libp2p/go-openssl
1
0
Fork 0
mirror of https://github.com/libp2p/go-openssl.git synced 2025-03-14 11:40:07 +08:00
Code Issues Projects Releases Wiki Activity
216 Commits 7 Branches 8 Tags 465 KiB
8eed0269cd
Commit Graph

216 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stephen Gallagher
28dd155517 Fix typo in LoadPrivateKeyFromPEMWidthPassword 
Fixes #62
 2017-04-14 09:50:34 -06:00
Scott Kidder
535a60be66 HMAC functions 
Resolves #35

Author:    Scott Kidder <skidder@brightcove.com>
Date:      Fri May 22 10:41:35 2015 -0700

	First commit of HMAC functions
	Renamed HMAC Update function to Write
	Eliminate debug logging
	Compare the HMAC result
	Call Reset function in Final return statement
 2017-03-03 12:35:14 -07:00
Jeff Wendling
2980c58b82 fix bug with hostname validation on newer openssl 
the signature for the X509_check_host function takes
a char **peername, and our vendored hostname code does
not have this argument. hilarity ensues!!

so since we never use it, just have our vendored code
ignore it.

Change-Id: I4fdf0a4cd43738e4cc7261e4e2d16a9deef1ac82
 2017-03-02 15:14:35 -07:00
Jeff Wendling
fd0849ed03 add flags to work with homebrew openssl by default 
Change-Id: I1599b4585850d81d4bc43dc067321af15ad3fafd
 2017-03-02 15:14:35 -07:00
Jeff Wendling
90498e17ed expose information about the *SSL on the *Conn 
Change-Id: I844ecc4b82472e6d7a8476da2f5380f05f274b7c
 2017-03-02 15:14:35 -07:00
JT Olds
d63025916b Merge pull request #67 from diffeo/master 
FIPS Mode capability
 2016-11-28 18:02:28 -07:00
kujenga
ddb2b54e96
lock OS thread when changing FIPS mode 
Based on a PR comment here: https://github.com/spacemonkeygo/openssl/pull/42
 2016-11-28 19:43:27 -05:00
kujenga
9257638928
comment FIPS method, docs link, fix darwin build flag 2016-11-28 17:42:34 -05:00
kujenga
6f143c2df6
add FIPS mode from fork 
This introduces this file: https://github.com/10gen/openssl/blob/master/fips.go
Which was pointed to from this issue: https://github.com/spacemonkeygo/openssl/issues/37
 2016-11-28 16:39:24 -05:00
Colin Misare
a0b9b65330 adding GenerateRSAKeyWithExponent 2016-08-09 18:51:09 -06:00
Colin Misare
2ffbf8f57a adding LoadPrivateKeyFromDER 2016-08-09 18:51:05 -06:00
Colin Misare
ef69faf59b adding SHA1 and SHA512 Methods 2016-05-17 17:38:34 -06:00
Jeff Wendling
fb0c387e74 fixes for go1.6 
Change-Id: I35a41afbdfe2016f7b0967087deb7b418dca2bb2
 2016-03-24 14:41:08 +00:00
JT Olds
71f9da2a48 Merge pull request #41 from rfjakob/master 
Fix build with openssl 1.0.2d
 2015-11-29 11:55:40 -07:00
JT Olds
e6f40e41ef fix a leak and compiler error 2015-11-29 11:45:32 -07:00
JT Olds
5230a35d68 Merge pull request #34 from norx85/master 
Add of method to permit the load of private key with password
 2015-11-29 11:42:00 -07:00
JT Olds
e54919e9db Merge pull request #31 from phuslu/serial_bigint 
make CertificateInfo Serial type to *big.Int
 2015-11-29 11:40:07 -07:00
Viacheslav Biriukov
149d3f13bd add SNI (RFC 6066) 2015-11-29 11:31:05 -07:00
Jakob Unterwurzacher
a262611e6f Fix build with openssl 1.0.2d 
On Fedora 23, the build fails like this:

	go build
	# github.com/spacemonkeygo/openssl
	/usr/bin/ld: $WORK/github.com/spacemonkeygo/openssl/_obj/cert.cgo2.o: undefined reference to symbol 'EVP_dss1@@libcrypto.so.10'
	/usr/lib64/libcrypto.so.10: error adding symbols: DSO missing from command line
	collect2: error: ld returned 1 exit status

Adding "libcrypto" to the linker flags fixes the issue.
 2015-11-29 18:42:51 +01:00
Andrew Harding
e16f9ab26d added method to get verify code from cert store ctx 
Change-Id: I0a842d144b85756a2ad96df15c6cd25ce4761f62
 2015-10-13 12:50:46 -06:00
Andrew Harding
327ffad934 fix double-free when adding cert to chain 
Change-Id: I8d6fd56642ac5f87dd9fb4f78df64bb1f39494b7
 2015-10-12 14:55:54 -06:00
Jeff Wendling
4d3c3b16ef support session resumption and hooking into the ticket callback 
Change-Id: I8e12e4c1f0a8b350853a41636035baf1cfb0c952
 2015-06-09 20:31:03 +00:00
Andrew Harding
0c8dfef3f6 get x509 name entry 
Change-Id: I75b097b206888cfe066d5470b9cdaec9da950244
 2015-06-01 13:46:25 -06:00
Giulio
730bda13bd added LoadPrivateKeyFromPEMWidthPassword method to permit the load of private key with password 2015-05-20 12:03:47 +02:00
JT Olds
c598d1a3f3 Merge pull request #32 from bak1an/session_cache_opts 
Session cache opts
 2015-05-14 02:18:21 -06:00
Anton Baklanov
1d354f480d use time.Duration instead of int to specify session timeout 2015-05-14 09:17:34 +03:00
Anton Baklanov
c96ed22afd add basic test for Ctx session cache timeout/size options 2015-05-13 12:25:03 +03:00
Anton Baklanov
8d2efad227 add a few session cache options getters and setters 2015-05-12 22:18:27 +03:00
Phus Lu
175e155dd4 make CertificateInfo Serial type to *big.Int 2015-04-04 20:22:19 +08:00
JT Olds
84b5df4774 Merge pull request #29 from gabrielrussell/openssl-1.0.2_check 
Only compile X509_check_* functions when building against openssl < 1.0.2
 2015-03-09 14:47:02 -06:00
Gabriel Russell
9814818d06 Only compile X509_check_* functions when building against openssl < 1.0.2 2015-03-09 15:12:11 -04:00
Jeff
8feeee5748 Merge pull request #26 from scottjg/openssl-1.0.0-fix 
fix compilation for later openssl
 2015-03-04 12:56:00 -07:00
Scott J. Goldman
dfb921e960 fix compilation for later openssl 
in later openssl, the key param in EVP_PKEY_assign changed from char* to
void*. causes this error:
../github.com/spacemonkeygo/openssl/key.go:324: cannot use
(*C.char)(unsafe.Pointer(rsa)) (type *C.char) as type unsafe.Pointer in
argument to _Cfunc_EVP_PKEY_assign
 2015-02-24 05:33:55 -05:00
JT Olds
2c9a3f31d1 Merge pull request #23 from carlosmn/osx 
OSX fixes
 2015-01-22 17:16:51 -07:00
paul cannon
d0177cb6a7 Fix init'ing non-authenticated decryption contexts 
As pointed out by ishbir in issue 24, the applyKeyAndIV function was
incorrectly always using EVP_EncryptInit_ex(), even when the underlying
context being initialized was for a decryption.

This change causes it to select the right initializer based on the
"encrypt" field in the EVP_CIPHER_CTX. A test is also added which
verifies a fix.

Closes #24.
 2014-12-19 02:32:36 -06:00
Carlos Martín Nieto
20fdb1c664 Work with versions pickier about C types 
Newer versions of Go (at least 1.4) do not like mixing C pointer
types. Cast an unsafe.Pointer to *C.char to make the compiler see
matching types.
 2014-12-12 09:15:49 +01:00
Carlos Martín Nieto
2156e293c7 Hide deprecated declarations on OSX 
We know that they've decided that OpenSSL is deprecated and the huge
list of warnings obscures any useful ones about the code we're actually
trying to build.
 2014-12-12 09:05:38 +01:00
Carlos Martín Nieto
75f8149306 MacOSX does not have the TLSv1_X_method() functions 
The header does define TLS1_X_VERSION, but the version-specific
functions are not available.
 2014-12-12 08:55:33 +01:00
JT Olds
0e53dd5595 Merge pull request #22 from cfredmakecode/master 
added diffie-hellman parameter functions. allows using DHE-* cipher suites
 2014-12-11 17:38:54 -07:00
Christopher Fredericks
e370f5d276 added diffie-hellman parameter functions. allows using DHE-* cipher suites 2014-12-10 20:38:24 -05:00
JT Olds
ee399ccc2a Merge pull request #21 from lunixbochs/store 
Add support for loading chains from a single PEM
 2014-11-19 00:50:28 -07:00
Ryan Hileman
579612b5c0 add NewCert..Store(), LoadCert..sFromPEM() 2014-11-18 23:25:48 -08:00
Ryan Hileman
111569c406 add support for chains in ListenAndServeTLS 2014-11-18 23:25:48 -08:00
Ryan Hileman
9bed092d70 add pem.go with SplitPEM function 2014-11-18 23:25:48 -08:00
JT Olds
a6e28b4958 Merge pull request #18 from lunixbochs/keygen 
restructure certs/keys; add key/cert generation
 2014-11-18 21:57:17 -07:00
Ryan Hileman
1a2646cde3 improve GC handling (fixes #10) 2014-11-18 17:47:46 -08:00
Ryan Hileman
3945574fd1 restructure certs/keys; add key/cert generation 
NID is also now an exposed type
 2014-11-18 17:47:07 -08:00
JT Olds
aaf49c2d58 openssl: grave admonitions 
Change-Id: I03fa44c36300404c1efd636c6bb48d4a25be83e4
 2014-10-19 23:25:04 -06:00
Jeff Wendling
67e06b66c4 fix darwin build 
since apple packages a really old openssl version, some of the constants
introduced recently were not present. on darwin, don't compile them in unless
explicititly asked for with the 'brew' build tag.

fixes #14
 2014-10-09 11:25:36 -06:00
JT Olds
62e1937684 Merge pull request #13 from bramp/verify-result 
Added support for SSL_get_verify_result(..)
 2014-10-08 11:04:20 -06:00