Loading openssl/build.rs +4 −0 Original line number Diff line number Diff line Loading @@ -33,6 +33,7 @@ fn main() { println!("cargo:rustc-check-cfg=cfg(libressl382)"); println!("cargo:rustc-check-cfg=cfg(libressl390)"); println!("cargo:rustc-check-cfg=cfg(libressl400)"); println!("cargo:rustc-check-cfg=cfg(libressl410)"); println!("cargo:rustc-check-cfg=cfg(ossl101)"); println!("cargo:rustc-check-cfg=cfg(ossl102)"); Loading Loading @@ -121,6 +122,9 @@ fn main() { if version >= 0x4_00_00_00_0 { println!("cargo:rustc-cfg=libressl400"); } if version >= 0x4_01_00_00_0 { println!("cargo:rustc-cfg=libressl410"); } } if let Ok(vars) = env::var("DEP_OPENSSL_CONF") { Loading openssl/src/bn.rs +22 −12 Original line number Diff line number Diff line Loading @@ -37,18 +37,15 @@ use crate::{cvt, cvt_n, cvt_p, LenType}; use openssl_macros::corresponds; cfg_if! { if #[cfg(any(ossl110, libressl350))] { if #[cfg(any(ossl110, libressl350, awslc))] { use ffi::{ BN_get_rfc2409_prime_1024, BN_get_rfc2409_prime_768, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192, BN_is_negative, }; } else if #[cfg(any(boringssl, awslc))] { } else if #[cfg(boringssl)] { use ffi::BN_is_negative; } else { use ffi::{ get_rfc2409_prime_1024 as BN_get_rfc2409_prime_1024, get_rfc2409_prime_768 as BN_get_rfc2409_prime_768, get_rfc3526_prime_1536 as BN_get_rfc3526_prime_1536, get_rfc3526_prime_2048 as BN_get_rfc3526_prime_2048, get_rfc3526_prime_3072 as BN_get_rfc3526_prime_3072, Loading @@ -64,6 +61,19 @@ cfg_if! { } } cfg_if! { if #[cfg(any(ossl110, libressl350))] { use ffi::{ BN_get_rfc2409_prime_1024, BN_get_rfc2409_prime_768 }; } else if #[cfg(not(any(boringssl, awslc)))] { use ffi::{ get_rfc2409_prime_1024 as BN_get_rfc2409_prime_1024, get_rfc2409_prime_768 as BN_get_rfc2409_prime_768, }; } } /// Options for the most significant bits of a randomly generated `BigNum`. pub struct MsbOption(c_int); Loading Loading @@ -1014,7 +1024,7 @@ impl BigNum { /// /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-3 #[corresponds(BN_get_rfc3526_prime_1536)] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn get_rfc3526_prime_1536() -> Result<BigNum, ErrorStack> { unsafe { ffi::init(); Loading @@ -1028,7 +1038,7 @@ impl BigNum { /// /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-3 #[corresponds(BN_get_rfc3526_prime_2048)] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn get_rfc3526_prime_2048() -> Result<BigNum, ErrorStack> { unsafe { ffi::init(); Loading @@ -1042,7 +1052,7 @@ impl BigNum { /// /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-4 #[corresponds(BN_get_rfc3526_prime_3072)] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn get_rfc3526_prime_3072() -> Result<BigNum, ErrorStack> { unsafe { ffi::init(); Loading @@ -1056,7 +1066,7 @@ impl BigNum { /// /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-4 #[corresponds(BN_get_rfc3526_prime_4096)] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn get_rfc3526_prime_4096() -> Result<BigNum, ErrorStack> { unsafe { ffi::init(); Loading @@ -1070,7 +1080,7 @@ impl BigNum { /// /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-6 #[corresponds(BN_get_rfc3526_prime_6114)] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn get_rfc3526_prime_6144() -> Result<BigNum, ErrorStack> { unsafe { ffi::init(); Loading @@ -1084,7 +1094,7 @@ impl BigNum { /// /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-6 #[corresponds(BN_get_rfc3526_prime_8192)] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn get_rfc3526_prime_8192() -> Result<BigNum, ErrorStack> { unsafe { ffi::init(); Loading openssl/src/cipher.rs +12 −12 Original line number Diff line number Diff line Loading @@ -166,7 +166,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_xts() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_256_xts() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_xts() as *mut _) } } Loading @@ -175,17 +175,17 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ctr() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_128_cfb1() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb1() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_128_cfb128() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb128() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_128_cfb8() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb8() as *mut _) } } Loading @@ -194,7 +194,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_gcm() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_128_ccm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ccm() as *mut _) } } Loading Loading @@ -233,7 +233,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ctr() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_192_cfb1() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb1() as *mut _) } } Loading @@ -242,7 +242,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb128() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_192_cfb8() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb8() as *mut _) } } Loading @@ -251,7 +251,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_gcm() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_192_ccm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ccm() as *mut _) } } Loading Loading @@ -290,7 +290,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ctr() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_256_cfb1() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb1() as *mut _) } } Loading @@ -299,7 +299,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb128() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_256_cfb8() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb8() as *mut _) } } Loading @@ -308,7 +308,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_gcm() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_256_ccm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ccm() as *mut _) } } Loading Loading @@ -500,7 +500,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_chacha20() as *mut _) } } #[cfg(all(any(ossl110, libressl360), not(osslconf = "OPENSSL_NO_CHACHA")))] #[cfg(all(any(ossl110, libressl360, awslc), not(osslconf = "OPENSSL_NO_CHACHA")))] pub fn chacha20_poly1305() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_chacha20_poly1305() as *mut _) } } Loading openssl/src/cipher_ctx.rs +165 −0 Original line number Diff line number Diff line Loading @@ -809,8 +809,173 @@ mod test { aes_128_cbc(cipher); } #[cfg(not(boringssl))] #[test] fn default_aes_128_ccm() { // from https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/ccmtestvectors.zip let cipher = Cipher::aes_128_ccm(); aes_ccm( cipher, "26511fb51fcfa75cb4b44da75a6e5a0e", "ea98ec44f5a86715014783172e", "4da40b80579c1d9a5309f7efecb7c059a2f914511ca5fc10", "e4692b9f06b666c7451b146c8aeb07a6e30c629d28065c3dde5940325b14b810", "1bf0ba0ebb20d8edba59f29a9371750c9c714078f73c335d", "2f1322ac69b848b001476323aed84c47", ); } #[cfg(not(boringssl))] #[test] fn default_aes_192_ccm() { // from https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/ccmtestvectors.zip let cipher = Cipher::aes_192_ccm(); aes_ccm( cipher, "26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886", "ea98ec44f5a86715014783172e", "4da40b80579c1d9a5309f7efecb7c059a2f914511ca5fc10", "e4692b9f06b666c7451b146c8aeb07a6e30c629d28065c3dde5940325b14b810", "30c154c616946eccc2e241d336ad33720953e449a0e6b0f0", "dbf8e9464909bdf337e48093c082a10b", ); } #[cfg(not(boringssl))] #[test] fn default_aes_256_ccm() { // from https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/ccmtestvectors.zip let cipher = Cipher::aes_256_ccm(); aes_ccm( cipher, "314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e", "3542fbe0f59a6d5f3abf619b7d", "c5b3d71312ea14f2f8fae5bd1a453192b6604a45db75c5ed", "dd4531f158a2fa3bc8a339f770595048f4a42bc1b03f2e824efc6ba4985119d8", "39c2e8f6edfe663b90963b98eb79e2d4f7f28a5053ae8881", "567a6b4426f1667136bed4a5e32a2bc1", ); } #[cfg(not(boringssl))] fn aes_ccm( cipher: &CipherRef, key: &'static str, iv: &'static str, pt: &'static str, aad: &'static str, ct: &'static str, tag: &'static str, ) { let key = hex::decode(key).unwrap(); let iv = hex::decode(iv).unwrap(); let pt = hex::decode(pt).unwrap(); let ct = hex::decode(ct).unwrap(); let aad = hex::decode(aad).unwrap(); let tag = hex::decode(tag).unwrap(); let mut ctx = CipherCtx::new().unwrap(); ctx.encrypt_init(Some(cipher), None, None).unwrap(); ctx.set_iv_length(iv.len()).unwrap(); ctx.set_tag_length(tag.len()).unwrap(); ctx.encrypt_init(None, Some(&key), Some(&iv)).unwrap(); ctx.set_data_len(pt.len()).unwrap(); let mut buf = vec![]; ctx.cipher_update(&aad, None).unwrap(); ctx.cipher_update_vec(&pt, &mut buf).unwrap(); ctx.cipher_final_vec(&mut buf).unwrap(); assert_eq!(buf, ct); let mut out_tag = vec![0u8; tag.len()]; ctx.tag(&mut out_tag).unwrap(); assert_eq!(tag, out_tag); ctx.decrypt_init(Some(cipher), None, None).unwrap(); ctx.set_iv_length(iv.len()).unwrap(); ctx.set_tag(&tag).unwrap(); ctx.decrypt_init(None, Some(&key), Some(&iv)).unwrap(); ctx.set_data_len(pt.len()).unwrap(); let mut buf = vec![]; ctx.cipher_update(&aad, None).unwrap(); ctx.cipher_update_vec(&ct, &mut buf).unwrap(); // Some older libraries don't support calling EVP_CipherFinal/EVP_DecryptFinal for CCM // https://wiki.openssl.org/index.php/EVP_Authenticated_Encryption_and_Decryption#Authenticated_Decryption_using_CCM_mode #[cfg(any(ossl111, awslc, boringssl))] ctx.cipher_final_vec(&mut buf).unwrap(); assert_eq!(buf, pt); } #[cfg(not(any(boringssl, awslc)))] #[test] fn default_aes_128_xts() { // https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/aes/XTSTestVectors.zip let cipher = Cipher::aes_128_xts(); aes_xts( cipher, "a1b90cba3f06ac353b2c343876081762090923026e91771815f29dab01932f2f", "4faef7117cda59c66e4b92013e768ad5", "ebabce95b14d3c8d6fb350390790311c", "778ae8b43cb98d5a825081d5be471c63", ); } #[cfg(not(boringssl))] #[test] fn default_aes_256_xts() { // https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/aes/XTSTestVectors.zip let cipher = Cipher::aes_256_xts(); aes_xts(cipher, "1ea661c58d943a0e4801e42f4b0947149e7f9f8e3e68d0c7505210bd311a0e7cd6e13ffdf2418d8d1911c004cda58da3d619b7e2b9141e58318eea392cf41b08", "adf8d92627464ad2f0428e84a9f87564", "2eedea52cd8215e1acc647e810bbc3642e87287f8d2e57e36c0a24fbc12a202e", "cbaad0e2f6cea3f50b37f934d46a9b130b9d54f07e34f36af793e86f73c6d7db"); } #[cfg(not(boringssl))] fn aes_xts( cipher: &CipherRef, key: &'static str, i: &'static str, pt: &'static str, ct: &'static str, ) { let key = hex::decode(key).unwrap(); let i = hex::decode(i).unwrap(); let pt = hex::decode(pt).unwrap(); let ct = hex::decode(ct).unwrap(); let mut ctx = CipherCtx::new().unwrap(); ctx.encrypt_init(Some(cipher), Some(&key), Some(&i)) .unwrap(); let mut buf = vec![]; ctx.cipher_update_vec(&pt, &mut buf).unwrap(); ctx.cipher_final_vec(&mut buf).unwrap(); assert_eq!(ct, buf); ctx.decrypt_init(Some(cipher), Some(&key), Some(&i)) .unwrap(); let mut buf = vec![]; ctx.cipher_update_vec(&ct, &mut buf).unwrap(); ctx.cipher_final_vec(&mut buf).unwrap(); assert_eq!(pt, buf); } #[test] fn test_stream_ciphers() { #[cfg(not(boringssl))] { test_stream_cipher(Cipher::aes_128_cfb1()); test_stream_cipher(Cipher::aes_128_cfb8()); test_stream_cipher(Cipher::aes_128_cfb128()); test_stream_cipher(Cipher::aes_192_cfb1()); test_stream_cipher(Cipher::aes_192_cfb8()); test_stream_cipher(Cipher::aes_192_cfb128()); test_stream_cipher(Cipher::aes_256_cfb1()); test_stream_cipher(Cipher::aes_256_cfb8()); test_stream_cipher(Cipher::aes_256_cfb128()); } test_stream_cipher(Cipher::aes_192_ctr()); test_stream_cipher(Cipher::aes_256_ctr()); } Loading openssl/src/dsa.rs +5 −5 Original line number Diff line number Diff line Loading @@ -533,11 +533,11 @@ cfg_if! { mod test { use super::*; use crate::bn::BigNumContext; #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] use crate::hash::MessageDigest; #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] use crate::pkey::PKey; #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] use crate::sign::{Signer, Verifier}; #[test] Loading Loading @@ -607,7 +607,7 @@ mod test { } #[test] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] fn test_signature() { const TEST_DATA: &[u8] = &[0, 1, 2, 3, 4, 5, 6, 7, 8, 9]; let dsa_ref = Dsa::generate(1024).unwrap(); Loading Loading @@ -648,7 +648,7 @@ mod test { } #[test] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] fn test_signature_der() { use std::convert::TryInto; Loading Loading
openssl/build.rs +4 −0 Original line number Diff line number Diff line Loading @@ -33,6 +33,7 @@ fn main() { println!("cargo:rustc-check-cfg=cfg(libressl382)"); println!("cargo:rustc-check-cfg=cfg(libressl390)"); println!("cargo:rustc-check-cfg=cfg(libressl400)"); println!("cargo:rustc-check-cfg=cfg(libressl410)"); println!("cargo:rustc-check-cfg=cfg(ossl101)"); println!("cargo:rustc-check-cfg=cfg(ossl102)"); Loading Loading @@ -121,6 +122,9 @@ fn main() { if version >= 0x4_00_00_00_0 { println!("cargo:rustc-cfg=libressl400"); } if version >= 0x4_01_00_00_0 { println!("cargo:rustc-cfg=libressl410"); } } if let Ok(vars) = env::var("DEP_OPENSSL_CONF") { Loading
openssl/src/bn.rs +22 −12 Original line number Diff line number Diff line Loading @@ -37,18 +37,15 @@ use crate::{cvt, cvt_n, cvt_p, LenType}; use openssl_macros::corresponds; cfg_if! { if #[cfg(any(ossl110, libressl350))] { if #[cfg(any(ossl110, libressl350, awslc))] { use ffi::{ BN_get_rfc2409_prime_1024, BN_get_rfc2409_prime_768, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192, BN_is_negative, }; } else if #[cfg(any(boringssl, awslc))] { } else if #[cfg(boringssl)] { use ffi::BN_is_negative; } else { use ffi::{ get_rfc2409_prime_1024 as BN_get_rfc2409_prime_1024, get_rfc2409_prime_768 as BN_get_rfc2409_prime_768, get_rfc3526_prime_1536 as BN_get_rfc3526_prime_1536, get_rfc3526_prime_2048 as BN_get_rfc3526_prime_2048, get_rfc3526_prime_3072 as BN_get_rfc3526_prime_3072, Loading @@ -64,6 +61,19 @@ cfg_if! { } } cfg_if! { if #[cfg(any(ossl110, libressl350))] { use ffi::{ BN_get_rfc2409_prime_1024, BN_get_rfc2409_prime_768 }; } else if #[cfg(not(any(boringssl, awslc)))] { use ffi::{ get_rfc2409_prime_1024 as BN_get_rfc2409_prime_1024, get_rfc2409_prime_768 as BN_get_rfc2409_prime_768, }; } } /// Options for the most significant bits of a randomly generated `BigNum`. pub struct MsbOption(c_int); Loading Loading @@ -1014,7 +1024,7 @@ impl BigNum { /// /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-3 #[corresponds(BN_get_rfc3526_prime_1536)] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn get_rfc3526_prime_1536() -> Result<BigNum, ErrorStack> { unsafe { ffi::init(); Loading @@ -1028,7 +1038,7 @@ impl BigNum { /// /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-3 #[corresponds(BN_get_rfc3526_prime_2048)] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn get_rfc3526_prime_2048() -> Result<BigNum, ErrorStack> { unsafe { ffi::init(); Loading @@ -1042,7 +1052,7 @@ impl BigNum { /// /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-4 #[corresponds(BN_get_rfc3526_prime_3072)] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn get_rfc3526_prime_3072() -> Result<BigNum, ErrorStack> { unsafe { ffi::init(); Loading @@ -1056,7 +1066,7 @@ impl BigNum { /// /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-4 #[corresponds(BN_get_rfc3526_prime_4096)] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn get_rfc3526_prime_4096() -> Result<BigNum, ErrorStack> { unsafe { ffi::init(); Loading @@ -1070,7 +1080,7 @@ impl BigNum { /// /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-6 #[corresponds(BN_get_rfc3526_prime_6114)] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn get_rfc3526_prime_6144() -> Result<BigNum, ErrorStack> { unsafe { ffi::init(); Loading @@ -1084,7 +1094,7 @@ impl BigNum { /// /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-6 #[corresponds(BN_get_rfc3526_prime_8192)] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn get_rfc3526_prime_8192() -> Result<BigNum, ErrorStack> { unsafe { ffi::init(); Loading
openssl/src/cipher.rs +12 −12 Original line number Diff line number Diff line Loading @@ -166,7 +166,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_xts() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_256_xts() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_xts() as *mut _) } } Loading @@ -175,17 +175,17 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ctr() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_128_cfb1() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb1() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_128_cfb128() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb128() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_128_cfb8() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb8() as *mut _) } } Loading @@ -194,7 +194,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_gcm() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_128_ccm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ccm() as *mut _) } } Loading Loading @@ -233,7 +233,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ctr() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_192_cfb1() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb1() as *mut _) } } Loading @@ -242,7 +242,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb128() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_192_cfb8() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb8() as *mut _) } } Loading @@ -251,7 +251,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_gcm() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_192_ccm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ccm() as *mut _) } } Loading Loading @@ -290,7 +290,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ctr() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_256_cfb1() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb1() as *mut _) } } Loading @@ -299,7 +299,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb128() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_256_cfb8() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb8() as *mut _) } } Loading @@ -308,7 +308,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_gcm() as *mut _) } } #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] pub fn aes_256_ccm() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ccm() as *mut _) } } Loading Loading @@ -500,7 +500,7 @@ impl Cipher { unsafe { CipherRef::from_ptr(ffi::EVP_chacha20() as *mut _) } } #[cfg(all(any(ossl110, libressl360), not(osslconf = "OPENSSL_NO_CHACHA")))] #[cfg(all(any(ossl110, libressl360, awslc), not(osslconf = "OPENSSL_NO_CHACHA")))] pub fn chacha20_poly1305() -> &'static CipherRef { unsafe { CipherRef::from_ptr(ffi::EVP_chacha20_poly1305() as *mut _) } } Loading
openssl/src/cipher_ctx.rs +165 −0 Original line number Diff line number Diff line Loading @@ -809,8 +809,173 @@ mod test { aes_128_cbc(cipher); } #[cfg(not(boringssl))] #[test] fn default_aes_128_ccm() { // from https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/ccmtestvectors.zip let cipher = Cipher::aes_128_ccm(); aes_ccm( cipher, "26511fb51fcfa75cb4b44da75a6e5a0e", "ea98ec44f5a86715014783172e", "4da40b80579c1d9a5309f7efecb7c059a2f914511ca5fc10", "e4692b9f06b666c7451b146c8aeb07a6e30c629d28065c3dde5940325b14b810", "1bf0ba0ebb20d8edba59f29a9371750c9c714078f73c335d", "2f1322ac69b848b001476323aed84c47", ); } #[cfg(not(boringssl))] #[test] fn default_aes_192_ccm() { // from https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/ccmtestvectors.zip let cipher = Cipher::aes_192_ccm(); aes_ccm( cipher, "26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886", "ea98ec44f5a86715014783172e", "4da40b80579c1d9a5309f7efecb7c059a2f914511ca5fc10", "e4692b9f06b666c7451b146c8aeb07a6e30c629d28065c3dde5940325b14b810", "30c154c616946eccc2e241d336ad33720953e449a0e6b0f0", "dbf8e9464909bdf337e48093c082a10b", ); } #[cfg(not(boringssl))] #[test] fn default_aes_256_ccm() { // from https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/ccmtestvectors.zip let cipher = Cipher::aes_256_ccm(); aes_ccm( cipher, "314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e", "3542fbe0f59a6d5f3abf619b7d", "c5b3d71312ea14f2f8fae5bd1a453192b6604a45db75c5ed", "dd4531f158a2fa3bc8a339f770595048f4a42bc1b03f2e824efc6ba4985119d8", "39c2e8f6edfe663b90963b98eb79e2d4f7f28a5053ae8881", "567a6b4426f1667136bed4a5e32a2bc1", ); } #[cfg(not(boringssl))] fn aes_ccm( cipher: &CipherRef, key: &'static str, iv: &'static str, pt: &'static str, aad: &'static str, ct: &'static str, tag: &'static str, ) { let key = hex::decode(key).unwrap(); let iv = hex::decode(iv).unwrap(); let pt = hex::decode(pt).unwrap(); let ct = hex::decode(ct).unwrap(); let aad = hex::decode(aad).unwrap(); let tag = hex::decode(tag).unwrap(); let mut ctx = CipherCtx::new().unwrap(); ctx.encrypt_init(Some(cipher), None, None).unwrap(); ctx.set_iv_length(iv.len()).unwrap(); ctx.set_tag_length(tag.len()).unwrap(); ctx.encrypt_init(None, Some(&key), Some(&iv)).unwrap(); ctx.set_data_len(pt.len()).unwrap(); let mut buf = vec![]; ctx.cipher_update(&aad, None).unwrap(); ctx.cipher_update_vec(&pt, &mut buf).unwrap(); ctx.cipher_final_vec(&mut buf).unwrap(); assert_eq!(buf, ct); let mut out_tag = vec![0u8; tag.len()]; ctx.tag(&mut out_tag).unwrap(); assert_eq!(tag, out_tag); ctx.decrypt_init(Some(cipher), None, None).unwrap(); ctx.set_iv_length(iv.len()).unwrap(); ctx.set_tag(&tag).unwrap(); ctx.decrypt_init(None, Some(&key), Some(&iv)).unwrap(); ctx.set_data_len(pt.len()).unwrap(); let mut buf = vec![]; ctx.cipher_update(&aad, None).unwrap(); ctx.cipher_update_vec(&ct, &mut buf).unwrap(); // Some older libraries don't support calling EVP_CipherFinal/EVP_DecryptFinal for CCM // https://wiki.openssl.org/index.php/EVP_Authenticated_Encryption_and_Decryption#Authenticated_Decryption_using_CCM_mode #[cfg(any(ossl111, awslc, boringssl))] ctx.cipher_final_vec(&mut buf).unwrap(); assert_eq!(buf, pt); } #[cfg(not(any(boringssl, awslc)))] #[test] fn default_aes_128_xts() { // https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/aes/XTSTestVectors.zip let cipher = Cipher::aes_128_xts(); aes_xts( cipher, "a1b90cba3f06ac353b2c343876081762090923026e91771815f29dab01932f2f", "4faef7117cda59c66e4b92013e768ad5", "ebabce95b14d3c8d6fb350390790311c", "778ae8b43cb98d5a825081d5be471c63", ); } #[cfg(not(boringssl))] #[test] fn default_aes_256_xts() { // https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/aes/XTSTestVectors.zip let cipher = Cipher::aes_256_xts(); aes_xts(cipher, "1ea661c58d943a0e4801e42f4b0947149e7f9f8e3e68d0c7505210bd311a0e7cd6e13ffdf2418d8d1911c004cda58da3d619b7e2b9141e58318eea392cf41b08", "adf8d92627464ad2f0428e84a9f87564", "2eedea52cd8215e1acc647e810bbc3642e87287f8d2e57e36c0a24fbc12a202e", "cbaad0e2f6cea3f50b37f934d46a9b130b9d54f07e34f36af793e86f73c6d7db"); } #[cfg(not(boringssl))] fn aes_xts( cipher: &CipherRef, key: &'static str, i: &'static str, pt: &'static str, ct: &'static str, ) { let key = hex::decode(key).unwrap(); let i = hex::decode(i).unwrap(); let pt = hex::decode(pt).unwrap(); let ct = hex::decode(ct).unwrap(); let mut ctx = CipherCtx::new().unwrap(); ctx.encrypt_init(Some(cipher), Some(&key), Some(&i)) .unwrap(); let mut buf = vec![]; ctx.cipher_update_vec(&pt, &mut buf).unwrap(); ctx.cipher_final_vec(&mut buf).unwrap(); assert_eq!(ct, buf); ctx.decrypt_init(Some(cipher), Some(&key), Some(&i)) .unwrap(); let mut buf = vec![]; ctx.cipher_update_vec(&ct, &mut buf).unwrap(); ctx.cipher_final_vec(&mut buf).unwrap(); assert_eq!(pt, buf); } #[test] fn test_stream_ciphers() { #[cfg(not(boringssl))] { test_stream_cipher(Cipher::aes_128_cfb1()); test_stream_cipher(Cipher::aes_128_cfb8()); test_stream_cipher(Cipher::aes_128_cfb128()); test_stream_cipher(Cipher::aes_192_cfb1()); test_stream_cipher(Cipher::aes_192_cfb8()); test_stream_cipher(Cipher::aes_192_cfb128()); test_stream_cipher(Cipher::aes_256_cfb1()); test_stream_cipher(Cipher::aes_256_cfb8()); test_stream_cipher(Cipher::aes_256_cfb128()); } test_stream_cipher(Cipher::aes_192_ctr()); test_stream_cipher(Cipher::aes_256_ctr()); } Loading
openssl/src/dsa.rs +5 −5 Original line number Diff line number Diff line Loading @@ -533,11 +533,11 @@ cfg_if! { mod test { use super::*; use crate::bn::BigNumContext; #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] use crate::hash::MessageDigest; #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] use crate::pkey::PKey; #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] use crate::sign::{Signer, Verifier}; #[test] Loading Loading @@ -607,7 +607,7 @@ mod test { } #[test] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] fn test_signature() { const TEST_DATA: &[u8] = &[0, 1, 2, 3, 4, 5, 6, 7, 8, 9]; let dsa_ref = Dsa::generate(1024).unwrap(); Loading Loading @@ -648,7 +648,7 @@ mod test { } #[test] #[cfg(not(any(boringssl, awslc)))] #[cfg(not(boringssl))] fn test_signature_der() { use std::convert::TryInto; Loading
