Loading openssl-sys/src/lib.rs +7 −0 Original line number Diff line number Diff line Loading @@ -1453,6 +1453,10 @@ pub unsafe fn BIO_set_retry_write(b: *mut BIO) { BIO_set_flags(b, BIO_FLAGS_WRITE | BIO_FLAGS_SHOULD_RETRY) } pub unsafe fn EVP_get_digestbynid(type_: c_int) -> *const EVP_MD { EVP_get_digestbyname(OBJ_nid2sn(type_)) } // EVP_PKEY_CTX_ctrl macros pub unsafe fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad: c_int) -> c_int { EVP_PKEY_CTX_ctrl( Loading Loading @@ -2103,6 +2107,8 @@ extern "C" { no_name: c_int, ) -> c_int; pub fn OBJ_nid2sn(nid: c_int) -> *const c_char; pub fn OBJ_find_sigid_algs(signid: c_int, pdig_nid: *mut c_int, ppkey_nid: *mut c_int) -> c_int; pub fn OCSP_BASICRESP_new() -> *mut OCSP_BASICRESP; pub fn OCSP_BASICRESP_free(r: *mut OCSP_BASICRESP); Loading Loading @@ -2840,6 +2846,7 @@ extern "C" { ); pub fn EVP_MD_size(md: *const EVP_MD) -> c_int; pub fn EVP_get_digestbyname(name: *const c_char) -> *const EVP_MD; pub fn EVP_get_cipherbyname(name: *const c_char) -> *const EVP_CIPHER; pub fn SSL_set_connect_state(s: *mut SSL); Loading openssl/src/hash.rs +30 −5 Original line number Diff line number Diff line Loading @@ -4,6 +4,10 @@ use std::io; use std::io::prelude::*; use std::ops::{Deref, DerefMut}; use error::ErrorStack; use nid::Nid; use {cvt, cvt_p}; cfg_if! { if #[cfg(ossl110)] { use ffi::{EVP_MD_CTX_free, EVP_MD_CTX_new}; Loading @@ -12,9 +16,6 @@ cfg_if! { } } use error::ErrorStack; use {cvt, cvt_p}; #[derive(Copy, Clone)] pub struct MessageDigest(*const ffi::EVP_MD); Loading @@ -23,6 +24,22 @@ impl MessageDigest { MessageDigest(x) } /// Returns the `MessageDigest` corresponding to an `Nid`. /// /// This corresponds to [`EVP_get_digestbynid`]. /// /// [`EVP_get_digestbynid`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_DigestInit.html pub fn from_nid(type_: Nid) -> Option<MessageDigest> { unsafe { let ptr = ffi::EVP_get_digestbynid(type_.as_raw()); if ptr.is_null() { None } else { Some(MessageDigest(ptr)) } } } pub fn md5() -> MessageDigest { unsafe { MessageDigest(ffi::EVP_md5()) } } Loading Loading @@ -234,8 +251,8 @@ impl Drop for Hasher { /// store the digest data. #[derive(Copy)] pub struct DigestBytes { buf: [u8; ffi::EVP_MAX_MD_SIZE as usize], len: usize, pub(crate) buf: [u8; ffi::EVP_MAX_MD_SIZE as usize], pub(crate) len: usize, } impl Clone for DigestBytes { Loading Loading @@ -405,4 +422,12 @@ mod tests { hash_test(MessageDigest::ripemd160(), test); } } #[test] fn from_nid() { assert_eq!( MessageDigest::from_nid(Nid::SHA256).unwrap().as_ptr(), MessageDigest::sha256().as_ptr() ); } } openssl/src/nid.rs +28 −0 Original line number Diff line number Diff line //! A collection of numerical identifiers for OpenSSL objects. use ffi; use libc::c_int; use std::ptr; /// A numerical identifier for an OpenSSL object. /// Loading Loading @@ -42,6 +43,20 @@ impl Nid { self.0 } /// Returns the `Nid` of the digest algorithm associated with a signature ID. /// /// This corresponds to `OBJ_find_sigid_algs`. pub fn digest_algorithm(&self) -> Option<Nid> { unsafe { let mut digest = 0; if ffi::OBJ_find_sigid_algs(self.0, &mut digest, ptr::null_mut()) == 1 { Some(Nid(digest)) } else { None } } } pub const UNDEF: Nid = Nid(ffi::NID_undef); pub const ITU_T: Nid = Nid(ffi::NID_itu_t); pub const CCITT: Nid = Nid(ffi::NID_ccitt); Loading Loading @@ -991,3 +1006,16 @@ impl Nid { pub const AES_192_CBC_HMAC_SHA1: Nid = Nid(ffi::NID_aes_192_cbc_hmac_sha1); pub const AES_256_CBC_HMAC_SHA1: Nid = Nid(ffi::NID_aes_256_cbc_hmac_sha1); } #[cfg(test)] mod test { use super::Nid; #[test] fn signature_digest() { assert_eq!( Nid::SHA256WITHRSAENCRYPTION.digest_algorithm(), Some(Nid::SHA256) ); } } openssl/src/pkcs12.rs +14 −13 Original line number Diff line number Diff line Loading @@ -3,15 +3,15 @@ use ffi; use foreign_types::{ForeignType, ForeignTypeRef}; use libc::c_int; use std::ptr; use std::ffi::CString; use std::ptr; use {cvt, cvt_p}; use pkey::{HasPrivate, PKey, PKeyRef, Private}; use error::ErrorStack; use x509::{X509, X509Ref}; use stack::Stack; use nid::Nid; use pkey::{HasPrivate, PKey, PKeyRef, Private}; use stack::Stack; use x509::{X509, X509Ref}; use {cvt, cvt_p}; foreign_type_and_impl_send_sync! { type CType = ffi::PKCS12; Loading Loading @@ -172,7 +172,8 @@ impl Pkcs12Builder { let friendly_name = CString::new(friendly_name).unwrap(); let pkey = pkey.as_ptr(); let cert = cert.as_ptr(); let ca = self.ca let ca = self .ca .as_ref() .map(|ca| ca.as_ptr()) .unwrap_or(ptr::null_mut()); Loading Loading @@ -206,11 +207,11 @@ mod test { use hex; use asn1::Asn1Time; use rsa::Rsa; use pkey::PKey; use nid::Nid; use x509::{X509, X509Name}; use pkey::PKey; use rsa::Rsa; use x509::extension::KeyUsage; use x509::{X509, X509Name}; use super::*; Loading @@ -221,14 +222,14 @@ mod test { let parsed = pkcs12.parse("mypass").unwrap(); assert_eq!( hex::encode(parsed.cert.fingerprint(MessageDigest::sha1()).unwrap()), hex::encode(parsed.cert.digest(MessageDigest::sha1()).unwrap()), "59172d9313e84459bcff27f967e79e6e9217e584" ); let chain = parsed.chain.unwrap(); assert_eq!(chain.len(), 1); assert_eq!( hex::encode(chain[0].fingerprint(MessageDigest::sha1()).unwrap()), hex::encode(chain[0].digest(MessageDigest::sha1()).unwrap()), "c0cbdf7cdd03c9773e5468e1f6d2da7d5cbb1875" ); } Loading Loading @@ -279,8 +280,8 @@ mod test { let parsed = pkcs12.parse("mypass").unwrap(); assert_eq!( parsed.cert.fingerprint(MessageDigest::sha1()).unwrap(), cert.fingerprint(MessageDigest::sha1()).unwrap() &*parsed.cert.digest(MessageDigest::sha1()).unwrap(), &*cert.digest(MessageDigest::sha1()).unwrap() ); assert!(parsed.pkey.public_eq(&pkey)); } Loading openssl/src/ssl/test.rs +6 −6 Original line number Diff line number Diff line Loading @@ -295,8 +295,8 @@ run_test!(verify_callback_data, |method, stream| { match cert { None => false, Some(cert) => { let fingerprint = cert.fingerprint(MessageDigest::sha1()).unwrap(); fingerprint == node_id let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); node_id == &*fingerprint } } }); Loading @@ -323,8 +323,8 @@ run_test!(ssl_verify_callback, |method, stream| { match x509.current_cert() { None => false, Some(cert) => { let fingerprint = cert.fingerprint(MessageDigest::sha1()).unwrap(); fingerprint == node_id let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); node_id == &*fingerprint } } }); Loading Loading @@ -424,10 +424,10 @@ run_test!(get_peer_certificate, |method, stream| { let ctx = SslContext::builder(method).unwrap(); let stream = Ssl::new(&ctx.build()).unwrap().connect(stream).unwrap(); let cert = stream.ssl().peer_certificate().unwrap(); let fingerprint = cert.fingerprint(MessageDigest::sha1()).unwrap(); let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); let node_hash_str = "59172d9313e84459bcff27f967e79e6e9217e584"; let node_id = Vec::from_hex(node_hash_str).unwrap(); assert_eq!(node_id, fingerprint) assert_eq!(node_id, &*fingerprint) }); #[test] Loading Loading
openssl-sys/src/lib.rs +7 −0 Original line number Diff line number Diff line Loading @@ -1453,6 +1453,10 @@ pub unsafe fn BIO_set_retry_write(b: *mut BIO) { BIO_set_flags(b, BIO_FLAGS_WRITE | BIO_FLAGS_SHOULD_RETRY) } pub unsafe fn EVP_get_digestbynid(type_: c_int) -> *const EVP_MD { EVP_get_digestbyname(OBJ_nid2sn(type_)) } // EVP_PKEY_CTX_ctrl macros pub unsafe fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad: c_int) -> c_int { EVP_PKEY_CTX_ctrl( Loading Loading @@ -2103,6 +2107,8 @@ extern "C" { no_name: c_int, ) -> c_int; pub fn OBJ_nid2sn(nid: c_int) -> *const c_char; pub fn OBJ_find_sigid_algs(signid: c_int, pdig_nid: *mut c_int, ppkey_nid: *mut c_int) -> c_int; pub fn OCSP_BASICRESP_new() -> *mut OCSP_BASICRESP; pub fn OCSP_BASICRESP_free(r: *mut OCSP_BASICRESP); Loading Loading @@ -2840,6 +2846,7 @@ extern "C" { ); pub fn EVP_MD_size(md: *const EVP_MD) -> c_int; pub fn EVP_get_digestbyname(name: *const c_char) -> *const EVP_MD; pub fn EVP_get_cipherbyname(name: *const c_char) -> *const EVP_CIPHER; pub fn SSL_set_connect_state(s: *mut SSL); Loading
openssl/src/hash.rs +30 −5 Original line number Diff line number Diff line Loading @@ -4,6 +4,10 @@ use std::io; use std::io::prelude::*; use std::ops::{Deref, DerefMut}; use error::ErrorStack; use nid::Nid; use {cvt, cvt_p}; cfg_if! { if #[cfg(ossl110)] { use ffi::{EVP_MD_CTX_free, EVP_MD_CTX_new}; Loading @@ -12,9 +16,6 @@ cfg_if! { } } use error::ErrorStack; use {cvt, cvt_p}; #[derive(Copy, Clone)] pub struct MessageDigest(*const ffi::EVP_MD); Loading @@ -23,6 +24,22 @@ impl MessageDigest { MessageDigest(x) } /// Returns the `MessageDigest` corresponding to an `Nid`. /// /// This corresponds to [`EVP_get_digestbynid`]. /// /// [`EVP_get_digestbynid`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_DigestInit.html pub fn from_nid(type_: Nid) -> Option<MessageDigest> { unsafe { let ptr = ffi::EVP_get_digestbynid(type_.as_raw()); if ptr.is_null() { None } else { Some(MessageDigest(ptr)) } } } pub fn md5() -> MessageDigest { unsafe { MessageDigest(ffi::EVP_md5()) } } Loading Loading @@ -234,8 +251,8 @@ impl Drop for Hasher { /// store the digest data. #[derive(Copy)] pub struct DigestBytes { buf: [u8; ffi::EVP_MAX_MD_SIZE as usize], len: usize, pub(crate) buf: [u8; ffi::EVP_MAX_MD_SIZE as usize], pub(crate) len: usize, } impl Clone for DigestBytes { Loading Loading @@ -405,4 +422,12 @@ mod tests { hash_test(MessageDigest::ripemd160(), test); } } #[test] fn from_nid() { assert_eq!( MessageDigest::from_nid(Nid::SHA256).unwrap().as_ptr(), MessageDigest::sha256().as_ptr() ); } }
openssl/src/nid.rs +28 −0 Original line number Diff line number Diff line //! A collection of numerical identifiers for OpenSSL objects. use ffi; use libc::c_int; use std::ptr; /// A numerical identifier for an OpenSSL object. /// Loading Loading @@ -42,6 +43,20 @@ impl Nid { self.0 } /// Returns the `Nid` of the digest algorithm associated with a signature ID. /// /// This corresponds to `OBJ_find_sigid_algs`. pub fn digest_algorithm(&self) -> Option<Nid> { unsafe { let mut digest = 0; if ffi::OBJ_find_sigid_algs(self.0, &mut digest, ptr::null_mut()) == 1 { Some(Nid(digest)) } else { None } } } pub const UNDEF: Nid = Nid(ffi::NID_undef); pub const ITU_T: Nid = Nid(ffi::NID_itu_t); pub const CCITT: Nid = Nid(ffi::NID_ccitt); Loading Loading @@ -991,3 +1006,16 @@ impl Nid { pub const AES_192_CBC_HMAC_SHA1: Nid = Nid(ffi::NID_aes_192_cbc_hmac_sha1); pub const AES_256_CBC_HMAC_SHA1: Nid = Nid(ffi::NID_aes_256_cbc_hmac_sha1); } #[cfg(test)] mod test { use super::Nid; #[test] fn signature_digest() { assert_eq!( Nid::SHA256WITHRSAENCRYPTION.digest_algorithm(), Some(Nid::SHA256) ); } }
openssl/src/pkcs12.rs +14 −13 Original line number Diff line number Diff line Loading @@ -3,15 +3,15 @@ use ffi; use foreign_types::{ForeignType, ForeignTypeRef}; use libc::c_int; use std::ptr; use std::ffi::CString; use std::ptr; use {cvt, cvt_p}; use pkey::{HasPrivate, PKey, PKeyRef, Private}; use error::ErrorStack; use x509::{X509, X509Ref}; use stack::Stack; use nid::Nid; use pkey::{HasPrivate, PKey, PKeyRef, Private}; use stack::Stack; use x509::{X509, X509Ref}; use {cvt, cvt_p}; foreign_type_and_impl_send_sync! { type CType = ffi::PKCS12; Loading Loading @@ -172,7 +172,8 @@ impl Pkcs12Builder { let friendly_name = CString::new(friendly_name).unwrap(); let pkey = pkey.as_ptr(); let cert = cert.as_ptr(); let ca = self.ca let ca = self .ca .as_ref() .map(|ca| ca.as_ptr()) .unwrap_or(ptr::null_mut()); Loading Loading @@ -206,11 +207,11 @@ mod test { use hex; use asn1::Asn1Time; use rsa::Rsa; use pkey::PKey; use nid::Nid; use x509::{X509, X509Name}; use pkey::PKey; use rsa::Rsa; use x509::extension::KeyUsage; use x509::{X509, X509Name}; use super::*; Loading @@ -221,14 +222,14 @@ mod test { let parsed = pkcs12.parse("mypass").unwrap(); assert_eq!( hex::encode(parsed.cert.fingerprint(MessageDigest::sha1()).unwrap()), hex::encode(parsed.cert.digest(MessageDigest::sha1()).unwrap()), "59172d9313e84459bcff27f967e79e6e9217e584" ); let chain = parsed.chain.unwrap(); assert_eq!(chain.len(), 1); assert_eq!( hex::encode(chain[0].fingerprint(MessageDigest::sha1()).unwrap()), hex::encode(chain[0].digest(MessageDigest::sha1()).unwrap()), "c0cbdf7cdd03c9773e5468e1f6d2da7d5cbb1875" ); } Loading Loading @@ -279,8 +280,8 @@ mod test { let parsed = pkcs12.parse("mypass").unwrap(); assert_eq!( parsed.cert.fingerprint(MessageDigest::sha1()).unwrap(), cert.fingerprint(MessageDigest::sha1()).unwrap() &*parsed.cert.digest(MessageDigest::sha1()).unwrap(), &*cert.digest(MessageDigest::sha1()).unwrap() ); assert!(parsed.pkey.public_eq(&pkey)); } Loading
openssl/src/ssl/test.rs +6 −6 Original line number Diff line number Diff line Loading @@ -295,8 +295,8 @@ run_test!(verify_callback_data, |method, stream| { match cert { None => false, Some(cert) => { let fingerprint = cert.fingerprint(MessageDigest::sha1()).unwrap(); fingerprint == node_id let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); node_id == &*fingerprint } } }); Loading @@ -323,8 +323,8 @@ run_test!(ssl_verify_callback, |method, stream| { match x509.current_cert() { None => false, Some(cert) => { let fingerprint = cert.fingerprint(MessageDigest::sha1()).unwrap(); fingerprint == node_id let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); node_id == &*fingerprint } } }); Loading Loading @@ -424,10 +424,10 @@ run_test!(get_peer_certificate, |method, stream| { let ctx = SslContext::builder(method).unwrap(); let stream = Ssl::new(&ctx.build()).unwrap().connect(stream).unwrap(); let cert = stream.ssl().peer_certificate().unwrap(); let fingerprint = cert.fingerprint(MessageDigest::sha1()).unwrap(); let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); let node_hash_str = "59172d9313e84459bcff27f967e79e6e9217e584"; let node_id = Vec::from_hex(node_hash_str).unwrap(); assert_eq!(node_id, fingerprint) assert_eq!(node_id, &*fingerprint) }); #[test] Loading
