From fa622326490e1dd27df4d42b4097ca574deedb3f Mon Sep 17 00:00:00 2001
From: Steven Fackler <sfackler@gmail.com>
Date: Sat, 30 Jan 2016 12:55:22 -0800
Subject: Error reform

---
 openssl/src/crypto/pkey.rs | 37 +++++++++++++++++++++----------------
 openssl/src/crypto/rsa.rs  | 22 +++++++++++-----------
 2 files changed, 32 insertions(+), 27 deletions(-)

(limited to 'openssl/src/crypto')

diff --git a/openssl/src/crypto/pkey.rs b/openssl/src/crypto/pkey.rs
index ba0a16b6..1020a82e 100644
--- a/openssl/src/crypto/pkey.rs
+++ b/openssl/src/crypto/pkey.rs
@@ -8,8 +8,8 @@ use bio::MemBio;
 use crypto::hash;
 use crypto::hash::Type as HashType;
 use ffi;
-use ssl::error::{SslError, StreamError};
 use crypto::rsa::RSA;
+use error::ErrorStack;
 
 #[derive(Copy, Clone)]
 pub enum Parts {
@@ -85,17 +85,18 @@ impl PKey {
     }
 
     /// Reads private key from PEM, takes ownership of handle
-    pub fn private_key_from_pem<R>(reader: &mut R) -> Result<PKey, SslError>
+    pub fn private_key_from_pem<R>(reader: &mut R) -> io::Result<PKey>
         where R: Read
     {
         let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio).map_err(StreamError));
+        try!(io::copy(reader, &mut mem_bio));
 
         unsafe {
             let evp = try_ssl_null!(ffi::PEM_read_bio_PrivateKey(mem_bio.get_handle(),
                                                                  ptr::null_mut(),
                                                                  None,
                                                                  ptr::null_mut()));
+
             Ok(PKey {
                 evp: evp as *mut ffi::EVP_PKEY,
                 parts: Parts::Both,
@@ -104,11 +105,11 @@ impl PKey {
     }
 
     /// Reads public key from PEM, takes ownership of handle
-    pub fn public_key_from_pem<R>(reader: &mut R) -> Result<PKey, SslError>
+    pub fn public_key_from_pem<R>(reader: &mut R) -> io::Result<PKey>
         where R: Read
     {
         let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio).map_err(StreamError));
+        try!(io::copy(reader, &mut mem_bio));
 
         unsafe {
             let evp = try_ssl_null!(ffi::PEM_read_bio_PUBKEY(mem_bio.get_handle(),
@@ -123,13 +124,15 @@ impl PKey {
     }
 
     /// Reads an RSA private key from PEM, takes ownership of handle
-    pub fn private_rsa_key_from_pem<R>(reader: &mut R) -> Result<PKey, SslError>
+    pub fn private_rsa_key_from_pem<R>(reader: &mut R) -> io::Result<PKey>
     where R: Read
     {
         let rsa = try!(RSA::private_key_from_pem(reader));
         unsafe {
             let evp = try_ssl_null!(ffi::EVP_PKEY_new());
-            try_ssl!(ffi::EVP_PKEY_set1_RSA(evp, rsa.as_ptr()));
+            if ffi::EVP_PKEY_set1_RSA(evp, rsa.as_ptr()) == 0 {
+                return Err(io::Error::new(io::ErrorKind::Other, ErrorStack::get()));
+            }
 
             Ok(PKey {
                 evp: evp,
@@ -139,13 +142,15 @@ impl PKey {
     }
 
     /// Reads an RSA public key from PEM, takes ownership of handle
-    pub fn public_rsa_key_from_pem<R>(reader: &mut R) -> Result<PKey, SslError>
+    pub fn public_rsa_key_from_pem<R>(reader: &mut R) -> io::Result<PKey>
     where R: Read
     {
         let rsa = try!(RSA::public_key_from_pem(reader));
         unsafe {
             let evp = try_ssl_null!(ffi::EVP_PKEY_new());
-            try_ssl!(ffi::EVP_PKEY_set1_RSA(evp, rsa.as_ptr()));
+            if ffi::EVP_PKEY_set1_RSA(evp, rsa.as_ptr()) == 0 {
+                return Err(io::Error::new(io::ErrorKind::Other, ErrorStack::get()));
+            }
 
             Ok(PKey {
                 evp: evp,
@@ -260,7 +265,7 @@ impl PKey {
     // FIXME: also add password and encryption
     pub fn write_pem<W: Write>(&self,
                                writer: &mut W /* , password: Option<String> */)
-                               -> Result<(), SslError> {
+                               -> io::Result<()> {
         let mut mem_bio = try!(MemBio::new());
         unsafe {
             try_ssl!(ffi::PEM_write_bio_PrivateKey(mem_bio.get_handle(),
@@ -273,19 +278,19 @@ impl PKey {
 
         }
         let mut buf = vec![];
-        try!(mem_bio.read_to_end(&mut buf).map_err(StreamError));
-        writer.write_all(&buf).map_err(StreamError)
+        try!(mem_bio.read_to_end(&mut buf));
+        writer.write_all(&buf)
     }
 
     /// Stores public key as a PEM
     pub fn write_pub_pem<W: Write>(&self,
                                    writer: &mut W /* , password: Option<String> */)
-                                   -> Result<(), SslError> {
+                                   -> io::Result<()> {
         let mut mem_bio = try!(MemBio::new());
         unsafe { try_ssl!(ffi::PEM_write_bio_PUBKEY(mem_bio.get_handle(), self.evp)) }
         let mut buf = vec![];
-        try!(mem_bio.read_to_end(&mut buf).map_err(StreamError));
-        writer.write_all(&buf).map_err(StreamError)
+        try!(mem_bio.read_to_end(&mut buf));
+        writer.write_all(&buf)
     }
 
     /**
@@ -370,7 +375,7 @@ impl PKey {
                                               openssl_padding_code(padding));
 
             if rv < 0 as c_int {
-                // println!("{:?}", SslError::get());
+                // println!("{:?}", ErrorStack::get());
                 vec![]
             } else {
                 r.truncate(rv as usize);
diff --git a/openssl/src/crypto/rsa.rs b/openssl/src/crypto/rsa.rs
index 6fcb5b07..11970933 100644
--- a/openssl/src/crypto/rsa.rs
+++ b/openssl/src/crypto/rsa.rs
@@ -1,11 +1,11 @@
 use ffi;
 use std::fmt;
-use ssl::error::{SslError, StreamError};
 use std::ptr;
 use std::io::{self, Read};
 
 use bn::BigNum;
 use bio::MemBio;
+use error::ErrorStack;
 
 pub struct RSA(*mut ffi::RSA);
 
@@ -20,7 +20,7 @@ impl Drop for RSA {
 impl RSA {
     /// only useful for associating the key material directly with the key, it's safer to use
     /// the supplied load and save methods for DER formatted keys.
-    pub fn from_public_components(n: BigNum, e: BigNum) -> Result<RSA, SslError> {
+    pub fn from_public_components(n: BigNum, e: BigNum) -> Result<RSA, ErrorStack> {
         unsafe {
             let rsa = try_ssl_null!(ffi::RSA_new());
             (*rsa).n = n.into_raw();
@@ -35,11 +35,11 @@ impl RSA {
     }
 
     /// Reads an RSA private key from PEM formatted data.
-    pub fn private_key_from_pem<R>(reader: &mut R) -> Result<RSA, SslError>
+    pub fn private_key_from_pem<R>(reader: &mut R) -> io::Result<RSA>
     where R: Read
     {
         let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio).map_err(StreamError));
+        try!(io::copy(reader, &mut mem_bio));
 
         unsafe {
             let rsa = try_ssl_null!(ffi::PEM_read_bio_RSAPrivateKey(mem_bio.get_handle(),
@@ -51,11 +51,11 @@ impl RSA {
     }
 
     /// Reads an RSA public key from PEM formatted data.
-    pub fn public_key_from_pem<R>(reader: &mut R) -> Result<RSA, SslError>
+    pub fn public_key_from_pem<R>(reader: &mut R) -> io::Result<RSA>
     where R: Read
     {
         let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio).map_err(StreamError));
+        try!(io::copy(reader, &mut mem_bio));
 
         unsafe {
             let rsa = try_ssl_null!(ffi::PEM_read_bio_RSA_PUBKEY(mem_bio.get_handle(),
@@ -71,7 +71,7 @@ impl RSA {
     }
 
     // The following getters are unsafe, since BigNum::new_from_ffi fails upon null pointers
-    pub fn n(&self) -> Result<BigNum, SslError> {
+    pub fn n(&self) -> Result<BigNum, ErrorStack> {
         unsafe {
             BigNum::new_from_ffi((*self.0).n)
         }
@@ -83,13 +83,13 @@ impl RSA {
         }
     }
 
-    pub fn d(&self) -> Result<BigNum, SslError> {
+    pub fn d(&self) -> Result<BigNum, ErrorStack> {
         unsafe {
             BigNum::new_from_ffi((*self.0).d)
         }
     }
 
-    pub fn e(&self) -> Result<BigNum, SslError> {
+    pub fn e(&self) -> Result<BigNum, ErrorStack> {
         unsafe {
             BigNum::new_from_ffi((*self.0).e)
         }
@@ -101,13 +101,13 @@ impl RSA {
         }
     }
 
-    pub fn p(&self) -> Result<BigNum, SslError> {
+    pub fn p(&self) -> Result<BigNum, ErrorStack> {
         unsafe {
             BigNum::new_from_ffi((*self.0).p)
         }
     }
 
-    pub fn q(&self) -> Result<BigNum, SslError> {
+    pub fn q(&self) -> Result<BigNum, ErrorStack> {
         unsafe {
             BigNum::new_from_ffi((*self.0).q)
         }
-- 
cgit v1.2.3


From e86eb68624592a31b4f59d27e6a9ace7c034e0bf Mon Sep 17 00:00:00 2001
From: Steven Fackler <sfackler@gmail.com>
Date: Sun, 31 Jul 2016 15:49:09 -0700
Subject: Fix catch_unwind feature and drop feature gate

---
 openssl/src/crypto/dsa.rs  | 15 ++++-----------
 openssl/src/crypto/mod.rs  |  1 -
 openssl/src/crypto/pkey.rs | 13 +++----------
 openssl/src/crypto/rsa.rs  | 14 +++-----------
 4 files changed, 10 insertions(+), 33 deletions(-)

(limited to 'openssl/src/crypto')

diff --git a/openssl/src/crypto/dsa.rs b/openssl/src/crypto/dsa.rs
index 36806a48..df6c255b 100644
--- a/openssl/src/crypto/dsa.rs
+++ b/openssl/src/crypto/dsa.rs
@@ -3,18 +3,15 @@ use std::fmt;
 use error::ErrorStack;
 use std::ptr;
 use std::io::{self, Read, Write};
-use libc::{c_uint, c_int};
+use libc::{c_uint, c_int, c_char, c_void};
 
 use bn::BigNum;
 use bio::MemBio;
 use crypto::hash;
 use crypto::HashTypeInternals;
-
-#[cfg(feature = "catch_unwind")]
-use libc::{c_char, c_void};
-#[cfg(feature = "catch_unwind")]
 use crypto::util::{CallbackState, invoke_passwd_cb};
 
+
 /// Builder for upfront DSA parameter generateration
 pub struct DSAParams(*mut ffi::DSA);
 
@@ -94,15 +91,12 @@ impl DSA {
     ///
     /// The callback will be passed the password buffer and should return the number of characters
     /// placed into the buffer.
-    ///
-    /// Requires the `catch_unwind` feature.
-    #[cfg(feature = "catch_unwind")]
-    pub fn private_key_from_pem_cb<R, F>(reader: &mut R, pass_cb: F) -> Result<DSA, ErrorStack>
+    pub fn private_key_from_pem_cb<R, F>(reader: &mut R, pass_cb: F) -> io::Result<DSA>
         where R: Read, F: FnOnce(&mut [c_char]) -> usize
     {
         let mut cb = CallbackState::new(pass_cb);
         let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio).map_err(StreamError));
+        try!(io::copy(reader, &mut mem_bio));
 
         unsafe {
             let cb_ptr = &mut cb as *mut _ as *mut c_void;
@@ -331,7 +325,6 @@ mod test {
     }
 
     #[test]
-    #[cfg(feature = "catch_unwind")]
     pub fn test_password() {
         let mut password_queried = false;
         let mut buffer = File::open("test/dsa-encrypted.pem").unwrap();
diff --git a/openssl/src/crypto/mod.rs b/openssl/src/crypto/mod.rs
index 6a34bd59..5b891ce7 100644
--- a/openssl/src/crypto/mod.rs
+++ b/openssl/src/crypto/mod.rs
@@ -25,7 +25,6 @@ pub mod symm;
 pub mod memcmp;
 pub mod rsa;
 pub mod dsa;
-#[cfg(feature = "catch_unwind")]
 mod util;
 
 mod symm_internal;
diff --git a/openssl/src/crypto/pkey.rs b/openssl/src/crypto/pkey.rs
index 0231cc95..29feb016 100644
--- a/openssl/src/crypto/pkey.rs
+++ b/openssl/src/crypto/pkey.rs
@@ -1,4 +1,4 @@
-use libc::{c_int, c_uint, c_ulong};
+use libc::{c_int, c_uint, c_ulong, c_void, c_char};
 use std::io;
 use std::io::prelude::*;
 use std::iter::repeat;
@@ -12,10 +12,6 @@ use crypto::hash::Type as HashType;
 use ffi;
 use crypto::rsa::RSA;
 use error::ErrorStack;
-
-#[cfg(feature = "catch_unwind")]
-use libc::{c_void, c_char};
-#[cfg(feature = "catch_unwind")]
 use crypto::util::{CallbackState, invoke_passwd_cb};
 
 #[derive(Copy, Clone)]
@@ -104,16 +100,13 @@ impl PKey {
     ///
     /// The callback will be passed the password buffer and should return the number of characters
     /// placed into the buffer.
-    ///
-    /// Requires the `catch_unwind` feature.
-    #[cfg(feature = "catch_unwind")]
-    pub fn private_key_from_pem_cb<R, F>(reader: &mut R, pass_cb: F) -> Result<PKey, SslError>
+    pub fn private_key_from_pem_cb<R, F>(reader: &mut R, pass_cb: F) -> io::Result<PKey>
         where R: Read, F: FnOnce(&mut [c_char]) -> usize
     {
         let mut cb = CallbackState::new(pass_cb);
 
         let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio).map_err(StreamError));
+        try!(io::copy(reader, &mut mem_bio));
 
         unsafe {
             let evp = try_ssl_null!(ffi::PEM_read_bio_PrivateKey(mem_bio.get_handle(),
diff --git a/openssl/src/crypto/rsa.rs b/openssl/src/crypto/rsa.rs
index b403eab5..cf946d35 100644
--- a/openssl/src/crypto/rsa.rs
+++ b/openssl/src/crypto/rsa.rs
@@ -2,17 +2,13 @@ use ffi;
 use std::fmt;
 use std::ptr;
 use std::io::{self, Read, Write};
-use libc::c_int;
+use libc::{c_int, c_void, c_char};
 
 use bn::BigNum;
 use bio::MemBio;
 use error::ErrorStack;
 use crypto::HashTypeInternals;
 use crypto::hash;
-
-#[cfg(feature = "catch_unwind")]
-use libc::{c_void, c_char};
-#[cfg(feature = "catch_unwind")]
 use crypto::util::{CallbackState, invoke_passwd_cb};
 
 pub struct RSA(*mut ffi::RSA);
@@ -82,16 +78,13 @@ impl RSA {
     }
 
     /// Reads an RSA private key from PEM formatted data and supplies a password callback.
-    ///
-    /// Requires the `catch_unwind` feature.
-    #[cfg(feature = "catch_unwind")]
-    pub fn private_key_from_pem_cb<R, F>(reader: &mut R, pass_cb: F) -> Result<RSA, ErrorStack>
+    pub fn private_key_from_pem_cb<R, F>(reader: &mut R, pass_cb: F) -> io::Result<RSA>
         where R: Read, F: FnOnce(&mut [c_char]) -> usize
     {
         let mut cb = CallbackState::new(pass_cb);
 
         let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio).map_err(StreamError));
+        try!(io::copy(reader, &mut mem_bio));
 
         unsafe {
             let cb_ptr = &mut cb as *mut _ as *mut c_void;
@@ -303,7 +296,6 @@ mod test {
     }
 
     #[test]
-    #[cfg(feature = "catch_unwind")]
     pub fn test_password() {
         let mut password_queried = false;
         let mut buffer = File::open("test/rsa-encrypted.pem").unwrap();
-- 
cgit v1.2.3


From f1b64aa2eefc98630efefed223ae30a1c33d85e0 Mon Sep 17 00:00:00 2001
From: Steven Fackler <sfackler@gmail.com>
Date: Sun, 31 Jul 2016 15:59:34 -0700
Subject: Fix weird inference issue on 1.9

---
 openssl/src/crypto/dsa.rs | 14 ++++++++------
 openssl/src/crypto/rsa.rs | 14 ++++++++------
 2 files changed, 16 insertions(+), 12 deletions(-)

(limited to 'openssl/src/crypto')

diff --git a/openssl/src/crypto/dsa.rs b/openssl/src/crypto/dsa.rs
index df6c255b..a1e4572a 100644
--- a/openssl/src/crypto/dsa.rs
+++ b/openssl/src/crypto/dsa.rs
@@ -245,6 +245,8 @@ impl fmt::Debug for DSA {
 mod test {
     use std::fs::File;
     use std::io::{Write, Cursor};
+    use libc::c_char;
+
     use super::*;
     use crypto::hash::*;
 
@@ -330,12 +332,12 @@ mod test {
         let mut buffer = File::open("test/dsa-encrypted.pem").unwrap();
         DSA::private_key_from_pem_cb(&mut buffer, |password| {
             password_queried = true;
-            password[0] = b'm' as _;
-            password[1] = b'y' as _;
-            password[2] = b'p' as _;
-            password[3] = b'a' as _;
-            password[4] = b's' as _;
-            password[5] = b's' as _;
+            password[0] = b'm' as c_char;
+            password[1] = b'y' as c_char;
+            password[2] = b'p' as c_char;
+            password[3] = b'a' as c_char;
+            password[4] = b's' as c_char;
+            password[5] = b's' as c_char;
             6
         }).unwrap();
 
diff --git a/openssl/src/crypto/rsa.rs b/openssl/src/crypto/rsa.rs
index cf946d35..05c1c774 100644
--- a/openssl/src/crypto/rsa.rs
+++ b/openssl/src/crypto/rsa.rs
@@ -238,6 +238,8 @@ impl fmt::Debug for RSA {
 mod test {
     use std::fs::File;
     use std::io::Write;
+    use libc::c_char;
+
     use super::*;
     use crypto::hash::*;
 
@@ -301,12 +303,12 @@ mod test {
         let mut buffer = File::open("test/rsa-encrypted.pem").unwrap();
         RSA::private_key_from_pem_cb(&mut buffer, |password| {
             password_queried = true;
-            password[0] = b'm' as _;
-            password[1] = b'y' as _;
-            password[2] = b'p' as _;
-            password[3] = b'a' as _;
-            password[4] = b's' as _;
-            password[5] = b's' as _;
+            password[0] = b'm' as c_char;
+            password[1] = b'y' as c_char;
+            password[2] = b'p' as c_char;
+            password[3] = b'a' as c_char;
+            password[4] = b's' as c_char;
+            password[5] = b's' as c_char;
             6
         }).unwrap();
 
-- 
cgit v1.2.3


From 08e27f31ed851873f7684ac806b837e8cff4a28f Mon Sep 17 00:00:00 2001
From: Steven Fackler <sfackler@gmail.com>
Date: Tue, 2 Aug 2016 20:48:42 -0700
Subject: Restructure PEM input/output methods

Dealing with byte buffers directly avoids error handling weirdness and
we were loading it all into memory before anyway.
---
 openssl/src/crypto/dsa.rs  |  75 ++++++++++++-----------------
 openssl/src/crypto/pkey.rs | 114 +++++++++++++--------------------------------
 openssl/src/crypto/rsa.rs  |  58 ++++++++---------------
 3 files changed, 82 insertions(+), 165 deletions(-)

(limited to 'openssl/src/crypto')

diff --git a/openssl/src/crypto/dsa.rs b/openssl/src/crypto/dsa.rs
index a1e4572a..de35893b 100644
--- a/openssl/src/crypto/dsa.rs
+++ b/openssl/src/crypto/dsa.rs
@@ -2,11 +2,10 @@ use ffi;
 use std::fmt;
 use error::ErrorStack;
 use std::ptr;
-use std::io::{self, Read, Write};
 use libc::{c_uint, c_int, c_char, c_void};
 
 use bn::BigNum;
-use bio::MemBio;
+use bio::{MemBio, MemBioSlice};
 use crypto::hash;
 use crypto::HashTypeInternals;
 use crypto::util::{CallbackState, invoke_passwd_cb};
@@ -69,11 +68,9 @@ impl DSA {
     }
 
     /// Reads a DSA private key from PEM formatted data.
-    pub fn private_key_from_pem<R>(reader: &mut R) -> io::Result<DSA>
-        where R: Read
-    {
-        let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio));
+    pub fn private_key_from_pem(buf: &[u8]) -> Result<DSA, ErrorStack> {
+        ffi::init();
+        let mem_bio = try!(MemBioSlice::new(buf));
 
         unsafe {
             let dsa = try_ssl_null!(ffi::PEM_read_bio_DSAPrivateKey(mem_bio.get_handle(),
@@ -91,12 +88,12 @@ impl DSA {
     ///
     /// The callback will be passed the password buffer and should return the number of characters
     /// placed into the buffer.
-    pub fn private_key_from_pem_cb<R, F>(reader: &mut R, pass_cb: F) -> io::Result<DSA>
-        where R: Read, F: FnOnce(&mut [c_char]) -> usize
+    pub fn private_key_from_pem_cb<F>(buf: &[u8], pass_cb: F) -> Result<DSA, ErrorStack>
+        where F: FnOnce(&mut [c_char]) -> usize
     {
+        ffi::init();
         let mut cb = CallbackState::new(pass_cb);
-        let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio));
+        let mem_bio = try!(MemBioSlice::new(buf));
 
         unsafe {
             let cb_ptr = &mut cb as *mut _ as *mut c_void;
@@ -111,11 +108,10 @@ impl DSA {
     }
 
     /// Writes an DSA private key as unencrypted PEM formatted data
-    pub fn private_key_to_pem<W>(&self, writer: &mut W) -> io::Result<()>
-        where W: Write
+    pub fn private_key_to_pem(&self) -> Result<Vec<u8>, ErrorStack>
     {
         assert!(self.has_private_key());
-        let mut mem_bio = try!(MemBio::new());
+        let mem_bio = try!(MemBio::new());
 
         unsafe {
             try_ssl!(ffi::PEM_write_bio_DSAPrivateKey(mem_bio.get_handle(), self.0,
@@ -123,18 +119,15 @@ impl DSA {
                                               None, ptr::null_mut()))
         };
 
-
-        try!(io::copy(&mut mem_bio, writer));
-        Ok(())
+        Ok(mem_bio.get_buf().to_owned())
     }
 
     /// Reads an DSA public key from PEM formatted data.
-    pub fn public_key_from_pem<R>(reader: &mut R) -> io::Result<DSA>
-        where R: Read
+    pub fn public_key_from_pem(buf: &[u8]) -> Result<DSA, ErrorStack>
     {
-        let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio));
+        ffi::init();
 
+        let mem_bio = try!(MemBioSlice::new(buf));
         unsafe {
             let dsa = try_ssl_null!(ffi::PEM_read_bio_DSA_PUBKEY(mem_bio.get_handle(),
                                                                  ptr::null_mut(),
@@ -145,15 +138,10 @@ impl DSA {
     }
 
     /// Writes an DSA public key as PEM formatted data
-    pub fn public_key_to_pem<W>(&self, writer: &mut W) -> io::Result<()>
-        where W: Write
-    {
-        let mut mem_bio = try!(MemBio::new());
-
+    pub fn public_key_to_pem(&self) -> Result<Vec<u8>, ErrorStack> {
+        let mem_bio = try!(MemBio::new());
         unsafe { try_ssl!(ffi::PEM_write_bio_DSA_PUBKEY(mem_bio.get_handle(), self.0)) };
-
-        try!(io::copy(&mut mem_bio, writer));
-        Ok(())
+        Ok(mem_bio.get_buf().to_owned())
     }
 
     pub fn size(&self) -> Option<u32> {
@@ -243,8 +231,7 @@ impl fmt::Debug for DSA {
 
 #[cfg(test)]
 mod test {
-    use std::fs::File;
-    use std::io::{Write, Cursor};
+    use std::io::Write;
     use libc::c_char;
 
     use super::*;
@@ -253,11 +240,9 @@ mod test {
     #[test]
     pub fn test_generate() {
         let key = DSA::generate(1024).unwrap();
-        let mut priv_buf = Cursor::new(vec![]);
-        let mut pub_buf = Cursor::new(vec![]);
 
-        key.public_key_to_pem(&mut pub_buf).unwrap();
-        key.private_key_to_pem(&mut priv_buf).unwrap();
+        key.public_key_to_pem().unwrap();
+        key.private_key_to_pem().unwrap();
 
         let input: Vec<u8> = (0..25).cycle().take(1024).collect();
 
@@ -277,13 +262,13 @@ mod test {
         let input: Vec<u8> = (0..25).cycle().take(1024).collect();
 
         let private_key = {
-            let mut buffer = File::open("test/dsa.pem").unwrap();
-            DSA::private_key_from_pem(&mut buffer).unwrap()
+            let key = include_bytes!("../../test/dsa.pem");
+            DSA::private_key_from_pem(key).unwrap()
         };
 
         let public_key = {
-            let mut buffer = File::open("test/dsa.pem.pub").unwrap();
-            DSA::public_key_from_pem(&mut buffer).unwrap()
+            let key = include_bytes!("../../test/dsa.pem.pub");
+            DSA::public_key_from_pem(key).unwrap()
         };
 
         let digest = {
@@ -301,13 +286,13 @@ mod test {
     pub fn test_sign_verify_fail() {
         let input: Vec<u8> = (0..25).cycle().take(128).collect();
         let private_key = {
-            let mut buffer = File::open("test/dsa.pem").unwrap();
-            DSA::private_key_from_pem(&mut buffer).unwrap()
+            let key = include_bytes!("../../test/dsa.pem");
+            DSA::private_key_from_pem(key).unwrap()
         };
 
         let public_key = {
-            let mut buffer = File::open("test/dsa.pem.pub").unwrap();
-            DSA::public_key_from_pem(&mut buffer).unwrap()
+            let key = include_bytes!("../../test/dsa.pem.pub");
+            DSA::public_key_from_pem(key).unwrap()
         };
 
         let digest = {
@@ -329,8 +314,8 @@ mod test {
     #[test]
     pub fn test_password() {
         let mut password_queried = false;
-        let mut buffer = File::open("test/dsa-encrypted.pem").unwrap();
-        DSA::private_key_from_pem_cb(&mut buffer, |password| {
+        let key = include_bytes!("../../test/dsa-encrypted.pem");
+        DSA::private_key_from_pem_cb(key, |password| {
             password_queried = true;
             password[0] = b'm' as c_char;
             password[1] = b'y' as c_char;
diff --git a/openssl/src/crypto/pkey.rs b/openssl/src/crypto/pkey.rs
index 29feb016..ab9a4a95 100644
--- a/openssl/src/crypto/pkey.rs
+++ b/openssl/src/crypto/pkey.rs
@@ -1,10 +1,8 @@
 use libc::{c_int, c_uint, c_ulong, c_void, c_char};
-use std::io;
-use std::io::prelude::*;
 use std::iter::repeat;
 use std::mem;
 use std::ptr;
-use bio::MemBio;
+use bio::{MemBio, MemBioSlice};
 
 use crypto::HashTypeInternals;
 use crypto::hash;
@@ -76,12 +74,8 @@ impl PKey {
     }
 
     /// Reads private key from PEM, takes ownership of handle
-    pub fn private_key_from_pem<R>(reader: &mut R) -> io::Result<PKey>
-        where R: Read
-    {
-        let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio));
-
+    pub fn private_key_from_pem(buf: &[u8]) -> Result<PKey, ErrorStack> {
+        let mem_bio = try!(MemBioSlice::new(buf));
         unsafe {
             let evp = try_ssl_null!(ffi::PEM_read_bio_PrivateKey(mem_bio.get_handle(),
                                                                  ptr::null_mut(),
@@ -100,14 +94,11 @@ impl PKey {
     ///
     /// The callback will be passed the password buffer and should return the number of characters
     /// placed into the buffer.
-    pub fn private_key_from_pem_cb<R, F>(reader: &mut R, pass_cb: F) -> io::Result<PKey>
-        where R: Read, F: FnOnce(&mut [c_char]) -> usize
+    pub fn private_key_from_pem_cb<F>(buf: &[u8], pass_cb: F) -> Result<PKey, ErrorStack>
+        where F: FnOnce(&mut [c_char]) -> usize
     {
         let mut cb = CallbackState::new(pass_cb);
-
-        let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio));
-
+        let mem_bio = try!(MemBioSlice::new(buf));
         unsafe {
             let evp = try_ssl_null!(ffi::PEM_read_bio_PrivateKey(mem_bio.get_handle(),
                                                                  ptr::null_mut(),
@@ -122,12 +113,8 @@ impl PKey {
     }
 
     /// Reads public key from PEM, takes ownership of handle
-    pub fn public_key_from_pem<R>(reader: &mut R) -> io::Result<PKey>
-        where R: Read
-    {
-        let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio));
-
+    pub fn public_key_from_pem(buf: &[u8]) -> Result<PKey, ErrorStack> {
+        let mem_bio = try!(MemBioSlice::new(buf));
         unsafe {
             let evp = try_ssl_null!(ffi::PEM_read_bio_PUBKEY(mem_bio.get_handle(),
                                                              ptr::null_mut(),
@@ -141,14 +128,12 @@ impl PKey {
     }
 
     /// Reads an RSA private key from PEM, takes ownership of handle
-    pub fn private_rsa_key_from_pem<R>(reader: &mut R) -> io::Result<PKey>
-        where R: Read
-    {
-        let rsa = try!(RSA::private_key_from_pem(reader));
+    pub fn private_rsa_key_from_pem(buf: &[u8]) -> Result<PKey, ErrorStack> {
+        let rsa = try!(RSA::private_key_from_pem(buf));
         unsafe {
             let evp = try_ssl_null!(ffi::EVP_PKEY_new());
             if ffi::EVP_PKEY_set1_RSA(evp, rsa.as_ptr()) == 0 {
-                return Err(io::Error::new(io::ErrorKind::Other, ErrorStack::get()));
+                return Err(ErrorStack::get());
             }
 
             Ok(PKey {
@@ -159,14 +144,12 @@ impl PKey {
     }
 
     /// Reads an RSA public key from PEM, takes ownership of handle
-    pub fn public_rsa_key_from_pem<R>(reader: &mut R) -> io::Result<PKey>
-        where R: Read
-    {
-        let rsa = try!(RSA::public_key_from_pem(reader));
+    pub fn public_rsa_key_from_pem(buf: &[u8]) -> Result<PKey, ErrorStack> {
+        let rsa = try!(RSA::public_key_from_pem(buf));
         unsafe {
             let evp = try_ssl_null!(ffi::EVP_PKEY_new());
             if ffi::EVP_PKEY_set1_RSA(evp, rsa.as_ptr()) == 0 {
-                return Err(io::Error::new(io::ErrorKind::Other, ErrorStack::get()));
+                return Err(ErrorStack::get());
             }
 
             Ok(PKey {
@@ -280,10 +263,8 @@ impl PKey {
 
     /// Stores private key as a PEM
     // FIXME: also add password and encryption
-    pub fn write_pem<W: Write>(&self,
-                               writer: &mut W /* , password: Option<String> */)
-                               -> io::Result<()> {
-        let mut mem_bio = try!(MemBio::new());
+    pub fn write_pem(&self) -> Result<Vec<u8>, ErrorStack> {
+        let mem_bio = try!(MemBio::new());
         unsafe {
             try_ssl!(ffi::PEM_write_bio_PrivateKey(mem_bio.get_handle(),
                                                    self.evp,
@@ -294,20 +275,14 @@ impl PKey {
                                                    ptr::null_mut()));
 
         }
-        let mut buf = vec![];
-        try!(mem_bio.read_to_end(&mut buf));
-        writer.write_all(&buf)
+        Ok(mem_bio.get_buf().to_owned())
     }
 
     /// Stores public key as a PEM
-    pub fn write_pub_pem<W: Write>(&self,
-                                   writer: &mut W /* , password: Option<String> */)
-                                   -> io::Result<()> {
-        let mut mem_bio = try!(MemBio::new());
+    pub fn write_pub_pem(&self) -> Result<Vec<u8>, ErrorStack> {
+        let mem_bio = try!(MemBio::new());
         unsafe { try_ssl!(ffi::PEM_write_bio_PUBKEY(mem_bio.get_handle(), self.evp)) }
-        let mut buf = vec![];
-        try!(mem_bio.read_to_end(&mut buf));
-        writer.write_all(&buf)
+        Ok(mem_bio.get_buf().to_owned())
     }
 
     /**
@@ -648,8 +623,6 @@ impl Clone for PKey {
 
 #[cfg(test)]
 mod tests {
-    use std::path::Path;
-    use std::fs::File;
     use crypto::hash::Type::{MD5, SHA1};
     use crypto::rsa::RSA;
 
@@ -693,42 +666,26 @@ mod tests {
 
     #[test]
     fn test_private_key_from_pem() {
-        let key_path = Path::new("test/key.pem");
-        let mut file = File::open(&key_path)
-                           .ok()
-                           .expect("Failed to open `test/key.pem`");
-
-        super::PKey::private_key_from_pem(&mut file).unwrap();
+        let key = include_bytes!("../../test/key.pem");
+        super::PKey::private_key_from_pem(key).unwrap();
     }
 
     #[test]
     fn test_public_key_from_pem() {
-        let key_path = Path::new("test/key.pem.pub");
-        let mut file = File::open(&key_path)
-                           .ok()
-                           .expect("Failed to open `test/key.pem.pub`");
-
-        super::PKey::public_key_from_pem(&mut file).unwrap();
+        let key = include_bytes!("../../test/key.pem.pub");
+        super::PKey::public_key_from_pem(key).unwrap();
     }
 
     #[test]
     fn test_private_rsa_key_from_pem() {
-        let key_path = Path::new("test/key.pem");
-        let mut file = File::open(&key_path)
-                           .ok()
-                           .expect("Failed to open `test/key.pem`");
-
-        super::PKey::private_rsa_key_from_pem(&mut file).unwrap();
+        let key = include_bytes!("../../test/key.pem");
+        super::PKey::private_rsa_key_from_pem(key).unwrap();
     }
 
     #[test]
     fn test_public_rsa_key_from_pem() {
-        let key_path = Path::new("test/key.pem.pub");
-        let mut file = File::open(&key_path)
-                           .ok()
-                           .expect("Failed to open `test/key.pem.pub`");
-
-        super::PKey::public_rsa_key_from_pem(&mut file).unwrap();
+        let key = include_bytes!("../../test/key.pem.pub");
+        super::PKey::public_rsa_key_from_pem(key).unwrap();
     }
 
     #[test]
@@ -819,18 +776,11 @@ mod tests {
 
     #[test]
     fn test_pem() {
-        let key_path = Path::new("test/key.pem");
-        let mut file = File::open(&key_path)
-                           .ok()
-                           .expect("Failed to open `test/key.pem`");
-
-        let key = super::PKey::private_key_from_pem(&mut file).unwrap();
-
-        let mut priv_key = Vec::new();
-        let mut pub_key = Vec::new();
+        let key = include_bytes!("../../test/key.pem");
+        let key = super::PKey::private_key_from_pem(key).unwrap();
 
-        key.write_pem(&mut priv_key).unwrap();
-        key.write_pub_pem(&mut pub_key).unwrap();
+        let priv_key = key.write_pem().unwrap();
+        let pub_key = key.write_pub_pem().unwrap();
 
         // As a super-simple verification, just check that the buffers contain
         // the `PRIVATE KEY` or `PUBLIC KEY` strings.
diff --git a/openssl/src/crypto/rsa.rs b/openssl/src/crypto/rsa.rs
index 05c1c774..226b2aab 100644
--- a/openssl/src/crypto/rsa.rs
+++ b/openssl/src/crypto/rsa.rs
@@ -1,11 +1,10 @@
 use ffi;
 use std::fmt;
 use std::ptr;
-use std::io::{self, Read, Write};
 use libc::{c_int, c_void, c_char};
 
 use bn::BigNum;
-use bio::MemBio;
+use bio::{MemBio, MemBioSlice};
 use error::ErrorStack;
 use crypto::HashTypeInternals;
 use crypto::hash;
@@ -62,12 +61,8 @@ impl RSA {
     }
 
     /// Reads an RSA private key from PEM formatted data.
-    pub fn private_key_from_pem<R>(reader: &mut R) -> io::Result<RSA>
-        where R: Read
-    {
-        let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio));
-
+    pub fn private_key_from_pem(buf: &[u8]) -> Result<RSA, ErrorStack> {
+        let mem_bio = try!(MemBioSlice::new(buf));
         unsafe {
             let rsa = try_ssl_null!(ffi::PEM_read_bio_RSAPrivateKey(mem_bio.get_handle(),
                                                                     ptr::null_mut(),
@@ -78,13 +73,11 @@ impl RSA {
     }
 
     /// Reads an RSA private key from PEM formatted data and supplies a password callback.
-    pub fn private_key_from_pem_cb<R, F>(reader: &mut R, pass_cb: F) -> io::Result<RSA>
-        where R: Read, F: FnOnce(&mut [c_char]) -> usize
+    pub fn private_key_from_pem_cb<F>(buf: &[u8], pass_cb: F) -> Result<RSA, ErrorStack>
+        where F: FnOnce(&mut [c_char]) -> usize
     {
         let mut cb = CallbackState::new(pass_cb);
-
-        let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio));
+        let mem_bio = try!(MemBioSlice::new(buf));
 
         unsafe {
             let cb_ptr = &mut cb as *mut _ as *mut c_void;
@@ -98,10 +91,8 @@ impl RSA {
     }
 
     /// Writes an RSA private key as unencrypted PEM formatted data
-    pub fn private_key_to_pem<W>(&self, writer: &mut W) -> io::Result<()>
-        where W: Write
-    {
-        let mut mem_bio = try!(MemBio::new());
+    pub fn private_key_to_pem(&self) -> Result<Vec<u8>, ErrorStack> {
+        let mem_bio = try!(MemBio::new());
 
         unsafe {
             try_ssl!(ffi::PEM_write_bio_RSAPrivateKey(mem_bio.get_handle(),
@@ -112,17 +103,12 @@ impl RSA {
                                              None,
                                              ptr::null_mut()));
         }
-        try!(io::copy(&mut mem_bio, writer));
-        Ok(())
+        Ok(mem_bio.get_buf().to_owned())
     }
 
     /// Reads an RSA public key from PEM formatted data.
-    pub fn public_key_from_pem<R>(reader: &mut R) -> io::Result<RSA>
-        where R: Read
-    {
-        let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio));
-
+    pub fn public_key_from_pem(buf: &[u8]) -> Result<RSA, ErrorStack> {
+        let mem_bio = try!(MemBioSlice::new(buf));
         unsafe {
             let rsa = try_ssl_null!(ffi::PEM_read_bio_RSA_PUBKEY(mem_bio.get_handle(),
                                                                  ptr::null_mut(),
@@ -133,17 +119,14 @@ impl RSA {
     }
 
     /// Writes an RSA public key as PEM formatted data
-    pub fn public_key_to_pem<W>(&self, writer: &mut W) -> io::Result<()>
-        where W: Write
-    {
-        let mut mem_bio = try!(MemBio::new());
+    pub fn public_key_to_pem(&self) -> Result<Vec<u8>, ErrorStack> {
+        let mem_bio = try!(MemBio::new());
 
         unsafe {
             try_ssl!(ffi::PEM_write_bio_RSA_PUBKEY(mem_bio.get_handle(), self.0))
         };
 
-        try!(io::copy(&mut mem_bio, writer));
-        Ok(())
+        Ok(mem_bio.get_buf().to_owned())
     }
 
     pub fn size(&self) -> Option<u32> {
@@ -236,7 +219,6 @@ impl fmt::Debug for RSA {
 
 #[cfg(test)]
 mod test {
-    use std::fs::File;
     use std::io::Write;
     use libc::c_char;
 
@@ -271,8 +253,8 @@ mod test {
 
     #[test]
     pub fn test_sign() {
-        let mut buffer = File::open("test/rsa.pem").unwrap();
-        let private_key = RSA::private_key_from_pem(&mut buffer).unwrap();
+        let key = include_bytes!("../../test/rsa.pem");
+        let private_key = RSA::private_key_from_pem(key).unwrap();
 
         let mut sha = Hasher::new(Type::SHA256);
         sha.write_all(&signing_input_rs256()).unwrap();
@@ -285,8 +267,8 @@ mod test {
 
     #[test]
     pub fn test_verify() {
-        let mut buffer = File::open("test/rsa.pem.pub").unwrap();
-        let public_key = RSA::public_key_from_pem(&mut buffer).unwrap();
+        let key = include_bytes!("../../test/rsa.pem.pub");
+        let public_key = RSA::public_key_from_pem(key).unwrap();
 
         let mut sha = Hasher::new(Type::SHA256);
         sha.write_all(&signing_input_rs256()).unwrap();
@@ -300,8 +282,8 @@ mod test {
     #[test]
     pub fn test_password() {
         let mut password_queried = false;
-        let mut buffer = File::open("test/rsa-encrypted.pem").unwrap();
-        RSA::private_key_from_pem_cb(&mut buffer, |password| {
+        let key = include_bytes!("../../test/rsa-encrypted.pem");
+        RSA::private_key_from_pem_cb(key, |password| {
             password_queried = true;
             password[0] = b'm' as c_char;
             password[1] = b'y' as c_char;
-- 
cgit v1.2.3