diff --git a/.travis.yml b/.travis.yml index e61929c27..6e753bf63 100644 --- a/.travis.yml +++ b/.travis.yml @@ -8,27 +8,32 @@ branches: - master language: rust os: linux -dist: xenial +dist: focal addons: apt: + sources: + - sourceline: "deb http://apt.llvm.org/focal/ llvm-toolchain-focal-11 main" + key_url: "https://apt.llvm.org/llvm-snapshot.gpg.key" packages: - - llvm-3.8-dev - - libclang-3.8-dev - - clang-3.8 + - clang-11 - cmake rust: - stable - - beta - - nightly - - nightly-2019-07-01 - - nightly-2019-10-28 env: + jobs: + # Matrix build of 3 targets against Rust stable + - TARGET=x86_64-unknown-linux-gnu ZLIB_INSTALLED=true AES_NI_SUPPORT=true + - TARGET=x86_64-fortanix-unknown-sgx global: - RUST_BACKTRACE=1 # Pinned to this particular nightly version because of core_io. This can be # re-pinned whenever core_io is updated to the latest nightly. - - CORE_IO_NIGHTLY=nightly-2019-07-01 - - SGX_NIGHTLY=nightly-2019-10-28 - - LLVM_CONFIG_PATH=llvm-config-3.8 + - CORE_IO_NIGHTLY=nightly-2021-03-25 +jobs: + include: + # Test additional Rust toolchains on x86_64 + - rust: beta + - rust: nightly + - rust: nightly-2021-03-25 script: - ./ct.sh diff --git a/Cargo.lock b/Cargo.lock index 245e12430..46308c784 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1,722 +1,732 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. +version = 3 + [[package]] name = "aho-corasick" -version = "0.5.3" +version = "0.7.20" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cc936419f96fa211c1b9166887b38e5e40b19958e5b895be7c1f93adec7071ac" dependencies = [ - "memchr 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)", + "memchr", ] [[package]] -name = "autocfg" -version = "1.0.1" +name = "ansi_term" +version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d52a9bb7ec0cf484c551830a7ce27bd20d67eac647e1befb56b0be4ee39a55d2" +dependencies = [ + "winapi", +] [[package]] -name = "bindgen" -version = "0.19.2" +name = "atty" +version = "0.2.14" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8" dependencies = [ - "cexpr 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)", - "clang-sys 0.11.1 (registry+https://github.com/rust-lang/crates.io-index)", - "docopt 0.6.86 (registry+https://github.com/rust-lang/crates.io-index)", - "env_logger 0.3.5 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.81 (registry+https://github.com/rust-lang/crates.io-index)", - "log 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)", - "rustc-serialize 0.3.24 (registry+https://github.com/rust-lang/crates.io-index)", - "syntex_syntax 0.40.0 (registry+https://github.com/rust-lang/crates.io-index)", + "hermit-abi", + "libc", + "winapi", ] [[package]] -name = "bit-vec" -version = "0.5.1" +name = "autocfg" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a" [[package]] -name = "bitflags" -version = "0.5.0" +name = "bindgen" +version = "0.58.1" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0f8523b410d7187a43085e7e064416ea32ded16bd0a4e6fc025e21616d01258f" +dependencies = [ + "bitflags", + "cexpr", + "clang-sys", + "clap", + "env_logger", + "lazy_static", + "lazycell", + "log", + "peeking_take_while", + "proc-macro2", + "quote", + "regex", + "rustc-hash", + "shlex", + "which", +] [[package]] -name = "bitflags" -version = "0.7.0" +name = "bit-vec" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f59bbe95d4e52a6398ec21238d31577f2b28a9d86807f06ca59d191d8440d0bb" [[package]] name = "bitflags" version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" [[package]] name = "block-cipher-trait" version = "0.6.2" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1c924d49bd09e7c06003acda26cd9742e796e34282ec6c1189404dee0c1f4774" dependencies = [ - "generic-array 0.12.3 (registry+https://github.com/rust-lang/crates.io-index)", + "generic-array", ] [[package]] name = "block-modes" version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "31aa8410095e39fdb732909fb5730a48d5bd7c2e3cd76bd1b07b3dbea130c529" dependencies = [ - "block-cipher-trait 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)", - "block-padding 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", + "block-cipher-trait", + "block-padding", ] [[package]] name = "block-padding" version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fa79dedbb091f449f1f39e53edf88d5dbe95f895dae6135a8d7b881fb5af73f5" dependencies = [ - "byte-tools 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)", + "byte-tools", ] [[package]] name = "byte-tools" version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3b5ca7a04898ad4bcd41c90c5285445ff5b791899bb1b0abdd2a2aa791211d7" [[package]] name = "byteorder" version = "1.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08c48aae112d48ed9f069b33538ea9e3e90aa263cfa3d1c24309612b1f7472de" [[package]] name = "cc" version = "1.0.66" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c0496836a84f8d0495758516b8621a622beb77c0fed418570e50764093ced48" [[package]] name = "cexpr" -version = "0.2.3" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4aedb84272dbe89af497cf81375129abda4fc0a9e7c5d317498c15cc30c0d27" dependencies = [ - "nom 3.2.1 (registry+https://github.com/rust-lang/crates.io-index)", + "nom", ] [[package]] name = "cfg-if" version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" [[package]] name = "cfg-if" version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "chrono" version = "0.4.19" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "670ad68c9088c2a963aaa298cb369688cf3f9465ce5e2d4ca10e6e0098a1ce73" dependencies = [ - "libc 0.2.81 (registry+https://github.com/rust-lang/crates.io-index)", - "num-integer 0.1.44 (registry+https://github.com/rust-lang/crates.io-index)", - "num-traits 0.2.14 (registry+https://github.com/rust-lang/crates.io-index)", - "time 0.1.44 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)", + "libc", + "num-integer", + "num-traits", + "time", + "winapi", ] [[package]] name = "clang-sys" -version = "0.11.1" +version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77ed9a53e5d4d9c573ae844bfac6872b159cb1d1585a83b29e7a64b7eef7332a" dependencies = [ - "bitflags 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", - "glob 0.2.11 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.81 (registry+https://github.com/rust-lang/crates.io-index)", + "glob", + "libc", + "libloading", ] [[package]] -name = "cmake" -version = "0.1.45" +name = "clap" +version = "2.34.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a0610544180c38b88101fecf2dd634b174a62eef6946f84dfc6a7127512b381c" dependencies = [ - "cc 1.0.66 (registry+https://github.com/rust-lang/crates.io-index)", + "ansi_term", + "atty", + "bitflags", + "strsim", + "textwrap", + "unicode-width", + "vec_map", ] [[package]] -name = "core_io" -version = "0.1.20190701" +name = "cmake" +version = "0.1.45" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eb6210b637171dfba4cda12e579ac6dc73f5165ad56133e5d72ef3131f320855" dependencies = [ - "rustc_version 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)", + "cc", ] [[package]] -name = "docopt" -version = "0.6.86" +name = "core_io" +version = "0.1.20210325" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "97f8932064288cc79feb4d343a399d353a6f6f001e586ece47fe518a9e8507df" dependencies = [ - "lazy_static 0.2.11 (registry+https://github.com/rust-lang/crates.io-index)", - "regex 0.1.80 (registry+https://github.com/rust-lang/crates.io-index)", - "rustc-serialize 0.3.24 (registry+https://github.com/rust-lang/crates.io-index)", - "strsim 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)", + "rustc_version", ] [[package]] name = "env_logger" -version = "0.3.5" +version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a19187fea3ac7e84da7dacf48de0c45d63c6a76f9490dae389aead16c243fce3" dependencies = [ - "log 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)", - "regex 0.1.80 (registry+https://github.com/rust-lang/crates.io-index)", + "atty", + "humantime", + "log", + "regex", + "termcolor", ] [[package]] name = "fuchsia-cprng" version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a06f77d526c1a601b7c4cdd98f54b5eaabffc14d5f2f0296febdc7f357c6d3ba" [[package]] name = "generic-array" version = "0.12.3" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c68f0274ae0e023facc3c97b2e00f076be70e254bc851d972503b328db79b2ec" dependencies = [ - "typenum 1.12.0 (registry+https://github.com/rust-lang/crates.io-index)", + "typenum", ] [[package]] name = "glob" -version = "0.2.11" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b" + +[[package]] +name = "hermit-abi" +version = "0.1.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33" +dependencies = [ + "libc", +] [[package]] name = "hex" version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "805026a5d0141ffc30abb3be3173848ad46a1b1664fe632428479619a3644d77" [[package]] -name = "kernel32-sys" -version = "0.2.2" +name = "humantime" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "winapi 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi-build 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)", -] +checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" [[package]] name = "lazy_static" -version = "0.2.11" +version = "1.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] -name = "lazy_static" -version = "1.4.0" +name = "lazycell" +version = "1.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55" [[package]] name = "libc" version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1482821306169ec4d07f6aca392a4681f66c75c9918aa49641a2595db64053cb" [[package]] -name = "libz-sys" -version = "1.1.2" +name = "libloading" +version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b67380fd3b2fbe7527a606e18729d21c6f3951633d0500574c4dc22d2d638b9f" dependencies = [ - "cc 1.0.66 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.81 (registry+https://github.com/rust-lang/crates.io-index)", - "pkg-config 0.3.19 (registry+https://github.com/rust-lang/crates.io-index)", - "vcpkg 0.2.11 (registry+https://github.com/rust-lang/crates.io-index)", + "cfg-if 1.0.0", + "winapi", ] [[package]] -name = "log" -version = "0.3.9" +name = "libz-sys" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "602113192b08db8f38796c4e85c39e960c145965140e918018bcde1952429655" dependencies = [ - "log 0.4.11 (registry+https://github.com/rust-lang/crates.io-index)", + "cc", + "libc", + "pkg-config", + "vcpkg", ] [[package]] name = "log" version = "0.4.11" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4fabed175da42fed1fa0746b0ea71f412aa9d35e76e95e59b192c64b9dc2bf8b" dependencies = [ - "cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)", + "cfg-if 0.1.10", ] [[package]] name = "matches" version = "0.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ffc5c5338469d4d3ea17d269fa8ea3512ad247247c30bd2df69e68309ed0a08" [[package]] name = "mbedtls" version = "0.7.1" dependencies = [ - "bit-vec 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)", - "bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)", - "block-modes 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)", - "byteorder 1.3.4 (registry+https://github.com/rust-lang/crates.io-index)", - "cc 1.0.66 (registry+https://github.com/rust-lang/crates.io-index)", - "chrono 0.4.19 (registry+https://github.com/rust-lang/crates.io-index)", - "core_io 0.1.20190701 (registry+https://github.com/rust-lang/crates.io-index)", - "hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.81 (registry+https://github.com/rust-lang/crates.io-index)", - "matches 0.1.8 (registry+https://github.com/rust-lang/crates.io-index)", - "mbedtls-sys-auto 2.25.2 (registry+https://github.com/rust-lang/crates.io-index)", - "num-bigint 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)", - "rand 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)", - "rc2 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)", - "rs-libc 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.118 (registry+https://github.com/rust-lang/crates.io-index)", - "serde_cbor 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)", - "serde_derive 1.0.118 (registry+https://github.com/rust-lang/crates.io-index)", - "spin 0.4.10 (registry+https://github.com/rust-lang/crates.io-index)", - "yasna 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)", + "bit-vec", + "bitflags", + "block-modes", + "byteorder", + "cc", + "chrono", + "core_io", + "hex", + "libc", + "matches", + "mbedtls-sys-auto", + "num-bigint", + "proc-macro2", + "quote", + "rand", + "rc2", + "rs-libc", + "serde", + "serde_cbor", + "serde_derive", + "spin", + "tokio", + "yasna", ] [[package]] name = "mbedtls-sys-auto" -version = "2.25.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "bindgen 0.19.2 (registry+https://github.com/rust-lang/crates.io-index)", - "cfg-if 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)", - "cmake 0.1.45 (registry+https://github.com/rust-lang/crates.io-index)", - "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.81 (registry+https://github.com/rust-lang/crates.io-index)", - "libz-sys 1.1.2 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "memchr" -version = "0.1.11" +version = "2.28.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b2231108271d9a10052178d940926baf24b57a2eb1703732faae387592dd6ac3" dependencies = [ - "libc 0.2.81 (registry+https://github.com/rust-lang/crates.io-index)", + "bindgen", + "cc", + "cfg-if 1.0.0", + "cmake", + "lazy_static", + "libc", + "libz-sys", + "quote", + "syn", ] [[package]] name = "memchr" -version = "1.0.2" +version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "libc 0.2.81 (registry+https://github.com/rust-lang/crates.io-index)", -] +checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" [[package]] name = "nom" -version = "3.2.1" +version = "5.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffb4262d26ed83a1c0a33a38fe2bb15797329c85770da05e6b828ddb782627af" dependencies = [ - "memchr 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)", + "memchr", + "version_check", ] [[package]] name = "num-bigint" version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "090c7f9998ee0ff65aa5b723e4009f7b217707f1fb5ea551329cc4d6231fb304" dependencies = [ - "autocfg 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)", - "num-integer 0.1.44 (registry+https://github.com/rust-lang/crates.io-index)", - "num-traits 0.2.14 (registry+https://github.com/rust-lang/crates.io-index)", + "autocfg", + "num-integer", + "num-traits", ] [[package]] name = "num-integer" version = "0.1.44" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2cc698a63b549a70bc047073d2949cce27cd1c7b0a4a862d08a8031bc2801db" dependencies = [ - "autocfg 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)", - "num-traits 0.2.14 (registry+https://github.com/rust-lang/crates.io-index)", + "autocfg", + "num-traits", ] [[package]] name = "num-traits" version = "0.2.14" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a64b1ec5cda2586e284722486d802acf1f7dbdc623e2bfc57e65ca1cd099290" dependencies = [ - "autocfg 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)", + "autocfg", ] [[package]] name = "opaque-debug" version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2839e79665f131bdb5782e51f2c6c9599c133c6098982a54c794358bf432529c" + +[[package]] +name = "peeking_take_while" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" + +[[package]] +name = "pin-project-lite" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc0e1f259c92177c30a4c9d177246edd0a3568b25756a977d0632cf8fa37e905" [[package]] name = "pkg-config" version = "0.3.19" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3831453b3449ceb48b6d9c7ad7c96d5ea673e9b470a1dc578c2ce6521230884c" [[package]] name = "proc-macro2" version = "1.0.24" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e0704ee1a7e00d7bb417d0770ea303c1bccbabf0ef1667dae92b5967f5f8a71" dependencies = [ - "unicode-xid 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)", + "unicode-xid", ] [[package]] name = "quote" -version = "1.0.8" +version = "1.0.9" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3d0b9745dc2debf507c8422de05d7226cc1f0644216dfdfead988f9b1ab32a7" dependencies = [ - "proc-macro2 1.0.24 (registry+https://github.com/rust-lang/crates.io-index)", + "proc-macro2", ] [[package]] name = "rand" version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "552840b97013b1a26992c11eac34bdd778e464601a4c2054b5f0bff7c6761293" dependencies = [ - "fuchsia-cprng 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.81 (registry+https://github.com/rust-lang/crates.io-index)", - "rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)", - "rdrand 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)", + "fuchsia-cprng", + "libc", + "rand_core 0.3.1", + "rdrand", + "winapi", ] [[package]] name = "rand_core" version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a6fdeb83b075e8266dcc8762c22776f6877a63111121f5f8c7411e5be7eed4b" dependencies = [ - "rand_core 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_core 0.4.2", ] [[package]] name = "rand_core" version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c33a3c44ca05fa6f1807d8e6743f3824e8509beca625669633be0acbdf509dc" [[package]] name = "rc2" version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "039209d71774c9b2ae967ffb66b73ed253b3c384c198ec0d620fdd5369c78e5e" dependencies = [ - "block-cipher-trait 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)", - "opaque-debug 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)", + "block-cipher-trait", + "opaque-debug", ] [[package]] name = "rdrand" version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "678054eb77286b51581ba43620cc911abf02758c91f93f479767aed0f90458b2" dependencies = [ - "rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_core 0.3.1", ] [[package]] name = "regex" -version = "0.1.80" +version = "1.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "48aaa5748ba571fb95cd2c85c09f629215d3a6ece942baa100950af03a34f733" dependencies = [ - "aho-corasick 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)", - "memchr 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)", - "regex-syntax 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)", - "thread_local 0.2.7 (registry+https://github.com/rust-lang/crates.io-index)", - "utf8-ranges 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)", + "aho-corasick", + "memchr", + "regex-syntax", ] [[package]] name = "regex-syntax" -version = "0.3.9" +version = "0.6.28" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "456c603be3e8d448b072f410900c09faf164fbce2d480456f50eea6e25f9c848" [[package]] name = "rs-libc" version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "80a671d6c4696a49b78e0a271c99bc58bc1a17a64893a3684a1ba1a944b26ca9" dependencies = [ - "cc 1.0.66 (registry+https://github.com/rust-lang/crates.io-index)", + "cc", ] [[package]] -name = "rustc-serialize" -version = "0.3.24" +name = "rustc-hash" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" [[package]] name = "rustc_version" version = "0.1.7" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c5f5376ea5e30ce23c03eb77cbe4962b988deead10910c372b226388b594c084" dependencies = [ - "semver 0.1.20 (registry+https://github.com/rust-lang/crates.io-index)", + "semver", ] [[package]] name = "semver" version = "0.1.20" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d4f410fedcf71af0345d7607d246e7ad15faaadd49d240ee3b24e5dc21a820ac" [[package]] name = "serde" version = "1.0.118" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06c64263859d87aa2eb554587e2d23183398d617427327cf2b3d0ed8c69e4800" [[package]] name = "serde_bytes" version = "0.10.5" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "defbb8a83d7f34cc8380751eeb892b825944222888aff18996ea7901f24aec88" dependencies = [ - "serde 1.0.118 (registry+https://github.com/rust-lang/crates.io-index)", + "serde", ] [[package]] name = "serde_cbor" version = "0.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "27181cf088428830792d77a40dd44f59d663f3e909bd56cef8c815403cf814ba" dependencies = [ - "byteorder 1.3.4 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.118 (registry+https://github.com/rust-lang/crates.io-index)", - "serde_bytes 0.10.5 (registry+https://github.com/rust-lang/crates.io-index)", + "byteorder", + "serde", + "serde_bytes", ] [[package]] name = "serde_derive" version = "1.0.118" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c84d3526699cd55261af4b941e4e725444df67aa4f9e6a3564f18030d12672df" dependencies = [ - "proc-macro2 1.0.24 (registry+https://github.com/rust-lang/crates.io-index)", - "quote 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)", - "syn 1.0.57 (registry+https://github.com/rust-lang/crates.io-index)", + "proc-macro2", + "quote", + "syn", ] +[[package]] +name = "shlex" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43b2853a4d09f215c24cc5489c992ce46052d359b5109343cbafbf26bc62f8a3" + [[package]] name = "spin" version = "0.4.10" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ceac490aa12c567115b40b7b7fceca03a6c9d53d5defea066123debc83c5dc1f" [[package]] name = "strsim" -version = "0.5.2" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a" [[package]] name = "syn" -version = "1.0.57" +version = "1.0.67" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6498a9efc342871f91cc2d0d694c674368b4ceb40f62b65a7a08c3792935e702" dependencies = [ - "proc-macro2 1.0.24 (registry+https://github.com/rust-lang/crates.io-index)", - "quote 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)", - "unicode-xid 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)", + "proc-macro2", + "quote", + "unicode-xid", ] [[package]] -name = "syntex_errors" -version = "0.40.0" +name = "termcolor" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be55cf8942feac5c765c2c993422806843c9a9a45d4d5c407ad6dd2ea95eb9b6" dependencies = [ - "libc 0.2.81 (registry+https://github.com/rust-lang/crates.io-index)", - "log 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)", - "rustc-serialize 0.3.24 (registry+https://github.com/rust-lang/crates.io-index)", - "syntex_pos 0.40.0 (registry+https://github.com/rust-lang/crates.io-index)", - "term 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)", - "unicode-xid 0.0.3 (registry+https://github.com/rust-lang/crates.io-index)", + "winapi-util", ] [[package]] -name = "syntex_pos" -version = "0.40.0" +name = "textwrap" +version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060" dependencies = [ - "rustc-serialize 0.3.24 (registry+https://github.com/rust-lang/crates.io-index)", + "unicode-width", ] [[package]] -name = "syntex_syntax" -version = "0.40.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "bitflags 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.81 (registry+https://github.com/rust-lang/crates.io-index)", - "log 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)", - "rustc-serialize 0.3.24 (registry+https://github.com/rust-lang/crates.io-index)", - "syntex_errors 0.40.0 (registry+https://github.com/rust-lang/crates.io-index)", - "syntex_pos 0.40.0 (registry+https://github.com/rust-lang/crates.io-index)", - "term 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)", - "unicode-xid 0.0.3 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "term" -version = "0.4.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "kernel32-sys 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "thread-id" -version = "2.0.0" +name = "time" +version = "0.1.44" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6db9e6914ab8b1ae1c260a4ae7a49b6c5611b40328a735b21862567685e73255" dependencies = [ - "kernel32-sys 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.81 (registry+https://github.com/rust-lang/crates.io-index)", + "libc", + "wasi", + "winapi", ] [[package]] -name = "thread_local" -version = "0.2.7" +name = "tokio" +version = "0.3.7" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "46409491c9375a693ce7032101970a54f8a2010efb77e13f70788f0d84489e39" dependencies = [ - "thread-id 2.0.0 (registry+https://github.com/rust-lang/crates.io-index)", + "autocfg", + "pin-project-lite", ] [[package]] -name = "time" -version = "0.1.44" +name = "typenum" +version = "1.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "libc 0.2.81 (registry+https://github.com/rust-lang/crates.io-index)", - "wasi 0.10.0+wasi-snapshot-preview1 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)", -] +checksum = "373c8a200f9e67a0c95e62a4f52fbf80c23b4381c05a17845531982fa99e6b33" [[package]] -name = "typenum" -version = "1.12.0" +name = "unicode-width" +version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0edd1e5b14653f783770bce4a4dabb4a5108a5370a5f5d8cfe8710c361f6c8b" [[package]] name = "unicode-xid" -version = "0.0.3" +version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c" [[package]] -name = "unicode-xid" -version = "0.2.1" +name = "vcpkg" +version = "0.2.11" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b00bca6106a5e23f3eee943593759b7fcddb00554332e856d990c893966879fb" [[package]] -name = "utf8-ranges" -version = "0.1.3" +name = "vec_map" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1bddf1187be692e79c5ffeab891132dfb0f236ed36a43c7ed39f1165ee20191" [[package]] -name = "vcpkg" -version = "0.2.11" +name = "version_check" +version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" [[package]] name = "wasi" version = "0.10.0+wasi-snapshot-preview1" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a143597ca7c7793eff794def352d41792a93c481eb1042423ff7ff72ba2c31f" [[package]] -name = "winapi" -version = "0.2.8" +name = "which" +version = "3.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d011071ae14a2f6671d0b74080ae0cd8ebf3a6f8c9589a2cd45f23126fe29724" +dependencies = [ + "libc", +] [[package]] name = "winapi" version = "0.3.9" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" dependencies = [ - "winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", ] [[package]] -name = "winapi-build" -version = "0.1.1" +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" [[package]] -name = "winapi-i686-pc-windows-gnu" -version = "0.4.0" +name = "winapi-util" +version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70ec6ce85bb158151cae5e5c87f95a8e97d2c0c4b001223f33a334e3ce5de178" +dependencies = [ + "winapi", +] [[package]] name = "winapi-x86_64-pc-windows-gnu" version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "yasna" version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "79af3189e6b0484c9fd54208f8eeb8818cadee00ec81438b67a64c8e6f2f3694" dependencies = [ - "bit-vec 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)", - "num-bigint 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[metadata] -"checksum aho-corasick 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)" = "ca972c2ea5f742bfce5687b9aef75506a764f61d37f8f649047846a9686ddb66" -"checksum autocfg 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a" -"checksum bindgen 0.19.2 (registry+https://github.com/rust-lang/crates.io-index)" = "003f95e0fb6cf3d1fee8c62b2ec35135509477989fab15c358e0efa3972bdef6" -"checksum bit-vec 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)" = "f59bbe95d4e52a6398ec21238d31577f2b28a9d86807f06ca59d191d8440d0bb" -"checksum bitflags 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)" = "4f67931368edf3a9a51d29886d245f1c3db2f1ef0dcc9e35ff70341b78c10d23" -"checksum bitflags 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "aad18937a628ec6abcd26d1489012cc0e18c21798210f491af69ded9b881106d" -"checksum bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" -"checksum block-cipher-trait 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)" = "1c924d49bd09e7c06003acda26cd9742e796e34282ec6c1189404dee0c1f4774" -"checksum block-modes 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "31aa8410095e39fdb732909fb5730a48d5bd7c2e3cd76bd1b07b3dbea130c529" -"checksum block-padding 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "fa79dedbb091f449f1f39e53edf88d5dbe95f895dae6135a8d7b881fb5af73f5" -"checksum byte-tools 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "e3b5ca7a04898ad4bcd41c90c5285445ff5b791899bb1b0abdd2a2aa791211d7" -"checksum byteorder 1.3.4 (registry+https://github.com/rust-lang/crates.io-index)" = "08c48aae112d48ed9f069b33538ea9e3e90aa263cfa3d1c24309612b1f7472de" -"checksum cc 1.0.66 (registry+https://github.com/rust-lang/crates.io-index)" = "4c0496836a84f8d0495758516b8621a622beb77c0fed418570e50764093ced48" -"checksum cexpr 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "42aac45e9567d97474a834efdee3081b3c942b2205be932092f53354ce503d6c" -"checksum cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)" = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" -"checksum cfg-if 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" -"checksum chrono 0.4.19 (registry+https://github.com/rust-lang/crates.io-index)" = "670ad68c9088c2a963aaa298cb369688cf3f9465ce5e2d4ca10e6e0098a1ce73" -"checksum clang-sys 0.11.1 (registry+https://github.com/rust-lang/crates.io-index)" = "19911f7964ce61a02d382adee8400f919d0fedd53c5441e3d6a9858ba73e249e" -"checksum cmake 0.1.45 (registry+https://github.com/rust-lang/crates.io-index)" = "eb6210b637171dfba4cda12e579ac6dc73f5165ad56133e5d72ef3131f320855" -"checksum core_io 0.1.20190701 (registry+https://github.com/rust-lang/crates.io-index)" = "bb3b45b225c233ea8b95309256e842264692c68eeb543e06755de9072dd1178a" -"checksum docopt 0.6.86 (registry+https://github.com/rust-lang/crates.io-index)" = "4a7ef30445607f6fc8720f0a0a2c7442284b629cf0d049286860fae23e71c4d9" -"checksum env_logger 0.3.5 (registry+https://github.com/rust-lang/crates.io-index)" = "15abd780e45b3ea4f76b4e9a26ff4843258dd8a3eed2775a0e7368c2e7936c2f" -"checksum fuchsia-cprng 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "a06f77d526c1a601b7c4cdd98f54b5eaabffc14d5f2f0296febdc7f357c6d3ba" -"checksum generic-array 0.12.3 (registry+https://github.com/rust-lang/crates.io-index)" = "c68f0274ae0e023facc3c97b2e00f076be70e254bc851d972503b328db79b2ec" -"checksum glob 0.2.11 (registry+https://github.com/rust-lang/crates.io-index)" = "8be18de09a56b60ed0edf84bc9df007e30040691af7acd1c41874faac5895bfb" -"checksum hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "805026a5d0141ffc30abb3be3173848ad46a1b1664fe632428479619a3644d77" -"checksum kernel32-sys 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "7507624b29483431c0ba2d82aece8ca6cdba9382bff4ddd0f7490560c056098d" -"checksum lazy_static 0.2.11 (registry+https://github.com/rust-lang/crates.io-index)" = "76f033c7ad61445c5b347c7382dd1237847eb1bce590fe50365dcb33d546be73" -"checksum lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" -"checksum libc 0.2.81 (registry+https://github.com/rust-lang/crates.io-index)" = "1482821306169ec4d07f6aca392a4681f66c75c9918aa49641a2595db64053cb" -"checksum libz-sys 1.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "602113192b08db8f38796c4e85c39e960c145965140e918018bcde1952429655" -"checksum log 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)" = "e19e8d5c34a3e0e2223db8e060f9e8264aeeb5c5fc64a4ee9965c062211c024b" -"checksum log 0.4.11 (registry+https://github.com/rust-lang/crates.io-index)" = "4fabed175da42fed1fa0746b0ea71f412aa9d35e76e95e59b192c64b9dc2bf8b" -"checksum matches 0.1.8 (registry+https://github.com/rust-lang/crates.io-index)" = "7ffc5c5338469d4d3ea17d269fa8ea3512ad247247c30bd2df69e68309ed0a08" -"checksum mbedtls-sys-auto 2.25.2 (registry+https://github.com/rust-lang/crates.io-index)" = "cf1210639c52c5dedbea06669e4d111ecfb9f26a0e09074dbe13a73bf1a6505e" -"checksum memchr 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)" = "d8b629fb514376c675b98c1421e80b151d3817ac42d7c667717d282761418d20" -"checksum memchr 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)" = "148fab2e51b4f1cfc66da2a7c32981d1d3c083a803978268bb11fe4b86925e7a" -"checksum nom 3.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "05aec50c70fd288702bcd93284a8444607f3292dbdf2a30de5ea5dcdbe72287b" -"checksum num-bigint 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)" = "090c7f9998ee0ff65aa5b723e4009f7b217707f1fb5ea551329cc4d6231fb304" -"checksum num-integer 0.1.44 (registry+https://github.com/rust-lang/crates.io-index)" = "d2cc698a63b549a70bc047073d2949cce27cd1c7b0a4a862d08a8031bc2801db" -"checksum num-traits 0.2.14 (registry+https://github.com/rust-lang/crates.io-index)" = "9a64b1ec5cda2586e284722486d802acf1f7dbdc623e2bfc57e65ca1cd099290" -"checksum opaque-debug 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "2839e79665f131bdb5782e51f2c6c9599c133c6098982a54c794358bf432529c" -"checksum pkg-config 0.3.19 (registry+https://github.com/rust-lang/crates.io-index)" = "3831453b3449ceb48b6d9c7ad7c96d5ea673e9b470a1dc578c2ce6521230884c" -"checksum proc-macro2 1.0.24 (registry+https://github.com/rust-lang/crates.io-index)" = "1e0704ee1a7e00d7bb417d0770ea303c1bccbabf0ef1667dae92b5967f5f8a71" -"checksum quote 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)" = "991431c3519a3f36861882da93630ce66b52918dcf1b8e2fd66b397fc96f28df" -"checksum rand 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)" = "552840b97013b1a26992c11eac34bdd778e464601a4c2054b5f0bff7c6761293" -"checksum rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "7a6fdeb83b075e8266dcc8762c22776f6877a63111121f5f8c7411e5be7eed4b" -"checksum rand_core 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "9c33a3c44ca05fa6f1807d8e6743f3824e8509beca625669633be0acbdf509dc" -"checksum rc2 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "039209d71774c9b2ae967ffb66b73ed253b3c384c198ec0d620fdd5369c78e5e" -"checksum rdrand 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "678054eb77286b51581ba43620cc911abf02758c91f93f479767aed0f90458b2" -"checksum regex 0.1.80 (registry+https://github.com/rust-lang/crates.io-index)" = "4fd4ace6a8cf7860714a2c2280d6c1f7e6a413486c13298bbc86fd3da019402f" -"checksum regex-syntax 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)" = "f9ec002c35e86791825ed294b50008eea9ddfc8def4420124fbc6b08db834957" -"checksum rs-libc 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "80a671d6c4696a49b78e0a271c99bc58bc1a17a64893a3684a1ba1a944b26ca9" -"checksum rustc-serialize 0.3.24 (registry+https://github.com/rust-lang/crates.io-index)" = "dcf128d1287d2ea9d80910b5f1120d0b8eede3fbf1abe91c40d39ea7d51e6fda" -"checksum rustc_version 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)" = "c5f5376ea5e30ce23c03eb77cbe4962b988deead10910c372b226388b594c084" -"checksum semver 0.1.20 (registry+https://github.com/rust-lang/crates.io-index)" = "d4f410fedcf71af0345d7607d246e7ad15faaadd49d240ee3b24e5dc21a820ac" -"checksum serde 1.0.118 (registry+https://github.com/rust-lang/crates.io-index)" = "06c64263859d87aa2eb554587e2d23183398d617427327cf2b3d0ed8c69e4800" -"checksum serde_bytes 0.10.5 (registry+https://github.com/rust-lang/crates.io-index)" = "defbb8a83d7f34cc8380751eeb892b825944222888aff18996ea7901f24aec88" -"checksum serde_cbor 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)" = "27181cf088428830792d77a40dd44f59d663f3e909bd56cef8c815403cf814ba" -"checksum serde_derive 1.0.118 (registry+https://github.com/rust-lang/crates.io-index)" = "c84d3526699cd55261af4b941e4e725444df67aa4f9e6a3564f18030d12672df" -"checksum spin 0.4.10 (registry+https://github.com/rust-lang/crates.io-index)" = "ceac490aa12c567115b40b7b7fceca03a6c9d53d5defea066123debc83c5dc1f" -"checksum strsim 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)" = "67f84c44fbb2f91db7fef94554e6b2ac05909c9c0b0bc23bb98d3a1aebfe7f7c" -"checksum syn 1.0.57 (registry+https://github.com/rust-lang/crates.io-index)" = "4211ce9909eb971f111059df92c45640aad50a619cf55cd76476be803c4c68e6" -"checksum syntex_errors 0.40.0 (registry+https://github.com/rust-lang/crates.io-index)" = "290933a450229bbbeee92bc4900ed0300ba54b59a0741055284c709cf2938f03" -"checksum syntex_pos 0.40.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7c37a0a6e73cc9d6c7a16fb955bc97fb8eb513b2d7ac23279adca58548a204ca" -"checksum syntex_syntax 0.40.0 (registry+https://github.com/rust-lang/crates.io-index)" = "5c64b3581fad872d6b28ccad01e0a0db0c4af70acd491af6650499a5fb35c9e8" -"checksum term 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)" = "fa63644f74ce96fbeb9b794f66aff2a52d601cbd5e80f4b97123e3899f4570f1" -"checksum thread-id 2.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "a9539db560102d1cef46b8b78ce737ff0bb64e7e18d35b2a5688f7d097d0ff03" -"checksum thread_local 0.2.7 (registry+https://github.com/rust-lang/crates.io-index)" = "8576dbbfcaef9641452d5cf0df9b0e7eeab7694956dd33bb61515fb8f18cfdd5" -"checksum time 0.1.44 (registry+https://github.com/rust-lang/crates.io-index)" = "6db9e6914ab8b1ae1c260a4ae7a49b6c5611b40328a735b21862567685e73255" -"checksum typenum 1.12.0 (registry+https://github.com/rust-lang/crates.io-index)" = "373c8a200f9e67a0c95e62a4f52fbf80c23b4381c05a17845531982fa99e6b33" -"checksum unicode-xid 0.0.3 (registry+https://github.com/rust-lang/crates.io-index)" = "36dff09cafb4ec7c8cf0023eb0b686cb6ce65499116a12201c9e11840ca01beb" -"checksum unicode-xid 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "f7fe0bb3479651439c9112f72b6c505038574c9fbb575ed1bf3b797fa39dd564" -"checksum utf8-ranges 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)" = "a1ca13c08c41c9c3e04224ed9ff80461d97e121589ff27c753a16cb10830ae0f" -"checksum vcpkg 0.2.11 (registry+https://github.com/rust-lang/crates.io-index)" = "b00bca6106a5e23f3eee943593759b7fcddb00554332e856d990c893966879fb" -"checksum wasi 0.10.0+wasi-snapshot-preview1 (registry+https://github.com/rust-lang/crates.io-index)" = "1a143597ca7c7793eff794def352d41792a93c481eb1042423ff7ff72ba2c31f" -"checksum winapi 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)" = "167dc9d6949a9b857f3451275e911c3f44255842c1f7a76f33c55103a909087a" -"checksum winapi 0.3.9 (registry+https://github.com/rust-lang/crates.io-index)" = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" -"checksum winapi-build 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "2d315eee3b34aca4797b2da6b13ed88266e6d612562a0c46390af8299fc699bc" -"checksum winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" -"checksum winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" -"checksum yasna 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "79af3189e6b0484c9fd54208f8eeb8818cadee00ec81438b67a64c8e6f2f3694" + "bit-vec", + "num-bigint", +] diff --git a/ct.sh b/ct.sh index 2afc98f84..e6cf84cd7 100755 --- a/ct.sh +++ b/ct.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash set -ex cd "$(dirname "$0")" @@ -9,27 +9,41 @@ if [ -z $TRAVIS_RUST_VERSION ]; then exit 1 fi +export CFLAGS_x86_64_fortanix_unknown_sgx="-isystem/usr/include/x86_64-linux-gnu -mlvi-hardening -mllvm -x86-experimental-lvi-inline-asm-hardening" +export CC_x86_64_fortanix_unknown_sgx=clang-11 + if [ $TRAVIS_RUST_VERSION = "stable" ] || [ $TRAVIS_RUST_VERSION = "beta" ] || [ $TRAVIS_RUST_VERSION = "nightly" ]; then rustup default $TRAVIS_RUST_VERSION - # make sure that explicitly providing the default target works - cargo test --target x86_64-unknown-linux-gnu - cargo test --features spin_threading - cargo test --features rust_threading - cargo test --features custom_time,custom_gmtime_r - cargo test --features zlib - cargo test --features pkcs12 - cargo test --features pkcs12_rc2 - cargo test --features force_aesni_support - cargo test --features dsa + rustup target add --toolchain $TRAVIS_RUST_VERSION $TARGET + # The SGX target cannot be run under test like a ELF binary + if [ "$TARGET" != "x86_64-fortanix-unknown-sgx" ]; then + # make sure that explicitly providing the default target works + cargo test --target $TARGET --release + cargo test --features pkcs12 --target $TARGET + cargo test --features pkcs12_rc2 --target $TARGET + cargo test --features dsa --target $TARGET + cargo test --features spin_threading --target $TARGET + cargo test --features rust_threading --target $TARGET + cargo test --features custom_time,custom_gmtime_r --target $TARGET + # test the async support + cargo test --test async_session --features=std,threading,tokio/full --target $TARGET + + # If zlib is installed, test the zlib feature + if [ -n "$ZLIB_INSTALLED" ]; then + cargo test --features zlib --target $TARGET + fi + + # If AES-NI is supported, test the feature + if [ -n "$AES_NI_SUPPORT" ]; then + cargo test --features force_aesni_support --target $TARGET + fi + else + cargo +$TRAVIS_RUST_VERSION test --no-run --target=$TARGET --features=sgx --no-default-features + fi elif [ $TRAVIS_RUST_VERSION = $CORE_IO_NIGHTLY ]; then cargo +$CORE_IO_NIGHTLY test --no-default-features --features core_io,rdrand,time,custom_time,custom_gmtime_r cargo +$CORE_IO_NIGHTLY test --no-default-features --features core_io,rdrand - -elif [ $TRAVIS_RUST_VERSION = $SGX_NIGHTLY ]; then - rustup target add --toolchain $SGX_NIGHTLY x86_64-fortanix-unknown-sgx - cargo +$SGX_NIGHTLY test --no-run --target=x86_64-fortanix-unknown-sgx --features=sgx --no-default-features - else echo "Unknown version $TRAVIS_RUST_VERSION" exit 1 diff --git a/mbedtls/Cargo.toml b/mbedtls/Cargo.toml index 8f5730c2b..a8ee861b7 100644 --- a/mbedtls/Cargo.toml +++ b/mbedtls/Cargo.toml @@ -20,7 +20,7 @@ keywords = ["MbedTLS","mbed","TLS","SSL","cryptography"] [dependencies] bitflags = "1" chrono = { version = "0.4", optional = true } -core_io = { version = "0.1", features = ["collections"], optional = true } +core_io = { version = "0.1.20210325", features = ["collections"], optional = true } spin = { version = "0.4.0", default-features = false, optional = true } serde = { version = "1.0.7", default-features = false } serde_derive = "1.0.7" @@ -30,12 +30,15 @@ num-bigint = { version = "0.2", optional = true } bit-vec = { version = "0.5", optional = true } block-modes = { version = "0.3", optional = true } rc2 = { version = "0.3", optional = true } +tokio = { version = "0.3", optional = true } +proc-macro2 = "=1.0.24" +quote = "=1.0.9" [target.x86_64-fortanix-unknown-sgx.dependencies] rs-libc = "0.1.0" [dependencies.mbedtls-sys-auto] -version = "2.25.2" +version = "2.28.0" default-features = false features = ["custom_printf", "trusted_cert_callback"] @@ -83,6 +86,16 @@ name = "server" path = "examples/server.rs" required-features = ["std"] +[[test]] +name = "alpn" +path = "tests/alpn.rs" +required-features = ["std"] + +[[test]] +name = "async_session" +path = "tests/async_session.rs" +required-features = ["std", "threading", "tokio", "tokio/net", "tokio/io-util", "tokio/macros", "tokio/rt"] + [[test]] name = "client_server" path = "tests/client_server.rs" diff --git a/mbedtls/src/bignum/mod.rs b/mbedtls/src/bignum/mod.rs index 65e1d3c1a..dbf294a3d 100644 --- a/mbedtls/src/bignum/mod.rs +++ b/mbedtls/src/bignum/mod.rs @@ -173,7 +173,7 @@ impl Mpi { mpi_write_string( &self.inner, radix, - buf.as_mut_ptr() as *mut i8, + buf.as_mut_ptr() as *mut _, buf.len(), &mut olen, ) diff --git a/mbedtls/src/pk/mod.rs b/mbedtls/src/pk/mod.rs index 70e507535..9237147ed 100644 --- a/mbedtls/src/pk/mod.rs +++ b/mbedtls/src/pk/mod.rs @@ -111,7 +111,7 @@ extern "C" fn alloc_custom_pk_ctx() -> *mut c_void { } unsafe extern "C" fn free_custom_pk_ctx(p: *mut c_void) { - Box::from_raw(p as *mut CustomPkContext); + let _ = Box::from_raw(p as *mut CustomPkContext); } extern "C" fn custom_pk_can_do(_t: u32) -> i32 { @@ -129,7 +129,7 @@ const CUSTOM_PK_INFO: pk_info_t = { sign_func: None, verify_func: None, get_bitlen: None, - name: b"\0" as *const u8 as *const i8, + name: b"\0" as *const u8 as *const _, ctx_alloc_func: Some(alloc_custom_pk_ctx), ctx_free_func: Some(free_custom_pk_ctx), } @@ -953,7 +953,7 @@ impl Pk { #[cfg(test)] mod tests { use super::*; - use crate::hash::Type; + use crate::hash::{Type, MdInfo}; use crate::pk::Type as PkType; // This is test data that must match library output *exactly* @@ -1155,7 +1155,7 @@ iy6KC991zzvaWY/Ys+q/84Afqa+0qJKQnPuy/7F5GkVdQA/lfbhi fn rsa_sign_verify_pkcs1v15() { let mut pk = Pk::generate_rsa(&mut crate::test_support::rand::test_rng(), 2048, 0x10001).unwrap(); - let data = b"SIGNATURE TEST SIGNATURE TEST SI"; + let data = b"SIGNATURE TEST SIGNATURE TEST SIGNATURE TEST SIGNATURE TEST SIGN"; let mut signature = vec![0u8; (pk.len() + 7) / 8]; let digests = [ @@ -1171,16 +1171,22 @@ iy6KC991zzvaWY/Ys+q/84Afqa+0qJKQnPuy/7F5GkVdQA/lfbhi Type::Ripemd, ]; - for digest in &digests { + for &digest in &digests { + let data = if let Some(md @ MdInfo { .. }) = digest.into() { + &data[..md.size()] + } else { + &data[..] + }; + let len = pk .sign( - *digest, + digest, data, &mut signature, &mut crate::test_support::rand::test_rng(), ) .unwrap(); - pk.verify(*digest, data, &signature[0..len]).unwrap(); + pk.verify(digest, data, &signature[0..len]).unwrap(); } } @@ -1188,7 +1194,7 @@ iy6KC991zzvaWY/Ys+q/84Afqa+0qJKQnPuy/7F5GkVdQA/lfbhi fn rsa_sign_verify_pss() { let mut pk = Pk::generate_rsa(&mut crate::test_support::rand::test_rng(), 2048, 0x10001).unwrap(); - let data = b"SIGNATURE TEST SIGNATURE TEST SI"; + let data = b"SIGNATURE TEST SIGNATURE TEST SIGNATURE TEST SIGNATURE TEST SIGN"; let mut signature = vec![0u8; (pk.len() + 7) / 8]; let digests = [ @@ -1204,15 +1210,21 @@ iy6KC991zzvaWY/Ys+q/84Afqa+0qJKQnPuy/7F5GkVdQA/lfbhi Type::Ripemd, ]; - for digest in &digests { + for &digest in &digests { + let data = if let Some(md @ MdInfo { .. }) = digest.into() { + &data[..md.size()] + } else { + &data[..] + }; + pk.set_options(Options::Rsa { - padding: RsaPadding::Pkcs1V21 { mgf: *digest }, + padding: RsaPadding::Pkcs1V21 { mgf: digest }, }); - if *digest == Type::None { + if digest == Type::None { assert!(pk .sign( - *digest, + digest, data, &mut signature, &mut crate::test_support::rand::test_rng() @@ -1221,13 +1233,13 @@ iy6KC991zzvaWY/Ys+q/84Afqa+0qJKQnPuy/7F5GkVdQA/lfbhi } else { let len = pk .sign( - *digest, + digest, data, &mut signature, &mut crate::test_support::rand::test_rng(), ) .unwrap(); - pk.verify(*digest, data, &signature[0..len]).unwrap(); + pk.verify(digest, data, &signature[0..len]).unwrap(); } } } diff --git a/mbedtls/src/pkcs12/mod.rs b/mbedtls/src/pkcs12/mod.rs index 7d7507996..8106f2a58 100644 --- a/mbedtls/src/pkcs12/mod.rs +++ b/mbedtls/src/pkcs12/mod.rs @@ -356,6 +356,7 @@ impl BERDecodable for EncryptedData { // EncryptedContentInfo from PKCS7 see RFC 2315 section 10.1 #[derive(Debug, Clone)] +#[allow(dead_code)] struct EncryptedContentInfo { content_type: ObjectIdentifier, encryption_algo: AlgorithmIdentifier, @@ -458,6 +459,7 @@ enum Pkcs12BagSet { } #[derive(Debug, Clone)] +#[allow(dead_code)] struct SafeBag { bag_id: ObjectIdentifier, bag_value: Pkcs12BagSet, diff --git a/mbedtls/src/rng/ctr_drbg.rs b/mbedtls/src/rng/ctr_drbg.rs index 1b4184ba2..a67d5a96c 100644 --- a/mbedtls/src/rng/ctr_drbg.rs +++ b/mbedtls/src/rng/ctr_drbg.rs @@ -102,6 +102,9 @@ impl<'entropy> DerefMut for CtrDrbg<'entropy> { // ==== END IMMOVABLE TYPE KLUDGE ==== +#[cfg(feature = "threading")] +unsafe impl<'entropy> Send for CtrDrbg<'entropy> {} + #[cfg(feature = "threading")] unsafe impl<'entropy> Sync for CtrDrbg<'entropy> {} diff --git a/mbedtls/src/ssl/async_session.rs b/mbedtls/src/ssl/async_session.rs new file mode 100644 index 000000000..ec94c5c68 --- /dev/null +++ b/mbedtls/src/ssl/async_session.rs @@ -0,0 +1,470 @@ +/* Copyright (c) Fortanix, Inc. + * + * Licensed under the GNU General Public License, version 2 or the Apache License, Version + * 2.0 , at your + * option. This file may not be copied, modified, or distributed except + * according to those terms. */ + +#![cfg(all(feature = "std", feature = "tokio"))] + +use std::cell::Cell; +use std::future::Future; +use std::io::{self, Read, Write}; +use std::marker::Unpin; +use std::mem; +use std::ops::{Deref, DerefMut}; +use std::pin::Pin; +use std::ptr::null_mut; +use std::rc::Rc; +use std::task::{Context as TaskContext, Poll}; + +use tokio::io::{AsyncRead, AsyncWrite, ReadBuf}; + +use crate::ssl::{Context, HandshakeError, MidHandshake, Session, Version}; +use crate::x509::VerifyError; +use crate::Error; + +#[derive(Clone)] +struct ErasedContext(Rc>); + +unsafe impl Send for ErasedContext {} + +impl ErasedContext { + fn new() -> Self { + Self(Rc::new(Cell::new(null_mut()))) + } + + unsafe fn get(&self) -> &mut TaskContext<'_> { + let ptr = self.0.get(); + assert!(!ptr.is_null()); + &mut *(ptr as *mut _) + } + + fn set(&self, cx: &mut TaskContext<'_>) { + self.0.set(cx as *mut _ as *mut ()); + } + + fn clear(&self) { + self.0.set(null_mut()); + } +} + +pub struct IoAdapter { + inner: S, + ecx: ErasedContext, +} + +impl IoAdapter { + pub fn new(stream: S) -> Self { + Self { + inner: stream, + ecx: ErasedContext::new(), + } + } +} + +impl IoAdapter { + fn with_context(&mut self, f: F) -> io::Result + where + F: FnOnce(&mut TaskContext<'_>, Pin<&mut S>) -> Poll>, + { + unsafe { + let cx = self.ecx.get(); + match f(cx, Pin::new(&mut self.inner)) { + Poll::Ready(r) => r, + Poll::Pending => Err(io::Error::from(io::ErrorKind::WouldBlock)), + } + } + } +} + +impl Read for IoAdapter { + fn read(&mut self, buf: &mut [u8]) -> io::Result { + let mut buf = ReadBuf::new(buf); + self.with_context(|ctx, stream| stream.poll_read(ctx, &mut buf))?; + Ok(buf.filled().len()) + } +} + +impl Write for IoAdapter { + fn write(&mut self, buf: &[u8]) -> io::Result { + self.with_context(|ctx, stream| stream.poll_write(ctx, buf)) + } + + fn flush(&mut self) -> io::Result<()> { + self.with_context(|ctx, stream| stream.poll_flush(ctx)) + } +} + +struct SessionWrapper<'ctx>(Session<'ctx>); + +impl<'a> Deref for SessionWrapper<'a> { + type Target = Session<'a>; + + fn deref(&self) -> &Self::Target { + &self.0 + } +} + +impl<'a> DerefMut for SessionWrapper<'a> { + fn deref_mut(&mut self) -> &mut Self::Target { + &mut self.0 + } +} + +impl<'a> From> for SessionWrapper<'a> { + fn from(s: Session<'a>) -> Self { + Self(s) + } +} + +impl Drop for SessionWrapper<'_> { + fn drop(&mut self) { + unsafe { + self.0.release_io(); + } + // Make sure `ssl_close_notify()` is not called since that would cause + // a panic if `ecx` field in `AsyncSession` is not set. + mem::forget(self); + } +} + +// mbedtls_ssl_write() has some weird semantics w.r.t non-blocking I/O: +// +// > When this function returns MBEDTLS_ERR_SSL_WANT_WRITE/READ, it must be +// > called later **with the same arguments**, until it returns a value greater +// > than or equal to 0. When the function returns MBEDTLS_ERR_SSL_WANT_WRITE +// > there may be some partial data in the output buffer, however this is not +// > yet sent. +// +// WriteTracker is used to ensure we pass the same data in that scenario. +// +// Reference: +// https://tls.mbed.org/api/ssl_8h.html#a5bbda87d484de82df730758b475f32e5 +struct WriteTracker { + pending: Option>, +} + +struct DigestAndLen { + #[cfg(debug_assertions)] + digest: [u8; 20], // SHA-1 + len: usize, +} + +impl WriteTracker { + fn new() -> Self { + WriteTracker { + pending: None, + } + } + + #[cfg(debug_assertions)] + fn digest(buf: &[u8]) -> [u8; 20] { + use crate::hash::{Md, Type}; + let mut out = [0u8; 20]; + let res = Md::hash(Type::Sha1, buf, &mut out[..]); + assert_eq!(res, Ok(out.len())); + out + } + + fn adjust_buf<'a>(&self, buf: &'a [u8]) -> io::Result<&'a [u8]> { + match self.pending.as_ref() { + None => Ok(buf), + Some(pending) => { + if pending.len <= buf.len() { + let buf = &buf[..pending.len]; + + // We only do this check in debug mode since it's an expensive check. + #[cfg(debug_assertions)] + if Self::digest(buf) == pending.digest { + return Ok(buf); + } + + #[cfg(not(debug_assertions))] + return Ok(buf); + } + Err(io::Error::new( + io::ErrorKind::Other, + "mbedtls expects the same data if the previous call to poll_write() returned Poll::Pending" + )) + }, + } + } + + fn post_write(&mut self, buf: &[u8], res: &Poll>) { + match res { + &Poll::Pending => { + if self.pending.is_none() { + self.pending = Some(Box::new(DigestAndLen { + #[cfg(debug_assertions)] + digest: Self::digest(buf), + len: buf.len(), + })); + } + }, + _ => { + self.pending = None; + } + } + } +} + +pub struct AsyncSession<'ctx> { + session: Option>, + ecx: ErasedContext, + write_tracker: WriteTracker, +} + +unsafe impl<'c> Send for AsyncSession<'c> {} + +struct Guard<'a, 'b>(&'a mut AsyncSession<'b>); + +impl Drop for Guard<'_, '_> { + fn drop(&mut self) { + (self.0).ecx.clear(); + } +} + +fn already_shutdown() -> io::Error { + io::Error::new(io::ErrorKind::Other, "stream has been shutdown") +} + +impl<'c> AsyncSession<'c> { + fn with_context(&mut self, cx: &mut TaskContext<'_>, f: F) -> Poll> + where + F: FnOnce(&mut Session<'c>) -> io::Result, + { + if self.session.is_none() { + return Err(already_shutdown()).into(); + } + self.ecx.set(cx); + let g = Guard(self); + match f(g.0.session.as_mut().unwrap()) { + Ok(v) => Ok(v).into(), + Err(ref e) if e.kind() == io::ErrorKind::WouldBlock => Poll::Pending, + Err(e) => Err(e).into(), + } + } + + fn poll_close_notify(&mut self, cx: &mut TaskContext<'_>) -> Poll> { + let mut session = match self.session.take() { + Some(session) => session, + None => return Err(already_shutdown()).into(), + }; + self.ecx.set(cx); + let res = unsafe { session.close_notify() }; + self.ecx.clear(); + + match res { + Ok(()) => Ok(()).into(), + Err(e) if e.kind() == io::ErrorKind::WouldBlock => { + self.session = Some(session); + Poll::Pending + } + Err(e) => Err(e).into(), + } + } +} + +impl Drop for AsyncSession<'_> { + fn drop(&mut self) { + // Theoretically, we could use [`Handle::try_current()`] to get the + // current runtime and [`Handle::block_on()`] to block on completion of + // `self.shutdown()`, however there are some caveats to that approach + // that make it very undesirable: + // + // - When using basic scheduler, we need to call [`Handle::block_on()`] + // in a separate thread, while with threaded scheduler we don't need + // a separate thread. However, there is no way to know which + // scheduler is being used, therefore we need to call `block_on` in a + // separate thread to support both schedulers. + // + // - To be able to `block_on(self.shutdown())` in a separate thread, we + // need to somehow send `self` or `self.shutdown()` to that thread, + // but that would normally require the object being sent to be + // `'static`. We could do some unsafe shenanigans to make that work, + // but is it really worth it? + // + // We should revisit this once there is support for async drop in Rust. + // + // [`Handle::try_current()`]: https://docs.rs/tokio/0.2.22/tokio/runtime/struct.Handle.html#method.try_current + // [`Handle::block_on()`]: https://docs.rs/tokio/0.2.22/tokio/runtime/struct.Handle.html#method.block_on + } +} + +impl AsyncRead for AsyncSession<'_> { + fn poll_read( + mut self: Pin<&mut Self>, + cx: &mut TaskContext<'_>, + buf: &mut ReadBuf<'_>, + ) -> Poll> { + self.with_context(cx, |s| { + let n = s.read(buf.initialize_unfilled())?; + buf.advance(n); + Ok(()) + }) + } +} + +impl AsyncWrite for AsyncSession<'_> { + fn poll_write( + mut self: Pin<&mut Self>, + cx: &mut TaskContext<'_>, + buf: &[u8], + ) -> Poll> { + let buf = match self.write_tracker.adjust_buf(buf) { + Ok(buf) => buf, + Err(e) => return Poll::Ready(Err(e)), + }; + let res = self.with_context(cx, |s| s.write(buf)); + self.write_tracker.post_write(buf, &res); + res + } + + fn poll_flush(mut self: Pin<&mut Self>, cx: &mut TaskContext<'_>) -> Poll> { + self.with_context(cx, |s| s.flush()) + } + + fn poll_shutdown(mut self: Pin<&mut Self>, cx: &mut TaskContext<'_>) -> Poll> { + self.poll_close_notify(cx) + } +} + +enum HandshakeState<'ctx> { + Ready(AsyncSession<'ctx>), + InProgress(MidHandshakeFuture<'ctx>), +} + +struct StartHandshake<'a, 'b, 'c, S>(Option>); +struct StartHandshakeInner<'a, 'b, 'c, S> { + context: &'b mut Context<'a>, + io: &'b mut IoAdapter, + hostname: Option<&'c str>, +} + +impl<'ctx, S: AsyncRead + AsyncWrite + Unpin> Future for StartHandshake<'_, 'ctx, '_, S> { + type Output = Result, Error>; + + fn poll(self: Pin<&mut Self>, cx: &mut TaskContext<'_>) -> Poll { + let mut_self = self.get_mut(); + let inner = mut_self.0.take().expect("future polled after completion"); + + inner.io.ecx.set(cx); + let ecx = inner.io.ecx.clone(); + let output = match inner.context.establish_internal(inner.io, inner.hostname) { + Ok(session) => Ok(HandshakeState::Ready(AsyncSession { + session: Some(session.into()), + ecx, + write_tracker: WriteTracker::new(), + })), + Err(HandshakeError::WouldBlock(mid, _err)) => Ok(HandshakeState::InProgress( + MidHandshakeFuture(Some(MidHandshakeFutureInner { mid, ecx })), + )), + Err(HandshakeError::Failed(err)) => Err(err), + }; + output.into() + } +} + +struct MidHandshakeFuture<'ctx>(Option>); +struct MidHandshakeFutureInner<'ctx> { + mid: MidHandshake<'ctx>, + ecx: ErasedContext, +} + +impl<'c> Future for MidHandshakeFuture<'c> { + type Output = Result, Error>; + + fn poll(self: Pin<&mut Self>, cx: &mut TaskContext<'_>) -> Poll { + let mut_self = self.get_mut(); + let mut inner = mut_self.0.take().expect("future polled after completion"); + + inner.ecx.set(cx); + match inner.mid.handshake() { + Ok(session) => { + inner.ecx.clear(); + Ok(AsyncSession { + session: Some(session.into()), + ecx: inner.ecx, + write_tracker: WriteTracker::new(), + }).into() + } + Err(HandshakeError::WouldBlock(mid, _err)) => { + inner.ecx.clear(); + inner.mid = mid; + mut_self.0 = Some(inner); + Poll::Pending + } + Err(HandshakeError::Failed(e)) => Err(e).into(), + } + } +} + +impl<'config> Context<'config> { + pub async fn establish_async<'c, S: AsyncRead + AsyncWrite + Unpin>( + &'c mut self, + io: &'c mut IoAdapter, + hostname: Option<&str>, + ) -> Result, Error> { + let start = StartHandshake(Some(StartHandshakeInner { + context: self, + io, + hostname, + })); + match start.await { + Ok(HandshakeState::Ready(session)) => Ok(session), + Ok(HandshakeState::InProgress(fut)) => fut.await, + Err(err) => Err(err), + } + } +} + +// Forward method calls instead of Deref since that would enable Read/Write +impl<'a> AsyncSession<'a> { + fn session(&self) -> io::Result<&Session<'a>> { + self.session + .as_ref() + .map(|s| s.deref()) + .ok_or_else(|| already_shutdown()) + } + + /// Return the minor number of the negotiated TLS version + pub fn minor_version(&self) -> io::Result { + self.session().map(|session| session.minor_version()) + } + + /// Return the major number of the negotiated TLS version + pub fn major_version(&self) -> io::Result { + self.session().map(|session| session.major_version()) + } + + /// Return the number of bytes currently available to read that + /// are stored in the Session's internal read buffer + pub fn bytes_available(&self) -> io::Result { + self.session().map(|session| session.bytes_available()) + } + + pub fn version(&self) -> io::Result { + self.session().map(|session| session.version()) + } + + /// Return the 16-bit ciphersuite identifier. + /// All assigned ciphersuites are listed by the IANA in + /// https://www.iana.org/assignments/tls-parameters/tls-parameters.txt + pub fn ciphersuite(&self) -> io::Result { + self.session().map(|session| session.ciphersuite()) + } + + pub fn peer_cert(&self) -> io::Result> { + self.session().map(|session| session.peer_cert()) + } + + pub fn verify_result(&self) -> io::Result> { + self.session().map(|session| session.verify_result()) + } + + pub fn get_alpn_protocol(&self) -> io::Result, Error>> { + self.session().map(|session| session.get_alpn_protocol()) + } +} diff --git a/mbedtls/src/ssl/config.rs b/mbedtls/src/ssl/config.rs index 936d047db..187b2ade6 100644 --- a/mbedtls/src/ssl/config.rs +++ b/mbedtls/src/ssl/config.rs @@ -6,6 +6,8 @@ * option. This file may not be copied, modified, or distributed except * according to those terms. */ +use core::marker::PhantomData; +use core::ptr; use core::slice::from_raw_parts; use mbedtls_sys::types::raw_types::{c_char, c_int, c_uchar, c_uint, c_void}; @@ -21,6 +23,9 @@ use crate::ssl::context::HandshakeContext; use crate::ssl::ticket::TicketCallback; use crate::x509::{certificate, Crl, LinkedCertificate, Profile, VerifyError}; +#[cfg(not(feature = "std"))] +use crate::alloc_prelude::*; + extern "C" { fn calloc(n: usize, size: usize) -> *mut c_void; fn free(ptr: *mut c_void); @@ -85,6 +90,32 @@ define!( callback!(DbgCallback:Sync(level: c_int, file: *const c_char, line: c_int, message: *const c_char) -> ()); +pub struct NullTerminatedStrList<'s> { + c: Box<[*const u8]>, + r: PhantomData<&'s ()>, +} + +unsafe impl<'s> Send for NullTerminatedStrList<'s> {} +unsafe impl<'s> Sync for NullTerminatedStrList<'s> {} + +impl<'s> NullTerminatedStrList<'s> { + pub fn new(list: &[&'s str]) -> Self { + let mut c = Vec::with_capacity(list.len() + 1); + for s in list { + c.push(s.as_ptr()); + } + c.push(ptr::null()); + NullTerminatedStrList { + c: c.into_boxed_slice(), + r: PhantomData, + } + } + + pub fn as_ptr(&self) -> *const *const u8 { + self.c.as_ptr() + } +} + define!( #[c_ty(ssl_config)] struct Config<'c>; @@ -329,6 +360,17 @@ impl<'c> Config<'c> { ) } } + + /// Set the supported Application Layer Protocols. + /// + /// Each protocol name in the list must also be terminated with a null character (`\0`). + pub fn set_alpn_protocols(&mut self, protocols: &'c NullTerminatedStrList<'c>) -> Result<()> { + unsafe { + ssl_conf_alpn_protocols(&mut self.inner, protocols.as_ptr() as *mut _) + .into_result() + .map(|_| ()) + } + } } /// Builds a linked list of x509_crt instances, all of which are owned by mbedtls. That is, the diff --git a/mbedtls/src/ssl/context.rs b/mbedtls/src/ssl/context.rs index cbc17534a..ed83b1aed 100644 --- a/mbedtls/src/ssl/context.rs +++ b/mbedtls/src/ssl/context.rs @@ -49,6 +49,7 @@ impl IoCallback for IO { }; match (&mut *(user_data as *mut IO)).read(::core::slice::from_raw_parts_mut(data, len)) { Ok(i) => i as c_int, + Err(ref e) if e.kind() == io::ErrorKind::WouldBlock => ::mbedtls_sys::ERR_SSL_WANT_READ, Err(_) => ::mbedtls_sys::ERR_NET_RECV_FAILED, } } @@ -65,6 +66,7 @@ impl IoCallback for IO { }; match (&mut *(user_data as *mut IO)).write(::core::slice::from_raw_parts(data, len)) { Ok(i) => i as c_int, + Err(ref e) if e.kind() == io::ErrorKind::WouldBlock => ::mbedtls_sys::ERR_SSL_WANT_WRITE, Err(_) => ::mbedtls_sys::ERR_NET_SEND_FAILED, } } @@ -87,9 +89,35 @@ pub struct Session<'ctx> { inner: &'ctx mut ssl_context, } +pub struct MidHandshake<'ctx> { + inner: Option<&'ctx mut ssl_context>, +} + +pub enum HandshakeError<'ctx> { + Failed(Error), + // Indicates that the TLS handshake requires I/O but the underlying stream + // is not ready. In this case, wait for the I/O stream to become ready and + // then resume TLS handshake by calling MidHandshake::handshake(). + // This is useful for non-blocking I/O. + WouldBlock(MidHandshake<'ctx>, Error), +} + +impl<'a> HandshakeError<'a> { + pub fn into_error(self) -> Error { + match self { + HandshakeError::Failed(e) => e, + HandshakeError::WouldBlock(_, e) => e, + } + } +} + #[cfg(feature = "threading")] unsafe impl<'ctx> Send for Session<'ctx> {} +#[cfg(feature = "threading")] +unsafe impl<'ctx> Send for MidHandshake<'ctx> {} + + pub struct HandshakeContext<'ctx> { inner: &'ctx mut ssl_context, } @@ -107,9 +135,21 @@ impl<'config> Context<'config> { io: &'c mut F, hostname: Option<&str>, ) -> Result> { + match self.establish_internal(io, hostname) { + Ok(session) => Ok(session), + Err(HandshakeError::Failed(e)) => Err(e), + Err(HandshakeError::WouldBlock(_, e)) => Err(e), + } + } + + pub(super) fn establish_internal<'c, F: IoCallback>( + &'c mut self, + io: &'c mut F, + hostname: Option<&str>, + ) -> StdResult, HandshakeError<'c>> { unsafe { - ssl_session_reset(&mut self.inner).into_result()?; - self.set_hostname(hostname)?; + ssl_session_reset(&mut self.inner).into_result().map_err(|e| HandshakeError::Failed(e))?; + self.set_hostname(hostname).map_err(|e| HandshakeError::Failed(e))?; ssl_set_bio( &mut self.inner, @@ -118,16 +158,7 @@ impl<'config> Context<'config> { Some(F::call_recv), None, ); - match ssl_handshake(&mut self.inner).into_result() { - Err(e) => { - // safely end borrow of io - ssl_set_bio(&mut self.inner, ::core::ptr::null_mut(), None, None, None); - Err(e) - } - Ok(_) => Ok(Session { - inner: &mut self.inner, - }), - } + MidHandshake { inner: Some(&mut self.inner) }.handshake() } } @@ -221,6 +252,22 @@ impl<'ctx> UnsafeFrom<*mut ssl_context> for HandshakeContext<'ctx> { } } +impl<'a> MidHandshake<'a> { + pub fn handshake(mut self) -> StdResult, HandshakeError<'a>> { + let inner_ptr = (*self.inner.as_mut().unwrap()) as *mut _; + unsafe { + match ssl_handshake(inner_ptr).into_result() { + Err(Error::SslWantRead) => Err(HandshakeError::WouldBlock(self, Error::SslWantRead)), + Err(Error::SslWantWrite) => Err(HandshakeError::WouldBlock(self, Error::SslWantWrite)), + Err(e) => Err(HandshakeError::Failed(e)), // Borrow of io will end when self is dropped. + Ok(_) => Ok(Session { + inner: self.inner.take().unwrap(), + }), + } + } + } +} + impl<'a> Session<'a> { /// Return the minor number of the negotiated TLS version pub fn minor_version(&self) -> i32 { @@ -272,12 +319,26 @@ impl<'a> Session<'a> { flags => Err(VerifyError::from_bits_truncate(flags)), } } + + #[cfg(feature = "std")] + pub fn get_alpn_protocol(&self) -> Result> { + unsafe { + let ptr = ssl_get_alpn_protocol(self.inner); + if ptr.is_null() { + Ok(None) + } else { + let s = std::ffi::CStr::from_ptr(ptr).to_str()?; + Ok(Some(s)) + } + } + } } impl<'a> Read for Session<'a> { fn read(&mut self, buf: &mut [u8]) -> io::Result { match unsafe { ssl_read(self.inner, buf.as_mut_ptr(), buf.len()).into_result() } { Err(Error::SslPeerCloseNotify) => Ok(0), + Err(Error::SslWantRead) => Err(io::ErrorKind::WouldBlock.into()), Err(e) => Err(crate::private::error_to_io_error(e)), Ok(i) => Ok(i as usize), } @@ -288,6 +349,7 @@ impl<'a> Write for Session<'a> { fn write(&mut self, buf: &[u8]) -> io::Result { match unsafe { ssl_write(self.inner, buf.as_ptr(), buf.len()).into_result() } { Err(Error::SslPeerCloseNotify) => Ok(0), + Err(Error::SslWantWrite) => Err(io::ErrorKind::WouldBlock.into()), Err(e) => Err(crate::private::error_to_io_error(e)), Ok(i) => Ok(i as usize), } @@ -307,6 +369,37 @@ impl<'a> Drop for Session<'a> { } } +impl<'a> Drop for MidHandshake<'a> { + fn drop(&mut self) { + unsafe { + if let Some(inner) = self.inner.take() { + ssl_set_bio(inner, ::core::ptr::null_mut(), None, None, None); + } + } + } +} + +#[cfg(all(feature = "std", feature = "tokio"))] +impl<'a> Session<'a> { + // This is unsafe because if it returns something other than Ok or + // WouldBlock, then it's the caller's responsibility to ensure the session + // is not used afterwards. + pub(super) unsafe fn close_notify(&mut self) -> io::Result<()> { + match ssl_close_notify(self.inner).into_result() { + Err(Error::SslWantRead) | + Err(Error::SslWantWrite) => Err(io::ErrorKind::WouldBlock.into()), + Err(e) => Err(crate::private::error_to_io_error(e)), + Ok(0) => Ok(()), + Ok(v) => Err(io::Error::new(io::ErrorKind::Other, format!("unexpected result from ssl_close_notify: {}", v))), + } + } + + // This is unsafe because the caller must ensure session is not used afterwards. + pub(super) unsafe fn release_io(&mut self) { + ssl_set_bio(self.inner, ::core::ptr::null_mut(), None, None, None); + } +} + // ssl_get_alpn_protocol // ssl_get_max_frag_len // ssl_get_record_expansion diff --git a/mbedtls/src/ssl/mod.rs b/mbedtls/src/ssl/mod.rs index ea79153b1..346e6ef28 100644 --- a/mbedtls/src/ssl/mod.rs +++ b/mbedtls/src/ssl/mod.rs @@ -6,16 +6,20 @@ * option. This file may not be copied, modified, or distributed except * according to those terms. */ +pub mod async_session; pub mod ciphersuites; pub mod config; pub mod context; pub mod ticket; +#[cfg(all(feature = "std", feature = "tokio"))] +#[doc(inline)] +pub use self::async_session::{AsyncSession, IoAdapter}; #[doc(inline)] pub use self::ciphersuites::CipherSuite; #[doc(inline)] pub use self::config::{Config, Version}; #[doc(inline)] -pub use self::context::{Context, HandshakeContext, Session}; +pub use self::context::{Context, HandshakeContext, HandshakeError, MidHandshake, Session}; #[doc(inline)] pub use self::ticket::TicketContext; diff --git a/mbedtls/src/x509/certificate.rs b/mbedtls/src/x509/certificate.rs index 65506557f..ae2fb3178 100644 --- a/mbedtls/src/x509/certificate.rs +++ b/mbedtls/src/x509/certificate.rs @@ -940,17 +940,19 @@ cYp0bH/RcPTC0Z+ZaqSWMtfxRrk63MJQF9EXpDCdvQRcTMD9D85DJrMKn8aumq0M let mut c_int2 = Certificate::from_pem(C_INT2.as_bytes()).unwrap(); let mut c_root = Certificate::from_pem(C_ROOT.as_bytes()).unwrap(); + let mut err_str = String::new(); { let mut chain = List::from(&mut c_leaf); chain.push_back(&mut c_int1); // incomplete chain - let err = LinkedCertificate::verify((&mut chain).into(), &mut c_root, None).unwrap_err(); - assert_eq!(err, Error::X509CertVerifyFailed); + let res = LinkedCertificate::verify((&mut chain).into(), &mut c_root, Some(&mut err_str)); + assert_eq!(res, Err(Error::X509CertVerifyFailed), "{}", err_str); // try again after fixing the chain chain.push_back(&mut c_int2); - LinkedCertificate::verify((&mut chain).into(), &mut c_root, None).unwrap(); + let res = LinkedCertificate::verify((&mut chain).into(), &mut c_root, Some(&mut err_str)); + assert_eq!(res, Ok(()), "{}", err_str); } #[cfg(feature = "std")] diff --git a/mbedtls/src/x509/mod.rs b/mbedtls/src/x509/mod.rs index cc63fcc7d..6e7f39a57 100644 --- a/mbedtls/src/x509/mod.rs +++ b/mbedtls/src/x509/mod.rs @@ -28,7 +28,6 @@ pub use self::profile::Profile; use mbedtls_sys::*; use mbedtls_sys::types::raw_types::c_uint; bitflags! { - #[doc(inline)] pub struct KeyUsage: c_uint { const DIGITAL_SIGNATURE = X509_KU_DIGITAL_SIGNATURE as c_uint; const NON_REPUDIATION = X509_KU_NON_REPUDIATION as c_uint; @@ -43,7 +42,6 @@ bitflags! { } bitflags! { - #[doc(inline)] pub struct VerifyError: u32 { const CERT_BAD_KEY = X509_BADCERT_BAD_KEY as u32; const CERT_BAD_MD = X509_BADCERT_BAD_MD as u32; diff --git a/mbedtls/tests/alpn.rs b/mbedtls/tests/alpn.rs new file mode 100644 index 000000000..16a2896b7 --- /dev/null +++ b/mbedtls/tests/alpn.rs @@ -0,0 +1,132 @@ +/* Copyright (c) Fortanix, Inc. + * + * Licensed under the GNU General Public License, version 2 or the Apache License, Version + * 2.0 , at your + * option. This file may not be copied, modified, or distributed except + * according to those terms. */ + +#![allow(dead_code)] +extern crate mbedtls; + +use std::net::TcpStream; + +use mbedtls::pk::Pk; +use mbedtls::rng::CtrDrbg; +use mbedtls::ssl::config::{Endpoint, NullTerminatedStrList, Preset, Transport}; +use mbedtls::ssl::{Config, Context, Session}; +use mbedtls::x509::{Certificate, LinkedCertificate, VerifyError}; +use mbedtls::{Error, Result}; + +mod support; +use support::entropy::entropy_new; +use support::keys; + + +#[derive(Debug)] +enum Expected<'a> { + FailedHandshake(Error), + SessionEstablished { + alpn: Option<&'a str>, + } +} + +impl Expected<'_> { + fn check(self, res: Result>) { + match (res, self) { + (Ok(session), Expected::SessionEstablished { alpn }) => assert_eq!(session.get_alpn_protocol().unwrap(), alpn), + (Err(e), Expected::FailedHandshake(err)) => assert_eq!(e, err), + (res, expected) => panic!("Unexpected result, expected {:?}, session is_ok: {}", expected, res.is_ok()), + } + } +} + +fn client(mut conn: TcpStream, alpn_list: Option<&[&str]>, expected: Expected<'_>) -> Result<()> { + let mut entropy = entropy_new(); + let mut rng = CtrDrbg::new(&mut entropy, None)?; + let mut cacert = Certificate::from_pem(keys::ROOT_CA_CERT)?; + let verify_callback = &mut |_crt: &mut LinkedCertificate, _depth, verify_flags: &mut VerifyError| { + verify_flags.remove(VerifyError::CERT_EXPIRED); + Ok(()) + }; + let alpn_list = alpn_list.map(|list| NullTerminatedStrList::new(list)); + let mut config = Config::new(Endpoint::Client, Transport::Stream, Preset::Default); + config.set_rng(Some(&mut rng)); + config.set_verify_callback(verify_callback); + config.set_ca_list(Some(&mut *cacert), None); + if let Some(ref alpn_list) = alpn_list { + config.set_alpn_protocols(alpn_list)?; + } + let mut ctx = Context::new(&config)?; + let res = ctx.establish(&mut conn, None); + expected.check(res); + Ok(()) +} + +fn server(mut conn: TcpStream, alpn_list: Option<&[&str]>, expected: Expected<'_>) -> Result<()> { + let mut entropy = entropy_new(); + let mut rng = CtrDrbg::new(&mut entropy, None)?; + let mut cert = Certificate::from_pem(keys::EXPIRED_CERT)?; + let mut key = Pk::from_private_key(keys::EXPIRED_KEY, None)?; + let alpn_list = alpn_list.map(|list| NullTerminatedStrList::new(list)); + let mut config = Config::new(Endpoint::Server, Transport::Stream, Preset::Default); + config.set_rng(Some(&mut rng)); + config.push_cert(&mut *cert, &mut key)?; + if let Some(ref alpn_list) = alpn_list { + config.set_alpn_protocols(alpn_list)?; + } + let mut ctx = Context::new(&config)?; + + let res = ctx.establish(&mut conn, None); + expected.check(res); + Ok(()) +} + +#[cfg(unix)] +#[test] +fn alpn() { + use std::thread; + #[derive(Clone)] + struct TestConfig { + client_list: Option<&'static [&'static str]>, + server_list: Option<&'static [&'static str]>, + expected: Option<&'static str>, + } + + impl TestConfig { + fn new(client_list: Option<&'static [&'static str]>, server_list: Option<&'static [&'static str]>, expected: Option<&'static str>) -> Self { + Self { client_list, server_list, expected } + } + } + + let test_configs = vec![ + TestConfig::new(Some(&["h2\0", "http/1.1\0"]), Some(&["h2\0", "http/1.1\0"]), Some("h2")), + TestConfig::new(Some(&["http/1.1\0", "h2\0"]), Some(&["h2\0", "http/1.1\0"]), Some("h2")), + TestConfig::new(Some(&["h2\0", "http/1.1\0"]), Some(&["http/1.1\0", "h2\0"]), Some("http/1.1")), + TestConfig::new(None, None, None), + TestConfig::new(None, Some(&["h2\0", "http/1.1\0"]), None), + TestConfig::new(Some(&["h2\0", "http/1.1\0"]), None, None), + ]; + + for config in test_configs { + let client_list = config.client_list; + let server_list = config.server_list; + let alpn = config.expected; + let (c, s) = support::net::create_tcp_pair().unwrap(); + let c = thread::spawn(move || client(c, client_list, Expected::SessionEstablished { alpn }).unwrap()); + let s = thread::spawn(move || server(s, server_list, Expected::SessionEstablished { alpn }).unwrap()); + c.join().unwrap(); + s.join().unwrap(); + } +} + +#[cfg(unix)] +#[test] +fn nothing_in_common() { + use std::thread; + let (c, s) = support::net::create_tcp_pair().unwrap(); + let c = thread::spawn(move || client(c, Some(&["a1\0", "a2\0"]), Expected::FailedHandshake(Error::SslFatalAlertMessage)).unwrap()); + let s = thread::spawn(move || server(s, Some(&["b1\0", "b2\0"]), Expected::FailedHandshake(Error::SslBadHsClientHello)).unwrap()); + c.join().unwrap(); + s.join().unwrap(); +} diff --git a/mbedtls/tests/async_session.rs b/mbedtls/tests/async_session.rs new file mode 100644 index 000000000..e018b62d4 --- /dev/null +++ b/mbedtls/tests/async_session.rs @@ -0,0 +1,293 @@ +/* Copyright (c) Fortanix, Inc. + * + * Licensed under the GNU General Public License, version 2 or the Apache License, Version + * 2.0 , at your + * option. This file may not be copied, modified, or distributed except + * according to those terms. */ + +#![cfg(not(target_env = "sgx"))] + +extern crate mbedtls; + +use std::future::Future; +use std::pin::Pin; + +use mbedtls::pk::Pk; +use mbedtls::rng::CtrDrbg; +use mbedtls::ssl::config::{Endpoint, Preset, Transport}; +use mbedtls::ssl::{Config, Context, IoAdapter, AsyncSession, Version}; +use mbedtls::x509::{Certificate, LinkedCertificate, VerifyError}; +use mbedtls::Error; +use mbedtls::Result as TlsResult; + +use tokio::io::{AsyncReadExt, AsyncWriteExt}; +use tokio::net::TcpStream; + +mod support; +use support::entropy::entropy_new; +use support::keys; + +async fn client( + conn: TcpStream, + min_version: Version, + max_version: Version, + exp_version: Option, +) -> TlsResult<()> { + let mut entropy = entropy_new(); + let mut rng = CtrDrbg::new(&mut entropy, None)?; + let mut cacert = Certificate::from_pem(keys::ROOT_CA_CERT)?; + let expected_flags = VerifyError::empty(); + #[cfg(feature = "time")] + let expected_flags = expected_flags | VerifyError::CERT_EXPIRED; + let mut verify_args = None; + { + let verify_callback = + &mut |crt: &mut LinkedCertificate, depth, verify_flags: &mut VerifyError| { + verify_args = Some((crt.subject().unwrap(), depth, *verify_flags)); + verify_flags.remove(VerifyError::CERT_EXPIRED); //we check the flags at the end, + //so removing this flag here prevents the connections from failing with VerifyError + Ok(()) + }; + let mut config = Config::new(Endpoint::Client, Transport::Stream, Preset::Default); + config.set_rng(Some(&mut rng)); + config.set_verify_callback(verify_callback); + config.set_ca_list(Some(&mut *cacert), None); + config.set_min_version(min_version)?; + config.set_max_version(max_version)?; + let mut ctx = Context::new(&config)?; + let mut conn = IoAdapter::new(conn); + + let session = ctx.establish_async(&mut conn, None).await; + + let mut session = match session { + Ok(s) => { + assert_eq!(s.version().unwrap(), exp_version.unwrap()); + s + } + Err(e) => { + match e { + Error::SslBadHsProtocolVersion => {assert!(exp_version.is_none())}, + Error::SslFatalAlertMessage => {}, + e => panic!("Unexpected error {}", e), + }; + return Ok(()); + } + }; + + let ciphersuite = session.ciphersuite().unwrap(); + session + .write_all(format!("Client2Server {:4x}", ciphersuite).as_bytes()) + .await + .unwrap(); + let mut buf = [0u8; 13 + 4 + 1]; + session.read_exact(&mut buf).await.unwrap(); + assert_eq!(&buf, format!("Server2Client {:4x}", ciphersuite).as_bytes()); + } // drop verify_callback, releasing borrow of verify_args + assert_eq!(verify_args, Some((keys::EXPIRED_CERT_SUBJECT.to_owned(), 0, expected_flags))); + Ok(()) +} + +async fn server( + conn: TcpStream, + min_version: Version, + max_version: Version, + exp_version: Option, +) -> TlsResult<()> { + let mut entropy = entropy_new(); + let mut rng = CtrDrbg::new(&mut entropy, None)?; + let mut cert = Certificate::from_pem(keys::EXPIRED_CERT)?; + let mut key = Pk::from_private_key(keys::EXPIRED_KEY, None)?; + let mut config = Config::new(Endpoint::Server, Transport::Stream, Preset::Default); + config.set_rng(Some(&mut rng)); + config.set_min_version(min_version)?; + config.set_max_version(max_version)?; + config.push_cert(&mut *cert, &mut key)?; + let mut ctx = Context::new(&config)?; + let mut conn = IoAdapter::new(conn); + + let session = ctx.establish_async(&mut conn, None).await; + let mut session = match session { + Ok(s) => { + assert_eq!(s.version().unwrap(), exp_version.unwrap()); + s + } + Err(e) => { + match e { + // client just closes connection instead of sending alert + Error::NetSendFailed => {assert!(exp_version.is_none())}, + Error::SslBadHsProtocolVersion => {}, + e => panic!("Unexpected error {}", e), + }; + return Ok(()); + } + }; + + assert_eq!(session.get_alpn_protocol().unwrap().unwrap(), None); + let ciphersuite = session.ciphersuite().unwrap(); + session + .write_all(format!("Server2Client {:4x}", ciphersuite).as_bytes()) + .await + .unwrap(); + let mut buf = [0u8; 13 + 1 + 4]; + session.read_exact(&mut buf).await.unwrap(); + + assert_eq!(&buf, format!("Client2Server {:4x}", ciphersuite).as_bytes()); + Ok(()) +} + +async fn with_client(conn: TcpStream, f: F) -> R +where + F: for <'a, 'b> FnOnce(&'a mut AsyncSession<'b>) -> Pin + Send + 'a>>, +{ + let mut entropy = entropy_new(); + let mut rng = CtrDrbg::new(&mut entropy, None).unwrap(); + let mut cacert = Certificate::from_pem(keys::ROOT_CA_CERT).unwrap(); + let verify_callback = &mut |_crt: &mut LinkedCertificate, _depth, verify_flags: &mut VerifyError| { + verify_flags.remove(VerifyError::CERT_EXPIRED); + Ok(()) + }; + let mut config = Config::new(Endpoint::Client, Transport::Stream, Preset::Default); + config.set_rng(Some(&mut rng)); + config.set_verify_callback(verify_callback); + config.set_ca_list(Some(&mut *cacert), None); + let mut ctx = Context::new(&config).unwrap(); + let mut conn = IoAdapter::new(conn); + let mut session = ctx.establish_async(&mut conn, None).await.unwrap(); + + f(&mut session).await +} + +async fn with_server(conn: TcpStream, f: F) -> R +where + F: for <'a, 'b> FnOnce(&'a mut AsyncSession<'b>) -> Pin + Send + 'a>>, +{ + let mut entropy = entropy_new(); + let mut rng = CtrDrbg::new(&mut entropy, None).unwrap(); + let mut cert = Certificate::from_pem(keys::EXPIRED_CERT).unwrap(); + let mut key = Pk::from_private_key(keys::EXPIRED_KEY, None).unwrap(); + let mut config = Config::new(Endpoint::Server, Transport::Stream, Preset::Default); + config.set_rng(Some(&mut rng)); + config.push_cert(&mut *cert, &mut key).unwrap(); + let mut ctx = Context::new(&config).unwrap(); + let mut conn = IoAdapter::new(conn); + let mut session = ctx.establish_async(&mut conn, None).await.unwrap(); + + f(&mut session).await +} + +#[cfg(unix)] +mod test { + use tokio::io::{AsyncReadExt, AsyncWriteExt}; + + #[tokio::test] + async fn client_server_test() { + use mbedtls::ssl::Version; + + #[derive(Copy,Clone)] + struct TestConfig { + min_c: Version, + max_c: Version, + min_s: Version, + max_s: Version, + exp_ver: Option, + } + + impl TestConfig { + pub fn new(min_c: Version, max_c: Version, min_s: Version, max_s: Version, exp_ver: Option) -> Self { + TestConfig { min_c, max_c, min_s, max_s, exp_ver } + } + } + + let test_configs = [ + TestConfig::new(Version::Ssl3, Version::Ssl3, Version::Ssl3, Version::Ssl3, Some(Version::Ssl3)), + TestConfig::new(Version::Ssl3, Version::Tls1_2, Version::Ssl3, Version::Ssl3, Some(Version::Ssl3)), + TestConfig::new(Version::Tls1_0, Version::Tls1_0, Version::Tls1_0, Version::Tls1_0, Some(Version::Tls1_0)), + TestConfig::new(Version::Tls1_1, Version::Tls1_1, Version::Tls1_1, Version::Tls1_1, Some(Version::Tls1_1)), + TestConfig::new(Version::Tls1_2, Version::Tls1_2, Version::Tls1_2, Version::Tls1_2, Some(Version::Tls1_2)), + TestConfig::new(Version::Tls1_0, Version::Tls1_2, Version::Tls1_0, Version::Tls1_2, Some(Version::Tls1_2)), + TestConfig::new(Version::Tls1_2, Version::Tls1_2, Version::Tls1_0, Version::Tls1_2, Some(Version::Tls1_2)), + TestConfig::new(Version::Tls1_0, Version::Tls1_1, Version::Tls1_2, Version::Tls1_2, None) + ]; + + for config in &test_configs { + let min_c = config.min_c; + let max_c = config.max_c; + let min_s = config.min_s; + let max_s = config.max_s; + let exp_ver = config.exp_ver; + + if (max_c < Version::Tls1_2 || max_s < Version::Tls1_2) && !cfg!(feature = "legacy_protocols") { + continue; + } + + let (c, s) = crate::support::net::create_tcp_pair_async().unwrap(); + let c = tokio::spawn(super::client(c, min_c, max_c, exp_ver.clone())); + let s = tokio::spawn(super::server(s, min_s, max_s, exp_ver)); + + c.await.unwrap().unwrap(); + s.await.unwrap().unwrap(); + } + } + + #[tokio::test] + async fn shutdown1() { + let (c, s) = crate::support::net::create_tcp_pair_async().unwrap(); + + let c = tokio::spawn(super::with_client(c, |session| Box::pin(async move { + session.shutdown().await.unwrap(); + }))); + + let s = tokio::spawn(super::with_server(s, |session| Box::pin(async move { + let mut buf = [0u8; 1]; + match session.read(&mut buf).await { + Ok(0) | Err(_) => {} + _ => panic!("expected no data"), + } + }))); + + c.await.unwrap(); + s.await.unwrap(); + } + + #[tokio::test] + async fn shutdown2() { + let (c, s) = crate::support::net::create_tcp_pair_async().unwrap(); + + let c = tokio::spawn(super::with_client(c, |session| Box::pin(async move { + let mut buf = [0u8; 5]; + session.read_exact(&mut buf).await.unwrap(); + assert_eq!(&buf, b"hello"); + match session.read(&mut buf).await { + Ok(0) | Err(_) => {} + _ => panic!("expected no data"), + } + }))); + + let s = tokio::spawn(super::with_server(s, |session| Box::pin(async move { + session.write_all(b"hello").await.unwrap(); + session.shutdown().await.unwrap(); + }))); + + c.await.unwrap(); + s.await.unwrap(); + } + + #[tokio::test] + async fn shutdown3() { + let (c, s) = crate::support::net::create_tcp_pair_async().unwrap(); + + let c = tokio::spawn(super::with_client(c, |session| Box::pin(async move { + session.shutdown().await + }))); + + let s = tokio::spawn(super::with_server(s, |session| Box::pin(async move { + session.shutdown().await + }))); + + match (c.await.unwrap(), s.await.unwrap()) { + (Err(_), Err(_)) => panic!("at least one should succeed"), + _ => {} + } + } +} diff --git a/mbedtls/tests/data/chain-int1.crt b/mbedtls/tests/data/chain-int1.crt index 995634bba..aede1407d 100644 --- a/mbedtls/tests/data/chain-int1.crt +++ b/mbedtls/tests/data/chain-int1.crt @@ -1,39 +1,27 @@ -----BEGIN CERTIFICATE----- -MIIGzzCCBLegAwIBAgIQZoWHPbepRCfYecs3K24LwjANBgkqhkiG9w0BAQsFADBg -MQswCQYDVQQGEwJOTDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMTEw -LwYDVQQDDChTdGFhdCBkZXIgTmVkZXJsYW5kZW4gRVYgSW50ZXJtZWRpYWlyIENB -MB4XDTE1MDMwNTAwMDAwMFoXDTIyMTIwNTIzNTk1OVowUjELMAkGA1UEBhMCTkwx -HjAcBgNVBAoMFVF1b1ZhZGlzIFRydXN0bGluayBCVjEjMCEGA1UEAwwaUXVvVmFk -aXMgUEtJb3ZlcmhlaWQgRVYgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQDbVZ64lpUM4W3Y99gDgvHNhmKSbILLYyLJ1Aws+DklXLkTnrjYhe1tZ6ev -q+mf7Q9K+kHmbi85g02yGgGD1/6NRs1PePkykoZ7NbZysLvemGcBAG1Qu1xM7V5g -Xu4iXJNr2MWQ03ey8l4UeKIlPLXlNNBR9y5+eD2p66oXIzxs9oglIt/lfazMpgBv -OfYjwRY6ZwVIkCga1QM7HaafTKKBXY6dF9NlkMbEjMLr4ZtkmD11lHIAeTWi+nDA -QlPp7m1CcPcNhgs0EfHUZ16uxyMysEFncdIuGxdLPYBM92/Dk0Fdf6IKZJ/DUHg9 -Rxk1nU5Lg/hAy+IDw39Ph90XOIQNVL/FY3dNijwvrSOOw1GOc+nBPsgwakq12FMK -3KPZePpiSvz4cExS+UkAoKL+R6m9t5Y5R/iyyP0vUqiHwzwS0d0EICORfIBuc/5h -KqPoGiMkDdAHDLW7sryMHxow8jHrtKX4AKhYOYLx8+ICQVPVlESiZJmBpQpeFCCX -lNV8KYLOlzLlToK3jQnYEJHYSBAyMxw8qOrUBeAeUVGEKWGiEExV1QvINqY2Je8/ -sGzxCTywh7U6eanhk3kBSjm7XEtUaZRgWESu8XT/2Prx8nwo7Qg2ceZt7GyFoRC3 -lkjninibjU/FVLNxVDzoJWVluwMLfQ/q/e8Ypqv2qA7PeG14yQIDAQABo4IBkTCC -AY0wEgYDVR0TAQH/BAgwBgEB/wIBADBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8v -Y3JsLnBraW92ZXJoZWlkLm5sL0VWSW50ZXJtZWRpYWlyTGF0ZXN0Q1JMLmNybDAO -BgNVHQ8BAf8EBAMCAQYwQAYDVR0gBDkwNzA1BglghBABh2sBAgcwKDAmBggrBgEF -BQcCARYaaHR0cHM6Ly9jcHMucGtpb3ZlcmhlaWQubmwwHQYDVR0OBBYEFJT/524L -qW/j4ZFZyghezbfFCDxpMB8GA1UdIwQYMBaAFCWA69ifpsMRQTfHeFmIHmnvsdPq -MCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwkwdAYIKwYB -BQUHAQEEaDBmMCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2lvdmVyaGVpZC5u -bDA8BggrBgEFBQcwAoYwaHR0cHM6Ly9jZXJ0LnBraW92ZXJoZWlkLm5sL0VWSW50 -ZXJtZWRpYWlyQ0EuY2VyMA0GCSqGSIb3DQEBCwUAA4ICAQBG13UeK3Vqtf6oKaKq -rWB4eq/vW0cXwwha4dt/pZvbctUIVh8bmI7MUG3Y+aRijIGX9VVRFcHHtZpf3agl -mmTC0A81m9OdS7E4fOeDNkobQVbn1QIf/w4sY+IWL+lz0Zz+WYYI6t0HdbKB+lM2 -PqQ+gyn59z5D6Y9dH4Ad5PTGSIMb/KBuYtIjybOEs2ojSkjQjY+gP+FWQ4sT23Bx -5krw9DfQ0P7AYqiiwJxeUJQakJnVKGPvi+klNo8Bz8pRcNIlcKeP8rcThtSlc2Pq -S0HnUdPMh2xMXLz2a86D5CUIePQ8bUFlHcDD/ZbkOwlS7b32Ir9VlFTcGislMew+ -FcfI9HSxxDDUIgvYoidUCfNTGtdlm5BrrojsWlbHmqkeIZjw2cAot7TBx2HPOht6 -x7F1nqYu67hgkaKkSPzcmpPPxJm4Zij4sAtlWbkbm4go51II3llIyYZ9oU14lwnh -majXgGrGjne8ImxgwDwiRGC9ncLOaecRiJ8N4yFvQagHh0wjAybA5de5BdgleTht -8TtMnGOu0nrokTg3mxTl6M/X6E2lX/5SCW3aDpUvZxdDxr3K+OeueN3qRXAMG3dm -3IjbWjDBFOP7sARzw7Mh9OjqOWhuZyBpFrw+WsNp76RiOuhKrowBv2GrdP1ISC4h -K9QIuNKeITRwULvrY75Z565vAg== ------END CERTIFICATE----- +MIIEkjCCA3qgAwIBAgITBn+USionzfP6wq4rAfkI7rnExjANBgkqhkiG9w0BAQsF +ADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNj +b3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4x +OzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1 +dGhvcml0eSAtIEcyMB4XDTE1MDUyNTEyMDAwMFoXDTM3MTIzMTAxMDAwMFowOTEL +MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv +b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj +ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM +9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw +IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6 +VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L +93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm +jgSubJrIqg0CAwEAAaOCATEwggEtMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ +BAQDAgGGMB0GA1UdDgQWBBSEGMyFNOy8DJSULghZnMeyEE4KCDAfBgNVHSMEGDAW +gBScXwDfqgHXMCs4iKK4bUqc8hGRgzB4BggrBgEFBQcBAQRsMGowLgYIKwYBBQUH +MAGGImh0dHA6Ly9vY3NwLnJvb3RnMi5hbWF6b250cnVzdC5jb20wOAYIKwYBBQUH +MAKGLGh0dHA6Ly9jcnQucm9vdGcyLmFtYXpvbnRydXN0LmNvbS9yb290ZzIuY2Vy +MD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwucm9vdGcyLmFtYXpvbnRydXN0 +LmNvbS9yb290ZzIuY3JsMBEGA1UdIAQKMAgwBgYEVR0gADANBgkqhkiG9w0BAQsF +AAOCAQEAYjdCXLwQtT6LLOkMm2xF4gcAevnFWAu5CIw+7bMlPLVvUOTNNWqnkzSW +MiGpSESrnO09tKpzbeR/FoCJbM8oAxiDR3mjEH4wW6w7sGDgd9QIpuEdfF7Au/ma +eyKdpwAJfqxGF4PcnCZXmTA5YpaP7dreqsXMGz7KQ2hsVxa81Q4gLv7/wmpdLqBK +bRRYh5TmOTFffHPLkIhqhBGWJ6bt2YFGpn6jcgAKUj6DiAdjd4lpFw85hdKrCEVN +0FE6/V1dN2RMfjCyVSRCnTawXZwXgWHxyvkQAiSr6w10kY17RSlQOYiypok1JR4U +akcjMS9cmvqtmg5iUaQqqcT5NJ0hGA== +-----END CERTIFICATE----- \ No newline at end of file diff --git a/mbedtls/tests/data/chain-int2.crt b/mbedtls/tests/data/chain-int2.crt index de4b3bbd1..baddc4e08 100644 --- a/mbedtls/tests/data/chain-int2.crt +++ b/mbedtls/tests/data/chain-int2.crt @@ -1,38 +1,26 @@ -----BEGIN CERTIFICATE----- -MIIGtjCCBJ6gAwIBAgIEAJiY6DANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTAeFw0xNDAyMjcxMDEzMzNaFw0y -MjEyMDYyMzAwMDBaMGAxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIg -TmVkZXJsYW5kZW4xMTAvBgNVBAMMKFN0YWF0IGRlciBOZWRlcmxhbmRlbiBFViBJ -bnRlcm1lZGlhaXIgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC5 -Rzy6N7i3d9dae5wh792y9H+4DvtSgoZFO9PdtH+EXv1eGzfSmibssm+Z/azvJCSe -6UsfgCJDuznSHJs65he19XqqsOEnZtmlpb1YzHIKYLQs6KNoh2Nlfhl8X1KTrmNl -so19ltcC26uqzERSKe+poM20JOjItX3UHacawphbHSvRDg9ksMyw9v3RHim2hZUu -AaPNRnKI0QHIdF3cNldy7h/qY7tZj5FDKOSyz3Yl0bt/3XgzUoEQqq6SZZcqvgLN -41gsretJvEoTmg1pZ2LLrhVFLaGwW3NWZ139NVsw2Vc/6gX9t7FRkJZIu21C9o6x -EC2agJ98DjvDqJ6tpqdmmpbZYnRijAHApDYcdqiOOeJjshO0MU3Qr0T6fOdFeEgC -2MuTGrFmgqWuOM89zh6MTa5dGlpAY1cdAY114BsFxzbSgylhE2PowjHWt9qZDBP+ -mFR0sY0KWJfKHUPAoNdlQpsuQxBaqIKYPzVrpBKAbKRt2ieHWh+oN2ml552Fj/Db -naTN7eg9WxZkaRYkXIBFHBlcI6VRD5od7DwFE72Tg3kdKY76DPE7GJqoJOWRtAPd -n0h2qTjWDZlb/Vi2GfAFlKwbv/NEBcPOxZvT1cX6U+QjJNfxxpl+tDhSKcJC0nQS -gRgaWIdthEB7p95mHCnd+aPyaxr7THNWnrunmcgeCQIDAQABo4IBfjCCAXowDwYD -VR0TAQH/BAUwAwEB/zBABgNVHSAEOTA3MDUGCWCEEAGHawECBzAoMCYGCCsGAQUF -BwIBFhpodHRwczovL2Nwcy5wa2lvdmVyaGVpZC5ubDAiBgNVHREEGzAZpBcwFTET -MBEGA1UEAwwKUEtJbzQwOTYtMTBxBggrBgEFBQcBAQRlMGMwLAYIKwYBBQUHMAGG -IGh0dHA6Ly9ldnJvb3RvY3NwLnBraW92ZXJoZWlkLm5sMDMGCCsGAQUFBzAChido -dHRwOi8vY2VydC5wa2lvdmVyaGVpZC5ubC9FVlJvb3RDQS5jZXIwDgYDVR0PAQH/ -BAQDAgEGMB8GA1UdIwQYMBaAFP6rAJCYniT8qcwaivsnuL8wbqg7MD4GA1UdHwQ3 -MDUwM6AxoC+GLWh0dHA6Ly9jcmwucGtpb3ZlcmhlaWQubmwvRVZSb290TGF0ZXN0 -Q1JMLmNybDAdBgNVHQ4EFgQUJYDr2J+mwxFBN8d4WYgeae+x0+owDQYJKoZIhvcN -AQELBQADggIBADBPL5cBEhj13IZtpnvYecm6p+vyfDKElr5zsIcodEp3NPNQp3Jr -Hu0gO7Kend+bLK9TbP+SSEnqrDzA+2shxvrPbYu1K/5z7T2AVpegXJ/RlXIijU5H -MJB3njUik533OSQmHVp9M0ukMGTbkqeG11vH3l0TvF5IstSXebwXc2882B5LcVSw -mJsDNNb6OlIBZcOJ8YosHg/68fgSmYYBvfzqCXTpHQxrYJY54JSauudrgMYE1dFw -Fcx9qAl9uCsRF3MqkccNfIlp04fPc25CysKYrRH68bbMSa89Y40Pbm0U8T+wWXa9 -NuH4a1WMdC96cQRnKlKbtxqeaCC+0timmFwFrkzj7Umg8DTNMfWHQL2ZquHJpeL5 -RrvhBoG5DyWGnmPJIMwEvLyT6rmMHzvbeJRqyGZ/WCOWPUheH4YL3TElhNOww/H8 -toqa0ywsdQN9vQJHla6ZpIFYFhU+TBFleTznoqXAAcuq6uElZq2eT9pQuYtezcTw -vBbcuO/Rg1/MaaCW3wg4MlJ8mOpKk8i/pWNqQ87yCbfKNbJtmlqVDslhugKYTqGy -1yj/aNVFFpI4gbEUXFC7qiu3pQK3tX77Fx66dK8S+Ni8HuaUVfIXJD15durfhGe0 -RpNCkC7QKfTKpoXoS8wr26lvWCCPtghUMuXUzRvqKm7aF0JepBqDK9x/ ------END CERTIFICATE----- +MIIEdTCCA12gAwIBAgIJAKcOSkw0grd/MA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV +BAYTAlVTMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTIw +MAYDVQQLEylTdGFyZmllbGQgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 +eTAeFw0wOTA5MDIwMDAwMDBaFw0zNDA2MjgxNzM5MTZaMIGYMQswCQYDVQQGEwJV +UzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTElMCMGA1UE +ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjE7MDkGA1UEAxMyU3RhcmZp +ZWxkIFNlcnZpY2VzIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVDDrEKvlO4vW+GZdfjohTsR8/ +y8+fIBNtKTrID30892t2OGPZNmCom15cAICyL1l/9of5JUOG52kbUpqQ4XHj2C0N +Tm/2yEnZtvMaVq4rtnQU68/7JuMauh2WLmo7WJSJR1b/JaCTcFOD2oR0FMNnngRo +Ot+OQFodSk7PQ5E751bWAHDLUu57fa4657wx+UX2wmDPE1kCK4DMNEffud6QZW0C +zyyRpqbn3oUYSXxmTqM6bam17jQuug0DuDPfR+uxa40l2ZvOgdFFRjKWcIfeAg5J +Q4W2bHO7ZOphQazJ1FTfhy/HIrImzJ9ZVGif/L4qL8RVHHVAYBeFAlU5i38FAgMB +AAGjgfAwge0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0O +BBYEFJxfAN+qAdcwKziIorhtSpzyEZGDMB8GA1UdIwQYMBaAFL9ft9HO3R+G9FtV +rNzXEMIOqYjnME8GCCsGAQUFBwEBBEMwQTAcBggrBgEFBQcwAYYQaHR0cDovL28u +c3MyLnVzLzAhBggrBgEFBQcwAoYVaHR0cDovL3guc3MyLnVzL3guY2VyMCYGA1Ud +HwQfMB0wG6AZoBeGFWh0dHA6Ly9zLnNzMi51cy9yLmNybDARBgNVHSAECjAIMAYG +BFUdIAAwDQYJKoZIhvcNAQELBQADggEBACMd44pXyn3pF3lM8R5V/cxTbj5HD9/G +VfKyBDbtgB9TxF00KGu+x1X8Z+rLP3+QsjPNG1gQggL4+C/1E2DUBc7xgQjB3ad1 +l08YuW3e95ORCLp+QCztweq7dp4zBncdDQh/U90bZKuCJ/Fp1U1ervShw3WnWEQt +8jxwmKy6abaVd38PMV4s/KCHOkdp8Hlf9BRUpJVeEXgSYCfOn8J3/yNTd126/+pZ +59vPr5KW7ySaNRB6nJHGDn2Z9j8Z3/VyVOEVqQdZe4O/Ui5GjLIAZHYcSNPYeehu +VsyuLAOQ1xk4meTKCRlb/weWsKh/NEnfVqn3sF/tM+2MR7cwA130A4w= +-----END CERTIFICATE----- \ No newline at end of file diff --git a/mbedtls/tests/data/chain-leaf.crt b/mbedtls/tests/data/chain-leaf.crt index 9b3faf34a..58fb8fba7 100644 --- a/mbedtls/tests/data/chain-leaf.crt +++ b/mbedtls/tests/data/chain-leaf.crt @@ -1,54 +1,26 @@ -----BEGIN CERTIFICATE----- -MIIJlzCCB3+gAwIBAgIUOHosAq1Jp+VCjT1pRN95TGwwOrUwDQYJKoZIhvcNAQEL -BQAwUjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVF1b1ZhZGlzIFRydXN0bGluayBC -VjEjMCEGA1UEAwwaUXVvVmFkaXMgUEtJb3ZlcmhlaWQgRVYgQ0EwHhcNMTkwMzI1 -MDczOTIzWhcNMjEwMzI1MDc0OTAwWjCB3DERMA8GA1UEBRMIMjczNjU5MzIxEzAR -BgsrBgEEAYI3PAIBAxMCTkwxGjAYBgNVBA8MEUdvdmVybm1lbnQgRW50aXR5MQsw -CQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMRYwFAYDVQQHDA0ncy1H -cmF2ZW5oYWdlMScwJQYDVQQLDB5EaWVuc3QgUHVibGllayBlbiBDb21tdW5pY2F0 -aWUxFjAUBgNVBAoMDVJpamtzb3ZlcmhlaWQxGTAXBgNVBAMMEHJpamtzb3Zlcmhl -aWQubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+sblYOMViTpph -pjAWJTTGPQlPYk7eA5dxAkPnViIpSZQf2qEXAhlMevdQFzJ4pDBQXgft2DE8mqnl -kyP+9AwHEGPYR57GJ2j+Gjs2maz1af3RTAvqPEHoTLytE4hnpj0TKICqvmPz9t2u -rjB4x/66z/e4uy/vIq6O+FKEBRgK9wKlc1U+KmWvD9ZUwLdkBhUEVjagEcfZo5c+ -2APooCj4vWiPFrEEKt2vVZCcg896HJx3+df38H6oRrVxumJ26pkpXh/4qcHAT1oD -VYrfFhy5ZNIAWEfCsWoOOGlnfba1BKK4JFsiYOwF0mxfIPA3hATI75zQoKe+xi7C -VFm785DLAgMBAAGjggTYMIIE1DAfBgNVHSMEGDAWgBSU/+duC6lv4+GRWcoIXs23 -xQg8aTB0BggrBgEFBQcBAQRoMGYwOAYIKwYBBQUHMAKGLGh0dHA6Ly90cnVzdC5x -dW92YWRpc2dsb2JhbC5jb20vcGtpb2V2ZzIuY3J0MCoGCCsGAQUFBzABhh5odHRw -Oi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20wggFcBgNVHREEggFTMIIBT4IQcmlq -a3NvdmVyaGVpZC5ubIIUd3d3LnJpamtzb3ZlcmhlaWQubmyCGm1hZ2F6aW5lcy5y -aWprc292ZXJoZWlkLm5sgiBtYWdhemluZXNpbnRlcm4ucmlqa3NvdmVyaGVpZC5u -bIIZb3BlbmRhdGEucmlqa3NvdmVyaGVpZC5ubIIWZmVlZHMucmlqa3NvdmVyaGVp -ZC5ubIIXc3RhdGljLnJpamtzb3ZlcmhlaWQubmyCDWdvdmVybm1lbnQubmyCEXd3 -dy5nb3Zlcm5tZW50Lm5sghdtYWdhemluZXMuZ292ZXJubWVudC5ubIIdbWFnYXpp -bmVzaW50ZXJuLmdvdmVybm1lbnQubmyCFm9wZW5kYXRhLmdvdmVybm1lbnQubmyC -E2ZlZWRzLmdvdmVybm1lbnQubmyCFHN0YXRpYy5nb3Zlcm5tZW50Lm5sMGIGA1Ud -IARbMFkwQwYJYIQQAYdrAQIHMDYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cucXVv -dmFkaXNnbG9iYWwuY29tL3JlcG9zaXRvcnkwCQYHBACL7EABBDAHBgVngQwBATAd -BgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwagYIKwYBBQUHAQMEXjBcMAgG -BgQAjkYBATATBgYEAI5GAQYwCQYHBACORgEGAzA7BgYEAI5GAQUwMTAvFilodHRw -czovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeRMCZW4wOwYDVR0f -BDQwMjAwoC6gLIYqaHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcGtpb2V2 -ZzIuY3JsMB0GA1UdDgQWBBTvewnc+bh3X8AoWu/4ZySn3sGRDjAOBgNVHQ8BAf8E -BAMCBaAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AKS5CZC0GFgUh7sTosxn -cAo8NZgE+RvfuON3zQ7IDdwQAAABabPTUWkAAAQDAEcwRQIgSwuOamzkTIIlaaKW -ba3LZBOUgSo5uZfqejrnylxm5/ICIQDvum3aJYIzSEdZ3fMGf3Bkhm/ohCicgqjo -b3BOp/4eWgB3AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAABabPT -UxUAAAQDAEgwRgIhAMjMbiujCDPqEtQfTwTvlHnrB1x6A7mZcS1DO2R5rwwIAiEA -pCLD+FavmolFxSs1JW6dO4knCz0zOYyM6KcUFfnOkLwAdQBvU3asMfAxGdiZAKRR -Ff93FRwR2QLBACkGjbIImjfZEwAAAWmz01CtAAAEAwBGMEQCIAUTeMObhuSCjri0 -rAWlOX3hY5fMsRlOXd5xJUxd4m5ZAiBX6lyMYcaCVCtktHwav8qArzI/CbzfSFGp -HJVyiUeYTzANBgkqhkiG9w0BAQsFAAOCAgEAOYgSuA2nubwX63cRSDGbdswvT//m -bXVHg+9+NQKXNuBNirn0OZAZzSTCjXrivHpLKLg9QOWLBN9bWeBal606mOQD15tZ -rkGvQNApJbBW+aTjeNfMsbytmb70+CdbeGghTQAglcllaRFLJDiRWLo8ZFZvq8GP -4GG8wL0pyeWr6O7ppLm45YsFk/SdNc3A39vb1QNi/TCetc5j+65CuM1CsLodq/hf -+UIsZud3CMnmJik+fHDvl4/voL0yVc3eY9uGZf97uHGXeTeHYX+T+iO9Jc52EENc -IJEALS9sarhUOBX9PXPr9J4JnljlNeU5EtBtJoGKv1itMu8Kq387lSHug9WxGZwy -9o83YC5QVkso3Sy4mpZA6/XjbAeb1qRq8Z8YNox0YcyfvAufiKZd4A5QXiKStoye -LspQoQQL3hlgaaNfQwX36kBcGTsTE/R5xpCseZ9YxA0DVp0Rs0IySpr3ndXo29MH -9wg1rmfdoNahbcb5hn/sPBXaG4GgGtk6/ZWcrnhN204NjjJG6drpLRgNckQQsH+p -4GQN8EXO/XeKh1it+CD3yMvxK7NJa+GlvRr+hsSW1KfUkfknjYtFfevwKZqigHIe -MNlgHGBoWSzQy5oH6hNeZVvPOurxnqB/OHZnS3/r4CbhPvKxMPV2TWLHE7GV3xxp -vpSQUu/qah6p6VA= ------END CERTIFICATE----- +MIIEXjCCA0agAwIBAgITB3MSSkvL1E7HtTvq8ZSELToPoTANBgkqhkiG9w0BAQsF +ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 +b24gUm9vdCBDQSAxMB4XDTIyMDgyMzIyMjUzMFoXDTMwMDgyMzIyMjUzMFowPDEL +MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEcMBoGA1UEAxMTQW1hem9uIFJT +QSAyMDQ4IE0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALtDGMZa +qHneKei1by6+pUPPLljTB143Si6VpEWPc6mSkFhZb/6qrkZyoHlQLbDYnI2D7hD0 +sdzEqfnuAjIsuXQLG3A8TvX6V3oFNBFVe8NlLJHvBseKY88saLwufxkZVwk74g4n +WlNMXzla9Y5F3wwRHwMVH443xGz6UtGSZSqQ94eFx5X7Tlqt8whi8qCaKdZ5rNak ++r9nUThOeClqFd4oXych//Rc7Y0eX1KNWHYSI1Nk31mYgiK3JvH063g+K9tHA63Z +eTgKgndlh+WI+zv7i44HepRZjA1FYwYZ9Vv/9UkC5Yz8/yU65fgjaE+wVHM4e/Yy +C2osrPWE7gJ+dXMCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYD +VR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNV +HQ4EFgQUwDFSzVpQw4J8dHHOy+mc+XrrguIwHwYDVR0jBBgwFoAUhBjMhTTsvAyU +lC4IWZzHshBOCggwewYIKwYBBQUHAQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8v +b2NzcC5yb290Y2ExLmFtYXpvbnRydXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDov +L2NydC5yb290Y2ExLmFtYXpvbnRydXN0LmNvbS9yb290Y2ExLmNlcjA/BgNVHR8E +ODA2MDSgMqAwhi5odHRwOi8vY3JsLnJvb3RjYTEuYW1hem9udHJ1c3QuY29tL3Jv +b3RjYTEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA0GCSqGSIb3DQEBCwUAA4IB +AQAtTi6Fs0Azfi+iwm7jrz+CSxHH+uHl7Law3MQSXVtR8RV53PtR6r/6gNpqlzdo +Zq4FKbADi1v9Bun8RY8D51uedRfjsbeodizeBB8nXmeyD33Ep7VATj4ozcd31YFV +fgRhvTSxNrrTlNpWkUk0m3BMPv8sg381HhA6uEYokE5q9uws/3YkKqRiEz3TsaWm +JqIRZhMbgAfp7O7FUwFIb7UIspogZSKxPIWJpxiPo3TcBambbVtQOcNRWz5qCQdD +slI2yayq0n2TXoHyNCLEH8rpsJRVILFsg0jc7BaFrMnF462+ajSehgj12IidNeRN +4zl+EoNaWdpnWndvSpAEkq2P +-----END CERTIFICATE----- \ No newline at end of file diff --git a/mbedtls/tests/data/chain-root.crt b/mbedtls/tests/data/chain-root.crt index 315f66589..5c99f16d0 100644 --- a/mbedtls/tests/data/chain-root.crt +++ b/mbedtls/tests/data/chain-root.crt @@ -1,32 +1,30 @@ -----BEGIN CERTIFICATE----- -MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0y -MjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIg -TmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRlcmxhbmRlbiBFViBS -b290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkkSzrS -M4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nC -UiY4iKTWO0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3d -Z//BYY1jTw+bbRcwJu+r0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46p -rfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13l -pJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gVXJrm0w912fxBmJc+qiXb -j5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr08C+eKxC -KFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS -/ZbV0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0X -cgOPvZuM5l5Tnrmd74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH -1vI4gnPah1vlPNOePqc7nvQDs/nxfRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrP -px9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwaivsnuL8wbqg7 -MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI -eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u -2dfOWBfoqSmuc0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHS -v4ilf0X8rLiltTMMgsT7B/Zq5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTC -wPTxGfARKbalGAKb12NMcIxHowNDXLldRqANb/9Zjr7dn3LDWyvfjFvO5QxGbJKy -CqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tNf1zuacpzEPuKqf2e -vTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi5Dp6 -Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIa -Gl6I6lD4WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeL -eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8 -FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc -7uzXLg== +MIIFEjCCBHugAwIBAgICAQwwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1Zh +bGlDZXJ0IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIElu +Yy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24g +QXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAe +BgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTA0MDYyOTE3MzkxNloX +DTI0MDYyOTE3MzkxNlowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0YXJmaWVs +ZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBDbGFzcyAy +IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0A +MIIBCAKCAQEAtzLI/ulxpgSFrQwRZN/OTe/IAxiHP6Gr+zymn/DDodrU2G4rU5D7 +JKQ+hPCe6F/s5SdE9SimP3ve4CrwyK9TL57KBQGTHo9mHDmnTfpatnMEJWbrd3/n +WcZKmSUUVOsmx/N/GdUwcI+vsEYq/63rKe3Xn6oEh6PU+YmlNF/bQ5GCNtlmPLG4 +uYL9nDo+EMg77wZlZnqbGRg9/3FRPDAuX749d3OyXQZswyNWmiuFJpIcpwKz5D8N +rwh5grg2Peqc0zWzvGnK9cyd6P1kjReAM25eSl2ZyR6HtJ0awNVuEzUjXt+bXz3v +1vd2wuo+u3gNHEJnawTY+Nbab4vyRKABqwIBA6OCAfMwggHvMB0GA1UdDgQWBBS/ +X7fRzt0fhvRbVazc1xDCDqmI5zCB0gYDVR0jBIHKMIHHoYHBpIG+MIG7MSQwIgYD +VQQHExtWYWxpQ2VydCBWYWxpZGF0aW9uIE5ldHdvcmsxFzAVBgNVBAoTDlZhbGlD +ZXJ0LCBJbmMuMTUwMwYDVQQLEyxWYWxpQ2VydCBDbGFzcyAyIFBvbGljeSBWYWxp +ZGF0aW9uIEF1dGhvcml0eTEhMB8GA1UEAxMYaHR0cDovL3d3dy52YWxpY2VydC5j +b20vMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHZhbGljZXJ0LmNvbYIBATAPBgNVHRMB +Af8EBTADAQH/MDkGCCsGAQUFBwEBBC0wKzApBggrBgEFBQcwAYYdaHR0cDovL29j +c3Auc3RhcmZpZWxkdGVjaC5jb20wSgYDVR0fBEMwQTA/oD2gO4Y5aHR0cDovL2Nl +cnRpZmljYXRlcy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5L3Jvb3QuY3Js +MFEGA1UdIARKMEgwRgYEVR0gADA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY2VydGlm +aWNhdGVzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkwDgYDVR0PAQH/BAQD +AgEGMA0GCSqGSIb3DQEBBQUAA4GBAKVi8afCXSWlcD284ipxs33kDTcdVWptobCr +mADkhWBKIMuh8D1195TaQ39oXCUIuNJ9MxB73HZn8bjhU3zhxoNbKXuNSm8uf0So +GkVrMgfHeMpkksK0hAzc3S1fTbvdiuo43NlmouxBulVtWmQ9twPMHOKRUJ7jCUSV +FxdzPcwl -----END CERTIFICATE----- diff --git a/mbedtls/tests/support/keys.rs b/mbedtls/tests/support/keys.rs index 86d0d212b..7dc782c1e 100644 --- a/mbedtls/tests/support/keys.rs +++ b/mbedtls/tests/support/keys.rs @@ -82,200 +82,252 @@ d1SSYr2U5pj0tNqbDQ== -----END CERTIFICATE-----\0"; pub const PEM_KEY: &'static [u8] = b"-----BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDf0mY6AeM8WjsY -LQowunPPGPLcFFLTaDSbvg9l9b46BBJnodAggMen78g22RO5GneaU1R1nYmnqaHV -s03+BnLhimtKj9I8IrQ7qgaKq2g8WE/bGkHeCK4fLT2p6A0DtleonsCU+fRBccAu -qa8vhFj6MdVLis3euseWvsk6uHe8m5IAY6InKPtCOJvuAcWTT5mQ0nSGaYHzADRr -02Qi7f8eIMqaqLRx///LLLLnCSYDMA/mMm2IrMLUQrfgLcNmFEHtCYS7PJzE0UF6 -kRAac9udISE6TbIqK+D4TbI4jBJRBasdGZk/OLUFupaSeWM9ve8QHlF63VZfg677 -3YX66iSfAgMBAAECggEAL/Pq9Picj7yhNo/HxCLeVvt4ZNBx4ltMEiYJNIYO6G0g -6FURuzT8Ea3czmt5v0m9YDIEQWKsMGC2jItq5UbKbCn0zLe9iibBSJsn5aPNpEgj -a8TXYdOoQoO112YhC6+QXk8M4Z4fx7mwPA8cumh3i7sLgLDPZK3Nvy1G/a6x8JVZ -g3W1Oyrbn29z1XANTAj2Q0NrdTogKUgNOLYRWB9SeONCnWQmxtzx3jlUIGSn5J9T -RBQo5ZIhRqOOe8Td3coU+OJ+Z2g7XETTlU3hYmi70/PeXaRxq3k9sX95LtnjgduK -r2H0KNxyhCmC8cdXL5ogBfnnLColW4Ya1/vyN7sAIQKBgQDwPYJcz3636j8xh1Pt -U4kxfA4ozqDOXK6jnl6ujhYfwhAghEEFqV2yWYkQbLkkQu2ewRuQxNYLCT+O6WBH -DF8uoYBtbdH47MLM+TuLUnglHEC1qwwaO62Eb+2cn5f1i5Z/mLQOG3uxlnSPbIC5 -2mEpKmWqdFJAGwOF3/rbVr+88QKBgQDugSqpXgIg4RR3rRzUZog/ReieoG+cf2WO -rHfmIXBSACktfoQMlrgO/sD2zq1sjQXSUNbQCzMV7kIrLrb+Y7xtZljFJj3wSG/k -LQBJy1qk7uVfoFfndmYgrkb7+aNkMR0KrqEZPuS3bmXcD2BUzzgYsD9LoC5nD55U -EAnKGRE6jwKBgQCmtpiLnXZbXJQj47xrGig/jc4ppVJUQl7yrkkYKwPRYBNe7UhO -DH038gg6vKgyMLvDClD9woqit/VCUFN+mmhG7M45ohcu/eYk5ePbSAyV/CgvqZZJ -chZ0rFOg9+M1A3wZ6bcxfwL0dutGSE6AKrp4HbLVeclGMTjdo1Pq+CUwkQKBgQDU -MWEGTFgybm4qR38lzY8cVBMwxeZm4sU1GWaW/VsT6Ya5Lh1HofRhiu+c5aZPtGvg -gQGNGNm7gj2mc6plS9DBuFP0GyDyHVBHPm5KOT0NDmpOGLb8fE9Cdis7VQ+0PSns -bg9wCY+tTvAayCdZbP8on+3AV+PQ14lyms5K2uCEKwKBgQCrpoMycTrB2KOczWNp -kZouBK4tU5rGjBj3/0p+wHszyCOtiX5sdBT66eRHYY/t9YcOTWA8w3OO/8sj4X4d -nMsuXM/jD/NWW9JD9+vPUQz4db5evhQBNIkOG4FIRnSh15pDIcEeLxEamNV82fRS -26jlsLNCILTT9RsfswR3U+1GuA== +MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQCsCa0vVpuc9PQt +tBXtXuvnrOybPMdQpErrwXFCFknwzia+HqG6x8gpbG+F5Kq2f5eF5EVckHC1OJYt +vH7pXu/DiLT3FFNQgU7ClrRX1Ju6pZvRR5gU8l7r0dOJn8xIp+QhHwLORsCZaXrv +orz38S8IPHn9SZXPRPACrb5jejwHovPwOqoxHEAGWNHbeBPvB73+UlQ1/YQyFwAZ +7LQUvK5yJ2ItNeta795XGNPzMPQ7bSSHIpwRib0XV40nhULDh9r+1R8qyc8fgGE5 +zrFOOn4Mli5/Anm9AhT8EZ5wVt+cuKl+jZ/IctMbTmGMwmIFQx7Yf8MyIPdLHiGa +XDwJOPStSCluV5W40xFaUPwYX5HvYjmLY9Y1dMMyTRvoWZXuBw2HIh1ZsHfJMX0f +aMFf+FAVYRuo7V1K1Wwn0me15qVw7vua4ekqAdRSSSCTjzVSQbEkFCHD6NPQCLOf +z0SKRtZPtQNm7qHdm6grPA/uGXQ9fEDMGCzj6I5ovMKxkRXP1vqnj7RRXarS1vcM +NKPDuzUXaWsDLdz90vPCOMxNusrhFO3u8TiMWUZ5K2S9t+9MYMzrjSl5Ot0e7+Fx +tWzW50FT28PEEMWiH2mLaZPrFEWKbMiYxOMFM80CGlnKS/3zNp/m/4I7VtgKlURs +nMla8LDX/ZV2Jae+HGneNLmknKwr4wIDAQABAoICABzSsjVQKVouoApYNaRDVvrF +ug54LFySagr9qeAMo+64Wz1XHHmSpzJpfHXOTdutnNFN4WEUwg1aoa6f+hNXWIxG +ByuuOBcw0uU/Io/kiwLGZEi32f8IbGbODMbuAufZWRtDetDcgcAyL+qeNVLFEcAr +gbSx82t6fUu1mERKYmxVHNGOwpzfwspNbzt57r0JaweE+57gDpnlyJqPUcx3oDJ3 +7rbsZbYiofmtqzT/aqvaKViKr+MwVIHopTmN1hW0WTiAtGwSy6TXeXKZ8pLMsfmh +38Bfxc2o36MrwIPJykUTmzIcwDxxIHVeuHFAz/NZv30+SpHHfCcVsUOPWG+jHzry +gV6eoI1pkZGpEllLdlBuOomlkVBRXMCvKOqwnWPeggwhFKHn+NSLETflz7zTQNnq +L/hfVdwK5XkuWMCRzYZ+uXEbBsieGbBtWt9bA0OBtnm9tywikD/o3xS8uINqauc4 +figXwfjdqiEsQYmcr1K2Rh7d5mlmc+kZ43gYkZtvM1ZGwJPDsbp+H8gVNrpsTVDe +QM5xGCK2rv2/fOypBkfBweFULNdsFKCHAyAgRRLkd42CXObl2zugFBPAt6kRp+sy +rE33cvAoVu5ir3Oevp2rcsLdTSpChoNYXkFRXSaBQeACMhrFrYGUvhvQ0zR+LFEx +l1Rme+mUxcCNxmZY3VBhAoIBAQDeB4YbUB/QrRmDDSsk7242vR3HPpSNBDQYRoCL +Bm0QRCEMntU55WhclEEWn6MhylPnSHo97sDx1S5Pc0yLkY+4lF8gJioZ09aHrNeV +ok7mH4DTFz6LA+aCFWIMMgjC3WNiccWtBFJjHKXEMV0hD1i6K5PEwClUV1GLUFlS +3DgrYUmBZjHQJJyK57PNtCxU4GTnM+hEEzMont/QV6LDthut+THsC3T782FOyFBL +F7In0RY0sjQqxnOUWVMARTwWa95u2xb877DHbCLxvz22WyIbUX7Zvi4Zw0k28c+b +S/y0aVo2spvVRh8GWOayWDiZaWfn3QsobcF5qB5F/v4seiBlAoIBAQDGXBNSZNbK +pUYPB2YlSYldN8qXBVomw+NZcpl6n9Ak/80oOMg/23uBriNzD61JeTtL5ZaX+KwB +NhNBcNimMl50nAXXZpY4tjBsajSESOfStaYkBAr33pb21YHYxde2jwjH86IND8X7 +wzmXg8fBcR/w+Tcc7kiwEcv7tx/psPc+U5L6p2h5555JNYfZNSwUXGkfadKXkNBh +vDT6oDeOd7PGaqQSXleZeff5n4Zu3a8Ttz2ozNp+vTKxzfnZ6bs9XbE8/A8xeLEC +xWNk8wbAoFlZMiC5nzVNUC77bhhbHiXsDgud9IgaUvySkHzk9l9k+C5ijgf/XTzg +UwTFEOnKG0KnAoIBADCDlFoDd/Aw4pIwHm1Do+FyET+n/O2TLY7gWNYH4Wzcdhw7 +2Ht+FP+lpVM8LnkDrLGstIkz0hUFb8kMeH1GoRDD2sU7kZdzIj0jFzgq7vJ5j7yQ +J6pYf9WMto/TnvZ1SXIJShg0CYx+hfoIj0DaCZkkTHWBR4aWTcsTE3F3jQ5tg5Iy +sk+4sDvpxO/9nnItVd7vCKFXUKZfkKgFfhslf4bUHIRnPHiRBYIhYuoFk3f/x8pb +5eoy0q5nlitI9YgwqbmvRaae+RGaH0iTcPiXkSxG8mDBnXEjqqvGyoY0ZFNHcd7h +yAsh90V7x2zQug1LatjPA9EhqlTa10KUJRWy2cECggEAcmol0v7LTjQqxvxzlMpn +61cFCjtSFs4i0zNhB/QqsUzDX5HxH7RP9ysk03eVcq304ABb7ujG/iPc04Bt1t9y +0Dw2ulo4CBo+sCpKhIsw/L8+R8P1N6gy18mrjggANxMl83+6V2JjxqaDD7w5eoDv +9aUqfwuK7dQ2HskwJTGoS1EVlHL/tmE9UekIpOcgt9Xd5Pq7OCWVrOpMfMvxf8HX +9nkIjnfQe3x45ol3l3dTR0II1NbkqPokxZ6ToXhKQklKtGyHrvd40qpcfJwZpv5W +yzY43hjRO/kmQGzuq5AmO5SWatPjtZtsiHXDNKZPvAPTbZGTV17GgHYiaDErSSKU +PQKCAQAqRg0HYlHd+l1rQv929MeHNkndsU5+hwoANbkOImzyHgEF/Yi/Pkfreb/x +BWbDT5hIlwqTB3j0hlF5D9U+Du+q0vkn7s0q4/7C9rVGpKHLbb34SngN1ixAuNWp +Y6/aDq4HU43dcmKNFpJMkiqOyo3XiD2jTFcBdBupMDMK2crEkZhSJQNRVLL6aMmN +H/FdN7GOSGlHOq01eMmmMZvrSeyKNoaXN90QSUWYWmzRgyeB35ou82UIbqTUp+xc +YeA6sXYEihKEWuH7/L0oF3AifHUX04O4WVgfuCG/eU7LTjcK5fKHqPZyGlCDdOEs +hXT+qgtAqqk0zUrwh434d60AlOui -----END PRIVATE KEY-----\0"; pub const PEM_CERT_SUBJECT: &'static str = "CN=mbedtls.example"; // Signed by ROOT_CA below pub const PEM_CERT: &'static [u8] = b"-----BEGIN CERTIFICATE----- -MIIEGzCCAgOgAwIBAgIKElgwWDKDQhBIOTANBgkqhkiG9w0BAQsFADARMQ8wDQYD -VQQDEwZSb290Q0EwIBcNMjAwNTA4MDkxNDMwWhgPMjEwMDA0MTkwOTE0MzBaMBox -GDAWBgNVBAMMD21iZWR0bHMuZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAN/SZjoB4zxaOxgtCjC6c88Y8twUUtNoNJu+D2X1vjoEEmeh0CCA -x6fvyDbZE7kad5pTVHWdiaepodWzTf4GcuGKa0qP0jwitDuqBoqraDxYT9saQd4I -rh8tPanoDQO2V6iewJT59EFxwC6pry+EWPox1UuKzd66x5a+yTq4d7ybkgBjoico -+0I4m+4BxZNPmZDSdIZpgfMANGvTZCLt/x4gypqotHH//8sssucJJgMwD+YybYis -wtRCt+Atw2YUQe0JhLs8nMTRQXqREBpz250hITpNsior4PhNsjiMElEFqx0ZmT84 -tQW6lpJ5Yz297xAeUXrdVl+DrvvdhfrqJJ8CAwEAAaNqMGgwHQYDVR0OBBYEFJvl -m+3MJ2eYR9dGydOY0QNRRMaAMDkGA1UdIwQyMDCAFIkuNd0n1URsu71cJCyBnQwO -MsqLoRWkEzARMQ8wDQYDVQQDEwZSb290Q0GCAQEwDAYDVR0TAQH/BAIwADANBgkq -hkiG9w0BAQsFAAOCAgEAGbkSdZL5BC46GTGSR09lEh+cZ2o4fP6uSbkyT4xEPRWx -fNMLZeEJPVzZkar5tVDnpBb3gAoArHIn6ePPiTssYUD/3yN7ZL6YFn4Bg0VBig8e -ZWzQT6BiAmXKRY7JtDdgnhggxfo1x1bwW0r3qz/BYeC1cdqbC9CRmTPFNIKFhZyY -fC1BQ49dI/prfiBlgGO/bIDZfzMNC9b5b7g5aKVQH1e1ViGkRKL4l6tIKp/pL7Nx -1e1H/f2cl33rm+kTvkH5H02Z+Fg2tVnx2xPxMIkpGOnhtrh5H48xT1oxqcZ/ySmp -W7xiCt4QAW7DafRLwhsMhKSxcBxHEl4mRTX2pz5BV5yyq/rTGDRFQAlzBUEteLh3 -fCPsdYOQEQMdPUzx3VAieaHSbR424kcd5Iw3uMBCk2NzyLxbIWKA4Q+9XFIacEdh -TFO2Z/pvkTWMOo1yKzC8NM26QT/o0USgtHBIc2F8FlGEYBLZXvqtOeKJ5mneyLR/ -jnAr18OJv+/DPPSv4qB6LpF+CAQFm0pZisqZdwsMBRgWQ3wml/A+lOLmiajNB3gk -XfzmCVga7Kik6cjP0ExV7rRvvQ9akWgsMLYJm28Ck6k3Nl3AsfiAGf5kFj5VlBrd -Ecs4CTdh5ZsL2pDU+QmWsqRNdN+Kz1IVX7fLvR48MgpKZhK+d97/P37e1kEtXoo= +MIIEqTCCApECCQDboMdUyq5PgjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZS +b290Q0EwIBcNMjEwMzEyMDkzMzE2WhgPMjEyMTAyMTYwOTMzMTZaMBoxGDAWBgNV +BAMMD21iZWR0bHMuZXhhbXBsZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBAKwJrS9Wm5z09C20Fe1e6+es7Js8x1CkSuvBcUIWSfDOJr4eobrHyClsb4Xk +qrZ/l4XkRVyQcLU4li28fule78OItPcUU1CBTsKWtFfUm7qlm9FHmBTyXuvR04mf +zEin5CEfAs5GwJlpeu+ivPfxLwg8ef1Jlc9E8AKtvmN6PAei8/A6qjEcQAZY0dt4 +E+8Hvf5SVDX9hDIXABnstBS8rnInYi0161rv3lcY0/Mw9DttJIcinBGJvRdXjSeF +QsOH2v7VHyrJzx+AYTnOsU46fgyWLn8Ceb0CFPwRnnBW35y4qX6Nn8hy0xtOYYzC +YgVDHth/wzIg90seIZpcPAk49K1IKW5XlbjTEVpQ/Bhfke9iOYtj1jV0wzJNG+hZ +le4HDYciHVmwd8kxfR9owV/4UBVhG6jtXUrVbCfSZ7XmpXDu+5rh6SoB1FJJIJOP +NVJBsSQUIcPo09AIs5/PRIpG1k+1A2buod2bqCs8D+4ZdD18QMwYLOPojmi8wrGR +Fc/W+qePtFFdqtLW9ww0o8O7NRdpawMt3P3S88I4zE26yuEU7e7xOIxZRnkrZL23 +70xgzOuNKXk63R7v4XG1bNbnQVPbw8QQxaIfaYtpk+sURYpsyJjE4wUzzQIaWcpL +/fM2n+b/gjtW2AqVRGycyVrwsNf9lXYlp74cad40uaScrCvjAgMBAAEwDQYJKoZI +hvcNAQELBQADggIBAJQiiRZvAUiKbytuo9WK03COqPVbai46Vx9WOQX5EB/DSamm +NHYWNEuX2ttWNWsHBGK2rAWPXrZDsUmMqis6ipXiGsmHyJyIy6xqK4Jg+Z0kQrli +6Yv5Q+LssEar9vTinuPrYAHA9LEe6FXduM2dbTNfKXCdS3u6z2RS/uXjrK3gviGC +ncuwqRapfLWWugHit5GQ9faNgNbYIRtH01xwP0i0WEyMfqsXPGc4ITsNFJghuB65 +AM0BBIpzU+Z9Wx/2Y8vpLcyQBq2tfhQj9kngdCzRaNTSZ9N9ONjQHDznMvqQALai +sfw62/1W7UPCuy68QN0KOIq6Nc+qI3NLPuCrM9+vY/60/sMGla9I3gzLx2nU7DLc +uSf6mX9IJlS2x5yP4afpPnF+vGXKRtC6JJo/BCfY5ciNqrZrHi4+Q9QapFOYU0Hz +lnpHtHes0ybR/TZt4DPFwPx9dT8AEcX/xk7RtmJtMii544snQE9pWwGydTTvZ0s8 +7qsShKIkDWDbu4g5fZOYh6b7vHFaYKN5nGj5wTDsEfsA/EcrJCMQBK2id0s7PF2L +7RmXnRidc9ZwOMUYc+y7pN2wUv1++AD8lF1NIPNNsseVHPXP7gluN1ZaYzgFQLZS +zpZI4jTI6WjY/be1LCWwPgyNVVsX0DYj5nyzNp3kpEMFGR8NNrIjH0HPBh6T -----END CERTIFICATE-----\0"; pub const ROOT_CA_CERT_SUBJECT: &'static str = "CN=RootCA"; pub const ROOT_CA_CERT: &'static [u8] = b"-----BEGIN CERTIFICATE----- -MIIE4jCCAsqgAwIBAgIBATANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZSb290 -Q0EwHhcNMTkwOTA1MTg0NTMyWhcNMjEwMzA1MTg0NTI2WjARMQ8wDQYDVQQDEwZS -b290Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD6AOBz7HbIi8w3 -Wjjk16oglHRQcICTkvgfl6gbGuSjOoVHmOAn2EWT9AuXtcyNcVFyk90h0dsadqkJ -Enrk3BkTJQmtGW0u5UvcI+famYjZDvYQpGcgXBFmrH7/g/BN4v5VvdrXxUVy6Uyv -Ql60yG7JxlMY8K2OMV13bOpABXhnG/zNr1hCPLQWu52Mn3M1nudFBZff7tZz4dBo -YoMeXkIWQ3t2wypD3WunlQcuGxNOCcXONZRDzeUidh/Yv/4tTggZe8KAnEngKb86 -KwKAhVjinGIN2C+ISpKsDurDxhExA2Na6+EbtLEgkI9AeoBz6tIjt/yv/inil+Du -fEDSmG+P97oY1GNcZMkftjjJd0u57YWz0Ck5bfHdgploh/1VHGdoC677MDWJOb31 -O3mGdpTiBHP2Gh6Xwm8NuZc+tQSPVr/GaYg7slLBl/7GWU9QGjr9DGj/qYozD8tT -cazIHFh9zDP4XC+a+D+3lMA5EMfvVmDmr2QZJoiKBrxbNXXZ0QQcc+Wr9jFBBx/i -BRlpnxr+EDG+Q7nFnbG6x1DkvKhc1KDGBhq/HDb5bBVSr7Pjl2FMNh8HVX64mDbA -7clQJHa1rIjB+HxtZB5DNKQbRobyrWgkTpi5XHPhMw966zrhBWgOdAh+PSeq9FEf -Y0w328/EBWGqIg3rRMOvDAQpbojNdwIDAQABo0UwQzAOBgNVHQ8BAf8EBAMCAQYw -EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUiS413SfVRGy7vVwkLIGdDA4y -yoswDQYJKoZIhvcNAQELBQADggIBAHcRzQhesOTpFG4KINJyzZf7a5lrc8kayTaL -lzSXW1pEl3/OFiMvOayjDq+yVAJB+5j3WZu8AOTFuZ4pBjz2I1hdIt5F2asqnVN3 -8ymuC7t4gNAQGhWJldnsL58iTYGlxFciiT/8QSHJJjYRkKxyhF08Oj3Zbs13J4xc -ENLmwCZMFait+qm7aX3idnUa1XMGO26ioQOi0uEVqu9N4p62OQKd/76vmnaqmIAw -5s47DaaUi7DeiBguLZrNzfZcJTAHNM5VxCjsXW4PieN6mJhQSar40794n7HLHxtG -Xc5UdxT3nLclEAviDJFubA1N/szWtu4vdfehdAKCXkIjwoUEVEOpPYEeYr27JFlP -kaxezxswwxY2UD0MZq21FhO7SpVQdmmvfoJvjQwIsiyoa9UNzC6mTqsJPjln+2mK -p6WHzX+E6GeA7Ng6CyvJsHRsqbQdJ0OXHm4GIG2Z05r4AgBtvI6hkhSfAotBt3Xi -lo5BEO6SbUnPYo03zD4x/76c4j/uZLYxy2n+Qrlm2KTQIUu7KEsKdUnLAxjWYePH -VxcYz0/9Z5H4OzhW4J1Qd6OBW0dqETLlMJauPX5DV/slyYQQasPStEJGgiDiKG+B -Jpjv6PefPTqZawP6gPoGmhF4UyMRWZ+NgqLft1uXTHhrHdnrZFag1oPLjxWFs5hx -pElsC4v+ +MIIE9zCCAt+gAwIBAgIJAO9k749HB1DfMA0GCSqGSIb3DQEBCwUAMBExDzANBgNV +BAMMBlJvb3RDQTAgFw0yMTAzMTIwOTMzMTZaGA8yMTIxMDIxNjA5MzMxNlowETEP +MA0GA1UEAwwGUm9vdENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA +6qb82RrPv8ekB0dtIxpXrWo8Co+1UCNaTwLDwKBCDEhabqMLIsVHZ+dI+noTK+Uf +HKDUAECAddEvFjfAAyC/bicRxpaVeg0Z1sQt0UFUbG3pa9JV8hfQ3lppZSBEV/MT +qAl3jrX6Sfl9JYZdb6yBoHuMGVKNnXEYKDSXpgYjcmdQAtqSfMIJ8Bo1t6CoCDQQ +X8EtseMKsKmHffc0ijvGbjM2g/H28h2haZ10SQqLhLtV1MUD4Gj85CTjneq42VXT +IsPBBG12fPJlbMSqXT7eeeVJVtUG+u74bdYM5UsqxRtwHgg6WQBFoUdu8rAcSPOd +8XFfLbcx4PSJ2mxIDIycgB0KHlS00qFoLFk3t8hBXdrzPp8hWFQNAlduPnZqkxKH +QQsPYE6GtwFZWHuzf4ayD4z+lZfOXRU5PmXR0voFcHjMi6/SD//oBCKDIb66eBXy +TXgsaO5KvQ8D6RDaFHFG6dDD6Dwct2lXgKCJax7qV5Xc+jPeexg/Elz4iZiHE9ew +AUwgqmCPgvRxM13uF10K1sxDi5fs/DdVz0TWVpG6ppfe3xf5AokjdbR5t9LDjkGp +NX+qP9cZD350vzngFqja1S9aB7twR/bavopZg5kwkSH2mSFlf/Ket4dt44Mz4gql +qW8VAg/6B/HuSHMPso8IxcXXZ0dp6crb2z1C+vOttqMCAwEAAaNQME4wHQYDVR0O +BBYEFCyVVVBz4V11aVOadRLxpvp6I40MMB8GA1UdIwQYMBaAFCyVVVBz4V11aVOa +dRLxpvp6I40MMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAKFGpC+y +cG3DctQgweadtkb3RAGwgmlVNf+B2rjt9bVOObFV23dwREhQALCgowAdVqmzRzjs +UbNARWLeYZY1Nk4h8so3qmZp+5zGl9kV7//qPxI+qXhW6pTEoMfQvWx7oFHrfJCx +2CE5Sf/QZhgVfgbRP+k+D58kNgoOwYaAwo6ddHQGkwbULInqJu/+QJGHNgdygpvM +wePy0FgdT6qFxVIeLJ5ZhsGV/om7twOfIesK3JVp9f8QesJw2kYdj4rcH+Io8jzR +reybz9GkinK+iMtGTeL2wLDAYsQu7RAoR8i1h/9KbwWPN22fVdSyYii0RRisMcha +LHRrvJrDRo0QMqWNmlzA5jO/N5n6/fES0zMbuizhUl2HuOYZaJlZ6fx58Js8oW/D +XCoYGa3TCKswkb22gOxaOZmo7zCGG3KvJihwriAelXlbJnDodG7e8x9PSIn+pu1T +HmjMVK8ZH/x20hnLzU2qlE+62paxAd2jfOQ5B43oXSwYA0PaZR51RdjvEW8LZb7P +GT+uxL0JlGDmlw654qKU0P08chlW3W5hSCJqyyk7JY8kzVrtcJ9Lwz1her+GUfo8 +Xf5ze3YdPEzl7NS8Opnw2vfHQpu4nbnVrlPQuoKvU/5eNONDuzHTskGhUfjN1NSU +rMpW5s8dGCGaX+QVffSPcyoqqLK9pLa5lDqi -----END CERTIFICATE-----\0"; pub const ROOT_CA_KEY: &'static [u8] = b"-----BEGIN PRIVATE KEY----- -MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQD6AOBz7HbIi8w3 -Wjjk16oglHRQcICTkvgfl6gbGuSjOoVHmOAn2EWT9AuXtcyNcVFyk90h0dsadqkJ -Enrk3BkTJQmtGW0u5UvcI+famYjZDvYQpGcgXBFmrH7/g/BN4v5VvdrXxUVy6Uyv -Ql60yG7JxlMY8K2OMV13bOpABXhnG/zNr1hCPLQWu52Mn3M1nudFBZff7tZz4dBo -YoMeXkIWQ3t2wypD3WunlQcuGxNOCcXONZRDzeUidh/Yv/4tTggZe8KAnEngKb86 -KwKAhVjinGIN2C+ISpKsDurDxhExA2Na6+EbtLEgkI9AeoBz6tIjt/yv/inil+Du -fEDSmG+P97oY1GNcZMkftjjJd0u57YWz0Ck5bfHdgploh/1VHGdoC677MDWJOb31 -O3mGdpTiBHP2Gh6Xwm8NuZc+tQSPVr/GaYg7slLBl/7GWU9QGjr9DGj/qYozD8tT -cazIHFh9zDP4XC+a+D+3lMA5EMfvVmDmr2QZJoiKBrxbNXXZ0QQcc+Wr9jFBBx/i -BRlpnxr+EDG+Q7nFnbG6x1DkvKhc1KDGBhq/HDb5bBVSr7Pjl2FMNh8HVX64mDbA -7clQJHa1rIjB+HxtZB5DNKQbRobyrWgkTpi5XHPhMw966zrhBWgOdAh+PSeq9FEf -Y0w328/EBWGqIg3rRMOvDAQpbojNdwIDAQABAoICAAC3l+09NGoG3KMcAyXE6JwH -UP4aFIRX25ZbnQPW4+kD9fXqnln+6NQv0wiwYNHXDWDCw9OhAnvk8z8vamLVrsy7 -QnfYptOHnNwYzkV2Q0o8HMCXeCRDn1koDYU2H65ZhFlCnioYSsa1nJ60Fgl2ubqi -cwKTTiwmQBpjmZhta5cAIY2Ffz9RZULbbuxEWNRCjG9KQNFHoh3a+/oQrkecBZyC -vQvuK2TecbydVNPxB/ElXgflZ3N6V7ntlNHOWzBOFP/dtwUfbabS99V24h70QvkD -cdSQVjKR5DHSKSI+ozX8yIAuRQsLTabGQ2Lv9wZeGhQ4JuVqWTxpKyAEAzuXbFp/ -69n4uEABvYsWtQAaF06ZmpA1Ek40o8HynHOJQ+8RjdRflShah/EJLwrwar8ydlAq -6Q9UCH0xvd9USs2KL/XwSPMfKO+2JeDh98wZ4GKGbK/JfYTKxUyLuQNQRiCuuPI0 -DP0dot6xNKtyiRvRsI1jrqzy1QvMiCrwAJ70lucc13XLas1nNCQCzZIcbq0L7/OI -qEfW5PUFyLrVfTEZM0EQs8eNw02G1R1XDBYD2hHlhBXgc5FECeM6EPtqxGylM/+m -8Dim5oZsEN/C5e/AgGiiQgoxadmxmZ9m+bfSqv+HAkgtOItBUX8frLqkYe9GL2Pr -qXI40pMCehI+QKB6h0UBAoIBAQD+B3isiDGk4qgkOLQOk4o0EQ2heaX04qyVjqCv -YseJhoKpnj2IimDG5xCA0VddeKJ+xHLVcEwvJgE75v+4khGQ8PSlA5WJXaznrm5I -UZX26DW8wyxjOxoWjFvnPv9NZYl3IWQp1aHimFIDTMtXMjkBbAI1MsX9un48mXqg -DWQt1xCckMH7KaQAjV5QibCsKYKn7vuOxSI5v1C757xK1BarmgRTtKMKO2iq6jOt -XEOcxqwMAhfzGGjotbJaa6QRe8ItUKsSp9txJQLI0r0nLWAt9MW68nkd+kpPGEZg -GAkKiouWdUKVhVPiFsbO0TmxQSgrABQYQkW19+OZwheZIzAhAoIBAQD78Wjo6oSi -jjBrwFgCCPKRvnA2KGPjUnn0q0LI/CQO7pymygTjLnieTo5Q3y1zpki/7dN7ZdC1 -PLJk/3QbFblaYrDwA3ZitQoBFw76iswZgMnLJXDWhn8SW4NnyRPn9yP/BhjK4bIs -T1vBtwffNOx6/u1RWVECuPs3rHdyMmWlHpAX4Wn47XLjvNggbQcXtkmOpCBtD/xA -4Tty3Xbju2bmg69BkqbHk9dXvL0NHsarplif+ep5VviZbrJSOFgn4//Will0kWhL -FLiPoi86XXkUUhMQ3e9KTKZqnD7pVlKGBL91GsFKA8fb9dRXx7cx0ozNoGHteixL -9mOEIx3goiqXAoIBAQCqZuSiB7IVgx17PrY52OqqRo44NVwHy04t/MD5JW/oZtyb -X1SzlO+aPUGqx8KtJtEJ7EmDt5LDReEqB6iebQ1vhtL1JlRXEwl7WF0OEfxg5h+2 -Ac5yuiCj4396vZ2Qk34E9dc04ON5Fuhc4lS8pynqNEO+39JEg6dOiz3gw1riDRRN -kiUtkB89Z5dOuy5SLn5AnGUOvlpZFmbXxXlfUKnsbqJcbB26LWPm0rfboLqSHgsm -+viJz2QARnHfiblDKRt2PlijaQog+czGXecYsq2D5mAFKcXpQA48xHHg3/6gnZNJ -WFtT5V4BmXm/HkZvCuAhCCpyo3ITwLdiWvptdVdBAoIBADGkKmiiNMoWvCGu/2g/ -PRRMcq2pHa1fxdnYmMsjKzOp/kG60mW09V0z20TCBKGh5Pm0MZRBxnK/Z+MQll7z -09akVXqlJAFk7Hi0g2YITRjFUH1vfiE21PjYATdE3mA5SOVp3R60g7fJVyn/F1T6 -h5HggwAhWh3wNseMeuiMV4zGTdv2tTuwBZAr2GXjNZ+NckbhveXfXXOnLWB/lHpg -pXDMB48jByuRzL9j19gq9ThDCXlT88g+w7LvpcEfivcpLHKoReH6+JK6nXbnnOii -HEZNuaX8JLb+DVg6Owcc1BvF+bdoMyeTQSDs+g7lsgnmE4o8jK8PAIVjIc6aYLuv -GDcCggEBAIe+FhtHJiCniXZNGuaBjqFHj7iowpdyIfdUsMrZiZThDipaL14x4cQj -b9NLQaiWX6m0Gn26a0PdzFNjE+drSYxSLbFrWIb2BKA/cxiQkSS05ucm3LzrMDEA -ASbWAG9c7uxG8Cbp5blkNy4UxcpeYYKD5WiKKw8ebcIcGicvKTHk5H4PO9l+NSUZ -IcBXXuKr/KWUO35hhNi8lMqTkEVbz1oyIfAO01GRxvnoUJNFvCjYDGSNc9tPVA4b -+IXEsjoyV39WFeIh6daHFfu24ocmHSeKz9oBevx29ooVb8bYN2tnXP8RpH3ER284 -4Gumg+HQfB4NgZvp7Yp9m2HLwNImjNg= +MIIJJwIBAAKCAgEA6qb82RrPv8ekB0dtIxpXrWo8Co+1UCNaTwLDwKBCDEhabqML +IsVHZ+dI+noTK+UfHKDUAECAddEvFjfAAyC/bicRxpaVeg0Z1sQt0UFUbG3pa9JV +8hfQ3lppZSBEV/MTqAl3jrX6Sfl9JYZdb6yBoHuMGVKNnXEYKDSXpgYjcmdQAtqS +fMIJ8Bo1t6CoCDQQX8EtseMKsKmHffc0ijvGbjM2g/H28h2haZ10SQqLhLtV1MUD +4Gj85CTjneq42VXTIsPBBG12fPJlbMSqXT7eeeVJVtUG+u74bdYM5UsqxRtwHgg6 +WQBFoUdu8rAcSPOd8XFfLbcx4PSJ2mxIDIycgB0KHlS00qFoLFk3t8hBXdrzPp8h +WFQNAlduPnZqkxKHQQsPYE6GtwFZWHuzf4ayD4z+lZfOXRU5PmXR0voFcHjMi6/S +D//oBCKDIb66eBXyTXgsaO5KvQ8D6RDaFHFG6dDD6Dwct2lXgKCJax7qV5Xc+jPe +exg/Elz4iZiHE9ewAUwgqmCPgvRxM13uF10K1sxDi5fs/DdVz0TWVpG6ppfe3xf5 +AokjdbR5t9LDjkGpNX+qP9cZD350vzngFqja1S9aB7twR/bavopZg5kwkSH2mSFl +f/Ket4dt44Mz4gqlqW8VAg/6B/HuSHMPso8IxcXXZ0dp6crb2z1C+vOttqMCAwEA +AQKCAgBKR7Y+27fsE7ye+UNZG1up77k19qwExEwwOsXQ0mpWDQljgIVj6mNiRtrZ +P4+WE5+3pkm2ErUXlrJ7LAbCdrlim0eLP9vtmPwW+l8uoKmi8WA0246NZnCeEqzO +cFpyJOaSCP0p1f13MV0mZdRqJ4eZT8LXuURPFJ/7Cjr/OW47Ju0zGhHJIHuY4BMl +H9xRTHnqdfKLHz4hEmlrvLeLEsUL2XZmalAr8KlKD6fh/06PI+ZVxlAl19ZGOk87 +jDQbyIlftewCBMy/XNQyjEcJ4X73w1dl/2WIReGqk1nds9/EKZ1iRGSEDAv+s+gx +NwKdLVFQPv1MMXO+rGp/FEvyfQiFAnq05ts/EF381UOOU+4DgTLGY4kYCPj0nwAf +Eicj40/UAYaTVCC6LFqlk2E3kRxGBbqOHdarvgyExclzbWvjMYjsQYZJ3Cq3f8L5 +u+V9Qgp9LKCUOCTISk/1rePYz5Gt++oLJl8PnDq6HLdWuoM65gsF0CZ6xC6Lkygi +F4+PG7k93GqDAUXB2WEihL897uteUGbTqqDP0dAOiCQOVD5lKAikMgxhBePYOOdl +e3Ss740X+Qmu985BvzrShuIq1GjJGKvHA7xUxPxBGq64h+XmLKjQM+mJlyBKB4gx +UvxYt8TyXkMx87TZog35kUs078wmyqbM7wOCGyOwG92f0UjXoQKCAQEA+R50M3HL +wBkDwQJqwtdynXwhG1SXQsXpKigbVX7XdeI0bO1EkI+y/MQKV57tDZvkYC2kXcX1 +hGXzmeqf2JoRJTPIVBxPg662Q5OovySyOh8DxHJpFrEjeBdSDYKCLmPoEMZbITvz +0MYPxZdL1OgPQTfOFzQEmNOZs5GmwWSh1woSfZLdcPpBegKBRx9Nsy1WxyMyoKPA +1zuKZEpeEQq1ZbZ7cFbyceRt7SRPf+V3qwSbTBihHCLQqGvkdC3mZn21PvaO4FO5 +OQfx/sAbrFiMqruGZRU6QhZRXy6BDRiB+AowPYDCjk43PXwrC7hvn12iD0DjJAW7 +Z7zSutFiMVUUawKCAQEA8SI9DVf7EDyPZMvNHSay9LtCp1Hntvafp99SXJfYzVc+ +TjB2Fblvze7LN1IPyo4yD4O44O4mmbs+huvZYqGJQ5per2p8tbhIu0rd7TVcVctZ +zdDXlMFzsW1EyHAkt2R0wuCpwLJXm4A12oIiOlAz7gEa5VsId/NPYG2oVEOB7fx2 +0c6XXAPhQ4IrREUw/pLg/QrG3sxS3M827kk0/QNwr0j87i89pVCswGdFSwR8EUys +4dWvl7qsvXJjDktgn7TK04cKAHWrOuLjj0dU8GRxUec594wmldTEiJ4969T+PeyE +4HaOWKTdIdR3l2gp/2A65upVLO/UE7reXM+Ueni0qQKCAQBIFvT/ch3JIDQC5YUp +jxk+043tD8SZ8RWxOlv2mLcXCPes0dh2kO710HFBu97TglpLLsoSzNdokew1jTzm +fGcbwell1a945tUdpxw8/AyLXzBC5+zbQTWHahA3kp3DeOvN9uimLGg48SfdQRQT +r3fCoriD5Gy0IP+ohCyiaFGhHewN5LMqH3FVMmZgw4FDqYokJF5hOCH05uj8brzb +56Jopa8A6lhMdxMMfeZ3l1rS5YlfMv1kW/rP0jERIbs7y4Lojob4CaJfC5qO4t7f +N9y1B4EzvTnXqAeyKI310TLDKYeeNKWYcq/vngAC60N59amRCnDwmqwJsA23PCJT +LlCzAoIBABFTeXmM+dA32cHPVwSiNDebgPWO0Ax4eg5Q4JUgoAZZH3P0zXdQJLVy +VA28ir/uKbCtsUoQMpvXNW3yYmNQ4hEGdYk7KIzSGf/DKGET9XeArgo42FSq9coo +5MlWLX0z7aPXCrt61QqqUrRJp3XzL1gJokoamWgtBmYSWwb69soH2u3GX1/QM45r +Ovqj0hpoqVvlO1bk7YtKJFNI1VLcvWsK3omqwU4wlskYYoU6ZEPF86IifYR0eFcA +chej2OSA1BYQ3Oodilkn1lwELxk6zl2pNKQR4O/hIuICJMbePgprBT0vp5i899qn +bpRleqcL3g+bhNU+wklMow+eJrgKFkkCggEAa4/qlP/AdH3E+Y6UiMD8GnFs1RqH +NqtZnsGYjQIYt90tpY2uK7OnyBvkwbP62DtJHAsfC+efByiVlca1op1JFvhyfXom +Yt/NpTjVxC2gSIQd1jxsGsOWCmiOBKsjbAEnccEfy8II9EdZysuIGNyQW10g735P +jq6SuEPqWexm8RvzXizb2+WpPW54QWYQ8OQu9g6pjVNMwy9Q7pk5FWYKoI3ZK6go +FlA+BzOedBD8G/chlqdHPIUnstz6j9UFnqaNaUGbdrJDLOrJORlUZpAs6f2xSNaf +8wwlyv72eFVhgy2L/FaYf/tYjQU6fLuw2muo7OZS+eqoNbhDcxkLyZF7fg== -----END PRIVATE KEY-----\0"; pub const EXPIRED_CERT_SUBJECT: &'static str = "CN=ExpiredNode"; pub const EXPIRED_CERT: &'static [u8] = b"-----BEGIN CERTIFICATE----- -MIIEIjCCAgqgAwIBAgIQEp7jjh4EXBbKv6nGmkRH8jANBgkqhkiG9w0BAQsFADAR -MQ8wDQYDVQQDEwZSb290Q0EwHhcNMTkwOTA1MjEwNzQyWhcNMTkwOTA1MjEwODQy -WjAWMRQwEgYDVQQDEwtFeHBpcmVkTm9kZTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAOewBNbMSk8Ru6puwowiZtPpEHyIhNfBmPYHMLPciuPNRxajUPDm -0egYk2bHKpXM4AT2o1CHAppZGShUNTy3Hnkbp3Zs3usgrzXyaGWfz4PLPFSIzd0t -ciDdrUGKqqArq+PTqRVtfVpQFX/h1nA2x/1aQmES2Mx4v5vz0K6eMCJjETqSGxWO -ekTMfAsclI3byheyL7A1mXLihBysj/DaclT42qGOxvrWteo3iH+TBFl9pzwVESBV -p5KzVzL0QpEI0eNrkAsMs46HgHgYQeDiM4w5fgGXVphK2oVNfNBWdCjQXr3aq+eL -MEDp2H+LNqzV+6J3e0sLTi6PdukXbqzlyuMCAwEAAaNxMG8wDgYDVR0PAQH/BAQD -AgO4MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQURbdm -Cj5LbX98YTpKAwxqWca0dj8wHwYDVR0jBBgwFoAUiS413SfVRGy7vVwkLIGdDA4y -yoswDQYJKoZIhvcNAQELBQADggIBAL2YCL69kSfICx/gRGvQcoChvk5tQ1g8DCpo -JQ0a3GsNW+ACjv/O9CWiYX2mjg/VyO7nMJWDacwVOgr3ckgIwcjpS0MXRDOABcSE -gOxYezgpqEWenYTyNBV/gHkYZcaNXnGp6rCQ6Yz7gIGQ4ExlOEDWwzA7t8PjWCph -jN1+HDUcdJooBr7WyqYuoDYpUTZFZq7chPdYeyXVhhb8A1mMw4MGt/RulrL/hAru -RFvODsq3gdI9XAoollWN1ysdkGqwZrw3TdvFlVCV0MuMS2A2ayveNfjBNVIqfrYu -VK8u2je9c2VIOBxvhD6fGrSNdUDcIfOqG3/bQ81nZ2+MCi1pPPO1gyZzSUg2eRsg -egpasmyFwb84YcUtbZRZFj8lXbiBdbzd+oAmYbw+k3Ki1Efrik7lNG8JDN300Z74 -285FYAgtgJzJkClixpQi1AReLAkzNQ2JsNNFBkyRfc8BHEit2iue/QetuEUjv0Vh -WFSG50uK4E2/vRC7eNyQKp2qhcLNwXULVmtwhuyzzG4HzJ6xkko/jbF/wTSFY5py -pWfCK7fWQzgMCbqalMCUsUZsaBNvOIDpA/QZDNVqw/KDlhUSVT+y/rKPwVq/iyjQ -2qQUYwKzYiF2rzeOx3PxlQDKTVA9QDwfFQZb7iu/33n0ahdT2WyeuZ0Cm4Ztqpzb -LigtrEQx +MIIEozCCAosCCQDboMdUyq5PgzANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZS +b290Q0EwHhcNMDgxMjI0MDgxNTQyWhcNMDgxMjI1MDgxNTQyWjAWMRQwEgYDVQQD +DAtFeHBpcmVkTm9kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOsP +3bBKNfOAAlfStB3cDGCUOPzl/VdFX7LhdufQE7HTTsseEBypOmt3JoF/ptNJAI1p +Q6ROugUSXUHn1i3NH0GDGTvo/RGAQ7vCT8bfV3xArlkotIWS4Pj7KNSQ8ZgTrxpn +DIXvwRx0qDQHEVjT1VCwvq27ybZ7JihtTxl2FUXkf4FshqjScJ8Zwd3IY8I2GFIz +xowJ46yneSNYiusbDTvNXQO4pvbzB3EwpKg3P1Isy+xFJR9+DC+q+UQh9z7A7I3T +CYKbtBnbD+LQnYLEMV5oaD3T5MhPilaoV7HnkwTQL1m/Mps0tUaWmiFvHdg3bWO4 ++HFVrStUklifzx4toZI25+j4uwNlrfP35e+nHFmjHgAPNfsJ6yC4nxh16ohLQCF+ +VCZQQ31axxXuEWFGMUTIwdgXU5+4/5U4TpGxD6tBxSEDZV073J5aQdnewX04oDic +KwnkaiSF9xBp5sQ/tMRwu+yKc+KbQXQkpgWvL4YUaxDeF/6/6Vi2P+Cn71lJBZ/I +8e5X0/uqzhnH5pdAXebdlrrZQ0eg7/dQv28kTT+XW2s3k7Z0uuRZjKLrTyjdlGeb +jsxIYJwBCNs+1JnYO49tTWzImkaN6P65CnGP/8jQ7TpkzQJkgDw65K7NZFyP2/D+ +YU4JE489JZUeoKlThk3NmHIMsux8mEowNtleRCKrAgMBAAEwDQYJKoZIhvcNAQEL +BQADggIBALY6Zq91Zgouhi2wlqtBK/JeapMvB2tm8R3YtcpOYxvVtX7BWFDlhV3l +Q5PTtFwCwjyCtHP6Bm/AxrT/KAXp2XB7y9slOcosS7snP3Nw3yqnuUW2G6yToAL1 +QqAqve0HoU4Snjs00ork4tAlzSiXPvaWzFN5or+NT/9ibwG4KnM+BI8llg8mudDb +tbXIJ1jWmHlL2dKgbwa5QgrF93N0zwTtVPV9SH48F5jNRLBxevH8DyVadFysDEaY +yUSD4jt7Eysu9kY+pICVZyDXxbrvK/n2L2dIu7VYSnUaWPEy7o6JlaAD2R1axLis +dWDivAZhN1pK3xwzLGC2RwVXIVpyT8JhCx7+owgZozQZXv4aMVfi6xRqrs6JU1UC +63QT/4dSaiGwa2WHsFgFg1QOLR4imA24H3jNwBEVu+M+xwdVqruzisSGI0qElx17 +487meRPBBTPRjnPG5JpaFPHIwAR2Jagr3kOjRKHT0U5T3pljftvTJFV2sfICOCZw +KZ6D8Gbl+3+rQQY0ruOkLT5N5psXI4+QZ8KwV3rMPWZ+VYJO5XsNjbq4S9JScB6q +sVD3sOaGDDJucXSAFjHRZFweau14Ai/Sq8dCOjCWH9+eGKMutow7g7dhuwpiJF+g +V6rqZaPn9tvoL0ITu06BOT1XQ6SB81lct+EGMwTE8qj5WFWyiNpD -----END CERTIFICATE-----\0"; pub const EXPIRED_KEY: &'static [u8] = b"-----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDnsATWzEpPEbuq -bsKMImbT6RB8iITXwZj2BzCz3IrjzUcWo1Dw5tHoGJNmxyqVzOAE9qNQhwKaWRko -VDU8tx55G6d2bN7rIK818mhln8+DyzxUiM3dLXIg3a1BiqqgK6vj06kVbX1aUBV/ -4dZwNsf9WkJhEtjMeL+b89CunjAiYxE6khsVjnpEzHwLHJSN28oXsi+wNZly4oQc -rI/w2nJU+Nqhjsb61rXqN4h/kwRZfac8FREgVaeSs1cy9EKRCNHja5ALDLOOh4B4 -GEHg4jOMOX4Bl1aYStqFTXzQVnQo0F692qvnizBA6dh/izas1fuid3tLC04uj3bp -F26s5crjAgMBAAECggEBAKsbqyc77zFgJlojvNij249rlDp01K9HkoE5JDXhjk3Z -YEQOz4tq3OFtrQb91qyVh2kDAfBKFZkKbnMDZeH2V7IXw2DJ3QSHuf68jW9oTGjI -Y0EHXAqaMqylKvy5vXPXbPYwbrKdjzNw67/reWScgKzSyS1KLwUrtE8oDRm5SFFL -svuG3jOiDscXU+WD4fBLECSlZ8gmdHAl8KpQobtylp3s0ApJV9zcwE/yHoafhlr6 -/vi5UtLZyE0J3VGYc/5yrPI1Rvv8EO/8g7DCw5yF10AhwO6fuGv0IiuBX2SigNCN -7/Y1DArGoif3hwCUDbsE0SJhsvYYVeUULfRXpJTHj2ECgYEA6fD1g35qvkkObLUw -FLeKuCjCyy9uDlIev6Kk/SEWlCL8ZTo8a59JXYm2mT+shH+o0REQV4BQ6pkRtqev -z/kPBaafIGPwF3S9MnZw0d+3GizbK5Bzj02CI64ZP7W9EzFR212M04Ld1mrl07uf -70dnMUTKy/jThtBSOEJ/d+5BlFMCgYEA/Yiou3AFCgoxGq0orUfVFF4tyVEIeEz8 -OujvpoIIu3gjnqBukCceGQEG5/p4MGe+HVsssTmYpKFP80IwPW7WqkrYakBNEcCT -aQ2/eCy+RVSt1rda4sgTYWV5VNNgQ6IDJtTKziuX1cSjIdbVLzrPV9K2s1+tXKLg -SFJkfCfpHTECgYBXF1tvPorimDQEiFeD/uhnstUB64BfWHcWBKjDi6PqNjQcQ1fn -AP/BENmnp6rEEPp6Co445Q46qA2OIFM1a5UKF4O5/TqOoOkmdi1+FHkIB5b4WuiK -euJuAgxoSXJASOYecm9Q9rE7d8Rj1L+vxrdGAkQ1N0cYM0nIpAjsTwie/QKBgQDg -BkI6JXh+b5UGIl2gB6nzbmh8y7p1Omlh0HP6KEp5BGZNAyvO+pGwvGSS1JIhC3pE -zEyIaQFE7zkLFMA1eFv8a1ghQqIW/pgCquA12ythbbqR0MBhRTNCy3xThNc5y82H -IV32oTRv8mnHO+Jx8kBGNO21P+Sax1zw6sTZpBZq8QKBgH5xnIoHv/AxR5wzokBt -C4j3yqL0Gbs+moaswS1UR8XSnKt8TBcXVozCAy12A4qKSjkP7VKPTLeTOZxw0UBe -8CzQYNKoIGy4ayFVi+VKaNCHKvJm0diQkKw5Tz7L5quBBjt8JpmRtNbPsjXiq4Is -y14Xc4kb05mM5M9u685eWefa +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDrD92wSjXzgAJX +0rQd3AxglDj85f1XRV+y4Xbn0BOx007LHhAcqTprdyaBf6bTSQCNaUOkTroFEl1B +59YtzR9Bgxk76P0RgEO7wk/G31d8QK5ZKLSFkuD4+yjUkPGYE68aZwyF78EcdKg0 +BxFY09VQsL6tu8m2eyYobU8ZdhVF5H+BbIao0nCfGcHdyGPCNhhSM8aMCeOsp3kj +WIrrGw07zV0DuKb28wdxMKSoNz9SLMvsRSUffgwvqvlEIfc+wOyN0wmCm7QZ2w/i +0J2CxDFeaGg90+TIT4pWqFex55ME0C9ZvzKbNLVGlpohbx3YN21juPhxVa0rVJJY +n88eLaGSNufo+LsDZa3z9+XvpxxZox4ADzX7CesguJ8YdeqIS0AhflQmUEN9WscV +7hFhRjFEyMHYF1OfuP+VOE6RsQ+rQcUhA2VdO9yeWkHZ3sF9OKA4nCsJ5GokhfcQ +aebEP7TEcLvsinPim0F0JKYFry+GFGsQ3hf+v+lYtj/gp+9ZSQWfyPHuV9P7qs4Z +x+aXQF3m3Za62UNHoO/3UL9vJE0/l1trN5O2dLrkWYyi608o3ZRnm47MSGCcAQjb +PtSZ2DuPbU1syJpGjej+uQpxj//I0O06ZM0CZIA8OuSuzWRcj9vw/mFOCROPPSWV +HqCpU4ZNzZhyDLLsfJhKMDbZXkQiqwIDAQABAoICAAO+mPV5+SoL2/2yKZRgMQJI +2i+NKl/9huy+krpWojmu+A5cSD1spLWZjE97zRiIjS2zg5RWfLgf9sRaARtxrRHK +GNjPeViSBoIzMjokzKv6C8z3zQhjspnExn28YVze02dERPrNOvJNGXDau/gCR9+l +MSRrXWc+xvjV5PCu5N/cJ/vT0sFVuN2P93qk+pHZcsG8eWk5rxrNAC0D+BKOt8NA +Hj807dP5QyEWeUkEuEmC1SzKXTEHPQJ1YssnD108jYgk2H3wJQpUZwhh8mBm57Jt +T1vMyFQ4kCeZPuximAD3oAl59kBqsoiRVZs6ver31xJDnBGSH9QU4M/wm8gLSguW +aic+H9o88wgI/AgiVWLerQ2zpOACGP5WZATaAwyKvuS051S4aopluec9aOfp7xig +6Yij1i/iiN2KTVH1XKpVcbFEvi0Qd8hCcNODJKqOIFJK1FQ8jH9lCfHy5+h3T91j +wNY044gz57vlova9cntUEiSOnvUGz/9pc2MbZjZ9aYHH2lFwJlYvLUvMFKFHCnl/ +Hk48YF3Pp37wzPXS7XJhdYZLM79eQGX00Y/q8juzp50n0we5YGFwsxDK0qaQacRg +7k/C1FTKbenKizIXPGhGq45pmcml8Vm0da+rEKPwhl60BnOtlwr2zO/qB/Isji8W +N5kwBGmvPi9RUTFWt1whAoIBAQD+mBithjhrbOp1lRyMtVa4foi2l/yC1Yh6W5Ce +JtnBB4H1u1cIezjonZNYHgIC28H63KOn2ZJbJIdTziJKpno/NlxojqPEol8hCNws +Yti0RyDIsR02DlzyjoCTiNECUVGch3Fk8AXZPWME5YUWGCTJY2kfLvMgJ00LFhFz +5V9En9WlUW/op/sBEOunFaSZW7ZuMqFo7xjBRCFXq1R/GL1OS9SQamOsHH37FJQe +/+A+gbeo/f6L3pB3cmsqTH0jI7uwHih2hE+62lDLTZb+pbAACH0Wb4bL2s1ydQy9 +bdO04jKYY08Gi0wrhvU0uYVO4bkLIWUWBUgUg92IN3p5OZ49AoIBAQDsXCiAZMPq +P9Cdw08XFkmFnWlxfLsZ9xT2FZ3ne3Q66U8ne/eOlY3xmRbciR3UvdUxaTztT/G5 +3vWTXwXKy1mwKRN0uNslnCcjYLoGrayo6ie6T/oyl5/3IDpLnODLh5FUJkTG7YaU +6aHz5LOARUoblrRPNp5RChUfMoANdmMPMAqKl1mJtbqm7IMfuwlK3r8/YNMkKnOH +Eys7zNb+pAEVGXUgSQ+YnV45UKS+DOr6dY3BelrgxgNtBOhCxJWUpN/UELDqGATc +M+W5gtQWIk79EpLYnWv4CJWSo5YbqE+uRXU6jUWezMj+Bui/wsyZpKs4fRTnkr3+ +LkeBnpjJZ/sHAoIBACQE8LjcHG9WYXVxOzDNFw/TFxR+PENmYoCtI7C8XmJo5YIW +lyGkDVEbuhTlafNtk+wh+yVsKsCqUlsQ9tkI5JK85iYEyDaxojPSRRQih/Y5efHq +3O8g6RWIA7jbynZBewJiRzC4pJsvjCrNLh8KG2pCnkTDJ7KM3OGMpbt34BqdYmSZ +OPP5kBF+i1iAP2FTEGRW1W87JI1zTiRRIQs6PM4u/EvSQXfAMDKtnqckHF27jHhk +Nvci7d14WqEJYUrva0ZnfeIGpiERcgzRVWOBnXzjto7OCIwe0KI43SyPtTwKJI5a +vnt2ibg+x8JF3Q5j8QIaH2sWJDSC03zKHJG6DSECggEAIIbyP/EeEQ+lKwDk0n2L +sqqeBzMuIH2jUdZZu7B+p1jSPtHNmL62IQh7X/AyvcM+IqWj79ivoG+xhg1uo6Dm +f9q3Rbnm1r8tl63JDAA8oaZPv1EgUnQRXJX/z8YQHZJTiqwVjPbFLZsVYZYYqc9f +Snqr57bRhL+JdpihjLi9Gyr2WGpJtSzgOfaUePppZfdPhG5TwEdjTLRzn7Ap6jMx +vvCY8M99KPiHLgYOFeV7NOqWjojDFunJMOia+g1JtIIYF3wQjLavfIpb0/LQMxeX +nTZAJTVM1X6A7wQ6NSYtiQMgBeXJLfhqtKLIxxMMyxwhQA3eoZvNL7y4tHrZ9eWs +YwKCAQEAsnVxiwa++56roRF0IOOQS85KMuQHEIJrbiS8gBpTJdy4KGK3nZinIRxE +4l1X9eZunGtOjP+tJA6eTLBdJBZGafIqhETstJeylbcEjCE0oz24zbksG3HM0jgd +UmnyAO5yl2Fy1lEoNYKkymcoCcu2UgQweTqnjqvpx1YI8OE/cN0ixe8+Q25f2pkB +nWQ4bugQwSHPxl+A2AEPgx9PlEhs4vwQ7bvstH0u8SeBMfKohTnGbxBB6lVc0ECa +vrIambdMv29AorxHVsThgHAbF025IVDSXiMfnhlW9lopta/OEx2GcFm2xX+ifgux +UBmxY3SiqIOwAQCFsNnlqz3CG1VMkg== -----END PRIVATE KEY-----\0"; diff --git a/mbedtls/tests/support/net.rs b/mbedtls/tests/support/net.rs index 36dd8de98..b3036fcc8 100644 --- a/mbedtls/tests/support/net.rs +++ b/mbedtls/tests/support/net.rs @@ -12,6 +12,9 @@ use std::io::{Error as IoError, Result as IoResult}; use std::net::TcpStream; use std::os::unix::io::FromRawFd; +#[cfg(feature = "tokio")] +use tokio::net; + pub fn create_tcp_pair() -> IoResult<(TcpStream, TcpStream)> { let mut fds: [libc::c_int; 2] = [0; 2]; unsafe { @@ -28,3 +31,14 @@ pub fn create_tcp_pair() -> IoResult<(TcpStream, TcpStream)> { } } } + +#[cfg(feature = "tokio")] +pub fn create_tcp_pair_async() -> IoResult<(net::TcpStream, net::TcpStream)> { + let (c, s) = create_tcp_pair()?; + c.set_nonblocking(true)?; + s.set_nonblocking(true)?; + Ok(( + net::TcpStream::from_std(c)?, + net::TcpStream::from_std(s)?, + )) +}