c4620a30c6
Fix links in x509 module
2018-01-01 16:16:41 -05:00
c2430b87f7
Merge branch 'master' into x509-docs
2018-01-01 15:40:02 -05:00
1553447385
Misc cleanup
2018-01-01 12:23:41 -08:00
9043cf9aa7
Move X509Filetype to SslFiletype
...
These constants have the same values, but X509_FILETYPE_DEFAULT doesn't
work in the Ssl methods and using the SSL_* names is a bit less
confusing.
2018-01-01 11:50:07 -08:00
a4c9dd4af3
Fix x509 doc examples
2018-01-01 11:48:55 -05:00
bb5ab2b43f
Bump hex to 0.3
...
The `to_hex` method has been removed and `hex::encode` should be used
instead.
2018-01-01 17:38:38 +01:00
1a40795886
Add documentation for x509 module
2017-12-31 22:39:28 -05:00
d207897458
Parameterize keys over what they contain
...
Closes #790
2017-12-30 21:53:39 -08:00
89dd50b3ce
Add issuer name access.
...
Closes #808
2017-12-29 10:50:49 -08:00
1085e79447
Remove `SslRef::compression`
...
TLS compression is extremely deprecated, so no-one should be messing
with this in the first place.
2017-12-28 20:22:05 -08:00
23bab6336e
Add a parameter to servername
2017-12-28 10:18:23 -08:00
7fbda61609
Overhaul ALPN
...
There was previously a lot of behind the scenes magic. We now bind much
more directly to the relevant functions.
Also remove APN support. That protocol is supersceded by ALPN - let's
see if anyone actually needs to use it.
2017-12-27 16:24:01 -07:00
52a06adc08
Overhaul ssl error
2017-12-26 21:03:49 -07:00
f9866cd44f
Split X509StoreContextRef::ssl up
2017-12-26 14:53:35 -07:00
129b6b9d84
Overhaul verify error type
...
Also set the error in the hostname verification callback for 1.0.1
2017-12-26 14:43:10 -07:00
19dc6ce1eb
Adjust SslConnector and SslAcceptor construction
2017-12-26 10:39:21 -07:00
ce0641f093
Drop Any bounds
2017-12-26 08:55:12 -07:00
2adf2cf12b
Remove deprecated APIs
2017-12-25 22:09:27 -07:00
3744e31e16
Fix a bunch of FIXMEs
2017-12-25 21:44:41 -07:00
7cc6c9b2f2
Tweak default ssl options
2017-12-25 21:18:49 -07:00
7d0c6c9442
Fix tests
2017-12-25 20:32:06 -07:00
77448362ce
Rename X509FileType to X509Filetype
2017-12-25 19:57:02 -07:00
3eab162dc2
Move to associated consts
2017-12-25 19:56:27 -07:00
bbae793eb3
Upgrade bitflags to 1.0
...
Closes #756
2017-12-25 19:38:11 -07:00
2aaba8bd7a
Make Nid values associated constants
2017-12-25 19:19:47 -07:00
34d700309c
Clean up 1.0.1 hostname verification
2017-12-23 19:32:33 -07:00
196a855d2a
Allow SNI and hostname verification to be configured separately
...
Closes #728
2017-12-23 12:47:38 -08:00
43753698da
Impl Send + Sync for x509 stuff
2017-12-13 11:35:04 -05:00
4b732dad19
Fix link
2017-12-09 15:50:23 -08:00
48db60aca0
Release v0.9.23
2017-12-05 21:58:24 -08:00
3207e57a09
Finish documentation for the ssl module
...
Closes #727
2017-12-04 22:15:56 -08:00
bf70d3dd71
Docs for the ssl module.
...
cc #727
2017-12-03 23:10:56 -08:00
4a10c31219
Impl deref for acceptor/connector builders
2017-12-03 19:24:11 -08:00
531ca4a0fa
Documentation for the `sign` module.
...
Closes #720
2017-12-03 17:01:12 -08:00
1c4b933faf
Rename Signer::finish to sign_to_vec
2017-12-03 15:58:37 -08:00
3cd486d956
Clean up tests
2017-12-03 15:30:22 -08:00
13a13727e8
Merge pull request #785 from P-E-Meunier/split-signer-finish
...
Splitting the sign::Signer::finish function, to avoid allocations
2017-12-03 15:08:51 -08:00
9732264b51
Simplifying finish_into
2017-12-03 23:37:58 +01:00
905d3f716b
Splitting the sign::Signer::finish function, to avoid allocations
2017-12-03 12:10:21 +01:00
fccb2eab4e
Adding dp(), dq() and qi() methods to RSA, to get the CRT parameters back
2017-12-02 12:30:50 +01:00
fc08ffa1fe
bump lazy_static to 1
2017-11-30 17:41:58 +01:00
78ffe0a89c
Release openssl 0.9.22
2017-11-29 09:38:28 -08:00
e9ad9f1afd
Upgrade foreign-types
...
foreign-types 0.3 and 0.2 now share the same types and traits, so this
is backwards compatible.
2017-11-26 17:07:24 -07:00
de987f20c8
Revert "Update foreign-types to 0.3"
2017-11-21 08:51:37 -08:00
93be1c4f2f
Update foreign-types to 0.3
2017-11-21 09:17:39 +01:00
e221b76e28
Release v0.9.21
2017-11-17 09:11:06 -08:00
55bf390dbe
Adjust libressl version detection
...
The 2.5.3+ and 2.6.3+ series are ABI-stable, so we don't need to
whitelist individual releases in those ranges.
2017-11-13 21:51:55 -08:00
6257835757
Add support for LibreSSL 2.6.3
2017-11-13 09:51:17 -05:00
0bae121e12
Added a macro that wraps foreign type, and impl Send and Sync for both,
...
the borrowed type and the owned one.
Replaced all invocation of `foreign_type` by `foreign_type_and_impl_send_sync`.
2017-11-10 10:05:52 -05:00
5eea31676e
Add an example of making a CA and certs and verifying.
2017-11-06 23:14:56 -06:00
8830bd5daf
Add a couple of FIXMEs
2017-11-05 10:47:05 -08:00
6bb54e0171
Merge pull request #764 from AndyGauge/doc-error
...
Doc error
2017-11-05 10:24:59 -08:00
a1a3219483
Handle local retries
...
OpenSSL can return SSL_ERROR_WANT_READ even on blocking sockets after
renegotiation or heartbeats. Heartbeats ignore the flag that normally
makes these things handled internally anyway on 1.0.2. To handle this
more properly, we now have a special error type we use to signal this
event. The `Read` and `Write` implementation automatically retry in this
situation since that's what you normally want. People can use `ssl_read`
and `ssl_write` if they want the lower level control.
Closes #760
2017-11-04 13:32:18 -07:00
829c805543
fixed broken example and syntax error in module level documentation
2017-11-04 12:24:24 -07:00
27c3b01ad8
Merge pull request #747 from BrianOn99/symm
...
Symm documentation
2017-11-04 11:51:05 -07:00
f79d92dd67
Merge pull request #761 from AndyGauge/doc-ec
...
Doc ec module
2017-11-04 11:50:22 -07:00
a5c582a7df
Update data-encoding major version
2017-11-04 18:33:00 +01:00
556f371689
Error documentation improvement
2017-10-27 16:59:36 -07:00
cda2662cbc
Merge branch 'master' into doc-ec
2017-10-24 16:44:21 -07:00
df10bcf960
Update documentation for EC module
2017-10-24 16:43:01 -07:00
d5299a8d2b
Fixed a typo in an error message, WANT_WRITE -> WANT_READ
2017-10-17 20:06:35 -05:00
09f2a3e9db
Release v0.9.20
2017-10-14 14:36:55 -07:00
f4f00d4613
Merge pull request #755 from AndyGauge/doc-dsa
...
Documentation for DSA module
2017-10-14 13:08:17 -07:00
80efaf72e6
DSA size returns maximum size of signature
2017-10-11 13:06:52 -07:00
a62069cef9
Began EC documenation
2017-10-11 13:04:53 -07:00
2c7f0e7604
Merge branch 'master' of https://github.com/sfackler/rust-openssl
2017-10-09 12:10:04 -07:00
39f918ff3d
Documentation improvements for DSA module
2017-10-09 12:06:46 -07:00
75e6db6f00
Move doc details into another paragraph
2017-10-09 11:14:27 +08:00
44a000f3a6
Merge pull request #753 from zsck/issue719
...
Added module-level documentation for the `sha` module.
2017-10-08 16:54:13 -07:00
79d6172571
Merge pull request #749 from johnthagen/conf
...
Document conf module
2017-10-08 16:52:30 -07:00
407f330d7b
Move OpenSSL implementation details into a normal comment
2017-10-07 18:29:53 -04:00
a33efaa349
Include the hex crate and ToHex import to the second example
2017-10-07 17:07:53 -04:00
f206eb6a4b
Added module-level documentation for the `sha` module.
...
The documentation included describes what the SHA family of hash functions is,
what hash functions are for, and a little bit about why one may want to use the
SHA family of hash functions. I have also included a couple of examples demonstrating
how to create a hasher and update it, as well as how to hash bytes directly.
2017-10-07 16:49:09 -04:00
9d43fc6e02
Merge pull request #744 from AndyGauge/doc-bn
...
Doc BigNum
2017-10-07 13:44:54 -07:00
0058478392
Merge pull request #748 from AndyGauge/doc-cms
...
CMS module documentation
2017-10-07 13:08:32 -07:00
040287dbb5
Module level documentaiton rewrite
2017-10-04 08:22:40 -07:00
a989e414f4
Describe return values of groups.
2017-10-04 08:17:14 -07:00
de18ccf5fe
Begun DSA documentation
2017-10-04 08:01:35 -07:00
ff8f54812c
Merge pull request #752 from chrisvittal/libressl262
...
Add support for LibreSSL 2.6.2
2017-10-03 22:11:29 -07:00
1308cb2b52
Fix cfgs for libressl262
2017-10-04 00:53:09 -04:00
e0efd1d438
Add support for LibreSSL 2.6.2
2017-10-03 23:59:33 -04:00
b5bb8de4f2
Convert try! usage to ?
2017-10-03 17:44:02 -04:00
4f8195c472
Document conf module
2017-10-03 17:32:49 -04:00
4e59fab753
CMS module documentation
2017-10-03 11:07:35 -07:00
7c40c5269c
Finished BigNum documentation
2017-10-03 09:52:14 -07:00
ff53750cab
Additional notes on Crypter
2017-10-04 00:28:32 +08:00
76ecc13cec
Copy example to module level
2017-10-04 00:05:30 +08:00
79a8ebb631
Add examples and more documentation to symm
2017-10-03 23:59:16 +08:00
7159215e45
Merge pull request #743 from AndyGauge/doc-asn1
...
Doc asn1 module
2017-09-30 21:14:12 -07:00
219f13eb35
Deprecate crypto module
2017-09-30 21:29:57 -04:00
b078c67dbb
Hide deprecated crypto module from docs
2017-09-30 12:06:09 -04:00
feb3eb3f01
removed deny missing docs
2017-09-29 16:23:16 -07:00
1e161e924f
WIP BigNum function documentation
2017-09-29 16:00:34 -07:00
9a63044175
Merge branch 'master' into doc-bn
2017-09-29 09:40:30 -07:00
38f0e8d9ee
Changed Asn1Object documentation to include references to Nid
2017-09-29 09:37:46 -07:00
b44d37acaf
Began bn module documenation
2017-09-29 09:18:44 -07:00
1766c1d327
Merge pull request #736 from johnthagen/hide-ec-key
...
Hide ec_key module in docs
2017-09-28 23:56:19 -04:00
c3fc494427
Merge pull request #737 from johnthagen/rand
...
Document rand module
2017-09-28 23:56:03 -04:00
7c0965e66d
Merge pull request #740 from johnthagen/memcmp
...
Document memcmp module
2017-09-28 23:51:38 -04:00
2c7a19013c
documented and example for ASN1 module
2017-09-28 16:27:00 -07:00
b65540709f
Document nid module
2017-09-28 14:25:39 -04:00
c5aef19d05
Add instructions for adding OpenSSL DLLs to PATH if needed during install
2017-09-28 13:34:49 -04:00
1e3b8183bb
Moved details about function and reworded block requirements
2017-09-28 08:04:10 -07:00
a02b07fe76
WIP ASN.1 documentation
2017-09-28 08:00:23 -07:00
c4b044b6ba
Fix doc test and move external documentation link to rand_bytes function
2017-09-28 10:36:53 -04:00
26fa22fe04
Fix typos
2017-09-28 09:52:46 -04:00
220c707fd9
Document rand module
2017-09-28 09:49:03 -04:00
0f0ab2e425
Hide ec_key module in docs because it is deprecated
2017-09-28 09:28:08 -04:00
f759f8dd4a
Preface with links to conventional AES
2017-09-27 08:46:13 -07:00
ad879ad7de
AES (IGE) encryption documentation
2017-09-26 16:51:37 -07:00
afde5a84b1
AES Module level docs and example
2017-09-26 16:34:06 -07:00
b07b0e7fb7
WIP: document AES
2017-09-25 17:01:08 -07:00
cd558d99e7
Release v0.9.18
2017-09-20 10:21:37 -04:00
dc92a514ef
Properly handle IPs in hostname verification
2017-09-20 10:04:09 -04:00
f0db1dbc95
Merge pull request #695 from Keruspe/master
...
openssl-sys: support libressl 2.6.1
2017-09-17 13:57:18 -07:00
b73548da18
openssl: ecdh_tmp_callback doesn't work with libressl 2.6.1
...
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
2017-09-17 19:55:47 +02:00
5091830379
openssl: libressl 2.6.1 dropped suuport for npn
...
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
2017-09-17 19:46:05 +02:00
7d41009a9c
Update default client cipher list
2017-09-16 13:10:55 -04:00
9bd64edc08
Fix indentation
2017-09-15 22:31:03 -04:00
68a30c29c9
Set SSL_MODE_RELEASE_BUFFERS by default
...
Closes #696
2017-09-14 19:15:00 -07:00
ca40c2e6a3
Symlink README in place
...
Allows crates.io to render it properly
2017-08-21 04:00:25 -07:00
1a6edc409f
Rename function, removing `get_`
...
Fix per PR comment, should have been like this from the start :).
2017-08-22 07:44:27 +10:00
f599df124b
Add ability to get affine coordinates from EcPoint
...
The initial usecase here is creating JWK representations as defined
within RFC 7517 from an EcKey created via a PEM source.
2017-08-21 15:08:48 +10:00
9143516037
Add SHA384 and SHA512
2017-08-16 21:03:46 -07:00
673bcfaf5a
Add SHA1 an SHA224 hashers
2017-08-16 20:26:16 -07:00
c175ac639d
Release v0.9.17
2017-08-14 17:13:36 -07:00
1d92ff290e
Add a stateful SHA256 hasher
2017-08-14 17:07:44 -07:00
ea6edb133e
Release v0.9.16
2017-08-10 22:17:50 -07:00
4c3b3476f4
Merge pull request #675 from sdemos/master
...
added cms decryption
2017-08-09 14:20:51 -07:00
caf7b8ecbc
added cms decryption
2017-08-09 12:26:45 -07:00
be1b573f6b
Delete DTLS tests
2017-08-08 22:01:58 -07:00
c966583877
Refine sig for set_public_key_affine_coordinates
...
This functions signature was originally defined to require mutable
references for `x` / `y` as the underpinning OpenSSL C API
was not `const`.
However the actual OpenSSL implementation makes no changes. This being
the case we've chosen to reflect non mutability at the Rust level.
2017-08-09 14:20:22 +10:00
16e8fbc31e
Fix EC_KEY_set_public_key_affine_coordinates
...
Previous definition incorrectly used `const` pointers but the
underpinning library definition (unfortunately) does not.
2017-08-09 13:34:08 +10:00
d9e0321851
Set the private key within EcKeyBuilder
...
The initial usecase here is creating EcKey instances from JWK
representations, that hold private keys, as defined within RFC 7517.
2017-08-09 12:44:54 +10:00
cfb4ea31d5
Support for EcKey creation from affine coordinates
...
Sets the public key for an EcKey based on its affine co-ordinates,
i.e. it constructs an EC_POINT object based on the supplied x and y
values and sets the public key to be this EC_POINT.
The initial usecase here is creating EcKey instances from JWK
representations as defined within RFC 7517.
2017-08-09 12:21:54 +10:00
f34af83653
Init in bn_ctx constructor
2017-07-30 13:24:36 -07:00
d1a42598d7
Init in Dh constructors
2017-07-30 13:23:19 -07:00
c2164a4864
Add peer_cert_chain
2017-07-29 10:34:10 -07:00
a132834132
Ignore dtls tests
...
They're way too flaky.
Closes #525
2017-07-29 09:54:04 -07:00
8fa9b58743
Tweak formatting on cipher list
2017-07-26 20:49:24 -07:00
01927c19ac
Initialize OpenSSL in DSA constructor
...
This fixes the double unlock errors that were popping up on circle
2017-07-25 21:59:52 -07:00
bf6dc28f0c
Release v0.9.15
2017-07-19 19:35:28 -07:00
7de1499c65
Fix X509::clone impl
...
Closes #667
2017-07-19 19:23:47 -07:00
9c9a0efafc
Remove unused import
2017-07-16 14:31:27 -07:00
3a7ca9c2ff
Switch over Linux tests to CircleCI
2017-07-16 14:15:09 -07:00
605b8af445
Tell docs.rs to build with all features
2017-07-15 22:08:52 -07:00
374ad206d5
Use foreign-type's Opaque
2017-07-15 21:53:49 -07:00
bcd0dcafcb
Rustfmt
2017-07-15 21:46:11 -07:00
5c2410c38a
Init before creating ex indexes
2017-07-15 18:58:24 -07:00
dbbf446a9e
Fix build
2017-07-15 17:25:02 -07:00
c68db708ee
Don't overwrite the configured verify mode
...
We can leverage the new extra data API to configure the verification
mode up front so users can reconfigure it as they like.
2017-07-15 16:50:36 -07:00
fd52bbe85c
Add an API to install extra data
2017-07-15 16:50:36 -07:00
e3c7a2785c
Move callbacks to a submodule
2017-07-15 16:50:36 -07:00
9290ed97c2
Merge pull request #657 from sfackler/rsa-pkcs1
...
Support PKCS#1 RSA public keys
2017-07-06 14:11:27 -10:00
279bffccf5
Merge pull request #641 from luser/psk
...
Expose PSK via a SslContextBuilder::set_psk_callback method
2017-07-04 18:19:17 -10:00
51a226eb4b
Support PKCS#1 RSA public keys
...
Closes #656
2017-07-04 20:57:00 -07:00
575e682da3
Add PKey::private_key_from_der
2017-06-23 21:04:13 -07:00
223e8e3689
Release v0.9.14
2017-06-14 19:59:45 -07:00
240eb9731f
Properly reexport ConnectConfiguration
2017-06-14 19:54:09 -07:00
d7135c88ac
Fix documentation typo
2017-06-10 18:40:57 -04:00
98d343dd32
Fix for changes in OpenSSL 1.1.0f
2017-06-06 18:45:54 -04:00
4de58596d9
Make some changes for review comments
2017-06-02 08:20:03 -04:00
3028958bf6
Little docs fix
2017-05-29 21:11:49 -07:00
c89af1d5f8
Add a fixme
2017-05-29 18:04:32 -07:00
cba475b9ae
Release v0.9.13
2017-05-29 17:46:07 -07:00
16183f41f6
Expose PSK via a SslContextBuilder::set_psk_callback method
2017-05-26 14:51:04 -04:00
27728f6fd9
Update bitflags 0.8 -> 0.9
2017-05-22 12:44:22 +03:00
4336d1d38c
Release v0.9.12
2017-05-12 11:47:46 -07:00
1fa7397b88
Set LD_LIBRARY_PATH when using custom build
2017-05-06 18:50:44 -07:00
67b5fd1c97
Support public key decode from DER
...
Closes #629
2017-05-06 16:40:33 -07:00
0efef98848
Add a note to rename variant
2017-05-06 16:35:55 -07:00
dd3896fdc5
Clarify use of ssl::HandshakeError::Interrupted
2017-05-03 12:03:18 -07:00
7e8a0a0dad
Expose the lower level SHA functions
...
These don't allocate so they're both infallible and significantly
faster.
2017-04-14 23:03:17 -07:00
429f7c869e
Release v0.9.11
2017-04-14 16:56:21 -07:00
fd6a1f70bd
Merge pull request #616 from sfackler/no-alloc
...
Don't force allocation for message digests
2017-04-13 19:37:11 -07:00
4cf9f6c4c0
Don't force allocation for message digests
2017-04-13 19:02:31 -07:00
b21046375a
(issues-600) Avoid compiling ec2m code against no-ec2m openssl
...
This commit avoids defining code that leads to undefined references when
compiling against an openssl built with no-ec2m.
2017-04-11 15:42:05 -07:00
e6a6ebb87d
Add new EC/PKEY methods to permit deriving shared secrets.
2017-04-10 15:40:36 -04:00
fc1bcecfc1
Don't exclude test data from package
...
Closes #612
2017-04-04 09:06:32 -07:00
af25627fdf
bump bitflags to 0.8
2017-04-03 23:04:23 +02:00
42ad50ae67
Release v0.9.10
2017-03-26 10:49:04 -07:00
ba2460d38d
Merge pull request #606 from cjcole/master
...
Fix order of arguments to BN_rand_range and BN_pseudo_rand_range
2017-03-26 05:01:29 +01:00
c8d1698f27
Logic to support client-side session reuse
2017-03-25 19:30:01 -07:00
d239e04c70
Fix order of arguments to BN_rand_range and BN_pseudo_rand_range
2017-03-25 12:29:18 -04:00
bf63f35dfb
Release v0.9.9
2017-03-14 12:55:36 -07:00
06b10a5753
Release v0.9.8
2017-03-09 20:33:17 +11:00
efe96396ad
Merge pull request #592 from Byron/master
...
Fix for len() == isize::max() for stacks that are unallocated
2017-03-09 20:28:42 +11:00
463db85110
Don't allow Stacks to be allocated with a null-ptr
...
The latter must be seen as undefined behaviour, as it will cause
the `sk_num` function to return -1 to indicate the error, which
causes all kinds of issues.
Thus there now is a panic to abort the program if stacks are initialized
with a null-ptr, and special handling of that case when decoding
a Pkcs file.
2017-03-07 07:39:25 +01:00
97536a9b82
Merge pull request #585 from bluejekyll/master
...
some helpful documentation and example on set_subject_name()
2017-03-07 13:19:52 +11:00
ec2685347c
Fix for empty stacks
...
The culprit is that `sk_num(stack)` can return -1
as c_int if there is no stack allocated.
Previously, thanks to unsafe casts, this would result in
a isize::max() for len() and iteration size if there was no stack.
Now this case is handled specifically, which fixes the issue.
2017-03-06 10:14:39 +01:00
f92ac2477b
Add test to run into issue with stack.len()
2017-03-06 09:59:00 +01:00
bf21ff5f80
Fix Shr trait impl for BigNum: was using shl
2017-03-01 11:24:11 -05:00
b431896057
mention the common fields
2017-02-22 22:05:39 -08:00
81362a4e79
scrypt support
...
Closes #586
2017-02-21 21:15:52 -08:00
9b24698aee
some helpful documentation and example.
2017-02-20 14:48:49 -08:00
268288337b
Expose more error information
2017-02-19 16:05:58 -08:00
618cc70d19
Add a fixme to drop const prefixes
2017-02-19 14:24:05 -08:00
710a30bb40
Tweaks
2017-02-18 21:58:38 -08:00
88740c1374
add Ok to result
2017-02-16 19:59:02 -08:00
323a646383
only forget in non-error condition
2017-02-16 19:50:58 -08:00
eef5b5d2ac
review fixes: reorder forget()
2017-02-16 19:49:14 -08:00
d080c10910
fix cfg options for v102 and v110
2017-02-16 19:49:14 -08:00
f8298882a4
add set_verify_cert_store() to ssl ctx
2017-02-16 19:49:14 -08:00
19f3b8a11a
Support PKCS#8 private key deserialization
...
Closes #581
2017-02-14 19:37:25 -08:00
06065ddcee
Release v0.9.7
2017-02-11 14:34:37 -08:00
129a3cff08
Update deprecation version
2017-02-11 10:27:09 -08:00
89cd1d3ea7
Use published foreign_types
2017-02-11 10:16:14 -08:00
16d5632983
Remove X509Req setters
2017-02-11 10:14:16 -08:00
f2c69ae7e9
Merge remote-tracking branch 'origin/master' into x509-builder
2017-02-11 10:13:00 -08:00
5ad4af70ae
Re-add reexport
2017-02-11 09:17:39 -08:00
1c25336520
Merge branch 'master' into x509_req_version_subject
2017-02-11 09:11:25 -08:00
03fe3015dc
X509 signature algorithm access
2017-02-10 21:37:33 -08:00
8e5735d84c
X509 signature access
2017-02-10 19:59:11 -08:00
a1d7956f82
Add Asn1BitString
2017-02-10 19:38:51 -08:00
8ae424235e
Make it compile again.
...
Make self mut in set_subject_name.
Add assert to prevent a null pointer in subject_name.
2017-02-07 21:49:07 +01:00
30a634c877
Merge branch 'master' into x509_req_version_subject
2017-02-07 20:41:27 +01:00
12ae31ad47
Switch to foreign_types
2017-02-03 23:03:35 -08:00
4900d3fe5d
Fixed constant names from openssl/rsa.h
...
Fixed PKeyCtxRef method that didn't need to be mutable.
Added non-mutable accessors for PKeyCtxRef for Signer and Verifier.
2017-01-31 11:59:59 -08:00
302ee77d32
Adding suggestions from review.
2017-01-30 16:51:10 -08:00
72a10f3e65
Fixing typo
2017-01-30 15:04:44 -08:00
ef61b814ff
Small amount of docs.
2017-01-30 15:04:44 -08:00
e1fc5b2b7e
Simplify protocol based on the semantics defined by openssl.
2017-01-30 15:04:44 -08:00
20eed1e762
Simplify code, so that openssl-sys really doesn't contain anything aside
...
from bindings
2017-01-30 15:04:44 -08:00
588fd33552
Testing first version that works with signer.
2017-01-30 15:04:44 -08:00
f5149eac5a
Add setters to new getter-functions in X509ReqRef
2017-01-27 20:55:40 +01:00
6a8f6f425f
Style changes according to review
2017-01-27 19:13:36 +01:00
557b936e27
Added X509ReqRef.subject_name and X509ReqRef.version
2017-01-26 21:05:33 +01:00
15b1b348b2
Pkcs12Builder tweaks
2017-01-25 11:37:26 +00:00
591022a7fa
fix multi-version compat
2017-01-23 22:12:11 -08:00
225552b823
Merge branch 'master' of github.com:sfackler/rust-openssl
2017-01-22 22:24:45 -08:00
fbfecd63ae
add some documentation
2017-01-22 22:23:21 -08:00
52c7868bb6
add pkcs12_create and to_der funcs
2017-01-22 21:27:31 -08:00
722bdb6a4c
Merge pull request #550 from Keruspe/master
...
LibreSSL support improvements
2017-01-22 18:39:34 +00:00
54900976bb
Support EC_GROUP_set_asn1_flag
...
Closes #561
2017-01-22 10:44:59 +00:00
1ffdf8a1ab
Fix test warnings
2017-01-21 14:43:43 +00:00
26e159a5f0
Support chacha20 and chacha20_poly1305
2017-01-21 11:12:02 +00:00
d353b36681
Support AES IGE
...
This is a special snowflake used only by Telegram apparently.
Closes #523
2017-01-21 09:41:13 +00:00
a1122197f8
Add categories
...
Closes #557
2017-01-20 16:35:43 +00:00
920ab0d6fb
OCSP functionality
2017-01-14 21:09:38 -08:00
9942643ab6
Release v0.9.6
2017-01-09 20:52:20 -08:00
1fbe8f8d71
Fix typo
2017-01-08 11:04:47 -08:00
1942977408
Add methods to construct SslAcceptorBuilder without key and cert
...
This will allow, in particular, initialization directly from files
rather than having to load and parse them manually.
2017-01-08 10:57:04 -08:00
0978f87095
libressl: make set_ecdh_auto available
...
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
2017-01-05 20:47:01 +01:00
404e0341d8
Provide master key access
2017-01-04 22:01:30 -08:00
a2c118bf82
Add basic session tests
2017-01-04 21:18:13 -08:00
0b1bfee46d
session is nullable
2017-01-04 21:15:09 -08:00
5d53405597
Provide access to the session ID
2017-01-04 21:11:06 -08:00
88a7032f4b
Types and accessor for SslSession
2017-01-04 20:59:46 -08:00
cdf388e3f4
Release v0.9.5
2017-01-03 16:09:24 -08:00
dbd6134fd6
Clean up EcKey example a bit
2017-01-03 15:33:45 -08:00
0897c196e1
Merge pull request #547 from sfackler/x509-stack
...
Add X509::stack_from_pem
2017-01-03 15:31:03 -08:00
da817c952d
Merge pull request #541 from bluejekyll/master
...
add EcKey creation from EcPoint, public_key
2017-01-03 15:27:14 -08:00
6291407b17
Add X509::stack_from_pem
...
Implementation is a clone of SSL_CTX_use_certificate_chain_file
2017-01-03 14:56:00 -08:00
e2f1569500
Tweak layout a little bit
2017-01-03 12:35:52 -08:00
1767cd5464
Pointer from PKey docs to sign module.
...
Could even add a link, but I don't know how.
Someone who wants to use OpenSSL to compute an HMAC won't find a "hmac" module and won't find HMACs in the "hash" module. Unless the person knows that HMACs are used to "sign" messages (the usual term in this context would be "authenticate"), they will probably use the search function and look for "hmac", then they'll find this method. So it's helpful to include a pointer to the right API to use. Without such a pointer, the API user is left with a seemingly useless Pkey instance.
Similar pointers could be helpful from the other creator methods in this file. And/or from the top-level documentation or the hash documentation towards the sign module. Another idea would be a trivial `hmac` module with a few helper functions that internally just use Pkey. If many users who just want a simple HMAC value can use that API, there are fewer dependencies on `Pkey` and `sign`, which is probably a good thing.
2017-01-03 14:48:46 +01:00
cfb2539ed4
Typo
2017-01-02 09:37:31 -08:00
0483ea767c
Little cleanup
2017-01-01 11:05:54 -08:00
0e0bee50a5
Clean up bio
2017-01-01 10:18:43 -08:00
7e75c76bb4
Stick tag description on the right function
2017-01-01 10:13:34 -08:00
cdabc1b3e3
Fix docs
2017-01-01 10:07:32 -08:00
85a6e8acca
Fix doc reference
2017-01-01 09:53:08 -08:00
444c00955a
add EcKey creation from EcPoint, public_key
2016-12-31 10:40:56 -08:00
5c49b58a88
Indicate that memcmp::eq should be used for HMACs
2016-12-31 09:44:57 -08:00
762510a5fa
Release v0.9.4
2016-12-23 13:38:52 -05:00
7e035a7fd1
Merge pull request #538 from semarie/libressl
...
Add LibreSSL support
2016-12-22 11:59:19 -05:00
a70e27ae64
Add Travis build against LibreSSL
2016-12-21 09:27:21 +01:00
b3526cbd2b
Add LibreSSL 2.5.0 support
2016-12-21 09:27:12 +01:00
8e01f8d250
Handle zero-length reads/writes
...
This commit adds some short-circuits for zero-length reads/writes to
`SslStream`. Because OpenSSL returns 0 on error, then we could mistakenly
confuse a 0-length success as an actual error, so we avoid writing or reading 0
bytes by returning quickly with a success.
2016-12-20 15:52:18 -08:00
791f2c8f4d
Release v0.9.3
2016-12-09 21:54:06 -08:00
26cefe7d97
Switch to docs.rs for docs
2016-12-09 21:52:43 -08:00
152d788998
Fix ErrorStack display
2016-12-09 21:32:41 -08:00
5340895249
Add Blowfish tests
2016-12-09 21:31:26 +00:00
0850f605b1
Use EVP_bf_cfb64 instead of EVP_bf_cfb
2016-12-09 18:42:10 +00:00
0081665339
Add Blowfish support
2016-12-09 17:06:15 +00:00
0602712bf4
Release v0.9.2
2016-11-27 22:23:32 -08:00
146512099b
Implement Clone for SslConnector and SslAcceptor
2016-11-27 21:35:35 -08:00
234f126d7d
Cleanup
2016-11-27 21:00:59 -08:00
8b60d4a3c2
Return Option from group
2016-11-16 15:45:15 -08:00
e58dda8990
Remove EcGroup constructors
...
You also need a generator and possibly other stuff. Let's hold off on
construction until someone has a concrete requirement for them.
2016-11-16 13:53:03 +01:00
7515510125
Test elliptic curve signatures
2016-11-15 22:06:20 +01:00
ec0fa36714
Add a test for mul_generator
2016-11-15 21:24:34 +01:00
b914f779e8
Turns out yet another variant of EC_POINT_mul is allowed!
2016-11-15 21:20:06 +01:00
6794a45d60
Rename ec_key to ec
2016-11-14 22:37:01 +01:00
90acfaea51
Split EcKey::mul
2016-11-14 22:08:04 +01:00
e929e09216
Add EcPoint::invert
2016-11-14 22:02:47 +01:00
4c60aa005d
Fix non-static EcGroup method locations
2016-11-14 19:20:08 +01:00
82eb3c4f51
Add EcKey::check_key
2016-11-13 22:10:52 +00:00
35f11d555e
More functionality
2016-11-13 22:06:18 +00:00
1a52649516
More functionality
2016-11-13 20:46:01 +00:00
3d31539ba9
Public keys are not always present
2016-11-13 20:31:44 +00:00
0d0b5080e2
Rename new_by_curve_name to from_curve_name
2016-11-13 20:21:44 +00:00
b2de36049a
Add Some more elliptic curve functionality
2016-11-13 20:19:38 +00:00
7dbef567e6
Remove some stray manual impls
2016-11-13 18:00:42 +00:00
ccef9e339d
Macroise from_pem
2016-11-13 17:56:48 +00:00
df9666c334
Macroise to_pem
2016-11-13 17:42:45 +00:00
48c0009418
Macroise from_der
2016-11-13 17:06:50 +00:00
b0415f466c
Macroise to_der
2016-11-13 16:52:19 +00:00
ed9f600e28
Make password callback return a Result
2016-11-13 16:18:52 +00:00
387e78257b
Support serialization of encrypted private keys
...
Switch to PEM_write_bio_PKCS8PrivateKey since the other function outputs
nonstandard PEM when encrypting.
2016-11-13 16:09:52 +00:00
7d411c7975
Add private_key_from_pem_passphrase
2016-11-13 15:27:39 +00:00
2a8923c050
Macro-implement private_key_to_pem
2016-11-13 15:12:50 +00:00
08e0c4ca90
Some serialization support for EcKey
2016-11-13 15:02:38 +00:00
85c1474ce6
No need to use a raw string anymore
2016-11-13 12:19:31 +00:00
64e9932ac9
Use ffdhe2048 in mozilla_intermediate
2016-11-12 17:52:58 +00:00
2f8301fc63
Be a bit more emphatic about the danger
2016-11-12 16:51:26 +00:00
6b3599d319
Add a connect method that does not perform hostname verification
...
The method name is intentionally painful to type to discourage its use
2016-11-12 16:45:18 +00:00
7cdb58bc47
Simplify test logic a bit
2016-11-12 14:42:48 +00:00
157034d995
Add a missing init
2016-11-12 14:30:53 +00:00
796d7b4deb
Add constructors for various standard primes
2016-11-12 14:20:43 +00:00
96d24c8957
Add SslRef::set_{tmp_dh,tmp_ecdh,ecdh_auto}
2016-11-12 13:45:54 +00:00
2a1d7b2bcb
Pick different cipher lists on 1.0.1 and 1.0.2
2016-11-12 13:36:03 +00:00
93253ba599
Adjust cipher lists to work on older versions
2016-11-12 13:09:12 +00:00
780c46e0e7
Add SslRef::set_tmp_{ec,}dh_calback
2016-11-12 12:56:58 +00:00
563754fb08
Add SslContextBuilder::set_tmp_{ec,}dh_callback
2016-11-12 12:43:44 +00:00
b14d68f715
Drop bits to u32
2016-11-12 11:14:05 +00:00
9b5c62b053
Add PKey::bits
2016-11-12 11:00:15 +00:00
26a3358a2b
Add basic X509_STORE access
...
There's more to do here, but this enabled addition of trusted CAs from
X509 objects.
Closes #394
2016-11-12 00:24:12 +00:00
6b7279eb52
Consistently support both PEM and DER encodings
...
Closes #500
2016-11-11 20:10:10 +00:00
15490a43e3
Add EcKey <-> PKey conversions
...
Closes #499
2016-11-11 19:17:38 +00:00
32cbed0782
PKey <-> DH conversions
...
Closes #498
2016-11-11 19:04:54 +00:00
609a09ebb9
Add PKey::dsa
...
Closes #501
2016-11-11 18:52:37 +00:00
0d2d4865e5
Release v0.9.1
2016-11-11 16:45:22 +00:00
898e7f02df
Fix EOF detection
...
See https://github.com/openssl/openssl/issues/1903 for details
2016-11-11 15:10:30 +00:00
a42c6e8713
Drop rustc-serialize dependency
2016-11-09 20:35:23 +00:00
7c8ae5f664
Better docs for AEAD tag
2016-11-09 18:54:29 +00:00
aa7c27536a
Make sure to override SslContext verify callback always
...
The 1.0.1 code has to override this to setup hostname validation, and
don't want behavior to silently change depending on the OpenSSL version
you're building against.
2016-11-08 22:38:48 +00:00
913723997b
Add convenience functions for AEAD encryption/decryption
2016-11-08 22:35:16 +00:00
203a02c3e6
Actually support AES GCM
...
This is an AEAD cipher, so we need some extra functionality. As another
bonus, we no longer panic if provided an IV with a different length than
the cipher's default.
2016-11-08 20:35:21 +00:00
b3b7194e82
Docs
2016-11-08 19:10:56 +00:00
97872500a3
Deprecate X509Generator
2016-11-07 21:48:40 +00:00
c0e02e7e51
Use X509Builder in X509Generator
2016-11-07 21:15:36 +00:00
18c5d1f771
Add init calls to new constructors
2016-11-07 20:50:57 +00:00
d78acc729b
Add an X509ReqBuilder
2016-11-07 20:42:43 +00:00
597d05b8f8
Add stack creation and push
2016-11-06 23:46:42 -08:00
8f7df7b205
Add SubjectAlternativeName
2016-11-06 23:19:58 -08:00
d17c3355ab
More extension progress
2016-11-06 22:52:53 -08:00
5f18ffa4b3
Start of extension support
2016-11-06 21:58:43 -08:00
1939e6fd78
Add conf module
2016-11-06 14:49:26 -08:00
b83edbad0d
Start on an X509Builder
2016-11-06 14:07:34 -08:00
1edb6f682e
Support client CA advertisement
2016-11-06 12:17:14 -08:00
a4e0581e4f
Fix build on 1.0.1
2016-11-06 11:57:50 -08:00
bcb7b3f5dc
Add accessors for cert and private key
...
Closes #340
2016-11-06 10:46:38 -08:00
72ac2a0105
Release v0.9.0
2016-11-05 20:05:50 -07:00
79e2004eef
Fixes
2016-11-05 19:28:17 -07:00
8ad1e5565b
Remove set_rsa
...
PKey is reference counted so allowing mutation is unsound
2016-11-05 18:49:09 -07:00
96a5ccfc6b
Implement Pkcs12 via type_!
2016-11-05 18:46:34 -07:00
4e2ffe5b9b
Re-adjust BigNum API
2016-11-05 17:35:31 -07:00
8037258913
Return a Stack in Pkcs12
2016-11-05 13:57:05 -07:00
ed69d6b037
Add Stack::pop
2016-11-05 13:40:53 -07:00
52feaae59f
More cleanup
2016-11-05 13:15:14 -07:00
Ansley Peduru