diff --git a/Cargo.lock b/Cargo.lock index 43fe59d..0183615 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -55,12 +55,6 @@ version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" -[[package]] -name = "bitflags" -version = "2.4.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed570934406eb16438a4e976b1b4500774099c13b8cb96eec99f620f05090ddf" - [[package]] name = "block-buffer" version = "0.10.4" @@ -295,21 +289,6 @@ version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1676f435fc1dadde4d03e43f5d62b259e1ce5f40bd4ffb21db2b42ebe59c1382" -[[package]] -name = "foreign-types" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" -dependencies = [ - "foreign-types-shared", -] - -[[package]] -name = "foreign-types-shared" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" - [[package]] name = "generic-array" version = "0.14.7" @@ -466,44 +445,6 @@ version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381" -[[package]] -name = "openssl" -version = "0.10.64" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "95a0481286a310808298130d22dd1fef0fa571e05a8f44ec801801e84b216b1f" -dependencies = [ - "bitflags", - "cfg-if", - "foreign-types", - "libc", - "once_cell", - "openssl-macros", - "openssl-sys", -] - -[[package]] -name = "openssl-macros" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "openssl-sys" -version = "0.9.101" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dda2b0f344e78efc2facf7d195d098df0dd72151b26ab98da807afc26c198dff" -dependencies = [ - "cc", - "libc", - "pkg-config", - "vcpkg", -] - [[package]] name = "p256" version = "0.13.2" @@ -575,12 +516,6 @@ dependencies = [ "spki", ] -[[package]] -name = "pkg-config" -version = "0.3.30" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d231b230927b5e4ad203db57bbcbee2802f6bce620b1e4a9024a07d94e2907ec" - [[package]] name = "platforms" version = "3.3.0" @@ -760,11 +695,9 @@ dependencies = [ "ecdsa", "ed25519-dalek", "hmac", - "openssl", "p256", "p384", "paste", - "pem-rfc7468", "pkcs8", "rand_core", "rsa", @@ -922,12 +855,6 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" -[[package]] -name = "vcpkg" -version = "0.2.15" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" - [[package]] name = "version_check" version = "0.9.4" diff --git a/Cargo.toml b/Cargo.toml index 41dddfc..b50d4a9 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -43,7 +43,3 @@ std = ["alloc", "webpki/std", "pki-types/std", "rustls/std", "ed25519-dalek/std" # TODO: go through all of these to ensure to_vec etc. impls are exposed alloc = ["webpki/alloc", "pki-types/alloc", "aead/alloc", "ed25519-dalek/alloc"] zeroize = ["ed25519-dalek/zeroize", "x25519-dalek/zeroize"] - -[dev-dependencies] -openssl = { version = "0.10", default-features = false } -pem-rfc7468 = { version = "0.7", default-features = false, features = ["alloc"] } diff --git a/certs/Makefile b/certs/Makefile deleted file mode 100644 index e2d13cb..0000000 --- a/certs/Makefile +++ /dev/null @@ -1,62 +0,0 @@ -ed25519: ed25519-key ed25519-csr sign-ed25519-csr pk12-ed25519 - -rsa4096: rsa4096-key rsa4096-csr sign-rsa4096-csr pk12-rsa4096 - -clean: - rm rustcryp.to.key rustcryp.to.csr rustcryp.to.crt - -## Server Cert Keys - -ed25519-key: - openssl genpkey -algorithm ED25519 > rustcryp.to.ed25519.key - -rsa4096-key: - openssl genrsa -out rustcryp.to.rsa4096.key 4096 - -## CA - -ca-rsa4096-key: - openssl genrsa -out ca.rsa4096.key 4096 - -ca-rsa4096-crt: ca-rsa4096-key - openssl req -x509 -new -nodes -key ca.rsa4096.key -out ca.rsa4096.crt \ - -subj /C=XX/ST=YY/L=Antarctica/O=RustCrypto/OU=Contributors/CN=ca.rustcryp.to - -## CSR - -ed25519-csr: - openssl req -new -out rustcryp.to.ed25519.csr -key rustcryp.to.ed25519.key -config openssl.cnf - -rsa4096-csr: rsa4096-key - openssl req -new -out rustcryp.to.rsa4096.csr -key rustcryp.to.rsa4096.key -config cert.cnf - - -## Sign PKCS10 CA certified - -ca-sign-rsa4096-csr: - openssl x509 -req \ - -in rustcryp.to.rsa4096.csr \ - -out rustcryp.to.rsa4096.ca_signed.crt \ - -CA ca.rsa4096.crt \ - -CAkey ca.rsa4096.key \ - -CAcreateserial \ - -days 30 \ - -extensions v3_end \ - -extfile openssl.cnf - -## Sign PKCS10 self-certified - -sign-ed25591-csr: - openssl x509 -req -days 30 -in rustcryp.to.ed25519.csr -signkey rustcryp.to.ed25519.key -out rustcryp.to.ed25519.crt - -sign-rsa4096-csr: - openssl x509 -req -days 30 -in rustcryp.to.rsa4096csr -signkey rustcryp.to.rsa4096.key -out rustcryp.to.rsa4096.crt - -## Export PKCS12 - -pk12-ed25519: - openssl pkcs12 -export -out rustcryp.to.ed25519.pfx -inkey rustcryp.to.ed25519.key -in rustcryp.to.ed25519.crt -passout pass:test - -pk12-rsa4096: - openssl pkcs12 -export -out rustcryp.to.rsa4096.pfx -inkey rustcryp.to.rsa4096.key -in rustcryp.to.rsa4096.crt -passout pass:test - diff --git a/certs/ca.rsa4096.crt b/certs/ca.rsa4096.crt deleted file mode 100644 index 4f52d2e..0000000 --- a/certs/ca.rsa4096.crt +++ /dev/null @@ -1,33 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFyTCCA7GgAwIBAgIUZx1B7o0SWeXhfT02gERB5Hb9G4wwDQYJKoZIhvcNAQEL -BQAwdDELMAkGA1UEBhMCWFgxCzAJBgNVBAgMAllZMRMwEQYDVQQHDApBbnRhcmN0 -aWNhMRMwEQYDVQQKDApSdXN0Q3J5cHRvMRUwEwYDVQQLDAxDb250cmlidXRvcnMx -FzAVBgNVBAMMDmNhLnJ1c3RjcnlwLnRvMB4XDTI0MDMxODA4MzQzN1oXDTI0MDQx -NzA4MzQzN1owdDELMAkGA1UEBhMCWFgxCzAJBgNVBAgMAllZMRMwEQYDVQQHDApB -bnRhcmN0aWNhMRMwEQYDVQQKDApSdXN0Q3J5cHRvMRUwEwYDVQQLDAxDb250cmli -dXRvcnMxFzAVBgNVBAMMDmNhLnJ1c3RjcnlwLnRvMIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEAh1c9EIxYfevzH7mA+GBNwnDs72Wz5hRRwuP0Or+ujhwI -0nJOBZbxVdqEQRkMCqMDjinUwup1iYHyAzGEVoUNuM3GrC0grhkxc540x47m0YRz -ncCcSgh/dvGVpjlKR33V91dCwHp7LcgegbpoWaGhg+Vu03l0GrLV0ICsmeSPk1qW -5BLW/G6xnSzRjNKnty3U38JwFGvxW+8qs53L8HNYEqFRPlNiS8DgZdtMk+5bgZW9 -Zw7QSTANTsjDUC+E5E5kY9Bedgcg4nMaOpxI3wbeWguNa8Vj+i/jFERFG034fYo4 -oEWB95djGfIL0ULuRbi6JtrHprTJzzQciRpxGXYQl+Txa7jAaoSPZu4I4V4Gh3kh -OUQJGp12LYOcJ36oyruLnliquXrG2YtEwqNV5OyEPKtFUai99l+f54wLKgSNQpvo -phu4OogYFJmC21DqG7XejnYOSjwITWaWt86ee9Q1AQT+JSRp/f+7qM71yUoAH2OJ -dvuauFN2VTHKtR0csmzOEZvTmRXj+ykxdn7i4kAvAVE8RdaiNK/i/dKmV40oQTe3 -eiW7dVa34pl8yQcpJoAi+r/APYpPyh61NOb2Fk4GdF3uXs2muPfHU6WEfmzCow1P -6ZyBRkcktJOztK4PNBykcx7yV0C3L5KPmAi85iAKsvWE4anJugiMxd5bWV9xZ9cC -AwEAAaNTMFEwHQYDVR0OBBYEFHmJDp40jGidJyLW7XHCkfm7KkBwMB8GA1UdIwQY -MBaAFHmJDp40jGidJyLW7XHCkfm7KkBwMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggIBAATry9irnXdVpOF9aFoveqhL452DyNoEF8xJyL0URxauaq84 -F15tLM5fjTX//uOcabYBBIbFwgVtgFtGwkh/HxhzQOpVjli96sxTkYgRpgVXXgT+ -0EPpqDXiRQV94NfcGOXQPImL5GVFbM46FEOvBy0AMiBqlU1eha1z9nbub0r2HD0h -Pu/4OuU8YBenl4RCgB6HsuLYr54dRiHLw+QzryUcot2ItzxpOaFcDS9uMlVb8E14 -MJV/szLKyT9mYQyseMMhOH+HBKZO6zfBedpRZcVQkQpKJ9YG25ZIHevVjSTHpLBZ -kNqkhlS40VemY/BnDGsVWaJHPbW4mPr9uSRB37J2wZR62Tsbyjauou56rTDBQkwd -m1wq7JADyKhwh5aAfee9qhuCPe3Y9bSjx0M9M9pfWCizdEDajvW8vAcK1a55TMvc -udh5vlwvinp5PCISGxuzI/8AAlw+O/fmI7z3oOGsOP0ckZ2GOOJX2DO1AzNX8EXV -N2AFD5kwxVm0GRiiy8DWnHwVEUbp3znYCdBPtU2Q2uRN60hIiEgIWXG4vtclCOoy -PV34tsQM6brspFGZ5UE7rZGoOmj6zFaoUSRSmdpD/X09w3n4iNjut6UmT2D1vwn6 -aEI3s84ezzexw7hCiyzMVe7ZK5vWHFmhUuvi1+J1WzqF60dIh6MEX/MFSHjI ------END CERTIFICATE----- diff --git a/certs/ca.rsa4096.key b/certs/ca.rsa4096.key deleted file mode 100644 index 9743a34..0000000 --- a/certs/ca.rsa4096.key +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCHVz0QjFh96/Mf -uYD4YE3CcOzvZbPmFFHC4/Q6v66OHAjSck4FlvFV2oRBGQwKowOOKdTC6nWJgfID -MYRWhQ24zcasLSCuGTFznjTHjubRhHOdwJxKCH928ZWmOUpHfdX3V0LAenstyB6B -umhZoaGD5W7TeXQastXQgKyZ5I+TWpbkEtb8brGdLNGM0qe3LdTfwnAUa/Fb7yqz -ncvwc1gSoVE+U2JLwOBl20yT7luBlb1nDtBJMA1OyMNQL4TkTmRj0F52ByDicxo6 -nEjfBt5aC41rxWP6L+MUREUbTfh9ijigRYH3l2MZ8gvRQu5FuLom2semtMnPNByJ -GnEZdhCX5PFruMBqhI9m7gjhXgaHeSE5RAkanXYtg5wnfqjKu4ueWKq5esbZi0TC -o1Xk7IQ8q0VRqL32X5/njAsqBI1Cm+imG7g6iBgUmYLbUOobtd6Odg5KPAhNZpa3 -zp571DUBBP4lJGn9/7uozvXJSgAfY4l2+5q4U3ZVMcq1HRyybM4Rm9OZFeP7KTF2 -fuLiQC8BUTxF1qI0r+L90qZXjShBN7d6Jbt1VrfimXzJBykmgCL6v8A9ik/KHrU0 -5vYWTgZ0Xe5ezaa498dTpYR+bMKjDU/pnIFGRyS0k7O0rg80HKRzHvJXQLcvko+Y -CLzmIAqy9YThqcm6CIzF3ltZX3Fn1wIDAQABAoICADGyXhDyiBgNCSSQGISb0FHi -543suYd11KQM0oS0GCPEtZSZNn8k8w+EguXojZxmSYrtX1wHfgt1NOnpR+ABUY2X -uilFFOf5BkifQmA44Bb1XQMDVCB3SF7jzQDRrq3bzjLZzwAguZSRFGqsiV7IVCe7 -mtt6kKCxJIRAi6Ci5fnE3P140Yq2FvBRIc1lGQLRiIZ1vnQxQtpwUyzLd7SeliuZ -It0Q/1ozw/KC+XakouNNmdP7A46sX2abn+SU3mZ7Rq/ENrt+WJvuiiYVd0i2G/XS -oiZ9v/2Bkg/CFeI12lY26B4qB9RjuZcwYxh/TEE72NclpQRZBHXae9P4aqlfyi2D -xxQzQQZebX7Tut5tkyeQGxRxk789DxqZxHbTkCuL7PXS+VaTgcK5pAL7m1Y+3ysc -GhSwVH6QgeghY8m1LCMNGRT3ZObpUfDk4/Bl9oP6FLo31Rkz9+RnQyjktzDEXlEy -4QMhYv5hES6rypA9VW9oJmsnpWeJSNhUFKjKsyRhWGG3bKLXgTzZMGNyEOwliaV1 -FybsccdWD1K447kpmkUn8bQayDM76JDBOcLI5cc4Ddl6i1HOcdGDbGWxTeSvgGAr -boUBGf3wXxOeJsT4KTVs1OCeCswnPnOr5jDhPUVIr8Nttf5B2BxknbH6W3KjGxUJ -EMsdQke1Q+pO661dYvEZAoIBAQC7PPYwFx1QsJk8xqrAVpD8pLktjxxtNzNHjZcm -CtPsG3A4dmdIhducZYJxB9KYo7+rii2AchvnetIUd5fcj173if1BCJtv67/3/IqN -kb7GR6l+YvY+JPmDUjcf1Jq00cPe5aBpTbR7UycGzzcqr/SDWrek2Y5S7d+liZu/ -1RkBthhKXZ+vBLIpAjJhH4IvcfFta5tzZ3mvY7NigWGiE5SN3yNu+WAAUFIea3mU -RW61ftnzvFHHhHQfw7Kr26nSVyqn1vsq7TavTDXrBwozLeqTN/GeNgcH4K3aUitM -NLDMrTV1szv1NsHnDhn3qhzBSzrf1P3GhDb1+BY1Le/TysaTAoIBAQC5CzCWGu2z -p1h7bHcZEdRjoSRUTT3ODhF4EzIVddZB6CKjOqfHjXcKcrzt7pvqWwlc0iR7mXJx -E4kF4UIV40Vb4cqwLbVuessK79x4mAf/NX2zKHixD3XPbAgCHTCfvj1cBwedZcwY -pAoIIocwDMpBqL0165CLLsv7MlXImFb60EjkNNCE4XkJZ7bk1grcpati4LfLrNAs -SUjh9vZED9N//0tF5du4w6jtwm43k9ZIDNH6FFIe8YFHWzHP1eJYrMUv2wZ+nqtP -OaPmvUpdnr7xvrkU+CyI4kah9TlvJjeMzZ0cC7cpmwVAbJqg95XuIMAyeZT/M8zi -AyozNuB/UYAtAoIBAQC5j6MU6fN9omdbmjBjSeeK2t1Cz5AGlSxW/3YKl7SLTG4d -JwsZDsAk8V0jE/Ocnrw4D0sk/vG0qT5GVnfEeLpPbQv2Rcd2Vhf8duYBg62j6CWM -Qht0X0SA5xwGibeA+Fq8LqqZcg8qIbCNyRMNVTBodaGG2K16dpCtCAG5TkHoNkVA -fiThWTAQAENZidaFmtD/9iMrbiNktNR1DXBrJiiVqcz+EFsaNIAN8cmeLmmXqc3r -Bnmt2BEV4ebS93IIKab2i9KEKm+Fr2vIL0PmkNznZgwpFbZGEl95/PE4JwgI8KgI -q8cCMHBewtTtZEP3NM12Qyn2cdXeUy3/KjWCmnXNAoIBAEFeoptkh/SfebKgbrJ8 -iftoQd1GLD9O2P0CSv8p0bcWuqXPYtYsM5GNVxD26j2wS25vDlRbsQIhVJavLRlu -YGJFMcVrYFzXJEOI2OoBS1HtI6rW8UwbmhLcpzeX+EV2f1azZQ1FmQRbbu/QwtFG -s2zen3kc7sM8lPL4pTVoG9IfIqD7x24p+QhJi2Lr+opYPGOB32wkcKY0fXrWM8l3 -jc/58C2RNj3fYR4dQbKAl4J8hPFDnH8x8emzXbV+aafJ4R820OSKSRqD0lMBK/RG -0E22gsvVoGX7CdjNOKz7Y0RqnsX5nYslKIXJ2BZlYKHvD/bE3M4LDqYJWC8fg892 -i0ECggEAXi2lJdFFcsu8o7LYnFz4wIjC0CUuhyRvN66BtD8ggdtnKE2Isggr6EXZ -wzekEWYesNBC4gCYWZSf5uqW5oUs5hpbeW0G8ktFZ4fsMgVkSlMGTwpXGwW8v+d1 -hMeI9PtX4JvfbpYtWqLsjpnSf+l0i07vxAa4movzHs/iYF1/XBxZweGELSpNvyYa -l/7mD55D9XGNPiIo5cNdxya0hvOByVA8HCLf3D1bA9D4cs21OeZirG0YnCQyYmW+ -EqBiJDXPDdzCsBFAFxiRJTkNypBn7P+AWSYHVAOhJTh2sQqA2gNEemQLTajemgpa -CFPGysTiqjSznXbv6loyTwp2Cs1PoA== ------END PRIVATE KEY----- diff --git a/certs/cert.cnf b/certs/cert.cnf deleted file mode 100644 index 6f97235..0000000 --- a/certs/cert.cnf +++ /dev/null @@ -1,21 +0,0 @@ -[req] -default_bits = 4096 -prompt = no -default_md = sha256 -req_extensions = req_ext -distinguished_name = dn - -[ dn ] -C=XX -ST=YY -L=Antarctica -O=Contributors -OU=Testers -emailAddress=hello@rustcryp.to -CN = test.rustcryp.to - -[ req_ext ] -subjectAltName = @alt_names - -[ alt_names ] -DNS.1 = localhost diff --git a/certs/openssl.cnf b/certs/openssl.cnf deleted file mode 100644 index eb94919..0000000 --- a/certs/openssl.cnf +++ /dev/null @@ -1,23 +0,0 @@ -[ v3_end ] -basicConstraints = critical,CA:false -keyUsage = nonRepudiation, digitalSignature -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid:always,issuer:always -subjectAltName = @alt_names - -[ v3_client ] -basicConstraints = critical,CA:false -keyUsage = nonRepudiation, digitalSignature -extendedKeyUsage = critical, clientAuth -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid:always,issuer:always - -[ v3_inter ] -subjectKeyIdentifier = hash -extendedKeyUsage = critical, serverAuth, clientAuth -basicConstraints = CA:true -keyUsage = cRLSign, keyCertSign, digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign - -[ alt_names ] -DNS.1 = www.rustcryp.to -DNS.3 = localhost diff --git a/certs/rustcryp.to.rsa4096.ca_signed.crt b/certs/rustcryp.to.rsa4096.ca_signed.crt deleted file mode 100644 index ba2217d..0000000 --- a/certs/rustcryp.to.rsa4096.ca_signed.crt +++ /dev/null @@ -1,38 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIGszCCBJugAwIBAgIULBS6esIThT88ao9+pOZd5y/bJ70wDQYJKoZIhvcNAQEL -BQAwdDELMAkGA1UEBhMCWFgxCzAJBgNVBAgMAllZMRMwEQYDVQQHDApBbnRhcmN0 -aWNhMRMwEQYDVQQKDApSdXN0Q3J5cHRvMRUwEwYDVQQLDAxDb250cmlidXRvcnMx -FzAVBgNVBAMMDmNhLnJ1c3RjcnlwLnRvMB4XDTI0MDMxODA4MzU1OVoXDTI0MDQx -NzA4MzU1OVowgZUxCzAJBgNVBAYTAlhYMQswCQYDVQQIDAJZWTETMBEGA1UEBwwK -QW50YXJjdGljYTEVMBMGA1UECgwMQ29udHJpYnV0b3JzMRAwDgYDVQQLDAdUZXN0 -ZXJzMSAwHgYJKoZIhvcNAQkBFhFoZWxsb0BydXN0Y3J5cC50bzEZMBcGA1UEAwwQ -dGVzdC5ydXN0Y3J5cC50bzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB -AKOL3HYFIrHcRSSSEcddktLIm1Yf24src2TgKA6ELmFPHqeV0iKNLfNibGfj/NGl -ajFy+SB/bf2koD+MBQiTWVvkO7csZPl/aK3ShqzLqlkGDzGjkudE8BusY+Fn9cPB -/2dsUSaV0FT4yJvPgzQqRqUryMqPe9DVLZ4Lk6O9o22Br71UVOfdVhVu9HqpKydB -7VdHor8PbDej+xqTiZdmkyTleRHqL4QdsB8OG1L/VtHaEuoOrrKgSy/SAxu8fXyI -xZEHue+aUS5OMKu8T9A5yApS+VNGsJ0e5ysqVCS8DjQ/YbtPI1BuTmvlL1KqDdQZ -BzT6yfzAW15hs8X3QBy2DPMFNZiWL6QKeXYULkVIs46im+J2Yc4ZHAXPYpZIvT45 -B3OjQEmuDxLNyW0oCJG4fZagXT06NhsI0q14E52QqpAXXRfPe1DEZ4TG0mL4tKVH -wqZ1QR1nDzWS2d4Jd7vdYVIHYtQ5cqelJg/h9pt07GtjvsO9rWBNtb34COOkAazj -mPKDPTKHHI5omOoHwUAZIbKVFA5B2oaxAspzRX9xYQW4Ua/YICFuPnbVnCFUrkFV -KPq4uX8RoEQQ3qRo/MehAB0uZJWay6qM53luWiMlrIXbwaZu5zXA4i42WGTwVh6N -4C1P0lOwfPRcIXhj1sB0paY1bjVkBGLSbxVXUTxm15bBAgMBAAGjggEZMIIBFTAM -BgNVHRMBAf8EAjAAMAsGA1UdDwQEAwIGwDAdBgNVHQ4EFgQUfB1gPr/ENxOfGfNK -GlFpRutlMnQwgbEGA1UdIwSBqTCBpoAUeYkOnjSMaJ0nItbtccKR+bsqQHCheKR2 -MHQxCzAJBgNVBAYTAlhYMQswCQYDVQQIDAJZWTETMBEGA1UEBwwKQW50YXJjdGlj -YTETMBEGA1UECgwKUnVzdENyeXB0bzEVMBMGA1UECwwMQ29udHJpYnV0b3JzMRcw -FQYDVQQDDA5jYS5ydXN0Y3J5cC50b4IUZx1B7o0SWeXhfT02gERB5Hb9G4wwJQYD -VR0RBB4wHIIPd3d3LnJ1c3RjcnlwLnRvgglsb2NhbGhvc3QwDQYJKoZIhvcNAQEL -BQADggIBAIRW8ysLc+woHqLh5yhghSe4uswtoWDZI9XFFLbssl8FNsbwMn8+nSiX -FYSsyOxyGpPyJaqya0zfMwrZikz7dJcbjz/a6R5DHM04PaYodlH4GROWxKl2XcW4 -q3523tJFJ8I1sbC3FXN3XNQubRPWfrxqUqLz5thefA+i4A81AG8bMT0oZtbtNt3s -iBj+FyRH3XgdE3Hx/X7d8PyUWDnii/1/bp81Q1+zfzBu3Ex3YsfdVUwdJ7+fvnAb -+LJTyVOuMIbwQFoQp2HL4VeBZpdPB7rTLqIL1NCUN5NbG2PeVT3VIZDzoT82903v -b1CqVRawcsMfHAu8vqkWzjTXjLuACoMA0sUeDcnnY53e8SeSfeRX5KDm3KIVE1NJ -JD/2lPfldnIdDwWHbM4AUrEm1896NkrP2bbrFOp4+cjxU5PZnXl9RNFpCCi0Pf4h -B0LSg88ltfnjGAkeXOPxHLfhqmXGHuIlnautbGRBB9m44qmeKNcSbqlP0wULQ+mW -sstteuGHtCQnvKKmlux6RylWFkEki8U0LTE/LWB8BBKqrcB6YmaE8vZR9RWY2V39 -vyszzi3vqTO6Wz4aVXs7mruRZMT5RbanVDPws4ehB/Dysj38AebYTlspJY1yzPwm -OALJkg4Sah/sLShN+OGHPTpjshiMSnFjrO2VlOoMIFR6JGqTSAcR ------END CERTIFICATE----- diff --git a/certs/rustcryp.to.rsa4096.csr b/certs/rustcryp.to.rsa4096.csr deleted file mode 100644 index 29acfd1..0000000 --- a/certs/rustcryp.to.rsa4096.csr +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIFAjCCAuoCAQAwgZUxCzAJBgNVBAYTAlhYMQswCQYDVQQIDAJZWTETMBEGA1UE -BwwKQW50YXJjdGljYTEVMBMGA1UECgwMQ29udHJpYnV0b3JzMRAwDgYDVQQLDAdU -ZXN0ZXJzMSAwHgYJKoZIhvcNAQkBFhFoZWxsb0BydXN0Y3J5cC50bzEZMBcGA1UE -AwwQdGVzdC5ydXN0Y3J5cC50bzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC -ggIBAKOL3HYFIrHcRSSSEcddktLIm1Yf24src2TgKA6ELmFPHqeV0iKNLfNibGfj -/NGlajFy+SB/bf2koD+MBQiTWVvkO7csZPl/aK3ShqzLqlkGDzGjkudE8BusY+Fn -9cPB/2dsUSaV0FT4yJvPgzQqRqUryMqPe9DVLZ4Lk6O9o22Br71UVOfdVhVu9Hqp -KydB7VdHor8PbDej+xqTiZdmkyTleRHqL4QdsB8OG1L/VtHaEuoOrrKgSy/SAxu8 -fXyIxZEHue+aUS5OMKu8T9A5yApS+VNGsJ0e5ysqVCS8DjQ/YbtPI1BuTmvlL1Kq -DdQZBzT6yfzAW15hs8X3QBy2DPMFNZiWL6QKeXYULkVIs46im+J2Yc4ZHAXPYpZI -vT45B3OjQEmuDxLNyW0oCJG4fZagXT06NhsI0q14E52QqpAXXRfPe1DEZ4TG0mL4 -tKVHwqZ1QR1nDzWS2d4Jd7vdYVIHYtQ5cqelJg/h9pt07GtjvsO9rWBNtb34COOk -AazjmPKDPTKHHI5omOoHwUAZIbKVFA5B2oaxAspzRX9xYQW4Ua/YICFuPnbVnCFU -rkFVKPq4uX8RoEQQ3qRo/MehAB0uZJWay6qM53luWiMlrIXbwaZu5zXA4i42WGTw -Vh6N4C1P0lOwfPRcIXhj1sB0paY1bjVkBGLSbxVXUTxm15bBAgMBAAGgJzAlBgkq -hkiG9w0BCQ4xGDAWMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDANBgkqhkiG9w0BAQsF -AAOCAgEANfssW3NTIcZEZ5G7dh91NJzzMkQ+FtKH25eVgDqt5kfeTFP2+bicsMOT -bAj8JUEaSAvhg6tub9acYGdSbvjSjzb5mE/ZULoVZGPTa8uKhiGlMozYFjOPi0P1 -Fp90Pvb2UKKLSnunP9VgjtqVB0yHOCl5AJxFshyXqIFUJBPWJSNDLIDE4NF9MpPL -xWmQ2cOQvgs6YrETxDVw4NrExODDCGszTXeboCyef/ajAe9QXSy2G3MPcR6aBFly -K9qs63VqFOM8iOgtmfX4dKNqfryBq5MuknrqqrdLSWIebpE+mXnr6xU0bs1BjLqp -JG2ODTRSstrUZZdo35w7O5MS+GYcqwWzD9wPkWbRW6GMdc3/RnZJE1OcbSQ1HZwT -SR2DzqNwAfLwcmglQhy7DgXzcRzNlnjtHfflkCuzr+PL3D9s/ao/FngkuZ7Yh1pm -RLNRtDIEIFdasrWvAf5HPX7NDAL2/KTEUCPtKVmuyeaQSXqEwAhZvCFVkrP3yUz1 -EcGT8I4jhrF5QrtqHvnUezrICZNXYcBMB80Of6DvnRQkOLlqFc1Nj5FRp/cMKzkM -igUfBYyeP8AVZmNWjweBhc3VAie7mUBpWDgEGtyY1BSf1AapWggfXvrnNOhlvrJq -41m0ef+mk1mFC2rgqDAQj1cI5lp0oPZX3KHFFfl+hFbd9ig7rXQ= ------END CERTIFICATE REQUEST----- diff --git a/certs/rustcryp.to.rsa4096.key b/certs/rustcryp.to.rsa4096.key deleted file mode 100644 index 9a5d6c5..0000000 --- a/certs/rustcryp.to.rsa4096.key +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCji9x2BSKx3EUk -khHHXZLSyJtWH9uLK3Nk4CgOhC5hTx6nldIijS3zYmxn4/zRpWoxcvkgf239pKA/ -jAUIk1lb5Du3LGT5f2it0oasy6pZBg8xo5LnRPAbrGPhZ/XDwf9nbFEmldBU+Mib -z4M0KkalK8jKj3vQ1S2eC5OjvaNtga+9VFTn3VYVbvR6qSsnQe1XR6K/D2w3o/sa -k4mXZpMk5XkR6i+EHbAfDhtS/1bR2hLqDq6yoEsv0gMbvH18iMWRB7nvmlEuTjCr -vE/QOcgKUvlTRrCdHucrKlQkvA40P2G7TyNQbk5r5S9Sqg3UGQc0+sn8wFteYbPF -90ActgzzBTWYli+kCnl2FC5FSLOOopvidmHOGRwFz2KWSL0+OQdzo0BJrg8Szclt -KAiRuH2WoF09OjYbCNKteBOdkKqQF10Xz3tQxGeExtJi+LSlR8KmdUEdZw81ktne -CXe73WFSB2LUOXKnpSYP4fabdOxrY77Dva1gTbW9+AjjpAGs45jygz0yhxyOaJjq -B8FAGSGylRQOQdqGsQLKc0V/cWEFuFGv2CAhbj521ZwhVK5BVSj6uLl/EaBEEN6k -aPzHoQAdLmSVmsuqjOd5blojJayF28Gmbuc1wOIuNlhk8FYejeAtT9JTsHz0XCF4 -Y9bAdKWmNW41ZARi0m8VV1E8ZteWwQIDAQABAoICABzM42zxKJPzu0VeZ70ZEGMI -Krq2732JkE+iXct4oYZHXZmbe57UB9SFb5u3/WyZ2aKNoauEZUU2eXXXXYeOEz1o -as+uBLYfJrr9iPPjBcOZmpFeQd9yN2pYKFqoaRIpFqYK4BuQZFiiWwl9OJi2HSy3 -EiwBqoczE05ysXQzUBVXsjAAKteOFbu+h1UWd1/5bydgmRtWRvNhcDXU53T+/kiQ -FIsAF5AHfl1pqYwrJQndglkvbrpMGhF4xU1cGykUGN6aYrb8EPG7mTyU8+UyV7Th -ucBdgXqZ15G1aY3yg/nVc4t9uzVNx4eem3/OLJM+OROuWmWlJjHvuK3TBbpIoOze -285q6tn5rROoEK+dCO6Gjhd6djbvXIPngO83/+x8XxYOrttDYEcv+RJAQAFopjwv -ulp2ln3TH29RuQ0PyEYiXepQuW4t5cAXP2UnM/MWvQpx2hILONM75V7Ye3OH5T7Z -GPE6LgvaBVSEJdqcxFjCTAkuN3zDUg8/rygAadVx5EhpPwL82l/DW9vFZmgzwOLi -IEYg4r5EmYmoDqNcJ6xYixgef2CQ/Cu3zB+S+CNbRUk0iJDjNFNf1Suwhrr/c5zE -7ueuEjb1bWvhMMC9SANCYtiXXUmdgdd6ahwrtE4oxl72mPqOkKVwkUYKhXt6w8zz -YiSbYYJmf6h4kWaz/GDVAoIBAQDNYUHB1R/CCTXBHGDOiqJT8Q7GmF3XvfdF4xIo -Ug+5TC1ybfS9qCQS+i9vYVC19W42gzvre6SqDz7TTZbJQQLhEtESIRbJxXPU2JfS -HC3198H39LRaEkEWXOcQMEkhh9Q4vaMSYiQvkphYcyXldWTDWsJtoDlaay7WNzIX -ZhAzkGAkNw7anTexIpgasoUQO5KgYt7fQ8k+eGTPxv6W4gJqXSgX7VH6JBmrN+Ob -caC4RFmEcyFjzxunKFaqy23M946V9ckiPz6++1e83v61DmpCXrZQVrl6A82qZISr -E2M0JkOh7bmRIMKyA6xtenm3JziLMfDkJ+d6R2sguRxwxT+vAoIBAQDL2w3biNWt -rMzXzFC7Ad7mEQSEyH+A7jAqDa9y+eNzkDAJRf0jbixpZYo4GqxgnNtr26/Kb+wk -TwMrXUny+EsS7mgK4iiaegGSwsBsd0aSI5frmNniDAz7LVZ95byzzXPRWyoHj2/f -C+FEYwjmdnta4KJNcPh72KScGSuUr4jRn2xiXTKa6+H61i/TrXjoRH6EOhuNEd4i -wc0rh0zdLe1oAlAKB9fDf1eN5w+gtcycykRmTMRiv8bU7UIxZUn8hhnc3u+shdUb -+L8JjQW9U+XSWNLVsy2f8MnQ1hKr86gjqE5oT1wLuYjsRNK7enc5X3gKvw01+Jz4 -xZ9AHPGBBDyPAoIBAQCAZ4QDOcpHOBbhi2qC924R6S6Bv5U8Y0qL6THa/6NRCG2J -k3Fmeg9DxiOOEVuyx6WGc3os+fqzUCDJX0McxIaWTXtlSEbFE6wdsOUKug+KLsKY -0edIQQ1se90C5A1050UpzHZ98doJ3C9fbW6ODV1YPhA9FeWFwGliCNRKiMcsVeGm -Ar5Is+6z0psiZeaHhZdgqzAIiorxgbgVp6ZYkylLcr60Zu3P5G4f/CtTbjE7w4/s -HUcM7dmuIqw80D7v3P7KhwafYMdMBDyQmyLH9CE/KZP2mqIPxPz6wSmpA9AMNLgo -L0bLk53mSiGtuNsMRXs2m5yuKLyyWKCDrvg3ETuFAoIBAC7Z22d3HVTbAAEgrfUs -yuOpSZaS1er10w/3MTmFgObQXpnjAfigm4hlk8ytJKzXn/478TzfWDBIEHxo5lP3 -CJoDPNozfA10uOPX6o2DJC72CzZUXM784gbgNp6crC/Oqi2VfCVcq+NhQZaMBEGj -PVp3ghW2PwWHlt1hU4jKhvFWaHx62uSMDdWuYDOQDNek1kbha++SCbGHRPYaFGpI -4eUjku2bO9VscNzmG8tdvPbT7cBtKD1hwfqxxKLBmq10zIDco8zMvVu+YXl6dbU7 -kPg0/c+rbHLzzg43BPeL+jqntc13X7o6G+PhNWVtEfWXoWkm24xp5PmvwZfkjwSN -yrUCggEAfl7Tn2HFOVYVggPU09gxRAzyO37FAjcge/nPmHqDUXZidvQTyAUj64cU -MC3oviFreC530z/JTgc1qWWWcFHsVE7QYHoFDsXTfwyNE02FtBepOsiYXM2AUcYx -5gI2psoXTFkOSQIDW+DTqndJK2o8HuTANcramhUpcjd5+SvtM2kGqOIv0enRsrhO -qPePpQaDjgVoDGKV4HJ7giAXiMR3Vlp3DSNkOM1kaU6JZckh9T2nz6AWc/y4DBLV -JzMgJlyUreoWKi4VZQQUQsCrBPc/GtcWf3iLwjzHi88T8hURqkla9+I22NAnJ6Zx -YoH2/0Jqixc/g57Y7CLF9IwQiopCXw== ------END PRIVATE KEY----- diff --git a/tests/bare-ping-poing.rs b/tests/bare-ping-poing.rs deleted file mode 100644 index 96eb3d6..0000000 --- a/tests/bare-ping-poing.rs +++ /dev/null @@ -1,125 +0,0 @@ -use std::io::{Read, Write}; - -use std::fs::File; - -use openssl::ssl::{SslFiletype, SslMethod, SslStream}; -use std::net::{TcpListener, TcpStream}; -use std::sync::Arc; -use std::thread; -use std::time::Duration; - -use rustls::pki_types::CertificateDer; -use rustls::pki_types::ServerName; - -use rustls_rustcrypto::provider as rustcrypto_provider; - -#[test] -fn vs_openssl_as_client() { - let listener = TcpListener::bind("127.0.0.1:0").unwrap(); - let server_addr = listener.local_addr().unwrap(); - - let mut ca_pkcs10_file = File::open("certs/ca.rsa4096.crt").unwrap(); - let mut ca_pkcs10_data: Vec = vec![]; - ca_pkcs10_file.read_to_end(&mut ca_pkcs10_data).unwrap(); - let (ca_type_label, ca_data) = pem_rfc7468::decode_vec(&ca_pkcs10_data).unwrap(); - assert_eq!(ca_type_label, "CERTIFICATE"); - let rustls_cert_der: CertificateDer = ca_data.try_into().unwrap(); - - // rustls-rustcrypto Client thread - let client_thread = thread::spawn(move || { - let mut root_store = rustls::RootCertStore::empty(); - root_store.add(rustls_cert_der).unwrap(); - - let config = rustls::ClientConfig::builder_with_provider(Arc::new(rustcrypto_provider())) - .with_safe_default_protocol_versions() - .unwrap() - .with_root_certificates(root_store) - .with_no_client_auth(); - - let mut conn = rustls::ClientConnection::new( - Arc::new(config), - ServerName::try_from("localhost").unwrap(), - ) - .unwrap(); - let mut sock = TcpStream::connect(server_addr).unwrap(); - let mut tls = rustls::Stream::new(&mut conn, &mut sock); - - tls.write_all(b"PING\n").unwrap(); - - let _ciphersuite = tls.conn.negotiated_cipher_suite().unwrap(); - - let mut plaintext = Vec::new(); - tls.read_to_end(&mut plaintext).unwrap(); - - assert_eq!(core::str::from_utf8(&plaintext), Ok("PONG\n")); - - return; - }); - - let timeout_thread = thread::spawn(move || { - thread::sleep(Duration::from_millis(100)); - panic!("timeout"); - }); - - // OpenSSL Server Handler - let server_thread = thread::spawn(move || { - for stream in listener.incoming() { - match stream { - Ok(stream) => { - let mut ssl_context_build = - openssl::ssl::SslContext::builder(SslMethod::tls_server()).unwrap(); - ssl_context_build.set_verify(openssl::ssl::SslVerifyMode::NONE); - ssl_context_build - .set_ca_file("certs/ca.rsa4096.crt") - .unwrap(); - ssl_context_build - .set_certificate_file( - "certs/rustcryp.to.rsa4096.ca_signed.crt", - SslFiletype::PEM, - ) - .unwrap(); - ssl_context_build - .set_private_key_file("certs/rustcryp.to.rsa4096.key", SslFiletype::PEM) - .unwrap(); - // https://docs.rs/openssl/latest/openssl/ssl/struct.SslContextBuilder.html#method.set_cipher_list - // https://docs.rs/openssl/latest/openssl/ssl/struct.SslContextBuilder.html#method.set_ciphersuites - ssl_context_build.check_private_key().unwrap(); - let ctx = ssl_context_build.build(); - let ssl = openssl::ssl::Ssl::new(&ctx).unwrap(); - - let mut ssl_stream = SslStream::new(ssl, stream).unwrap(); - ssl_stream.accept().unwrap(); - let mut buf_in = vec![0; 1024]; - let siz = ssl_stream.ssl_read(&mut buf_in); - - let incoming = match siz { - Ok(i) => buf_in[0..i].to_vec(), - Err(_e) => panic!("Error reading?"), - }; - - assert_eq!(core::str::from_utf8(&incoming), Ok("PING\n")); - - let out = "PONG\n"; - ssl_stream.write(&out.as_bytes()).unwrap(); - - ssl_stream.shutdown().unwrap(); - } - Err(_) => panic!("Server connection failed"), - } - return; - } - }); - - loop { - thread::sleep(Duration::from_millis(10)); - if client_thread.is_finished() == true && server_thread.is_finished() == true { - break; - } - if timeout_thread.is_finished() == true { - panic!("TIMEOUT"); - } - } - - client_thread.join().expect("Client thread panic"); - server_thread.join().expect("Server thread panic"); -}