Loading openssl/src/cipher.rs +7 −12 Original line number Diff line number Diff line Loading @@ -9,6 +9,7 @@ use crate::lib_ctx::LibCtxRef; use crate::nid::Nid; use cfg_if::cfg_if; use foreign_types::{ForeignTypeRef, Opaque}; use openssl_macros::corresponds; #[cfg(ossl300)] use std::ffi::CString; #[cfg(ossl300)] Loading Loading @@ -100,10 +101,7 @@ unsafe impl Send for Cipher {} impl Cipher { /// Looks up the cipher for a certain nid. /// /// This corresponds to [`EVP_get_cipherbynid`] /// /// [`EVP_get_cipherbynid`]: https://www.openssl.org/docs/man1.0.2/crypto/EVP_get_cipherbyname.html #[corresponds(EVP_get_cipherbynid)] pub fn from_nid(nid: Nid) -> Option<&'static CipherRef> { unsafe { let ptr = ffi::EVP_get_cipherbyname(ffi::OBJ_nid2sn(nid.as_raw())); Loading @@ -117,11 +115,8 @@ impl Cipher { /// Fetches a cipher object corresponding to the specified algorithm name and properties. /// /// This corresponds to [`EVP_CIPHER_fetch`]. /// /// Requires OpenSSL 3.0.0 or newer. /// /// [`EVP_CIPHER_fetch`]: https://www.openssl.org/docs/manmaster/man3/EVP_CIPHER_fetch.html #[corresponds(EVP_CIPHER_fetch)] #[cfg(ossl300)] pub fn fetch( ctx: Option<&LibCtxRef>, Loading Loading @@ -359,16 +354,14 @@ unsafe impl Send for CipherRef {} impl CipherRef { /// Returns the cipher's Nid. /// /// This corresponds to [`EVP_CIPHER_nid`] /// /// [`EVP_CIPHER_nid`]: https://www.openssl.org/docs/man1.0.2/crypto/EVP_CIPHER_nid.html #[corresponds(EVP_CIPHER_nid)] pub fn nid(&self) -> Nid { let nid = unsafe { ffi::EVP_CIPHER_nid(self.as_ptr()) }; Nid::from_raw(nid) } /// Returns the length of keys used with this cipher. #[corresponds(EVP_CIPHER_key_length)] pub fn key_length(&self) -> usize { unsafe { EVP_CIPHER_key_length(self.as_ptr()) as usize } } Loading @@ -378,6 +371,7 @@ impl CipherRef { /// # Note /// /// Ciphers that do not use an IV have an IV length of 0. #[corresponds(EVP_CIPHER_iv_length)] pub fn iv_length(&self) -> usize { unsafe { EVP_CIPHER_iv_length(self.as_ptr()) as usize } } Loading @@ -387,6 +381,7 @@ impl CipherRef { /// # Note /// /// Stream ciphers have a block size of 1. #[corresponds(EVP_CIPHER_block_size)] pub fn block_size(&self) -> usize { unsafe { EVP_CIPHER_block_size(self.as_ptr()) as usize } } Loading openssl/src/cms.rs +10 −31 Original line number Diff line number Diff line Loading @@ -17,6 +17,7 @@ use crate::stack::StackRef; use crate::symm::Cipher; use crate::x509::{X509Ref, X509}; use crate::{cvt, cvt_p}; use openssl_macros::corresponds; bitflags! { pub struct CMSOptions : c_uint { Loading Loading @@ -69,10 +70,7 @@ foreign_type_and_impl_send_sync! { impl CmsContentInfoRef { /// Given the sender's private key, `pkey` and the recipient's certificiate, `cert`, /// decrypt the data in `self`. /// /// OpenSSL documentation at [`CMS_decrypt`] /// /// [`CMS_decrypt`]: https://www.openssl.org/docs/man1.1.0/crypto/CMS_decrypt.html #[corresponds(CMS_decrypt)] pub fn decrypt<T>(&self, pkey: &PKeyRef<T>, cert: &X509) -> Result<Vec<u8>, ErrorStack> where T: HasPrivate, Loading @@ -99,9 +97,7 @@ impl CmsContentInfoRef { /// decrypt the data in `self` without validating the recipient certificate. /// /// *Warning*: Not checking the recipient certificate may leave you vulnerable to Bleichenbacher's attack on PKCS#1 v1.5 RSA padding. /// See [`CMS_decrypt`] for more information. /// /// [`CMS_decrypt`]: https://www.openssl.org/docs/man1.1.0/crypto/CMS_decrypt.html #[corresponds(CMS_decrypt)] // FIXME merge into decrypt pub fn decrypt_without_cert_check<T>(&self, pkey: &PKeyRef<T>) -> Result<Vec<u8>, ErrorStack> where Loading @@ -126,20 +122,14 @@ impl CmsContentInfoRef { to_der! { /// Serializes this CmsContentInfo using DER. /// /// OpenSSL documentation at [`i2d_CMS_ContentInfo`] /// /// [`i2d_CMS_ContentInfo`]: https://www.openssl.org/docs/man1.0.2/crypto/i2d_CMS_ContentInfo.html #[corresponds(i2d_CMS_ContentInfo)] to_der, ffi::i2d_CMS_ContentInfo } to_pem! { /// Serializes this CmsContentInfo using DER. /// /// OpenSSL documentation at [`PEM_write_bio_CMS`] /// /// [`PEM_write_bio_CMS`]: https://www.openssl.org/docs/man1.1.0/man3/PEM_write_bio_CMS.html #[corresponds(PEM_write_bio_CMS)] to_pem, ffi::PEM_write_bio_CMS } Loading @@ -147,10 +137,7 @@ impl CmsContentInfoRef { impl CmsContentInfo { /// Parses a smime formatted `vec` of bytes into a `CmsContentInfo`. /// /// OpenSSL documentation at [`SMIME_read_CMS`] /// /// [`SMIME_read_CMS`]: https://www.openssl.org/docs/man1.0.2/crypto/SMIME_read_CMS.html #[corresponds(SMIME_read_CMS)] pub fn smime_read_cms(smime: &[u8]) -> Result<CmsContentInfo, ErrorStack> { unsafe { let bio = MemBioSlice::new(smime)?; Loading @@ -163,10 +150,7 @@ impl CmsContentInfo { from_der! { /// Deserializes a DER-encoded ContentInfo structure. /// /// This corresponds to [`d2i_CMS_ContentInfo`]. /// /// [`d2i_CMS_ContentInfo`]: https://www.openssl.org/docs/manmaster/man3/d2i_X509.html #[corresponds(d2i_CMS_ContentInfo)] from_der, CmsContentInfo, ffi::d2i_CMS_ContentInfo Loading @@ -174,10 +158,7 @@ impl CmsContentInfo { from_pem! { /// Deserializes a PEM-encoded ContentInfo structure. /// /// This corresponds to [`PEM_read_bio_CMS`]. /// /// [`PEM_read_bio_CMS`]: https://www.openssl.org/docs/man1.1.0/man3/PEM_read_bio_CMS.html #[corresponds(PEM_read_bio_CMS)] from_pem, CmsContentInfo, ffi::PEM_read_bio_CMS Loading @@ -187,10 +168,7 @@ impl CmsContentInfo { /// data `data` and flags `flags`, create a CmsContentInfo struct. /// /// All arguments are optional. /// /// OpenSSL documentation at [`CMS_sign`] /// /// [`CMS_sign`]: https://www.openssl.org/docs/manmaster/man3/CMS_sign.html #[corresponds(CMS_sign)] pub fn sign<T>( signcert: Option<&X509Ref>, pkey: Option<&PKeyRef<T>>, Loading Loading @@ -229,6 +207,7 @@ impl CmsContentInfo { /// OpenSSL documentation at [`CMS_encrypt`] /// /// [`CMS_encrypt`]: https://www.openssl.org/docs/manmaster/man3/CMS_encrypt.html #[corresponds(CMS_encrypt)] pub fn encrypt( certs: &StackRef<X509>, data: &[u8], Loading openssl/src/conf.rs +3 −0 Original line number Diff line number Diff line Loading @@ -2,11 +2,13 @@ use crate::cvt_p; use crate::error::ErrorStack; use openssl_macros::corresponds; pub struct ConfMethod(*mut ffi::CONF_METHOD); impl ConfMethod { /// Retrieve handle to the default OpenSSL configuration file processing function. #[corresponds(NCONF_default)] pub fn default() -> ConfMethod { unsafe { ffi::init(); Loading Loading @@ -49,6 +51,7 @@ impl Conf { /// /// let conf = Conf::new(ConfMethod::default()); /// ``` #[corresponds(NCONF_new)] pub fn new(method: ConfMethod) -> Result<Conf, ErrorStack> { unsafe { cvt_p(ffi::NCONF_new(method.as_ptr())).map(Conf) } } Loading openssl/src/dh.rs +17 −53 Original line number Diff line number Diff line Loading @@ -7,6 +7,7 @@ use crate::bn::{BigNum, BigNumRef}; use crate::error::ErrorStack; use crate::pkey::{HasParams, HasPrivate, HasPublic, Params, Private}; use crate::{cvt, cvt_p}; use openssl_macros::corresponds; generic_foreign_type_and_impl_send_sync! { type CType = ffi::DH; Loading @@ -25,20 +26,14 @@ where /// Serializes the parameters into a PEM-encoded PKCS#3 DHparameter structure. /// /// The output will have a header of `-----BEGIN DH PARAMETERS-----`. /// /// This corresponds to [`PEM_write_bio_DHparams`]. /// /// [`PEM_write_bio_DHparams`]: https://www.openssl.org/docs/manmaster/man3/PEM_write_bio_DHparams.html #[corresponds(PEM_write_bio_DHparams)] params_to_pem, ffi::PEM_write_bio_DHparams } to_der! { /// Serializes the parameters into a DER-encoded PKCS#3 DHparameter structure. /// /// This corresponds to [`i2d_DHparams`]. /// /// [`i2d_DHparams`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_DHparams.html #[corresponds(i2d_DHparams)] params_to_der, ffi::i2d_DHparams } Loading @@ -50,11 +45,7 @@ impl Dh<Params> { } /// Creates a DH instance based upon the given primes and generator params. /// /// This corresponds to [`DH_new`] and [`DH_set0_pqg`]. /// /// [`DH_new`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_new.html /// [`DH_set0_pqg`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_set0_pqg.html #[corresponds(DH_set0_pqg)] pub fn from_pqg( prime_p: BigNum, prime_q: Option<BigNum>, Loading Loading @@ -87,10 +78,7 @@ impl Dh<Params> { } /// Generates DH params based on the given `prime_len` and a fixed `generator` value. /// /// This corresponds to [`DH_generate_parameters_ex`]. /// /// [`DH_generate_parameters_ex`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_generate_parameters.html #[corresponds(DH_generate_parameters_ex)] pub fn generate_params(prime_len: u32, generator: u32) -> Result<Dh<Params>, ErrorStack> { unsafe { let dh = Dh::from_ptr(cvt_p(ffi::DH_new())?); Loading @@ -105,10 +93,7 @@ impl Dh<Params> { } /// Generates a public and a private key based on the DH params. /// /// This corresponds to [`DH_generate_key`]. /// /// [`DH_generate_key`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_generate_key.html #[corresponds(DH_generate_key)] pub fn generate_key(self) -> Result<Dh<Private>, ErrorStack> { unsafe { let dh_ptr = self.0; Loading @@ -122,10 +107,7 @@ impl Dh<Params> { /// Deserializes a PEM-encoded PKCS#3 DHpararameters structure. /// /// The input should have a header of `-----BEGIN DH PARAMETERS-----`. /// /// This corresponds to [`PEM_read_bio_DHparams`]. /// /// [`PEM_read_bio_DHparams`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_read_bio_DHparams.html #[corresponds(PEM_read_bio_DHparams)] params_from_pem, Dh<Params>, ffi::PEM_read_bio_DHparams Loading @@ -133,16 +115,14 @@ impl Dh<Params> { from_der! { /// Deserializes a DER-encoded PKCS#3 DHparameters structure. /// /// This corresponds to [`d2i_DHparams`]. /// /// [`d2i_DHparams`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_DHparams.html #[corresponds(d2i_DHparams)] params_from_der, Dh<Params>, ffi::d2i_DHparams } /// Requires OpenSSL 1.0.2 or newer. #[corresponds(DH_get_1024_160)] #[cfg(any(ossl102, ossl110))] pub fn get_1024_160() -> Result<Dh<Params>, ErrorStack> { unsafe { Loading @@ -152,6 +132,7 @@ impl Dh<Params> { } /// Requires OpenSSL 1.0.2 or newer. #[corresponds(DH_get_2048_224)] #[cfg(any(ossl102, ossl110))] pub fn get_2048_224() -> Result<Dh<Params>, ErrorStack> { unsafe { Loading @@ -161,6 +142,7 @@ impl Dh<Params> { } /// Requires OpenSSL 1.0.2 or newer. #[corresponds(DH_get_2048_256)] #[cfg(any(ossl102, ossl110))] pub fn get_2048_256() -> Result<Dh<Params>, ErrorStack> { unsafe { Loading @@ -175,10 +157,7 @@ where T: HasParams, { /// Returns the prime `p` from the DH instance. /// /// This corresponds to [`DH_get0_pqg`]. /// /// [`DH_get0_pqg`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_get0_pqg.html #[corresponds(DH_get0_pqg)] pub fn prime_p(&self) -> &BigNumRef { let mut p = ptr::null(); unsafe { Loading @@ -188,10 +167,7 @@ where } /// Returns the prime `q` from the DH instance. /// /// This corresponds to [`DH_get0_pqg`]. /// /// [`DH_get0_pqg`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_get0_pqg.html #[corresponds(DH_get0_pqg)] pub fn prime_q(&self) -> Option<&BigNumRef> { let mut q = ptr::null(); unsafe { Loading @@ -205,10 +181,7 @@ where } /// Returns the generator from the DH instance. /// /// This corresponds to [`DH_get0_pqg`]. /// /// [`DH_get0_pqg`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_get0_pqg.html #[corresponds(DH_get0_pqg)] pub fn generator(&self) -> &BigNumRef { let mut g = ptr::null(); unsafe { Loading @@ -223,10 +196,7 @@ where T: HasPublic, { /// Returns the public key from the DH instance. /// /// This corresponds to [`DH_get0_key`]. /// /// [`DH_get0_key`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_get0_key.html #[corresponds(DH_get0_key)] pub fn public_key(&self) -> &BigNumRef { let mut pub_key = ptr::null(); unsafe { Loading @@ -241,10 +211,7 @@ where T: HasPrivate, { /// Computes a shared secret from the own private key and the given `public_key`. /// /// This corresponds to [`DH_compute_key`]. /// /// [`DH_compute_key`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_compute_key.html #[corresponds(DH_compute_key)] pub fn compute_key(&self, public_key: &BigNumRef) -> Result<Vec<u8>, ErrorStack> { unsafe { let key_len = ffi::DH_size(self.as_ptr()); Loading @@ -259,10 +226,7 @@ where } /// Returns the private key from the DH instance. /// /// This corresponds to [`DH_get0_key`]. /// /// [`DH_get0_key`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_get0_key.html #[corresponds(DH_get0_key)] pub fn private_key(&self) -> &BigNumRef { let mut priv_key = ptr::null(); unsafe { Loading openssl/src/dsa.rs +13 −28 Original line number Diff line number Diff line Loading @@ -17,6 +17,7 @@ use crate::error::ErrorStack; use crate::pkey::{HasParams, HasPrivate, HasPublic, Private, Public}; use crate::util::ForeignTypeRefExt; use crate::{cvt, cvt_p}; use openssl_macros::corresponds; generic_foreign_type_and_impl_send_sync! { type CType = ffi::DSA; Loading Loading @@ -85,25 +86,20 @@ where /// Serialies the public key into a PEM-encoded SubjectPublicKeyInfo structure. /// /// The output will have a header of `-----BEGIN PUBLIC KEY-----`. /// /// This corresponds to [`PEM_write_bio_DSA_PUBKEY`]. /// /// [`PEM_write_bio_DSA_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_DSA_PUBKEY.html #[corresponds(PEM_write_bio_DSA_PUBKEY)] public_key_to_pem, ffi::PEM_write_bio_DSA_PUBKEY } to_der! { /// Serializes the public key into a DER-encoded SubjectPublicKeyInfo structure. /// /// This corresponds to [`i2d_DSA_PUBKEY`]. /// /// [`i2d_DSA_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_DSA_PUBKEY.html #[corresponds(i2d_DSA_PUBKEY)] public_key_to_der, ffi::i2d_DSA_PUBKEY } /// Returns a reference to the public key component of `self`. #[corresponds(DSA_get0_key)] pub fn pub_key(&self) -> &BigNumRef { unsafe { let mut pub_key = ptr::null(); Loading @@ -121,23 +117,18 @@ where /// Serializes the private key to a PEM-encoded DSAPrivateKey structure. /// /// The output will have a header of `-----BEGIN DSA PRIVATE KEY-----`. /// /// This corresponds to [`PEM_write_bio_DSAPrivateKey`]. /// /// [`PEM_write_bio_DSAPrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_DSAPrivateKey.html #[corresponds(PEM_write_bio_DSAPrivateKey)] private_key_to_pem, /// Serializes the private key to a PEM-encoded encrypted DSAPrivateKey structure. /// /// The output will have a header of `-----BEGIN DSA PRIVATE KEY-----`. /// /// This corresponds to [`PEM_write_bio_DSAPrivateKey`]. /// /// [`PEM_write_bio_DSAPrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_DSAPrivateKey.html #[corresponds(PEM_write_bio_DSAPrivateKey)] private_key_to_pem_passphrase, ffi::PEM_write_bio_DSAPrivateKey } /// Returns a reference to the private key component of `self`. #[corresponds(DSA_get0_key)] pub fn priv_key(&self) -> &BigNumRef { unsafe { let mut priv_key = ptr::null(); Loading @@ -152,15 +143,13 @@ where T: HasParams, { /// Returns the maximum size of the signature output by `self` in bytes. /// /// OpenSSL documentation at [`DSA_size`] /// /// [`DSA_size`]: https://www.openssl.org/docs/man1.1.0/crypto/DSA_size.html #[corresponds(DSA_size)] pub fn size(&self) -> u32 { unsafe { ffi::DSA_size(self.as_ptr()) as u32 } } /// Returns the DSA prime parameter of `self`. #[corresponds(DSA_get0_pqg)] pub fn p(&self) -> &BigNumRef { unsafe { let mut p = ptr::null(); Loading @@ -170,6 +159,7 @@ where } /// Returns the DSA sub-prime parameter of `self`. #[corresponds(DSA_get0_pqg)] pub fn q(&self) -> &BigNumRef { unsafe { let mut q = ptr::null(); Loading @@ -179,6 +169,7 @@ where } /// Returns the DSA base parameter of `self`. #[corresponds(DSA_get0_pqg)] pub fn g(&self) -> &BigNumRef { unsafe { let mut g = ptr::null(); Loading Loading @@ -245,10 +236,7 @@ impl Dsa<Public> { /// Decodes a PEM-encoded SubjectPublicKeyInfo structure containing a DSA key. /// /// The input should have a header of `-----BEGIN PUBLIC KEY-----`. /// /// This corresponds to [`PEM_read_bio_DSA_PUBKEY`]. /// /// [`PEM_read_bio_DSA_PUBKEY`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_read_bio_DSA_PUBKEY.html #[corresponds(PEM_read_bio_DSA_PUBKEY)] public_key_from_pem, Dsa<Public>, ffi::PEM_read_bio_DSA_PUBKEY Loading @@ -256,10 +244,7 @@ impl Dsa<Public> { from_der! { /// Decodes a DER-encoded SubjectPublicKeyInfo structure containing a DSA key. /// /// This corresponds to [`d2i_DSA_PUBKEY`]. /// /// [`d2i_DSA_PUBKEY`]: https://www.openssl.org/docs/man1.0.2/crypto/d2i_DSA_PUBKEY.html #[corresponds(d2i_DSA_PUBKEY)] public_key_from_der, Dsa<Public>, ffi::d2i_DSA_PUBKEY Loading Loading
openssl/src/cipher.rs +7 −12 Original line number Diff line number Diff line Loading @@ -9,6 +9,7 @@ use crate::lib_ctx::LibCtxRef; use crate::nid::Nid; use cfg_if::cfg_if; use foreign_types::{ForeignTypeRef, Opaque}; use openssl_macros::corresponds; #[cfg(ossl300)] use std::ffi::CString; #[cfg(ossl300)] Loading Loading @@ -100,10 +101,7 @@ unsafe impl Send for Cipher {} impl Cipher { /// Looks up the cipher for a certain nid. /// /// This corresponds to [`EVP_get_cipherbynid`] /// /// [`EVP_get_cipherbynid`]: https://www.openssl.org/docs/man1.0.2/crypto/EVP_get_cipherbyname.html #[corresponds(EVP_get_cipherbynid)] pub fn from_nid(nid: Nid) -> Option<&'static CipherRef> { unsafe { let ptr = ffi::EVP_get_cipherbyname(ffi::OBJ_nid2sn(nid.as_raw())); Loading @@ -117,11 +115,8 @@ impl Cipher { /// Fetches a cipher object corresponding to the specified algorithm name and properties. /// /// This corresponds to [`EVP_CIPHER_fetch`]. /// /// Requires OpenSSL 3.0.0 or newer. /// /// [`EVP_CIPHER_fetch`]: https://www.openssl.org/docs/manmaster/man3/EVP_CIPHER_fetch.html #[corresponds(EVP_CIPHER_fetch)] #[cfg(ossl300)] pub fn fetch( ctx: Option<&LibCtxRef>, Loading Loading @@ -359,16 +354,14 @@ unsafe impl Send for CipherRef {} impl CipherRef { /// Returns the cipher's Nid. /// /// This corresponds to [`EVP_CIPHER_nid`] /// /// [`EVP_CIPHER_nid`]: https://www.openssl.org/docs/man1.0.2/crypto/EVP_CIPHER_nid.html #[corresponds(EVP_CIPHER_nid)] pub fn nid(&self) -> Nid { let nid = unsafe { ffi::EVP_CIPHER_nid(self.as_ptr()) }; Nid::from_raw(nid) } /// Returns the length of keys used with this cipher. #[corresponds(EVP_CIPHER_key_length)] pub fn key_length(&self) -> usize { unsafe { EVP_CIPHER_key_length(self.as_ptr()) as usize } } Loading @@ -378,6 +371,7 @@ impl CipherRef { /// # Note /// /// Ciphers that do not use an IV have an IV length of 0. #[corresponds(EVP_CIPHER_iv_length)] pub fn iv_length(&self) -> usize { unsafe { EVP_CIPHER_iv_length(self.as_ptr()) as usize } } Loading @@ -387,6 +381,7 @@ impl CipherRef { /// # Note /// /// Stream ciphers have a block size of 1. #[corresponds(EVP_CIPHER_block_size)] pub fn block_size(&self) -> usize { unsafe { EVP_CIPHER_block_size(self.as_ptr()) as usize } } Loading
openssl/src/cms.rs +10 −31 Original line number Diff line number Diff line Loading @@ -17,6 +17,7 @@ use crate::stack::StackRef; use crate::symm::Cipher; use crate::x509::{X509Ref, X509}; use crate::{cvt, cvt_p}; use openssl_macros::corresponds; bitflags! { pub struct CMSOptions : c_uint { Loading Loading @@ -69,10 +70,7 @@ foreign_type_and_impl_send_sync! { impl CmsContentInfoRef { /// Given the sender's private key, `pkey` and the recipient's certificiate, `cert`, /// decrypt the data in `self`. /// /// OpenSSL documentation at [`CMS_decrypt`] /// /// [`CMS_decrypt`]: https://www.openssl.org/docs/man1.1.0/crypto/CMS_decrypt.html #[corresponds(CMS_decrypt)] pub fn decrypt<T>(&self, pkey: &PKeyRef<T>, cert: &X509) -> Result<Vec<u8>, ErrorStack> where T: HasPrivate, Loading @@ -99,9 +97,7 @@ impl CmsContentInfoRef { /// decrypt the data in `self` without validating the recipient certificate. /// /// *Warning*: Not checking the recipient certificate may leave you vulnerable to Bleichenbacher's attack on PKCS#1 v1.5 RSA padding. /// See [`CMS_decrypt`] for more information. /// /// [`CMS_decrypt`]: https://www.openssl.org/docs/man1.1.0/crypto/CMS_decrypt.html #[corresponds(CMS_decrypt)] // FIXME merge into decrypt pub fn decrypt_without_cert_check<T>(&self, pkey: &PKeyRef<T>) -> Result<Vec<u8>, ErrorStack> where Loading @@ -126,20 +122,14 @@ impl CmsContentInfoRef { to_der! { /// Serializes this CmsContentInfo using DER. /// /// OpenSSL documentation at [`i2d_CMS_ContentInfo`] /// /// [`i2d_CMS_ContentInfo`]: https://www.openssl.org/docs/man1.0.2/crypto/i2d_CMS_ContentInfo.html #[corresponds(i2d_CMS_ContentInfo)] to_der, ffi::i2d_CMS_ContentInfo } to_pem! { /// Serializes this CmsContentInfo using DER. /// /// OpenSSL documentation at [`PEM_write_bio_CMS`] /// /// [`PEM_write_bio_CMS`]: https://www.openssl.org/docs/man1.1.0/man3/PEM_write_bio_CMS.html #[corresponds(PEM_write_bio_CMS)] to_pem, ffi::PEM_write_bio_CMS } Loading @@ -147,10 +137,7 @@ impl CmsContentInfoRef { impl CmsContentInfo { /// Parses a smime formatted `vec` of bytes into a `CmsContentInfo`. /// /// OpenSSL documentation at [`SMIME_read_CMS`] /// /// [`SMIME_read_CMS`]: https://www.openssl.org/docs/man1.0.2/crypto/SMIME_read_CMS.html #[corresponds(SMIME_read_CMS)] pub fn smime_read_cms(smime: &[u8]) -> Result<CmsContentInfo, ErrorStack> { unsafe { let bio = MemBioSlice::new(smime)?; Loading @@ -163,10 +150,7 @@ impl CmsContentInfo { from_der! { /// Deserializes a DER-encoded ContentInfo structure. /// /// This corresponds to [`d2i_CMS_ContentInfo`]. /// /// [`d2i_CMS_ContentInfo`]: https://www.openssl.org/docs/manmaster/man3/d2i_X509.html #[corresponds(d2i_CMS_ContentInfo)] from_der, CmsContentInfo, ffi::d2i_CMS_ContentInfo Loading @@ -174,10 +158,7 @@ impl CmsContentInfo { from_pem! { /// Deserializes a PEM-encoded ContentInfo structure. /// /// This corresponds to [`PEM_read_bio_CMS`]. /// /// [`PEM_read_bio_CMS`]: https://www.openssl.org/docs/man1.1.0/man3/PEM_read_bio_CMS.html #[corresponds(PEM_read_bio_CMS)] from_pem, CmsContentInfo, ffi::PEM_read_bio_CMS Loading @@ -187,10 +168,7 @@ impl CmsContentInfo { /// data `data` and flags `flags`, create a CmsContentInfo struct. /// /// All arguments are optional. /// /// OpenSSL documentation at [`CMS_sign`] /// /// [`CMS_sign`]: https://www.openssl.org/docs/manmaster/man3/CMS_sign.html #[corresponds(CMS_sign)] pub fn sign<T>( signcert: Option<&X509Ref>, pkey: Option<&PKeyRef<T>>, Loading Loading @@ -229,6 +207,7 @@ impl CmsContentInfo { /// OpenSSL documentation at [`CMS_encrypt`] /// /// [`CMS_encrypt`]: https://www.openssl.org/docs/manmaster/man3/CMS_encrypt.html #[corresponds(CMS_encrypt)] pub fn encrypt( certs: &StackRef<X509>, data: &[u8], Loading
openssl/src/conf.rs +3 −0 Original line number Diff line number Diff line Loading @@ -2,11 +2,13 @@ use crate::cvt_p; use crate::error::ErrorStack; use openssl_macros::corresponds; pub struct ConfMethod(*mut ffi::CONF_METHOD); impl ConfMethod { /// Retrieve handle to the default OpenSSL configuration file processing function. #[corresponds(NCONF_default)] pub fn default() -> ConfMethod { unsafe { ffi::init(); Loading Loading @@ -49,6 +51,7 @@ impl Conf { /// /// let conf = Conf::new(ConfMethod::default()); /// ``` #[corresponds(NCONF_new)] pub fn new(method: ConfMethod) -> Result<Conf, ErrorStack> { unsafe { cvt_p(ffi::NCONF_new(method.as_ptr())).map(Conf) } } Loading
openssl/src/dh.rs +17 −53 Original line number Diff line number Diff line Loading @@ -7,6 +7,7 @@ use crate::bn::{BigNum, BigNumRef}; use crate::error::ErrorStack; use crate::pkey::{HasParams, HasPrivate, HasPublic, Params, Private}; use crate::{cvt, cvt_p}; use openssl_macros::corresponds; generic_foreign_type_and_impl_send_sync! { type CType = ffi::DH; Loading @@ -25,20 +26,14 @@ where /// Serializes the parameters into a PEM-encoded PKCS#3 DHparameter structure. /// /// The output will have a header of `-----BEGIN DH PARAMETERS-----`. /// /// This corresponds to [`PEM_write_bio_DHparams`]. /// /// [`PEM_write_bio_DHparams`]: https://www.openssl.org/docs/manmaster/man3/PEM_write_bio_DHparams.html #[corresponds(PEM_write_bio_DHparams)] params_to_pem, ffi::PEM_write_bio_DHparams } to_der! { /// Serializes the parameters into a DER-encoded PKCS#3 DHparameter structure. /// /// This corresponds to [`i2d_DHparams`]. /// /// [`i2d_DHparams`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_DHparams.html #[corresponds(i2d_DHparams)] params_to_der, ffi::i2d_DHparams } Loading @@ -50,11 +45,7 @@ impl Dh<Params> { } /// Creates a DH instance based upon the given primes and generator params. /// /// This corresponds to [`DH_new`] and [`DH_set0_pqg`]. /// /// [`DH_new`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_new.html /// [`DH_set0_pqg`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_set0_pqg.html #[corresponds(DH_set0_pqg)] pub fn from_pqg( prime_p: BigNum, prime_q: Option<BigNum>, Loading Loading @@ -87,10 +78,7 @@ impl Dh<Params> { } /// Generates DH params based on the given `prime_len` and a fixed `generator` value. /// /// This corresponds to [`DH_generate_parameters_ex`]. /// /// [`DH_generate_parameters_ex`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_generate_parameters.html #[corresponds(DH_generate_parameters_ex)] pub fn generate_params(prime_len: u32, generator: u32) -> Result<Dh<Params>, ErrorStack> { unsafe { let dh = Dh::from_ptr(cvt_p(ffi::DH_new())?); Loading @@ -105,10 +93,7 @@ impl Dh<Params> { } /// Generates a public and a private key based on the DH params. /// /// This corresponds to [`DH_generate_key`]. /// /// [`DH_generate_key`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_generate_key.html #[corresponds(DH_generate_key)] pub fn generate_key(self) -> Result<Dh<Private>, ErrorStack> { unsafe { let dh_ptr = self.0; Loading @@ -122,10 +107,7 @@ impl Dh<Params> { /// Deserializes a PEM-encoded PKCS#3 DHpararameters structure. /// /// The input should have a header of `-----BEGIN DH PARAMETERS-----`. /// /// This corresponds to [`PEM_read_bio_DHparams`]. /// /// [`PEM_read_bio_DHparams`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_read_bio_DHparams.html #[corresponds(PEM_read_bio_DHparams)] params_from_pem, Dh<Params>, ffi::PEM_read_bio_DHparams Loading @@ -133,16 +115,14 @@ impl Dh<Params> { from_der! { /// Deserializes a DER-encoded PKCS#3 DHparameters structure. /// /// This corresponds to [`d2i_DHparams`]. /// /// [`d2i_DHparams`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_DHparams.html #[corresponds(d2i_DHparams)] params_from_der, Dh<Params>, ffi::d2i_DHparams } /// Requires OpenSSL 1.0.2 or newer. #[corresponds(DH_get_1024_160)] #[cfg(any(ossl102, ossl110))] pub fn get_1024_160() -> Result<Dh<Params>, ErrorStack> { unsafe { Loading @@ -152,6 +132,7 @@ impl Dh<Params> { } /// Requires OpenSSL 1.0.2 or newer. #[corresponds(DH_get_2048_224)] #[cfg(any(ossl102, ossl110))] pub fn get_2048_224() -> Result<Dh<Params>, ErrorStack> { unsafe { Loading @@ -161,6 +142,7 @@ impl Dh<Params> { } /// Requires OpenSSL 1.0.2 or newer. #[corresponds(DH_get_2048_256)] #[cfg(any(ossl102, ossl110))] pub fn get_2048_256() -> Result<Dh<Params>, ErrorStack> { unsafe { Loading @@ -175,10 +157,7 @@ where T: HasParams, { /// Returns the prime `p` from the DH instance. /// /// This corresponds to [`DH_get0_pqg`]. /// /// [`DH_get0_pqg`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_get0_pqg.html #[corresponds(DH_get0_pqg)] pub fn prime_p(&self) -> &BigNumRef { let mut p = ptr::null(); unsafe { Loading @@ -188,10 +167,7 @@ where } /// Returns the prime `q` from the DH instance. /// /// This corresponds to [`DH_get0_pqg`]. /// /// [`DH_get0_pqg`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_get0_pqg.html #[corresponds(DH_get0_pqg)] pub fn prime_q(&self) -> Option<&BigNumRef> { let mut q = ptr::null(); unsafe { Loading @@ -205,10 +181,7 @@ where } /// Returns the generator from the DH instance. /// /// This corresponds to [`DH_get0_pqg`]. /// /// [`DH_get0_pqg`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_get0_pqg.html #[corresponds(DH_get0_pqg)] pub fn generator(&self) -> &BigNumRef { let mut g = ptr::null(); unsafe { Loading @@ -223,10 +196,7 @@ where T: HasPublic, { /// Returns the public key from the DH instance. /// /// This corresponds to [`DH_get0_key`]. /// /// [`DH_get0_key`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_get0_key.html #[corresponds(DH_get0_key)] pub fn public_key(&self) -> &BigNumRef { let mut pub_key = ptr::null(); unsafe { Loading @@ -241,10 +211,7 @@ where T: HasPrivate, { /// Computes a shared secret from the own private key and the given `public_key`. /// /// This corresponds to [`DH_compute_key`]. /// /// [`DH_compute_key`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_compute_key.html #[corresponds(DH_compute_key)] pub fn compute_key(&self, public_key: &BigNumRef) -> Result<Vec<u8>, ErrorStack> { unsafe { let key_len = ffi::DH_size(self.as_ptr()); Loading @@ -259,10 +226,7 @@ where } /// Returns the private key from the DH instance. /// /// This corresponds to [`DH_get0_key`]. /// /// [`DH_get0_key`]: https://www.openssl.org/docs/man1.1.0/crypto/DH_get0_key.html #[corresponds(DH_get0_key)] pub fn private_key(&self) -> &BigNumRef { let mut priv_key = ptr::null(); unsafe { Loading
openssl/src/dsa.rs +13 −28 Original line number Diff line number Diff line Loading @@ -17,6 +17,7 @@ use crate::error::ErrorStack; use crate::pkey::{HasParams, HasPrivate, HasPublic, Private, Public}; use crate::util::ForeignTypeRefExt; use crate::{cvt, cvt_p}; use openssl_macros::corresponds; generic_foreign_type_and_impl_send_sync! { type CType = ffi::DSA; Loading Loading @@ -85,25 +86,20 @@ where /// Serialies the public key into a PEM-encoded SubjectPublicKeyInfo structure. /// /// The output will have a header of `-----BEGIN PUBLIC KEY-----`. /// /// This corresponds to [`PEM_write_bio_DSA_PUBKEY`]. /// /// [`PEM_write_bio_DSA_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_DSA_PUBKEY.html #[corresponds(PEM_write_bio_DSA_PUBKEY)] public_key_to_pem, ffi::PEM_write_bio_DSA_PUBKEY } to_der! { /// Serializes the public key into a DER-encoded SubjectPublicKeyInfo structure. /// /// This corresponds to [`i2d_DSA_PUBKEY`]. /// /// [`i2d_DSA_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_DSA_PUBKEY.html #[corresponds(i2d_DSA_PUBKEY)] public_key_to_der, ffi::i2d_DSA_PUBKEY } /// Returns a reference to the public key component of `self`. #[corresponds(DSA_get0_key)] pub fn pub_key(&self) -> &BigNumRef { unsafe { let mut pub_key = ptr::null(); Loading @@ -121,23 +117,18 @@ where /// Serializes the private key to a PEM-encoded DSAPrivateKey structure. /// /// The output will have a header of `-----BEGIN DSA PRIVATE KEY-----`. /// /// This corresponds to [`PEM_write_bio_DSAPrivateKey`]. /// /// [`PEM_write_bio_DSAPrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_DSAPrivateKey.html #[corresponds(PEM_write_bio_DSAPrivateKey)] private_key_to_pem, /// Serializes the private key to a PEM-encoded encrypted DSAPrivateKey structure. /// /// The output will have a header of `-----BEGIN DSA PRIVATE KEY-----`. /// /// This corresponds to [`PEM_write_bio_DSAPrivateKey`]. /// /// [`PEM_write_bio_DSAPrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_DSAPrivateKey.html #[corresponds(PEM_write_bio_DSAPrivateKey)] private_key_to_pem_passphrase, ffi::PEM_write_bio_DSAPrivateKey } /// Returns a reference to the private key component of `self`. #[corresponds(DSA_get0_key)] pub fn priv_key(&self) -> &BigNumRef { unsafe { let mut priv_key = ptr::null(); Loading @@ -152,15 +143,13 @@ where T: HasParams, { /// Returns the maximum size of the signature output by `self` in bytes. /// /// OpenSSL documentation at [`DSA_size`] /// /// [`DSA_size`]: https://www.openssl.org/docs/man1.1.0/crypto/DSA_size.html #[corresponds(DSA_size)] pub fn size(&self) -> u32 { unsafe { ffi::DSA_size(self.as_ptr()) as u32 } } /// Returns the DSA prime parameter of `self`. #[corresponds(DSA_get0_pqg)] pub fn p(&self) -> &BigNumRef { unsafe { let mut p = ptr::null(); Loading @@ -170,6 +159,7 @@ where } /// Returns the DSA sub-prime parameter of `self`. #[corresponds(DSA_get0_pqg)] pub fn q(&self) -> &BigNumRef { unsafe { let mut q = ptr::null(); Loading @@ -179,6 +169,7 @@ where } /// Returns the DSA base parameter of `self`. #[corresponds(DSA_get0_pqg)] pub fn g(&self) -> &BigNumRef { unsafe { let mut g = ptr::null(); Loading Loading @@ -245,10 +236,7 @@ impl Dsa<Public> { /// Decodes a PEM-encoded SubjectPublicKeyInfo structure containing a DSA key. /// /// The input should have a header of `-----BEGIN PUBLIC KEY-----`. /// /// This corresponds to [`PEM_read_bio_DSA_PUBKEY`]. /// /// [`PEM_read_bio_DSA_PUBKEY`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_read_bio_DSA_PUBKEY.html #[corresponds(PEM_read_bio_DSA_PUBKEY)] public_key_from_pem, Dsa<Public>, ffi::PEM_read_bio_DSA_PUBKEY Loading @@ -256,10 +244,7 @@ impl Dsa<Public> { from_der! { /// Decodes a DER-encoded SubjectPublicKeyInfo structure containing a DSA key. /// /// This corresponds to [`d2i_DSA_PUBKEY`]. /// /// [`d2i_DSA_PUBKEY`]: https://www.openssl.org/docs/man1.0.2/crypto/d2i_DSA_PUBKEY.html #[corresponds(d2i_DSA_PUBKEY)] public_key_from_der, Dsa<Public>, ffi::d2i_DSA_PUBKEY Loading
