diff options
| author | Steven Fackler <[email protected]> | 2016-08-09 22:52:12 -0700 |
|---|---|---|
| committer | Steven Fackler <[email protected]> | 2016-08-09 22:52:12 -0700 |
| commit | 67b5b4d814066eaf0debbe3b95d68ae0d7b9226a (patch) | |
| tree | f8c2565e72f41cab21bead5aadadbbdb17dd7afe | |
| parent | Fix build (diff) | |
| download | rust-openssl-67b5b4d814066eaf0debbe3b95d68ae0d7b9226a.tar.xz rust-openssl-67b5b4d814066eaf0debbe3b95d68ae0d7b9226a.zip | |
Make hmac support optional and remove openssl-sys-extras
rust-openssl no longer requires headers for the default feature set.
| -rw-r--r-- | openssl-sys-extras/Cargo.toml | 19 | ||||
| -rw-r--r-- | openssl-sys-extras/build.rs | 77 | ||||
| -rw-r--r-- | openssl-sys-extras/src/lib.rs | 82 | ||||
| -rw-r--r-- | openssl-sys-extras/src/openssl_shim.c | 140 | ||||
| -rw-r--r-- | openssl-sys-extras/src/ssl_options.rs | 46 | ||||
| -rw-r--r-- | openssl-sys/Cargo.toml | 1 | ||||
| -rw-r--r-- | openssl-sys/src/lib.rs | 2 | ||||
| -rw-r--r-- | openssl/Cargo.toml | 3 | ||||
| -rw-r--r-- | openssl/src/c_helpers.c | 34 | ||||
| -rw-r--r-- | openssl/src/c_helpers.rs | 5 | ||||
| -rw-r--r-- | openssl/src/crypto/hmac.rs | 36 | ||||
| -rw-r--r-- | openssl/src/crypto/mod.rs | 1 | ||||
| -rw-r--r-- | openssl/src/lib.rs | 1 |
13 files changed, 64 insertions, 383 deletions
diff --git a/openssl-sys-extras/Cargo.toml b/openssl-sys-extras/Cargo.toml deleted file mode 100644 index 903305d7..00000000 --- a/openssl-sys-extras/Cargo.toml +++ /dev/null @@ -1,19 +0,0 @@ -[package] -name = "openssl-sys-extras" -version = "0.7.14" -authors = ["Steven Fackler <[email protected]>"] -license = "MIT" -description = "Extra FFI bindings to OpenSSL that require a C shim" -repository = "https://github.com/sfackler/rust-openssl" -documentation = "https://sfackler.github.io/rust-openssl/doc/v0.7.14/openssl_sys_extras" -build = "build.rs" - -[features] -ecdh_auto = [] - -[dependencies] -libc = "0.2" -openssl-sys = { version = "0.7.14", path = "../openssl-sys" } - -[build-dependencies] -gcc = "0.3" diff --git a/openssl-sys-extras/build.rs b/openssl-sys-extras/build.rs deleted file mode 100644 index e3c695b1..00000000 --- a/openssl-sys-extras/build.rs +++ /dev/null @@ -1,77 +0,0 @@ -extern crate gcc; - -use std::env; -use std::path::PathBuf; -use std::fs::File; -use std::io::Write as IoWrite; -use std::fmt::Write; - -fn main() { - let options_shim_file = generate_options_shim(); - let mut config = gcc::Config::new(); - - if let Some(paths) = env::var_os("DEP_OPENSSL_INCLUDE") { - for path in env::split_paths(&paths) { - config.include(PathBuf::from(path)); - } - } - - config.file("src/openssl_shim.c") - .file(options_shim_file) - .compile("libopenssl_shim.a"); -} - -macro_rules! import_options { - ( $( $name:ident $val:expr )* ) => { - &[ $( (stringify!($name),$val), )* ] - }; -} - -fn generate_options_shim() -> PathBuf { - let options: &[(&'static str,u64)]=include!("src/ssl_options.rs"); - let mut shim = String::new(); - writeln!(shim,"#include <stdint.h>").unwrap(); - writeln!(shim,"#include <openssl/ssl.h>").unwrap(); - - for &(name,value) in options { - writeln!(shim,"#define RUST_{} UINT64_C({})",name,value).unwrap(); - writeln!(shim,"#ifndef {}",name).unwrap(); - writeln!(shim,"# define {} 0",name).unwrap(); - writeln!(shim,"#endif").unwrap(); - } - - writeln!(shim,"#define COPY_MASK ( \\").unwrap(); - - let mut it=options.iter().peekable(); - while let Some(&(name,_))=it.next() { - let eol=match it.peek() { - Some(_) => " | \\", - None => " )" - }; - writeln!(shim," ((RUST_{0}==(uint64_t)(uint32_t){0})?RUST_{0}:UINT64_C(0)){1}",name,eol).unwrap(); - } - - writeln!(shim,"long rust_openssl_ssl_ctx_options_rust_to_c(uint64_t rustval) {{").unwrap(); - writeln!(shim," long cval=rustval©_MASK;").unwrap(); - for &(name,_) in options { - writeln!(shim," if (rustval&RUST_{0}) cval|={0};",name).unwrap(); - } - writeln!(shim," return cval;").unwrap(); - writeln!(shim,"}}").unwrap(); - - writeln!(shim,"uint64_t rust_openssl_ssl_ctx_options_c_to_rust(long cval) {{").unwrap(); - writeln!(shim," uint64_t rustval=cval©_MASK;").unwrap(); - for &(name,_) in options { - writeln!(shim," if (cval&{0}) rustval|=RUST_{0};",name).unwrap(); - } - writeln!(shim," return rustval;").unwrap(); - writeln!(shim,"}}").unwrap(); - - let out_dir = env::var("OUT_DIR").unwrap(); - let dest_file = PathBuf::from(&out_dir).join("ssl_ctx_options_shim.c"); - let mut f = File::create(&dest_file).unwrap(); - - f.write_all(shim.as_bytes()).unwrap(); - - dest_file -} diff --git a/openssl-sys-extras/src/lib.rs b/openssl-sys-extras/src/lib.rs deleted file mode 100644 index 8e7542fc..00000000 --- a/openssl-sys-extras/src/lib.rs +++ /dev/null @@ -1,82 +0,0 @@ -#![allow(non_upper_case_globals, non_snake_case)] -#![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.7.14")] - -extern crate openssl_sys; -extern crate libc; - -use libc::{c_int, c_uint, c_long, c_char, c_void}; -use openssl_sys::{HMAC_CTX, EVP_MD, ENGINE, SSL_CTX, BIO, X509, stack_st_X509_EXTENSION, SSL, DH}; - -macro_rules! import_options { - ( $( $name:ident $val:expr )* ) => { - $( pub const $name: u64 = $val; )* - }; -} - -include!("ssl_options.rs"); - -pub unsafe fn SSL_CTX_set_options(ssl: *mut SSL_CTX, op: u64) -> u64 { - rust_openssl_ssl_ctx_options_c_to_rust(SSL_CTX_set_options_shim(ssl, rust_openssl_ssl_ctx_options_rust_to_c(op))) -} - -pub unsafe fn SSL_CTX_get_options(ssl: *mut SSL_CTX) -> u64 { - rust_openssl_ssl_ctx_options_c_to_rust(SSL_CTX_get_options_shim(ssl)) -} - -pub unsafe fn SSL_CTX_clear_options(ssl: *mut SSL_CTX, op: u64) -> u64 { - rust_openssl_ssl_ctx_options_c_to_rust(SSL_CTX_clear_options_shim(ssl, rust_openssl_ssl_ctx_options_rust_to_c(op))) -} - -extern { - fn rust_openssl_ssl_ctx_options_rust_to_c(rustval: u64) -> c_long; - fn rust_openssl_ssl_ctx_options_c_to_rust(cval: c_long) -> u64; - - // Pre-1.0 versions of these didn't return anything, so the shims bridge that gap - #[cfg_attr(not(target_os = "nacl"), link_name = "HMAC_Init_ex_shim")] - pub fn HMAC_Init_ex(ctx: *mut HMAC_CTX, key: *const u8, keylen: c_int, md: *const EVP_MD, imple: *const ENGINE) -> c_int; - #[cfg_attr(not(target_os = "nacl"), link_name = "HMAC_Final_shim")] - pub fn HMAC_Final(ctx: *mut HMAC_CTX, output: *mut u8, len: *mut c_uint) -> c_int; - #[cfg_attr(not(target_os = "nacl"), link_name = "HMAC_Update_shim")] - pub fn HMAC_Update(ctx: *mut HMAC_CTX, input: *const u8, len: c_uint) -> c_int; - - // This isn't defined in < 1.0 so we copy the implementation there - pub fn HMAC_CTX_copy(dst: *mut HMAC_CTX, src: *const HMAC_CTX) -> c_int; - - // These functions are defined in OpenSSL as macros, so we shim them - #[link_name = "BIO_eof_shim"] - pub fn BIO_eof(b: *mut BIO) -> c_int; - #[link_name = "BIO_set_nbio_shim"] - pub fn BIO_set_nbio(b: *mut BIO, enabled: c_long) -> c_long; - #[link_name = "BIO_set_mem_eof_return_shim"] - pub fn BIO_set_mem_eof_return(b: *mut BIO, v: c_int); - #[link_name = "BIO_clear_retry_flags_shim"] - pub fn BIO_clear_retry_flags(b: *mut BIO); - #[link_name = "BIO_set_retry_read_shim"] - pub fn BIO_set_retry_read(b: *mut BIO); - #[link_name = "BIO_set_retry_write_shim"] - pub fn BIO_set_retry_write(b: *mut BIO); - #[link_name = "BIO_flush"] - pub fn BIO_flush(b: *mut BIO) -> c_long; - pub fn SSL_CTX_set_options_shim(ctx: *mut SSL_CTX, options: c_long) -> c_long; - pub fn SSL_CTX_get_options_shim(ctx: *mut SSL_CTX) -> c_long; - pub fn SSL_CTX_clear_options_shim(ctx: *mut SSL_CTX, options: c_long) -> c_long; - #[link_name = "SSL_CTX_set_mode_shim"] - pub fn SSL_CTX_set_mode(ctx: *mut SSL_CTX, options: c_long) -> c_long; - #[link_name = "SSL_CTX_add_extra_chain_cert_shim"] - pub fn SSL_CTX_add_extra_chain_cert(ctx: *mut SSL_CTX, x509: *mut X509) -> c_long; - #[link_name = "SSL_CTX_set_read_ahead_shim"] - pub fn SSL_CTX_set_read_ahead(ctx: *mut SSL_CTX, m: c_long) -> c_long; - #[cfg(feature = "ecdh_auto")] - #[link_name = "SSL_CTX_set_ecdh_auto_shim"] - pub fn SSL_CTX_set_ecdh_auto(ssl: *mut SSL_CTX, onoff: c_int) -> c_int; - #[link_name = "SSL_set_tlsext_host_name_shim"] - pub fn SSL_set_tlsext_host_name(s: *mut SSL, name: *const c_char) -> c_long; - #[link_name = "SSL_CTX_set_tmp_dh_shim"] - pub fn SSL_CTX_set_tmp_dh(s: *mut SSL, dh: *const DH) -> c_long; - #[link_name = "X509_get_extensions_shim"] - pub fn X509_get_extensions(x: *mut X509) -> *mut stack_st_X509_EXTENSION; - #[link_name = "SSL_CTX_set_tlsext_servername_callback_shim"] - pub fn SSL_CTX_set_tlsext_servername_callback(ssl: *mut SSL_CTX, callback: Option<extern fn()>); - #[link_name = "SSL_CTX_set_tlsext_servername_arg_shim"] - pub fn SSL_CTX_set_tlsext_servername_arg(ssl: *mut SSL_CTX, arg: *const c_void); -} diff --git a/openssl-sys-extras/src/openssl_shim.c b/openssl-sys-extras/src/openssl_shim.c deleted file mode 100644 index 974312b9..00000000 --- a/openssl-sys-extras/src/openssl_shim.c +++ /dev/null @@ -1,140 +0,0 @@ -#include <openssl/hmac.h> -#include <openssl/ssl.h> -#include <openssl/dh.h> -#include <openssl/bn.h> - -#if OPENSSL_VERSION_NUMBER < 0x10000000L -// Copied from openssl crypto/hmac/hmac.c -int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) - { - if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx)) - goto err; - if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx)) - goto err; - if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx)) - goto err; - memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK); - dctx->key_length = sctx->key_length; - dctx->md = sctx->md; - return 1; - err: - return 0; - } - -int HMAC_Init_ex_shim(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md, ENGINE *impl) { - HMAC_Init_ex(ctx, key, key_len, md, impl); - return 1; -} - -int HMAC_Update_shim(HMAC_CTX *ctx, const unsigned char *data, int len) { - HMAC_Update(ctx, data, len); - return 1; -} - -int HMAC_Final_shim(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) { - HMAC_Final(ctx, md, len); - return 1; -} - -#else - -int HMAC_Init_ex_shim(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md, ENGINE *impl) { - return HMAC_Init_ex(ctx, key, key_len, md, impl); -} - -int HMAC_Update_shim(HMAC_CTX *ctx, const unsigned char *data, int len) { - return HMAC_Update(ctx, data, len); -} - -int HMAC_Final_shim(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) { - return HMAC_Final(ctx, md, len); -} -#endif - -// shims for OpenSSL macros - -int BIO_eof_shim(BIO *b) { - return BIO_eof(b); -} - -long BIO_set_nbio_shim(BIO *b, long enabled) { - return BIO_set_nbio(b, enabled); -} - -void BIO_set_mem_eof_return_shim(BIO *b, int v) { - BIO_set_mem_eof_return(b, v); -} - -void BIO_clear_retry_flags_shim(BIO *b) { - BIO_clear_retry_flags(b); -} - -void BIO_set_retry_read_shim(BIO *b) { - BIO_set_retry_read(b); -} - -void BIO_set_retry_write_shim(BIO *b) { - BIO_set_retry_write(b); -} - -long BIO_flush_shim(BIO *b) { - return BIO_flush(b); -} - -long SSL_CTX_set_options_shim(SSL_CTX *ctx, long options) { - return SSL_CTX_set_options(ctx, options); -} - -long SSL_CTX_get_options_shim(SSL_CTX *ctx) { - return SSL_CTX_get_options(ctx); -} - -long SSL_CTX_clear_options_shim(SSL_CTX *ctx, long options) { - return SSL_CTX_clear_options(ctx, options); -} - -long SSL_CTX_set_mode_shim(SSL_CTX *ctx, long options) { - return SSL_CTX_set_mode(ctx, options); -} - -long SSL_CTX_add_extra_chain_cert_shim(SSL_CTX *ctx, X509 *x509) { - return SSL_CTX_add_extra_chain_cert(ctx, x509); -} - -long SSL_CTX_set_read_ahead_shim(SSL_CTX *ctx, long m) { - return SSL_CTX_set_read_ahead(ctx, m); -} - -long SSL_CTX_set_tmp_dh_shim(SSL_CTX *ctx, DH *dh) { - return SSL_CTX_set_tmp_dh(ctx, dh); -} - -long SSL_CTX_set_tlsext_servername_callback_shim(SSL_CTX *ctx, int (*callback)(SSL_CTX *, int *, void*)) { - return SSL_CTX_set_tlsext_servername_callback(ctx, callback); -} - -long SSL_CTX_set_tlsext_servername_arg_shim(SSL_CTX *ctx, void* arg) { - return SSL_CTX_set_tlsext_servername_arg(ctx, arg); -} - -#if OPENSSL_VERSION_NUMBER >= 0x10002000L -int SSL_CTX_set_ecdh_auto_shim(SSL_CTX *ctx, int onoff) { - return SSL_CTX_set_ecdh_auto(ctx, onoff); -} -#endif - -DH *DH_new_from_params(BIGNUM *p, BIGNUM *g, BIGNUM *q) { - DH *dh; - - if ((dh = DH_new()) == NULL) { - return NULL; - } - dh->p = p; - dh->g = g; - dh->q = q; - return dh; -} - -long SSL_set_tlsext_host_name_shim(SSL *s, char *name) { - return SSL_set_tlsext_host_name(s, name); -} diff --git a/openssl-sys-extras/src/ssl_options.rs b/openssl-sys-extras/src/ssl_options.rs deleted file mode 100644 index a1c778ac..00000000 --- a/openssl-sys-extras/src/ssl_options.rs +++ /dev/null @@ -1,46 +0,0 @@ -import_options!{ -// The following values are directly from recent OpenSSL -SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001 -SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002 -SSL_OP_LEGACY_SERVER_CONNECT 0x00000004 -SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008 -SSL_OP_TLSEXT_PADDING 0x00000010 -SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020 -SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040 -SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080 -SSL_OP_TLS_D5_BUG 0x00000100 -SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200 -// unused: 0x00000400 -SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800 -SSL_OP_NO_QUERY_MTU 0x00001000 -SSL_OP_COOKIE_EXCHANGE 0x00002000 -SSL_OP_NO_TICKET 0x00004000 -SSL_OP_CISCO_ANYCONNECT 0x00008000 -SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000 -SSL_OP_NO_COMPRESSION 0x00020000 -SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000 -SSL_OP_SINGLE_ECDH_USE 0x00080000 -SSL_OP_SINGLE_DH_USE 0x00100000 -// unused: 0x00200000 -SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000 -SSL_OP_TLS_ROLLBACK_BUG 0x00800000 -SSL_OP_NO_SSLv2 0x01000000 -SSL_OP_NO_SSLv3 0x02000000 -SSL_OP_NO_DTLSv1 0x04000000 -SSL_OP_NO_TLSv1 0x04000000 -SSL_OP_NO_DTLSv1_2 0x08000000 -SSL_OP_NO_TLSv1_2 0x08000000 -SSL_OP_NO_TLSv1_1 0x10000000 -SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000 -SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000 -SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x80000000 - -// The following values were in 32-bit range in old OpenSSL -SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x100000000 -SSL_OP_MSIE_SSLV2_RSA_PADDING 0x200000000 -SSL_OP_PKCS1_CHECK_1 0x400000000 -SSL_OP_PKCS1_CHECK_2 0x800000000 - -// The following values were redefined to 0 for security reasons -SSL_OP_EPHEMERAL_RSA 0x0 -} diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml index 45424bbf..9e923eb0 100644 --- a/openssl-sys/Cargo.toml +++ b/openssl-sys/Cargo.toml @@ -24,6 +24,7 @@ alpn = [] rfc5114 = [] pkcs5_pbkdf2_hmac = [] ecdh_auto = [] +hmac_clone = [] [dependencies] libc = "0.2" diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 4dccc67e..55375d8d 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -801,6 +801,8 @@ extern "C" { pub fn HMAC_CTX_init(ctx: *mut HMAC_CTX); pub fn HMAC_CTX_cleanup(ctx: *mut HMAC_CTX); + #[cfg(feature = "hmac_clone")] + pub fn HMAC_CTX_copy(dst: *mut HMAC_CTX, src: *const HMAC_CTX) -> c_int; pub fn PEM_read_bio_DHparams(bio: *mut BIO, out: *mut *mut DH, callback: Option<PasswordCallback>, user_data: *mut c_void) -> *mut DH; diff --git a/openssl/Cargo.toml b/openssl/Cargo.toml index f4f4673c..d06accce 100644 --- a/openssl/Cargo.toml +++ b/openssl/Cargo.toml @@ -25,18 +25,19 @@ alpn = ["openssl-sys/alpn"] rfc5114 = ["openssl-sys/rfc5114"] ecdh_auto = ["openssl-sys/ecdh_auto"] pkcs5_pbkdf2_hmac = ["openssl-sys/pkcs5_pbkdf2_hmac"] +hmac_clone = ["openssl-sys/hmac_clone"] c_helpers = ["gcc"] x509_clone = ["c_helpers"] x509_generator_request = ["c_helpers"] ssl_context_clone = ["c_helpers"] +hmac = ["c_helpers"] [dependencies] bitflags = ">= 0.5.0, < 0.8.0" lazy_static = "0.2" libc = "0.2" openssl-sys = { version = "0.7.14", path = "../openssl-sys" } -openssl-sys-extras = { version = "0.7.14", path = "../openssl-sys-extras" } [build-dependencies] gcc = { version = "0.3", optional = true } diff --git a/openssl/src/c_helpers.c b/openssl/src/c_helpers.c index f8bc2d0d..4a2021e4 100644 --- a/openssl/src/c_helpers.c +++ b/openssl/src/c_helpers.c @@ -1,4 +1,7 @@ +#include <openssl/hmac.h> #include <openssl/ssl.h> +#include <openssl/dh.h> +#include <openssl/bn.h> void rust_SSL_CTX_clone(SSL_CTX *ctx) { CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX); @@ -11,3 +14,34 @@ void rust_X509_clone(X509 *x509) { STACK_OF(X509_EXTENSION) *rust_X509_get_extensions(X509 *x) { return x->cert_info ? x->cert_info->extensions : NULL; } + +#if OPENSSL_VERSION_NUMBER < 0x10000000L +int rust_HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md, ENGINE *impl) { + HMAC_Init_ex(ctx, key, key_len, md, impl); + return 1; +} + +int rust_HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len) { + HMAC_Update(ctx, data, len); + return 1; +} + +int rust_HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) { + HMAC_Final(ctx, md, len); + return 1; +} + +#else + +int rust_HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md, ENGINE *impl) { + return HMAC_Init_ex(ctx, key, key_len, md, impl); +} + +int rust_HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len) { + return HMAC_Update(ctx, data, len); +} + +int rust_HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) { + return HMAC_Final(ctx, md, len); +} +#endif diff --git a/openssl/src/c_helpers.rs b/openssl/src/c_helpers.rs index f074d404..a195d88f 100644 --- a/openssl/src/c_helpers.rs +++ b/openssl/src/c_helpers.rs @@ -1,8 +1,13 @@ use ffi; +use libc::{c_int, c_void, c_uint, c_uchar}; #[allow(dead_code)] extern "C" { pub fn rust_SSL_CTX_clone(cxt: *mut ffi::SSL_CTX); pub fn rust_X509_clone(x509: *mut ffi::X509); pub fn rust_X509_get_extensions(x: *mut ffi::X509) -> *mut ffi::stack_st_X509_EXTENSION; + + pub fn rust_HMAC_Init_ex(ctx: *mut ffi::HMAC_CTX, key: *const c_void, keylen: c_int, md: *const ffi::EVP_MD, impl_: *mut ffi::ENGINE) -> c_int; + pub fn rust_HMAC_Final(ctx: *mut ffi::HMAC_CTX, output: *mut c_uchar, len: *mut c_uint) -> c_int; + pub fn rust_HMAC_Update(ctx: *mut ffi::HMAC_CTX, input: *const c_uchar, len: c_uint) -> c_int; } diff --git a/openssl/src/crypto/hmac.rs b/openssl/src/crypto/hmac.rs index 453511ac..857be339 100644 --- a/openssl/src/crypto/hmac.rs +++ b/openssl/src/crypto/hmac.rs @@ -18,11 +18,11 @@ use std::io; use std::io::prelude::*; use std::cmp; use ffi; -use ffi_extras; use HashTypeInternals; use crypto::hash::Type; use error::ErrorStack; +use c_helpers; #[derive(PartialEq, Copy, Clone)] enum State { @@ -35,6 +35,8 @@ use self::State::*; /// Provides HMAC computation. /// +/// Requires the `hmac` feature. +/// /// # Examples /// /// Calculate a HMAC in one go. @@ -65,7 +67,6 @@ use self::State::*; /// ``` pub struct HMAC { ctx: ffi::HMAC_CTX, - type_: Type, state: State, } @@ -83,7 +84,6 @@ impl HMAC { let mut h = HMAC { ctx: ctx, - type_: ty, state: Finalized, }; try!(h.init_once(md, key)); @@ -92,11 +92,11 @@ impl HMAC { fn init_once(&mut self, md: *const ffi::EVP_MD, key: &[u8]) -> Result<(), ErrorStack> { unsafe { - try_ssl!(ffi_extras::HMAC_Init_ex(&mut self.ctx, - key.as_ptr(), - key.len() as c_int, - md, - 0 as *const _)); + try_ssl!(c_helpers::rust_HMAC_Init_ex(&mut self.ctx, + key.as_ptr() as *const _, + key.len() as c_int, + md, + 0 as *mut _)); } self.state = Reset; Ok(()) @@ -113,11 +113,11 @@ impl HMAC { // If the key and/or md is not supplied it's reused from the last time // avoiding redundant initializations unsafe { - try_ssl!(ffi_extras::HMAC_Init_ex(&mut self.ctx, - 0 as *const _, - 0, - 0 as *const _, - 0 as *const _)); + try_ssl!(c_helpers::rust_HMAC_Init_ex(&mut self.ctx, + 0 as *const _, + 0, + 0 as *const _, + 0 as *mut _)); } self.state = Reset; Ok(()) @@ -130,7 +130,7 @@ impl HMAC { while !data.is_empty() { let len = cmp::min(data.len(), c_uint::max_value() as usize); unsafe { - try_ssl!(ffi_extras::HMAC_Update(&mut self.ctx, data.as_ptr(), len as c_uint)); + try_ssl!(c_helpers::rust_HMAC_Update(&mut self.ctx, data.as_ptr(), len as c_uint)); } data = &data[len..]; } @@ -147,7 +147,7 @@ impl HMAC { unsafe { let mut len = ffi::EVP_MAX_MD_SIZE; let mut res = vec![0; len as usize]; - try_ssl!(ffi_extras::HMAC_Final(&mut self.ctx, res.as_mut_ptr(), &mut len)); + try_ssl!(c_helpers::rust_HMAC_Final(&mut self.ctx, res.as_mut_ptr(), &mut len)); res.truncate(len as usize); self.state = Finalized; Ok(res) @@ -167,17 +167,18 @@ impl Write for HMAC { } } +#[cfg(feature = "hmac_clone")] impl Clone for HMAC { + /// Requires the `hmac_clone` feature. fn clone(&self) -> HMAC { let mut ctx: ffi::HMAC_CTX; unsafe { ctx = ::std::mem::uninitialized(); - let r = ffi_extras::HMAC_CTX_copy(&mut ctx, &self.ctx); + let r = ffi::HMAC_CTX_copy(&mut ctx, &self.ctx); assert_eq!(r, 1); } HMAC { ctx: ctx, - type_: self.type_, state: self.state, } } @@ -288,6 +289,7 @@ mod tests { } #[test] + #[cfg(feature = "hmac_clone")] fn test_clone() { let tests: [(Vec<u8>, Vec<u8>, Vec<u8>); 2] = [(repeat(0xaa_u8).take(80).collect(), diff --git a/openssl/src/crypto/mod.rs b/openssl/src/crypto/mod.rs index 453291aa..93aba9eb 100644 --- a/openssl/src/crypto/mod.rs +++ b/openssl/src/crypto/mod.rs @@ -15,6 +15,7 @@ // pub mod hash; +#[cfg(feature = "hmac")] pub mod hmac; pub mod pkcs5; pub mod pkey; diff --git a/openssl/src/lib.rs b/openssl/src/lib.rs index 2f3664ac..fdf9548c 100644 --- a/openssl/src/lib.rs +++ b/openssl/src/lib.rs @@ -6,7 +6,6 @@ extern crate libc; #[macro_use] extern crate lazy_static; extern crate openssl_sys as ffi; -extern crate openssl_sys_extras as ffi_extras; #[cfg(test)] extern crate rustc_serialize as serialize; |