920ab0d6fb
OCSP functionality
2017-01-14 21:09:38 -08:00
6291407b17
Add X509::stack_from_pem
...
Implementation is a clone of SSL_CTX_use_certificate_chain_file
2017-01-03 14:56:00 -08:00
a42c6e8713
Drop rustc-serialize dependency
2016-11-09 20:35:23 +00:00
36bf0bb387
Replace GeneralNames by the new Stack API
2016-11-01 21:23:18 +01:00
dc4098bdd8
Clean up x509 name entries
2016-10-31 22:43:05 -07:00
f75f82e466
Rustfmt
2016-10-30 16:37:45 -07:00
787cad3c82
Use constants rather than constructors for Nid
2016-10-22 15:58:06 -07:00
3c50c74444
Camel case Rsa
2016-10-22 10:21:16 -07:00
2fd201d9c3
De-enumify Nid
2016-10-22 10:08:32 -07:00
98b7f2f935
Flatten crypto module
2016-10-22 09:16:38 -07:00
c171be551a
De-enumify message digests
2016-10-15 15:23:29 -07:00
43c951f743
Add support for OpenSSL 1.1.0
...
This commit is relatively major refactoring of the `openssl-sys` crate as well
as the `openssl` crate itself. The end goal here was to support OpenSSL 1.1.0,
and lots of other various tweaks happened along the way. The major new features
are:
* OpenSSL 1.1.0 is supported
* OpenSSL 0.9.8 is no longer supported (aka all OSX users by default)
* All FFI bindings are verified with the `ctest` crate (same way as the `libc`
crate)
* CI matrixes are vastly expanded to include 32/64 of all platforms, more
OpenSSL version coverage, as well as ARM coverage on Linux
* The `c_helpers` module is completely removed along with the `gcc` dependency.
* The `openssl-sys` build script was completely rewritten
* Now uses `OPENSSL_DIR` to find the installation, not include/lib env vars.
* Better error messages for mismatched versions.
* Better error messages for failing to find OpenSSL on a platform (more can be
done here)
* Probing of OpenSSL build-time configuration to inform the API of the `*-sys`
crate.
* Many Cargo features have been removed as they're now enabled by default.
As this is a breaking change to both the `openssl` and `openssl-sys` crates this
will necessitate a major version bump of both. There's still a few more API
questions remaining but let's hash that out on a PR!
Closes #452
2016-10-12 22:49:55 -07:00
8fa4059b82
Add test for `"x509_validity"` feature
2016-08-17 01:23:54 -04:00
773a6f0735
Start on PKCS #12 support
2016-08-14 10:11:38 -07:00
1ac54b06e9
Move X509_get_extensions to openssl helpers
2016-08-09 22:15:16 -07:00
0854632ff5
Make c_helpers optional
2016-08-09 22:02:49 -07:00
6b1016c86e
Add PKey::from_rsa
2016-08-07 22:56:44 -07:00
6e5cd7ef47
Remove X509Generator::bitlenth
2016-08-07 22:46:14 -07:00
1968956536
Restore disabled tests
2016-08-07 22:40:51 -07:00
2a3e9a2856
Add RSA::generate
2016-08-07 22:35:37 -07:00
77ba043acf
x509 cleanup
2016-08-07 21:53:05 -07:00
7855f428aa
PKey reform
...
This deletes the vast majority of PKey's API, since it was weirdly tied
to RSA and super broken.
2016-08-07 20:38:46 -07:00
08e27f31ed
Restructure PEM input/output methods
...
Dealing with byte buffers directly avoids error handling weirdness and
we were loading it all into memory before anyway.
2016-08-02 20:49:28 -07:00
5ed77df197
Implement save_der for X509 and X509Req
2016-07-29 12:14:49 +03:00
1b0757409d
Rustfmt
2016-05-16 23:03:13 -07:00
62c29b54c1
Update cert
...
Now with a 10 year expriation
2016-05-15 22:11:10 -07:00
2cfb25136f
Document SAN APIs and tweak accessor names
2016-05-01 09:09:51 -07:00
bf7076b785
Implement `iter` method on `GeneralNames`.
2016-05-01 00:02:10 -04:00
32722e1850
Add accessors for x509 subject alt names
2016-04-29 21:15:32 -07:00
fe0f8ea1d8
Rename Nid uid/UID to prevent breakage
2016-02-02 14:32:57 -08:00
4940ca7e92
Fix Nid::UID value
...
Nid::UID (userId) previously held the value of Nid::uid
(uniqueIdentifier).
2016-02-02 09:25:52 -08:00
5e0830286e
Preserve X.509 extension insertion order.
...
Ensures that extensions that are order-dependent are inserted in the
same order when calling out to OpenSSL during certificate signing.
Fixes #327 .
2016-01-28 20:02:44 -08:00
157e6aa961
Rustfmt
2015-12-15 21:51:20 -08:00
90dd54b541
Implement certificate extensions for certificate requests
2015-07-08 13:37:35 -07:00
e3c562d6a0
Fix/add more X509generator tests
2015-07-08 10:09:40 -07:00
f4168b1161
Add Subject Alternate Name extension
2015-07-01 00:18:45 -07:00
b46574b635
Add arbitrary X509 extensions by OID string
2015-07-01 00:18:45 -07:00
e367567d00
Add arbitrary X509 extensions by NID
2015-07-01 00:18:45 -07:00
2fa1344367
Add public generic extension interface to X509Generator
...
* Add add_extension and add_extensions functions
* Deprecate set_usage and set_ext_usage
* Change test to use add_extension
2015-07-01 00:18:45 -07:00
53b868697a
Implement arbitrary X509 Extended Key Usage values
2015-07-01 00:18:45 -07:00
d5a4d48cab
Turn assertions into unwraps such that tests provide useful output on panic.
2015-07-01 00:18:44 -07:00
9074af5bdd
Add a test that checks whether 3 known subject attributes can be retrieved by NID
2015-06-30 23:51:54 -07:00
6d53a3ed20
Test reading CN from test certificate
2015-05-18 02:41:42 +10:00
73617dabfa
Write through to underlying stream for every write call
...
cc #208
2015-04-30 00:18:23 -07:00
7db00b97ba
Add X509::public_key()
2015-04-15 22:59:07 +02:00
36c90bb205
Fix deprecation warnings
2015-03-25 21:50:21 -07:00
6991cc6a30
Convert to new IO.
2015-02-24 23:01:57 -08:00
ec65b0c67b
Move docs to this repo and auto build
2015-02-07 21:30:05 -08:00
Steven Fackler