From 203a02c3e6472330160bb1746d46202d5e8c78fe Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Tue, 8 Nov 2016 20:25:57 +0000 Subject: Actually support AES GCM This is an AEAD cipher, so we need some extra functionality. As another bonus, we no longer panic if provided an IV with a different length than the cipher's default. --- openssl-sys/src/lib.rs | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 496cc379..70e627ca 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -114,6 +114,10 @@ pub const EVP_PKEY_RSA: c_int = NID_rsaEncryption; pub const EVP_PKEY_HMAC: c_int = NID_hmac; pub const EVP_PKEY_DSA: c_int = NID_dsa; +pub const EVP_CTRL_GCM_SET_IVLEN: c_int = 0x9; +pub const EVP_CTRL_GCM_GET_TAG: c_int = 0x10; +pub const EVP_CTRL_GCM_SET_TAG: c_int = 0x11; + pub const MBSTRING_ASC: c_int = MBSTRING_FLAG | 1; pub const MBSTRING_BMP: c_int = MBSTRING_FLAG | 2; pub const MBSTRING_FLAG: c_int = 0x1000; @@ -1400,6 +1404,7 @@ extern { pub fn EVP_CIPHER_CTX_new() -> *mut EVP_CIPHER_CTX; pub fn EVP_CIPHER_CTX_set_padding(ctx: *mut EVP_CIPHER_CTX, padding: c_int) -> c_int; pub fn EVP_CIPHER_CTX_set_key_length(ctx: *mut EVP_CIPHER_CTX, keylen: c_int) -> c_int; + pub fn EVP_CIPHER_CTX_ctrl(ctx: *mut EVP_CIPHER_CTX, type_: c_int, arg: c_int, ptr: *mut c_void) -> c_int; pub fn EVP_CIPHER_CTX_free(ctx: *mut EVP_CIPHER_CTX); pub fn EVP_CipherInit(ctx: *mut EVP_CIPHER_CTX, evp: *const EVP_CIPHER, -- cgit v1.2.3 From 0d2d4865e5d98dcc19968b8428a7aee2a747091a Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 11 Nov 2016 16:44:19 +0000 Subject: Release v0.9.1 --- openssl-sys/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 70e627ca..4a10dd34 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1,6 +1,6 @@ #![allow(non_camel_case_types, non_upper_case_globals, non_snake_case)] #![allow(dead_code, overflowing_literals)] -#![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.9.0")] +#![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.9.1")] extern crate libc; -- cgit v1.2.3 From 609a09ebb90cf44524ce299b968ce19173583ce8 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 11 Nov 2016 18:52:27 +0000 Subject: Add PKey::dsa Closes #501 --- openssl-sys/src/lib.rs | 1 + 1 file changed, 1 insertion(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 4a10dd34..d8743859 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1455,6 +1455,7 @@ extern { pub fn EVP_PKEY_copy_parameters(to: *mut EVP_PKEY, from: *const EVP_PKEY) -> c_int; pub fn EVP_PKEY_get1_RSA(k: *mut EVP_PKEY) -> *mut RSA; pub fn EVP_PKEY_set1_RSA(k: *mut EVP_PKEY, r: *mut RSA) -> c_int; + pub fn EVP_PKEY_get1_DSA(k: *mut EVP_PKEY) -> *mut DSA; pub fn EVP_PKEY_cmp(a: *const EVP_PKEY, b: *const EVP_PKEY) -> c_int; pub fn EVP_PKEY_new_mac_key(type_: c_int, e: *mut ENGINE, -- cgit v1.2.3 From 32cbed0782d47b036938316805f63ed6cc2ea759 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 11 Nov 2016 19:04:54 +0000 Subject: PKey <-> DH conversions Closes #498 --- openssl-sys/src/lib.rs | 2 ++ 1 file changed, 2 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index d8743859..16ba529e 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -113,6 +113,7 @@ pub const EVP_MAX_MD_SIZE: c_uint = 64; pub const EVP_PKEY_RSA: c_int = NID_rsaEncryption; pub const EVP_PKEY_HMAC: c_int = NID_hmac; pub const EVP_PKEY_DSA: c_int = NID_dsa; +pub const EVP_PKEY_DH: c_int = NID_dhKeyAgreement; pub const EVP_CTRL_GCM_SET_IVLEN: c_int = 0x9; pub const EVP_CTRL_GCM_GET_TAG: c_int = 0x10; @@ -1456,6 +1457,7 @@ extern { pub fn EVP_PKEY_get1_RSA(k: *mut EVP_PKEY) -> *mut RSA; pub fn EVP_PKEY_set1_RSA(k: *mut EVP_PKEY, r: *mut RSA) -> c_int; pub fn EVP_PKEY_get1_DSA(k: *mut EVP_PKEY) -> *mut DSA; + pub fn EVP_PKEY_get1_DH(k: *mut EVP_PKEY) -> *mut DH; pub fn EVP_PKEY_cmp(a: *const EVP_PKEY, b: *const EVP_PKEY) -> c_int; pub fn EVP_PKEY_new_mac_key(type_: c_int, e: *mut ENGINE, -- cgit v1.2.3 From 15490a43e399ce0f6e3838c96c609abf08b1c5db Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 11 Nov 2016 19:17:26 +0000 Subject: Add EcKey <-> PKey conversions Closes #499 --- openssl-sys/src/lib.rs | 2 ++ 1 file changed, 2 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 16ba529e..bdfe9b8c 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -114,6 +114,7 @@ pub const EVP_PKEY_RSA: c_int = NID_rsaEncryption; pub const EVP_PKEY_HMAC: c_int = NID_hmac; pub const EVP_PKEY_DSA: c_int = NID_dsa; pub const EVP_PKEY_DH: c_int = NID_dhKeyAgreement; +pub const EVP_PKEY_EC: c_int = NID_X9_62_id_ecPublicKey; pub const EVP_CTRL_GCM_SET_IVLEN: c_int = 0x9; pub const EVP_CTRL_GCM_GET_TAG: c_int = 0x10; @@ -1458,6 +1459,7 @@ extern { pub fn EVP_PKEY_set1_RSA(k: *mut EVP_PKEY, r: *mut RSA) -> c_int; pub fn EVP_PKEY_get1_DSA(k: *mut EVP_PKEY) -> *mut DSA; pub fn EVP_PKEY_get1_DH(k: *mut EVP_PKEY) -> *mut DH; + pub fn EVP_PKEY_get1_EC_KEY(k: *mut EVP_PKEY) -> *mut EC_KEY; pub fn EVP_PKEY_cmp(a: *const EVP_PKEY, b: *const EVP_PKEY) -> c_int; pub fn EVP_PKEY_new_mac_key(type_: c_int, e: *mut ENGINE, -- cgit v1.2.3 From 6b7279eb5224a422860d0adb38becd5bca19763f Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 11 Nov 2016 19:49:00 +0000 Subject: Consistently support both PEM and DER encodings Closes #500 --- openssl-sys/src/lib.rs | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index bdfe9b8c..7b94361b 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1713,11 +1713,20 @@ extern { name: *const c_char, namelen: size_t) -> c_int; + pub fn d2i_DHparams(k: *mut *mut DH, pp: *mut *const c_uchar, length: c_long) -> *mut DH; + pub fn i2d_DHparams(dh: *const DH, pp: *mut *mut c_uchar) -> c_int; + + pub fn d2i_DSAPublicKey(a: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) -> *mut DSA; + pub fn i2d_DSAPublicKey(a: *const DSA, pp: *mut *mut c_uchar) -> c_int; + pub fn d2i_DSAPrivateKey(a: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) -> *mut DSA; + pub fn i2d_DSAPrivateKey(a: *const DSA, pp: *mut *mut c_uchar) -> c_int; + pub fn d2i_X509(a: *mut *mut X509, pp: *mut *const c_uchar, length: c_long) -> *mut X509; pub fn i2d_X509_bio(b: *mut BIO, x: *mut X509) -> c_int; pub fn i2d_X509_REQ_bio(b: *mut BIO, x: *mut X509_REQ) -> c_int; pub fn i2d_PUBKEY_bio(b: *mut BIO, x: *mut EVP_PKEY) -> c_int; + pub fn i2d_PrivateKey_bio(b: *mut BIO, x: *mut EVP_PKEY) -> c_int; pub fn i2d_RSA_PUBKEY(k: *mut RSA, buf: *mut *mut u8) -> c_int; pub fn d2i_RSA_PUBKEY(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA; -- cgit v1.2.3 From 26a3358a2b70b46bf06403b2810c379f5299a551 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sat, 12 Nov 2016 00:24:12 +0000 Subject: Add basic X509_STORE access There's more to do here, but this enabled addition of trusted CAs from X509 objects. Closes #394 --- openssl-sys/src/lib.rs | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 7b94361b..eca08b70 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -38,6 +38,7 @@ pub enum X509_EXTENSION {} pub enum X509_NAME {} pub enum X509_NAME_ENTRY {} pub enum X509_REQ {} +pub enum X509_STORE {} pub enum X509_STORE_CTX {} pub enum bio_st {} pub enum PKCS12 {} @@ -1622,6 +1623,7 @@ extern { pub fn SSL_CTX_use_PrivateKey(ctx: *mut SSL_CTX, key: *mut EVP_PKEY) -> c_int; pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int; pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME); + pub fn SSL_CTX_get_cert_store(ctx: *mut SSL_CTX) -> *mut X509_STORE; #[cfg(not(ossl101))] pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509; @@ -1693,6 +1695,9 @@ extern { pub fn ASN1_STRING_free(x: *mut ASN1_STRING); pub fn ASN1_STRING_length(x: *const ASN1_STRING) -> c_int; + pub fn X509_STORE_free(store: *mut X509_STORE); + pub fn X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int; + pub fn X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX); pub fn X509_STORE_CTX_get_current_cert(ctx: *mut X509_STORE_CTX) -> *mut X509; pub fn X509_STORE_CTX_get_error(ctx: *mut X509_STORE_CTX) -> c_int; -- cgit v1.2.3 From 7c9afd8c99505ccaa3381990448f225f123ad764 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sat, 12 Nov 2016 10:29:31 +0000 Subject: Fix function signature --- openssl-sys/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index eca08b70..17c2864d 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1623,7 +1623,7 @@ extern { pub fn SSL_CTX_use_PrivateKey(ctx: *mut SSL_CTX, key: *mut EVP_PKEY) -> c_int; pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int; pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME); - pub fn SSL_CTX_get_cert_store(ctx: *mut SSL_CTX) -> *mut X509_STORE; + pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE; #[cfg(not(ossl101))] pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509; -- cgit v1.2.3 From 9b5c62b053fb84dc233c69ba1700bee9b8a4387f Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sat, 12 Nov 2016 11:00:15 +0000 Subject: Add PKey::bits --- openssl-sys/src/ossl10x.rs | 1 + openssl-sys/src/ossl110.rs | 1 + 2 files changed, 2 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs index 0cc75fca..baab16ac 100644 --- a/openssl-sys/src/ossl10x.rs +++ b/openssl-sys/src/ossl10x.rs @@ -600,6 +600,7 @@ extern { line: c_int) -> c_int; pub fn EVP_MD_CTX_create() -> *mut EVP_MD_CTX; pub fn EVP_MD_CTX_destroy(ctx: *mut EVP_MD_CTX); + pub fn EVP_PKEY_bits(key: *mut EVP_PKEY) -> c_int; pub fn sk_num(st: *const _STACK) -> c_int; pub fn sk_value(st: *const _STACK, n: c_int) -> *mut c_void; diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs index e8d62d73..46df2d0e 100644 --- a/openssl-sys/src/ossl110.rs +++ b/openssl-sys/src/ossl110.rs @@ -147,6 +147,7 @@ extern { pub fn X509_STORE_CTX_get0_chain(ctx: *mut ::X509_STORE_CTX) -> *mut stack_st_X509; pub fn EVP_MD_CTX_new() -> *mut EVP_MD_CTX; pub fn EVP_MD_CTX_free(ctx: *mut EVP_MD_CTX); + pub fn EVP_PKEY_bits(key: *const EVP_PKEY) -> c_int; pub fn OpenSSL_version_num() -> c_ulong; pub fn OpenSSL_version(key: c_int) -> *const c_char; -- cgit v1.2.3 From 563754fb0892ebf8021bb6043f4540c98f3b86a6 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sat, 12 Nov 2016 12:43:44 +0000 Subject: Add SslContextBuilder::set_tmp_{ec,}dh_callback --- openssl-sys/src/lib.rs | 10 ++++++++++ openssl-sys/src/ossl10x.rs | 10 ++++++++++ 2 files changed, 20 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 17c2864d..7fda34d4 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1592,6 +1592,11 @@ extern { #[cfg(not(ossl101))] pub fn SSL_get_privatekey(ssl: *const SSL) -> *mut EVP_PKEY; pub fn SSL_load_client_CA_file(file: *const c_char) -> *mut stack_st_X509_NAME; + pub fn SSL_set_tmp_dh_callback(ctx: *mut SSL, + dh: unsafe extern fn(ssl: *mut SSL, + is_export: c_int, + keylength: c_int) + -> *mut DH); #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char; @@ -1624,6 +1629,11 @@ extern { pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int; pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME); pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE; + pub fn SSL_CTX_set_tmp_dh_callback(ctx: *mut SSL_CTX, + dh: unsafe extern fn(ssl: *mut SSL, + is_export: c_int, + keylength: c_int) + -> *mut DH); #[cfg(not(ossl101))] pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509; diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs index baab16ac..ad7d065c 100644 --- a/openssl-sys/src/ossl10x.rs +++ b/openssl-sys/src/ossl10x.rs @@ -576,12 +576,22 @@ extern { dup_func: Option<::CRYPTO_EX_dup>, free_func: Option<::CRYPTO_EX_free>) -> c_int; + pub fn SSL_set_tmp_ecdh_callback(ssl: *mut ::SSL, + ecdh: unsafe extern fn(ssl: *mut ::SSL, + is_export: c_int, + keylength: c_int) + -> *mut ::EC_KEY); pub fn SSL_CIPHER_get_version(cipher: *const ::SSL_CIPHER) -> *mut c_char; pub fn SSL_CTX_get_ex_new_index(argl: c_long, argp: *mut c_void, new_func: Option<::CRYPTO_EX_new>, dup_func: Option<::CRYPTO_EX_dup>, free_func: Option<::CRYPTO_EX_free>) -> c_int; + pub fn SSL_CTX_set_tmp_ecdh_callback(ctx: *mut ::SSL_CTX, + ecdh: unsafe extern fn(ssl: *mut ::SSL, + is_export: c_int, + keylength: c_int) + -> *mut ::EC_KEY); pub fn X509_get_subject_name(x: *mut ::X509) -> *mut ::X509_NAME; pub fn X509_set_notAfter(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int; pub fn X509_set_notBefore(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int; -- cgit v1.2.3 From 96d24c89575c4d2e193f31de67e1ba273f15d6b0 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sat, 12 Nov 2016 13:45:54 +0000 Subject: Add SslRef::set_{tmp_dh,tmp_ecdh,ecdh_auto} --- openssl-sys/src/lib.rs | 8 ++++++++ openssl-sys/src/ossl10x.rs | 6 ++++++ 2 files changed, 14 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 7fda34d4..f3ecdf8b 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1233,6 +1233,14 @@ pub unsafe fn SSL_CTX_set_tmp_ecdh(ctx: *mut SSL_CTX, key: *mut EC_KEY) -> c_lon SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, key as *mut c_void) } +pub unsafe fn SSL_set_tmp_dh(ssl: *mut SSL, dh: *mut DH) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_TMP_DH, 0, dh as *mut c_void) +} + +pub unsafe fn SSL_set_tmp_ecdh(ssl: *mut SSL, key: *mut EC_KEY) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH, 0, key as *mut c_void) +} + pub unsafe fn SSL_CTX_add_extra_chain_cert(ctx: *mut SSL_CTX, x509: *mut X509) -> c_long { SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509 as *mut c_void) } diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs index ad7d065c..eb305228 100644 --- a/openssl-sys/src/ossl10x.rs +++ b/openssl-sys/src/ossl10x.rs @@ -533,11 +533,17 @@ fn set_id_callback() { fn set_id_callback() {} // macros + #[cfg(ossl102)] pub unsafe fn SSL_CTX_set_ecdh_auto(ctx: *mut SSL_CTX, onoff: c_int) -> c_int { ::SSL_CTX_ctrl(ctx, SSL_CTRL_SET_ECDH_AUTO, onoff as c_long, ::std::ptr::null_mut()) as c_int } +#[cfg(ossl102)] +pub unsafe fn SSL_set_ecdh_auto(ssl: *mut ::SSL, onoff: c_int) -> c_int { + ::SSL_ctrl(ssl, SSL_CTRL_SET_ECDH_AUTO, onoff as c_long, ::std::ptr::null_mut()) as c_int +} + extern { pub fn BIO_new(type_: *mut BIO_METHOD) -> *mut BIO; pub fn BIO_s_file() -> *mut BIO_METHOD; -- cgit v1.2.3 From 796d7b4deb547f1cd0bce0d54dea2dc5cdf650bb Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sat, 12 Nov 2016 14:14:56 +0000 Subject: Add constructors for various standard primes --- openssl-sys/src/ossl10x.rs | 10 ++++++++++ openssl-sys/src/ossl110.rs | 12 ++++++++++++ 2 files changed, 22 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs index eb305228..4f418f14 100644 --- a/openssl-sys/src/ossl10x.rs +++ b/openssl-sys/src/ossl10x.rs @@ -548,6 +548,16 @@ extern { pub fn BIO_new(type_: *mut BIO_METHOD) -> *mut BIO; pub fn BIO_s_file() -> *mut BIO_METHOD; pub fn BIO_s_mem() -> *mut BIO_METHOD; + + pub fn get_rfc2409_prime_768(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc2409_prime_1024(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_1536(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_2048(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_3072(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_4096(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_6144(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_8192(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn CRYPTO_free(buf: *mut c_void); pub fn CRYPTO_num_locks() -> c_int; pub fn CRYPTO_set_locking_callback(func: unsafe extern "C" fn(mode: c_int, diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs index 46df2d0e..bb4fa19b 100644 --- a/openssl-sys/src/ossl110.rs +++ b/openssl-sys/src/ossl110.rs @@ -52,9 +52,21 @@ extern { pub fn BIO_new(type_: *const BIO_METHOD) -> *mut BIO; pub fn BIO_s_file() -> *const BIO_METHOD; pub fn BIO_s_mem() -> *const BIO_METHOD; + + pub fn BN_get_rfc2409_prime_768(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc2409_prime_1024(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_1536(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_2048(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_3072(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_4096(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_6144(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_8192(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn CRYPTO_free(buf: *mut c_void, file: *const c_char, line: c_int); + pub fn HMAC_CTX_new() -> *mut HMAC_CTX; pub fn HMAC_CTX_free(ctx: *mut HMAC_CTX); + pub fn TLS_method() -> *const ::SSL_METHOD; pub fn DTLS_method() -> *const ::SSL_METHOD; pub fn SSL_CIPHER_get_version(cipher: *const ::SSL_CIPHER) -> *const c_char; -- cgit v1.2.3 From 08e0c4ca9061c3dc0c951db0c08909689b04a310 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sun, 13 Nov 2016 15:02:38 +0000 Subject: Some serialization support for EcKey --- openssl-sys/src/lib.rs | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index f3ecdf8b..1b84b690 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1513,11 +1513,19 @@ extern { user_data: *mut c_void) -> c_int; pub fn PEM_write_bio_DSA_PUBKEY(bp: *mut BIO, dsa: *mut DSA) -> c_int; - - pub fn PEM_write_bio_X509(bio: *mut BIO, x509: *mut X509) -> c_int; pub fn PEM_write_bio_X509_REQ(bio: *mut BIO, x509: *mut X509_REQ) -> c_int; + pub fn PEM_write_bio_ECPrivateKey(bio: *mut BIO, + key: *mut EC_KEY, + cipher: *const EVP_CIPHER, + kstr: *mut c_uchar, + klen: c_int, + callback: Option, + user_data: *mut c_void) + -> c_int; + pub fn PEM_read_bio_ECPrivateKey(bio: *mut BIO, key: *mut *mut EC_KEY, callback: Option, user_data: *mut c_void) -> *mut EC_KEY; + pub fn PKCS5_PBKDF2_HMAC_SHA1(pass: *const c_char, passlen: c_int, salt: *const u8, saltlen: c_int, iter: c_int, keylen: c_int, @@ -1744,6 +1752,9 @@ extern { pub fn d2i_DSAPrivateKey(a: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) -> *mut DSA; pub fn i2d_DSAPrivateKey(a: *const DSA, pp: *mut *mut c_uchar) -> c_int; + pub fn d2i_ECPrivateKey(k: *mut *mut EC_KEY, pp: *mut *const c_uchar, length: c_long) -> *mut EC_KEY; + pub fn i2d_ECPrivateKey(ec_key: *mut EC_KEY, pp: *mut *mut c_uchar) -> c_int; + pub fn d2i_X509(a: *mut *mut X509, pp: *mut *const c_uchar, length: c_long) -> *mut X509; pub fn i2d_X509_bio(b: *mut BIO, x: *mut X509) -> c_int; pub fn i2d_X509_REQ_bio(b: *mut BIO, x: *mut X509_REQ) -> c_int; -- cgit v1.2.3 From 387e78257b578fef5933142085aefa1c76722b49 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sun, 13 Nov 2016 16:09:52 +0000 Subject: Support serialization of encrypted private keys Switch to PEM_write_bio_PKCS8PrivateKey since the other function outputs nonstandard PEM when encrypting. --- openssl-sys/src/lib.rs | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 1b84b690..63714b7e 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1496,6 +1496,10 @@ extern { kstr: *mut c_uchar, klen: c_int, callback: Option, user_data: *mut c_void) -> c_int; + pub fn PEM_write_bio_PKCS8PrivateKey(bio: *mut BIO, pkey: *mut EVP_PKEY, cipher: *const EVP_CIPHER, + kstr: *mut c_char, klen: c_int, + callback: Option, + user_data: *mut c_void) -> c_int; pub fn PEM_write_bio_PUBKEY(bp: *mut BIO, x: *mut EVP_PKEY) -> c_int; pub fn PEM_write_bio_RSAPrivateKey(bp: *mut BIO, rsa: *mut RSA, cipher: *const EVP_CIPHER, kstr: *mut c_uchar, klen: c_int, -- cgit v1.2.3 From b0415f466c4b62f949b1e47e6b1e703d1b24122b Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sun, 13 Nov 2016 16:52:19 +0000 Subject: Macroise to_der --- openssl-sys/src/lib.rs | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 63714b7e..517707c3 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1761,10 +1761,14 @@ extern { pub fn d2i_X509(a: *mut *mut X509, pp: *mut *const c_uchar, length: c_long) -> *mut X509; pub fn i2d_X509_bio(b: *mut BIO, x: *mut X509) -> c_int; + pub fn i2d_X509(x: *mut X509, buf: *mut *mut u8) -> c_int; pub fn i2d_X509_REQ_bio(b: *mut BIO, x: *mut X509_REQ) -> c_int; + pub fn i2d_X509_REQ(x: *mut X509_REQ, buf: *mut *mut u8) -> c_int; pub fn i2d_PUBKEY_bio(b: *mut BIO, x: *mut EVP_PKEY) -> c_int; pub fn i2d_PrivateKey_bio(b: *mut BIO, x: *mut EVP_PKEY) -> c_int; + pub fn i2d_PUBKEY(k: *mut EVP_PKEY, buf: *mut *mut u8) -> c_int; + pub fn i2d_PrivateKey(k: *mut EVP_PKEY, buf: *mut *mut u8) -> c_int; pub fn i2d_RSA_PUBKEY(k: *mut RSA, buf: *mut *mut u8) -> c_int; pub fn d2i_RSA_PUBKEY(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA; -- cgit v1.2.3 From 48c0009418cbbf7c69c24b35d56e80edb0c80d45 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sun, 13 Nov 2016 17:06:50 +0000 Subject: Macroise from_der --- openssl-sys/src/lib.rs | 1 + 1 file changed, 1 insertion(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 517707c3..4ba706f9 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1760,6 +1760,7 @@ extern { pub fn i2d_ECPrivateKey(ec_key: *mut EC_KEY, pp: *mut *mut c_uchar) -> c_int; pub fn d2i_X509(a: *mut *mut X509, pp: *mut *const c_uchar, length: c_long) -> *mut X509; + pub fn d2i_X509_REQ(a: *mut *mut X509_REQ, pp: *mut *const c_uchar, length: c_long) -> *mut X509_REQ; pub fn i2d_X509_bio(b: *mut BIO, x: *mut X509) -> c_int; pub fn i2d_X509(x: *mut X509, buf: *mut *mut u8) -> c_int; pub fn i2d_X509_REQ_bio(b: *mut BIO, x: *mut X509_REQ) -> c_int; -- cgit v1.2.3 From b2de36049a7687da00870e714c2e299ac5a903cd Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sun, 13 Nov 2016 20:19:38 +0000 Subject: Add Some more elliptic curve functionality --- openssl-sys/src/lib.rs | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 4ba706f9..11fa46df 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -26,6 +26,9 @@ pub enum BN_GENCB {} pub enum CONF {} pub enum COMP_METHOD {} pub enum EC_KEY {} +pub enum EC_GROUP {} +pub enum EC_METHOD {} +pub enum EC_POINT {} pub enum ENGINE {} pub enum EVP_CIPHER_CTX {} pub enum EVP_MD {} @@ -1372,8 +1375,30 @@ extern { pub fn DH_get_2048_256() -> *mut DH; pub fn EC_KEY_new_by_curve_name(nid: c_int) -> *mut EC_KEY; + pub fn EC_KEY_get0_group(key: *const EC_KEY) -> *const EC_GROUP; + pub fn EC_KEY_get0_public_key(key: *const EC_KEY) -> *const EC_POINT; + pub fn EC_KEY_get0_private_key(key: *const EC_KEY) -> *const BIGNUM; pub fn EC_KEY_free(key: *mut EC_KEY); + pub fn EC_GFp_simple_method() -> *const EC_METHOD; + pub fn EC_GFp_mont_method() -> *const EC_METHOD; + pub fn EC_GFp_nist_method() -> *const EC_METHOD; + pub fn EC_GFp_nistp224_method() -> *const EC_METHOD; + pub fn EC_GFp_nistp256_method() -> *const EC_METHOD; + pub fn EC_GFp_nistp521_method() -> *const EC_METHOD; + + pub fn EC_GF2m_simple_method() -> *const EC_METHOD; + + pub fn EC_GROUP_new(meth: *const EC_METHOD) -> *mut EC_GROUP; + pub fn EC_GROUP_new_curve_GFp(p: *const BIGNUM, a: *const BIGNUM, b: *const BIGNUM, ctx: *mut BN_CTX) -> *mut EC_GROUP; + pub fn EC_GROUP_new_curve_GF2m(p: *const BIGNUM, a: *const BIGNUM, b: *const BIGNUM, ctx: *mut BN_CTX) -> *mut EC_GROUP; + pub fn EC_GROUP_new_by_curve_name(nid: c_int) -> *mut EC_GROUP; + pub fn EC_GROUP_get_curve_GFp(group: *const EC_GROUP, p: *mut BIGNUM, a: *mut BIGNUM, b: *mut BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn EC_GROUP_get_curve_GF2m(group: *const EC_GROUP, p: *mut BIGNUM, a: *mut BIGNUM, b: *mut BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn EC_GROUP_free(group: *mut EC_GROUP); + + pub fn EC_POINT_free(point: *mut EC_POINT); + pub fn ERR_get_error() -> c_ulong; pub fn ERR_lib_error_string(err: c_ulong) -> *const c_char; pub fn ERR_func_error_string(err: c_ulong) -> *const c_char; -- cgit v1.2.3 From 1a52649516e5b3924917314ee503523d59ed528b Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sun, 13 Nov 2016 20:46:01 +0000 Subject: More functionality --- openssl-sys/src/lib.rs | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 11fa46df..230c0148 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1374,10 +1374,15 @@ extern { #[cfg(not(ossl101))] pub fn DH_get_2048_256() -> *mut DH; + pub fn EC_KEY_new() -> *mut EC_KEY; pub fn EC_KEY_new_by_curve_name(nid: c_int) -> *mut EC_KEY; + pub fn EC_KEY_set_group(key: *mut EC_KEY, group: *const EC_GROUP) -> c_int; pub fn EC_KEY_get0_group(key: *const EC_KEY) -> *const EC_GROUP; + pub fn EC_KEY_set_public_key(key: *mut EC_KEY, key: *const EC_POINT) -> c_int; pub fn EC_KEY_get0_public_key(key: *const EC_KEY) -> *const EC_POINT; + pub fn EC_KEY_set_private_key(key: *mut EC_KEY, key: *const BIGNUM) -> c_int; pub fn EC_KEY_get0_private_key(key: *const EC_KEY) -> *const BIGNUM; + pub fn EC_KEY_generate_key(key: *mut EC_KEY) -> c_int; pub fn EC_KEY_free(key: *mut EC_KEY); pub fn EC_GFp_simple_method() -> *const EC_METHOD; -- cgit v1.2.3 From 35f11d555eefd4a122b7d4688d589dcc1e918fcf Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sun, 13 Nov 2016 22:06:18 +0000 Subject: More functionality --- openssl-sys/src/lib.rs | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 230c0148..6ba8668e 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -60,6 +60,14 @@ pub enum BN_BLINDING {} pub enum DSA_METHOD {} pub enum EVP_PKEY_ASN1_METHOD {} +#[repr(C)] +#[derive(Copy, Clone)] +pub enum point_conversion_form_t { + POINT_CONVERSION_COMPRESSED = 2, + POINT_CONVERSION_UNCOMPRESSED = 4, + POINT_CONVERSION_HYBRID = 6, +} + #[repr(C)] pub struct GENERAL_NAME { pub type_: c_int, @@ -1400,8 +1408,17 @@ extern { pub fn EC_GROUP_new_by_curve_name(nid: c_int) -> *mut EC_GROUP; pub fn EC_GROUP_get_curve_GFp(group: *const EC_GROUP, p: *mut BIGNUM, a: *mut BIGNUM, b: *mut BIGNUM, ctx: *mut BN_CTX) -> c_int; pub fn EC_GROUP_get_curve_GF2m(group: *const EC_GROUP, p: *mut BIGNUM, a: *mut BIGNUM, b: *mut BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn EC_GROUP_get_degree(group: *const EC_GROUP) -> c_int; + pub fn EC_GROUP_get_order(group: *const EC_GROUP, order: *mut BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn EC_GROUP_free(group: *mut EC_GROUP); + pub fn EC_POINT_new(group: *const EC_GROUP) -> *mut EC_POINT; + pub fn EC_POINT_add(group: *const EC_GROUP, r: *mut EC_POINT, a: *const EC_POINT, b: *const EC_POINT, ctx: *mut BN_CTX) -> c_int; + pub fn EC_POINT_mul(group: *const EC_GROUP, r: *mut EC_POINT, n: *const BIGNUM, q: *const EC_POINT, m: *const BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn EC_POINT_point2oct(group: *const EC_GROUP, p: *const EC_POINT, form: point_conversion_form_t, buf: *mut c_uchar, len: size_t, ctx: *mut BN_CTX) -> size_t; + pub fn EC_POINT_oct2point(group: *const EC_GROUP, p: *mut EC_POINT, buf: *const c_uchar, len: size_t, ctx: *mut BN_CTX) -> c_int; + pub fn EC_POINT_cmp(group: *const EC_GROUP, a: *const EC_POINT, b: *const EC_POINT, ctx: *mut BN_CTX) -> c_int; pub fn EC_POINT_free(point: *mut EC_POINT); pub fn ERR_get_error() -> c_ulong; -- cgit v1.2.3 From 82eb3c4f516e1457ec2fec56a4233aa4542957cc Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sun, 13 Nov 2016 22:10:52 +0000 Subject: Add EcKey::check_key --- openssl-sys/src/lib.rs | 1 + 1 file changed, 1 insertion(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 6ba8668e..74d1d03f 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1391,6 +1391,7 @@ extern { pub fn EC_KEY_set_private_key(key: *mut EC_KEY, key: *const BIGNUM) -> c_int; pub fn EC_KEY_get0_private_key(key: *const EC_KEY) -> *const BIGNUM; pub fn EC_KEY_generate_key(key: *mut EC_KEY) -> c_int; + pub fn EC_KEY_check_key(key: *const EC_KEY) -> c_int; pub fn EC_KEY_free(key: *mut EC_KEY); pub fn EC_GFp_simple_method() -> *const EC_METHOD; -- cgit v1.2.3 From e9e58b27dcbac5d456d4a080b0df31d9b8a5e236 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sun, 13 Nov 2016 22:14:10 +0000 Subject: Remove EC_METHOD functions Some appear not to be defined anywhere and they're not used anyway --- openssl-sys/src/lib.rs | 7 ------- 1 file changed, 7 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 74d1d03f..5e90ed4f 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1394,13 +1394,6 @@ extern { pub fn EC_KEY_check_key(key: *const EC_KEY) -> c_int; pub fn EC_KEY_free(key: *mut EC_KEY); - pub fn EC_GFp_simple_method() -> *const EC_METHOD; - pub fn EC_GFp_mont_method() -> *const EC_METHOD; - pub fn EC_GFp_nist_method() -> *const EC_METHOD; - pub fn EC_GFp_nistp224_method() -> *const EC_METHOD; - pub fn EC_GFp_nistp256_method() -> *const EC_METHOD; - pub fn EC_GFp_nistp521_method() -> *const EC_METHOD; - pub fn EC_GF2m_simple_method() -> *const EC_METHOD; pub fn EC_GROUP_new(meth: *const EC_METHOD) -> *mut EC_GROUP; -- cgit v1.2.3 From e929e092169dba0dfda26a957a38c61fa3e33eb2 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Mon, 14 Nov 2016 19:44:20 +0100 Subject: Add EcPoint::invert --- openssl-sys/src/lib.rs | 1 + 1 file changed, 1 insertion(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 5e90ed4f..33d06e4e 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1410,6 +1410,7 @@ extern { pub fn EC_POINT_new(group: *const EC_GROUP) -> *mut EC_POINT; pub fn EC_POINT_add(group: *const EC_GROUP, r: *mut EC_POINT, a: *const EC_POINT, b: *const EC_POINT, ctx: *mut BN_CTX) -> c_int; pub fn EC_POINT_mul(group: *const EC_GROUP, r: *mut EC_POINT, n: *const BIGNUM, q: *const EC_POINT, m: *const BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn EC_POINT_invert(group: *const EC_GROUP, r: *mut EC_POINT, ctx: *mut BN_CTX) -> c_int; pub fn EC_POINT_point2oct(group: *const EC_GROUP, p: *const EC_POINT, form: point_conversion_form_t, buf: *mut c_uchar, len: size_t, ctx: *mut BN_CTX) -> size_t; pub fn EC_POINT_oct2point(group: *const EC_GROUP, p: *mut EC_POINT, buf: *const c_uchar, len: size_t, ctx: *mut BN_CTX) -> c_int; pub fn EC_POINT_cmp(group: *const EC_GROUP, a: *const EC_POINT, b: *const EC_POINT, ctx: *mut BN_CTX) -> c_int; -- cgit v1.2.3 From 0602712bf4e4e0451fcd527edc4e50a768e9b8d3 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sun, 27 Nov 2016 22:23:32 -0800 Subject: Release v0.9.2 --- openssl-sys/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 33d06e4e..8e427c7a 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1,6 +1,6 @@ #![allow(non_camel_case_types, non_upper_case_globals, non_snake_case)] #![allow(dead_code, overflowing_literals)] -#![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.9.1")] +#![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.9.2")] extern crate libc; -- cgit v1.2.3 From 00816653399ceb3a06a35c3b7c3fb161891f5763 Mon Sep 17 00:00:00 2001 From: 0xa Date: Fri, 9 Dec 2016 17:06:15 +0000 Subject: Add Blowfish support --- openssl-sys/src/lib.rs | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 8e427c7a..142ec09b 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1445,6 +1445,10 @@ extern { pub fn EVP_aes_256_cfb1() -> *const EVP_CIPHER; pub fn EVP_aes_256_cfb128() -> *const EVP_CIPHER; pub fn EVP_aes_256_cfb8() -> *const EVP_CIPHER; + pub fn EVP_bf_cbc() -> *const EVP_CIPHER; + pub fn EVP_bf_ecb() -> *const EVP_CIPHER; + pub fn EVP_bf_cfb() -> *const EVP_CIPHER; + pub fn EVP_bf_ofb() -> *const EVP_CIPHER; pub fn EVP_rc4() -> *const EVP_CIPHER; pub fn EVP_des_cbc() -> *const EVP_CIPHER; -- cgit v1.2.3 From 0850f605b1fcb686bae341a4763d072af4c67e50 Mon Sep 17 00:00:00 2001 From: 0xa Date: Fri, 9 Dec 2016 18:42:10 +0000 Subject: Use EVP_bf_cfb64 instead of EVP_bf_cfb --- openssl-sys/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 142ec09b..3ac3c2c2 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1447,7 +1447,7 @@ extern { pub fn EVP_aes_256_cfb8() -> *const EVP_CIPHER; pub fn EVP_bf_cbc() -> *const EVP_CIPHER; pub fn EVP_bf_ecb() -> *const EVP_CIPHER; - pub fn EVP_bf_cfb() -> *const EVP_CIPHER; + pub fn EVP_bf_cfb64() -> *const EVP_CIPHER; pub fn EVP_bf_ofb() -> *const EVP_CIPHER; pub fn EVP_rc4() -> *const EVP_CIPHER; -- cgit v1.2.3 From 26cefe7d97595db76be9a5b76ac12834096454cd Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 9 Dec 2016 21:52:43 -0800 Subject: Switch to docs.rs for docs --- openssl-sys/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 3ac3c2c2..f287290d 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1,6 +1,6 @@ #![allow(non_camel_case_types, non_upper_case_globals, non_snake_case)] #![allow(dead_code, overflowing_literals)] -#![doc(html_root_url="https://sfackler.github.io/rust-openssl/doc/v0.9.2")] +#![doc(html_root_url="https://docs.rs/openssl-sys/0.9.2")] extern crate libc; -- cgit v1.2.3 From 791f2c8f4d70f49f2face6ea56ef924a784c12fb Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 9 Dec 2016 21:54:06 -0800 Subject: Release v0.9.3 --- openssl-sys/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index f287290d..e65bc447 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1,6 +1,6 @@ #![allow(non_camel_case_types, non_upper_case_globals, non_snake_case)] #![allow(dead_code, overflowing_literals)] -#![doc(html_root_url="https://docs.rs/openssl-sys/0.9.2")] +#![doc(html_root_url="https://docs.rs/openssl-sys/0.9.3")] extern crate libc; -- cgit v1.2.3 From 53c470c71a92067f0404561ac2610e5219626943 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Marie?= Date: Wed, 21 Dec 2016 08:39:25 +0100 Subject: duplicate ossl10x.rs to libressl.rs --- openssl-sys/src/libressl.rs | 639 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 639 insertions(+) create mode 100644 openssl-sys/src/libressl.rs (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/libressl.rs b/openssl-sys/src/libressl.rs new file mode 100644 index 00000000..4f418f14 --- /dev/null +++ b/openssl-sys/src/libressl.rs @@ -0,0 +1,639 @@ +use std::sync::{Mutex, MutexGuard}; +use std::sync::{Once, ONCE_INIT}; +use std::mem; + +use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong}; +#[cfg(not(ossl101))] +use libc::time_t; + +#[repr(C)] +pub struct stack_st_ASN1_OBJECT { + pub stack: _STACK, +} + +#[repr(C)] +pub struct stack_st_X509 { + pub stack: _STACK, +} + +#[repr(C)] +pub struct stack_st_X509_NAME { + pub stack: _STACK, +} + +#[repr(C)] +pub struct stack_st_X509_ATTRIBUTE { + pub stack: _STACK, +} + +#[repr(C)] +pub struct stack_st_X509_EXTENSION { + pub stack: _STACK, +} + +#[repr(C)] +pub struct stack_st_GENERAL_NAME { + pub stack: _STACK, +} + +#[repr(C)] +pub struct stack_st_void { + pub stack: _STACK, +} + +#[repr(C)] +pub struct _STACK { + pub num: c_int, + pub data: *mut *mut c_char, + pub sorted: c_int, + pub num_alloc: c_int, + pub comp: Option c_int>, +} + +#[repr(C)] +pub struct BIO_METHOD { + pub type_: c_int, + pub name: *const c_char, + pub bwrite: Option c_int>, + pub bread: Option c_int>, + pub bputs: Option c_int>, + pub bgets: Option c_int>, + pub ctrl: Option c_long>, + pub create: Option c_int>, + pub destroy: Option c_int>, + pub callback_ctrl: Option c_long>, +} + +#[repr(C)] +pub struct RSA { + pub pad: c_int, + pub version: c_long, + pub meth: *const ::RSA_METHOD, + + pub engine: *mut ::ENGINE, + pub n: *mut ::BIGNUM, + pub e: *mut ::BIGNUM, + pub d: *mut ::BIGNUM, + pub p: *mut ::BIGNUM, + pub q: *mut ::BIGNUM, + pub dmp1: *mut ::BIGNUM, + pub dmq1: *mut ::BIGNUM, + pub iqmp: *mut ::BIGNUM, + + pub ex_data: ::CRYPTO_EX_DATA, + pub references: c_int, + pub flags: c_int, + + pub _method_mod_n: *mut ::BN_MONT_CTX, + pub _method_mod_p: *mut ::BN_MONT_CTX, + pub _method_mod_q: *mut ::BN_MONT_CTX, + + pub bignum_data: *mut c_char, + pub blinding: *mut ::BN_BLINDING, + pub mt_blinding: *mut ::BN_BLINDING, +} + +#[repr(C)] +pub struct DSA { + pub pad: c_int, + pub version: c_long, + pub write_params: c_int, + + pub p: *mut ::BIGNUM, + pub q: *mut ::BIGNUM, + pub g: *mut ::BIGNUM, + pub pub_key: *mut ::BIGNUM, + pub priv_key: *mut ::BIGNUM, + pub kinv: *mut ::BIGNUM, + pub r: *mut ::BIGNUM, + + pub flags: c_int, + pub method_mont_p: *mut ::BN_MONT_CTX, + pub references: c_int, + pub ex_data: ::CRYPTO_EX_DATA, + pub meth: *const ::DSA_METHOD, + pub engine: *mut ::ENGINE, +} + +#[repr(C)] +pub struct EVP_PKEY { + pub type_: c_int, + pub save_type: c_int, + pub references: c_int, + pub ameth: *const ::EVP_PKEY_ASN1_METHOD, + pub engine: *mut ::ENGINE, + pub pkey: *mut c_void, + pub save_parameters: c_int, + pub attributes: *mut stack_st_X509_ATTRIBUTE, +} + +#[repr(C)] +pub struct BIO { + pub method: *mut ::BIO_METHOD, + pub callback: Option c_long>, + pub cb_arg: *mut c_char, + pub init: c_int, + pub shutdown: c_int, + pub flags: c_int, + pub retry_reason: c_int, + pub num: c_int, + pub ptr: *mut c_void, + pub next_bio: *mut ::BIO, + pub prev_bio: *mut ::BIO, + pub references: c_int, + pub num_read: c_ulong, + pub num_write: c_ulong, + pub ex_data: ::CRYPTO_EX_DATA, +} + +#[repr(C)] +pub struct CRYPTO_EX_DATA { + pub sk: *mut ::stack_st_void, + pub dummy: c_int, +} + +#[repr(C)] +pub struct EVP_MD_CTX { + digest: *mut ::EVP_MD, + engine: *mut ::ENGINE, + flags: c_ulong, + md_data: *mut c_void, + pctx: *mut ::EVP_PKEY_CTX, + update: *mut c_void +} + +#[repr(C)] +pub struct EVP_CIPHER { + pub nid: c_int, + pub block_size: c_int, + pub key_len: c_int, + pub iv_len: c_int, + pub flags: c_ulong, + pub init: Option c_int>, + pub do_cipher: Option c_int>, + pub cleanup: Option c_int>, + pub ctx_size: c_int, + pub set_asn1_parameters: Option c_int>, + pub get_asn1_parameters: Option c_int>, + pub ctrl: Option c_int>, + pub app_data: *mut c_void, +} + +#[repr(C)] +pub struct HMAC_CTX { + md: *mut ::EVP_MD, + md_ctx: ::EVP_MD_CTX, + i_ctx: ::EVP_MD_CTX, + o_ctx: ::EVP_MD_CTX, + key_length: c_uint, + key: [c_uchar; 128] +} + +#[repr(C)] +pub struct BIGNUM { + pub d: *mut ::BN_ULONG, + pub top: c_int, + pub dmax: c_int, + pub neg: c_int, + pub flags: c_int, +} + +#[repr(C)] +pub struct DH { + pub pad: c_int, + pub version: c_int, + pub p: *mut ::BIGNUM, + pub g: *mut ::BIGNUM, + pub length: c_long, + pub pub_key: *mut ::BIGNUM, + pub priv_key: *mut ::BIGNUM, + pub flags: c_int, + pub method_mont_p: *mut ::BN_MONT_CTX, + pub q: *mut ::BIGNUM, + pub j: *mut ::BIGNUM, + pub seed: *mut c_uchar, + pub seedlen: c_int, + pub counter: *mut ::BIGNUM, + pub references: c_int, + pub ex_data: ::CRYPTO_EX_DATA, + pub meth: *const ::DH_METHOD, + pub engine: *mut ::ENGINE, +} + +#[repr(C)] +pub struct X509 { + pub cert_info: *mut X509_CINF, + sig_alg: *mut c_void, + signature: *mut c_void, + pub valid: c_int, + pub references: c_int, + pub name: *mut c_char, + pub ex_data: ::CRYPTO_EX_DATA, + pub ex_pathlen: c_long, + pub ex_pcpathlen: c_long, + pub ex_flags: c_ulong, + pub ex_kusage: c_ulong, + pub ex_xkusage: c_ulong, + pub ex_nscert: c_ulong, + skid: *mut c_void, + akid: *mut c_void, + policy_cache: *mut c_void, + crldp: *mut c_void, + altname: *mut c_void, + nc: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_RFC3779"))] + rfc3779_addr: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_RFC3779"))] + rfc3779_asid: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_SHA"))] + sha1_hash: [c_uchar; 20], + aux: *mut c_void, +} + +#[repr(C)] +pub struct X509_CINF { + version: *mut c_void, + serialNumber: *mut c_void, + signature: *mut c_void, + issuer: *mut c_void, + pub validity: *mut X509_VAL, + subject: *mut c_void, + key: *mut c_void, + issuerUID: *mut c_void, + subjectUID: *mut c_void, + pub extensions: *mut stack_st_X509_EXTENSION, + enc: ASN1_ENCODING, +} + +#[repr(C)] +pub struct ASN1_ENCODING { + pub enc: *mut c_uchar, + pub len: c_long, + pub modified: c_int, +} + +#[repr(C)] +pub struct X509_VAL { + pub notBefore: *mut ::ASN1_TIME, + pub notAfter: *mut ::ASN1_TIME, +} + +#[repr(C)] +pub struct SSL_CTX { + method: *mut c_void, + cipher_list: *mut c_void, + cipher_list_by_id: *mut c_void, + cert_store: *mut c_void, + sessions: *mut c_void, + session_cache_size: c_ulong, + session_cache_head: *mut c_void, + session_cache_tail: *mut c_void, + session_cache_mode: c_int, + session_timeout: c_long, + new_session_cb: *mut c_void, + remove_session_cb: *mut c_void, + get_session_cb: *mut c_void, + stats: [c_int; 11], + pub references: c_int, + app_verify_callback: *mut c_void, + app_verify_arg: *mut c_void, + default_passwd_callback: *mut c_void, + default_passwd_callback_userdata: *mut c_void, + client_cert_cb: *mut c_void, + app_gen_cookie_cb: *mut c_void, + app_verify_cookie_cb: *mut c_void, + ex_dat: ::CRYPTO_EX_DATA, + rsa_md5: *mut c_void, + md5: *mut c_void, + sha1: *mut c_void, + extra_certs: *mut c_void, + comp_methods: *mut c_void, + info_callback: *mut c_void, + client_CA: *mut c_void, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + cert: *mut c_void, + read_ahead: c_int, + msg_callback: *mut c_void, + msg_callback_arg: *mut c_void, + verify_mode: c_int, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; 32], + default_verify_callback: *mut c_void, + generate_session_id: *mut c_void, + param: *mut c_void, + quiet_shutdown: c_int, + max_send_fragment: c_uint, + + #[cfg(not(osslconf = "OPENSSL_NO_ENGINE"))] + client_cert_engine: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_servername_callback: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsect_servername_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_key_name: [c_uchar; 16], + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_hmac_key: [c_uchar; 16], + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_aes_key: [c_uchar; 16], + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ticket_key_cb: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_cb: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input_callback: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input_callback_arg: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_identity_hint: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_client_callback: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_server_callback: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] + freelist_max_len: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] + wbuf_freelist: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] + rbuf_freelist: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + srp_ctx: SRP_CTX, + + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_NEXTPROTONEG")))] + next_protos_advertised_cb: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_NEXTPROTONEG")))] + next_protos_advertised_cb_arg: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_NEXTPROTONEG")))] + next_proto_select_cb: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_NEXTPROTONEG")))] + next_proto_select_cb_arg: *mut c_void, + + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl101))] + srtp_profiles: *mut c_void, + + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + srtp_profiles: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_select_cb: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_select_cb_arg: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list_len: c_uint, + + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC"), ossl102))] + tlsext_ecpointformatlist_length: size_t, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC"), ossl102))] + tlsext_ecpointformatlist: *mut c_uchar, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC"), ossl102))] + tlsext_ellipticcurvelist_length: size_t, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC"), ossl102))] + tlsext_ellipticcurvelist: *mut c_uchar, +} + +#[repr(C)] +pub struct SRP_CTX { + SRP_cb_arg: *mut c_void, + TLS_ext_srp_username_callback: *mut c_void, + SRP_verify_param_callback: *mut c_void, + SRP_give_srp_client_pwd_callback: *mut c_void, + login: *mut c_void, + N: *mut c_void, + g: *mut c_void, + s: *mut c_void, + B: *mut c_void, + A: *mut c_void, + a: *mut c_void, + b: *mut c_void, + v: *mut c_void, + info: *mut c_void, + stringth: c_int, + srp_Mask: c_ulong, +} + +#[repr(C)] +#[cfg(not(ossl101))] +pub struct X509_VERIFY_PARAM { + pub name: *mut c_char, + pub check_time: time_t, + pub inh_flags: c_ulong, + pub flags: c_ulong, + pub purpose: c_int, + pub trust: c_int, + pub depth: c_int, + pub policies: *mut stack_st_ASN1_OBJECT, + pub id: *mut X509_VERIFY_PARAM_ID, +} + +#[cfg(not(ossl101))] +pub enum X509_VERIFY_PARAM_ID {} + +pub const SSL_CTRL_OPTIONS: c_int = 32; +pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77; +#[cfg(ossl102)] +pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94; + +pub const SSL_OP_MICROSOFT_SESS_ID_BUG: c_ulong = 0x00000001; +pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: c_ulong = 0x00000002; +pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: c_ulong = 0x00000008; +pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: c_ulong = 0x00000020; +pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: c_ulong = 0x00000080; +pub const SSL_OP_TLS_D5_BUG: c_ulong = 0x00000100; +pub const SSL_OP_TLS_BLOCK_PADDING_BUG: c_ulong = 0x00000200; +pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00080000; +pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00100000; +pub const SSL_OP_NO_SSLv2: c_ulong = 0x01000000; + +pub const SSLEAY_VERSION : c_int = 0; +pub const SSLEAY_CFLAGS : c_int = 2; +pub const SSLEAY_BUILT_ON : c_int = 3; +pub const SSLEAY_PLATFORM : c_int = 4; +pub const SSLEAY_DIR : c_int = 5; + +pub const CRYPTO_LOCK_X509: c_int = 3; +pub const CRYPTO_LOCK_SSL_CTX: c_int = 12; + +static mut MUTEXES: *mut Vec> = 0 as *mut Vec>; +static mut GUARDS: *mut Vec>> = 0 as *mut Vec>>; + +unsafe extern fn locking_function(mode: c_int, n: c_int, _file: *const c_char, + _line: c_int) { + let mutex = &(*MUTEXES)[n as usize]; + + if mode & ::CRYPTO_LOCK != 0 { + (*GUARDS)[n as usize] = Some(mutex.lock().unwrap()); + } else { + &(*GUARDS)[n as usize].take(); + } +} + +pub fn init() { + static INIT: Once = ONCE_INIT; + + INIT.call_once(|| { + unsafe { + SSL_library_init(); + SSL_load_error_strings(); + OPENSSL_add_all_algorithms_noconf(); + + let num_locks = ::CRYPTO_num_locks(); + let mut mutexes = Box::new(Vec::new()); + for _ in 0..num_locks { + mutexes.push(Mutex::new(())); + } + MUTEXES = mem::transmute(mutexes); + let guards: Box>>> = + Box::new((0..num_locks).map(|_| None).collect()); + GUARDS = mem::transmute(guards); + + CRYPTO_set_locking_callback(locking_function); + set_id_callback(); + } + }) +} + +#[cfg(unix)] +fn set_id_callback() { + unsafe extern fn thread_id() -> c_ulong { + ::libc::pthread_self() as c_ulong + } + + unsafe { + CRYPTO_set_id_callback(thread_id); + } +} + +#[cfg(not(unix))] +fn set_id_callback() {} + +// macros + +#[cfg(ossl102)] +pub unsafe fn SSL_CTX_set_ecdh_auto(ctx: *mut SSL_CTX, onoff: c_int) -> c_int { + ::SSL_CTX_ctrl(ctx, SSL_CTRL_SET_ECDH_AUTO, onoff as c_long, ::std::ptr::null_mut()) as c_int +} + +#[cfg(ossl102)] +pub unsafe fn SSL_set_ecdh_auto(ssl: *mut ::SSL, onoff: c_int) -> c_int { + ::SSL_ctrl(ssl, SSL_CTRL_SET_ECDH_AUTO, onoff as c_long, ::std::ptr::null_mut()) as c_int +} + +extern { + pub fn BIO_new(type_: *mut BIO_METHOD) -> *mut BIO; + pub fn BIO_s_file() -> *mut BIO_METHOD; + pub fn BIO_s_mem() -> *mut BIO_METHOD; + + pub fn get_rfc2409_prime_768(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc2409_prime_1024(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_1536(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_2048(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_3072(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_4096(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_6144(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_8192(bn: *mut BIGNUM) -> *mut BIGNUM; + + pub fn CRYPTO_free(buf: *mut c_void); + pub fn CRYPTO_num_locks() -> c_int; + pub fn CRYPTO_set_locking_callback(func: unsafe extern "C" fn(mode: c_int, + n: c_int, + file: *const c_char, + line: c_int)); + pub fn CRYPTO_set_id_callback(func: unsafe extern "C" fn() -> c_ulong); + + pub fn ERR_load_crypto_strings(); + + pub fn RSA_generate_key(modsz: c_int, + e: c_ulong, + cb: Option, + cbarg: *mut c_void) -> *mut RSA; + + pub fn SSL_library_init() -> c_int; + pub fn SSL_load_error_strings(); + pub fn OPENSSL_add_all_algorithms_noconf(); + pub fn HMAC_CTX_init(ctx: *mut ::HMAC_CTX); + pub fn HMAC_CTX_cleanup(ctx: *mut ::HMAC_CTX); + #[cfg(not(osslconf = "OPENSSL_NO_SSL3_METHOD"))] + pub fn SSLv3_method() -> *const ::SSL_METHOD; + pub fn TLSv1_method() -> *const ::SSL_METHOD; + pub fn SSLv23_method() -> *const ::SSL_METHOD; + pub fn TLSv1_1_method() -> *const ::SSL_METHOD; + pub fn TLSv1_2_method() -> *const ::SSL_METHOD; + pub fn DTLSv1_method() -> *const ::SSL_METHOD; + #[cfg(ossl102)] + pub fn DTLSv1_2_method() -> *const ::SSL_METHOD; + pub fn SSL_get_ex_new_index(argl: c_long, argp: *mut c_void, + new_func: Option<::CRYPTO_EX_new>, + dup_func: Option<::CRYPTO_EX_dup>, + free_func: Option<::CRYPTO_EX_free>) + -> c_int; + pub fn SSL_set_tmp_ecdh_callback(ssl: *mut ::SSL, + ecdh: unsafe extern fn(ssl: *mut ::SSL, + is_export: c_int, + keylength: c_int) + -> *mut ::EC_KEY); + pub fn SSL_CIPHER_get_version(cipher: *const ::SSL_CIPHER) -> *mut c_char; + pub fn SSL_CTX_get_ex_new_index(argl: c_long, argp: *mut c_void, + new_func: Option<::CRYPTO_EX_new>, + dup_func: Option<::CRYPTO_EX_dup>, + free_func: Option<::CRYPTO_EX_free>) + -> c_int; + pub fn SSL_CTX_set_tmp_ecdh_callback(ctx: *mut ::SSL_CTX, + ecdh: unsafe extern fn(ssl: *mut ::SSL, + is_export: c_int, + keylength: c_int) + -> *mut ::EC_KEY); + pub fn X509_get_subject_name(x: *mut ::X509) -> *mut ::X509_NAME; + pub fn X509_set_notAfter(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int; + pub fn X509_set_notBefore(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int; + pub fn X509_get_ext_d2i(x: *mut ::X509, nid: c_int, crit: *mut c_int, idx: *mut c_int) -> *mut c_void; + pub fn X509_NAME_get_entry(n: *mut ::X509_NAME, loc: c_int) -> *mut ::X509_NAME_ENTRY; + pub fn X509_NAME_ENTRY_get_data(ne: *mut ::X509_NAME_ENTRY) -> *mut ::ASN1_STRING; + pub fn X509_STORE_CTX_get_chain(ctx: *mut ::X509_STORE_CTX) -> *mut stack_st_X509; + pub fn X509V3_EXT_nconf_nid(conf: *mut ::CONF, ctx: *mut ::X509V3_CTX, ext_nid: c_int, value: *mut c_char) -> *mut ::X509_EXTENSION; + pub fn X509V3_EXT_nconf(conf: *mut ::CONF, ctx: *mut ::X509V3_CTX, name: *mut c_char, value: *mut c_char) -> *mut ::X509_EXTENSION; + pub fn ASN1_STRING_to_UTF8(out: *mut *mut c_uchar, s: *mut ::ASN1_STRING) -> c_int; + pub fn ASN1_STRING_data(x: *mut ::ASN1_STRING) -> *mut c_uchar; + pub fn CRYPTO_add_lock(pointer: *mut c_int, + amount: c_int, + type_: c_int, + file: *const c_char, + line: c_int) -> c_int; + pub fn EVP_MD_CTX_create() -> *mut EVP_MD_CTX; + pub fn EVP_MD_CTX_destroy(ctx: *mut EVP_MD_CTX); + pub fn EVP_PKEY_bits(key: *mut EVP_PKEY) -> c_int; + + pub fn sk_num(st: *const _STACK) -> c_int; + pub fn sk_value(st: *const _STACK, n: c_int) -> *mut c_void; + pub fn sk_free(st: *mut _STACK); + pub fn sk_pop_free(st: *mut _STACK, free: Option); + pub fn sk_pop(st: *mut _STACK) -> *mut c_void; + + pub fn SSLeay() -> c_ulong; + pub fn SSLeay_version(key: c_int) -> *const c_char; +} -- cgit v1.2.3 From b3526cbd2b8ca9e4eff4d4a0f1c3461cedcae776 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Marie?= Date: Wed, 21 Dec 2016 08:58:16 +0100 Subject: Add LibreSSL 2.5.0 support --- openssl-sys/src/lib.rs | 55 ++++++++++++++-------- openssl-sys/src/libressl.rs | 111 ++++++-------------------------------------- 2 files changed, 50 insertions(+), 116 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 3ac3c2c2..8c4d1acf 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -17,6 +17,11 @@ mod ossl110; #[cfg(ossl110)] pub use ossl110::*; +#[cfg(libressl)] +mod libressl; +#[cfg(libressl)] +pub use libressl::*; + pub enum ASN1_INTEGER {} pub enum ASN1_STRING {} pub enum ASN1_TIME {} @@ -1075,8 +1080,11 @@ pub const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER: c_long = 0x2; pub const SSL_MODE_AUTO_RETRY: c_long = 0x4; pub const SSL_MODE_NO_AUTO_CHAIN: c_long = 0x8; pub const SSL_MODE_RELEASE_BUFFERS: c_long = 0x10; +#[cfg(not(libressl))] pub const SSL_MODE_SEND_CLIENTHELLO_TIME: c_long = 0x20; +#[cfg(not(libressl))] pub const SSL_MODE_SEND_SERVERHELLO_TIME: c_long = 0x40; +#[cfg(not(libressl))] pub const SSL_MODE_SEND_FALLBACK_SCSV: c_long = 0x80; pub const SSL_ERROR_NONE: c_int = 0; @@ -1095,26 +1103,31 @@ pub const SSL_VERIFY_FAIL_IF_NO_PEER_CERT: c_int = 2; #[cfg(not(ossl101))] pub const SSL_OP_TLSEXT_PADDING: c_ulong = 0x00000010; pub const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: c_ulong = 0x00000800; +#[cfg(not(libressl))] pub const SSL_OP_ALL: c_ulong = 0x80000BFF; pub const SSL_OP_NO_QUERY_MTU: c_ulong = 0x00001000; pub const SSL_OP_COOKIE_EXCHANGE: c_ulong = 0x00002000; pub const SSL_OP_NO_TICKET: c_ulong = 0x00004000; +#[cfg(not(libressl))] pub const SSL_OP_CISCO_ANYCONNECT: c_ulong = 0x00008000; pub const SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION: c_ulong = 0x00010000; +#[cfg(not(libressl))] pub const SSL_OP_NO_COMPRESSION: c_ulong = 0x00020000; +#[cfg(not(libressl))] pub const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: c_ulong = 0x00040000; pub const SSL_OP_CIPHER_SERVER_PREFERENCE: c_ulong = 0x00400000; pub const SSL_OP_TLS_ROLLBACK_BUG: c_ulong = 0x00800000; +#[cfg(not(libressl))] pub const SSL_OP_NO_SSLv3: c_ulong = 0x02000000; pub const SSL_OP_NO_TLSv1: c_ulong = 0x04000000; pub const SSL_OP_NO_TLSv1_2: c_ulong = 0x08000000; pub const SSL_OP_NO_TLSv1_1: c_ulong = 0x10000000; -#[cfg(not(ossl101))] +#[cfg(not(any(ossl101, libressl)))] pub const SSL_OP_NO_DTLSv1: c_ulong = 0x04000000; -#[cfg(not(ossl101))] +#[cfg(not(any(ossl101, libressl)))] pub const SSL_OP_NO_DTLSv1_2: c_ulong = 0x08000000; -#[cfg(not(ossl101))] +#[cfg(not(any(ossl101, libressl)))] pub const SSL_OP_NO_SSL_MASK: c_ulong = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2; @@ -1292,9 +1305,9 @@ extern { pub fn BIO_new_socket(sock: c_int, close_flag: c_int) -> *mut BIO; pub fn BIO_read(b: *mut BIO, buf: *mut c_void, len: c_int) -> c_int; pub fn BIO_write(b: *mut BIO, buf: *const c_void, len: c_int) -> c_int; - #[cfg(ossl101)] + #[cfg(any(ossl101, libressl))] pub fn BIO_new_mem_buf(buf: *mut c_void, len: c_int) -> *mut BIO; - #[cfg(not(ossl101))] + #[cfg(not(any(ossl101, libressl)))] pub fn BIO_new_mem_buf(buf: *const c_void, len: c_int) -> *mut BIO; pub fn BIO_set_flags(b: *mut BIO, flags: c_int); pub fn BIO_clear_flags(b: *mut BIO, flags: c_int); @@ -1375,11 +1388,11 @@ extern { pub fn DH_new() -> *mut DH; pub fn DH_free(dh: *mut DH); - #[cfg(not(ossl101))] + #[cfg(not(any(ossl101, libressl)))] pub fn DH_get_1024_160() -> *mut DH; - #[cfg(not(ossl101))] + #[cfg(not(any(ossl101, libressl)))] pub fn DH_get_2048_224() -> *mut DH; - #[cfg(not(ossl101))] + #[cfg(not(any(ossl101, libressl)))] pub fn DH_get_2048_256() -> *mut DH; pub fn EC_KEY_new() -> *mut EC_KEY; @@ -1495,11 +1508,11 @@ extern { type_: *const EVP_MD, e: *mut ENGINE, pkey: *mut EVP_PKEY) -> c_int; - #[cfg(ossl101)] + #[cfg(any(ossl101, libressl))] pub fn EVP_DigestVerifyFinal(ctx: *mut EVP_MD_CTX, sigret: *mut c_uchar, siglen: size_t) -> c_int; - #[cfg(not(ossl101))] + #[cfg(not(any(ossl101, libressl)))] pub fn EVP_DigestVerifyFinal(ctx: *mut EVP_MD_CTX, sigret: *const c_uchar, siglen: size_t) -> c_int; @@ -1634,8 +1647,10 @@ extern { pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int; pub fn SSL_get_SSL_CTX(ssl: *const SSL) -> *mut SSL_CTX; pub fn SSL_set_SSL_CTX(ssl: *mut SSL, ctx: *mut SSL_CTX) -> *mut SSL_CTX; - #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] + #[cfg(not(any(osslconf = "OPENSSL_NO_COMP", libressl)))] pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const COMP_METHOD; + #[cfg(libressl)] + pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const libc::c_void; pub fn SSL_get_peer_certificate(ssl: *const SSL) -> *mut X509; pub fn SSL_get_ssl_method(ssl: *mut SSL) -> *const SSL_METHOD; pub fn SSL_get_version(ssl: *const SSL) -> *const c_char; @@ -1648,14 +1663,14 @@ extern { pub fn SSL_get_ex_data(ssl: *const SSL, idx: c_int) -> *mut c_void; pub fn SSL_get_servername(ssl: *const SSL, name_type: c_int) -> *const c_char; pub fn SSL_get_current_cipher(ssl: *const SSL) -> *const SSL_CIPHER; - #[cfg(not(ossl101))] + #[cfg(not(any(ossl101, libressl)))] pub fn SSL_get0_param(ssl: *mut SSL) -> *mut X509_VERIFY_PARAM; pub fn SSL_get_verify_result(ssl: *const SSL) -> c_long; pub fn SSL_shutdown(ssl: *mut SSL) -> c_int; pub fn SSL_get_certificate(ssl: *const SSL) -> *mut X509; - #[cfg(ossl101)] + #[cfg(any(ossl101, libressl))] pub fn SSL_get_privatekey(ssl: *mut SSL) -> *mut EVP_PKEY; - #[cfg(not(ossl101))] + #[cfg(not(any(ossl101, libressl)))] pub fn SSL_get_privatekey(ssl: *const SSL) -> *mut EVP_PKEY; pub fn SSL_load_client_CA_file(file: *const c_char) -> *mut stack_st_X509_NAME; pub fn SSL_set_tmp_dh_callback(ctx: *mut SSL, @@ -1664,8 +1679,10 @@ extern { keylength: c_int) -> *mut DH); - #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] + #[cfg(not(any(osslconf = "OPENSSL_NO_COMP", libressl)))] pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char; + #[cfg(libressl)] + pub fn SSL_COMP_get_name(comp: *const libc::c_void) -> *const c_char; pub fn SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char; pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *mut c_int) -> c_int; @@ -1701,9 +1718,9 @@ extern { keylength: c_int) -> *mut DH); - #[cfg(not(ossl101))] + #[cfg(not(any(ossl101, libressl)))] pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509; - #[cfg(not(ossl101))] + #[cfg(not(any(ossl101, libressl)))] pub fn SSL_CTX_get0_privatekey(ctx: *const SSL_CTX) -> *mut EVP_PKEY; pub fn SSL_CTX_set_cipher_list(ssl: *mut SSL_CTX, s: *const c_char) -> c_int; @@ -1787,9 +1804,9 @@ extern { #[cfg(not(ossl101))] pub fn X509_VERIFY_PARAM_free(param: *mut X509_VERIFY_PARAM); - #[cfg(not(ossl101))] + #[cfg(not(any(ossl101, libressl)))] pub fn X509_VERIFY_PARAM_set_hostflags(param: *mut X509_VERIFY_PARAM, flags: c_uint); - #[cfg(not(ossl101))] + #[cfg(not(any(ossl101, libressl)))] pub fn X509_VERIFY_PARAM_set1_host(param: *mut X509_VERIFY_PARAM, name: *const c_char, namelen: size_t) -> c_int; diff --git a/openssl-sys/src/libressl.rs b/openssl-sys/src/libressl.rs index 4f418f14..0f20713e 100644 --- a/openssl-sys/src/libressl.rs +++ b/openssl-sys/src/libressl.rs @@ -3,7 +3,6 @@ use std::sync::{Once, ONCE_INIT}; use std::mem; use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong}; -#[cfg(not(ossl101))] use libc::time_t; #[repr(C)] @@ -88,7 +87,6 @@ pub struct RSA { pub _method_mod_p: *mut ::BN_MONT_CTX, pub _method_mod_q: *mut ::BN_MONT_CTX, - pub bignum_data: *mut c_char, pub blinding: *mut ::BN_BLINDING, pub mt_blinding: *mut ::BN_BLINDING, } @@ -155,7 +153,6 @@ pub struct BIO { #[repr(C)] pub struct CRYPTO_EX_DATA { pub sk: *mut ::stack_st_void, - pub dummy: c_int, } #[repr(C)] @@ -258,10 +255,6 @@ pub struct X509 { crldp: *mut c_void, altname: *mut c_void, nc: *mut c_void, - #[cfg(not(osslconf = "OPENSSL_NO_RFC3779"))] - rfc3779_addr: *mut c_void, - #[cfg(not(osslconf = "OPENSSL_NO_RFC3779"))] - rfc3779_asid: *mut c_void, #[cfg(not(osslconf = "OPENSSL_NO_SHA"))] sha1_hash: [c_uchar; 20], aux: *mut c_void, @@ -346,99 +339,26 @@ pub struct SSL_CTX { #[cfg(not(osslconf = "OPENSSL_NO_ENGINE"))] client_cert_engine: *mut c_void, - #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_servername_callback: *mut c_void, - #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsect_servername_arg: *mut c_void, - #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_tick_key_name: [c_uchar; 16], - #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_tick_hmac_key: [c_uchar; 16], - #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_tick_aes_key: [c_uchar; 16], - #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_ticket_key_cb: *mut c_void, - #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_status_cb: *mut c_void, - #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_status_arg: *mut c_void, - #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_opaque_prf_input_callback: *mut c_void, - #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] tlsext_opaque_prf_input_callback_arg: *mut c_void, - #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] - psk_identity_hint: *mut c_void, - #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] - psk_client_callback: *mut c_void, - #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] - psk_server_callback: *mut c_void, - - #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] - freelist_max_len: c_uint, - #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] - wbuf_freelist: *mut c_void, - #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] - rbuf_freelist: *mut c_void, - - #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] - srp_ctx: SRP_CTX, - - #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_NEXTPROTONEG")))] next_protos_advertised_cb: *mut c_void, - #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_NEXTPROTONEG")))] next_protos_advertised_cb_arg: *mut c_void, - #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_NEXTPROTONEG")))] next_proto_select_cb: *mut c_void, - #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_NEXTPROTONEG")))] next_proto_select_cb_arg: *mut c_void, - #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl101))] - srtp_profiles: *mut c_void, - - #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] srtp_profiles: *mut c_void, - #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] - alpn_select_cb: *mut c_void, - #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] - alpn_select_cb_arg: *mut c_void, - #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] - alpn_client_proto_list: *mut c_void, - #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] - alpn_client_proto_list_len: c_uint, - - #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC"), ossl102))] - tlsext_ecpointformatlist_length: size_t, - #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC"), ossl102))] - tlsext_ecpointformatlist: *mut c_uchar, - #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC"), ossl102))] - tlsext_ellipticcurvelist_length: size_t, - #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC"), ossl102))] - tlsext_ellipticcurvelist: *mut c_uchar, -} - -#[repr(C)] -pub struct SRP_CTX { - SRP_cb_arg: *mut c_void, - TLS_ext_srp_username_callback: *mut c_void, - SRP_verify_param_callback: *mut c_void, - SRP_give_srp_client_pwd_callback: *mut c_void, - login: *mut c_void, - N: *mut c_void, - g: *mut c_void, - s: *mut c_void, - B: *mut c_void, - A: *mut c_void, - a: *mut c_void, - b: *mut c_void, - v: *mut c_void, - info: *mut c_void, - stringth: c_int, - srp_Mask: c_ulong, } #[repr(C)] -#[cfg(not(ossl101))] pub struct X509_VERIFY_PARAM { pub name: *mut c_char, pub check_time: time_t, @@ -448,27 +368,30 @@ pub struct X509_VERIFY_PARAM { pub trust: c_int, pub depth: c_int, pub policies: *mut stack_st_ASN1_OBJECT, - pub id: *mut X509_VERIFY_PARAM_ID, + //pub id: *mut X509_VERIFY_PARAM_ID, } -#[cfg(not(ossl101))] pub enum X509_VERIFY_PARAM_ID {} pub const SSL_CTRL_OPTIONS: c_int = 32; pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77; -#[cfg(ossl102)] pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94; -pub const SSL_OP_MICROSOFT_SESS_ID_BUG: c_ulong = 0x00000001; -pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: c_ulong = 0x00000002; -pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: c_ulong = 0x00000008; -pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: c_ulong = 0x00000020; -pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: c_ulong = 0x00000080; -pub const SSL_OP_TLS_D5_BUG: c_ulong = 0x00000100; -pub const SSL_OP_TLS_BLOCK_PADDING_BUG: c_ulong = 0x00000200; +pub const SSL_OP_ALL: c_ulong = 0x80000014; +pub const SSL_OP_CISCO_ANYCONNECT: c_ulong = 0x0; +pub const SSL_OP_NO_COMPRESSION: c_ulong = 0x0; +pub const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: c_ulong = 0x0; +pub const SSL_OP_NO_SSLv3: c_ulong = 0x0; +pub const SSL_OP_MICROSOFT_SESS_ID_BUG: c_ulong = 0x0; +pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: c_ulong = 0x0; +pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: c_ulong = 0x0; +pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: c_ulong = 0x0; +pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: c_ulong = 0x0; +pub const SSL_OP_TLS_D5_BUG: c_ulong = 0x0; +pub const SSL_OP_TLS_BLOCK_PADDING_BUG: c_ulong = 0x0; pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00080000; pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00100000; -pub const SSL_OP_NO_SSLv2: c_ulong = 0x01000000; +pub const SSL_OP_NO_SSLv2: c_ulong = 0x0; pub const SSLEAY_VERSION : c_int = 0; pub const SSLEAY_CFLAGS : c_int = 2; @@ -534,12 +457,10 @@ fn set_id_callback() {} // macros -#[cfg(ossl102)] pub unsafe fn SSL_CTX_set_ecdh_auto(ctx: *mut SSL_CTX, onoff: c_int) -> c_int { ::SSL_CTX_ctrl(ctx, SSL_CTRL_SET_ECDH_AUTO, onoff as c_long, ::std::ptr::null_mut()) as c_int } -#[cfg(ossl102)] pub unsafe fn SSL_set_ecdh_auto(ssl: *mut ::SSL, onoff: c_int) -> c_int { ::SSL_ctrl(ssl, SSL_CTRL_SET_ECDH_AUTO, onoff as c_long, ::std::ptr::null_mut()) as c_int } @@ -578,15 +499,11 @@ extern { pub fn OPENSSL_add_all_algorithms_noconf(); pub fn HMAC_CTX_init(ctx: *mut ::HMAC_CTX); pub fn HMAC_CTX_cleanup(ctx: *mut ::HMAC_CTX); - #[cfg(not(osslconf = "OPENSSL_NO_SSL3_METHOD"))] - pub fn SSLv3_method() -> *const ::SSL_METHOD; pub fn TLSv1_method() -> *const ::SSL_METHOD; pub fn SSLv23_method() -> *const ::SSL_METHOD; pub fn TLSv1_1_method() -> *const ::SSL_METHOD; pub fn TLSv1_2_method() -> *const ::SSL_METHOD; pub fn DTLSv1_method() -> *const ::SSL_METHOD; - #[cfg(ossl102)] - pub fn DTLSv1_2_method() -> *const ::SSL_METHOD; pub fn SSL_get_ex_new_index(argl: c_long, argp: *mut c_void, new_func: Option<::CRYPTO_EX_new>, dup_func: Option<::CRYPTO_EX_dup>, -- cgit v1.2.3 From 762510a5faf8c38d0aab6b86d19bc0c7c24e8e78 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 23 Dec 2016 13:38:00 -0500 Subject: Release v0.9.4 --- openssl-sys/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index c67c2f2d..9b733402 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1,6 +1,6 @@ #![allow(non_camel_case_types, non_upper_case_globals, non_snake_case)] #![allow(dead_code, overflowing_literals)] -#![doc(html_root_url="https://docs.rs/openssl-sys/0.9.3")] +#![doc(html_root_url="https://docs.rs/openssl-sys/0.9.4")] extern crate libc; -- cgit v1.2.3 From 6291407b177dfb8bee0b50974cad57c98da110f8 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Tue, 3 Jan 2017 14:56:00 -0800 Subject: Add X509::stack_from_pem Implementation is a clone of SSL_CTX_use_certificate_chain_file --- openssl-sys/src/lib.rs | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 9b733402..80cfc47e 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -126,6 +126,9 @@ pub const BIO_FLAGS_SHOULD_RETRY: c_int = 0x08; pub const CRYPTO_LOCK: c_int = 1; +pub const ERR_LIB_PEM: c_int = 9; +pub const PEM_R_NO_START_LINE: c_int = 108; + pub const EVP_MAX_MD_SIZE: c_uint = 64; pub const EVP_PKEY_RSA: c_int = NID_rsaEncryption; pub const EVP_PKEY_HMAC: c_int = NID_hmac; @@ -1429,10 +1432,12 @@ extern { pub fn EC_POINT_cmp(group: *const EC_GROUP, a: *const EC_POINT, b: *const EC_POINT, ctx: *mut BN_CTX) -> c_int; pub fn EC_POINT_free(point: *mut EC_POINT); + pub fn ERR_peek_last_error() -> c_ulong; pub fn ERR_get_error() -> c_ulong; pub fn ERR_lib_error_string(err: c_ulong) -> *const c_char; pub fn ERR_func_error_string(err: c_ulong) -> *const c_char; pub fn ERR_reason_error_string(err: c_ulong) -> *const c_char; + pub fn ERR_clear_error(); pub fn EVP_md5() -> *const EVP_MD; pub fn EVP_ripemd160() -> *const EVP_MD; -- cgit v1.2.3 From cdf388e3f44b49a5ea4255b9674d8e1ded2ba472 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Tue, 3 Jan 2017 16:09:24 -0800 Subject: Release v0.9.5 --- openssl-sys/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 80cfc47e..22af7c96 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1,6 +1,6 @@ #![allow(non_camel_case_types, non_upper_case_globals, non_snake_case)] #![allow(dead_code, overflowing_literals)] -#![doc(html_root_url="https://docs.rs/openssl-sys/0.9.4")] +#![doc(html_root_url="https://docs.rs/openssl-sys/0.9.5")] extern crate libc; -- cgit v1.2.3 From 336175990cb3584b85385a093b2d1e245ffdb1f1 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Wed, 4 Jan 2017 20:54:53 -0800 Subject: Add SSL_SESSION --- openssl-sys/src/libressl.rs | 36 ++++++++++++++++++++++++++ openssl-sys/src/ossl10x.rs | 63 ++++++++++++++++++++++++++++++++++++++++++--- openssl-sys/src/ossl110.rs | 1 + 3 files changed, 97 insertions(+), 3 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/libressl.rs b/openssl-sys/src/libressl.rs index 0f20713e..83c5aee6 100644 --- a/openssl-sys/src/libressl.rs +++ b/openssl-sys/src/libressl.rs @@ -358,6 +358,38 @@ pub struct SSL_CTX { srtp_profiles: *mut c_void, } +#[repr(C)] +pub struct SSL_SESSION { + ssl_version: c_int, + master_key_length: c_int, + master_key: [c_uchar; SSL_MAX_MASTER_KEY_LENGTH as usize], + session_id_length: c_uint, + session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + not_resumable: c_int, + sess_cert: *mut c_void, + peer: *mut X509, + verify_result: c_long, + timeout: c_long, + time: time_t, + references: c_int, + cipher: *const c_void, + cipher_id: c_ulong, + ciphers: *mut c_void, + ex_data: ::CRYPTO_EX_DATA, + prev: *mut c_void, + next: *mut c_void, + tlsext_hostname: *mut c_char, + tlsext_ecpointformatlist_length: size_t, + tlsext_ecpointformatlist: *mut u8, + tlsext_ellipticcurvelist_length: size_t, + tlsext_ellipticcurvelist: *mut u16, + tlsext_tick: *mut c_uchar, + tlsext_ticklen: size_t, + tlsext_tick_lifetime_hint: c_long, +} + #[repr(C)] pub struct X509_VERIFY_PARAM { pub name: *mut c_char, @@ -393,6 +425,10 @@ pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00080000; pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00100000; pub const SSL_OP_NO_SSLv2: c_ulong = 0x0; +pub const SSL_MAX_SSL_SESSION_ID_LENGTH: c_int = 32; +pub const SSL_MAX_SID_CTX_LENGTH: c_int = 32; +pub const SSL_MAX_MASTER_KEY_LENGTH: c_int = 48; + pub const SSLEAY_VERSION : c_int = 0; pub const SSLEAY_CFLAGS : c_int = 2; pub const SSLEAY_BUILT_ON : c_int = 3; diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs index 4f418f14..5b0ca3d5 100644 --- a/openssl-sys/src/ossl10x.rs +++ b/openssl-sys/src/ossl10x.rs @@ -2,9 +2,7 @@ use std::sync::{Mutex, MutexGuard}; use std::sync::{Once, ONCE_INIT}; use std::mem; -use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong}; -#[cfg(not(ossl101))] -use libc::time_t; +use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong, time_t}; #[repr(C)] pub struct stack_st_ASN1_OBJECT { @@ -417,6 +415,59 @@ pub struct SSL_CTX { tlsext_ellipticcurvelist: *mut c_uchar, } +#[repr(C)] +pub struct SSL_SESSION { + ssl_version: c_int, + key_arg_length: c_uint, + key_arg: [c_uchar; SSL_MAX_KEY_ARG_LENGTH as usize], + master_key_length: c_uint, + master_key: [c_uchar; SSL_MAX_MASTER_KEY_LENGTH as usize], + session_id_length: c_uint, + session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] + krb5_client_princ_len: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] + krb5_client_princ: [c_uchar; SSL_MAX_KRB5_PRINCIPAL_LENGTH], + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_identity_hint: *mut c_char, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_identity: *mut c_char, + not_resumable: c_int, + sess_cert: *mut c_void, + peer: *mut X509, + verify_result: c_long, + references: c_int, + timeout: c_long, + time: time_t, + compress_meth: c_uint, + cipher: *const c_void, + cipher_id: c_ulong, + ciphers: *mut c_void, + ex_data: ::CRYPTO_EX_DATA, + prev: *mut c_void, + next: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hostname: *mut c_char, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC")))] + tlsext_ecpointformatlist_length: size_t, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC")))] + tlsext_ecpointformatlist: *mut c_uchar, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC")))] + tlsext_ellipticcurvelist_length: size_t, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC")))] + tlsext_ellipticcurvelist: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ticklen: size_t, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_lifetime_hint: c_long, + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + srp_username: *mut c_char, +} + #[repr(C)] pub struct SRP_CTX { SRP_cb_arg: *mut c_void, @@ -470,6 +521,12 @@ pub const SSL_OP_SINGLE_ECDH_USE: c_ulong = 0x00080000; pub const SSL_OP_SINGLE_DH_USE: c_ulong = 0x00100000; pub const SSL_OP_NO_SSLv2: c_ulong = 0x01000000; +pub const SSL_MAX_SSL_SESSION_ID_LENGTH: c_int = 32; +pub const SSL_MAX_SID_CTX_LENGTH: c_int = 32; +pub const SSL_MAX_KEY_ARG_LENGTH: c_int = 8; +pub const SSL_MAX_MASTER_KEY_LENGTH: c_int = 48; +pub const SSL_MAX_KRB5_PRINCIPAL_LENGTH: c_int = 256; + pub const SSLEAY_VERSION : c_int = 0; pub const SSLEAY_CFLAGS : c_int = 2; pub const SSLEAY_BUILT_ON : c_int = 3; diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs index bb4fa19b..9a5d287b 100644 --- a/openssl-sys/src/ossl110.rs +++ b/openssl-sys/src/ossl110.rs @@ -13,6 +13,7 @@ pub enum HMAC_CTX {} pub enum OPENSSL_STACK {} pub enum RSA {} pub enum SSL_CTX {} +pub enum SSL_SESSION {} pub enum stack_st_ASN1_OBJECT {} pub enum stack_st_GENERAL_NAME {} pub enum stack_st_OPENSSL_STRING {} -- cgit v1.2.3 From 1ffe57429885f935c10301e7838fa9871c35c95b Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Wed, 4 Jan 2017 20:57:50 -0800 Subject: Add SSL_SESSION functions --- openssl-sys/src/lib.rs | 3 +++ 1 file changed, 3 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 22af7c96..a8ac9ba1 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1748,6 +1748,9 @@ extern { inbuf: *const c_uchar, inlen: c_uint, client: *const c_uchar, client_len: c_uint) -> c_int; pub fn SSL_get0_next_proto_negotiated(s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint); + pub fn SSL_get_session(s: *const SSL) -> *mut SSL_SESSION; + + pub fn SSL_SESSION_free(s: *mut SSL_SESSION); #[cfg(not(ossl101))] pub fn SSL_CTX_set_alpn_protos(s: *mut SSL_CTX, data: *const c_uchar, len: c_uint) -> c_int; -- cgit v1.2.3 From 5d53405597f2e8dc3a6543e8c4a56705b0ecd47a Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Wed, 4 Jan 2017 21:07:51 -0800 Subject: Provide access to the session ID --- openssl-sys/src/lib.rs | 1 + 1 file changed, 1 insertion(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index a8ac9ba1..0ea0e5d8 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1751,6 +1751,7 @@ extern { pub fn SSL_get_session(s: *const SSL) -> *mut SSL_SESSION; pub fn SSL_SESSION_free(s: *mut SSL_SESSION); + pub fn SSL_SESSION_get_id(s: *const SSL_SESSION, len: *mut c_uint) -> *const c_uchar; #[cfg(not(ossl101))] pub fn SSL_CTX_set_alpn_protos(s: *mut SSL_CTX, data: *const c_uchar, len: c_uint) -> c_int; -- cgit v1.2.3 From 404e0341d82d5aab58daaa48b864eaf1a281d101 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Wed, 4 Jan 2017 21:33:47 -0800 Subject: Provide master key access --- openssl-sys/src/libressl.rs | 4 ++-- openssl-sys/src/ossl10x.rs | 6 +++--- openssl-sys/src/ossl110.rs | 6 +++++- 3 files changed, 10 insertions(+), 6 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/libressl.rs b/openssl-sys/src/libressl.rs index 83c5aee6..2c747ffe 100644 --- a/openssl-sys/src/libressl.rs +++ b/openssl-sys/src/libressl.rs @@ -361,8 +361,8 @@ pub struct SSL_CTX { #[repr(C)] pub struct SSL_SESSION { ssl_version: c_int, - master_key_length: c_int, - master_key: [c_uchar; SSL_MAX_MASTER_KEY_LENGTH as usize], + pub master_key_length: c_int, + pub master_key: [c_uchar; 48], session_id_length: c_uint, session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], sid_ctx_length: c_uint, diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs index 5b0ca3d5..4d37d2a1 100644 --- a/openssl-sys/src/ossl10x.rs +++ b/openssl-sys/src/ossl10x.rs @@ -420,8 +420,8 @@ pub struct SSL_SESSION { ssl_version: c_int, key_arg_length: c_uint, key_arg: [c_uchar; SSL_MAX_KEY_ARG_LENGTH as usize], - master_key_length: c_uint, - master_key: [c_uchar; SSL_MAX_MASTER_KEY_LENGTH as usize], + pub master_key_length: c_int, + pub master_key: [c_uchar; 48], session_id_length: c_uint, session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], sid_ctx_length: c_uint, @@ -429,7 +429,7 @@ pub struct SSL_SESSION { #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] krb5_client_princ_len: c_uint, #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] - krb5_client_princ: [c_uchar; SSL_MAX_KRB5_PRINCIPAL_LENGTH], + krb5_client_princ: [c_uchar; SSL_MAX_KRB5_PRINCIPAL_LENGTH as usize], #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] psk_identity_hint: *mut c_char, #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs index 9a5d287b..898ad4a2 100644 --- a/openssl-sys/src/ossl110.rs +++ b/openssl-sys/src/ossl110.rs @@ -1,4 +1,4 @@ -use libc::{c_int, c_void, c_char, c_uchar, c_ulong, c_long, c_uint}; +use libc::{c_int, c_void, c_char, c_uchar, c_ulong, c_long, c_uint, size_t}; pub enum BIGNUM {} pub enum BIO {} @@ -156,6 +156,10 @@ extern { -> c_int; pub fn X509_up_ref(x: *mut X509) -> c_int; pub fn SSL_CTX_up_ref(x: *mut SSL_CTX) -> c_int; + pub fn SSL_SESSION_get_master_key(session: *const SSL_SESSION, + out: *mut c_uchar, + outlen: size_t) + -> size_t; pub fn X509_get0_extensions(req: *const ::X509) -> *const stack_st_X509_EXTENSION; pub fn X509_STORE_CTX_get0_chain(ctx: *mut ::X509_STORE_CTX) -> *mut stack_st_X509; pub fn EVP_MD_CTX_new() -> *mut EVP_MD_CTX; -- cgit v1.2.3 From c6ea4f3e2a8b6159d4772ee5274001cff7caff2f Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Wed, 4 Jan 2017 22:34:50 -0800 Subject: Fix time type --- openssl-sys/src/ossl10x.rs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs index 4d37d2a1..037298c1 100644 --- a/openssl-sys/src/ossl10x.rs +++ b/openssl-sys/src/ossl10x.rs @@ -2,7 +2,9 @@ use std::sync::{Mutex, MutexGuard}; use std::sync::{Once, ONCE_INIT}; use std::mem; -use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong, time_t}; +use libc::{c_int, c_char, c_void, c_long, c_uchar, size_t, c_uint, c_ulong}; +#[cfg(not(ossl101))] +use libc::time_t; #[repr(C)] pub struct stack_st_ASN1_OBJECT { @@ -440,7 +442,7 @@ pub struct SSL_SESSION { verify_result: c_long, references: c_int, timeout: c_long, - time: time_t, + time: c_long, compress_meth: c_uint, cipher: *const c_void, cipher_id: c_ulong, -- cgit v1.2.3 From 524e8e3c5a59dd8ca6290c2fe7e338d8a7587a25 Mon Sep 17 00:00:00 2001 From: Marc-Antoine Perennou Date: Thu, 5 Jan 2017 16:15:25 +0100 Subject: libressl: mark unavailable flags as such These flags are not available in libressl (at least for version 2.4.4 which is the last stable version) Signed-off-by: Marc-Antoine Perennou --- openssl-sys/src/lib.rs | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 22af7c96..23fa032b 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1206,15 +1206,15 @@ pub const X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: c_int = 45; pub const X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: c_int = 53; pub const X509_V_OK: c_int = 0; -#[cfg(not(ossl101))] +#[cfg(not(any(ossl101, libressl)))] pub const X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT: c_uint = 0x1; -#[cfg(not(ossl101))] +#[cfg(not(any(ossl101, libressl)))] pub const X509_CHECK_FLAG_NO_WILDCARDS: c_uint = 0x2; -#[cfg(not(ossl101))] +#[cfg(not(any(ossl101, libressl)))] pub const X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS: c_uint = 0x4; -#[cfg(not(ossl101))] +#[cfg(not(any(ossl101, libressl)))] pub const X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS: c_uint = 0x8; -#[cfg(not(ossl101))] +#[cfg(not(any(ossl101, libressl)))] pub const X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS: c_uint = 0x10; pub const GEN_OTHERNAME: c_int = 0; -- cgit v1.2.3 From 9942643ab6fbdecb0561fcdc08565d4f154865b3 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Mon, 9 Jan 2017 20:50:26 -0800 Subject: Release v0.9.6 --- openssl-sys/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 0ea0e5d8..df6d1d14 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1,6 +1,6 @@ #![allow(non_camel_case_types, non_upper_case_globals, non_snake_case)] #![allow(dead_code, overflowing_literals)] -#![doc(html_root_url="https://docs.rs/openssl-sys/0.9.5")] +#![doc(html_root_url="https://docs.rs/openssl-sys/0.9.6")] extern crate libc; -- cgit v1.2.3 From 920ab0d6fb60c17077f43d7f08ad3ff391201689 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 13 Jan 2017 19:38:12 -0800 Subject: OCSP functionality --- openssl-sys/src/lib.rs | 125 ++++++++++++++++++++++++++++++++---- openssl-sys/src/libressl.rs | 107 +++++++++++++++++++++++++++++++ openssl-sys/src/ossl10x.rs | 150 ++++++++++++++++++++++++++++++++++++++++++++ openssl-sys/src/ossl110.rs | 5 ++ 4 files changed, 376 insertions(+), 11 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index df6d1d14..0cbd0da7 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -6,6 +6,7 @@ extern crate libc; use libc::{c_void, c_int, c_char, c_ulong, c_long, c_uint, c_uchar, size_t, FILE}; use std::ptr; +use std::mem; #[cfg(any(ossl101, ossl102))] mod ossl10x; @@ -23,6 +24,7 @@ mod libressl; pub use libressl::*; pub enum ASN1_INTEGER {} +pub enum ASN1_GENERALIZEDTIME {} pub enum ASN1_STRING {} pub enum ASN1_TIME {} pub enum ASN1_TYPE {} @@ -38,7 +40,11 @@ pub enum ENGINE {} pub enum EVP_CIPHER_CTX {} pub enum EVP_MD {} pub enum EVP_PKEY_CTX {} -pub enum SSL {} +pub enum OCSP_BASICRESP {} +pub enum OCSP_CERTID {} +pub enum OCSP_RESPONSE {} +pub enum OCSP_REQUEST {} +pub enum OCSP_ONEREQ {} pub enum SSL_CIPHER {} pub enum SSL_METHOD {} pub enum X509_CRL {} @@ -51,20 +57,17 @@ pub enum X509_STORE_CTX {} pub enum bio_st {} pub enum PKCS12 {} pub enum DH_METHOD {} - -pub type bio_info_cb = Option; - pub enum RSA_METHOD {} pub enum BN_MONT_CTX {} pub enum BN_BLINDING {} pub enum DSA_METHOD {} pub enum EVP_PKEY_ASN1_METHOD {} +pub type bio_info_cb = Option; +pub type GEN_SESSION_CB = Option c_int>; +pub type tls_session_ticket_ext_cb_fn = Option c_int>; +pub type tls_session_secret_cb_fn = Option c_int>; + #[repr(C)] #[derive(Copy, Clone)] pub enum point_conversion_form_t { @@ -1059,6 +1062,40 @@ pub const NID_aes_128_cbc_hmac_sha1: c_int = 916; pub const NID_aes_192_cbc_hmac_sha1: c_int = 917; pub const NID_aes_256_cbc_hmac_sha1: c_int = 918; +pub const OCSP_NOCERTS: c_ulong = 0x1; +pub const OCSP_NOINTERN: c_ulong = 0x2; +pub const OCSP_NOSIGS: c_ulong = 0x4; +pub const OCSP_NOCHAIN: c_ulong = 0x8; +pub const OCSP_NOVERIFY: c_ulong = 0x10; +pub const OCSP_NOEXPLICIT: c_ulong = 0x20; +pub const OCSP_NOCASIGN: c_ulong = 0x40; +pub const OCSP_NODELEGATED: c_ulong = 0x80; +pub const OCSP_NOCHECKS: c_ulong = 0x100; +pub const OCSP_TRUSTOTHER: c_ulong = 0x200; +pub const OCSP_RESPID_KEY: c_ulong = 0x400; +pub const OCSP_NOTIME: c_ulong = 0x800; + +pub const V_OCSP_CERTSTATUS_GOOD: c_int = 0; +pub const V_OCSP_CERTSTATUS_REVOKED: c_int = 1; +pub const V_OCSP_CERTSTATUS_UNKNOWN: c_int = 2; + +pub const OCSP_REVOKED_STATUS_NOSTATUS: c_int = -1; +pub const OCSP_REVOKED_STATUS_UNSPECIFIED: c_int = 0; +pub const OCSP_REVOKED_STATUS_KEYCOMPROMISE: c_int = 1; +pub const OCSP_REVOKED_STATUS_CACOMPROMISE: c_int = 2; +pub const OCSP_REVOKED_STATUS_AFFILIATIONCHANGED: c_int = 3; +pub const OCSP_REVOKED_STATUS_SUPERSEDED: c_int = 4; +pub const OCSP_REVOKED_STATUS_CESSATIONOFOPERATION: c_int = 5; +pub const OCSP_REVOKED_STATUS_CERTIFICATEHOLD: c_int = 6; +pub const OCSP_REVOKED_STATUS_REMOVEFROMCRL: c_int = 8; + +pub const OCSP_RESPONSE_STATUS_SUCCESSFUL: c_int = 0; +pub const OCSP_RESPONSE_STATUS_MALFORMEDREQUEST: c_int = 1; +pub const OCSP_RESPONSE_STATUS_INTERNALERROR: c_int = 2; +pub const OCSP_RESPONSE_STATUS_TRYLATER: c_int = 3; +pub const OCSP_RESPONSE_STATUS_SIGREQUIRED: c_int = 5; +pub const OCSP_RESPONSE_STATUS_UNAUTHORIZED: c_int = 6; + pub const PKCS5_SALT_LEN: c_int = 8; pub const RSA_F4: c_long = 0x10001; @@ -1077,6 +1114,12 @@ pub const SSL_CTRL_SET_READ_AHEAD: c_int = 41; pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: c_int = 53; pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: c_int = 54; pub const SSL_CTRL_SET_TLSEXT_HOSTNAME: c_int = 55; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: c_int = 63; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: c_int = 64; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: c_int = 65; +pub const SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 70; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 71; +pub const SSL_CTRL_GET_EXTRA_CHAIN_CERTS: c_int = 82; pub const SSL_MODE_ENABLE_PARTIAL_WRITE: c_long = 0x1; pub const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER: c_long = 0x2; @@ -1136,6 +1179,8 @@ pub const SSL_OP_NO_SSL_MASK: c_ulong = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | pub const TLSEXT_NAMETYPE_host_name: c_int = 0; +pub const TLSEXT_STATUSTYPE_ocsp: c_int = 1; + pub const SSL_TLSEXT_ERR_OK: c_int = 0; pub const SSL_TLSEXT_ERR_ALERT_WARNING: c_int = 1; pub const SSL_TLSEXT_ERR_ALERT_FATAL: c_int = 2; @@ -1273,7 +1318,7 @@ pub unsafe fn SSL_CTX_add_extra_chain_cert(ctx: *mut SSL_CTX, x509: *mut X509) - } pub unsafe fn SSL_CTX_set_tlsext_servername_callback(ctx: *mut SSL_CTX, - cb: Option) + cb: Option) -> c_long { SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_CB, cb) } @@ -1284,6 +1329,32 @@ pub unsafe fn SSL_set_tlsext_host_name(s: *mut SSL, name: *mut c_char) -> c_long name as *mut c_void) } +pub unsafe fn SSL_set_tlsext_status_type(s: *mut SSL, type_: c_int) -> c_long { + SSL_ctrl(s, SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE, type_ as c_long, ptr::null_mut()) +} + +pub unsafe fn SSL_CTX_set_tlsext_status_cb(ctx: *mut SSL_CTX, + cb: Option c_int>) + -> c_long { + SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB, mem::transmute(cb)) +} + +pub unsafe fn SSL_CTX_set_tlsext_status_arg(ctx: *mut SSL_CTX, arg: *mut c_void) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG, 0, arg) +} + +pub unsafe fn SSL_CTX_get_extra_chain_certs(ctx: *mut SSL_CTX, chain: *mut *mut stack_st_X509) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, chain as *mut c_void) +} + +pub unsafe fn SSL_get_tlsext_status_ocsp_resp(ssl: *mut SSL, resp: *mut *mut c_uchar) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP, 0, resp as *mut c_void) +} + +pub unsafe fn SSL_set_tlsext_status_ocsp_resp(ssl: *mut SSL, resp: *mut c_uchar, len: c_long) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP, len, resp as *mut c_void) +} + pub fn ERR_GET_LIB(l: c_ulong) -> c_int { ((l >> 24) & 0x0FF) as c_int } @@ -1298,6 +1369,8 @@ pub fn ERR_GET_REASON(l: c_ulong) -> c_int { extern { pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int; + pub fn ASN1_GENERALIZEDTIME_free(tm: *mut ASN1_GENERALIZEDTIME); + pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int; pub fn ASN1_STRING_type_new(ty: c_int) -> *mut ASN1_STRING; pub fn ASN1_TIME_free(tm: *mut ASN1_TIME); pub fn ASN1_TIME_print(b: *mut BIO, tm: *const ASN1_TIME) -> c_int; @@ -1541,6 +1614,30 @@ extern { pub fn HMAC_CTX_copy(dst: *mut HMAC_CTX, src: *mut HMAC_CTX) -> c_int; + pub fn OCSP_BASICRESP_new() -> *mut OCSP_BASICRESP; + pub fn OCSP_BASICRESP_free(r: *mut OCSP_BASICRESP); + pub fn OCSP_basic_verify(bs: *mut OCSP_BASICRESP, certs: *mut stack_st_X509, st: *mut X509_STORE, flags: c_ulong) -> c_int; + pub fn OCSP_resp_find_status(bs: *mut OCSP_BASICRESP, id: *mut OCSP_CERTID, status: *mut c_int, reason: *mut c_int, revtime: *mut *mut ASN1_GENERALIZEDTIME, thisupd: *mut *mut ASN1_GENERALIZEDTIME, nextupd: *mut *mut ASN1_GENERALIZEDTIME) -> c_int; + pub fn OCSP_check_validity(thisupd: *mut ASN1_GENERALIZEDTIME, nextupd: *mut ASN1_GENERALIZEDTIME, sec: c_long, maxsec: c_long) -> c_int; + + pub fn OCSP_CERTID_free(id: *mut OCSP_CERTID); + + pub fn OCSP_RESPONSE_new() -> *mut OCSP_RESPONSE; + pub fn OCSP_RESPONSE_free(r: *mut OCSP_RESPONSE); + pub fn i2d_OCSP_RESPONSE(a: *mut OCSP_RESPONSE, pp: *mut *mut c_uchar) -> c_int; + pub fn d2i_OCSP_RESPONSE(a: *mut *mut OCSP_RESPONSE, pp: *mut *const c_uchar, length: c_long) -> *mut OCSP_RESPONSE; + pub fn OCSP_response_create(status: c_int, bs: *mut OCSP_BASICRESP) -> *mut OCSP_RESPONSE; + pub fn OCSP_response_status(resp: *mut OCSP_RESPONSE) -> c_int; + pub fn OCSP_response_get1_basic(resp: *mut OCSP_RESPONSE) -> *mut OCSP_BASICRESP; + + pub fn OCSP_REQUEST_new() -> *mut OCSP_REQUEST; + pub fn OCSP_REQUEST_free(r: *mut OCSP_REQUEST); + pub fn i2d_OCSP_REQUEST(a: *mut OCSP_REQUEST, pp: *mut *mut c_uchar) -> c_int; + pub fn d2i_OCSP_REQUEST(a: *mut *mut OCSP_REQUEST, pp: *mut *const c_uchar, length: c_long) -> *mut OCSP_REQUEST; + pub fn OCSP_request_add0_id(r: *mut OCSP_REQUEST, id: *mut OCSP_CERTID) -> *mut OCSP_ONEREQ; + + pub fn OCSP_ONEREQ_free(r: *mut OCSP_ONEREQ); + pub fn PEM_read_bio_DHparams(bio: *mut BIO, out: *mut *mut DH, callback: Option, user_data: *mut c_void) -> *mut DH; pub fn PEM_read_bio_X509(bio: *mut BIO, out: *mut *mut X509, callback: Option, @@ -1696,7 +1793,7 @@ extern { pub fn SSL_CTX_new(method: *const SSL_METHOD) -> *mut SSL_CTX; pub fn SSL_CTX_free(ctx: *mut SSL_CTX); pub fn SSL_CTX_ctrl(ctx: *mut SSL_CTX, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long; - pub fn SSL_CTX_callback_ctrl(ctx: *mut SSL_CTX, cmd: c_int, fp: Option) -> c_long; + pub fn SSL_CTX_callback_ctrl(ctx: *mut SSL_CTX, cmd: c_int, fp: Option) -> c_long; pub fn SSL_CTX_set_verify(ctx: *mut SSL_CTX, mode: c_int, verify_callback: Option c_int>); pub fn SSL_CTX_set_verify_depth(ctx: *mut SSL_CTX, depth: c_int); @@ -1749,6 +1846,8 @@ extern { client: *const c_uchar, client_len: c_uint) -> c_int; pub fn SSL_get0_next_proto_negotiated(s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint); pub fn SSL_get_session(s: *const SSL) -> *mut SSL_SESSION; + #[cfg(not(any(ossl101, libressl)))] + pub fn SSL_is_server(s: *mut SSL) -> c_int; pub fn SSL_SESSION_free(s: *mut SSL_SESSION); pub fn SSL_SESSION_get_id(s: *const SSL_SESSION, len: *mut c_uint) -> *const c_uchar; @@ -1785,6 +1884,8 @@ extern { pub fn X509_get_pubkey(x: *mut X509) -> *mut EVP_PKEY; pub fn X509_to_X509_REQ(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> *mut X509_REQ; pub fn X509_verify_cert_error_string(n: c_long) -> *const c_char; + pub fn X509_get1_ocsp(x: *mut X509) -> *mut stack_st_OPENSSL_STRING; + pub fn X509_check_issued(issuer: *mut X509, subject: *mut X509) -> c_int; pub fn X509_EXTENSION_free(ext: *mut X509_EXTENSION); @@ -1797,8 +1898,10 @@ extern { pub fn ASN1_STRING_free(x: *mut ASN1_STRING); pub fn ASN1_STRING_length(x: *const ASN1_STRING) -> c_int; + pub fn X509_STORE_new() -> *mut X509_STORE; pub fn X509_STORE_free(store: *mut X509_STORE); pub fn X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int; + pub fn X509_STORE_set_default_paths(store: *mut X509_STORE) -> c_int; pub fn X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX); pub fn X509_STORE_CTX_get_current_cert(ctx: *mut X509_STORE_CTX) -> *mut X509; diff --git a/openssl-sys/src/libressl.rs b/openssl-sys/src/libressl.rs index 2c747ffe..c1411e60 100644 --- a/openssl-sys/src/libressl.rs +++ b/openssl-sys/src/libressl.rs @@ -40,6 +40,16 @@ pub struct stack_st_void { pub stack: _STACK, } +#[repr(C)] +pub struct stack_st_SSL_CIPHER { + pub stack: _STACK, +} + +#[repr(C)] +pub struct stack_st_OPENSSL_STRING { + pub stack: _STACK, +} + #[repr(C)] pub struct _STACK { pub num: c_int, @@ -288,6 +298,100 @@ pub struct X509_VAL { pub notAfter: *mut ::ASN1_TIME, } +#[repr(C)] +pub struct SSL { + version: c_int, + type_: c_int, + method: *const ::SSL_METHOD, + rbio: *mut c_void, + wbio: *mut c_void, + bbio: *mut c_void, + rwstate: c_int, + in_handshake: c_int, + handshake_func: Option c_int>, + pub server: c_int, + new_session: c_int, + quiet_shutdown: c_int, + shutdown: c_int, + state: c_int, + rstate: c_int, + init_buf: *mut c_void, + init_msg: *mut c_void, + init_num: c_int, + init_off: c_int, + packet: *mut c_uchar, + packet_length: c_uint, + s3: *mut c_void, + d1: *mut c_void, + read_ahead: c_int, + msg_callback: Option, + msg_callback_arg: *mut c_void, + hit: c_int, + param: *mut c_void, + cipher_list: *mut stack_st_SSL_CIPHER, + cipher_list_by_id: *mut stack_st_SSL_CIPHER, + mac_flags: c_int, + aead_read_ctx: *mut c_void, + enc_read_ctx: *mut ::EVP_CIPHER_CTX, + read_hash: *mut ::EVP_MD_CTX, + aead_write_ctx: *mut c_void, + enc_write_ctx: *mut ::EVP_CIPHER_CTX, + write_hash: *mut ::EVP_MD_CTX, + cert: *mut c_void, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; ::SSL_MAX_SID_CTX_LENGTH as usize], + session: *mut ::SSL_SESSION, + generate_session_id: ::GEN_SESSION_CB, + verify_mode: c_int, + verify_callback: Option c_int>, + info_callback: Option, + error: c_int, + error_code: c_int, + ctx: *mut ::SSL_CTX, + debug: c_int, + verify_result: c_long, + ex_data: ::CRYPTO_EX_DATA, + client_CA: *mut stack_st_X509_NAME, + references: c_int, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + first_packet: c_int, + client_version: c_int, + max_send_fragment: c_uint, + tlsext_debug_cb: Option, + tlsext_debug_arg: *mut c_void, + tlsext_hostname: *mut c_char, + servername_done: c_int, + tlsext_status_type: c_int, + tlsext_status_expected: c_int, + tlsext_ocsp_ids: *mut c_void, + tlsext_ocsp_exts: *mut c_void, + tlsext_ocsp_resp: *mut c_uchar, + tlsext_ocsp_resplen: c_int, + tlsext_ticket_expected: c_int, + tlsext_ecpointformatlist_length: size_t, + tlsext_ecpointformatlist: *mut c_uchar, + tlsext_ellipticcurvelist_length: size_t, + tlsext_ellipticcurvelist: *mut c_uchar, + tlsext_session_ticket: *mut c_void, + tlsext_session_ticket_ext_cb: ::tls_session_ticket_ext_cb_fn, + tls_session_ticket_ext_cb_arg: *mut c_void, + tls_session_secret_cb: ::tls_session_secret_cb_fn, + tls_session_secret_cb_arg: *mut c_void, + initial_ctx: *mut ::SSL_CTX, + next_proto_negotiated: *mut c_uchar, + next_proto_negotiated_len: c_uchar, + srtp_profiles: *mut c_void, + srtp_profile: *mut c_void, + tlsext_heartbeat: c_uint, + tlsext_hb_pending: c_uint, + tlsext_hb_seq: c_uint, + alpn_client_proto_list: *mut c_uchar, + alpn_client_proto_list_len: c_uint, + renegotiate: c_int, +} + #[repr(C)] pub struct SSL_CTX { method: *mut c_void, @@ -515,6 +619,7 @@ extern { pub fn get_rfc3526_prime_6144(bn: *mut BIGNUM) -> *mut BIGNUM; pub fn get_rfc3526_prime_8192(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn CRYPTO_malloc(num: c_int, file: *const c_char, line: c_int) -> *mut c_void; pub fn CRYPTO_free(buf: *mut c_void); pub fn CRYPTO_num_locks() -> c_int; pub fn CRYPTO_set_locking_callback(func: unsafe extern "C" fn(mode: c_int, @@ -530,6 +635,8 @@ extern { cb: Option, cbarg: *mut c_void) -> *mut RSA; + pub fn OCSP_cert_to_id(dgst: *const ::EVP_MD, subject: *mut ::X509, issuer: *mut ::X509) -> *mut ::OCSP_CERTID; + pub fn SSL_library_init() -> c_int; pub fn SSL_load_error_strings(); pub fn OPENSSL_add_all_algorithms_noconf(); diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs index 037298c1..f721daaa 100644 --- a/openssl-sys/src/ossl10x.rs +++ b/openssl-sys/src/ossl10x.rs @@ -41,6 +41,16 @@ pub struct stack_st_void { pub stack: _STACK, } +#[repr(C)] +pub struct stack_st_SSL_CIPHER { + pub stack: _STACK, +} + +#[repr(C)] +pub struct stack_st_OPENSSL_STRING { + pub stack: _STACK, +} + #[repr(C)] pub struct _STACK { pub num: c_int, @@ -295,6 +305,143 @@ pub struct X509_VAL { pub notAfter: *mut ::ASN1_TIME, } +#[repr(C)] +pub struct SSL { + version: c_int, + type_: c_int, + method: *const ::SSL_METHOD, + rbio: *mut c_void, + wbio: *mut c_void, + bbio: *mut c_void, + rwstate: c_int, + in_handshake: c_int, + handshake_func: Option c_int>, + pub server: c_int, + new_session: c_int, + quiet_session: c_int, + shutdown: c_int, + state: c_int, + rstate: c_int, + init_buf: *mut c_void, + init_msg: *mut c_void, + init_num: c_int, + init_off: c_int, + packet: *mut c_uchar, + packet_length: c_uint, + s2: *mut c_void, + s3: *mut c_void, + d1: *mut c_void, + read_ahead: c_int, + msg_callback: Option, + msg_callback_arg: *mut c_void, + hit: c_int, + param: *mut c_void, + cipher_list: *mut stack_st_SSL_CIPHER, + cipher_list_by_id: *mut stack_st_SSL_CIPHER, + mac_flags: c_int, + enc_read_ctx: *mut ::EVP_CIPHER_CTX, + read_hash: *mut ::EVP_MD_CTX, + expand: *mut c_void, + enc_write_ctx: *mut ::EVP_CIPHER_CTX, + write_hash: *mut ::EVP_MD_CTX, + compress: *mut c_void, + cert: *mut c_void, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; ::SSL_MAX_SID_CTX_LENGTH as usize], + session: *mut ::SSL_SESSION, + generate_session_id: ::GEN_SESSION_CB, + verify_mode: c_int, + verify_callback: Option c_int>, + info_callback: Option, + error: c_int, + error_code: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] + kssl_ctx: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_client_callback: Option c_uint>, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_server_callback: Option c_uint>, + ctx: *mut ::SSL_CTX, + debug: c_int, + verify_result: c_long, + ex_data: ::CRYPTO_EX_DATA, + client_CA: *mut stack_st_X509_NAME, + references: c_int, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + first_packet: c_int, + client_version: c_int, + max_send_fragment: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_debug_cb: Option, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_debug_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hostname: *mut c_char, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + servername_done: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_type: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_expected: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_ids: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_exts: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_resp: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_resplen: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ticket_expected: c_int, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC")))] + tlsext_ecpointformatlist_length: size_t, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC")))] + tlsext_ecpointformatlist: *mut c_uchar, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC")))] + tlsext_ellipticcurvelist_length: size_t, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_EC")))] + tlsext_ellipticcurvelist: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input_len: size_t, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_session_ticket: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_session_ticket_ext_cb: ::tls_session_ticket_ext_cb_fn, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tls_session_ticket_ext_cb_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tls_session_secret_cb: ::tls_session_secret_cb_fn, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tls_session_secret_cb_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + initial_ctx: *mut ::SSL_CTX, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_NEXTPROTONEG")))] + next_proto_negotiated: *mut c_uchar, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), not(osslconf = "OPENSSL_NO_NEXTPROTONEG")))] + next_proto_negotiated_len: c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + srtp_profiles: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + srtp_profile: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_heartbeat: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hb_pending: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hb_seq: c_uint, + renegotiate: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + srp_ctx: ::SRP_CTX, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list: *mut c_uchar, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list_len: c_uint, +} + #[repr(C)] pub struct SSL_CTX { method: *mut c_void, @@ -617,6 +764,7 @@ extern { pub fn get_rfc3526_prime_6144(bn: *mut BIGNUM) -> *mut BIGNUM; pub fn get_rfc3526_prime_8192(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn CRYPTO_malloc(num: c_int, file: *const c_char, line: c_int) -> *mut c_void; pub fn CRYPTO_free(buf: *mut c_void); pub fn CRYPTO_num_locks() -> c_int; pub fn CRYPTO_set_locking_callback(func: unsafe extern "C" fn(mode: c_int, @@ -632,6 +780,8 @@ extern { cb: Option, cbarg: *mut c_void) -> *mut RSA; + pub fn OCSP_cert_to_id(dgst: *const ::EVP_MD, subject: *mut ::X509, issuer: *mut ::X509) -> *mut ::OCSP_CERTID; + pub fn SSL_library_init() -> c_int; pub fn SSL_load_error_strings(); pub fn OPENSSL_add_all_algorithms_noconf(); diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs index 898ad4a2..925b0d8a 100644 --- a/openssl-sys/src/ossl110.rs +++ b/openssl-sys/src/ossl110.rs @@ -12,6 +12,7 @@ pub enum EVP_PKEY {} pub enum HMAC_CTX {} pub enum OPENSSL_STACK {} pub enum RSA {} +pub enum SSL {} pub enum SSL_CTX {} pub enum SSL_SESSION {} pub enum stack_st_ASN1_OBJECT {} @@ -22,6 +23,7 @@ pub enum stack_st_X509 {} pub enum stack_st_X509_NAME {} pub enum stack_st_X509_ATTRIBUTE {} pub enum stack_st_X509_EXTENSION {} +pub enum stack_st_SSL_CIPHER {} pub enum X509 {} pub enum X509_VERIFY_PARAM {} @@ -63,11 +65,14 @@ extern { pub fn BN_get_rfc3526_prime_6144(bn: *mut BIGNUM) -> *mut BIGNUM; pub fn BN_get_rfc3526_prime_8192(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn CRYPTO_malloc(num: size_t, file: *const c_char, line: c_int) -> *mut c_void; pub fn CRYPTO_free(buf: *mut c_void, file: *const c_char, line: c_int); pub fn HMAC_CTX_new() -> *mut HMAC_CTX; pub fn HMAC_CTX_free(ctx: *mut HMAC_CTX); + pub fn OCSP_cert_to_id(dgst: *const ::EVP_MD, subject: *const ::X509, issuer: *const ::X509) -> *mut ::OCSP_CERTID; + pub fn TLS_method() -> *const ::SSL_METHOD; pub fn DTLS_method() -> *const ::SSL_METHOD; pub fn SSL_CIPHER_get_version(cipher: *const ::SSL_CIPHER) -> *const c_char; -- cgit v1.2.3 From d353b366811023049eb77189234abc8196f9372f Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 20 Jan 2017 22:34:30 +0000 Subject: Support AES IGE This is a special snowflake used only by Telegram apparently. Closes #523 --- openssl-sys/src/lib.rs | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 0cbd0da7..865061ee 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -76,6 +76,13 @@ pub enum point_conversion_form_t { POINT_CONVERSION_HYBRID = 6, } +#[repr(C)] +pub struct AES_KEY { + // There is some business with AES_LONG which is there to ensure the values here are 32 bits + rd_key: [u32; 4 * (AES_MAXNR as usize + 1)], + rounds: c_int, +} + #[repr(C)] pub struct GENERAL_NAME { pub type_: c_int, @@ -114,6 +121,12 @@ pub type PasswordCallback = unsafe extern fn(buf: *mut c_char, size: c_int, rwflag: c_int, user_data: *mut c_void) -> c_int; +pub const AES_ENCRYPT: c_int = 1; +pub const AES_DECRYPT: c_int = 0; + +pub const AES_MAXNR: c_int = 14; +pub const AES_BLOCK_SIZE: c_int = 16; + pub const BIO_TYPE_NONE: c_int = 0; pub const BIO_CTRL_EOF: c_int = 2; @@ -1368,6 +1381,10 @@ pub fn ERR_GET_REASON(l: c_ulong) -> c_int { } extern { + pub fn AES_set_encrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; + pub fn AES_set_decrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; + pub fn AES_ige_encrypt(in_: *const c_uchar, out: *mut c_uchar, length: size_t, key: *const AES_KEY, ivec: *mut c_uchar, enc: c_int); + pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int; pub fn ASN1_GENERALIZEDTIME_free(tm: *mut ASN1_GENERALIZEDTIME); pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int; -- cgit v1.2.3 From 26e159a5f07a36be24fc35221154fdaebcabdf02 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sat, 21 Jan 2017 11:11:24 +0000 Subject: Support chacha20 and chacha20_poly1305 --- openssl-sys/src/ossl110.rs | 3 +++ 1 file changed, 3 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs index 925b0d8a..75c6253e 100644 --- a/openssl-sys/src/ossl110.rs +++ b/openssl-sys/src/ossl110.rs @@ -68,6 +68,9 @@ extern { pub fn CRYPTO_malloc(num: size_t, file: *const c_char, line: c_int) -> *mut c_void; pub fn CRYPTO_free(buf: *mut c_void, file: *const c_char, line: c_int); + pub fn EVP_chacha20() -> *const ::EVP_CIPHER; + pub fn EVP_chacha20_poly1305() -> *const ::EVP_CIPHER; + pub fn HMAC_CTX_new() -> *mut HMAC_CTX; pub fn HMAC_CTX_free(ctx: *mut HMAC_CTX); -- cgit v1.2.3 From 54900976bb76d3cef4a78df48a3645b0ac49bb46 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Sun, 22 Jan 2017 10:44:59 +0000 Subject: Support EC_GROUP_set_asn1_flag Closes #561 --- openssl-sys/src/lib.rs | 3 +++ 1 file changed, 3 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 865061ee..970539d7 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1109,6 +1109,8 @@ pub const OCSP_RESPONSE_STATUS_TRYLATER: c_int = 3; pub const OCSP_RESPONSE_STATUS_SIGREQUIRED: c_int = 5; pub const OCSP_RESPONSE_STATUS_UNAUTHORIZED: c_int = 6; +pub const OPENSSL_EC_NAMED_CURVE: c_int = 1; + pub const PKCS5_SALT_LEN: c_int = 8; pub const RSA_F4: c_long = 0x10001; @@ -1510,6 +1512,7 @@ extern { pub fn EC_GROUP_get_curve_GF2m(group: *const EC_GROUP, p: *mut BIGNUM, a: *mut BIGNUM, b: *mut BIGNUM, ctx: *mut BN_CTX) -> c_int; pub fn EC_GROUP_get_degree(group: *const EC_GROUP) -> c_int; pub fn EC_GROUP_get_order(group: *const EC_GROUP, order: *mut BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn EC_GROUP_set_asn1_flag(key: *mut EC_GROUP, flag: c_int); pub fn EC_GROUP_free(group: *mut EC_GROUP); -- cgit v1.2.3 From 52c7868bb615b04feb01be88cd1f47af866f12ad Mon Sep 17 00:00:00 2001 From: Benjamin Fry Date: Sun, 22 Jan 2017 21:27:31 -0800 Subject: add pkcs12_create and to_der funcs --- openssl-sys/src/lib.rs | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 0cbd0da7..0af15251 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1951,7 +1951,19 @@ extern { pub fn i2d_RSAPrivateKey(k: *const RSA, buf: *mut *mut u8) -> c_int; pub fn d2i_RSAPrivateKey(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA; + pub fn i2d_PKCS12_bio(b: *mut BIO, a: *mut PKCS12) -> c_int; + pub fn i2d_PKCS12(a: *mut PKCS12, buf: *mut *mut u8) -> c_int; pub fn d2i_PKCS12(a: *mut *mut PKCS12, pp: *mut *const u8, length: c_long) -> *mut PKCS12; + pub fn PKCS12_create(pass: *const c_char, + friendly_name: *const c_char, + pkey: *const EVP_PKEY, + cert: *const X509, + ca: *const stack_st_X509, + nid_key: c_int, + nid_cert: c_int, + iter: c_int, + mac_iter: c_int, + keytype: c_int) -> *mut PKCS12; pub fn PKCS12_parse(p12: *mut PKCS12, pass: *const c_char, pkey: *mut *mut EVP_PKEY, -- cgit v1.2.3 From fbfecd63aeb0cd1ee24d017df2d89078a53bf0fe Mon Sep 17 00:00:00 2001 From: Benjamin Fry Date: Sun, 22 Jan 2017 22:23:21 -0800 Subject: add some documentation --- openssl-sys/src/lib.rs | 1 + 1 file changed, 1 insertion(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 0af15251..cf158601 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1097,6 +1097,7 @@ pub const OCSP_RESPONSE_STATUS_SIGREQUIRED: c_int = 5; pub const OCSP_RESPONSE_STATUS_UNAUTHORIZED: c_int = 6; pub const PKCS5_SALT_LEN: c_int = 8; +pub const PKCS12_DEFAULT_ITER: c_int = 2048; pub const RSA_F4: c_long = 0x10001; -- cgit v1.2.3 From 540387d5ee074a22a686da704a8f0bac85e02fa5 Mon Sep 17 00:00:00 2001 From: Benjamin Fry Date: Sun, 22 Jan 2017 22:43:27 -0800 Subject: fix ptr types --- openssl-sys/src/lib.rs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index f12e1f2d..7413be10 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1977,9 +1977,9 @@ extern { pub fn d2i_PKCS12(a: *mut *mut PKCS12, pp: *mut *const u8, length: c_long) -> *mut PKCS12; pub fn PKCS12_create(pass: *const c_char, friendly_name: *const c_char, - pkey: *const EVP_PKEY, - cert: *const X509, - ca: *const stack_st_X509, + pkey: *mut EVP_PKEY, + cert: *mut X509, + ca: *mut stack_st_X509, nid_key: c_int, nid_cert: c_int, iter: c_int, -- cgit v1.2.3 From 591022a7fa4b43d152154fd95bb67fce5ecfa28e Mon Sep 17 00:00:00 2001 From: Benjamin Fry Date: Mon, 23 Jan 2017 22:12:11 -0800 Subject: fix multi-version compat --- openssl-sys/src/lib.rs | 11 ----------- openssl-sys/src/libressl.rs | 12 ++++++++++++ openssl-sys/src/ossl10x.rs | 12 ++++++++++++ openssl-sys/src/ossl110.rs | 12 ++++++++++++ 4 files changed, 36 insertions(+), 11 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 7413be10..01be1b23 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -55,7 +55,6 @@ pub enum X509_REQ {} pub enum X509_STORE {} pub enum X509_STORE_CTX {} pub enum bio_st {} -pub enum PKCS12 {} pub enum DH_METHOD {} pub enum RSA_METHOD {} pub enum BN_MONT_CTX {} @@ -1975,16 +1974,6 @@ extern { pub fn i2d_PKCS12_bio(b: *mut BIO, a: *mut PKCS12) -> c_int; pub fn i2d_PKCS12(a: *mut PKCS12, buf: *mut *mut u8) -> c_int; pub fn d2i_PKCS12(a: *mut *mut PKCS12, pp: *mut *const u8, length: c_long) -> *mut PKCS12; - pub fn PKCS12_create(pass: *const c_char, - friendly_name: *const c_char, - pkey: *mut EVP_PKEY, - cert: *mut X509, - ca: *mut stack_st_X509, - nid_key: c_int, - nid_cert: c_int, - iter: c_int, - mac_iter: c_int, - keytype: c_int) -> *mut PKCS12; pub fn PKCS12_parse(p12: *mut PKCS12, pass: *const c_char, pkey: *mut *mut EVP_PKEY, diff --git a/openssl-sys/src/libressl.rs b/openssl-sys/src/libressl.rs index c1411e60..2862a47e 100644 --- a/openssl-sys/src/libressl.rs +++ b/openssl-sys/src/libressl.rs @@ -508,6 +508,7 @@ pub struct X509_VERIFY_PARAM { } pub enum X509_VERIFY_PARAM_ID {} +pub enum PKCS12 {} pub const SSL_CTRL_OPTIONS: c_int = 32; pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77; @@ -637,6 +638,17 @@ extern { pub fn OCSP_cert_to_id(dgst: *const ::EVP_MD, subject: *mut ::X509, issuer: *mut ::X509) -> *mut ::OCSP_CERTID; + pub fn PKCS12_create(pass: *mut c_char, + friendly_name: *mut c_char, + pkey: *mut EVP_PKEY, + cert: *mut X509, + ca: *mut stack_st_X509, + nid_key: c_int, + nid_cert: c_int, + iter: c_int, + mac_iter: c_int, + keytype: c_int) -> *mut PKCS12; + pub fn SSL_library_init() -> c_int; pub fn SSL_load_error_strings(); pub fn OPENSSL_add_all_algorithms_noconf(); diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs index f721daaa..14b7c414 100644 --- a/openssl-sys/src/ossl10x.rs +++ b/openssl-sys/src/ossl10x.rs @@ -653,6 +653,7 @@ pub struct X509_VERIFY_PARAM { #[cfg(not(ossl101))] pub enum X509_VERIFY_PARAM_ID {} +pub enum PKCS12 {} pub const SSL_CTRL_OPTIONS: c_int = 32; pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77; @@ -782,6 +783,17 @@ extern { pub fn OCSP_cert_to_id(dgst: *const ::EVP_MD, subject: *mut ::X509, issuer: *mut ::X509) -> *mut ::OCSP_CERTID; + pub fn PKCS12_create(pass: *mut c_char, + friendly_name: *mut c_char, + pkey: *mut EVP_PKEY, + cert: *mut X509, + ca: *mut stack_st_X509, + nid_key: c_int, + nid_cert: c_int, + iter: c_int, + mac_iter: c_int, + keytype: c_int) -> *mut PKCS12; + pub fn SSL_library_init() -> c_int; pub fn SSL_load_error_strings(); pub fn OPENSSL_add_all_algorithms_noconf(); diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs index 75c6253e..b7fdebab 100644 --- a/openssl-sys/src/ossl110.rs +++ b/openssl-sys/src/ossl110.rs @@ -11,6 +11,7 @@ pub enum EVP_MD_CTX {} pub enum EVP_PKEY {} pub enum HMAC_CTX {} pub enum OPENSSL_STACK {} +pub enum PKCS12 {} pub enum RSA {} pub enum SSL {} pub enum SSL_CTX {} @@ -179,4 +180,15 @@ extern { pub fn OPENSSL_sk_free(st: *mut ::OPENSSL_STACK); pub fn OPENSSL_sk_pop_free(st: *mut ::OPENSSL_STACK, free: Option); pub fn OPENSSL_sk_pop(st: *mut ::OPENSSL_STACK) -> *mut c_void; + + pub fn PKCS12_create(pass: *const c_char, + friendly_name: *const c_char, + pkey: *mut EVP_PKEY, + cert: *mut X509, + ca: *mut stack_st_X509, + nid_key: c_int, + nid_cert: c_int, + iter: c_int, + mac_iter: c_int, + keytype: c_int) -> *mut PKCS12; } -- cgit v1.2.3 From 557b936e27177718b62d31dcf3364f481bb15c2c Mon Sep 17 00:00:00 2001 From: mredlek Date: Thu, 26 Jan 2017 20:59:32 +0100 Subject: Added X509ReqRef.subject_name and X509ReqRef.version --- openssl-sys/src/lib.rs | 4 +++- openssl-sys/src/libressl.rs | 17 +++++++++++++++++ openssl-sys/src/ossl10x.rs | 17 +++++++++++++++++ openssl-sys/src/ossl110.rs | 6 ++++++ 4 files changed, 43 insertions(+), 1 deletion(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 01be1b23..e801ca98 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -51,7 +51,6 @@ pub enum X509_CRL {} pub enum X509_EXTENSION {} pub enum X509_NAME {} pub enum X509_NAME_ENTRY {} -pub enum X509_REQ {} pub enum X509_STORE {} pub enum X509_STORE_CTX {} pub enum bio_st {} @@ -1387,6 +1386,7 @@ extern { pub fn AES_set_decrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; pub fn AES_ige_encrypt(in_: *const c_uchar, out: *mut c_uchar, length: size_t, key: *const AES_KEY, ivec: *mut c_uchar, enc: c_int); + pub fn ASN1_INTEGER_get(dest: *mut ASN1_INTEGER) -> c_long; pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int; pub fn ASN1_GENERALIZEDTIME_free(tm: *mut ASN1_GENERALIZEDTIME); pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int; @@ -1918,6 +1918,8 @@ extern { pub fn ASN1_STRING_free(x: *mut ASN1_STRING); pub fn ASN1_STRING_length(x: *const ASN1_STRING) -> c_int; + pub fn ASN1_INTEGER_free(x: *mut ASN1_INTEGER); + pub fn X509_STORE_new() -> *mut X509_STORE; pub fn X509_STORE_free(store: *mut X509_STORE); pub fn X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int; diff --git a/openssl-sys/src/libressl.rs b/openssl-sys/src/libressl.rs index 2862a47e..0767df0d 100644 --- a/openssl-sys/src/libressl.rs +++ b/openssl-sys/src/libressl.rs @@ -298,6 +298,23 @@ pub struct X509_VAL { pub notAfter: *mut ::ASN1_TIME, } +#[repr(C)] +pub struct X509_REQ_INFO { + pub enc: ASN1_ENCODING, + pub version: *mut ::ASN1_INTEGER, + pub subject: *mut ::X509_NAME, + pub pubkey: *mut c_void, + pub attributes: *mut stack_st_X509_ATTRIBUTE +} + +#[repr(C)] +pub struct X509_REQ { + pub req_info: *mut X509_REQ_INFO, + pub sig_alg: *mut c_void, + pub signature: *mut c_void, + references: c_int +} + #[repr(C)] pub struct SSL { version: c_int, diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs index 14b7c414..d9729b0d 100644 --- a/openssl-sys/src/ossl10x.rs +++ b/openssl-sys/src/ossl10x.rs @@ -305,6 +305,23 @@ pub struct X509_VAL { pub notAfter: *mut ::ASN1_TIME, } +#[repr(C)] +pub struct X509_REQ_INFO { + pub enc: ASN1_ENCODING, + pub version: *mut ::ASN1_INTEGER, + pub subject: *mut ::X509_NAME, + pub pubkey: *mut c_void, + pub attributes: *mut stack_st_X509_ATTRIBUTE +} + +#[repr(C)] +pub struct X509_REQ { + pub req_info: *mut X509_REQ_INFO, + pub sig_alg: *mut c_void, + pub signature: *mut c_void, + references: c_int +} + #[repr(C)] pub struct SSL { version: c_int, diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs index b7fdebab..c3c95fa4 100644 --- a/openssl-sys/src/ossl110.rs +++ b/openssl-sys/src/ossl110.rs @@ -27,6 +27,7 @@ pub enum stack_st_X509_EXTENSION {} pub enum stack_st_SSL_CIPHER {} pub enum X509 {} pub enum X509_VERIFY_PARAM {} +pub enum X509_REQ {} pub const SSL_OP_MICROSOFT_SESS_ID_BUG: c_ulong = 0x00000000; pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: c_ulong = 0x00000000; @@ -191,4 +192,9 @@ extern { iter: c_int, mac_iter: c_int, keytype: c_int) -> *mut PKCS12; + pub fn X509_REQ_get_version(req: *const X509_REQ) -> c_long; + pub fn X509_REQ_set_version(x: *mut X509_REQ, version: c_long) -> c_int; + pub fn X509_REQ_get_subject_name(req: *const X509_REQ) -> *mut ::X509_NAME; + pub fn X509_REQ_set_subject_name(req: *mut X509_REQ, name: *mut ::X509_NAME) -> c_int; + } -- cgit v1.2.3 From 6a8f6f425f504459a6f4c54eac273f543c53a55e Mon Sep 17 00:00:00 2001 From: mredlek Date: Fri, 27 Jan 2017 19:11:05 +0100 Subject: Style changes according to review --- openssl-sys/src/lib.rs | 2 +- openssl-sys/src/libressl.rs | 6 +++--- openssl-sys/src/ossl10x.rs | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index e801ca98..47bc314c 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1386,7 +1386,7 @@ extern { pub fn AES_set_decrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; pub fn AES_ige_encrypt(in_: *const c_uchar, out: *mut c_uchar, length: size_t, key: *const AES_KEY, ivec: *mut c_uchar, enc: c_int); - pub fn ASN1_INTEGER_get(dest: *mut ASN1_INTEGER) -> c_long; + pub fn ASN1_INTEGER_get(dest: *const ASN1_INTEGER) -> c_long; pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int; pub fn ASN1_GENERALIZEDTIME_free(tm: *mut ASN1_GENERALIZEDTIME); pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int; diff --git a/openssl-sys/src/libressl.rs b/openssl-sys/src/libressl.rs index 0767df0d..fd115a98 100644 --- a/openssl-sys/src/libressl.rs +++ b/openssl-sys/src/libressl.rs @@ -303,15 +303,15 @@ pub struct X509_REQ_INFO { pub enc: ASN1_ENCODING, pub version: *mut ::ASN1_INTEGER, pub subject: *mut ::X509_NAME, - pub pubkey: *mut c_void, + pubkey: *mut c_void, pub attributes: *mut stack_st_X509_ATTRIBUTE } #[repr(C)] pub struct X509_REQ { pub req_info: *mut X509_REQ_INFO, - pub sig_alg: *mut c_void, - pub signature: *mut c_void, + sig_alg: *mut c_void, + signature: *mut c_void, references: c_int } diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs index d9729b0d..0b3376d0 100644 --- a/openssl-sys/src/ossl10x.rs +++ b/openssl-sys/src/ossl10x.rs @@ -310,15 +310,15 @@ pub struct X509_REQ_INFO { pub enc: ASN1_ENCODING, pub version: *mut ::ASN1_INTEGER, pub subject: *mut ::X509_NAME, - pub pubkey: *mut c_void, + pubkey: *mut c_void, pub attributes: *mut stack_st_X509_ATTRIBUTE } #[repr(C)] pub struct X509_REQ { pub req_info: *mut X509_REQ_INFO, - pub sig_alg: *mut c_void, - pub signature: *mut c_void, + sig_alg: *mut c_void, + signature: *mut c_void, references: c_int } -- cgit v1.2.3 From f5149eac5a5746c1cb45edab445ab0d240d33c86 Mon Sep 17 00:00:00 2001 From: mredlek Date: Fri, 27 Jan 2017 20:55:40 +0100 Subject: Add setters to new getter-functions in X509ReqRef --- openssl-sys/src/lib.rs | 3 +++ openssl-sys/src/ossl110.rs | 3 --- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 47bc314c..1340a63f 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1935,6 +1935,9 @@ extern { pub fn X509_REQ_add_extensions(req: *mut X509_REQ, exts: *mut stack_st_X509_EXTENSION) -> c_int; pub fn X509_REQ_sign(x: *mut X509_REQ, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; + pub fn X509_REQ_set_version(x: *mut X509_REQ, version: c_long) -> c_int; + pub fn X509_REQ_set_subject_name(req: *mut X509_REQ, name: *mut ::X509_NAME) -> c_int; + #[cfg(not(ossl101))] pub fn X509_VERIFY_PARAM_free(param: *mut X509_VERIFY_PARAM); diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs index c3c95fa4..84f08f29 100644 --- a/openssl-sys/src/ossl110.rs +++ b/openssl-sys/src/ossl110.rs @@ -193,8 +193,5 @@ extern { mac_iter: c_int, keytype: c_int) -> *mut PKCS12; pub fn X509_REQ_get_version(req: *const X509_REQ) -> c_long; - pub fn X509_REQ_set_version(x: *mut X509_REQ, version: c_long) -> c_int; pub fn X509_REQ_get_subject_name(req: *const X509_REQ) -> *mut ::X509_NAME; - pub fn X509_REQ_set_subject_name(req: *mut X509_REQ, name: *mut ::X509_NAME) -> c_int; - } -- cgit v1.2.3 From ddc0066211fb9adadd658bd04547dc143dcfbc5a Mon Sep 17 00:00:00 2001 From: Brian Chin Date: Fri, 27 Jan 2017 18:16:22 -0800 Subject: Add the necessary constants to access the pkey ctx stuff. --- openssl-sys/src/lib.rs | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 01be1b23..6b61aab7 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -151,6 +151,8 @@ pub const EVP_PKEY_DSA: c_int = NID_dsa; pub const EVP_PKEY_DH: c_int = NID_dhKeyAgreement; pub const EVP_PKEY_EC: c_int = NID_X9_62_id_ecPublicKey; +pub const EVP_PKEY_ALG_CTRL: c_int = 0x1000; + pub const EVP_CTRL_GCM_SET_IVLEN: c_int = 0x9; pub const EVP_CTRL_GCM_GET_TAG: c_int = 0x10; pub const EVP_CTRL_GCM_SET_TAG: c_int = 0x11; @@ -1121,6 +1123,10 @@ pub const RSA_NO_PADDING: c_int = 3; pub const RSA_PKCS1_OAEP_PADDING: c_int = 4; pub const RSA_X931_PADDING: c_int = 5; +pub const RSA_PKEY_CTRL_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 1; + +pub const RSA_PKEY_CTRL_GET_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 6; + pub const SSL_CTRL_SET_TMP_DH: c_int = 3; pub const SSL_CTRL_SET_TMP_ECDH: c_int = 4; pub const SSL_CTRL_EXTRA_CHAIN_CERT: c_int = 14; @@ -1726,6 +1732,7 @@ extern { pub fn RSA_new() -> *mut RSA; pub fn RSA_free(rsa: *mut RSA); pub fn RSA_generate_key_ex(rsa: *mut RSA, bits: c_int, e: *mut BIGNUM, cb: *mut BN_GENCB) -> c_int; + pub fn RSA_pkey_ctx_ctrl(ctx: *mut EVP_PKEY_CTX, optype: c_int, cmd: c_int, p1: c_int, p2: *mut c_void) -> c_int; pub fn RSA_private_decrypt(flen: c_int, from: *const u8, to: *mut u8, k: *mut RSA, pad: c_int) -> c_int; pub fn RSA_public_decrypt(flen: c_int, from: *const u8, to: *mut u8, k: *mut RSA, @@ -1996,3 +2003,12 @@ extern { md: *mut c_uchar, len: *mut c_uint) -> c_int; } + +// EVP_PKEY_CTX_ctrl macros +unsafe fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad: c_int) -> c_int { + RSA_pkey_ctx_ctrl(ctx, -1, RSA_PKEY_CTRL_RSA_PADDING, pad, ptr::null_mut()) +} + +unsafe fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut EVP_PKEY_CTX, ppad: *mut c_int) -> c_int { + RSA_pkey_ctx_ctrl(ctx, -1, RSA_PKEY_CTRL_GET_RSA_PADDING, 0, ppad as *mut c_void) +} -- cgit v1.2.3 From 588fd33552f9c84e8ed67c4cff35264b671362d9 Mon Sep 17 00:00:00 2001 From: Brian Chin Date: Mon, 30 Jan 2017 10:08:25 -0800 Subject: Testing first version that works with signer. --- openssl-sys/src/lib.rs | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 6b61aab7..7ef5f7fe 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1638,6 +1638,9 @@ extern { key: *const c_uchar, keylen: c_int) -> *mut EVP_PKEY; + + pub fn EVP_PKEY_CTX_ctrl(ctx: *mut EVP_PKEY_CTX, keytype: c_int, optype: c_int, cmd: c_int, p1: c_int, p2: *mut c_void) -> c_int; + pub fn HMAC_CTX_copy(dst: *mut HMAC_CTX, src: *mut HMAC_CTX) -> c_int; pub fn OCSP_BASICRESP_new() -> *mut OCSP_BASICRESP; @@ -1732,7 +1735,6 @@ extern { pub fn RSA_new() -> *mut RSA; pub fn RSA_free(rsa: *mut RSA); pub fn RSA_generate_key_ex(rsa: *mut RSA, bits: c_int, e: *mut BIGNUM, cb: *mut BN_GENCB) -> c_int; - pub fn RSA_pkey_ctx_ctrl(ctx: *mut EVP_PKEY_CTX, optype: c_int, cmd: c_int, p1: c_int, p2: *mut c_void) -> c_int; pub fn RSA_private_decrypt(flen: c_int, from: *const u8, to: *mut u8, k: *mut RSA, pad: c_int) -> c_int; pub fn RSA_public_decrypt(flen: c_int, from: *const u8, to: *mut u8, k: *mut RSA, @@ -2005,10 +2007,10 @@ extern { } // EVP_PKEY_CTX_ctrl macros -unsafe fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad: c_int) -> c_int { - RSA_pkey_ctx_ctrl(ctx, -1, RSA_PKEY_CTRL_RSA_PADDING, pad, ptr::null_mut()) +pub unsafe fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad: c_int) -> c_int { + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, RSA_PKEY_CTRL_RSA_PADDING, pad, ptr::null_mut()) } -unsafe fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut EVP_PKEY_CTX, ppad: *mut c_int) -> c_int { - RSA_pkey_ctx_ctrl(ctx, -1, RSA_PKEY_CTRL_GET_RSA_PADDING, 0, ppad as *mut c_void) +pub unsafe fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut EVP_PKEY_CTX, ppad: *mut c_int) -> c_int { + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, RSA_PKEY_CTRL_GET_RSA_PADDING, 0, ppad as *mut c_void) } -- cgit v1.2.3 From 20eed1e762f01ddac0a46b6471105dca8284ff8b Mon Sep 17 00:00:00 2001 From: Brian Chin Date: Mon, 30 Jan 2017 10:19:06 -0800 Subject: Simplify code, so that openssl-sys really doesn't contain anything aside from bindings --- openssl-sys/src/lib.rs | 9 --------- 1 file changed, 9 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 7ef5f7fe..9f89762b 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -2005,12 +2005,3 @@ extern { md: *mut c_uchar, len: *mut c_uint) -> c_int; } - -// EVP_PKEY_CTX_ctrl macros -pub unsafe fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad: c_int) -> c_int { - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, RSA_PKEY_CTRL_RSA_PADDING, pad, ptr::null_mut()) -} - -pub unsafe fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut EVP_PKEY_CTX, ppad: *mut c_int) -> c_int { - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, RSA_PKEY_CTRL_GET_RSA_PADDING, 0, ppad as *mut c_void) -} -- cgit v1.2.3 From 302ee77d32acb0b92fe563f29c36882e3b9b7d62 Mon Sep 17 00:00:00 2001 From: Brian Chin Date: Mon, 30 Jan 2017 16:51:10 -0800 Subject: Adding suggestions from review. --- openssl-sys/src/lib.rs | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 9f89762b..1859c3ba 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1310,6 +1310,15 @@ pub unsafe fn BIO_set_retry_write(b: *mut BIO) { BIO_set_flags(b, BIO_FLAGS_WRITE | BIO_FLAGS_SHOULD_RETRY) } +// EVP_PKEY_CTX_ctrl macros +pub unsafe fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad: c_int) -> c_int { + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, RSA_PKEY_CTRL_RSA_PADDING, pad, ptr::null_mut()) +} + +pub unsafe fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut EVP_PKEY_CTX, ppad: *mut c_int) -> c_int { + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, RSA_PKEY_CTRL_GET_RSA_PADDING, 0, ppad as *mut c_void) +} + pub unsafe fn SSL_CTX_set_mode(ctx: *mut SSL_CTX, op: c_long) -> c_long { SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, ptr::null_mut()) } -- cgit v1.2.3 From 4900d3fe5d8fe9f581940bd60e2d919155839fa8 Mon Sep 17 00:00:00 2001 From: Brian Chin Date: Tue, 31 Jan 2017 11:59:59 -0800 Subject: Fixed constant names from openssl/rsa.h Fixed PKeyCtxRef method that didn't need to be mutable. Added non-mutable accessors for PKeyCtxRef for Signer and Verifier. --- openssl-sys/src/lib.rs | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 1859c3ba..d18fa5ad 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -153,6 +153,10 @@ pub const EVP_PKEY_EC: c_int = NID_X9_62_id_ecPublicKey; pub const EVP_PKEY_ALG_CTRL: c_int = 0x1000; +pub const EVP_PKEY_CTRL_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 1; + +pub const EVP_PKEY_CTRL_GET_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 6; + pub const EVP_CTRL_GCM_SET_IVLEN: c_int = 0x9; pub const EVP_CTRL_GCM_GET_TAG: c_int = 0x10; pub const EVP_CTRL_GCM_SET_TAG: c_int = 0x11; @@ -1123,10 +1127,6 @@ pub const RSA_NO_PADDING: c_int = 3; pub const RSA_PKCS1_OAEP_PADDING: c_int = 4; pub const RSA_X931_PADDING: c_int = 5; -pub const RSA_PKEY_CTRL_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 1; - -pub const RSA_PKEY_CTRL_GET_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 6; - pub const SSL_CTRL_SET_TMP_DH: c_int = 3; pub const SSL_CTRL_SET_TMP_ECDH: c_int = 4; pub const SSL_CTRL_EXTRA_CHAIN_CERT: c_int = 14; @@ -1312,11 +1312,11 @@ pub unsafe fn BIO_set_retry_write(b: *mut BIO) { // EVP_PKEY_CTX_ctrl macros pub unsafe fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad: c_int) -> c_int { - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, RSA_PKEY_CTRL_RSA_PADDING, pad, ptr::null_mut()) + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, pad, ptr::null_mut()) } pub unsafe fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut EVP_PKEY_CTX, ppad: *mut c_int) -> c_int { - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, RSA_PKEY_CTRL_GET_RSA_PADDING, 0, ppad as *mut c_void) + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad as *mut c_void) } pub unsafe fn SSL_CTX_set_mode(ctx: *mut SSL_CTX, op: c_long) -> c_long { -- cgit v1.2.3 From a1d7956f828a5208f16d49871b7c1965d21a6893 Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 10 Feb 2017 19:38:51 -0800 Subject: Add Asn1BitString --- openssl-sys/src/lib.rs | 2 ++ 1 file changed, 2 insertions(+) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index d18fa5ad..37921021 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -26,6 +26,7 @@ pub use libressl::*; pub enum ASN1_INTEGER {} pub enum ASN1_GENERALIZEDTIME {} pub enum ASN1_STRING {} +pub enum ASN1_BIT_STRING {} pub enum ASN1_TIME {} pub enum ASN1_TYPE {} pub enum BN_CTX {} @@ -1408,6 +1409,7 @@ extern { pub fn ASN1_STRING_type_new(ty: c_int) -> *mut ASN1_STRING; pub fn ASN1_TIME_free(tm: *mut ASN1_TIME); pub fn ASN1_TIME_print(b: *mut BIO, tm: *const ASN1_TIME) -> c_int; + pub fn ASN1_BIT_STRING_free(x: *mut ASN1_BIT_STRING); pub fn BIO_ctrl(b: *mut BIO, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long; pub fn BIO_free_all(b: *mut BIO); -- cgit v1.2.3 From 8e5735d84c43cfc2a18c1178893eedf9b8373e8e Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 10 Feb 2017 19:59:11 -0800 Subject: X509 signature access --- openssl-sys/src/lib.rs | 1 + openssl-sys/src/libressl.rs | 4 ++-- openssl-sys/src/ossl10x.rs | 6 ++++-- openssl-sys/src/ossl110.rs | 1 + 4 files changed, 8 insertions(+), 4 deletions(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 37921021..817a6c88 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -48,6 +48,7 @@ pub enum OCSP_REQUEST {} pub enum OCSP_ONEREQ {} pub enum SSL_CIPHER {} pub enum SSL_METHOD {} +pub enum X509_ALGOR {} pub enum X509_CRL {} pub enum X509_EXTENSION {} pub enum X509_NAME {} diff --git a/openssl-sys/src/libressl.rs b/openssl-sys/src/libressl.rs index 2862a47e..d9a151f3 100644 --- a/openssl-sys/src/libressl.rs +++ b/openssl-sys/src/libressl.rs @@ -247,8 +247,8 @@ pub struct DH { #[repr(C)] pub struct X509 { pub cert_info: *mut X509_CINF, - sig_alg: *mut c_void, - signature: *mut c_void, + pub sig_alg: *mut ::X509_ALGOR, + pub signature: *mut ::ASN1_BIT_STRING, pub valid: c_int, pub references: c_int, pub name: *mut c_char, diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs index 14b7c414..061c880e 100644 --- a/openssl-sys/src/ossl10x.rs +++ b/openssl-sys/src/ossl10x.rs @@ -250,8 +250,8 @@ pub struct DH { #[repr(C)] pub struct X509 { pub cert_info: *mut X509_CINF, - sig_alg: *mut c_void, - signature: *mut c_void, + pub sig_alg: *mut ::X509_ALGOR, + pub signature: *mut ::ASN1_BIT_STRING, pub valid: c_int, pub references: c_int, pub name: *mut c_char, @@ -833,6 +833,8 @@ extern { pub fn X509_set_notAfter(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int; pub fn X509_set_notBefore(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int; pub fn X509_get_ext_d2i(x: *mut ::X509, nid: c_int, crit: *mut c_int, idx: *mut c_int) -> *mut c_void; + #[cfg(not(ossl101))] + pub fn X509_get0_signature(psig: *mut *mut ::ASN1_BIT_STRING, palg: *mut *mut ::X509_ALGOR, x: *const ::X509); pub fn X509_NAME_get_entry(n: *mut ::X509_NAME, loc: c_int) -> *mut ::X509_NAME_ENTRY; pub fn X509_NAME_ENTRY_get_data(ne: *mut ::X509_NAME_ENTRY) -> *mut ::ASN1_STRING; pub fn X509_STORE_CTX_get_chain(ctx: *mut ::X509_STORE_CTX) -> *mut stack_st_X509; diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs index b7fdebab..7cabac50 100644 --- a/openssl-sys/src/ossl110.rs +++ b/openssl-sys/src/ossl110.rs @@ -127,6 +127,7 @@ extern { pub fn SSL_CTX_clear_options(ctx: *mut ::SSL_CTX, op: c_ulong) -> c_ulong; pub fn X509_getm_notAfter(x: *const ::X509) -> *mut ::ASN1_TIME; pub fn X509_getm_notBefore(x: *const ::X509) -> *mut ::ASN1_TIME; + pub fn X509_get0_signature(psig: *mut *const ::ASN1_BIT_STRING, palg: *mut *const ::X509_ALGOR, x: *const ::X509); pub fn DH_set0_pqg(dh: *mut ::DH, p: *mut ::BIGNUM, q: *mut ::BIGNUM, -- cgit v1.2.3 From 03fe3015dc7f8ec321e483c3dde63766f1c365ad Mon Sep 17 00:00:00 2001 From: Steven Fackler Date: Fri, 10 Feb 2017 21:37:33 -0800 Subject: X509 signature algorithm access --- openssl-sys/src/lib.rs | 8 +++++++- openssl-sys/src/libressl.rs | 6 ++++++ openssl-sys/src/ossl10x.rs | 10 ++++++++++ openssl-sys/src/ossl110.rs | 3 +++ 4 files changed, 26 insertions(+), 1 deletion(-) (limited to 'openssl-sys/src') diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 817a6c88..68943c87 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -29,6 +29,7 @@ pub enum ASN1_STRING {} pub enum ASN1_BIT_STRING {} pub enum ASN1_TIME {} pub enum ASN1_TYPE {} +pub enum ASN1_OBJECT {} pub enum BN_CTX {} pub enum BN_GENCB {} pub enum CONF {} @@ -48,7 +49,6 @@ pub enum OCSP_REQUEST {} pub enum OCSP_ONEREQ {} pub enum SSL_CIPHER {} pub enum SSL_METHOD {} -pub enum X509_ALGOR {} pub enum X509_CRL {} pub enum X509_EXTENSION {} pub enum X509_NAME {} @@ -1411,6 +1411,7 @@ extern { pub fn ASN1_TIME_free(tm: *mut ASN1_TIME); pub fn ASN1_TIME_print(b: *mut BIO, tm: *const ASN1_TIME) -> c_int; pub fn ASN1_BIT_STRING_free(x: *mut ASN1_BIT_STRING); + pub fn ASN1_OBJECT_free(x: *mut ASN1_OBJECT); pub fn BIO_ctrl(b: *mut BIO, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long; pub fn BIO_free_all(b: *mut BIO); @@ -1655,6 +1656,9 @@ extern { pub fn HMAC_CTX_copy(dst: *mut HMAC_CTX, src: *mut HMAC_CTX) -> c_int; + pub fn OBJ_obj2nid(o: *const ASN1_OBJECT) -> c_int; + pub fn OBJ_obj2txt(buf: *mut c_char, buf_len: c_int, a: *const ASN1_OBJECT, no_name: c_int) -> c_int; + pub fn OCSP_BASICRESP_new() -> *mut OCSP_BASICRESP; pub fn OCSP_BASICRESP_free(r: *mut OCSP_BASICRESP); pub fn OCSP_basic_verify(bs: *mut OCSP_BASICRESP, certs: *mut stack_st_X509, st: *mut X509_STORE, flags: c_ulong) -> c_int; @@ -1928,6 +1932,8 @@ extern { pub fn X509_get1_ocsp(x: *mut X509) -> *mut stack_st_OPENSSL_STRING; pub fn X509_check_issued(issuer: *mut X509, subject: *mut X509) -> c_int; + pub fn X509_ALGOR_free(x: *mut X509_ALGOR); + pub fn X509_EXTENSION_free(ext: *mut X509_EXTENSION); pub fn X509_NAME_free(x: *mut X509_NAME); diff --git a/openssl-sys/src/libressl.rs b/openssl-sys/src/libressl.rs index d9a151f3..1bb17849 100644 --- a/openssl-sys/src/libressl.rs +++ b/openssl-sys/src/libressl.rs @@ -285,6 +285,12 @@ pub struct X509_CINF { enc: ASN1_ENCODING, } +#[repr(C)] +pub struct X509_ALGOR { + pub algorithm: *mut ::ASN1_OBJECT, + parameter: *mut c_void, +} + #[repr(C)] pub struct ASN1_ENCODING { pub enc: *mut c_uchar, diff --git a/openssl-sys/src/ossl10x.rs b/openssl-sys/src/ossl10x.rs index 061c880e..f709c46f 100644 --- a/openssl-sys/src/ossl10x.rs +++ b/openssl-sys/src/ossl10x.rs @@ -292,6 +292,12 @@ pub struct X509_CINF { enc: ASN1_ENCODING, } +#[repr(C)] +pub struct X509_ALGOR { + pub algorithm: *mut ::ASN1_OBJECT, + parameter: *mut c_void, +} + #[repr(C)] pub struct ASN1_ENCODING { pub enc: *mut c_uchar, @@ -835,6 +841,10 @@ extern { pub fn X509_get_ext_d2i(x: *mut ::X509, nid: c_int, crit: *mut c_int, idx: *mut c_int) -> *mut c_void; #[cfg(not(ossl101))] pub fn X509_get0_signature(psig: *mut *mut ::ASN1_BIT_STRING, palg: *mut *mut ::X509_ALGOR, x: *const ::X509); + #[cfg(not(ossl101))] + pub fn X509_get_signature_nid(x: *const X509) -> c_int; + #[cfg(not(ossl101))] + pub fn X509_ALGOR_get0(paobj: *mut *mut ::ASN1_OBJECT, pptype: *mut c_int, ppval: *mut *mut c_void, alg: *mut ::X509_ALGOR); pub fn X509_NAME_get_entry(n: *mut ::X509_NAME, loc: c_int) -> *mut ::X509_NAME_ENTRY; pub fn X509_NAME_ENTRY_get_data(ne: *mut ::X509_NAME_ENTRY) -> *mut ::ASN1_STRING; pub fn X509_STORE_CTX_get_chain(ctx: *mut ::X509_STORE_CTX) -> *mut stack_st_X509; diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs index 7cabac50..68a62c6c 100644 --- a/openssl-sys/src/ossl110.rs +++ b/openssl-sys/src/ossl110.rs @@ -26,6 +26,7 @@ pub enum stack_st_X509_ATTRIBUTE {} pub enum stack_st_X509_EXTENSION {} pub enum stack_st_SSL_CIPHER {} pub enum X509 {} +pub enum X509_ALGOR {} pub enum X509_VERIFY_PARAM {} pub const SSL_OP_MICROSOFT_SESS_ID_BUG: c_ulong = 0x00000000; @@ -84,6 +85,8 @@ extern { pub fn X509_set1_notAfter(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int; pub fn X509_set1_notBefore(x: *mut ::X509, tm: *const ::ASN1_TIME) -> c_int; pub fn X509_get_ext_d2i(x: *const ::X509, nid: c_int, crit: *mut c_int, idx: *mut c_int) -> *mut c_void; + pub fn X509_get_signature_nid(x: *const X509) -> c_int; + pub fn X509_ALGOR_get0(paobj: *mut *const ::ASN1_OBJECT, pptype: *mut c_int, ppval: *mut *const c_void, alg: *const ::X509_ALGOR); pub fn X509_NAME_get_entry(n: *const ::X509_NAME, loc: c_int) -> *mut ::X509_NAME_ENTRY; pub fn X509_NAME_ENTRY_get_data(ne: *const ::X509_NAME_ENTRY) -> *mut ::ASN1_STRING; pub fn X509V3_EXT_nconf_nid(conf: *mut ::CONF, ctx: *mut ::X509V3_CTX, ext_nid: c_int, value: *const c_char) -> *mut ::X509_EXTENSION; -- cgit v1.2.3