15420eb44a
Add Pkey docs
2018-01-07 14:13:17 -05:00
af7aa52364
Adjust the SNI callback
...
Brings it more in line with how the raw callback is structured.
2018-01-06 22:20:20 -08:00
f50dd20cb6
Fix docs
2018-01-06 21:42:37 -08:00
91e120ca95
Rename and document RSA accessors
2018-01-06 17:44:24 -08:00
05c5c422fd
Merge pull request #820 from sfackler/key-constructor-docs
...
Rename key serialization/deserialization methods
2018-01-06 17:14:51 -08:00
3c19702299
Rename key serialization/deserialization methods
...
Also document their specific formats.
Closes #502
2018-01-06 13:27:44 -08:00
45c15a65ad
FIPS mode support
...
Closes #818
2018-01-06 08:51:20 -08:00
753a7d07b1
Merge pull request #811 from apeduru/x509-docs
...
Add documentation for x509 module
2018-01-04 16:48:01 -08:00
c4620a30c6
Fix links in x509 module
2018-01-01 16:16:41 -05:00
c2430b87f7
Merge branch 'master' into x509-docs
2018-01-01 15:40:02 -05:00
1553447385
Misc cleanup
2018-01-01 12:23:41 -08:00
9043cf9aa7
Move X509Filetype to SslFiletype
...
These constants have the same values, but X509_FILETYPE_DEFAULT doesn't
work in the Ssl methods and using the SSL_* names is a bit less
confusing.
2018-01-01 11:50:07 -08:00
a4c9dd4af3
Fix x509 doc examples
2018-01-01 11:48:55 -05:00
bb5ab2b43f
Bump hex to 0.3
...
The `to_hex` method has been removed and `hex::encode` should be used
instead.
2018-01-01 17:38:38 +01:00
1a40795886
Add documentation for x509 module
2017-12-31 22:39:28 -05:00
d207897458
Parameterize keys over what they contain
...
Closes #790
2017-12-30 21:53:39 -08:00
89dd50b3ce
Add issuer name access.
...
Closes #808
2017-12-29 10:50:49 -08:00
1085e79447
Remove `SslRef::compression`
...
TLS compression is extremely deprecated, so no-one should be messing
with this in the first place.
2017-12-28 20:22:05 -08:00
23bab6336e
Add a parameter to servername
2017-12-28 10:18:23 -08:00
7fbda61609
Overhaul ALPN
...
There was previously a lot of behind the scenes magic. We now bind much
more directly to the relevant functions.
Also remove APN support. That protocol is supersceded by ALPN - let's
see if anyone actually needs to use it.
2017-12-27 16:24:01 -07:00
52a06adc08
Overhaul ssl error
2017-12-26 21:03:49 -07:00
f9866cd44f
Split X509StoreContextRef::ssl up
2017-12-26 14:53:35 -07:00
129b6b9d84
Overhaul verify error type
...
Also set the error in the hostname verification callback for 1.0.1
2017-12-26 14:43:10 -07:00
19dc6ce1eb
Adjust SslConnector and SslAcceptor construction
2017-12-26 10:39:21 -07:00
ce0641f093
Drop Any bounds
2017-12-26 08:55:12 -07:00
2adf2cf12b
Remove deprecated APIs
2017-12-25 22:09:27 -07:00
3744e31e16
Fix a bunch of FIXMEs
2017-12-25 21:44:41 -07:00
7cc6c9b2f2
Tweak default ssl options
2017-12-25 21:18:49 -07:00
7d0c6c9442
Fix tests
2017-12-25 20:32:06 -07:00
77448362ce
Rename X509FileType to X509Filetype
2017-12-25 19:57:02 -07:00
3eab162dc2
Move to associated consts
2017-12-25 19:56:27 -07:00
bbae793eb3
Upgrade bitflags to 1.0
...
Closes #756
2017-12-25 19:38:11 -07:00
2aaba8bd7a
Make Nid values associated constants
2017-12-25 19:19:47 -07:00
34d700309c
Clean up 1.0.1 hostname verification
2017-12-23 19:32:33 -07:00
196a855d2a
Allow SNI and hostname verification to be configured separately
...
Closes #728
2017-12-23 12:47:38 -08:00
43753698da
Impl Send + Sync for x509 stuff
2017-12-13 11:35:04 -05:00
4b732dad19
Fix link
2017-12-09 15:50:23 -08:00
3207e57a09
Finish documentation for the ssl module
...
Closes #727
2017-12-04 22:15:56 -08:00
bf70d3dd71
Docs for the ssl module.
...
cc #727
2017-12-03 23:10:56 -08:00
4a10c31219
Impl deref for acceptor/connector builders
2017-12-03 19:24:11 -08:00
531ca4a0fa
Documentation for the `sign` module.
...
Closes #720
2017-12-03 17:01:12 -08:00
1c4b933faf
Rename Signer::finish to sign_to_vec
2017-12-03 15:58:37 -08:00
3cd486d956
Clean up tests
2017-12-03 15:30:22 -08:00
13a13727e8
Merge pull request #785 from P-E-Meunier/split-signer-finish
...
Splitting the sign::Signer::finish function, to avoid allocations
2017-12-03 15:08:51 -08:00
9732264b51
Simplifying finish_into
2017-12-03 23:37:58 +01:00
905d3f716b
Splitting the sign::Signer::finish function, to avoid allocations
2017-12-03 12:10:21 +01:00
fccb2eab4e
Adding dp(), dq() and qi() methods to RSA, to get the CRT parameters back
2017-12-02 12:30:50 +01:00
e9ad9f1afd
Upgrade foreign-types
...
foreign-types 0.3 and 0.2 now share the same types and traits, so this
is backwards compatible.
2017-11-26 17:07:24 -07:00
de987f20c8
Revert "Update foreign-types to 0.3"
2017-11-21 08:51:37 -08:00
93be1c4f2f
Update foreign-types to 0.3
2017-11-21 09:17:39 +01:00
55bf390dbe
Adjust libressl version detection
...
The 2.5.3+ and 2.6.3+ series are ABI-stable, so we don't need to
whitelist individual releases in those ranges.
2017-11-13 21:51:55 -08:00
6257835757
Add support for LibreSSL 2.6.3
2017-11-13 09:51:17 -05:00
0bae121e12
Added a macro that wraps foreign type, and impl Send and Sync for both,
...
the borrowed type and the owned one.
Replaced all invocation of `foreign_type` by `foreign_type_and_impl_send_sync`.
2017-11-10 10:05:52 -05:00
8830bd5daf
Add a couple of FIXMEs
2017-11-05 10:47:05 -08:00
6bb54e0171
Merge pull request #764 from AndyGauge/doc-error
...
Doc error
2017-11-05 10:24:59 -08:00
a1a3219483
Handle local retries
...
OpenSSL can return SSL_ERROR_WANT_READ even on blocking sockets after
renegotiation or heartbeats. Heartbeats ignore the flag that normally
makes these things handled internally anyway on 1.0.2. To handle this
more properly, we now have a special error type we use to signal this
event. The `Read` and `Write` implementation automatically retry in this
situation since that's what you normally want. People can use `ssl_read`
and `ssl_write` if they want the lower level control.
Closes #760
2017-11-04 13:32:18 -07:00
829c805543
fixed broken example and syntax error in module level documentation
2017-11-04 12:24:24 -07:00
27c3b01ad8
Merge pull request #747 from BrianOn99/symm
...
Symm documentation
2017-11-04 11:51:05 -07:00
f79d92dd67
Merge pull request #761 from AndyGauge/doc-ec
...
Doc ec module
2017-11-04 11:50:22 -07:00
a5c582a7df
Update data-encoding major version
2017-11-04 18:33:00 +01:00
556f371689
Error documentation improvement
2017-10-27 16:59:36 -07:00
cda2662cbc
Merge branch 'master' into doc-ec
2017-10-24 16:44:21 -07:00
df10bcf960
Update documentation for EC module
2017-10-24 16:43:01 -07:00
d5299a8d2b
Fixed a typo in an error message, WANT_WRITE -> WANT_READ
2017-10-17 20:06:35 -05:00
f4f00d4613
Merge pull request #755 from AndyGauge/doc-dsa
...
Documentation for DSA module
2017-10-14 13:08:17 -07:00
80efaf72e6
DSA size returns maximum size of signature
2017-10-11 13:06:52 -07:00
a62069cef9
Began EC documenation
2017-10-11 13:04:53 -07:00
2c7f0e7604
Merge branch 'master' of https://github.com/sfackler/rust-openssl
2017-10-09 12:10:04 -07:00
39f918ff3d
Documentation improvements for DSA module
2017-10-09 12:06:46 -07:00
75e6db6f00
Move doc details into another paragraph
2017-10-09 11:14:27 +08:00
44a000f3a6
Merge pull request #753 from zsck/issue719
...
Added module-level documentation for the `sha` module.
2017-10-08 16:54:13 -07:00
79d6172571
Merge pull request #749 from johnthagen/conf
...
Document conf module
2017-10-08 16:52:30 -07:00
407f330d7b
Move OpenSSL implementation details into a normal comment
2017-10-07 18:29:53 -04:00
a33efaa349
Include the hex crate and ToHex import to the second example
2017-10-07 17:07:53 -04:00
f206eb6a4b
Added module-level documentation for the `sha` module.
...
The documentation included describes what the SHA family of hash functions is,
what hash functions are for, and a little bit about why one may want to use the
SHA family of hash functions. I have also included a couple of examples demonstrating
how to create a hasher and update it, as well as how to hash bytes directly.
2017-10-07 16:49:09 -04:00
9d43fc6e02
Merge pull request #744 from AndyGauge/doc-bn
...
Doc BigNum
2017-10-07 13:44:54 -07:00
0058478392
Merge pull request #748 from AndyGauge/doc-cms
...
CMS module documentation
2017-10-07 13:08:32 -07:00
040287dbb5
Module level documentaiton rewrite
2017-10-04 08:22:40 -07:00
a989e414f4
Describe return values of groups.
2017-10-04 08:17:14 -07:00
de18ccf5fe
Begun DSA documentation
2017-10-04 08:01:35 -07:00
ff8f54812c
Merge pull request #752 from chrisvittal/libressl262
...
Add support for LibreSSL 2.6.2
2017-10-03 22:11:29 -07:00
1308cb2b52
Fix cfgs for libressl262
2017-10-04 00:53:09 -04:00
e0efd1d438
Add support for LibreSSL 2.6.2
2017-10-03 23:59:33 -04:00
b5bb8de4f2
Convert try! usage to ?
2017-10-03 17:44:02 -04:00
4f8195c472
Document conf module
2017-10-03 17:32:49 -04:00
4e59fab753
CMS module documentation
2017-10-03 11:07:35 -07:00
7c40c5269c
Finished BigNum documentation
2017-10-03 09:52:14 -07:00
ff53750cab
Additional notes on Crypter
2017-10-04 00:28:32 +08:00
76ecc13cec
Copy example to module level
2017-10-04 00:05:30 +08:00
79a8ebb631
Add examples and more documentation to symm
2017-10-03 23:59:16 +08:00
7159215e45
Merge pull request #743 from AndyGauge/doc-asn1
...
Doc asn1 module
2017-09-30 21:14:12 -07:00
219f13eb35
Deprecate crypto module
2017-09-30 21:29:57 -04:00
b078c67dbb
Hide deprecated crypto module from docs
2017-09-30 12:06:09 -04:00
feb3eb3f01
removed deny missing docs
2017-09-29 16:23:16 -07:00
1e161e924f
WIP BigNum function documentation
2017-09-29 16:00:34 -07:00
9a63044175
Merge branch 'master' into doc-bn
2017-09-29 09:40:30 -07:00
38f0e8d9ee
Changed Asn1Object documentation to include references to Nid
2017-09-29 09:37:46 -07:00
b44d37acaf
Began bn module documenation
2017-09-29 09:18:44 -07:00
1766c1d327
Merge pull request #736 from johnthagen/hide-ec-key
...
Hide ec_key module in docs
2017-09-28 23:56:19 -04:00
c3fc494427
Merge pull request #737 from johnthagen/rand
...
Document rand module
2017-09-28 23:56:03 -04:00
7c0965e66d
Merge pull request #740 from johnthagen/memcmp
...
Document memcmp module
2017-09-28 23:51:38 -04:00
2c7a19013c
documented and example for ASN1 module
2017-09-28 16:27:00 -07:00
b65540709f
Document nid module
2017-09-28 14:25:39 -04:00
c5aef19d05
Add instructions for adding OpenSSL DLLs to PATH if needed during install
2017-09-28 13:34:49 -04:00
1e3b8183bb
Moved details about function and reworded block requirements
2017-09-28 08:04:10 -07:00
a02b07fe76
WIP ASN.1 documentation
2017-09-28 08:00:23 -07:00
c4b044b6ba
Fix doc test and move external documentation link to rand_bytes function
2017-09-28 10:36:53 -04:00
26fa22fe04
Fix typos
2017-09-28 09:52:46 -04:00
220c707fd9
Document rand module
2017-09-28 09:49:03 -04:00
0f0ab2e425
Hide ec_key module in docs because it is deprecated
2017-09-28 09:28:08 -04:00
f759f8dd4a
Preface with links to conventional AES
2017-09-27 08:46:13 -07:00
ad879ad7de
AES (IGE) encryption documentation
2017-09-26 16:51:37 -07:00
afde5a84b1
AES Module level docs and example
2017-09-26 16:34:06 -07:00
b07b0e7fb7
WIP: document AES
2017-09-25 17:01:08 -07:00
dc92a514ef
Properly handle IPs in hostname verification
2017-09-20 10:04:09 -04:00
f0db1dbc95
Merge pull request #695 from Keruspe/master
...
openssl-sys: support libressl 2.6.1
2017-09-17 13:57:18 -07:00
b73548da18
openssl: ecdh_tmp_callback doesn't work with libressl 2.6.1
...
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
2017-09-17 19:55:47 +02:00
5091830379
openssl: libressl 2.6.1 dropped suuport for npn
...
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
2017-09-17 19:46:05 +02:00
7d41009a9c
Update default client cipher list
2017-09-16 13:10:55 -04:00
9bd64edc08
Fix indentation
2017-09-15 22:31:03 -04:00
68a30c29c9
Set SSL_MODE_RELEASE_BUFFERS by default
...
Closes #696
2017-09-14 19:15:00 -07:00
1a6edc409f
Rename function, removing `get_`
...
Fix per PR comment, should have been like this from the start :).
2017-08-22 07:44:27 +10:00
f599df124b
Add ability to get affine coordinates from EcPoint
...
The initial usecase here is creating JWK representations as defined
within RFC 7517 from an EcKey created via a PEM source.
2017-08-21 15:08:48 +10:00
9143516037
Add SHA384 and SHA512
2017-08-16 21:03:46 -07:00
673bcfaf5a
Add SHA1 an SHA224 hashers
2017-08-16 20:26:16 -07:00
1d92ff290e
Add a stateful SHA256 hasher
2017-08-14 17:07:44 -07:00
ea6edb133e
Release v0.9.16
2017-08-10 22:17:50 -07:00
4c3b3476f4
Merge pull request #675 from sdemos/master
...
added cms decryption
2017-08-09 14:20:51 -07:00
caf7b8ecbc
added cms decryption
2017-08-09 12:26:45 -07:00
be1b573f6b
Delete DTLS tests
2017-08-08 22:01:58 -07:00
c966583877
Refine sig for set_public_key_affine_coordinates
...
This functions signature was originally defined to require mutable
references for `x` / `y` as the underpinning OpenSSL C API
was not `const`.
However the actual OpenSSL implementation makes no changes. This being
the case we've chosen to reflect non mutability at the Rust level.
2017-08-09 14:20:22 +10:00
16e8fbc31e
Fix EC_KEY_set_public_key_affine_coordinates
...
Previous definition incorrectly used `const` pointers but the
underpinning library definition (unfortunately) does not.
2017-08-09 13:34:08 +10:00
d9e0321851
Set the private key within EcKeyBuilder
...
The initial usecase here is creating EcKey instances from JWK
representations, that hold private keys, as defined within RFC 7517.
2017-08-09 12:44:54 +10:00
cfb4ea31d5
Support for EcKey creation from affine coordinates
...
Sets the public key for an EcKey based on its affine co-ordinates,
i.e. it constructs an EC_POINT object based on the supplied x and y
values and sets the public key to be this EC_POINT.
The initial usecase here is creating EcKey instances from JWK
representations as defined within RFC 7517.
2017-08-09 12:21:54 +10:00
f34af83653
Init in bn_ctx constructor
2017-07-30 13:24:36 -07:00
d1a42598d7
Init in Dh constructors
2017-07-30 13:23:19 -07:00
c2164a4864
Add peer_cert_chain
2017-07-29 10:34:10 -07:00
a132834132
Ignore dtls tests
...
They're way too flaky.
Closes #525
2017-07-29 09:54:04 -07:00
8fa9b58743
Tweak formatting on cipher list
2017-07-26 20:49:24 -07:00
01927c19ac
Initialize OpenSSL in DSA constructor
...
This fixes the double unlock errors that were popping up on circle
2017-07-25 21:59:52 -07:00
bf6dc28f0c
Release v0.9.15
2017-07-19 19:35:28 -07:00
7de1499c65
Fix X509::clone impl
...
Closes #667
2017-07-19 19:23:47 -07:00
9c9a0efafc
Remove unused import
2017-07-16 14:31:27 -07:00
374ad206d5
Use foreign-type's Opaque
2017-07-15 21:53:49 -07:00
bcd0dcafcb
Rustfmt
2017-07-15 21:46:11 -07:00
5c2410c38a
Init before creating ex indexes
2017-07-15 18:58:24 -07:00
dbbf446a9e
Fix build
2017-07-15 17:25:02 -07:00
c68db708ee
Don't overwrite the configured verify mode
...
We can leverage the new extra data API to configure the verification
mode up front so users can reconfigure it as they like.
2017-07-15 16:50:36 -07:00
fd52bbe85c
Add an API to install extra data
2017-07-15 16:50:36 -07:00
e3c7a2785c
Move callbacks to a submodule
2017-07-15 16:50:36 -07:00
9290ed97c2
Merge pull request #657 from sfackler/rsa-pkcs1
...
Support PKCS#1 RSA public keys
2017-07-06 14:11:27 -10:00
279bffccf5
Merge pull request #641 from luser/psk
...
Expose PSK via a SslContextBuilder::set_psk_callback method
2017-07-04 18:19:17 -10:00
51a226eb4b
Support PKCS#1 RSA public keys
...
Closes #656
2017-07-04 20:57:00 -07:00
575e682da3
Add PKey::private_key_from_der
2017-06-23 21:04:13 -07:00
223e8e3689
Release v0.9.14
2017-06-14 19:59:45 -07:00
240eb9731f
Properly reexport ConnectConfiguration
2017-06-14 19:54:09 -07:00
d7135c88ac
Fix documentation typo
2017-06-10 18:40:57 -04:00
98d343dd32
Fix for changes in OpenSSL 1.1.0f
2017-06-06 18:45:54 -04:00
4de58596d9
Make some changes for review comments
2017-06-02 08:20:03 -04:00
3028958bf6
Little docs fix
2017-05-29 21:11:49 -07:00
c89af1d5f8
Add a fixme
2017-05-29 18:04:32 -07:00
cba475b9ae
Release v0.9.13
2017-05-29 17:46:07 -07:00
16183f41f6
Expose PSK via a SslContextBuilder::set_psk_callback method
2017-05-26 14:51:04 -04:00
27728f6fd9
Update bitflags 0.8 -> 0.9
2017-05-22 12:44:22 +03:00
4336d1d38c
Release v0.9.12
2017-05-12 11:47:46 -07:00
67b5fd1c97
Support public key decode from DER
...
Closes #629
2017-05-06 16:40:33 -07:00
0efef98848
Add a note to rename variant
2017-05-06 16:35:55 -07:00
dd3896fdc5
Clarify use of ssl::HandshakeError::Interrupted
2017-05-03 12:03:18 -07:00
7e8a0a0dad
Expose the lower level SHA functions
...
These don't allocate so they're both infallible and significantly
faster.
2017-04-14 23:03:17 -07:00
429f7c869e
Release v0.9.11
2017-04-14 16:56:21 -07:00
fd6a1f70bd
Merge pull request #616 from sfackler/no-alloc
...
Don't force allocation for message digests
2017-04-13 19:37:11 -07:00
4cf9f6c4c0
Don't force allocation for message digests
2017-04-13 19:02:31 -07:00
b21046375a
(issues-600) Avoid compiling ec2m code against no-ec2m openssl
...
This commit avoids defining code that leads to undefined references when
compiling against an openssl built with no-ec2m.
2017-04-11 15:42:05 -07:00
e6a6ebb87d
Add new EC/PKEY methods to permit deriving shared secrets.
2017-04-10 15:40:36 -04:00
42ad50ae67
Release v0.9.10
2017-03-26 10:49:04 -07:00
ba2460d38d
Merge pull request #606 from cjcole/master
...
Fix order of arguments to BN_rand_range and BN_pseudo_rand_range
2017-03-26 05:01:29 +01:00
c8d1698f27
Logic to support client-side session reuse
2017-03-25 19:30:01 -07:00
d239e04c70
Fix order of arguments to BN_rand_range and BN_pseudo_rand_range
2017-03-25 12:29:18 -04:00
bf63f35dfb
Release v0.9.9
2017-03-14 12:55:36 -07:00
06b10a5753
Release v0.9.8
2017-03-09 20:33:17 +11:00
efe96396ad
Merge pull request #592 from Byron/master
...
Fix for len() == isize::max() for stacks that are unallocated
2017-03-09 20:28:42 +11:00
463db85110
Don't allow Stacks to be allocated with a null-ptr
...
The latter must be seen as undefined behaviour, as it will cause
the `sk_num` function to return -1 to indicate the error, which
causes all kinds of issues.
Thus there now is a panic to abort the program if stacks are initialized
with a null-ptr, and special handling of that case when decoding
a Pkcs file.
2017-03-07 07:39:25 +01:00
97536a9b82
Merge pull request #585 from bluejekyll/master
...
some helpful documentation and example on set_subject_name()
2017-03-07 13:19:52 +11:00
ec2685347c
Fix for empty stacks
...
The culprit is that `sk_num(stack)` can return -1
as c_int if there is no stack allocated.
Previously, thanks to unsafe casts, this would result in
a isize::max() for len() and iteration size if there was no stack.
Now this case is handled specifically, which fixes the issue.
2017-03-06 10:14:39 +01:00
f92ac2477b
Add test to run into issue with stack.len()
2017-03-06 09:59:00 +01:00
bf21ff5f80
Fix Shr trait impl for BigNum: was using shl
2017-03-01 11:24:11 -05:00
b431896057
mention the common fields
2017-02-22 22:05:39 -08:00
81362a4e79
scrypt support
...
Closes #586
2017-02-21 21:15:52 -08:00
9b24698aee
some helpful documentation and example.
2017-02-20 14:48:49 -08:00
268288337b
Expose more error information
2017-02-19 16:05:58 -08:00
618cc70d19
Add a fixme to drop const prefixes
2017-02-19 14:24:05 -08:00
710a30bb40
Tweaks
2017-02-18 21:58:38 -08:00
88740c1374
add Ok to result
2017-02-16 19:59:02 -08:00
323a646383
only forget in non-error condition
2017-02-16 19:50:58 -08:00
eef5b5d2ac
review fixes: reorder forget()
2017-02-16 19:49:14 -08:00
d080c10910
fix cfg options for v102 and v110
2017-02-16 19:49:14 -08:00
f8298882a4
add set_verify_cert_store() to ssl ctx
2017-02-16 19:49:14 -08:00
19f3b8a11a
Support PKCS#8 private key deserialization
...
Closes #581
2017-02-14 19:37:25 -08:00
06065ddcee
Release v0.9.7
2017-02-11 14:34:37 -08:00
129a3cff08
Update deprecation version
2017-02-11 10:27:09 -08:00
Ansley Peduru