Loading openssl/src/hash.rs +2 −2 Original line number Diff line number Diff line Loading @@ -251,8 +251,8 @@ impl Drop for Hasher { /// store the digest data. #[derive(Copy)] pub struct DigestBytes { buf: [u8; ffi::EVP_MAX_MD_SIZE as usize], len: usize, pub(crate) buf: [u8; ffi::EVP_MAX_MD_SIZE as usize], pub(crate) len: usize, } impl Clone for DigestBytes { Loading openssl/src/pkcs12.rs +14 −13 Original line number Diff line number Diff line Loading @@ -3,15 +3,15 @@ use ffi; use foreign_types::{ForeignType, ForeignTypeRef}; use libc::c_int; use std::ptr; use std::ffi::CString; use std::ptr; use {cvt, cvt_p}; use pkey::{HasPrivate, PKey, PKeyRef, Private}; use error::ErrorStack; use x509::{X509, X509Ref}; use stack::Stack; use nid::Nid; use pkey::{HasPrivate, PKey, PKeyRef, Private}; use stack::Stack; use x509::{X509, X509Ref}; use {cvt, cvt_p}; foreign_type_and_impl_send_sync! { type CType = ffi::PKCS12; Loading Loading @@ -172,7 +172,8 @@ impl Pkcs12Builder { let friendly_name = CString::new(friendly_name).unwrap(); let pkey = pkey.as_ptr(); let cert = cert.as_ptr(); let ca = self.ca let ca = self .ca .as_ref() .map(|ca| ca.as_ptr()) .unwrap_or(ptr::null_mut()); Loading Loading @@ -206,11 +207,11 @@ mod test { use hex; use asn1::Asn1Time; use rsa::Rsa; use pkey::PKey; use nid::Nid; use x509::{X509, X509Name}; use pkey::PKey; use rsa::Rsa; use x509::extension::KeyUsage; use x509::{X509, X509Name}; use super::*; Loading @@ -221,14 +222,14 @@ mod test { let parsed = pkcs12.parse("mypass").unwrap(); assert_eq!( hex::encode(parsed.cert.fingerprint(MessageDigest::sha1()).unwrap()), hex::encode(parsed.cert.digest(MessageDigest::sha1()).unwrap()), "59172d9313e84459bcff27f967e79e6e9217e584" ); let chain = parsed.chain.unwrap(); assert_eq!(chain.len(), 1); assert_eq!( hex::encode(chain[0].fingerprint(MessageDigest::sha1()).unwrap()), hex::encode(chain[0].digest(MessageDigest::sha1()).unwrap()), "c0cbdf7cdd03c9773e5468e1f6d2da7d5cbb1875" ); } Loading Loading @@ -279,8 +280,8 @@ mod test { let parsed = pkcs12.parse("mypass").unwrap(); assert_eq!( parsed.cert.fingerprint(MessageDigest::sha1()).unwrap(), cert.fingerprint(MessageDigest::sha1()).unwrap() &*parsed.cert.digest(MessageDigest::sha1()).unwrap(), &*cert.digest(MessageDigest::sha1()).unwrap() ); assert!(parsed.pkey.public_eq(&pkey)); } Loading openssl/src/ssl/test.rs +6 −6 Original line number Diff line number Diff line Loading @@ -295,8 +295,8 @@ run_test!(verify_callback_data, |method, stream| { match cert { None => false, Some(cert) => { let fingerprint = cert.fingerprint(MessageDigest::sha1()).unwrap(); fingerprint == node_id let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); node_id == &*fingerprint } } }); Loading @@ -323,8 +323,8 @@ run_test!(ssl_verify_callback, |method, stream| { match x509.current_cert() { None => false, Some(cert) => { let fingerprint = cert.fingerprint(MessageDigest::sha1()).unwrap(); fingerprint == node_id let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); node_id == &*fingerprint } } }); Loading Loading @@ -424,10 +424,10 @@ run_test!(get_peer_certificate, |method, stream| { let ctx = SslContext::builder(method).unwrap(); let stream = Ssl::new(&ctx.build()).unwrap().connect(stream).unwrap(); let cert = stream.ssl().peer_certificate().unwrap(); let fingerprint = cert.fingerprint(MessageDigest::sha1()).unwrap(); let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); let node_hash_str = "59172d9313e84459bcff27f967e79e6e9217e584"; let node_id = Vec::from_hex(node_hash_str).unwrap(); assert_eq!(node_id, fingerprint) assert_eq!(node_id, &*fingerprint) }); #[test] Loading openssl/src/x509/mod.rs +21 −9 Original line number Diff line number Diff line Loading @@ -25,7 +25,7 @@ use bio::MemBioSlice; use conf::ConfRef; use error::ErrorStack; use ex_data::Index; use hash::MessageDigest; use hash::{DigestBytes, MessageDigest}; use nid::Nid; use pkey::{HasPrivate, HasPublic, PKey, PKeyRef, Public}; use ssl::SslRef; Loading Loading @@ -447,21 +447,33 @@ impl X509Ref { } } /// Returns certificate fingerprint calculated using provided hash pub fn fingerprint(&self, hash_type: MessageDigest) -> Result<Vec<u8>, ErrorStack> { /// Returns a digest of the DER representation of the certificate. /// /// This corresponds to [`X509_digest`]. /// /// [`X509_digest`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_digest.html pub fn digest(&self, hash_type: MessageDigest) -> Result<DigestBytes, ErrorStack> { unsafe { let evp = hash_type.as_ptr(); let mut digest = DigestBytes { buf: [0; ffi::EVP_MAX_MD_SIZE as usize], len: ffi::EVP_MAX_MD_SIZE as usize, }; let mut len = ffi::EVP_MAX_MD_SIZE; let mut buf = vec![0u8; len as usize]; cvt(ffi::X509_digest( self.as_ptr(), evp, buf.as_mut_ptr() as *mut _, hash_type.as_ptr(), digest.buf.as_mut_ptr() as *mut _, &mut len, ))?; buf.truncate(len as usize); Ok(buf) digest.len = len as usize; Ok(digest) } } #[deprecated(since = "0.10.9", note = "renamed to digest")] pub fn fingerprint(&self, hash_type: MessageDigest) -> Result<Vec<u8>, ErrorStack> { self.digest(hash_type).map(|b| b.to_vec()) } /// Returns the certificate's Not After validity period. Loading openssl/src/x509/tests.rs +4 −4 Original line number Diff line number Diff line Loading @@ -23,12 +23,12 @@ fn pkey() -> PKey<Private> { fn test_cert_loading() { let cert = include_bytes!("../../test/cert.pem"); let cert = X509::from_pem(cert).ok().expect("Failed to load PEM"); let fingerprint = cert.fingerprint(MessageDigest::sha1()).unwrap(); let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); let hash_str = "59172d9313e84459bcff27f967e79e6e9217e584"; let hash_vec = Vec::from_hex(hash_str).unwrap(); assert_eq!(fingerprint, hash_vec); assert_eq!(hash_vec, &*fingerprint); } #[test] Loading Loading @@ -250,11 +250,11 @@ fn test_stack_from_pem() { assert_eq!(certs.len(), 2); assert_eq!( hex::encode(certs[0].fingerprint(MessageDigest::sha1()).unwrap()), hex::encode(certs[0].digest(MessageDigest::sha1()).unwrap()), "59172d9313e84459bcff27f967e79e6e9217e584" ); assert_eq!( hex::encode(certs[1].fingerprint(MessageDigest::sha1()).unwrap()), hex::encode(certs[1].digest(MessageDigest::sha1()).unwrap()), "c0cbdf7cdd03c9773e5468e1f6d2da7d5cbb1875" ); } Loading Loading
openssl/src/hash.rs +2 −2 Original line number Diff line number Diff line Loading @@ -251,8 +251,8 @@ impl Drop for Hasher { /// store the digest data. #[derive(Copy)] pub struct DigestBytes { buf: [u8; ffi::EVP_MAX_MD_SIZE as usize], len: usize, pub(crate) buf: [u8; ffi::EVP_MAX_MD_SIZE as usize], pub(crate) len: usize, } impl Clone for DigestBytes { Loading
openssl/src/pkcs12.rs +14 −13 Original line number Diff line number Diff line Loading @@ -3,15 +3,15 @@ use ffi; use foreign_types::{ForeignType, ForeignTypeRef}; use libc::c_int; use std::ptr; use std::ffi::CString; use std::ptr; use {cvt, cvt_p}; use pkey::{HasPrivate, PKey, PKeyRef, Private}; use error::ErrorStack; use x509::{X509, X509Ref}; use stack::Stack; use nid::Nid; use pkey::{HasPrivate, PKey, PKeyRef, Private}; use stack::Stack; use x509::{X509, X509Ref}; use {cvt, cvt_p}; foreign_type_and_impl_send_sync! { type CType = ffi::PKCS12; Loading Loading @@ -172,7 +172,8 @@ impl Pkcs12Builder { let friendly_name = CString::new(friendly_name).unwrap(); let pkey = pkey.as_ptr(); let cert = cert.as_ptr(); let ca = self.ca let ca = self .ca .as_ref() .map(|ca| ca.as_ptr()) .unwrap_or(ptr::null_mut()); Loading Loading @@ -206,11 +207,11 @@ mod test { use hex; use asn1::Asn1Time; use rsa::Rsa; use pkey::PKey; use nid::Nid; use x509::{X509, X509Name}; use pkey::PKey; use rsa::Rsa; use x509::extension::KeyUsage; use x509::{X509, X509Name}; use super::*; Loading @@ -221,14 +222,14 @@ mod test { let parsed = pkcs12.parse("mypass").unwrap(); assert_eq!( hex::encode(parsed.cert.fingerprint(MessageDigest::sha1()).unwrap()), hex::encode(parsed.cert.digest(MessageDigest::sha1()).unwrap()), "59172d9313e84459bcff27f967e79e6e9217e584" ); let chain = parsed.chain.unwrap(); assert_eq!(chain.len(), 1); assert_eq!( hex::encode(chain[0].fingerprint(MessageDigest::sha1()).unwrap()), hex::encode(chain[0].digest(MessageDigest::sha1()).unwrap()), "c0cbdf7cdd03c9773e5468e1f6d2da7d5cbb1875" ); } Loading Loading @@ -279,8 +280,8 @@ mod test { let parsed = pkcs12.parse("mypass").unwrap(); assert_eq!( parsed.cert.fingerprint(MessageDigest::sha1()).unwrap(), cert.fingerprint(MessageDigest::sha1()).unwrap() &*parsed.cert.digest(MessageDigest::sha1()).unwrap(), &*cert.digest(MessageDigest::sha1()).unwrap() ); assert!(parsed.pkey.public_eq(&pkey)); } Loading
openssl/src/ssl/test.rs +6 −6 Original line number Diff line number Diff line Loading @@ -295,8 +295,8 @@ run_test!(verify_callback_data, |method, stream| { match cert { None => false, Some(cert) => { let fingerprint = cert.fingerprint(MessageDigest::sha1()).unwrap(); fingerprint == node_id let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); node_id == &*fingerprint } } }); Loading @@ -323,8 +323,8 @@ run_test!(ssl_verify_callback, |method, stream| { match x509.current_cert() { None => false, Some(cert) => { let fingerprint = cert.fingerprint(MessageDigest::sha1()).unwrap(); fingerprint == node_id let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); node_id == &*fingerprint } } }); Loading Loading @@ -424,10 +424,10 @@ run_test!(get_peer_certificate, |method, stream| { let ctx = SslContext::builder(method).unwrap(); let stream = Ssl::new(&ctx.build()).unwrap().connect(stream).unwrap(); let cert = stream.ssl().peer_certificate().unwrap(); let fingerprint = cert.fingerprint(MessageDigest::sha1()).unwrap(); let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); let node_hash_str = "59172d9313e84459bcff27f967e79e6e9217e584"; let node_id = Vec::from_hex(node_hash_str).unwrap(); assert_eq!(node_id, fingerprint) assert_eq!(node_id, &*fingerprint) }); #[test] Loading
openssl/src/x509/mod.rs +21 −9 Original line number Diff line number Diff line Loading @@ -25,7 +25,7 @@ use bio::MemBioSlice; use conf::ConfRef; use error::ErrorStack; use ex_data::Index; use hash::MessageDigest; use hash::{DigestBytes, MessageDigest}; use nid::Nid; use pkey::{HasPrivate, HasPublic, PKey, PKeyRef, Public}; use ssl::SslRef; Loading Loading @@ -447,21 +447,33 @@ impl X509Ref { } } /// Returns certificate fingerprint calculated using provided hash pub fn fingerprint(&self, hash_type: MessageDigest) -> Result<Vec<u8>, ErrorStack> { /// Returns a digest of the DER representation of the certificate. /// /// This corresponds to [`X509_digest`]. /// /// [`X509_digest`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_digest.html pub fn digest(&self, hash_type: MessageDigest) -> Result<DigestBytes, ErrorStack> { unsafe { let evp = hash_type.as_ptr(); let mut digest = DigestBytes { buf: [0; ffi::EVP_MAX_MD_SIZE as usize], len: ffi::EVP_MAX_MD_SIZE as usize, }; let mut len = ffi::EVP_MAX_MD_SIZE; let mut buf = vec![0u8; len as usize]; cvt(ffi::X509_digest( self.as_ptr(), evp, buf.as_mut_ptr() as *mut _, hash_type.as_ptr(), digest.buf.as_mut_ptr() as *mut _, &mut len, ))?; buf.truncate(len as usize); Ok(buf) digest.len = len as usize; Ok(digest) } } #[deprecated(since = "0.10.9", note = "renamed to digest")] pub fn fingerprint(&self, hash_type: MessageDigest) -> Result<Vec<u8>, ErrorStack> { self.digest(hash_type).map(|b| b.to_vec()) } /// Returns the certificate's Not After validity period. Loading
openssl/src/x509/tests.rs +4 −4 Original line number Diff line number Diff line Loading @@ -23,12 +23,12 @@ fn pkey() -> PKey<Private> { fn test_cert_loading() { let cert = include_bytes!("../../test/cert.pem"); let cert = X509::from_pem(cert).ok().expect("Failed to load PEM"); let fingerprint = cert.fingerprint(MessageDigest::sha1()).unwrap(); let fingerprint = cert.digest(MessageDigest::sha1()).unwrap(); let hash_str = "59172d9313e84459bcff27f967e79e6e9217e584"; let hash_vec = Vec::from_hex(hash_str).unwrap(); assert_eq!(fingerprint, hash_vec); assert_eq!(hash_vec, &*fingerprint); } #[test] Loading Loading @@ -250,11 +250,11 @@ fn test_stack_from_pem() { assert_eq!(certs.len(), 2); assert_eq!( hex::encode(certs[0].fingerprint(MessageDigest::sha1()).unwrap()), hex::encode(certs[0].digest(MessageDigest::sha1()).unwrap()), "59172d9313e84459bcff27f967e79e6e9217e584" ); assert_eq!( hex::encode(certs[1].fingerprint(MessageDigest::sha1()).unwrap()), hex::encode(certs[1].digest(MessageDigest::sha1()).unwrap()), "c0cbdf7cdd03c9773e5468e1f6d2da7d5cbb1875" ); } Loading
