min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,247 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

223 Commits

Author SHA1 Message Date
René Richter 5bb89d7552 Add functions to X509Req to obtain public key and extensions 
This allows for basic CSR signing.
 2018-04-21 23:14:48 +02:00
Steven Fackler ac950b28aa Fix a flag name 2018-03-29 10:26:43 +02:00
Steven Fackler 1bbe1b6a8f Clean up a couple of holdovers from old features 2018-03-29 10:20:18 +02:00
Steven Fackler c82a87a18e Add Asn1IntegerRef::to_bn 
Also deprecate Asn1IntegerRef since it's just asking for trouble.
 2018-03-28 20:48:28 +02:00
Steven Fackler 7890672725 Add X509Ref::serial_number 2018-03-28 20:41:28 +02:00
Steven Fackler 7c33346960 Remove version-specific features 
Closes #852
 2018-03-19 00:41:33 -07:00
Steven Fackler 4ee7e0d3a9 Tweak verify_cert's signature 
The call can fail either due to an invalid cert or an internal error,
and we should distinguish between the two.
 2018-03-11 14:08:34 -07:00
Bastian Köcher d7a7c379a8 Changes `init` to take a closure which is called with the initialized context 
After calling the closure, we automatically cleanup the context. This is
required, because otherwise we could have dangling references in the context.
 2018-03-11 11:34:36 +01:00
Bastian Köcher a5d7f8a718 Moves store context init into its own function 2018-03-10 00:15:03 +01:00
Bastian Köcher 1a0b085377 Extends the test to verify the certificate two times 2018-03-08 12:10:29 +01:00
Bastian Köcher 810ddeb4ca Moves `cleanup` into its own function 2018-03-08 12:08:39 +01:00
Bastian Köcher 888f4ccaab Fixes the implementation of `X509StoreContextRef::verify_cert` 
The certificate, the store and the certificates chain does not need to be
consumed by `verify_cert` and instead are taken as references. We also call
`X509_STORE_CTX_cleanup`, after the verification succeeded.
 2018-03-07 16:07:57 +01:00
Benjamin Fry 53adf0e6a4 delay return until after forgets 2018-03-07 13:54:35 +01:00
Benjamin Fry 6abac82f13 cleanup and add negative test 2018-03-07 13:54:35 +01:00
Benjamin Fry a1cfde765a add cleanup ffi to store context 2018-03-07 13:54:15 +01:00
Benjamin Fry 3187366cc5 restructure to self contained function 2018-03-07 13:53:29 +01:00
Steven Fackler 2251a6f2b6 Little tweaks 2018-03-07 13:51:58 +01:00
Benjamin Fry d8a11973e2 convert to raw pass-through methods 2018-03-07 13:51:58 +01:00
Benjamin Fry 910386027d add comment about consuming self in verify_cert 2018-03-07 13:50:12 +01:00
Benjamin Fry 35cad33d51 fix error check 2018-03-07 13:50:12 +01:00
Benjamin Fry 847fac25f8 properly version library functions 2018-03-07 13:48:09 +01:00
Benjamin Fry 3595ff9e51 Fix memory mgmt 2018-03-07 13:42:39 +01:00
Benjamin Fry eb6296e892 add verify_cert and store_context_builder 2018-03-07 13:41:44 +01:00
Steven Fackler f645165ee2 Remove the x509 module-level example 
The example generated a bogus certificate that was missing a serial
number, a validity range, etc.

Generating a correct x509 certificate is complex enough that doing it
correctly is too long to be a reasonable doc example. There's already
a more complete example in the examples directory that handles things
more correctly.

Closes #859
 2018-03-05 19:25:01 -08:00
Steven Fackler f4ddd66b03 Tweak features 
We should keep the version features totally separate for now.
 2018-02-14 22:11:24 -08:00
Steven Fackler 2765775535 OpenSSL 1.1.1 support 2018-02-13 22:31:37 -08:00
Steven Fackler b1ab0ec473 Don't leak X509s 2018-02-12 09:32:26 -08:00
Ian P. Cooke 60337266ab add support for rfc822Name (email) and uniformResourceIdentifier (uri) to GeneralName 2018-01-15 11:22:29 -06:00
Steven Fackler 3c19702299 Rename key serialization/deserialization methods 
Also document their specific formats.

Closes #502
 2018-01-06 13:27:44 -08:00
Ansley Peduru c4620a30c6 Fix links in x509 module 2018-01-01 16:16:41 -05:00
Ansley Peduru c2430b87f7
Merge branch 'master' into x509-docs 2018-01-01 15:40:02 -05:00
Steven Fackler 9043cf9aa7 Move X509Filetype to SslFiletype 
These constants have the same values, but X509_FILETYPE_DEFAULT doesn't
work in the Ssl methods and using the SSL_* names is a bit less
confusing.
 2018-01-01 11:50:07 -08:00
Ansley Peduru a4c9dd4af3 Fix x509 doc examples 2018-01-01 11:48:55 -05:00
Bastien Orivel bb5ab2b43f Bump hex to 0.3 
The `to_hex` method has been removed and `hex::encode` should be used
instead.
 2018-01-01 17:38:38 +01:00
Ansley Peduru 1a40795886 Add documentation for x509 module 2017-12-31 22:39:28 -05:00
Steven Fackler d207897458 Parameterize keys over what they contain 
Closes #790
 2017-12-30 21:53:39 -08:00
Steven Fackler 89dd50b3ce Add issuer name access. 
Closes #808
 2017-12-29 10:50:49 -08:00
Steven Fackler f9866cd44f Split X509StoreContextRef::ssl up 2017-12-26 14:53:35 -07:00
Steven Fackler 129b6b9d84 Overhaul verify error type 
Also set the error in the hostname verification callback for 1.0.1
 2017-12-26 14:43:10 -07:00
Steven Fackler 2adf2cf12b Remove deprecated APIs 2017-12-25 22:09:27 -07:00
Steven Fackler 77448362ce Rename X509FileType to X509Filetype 2017-12-25 19:57:02 -07:00
Steven Fackler 3eab162dc2 Move to associated consts 2017-12-25 19:56:27 -07:00
Steven Fackler bbae793eb3 Upgrade bitflags to 1.0 
Closes #756
 2017-12-25 19:38:11 -07:00
Steven Fackler 2aaba8bd7a Make Nid values associated constants 2017-12-25 19:19:47 -07:00
Steven Fackler 43753698da
Impl Send + Sync for x509 stuff 2017-12-13 11:35:04 -05:00
Steven Fackler e9ad9f1afd Upgrade foreign-types 
foreign-types 0.3 and 0.2 now share the same types and traits, so this
is backwards compatible.
 2017-11-26 17:07:24 -07:00
Steven Fackler de987f20c8
Revert "Update foreign-types to 0.3" 2017-11-21 08:51:37 -08:00
Anthony Ramine 93be1c4f2f Update foreign-types to 0.3 2017-11-21 09:17:39 +01:00
johnthagen b5bb8de4f2 Convert try! usage to ? 2017-10-03 17:44:02 -04:00
Steven Fackler 7de1499c65 Fix X509::clone impl 
Closes #667
 2017-07-19 19:23:47 -07:00