bbaec65b73
Include information about development packages
...
Building the crate on a system without the development packages of openssl installed fails.
Issue #649 suggests to install those packages, which resolves the problem.
2018-04-12 08:42:29 +10:00
78d91428b5
Release openssl-sys 0.9.28
2018-04-05 11:09:36 -07:00
01855a4f64
Combine LibreSSL 2.7.x versions into one
2018-04-03 09:26:50 +00:00
03c6bcc159
Add LibreSSL 2.7.2
2018-04-02 13:48:26 +00:00
23ca9d2832
Add support for LibreSSL 2.7.1
...
While there, support also future LibreSSL 2.7 versions out of the
box. This fixes compiling this crate in OpenBSD -current.
2018-03-31 20:14:24 +00:00
e423da2d12
Merge pull request #858 from Ralith/stateless-api
...
Introduce SslStreamBuilder
2018-03-31 11:28:03 -07:00
5c317d5a35
Remove unneeded build keys
2018-03-30 11:32:57 +02:00
bbb1cb61f6
Update to OpenSSL 1.1.1-pre3
2018-03-28 18:14:44 -07:00
c82a87a18e
Add Asn1IntegerRef::to_bn
...
Also deprecate Asn1IntegerRef since it's just asking for trouble.
2018-03-28 20:48:28 +02:00
f0614f4acd
Support LibreSSL 2.7.0
...
Closes #883
Closes #805
2018-03-22 20:22:07 +00:00
063186b62e
Merge pull request #856 from Flakebi/master
...
Make it possible to use cmac
2018-03-19 13:22:51 -07:00
0860115156
Make it possible to use cmac
...
This adds Signer::new_without_digest to create Signers which don't have
a digest (like cmac, which is based on aes).
As openssl supports cmac since version 1.1.0, the functions are behind
the ossl110 feature.
This allows building CMAC/OMAC1 and the EAX AEAD on top of this library.
2018-03-19 21:02:46 +01:00
09b1fe9a0d
Expose additional cipher and digest accessors
2018-03-16 20:33:23 -07:00
9452c01672
Merge pull request #864 from mlen/aes-ccm-bindings
...
Implement AES-{128,256}-CCM bindings
2018-03-11 16:30:37 -07:00
d0329473bd
Merge branch 'master' into custom-extensions
2018-03-11 15:27:28 -07:00
1b830c3fb7
Merge pull request #863 from rohit-lshift/master
...
Exposed some of ECDSA functions
2018-03-11 15:08:16 -07:00
00359a1a55
Merge pull request #861 from bkchr/verify_certificate
...
Implements `X509_verify_cert`
2018-03-11 13:37:21 -07:00
dcbb45cc9d
Implement AES-{128,256}-CCM bindings
2018-03-08 17:24:55 +01:00
d4de2a408f
Use examples listed in OpenSSL docs for testing
2018-03-08 16:12:35 +00:00
55ffc9b2e4
Add support LibreSSL and remove OpenSSL binding which we aren't using
2018-03-08 11:54:19 +00:00
2d6cd9eb16
Exposed some of ECDSA functions
2018-03-08 09:44:05 +00:00
724dd6f830
Adds more functions to `Verifier`/`Signer` for RSA keys
2018-03-07 20:43:28 +01:00
84a5ce7607
Adds RSA PKCS1 PSS padding
2018-03-07 20:43:12 +01:00
9a8a1c752b
Adds `PKeyRef::get_id` to get the OID of a key
2018-03-07 18:42:13 +01:00
a1cfde765a
add cleanup ffi to store context
2018-03-07 13:54:15 +01:00
35cad33d51
fix error check
2018-03-07 13:50:12 +01:00
eb6296e892
add verify_cert and store_context_builder
2018-03-07 13:41:44 +01:00
38f4705b1d
FFI for OpenSSL 1.1.1 custom extension support
2018-03-05 17:45:08 -08:00
aa9addf532
Release openssl-sys 0.9.27
2018-02-28 14:31:23 -08:00
b7ba577339
Add min/max protocol version support
2018-02-25 23:20:10 -08:00
e06a209e72
Expose FFI bindings needed for SSL_stateless
2018-02-25 19:58:49 -08:00
cebfbd9a25
Merge pull request #850 from sfackler/put-error
...
Add the ability to push errors back onto the error stack.
2018-02-24 20:58:07 -08:00
5fd23d38d5
Add the ability to push errors back onto the error stack.
2018-02-24 20:46:03 -08:00
f72f35e9bd
Add RFC 5705 support
2018-02-23 22:04:57 -08:00
950c39c2e6
Merge pull request #840 from olehermanse/master
...
Add des_ede3_cbc cipher and more tests/examples
2018-02-21 23:03:33 -08:00
402d81bb72
Release openssl-sys 0.9.26
2018-02-18 10:48:08 -08:00
2daaf3fdea
Add some debugging-related bindings
2018-02-17 17:49:49 -08:00
90d5f85511
Add SSL_version binding
2018-02-17 13:44:21 -08:00
18b87e65e3
Fix libressl
2018-02-16 22:28:38 -08:00
4dffa0c33f
SSL session callbacks have always been around
2018-02-16 21:31:09 -08:00
a9d8bea33c
Add more session cache support
2018-02-15 21:30:20 -08:00
cc34a7149e
Add des_ede3_cbc cipher
...
Signed-off-by: Ole Herman Schumacher Elgesem <oleherman93@gmail.com>
2018-02-15 17:44:44 +01:00
2765775535
OpenSSL 1.1.1 support
2018-02-13 22:31:37 -08:00
041d473c0a
Added binding for PEM_read_bio_RSAPublicKey
...
Signed-off-by: Ole Herman Schumacher Elgesem <oleherman93@gmail.com>
2018-02-14 02:08:01 +01:00
9f35b74c1d
Release openssl 0.10.3 and openssl-sys 0.9.25
2018-02-12 10:56:06 -08:00
7a6260321d
Detect FreeBSD OpenSSL automatically
...
Closes #686
2018-02-10 20:06:05 -08:00
fda5e50638
Merge pull request #833 from CmdrMoozy/des_ede3
...
Support EVP_des_ede3.
2018-02-04 17:36:31 -08:00
404bbeddfd
Support EVP_des_ede3.
...
This cipher is used, for example, for DES challenges for authenticating
against a Yubikey, so supporting it in rust-openssl is generally useful.
2018-02-04 13:17:09 -08:00
9a27bb2c03
Release openssl-sys v0.9.24
2018-01-10 22:06:55 -08:00
af7aa52364
Adjust the SNI callback
...
Brings it more in line with how the raw callback is structured.
2018-01-06 22:20:20 -08:00
05c5c422fd
Merge pull request #820 from sfackler/key-constructor-docs
...
Rename key serialization/deserialization methods
2018-01-06 17:14:51 -08:00
3c19702299
Rename key serialization/deserialization methods
...
Also document their specific formats.
Closes #502
2018-01-06 13:27:44 -08:00
45c15a65ad
FIPS mode support
...
Closes #818
2018-01-06 08:51:20 -08:00
1553447385
Misc cleanup
2018-01-01 12:23:41 -08:00
9043cf9aa7
Move X509Filetype to SslFiletype
...
These constants have the same values, but X509_FILETYPE_DEFAULT doesn't
work in the Ssl methods and using the SSL_* names is a bit less
confusing.
2018-01-01 11:50:07 -08:00
d207897458
Parameterize keys over what they contain
...
Closes #790
2017-12-30 21:53:39 -08:00
89dd50b3ce
Add issuer name access.
...
Closes #808
2017-12-29 10:50:49 -08:00
7fbda61609
Overhaul ALPN
...
There was previously a lot of behind the scenes magic. We now bind much
more directly to the relevant functions.
Also remove APN support. That protocol is supersceded by ALPN - let's
see if anyone actually needs to use it.
2017-12-27 16:24:01 -07:00
1166a6c3bf
Flag off constant
2017-12-26 14:54:45 -07:00
129b6b9d84
Overhaul verify error type
...
Also set the error in the hostname verification callback for 1.0.1
2017-12-26 14:43:10 -07:00
48db60aca0
Release v0.9.23
2017-12-05 21:58:24 -08:00
9f1066704c
Fixing the CI tests
2017-12-02 17:13:23 +01:00
fccb2eab4e
Adding dp(), dq() and qi() methods to RSA, to get the CRT parameters back
2017-12-02 12:30:50 +01:00
0577d06912
Release openssl-sys 0.9.22
2017-11-29 09:37:42 -08:00
e221b76e28
Release v0.9.21
2017-11-17 09:11:06 -08:00
55bf390dbe
Adjust libressl version detection
...
The 2.5.3+ and 2.6.3+ series are ABI-stable, so we don't need to
whitelist individual releases in those ranges.
2017-11-13 21:51:55 -08:00
6257835757
Add support for LibreSSL 2.6.3
2017-11-13 09:51:17 -05:00
09f2a3e9db
Release v0.9.20
2017-10-14 14:36:55 -07:00
1308cb2b52
Fix cfgs for libressl262
2017-10-04 00:53:09 -04:00
e0efd1d438
Add support for LibreSSL 2.6.2
2017-10-03 23:59:33 -04:00
2c58c39e84
Fix rerun logic
...
Closes #732
2017-09-20 13:48:38 -07:00
cd558d99e7
Release v0.9.18
2017-09-20 10:21:37 -04:00
dc92a514ef
Properly handle IPs in hostname verification
2017-09-20 10:04:09 -04:00
7c5cd10d1e
Update to cc 1.0
2017-09-20 09:23:30 -04:00
18db932c60
openssl-sys: Fix typo in libressl_version definition
...
Signed-off-by: Luis Ressel <aranea@aixah.de>
2017-09-18 23:49:44 +02:00
f0db1dbc95
Merge pull request #695 from Keruspe/master
...
openssl-sys: support libressl 2.6.1
2017-09-17 13:57:18 -07:00
bf85e41d74
opensslè-sys: adjust some constants to libressl 2.6.1
...
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
2017-09-17 19:31:10 +02:00
579d4a86d2
openssl-sys: define libressl version
...
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
2017-09-17 11:43:25 +02:00
af370cf9b7
openssl-sys: support libressl 2.6.1
...
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
2017-09-14 11:56:36 +02:00
0f5e082157
Extract prefixed environment variables into helper function.
2017-09-13 23:58:28 -05:00
82d42eca8e
Use target name in variables when cross-compiling.
2017-09-13 15:39:06 -05:00
6bc0e4019b
Allow overriding lib/include dirs when cross-compiling.
2017-09-06 15:29:09 -05:00
c800ab922e
Fix build note for MinGW
...
Closes #689
2017-09-04 09:28:20 -06:00
ca40c2e6a3
Symlink README in place
...
Allows crates.io to render it properly
2017-08-21 04:00:25 -07:00
f599df124b
Add ability to get affine coordinates from EcPoint
...
The initial usecase here is creating JWK representations as defined
within RFC 7517 from an EcKey created via a PEM source.
2017-08-21 15:08:48 +10:00
9143516037
Add SHA384 and SHA512
2017-08-16 21:03:46 -07:00
673bcfaf5a
Add SHA1 an SHA224 hashers
2017-08-16 20:26:16 -07:00
c175ac639d
Release v0.9.17
2017-08-14 17:13:36 -07:00
1d92ff290e
Add a stateful SHA256 hasher
2017-08-14 17:07:44 -07:00
75d927b2bd
Merge pull request #622 from mcgoo/vcpkg
...
try to find openssl libraries in a vcpkg ports tree
2017-08-11 22:44:46 -07:00
ea6edb133e
Release v0.9.16
2017-08-10 22:17:50 -07:00
78e37bb2e1
Fully wrap feature checks
...
Otherwise OPENSSL_NO_EC2M would also trigger OPENSSL_NO_EC
2017-08-10 20:52:31 -07:00
4c3b3476f4
Merge pull request #675 from sdemos/master
...
added cms decryption
2017-08-09 14:20:51 -07:00
caf7b8ecbc
added cms decryption
2017-08-09 12:26:45 -07:00
16e8fbc31e
Fix EC_KEY_set_public_key_affine_coordinates
...
Previous definition incorrectly used `const` pointers but the
underpinning library definition (unfortunately) does not.
2017-08-09 13:34:08 +10:00
cfb4ea31d5
Support for EcKey creation from affine coordinates
...
Sets the public key for an EcKey based on its affine co-ordinates,
i.e. it constructs an EC_POINT object based on the supplied x and y
values and sets the public key to be this EC_POINT.
The initial usecase here is creating EcKey instances from JWK
representations as defined within RFC 7517.
2017-08-09 12:21:54 +10:00
c2164a4864
Add peer_cert_chain
2017-07-29 10:34:10 -07:00
01927c19ac
Initialize OpenSSL in DSA constructor
...
This fixes the double unlock errors that were popping up on circle
2017-07-25 21:59:52 -07:00
a02f039c0c
Fix build
2017-07-25 20:41:11 -07:00
82b1a12f35
Abort on bad unlock and safe core dumps
2017-07-25 20:35:29 -07:00
bf6dc28f0c
Release v0.9.15
2017-07-19 19:35:28 -07:00
43cacf00f5
Forbid LibreSSL 2.5.6+
2017-07-19 19:30:13 -07:00
453e641aa6
Support for LibreSSL 2.5.5
2017-07-17 20:29:35 +02:00
5e0146b10a
Test against libressl 2.6.0
2017-07-16 14:51:43 -07:00
bcd0dcafcb
Rustfmt
2017-07-15 21:46:11 -07:00
9290ed97c2
Merge pull request #657 from sfackler/rsa-pkcs1
...
Support PKCS#1 RSA public keys
2017-07-06 14:11:27 -10:00
88e277d49e
Inform cargo about which env vars we care about
2017-07-04 21:24:59 -07:00
279bffccf5
Merge pull request #641 from luser/psk
...
Expose PSK via a SslContextBuilder::set_psk_callback method
2017-07-04 18:19:17 -10:00
51a226eb4b
Support PKCS#1 RSA public keys
...
Closes #656
2017-07-04 20:57:00 -07:00
aa5547cdab
Enable build on LibreSSL 5.6.0 development branch.
...
Without this, openssl-sys can't compile on OpenBSD-current. As far as I can
tell, the only differences with respect to LibreSSL 5.5.4 are additional exposed
functions: there do not appear to be any breaking changes. Certainly all the
test suites in the repository succeed with this commit.
2017-06-25 14:42:39 +01:00
575e682da3
Add PKey::private_key_from_der
2017-06-23 21:04:13 -07:00
223e8e3689
Release v0.9.14
2017-06-14 19:59:45 -07:00
6b50d8940d
for msvc abi builds, allow use of openssl libs from vcpkg
2017-06-07 09:56:06 -05:00
9ba96b80b1
remove unused dependencies on windows
2017-06-06 20:56:16 -05:00
98d343dd32
Fix for changes in OpenSSL 1.1.0f
2017-06-06 18:45:54 -04:00
4de58596d9
Make some changes for review comments
2017-06-02 08:20:03 -04:00
cba475b9ae
Release v0.9.13
2017-05-29 17:46:07 -07:00
16183f41f6
Expose PSK via a SslContextBuilder::set_psk_callback method
2017-05-26 14:51:04 -04:00
61c9ffddb6
Explicitly initialize OpenSSL 1.1.0
2017-05-20 16:01:53 -07:00
7d587e2c93
Rustfmt
2017-05-20 15:53:45 -07:00
4336d1d38c
Release v0.9.12
2017-05-12 11:47:46 -07:00
f2ecdbe709
Fix support for LibreSSL versions other than 2.5.0
2017-05-12 11:16:25 -07:00
67b5fd1c97
Support public key decode from DER
...
Closes #629
2017-05-06 16:40:33 -07:00
7e8a0a0dad
Expose the lower level SHA functions
...
These don't allocate so they're both infallible and significantly
faster.
2017-04-14 23:03:17 -07:00
429f7c869e
Release v0.9.11
2017-04-14 16:56:21 -07:00
b21046375a
(issues-600) Avoid compiling ec2m code against no-ec2m openssl
...
This commit avoids defining code that leads to undefined references when
compiling against an openssl built with no-ec2m.
2017-04-11 15:42:05 -07:00
e6a6ebb87d
Add new EC/PKEY methods to permit deriving shared secrets.
2017-04-10 15:40:36 -04:00
7c24224394
show help message when pkg-config is missing
2017-03-29 19:25:00 +08:00
42ad50ae67
Release v0.9.10
2017-03-26 10:49:04 -07:00
c8d1698f27
Logic to support client-side session reuse
2017-03-25 19:30:01 -07:00
f82f650953
Panic if lock managed by `locking_function` is doubly unlocked
...
Trying to unlock an unlocked lock is always an error and should
be treated as such.
This is related to #597 .
2017-03-16 22:14:58 +00:00
bf63f35dfb
Release v0.9.9
2017-03-14 12:55:36 -07:00
663547a758
(maint) Recreate ability to pass in OPENSSL_LIBS variable
...
Prior to this commit in 43c951f743
2017-03-13 19:18:54 -06:00
06b10a5753
Release v0.9.8
2017-03-09 20:33:17 +11:00
81362a4e79
scrypt support
...
Closes #586
2017-02-21 21:15:52 -08:00
268288337b
Expose more error information
2017-02-19 16:05:58 -08:00
ce2cfc56a6
fix versions for sys as well
2017-02-16 19:49:14 -08:00
f8298882a4
add set_verify_cert_store() to ssl ctx
2017-02-16 19:49:14 -08:00
19f3b8a11a
Support PKCS#8 private key deserialization
...
Closes #581
2017-02-14 19:37:25 -08:00
06065ddcee
Release v0.9.7
2017-02-11 14:34:37 -08:00
980a71a008
Fix for libressl
2017-02-11 10:42:25 -08:00
f2c69ae7e9
Merge remote-tracking branch 'origin/master' into x509-builder
2017-02-11 10:13:00 -08:00
1c25336520
Merge branch 'master' into x509_req_version_subject
2017-02-11 09:11:25 -08:00
03fe3015dc
X509 signature algorithm access
2017-02-10 21:37:33 -08:00
8e5735d84c
X509 signature access
2017-02-10 19:59:11 -08:00
a1d7956f82
Add Asn1BitString
2017-02-10 19:38:51 -08:00
30a634c877
Merge branch 'master' into x509_req_version_subject
2017-02-07 20:41:27 +01:00
5e3dd07ee4
Clean up pkg-config logic
...
Now that we're letting the C compiler track down headers this is no
longer necessary.
2017-02-03 20:17:22 -08:00
4900d3fe5d
Fixed constant names from openssl/rsa.h
...
Fixed PKeyCtxRef method that didn't need to be mutable.
Added non-mutable accessors for PKeyCtxRef for Signer and Verifier.
2017-01-31 11:59:59 -08:00
302ee77d32
Adding suggestions from review.
2017-01-30 16:51:10 -08:00
Thomas Eizinger