129b6b9d84
Overhaul verify error type
...
Also set the error in the hostname verification callback for 1.0.1
2017-12-26 14:43:10 -07:00
2adf2cf12b
Remove deprecated APIs
2017-12-25 22:09:27 -07:00
3eab162dc2
Move to associated consts
2017-12-25 19:56:27 -07:00
bbae793eb3
Upgrade bitflags to 1.0
...
Closes #756
2017-12-25 19:38:11 -07:00
7de1499c65
Fix X509::clone impl
...
Closes #667
2017-07-19 19:23:47 -07:00
bcd0dcafcb
Rustfmt
2017-07-15 21:46:11 -07:00
f2c69ae7e9
Merge remote-tracking branch 'origin/master' into x509-builder
2017-02-11 10:13:00 -08:00
1c25336520
Merge branch 'master' into x509_req_version_subject
2017-02-11 09:11:25 -08:00
03fe3015dc
X509 signature algorithm access
2017-02-10 21:37:33 -08:00
8e5735d84c
X509 signature access
2017-02-10 19:59:11 -08:00
557b936e27
Added X509ReqRef.subject_name and X509ReqRef.version
2017-01-26 21:05:33 +01:00
54900976bb
Support EC_GROUP_set_asn1_flag
...
Closes #561
2017-01-22 10:44:59 +00:00
920ab0d6fb
OCSP functionality
2017-01-14 21:09:38 -08:00
6291407b17
Add X509::stack_from_pem
...
Implementation is a clone of SSL_CTX_use_certificate_chain_file
2017-01-03 14:56:00 -08:00
a42c6e8713
Drop rustc-serialize dependency
2016-11-09 20:35:23 +00:00
d78acc729b
Add an X509ReqBuilder
2016-11-07 20:42:43 +00:00
8f7df7b205
Add SubjectAlternativeName
2016-11-06 23:19:58 -08:00
d17c3355ab
More extension progress
2016-11-06 22:52:53 -08:00
5f18ffa4b3
Start of extension support
2016-11-06 21:58:43 -08:00
b83edbad0d
Start on an X509Builder
2016-11-06 14:07:34 -08:00
36bf0bb387
Replace GeneralNames by the new Stack API
2016-11-01 21:23:18 +01:00
dc4098bdd8
Clean up x509 name entries
2016-10-31 22:43:05 -07:00
f75f82e466
Rustfmt
2016-10-30 16:37:45 -07:00
787cad3c82
Use constants rather than constructors for Nid
2016-10-22 15:58:06 -07:00
3c50c74444
Camel case Rsa
2016-10-22 10:21:16 -07:00
2fd201d9c3
De-enumify Nid
2016-10-22 10:08:32 -07:00
98b7f2f935
Flatten crypto module
2016-10-22 09:16:38 -07:00
c171be551a
De-enumify message digests
2016-10-15 15:23:29 -07:00
43c951f743
Add support for OpenSSL 1.1.0
...
This commit is relatively major refactoring of the `openssl-sys` crate as well
as the `openssl` crate itself. The end goal here was to support OpenSSL 1.1.0,
and lots of other various tweaks happened along the way. The major new features
are:
* OpenSSL 1.1.0 is supported
* OpenSSL 0.9.8 is no longer supported (aka all OSX users by default)
* All FFI bindings are verified with the `ctest` crate (same way as the `libc`
crate)
* CI matrixes are vastly expanded to include 32/64 of all platforms, more
OpenSSL version coverage, as well as ARM coverage on Linux
* The `c_helpers` module is completely removed along with the `gcc` dependency.
* The `openssl-sys` build script was completely rewritten
* Now uses `OPENSSL_DIR` to find the installation, not include/lib env vars.
* Better error messages for mismatched versions.
* Better error messages for failing to find OpenSSL on a platform (more can be
done here)
* Probing of OpenSSL build-time configuration to inform the API of the `*-sys`
crate.
* Many Cargo features have been removed as they're now enabled by default.
As this is a breaking change to both the `openssl` and `openssl-sys` crates this
will necessitate a major version bump of both. There's still a few more API
questions remaining but let's hash that out on a PR!
Closes #452
2016-10-12 22:49:55 -07:00
8fa4059b82
Add test for `"x509_validity"` feature
2016-08-17 01:23:54 -04:00
773a6f0735
Start on PKCS #12 support
2016-08-14 10:11:38 -07:00
1ac54b06e9
Move X509_get_extensions to openssl helpers
2016-08-09 22:15:16 -07:00
0854632ff5
Make c_helpers optional
2016-08-09 22:02:49 -07:00
6b1016c86e
Add PKey::from_rsa
2016-08-07 22:56:44 -07:00
6e5cd7ef47
Remove X509Generator::bitlenth
2016-08-07 22:46:14 -07:00
1968956536
Restore disabled tests
2016-08-07 22:40:51 -07:00
2a3e9a2856
Add RSA::generate
2016-08-07 22:35:37 -07:00
77ba043acf
x509 cleanup
2016-08-07 21:53:05 -07:00
7855f428aa
PKey reform
...
This deletes the vast majority of PKey's API, since it was weirdly tied
to RSA and super broken.
2016-08-07 20:38:46 -07:00
08e27f31ed
Restructure PEM input/output methods
...
Dealing with byte buffers directly avoids error handling weirdness and
we were loading it all into memory before anyway.
2016-08-02 20:49:28 -07:00
5ed77df197
Implement save_der for X509 and X509Req
2016-07-29 12:14:49 +03:00
1b0757409d
Rustfmt
2016-05-16 23:03:13 -07:00
62c29b54c1
Update cert
...
Now with a 10 year expriation
2016-05-15 22:11:10 -07:00
2cfb25136f
Document SAN APIs and tweak accessor names
2016-05-01 09:09:51 -07:00
bf7076b785
Implement `iter` method on `GeneralNames`.
2016-05-01 00:02:10 -04:00
32722e1850
Add accessors for x509 subject alt names
2016-04-29 21:15:32 -07:00
fe0f8ea1d8
Rename Nid uid/UID to prevent breakage
2016-02-02 14:32:57 -08:00
4940ca7e92
Fix Nid::UID value
...
Nid::UID (userId) previously held the value of Nid::uid
(uniqueIdentifier).
2016-02-02 09:25:52 -08:00
5e0830286e
Preserve X.509 extension insertion order.
...
Ensures that extensions that are order-dependent are inserted in the
same order when calling out to OpenSSL during certificate signing.
Fixes #327 .
2016-01-28 20:02:44 -08:00
157e6aa961
Rustfmt
2015-12-15 21:51:20 -08:00
Steven Fackler