Loading openssl-sys/src/lib.rs +17 −0 Original line number Diff line number Diff line Loading @@ -76,6 +76,13 @@ pub enum point_conversion_form_t { POINT_CONVERSION_HYBRID = 6, } #[repr(C)] pub struct AES_KEY { // There is some business with AES_LONG which is there to ensure the values here are 32 bits rd_key: [u32; 4 * (AES_MAXNR as usize + 1)], rounds: c_int, } #[repr(C)] pub struct GENERAL_NAME { pub type_: c_int, Loading Loading @@ -114,6 +121,12 @@ pub type PasswordCallback = unsafe extern fn(buf: *mut c_char, size: c_int, rwflag: c_int, user_data: *mut c_void) -> c_int; pub const AES_ENCRYPT: c_int = 1; pub const AES_DECRYPT: c_int = 0; pub const AES_MAXNR: c_int = 14; pub const AES_BLOCK_SIZE: c_int = 16; pub const BIO_TYPE_NONE: c_int = 0; pub const BIO_CTRL_EOF: c_int = 2; Loading Loading @@ -1368,6 +1381,10 @@ pub fn ERR_GET_REASON(l: c_ulong) -> c_int { } extern { pub fn AES_set_encrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; pub fn AES_set_decrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; pub fn AES_ige_encrypt(in_: *const c_uchar, out: *mut c_uchar, length: size_t, key: *const AES_KEY, ivec: *mut c_uchar, enc: c_int); pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int; pub fn ASN1_GENERALIZEDTIME_free(tm: *mut ASN1_GENERALIZEDTIME); pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int; Loading openssl/src/aes.rs 0 → 100644 +115 −0 Original line number Diff line number Diff line //! Low level AES functionality //! //! The `symm` module should be used in preference to this module in most cases. use ffi; use std::mem; use libc::c_int; use symm::Mode; #[derive(Debug)] pub struct KeyError(()); pub struct AesKey(ffi::AES_KEY); impl AesKey { /// Prepares a key for encryption. /// /// # Failure /// /// Returns an error if the key is not 128, 192, or 256 bits. pub fn new_encrypt(key: &[u8]) -> Result<AesKey, KeyError> { unsafe { assert!(key.len() <= c_int::max_value() as usize / 8); let mut aes_key = mem::uninitialized(); let r = ffi::AES_set_encrypt_key(key.as_ptr() as *const _, key.len() as c_int * 8, &mut aes_key); if r == 0 { Ok(AesKey(aes_key)) } else { Err(KeyError(())) } } } /// Prepares a key for decryption. /// /// # Failure /// /// Returns an error if the key is not 128, 192, or 256 bits. pub fn new_decrypt(key: &[u8]) -> Result<AesKey, KeyError> { unsafe { assert!(key.len() <= c_int::max_value() as usize / 8); let mut aes_key = mem::uninitialized(); let r = ffi::AES_set_decrypt_key(key.as_ptr() as *const _, key.len() as c_int * 8, &mut aes_key); if r == 0 { Ok(AesKey(aes_key)) } else { Err(KeyError(())) } } } } /// Performs AES IGE encryption or decryption /// /// # Panics /// /// Panics if `in_` is not the same length as `out`, if that length is not a multiple of 16, or if /// `iv` is not at least 32 bytes. pub fn aes_ige(in_: &[u8], out: &mut [u8], key: &AesKey, iv: &mut [u8], mode: Mode) { unsafe { assert!(in_.len() == out.len()); assert!(in_.len() % ffi::AES_BLOCK_SIZE as usize == 0); assert!(iv.len() >= ffi::AES_BLOCK_SIZE as usize * 2); let mode = match mode { Mode::Encrypt => ffi::AES_ENCRYPT, Mode::Decrypt => ffi::AES_DECRYPT, }; ffi::AES_ige_encrypt(in_.as_ptr() as *const _, out.as_mut_ptr() as *mut _, in_.len(), &key.0, iv.as_mut_ptr() as *mut _, mode); } } #[cfg(test)] mod test { use hex::FromHex; use symm::Mode; use super::*; // From https://www.mgp25.com/AESIGE/ #[test] fn ige_vector_1() { let raw_key = "000102030405060708090A0B0C0D0E0F"; let raw_iv = "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"; let raw_pt = "0000000000000000000000000000000000000000000000000000000000000000"; let raw_ct = "1A8519A6557BE652E9DA8E43DA4EF4453CF456B4CA488AA383C79C98B34797CB"; let key = AesKey::new_encrypt(&Vec::from_hex(raw_key).unwrap()).unwrap(); let mut iv = Vec::from_hex(raw_iv).unwrap(); let pt = Vec::from_hex(raw_pt).unwrap(); let ct = Vec::from_hex(raw_ct).unwrap(); let mut ct_actual = vec![0; ct.len()]; aes_ige(&pt, &mut ct_actual, &key, &mut iv, Mode::Encrypt); assert_eq!(ct_actual, ct); let key = AesKey::new_decrypt(&Vec::from_hex(raw_key).unwrap()).unwrap(); let mut iv = Vec::from_hex(raw_iv).unwrap(); let mut pt_actual = vec![0; pt.len()]; aes_ige(&ct, &mut pt_actual, &key, &mut iv, Mode::Decrypt); assert_eq!(pt_actual, pt); } } openssl/src/lib.rs +1 −0 Original line number Diff line number Diff line Loading @@ -24,6 +24,7 @@ mod macros; mod bio; mod util; pub mod aes; pub mod asn1; pub mod bn; pub mod crypto; Loading systest/build.rs +1 −0 Original line number Diff line number Diff line Loading @@ -47,6 +47,7 @@ fn main() { .header("openssl/rand.h") .header("openssl/pkcs12.h") .header("openssl/bn.h") .header("openssl/aes.h") .header("openssl/ocsp.h"); cfg.type_name(|s, is_struct| { // Add some `*` on some callback parameters to get function pointer to Loading Loading
openssl-sys/src/lib.rs +17 −0 Original line number Diff line number Diff line Loading @@ -76,6 +76,13 @@ pub enum point_conversion_form_t { POINT_CONVERSION_HYBRID = 6, } #[repr(C)] pub struct AES_KEY { // There is some business with AES_LONG which is there to ensure the values here are 32 bits rd_key: [u32; 4 * (AES_MAXNR as usize + 1)], rounds: c_int, } #[repr(C)] pub struct GENERAL_NAME { pub type_: c_int, Loading Loading @@ -114,6 +121,12 @@ pub type PasswordCallback = unsafe extern fn(buf: *mut c_char, size: c_int, rwflag: c_int, user_data: *mut c_void) -> c_int; pub const AES_ENCRYPT: c_int = 1; pub const AES_DECRYPT: c_int = 0; pub const AES_MAXNR: c_int = 14; pub const AES_BLOCK_SIZE: c_int = 16; pub const BIO_TYPE_NONE: c_int = 0; pub const BIO_CTRL_EOF: c_int = 2; Loading Loading @@ -1368,6 +1381,10 @@ pub fn ERR_GET_REASON(l: c_ulong) -> c_int { } extern { pub fn AES_set_encrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; pub fn AES_set_decrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; pub fn AES_ige_encrypt(in_: *const c_uchar, out: *mut c_uchar, length: size_t, key: *const AES_KEY, ivec: *mut c_uchar, enc: c_int); pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int; pub fn ASN1_GENERALIZEDTIME_free(tm: *mut ASN1_GENERALIZEDTIME); pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int; Loading
openssl/src/aes.rs 0 → 100644 +115 −0 Original line number Diff line number Diff line //! Low level AES functionality //! //! The `symm` module should be used in preference to this module in most cases. use ffi; use std::mem; use libc::c_int; use symm::Mode; #[derive(Debug)] pub struct KeyError(()); pub struct AesKey(ffi::AES_KEY); impl AesKey { /// Prepares a key for encryption. /// /// # Failure /// /// Returns an error if the key is not 128, 192, or 256 bits. pub fn new_encrypt(key: &[u8]) -> Result<AesKey, KeyError> { unsafe { assert!(key.len() <= c_int::max_value() as usize / 8); let mut aes_key = mem::uninitialized(); let r = ffi::AES_set_encrypt_key(key.as_ptr() as *const _, key.len() as c_int * 8, &mut aes_key); if r == 0 { Ok(AesKey(aes_key)) } else { Err(KeyError(())) } } } /// Prepares a key for decryption. /// /// # Failure /// /// Returns an error if the key is not 128, 192, or 256 bits. pub fn new_decrypt(key: &[u8]) -> Result<AesKey, KeyError> { unsafe { assert!(key.len() <= c_int::max_value() as usize / 8); let mut aes_key = mem::uninitialized(); let r = ffi::AES_set_decrypt_key(key.as_ptr() as *const _, key.len() as c_int * 8, &mut aes_key); if r == 0 { Ok(AesKey(aes_key)) } else { Err(KeyError(())) } } } } /// Performs AES IGE encryption or decryption /// /// # Panics /// /// Panics if `in_` is not the same length as `out`, if that length is not a multiple of 16, or if /// `iv` is not at least 32 bytes. pub fn aes_ige(in_: &[u8], out: &mut [u8], key: &AesKey, iv: &mut [u8], mode: Mode) { unsafe { assert!(in_.len() == out.len()); assert!(in_.len() % ffi::AES_BLOCK_SIZE as usize == 0); assert!(iv.len() >= ffi::AES_BLOCK_SIZE as usize * 2); let mode = match mode { Mode::Encrypt => ffi::AES_ENCRYPT, Mode::Decrypt => ffi::AES_DECRYPT, }; ffi::AES_ige_encrypt(in_.as_ptr() as *const _, out.as_mut_ptr() as *mut _, in_.len(), &key.0, iv.as_mut_ptr() as *mut _, mode); } } #[cfg(test)] mod test { use hex::FromHex; use symm::Mode; use super::*; // From https://www.mgp25.com/AESIGE/ #[test] fn ige_vector_1() { let raw_key = "000102030405060708090A0B0C0D0E0F"; let raw_iv = "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"; let raw_pt = "0000000000000000000000000000000000000000000000000000000000000000"; let raw_ct = "1A8519A6557BE652E9DA8E43DA4EF4453CF456B4CA488AA383C79C98B34797CB"; let key = AesKey::new_encrypt(&Vec::from_hex(raw_key).unwrap()).unwrap(); let mut iv = Vec::from_hex(raw_iv).unwrap(); let pt = Vec::from_hex(raw_pt).unwrap(); let ct = Vec::from_hex(raw_ct).unwrap(); let mut ct_actual = vec![0; ct.len()]; aes_ige(&pt, &mut ct_actual, &key, &mut iv, Mode::Encrypt); assert_eq!(ct_actual, ct); let key = AesKey::new_decrypt(&Vec::from_hex(raw_key).unwrap()).unwrap(); let mut iv = Vec::from_hex(raw_iv).unwrap(); let mut pt_actual = vec![0; pt.len()]; aes_ige(&ct, &mut pt_actual, &key, &mut iv, Mode::Decrypt); assert_eq!(pt_actual, pt); } }
openssl/src/lib.rs +1 −0 Original line number Diff line number Diff line Loading @@ -24,6 +24,7 @@ mod macros; mod bio; mod util; pub mod aes; pub mod asn1; pub mod bn; pub mod crypto; Loading
systest/build.rs +1 −0 Original line number Diff line number Diff line Loading @@ -47,6 +47,7 @@ fn main() { .header("openssl/rand.h") .header("openssl/pkcs12.h") .header("openssl/bn.h") .header("openssl/aes.h") .header("openssl/ocsp.h"); cfg.type_name(|s, is_struct| { // Add some `*` on some callback parameters to get function pointer to Loading
