963e3994a5
Add support for AES-OCB mode
2020-05-08 23:16:13 +02:00
5d7d83e869
Fix function name in peer_finished documentation
2020-04-12 16:20:13 +03:00
d47dc792ce
Release openssl v0.10.29
2020-04-07 18:00:49 -07:00
1ed175f85f
FIx build
2020-04-07 17:39:56 -07:00
40e66bab6b
Add SslContextBuilder::set_cert_store
2020-04-07 17:05:38 -07:00
b027f16031
Merge pull request #1253 from coolreader18/no-vendor-env-var
...
Check for the OPENSSL_NO_VENDOR environment variable
2020-04-05 10:01:28 -04:00
517fc81d40
Update openssl/src/lib.rs
2020-04-05 09:52:20 -04:00
d6772960a3
Add documentation for OPENSSL_NO_VENDOR
2020-04-04 21:18:20 -05:00
2cbc436b8b
Merge pull request #1248 from coolreader18/ssl-functions
...
Add functions for SSL{_CTX}_get_verify_mode and SSL_is_init_finished
2020-03-26 20:52:42 -04:00
ef369f827e
Merge pull request #1249 from coolreader18/more-ssl-method
...
Add SslMethod::tls_{client,server}
2020-03-25 20:57:23 -04:00
354a984a7c
Add SslMethod::tls_{client,server}
2020-03-24 21:56:04 -05:00
e450f3fee0
Update openssl/src/ssl/mod.rs
2020-03-24 19:27:04 -04:00
f572a8306b
Add man page links
2020-03-24 17:01:14 -05:00
29f62786ff
Update openssl/src/x509/store.rs
2020-03-24 17:20:54 -04:00
1e9cc8426e
Add functions for SSL{_CTX}_get_verify_mode and SSL_is_init_finished
2020-03-24 15:32:39 -05:00
41162e27ab
Add a shim for X509_STORE_get0_objects and X509_OBJECT_free
2020-03-24 12:33:54 -05:00
e268a5ac7e
Check null ptr for non-x509 X509Object
2020-03-23 10:20:30 -05:00
8cfb59b9ea
Add a way to get the certificates stored in an X509Store
2020-03-22 23:20:59 -05:00
e7d0e69c74
Fix the memory leak in `X509Builder::append_extension`.
...
Also add an alternative method that takes a `X509ExtensionRef`.
2020-02-26 16:23:46 +02:00
7801226796
Tweak interface a bit
2020-02-12 16:14:28 -08:00
eed35cefb0
Merge pull request #1229 from axos88/master
...
SslAcceptor and SslConnector: Ability to turn into SslContext
2020-02-12 19:10:01 -05:00
c81810d869
adds ability access the internal &SslContext of an SslAcceptor and SslConnector
2020-02-12 22:15:11 +01:00
16d93a9372
Allow bad style on pkey.rs
2020-02-11 14:28:53 -08:00
4898f60e52
Attach cfg[allow_deprecated] to methods w/ uninitialized functionality
...
Additionally - update usage of ONCE_INIT
2020-02-10 12:53:51 -08:00
62187377b5
Release openssl v0.10.28
2020-02-04 21:58:26 +00:00
4b1564ebc1
Fix mutability of oneshot sign/verify methods
2020-02-04 21:50:40 +00:00
972c7ae11a
Fix visibility of Signer::new_intern
2020-02-03 16:18:23 +00:00
61d5a1e38d
Release openssl v0.10.27
2020-01-29 15:40:05 -08:00
9189b67326
Add NO RENEGOTIATION option
...
SSL_OP_NO_RENEGOTIATION was added in OpenSSLv1.1.1 and backported to
v1.1.0h.
2020-01-28 04:07:38 +09:00
ad37e7e07d
Merge pull request #1160 from HyeonuPark/set-dtls-mtu
...
Add ssl::set_dtls_mtu_size(usize)
2020-01-13 12:53:23 -05:00
4d5e5e1787
add SslStreamBuilder::set_dtls_mtu_size(usize)
2019-12-29 04:17:00 +09:00
bba670dc90
Avoid false-failures if underlying network connection errors
...
In Air-Gapped or otherwise network-restricted environments,
TcpStream::connect can spuriously fail due to name resolution
failure, or just in establishing the socket itself.
In this situation, the test can't give a meaningful result, and this
failure doesn't indicate a problem in the OpenSSL stack.
Bug: https://github.com/sfackler/rust-openssl/issues/1215
2019-12-27 21:15:39 +13:00
4a05dc7894
Merge pull request #1205 from npmccallum/modernize
...
Fix warnings on newer Rust
2019-12-24 07:48:04 -08:00
fc3c0a93d5
remove deprecated Error::description, replace deprecated cause with source
2019-12-21 23:53:49 +01:00
0815ac9b5d
Merge pull request #1208 from Sach1nAgarwal/comment2
...
Fix documentation typo of "the"
2019-12-20 09:14:58 -05:00
4cec131f37
Merge pull request #1207 from Sach1nAgarwal/comment1
...
In the documentation of SslContextBuilder::set_session_id_context, we…
2019-12-20 09:14:44 -05:00
3ca6974f9e
Merge pull request #1209 from Sach1nAgarwal/comment3
...
Fix documentation typo of link
2019-12-20 09:14:28 -05:00
81cd1736d9
In the documentation of SslContextBuilder::set_cipher_list, we had given
...
link of "SSL_get_client_ciphers" rather than "SSL_CTX_set_cipher_list". In this commit,
we fix the typo.
2019-12-20 08:48:38 +05:30
7599cc5b43
In the documentation of SslContextBuilder::set_certificate, we had written
...
"lthe" rather than "the". In this commit,
we fix the typo.
2019-12-20 08:40:01 +05:30
96c49eee3c
In the documentation of SslContextBuilder::set_session_id_context, we had written
...
"be be" rather than "be". In this commit,
we fix the typo.
2019-12-20 08:32:51 +05:30
2e00fb371b
Replace try!() with ?
2019-12-17 16:09:06 +00:00
0d8561b58a
Merge pull request #1202 from traviscross/fix-chain-typo
...
Fix documentation typo of "chain"
2019-12-13 07:19:44 -05:00
ac8214dad3
Fix documentation typo of "chain"
...
In the documentation of `SslRef::verified_chain`, we had written
"certificate chani" rather than "certificate chain". In this commit,
we fix the typo.
2019-12-12 22:03:42 +00:00
2fe7462aa9
Fix link
...
Closes #1201
2019-12-12 07:25:29 -05:00
6202626629
fix a typo in the description of `Asn1Time`
2019-12-09 16:23:27 -05:00
9f4c489588
Use d2i_PKCS8_PRIV_KEY_INFO instead of *_bio
2019-12-04 02:02:33 +01:00
fc529b6c81
Pkey::private_key_from_pkcs8 free p8inf
2019-12-03 03:05:05 +01:00
a7fa260331
Support for PKCS#8 unencrypted private key deserialization
2019-12-01 03:02:01 +01:00
454cb6f9bc
Merge pull request #1192 from fengyc/master
...
Add EVP_md_null() and MessageDigest::md_null()
2019-11-23 10:17:07 -05:00
395142f7cf
Update openssl/src/hash.rs
...
Rename MessageDigest::md_null to MessageDigest::null
Co-Authored-By: Steven Fackler <sfackler@gmail.com>
2019-11-23 22:46:32 +08:00
2034331e0e
Release openssl v0.10.26
2019-11-22 15:35:03 -08:00
a5c757f164
Release openssl-sys v0.9.53
2019-11-22 15:29:03 -08:00
605003eec8
Fix up base64 docs
2019-11-22 15:22:47 -08:00
288b189de0
Add EVP_md_null() and MessageDigest::md_null()
2019-11-22 16:33:15 +08:00
18552f1f1d
Cleanup
2019-11-21 17:10:34 -08:00
b5eafedf17
Merge pull request #1191 from sfackler/fix-seal
...
Fix IV handling in envelope
2019-11-21 20:09:21 -05:00
56335d12fc
Merge pull request #1183 from adamreichold/base64
...
Expose OpenSSL interfaces for base64 coding.
2019-11-21 20:04:18 -05:00
f85d631fcf
Merge pull request #1184 from Atul9/cargo-fmt
...
Format code using 'cargo fmt'
2019-11-21 20:01:39 -05:00
ca5474683a
Fix IV handling in envelope
...
Closes #1190
2019-11-21 16:59:44 -08:00
0fb1e55a98
Allow configuration of EC groups and signature algorithms
...
Closes #1186
2019-11-16 10:54:27 -08:00
784978bad0
Format code using 'cargo fmt'
2019-11-14 21:00:53 +05:30
86db2315d4
Avoid initialization overhead for base64 coding
2019-11-14 10:09:44 +01:00
bcbebbcace
Expose EVP_{Encode,Decode}Block interfaces for base64 coding
2019-11-14 10:06:24 +01:00
34c2b69118
Merge pull request #1180 from PrismaPhonic/master
...
Added clonability for sha hash state. Useful for incremental hashing
2019-11-11 21:01:19 -05:00
5991f425fa
Added unit test to test that new cloning feature works as intended
2019-11-11 16:40:05 -08:00
8fae1115a4
Changed all sha objects to be clonable per PR review suggestion.
2019-11-11 16:31:47 -08:00
258c49a581
Add #[cfg(ossl110)]
2019-11-11 23:03:40 +01:00
6d6429237d
Add EC_GROUP_order_bits
2019-11-11 22:04:14 +01:00
22f029064a
Added clonability for sha hash state. Useful for incremental hashing
2019-11-11 11:09:49 -08:00
80e0dd03ba
Add method to create Asn1Time from time_t value
...
This is mostly just a rework of the earlier work done by @illegalprime
in his PR #673 and credit should go to him.
2019-10-13 23:10:16 +02:00
14a6a98ebf
Add diff method and comparisons to Asn1TimeRef
...
This implements a `diff` method on `Asn1TimeRef` using `ASN1_TIME_diff`
and uses this new method to implement combinations of `PartialEq` and
`PartialOrd` for `Asn1Time` and `Asn1TimeRef`.
This is mostly just a rework of the earlier work done by @illegalprime
in his PR #673 and credit should go to him.
2019-10-13 23:09:12 +02:00
b771738a3a
Fix rustc warnings
...
- Use `..=` for inclusive ranges
- Add the `dyn` keyword for trait objects
- Switch from `ONCE_INIT` to `std::sync::Once::new()`
2019-10-08 08:35:35 -04:00
bb3e0f474b
Release openssl v0.10.25
2019-10-02 17:52:36 -07:00
02c3262be8
Release openssl-sys v0.9.50
2019-10-02 17:46:57 -07:00
7ce0835b74
Implement Clone for PKey
2019-10-01 18:45:10 -07:00
79d6d1ff2b
Merge pull request #1153 from sturmsebastian/eddsa
...
Added support for Ed25519 and Ed448 signatures
2019-09-08 20:49:41 -04:00
cf9978bc0e
Ensure Signer::len has documentation
...
Applied conditional compilation to internal helpers
2019-09-08 14:45:06 +02:00
9780fd6ba2
Merge pull request #1152 from thomaswhiteway/ecdsa_sig_set0_leak
...
Free r and s on ECDSA_SIG before overwriting them in ECDSA_SIG_set0
2019-09-06 09:20:33 -04:00
106d613805
Free r and s on ECDSA_SIG before overwriting them in ECDSA_SIG_set0
2019-09-06 10:52:15 +01:00
bdede43afe
Added support for Ed25519 and Ed448 signatures
2019-08-16 11:15:04 +02:00
8b2c370b86
Release openssl-sys v0.9.49
2019-08-15 22:19:46 -04:00
dbe0672dc4
Release openssl v0.10.24
2019-07-19 07:45:32 -07:00
45c83e2772
Release openssl-sys v0.9.48
2019-07-19 07:30:11 -07:00
8d2e9e783d
Hack around an unpatched OpenSSL issue
...
Why backport fixes to your LTS version? Seems like a lot of work, I
guess!
Closes #1133
2019-07-18 22:44:02 -04:00
d598f156a7
Add AES-192 tests in CTR, CFB, and OFB modes
2019-07-07 11:07:20 +08:00
88c5bd81c7
Add AES-192 and OFB mode
2019-07-06 17:11:37 +08:00
a02a962f7d
Expose pem serialize function for DSA private key
...
Expose private_key_to_pem() & private_key_to_pem_passphrase() for DsaRef
2019-06-30 23:35:50 +08:00
850e93ee85
Don't depend on NO_SSL_MASK
2019-06-28 20:07:22 -07:00
d3104955dd
Minimize test duplication
2019-06-28 19:51:52 -07:00
1b3e0c8a15
Add mozilla v5 configurations
...
Closes #1134
2019-06-28 19:42:29 -07:00
aef0517dcf
Expose EC_POINT_dup as EcPoint::to_owned
2019-06-19 21:34:48 +02:00
e8fc907da3
Expose EC_GROUP_get_cofactor as EcGroup::cofactor
2019-06-14 16:41:47 +02:00
390d71f1e5
Expose EC_GROUP_get0_generator as EcGroup::generator
2019-06-13 03:09:45 +02:00
fab6ea4727
Conditionally compile PEM functions for CMS
...
Apparently libressl does not quite support all CMS functions (well, at
least the bindings for CMS are currently compile-time guarded), so CI
checks inside the systest fail during the verification on libressl.
This is an attempt to fix it.
2019-06-12 16:48:16 +02:00
ed966a09ac
Extend CMS unit tests (pem/der conversions)
2019-06-12 10:36:44 +02:00
69ee79d435
Fix formatting in cms `to_der` implementation
2019-06-12 10:24:53 +02:00
124c05d058
Add `CmsContentInfo` <-> PEM bindings
2019-06-12 10:23:48 +02:00
d2e48e8d1f
Add Debug impl for EcKey
2019-06-10 21:57:10 +08:00
1c3f5b5f57
Address comments
2019-06-07 19:32:36 -06:00
b9341856b1
Add AES_wrap_key and AES_unwrap_key functionality
2019-06-05 21:03:34 -06:00
Henrik Böving