b5bb8de4f2
Convert try! usage to ?
2017-10-03 17:44:02 -04:00
4f8195c472
Document conf module
2017-10-03 17:32:49 -04:00
4e59fab753
CMS module documentation
2017-10-03 11:07:35 -07:00
7c40c5269c
Finished BigNum documentation
2017-10-03 09:52:14 -07:00
ff53750cab
Additional notes on Crypter
2017-10-04 00:28:32 +08:00
76ecc13cec
Copy example to module level
2017-10-04 00:05:30 +08:00
79a8ebb631
Add examples and more documentation to symm
2017-10-03 23:59:16 +08:00
7159215e45
Merge pull request #743 from AndyGauge/doc-asn1
...
Doc asn1 module
2017-09-30 21:14:12 -07:00
219f13eb35
Deprecate crypto module
2017-09-30 21:29:57 -04:00
b078c67dbb
Hide deprecated crypto module from docs
2017-09-30 12:06:09 -04:00
feb3eb3f01
removed deny missing docs
2017-09-29 16:23:16 -07:00
1e161e924f
WIP BigNum function documentation
2017-09-29 16:00:34 -07:00
9a63044175
Merge branch 'master' into doc-bn
2017-09-29 09:40:30 -07:00
38f0e8d9ee
Changed Asn1Object documentation to include references to Nid
2017-09-29 09:37:46 -07:00
b44d37acaf
Began bn module documenation
2017-09-29 09:18:44 -07:00
1766c1d327
Merge pull request #736 from johnthagen/hide-ec-key
...
Hide ec_key module in docs
2017-09-28 23:56:19 -04:00
c3fc494427
Merge pull request #737 from johnthagen/rand
...
Document rand module
2017-09-28 23:56:03 -04:00
7c0965e66d
Merge pull request #740 from johnthagen/memcmp
...
Document memcmp module
2017-09-28 23:51:38 -04:00
2c7a19013c
documented and example for ASN1 module
2017-09-28 16:27:00 -07:00
b65540709f
Document nid module
2017-09-28 14:25:39 -04:00
c5aef19d05
Add instructions for adding OpenSSL DLLs to PATH if needed during install
2017-09-28 13:34:49 -04:00
1e3b8183bb
Moved details about function and reworded block requirements
2017-09-28 08:04:10 -07:00
a02b07fe76
WIP ASN.1 documentation
2017-09-28 08:00:23 -07:00
c4b044b6ba
Fix doc test and move external documentation link to rand_bytes function
2017-09-28 10:36:53 -04:00
26fa22fe04
Fix typos
2017-09-28 09:52:46 -04:00
220c707fd9
Document rand module
2017-09-28 09:49:03 -04:00
0f0ab2e425
Hide ec_key module in docs because it is deprecated
2017-09-28 09:28:08 -04:00
f759f8dd4a
Preface with links to conventional AES
2017-09-27 08:46:13 -07:00
ad879ad7de
AES (IGE) encryption documentation
2017-09-26 16:51:37 -07:00
afde5a84b1
AES Module level docs and example
2017-09-26 16:34:06 -07:00
b07b0e7fb7
WIP: document AES
2017-09-25 17:01:08 -07:00
cd558d99e7
Release v0.9.18
2017-09-20 10:21:37 -04:00
dc92a514ef
Properly handle IPs in hostname verification
2017-09-20 10:04:09 -04:00
f0db1dbc95
Merge pull request #695 from Keruspe/master
...
openssl-sys: support libressl 2.6.1
2017-09-17 13:57:18 -07:00
b73548da18
openssl: ecdh_tmp_callback doesn't work with libressl 2.6.1
...
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
2017-09-17 19:55:47 +02:00
5091830379
openssl: libressl 2.6.1 dropped suuport for npn
...
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
2017-09-17 19:46:05 +02:00
7d41009a9c
Update default client cipher list
2017-09-16 13:10:55 -04:00
9bd64edc08
Fix indentation
2017-09-15 22:31:03 -04:00
68a30c29c9
Set SSL_MODE_RELEASE_BUFFERS by default
...
Closes #696
2017-09-14 19:15:00 -07:00
ca40c2e6a3
Symlink README in place
...
Allows crates.io to render it properly
2017-08-21 04:00:25 -07:00
1a6edc409f
Rename function, removing `get_`
...
Fix per PR comment, should have been like this from the start :).
2017-08-22 07:44:27 +10:00
f599df124b
Add ability to get affine coordinates from EcPoint
...
The initial usecase here is creating JWK representations as defined
within RFC 7517 from an EcKey created via a PEM source.
2017-08-21 15:08:48 +10:00
9143516037
Add SHA384 and SHA512
2017-08-16 21:03:46 -07:00
673bcfaf5a
Add SHA1 an SHA224 hashers
2017-08-16 20:26:16 -07:00
c175ac639d
Release v0.9.17
2017-08-14 17:13:36 -07:00
1d92ff290e
Add a stateful SHA256 hasher
2017-08-14 17:07:44 -07:00
ea6edb133e
Release v0.9.16
2017-08-10 22:17:50 -07:00
4c3b3476f4
Merge pull request #675 from sdemos/master
...
added cms decryption
2017-08-09 14:20:51 -07:00
caf7b8ecbc
added cms decryption
2017-08-09 12:26:45 -07:00
be1b573f6b
Delete DTLS tests
2017-08-08 22:01:58 -07:00
c966583877
Refine sig for set_public_key_affine_coordinates
...
This functions signature was originally defined to require mutable
references for `x` / `y` as the underpinning OpenSSL C API
was not `const`.
However the actual OpenSSL implementation makes no changes. This being
the case we've chosen to reflect non mutability at the Rust level.
2017-08-09 14:20:22 +10:00
16e8fbc31e
Fix EC_KEY_set_public_key_affine_coordinates
...
Previous definition incorrectly used `const` pointers but the
underpinning library definition (unfortunately) does not.
2017-08-09 13:34:08 +10:00
d9e0321851
Set the private key within EcKeyBuilder
...
The initial usecase here is creating EcKey instances from JWK
representations, that hold private keys, as defined within RFC 7517.
2017-08-09 12:44:54 +10:00
cfb4ea31d5
Support for EcKey creation from affine coordinates
...
Sets the public key for an EcKey based on its affine co-ordinates,
i.e. it constructs an EC_POINT object based on the supplied x and y
values and sets the public key to be this EC_POINT.
The initial usecase here is creating EcKey instances from JWK
representations as defined within RFC 7517.
2017-08-09 12:21:54 +10:00
f34af83653
Init in bn_ctx constructor
2017-07-30 13:24:36 -07:00
d1a42598d7
Init in Dh constructors
2017-07-30 13:23:19 -07:00
c2164a4864
Add peer_cert_chain
2017-07-29 10:34:10 -07:00
a132834132
Ignore dtls tests
...
They're way too flaky.
Closes #525
2017-07-29 09:54:04 -07:00
8fa9b58743
Tweak formatting on cipher list
2017-07-26 20:49:24 -07:00
01927c19ac
Initialize OpenSSL in DSA constructor
...
This fixes the double unlock errors that were popping up on circle
2017-07-25 21:59:52 -07:00
bf6dc28f0c
Release v0.9.15
2017-07-19 19:35:28 -07:00
7de1499c65
Fix X509::clone impl
...
Closes #667
2017-07-19 19:23:47 -07:00
9c9a0efafc
Remove unused import
2017-07-16 14:31:27 -07:00
3a7ca9c2ff
Switch over Linux tests to CircleCI
2017-07-16 14:15:09 -07:00
605b8af445
Tell docs.rs to build with all features
2017-07-15 22:08:52 -07:00
374ad206d5
Use foreign-type's Opaque
2017-07-15 21:53:49 -07:00
bcd0dcafcb
Rustfmt
2017-07-15 21:46:11 -07:00
5c2410c38a
Init before creating ex indexes
2017-07-15 18:58:24 -07:00
dbbf446a9e
Fix build
2017-07-15 17:25:02 -07:00
c68db708ee
Don't overwrite the configured verify mode
...
We can leverage the new extra data API to configure the verification
mode up front so users can reconfigure it as they like.
2017-07-15 16:50:36 -07:00
fd52bbe85c
Add an API to install extra data
2017-07-15 16:50:36 -07:00
e3c7a2785c
Move callbacks to a submodule
2017-07-15 16:50:36 -07:00
9290ed97c2
Merge pull request #657 from sfackler/rsa-pkcs1
...
Support PKCS#1 RSA public keys
2017-07-06 14:11:27 -10:00
279bffccf5
Merge pull request #641 from luser/psk
...
Expose PSK via a SslContextBuilder::set_psk_callback method
2017-07-04 18:19:17 -10:00
51a226eb4b
Support PKCS#1 RSA public keys
...
Closes #656
2017-07-04 20:57:00 -07:00
575e682da3
Add PKey::private_key_from_der
2017-06-23 21:04:13 -07:00
223e8e3689
Release v0.9.14
2017-06-14 19:59:45 -07:00
240eb9731f
Properly reexport ConnectConfiguration
2017-06-14 19:54:09 -07:00
d7135c88ac
Fix documentation typo
2017-06-10 18:40:57 -04:00
98d343dd32
Fix for changes in OpenSSL 1.1.0f
2017-06-06 18:45:54 -04:00
4de58596d9
Make some changes for review comments
2017-06-02 08:20:03 -04:00
3028958bf6
Little docs fix
2017-05-29 21:11:49 -07:00
c89af1d5f8
Add a fixme
2017-05-29 18:04:32 -07:00
cba475b9ae
Release v0.9.13
2017-05-29 17:46:07 -07:00
16183f41f6
Expose PSK via a SslContextBuilder::set_psk_callback method
2017-05-26 14:51:04 -04:00
27728f6fd9
Update bitflags 0.8 -> 0.9
2017-05-22 12:44:22 +03:00
4336d1d38c
Release v0.9.12
2017-05-12 11:47:46 -07:00
1fa7397b88
Set LD_LIBRARY_PATH when using custom build
2017-05-06 18:50:44 -07:00
67b5fd1c97
Support public key decode from DER
...
Closes #629
2017-05-06 16:40:33 -07:00
0efef98848
Add a note to rename variant
2017-05-06 16:35:55 -07:00
dd3896fdc5
Clarify use of ssl::HandshakeError::Interrupted
2017-05-03 12:03:18 -07:00
7e8a0a0dad
Expose the lower level SHA functions
...
These don't allocate so they're both infallible and significantly
faster.
2017-04-14 23:03:17 -07:00
429f7c869e
Release v0.9.11
2017-04-14 16:56:21 -07:00
fd6a1f70bd
Merge pull request #616 from sfackler/no-alloc
...
Don't force allocation for message digests
2017-04-13 19:37:11 -07:00
4cf9f6c4c0
Don't force allocation for message digests
2017-04-13 19:02:31 -07:00
b21046375a
(issues-600) Avoid compiling ec2m code against no-ec2m openssl
...
This commit avoids defining code that leads to undefined references when
compiling against an openssl built with no-ec2m.
2017-04-11 15:42:05 -07:00
e6a6ebb87d
Add new EC/PKEY methods to permit deriving shared secrets.
2017-04-10 15:40:36 -04:00
fc1bcecfc1
Don't exclude test data from package
...
Closes #612
2017-04-04 09:06:32 -07:00
af25627fdf
bump bitflags to 0.8
2017-04-03 23:04:23 +02:00
42ad50ae67
Release v0.9.10
2017-03-26 10:49:04 -07:00
ba2460d38d
Merge pull request #606 from cjcole/master
...
Fix order of arguments to BN_rand_range and BN_pseudo_rand_range
2017-03-26 05:01:29 +01:00
c8d1698f27
Logic to support client-side session reuse
2017-03-25 19:30:01 -07:00
d239e04c70
Fix order of arguments to BN_rand_range and BN_pseudo_rand_range
2017-03-25 12:29:18 -04:00
bf63f35dfb
Release v0.9.9
2017-03-14 12:55:36 -07:00
06b10a5753
Release v0.9.8
2017-03-09 20:33:17 +11:00
efe96396ad
Merge pull request #592 from Byron/master
...
Fix for len() == isize::max() for stacks that are unallocated
2017-03-09 20:28:42 +11:00
463db85110
Don't allow Stacks to be allocated with a null-ptr
...
The latter must be seen as undefined behaviour, as it will cause
the `sk_num` function to return -1 to indicate the error, which
causes all kinds of issues.
Thus there now is a panic to abort the program if stacks are initialized
with a null-ptr, and special handling of that case when decoding
a Pkcs file.
2017-03-07 07:39:25 +01:00
97536a9b82
Merge pull request #585 from bluejekyll/master
...
some helpful documentation and example on set_subject_name()
2017-03-07 13:19:52 +11:00
ec2685347c
Fix for empty stacks
...
The culprit is that `sk_num(stack)` can return -1
as c_int if there is no stack allocated.
Previously, thanks to unsafe casts, this would result in
a isize::max() for len() and iteration size if there was no stack.
Now this case is handled specifically, which fixes the issue.
2017-03-06 10:14:39 +01:00
f92ac2477b
Add test to run into issue with stack.len()
2017-03-06 09:59:00 +01:00
bf21ff5f80
Fix Shr trait impl for BigNum: was using shl
2017-03-01 11:24:11 -05:00
b431896057
mention the common fields
2017-02-22 22:05:39 -08:00
81362a4e79
scrypt support
...
Closes #586
2017-02-21 21:15:52 -08:00
9b24698aee
some helpful documentation and example.
2017-02-20 14:48:49 -08:00
268288337b
Expose more error information
2017-02-19 16:05:58 -08:00
618cc70d19
Add a fixme to drop const prefixes
2017-02-19 14:24:05 -08:00
710a30bb40
Tweaks
2017-02-18 21:58:38 -08:00
88740c1374
add Ok to result
2017-02-16 19:59:02 -08:00
323a646383
only forget in non-error condition
2017-02-16 19:50:58 -08:00
eef5b5d2ac
review fixes: reorder forget()
2017-02-16 19:49:14 -08:00
d080c10910
fix cfg options for v102 and v110
2017-02-16 19:49:14 -08:00
f8298882a4
add set_verify_cert_store() to ssl ctx
2017-02-16 19:49:14 -08:00
19f3b8a11a
Support PKCS#8 private key deserialization
...
Closes #581
2017-02-14 19:37:25 -08:00
06065ddcee
Release v0.9.7
2017-02-11 14:34:37 -08:00
129a3cff08
Update deprecation version
2017-02-11 10:27:09 -08:00
89cd1d3ea7
Use published foreign_types
2017-02-11 10:16:14 -08:00
16d5632983
Remove X509Req setters
2017-02-11 10:14:16 -08:00
f2c69ae7e9
Merge remote-tracking branch 'origin/master' into x509-builder
2017-02-11 10:13:00 -08:00
5ad4af70ae
Re-add reexport
2017-02-11 09:17:39 -08:00
1c25336520
Merge branch 'master' into x509_req_version_subject
2017-02-11 09:11:25 -08:00
03fe3015dc
X509 signature algorithm access
2017-02-10 21:37:33 -08:00
8e5735d84c
X509 signature access
2017-02-10 19:59:11 -08:00
a1d7956f82
Add Asn1BitString
2017-02-10 19:38:51 -08:00
8ae424235e
Make it compile again.
...
Make self mut in set_subject_name.
Add assert to prevent a null pointer in subject_name.
2017-02-07 21:49:07 +01:00
30a634c877
Merge branch 'master' into x509_req_version_subject
2017-02-07 20:41:27 +01:00
12ae31ad47
Switch to foreign_types
2017-02-03 23:03:35 -08:00
4900d3fe5d
Fixed constant names from openssl/rsa.h
...
Fixed PKeyCtxRef method that didn't need to be mutable.
Added non-mutable accessors for PKeyCtxRef for Signer and Verifier.
2017-01-31 11:59:59 -08:00
302ee77d32
Adding suggestions from review.
2017-01-30 16:51:10 -08:00
72a10f3e65
Fixing typo
2017-01-30 15:04:44 -08:00
ef61b814ff
Small amount of docs.
2017-01-30 15:04:44 -08:00
e1fc5b2b7e
Simplify protocol based on the semantics defined by openssl.
2017-01-30 15:04:44 -08:00
20eed1e762
Simplify code, so that openssl-sys really doesn't contain anything aside
...
from bindings
2017-01-30 15:04:44 -08:00
588fd33552
Testing first version that works with signer.
2017-01-30 15:04:44 -08:00
f5149eac5a
Add setters to new getter-functions in X509ReqRef
2017-01-27 20:55:40 +01:00
6a8f6f425f
Style changes according to review
2017-01-27 19:13:36 +01:00
557b936e27
Added X509ReqRef.subject_name and X509ReqRef.version
2017-01-26 21:05:33 +01:00
15b1b348b2
Pkcs12Builder tweaks
2017-01-25 11:37:26 +00:00
591022a7fa
fix multi-version compat
2017-01-23 22:12:11 -08:00
225552b823
Merge branch 'master' of github.com:sfackler/rust-openssl
2017-01-22 22:24:45 -08:00
fbfecd63ae
add some documentation
2017-01-22 22:23:21 -08:00
52c7868bb6
add pkcs12_create and to_der funcs
2017-01-22 21:27:31 -08:00
722bdb6a4c
Merge pull request #550 from Keruspe/master
...
LibreSSL support improvements
2017-01-22 18:39:34 +00:00
54900976bb
Support EC_GROUP_set_asn1_flag
...
Closes #561
2017-01-22 10:44:59 +00:00
1ffdf8a1ab
Fix test warnings
2017-01-21 14:43:43 +00:00
26e159a5f0
Support chacha20 and chacha20_poly1305
2017-01-21 11:12:02 +00:00
d353b36681
Support AES IGE
...
This is a special snowflake used only by Telegram apparently.
Closes #523
2017-01-21 09:41:13 +00:00
a1122197f8
Add categories
...
Closes #557
2017-01-20 16:35:43 +00:00
920ab0d6fb
OCSP functionality
2017-01-14 21:09:38 -08:00
9942643ab6
Release v0.9.6
2017-01-09 20:52:20 -08:00
1fbe8f8d71
Fix typo
2017-01-08 11:04:47 -08:00
1942977408
Add methods to construct SslAcceptorBuilder without key and cert
...
This will allow, in particular, initialization directly from files
rather than having to load and parse them manually.
2017-01-08 10:57:04 -08:00
0978f87095
libressl: make set_ecdh_auto available
...
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
2017-01-05 20:47:01 +01:00
404e0341d8
Provide master key access
2017-01-04 22:01:30 -08:00
a2c118bf82
Add basic session tests
2017-01-04 21:18:13 -08:00
0b1bfee46d
session is nullable
2017-01-04 21:15:09 -08:00
5d53405597
Provide access to the session ID
2017-01-04 21:11:06 -08:00
88a7032f4b
Types and accessor for SslSession
2017-01-04 20:59:46 -08:00
cdf388e3f4
Release v0.9.5
2017-01-03 16:09:24 -08:00
dbd6134fd6
Clean up EcKey example a bit
2017-01-03 15:33:45 -08:00
0897c196e1
Merge pull request #547 from sfackler/x509-stack
...
Add X509::stack_from_pem
2017-01-03 15:31:03 -08:00
da817c952d
Merge pull request #541 from bluejekyll/master
...
add EcKey creation from EcPoint, public_key
2017-01-03 15:27:14 -08:00
6291407b17
Add X509::stack_from_pem
...
Implementation is a clone of SSL_CTX_use_certificate_chain_file
2017-01-03 14:56:00 -08:00
e2f1569500
Tweak layout a little bit
2017-01-03 12:35:52 -08:00
1767cd5464
Pointer from PKey docs to sign module.
...
Could even add a link, but I don't know how.
Someone who wants to use OpenSSL to compute an HMAC won't find a "hmac" module and won't find HMACs in the "hash" module. Unless the person knows that HMACs are used to "sign" messages (the usual term in this context would be "authenticate"), they will probably use the search function and look for "hmac", then they'll find this method. So it's helpful to include a pointer to the right API to use. Without such a pointer, the API user is left with a seemingly useless Pkey instance.
Similar pointers could be helpful from the other creator methods in this file. And/or from the top-level documentation or the hash documentation towards the sign module. Another idea would be a trivial `hmac` module with a few helper functions that internally just use Pkey. If many users who just want a simple HMAC value can use that API, there are fewer dependencies on `Pkey` and `sign`, which is probably a good thing.
2017-01-03 14:48:46 +01:00
cfb2539ed4
Typo
2017-01-02 09:37:31 -08:00
0483ea767c
Little cleanup
2017-01-01 11:05:54 -08:00
0e0bee50a5
Clean up bio
2017-01-01 10:18:43 -08:00
7e75c76bb4
Stick tag description on the right function
2017-01-01 10:13:34 -08:00
cdabc1b3e3
Fix docs
2017-01-01 10:07:32 -08:00
85a6e8acca
Fix doc reference
2017-01-01 09:53:08 -08:00
444c00955a
add EcKey creation from EcPoint, public_key
2016-12-31 10:40:56 -08:00
5c49b58a88
Indicate that memcmp::eq should be used for HMACs
2016-12-31 09:44:57 -08:00
762510a5fa
Release v0.9.4
2016-12-23 13:38:52 -05:00
7e035a7fd1
Merge pull request #538 from semarie/libressl
...
Add LibreSSL support
2016-12-22 11:59:19 -05:00
a70e27ae64
Add Travis build against LibreSSL
2016-12-21 09:27:21 +01:00
b3526cbd2b
Add LibreSSL 2.5.0 support
2016-12-21 09:27:12 +01:00
8e01f8d250
Handle zero-length reads/writes
...
This commit adds some short-circuits for zero-length reads/writes to
`SslStream`. Because OpenSSL returns 0 on error, then we could mistakenly
confuse a 0-length success as an actual error, so we avoid writing or reading 0
bytes by returning quickly with a success.
2016-12-20 15:52:18 -08:00
791f2c8f4d
Release v0.9.3
2016-12-09 21:54:06 -08:00
26cefe7d97
Switch to docs.rs for docs
2016-12-09 21:52:43 -08:00
152d788998
Fix ErrorStack display
2016-12-09 21:32:41 -08:00
5340895249
Add Blowfish tests
2016-12-09 21:31:26 +00:00
0850f605b1
Use EVP_bf_cfb64 instead of EVP_bf_cfb
2016-12-09 18:42:10 +00:00
0081665339
Add Blowfish support
2016-12-09 17:06:15 +00:00
0602712bf4
Release v0.9.2
2016-11-27 22:23:32 -08:00
146512099b
Implement Clone for SslConnector and SslAcceptor
2016-11-27 21:35:35 -08:00
234f126d7d
Cleanup
2016-11-27 21:00:59 -08:00
8b60d4a3c2
Return Option from group
2016-11-16 15:45:15 -08:00
e58dda8990
Remove EcGroup constructors
...
You also need a generator and possibly other stuff. Let's hold off on
construction until someone has a concrete requirement for them.
2016-11-16 13:53:03 +01:00
7515510125
Test elliptic curve signatures
2016-11-15 22:06:20 +01:00
ec0fa36714
Add a test for mul_generator
2016-11-15 21:24:34 +01:00
johnthagen