Loading hash.rs +25 −25 Original line number Diff line number Diff line Loading @@ -3,7 +3,7 @@ import libc::c_uint; export hasher; export hashtype; export hash; export _native; export libcrypto; export md5, sha1, sha224, sha256, sha384, sha512; Loading @@ -12,13 +12,13 @@ iface hasher { fn init(); #[doc = "Update this hasher with more input bytes"] fn update([u8]); fn update(~[u8]); #[doc = " Return the digest of all bytes added to this hasher since its last initialization "] fn final() -> [u8]; fn final() -> ~[u8]; } enum hashtype { Loading @@ -35,7 +35,7 @@ type EVP_MD = *libc::c_void; #[link_name = "crypto"] #[abi = "cdecl"] native mod _native { extern mod libcrypto { fn EVP_MD_CTX_create() -> EVP_MD_CTX; fn EVP_md5() -> EVP_MD; Loading @@ -52,12 +52,12 @@ native mod _native { fn evpmd(t: hashtype) -> (EVP_MD, uint) { alt t { md5 { (_native::EVP_md5(), 16u) } sha1 { (_native::EVP_sha1(), 20u) } sha224 { (_native::EVP_sha224(), 28u) } sha256 { (_native::EVP_sha256(), 32u) } sha384 { (_native::EVP_sha384(), 48u) } sha512 { (_native::EVP_sha512(), 64u) } md5 { (libcrypto::EVP_md5(), 16u) } sha1 { (libcrypto::EVP_sha1(), 20u) } sha224 { (libcrypto::EVP_sha224(), 28u) } sha256 { (libcrypto::EVP_sha256(), 32u) } sha384 { (libcrypto::EVP_sha384(), 48u) } sha512 { (libcrypto::EVP_sha512(), 64u) } } } Loading @@ -70,23 +70,23 @@ fn hasher(ht: hashtype) -> hasher { impl of hasher for hasherstate { fn init() unsafe { _native::EVP_DigestInit(self.ctx, self.evp); libcrypto::EVP_DigestInit(self.ctx, self.evp); } fn update(data: [u8]) unsafe { fn update(data: ~[u8]) unsafe { let pdata: *u8 = vec::unsafe::to_ptr::<u8>(data); _native::EVP_DigestUpdate(self.ctx, pdata, vec::len(data) as c_uint); libcrypto::EVP_DigestUpdate(self.ctx, pdata, vec::len(data) as c_uint); } fn final() -> [u8] unsafe { let res: [mut u8] = vec::to_mut(vec::from_elem::<u8>(self.len, 0u8)); let pres: *u8 = vec::unsafe::to_ptr::<u8>(res); _native::EVP_DigestFinal(self.ctx, pres, ptr::null::<u32>()); fn final() -> ~[u8] unsafe { let res = vec::to_mut(vec::from_elem::<u8>(self.len, 0u8)); let pres = vec::unsafe::to_ptr::<u8>(res); libcrypto::EVP_DigestFinal(self.ctx, pres, ptr::null::<u32>()); vec::from_mut::<u8>(res) } } let ctx = _native::EVP_MD_CTX_create(); let ctx = libcrypto::EVP_MD_CTX_create(); let (evp, mdlen) = evpmd(ht); let st = { evp: evp, ctx: ctx, len: mdlen }; let h = st as hasher; Loading @@ -97,7 +97,7 @@ fn hasher(ht: hashtype) -> hasher { #[doc = " Hashes the supplied input data using hash t, returning the resulting hash value "] fn hash(t: hashtype, data: [u8]) -> [u8] unsafe { fn hash(t: hashtype, data: ~[u8]) -> ~[u8] unsafe { let h = hasher(t); h.init(); h.update(data); Loading @@ -109,18 +109,18 @@ mod tests { // Test vectors from http://www.nsrl.nist.gov/testdata/ #[test] fn test_md5() { let s0 = [0x61u8, 0x62u8, 0x63u8]; let s0 = ~[0x61u8, 0x62u8, 0x63u8]; let d0 = [0x90u8, 0x01u8, 0x50u8, 0x98u8, 0x3cu8, 0xd2u8, 0x4fu8, 0xb0u8, ~[0x90u8, 0x01u8, 0x50u8, 0x98u8, 0x3cu8, 0xd2u8, 0x4fu8, 0xb0u8, 0xd6u8, 0x96u8, 0x3fu8, 0x7du8, 0x28u8, 0xe1u8, 0x7fu8, 0x72u8]; assert(hash(md5, s0) == d0); } #[test] fn test_sha1() { let s0 = [0x61u8, 0x62u8, 0x63u8]; let s0 = ~[0x61u8, 0x62u8, 0x63u8]; let d0 = [0xa9u8, 0x99u8, 0x3eu8, 0x36u8, 0x47u8, 0x06u8, 0x81u8, 0x6au8, ~[0xa9u8, 0x99u8, 0x3eu8, 0x36u8, 0x47u8, 0x06u8, 0x81u8, 0x6au8, 0xbau8, 0x3eu8, 0x25u8, 0x71u8, 0x78u8, 0x50u8, 0xc2u8, 0x6cu8, 0x9cu8, 0xd0u8, 0xd8u8, 0x9du8]; assert(hash(sha1, s0) == d0); Loading @@ -128,9 +128,9 @@ mod tests { #[test] fn test_sha256() { let s0 = [0x61u8, 0x62u8, 0x63u8]; let s0 = ~[0x61u8, 0x62u8, 0x63u8]; let d0 = [0xbau8, 0x78u8, 0x16u8, 0xbfu8, 0x8fu8, 0x01u8, 0xcfu8, 0xeau8, ~[0xbau8, 0x78u8, 0x16u8, 0xbfu8, 0x8fu8, 0x01u8, 0xcfu8, 0xeau8, 0x41u8, 0x41u8, 0x40u8, 0xdeu8, 0x5du8, 0xaeu8, 0x22u8, 0x23u8, 0xb0u8, 0x03u8, 0x61u8, 0xa3u8, 0x96u8, 0x17u8, 0x7au8, 0x9cu8, 0xb4u8, 0x10u8, 0xffu8, 0x61u8, 0xf2u8, 0x00u8, 0x15u8, 0xadu8]; Loading pkcs5.rs +13 −13 Original line number Diff line number Diff line Loading @@ -2,7 +2,7 @@ import libc::{c_char, c_uchar, c_int}; #[link_name = "crypto"] #[abi = "cdecl"] native mod _native { extern mod libcrypto { fn PKCS5_PBKDF2_HMAC_SHA1(pass: *c_char, passlen: c_int, salt: *c_uchar, saltlen: c_int, iter: c_int, keylen: c_int, Loading @@ -12,17 +12,17 @@ native mod _native { #[doc = " Derives a key from a password and salt using the PBKDF2-HMAC-SHA1 algorithm. "] fn pbkdf2_hmac_sha1(pass: str, salt: [u8], iter: uint, keylen: uint) -> [u8] { fn pbkdf2_hmac_sha1(pass: str, salt: ~[u8], iter: uint, keylen: uint) -> ~[u8] { assert iter >= 1u; assert keylen >= 1u; str::as_c_str(pass) { |pass_buf| vec::as_buf(salt) { |salt_buf| let mut out = []; do str::as_c_str(pass) |pass_buf| { do vec::as_buf(salt) |salt_buf| { let mut out = ~[]; vec::reserve(out, keylen); vec::as_buf(out) { |out_buf| let r = _native::PKCS5_PBKDF2_HMAC_SHA1( do vec::as_buf(out) |out_buf| { let r = libcrypto::PKCS5_PBKDF2_HMAC_SHA1( pass_buf, str::len(pass) as c_int, salt_buf, vec::len(salt) as c_int, iter as c_int, keylen as c_int, Loading @@ -44,27 +44,27 @@ mod tests { // http://tools.ietf.org/html/draft-josefsson-pbkdf2-test-vectors-06 #[test] fn test_pbkdf2_hmac_sha1() { assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 1u, 20u) == [ assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 1u, 20u) == ~[ 0x0c_u8, 0x60_u8, 0xc8_u8, 0x0f_u8, 0x96_u8, 0x1f_u8, 0x0e_u8, 0x71_u8, 0xf3_u8, 0xa9_u8, 0xb5_u8, 0x24_u8, 0xaf_u8, 0x60_u8, 0x12_u8, 0x06_u8, 0x2f_u8, 0xe0_u8, 0x37_u8, 0xa6_u8 ]; assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 2u, 20u) == [ assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 2u, 20u) == ~[ 0xea_u8, 0x6c_u8, 0x01_u8, 0x4d_u8, 0xc7_u8, 0x2d_u8, 0x6f_u8, 0x8c_u8, 0xcd_u8, 0x1e_u8, 0xd9_u8, 0x2a_u8, 0xce_u8, 0x1d_u8, 0x41_u8, 0xf0_u8, 0xd8_u8, 0xde_u8, 0x89_u8, 0x57_u8 ]; assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 4096u, 20u) == [ 20u) == ~[ 0x4b_u8, 0x00_u8, 0x79_u8, 0x01_u8, 0xb7_u8, 0x65_u8, 0x48_u8, 0x9a_u8, 0xbe_u8, 0xad_u8, 0x49_u8, 0xd9_u8, 0x26_u8, 0xf7_u8, 0x21_u8, 0xd0_u8, 0x65_u8, 0xa4_u8, 0x29_u8, 0xc1_u8 ]; assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 16777216u, 20u) == [ 20u) == ~[ 0xee_u8, 0xfe_u8, 0x3d_u8, 0x61_u8, 0xcd_u8, 0x4d_u8, 0xa4_u8, 0xe4_u8, 0xe9_u8, 0x94_u8, 0x5b_u8, 0x3d_u8, 0x6b_u8, 0xa2_u8, 0x15_u8, 0x8c_u8, 0x26_u8, 0x34_u8, 0xe9_u8, 0x84_u8 Loading @@ -73,7 +73,7 @@ mod tests { assert pbkdf2_hmac_sha1( "passwordPASSWORDpassword", str::bytes("saltSALTsaltSALTsaltSALTsaltSALTsalt"), 4096u, 25u) == [ 4096u, 25u) == ~[ 0x3d_u8, 0x2e_u8, 0xec_u8, 0x4f_u8, 0xe4_u8, 0x1c_u8, 0x84_u8, 0x9b_u8, 0x80_u8, 0xc8_u8, 0xd8_u8, 0x36_u8, 0x62_u8, 0xc0_u8, 0xe4_u8, 0x4a_u8, 0x8b_u8, 0x29_u8, 0x1a_u8, 0x96_u8, 0x4c_u8, Loading @@ -81,7 +81,7 @@ mod tests { ]; assert pbkdf2_hmac_sha1("pass\x00word", str::bytes("sa\x00lt"), 4096u, 16u) == [ 16u) == ~[ 0x56_u8, 0xfa_u8, 0x6a_u8, 0xa7_u8, 0x55_u8, 0x48_u8, 0x09_u8, 0x9d_u8, 0xcc_u8, 0x37_u8, 0xd7_u8, 0xf0_u8, 0x34_u8, 0x25_u8, 0xe0_u8, 0xc3_u8 Loading pkey.rs +62 −62 Original line number Diff line number Diff line Loading @@ -2,7 +2,7 @@ import libc::{c_int, c_uint}; export pkeyrole, encrypt, decrypt, sign, verify; export pkey; export _native; export libcrypto; type EVP_PKEY = *libc::c_void; type ANYKEY = *libc::c_void; Loading @@ -10,7 +10,7 @@ type RSA = *libc::c_void; #[link_name = "crypto"] #[abi = "cdecl"] native mod _native { extern mod libcrypto { fn EVP_PKEY_new() -> *EVP_PKEY; fn EVP_PKEY_free(k: *EVP_PKEY); fn EVP_PKEY_assign(k: *EVP_PKEY, t: c_int, inner: *ANYKEY); Loading Loading @@ -53,24 +53,24 @@ iface pkey { #[doc = " Returns a serialized form of the public key, suitable for load_pub(). "] fn save_pub() -> [u8]; fn save_pub() -> ~[u8]; #[doc = " Loads a serialized form of the public key, as produced by save_pub(). "] fn load_pub(s: [u8]); fn load_pub(s: ~[u8]); #[doc = " Returns a serialized form of the public and private keys, suitable for load_priv(). "] fn save_priv() -> [u8]; fn save_priv() -> ~[u8]; #[doc = " Loads a serialized form of the public and private keys, as produced by save_priv(). "] fn load_priv(s: [u8]); fn load_priv(s: ~[u8]); #[doc = "Returns the size of the public key modulus."] fn size() -> uint; Loading @@ -93,24 +93,24 @@ iface pkey { Encrypts data using OAEP padding, returning the encrypted data. The supplied data must not be larger than max_data(). "] fn encrypt(s: [u8]) -> [u8]; fn encrypt(s: ~[u8]) -> ~[u8]; #[doc = " Decrypts data, expecting OAEP padding, returning the decrypted data. "] fn decrypt(s: [u8]) -> [u8]; fn decrypt(s: ~[u8]) -> ~[u8]; #[doc = " Signs data, using OpenSSL's default scheme and sha256. Unlike encrypt(), can process an arbitrary amount of data; returns the signature. "] fn sign(s: [u8]) -> [u8]; fn sign(s: ~[u8]) -> ~[u8]; #[doc = " Verifies a signature s (using OpenSSL's default scheme and sha256) on a message m. Returns true if the signature is valid, and false otherwise. "] fn verify(m: [u8], s: [u8]) -> bool; fn verify(m: ~[u8], s: ~[u8]) -> bool; } fn rsa_to_any(rsa: *RSA) -> *ANYKEY unsafe { Loading @@ -128,12 +128,12 @@ fn pkey() -> pkey { }; fn _tostr(st: pkeystate, f: fn@(*EVP_PKEY, **u8) -> c_int) -> [u8] unsafe { f: fn@(*EVP_PKEY, **u8) -> c_int) -> ~[u8] unsafe { let len = f(st.evp, ptr::null()); if len < 0 as c_int { ret []; } let s: [mut u8] = vec::to_mut(vec::from_elem::<u8>(len as uint, 0u8)); let ps: *u8 = vec::unsafe::to_ptr::<u8>(s); let pps: **u8 = ptr::addr_of(ps); if len < 0 as c_int { ret ~[]; } let s = vec::to_mut(vec::from_elem::<u8>(len as uint, 0u8)); let ps = vec::unsafe::to_ptr::<u8>(s); let pps = ptr::addr_of(ps); let r = f(st.evp, pps); let bytes = vec::slice::<u8>(s, 0u, r as uint); ret bytes; Loading @@ -141,7 +141,7 @@ fn pkey() -> pkey { fn _fromstr(st: pkeystate, f: fn@(c_int, **EVP_PKEY, **u8, c_uint) -> *EVP_PKEY, s: [u8]) unsafe { s: ~[u8]) unsafe { let ps: *u8 = vec::unsafe::to_ptr::<u8>(s); let pps: **u8 = ptr::addr_of(ps); let evp: *EVP_PKEY = ptr::null(); Loading @@ -152,30 +152,30 @@ fn pkey() -> pkey { impl of pkey for pkeystate { fn gen(keysz: uint) unsafe { let rsa = _native::RSA_generate_key(keysz as c_uint, 65537u as c_uint, let rsa = libcrypto::RSA_generate_key(keysz as c_uint, 65537u as c_uint, ptr::null(), ptr::null()); let rsa_ = rsa_to_any(rsa); // XXX: 6 == NID_rsaEncryption _native::EVP_PKEY_assign(self.evp, 6 as c_int, rsa_); libcrypto::EVP_PKEY_assign(self.evp, 6 as c_int, rsa_); self.parts = both; } fn save_pub() -> [u8] { _tostr(self, _native::i2d_PublicKey) fn save_pub() -> ~[u8] { _tostr(self, libcrypto::i2d_PublicKey) } fn load_pub(s: [u8]) { _fromstr(self, _native::d2i_PublicKey, s); fn load_pub(s: ~[u8]) { _fromstr(self, libcrypto::d2i_PublicKey, s); self.parts = public; } fn save_priv() -> [u8] { _tostr(self, _native::i2d_PrivateKey) fn save_priv() -> ~[u8] { _tostr(self, libcrypto::i2d_PrivateKey) } fn load_priv(s: [u8]) { _fromstr(self, _native::d2i_PrivateKey, s); fn load_priv(s: ~[u8]) { _fromstr(self, libcrypto::d2i_PrivateKey, s); self.parts = both; } fn size() -> uint { _native::RSA_size(_native::EVP_PKEY_get1_RSA(self.evp)) as uint libcrypto::RSA_size(libcrypto::EVP_PKEY_get1_RSA(self.evp)) as uint } fn can(r: pkeyrole) -> bool { alt r { Loading @@ -186,65 +186,65 @@ fn pkey() -> pkey { } } fn max_data() -> uint unsafe { let rsa = _native::EVP_PKEY_get1_RSA(self.evp); let len = _native::RSA_size(rsa); let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); // 41 comes from RSA_public_encrypt(3) for OAEP ret len as uint - 41u; } fn encrypt(s: [u8]) -> [u8] unsafe { let rsa = _native::EVP_PKEY_get1_RSA(self.evp); let len = _native::RSA_size(rsa); fn encrypt(s: ~[u8]) -> ~[u8] unsafe { let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); // 41 comes from RSA_public_encrypt(3) for OAEP assert(vec::len(s) < _native::RSA_size(rsa) as uint - 41u); let r: [mut u8] = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8)); let pr: *u8 = vec::unsafe::to_ptr::<u8>(r); let ps: *u8 = vec::unsafe::to_ptr::<u8>(s); assert(vec::len(s) < libcrypto::RSA_size(rsa) as uint - 41u); let r = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8)); let pr = vec::unsafe::to_ptr::<u8>(r); let ps = vec::unsafe::to_ptr::<u8>(s); // XXX: 4 == RSA_PKCS1_OAEP_PADDING let rv = _native::RSA_public_encrypt(vec::len(s) as c_uint, ps, pr, let rv = libcrypto::RSA_public_encrypt(vec::len(s) as c_uint, ps, pr, rsa, 4 as c_int); if rv < 0 as c_int { ret []; } if rv < 0 as c_int { ret ~[]; } ret vec::slice::<u8>(r, 0u, rv as uint); } fn decrypt(s: [u8]) -> [u8] unsafe { let rsa = _native::EVP_PKEY_get1_RSA(self.evp); let len = _native::RSA_size(rsa); assert(vec::len(s) as c_uint == _native::RSA_size(rsa)); let r: [mut u8] = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8)); let pr: *u8 = vec::unsafe::to_ptr::<u8>(r); let ps: *u8 = vec::unsafe::to_ptr::<u8>(s); fn decrypt(s: ~[u8]) -> ~[u8] unsafe { let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); assert(vec::len(s) as c_uint == libcrypto::RSA_size(rsa)); let r = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8)); let pr = vec::unsafe::to_ptr::<u8>(r); let ps = vec::unsafe::to_ptr::<u8>(s); // XXX: 4 == RSA_PKCS1_OAEP_PADDING let rv = _native::RSA_private_decrypt(vec::len(s) as c_uint, ps, let rv = libcrypto::RSA_private_decrypt(vec::len(s) as c_uint, ps, pr, rsa, 4 as c_int); if rv < 0 as c_int { ret []; } if rv < 0 as c_int { ret ~[]; } ret vec::slice::<u8>(r, 0u, rv as uint); } fn sign(s: [u8]) -> [u8] unsafe { let rsa = _native::EVP_PKEY_get1_RSA(self.evp); let len = _native::RSA_size(rsa); let r: [mut u8] = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8)); let pr: *u8 = vec::unsafe::to_ptr::<u8>(r); let ps: *u8 = vec::unsafe::to_ptr::<u8>(s); let plen: *c_uint = ptr::addr_of(len); fn sign(s: ~[u8]) -> ~[u8] unsafe { let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); let r = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8)); let pr = vec::unsafe::to_ptr::<u8>(r); let ps = vec::unsafe::to_ptr::<u8>(s); let plen = ptr::addr_of(len); // XXX: 672 == NID_sha256 let rv = _native::RSA_sign(672 as c_int, ps, let rv = libcrypto::RSA_sign(672 as c_int, ps, vec::len(s) as c_uint, pr, plen, rsa); if rv < 0 as c_int { ret []; } if rv < 0 as c_int { ret ~[]; } ret vec::slice::<u8>(r, 0u, *plen as uint); } fn verify(m: [u8], s: [u8]) -> bool unsafe { let rsa = _native::EVP_PKEY_get1_RSA(self.evp); fn verify(m: ~[u8], s: ~[u8]) -> bool unsafe { let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let pm: *u8 = vec::unsafe::to_ptr::<u8>(m); let ps: *u8 = vec::unsafe::to_ptr::<u8>(s); // XXX: 672 == NID_sha256 let rv = _native::RSA_verify(672 as c_int, pm, let rv = libcrypto::RSA_verify(672 as c_int, pm, vec::len(m) as c_uint, ps, vec::len(s) as c_uint, rsa); ret rv == 1 as c_int; } } let st = { mut evp: _native::EVP_PKEY_new(), mut parts: neither }; let st = { mut evp: libcrypto::EVP_PKEY_new(), mut parts: neither }; let p = st as pkey; ret p; } Loading Loading @@ -291,7 +291,7 @@ mod tests { fn test_encrypt() { let k0 = pkey(); let k1 = pkey(); let msg: [u8] = [0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); let emsg = k1.encrypt(msg); Loading @@ -303,7 +303,7 @@ mod tests { fn test_sign() { let k0 = pkey(); let k1 = pkey(); let msg: [u8] = [0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); let sig = k0.sign(msg); Loading rand.rs +5 −5 Original line number Diff line number Diff line Loading @@ -2,16 +2,16 @@ import libc::{c_uchar, c_int}; #[link_name = "crypto"] #[abi = "cdecl"] native mod _native { extern mod libcrypto { fn RAND_bytes(buf: *c_uchar, num: c_int) -> c_int; } fn rand_bytes(len: uint) -> [u8] { let mut out = []; fn rand_bytes(len: uint) -> ~[u8] { let mut out = ~[]; vec::reserve(out, len); vec::as_buf(out) { |out_buf| let r = _native::RAND_bytes(out_buf, len as c_int); do vec::as_buf(out) |out_buf| { let r = libcrypto::RAND_bytes(out_buf, len as c_int); if r != 1 as c_int { fail } unsafe { vec::unsafe::set_len(out, len); } Loading symm.rs +32 −32 Original line number Diff line number Diff line Loading @@ -6,14 +6,14 @@ export encryptmode, decryptmode; export cryptertype; export aes_256_ecb, aes_256_cbc; export encrypt, decrypt; export _native; export libcrypto; type EVP_CIPHER_CTX = *libc::c_void; type EVP_CIPHER = *libc::c_void; #[link_name = "crypto"] #[abi = "cdecl"] native mod _native { extern mod libcrypto { fn EVP_CIPHER_CTX_new() -> EVP_CIPHER_CTX; fn EVP_CIPHER_CTX_set_padding(ctx: EVP_CIPHER_CTX, padding: c_int); Loading @@ -40,18 +40,18 @@ iface crypter { fn pad(padding: bool); #[doc = "Initializes this crypter."] fn init(mode: cryptermode, key: [u8], iv: [u8]); fn init(mode: cryptermode, key: ~[u8], iv: ~[u8]); #[doc = " Update this crypter with more data to encrypt or decrypt. Returns encrypted or decrypted bytes. "] fn update(data: [u8]) -> [u8]; fn update(data: ~[u8]) -> ~[u8]; #[doc = " Finish crypting. Returns the remaining partial block of output, if any. "] fn final() -> [u8]; fn final() -> ~[u8]; } enum cryptermode { Loading @@ -66,8 +66,8 @@ enum cryptertype { fn evpc(t: cryptertype) -> (EVP_CIPHER, uint, uint) { alt t { aes_256_ecb { (_native::EVP_aes_256_ecb(), 32u, 16u) } aes_256_cbc { (_native::EVP_aes_256_cbc(), 32u, 16u) } aes_256_ecb { (libcrypto::EVP_aes_256_ecb(), 32u, 16u) } aes_256_cbc { (libcrypto::EVP_aes_256_cbc(), 32u, 16u) } } } Loading @@ -82,39 +82,39 @@ fn crypter(t: cryptertype) -> crypter { impl of crypter for crypterstate { fn pad(padding: bool) { let v = if padding { 1 } else { 0} as c_int; _native::EVP_CIPHER_CTX_set_padding(self.ctx, v); libcrypto::EVP_CIPHER_CTX_set_padding(self.ctx, v); } fn init (mode: cryptermode, key: [u8], iv: [u8]) unsafe { fn init (mode: cryptermode, key: ~[u8], iv: ~[u8]) unsafe { let m = alt mode { encryptmode { 1 } decryptmode { 0 } } as c_int; assert(vec::len(key) == self.keylen); let pkey: *u8 = vec::unsafe::to_ptr::<u8>(key); let piv: *u8 = vec::unsafe::to_ptr::<u8>(iv); _native::EVP_CipherInit(self.ctx, self.evp, pkey, piv, m); libcrypto::EVP_CipherInit(self.ctx, self.evp, pkey, piv, m); } fn update(data: [u8]) -> [u8] unsafe { let pdata: *u8 = vec::unsafe::to_ptr::<u8>(data); let datalen: u32 = vec::len(data) as u32; let reslen: u32 = datalen + (self.blocksize as u32); let preslen: *u32 = ptr::addr_of(reslen); let res: [mut u8] = vec::to_mut(vec::from_elem::<u8>(reslen as uint, 0u8)); let pres: *u8 = vec::unsafe::to_ptr::<u8>(res); _native::EVP_CipherUpdate(self.ctx, pres, preslen, pdata, datalen); fn update(data: ~[u8]) -> ~[u8] unsafe { let pdata = vec::unsafe::to_ptr::<u8>(data); let datalen = vec::len(data) as u32; let reslen = datalen + (self.blocksize as u32); let preslen = ptr::addr_of(reslen); let res = vec::to_mut(vec::from_elem::<u8>(reslen as uint, 0u8)); let pres = vec::unsafe::to_ptr::<u8>(res); libcrypto::EVP_CipherUpdate(self.ctx, pres, preslen, pdata, datalen); ret vec::slice::<u8>(res, 0u, *preslen as uint); } fn final() -> [u8] unsafe { let reslen: u32 = self.blocksize as u32; let preslen: *u32 = ptr::addr_of(reslen); let res: [mut u8] = vec::to_mut(vec::from_elem::<u8>(reslen as uint, 0u8)); let pres: *u8 = vec::unsafe::to_ptr::<u8>(res); _native::EVP_CipherFinal(self.ctx, pres, preslen); fn final() -> ~[u8] unsafe { let reslen = self.blocksize as u32; let preslen = ptr::addr_of(reslen); let res = vec::to_mut(vec::from_elem::<u8>(reslen as uint, 0u8)); let pres = vec::unsafe::to_ptr::<u8>(res); libcrypto::EVP_CipherFinal(self.ctx, pres, preslen); ret vec::slice::<u8>(res, 0u, *preslen as uint); } } let ctx = _native::EVP_CIPHER_CTX_new(); let ctx = libcrypto::EVP_CIPHER_CTX_new(); let (evp, keylen, blocksz) = evpc(t); let st = { evp: evp, ctx: ctx, keylen: keylen, blocksize: blocksz }; let h = st as crypter; Loading @@ -125,7 +125,7 @@ fn crypter(t: cryptertype) -> crypter { Encrypts data, using the specified crypter type in encrypt mode with the specified key and iv; returns the resulting (encrypted) data. "] fn encrypt(t: cryptertype, key: [u8], iv: [u8], data: [u8]) -> [u8] { fn encrypt(t: cryptertype, key: ~[u8], iv: ~[u8], data: ~[u8]) -> ~[u8] { let c = crypter(t); c.init(encryptmode, key, iv); let r = c.update(data); Loading @@ -137,7 +137,7 @@ fn encrypt(t: cryptertype, key: [u8], iv: [u8], data: [u8]) -> [u8] { Decrypts data, using the specified crypter type in decrypt mode with the specified key and iv; returns the resulting (decrypted) data. "] fn decrypt(t: cryptertype, key: [u8], iv: [u8], data: [u8]) -> [u8] { fn decrypt(t: cryptertype, key: ~[u8], iv: ~[u8], data: ~[u8]) -> ~[u8] { let c = crypter(t); c.init(decryptmode, key, iv); let r = c.update(data); Loading @@ -152,22 +152,22 @@ mod tests { #[test] fn test_aes_256_ecb() { let k0 = [ 0x00u8, 0x01u8, 0x02u8, 0x03u8, 0x04u8, 0x05u8, 0x06u8, 0x07u8, ~[ 0x00u8, 0x01u8, 0x02u8, 0x03u8, 0x04u8, 0x05u8, 0x06u8, 0x07u8, 0x08u8, 0x09u8, 0x0au8, 0x0bu8, 0x0cu8, 0x0du8, 0x0eu8, 0x0fu8, 0x10u8, 0x11u8, 0x12u8, 0x13u8, 0x14u8, 0x15u8, 0x16u8, 0x17u8, 0x18u8, 0x19u8, 0x1au8, 0x1bu8, 0x1cu8, 0x1du8, 0x1eu8, 0x1fu8 ]; let p0 = [ 0x00u8, 0x11u8, 0x22u8, 0x33u8, 0x44u8, 0x55u8, 0x66u8, 0x77u8, ~[ 0x00u8, 0x11u8, 0x22u8, 0x33u8, 0x44u8, 0x55u8, 0x66u8, 0x77u8, 0x88u8, 0x99u8, 0xaau8, 0xbbu8, 0xccu8, 0xddu8, 0xeeu8, 0xffu8 ]; let c0 = [ 0x8eu8, 0xa2u8, 0xb7u8, 0xcau8, 0x51u8, 0x67u8, 0x45u8, 0xbfu8, ~[ 0x8eu8, 0xa2u8, 0xb7u8, 0xcau8, 0x51u8, 0x67u8, 0x45u8, 0xbfu8, 0xeau8, 0xfcu8, 0x49u8, 0x90u8, 0x4bu8, 0x49u8, 0x60u8, 0x89u8 ]; let c = crypter(aes_256_ecb); c.init(encryptmode, k0, []); c.init(encryptmode, k0, ~[]); c.pad(false); let r0 = c.update(p0) + c.final(); assert(r0 == c0); c.init(decryptmode, k0, []); c.init(decryptmode, k0, ~[]); c.pad(false); let p1 = c.update(r0) + c.final(); assert(p1 == p0); Loading Loading
hash.rs +25 −25 Original line number Diff line number Diff line Loading @@ -3,7 +3,7 @@ import libc::c_uint; export hasher; export hashtype; export hash; export _native; export libcrypto; export md5, sha1, sha224, sha256, sha384, sha512; Loading @@ -12,13 +12,13 @@ iface hasher { fn init(); #[doc = "Update this hasher with more input bytes"] fn update([u8]); fn update(~[u8]); #[doc = " Return the digest of all bytes added to this hasher since its last initialization "] fn final() -> [u8]; fn final() -> ~[u8]; } enum hashtype { Loading @@ -35,7 +35,7 @@ type EVP_MD = *libc::c_void; #[link_name = "crypto"] #[abi = "cdecl"] native mod _native { extern mod libcrypto { fn EVP_MD_CTX_create() -> EVP_MD_CTX; fn EVP_md5() -> EVP_MD; Loading @@ -52,12 +52,12 @@ native mod _native { fn evpmd(t: hashtype) -> (EVP_MD, uint) { alt t { md5 { (_native::EVP_md5(), 16u) } sha1 { (_native::EVP_sha1(), 20u) } sha224 { (_native::EVP_sha224(), 28u) } sha256 { (_native::EVP_sha256(), 32u) } sha384 { (_native::EVP_sha384(), 48u) } sha512 { (_native::EVP_sha512(), 64u) } md5 { (libcrypto::EVP_md5(), 16u) } sha1 { (libcrypto::EVP_sha1(), 20u) } sha224 { (libcrypto::EVP_sha224(), 28u) } sha256 { (libcrypto::EVP_sha256(), 32u) } sha384 { (libcrypto::EVP_sha384(), 48u) } sha512 { (libcrypto::EVP_sha512(), 64u) } } } Loading @@ -70,23 +70,23 @@ fn hasher(ht: hashtype) -> hasher { impl of hasher for hasherstate { fn init() unsafe { _native::EVP_DigestInit(self.ctx, self.evp); libcrypto::EVP_DigestInit(self.ctx, self.evp); } fn update(data: [u8]) unsafe { fn update(data: ~[u8]) unsafe { let pdata: *u8 = vec::unsafe::to_ptr::<u8>(data); _native::EVP_DigestUpdate(self.ctx, pdata, vec::len(data) as c_uint); libcrypto::EVP_DigestUpdate(self.ctx, pdata, vec::len(data) as c_uint); } fn final() -> [u8] unsafe { let res: [mut u8] = vec::to_mut(vec::from_elem::<u8>(self.len, 0u8)); let pres: *u8 = vec::unsafe::to_ptr::<u8>(res); _native::EVP_DigestFinal(self.ctx, pres, ptr::null::<u32>()); fn final() -> ~[u8] unsafe { let res = vec::to_mut(vec::from_elem::<u8>(self.len, 0u8)); let pres = vec::unsafe::to_ptr::<u8>(res); libcrypto::EVP_DigestFinal(self.ctx, pres, ptr::null::<u32>()); vec::from_mut::<u8>(res) } } let ctx = _native::EVP_MD_CTX_create(); let ctx = libcrypto::EVP_MD_CTX_create(); let (evp, mdlen) = evpmd(ht); let st = { evp: evp, ctx: ctx, len: mdlen }; let h = st as hasher; Loading @@ -97,7 +97,7 @@ fn hasher(ht: hashtype) -> hasher { #[doc = " Hashes the supplied input data using hash t, returning the resulting hash value "] fn hash(t: hashtype, data: [u8]) -> [u8] unsafe { fn hash(t: hashtype, data: ~[u8]) -> ~[u8] unsafe { let h = hasher(t); h.init(); h.update(data); Loading @@ -109,18 +109,18 @@ mod tests { // Test vectors from http://www.nsrl.nist.gov/testdata/ #[test] fn test_md5() { let s0 = [0x61u8, 0x62u8, 0x63u8]; let s0 = ~[0x61u8, 0x62u8, 0x63u8]; let d0 = [0x90u8, 0x01u8, 0x50u8, 0x98u8, 0x3cu8, 0xd2u8, 0x4fu8, 0xb0u8, ~[0x90u8, 0x01u8, 0x50u8, 0x98u8, 0x3cu8, 0xd2u8, 0x4fu8, 0xb0u8, 0xd6u8, 0x96u8, 0x3fu8, 0x7du8, 0x28u8, 0xe1u8, 0x7fu8, 0x72u8]; assert(hash(md5, s0) == d0); } #[test] fn test_sha1() { let s0 = [0x61u8, 0x62u8, 0x63u8]; let s0 = ~[0x61u8, 0x62u8, 0x63u8]; let d0 = [0xa9u8, 0x99u8, 0x3eu8, 0x36u8, 0x47u8, 0x06u8, 0x81u8, 0x6au8, ~[0xa9u8, 0x99u8, 0x3eu8, 0x36u8, 0x47u8, 0x06u8, 0x81u8, 0x6au8, 0xbau8, 0x3eu8, 0x25u8, 0x71u8, 0x78u8, 0x50u8, 0xc2u8, 0x6cu8, 0x9cu8, 0xd0u8, 0xd8u8, 0x9du8]; assert(hash(sha1, s0) == d0); Loading @@ -128,9 +128,9 @@ mod tests { #[test] fn test_sha256() { let s0 = [0x61u8, 0x62u8, 0x63u8]; let s0 = ~[0x61u8, 0x62u8, 0x63u8]; let d0 = [0xbau8, 0x78u8, 0x16u8, 0xbfu8, 0x8fu8, 0x01u8, 0xcfu8, 0xeau8, ~[0xbau8, 0x78u8, 0x16u8, 0xbfu8, 0x8fu8, 0x01u8, 0xcfu8, 0xeau8, 0x41u8, 0x41u8, 0x40u8, 0xdeu8, 0x5du8, 0xaeu8, 0x22u8, 0x23u8, 0xb0u8, 0x03u8, 0x61u8, 0xa3u8, 0x96u8, 0x17u8, 0x7au8, 0x9cu8, 0xb4u8, 0x10u8, 0xffu8, 0x61u8, 0xf2u8, 0x00u8, 0x15u8, 0xadu8]; Loading
pkcs5.rs +13 −13 Original line number Diff line number Diff line Loading @@ -2,7 +2,7 @@ import libc::{c_char, c_uchar, c_int}; #[link_name = "crypto"] #[abi = "cdecl"] native mod _native { extern mod libcrypto { fn PKCS5_PBKDF2_HMAC_SHA1(pass: *c_char, passlen: c_int, salt: *c_uchar, saltlen: c_int, iter: c_int, keylen: c_int, Loading @@ -12,17 +12,17 @@ native mod _native { #[doc = " Derives a key from a password and salt using the PBKDF2-HMAC-SHA1 algorithm. "] fn pbkdf2_hmac_sha1(pass: str, salt: [u8], iter: uint, keylen: uint) -> [u8] { fn pbkdf2_hmac_sha1(pass: str, salt: ~[u8], iter: uint, keylen: uint) -> ~[u8] { assert iter >= 1u; assert keylen >= 1u; str::as_c_str(pass) { |pass_buf| vec::as_buf(salt) { |salt_buf| let mut out = []; do str::as_c_str(pass) |pass_buf| { do vec::as_buf(salt) |salt_buf| { let mut out = ~[]; vec::reserve(out, keylen); vec::as_buf(out) { |out_buf| let r = _native::PKCS5_PBKDF2_HMAC_SHA1( do vec::as_buf(out) |out_buf| { let r = libcrypto::PKCS5_PBKDF2_HMAC_SHA1( pass_buf, str::len(pass) as c_int, salt_buf, vec::len(salt) as c_int, iter as c_int, keylen as c_int, Loading @@ -44,27 +44,27 @@ mod tests { // http://tools.ietf.org/html/draft-josefsson-pbkdf2-test-vectors-06 #[test] fn test_pbkdf2_hmac_sha1() { assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 1u, 20u) == [ assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 1u, 20u) == ~[ 0x0c_u8, 0x60_u8, 0xc8_u8, 0x0f_u8, 0x96_u8, 0x1f_u8, 0x0e_u8, 0x71_u8, 0xf3_u8, 0xa9_u8, 0xb5_u8, 0x24_u8, 0xaf_u8, 0x60_u8, 0x12_u8, 0x06_u8, 0x2f_u8, 0xe0_u8, 0x37_u8, 0xa6_u8 ]; assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 2u, 20u) == [ assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 2u, 20u) == ~[ 0xea_u8, 0x6c_u8, 0x01_u8, 0x4d_u8, 0xc7_u8, 0x2d_u8, 0x6f_u8, 0x8c_u8, 0xcd_u8, 0x1e_u8, 0xd9_u8, 0x2a_u8, 0xce_u8, 0x1d_u8, 0x41_u8, 0xf0_u8, 0xd8_u8, 0xde_u8, 0x89_u8, 0x57_u8 ]; assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 4096u, 20u) == [ 20u) == ~[ 0x4b_u8, 0x00_u8, 0x79_u8, 0x01_u8, 0xb7_u8, 0x65_u8, 0x48_u8, 0x9a_u8, 0xbe_u8, 0xad_u8, 0x49_u8, 0xd9_u8, 0x26_u8, 0xf7_u8, 0x21_u8, 0xd0_u8, 0x65_u8, 0xa4_u8, 0x29_u8, 0xc1_u8 ]; assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 16777216u, 20u) == [ 20u) == ~[ 0xee_u8, 0xfe_u8, 0x3d_u8, 0x61_u8, 0xcd_u8, 0x4d_u8, 0xa4_u8, 0xe4_u8, 0xe9_u8, 0x94_u8, 0x5b_u8, 0x3d_u8, 0x6b_u8, 0xa2_u8, 0x15_u8, 0x8c_u8, 0x26_u8, 0x34_u8, 0xe9_u8, 0x84_u8 Loading @@ -73,7 +73,7 @@ mod tests { assert pbkdf2_hmac_sha1( "passwordPASSWORDpassword", str::bytes("saltSALTsaltSALTsaltSALTsaltSALTsalt"), 4096u, 25u) == [ 4096u, 25u) == ~[ 0x3d_u8, 0x2e_u8, 0xec_u8, 0x4f_u8, 0xe4_u8, 0x1c_u8, 0x84_u8, 0x9b_u8, 0x80_u8, 0xc8_u8, 0xd8_u8, 0x36_u8, 0x62_u8, 0xc0_u8, 0xe4_u8, 0x4a_u8, 0x8b_u8, 0x29_u8, 0x1a_u8, 0x96_u8, 0x4c_u8, Loading @@ -81,7 +81,7 @@ mod tests { ]; assert pbkdf2_hmac_sha1("pass\x00word", str::bytes("sa\x00lt"), 4096u, 16u) == [ 16u) == ~[ 0x56_u8, 0xfa_u8, 0x6a_u8, 0xa7_u8, 0x55_u8, 0x48_u8, 0x09_u8, 0x9d_u8, 0xcc_u8, 0x37_u8, 0xd7_u8, 0xf0_u8, 0x34_u8, 0x25_u8, 0xe0_u8, 0xc3_u8 Loading
pkey.rs +62 −62 Original line number Diff line number Diff line Loading @@ -2,7 +2,7 @@ import libc::{c_int, c_uint}; export pkeyrole, encrypt, decrypt, sign, verify; export pkey; export _native; export libcrypto; type EVP_PKEY = *libc::c_void; type ANYKEY = *libc::c_void; Loading @@ -10,7 +10,7 @@ type RSA = *libc::c_void; #[link_name = "crypto"] #[abi = "cdecl"] native mod _native { extern mod libcrypto { fn EVP_PKEY_new() -> *EVP_PKEY; fn EVP_PKEY_free(k: *EVP_PKEY); fn EVP_PKEY_assign(k: *EVP_PKEY, t: c_int, inner: *ANYKEY); Loading Loading @@ -53,24 +53,24 @@ iface pkey { #[doc = " Returns a serialized form of the public key, suitable for load_pub(). "] fn save_pub() -> [u8]; fn save_pub() -> ~[u8]; #[doc = " Loads a serialized form of the public key, as produced by save_pub(). "] fn load_pub(s: [u8]); fn load_pub(s: ~[u8]); #[doc = " Returns a serialized form of the public and private keys, suitable for load_priv(). "] fn save_priv() -> [u8]; fn save_priv() -> ~[u8]; #[doc = " Loads a serialized form of the public and private keys, as produced by save_priv(). "] fn load_priv(s: [u8]); fn load_priv(s: ~[u8]); #[doc = "Returns the size of the public key modulus."] fn size() -> uint; Loading @@ -93,24 +93,24 @@ iface pkey { Encrypts data using OAEP padding, returning the encrypted data. The supplied data must not be larger than max_data(). "] fn encrypt(s: [u8]) -> [u8]; fn encrypt(s: ~[u8]) -> ~[u8]; #[doc = " Decrypts data, expecting OAEP padding, returning the decrypted data. "] fn decrypt(s: [u8]) -> [u8]; fn decrypt(s: ~[u8]) -> ~[u8]; #[doc = " Signs data, using OpenSSL's default scheme and sha256. Unlike encrypt(), can process an arbitrary amount of data; returns the signature. "] fn sign(s: [u8]) -> [u8]; fn sign(s: ~[u8]) -> ~[u8]; #[doc = " Verifies a signature s (using OpenSSL's default scheme and sha256) on a message m. Returns true if the signature is valid, and false otherwise. "] fn verify(m: [u8], s: [u8]) -> bool; fn verify(m: ~[u8], s: ~[u8]) -> bool; } fn rsa_to_any(rsa: *RSA) -> *ANYKEY unsafe { Loading @@ -128,12 +128,12 @@ fn pkey() -> pkey { }; fn _tostr(st: pkeystate, f: fn@(*EVP_PKEY, **u8) -> c_int) -> [u8] unsafe { f: fn@(*EVP_PKEY, **u8) -> c_int) -> ~[u8] unsafe { let len = f(st.evp, ptr::null()); if len < 0 as c_int { ret []; } let s: [mut u8] = vec::to_mut(vec::from_elem::<u8>(len as uint, 0u8)); let ps: *u8 = vec::unsafe::to_ptr::<u8>(s); let pps: **u8 = ptr::addr_of(ps); if len < 0 as c_int { ret ~[]; } let s = vec::to_mut(vec::from_elem::<u8>(len as uint, 0u8)); let ps = vec::unsafe::to_ptr::<u8>(s); let pps = ptr::addr_of(ps); let r = f(st.evp, pps); let bytes = vec::slice::<u8>(s, 0u, r as uint); ret bytes; Loading @@ -141,7 +141,7 @@ fn pkey() -> pkey { fn _fromstr(st: pkeystate, f: fn@(c_int, **EVP_PKEY, **u8, c_uint) -> *EVP_PKEY, s: [u8]) unsafe { s: ~[u8]) unsafe { let ps: *u8 = vec::unsafe::to_ptr::<u8>(s); let pps: **u8 = ptr::addr_of(ps); let evp: *EVP_PKEY = ptr::null(); Loading @@ -152,30 +152,30 @@ fn pkey() -> pkey { impl of pkey for pkeystate { fn gen(keysz: uint) unsafe { let rsa = _native::RSA_generate_key(keysz as c_uint, 65537u as c_uint, let rsa = libcrypto::RSA_generate_key(keysz as c_uint, 65537u as c_uint, ptr::null(), ptr::null()); let rsa_ = rsa_to_any(rsa); // XXX: 6 == NID_rsaEncryption _native::EVP_PKEY_assign(self.evp, 6 as c_int, rsa_); libcrypto::EVP_PKEY_assign(self.evp, 6 as c_int, rsa_); self.parts = both; } fn save_pub() -> [u8] { _tostr(self, _native::i2d_PublicKey) fn save_pub() -> ~[u8] { _tostr(self, libcrypto::i2d_PublicKey) } fn load_pub(s: [u8]) { _fromstr(self, _native::d2i_PublicKey, s); fn load_pub(s: ~[u8]) { _fromstr(self, libcrypto::d2i_PublicKey, s); self.parts = public; } fn save_priv() -> [u8] { _tostr(self, _native::i2d_PrivateKey) fn save_priv() -> ~[u8] { _tostr(self, libcrypto::i2d_PrivateKey) } fn load_priv(s: [u8]) { _fromstr(self, _native::d2i_PrivateKey, s); fn load_priv(s: ~[u8]) { _fromstr(self, libcrypto::d2i_PrivateKey, s); self.parts = both; } fn size() -> uint { _native::RSA_size(_native::EVP_PKEY_get1_RSA(self.evp)) as uint libcrypto::RSA_size(libcrypto::EVP_PKEY_get1_RSA(self.evp)) as uint } fn can(r: pkeyrole) -> bool { alt r { Loading @@ -186,65 +186,65 @@ fn pkey() -> pkey { } } fn max_data() -> uint unsafe { let rsa = _native::EVP_PKEY_get1_RSA(self.evp); let len = _native::RSA_size(rsa); let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); // 41 comes from RSA_public_encrypt(3) for OAEP ret len as uint - 41u; } fn encrypt(s: [u8]) -> [u8] unsafe { let rsa = _native::EVP_PKEY_get1_RSA(self.evp); let len = _native::RSA_size(rsa); fn encrypt(s: ~[u8]) -> ~[u8] unsafe { let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); // 41 comes from RSA_public_encrypt(3) for OAEP assert(vec::len(s) < _native::RSA_size(rsa) as uint - 41u); let r: [mut u8] = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8)); let pr: *u8 = vec::unsafe::to_ptr::<u8>(r); let ps: *u8 = vec::unsafe::to_ptr::<u8>(s); assert(vec::len(s) < libcrypto::RSA_size(rsa) as uint - 41u); let r = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8)); let pr = vec::unsafe::to_ptr::<u8>(r); let ps = vec::unsafe::to_ptr::<u8>(s); // XXX: 4 == RSA_PKCS1_OAEP_PADDING let rv = _native::RSA_public_encrypt(vec::len(s) as c_uint, ps, pr, let rv = libcrypto::RSA_public_encrypt(vec::len(s) as c_uint, ps, pr, rsa, 4 as c_int); if rv < 0 as c_int { ret []; } if rv < 0 as c_int { ret ~[]; } ret vec::slice::<u8>(r, 0u, rv as uint); } fn decrypt(s: [u8]) -> [u8] unsafe { let rsa = _native::EVP_PKEY_get1_RSA(self.evp); let len = _native::RSA_size(rsa); assert(vec::len(s) as c_uint == _native::RSA_size(rsa)); let r: [mut u8] = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8)); let pr: *u8 = vec::unsafe::to_ptr::<u8>(r); let ps: *u8 = vec::unsafe::to_ptr::<u8>(s); fn decrypt(s: ~[u8]) -> ~[u8] unsafe { let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); assert(vec::len(s) as c_uint == libcrypto::RSA_size(rsa)); let r = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8)); let pr = vec::unsafe::to_ptr::<u8>(r); let ps = vec::unsafe::to_ptr::<u8>(s); // XXX: 4 == RSA_PKCS1_OAEP_PADDING let rv = _native::RSA_private_decrypt(vec::len(s) as c_uint, ps, let rv = libcrypto::RSA_private_decrypt(vec::len(s) as c_uint, ps, pr, rsa, 4 as c_int); if rv < 0 as c_int { ret []; } if rv < 0 as c_int { ret ~[]; } ret vec::slice::<u8>(r, 0u, rv as uint); } fn sign(s: [u8]) -> [u8] unsafe { let rsa = _native::EVP_PKEY_get1_RSA(self.evp); let len = _native::RSA_size(rsa); let r: [mut u8] = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8)); let pr: *u8 = vec::unsafe::to_ptr::<u8>(r); let ps: *u8 = vec::unsafe::to_ptr::<u8>(s); let plen: *c_uint = ptr::addr_of(len); fn sign(s: ~[u8]) -> ~[u8] unsafe { let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); let r = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8)); let pr = vec::unsafe::to_ptr::<u8>(r); let ps = vec::unsafe::to_ptr::<u8>(s); let plen = ptr::addr_of(len); // XXX: 672 == NID_sha256 let rv = _native::RSA_sign(672 as c_int, ps, let rv = libcrypto::RSA_sign(672 as c_int, ps, vec::len(s) as c_uint, pr, plen, rsa); if rv < 0 as c_int { ret []; } if rv < 0 as c_int { ret ~[]; } ret vec::slice::<u8>(r, 0u, *plen as uint); } fn verify(m: [u8], s: [u8]) -> bool unsafe { let rsa = _native::EVP_PKEY_get1_RSA(self.evp); fn verify(m: ~[u8], s: ~[u8]) -> bool unsafe { let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let pm: *u8 = vec::unsafe::to_ptr::<u8>(m); let ps: *u8 = vec::unsafe::to_ptr::<u8>(s); // XXX: 672 == NID_sha256 let rv = _native::RSA_verify(672 as c_int, pm, let rv = libcrypto::RSA_verify(672 as c_int, pm, vec::len(m) as c_uint, ps, vec::len(s) as c_uint, rsa); ret rv == 1 as c_int; } } let st = { mut evp: _native::EVP_PKEY_new(), mut parts: neither }; let st = { mut evp: libcrypto::EVP_PKEY_new(), mut parts: neither }; let p = st as pkey; ret p; } Loading Loading @@ -291,7 +291,7 @@ mod tests { fn test_encrypt() { let k0 = pkey(); let k1 = pkey(); let msg: [u8] = [0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); let emsg = k1.encrypt(msg); Loading @@ -303,7 +303,7 @@ mod tests { fn test_sign() { let k0 = pkey(); let k1 = pkey(); let msg: [u8] = [0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); let sig = k0.sign(msg); Loading
rand.rs +5 −5 Original line number Diff line number Diff line Loading @@ -2,16 +2,16 @@ import libc::{c_uchar, c_int}; #[link_name = "crypto"] #[abi = "cdecl"] native mod _native { extern mod libcrypto { fn RAND_bytes(buf: *c_uchar, num: c_int) -> c_int; } fn rand_bytes(len: uint) -> [u8] { let mut out = []; fn rand_bytes(len: uint) -> ~[u8] { let mut out = ~[]; vec::reserve(out, len); vec::as_buf(out) { |out_buf| let r = _native::RAND_bytes(out_buf, len as c_int); do vec::as_buf(out) |out_buf| { let r = libcrypto::RAND_bytes(out_buf, len as c_int); if r != 1 as c_int { fail } unsafe { vec::unsafe::set_len(out, len); } Loading
symm.rs +32 −32 Original line number Diff line number Diff line Loading @@ -6,14 +6,14 @@ export encryptmode, decryptmode; export cryptertype; export aes_256_ecb, aes_256_cbc; export encrypt, decrypt; export _native; export libcrypto; type EVP_CIPHER_CTX = *libc::c_void; type EVP_CIPHER = *libc::c_void; #[link_name = "crypto"] #[abi = "cdecl"] native mod _native { extern mod libcrypto { fn EVP_CIPHER_CTX_new() -> EVP_CIPHER_CTX; fn EVP_CIPHER_CTX_set_padding(ctx: EVP_CIPHER_CTX, padding: c_int); Loading @@ -40,18 +40,18 @@ iface crypter { fn pad(padding: bool); #[doc = "Initializes this crypter."] fn init(mode: cryptermode, key: [u8], iv: [u8]); fn init(mode: cryptermode, key: ~[u8], iv: ~[u8]); #[doc = " Update this crypter with more data to encrypt or decrypt. Returns encrypted or decrypted bytes. "] fn update(data: [u8]) -> [u8]; fn update(data: ~[u8]) -> ~[u8]; #[doc = " Finish crypting. Returns the remaining partial block of output, if any. "] fn final() -> [u8]; fn final() -> ~[u8]; } enum cryptermode { Loading @@ -66,8 +66,8 @@ enum cryptertype { fn evpc(t: cryptertype) -> (EVP_CIPHER, uint, uint) { alt t { aes_256_ecb { (_native::EVP_aes_256_ecb(), 32u, 16u) } aes_256_cbc { (_native::EVP_aes_256_cbc(), 32u, 16u) } aes_256_ecb { (libcrypto::EVP_aes_256_ecb(), 32u, 16u) } aes_256_cbc { (libcrypto::EVP_aes_256_cbc(), 32u, 16u) } } } Loading @@ -82,39 +82,39 @@ fn crypter(t: cryptertype) -> crypter { impl of crypter for crypterstate { fn pad(padding: bool) { let v = if padding { 1 } else { 0} as c_int; _native::EVP_CIPHER_CTX_set_padding(self.ctx, v); libcrypto::EVP_CIPHER_CTX_set_padding(self.ctx, v); } fn init (mode: cryptermode, key: [u8], iv: [u8]) unsafe { fn init (mode: cryptermode, key: ~[u8], iv: ~[u8]) unsafe { let m = alt mode { encryptmode { 1 } decryptmode { 0 } } as c_int; assert(vec::len(key) == self.keylen); let pkey: *u8 = vec::unsafe::to_ptr::<u8>(key); let piv: *u8 = vec::unsafe::to_ptr::<u8>(iv); _native::EVP_CipherInit(self.ctx, self.evp, pkey, piv, m); libcrypto::EVP_CipherInit(self.ctx, self.evp, pkey, piv, m); } fn update(data: [u8]) -> [u8] unsafe { let pdata: *u8 = vec::unsafe::to_ptr::<u8>(data); let datalen: u32 = vec::len(data) as u32; let reslen: u32 = datalen + (self.blocksize as u32); let preslen: *u32 = ptr::addr_of(reslen); let res: [mut u8] = vec::to_mut(vec::from_elem::<u8>(reslen as uint, 0u8)); let pres: *u8 = vec::unsafe::to_ptr::<u8>(res); _native::EVP_CipherUpdate(self.ctx, pres, preslen, pdata, datalen); fn update(data: ~[u8]) -> ~[u8] unsafe { let pdata = vec::unsafe::to_ptr::<u8>(data); let datalen = vec::len(data) as u32; let reslen = datalen + (self.blocksize as u32); let preslen = ptr::addr_of(reslen); let res = vec::to_mut(vec::from_elem::<u8>(reslen as uint, 0u8)); let pres = vec::unsafe::to_ptr::<u8>(res); libcrypto::EVP_CipherUpdate(self.ctx, pres, preslen, pdata, datalen); ret vec::slice::<u8>(res, 0u, *preslen as uint); } fn final() -> [u8] unsafe { let reslen: u32 = self.blocksize as u32; let preslen: *u32 = ptr::addr_of(reslen); let res: [mut u8] = vec::to_mut(vec::from_elem::<u8>(reslen as uint, 0u8)); let pres: *u8 = vec::unsafe::to_ptr::<u8>(res); _native::EVP_CipherFinal(self.ctx, pres, preslen); fn final() -> ~[u8] unsafe { let reslen = self.blocksize as u32; let preslen = ptr::addr_of(reslen); let res = vec::to_mut(vec::from_elem::<u8>(reslen as uint, 0u8)); let pres = vec::unsafe::to_ptr::<u8>(res); libcrypto::EVP_CipherFinal(self.ctx, pres, preslen); ret vec::slice::<u8>(res, 0u, *preslen as uint); } } let ctx = _native::EVP_CIPHER_CTX_new(); let ctx = libcrypto::EVP_CIPHER_CTX_new(); let (evp, keylen, blocksz) = evpc(t); let st = { evp: evp, ctx: ctx, keylen: keylen, blocksize: blocksz }; let h = st as crypter; Loading @@ -125,7 +125,7 @@ fn crypter(t: cryptertype) -> crypter { Encrypts data, using the specified crypter type in encrypt mode with the specified key and iv; returns the resulting (encrypted) data. "] fn encrypt(t: cryptertype, key: [u8], iv: [u8], data: [u8]) -> [u8] { fn encrypt(t: cryptertype, key: ~[u8], iv: ~[u8], data: ~[u8]) -> ~[u8] { let c = crypter(t); c.init(encryptmode, key, iv); let r = c.update(data); Loading @@ -137,7 +137,7 @@ fn encrypt(t: cryptertype, key: [u8], iv: [u8], data: [u8]) -> [u8] { Decrypts data, using the specified crypter type in decrypt mode with the specified key and iv; returns the resulting (decrypted) data. "] fn decrypt(t: cryptertype, key: [u8], iv: [u8], data: [u8]) -> [u8] { fn decrypt(t: cryptertype, key: ~[u8], iv: ~[u8], data: ~[u8]) -> ~[u8] { let c = crypter(t); c.init(decryptmode, key, iv); let r = c.update(data); Loading @@ -152,22 +152,22 @@ mod tests { #[test] fn test_aes_256_ecb() { let k0 = [ 0x00u8, 0x01u8, 0x02u8, 0x03u8, 0x04u8, 0x05u8, 0x06u8, 0x07u8, ~[ 0x00u8, 0x01u8, 0x02u8, 0x03u8, 0x04u8, 0x05u8, 0x06u8, 0x07u8, 0x08u8, 0x09u8, 0x0au8, 0x0bu8, 0x0cu8, 0x0du8, 0x0eu8, 0x0fu8, 0x10u8, 0x11u8, 0x12u8, 0x13u8, 0x14u8, 0x15u8, 0x16u8, 0x17u8, 0x18u8, 0x19u8, 0x1au8, 0x1bu8, 0x1cu8, 0x1du8, 0x1eu8, 0x1fu8 ]; let p0 = [ 0x00u8, 0x11u8, 0x22u8, 0x33u8, 0x44u8, 0x55u8, 0x66u8, 0x77u8, ~[ 0x00u8, 0x11u8, 0x22u8, 0x33u8, 0x44u8, 0x55u8, 0x66u8, 0x77u8, 0x88u8, 0x99u8, 0xaau8, 0xbbu8, 0xccu8, 0xddu8, 0xeeu8, 0xffu8 ]; let c0 = [ 0x8eu8, 0xa2u8, 0xb7u8, 0xcau8, 0x51u8, 0x67u8, 0x45u8, 0xbfu8, ~[ 0x8eu8, 0xa2u8, 0xb7u8, 0xcau8, 0x51u8, 0x67u8, 0x45u8, 0xbfu8, 0xeau8, 0xfcu8, 0x49u8, 0x90u8, 0x4bu8, 0x49u8, 0x60u8, 0x89u8 ]; let c = crypter(aes_256_ecb); c.init(encryptmode, k0, []); c.init(encryptmode, k0, ~[]); c.pad(false); let r0 = c.update(p0) + c.final(); assert(r0 == c0); c.init(decryptmode, k0, []); c.init(decryptmode, k0, ~[]); c.pad(false); let p1 = c.update(r0) + c.final(); assert(p1 == p0); Loading
