Loading openssl/src/md.rs +5 −16 Original line number Diff line number Diff line Loading @@ -7,6 +7,7 @@ use crate::lib_ctx::LibCtxRef; use crate::nid::Nid; use cfg_if::cfg_if; use foreign_types::{ForeignTypeRef, Opaque}; use openssl_macros::corresponds; #[cfg(ossl300)] use std::ffi::CString; #[cfg(ossl300)] Loading Loading @@ -75,10 +76,7 @@ unsafe impl Send for Md {} impl Md { /// Returns the `Md` corresponding to an [`Nid`]. /// /// This corresponds to [`EVP_get_digestbynid`]. /// /// [`EVP_get_digestbynid`]: https://www.openssl.org/docs/manmaster/crypto/EVP_DigestInit.html #[corresponds(EVP_get_digestbynid)] pub fn from_nid(type_: Nid) -> Option<&'static MdRef> { unsafe { let ptr = ffi::EVP_get_digestbynid(type_.as_raw()); Loading @@ -92,11 +90,8 @@ impl Md { /// Fetches an `Md` object corresponding to the specified algorithm name and properties. /// /// This corresponds to [`EVP_MD_fetch`]. /// /// Requires OpenSSL 3.0.0 or newer. /// /// [`EVP_MD_fetch`]: https://www.openssl.org/docs/manmaster/man3/EVP_MD_fetch.html #[corresponds(EVP_MD_fetch)] #[cfg(ossl300)] pub fn fetch( ctx: Option<&LibCtxRef>, Loading Loading @@ -213,20 +208,14 @@ unsafe impl Send for MdRef {} impl MdRef { /// Returns the size of the digest in bytes. /// /// This corresponds to [`EVP_MD_size`]. /// /// [`EVP_MD_size`]: https://www.openssl.org/docs/manmaster/man3/EVP_MD_size.html #[corresponds(EVP_MD_size)] #[inline] pub fn size(&self) -> usize { unsafe { ffi::EVP_MD_size(self.as_ptr()) as usize } } /// Returns the [`Nid`] of the digest. /// /// This corresponds to [`EVP_MD_type`]. /// /// [`EVP_MD_type`]: https://www.openssl.org/docs/manmaster/man3/EVP_MD_type.html #[corresponds(EVP_MD_type)] #[inline] pub fn type_(&self) -> Nid { unsafe { Nid::from_raw(ffi::EVP_MD_type(self.as_ptr())) } Loading openssl/src/memcmp.rs +2 −0 Original line number Diff line number Diff line Loading @@ -30,6 +30,7 @@ //! assert!(!eq(&a, &c)); //! ``` use libc::size_t; use openssl_macros::corresponds; /// Returns `true` iff `a` and `b` contain the same bytes. /// Loading Loading @@ -60,6 +61,7 @@ use libc::size_t; /// assert!(!eq(&a, &b)); /// assert!(!eq(&a, &c)); /// ``` #[corresponds(CRYPTO_memcmp)] pub fn eq(a: &[u8], b: &[u8]) -> bool { assert!(a.len() == b.len()); let ret = unsafe { Loading openssl/src/nid.rs +7 −10 Original line number Diff line number Diff line Loading @@ -7,6 +7,7 @@ use std::str; use crate::cvt_p; use crate::error::ErrorStack; use openssl_macros::corresponds; /// The digest and public-key algorithms associated with a signature. pub struct SignatureAlgorithms { Loading Loading @@ -61,8 +62,7 @@ impl Nid { } /// Creates a new `Nid` for the `oid` with short name `sn` and long name `ln`. /// /// This corresponds to `OBJ_create` #[corresponds(OBJ_create)] pub fn create(oid: &str, sn: &str, ln: &str) -> Result<Nid, ErrorStack> { unsafe { ffi::init(); Loading @@ -81,6 +81,7 @@ impl Nid { /// Returns the `Nid`s of the digest and public key algorithms associated with a signature ID. /// /// This corresponds to `OBJ_find_sigid_algs`. #[corresponds(OBJ_find_sigid_algs)] #[allow(clippy::trivially_copy_pass_by_ref)] pub fn signature_algorithms(&self) -> Option<SignatureAlgorithms> { unsafe { Loading @@ -97,10 +98,8 @@ impl Nid { } } /// Return the string representation of a `Nid` (long) /// This corresponds to [`OBJ_nid2ln`] /// /// [`OBJ_nid2ln`]: https://www.openssl.org/docs/man1.1.0/crypto/OBJ_nid2ln.html /// Returns the string representation of a `Nid` (long). #[corresponds(OBJ_nid2ln)] #[allow(clippy::trivially_copy_pass_by_ref)] pub fn long_name(&self) -> Result<&'static str, ErrorStack> { unsafe { Loading @@ -109,10 +108,8 @@ impl Nid { } } /// Return the string representation of a `Nid` (short) /// This corresponds to [`OBJ_nid2sn`] /// /// [`OBJ_nid2sn`]: https://www.openssl.org/docs/man1.1.0/crypto/OBJ_nid2sn.html /// Returns the string representation of a `Nid` (short). #[corresponds(OBJ_nid2sn)] #[allow(clippy::trivially_copy_pass_by_ref)] pub fn short_name(&self) -> Result<&'static str, ErrorStack> { unsafe { Loading openssl/src/ocsp.rs +14 −16 Original line number Diff line number Diff line Loading @@ -12,6 +12,7 @@ use crate::util::ForeignTypeRefExt; use crate::x509::store::X509StoreRef; use crate::x509::{X509Ref, X509}; use crate::{cvt, cvt_p}; use openssl_macros::corresponds; bitflags! { pub struct OcspFlag: c_ulong { Loading Loading @@ -127,6 +128,7 @@ impl<'a> OcspStatus<'a> { /// /// The `maxsec` parameter limits the maximum age of the `this_update` parameter to prohibit /// very old responses. #[corresponds(OCSP_check_validity)] pub fn check_validity(&self, nsec: u32, maxsec: Option<u32>) -> Result<(), ErrorStack> { unsafe { cvt(ffi::OCSP_check_validity( Loading @@ -153,6 +155,7 @@ impl OcspBasicResponseRef { /// /// The `certs` parameter contains a set of certificates that will be searched when locating the /// OCSP response signing certificate. Some responders do not include this in the response. #[corresponds(OCSP_basic_verify)] pub fn verify( &self, certs: &StackRef<X509>, Loading @@ -171,6 +174,7 @@ impl OcspBasicResponseRef { } /// Looks up the status for the specified certificate ID. #[corresponds(OCSP_resp_find_status)] pub fn find_status<'a>(&'a self, id: &OcspCertIdRef) -> Option<OcspStatus<'a>> { unsafe { let mut status = ffi::V_OCSP_CERTSTATUS_UNKNOWN; Loading Loading @@ -215,6 +219,7 @@ foreign_type_and_impl_send_sync! { impl OcspCertId { /// Constructs a certificate ID for certificate `subject`. #[corresponds(OCSP_cert_to_id)] pub fn from_cert( digest: MessageDigest, subject: &X509Ref, Loading Loading @@ -243,6 +248,7 @@ impl OcspResponse { /// Creates an OCSP response from the status and optional body. /// /// A body should only be provided if `status` is `RESPONSE_STATUS_SUCCESSFUL`. #[corresponds(OCSP_response_create)] pub fn create( status: OcspResponseStatus, body: Option<&OcspBasicResponseRef>, Loading @@ -260,10 +266,7 @@ impl OcspResponse { from_der! { /// Deserializes a DER-encoded OCSP response. /// /// This corresponds to [`d2i_OCSP_RESPONSE`]. /// /// [`d2i_OCSP_RESPONSE`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_OCSP_RESPONSE.html #[corresponds(d2i_OCSP_RESPONSE)] from_der, OcspResponse, ffi::d2i_OCSP_RESPONSE Loading @@ -273,15 +276,13 @@ impl OcspResponse { impl OcspResponseRef { to_der! { /// Serializes the response to its standard DER encoding. /// /// This corresponds to [`i2d_OCSP_RESPONSE`]. /// /// [`i2d_OCSP_RESPONSE`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_OCSP_RESPONSE.html #[corresponds(i2d_OCSP_RESPONSE)] to_der, ffi::i2d_OCSP_RESPONSE } /// Returns the status of the response. #[corresponds(OCSP_response_status)] pub fn status(&self) -> OcspResponseStatus { unsafe { OcspResponseStatus(ffi::OCSP_response_status(self.as_ptr())) } } Loading @@ -289,6 +290,7 @@ impl OcspResponseRef { /// Returns the basic response. /// /// This will only succeed if `status()` returns `RESPONSE_STATUS_SUCCESSFUL`. #[corresponds(OCSP_response_get1_basic)] pub fn basic(&self) -> Result<OcspBasicResponse, ErrorStack> { unsafe { cvt_p(ffi::OCSP_response_get1_basic(self.as_ptr())).map(OcspBasicResponse) } } Loading @@ -303,6 +305,7 @@ foreign_type_and_impl_send_sync! { } impl OcspRequest { #[corresponds(OCSP_REQUEST_new)] pub fn new() -> Result<OcspRequest, ErrorStack> { unsafe { ffi::init(); Loading @@ -313,10 +316,7 @@ impl OcspRequest { from_der! { /// Deserializes a DER-encoded OCSP request. /// /// This corresponds to [`d2i_OCSP_REQUEST`]. /// /// [`d2i_OCSP_REQUEST`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_OCSP_REQUEST.html #[corresponds(d2i_OCSP_REQUEST)] from_der, OcspRequest, ffi::d2i_OCSP_REQUEST Loading @@ -326,14 +326,12 @@ impl OcspRequest { impl OcspRequestRef { to_der! { /// Serializes the request to its standard DER encoding. /// /// This corresponds to [`i2d_OCSP_REQUEST`]. /// /// [`i2d_OCSP_REQUEST`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_OCSP_REQUEST.html #[corresponds(i2d_OCSP_REQUEST)] to_der, ffi::i2d_OCSP_REQUEST } #[corresponds(OCSP_request_add0_id)] pub fn add_id(&mut self, id: OcspCertId) -> Result<&mut OcspOneReqRef, ErrorStack> { unsafe { let ptr = cvt_p(ffi::OCSP_request_add0_id(self.as_ptr(), id.as_ptr()))?; Loading openssl/src/pkcs12.rs +5 −8 Original line number Diff line number Diff line Loading @@ -12,6 +12,7 @@ use crate::stack::Stack; use crate::util::ForeignTypeExt; use crate::x509::{X509Ref, X509}; use crate::{cvt, cvt_p}; use openssl_macros::corresponds; foreign_type_and_impl_send_sync! { type CType = ffi::PKCS12; Loading @@ -24,15 +25,13 @@ foreign_type_and_impl_send_sync! { impl Pkcs12Ref { to_der! { /// Serializes the `Pkcs12` to its standard DER encoding. /// /// This corresponds to [`i2d_PKCS12`]. /// /// [`i2d_PKCS12`]: https://www.openssl.org/docs/manmaster/man3/i2d_PKCS12.html #[corresponds(i2d_PKCS12)] to_der, ffi::i2d_PKCS12 } /// Extracts the contents of the `Pkcs12`. #[corresponds(PKCS12_parse)] pub fn parse(&self, pass: &str) -> Result<ParsedPkcs12, ErrorStack> { unsafe { let pass = CString::new(pass.as_bytes()).unwrap(); Loading Loading @@ -62,10 +61,7 @@ impl Pkcs12Ref { impl Pkcs12 { from_der! { /// Deserializes a DER-encoded PKCS#12 archive. /// /// This corresponds to [`d2i_PKCS12`]. /// /// [`d2i_PKCS12`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_PKCS12.html #[corresponds(d2i_PKCS12)] from_der, Pkcs12, ffi::d2i_PKCS12 Loading Loading @@ -149,6 +145,7 @@ impl Pkcs12Builder { /// * `friendly_name` - user defined name for the certificate /// * `pkey` - key to store /// * `cert` - certificate to store #[corresponds(PKCS12_create)] pub fn build<T>( self, password: &str, Loading Loading
openssl/src/md.rs +5 −16 Original line number Diff line number Diff line Loading @@ -7,6 +7,7 @@ use crate::lib_ctx::LibCtxRef; use crate::nid::Nid; use cfg_if::cfg_if; use foreign_types::{ForeignTypeRef, Opaque}; use openssl_macros::corresponds; #[cfg(ossl300)] use std::ffi::CString; #[cfg(ossl300)] Loading Loading @@ -75,10 +76,7 @@ unsafe impl Send for Md {} impl Md { /// Returns the `Md` corresponding to an [`Nid`]. /// /// This corresponds to [`EVP_get_digestbynid`]. /// /// [`EVP_get_digestbynid`]: https://www.openssl.org/docs/manmaster/crypto/EVP_DigestInit.html #[corresponds(EVP_get_digestbynid)] pub fn from_nid(type_: Nid) -> Option<&'static MdRef> { unsafe { let ptr = ffi::EVP_get_digestbynid(type_.as_raw()); Loading @@ -92,11 +90,8 @@ impl Md { /// Fetches an `Md` object corresponding to the specified algorithm name and properties. /// /// This corresponds to [`EVP_MD_fetch`]. /// /// Requires OpenSSL 3.0.0 or newer. /// /// [`EVP_MD_fetch`]: https://www.openssl.org/docs/manmaster/man3/EVP_MD_fetch.html #[corresponds(EVP_MD_fetch)] #[cfg(ossl300)] pub fn fetch( ctx: Option<&LibCtxRef>, Loading Loading @@ -213,20 +208,14 @@ unsafe impl Send for MdRef {} impl MdRef { /// Returns the size of the digest in bytes. /// /// This corresponds to [`EVP_MD_size`]. /// /// [`EVP_MD_size`]: https://www.openssl.org/docs/manmaster/man3/EVP_MD_size.html #[corresponds(EVP_MD_size)] #[inline] pub fn size(&self) -> usize { unsafe { ffi::EVP_MD_size(self.as_ptr()) as usize } } /// Returns the [`Nid`] of the digest. /// /// This corresponds to [`EVP_MD_type`]. /// /// [`EVP_MD_type`]: https://www.openssl.org/docs/manmaster/man3/EVP_MD_type.html #[corresponds(EVP_MD_type)] #[inline] pub fn type_(&self) -> Nid { unsafe { Nid::from_raw(ffi::EVP_MD_type(self.as_ptr())) } Loading
openssl/src/memcmp.rs +2 −0 Original line number Diff line number Diff line Loading @@ -30,6 +30,7 @@ //! assert!(!eq(&a, &c)); //! ``` use libc::size_t; use openssl_macros::corresponds; /// Returns `true` iff `a` and `b` contain the same bytes. /// Loading Loading @@ -60,6 +61,7 @@ use libc::size_t; /// assert!(!eq(&a, &b)); /// assert!(!eq(&a, &c)); /// ``` #[corresponds(CRYPTO_memcmp)] pub fn eq(a: &[u8], b: &[u8]) -> bool { assert!(a.len() == b.len()); let ret = unsafe { Loading
openssl/src/nid.rs +7 −10 Original line number Diff line number Diff line Loading @@ -7,6 +7,7 @@ use std::str; use crate::cvt_p; use crate::error::ErrorStack; use openssl_macros::corresponds; /// The digest and public-key algorithms associated with a signature. pub struct SignatureAlgorithms { Loading Loading @@ -61,8 +62,7 @@ impl Nid { } /// Creates a new `Nid` for the `oid` with short name `sn` and long name `ln`. /// /// This corresponds to `OBJ_create` #[corresponds(OBJ_create)] pub fn create(oid: &str, sn: &str, ln: &str) -> Result<Nid, ErrorStack> { unsafe { ffi::init(); Loading @@ -81,6 +81,7 @@ impl Nid { /// Returns the `Nid`s of the digest and public key algorithms associated with a signature ID. /// /// This corresponds to `OBJ_find_sigid_algs`. #[corresponds(OBJ_find_sigid_algs)] #[allow(clippy::trivially_copy_pass_by_ref)] pub fn signature_algorithms(&self) -> Option<SignatureAlgorithms> { unsafe { Loading @@ -97,10 +98,8 @@ impl Nid { } } /// Return the string representation of a `Nid` (long) /// This corresponds to [`OBJ_nid2ln`] /// /// [`OBJ_nid2ln`]: https://www.openssl.org/docs/man1.1.0/crypto/OBJ_nid2ln.html /// Returns the string representation of a `Nid` (long). #[corresponds(OBJ_nid2ln)] #[allow(clippy::trivially_copy_pass_by_ref)] pub fn long_name(&self) -> Result<&'static str, ErrorStack> { unsafe { Loading @@ -109,10 +108,8 @@ impl Nid { } } /// Return the string representation of a `Nid` (short) /// This corresponds to [`OBJ_nid2sn`] /// /// [`OBJ_nid2sn`]: https://www.openssl.org/docs/man1.1.0/crypto/OBJ_nid2sn.html /// Returns the string representation of a `Nid` (short). #[corresponds(OBJ_nid2sn)] #[allow(clippy::trivially_copy_pass_by_ref)] pub fn short_name(&self) -> Result<&'static str, ErrorStack> { unsafe { Loading
openssl/src/ocsp.rs +14 −16 Original line number Diff line number Diff line Loading @@ -12,6 +12,7 @@ use crate::util::ForeignTypeRefExt; use crate::x509::store::X509StoreRef; use crate::x509::{X509Ref, X509}; use crate::{cvt, cvt_p}; use openssl_macros::corresponds; bitflags! { pub struct OcspFlag: c_ulong { Loading Loading @@ -127,6 +128,7 @@ impl<'a> OcspStatus<'a> { /// /// The `maxsec` parameter limits the maximum age of the `this_update` parameter to prohibit /// very old responses. #[corresponds(OCSP_check_validity)] pub fn check_validity(&self, nsec: u32, maxsec: Option<u32>) -> Result<(), ErrorStack> { unsafe { cvt(ffi::OCSP_check_validity( Loading @@ -153,6 +155,7 @@ impl OcspBasicResponseRef { /// /// The `certs` parameter contains a set of certificates that will be searched when locating the /// OCSP response signing certificate. Some responders do not include this in the response. #[corresponds(OCSP_basic_verify)] pub fn verify( &self, certs: &StackRef<X509>, Loading @@ -171,6 +174,7 @@ impl OcspBasicResponseRef { } /// Looks up the status for the specified certificate ID. #[corresponds(OCSP_resp_find_status)] pub fn find_status<'a>(&'a self, id: &OcspCertIdRef) -> Option<OcspStatus<'a>> { unsafe { let mut status = ffi::V_OCSP_CERTSTATUS_UNKNOWN; Loading Loading @@ -215,6 +219,7 @@ foreign_type_and_impl_send_sync! { impl OcspCertId { /// Constructs a certificate ID for certificate `subject`. #[corresponds(OCSP_cert_to_id)] pub fn from_cert( digest: MessageDigest, subject: &X509Ref, Loading Loading @@ -243,6 +248,7 @@ impl OcspResponse { /// Creates an OCSP response from the status and optional body. /// /// A body should only be provided if `status` is `RESPONSE_STATUS_SUCCESSFUL`. #[corresponds(OCSP_response_create)] pub fn create( status: OcspResponseStatus, body: Option<&OcspBasicResponseRef>, Loading @@ -260,10 +266,7 @@ impl OcspResponse { from_der! { /// Deserializes a DER-encoded OCSP response. /// /// This corresponds to [`d2i_OCSP_RESPONSE`]. /// /// [`d2i_OCSP_RESPONSE`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_OCSP_RESPONSE.html #[corresponds(d2i_OCSP_RESPONSE)] from_der, OcspResponse, ffi::d2i_OCSP_RESPONSE Loading @@ -273,15 +276,13 @@ impl OcspResponse { impl OcspResponseRef { to_der! { /// Serializes the response to its standard DER encoding. /// /// This corresponds to [`i2d_OCSP_RESPONSE`]. /// /// [`i2d_OCSP_RESPONSE`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_OCSP_RESPONSE.html #[corresponds(i2d_OCSP_RESPONSE)] to_der, ffi::i2d_OCSP_RESPONSE } /// Returns the status of the response. #[corresponds(OCSP_response_status)] pub fn status(&self) -> OcspResponseStatus { unsafe { OcspResponseStatus(ffi::OCSP_response_status(self.as_ptr())) } } Loading @@ -289,6 +290,7 @@ impl OcspResponseRef { /// Returns the basic response. /// /// This will only succeed if `status()` returns `RESPONSE_STATUS_SUCCESSFUL`. #[corresponds(OCSP_response_get1_basic)] pub fn basic(&self) -> Result<OcspBasicResponse, ErrorStack> { unsafe { cvt_p(ffi::OCSP_response_get1_basic(self.as_ptr())).map(OcspBasicResponse) } } Loading @@ -303,6 +305,7 @@ foreign_type_and_impl_send_sync! { } impl OcspRequest { #[corresponds(OCSP_REQUEST_new)] pub fn new() -> Result<OcspRequest, ErrorStack> { unsafe { ffi::init(); Loading @@ -313,10 +316,7 @@ impl OcspRequest { from_der! { /// Deserializes a DER-encoded OCSP request. /// /// This corresponds to [`d2i_OCSP_REQUEST`]. /// /// [`d2i_OCSP_REQUEST`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_OCSP_REQUEST.html #[corresponds(d2i_OCSP_REQUEST)] from_der, OcspRequest, ffi::d2i_OCSP_REQUEST Loading @@ -326,14 +326,12 @@ impl OcspRequest { impl OcspRequestRef { to_der! { /// Serializes the request to its standard DER encoding. /// /// This corresponds to [`i2d_OCSP_REQUEST`]. /// /// [`i2d_OCSP_REQUEST`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_OCSP_REQUEST.html #[corresponds(i2d_OCSP_REQUEST)] to_der, ffi::i2d_OCSP_REQUEST } #[corresponds(OCSP_request_add0_id)] pub fn add_id(&mut self, id: OcspCertId) -> Result<&mut OcspOneReqRef, ErrorStack> { unsafe { let ptr = cvt_p(ffi::OCSP_request_add0_id(self.as_ptr(), id.as_ptr()))?; Loading
openssl/src/pkcs12.rs +5 −8 Original line number Diff line number Diff line Loading @@ -12,6 +12,7 @@ use crate::stack::Stack; use crate::util::ForeignTypeExt; use crate::x509::{X509Ref, X509}; use crate::{cvt, cvt_p}; use openssl_macros::corresponds; foreign_type_and_impl_send_sync! { type CType = ffi::PKCS12; Loading @@ -24,15 +25,13 @@ foreign_type_and_impl_send_sync! { impl Pkcs12Ref { to_der! { /// Serializes the `Pkcs12` to its standard DER encoding. /// /// This corresponds to [`i2d_PKCS12`]. /// /// [`i2d_PKCS12`]: https://www.openssl.org/docs/manmaster/man3/i2d_PKCS12.html #[corresponds(i2d_PKCS12)] to_der, ffi::i2d_PKCS12 } /// Extracts the contents of the `Pkcs12`. #[corresponds(PKCS12_parse)] pub fn parse(&self, pass: &str) -> Result<ParsedPkcs12, ErrorStack> { unsafe { let pass = CString::new(pass.as_bytes()).unwrap(); Loading Loading @@ -62,10 +61,7 @@ impl Pkcs12Ref { impl Pkcs12 { from_der! { /// Deserializes a DER-encoded PKCS#12 archive. /// /// This corresponds to [`d2i_PKCS12`]. /// /// [`d2i_PKCS12`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_PKCS12.html #[corresponds(d2i_PKCS12)] from_der, Pkcs12, ffi::d2i_PKCS12 Loading Loading @@ -149,6 +145,7 @@ impl Pkcs12Builder { /// * `friendly_name` - user defined name for the certificate /// * `pkey` - key to store /// * `cert` - certificate to store #[corresponds(PKCS12_create)] pub fn build<T>( self, password: &str, Loading
