min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,523 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

256 Commits

Author SHA1 Message Date
Steven Fackler e9e58b27dc Remove EC_METHOD functions 
Some appear not to be defined anywhere and they're not used anyway
 2016-11-13 22:14:10 +00:00
Steven Fackler 82eb3c4f51 Add EcKey::check_key 2016-11-13 22:10:52 +00:00
Steven Fackler 35f11d555e More functionality 2016-11-13 22:06:18 +00:00
Steven Fackler 1a52649516 More functionality 2016-11-13 20:46:01 +00:00
Steven Fackler b2de36049a Add Some more elliptic curve functionality 2016-11-13 20:19:38 +00:00
Steven Fackler 48c0009418 Macroise from_der 2016-11-13 17:06:50 +00:00
Steven Fackler b0415f466c Macroise to_der 2016-11-13 16:52:19 +00:00
Steven Fackler 387e78257b Support serialization of encrypted private keys 
Switch to PEM_write_bio_PKCS8PrivateKey since the other function outputs
nonstandard PEM when encrypting.
 2016-11-13 16:09:52 +00:00
Steven Fackler 08e0c4ca90 Some serialization support for EcKey 2016-11-13 15:02:38 +00:00
Steven Fackler 96d24c8957 Add SslRef::set_{tmp_dh,tmp_ecdh,ecdh_auto} 2016-11-12 13:45:54 +00:00
Steven Fackler 563754fb08 Add SslContextBuilder::set_tmp_{ec,}dh_callback 2016-11-12 12:43:44 +00:00
Steven Fackler 7c9afd8c99 Fix function signature 2016-11-12 10:29:31 +00:00
Steven Fackler 26a3358a2b Add basic X509_STORE access 
There's more to do here, but this enabled addition of trusted CAs from
X509 objects.

Closes #394
 2016-11-12 00:24:12 +00:00
Steven Fackler 6b7279eb52 Consistently support both PEM and DER encodings 
Closes #500
 2016-11-11 20:10:10 +00:00
Steven Fackler 15490a43e3 Add EcKey <-> PKey conversions 
Closes #499
 2016-11-11 19:17:38 +00:00
Steven Fackler 32cbed0782 PKey <-> DH conversions 
Closes #498
 2016-11-11 19:04:54 +00:00
Steven Fackler 609a09ebb9 Add PKey::dsa 
Closes #501
 2016-11-11 18:52:37 +00:00
Steven Fackler 0d2d4865e5 Release v0.9.1 2016-11-11 16:45:22 +00:00
Steven Fackler 203a02c3e6 Actually support AES GCM 
This is an AEAD cipher, so we need some extra functionality. As another
bonus, we no longer panic if provided an IV with a different length than
the cipher's default.
 2016-11-08 20:35:21 +00:00
Steven Fackler 1edb6f682e Support client CA advertisement 2016-11-06 12:17:14 -08:00
Steven Fackler a4e0581e4f Fix build on 1.0.1 2016-11-06 11:57:50 -08:00
Steven Fackler bcb7b3f5dc Add accessors for cert and private key 
Closes #340
 2016-11-06 10:46:38 -08:00
Steven Fackler 72ac2a0105 Release v0.9.0 2016-11-05 20:05:50 -07:00
Steven Fackler 62a9f89fce Avoid lhash weirdness 2016-11-03 20:38:51 -07:00
Steven Fackler 7f308aa5e1 Fix signature 2016-11-02 08:26:18 -07:00
Steven Fackler aa0040125b Use built in DH parameters when available 
Fall back to a hardcoded PEM blob on 1.0.1, but serialized from
DH_get_2048_256.
 2016-11-01 22:50:22 -07:00
Steven Fackler 176348630a Don't clear BigNums in destructor 
Instead add a clear method.
 2016-11-01 21:59:07 -07:00
Lionel Flandrin 9ea27c12b9 Add method to encode a public key as a DER blob 2016-11-01 17:34:21 +01:00
Steven Fackler dc4098bdd8 Clean up x509 name entries 2016-10-31 22:43:05 -07:00
Steven Fackler cd7fa9fca2 Update x509 2016-10-31 20:54:34 -07:00
Steven Fackler 16e398e005 Update verify 2016-10-31 20:19:59 -07:00
Steven Fackler 558124b755 Expose SSL_MODEs 2016-10-30 22:02:26 -07:00
Steven Fackler 677718f8da Configure ECDH parameters in connector 2016-10-30 13:38:09 -07:00
Steven Fackler 8c58ecc2fa Implement EcKey 
cc #499
 2016-10-30 13:17:20 -07:00
Steven Fackler bea53bb39b Support AES GCM 
Closes #326
 2016-10-25 20:59:33 -07:00
Steven Fackler 39279455c8 Add a shutdown method 2016-10-25 20:40:18 -07:00
Steven Fackler 04fc853ee3 Remove NIDs only defined in 1.0.2+ 2016-10-23 09:16:20 -07:00
Steven Fackler 2fd201d9c3 De-enumify Nid 2016-10-22 10:08:32 -07:00
Steven Fackler 5ab037f056 Allow the X509 verify error to be read from an SslRef 2016-10-18 22:21:06 -07:00
Steven Fackler cfd5192a7d De-enumify X509ValidationError 
Also make it an Error.

Closes #352.
 2016-10-18 22:10:37 -07:00
Steven Fackler c4459c37d9 Callback cleanup 2016-10-18 21:13:13 -07:00
Steven Fackler 6609a81685 Migrate DSA sign/verify to EVP APIs 2016-10-15 15:02:02 -07:00
Steven Fackler 228b8fbc5b Correctly bind BIO_new_mem_buf 2016-10-15 13:39:47 -07:00
Steven Fackler bb23b33829 Fix signature of EVP_DigestVerifyFinal on 1.0.1 2016-10-15 12:24:20 -07:00
Steven Fackler 6ae472487f Support HMAC PKeys and remove hmac module 2016-10-15 11:06:11 -07:00
Steven Fackler b564cb5db7 Add digest signature methods 2016-10-15 09:48:34 -07:00
Steven Fackler 64b8e5e553 Merge pull request #471 from sfackler/no-comp 
Handle OPENSSL_NO_COMP
 2016-10-14 23:09:11 -07:00
Steven Fackler 7ac0599638 Fix test_alpn_server_select_none 
In OpenSSL 1.1, a failure to negotiate a protocol is a fatal error, so
fork that test. This also popped up an issue where we assumed all errors
had library, function, and reason strings which is not necessarily the
case.

While we're in here, adjust the Display impl to match what OpenSSL
prints out.

Closes #465
 2016-10-14 22:01:21 -07:00
Steven Fackler f520aa2860 Handle OPENSSL_NO_COMP 
Closes #459
 2016-10-14 20:50:45 -07:00
Steven Fackler d976b8f595 Enable hostname verification on 1.0.2 2016-10-14 18:56:15 -07:00