Loading openssl-sys/src/evp.rs +1 −0 Original line number Diff line number Diff line Loading @@ -39,6 +39,7 @@ cfg_if! { pub fn EVP_CIPHER_get_block_size(cipher: *const EVP_CIPHER) -> c_int; pub fn EVP_CIPHER_get_iv_length(cipher: *const EVP_CIPHER) -> c_int; pub fn EVP_CIPHER_get_nid(cipher: *const EVP_CIPHER) -> c_int; pub fn EVP_CIPHER_free(cipher: *mut EVP_CIPHER); pub fn EVP_CIPHER_CTX_get0_cipher(ctx: *const EVP_CIPHER_CTX) -> *const EVP_CIPHER; pub fn EVP_CIPHER_CTX_get_block_size(ctx: *const EVP_CIPHER_CTX) -> c_int; Loading openssl/src/cipher.rs 0 → 100644 +352 −0 Original line number Diff line number Diff line //! Symmetric ciphers. use crate::nid::Nid; use cfg_if::cfg_if; use foreign_types::{ForeignType, ForeignTypeRef, Opaque}; use std::ops::{Deref, DerefMut}; cfg_if! { if #[cfg(any(ossl110, libressl273))] { use ffi::{EVP_CIPHER_block_size, EVP_CIPHER_iv_length, EVP_CIPHER_key_length}; } else { #[allow(bad_style)] pub unsafe fn EVP_CIPHER_iv_length(ptr: *const ffi::EVP_CIPHER) -> c_int { (*ptr).iv_len } #[allow(bad_style)] pub unsafe fn EVP_CIPHER_block_size(ptr: *const ffi::EVP_CIPHER) -> c_int { (*ptr).block_size } #[allow(bad_style)] pub unsafe fn EVP_CIPHER_key_length(ptr: *const ffi::EVP_CIPHER) -> c_int { (*ptr).key_len } } } cfg_if! { if #[cfg(ossl300)] { type Inner = *mut ffi::EVP_CIPHER; impl Drop for Cipher { #[inline] fn drop(&mut self) { unsafe { ffi::EVP_CIPHER_free(self.as_ptr()); } } } impl ForeignType for Cipher { type CType = ffi::EVP_CIPHER; type Ref = CipherRef; #[inline] unsafe fn from_ptr(ptr: *mut Self::CType) -> Self { Cipher(ptr) } #[inline] fn as_ptr(&self) -> *mut Self::CType { self.0 } } impl Deref for Cipher { type Target = CipherRef; #[inline] fn deref(&self) -> &Self::Target { unsafe { CipherRef::from_ptr(self.as_ptr()) } } } impl DerefMut for Cipher { #[inline] fn deref_mut(&mut self) -> &mut Self::Target { unsafe { CipherRef::from_ptr_mut(self.as_ptr()) } } } } else { enum Inner {} } } /// A symmetric cipher. pub struct Cipher(Inner); unsafe impl Sync for Cipher {} unsafe impl Send for Cipher {} impl Cipher { /// Looks up the cipher for a certain nid. /// /// This corresponds to [`EVP_get_cipherbynid`] /// /// [`EVP_get_cipherbynid`]: https://www.openssl.org/docs/man1.0.2/crypto/EVP_get_cipherbyname.html pub fn from_nid(nid: Nid) -> Option<&'static CipherRef> { unsafe { let ptr = ffi::EVP_get_cipherbyname(ffi::OBJ_nid2sn(nid.as_raw())); if ptr.is_null() { None } else { Some(CipherRef::from_ptr(ptr as *mut _)) } } } pub fn aes_128_ecb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ecb() as *mut _) } } pub fn aes_128_cbc() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cbc() as *mut _) } } pub fn aes_128_xts() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_xts() as *mut _) } } pub fn aes_128_ctr() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ctr() as *mut _) } } pub fn aes_128_cfb1() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb1() as *mut _) } } pub fn aes_128_cfb128() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb128() as *mut _) } } pub fn aes_128_cfb8() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb8() as *mut _) } } pub fn aes_128_gcm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_gcm() as *mut _) } } pub fn aes_128_ccm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ccm() as *mut _) } } pub fn aes_128_ofb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ofb() as *mut _) } } /// Requires OpenSSL 1.1.0 or newer. #[cfg(ossl110)] pub fn aes_128_ocb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ocb() as *mut _) } } pub fn aes_192_ecb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ecb() as *mut _) } } pub fn aes_192_cbc() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cbc() as *mut _) } } pub fn aes_192_ctr() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ctr() as *mut _) } } pub fn aes_192_cfb1() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb1() as *mut _) } } pub fn aes_192_cfb128() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb128() as *mut _) } } pub fn aes_192_cfb8() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb8() as *mut _) } } pub fn aes_192_gcm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_gcm() as *mut _) } } pub fn aes_192_ccm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ccm() as *mut _) } } pub fn aes_192_ofb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ofb() as *mut _) } } /// Requires OpenSSL 1.1.0 or newer. #[cfg(ossl110)] pub fn aes_192_ocb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ocb() as *mut _) } } pub fn aes_256_ecb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ecb() as *mut _) } } pub fn aes_256_cbc() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cbc() as *mut _) } } pub fn aes_256_ctr() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ctr() as *mut _) } } pub fn aes_256_cfb1() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb1() as *mut _) } } pub fn aes_256_cfb128() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb128() as *mut _) } } pub fn aes_256_cfb8() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb8() as *mut _) } } pub fn aes_256_gcm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_gcm() as *mut _) } } pub fn aes_256_ccm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ccm() as *mut _) } } pub fn aes_256_ofb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ofb() as *mut _) } } /// Requires OpenSSL 1.1.0 or newer. #[cfg(ossl110)] pub fn aes_256_ocb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ocb() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_BF"))] pub fn bf_cbc() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_bf_cbc() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_BF"))] pub fn bf_ecb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_bf_ecb() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_BF"))] pub fn bf_cfb64() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_bf_cfb64() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_BF"))] pub fn bf_ofb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_bf_ofb() as *mut _) } } pub fn des_cbc() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_des_cbc() as *mut _) } } pub fn des_ecb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_des_ecb() as *mut _) } } pub fn des_ede3() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_des_ede3() as *mut _) } } pub fn des_ede3_cbc() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_des_ede3_cbc() as *mut _) } } pub fn des_ede3_cfb64() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_des_ede3_cfb64() as *mut _) } } pub fn rc4() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_rc4() as *mut _) } } #[cfg(all(ossl110, not(osslconf = "OPENSSL_NO_CHACHA")))] pub fn chacha20() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_chacha20() as *mut _) } } #[cfg(all(ossl110, not(osslconf = "OPENSSL_NO_CHACHA")))] pub fn chacha20_poly1305() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_chacha20_poly1305() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] pub fn seed_cbc() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_seed_cbc() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] pub fn seed_cfb128() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_seed_cfb128() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] pub fn seed_ecb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_seed_ecb() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] pub fn seed_ofb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_seed_ofb() as *mut _) } } } /// A reference to a [`Cipher`]. pub struct CipherRef(Opaque); impl ForeignTypeRef for CipherRef { type CType = ffi::EVP_CIPHER; } unsafe impl Sync for CipherRef {} unsafe impl Send for CipherRef {} impl CipherRef { /// Returns the cipher's Nid. /// /// This corresponds to [`EVP_CIPHER_nid`] /// /// [`EVP_CIPHER_nid`]: https://www.openssl.org/docs/man1.0.2/crypto/EVP_CIPHER_nid.html pub fn nid(&self) -> Nid { let nid = unsafe { ffi::EVP_CIPHER_nid(self.as_ptr()) }; Nid::from_raw(nid) } /// Returns the length of keys used with this cipher. pub fn key_length(&self) -> usize { unsafe { EVP_CIPHER_key_length(self.as_ptr()) as usize } } /// Returns the length of the IV used with this cipher. /// /// # Note /// /// Ciphers that do not use an IV have an IV length of 0. pub fn iv_length(&self) -> usize { unsafe { EVP_CIPHER_iv_length(self.as_ptr()) as usize } } /// Returns the block size of the cipher. /// /// # Note /// /// Stream ciphers have a block size of 1. pub fn block_size(&self) -> usize { unsafe { EVP_CIPHER_block_size(self.as_ptr()) as usize } } } openssl/src/cipher_ctx.rs +367 −72 File changed.Preview size limit exceeded, changes collapsed. Show changes openssl/src/envelope.rs +18 −6 Original line number Diff line number Diff line Loading @@ -21,10 +21,12 @@ //! enc_len += seal.finalize(&mut encrypted[enc_len..]).unwrap(); //! encrypted.truncate(enc_len); //! ``` use crate::cipher::CipherRef; use crate::cipher_ctx::CipherCtx; use crate::error::ErrorStack; use crate::pkey::{HasPrivate, HasPublic, PKey, PKeyRef}; use crate::symm::Cipher; use foreign_types::ForeignTypeRef; /// Represents an EVP_Seal context. pub struct Seal { Loading @@ -43,7 +45,12 @@ impl Seal { let mut enc_keys = vec![vec![]; pub_keys.len()]; let mut ctx = CipherCtx::new()?; ctx.seal_init(Some(&cipher), pub_keys, &mut enc_keys, iv.as_deref_mut())?; ctx.seal_init( Some(unsafe { CipherRef::from_ptr(cipher.as_ptr() as *mut _) }), pub_keys, &mut enc_keys, iv.as_deref_mut(), )?; Ok(Seal { ctx, iv, enc_keys }) } Loading @@ -70,7 +77,7 @@ impl Seal { /// the block size of the cipher (see `Cipher::block_size`), or if /// `output.len() > c_int::max_value()`. pub fn update(&mut self, input: &[u8], output: &mut [u8]) -> Result<usize, ErrorStack> { self.ctx.update(input, Some(output)) self.ctx.cipher_update(input, Some(output)) } /// Finishes the encryption process, writing any remaining data to `output`. Loading @@ -83,7 +90,7 @@ impl Seal { /// /// Panics if `output` is less than the cipher's block size. pub fn finalize(&mut self, output: &mut [u8]) -> Result<usize, ErrorStack> { self.ctx.finalize(output) self.ctx.cipher_final(output) } } Loading @@ -104,7 +111,12 @@ impl Open { T: HasPrivate, { let mut ctx = CipherCtx::new()?; ctx.open_init(Some(&cipher), encrypted_key, iv, Some(priv_key))?; ctx.open_init( Some(unsafe { CipherRef::from_ptr(cipher.as_ptr() as *mut _) }), encrypted_key, iv, Some(priv_key), )?; Ok(Open { ctx }) } Loading @@ -120,7 +132,7 @@ impl Open { /// `block_size` is the block size of the cipher (see `Cipher::block_size`), /// or if `output.len() > c_int::max_value()`. pub fn update(&mut self, input: &[u8], output: &mut [u8]) -> Result<usize, ErrorStack> { self.ctx.update(input, Some(output)) self.ctx.cipher_update(input, Some(output)) } /// Finishes the decryption process, writing any remaining data to `output`. Loading @@ -133,7 +145,7 @@ impl Open { /// /// Panics if `output` is less than the cipher's block size. pub fn finalize(&mut self, output: &mut [u8]) -> Result<usize, ErrorStack> { self.ctx.finalize(output) self.ctx.cipher_final(output) } } Loading openssl/src/lib.rs +1 −0 Original line number Diff line number Diff line Loading @@ -134,6 +134,7 @@ pub mod aes; pub mod asn1; pub mod base64; pub mod bn; pub mod cipher; pub mod cipher_ctx; #[cfg(all(not(libressl), not(osslconf = "OPENSSL_NO_CMS")))] pub mod cms; Loading Loading
openssl-sys/src/evp.rs +1 −0 Original line number Diff line number Diff line Loading @@ -39,6 +39,7 @@ cfg_if! { pub fn EVP_CIPHER_get_block_size(cipher: *const EVP_CIPHER) -> c_int; pub fn EVP_CIPHER_get_iv_length(cipher: *const EVP_CIPHER) -> c_int; pub fn EVP_CIPHER_get_nid(cipher: *const EVP_CIPHER) -> c_int; pub fn EVP_CIPHER_free(cipher: *mut EVP_CIPHER); pub fn EVP_CIPHER_CTX_get0_cipher(ctx: *const EVP_CIPHER_CTX) -> *const EVP_CIPHER; pub fn EVP_CIPHER_CTX_get_block_size(ctx: *const EVP_CIPHER_CTX) -> c_int; Loading
openssl/src/cipher.rs 0 → 100644 +352 −0 Original line number Diff line number Diff line //! Symmetric ciphers. use crate::nid::Nid; use cfg_if::cfg_if; use foreign_types::{ForeignType, ForeignTypeRef, Opaque}; use std::ops::{Deref, DerefMut}; cfg_if! { if #[cfg(any(ossl110, libressl273))] { use ffi::{EVP_CIPHER_block_size, EVP_CIPHER_iv_length, EVP_CIPHER_key_length}; } else { #[allow(bad_style)] pub unsafe fn EVP_CIPHER_iv_length(ptr: *const ffi::EVP_CIPHER) -> c_int { (*ptr).iv_len } #[allow(bad_style)] pub unsafe fn EVP_CIPHER_block_size(ptr: *const ffi::EVP_CIPHER) -> c_int { (*ptr).block_size } #[allow(bad_style)] pub unsafe fn EVP_CIPHER_key_length(ptr: *const ffi::EVP_CIPHER) -> c_int { (*ptr).key_len } } } cfg_if! { if #[cfg(ossl300)] { type Inner = *mut ffi::EVP_CIPHER; impl Drop for Cipher { #[inline] fn drop(&mut self) { unsafe { ffi::EVP_CIPHER_free(self.as_ptr()); } } } impl ForeignType for Cipher { type CType = ffi::EVP_CIPHER; type Ref = CipherRef; #[inline] unsafe fn from_ptr(ptr: *mut Self::CType) -> Self { Cipher(ptr) } #[inline] fn as_ptr(&self) -> *mut Self::CType { self.0 } } impl Deref for Cipher { type Target = CipherRef; #[inline] fn deref(&self) -> &Self::Target { unsafe { CipherRef::from_ptr(self.as_ptr()) } } } impl DerefMut for Cipher { #[inline] fn deref_mut(&mut self) -> &mut Self::Target { unsafe { CipherRef::from_ptr_mut(self.as_ptr()) } } } } else { enum Inner {} } } /// A symmetric cipher. pub struct Cipher(Inner); unsafe impl Sync for Cipher {} unsafe impl Send for Cipher {} impl Cipher { /// Looks up the cipher for a certain nid. /// /// This corresponds to [`EVP_get_cipherbynid`] /// /// [`EVP_get_cipherbynid`]: https://www.openssl.org/docs/man1.0.2/crypto/EVP_get_cipherbyname.html pub fn from_nid(nid: Nid) -> Option<&'static CipherRef> { unsafe { let ptr = ffi::EVP_get_cipherbyname(ffi::OBJ_nid2sn(nid.as_raw())); if ptr.is_null() { None } else { Some(CipherRef::from_ptr(ptr as *mut _)) } } } pub fn aes_128_ecb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ecb() as *mut _) } } pub fn aes_128_cbc() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cbc() as *mut _) } } pub fn aes_128_xts() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_xts() as *mut _) } } pub fn aes_128_ctr() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ctr() as *mut _) } } pub fn aes_128_cfb1() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb1() as *mut _) } } pub fn aes_128_cfb128() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb128() as *mut _) } } pub fn aes_128_cfb8() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb8() as *mut _) } } pub fn aes_128_gcm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_gcm() as *mut _) } } pub fn aes_128_ccm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ccm() as *mut _) } } pub fn aes_128_ofb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ofb() as *mut _) } } /// Requires OpenSSL 1.1.0 or newer. #[cfg(ossl110)] pub fn aes_128_ocb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ocb() as *mut _) } } pub fn aes_192_ecb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ecb() as *mut _) } } pub fn aes_192_cbc() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cbc() as *mut _) } } pub fn aes_192_ctr() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ctr() as *mut _) } } pub fn aes_192_cfb1() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb1() as *mut _) } } pub fn aes_192_cfb128() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb128() as *mut _) } } pub fn aes_192_cfb8() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb8() as *mut _) } } pub fn aes_192_gcm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_gcm() as *mut _) } } pub fn aes_192_ccm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ccm() as *mut _) } } pub fn aes_192_ofb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ofb() as *mut _) } } /// Requires OpenSSL 1.1.0 or newer. #[cfg(ossl110)] pub fn aes_192_ocb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ocb() as *mut _) } } pub fn aes_256_ecb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ecb() as *mut _) } } pub fn aes_256_cbc() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cbc() as *mut _) } } pub fn aes_256_ctr() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ctr() as *mut _) } } pub fn aes_256_cfb1() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb1() as *mut _) } } pub fn aes_256_cfb128() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb128() as *mut _) } } pub fn aes_256_cfb8() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb8() as *mut _) } } pub fn aes_256_gcm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_gcm() as *mut _) } } pub fn aes_256_ccm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ccm() as *mut _) } } pub fn aes_256_ofb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ofb() as *mut _) } } /// Requires OpenSSL 1.1.0 or newer. #[cfg(ossl110)] pub fn aes_256_ocb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ocb() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_BF"))] pub fn bf_cbc() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_bf_cbc() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_BF"))] pub fn bf_ecb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_bf_ecb() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_BF"))] pub fn bf_cfb64() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_bf_cfb64() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_BF"))] pub fn bf_ofb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_bf_ofb() as *mut _) } } pub fn des_cbc() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_des_cbc() as *mut _) } } pub fn des_ecb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_des_ecb() as *mut _) } } pub fn des_ede3() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_des_ede3() as *mut _) } } pub fn des_ede3_cbc() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_des_ede3_cbc() as *mut _) } } pub fn des_ede3_cfb64() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_des_ede3_cfb64() as *mut _) } } pub fn rc4() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_rc4() as *mut _) } } #[cfg(all(ossl110, not(osslconf = "OPENSSL_NO_CHACHA")))] pub fn chacha20() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_chacha20() as *mut _) } } #[cfg(all(ossl110, not(osslconf = "OPENSSL_NO_CHACHA")))] pub fn chacha20_poly1305() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_chacha20_poly1305() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] pub fn seed_cbc() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_seed_cbc() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] pub fn seed_cfb128() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_seed_cfb128() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] pub fn seed_ecb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_seed_ecb() as *mut _) } } #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] pub fn seed_ofb() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_seed_ofb() as *mut _) } } } /// A reference to a [`Cipher`]. pub struct CipherRef(Opaque); impl ForeignTypeRef for CipherRef { type CType = ffi::EVP_CIPHER; } unsafe impl Sync for CipherRef {} unsafe impl Send for CipherRef {} impl CipherRef { /// Returns the cipher's Nid. /// /// This corresponds to [`EVP_CIPHER_nid`] /// /// [`EVP_CIPHER_nid`]: https://www.openssl.org/docs/man1.0.2/crypto/EVP_CIPHER_nid.html pub fn nid(&self) -> Nid { let nid = unsafe { ffi::EVP_CIPHER_nid(self.as_ptr()) }; Nid::from_raw(nid) } /// Returns the length of keys used with this cipher. pub fn key_length(&self) -> usize { unsafe { EVP_CIPHER_key_length(self.as_ptr()) as usize } } /// Returns the length of the IV used with this cipher. /// /// # Note /// /// Ciphers that do not use an IV have an IV length of 0. pub fn iv_length(&self) -> usize { unsafe { EVP_CIPHER_iv_length(self.as_ptr()) as usize } } /// Returns the block size of the cipher. /// /// # Note /// /// Stream ciphers have a block size of 1. pub fn block_size(&self) -> usize { unsafe { EVP_CIPHER_block_size(self.as_ptr()) as usize } } }
openssl/src/cipher_ctx.rs +367 −72 File changed.Preview size limit exceeded, changes collapsed. Show changes
openssl/src/envelope.rs +18 −6 Original line number Diff line number Diff line Loading @@ -21,10 +21,12 @@ //! enc_len += seal.finalize(&mut encrypted[enc_len..]).unwrap(); //! encrypted.truncate(enc_len); //! ``` use crate::cipher::CipherRef; use crate::cipher_ctx::CipherCtx; use crate::error::ErrorStack; use crate::pkey::{HasPrivate, HasPublic, PKey, PKeyRef}; use crate::symm::Cipher; use foreign_types::ForeignTypeRef; /// Represents an EVP_Seal context. pub struct Seal { Loading @@ -43,7 +45,12 @@ impl Seal { let mut enc_keys = vec![vec![]; pub_keys.len()]; let mut ctx = CipherCtx::new()?; ctx.seal_init(Some(&cipher), pub_keys, &mut enc_keys, iv.as_deref_mut())?; ctx.seal_init( Some(unsafe { CipherRef::from_ptr(cipher.as_ptr() as *mut _) }), pub_keys, &mut enc_keys, iv.as_deref_mut(), )?; Ok(Seal { ctx, iv, enc_keys }) } Loading @@ -70,7 +77,7 @@ impl Seal { /// the block size of the cipher (see `Cipher::block_size`), or if /// `output.len() > c_int::max_value()`. pub fn update(&mut self, input: &[u8], output: &mut [u8]) -> Result<usize, ErrorStack> { self.ctx.update(input, Some(output)) self.ctx.cipher_update(input, Some(output)) } /// Finishes the encryption process, writing any remaining data to `output`. Loading @@ -83,7 +90,7 @@ impl Seal { /// /// Panics if `output` is less than the cipher's block size. pub fn finalize(&mut self, output: &mut [u8]) -> Result<usize, ErrorStack> { self.ctx.finalize(output) self.ctx.cipher_final(output) } } Loading @@ -104,7 +111,12 @@ impl Open { T: HasPrivate, { let mut ctx = CipherCtx::new()?; ctx.open_init(Some(&cipher), encrypted_key, iv, Some(priv_key))?; ctx.open_init( Some(unsafe { CipherRef::from_ptr(cipher.as_ptr() as *mut _) }), encrypted_key, iv, Some(priv_key), )?; Ok(Open { ctx }) } Loading @@ -120,7 +132,7 @@ impl Open { /// `block_size` is the block size of the cipher (see `Cipher::block_size`), /// or if `output.len() > c_int::max_value()`. pub fn update(&mut self, input: &[u8], output: &mut [u8]) -> Result<usize, ErrorStack> { self.ctx.update(input, Some(output)) self.ctx.cipher_update(input, Some(output)) } /// Finishes the decryption process, writing any remaining data to `output`. Loading @@ -133,7 +145,7 @@ impl Open { /// /// Panics if `output` is less than the cipher's block size. pub fn finalize(&mut self, output: &mut [u8]) -> Result<usize, ErrorStack> { self.ctx.finalize(output) self.ctx.cipher_final(output) } } Loading
openssl/src/lib.rs +1 −0 Original line number Diff line number Diff line Loading @@ -134,6 +134,7 @@ pub mod aes; pub mod asn1; pub mod base64; pub mod bn; pub mod cipher; pub mod cipher_ctx; #[cfg(all(not(libressl), not(osslconf = "OPENSSL_NO_CMS")))] pub mod cms; Loading
