = SslContext::builder(SslMethod::tls()).unwrap(); let mut ctx = SslContext::builder(SslMethod::tls()).unwrap();
ctx.set_certificate_file(&Path::new("test/cert.pem"), X509Filetype::PEM) ctx.set_certificate_file(&Path::new("test/cert.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.set_private_key_file(&Path::new("test/key.pem"), X509Filetype::PEM) ctx.set_private_key_file(&Path::new("test/key.pem"), SslFiletype::PEM)
.unwrap(); .unwrap();
ctx.set_status_callback(|ssl| { ctx.set_status_callback(|ssl| {
CALLED_BACK_SERVER.store(true, Ordering::SeqCst); CALLED_BACK_SERVER.store(true, Ordering::SeqCst);

26
openssl/src/symm.rs
View File

@ -615,7 +615,7 @@ use self::compat::*;
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use hex::{FromHex, ToHex}; use hex::{self, FromHex};
use super::*; use super::*;
// Test vectors from FIPS-197: // Test vectors from FIPS-197:
@ -703,7 +703,7 @@ mod tests {
let count = c.update(&p0, &mut r0).unwrap(); let count = c.update(&p0, &mut r0).unwrap();
let rest = c.finalize(&mut r0[count..]).unwrap(); let rest = c.finalize(&mut r0[count..]).unwrap();
r0.truncate(count + rest); r0.truncate(count + rest);
assert_eq!(r0.to_hex(), c0.to_hex()); assert_eq!(hex::encode(&r0), hex::encode(c0));
let mut c = super::Crypter::new( let mut c = super::Crypter::new(
super::Cipher::aes_256_ecb(), super::Cipher::aes_256_ecb(),
@ -716,7 +716,7 @@ mod tests {
let count = c.update(&r0, &mut p1).unwrap(); let count = c.update(&r0, &mut p1).unwrap();
let rest = c.finalize(&mut p1[count..]).unwrap(); let rest = c.finalize(&mut p1[count..]).unwrap();
p1.truncate(count + rest); p1.truncate(count + rest);
assert_eq!(p1.to_hex(), p0.to_hex()); assert_eq!(hex::encode(p1), hex::encode(p0));
} }
#[test] #[test]
@ -818,8 +818,8 @@ mod tests {
let expected = pt; let expected = pt;
if computed != expected { if computed != expected {
println!("Computed: {}", computed.to_hex()); println!("Computed: {}", hex::encode(&computed));
println!("Expected: {}", expected.to_hex()); println!("Expected: {}", hex::encode(&expected));
if computed.len() != expected.len() { if computed.len() != expected.len() {
println!( println!(
"Lengths differ: {} in computed vs {} expected", "Lengths differ: {} in computed vs {} expected",
@ -849,8 +849,8 @@ mod tests {
let expected = pt; let expected = pt;
if computed != expected { if computed != expected {
println!("Computed: {}", computed.to_hex()); println!("Computed: {}", hex::encode(&computed));
println!("Expected: {}", expected.to_hex()); println!("Expected: {}", hex::encode(&expected));
if computed.len() != expected.len() { if computed.len() != expected.len() {
println!( println!(
"Lengths differ: {} in computed vs {} expected", "Lengths differ: {} in computed vs {} expected",
@ -1061,8 +1061,8 @@ mod tests {
&Vec::from_hex(pt).unwrap(), &Vec::from_hex(pt).unwrap(),
&mut actual_tag, &mut actual_tag,
).unwrap(); ).unwrap();
assert_eq!(ct, out.to_hex()); assert_eq!(ct, hex::encode(out));
assert_eq!(tag, actual_tag.to_hex()); assert_eq!(tag, hex::encode(actual_tag));
let out = decrypt_aead( let out = decrypt_aead(
Cipher::aes_128_gcm(), Cipher::aes_128_gcm(),
@ -1072,7 +1072,7 @@ mod tests {
&Vec::from_hex(ct).unwrap(), &Vec::from_hex(ct).unwrap(),
&Vec::from_hex(tag).unwrap(), &Vec::from_hex(tag).unwrap(),
).unwrap(); ).unwrap();
assert_eq!(pt, out.to_hex()); assert_eq!(pt, hex::encode(out));
} }
#[test] #[test]
@ -1111,8 +1111,8 @@ mod tests {
&Vec::from_hex(pt).unwrap(), &Vec::from_hex(pt).unwrap(),
&mut actual_tag, &mut actual_tag,
).unwrap(); ).unwrap();
assert_eq!(ct, out.to_hex()); assert_eq!(ct, hex::encode(out));
assert_eq!(tag, actual_tag.to_hex()); assert_eq!(tag, hex::encode(actual_tag));
let out = decrypt_aead( let out = decrypt_aead(
Cipher::chacha20_poly1305(), Cipher::chacha20_poly1305(),
@ -1122,6 +1122,6 @@ mod tests {
&Vec::from_hex(ct).unwrap(), &Vec::from_hex(ct).unwrap(),
&Vec::from_hex(tag).unwrap(), &Vec::from_hex(tag).unwrap(),
).unwrap(); ).unwrap();
assert_eq!(pt, out.to_hex()); assert_eq!(pt, hex::encode(out));
} }
} }

17
openssl/src/x509/mod.rs
View File

@ -80,23 +80,6 @@ pub mod store;
#[cfg(test)] #[cfg(test)]
mod tests; mod tests;
/// The file type of the encoded `X509` certificate.
pub struct X509Filetype(c_int);
impl X509Filetype {
/// Returns the raw OpenSSL value represented by this type.
pub fn as_raw(&self) -> c_int {
self.0
}
/// `PEM` encoded `X509` certificate.
pub const PEM: X509Filetype = X509Filetype(ffi::X509_FILETYPE_PEM);
/// `ASN.1` encoded `X509` certificate.
pub const ASN1: X509Filetype = X509Filetype(ffi::X509_FILETYPE_ASN1);
/// Default encoded `X509` certificate.
pub const DEFAULT: X509Filetype = X509Filetype(ffi::X509_FILETYPE_DEFAULT);
}
foreign_type_and_impl_send_sync! { foreign_type_and_impl_send_sync! {
type CType = ffi::X509_STORE_CTX; type CType = ffi::X509_STORE_CTX;
fn drop = ffi::X509_STORE_CTX_free; fn drop = ffi::X509_STORE_CTX_free;

14
openssl/src/x509/tests.rs
View File

@ -1,4 +1,4 @@
use hex::{FromHex, ToHex}; use hex::{self, FromHex};
use asn1::Asn1Time; use asn1::Asn1Time;
use bn::{BigNum, MsbOption}; use bn::{BigNum, MsbOption};
@ -231,17 +231,15 @@ fn test_stack_from_pem() {
assert_eq!(certs.len(), 2); assert_eq!(certs.len(), 2);
assert_eq!( assert_eq!(
certs[0] hex::encode(certs[0]
.fingerprint(MessageDigest::sha1()) .fingerprint(MessageDigest::sha1())
.unwrap() .unwrap()),
.to_hex(),
"59172d9313e84459bcff27f967e79e6e9217e584" "59172d9313e84459bcff27f967e79e6e9217e584"
); );
assert_eq!( assert_eq!(
certs[1] hex::encode(certs[1]
.fingerprint(MessageDigest::sha1()) .fingerprint(MessageDigest::sha1())
.unwrap() .unwrap()),
.to_hex(),
"c0cbdf7cdd03c9773e5468e1f6d2da7d5cbb1875" "c0cbdf7cdd03c9773e5468e1f6d2da7d5cbb1875"
); );
} }
@ -263,7 +261,7 @@ fn signature() {
let cert = X509::from_pem(cert).unwrap(); let cert = X509::from_pem(cert).unwrap();
let signature = cert.signature(); let signature = cert.signature();
assert_eq!( assert_eq!(
signature.as_slice().to_hex(), hex::encode(signature.as_slice()),
"4af607b889790b43470442cfa551cdb8b6d0b0340d2958f76b9e3ef6ad4992230cead6842587f0ecad5\ "4af607b889790b43470442cfa551cdb8b6d0b0340d2958f76b9e3ef6ad4992230cead6842587f0ecad5\
78e6e11a221521e940187e3d6652de14e84e82f6671f097cc47932e022add3c0cb54a26bf27fa84c107\ 78e6e11a221521e940187e3d6652de14e84e82f6671f097cc47932e022add3c0cb54a26bf27fa84c107\
4971caa6bee2e42d34a5b066c427f2d452038082b8073993399548088429de034fdd589dcfb0dd33be7\ 4971caa6bee2e42d34a5b066c427f2d452038082b8073993399548088429de034fdd589dcfb0dd33be7\