min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,750 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

783 Commits

Author SHA1 Message Date
Alex Crichton 8e01f8d250 Handle zero-length reads/writes 
This commit adds some short-circuits for zero-length reads/writes to
`SslStream`. Because OpenSSL returns 0 on error, then we could mistakenly
confuse a 0-length success as an actual error, so we avoid writing or reading 0
bytes by returning quickly with a success.
 2016-12-20 15:52:18 -08:00
Steven Fackler 791f2c8f4d Release v0.9.3 2016-12-09 21:54:06 -08:00
Steven Fackler 26cefe7d97 Switch to docs.rs for docs 2016-12-09 21:52:43 -08:00
Steven Fackler 152d788998 Fix ErrorStack display 2016-12-09 21:32:41 -08:00
0xa 5340895249 Add Blowfish tests 2016-12-09 21:31:26 +00:00
0xa 0850f605b1 Use EVP_bf_cfb64 instead of EVP_bf_cfb 2016-12-09 18:42:10 +00:00
0xa 0081665339 Add Blowfish support 2016-12-09 17:06:15 +00:00
Steven Fackler 0602712bf4 Release v0.9.2 2016-11-27 22:23:32 -08:00
Steven Fackler 146512099b Implement Clone for SslConnector and SslAcceptor 2016-11-27 21:35:35 -08:00
Steven Fackler 234f126d7d Cleanup 2016-11-27 21:00:59 -08:00
Steven Fackler 8b60d4a3c2 Return Option from group 2016-11-16 15:45:15 -08:00
Steven Fackler e58dda8990 Remove EcGroup constructors 
You also need a generator and possibly other stuff. Let's hold off on
construction until someone has a concrete requirement for them.
 2016-11-16 13:53:03 +01:00
Steven Fackler 7515510125 Test elliptic curve signatures 2016-11-15 22:06:20 +01:00
Steven Fackler ec0fa36714 Add a test for mul_generator 2016-11-15 21:24:34 +01:00
Steven Fackler b914f779e8 Turns out yet another variant of EC_POINT_mul is allowed! 2016-11-15 21:20:06 +01:00
Steven Fackler 6794a45d60 Rename ec_key to ec 2016-11-14 22:37:01 +01:00
Steven Fackler 90acfaea51 Split EcKey::mul 2016-11-14 22:08:04 +01:00
Steven Fackler e929e09216 Add EcPoint::invert 2016-11-14 22:02:47 +01:00
Steven Fackler 4c60aa005d Fix non-static EcGroup method locations 2016-11-14 19:20:08 +01:00
Steven Fackler 82eb3c4f51 Add EcKey::check_key 2016-11-13 22:10:52 +00:00
Steven Fackler 35f11d555e More functionality 2016-11-13 22:06:18 +00:00
Steven Fackler 1a52649516 More functionality 2016-11-13 20:46:01 +00:00
Steven Fackler 3d31539ba9 Public keys are not always present 2016-11-13 20:31:44 +00:00
Steven Fackler 0d0b5080e2 Rename new_by_curve_name to from_curve_name 2016-11-13 20:21:44 +00:00
Steven Fackler b2de36049a Add Some more elliptic curve functionality 2016-11-13 20:19:38 +00:00
Steven Fackler 7dbef567e6 Remove some stray manual impls 2016-11-13 18:00:42 +00:00
Steven Fackler ccef9e339d Macroise from_pem 2016-11-13 17:56:48 +00:00
Steven Fackler df9666c334 Macroise to_pem 2016-11-13 17:42:45 +00:00
Steven Fackler 48c0009418 Macroise from_der 2016-11-13 17:06:50 +00:00
Steven Fackler b0415f466c Macroise to_der 2016-11-13 16:52:19 +00:00
Steven Fackler ed9f600e28 Make password callback return a Result 2016-11-13 16:18:52 +00:00
Steven Fackler 387e78257b Support serialization of encrypted private keys 
Switch to PEM_write_bio_PKCS8PrivateKey since the other function outputs
nonstandard PEM when encrypting.
 2016-11-13 16:09:52 +00:00
Steven Fackler 7d411c7975 Add private_key_from_pem_passphrase 2016-11-13 15:27:39 +00:00
Steven Fackler 2a8923c050 Macro-implement private_key_to_pem 2016-11-13 15:12:50 +00:00
Steven Fackler 08e0c4ca90 Some serialization support for EcKey 2016-11-13 15:02:38 +00:00
Steven Fackler 85c1474ce6 No need to use a raw string anymore 2016-11-13 12:19:31 +00:00
Steven Fackler 64e9932ac9 Use ffdhe2048 in mozilla_intermediate 2016-11-12 17:52:58 +00:00
Steven Fackler 2f8301fc63 Be a bit more emphatic about the danger 2016-11-12 16:51:26 +00:00
Steven Fackler 6b3599d319 Add a connect method that does not perform hostname verification 
The method name is intentionally painful to type to discourage its use
 2016-11-12 16:45:18 +00:00
Steven Fackler 7cdb58bc47 Simplify test logic a bit 2016-11-12 14:42:48 +00:00
Steven Fackler 157034d995 Add a missing init 2016-11-12 14:30:53 +00:00
Steven Fackler 796d7b4deb Add constructors for various standard primes 2016-11-12 14:20:43 +00:00
Steven Fackler 96d24c8957 Add SslRef::set_{tmp_dh,tmp_ecdh,ecdh_auto} 2016-11-12 13:45:54 +00:00
Steven Fackler 2a1d7b2bcb Pick different cipher lists on 1.0.1 and 1.0.2 2016-11-12 13:36:03 +00:00
Steven Fackler 93253ba599 Adjust cipher lists to work on older versions 2016-11-12 13:09:12 +00:00
Steven Fackler 780c46e0e7 Add SslRef::set_tmp_{ec,}dh_calback 2016-11-12 12:56:58 +00:00
Steven Fackler 563754fb08 Add SslContextBuilder::set_tmp_{ec,}dh_callback 2016-11-12 12:43:44 +00:00
Steven Fackler b14d68f715 Drop bits to u32 2016-11-12 11:14:05 +00:00
Steven Fackler 9b5c62b053 Add PKey::bits 2016-11-12 11:00:15 +00:00
Steven Fackler 26a3358a2b Add basic X509_STORE access 
There's more to do here, but this enabled addition of trusted CAs from
X509 objects.

Closes #394
 2016-11-12 00:24:12 +00:00
Steven Fackler 6b7279eb52 Consistently support both PEM and DER encodings 
Closes #500
 2016-11-11 20:10:10 +00:00
Steven Fackler 15490a43e3 Add EcKey <-> PKey conversions 
Closes #499
 2016-11-11 19:17:38 +00:00
Steven Fackler 32cbed0782 PKey <-> DH conversions 
Closes #498
 2016-11-11 19:04:54 +00:00
Steven Fackler 609a09ebb9 Add PKey::dsa 
Closes #501
 2016-11-11 18:52:37 +00:00
Steven Fackler 0d2d4865e5 Release v0.9.1 2016-11-11 16:45:22 +00:00
Steven Fackler 898e7f02df Fix EOF detection 
See https://github.com/openssl/openssl/issues/1903 for details
 2016-11-11 15:10:30 +00:00
Steven Fackler a42c6e8713 Drop rustc-serialize dependency 2016-11-09 20:35:23 +00:00
Steven Fackler 7c8ae5f664 Better docs for AEAD tag 2016-11-09 18:54:29 +00:00
Steven Fackler aa7c27536a Make sure to override SslContext verify callback always 
The 1.0.1 code has to override this to setup hostname validation, and
don't want behavior to silently change depending on the OpenSSL version
you're building against.
 2016-11-08 22:38:48 +00:00
Steven Fackler 913723997b Add convenience functions for AEAD encryption/decryption 2016-11-08 22:35:16 +00:00
Steven Fackler 203a02c3e6 Actually support AES GCM 
This is an AEAD cipher, so we need some extra functionality. As another
bonus, we no longer panic if provided an IV with a different length than
the cipher's default.
 2016-11-08 20:35:21 +00:00
Steven Fackler b3b7194e82 Docs 2016-11-08 19:10:56 +00:00
Steven Fackler 97872500a3 Deprecate X509Generator 2016-11-07 21:48:40 +00:00
Steven Fackler c0e02e7e51 Use X509Builder in X509Generator 2016-11-07 21:15:36 +00:00
Steven Fackler 18c5d1f771 Add init calls to new constructors 2016-11-07 20:50:57 +00:00
Steven Fackler d78acc729b Add an X509ReqBuilder 2016-11-07 20:42:43 +00:00
Steven Fackler 597d05b8f8 Add stack creation and push 2016-11-06 23:46:42 -08:00
Steven Fackler 8f7df7b205 Add SubjectAlternativeName 2016-11-06 23:19:58 -08:00
Steven Fackler d17c3355ab More extension progress 2016-11-06 22:52:53 -08:00
Steven Fackler 5f18ffa4b3 Start of extension support 2016-11-06 21:58:43 -08:00
Steven Fackler 1939e6fd78 Add conf module 2016-11-06 14:49:26 -08:00
Steven Fackler b83edbad0d Start on an X509Builder 2016-11-06 14:07:34 -08:00
Steven Fackler 1edb6f682e Support client CA advertisement 2016-11-06 12:17:14 -08:00
Steven Fackler a4e0581e4f Fix build on 1.0.1 2016-11-06 11:57:50 -08:00
Steven Fackler bcb7b3f5dc Add accessors for cert and private key 
Closes #340
 2016-11-06 10:46:38 -08:00
Steven Fackler 72ac2a0105 Release v0.9.0 2016-11-05 20:05:50 -07:00
Steven Fackler 79e2004eef Fixes 2016-11-05 19:28:17 -07:00
Steven Fackler 8ad1e5565b Remove set_rsa 
PKey is reference counted so allowing mutation is unsound
 2016-11-05 18:49:09 -07:00
Steven Fackler 96a5ccfc6b Implement Pkcs12 via type_! 2016-11-05 18:46:34 -07:00
Steven Fackler 4e2ffe5b9b Re-adjust BigNum API 2016-11-05 17:35:31 -07:00
Steven Fackler 8037258913 Return a Stack in Pkcs12 2016-11-05 13:57:05 -07:00
Steven Fackler ed69d6b037 Add Stack::pop 2016-11-05 13:40:53 -07:00
Steven Fackler 52feaae59f More cleanup 2016-11-05 13:15:14 -07:00
Steven Fackler ac36d542fd Simplify destructor a bit 2016-11-05 13:10:50 -07:00
Steven Fackler 398ab2fbc4 Add a consuming iterator for Stacks 2016-11-05 13:01:54 -07:00
Steven Fackler f15c817c2d Rustfmt 2016-11-05 10:54:17 -07:00
Steven Fackler 99b41a0050 Rename accessors 2016-11-05 10:15:40 -07:00
Steven Fackler 01ae978db0 Get rid of Ref 
There's unfortunately a rustdoc bug that causes all methods implemented
for any Ref<T> to be inlined in the deref methods section :(
 2016-11-04 17:16:59 -07:00
Steven Fackler 25443d7b48 Make utility functions private 2016-11-04 12:15:05 -07:00
Steven Fackler 6fe7dd3024 Remove an enum 2016-11-03 22:45:54 -07:00
Steven Fackler 772a506294 Clean up some bignum APIs 2016-11-03 21:06:23 -07:00
Steven Fackler e87b75fa03 Rename BnCtx 2016-11-03 20:54:08 -07:00
Steven Fackler 62a9f89fce Avoid lhash weirdness 2016-11-03 20:38:51 -07:00
Steven Fackler aa0040125b Use built in DH parameters when available 
Fall back to a hardcoded PEM blob on 1.0.1, but serialized from
DH_get_2048_256.
 2016-11-01 22:50:22 -07:00
Steven Fackler 176348630a Don't clear BigNums in destructor 
Instead add a clear method.
 2016-11-01 21:59:07 -07:00
Steven Fackler 888b8b696c Fix docs 2016-11-01 21:42:39 -07:00
Steven Fackler e67733cc4e Cleanup X509StoreContext::chain 2016-11-01 19:45:38 -07:00
Steven Fackler d5a9a239f6 More minor cleanup 2016-11-01 19:36:08 -07:00
Steven Fackler c776534ad4 Clean up stack 2016-11-01 19:25:40 -07:00
Steven Fackler 79c51d5e51 Clean up stack destructor 2016-11-01 19:12:38 -07:00
Steven Fackler 77b76ed8a8 Merge pull request #506 from simias/stack 
Implemented a generic Stack API and use it to deal with StackOf(X509) and StackOf(GENERAL_NAME)
 2016-11-01 18:59:35 -07:00
Lionel Flandrin 8d0090faec Implement X509StoreContextRef::get_chain 2016-11-01 21:23:18 +01:00
Lionel Flandrin 36bf0bb387 Replace GeneralNames by the new Stack API 2016-11-01 21:23:18 +01:00
Lionel Flandrin 3bdefa987a Implement a generic Stack API to deal with OpenSSL stacks 2016-11-01 21:23:13 +01:00
Lionel Flandrin 9ea27c12b9 Add method to encode a public key as a DER blob 2016-11-01 17:34:21 +01:00
Steven Fackler 43911db26c Avoid extra allocations in Asn1Time Display impl 2016-10-31 23:09:07 -07:00
Steven Fackler dd4836cdf6 Fix 1.1.0 build 2016-10-31 23:06:27 -07:00
Steven Fackler f71395c600 Little cfg cleanup 2016-10-31 22:45:51 -07:00
Steven Fackler dc4098bdd8 Clean up x509 name entries 2016-10-31 22:43:05 -07:00
Steven Fackler ab30ad0ce7 Documentation 2016-10-31 21:00:26 -07:00
Steven Fackler 96a77cf5a8 Remove Opaque 2016-10-31 20:56:51 -07:00
Steven Fackler cd7fa9fca2 Update x509 2016-10-31 20:54:34 -07:00
Steven Fackler ff12d37aef Update ssl 2016-10-31 20:32:55 -07:00
Steven Fackler 16e398e005 Update verify 2016-10-31 20:19:59 -07:00
Steven Fackler e9d78181c3 Update Rsa 2016-10-31 20:15:12 -07:00
Steven Fackler f640613863 Update PKey 2016-10-31 20:12:55 -07:00
Steven Fackler d6579ab058 Update EcKey 2016-10-31 20:06:06 -07:00
Steven Fackler fe5fb75d45 Update Dsa 2016-10-31 20:04:55 -07:00
Steven Fackler 28f375974a Convert Dh 2016-10-31 20:02:24 -07:00
Steven Fackler 849fca4a7b Convert Asn1Time 2016-10-31 20:02:24 -07:00
Steven Fackler 3363046c34 Update bignum 2016-10-31 20:02:24 -07:00
Steven Fackler 927c3e924c Add a generic Ref type 2016-10-31 20:02:24 -07:00
Steven Fackler 006da59285 Return an SslRef 2016-10-30 22:42:32 -07:00
Steven Fackler 558124b755 Expose SSL_MODEs 2016-10-30 22:02:26 -07:00
Steven Fackler e0211dac30 Rename set_CA_file 2016-10-30 21:39:26 -07:00
Steven Fackler 5b0fc9a185 Impl Sync and Send for SslContextBuilder 2016-10-30 20:34:35 -07:00
Steven Fackler add8e4023e Rename connectors 2016-10-30 19:39:18 -07:00
Steven Fackler 997e92e052 Merge ssl option setup 
The client will ignore server-side options so we may as well stick them
all in the same spot.
 2016-10-30 18:49:29 -07:00
Steven Fackler bd457dba18 Move HandshakeError to submodule 2016-10-30 17:23:03 -07:00
Steven Fackler 287f6df6c6 Remove DsaParams 2016-10-30 17:04:55 -07:00
Steven Fackler 610403a562 Add RsaRef 2016-10-30 17:00:54 -07:00
Steven Fackler c3b6eff191 Add DsaRef 2016-10-30 16:44:21 -07:00
Steven Fackler f75f82e466 Rustfmt 2016-10-30 16:37:45 -07:00
Steven Fackler 7869651407 Remove out of date comment 2016-10-30 16:34:50 -07:00
Steven Fackler 9abbf6f80e Use Python's cipher list on the client side. 2016-10-30 16:29:33 -07:00
Steven Fackler d1179f1ad2 Update docs 2016-10-30 15:14:29 -07:00
Steven Fackler 52f288e090 Add a mozilla modern profile 2016-10-30 14:57:22 -07:00
Steven Fackler 7d13176cd1 Rename nwe to mozilla_intermediate 2016-10-30 14:34:05 -07:00
Steven Fackler 43b430e5b0 Pass SslMethod into constructors 2016-10-30 14:26:28 -07:00
Steven Fackler ee79db61c2 Enable single ECDH use 2016-10-30 13:41:24 -07:00
Steven Fackler 677718f8da Configure ECDH parameters in connector 2016-10-30 13:38:09 -07:00
Steven Fackler 8c58ecc2fa Implement EcKey 
cc #499
 2016-10-30 13:17:20 -07:00
Steven Fackler eb735f519a Clean up generics a bit 2016-10-30 11:05:29 -07:00
Steven Fackler 23fe1e85e9 Pull Curl's CA list for Windows tests 2016-10-29 18:17:46 -07:00
Steven Fackler 761dd780c1 Add module level docs 2016-10-29 18:04:38 -07:00
Steven Fackler c89f2c0be0 Use PKeyRef in X509Generator 2016-10-29 16:37:56 -07:00
Steven Fackler c2b38d8bb3 Move docs 2016-10-29 15:02:36 -07:00
Steven Fackler 85169e5a61 Fix reexport 2016-10-29 15:02:07 -07:00
Steven Fackler e72533c058 Docs for connectors 2016-10-29 15:00:46 -07:00
Steven Fackler 57d10ebbc3 Add PKeyRef 2016-10-29 14:19:09 -07:00