diff --git a/src/crypto/hash.rs b/src/crypto/hash.rs index 14dd34b5..1587e55d 100644 --- a/src/crypto/hash.rs +++ b/src/crypto/hash.rs @@ -17,13 +17,13 @@ pub enum HashType { pub fn evpmd(t: HashType) -> (*const ffi::EVP_MD, uint) { unsafe { match t { - MD5 => (ffi::EVP_md5(), 16u), - SHA1 => (ffi::EVP_sha1(), 20u), - SHA224 => (ffi::EVP_sha224(), 28u), - SHA256 => (ffi::EVP_sha256(), 32u), - SHA384 => (ffi::EVP_sha384(), 48u), - SHA512 => (ffi::EVP_sha512(), 64u), - RIPEMD160 => (ffi::EVP_ripemd160(), 20u), + HashType::MD5 => (ffi::EVP_md5(), 16u), + HashType::SHA1 => (ffi::EVP_sha1(), 20u), + HashType::SHA224 => (ffi::EVP_sha224(), 28u), + HashType::SHA256 => (ffi::EVP_sha256(), 32u), + HashType::SHA384 => (ffi::EVP_sha384(), 48u), + HashType::SHA512 => (ffi::EVP_sha512(), 64u), + HashType::RIPEMD160 => (ffi::EVP_ripemd160(), 20u), } } } @@ -145,7 +145,7 @@ mod tests { HashTest("AAED18DBE8938C19ED734A8D", "6f80fb775f27e0a4ce5c2f42fc72c5f1")]; for test in tests.iter() { - hash_test(super::MD5, test); + hash_test(super::HashType::MD5, test); } } @@ -156,7 +156,7 @@ mod tests { ]; for test in tests.iter() { - hash_test(super::SHA1, test); + hash_test(super::HashType::SHA1, test); } } @@ -167,7 +167,7 @@ mod tests { ]; for test in tests.iter() { - hash_test(super::SHA256, test); + hash_test(super::HashType::SHA256, test); } } @@ -178,14 +178,14 @@ mod tests { ]; for test in tests.iter() { - hash_test(super::RIPEMD160, test); + hash_test(super::HashType::RIPEMD160, test); } } #[test] fn test_writer() { let tv = "rust-openssl".as_bytes(); - let ht = super::RIPEMD160; + let ht = super::HashType::RIPEMD160; assert!(hash_writer(ht, tv) == super::hash(ht, tv)); } } diff --git a/src/crypto/hmac.rs b/src/crypto/hmac.rs index ef2a0414..a3d92236 100644 --- a/src/crypto/hmac.rs +++ b/src/crypto/hmac.rs @@ -64,7 +64,7 @@ impl HMAC { #[cfg(test)] mod tests { use serialize::hex::FromHex; - use crypto::hash::{HashType, MD5, SHA1, SHA224, SHA256, SHA384, SHA512}; + use crypto::hash::HashType::{mod, MD5, SHA1, SHA224, SHA256, SHA384, SHA512}; use super::HMAC; #[test] diff --git a/src/crypto/pkey.rs b/src/crypto/pkey.rs index a04937b3..146d2aa3 100644 --- a/src/crypto/pkey.rs +++ b/src/crypto/pkey.rs @@ -2,7 +2,7 @@ use libc::{c_int, c_uint}; use std::mem; use std::ptr; use bio::{MemBio}; -use crypto::hash::{HashType, MD5, SHA1, SHA224, SHA256, SHA384, SHA512, RIPEMD160}; +use crypto::hash::HashType; use ffi; use ssl::error::{SslError, StreamError}; @@ -29,20 +29,20 @@ pub enum EncryptionPadding { fn openssl_padding_code(padding: EncryptionPadding) -> c_int { match padding { - OAEP => 4, - PKCS1v15 => 1 + EncryptionPadding::OAEP => 4, + EncryptionPadding::PKCS1v15 => 1 } } fn openssl_hash_nid(hash: HashType) -> c_int { match hash { - MD5 => 4, // NID_md5, - SHA1 => 64, // NID_sha1 - SHA224 => 675, // NID_sha224 - SHA256 => 672, // NID_sha256 - SHA384 => 673, // NID_sha384 - SHA512 => 674, // NID_sha512 - RIPEMD160 => 117, // NID_ripemd160 + HashType::MD5 => 4, // NID_md5, + HashType::SHA1 => 64, // NID_sha1 + HashType::SHA224 => 675, // NID_sha224 + HashType::SHA256 => 672, // NID_sha256 + HashType::SHA384 => 673, // NID_sha384 + HashType::SHA512 => 674, // NID_sha512 + HashType::RIPEMD160 => 117, // NID_ripemd160 } } @@ -59,7 +59,7 @@ impl PKey { PKey { evp: ffi::EVP_PKEY_new(), - parts: Neither, + parts: Parts::Neither, } } } @@ -101,7 +101,7 @@ impl PKey { 6 as c_int, mem::transmute(rsa)); - self.parts = Both; + self.parts = Parts::Both; } } @@ -117,7 +117,7 @@ impl PKey { */ pub fn load_pub(&mut self, s: &[u8]) { self._fromstr(s, ffi::d2i_RSA_PUBKEY); - self.parts = Public; + self.parts = Parts::Public; } /** @@ -133,7 +133,7 @@ impl PKey { */ pub fn load_priv(&mut self, s: &[u8]) { self._fromstr(s, ffi::d2i_RSAPrivateKey); - self.parts = Both; + self.parts = Parts::Both; } /// Stores private key as a PEM @@ -163,24 +163,24 @@ impl PKey { */ pub fn can(&self, r: Role) -> bool { match r { - Encrypt => + Role::Encrypt => match self.parts { - Neither => false, + Parts::Neither => false, _ => true, }, - Verify => + Role::Verify => match self.parts { - Neither => false, + Parts::Neither => false, _ => true, }, - Decrypt => + Role::Decrypt => match self.parts { - Both => true, + Parts::Both => true, _ => false, }, - Sign => + Role::Sign => match self.parts { - Both => true, + Parts::Both => true, _ => false, }, } @@ -254,24 +254,24 @@ impl PKey { * Encrypts data using OAEP padding, returning the encrypted data. The * supplied data must not be larger than max_data(). */ - pub fn encrypt(&self, s: &[u8]) -> Vec { self.encrypt_with_padding(s, OAEP) } + pub fn encrypt(&self, s: &[u8]) -> Vec { self.encrypt_with_padding(s, EncryptionPadding::OAEP) } /** * Decrypts data, expecting OAEP padding, returning the decrypted data. */ - pub fn decrypt(&self, s: &[u8]) -> Vec { self.decrypt_with_padding(s, OAEP) } + pub fn decrypt(&self, s: &[u8]) -> Vec { self.decrypt_with_padding(s, EncryptionPadding::OAEP) } /** * Signs data, using OpenSSL's default scheme and sha256. Unlike encrypt(), * can process an arbitrary amount of data; returns the signature. */ - pub fn sign(&self, s: &[u8]) -> Vec { self.sign_with_hash(s, SHA256) } + pub fn sign(&self, s: &[u8]) -> Vec { self.sign_with_hash(s, HashType::SHA256) } /** * Verifies a signature s (using OpenSSL's default scheme and sha256) on a * message m. Returns true if the signature is valid, and false otherwise. */ - pub fn verify(&self, m: &[u8], s: &[u8]) -> bool { self.verify_with_hash(m, s, SHA256) } + pub fn verify(&self, m: &[u8], s: &[u8]) -> bool { self.verify_with_hash(m, s, HashType::SHA256) } pub fn sign_with_hash(&self, s: &[u8], hash: HashType) -> Vec { unsafe { @@ -328,7 +328,7 @@ impl Drop for PKey { #[cfg(test)] mod tests { - use crypto::hash::{MD5, SHA1}; + use crypto::hash::HashType::{MD5, SHA1}; #[test] fn test_gen_pub() { @@ -338,14 +338,14 @@ mod tests { k1.load_pub(k0.save_pub().as_slice()); assert_eq!(k0.save_pub(), k1.save_pub()); assert_eq!(k0.size(), k1.size()); - assert!(k0.can(super::Encrypt)); - assert!(k0.can(super::Decrypt)); - assert!(k0.can(super::Verify)); - assert!(k0.can(super::Sign)); - assert!(k1.can(super::Encrypt)); - assert!(!k1.can(super::Decrypt)); - assert!(k1.can(super::Verify)); - assert!(!k1.can(super::Sign)); + assert!(k0.can(super::Role::Encrypt)); + assert!(k0.can(super::Role::Decrypt)); + assert!(k0.can(super::Role::Verify)); + assert!(k0.can(super::Role::Sign)); + assert!(k1.can(super::Role::Encrypt)); + assert!(!k1.can(super::Role::Decrypt)); + assert!(k1.can(super::Role::Verify)); + assert!(!k1.can(super::Role::Sign)); } #[test] @@ -356,14 +356,14 @@ mod tests { k1.load_priv(k0.save_priv().as_slice()); assert_eq!(k0.save_priv(), k1.save_priv()); assert_eq!(k0.size(), k1.size()); - assert!(k0.can(super::Encrypt)); - assert!(k0.can(super::Decrypt)); - assert!(k0.can(super::Verify)); - assert!(k0.can(super::Sign)); - assert!(k1.can(super::Encrypt)); - assert!(k1.can(super::Decrypt)); - assert!(k1.can(super::Verify)); - assert!(k1.can(super::Sign)); + assert!(k0.can(super::Role::Encrypt)); + assert!(k0.can(super::Role::Decrypt)); + assert!(k0.can(super::Role::Verify)); + assert!(k0.can(super::Role::Sign)); + assert!(k1.can(super::Role::Encrypt)); + assert!(k1.can(super::Role::Decrypt)); + assert!(k1.can(super::Role::Verify)); + assert!(k1.can(super::Role::Sign)); } #[test] @@ -385,8 +385,8 @@ mod tests { let msg = vec!(0xdeu8, 0xadu8, 0xd0u8, 0x0du8); k0.gen(512u); k1.load_pub(k0.save_pub().as_slice()); - let emsg = k1.encrypt_with_padding(msg.as_slice(), super::PKCS1v15); - let dmsg = k0.decrypt_with_padding(emsg.as_slice(), super::PKCS1v15); + let emsg = k1.encrypt_with_padding(msg.as_slice(), super::EncryptionPadding::PKCS1v15); + let dmsg = k0.decrypt_with_padding(emsg.as_slice(), super::EncryptionPadding::PKCS1v15); assert!(msg == dmsg); } diff --git a/src/crypto/symm.rs b/src/crypto/symm.rs index 6af4be6c..c6211784 100644 --- a/src/crypto/symm.rs +++ b/src/crypto/symm.rs @@ -31,21 +31,21 @@ pub enum Type { fn evpc(t: Type) -> (*const ffi::EVP_CIPHER, uint, uint) { unsafe { match t { - AES_128_ECB => (ffi::EVP_aes_128_ecb(), 16u, 16u), - AES_128_CBC => (ffi::EVP_aes_128_cbc(), 16u, 16u), + Type::AES_128_ECB => (ffi::EVP_aes_128_ecb(), 16u, 16u), + Type::AES_128_CBC => (ffi::EVP_aes_128_cbc(), 16u, 16u), #[cfg(feature = "aes_xts")] - AES_128_XTS => (ffi::EVP_aes_128_xts(), 32u, 16u), + Type::AES_128_XTS => (ffi::EVP_aes_128_xts(), 32u, 16u), // AES_128_CTR => (EVP_aes_128_ctr(), 16u, 0u), //AES_128_GCM => (EVP_aes_128_gcm(), 16u, 16u), - AES_256_ECB => (ffi::EVP_aes_256_ecb(), 32u, 16u), - AES_256_CBC => (ffi::EVP_aes_256_cbc(), 32u, 16u), + Type::AES_256_ECB => (ffi::EVP_aes_256_ecb(), 32u, 16u), + Type::AES_256_CBC => (ffi::EVP_aes_256_cbc(), 32u, 16u), #[cfg(feature = "aes_xts")] - AES_256_XTS => (ffi::EVP_aes_256_xts(), 64u, 16u), + Type::AES_256_XTS => (ffi::EVP_aes_256_xts(), 64u, 16u), // AES_256_CTR => (EVP_aes_256_ctr(), 32u, 0u), //AES_256_GCM => (EVP_aes_256_gcm(), 32u, 16u), - RC4_128 => (ffi::EVP_rc4(), 16u, 0u), + Type::RC4_128 => (ffi::EVP_rc4(), 16u, 0u), } } } @@ -86,8 +86,8 @@ impl Crypter { pub fn init(&self, mode: Mode, key: &[u8], iv: Vec) { unsafe { let mode = match mode { - Encrypt => 1 as c_int, - Decrypt => 0 as c_int, + Mode::Encrypt => 1 as c_int, + Mode::Decrypt => 0 as c_int, }; assert_eq!(key.len(), self.keylen); @@ -155,7 +155,7 @@ impl Drop for Crypter { */ pub fn encrypt(t: Type, key: &[u8], iv: Vec, data: &[u8]) -> Vec { let c = Crypter::new(t); - c.init(Encrypt, key, iv); + c.init(Mode::Encrypt, key, iv); let mut r = c.update(data); let rest = c.finalize(); r.extend(rest.into_iter()); @@ -168,7 +168,7 @@ pub fn encrypt(t: Type, key: &[u8], iv: Vec, data: &[u8]) -> Vec { */ pub fn decrypt(t: Type, key: &[u8], iv: Vec, data: &[u8]) -> Vec { let c = Crypter::new(t); - c.init(Decrypt, key, iv); + c.init(Mode::Decrypt, key, iv); let mut r = c.update(data); let rest = c.finalize(); r.extend(rest.into_iter()); @@ -194,13 +194,13 @@ mod tests { let c0 = vec!(0x8eu8, 0xa2u8, 0xb7u8, 0xcau8, 0x51u8, 0x67u8, 0x45u8, 0xbfu8, 0xeau8, 0xfcu8, 0x49u8, 0x90u8, 0x4bu8, 0x49u8, 0x60u8, 0x89u8); - let c = super::Crypter::new(super::AES_256_ECB); - c.init(super::Encrypt, k0.as_slice(), vec![]); + let c = super::Crypter::new(super::Type::AES_256_ECB); + c.init(super::Mode::Encrypt, k0.as_slice(), vec![]); c.pad(false); let mut r0 = c.update(p0.as_slice()); r0.extend(c.finalize().into_iter()); assert!(r0 == c0); - c.init(super::Decrypt, k0.as_slice(), vec![]); + c.init(super::Mode::Decrypt, k0.as_slice(), vec![]); c.pad(false); let mut p1 = c.update(r0.as_slice()); p1.extend(c.finalize().into_iter()); @@ -209,7 +209,7 @@ mod tests { #[test] fn test_aes_256_cbc_decrypt() { - let cr = super::Crypter::new(super::AES_256_CBC); + let cr = super::Crypter::new(super::Type::AES_256_CBC); let iv = vec![ 4_u8, 223_u8, 153_u8, 219_u8, 28_u8, 142_u8, 234_u8, 68_u8, 227_u8, 69_u8, 98_u8, 107_u8, 208_u8, 14_u8, 236_u8, 60_u8, 0_u8, 0_u8, @@ -226,7 +226,7 @@ mod tests { 0x4a_u8, 0x2e_u8, 0xe5_u8, 0x6_u8, 0xbf_u8, 0xcf_u8, 0xf2_u8, 0xd7_u8, 0xea_u8, 0x2d_u8, 0xb1_u8, 0x85_u8, 0x6c_u8, 0x93_u8, 0x65_u8, 0x6f_u8 ]; - cr.init(super::Decrypt, data, iv); + cr.init(super::Mode::Decrypt, data, iv); cr.pad(false); let unciphered_data_1 = cr.update(ciphered_data); let unciphered_data_2 = cr.finalize(); @@ -245,7 +245,7 @@ mod tests { use serialize::hex::ToHex; let cipher = super::Crypter::new(ciphertype); - cipher.init(super::Encrypt, key.from_hex().unwrap().as_slice(), iv.from_hex().unwrap()); + cipher.init(super::Mode::Encrypt, key.from_hex().unwrap().as_slice(), iv.from_hex().unwrap()); let expected = ct.from_hex().unwrap().as_slice().to_vec(); let mut computed = cipher.update(pt.from_hex().unwrap().as_slice()); @@ -270,7 +270,7 @@ mod tests { let key = "97CD440324DA5FD1F7955C1C13B6B466"; let iv = ""; - cipher_test(super::RC4_128, pt, ct, key, iv); + cipher_test(super::Type::RC4_128, pt, ct, key, iv); } #[test] @@ -283,7 +283,7 @@ mod tests { let key = "b6bfef891f83b5ff073f2231267be51eb084b791fa19a154399c0684c8b2dfcb37de77d28bbda3b4180026ad640b74243b3133e7b9fae629403f6733423dae28"; let iv = "db200efb7eaaa737dbdf40babb68953f"; - cipher_test(super::AES_256_XTS, pt, ct, key, iv); + cipher_test(super::Type::AES_256_XTS, pt, ct, key, iv); } /*#[test] diff --git a/src/lib.rs b/src/lib.rs index f2d8a30d..4f5e3e75 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,4 +1,4 @@ -#![feature(struct_variant, macro_rules, unsafe_destructor, globs)] +#![feature(macro_rules, unsafe_destructor, globs)] #![crate_name="openssl"] #![crate_type="rlib"] #![crate_type="dylib"] diff --git a/src/ssl/mod.rs b/src/ssl/mod.rs index 0ed3c2e8..a3eb5c14 100644 --- a/src/ssl/mod.rs +++ b/src/ssl/mod.rs @@ -56,14 +56,14 @@ impl SslMethod { unsafe fn to_raw(&self) -> *const ffi::SSL_METHOD { match *self { #[cfg(feature = "sslv2")] - Sslv2 => ffi::SSLv2_method(), - Sslv3 => ffi::SSLv3_method(), - Tlsv1 => ffi::TLSv1_method(), - Sslv23 => ffi::SSLv23_method(), + SslMethod::Sslv2 => ffi::SSLv2_method(), + SslMethod::Sslv3 => ffi::SSLv3_method(), + SslMethod::Tlsv1 => ffi::TLSv1_method(), + SslMethod::Sslv23 => ffi::SSLv23_method(), #[cfg(feature = "tlsv1_1")] - Tlsv1_1 => ffi::TLSv1_1_method(), + SslMethod::Tlsv1_1 => ffi::TLSv1_1_method(), #[cfg(feature = "tlsv1_2")] - Tlsv1_2 => ffi::TLSv1_2_method() + SslMethod::Tlsv1_2 => ffi::TLSv1_2_method() } } } @@ -424,14 +424,14 @@ impl SslStream { } match self.ssl.get_error(ret) { - ErrorWantRead => { + LibSslError::ErrorWantRead => { try_ssl_stream!(self.flush()); let len = try_ssl_stream!(self.stream.read(self.buf.as_mut_slice())); self.ssl.get_rbio().write(self.buf.slice_to(len)); } - ErrorWantWrite => { try_ssl_stream!(self.flush()) } - ErrorZeroReturn => return Err(SslSessionClosed), - ErrorSsl => return Err(SslError::get()), + LibSslError::ErrorWantWrite => { try_ssl_stream!(self.flush()) } + LibSslError::ErrorZeroReturn => return Err(SslSessionClosed), + LibSslError::ErrorSsl => return Err(SslError::get()), _ => unreachable!() } } diff --git a/src/ssl/tests.rs b/src/ssl/tests.rs index f9f941a9..5aa9834f 100644 --- a/src/ssl/tests.rs +++ b/src/ssl/tests.rs @@ -3,8 +3,10 @@ use std::io::{Writer}; use std::io::net::tcp::TcpStream; use std::str; -use crypto::hash::{SHA256}; -use ssl::{Sslv23, SslContext, SslStream, SslVerifyPeer}; +use crypto::hash::HashType::{SHA256}; +use ssl::SslMethod::Sslv23; +use ssl::{SslContext, SslStream}; +use ssl::SslVerifyMode::SslVerifyPeer; use x509::{X509StoreContext}; #[test] diff --git a/src/x509/mod.rs b/src/x509/mod.rs index 48b5d455..21c3a9d6 100644 --- a/src/x509/mod.rs +++ b/src/x509/mod.rs @@ -4,7 +4,7 @@ use std::ptr; use asn1::{Asn1Time}; use bio::{MemBio}; -use crypto::hash::{HashType, evpmd, SHA1}; +use crypto::hash::{HashType, evpmd}; use crypto::pkey::{PKey}; use crypto::rand::rand_bytes; use ffi; @@ -69,15 +69,15 @@ pub enum KeyUsage { impl AsStr<'static> for KeyUsage { fn as_str(&self) -> &'static str { match self { - &DigitalSignature => "digitalSignature", - &NonRepudiation => "nonRepudiation", - &KeyEncipherment => "keyEncipherment", - &DataEncipherment => "dataEncipherment", - &KeyAgreement => "keyAgreement", - &KeyCertSign => "keyCertSign", - &CRLSign => "cRLSign", - &EncipherOnly => "encipherOnly", - &DecipherOnly => "decipherOnly" + &KeyUsage::DigitalSignature => "digitalSignature", + &KeyUsage::NonRepudiation => "nonRepudiation", + &KeyUsage::KeyEncipherment => "keyEncipherment", + &KeyUsage::DataEncipherment => "dataEncipherment", + &KeyUsage::KeyAgreement => "keyAgreement", + &KeyUsage::KeyCertSign => "keyCertSign", + &KeyUsage::CRLSign => "cRLSign", + &KeyUsage::EncipherOnly => "encipherOnly", + &KeyUsage::DecipherOnly => "decipherOnly" } } } @@ -101,17 +101,17 @@ pub enum ExtKeyUsage { impl AsStr<'static> for ExtKeyUsage { fn as_str(&self) -> &'static str { match self { - &ServerAuth => "serverAuth", - &ClientAuth => "clientAuth", - &CodeSigning => "codeSigning", - &EmailProtection => "emailProtection", - &TimeStamping => "timeStamping", - &MsCodeInd => "msCodeInd", - &MsCodeCom => "msCodeCom", - &MsCtlSign => "msCTLSign", - &MsSgc => "msSGC", - &MsEfs => "msEFS", - &NsSgc =>"nsSGC" + &ExtKeyUsage::ServerAuth => "serverAuth", + &ExtKeyUsage::ClientAuth => "clientAuth", + &ExtKeyUsage::CodeSigning => "codeSigning", + &ExtKeyUsage::EmailProtection => "emailProtection", + &ExtKeyUsage::TimeStamping => "timeStamping", + &ExtKeyUsage::MsCodeInd => "msCodeInd", + &ExtKeyUsage::MsCodeCom => "msCodeCom", + &ExtKeyUsage::MsCtlSign => "msCTLSign", + &ExtKeyUsage::MsSgc => "msSGC", + &ExtKeyUsage::MsEfs => "msEFS", + &ExtKeyUsage::NsSgc =>"nsSGC" } } } @@ -192,7 +192,7 @@ impl X509Generator { CN: "rust-openssl".to_string(), key_usage: Vec::new(), ext_key_usage: Vec::new(), - hash_type: SHA1 + hash_type: HashType::SHA1 } } @@ -435,8 +435,8 @@ macro_rules! make_validation_error( pub fn from_raw(err: c_int) -> Option { match err { ffi::$ok_val => None, - $(ffi::$val => Some($name),)+ - err => Some(X509UnknownError(err)) + $(ffi::$val => Some(X509ValidationError::$name),)+ + err => Some(X509ValidationError::X509UnknownError(err)) } } } diff --git a/src/x509/tests.rs b/src/x509/tests.rs index e4f7b142..49e399d9 100644 --- a/src/x509/tests.rs +++ b/src/x509/tests.rs @@ -2,8 +2,10 @@ use serialize::hex::FromHex; use std::io::{File, Open, Read}; use std::io::util::NullWriter; -use crypto::hash::{SHA256}; -use x509::{X509, X509Generator, DigitalSignature, KeyEncipherment, ClientAuth, ServerAuth}; +use crypto::hash::HashType::{SHA256}; +use x509::{X509, X509Generator}; +use x509::KeyUsage::{DigitalSignature, KeyEncipherment}; +use x509::ExtKeyUsage::{ClientAuth, ServerAuth}; #[test] fn test_cert_gen() {