Loading Makefile +3 −3 Original line number Diff line number Diff line crypto: crypto.rc $(wildcard *.rs) rustc crypto.rc rustc --test crypto.rc crypto: $(wildcard *.rs) rustc crypto.rs rustc --test crypto.rs clean: rm -f crypto libcrypto-*.so Loading crypto.rc→crypto.rs +1 −1 Original line number Diff line number Diff line Loading @@ -20,8 +20,8 @@ uuid = "38297409-b4c2-4499-8131-a99a7e44dad3")]; #[crate_type = "lib"]; pub mod hex; pub mod hash; pub mod hex; pub mod hmac; pub mod pkcs5; pub mod pkey; Loading hash.rs +52 −46 Original line number Diff line number Diff line use std::libc::c_uint; use std::{libc,vec,ptr}; use std::libc; use std::ptr; use std::vec; pub enum HashType { MD5, Loading @@ -16,10 +18,14 @@ pub type EVP_MD_CTX = *libc::c_void; #[allow(non_camel_case_types)] pub type EVP_MD = *libc::c_void; #[abi = "cdecl"] mod libcrypto { use super::*; use std::libc::c_uint; #[link_args = "-lcrypto"] extern { fn EVP_MD_CTX_create() -> EVP_MD_CTX; fn EVP_MD_CTX_destroy(ctx: EVP_MD_CTX); fn EVP_md5() -> EVP_MD; fn EVP_sha1() -> EVP_MD; Loading @@ -32,16 +38,17 @@ extern { fn EVP_DigestUpdate(ctx: EVP_MD_CTX, data: *u8, n: c_uint); fn EVP_DigestFinal(ctx: EVP_MD_CTX, res: *mut u8, n: *u32); } } pub fn evpmd(t: HashType) -> (EVP_MD, uint) { unsafe { match t { MD5 => (EVP_md5(), 16u), SHA1 => (EVP_sha1(), 20u), SHA224 => (EVP_sha224(), 28u), SHA256 => (EVP_sha256(), 32u), SHA384 => (EVP_sha384(), 48u), SHA512 => (EVP_sha512(), 64u), MD5 => (libcrypto::EVP_md5(), 16u), SHA1 => (libcrypto::EVP_sha1(), 20u), SHA224 => (libcrypto::EVP_sha224(), 28u), SHA256 => (libcrypto::EVP_sha256(), 32u), SHA384 => (libcrypto::EVP_sha384(), 48u), SHA512 => (libcrypto::EVP_sha512(), 64u), } } } Loading @@ -52,29 +59,22 @@ pub struct Hasher { priv len: uint, } pub fn Hasher(ht: HashType) -> Hasher { unsafe { let ctx = EVP_MD_CTX_create(); let (evp, mdlen) = evpmd(ht); let h = Hasher { evp: evp, ctx: ctx, len: mdlen }; h.init(); h } } impl Hasher { /// Initializes this hasher pub fn init(&self) { pub fn new(ht: HashType) -> Hasher { let ctx = unsafe { libcrypto::EVP_MD_CTX_create() }; let (evp, mdlen) = evpmd(ht); unsafe { EVP_DigestInit(self.ctx, self.evp); libcrypto::EVP_DigestInit(ctx, evp); } Hasher { evp: evp, ctx: ctx, len: mdlen } } /// Update this hasher with more input bytes pub fn update(&self, data: &[u8]) { unsafe { do data.as_imm_buf |pdata, len| { EVP_DigestUpdate(self.ctx, pdata, len as c_uint) unsafe { libcrypto::EVP_DigestUpdate(self.ctx, pdata, len as c_uint) } } } Loading @@ -84,14 +84,22 @@ impl Hasher { * initialization */ pub fn final(&self) -> ~[u8] { unsafe { let mut res = vec::from_elem(self.len, 0u8); do res.as_mut_buf |pres, _len| { EVP_DigestFinal(self.ctx, pres, ptr::null()); unsafe { libcrypto::EVP_DigestFinal(self.ctx, pres, ptr::null()); } } res } } impl Drop for Hasher { fn drop(&self) { unsafe { libcrypto::EVP_MD_CTX_destroy(self.ctx); } } } /** Loading @@ -99,7 +107,7 @@ impl Hasher { * value */ pub fn hash(t: HashType, data: &[u8]) -> ~[u8] { let h = Hasher(t); let h = Hasher::new(t); h.update(data); h.final() } Loading Loading @@ -135,7 +143,6 @@ mod tests { // Test vectors from http://www.nsrl.nist.gov/testdata/ #[test] fn test_md5() { let tests = [ HashTest(~"", ~"D41D8CD98F00B204E9800998ECF8427E"), HashTest(~"7F", ~"83ACB6E67E50E31DB6ED341DD2DE1595"), Loading @@ -158,7 +165,6 @@ mod tests { #[test] fn test_sha1() { let tests = [ HashTest(~"616263", ~"A9993E364706816ABA3E25717850C26C9CD0D89D"), ]; Loading pkcs5.rs +94 −73 Original line number Diff line number Diff line use std::libc::c_int; use std::vec; mod libcrypto { use std::libc::c_int; #[link_args = "-lcrypto"] #[abi = "cdecl"] extern { fn PKCS5_PBKDF2_HMAC_SHA1(pass: *u8, passlen: c_int, salt: *u8, saltlen: c_int, iter: c_int, keylen: c_int, out: *mut u8) -> c_int; } } #[doc = " Derives a key from a password and salt using the PBKDF2-HMAC-SHA1 algorithm. Loading @@ -23,16 +26,16 @@ pub fn pbkdf2_hmac_sha1(pass: &str, salt: &[u8], iter: uint, let mut out = vec::with_capacity(keylen); do out.as_mut_buf |out_buf, _out_len| { unsafe { let r = PKCS5_PBKDF2_HMAC_SHA1( let r = unsafe { libcrypto::PKCS5_PBKDF2_HMAC_SHA1( pass_buf, pass_len as c_int, salt_buf, salt_len as c_int, iter as c_int, keylen as c_int, out_buf); out_buf) }; if r != 1 as c_int { fail!(); } } } unsafe { vec::raw::set_len(&mut out, keylen); } Loading @@ -49,71 +52,89 @@ mod tests { // http://tools.ietf.org/html/draft-josefsson-pbkdf2-test-vectors-06 #[test] fn test_pbkdf2_hmac_sha1() { assert!(pbkdf2_hmac_sha1( assert_eq!( pbkdf2_hmac_sha1( "password", "salt".as_bytes(), 1u, 20u ) == ~[ ), ~[ 0x0c_u8, 0x60_u8, 0xc8_u8, 0x0f_u8, 0x96_u8, 0x1f_u8, 0x0e_u8, 0x71_u8, 0xf3_u8, 0xa9_u8, 0xb5_u8, 0x24_u8, 0xaf_u8, 0x60_u8, 0x12_u8, 0x06_u8, 0x2f_u8, 0xe0_u8, 0x37_u8, 0xa6_u8 ]); ] ); assert!(pbkdf2_hmac_sha1( assert_eq!( pbkdf2_hmac_sha1( "password", "salt".as_bytes(), 2u, 20u ) == ~[ ), ~[ 0xea_u8, 0x6c_u8, 0x01_u8, 0x4d_u8, 0xc7_u8, 0x2d_u8, 0x6f_u8, 0x8c_u8, 0xcd_u8, 0x1e_u8, 0xd9_u8, 0x2a_u8, 0xce_u8, 0x1d_u8, 0x41_u8, 0xf0_u8, 0xd8_u8, 0xde_u8, 0x89_u8, 0x57_u8 ]); ] ); assert!(pbkdf2_hmac_sha1( assert_eq!( pbkdf2_hmac_sha1( "password", "salt".as_bytes(), 4096u, 20u ) == ~[ ), ~[ 0x4b_u8, 0x00_u8, 0x79_u8, 0x01_u8, 0xb7_u8, 0x65_u8, 0x48_u8, 0x9a_u8, 0xbe_u8, 0xad_u8, 0x49_u8, 0xd9_u8, 0x26_u8, 0xf7_u8, 0x21_u8, 0xd0_u8, 0x65_u8, 0xa4_u8, 0x29_u8, 0xc1_u8 ]); ] ); assert!(pbkdf2_hmac_sha1( assert_eq!( pbkdf2_hmac_sha1( "password", "salt".as_bytes(), 16777216u, 20u ) == ~[ ), ~[ 0xee_u8, 0xfe_u8, 0x3d_u8, 0x61_u8, 0xcd_u8, 0x4d_u8, 0xa4_u8, 0xe4_u8, 0xe9_u8, 0x94_u8, 0x5b_u8, 0x3d_u8, 0x6b_u8, 0xa2_u8, 0x15_u8, 0x8c_u8, 0x26_u8, 0x34_u8, 0xe9_u8, 0x84_u8 ]); ] ); assert!(pbkdf2_hmac_sha1( assert_eq!( pbkdf2_hmac_sha1( "passwordPASSWORDpassword", "saltSALTsaltSALTsaltSALTsaltSALTsalt".as_bytes(), 4096u, 25u ) == ~[ ), ~[ 0x3d_u8, 0x2e_u8, 0xec_u8, 0x4f_u8, 0xe4_u8, 0x1c_u8, 0x84_u8, 0x9b_u8, 0x80_u8, 0xc8_u8, 0xd8_u8, 0x36_u8, 0x62_u8, 0xc0_u8, 0xe4_u8, 0x4a_u8, 0x8b_u8, 0x29_u8, 0x1a_u8, 0x96_u8, 0x4c_u8, 0xf2_u8, 0xf0_u8, 0x70_u8, 0x38_u8 ]); ] ); assert!(pbkdf2_hmac_sha1( assert_eq!( pbkdf2_hmac_sha1( "pass\x00word", "sa\x00lt".as_bytes(), 4096u, 16u ) == ~[ ), ~[ 0x56_u8, 0xfa_u8, 0x6a_u8, 0xa7_u8, 0x55_u8, 0x48_u8, 0x09_u8, 0x9d_u8, 0xcc_u8, 0x37_u8, 0xd7_u8, 0xf0_u8, 0x34_u8, 0x25_u8, 0xe0_u8, 0xc3_u8 ]); ] ); } } pkey.rs +111 −115 Original line number Diff line number Diff line use std::cast; use std::libc::{c_int, c_uint}; use std::{libc,cast,ptr,vec}; use std::libc; use std::ptr; use std::vec; use hash::{HashType, MD5, SHA1, SHA224, SHA256, SHA384, SHA512}; #[allow(non_camel_case_types)] type EVP_PKEY = *libc::c_void; pub type EVP_PKEY = *libc::c_void; #[allow(non_camel_case_types)] type ANYKEY = *libc::c_void; pub type RSA = *libc::c_void; #[allow(non_camel_case_types)] type RSA = *libc::c_void; mod libcrypto { use super::*; use std::libc::{c_char, c_int, c_uint}; #[link_args = "-lcrypto"] #[abi = "cdecl"] extern { fn EVP_PKEY_new() -> *EVP_PKEY; fn EVP_PKEY_free(k: *EVP_PKEY); fn EVP_PKEY_assign(k: *EVP_PKEY, t: c_int, inner: *ANYKEY); fn EVP_PKEY_assign(pkey: *EVP_PKEY, typ: c_int, key: *c_char) -> c_int; fn EVP_PKEY_get1_RSA(k: *EVP_PKEY) -> *RSA; fn i2d_PublicKey(k: *EVP_PKEY, buf: &*mut u8) -> c_int; fn d2i_PublicKey(t: c_int, k: &*EVP_PKEY, buf: &*u8, len: c_uint) -> *EVP_PKEY; fn i2d_PrivateKey(k: *EVP_PKEY, buf: &*mut u8) -> c_int; fn d2i_PrivateKey(t: c_int, k: &*EVP_PKEY, buf: &*u8, len: c_uint) -> *EVP_PKEY; fn i2d_PublicKey(k: *EVP_PKEY, buf: **mut u8) -> c_int; fn d2i_PublicKey(t: c_int, k: **EVP_PKEY, buf: **u8, len: c_uint) -> *EVP_PKEY; fn i2d_PrivateKey(k: *EVP_PKEY, buf: **mut u8) -> c_int; fn d2i_PrivateKey(t: c_int, k: **EVP_PKEY, buf: **u8, len: c_uint) -> *EVP_PKEY; fn RSA_generate_key(modsz: c_uint, e: c_uint, cb: *u8, cbarg: *u8) -> *RSA; fn RSA_size(k: *RSA) -> c_uint; Loading @@ -31,11 +34,12 @@ extern { pad: c_int) -> c_int; fn RSA_private_decrypt(flen: c_uint, from: *u8, to: *mut u8, k: *RSA, pad: c_int) -> c_int; fn RSA_sign(t: c_int, m: *u8, mlen: c_uint, sig: *mut u8, siglen: *c_uint, fn RSA_sign(t: c_int, m: *u8, mlen: c_uint, sig: *mut u8, siglen: *mut c_uint, k: *RSA) -> c_int; fn RSA_verify(t: c_int, m: *u8, mlen: c_uint, sig: *u8, siglen: c_uint, k: *RSA) -> c_int; } } enum Parts { Neither, Loading Loading @@ -75,70 +79,60 @@ fn openssl_hash_nid(hash: HashType) -> c_int { } } fn rsa_to_any(rsa: *RSA) -> *ANYKEY { unsafe { cast::transmute_copy(&rsa) } } fn any_to_rsa(anykey: *ANYKEY) -> *RSA { unsafe { cast::transmute_copy(&anykey) } } pub struct PKey { priv evp: *EVP_PKEY, priv parts: Parts, } pub fn PKey() -> PKey { unsafe { PKey { evp: EVP_PKEY_new(), parts: Neither } ///Represents a public key, optionally with a private key attached. impl PKey { pub fn new() -> PKey { PKey { evp: unsafe { libcrypto::EVP_PKEY_new() }, parts: Neither, } } ///Represents a public key, optionally with a private key attached. impl PKey { unsafe fn _tostr(&self, f: extern "C" unsafe fn(*EVP_PKEY, &*mut u8) -> c_int) -> ~[u8] { let buf = ptr::mut_null(); let len = f(self.evp, &buf); fn _tostr(&self, f: extern "C" unsafe fn(*EVP_PKEY, **mut u8) -> c_int) -> ~[u8] { unsafe { let len = f(self.evp, ptr::null()); if len < 0 as c_int { return ~[]; } let mut s = vec::from_elem(len as uint, 0u8); let r = do s.as_mut_buf |ps, _len| { f(self.evp, &ps) let r = do s.as_mut_buf |buf, _| { f(self.evp, &buf) }; s.slice(0u, r as uint).to_owned() s.truncate(r as uint); s } } unsafe fn _fromstr( &mut self, s: &[u8], f: extern "C" unsafe fn(c_int, &*EVP_PKEY, &*u8, c_uint) -> *EVP_PKEY ) { fn _fromstr(&mut self, s: &[u8], f: extern "C" unsafe fn(c_int, **EVP_PKEY, **u8, c_uint) -> *EVP_PKEY) { do s.as_imm_buf |ps, len| { let evp = ptr::null(); unsafe { f(6 as c_int, &evp, &ps, len as c_uint); self.evp = evp; } self.evp = evp; } } impl PKey { pub fn gen(&mut self, keysz: uint) { unsafe { let rsa = RSA_generate_key( let rsa = libcrypto::RSA_generate_key( keysz as c_uint, 65537u as c_uint, ptr::null(), ptr::null() ); let rsa_ = rsa_to_any(rsa); // XXX: 6 == NID_rsaEncryption EVP_PKEY_assign(self.evp, 6 as c_int, rsa_); libcrypto::EVP_PKEY_assign( self.evp, 6 as c_int, cast::transmute(rsa)); self.parts = Both; } } Loading @@ -147,47 +141,39 @@ impl PKey { * Returns a serialized form of the public key, suitable for load_pub(). */ pub fn save_pub(&self) -> ~[u8] { unsafe { self._tostr(i2d_PublicKey) } self._tostr(libcrypto::i2d_PublicKey) } /** * Loads a serialized form of the public key, as produced by save_pub(). */ pub fn load_pub(&mut self, s: &[u8]) { unsafe { self._fromstr(s, d2i_PublicKey); self._fromstr(s, libcrypto::d2i_PublicKey); self.parts = Public; } } /** * Returns a serialized form of the public and private keys, suitable for * load_priv(). */ pub fn save_priv(&self, ) -> ~[u8] { unsafe { self._tostr(i2d_PrivateKey) } pub fn save_priv(&self) -> ~[u8] { self._tostr(libcrypto::i2d_PrivateKey) } /** * Loads a serialized form of the public and private keys, as produced by * save_priv(). */ pub fn load_priv(&mut self, s: &[u8]) { unsafe { self._fromstr(s, d2i_PrivateKey); self._fromstr(s, libcrypto::d2i_PrivateKey); self.parts = Both; } } /** * Returns the size of the public key modulus. */ pub fn size(&self) -> uint { unsafe { RSA_size(EVP_PKEY_get1_RSA(self.evp)) as uint libcrypto::RSA_size(libcrypto::EVP_PKEY_get1_RSA(self.evp)) as uint } } Loading Loading @@ -225,8 +211,8 @@ impl PKey { */ pub fn max_data(&self) -> uint { unsafe { let rsa = EVP_PKEY_get1_RSA(self.evp); let len = RSA_size(rsa); let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); // 41 comes from RSA_public_encrypt(3) for OAEP len as uint - 41u Loading @@ -235,8 +221,8 @@ impl PKey { pub fn encrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> ~[u8] { unsafe { let rsa = EVP_PKEY_get1_RSA(self.evp); let len = RSA_size(rsa); let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); assert!(s.len() < self.max_data()); Loading @@ -244,7 +230,7 @@ impl PKey { let rv = do r.as_mut_buf |pr, _len| { do s.as_imm_buf |ps, s_len| { RSA_public_encrypt( libcrypto::RSA_public_encrypt( s_len as c_uint, ps, pr, Loading @@ -256,23 +242,24 @@ impl PKey { if rv < 0 as c_int { ~[] } else { r.slice(0u, rv as uint).to_owned() r.truncate(rv as uint); r } } } pub fn decrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> ~[u8] { unsafe { let rsa = EVP_PKEY_get1_RSA(self.evp); let len = RSA_size(rsa); let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); assert!(s.len() as c_uint == RSA_size(rsa)); assert_eq!(s.len() as c_uint, libcrypto::RSA_size(rsa)); let mut r = vec::from_elem(len as uint + 1u, 0u8); let rv = do r.as_mut_buf |pr, _len| { do s.as_imm_buf |ps, s_len| { RSA_private_decrypt( libcrypto::RSA_private_decrypt( s_len as c_uint, ps, pr, Loading @@ -285,7 +272,8 @@ impl PKey { if rv < 0 as c_int { ~[] } else { r.slice(0u, rv as uint).to_owned() r.truncate(rv as uint); r } } } Loading Loading @@ -315,18 +303,18 @@ impl PKey { pub fn sign_with_hash(&self, s: &[u8], hash: HashType) -> ~[u8] { unsafe { let rsa = EVP_PKEY_get1_RSA(self.evp); let len = RSA_size(rsa); let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let mut len = libcrypto::RSA_size(rsa); let mut r = vec::from_elem(len as uint + 1u, 0u8); let rv = do r.as_mut_buf |pr, _len| { do s.as_imm_buf |ps, s_len| { RSA_sign( libcrypto::RSA_sign( openssl_hash_nid(hash), ps, s_len as c_uint, pr, &len, &mut len, rsa) } }; Loading @@ -334,18 +322,19 @@ impl PKey { if rv < 0 as c_int { ~[] } else { r.slice(0u, len as uint).to_owned() r.truncate(len as uint); r } } } pub fn verify_with_hash(&self, m: &[u8], s: &[u8], hash: HashType) -> bool { unsafe { let rsa = EVP_PKEY_get1_RSA(self.evp); let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); do m.as_imm_buf |pm, m_len| { do s.as_imm_buf |ps, s_len| { let rv = RSA_verify( let rv = libcrypto::RSA_verify( openssl_hash_nid(hash), pm, m_len as c_uint, Loading @@ -361,6 +350,14 @@ impl PKey { } } impl Drop for PKey { fn drop(&self) { unsafe { libcrypto::EVP_PKEY_free(self.evp); } } } #[cfg(test)] mod tests { use super::*; Loading @@ -368,8 +365,8 @@ mod tests { #[test] fn test_gen_pub() { let mut k0 = PKey(); let mut k1 = PKey(); let mut k0 = PKey::new(); let mut k1 = PKey::new(); k0.gen(512u); k1.load_pub(k0.save_pub()); assert!(k0.save_pub() == k1.save_pub()); Loading @@ -386,8 +383,8 @@ mod tests { #[test] fn test_gen_priv() { let mut k0 = PKey(); let mut k1 = PKey(); let mut k0 = PKey::new(); let mut k1 = PKey::new(); k0.gen(512u); k1.load_priv(k0.save_priv()); assert!(k0.save_priv() == k1.save_priv()); Loading @@ -404,8 +401,8 @@ mod tests { #[test] fn test_encrypt() { let mut k0 = PKey(); let mut k1 = PKey(); let mut k0 = PKey::new(); let mut k1 = PKey::new(); let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); Loading @@ -416,8 +413,8 @@ mod tests { #[test] fn test_encrypt_pkcs() { let mut k0 = PKey(); let mut k1 = PKey(); let mut k0 = PKey::new(); let mut k1 = PKey::new(); let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); Loading @@ -428,8 +425,8 @@ mod tests { #[test] fn test_sign() { let mut k0 = PKey(); let mut k1 = PKey(); let mut k0 = PKey::new(); let mut k1 = PKey::new(); let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); Loading @@ -440,8 +437,8 @@ mod tests { #[test] fn test_sign_hashes() { let mut k0 = PKey(); let mut k1 = PKey(); let mut k0 = PKey::new(); let mut k1 = PKey::new(); let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); Loading @@ -451,5 +448,4 @@ mod tests { assert!(k1.verify_with_hash(msg, sig, MD5)); assert!(!k1.verify_with_hash(msg, sig, SHA1)); } } Loading
Makefile +3 −3 Original line number Diff line number Diff line crypto: crypto.rc $(wildcard *.rs) rustc crypto.rc rustc --test crypto.rc crypto: $(wildcard *.rs) rustc crypto.rs rustc --test crypto.rs clean: rm -f crypto libcrypto-*.so Loading
crypto.rc→crypto.rs +1 −1 Original line number Diff line number Diff line Loading @@ -20,8 +20,8 @@ uuid = "38297409-b4c2-4499-8131-a99a7e44dad3")]; #[crate_type = "lib"]; pub mod hex; pub mod hash; pub mod hex; pub mod hmac; pub mod pkcs5; pub mod pkey; Loading
hash.rs +52 −46 Original line number Diff line number Diff line use std::libc::c_uint; use std::{libc,vec,ptr}; use std::libc; use std::ptr; use std::vec; pub enum HashType { MD5, Loading @@ -16,10 +18,14 @@ pub type EVP_MD_CTX = *libc::c_void; #[allow(non_camel_case_types)] pub type EVP_MD = *libc::c_void; #[abi = "cdecl"] mod libcrypto { use super::*; use std::libc::c_uint; #[link_args = "-lcrypto"] extern { fn EVP_MD_CTX_create() -> EVP_MD_CTX; fn EVP_MD_CTX_destroy(ctx: EVP_MD_CTX); fn EVP_md5() -> EVP_MD; fn EVP_sha1() -> EVP_MD; Loading @@ -32,16 +38,17 @@ extern { fn EVP_DigestUpdate(ctx: EVP_MD_CTX, data: *u8, n: c_uint); fn EVP_DigestFinal(ctx: EVP_MD_CTX, res: *mut u8, n: *u32); } } pub fn evpmd(t: HashType) -> (EVP_MD, uint) { unsafe { match t { MD5 => (EVP_md5(), 16u), SHA1 => (EVP_sha1(), 20u), SHA224 => (EVP_sha224(), 28u), SHA256 => (EVP_sha256(), 32u), SHA384 => (EVP_sha384(), 48u), SHA512 => (EVP_sha512(), 64u), MD5 => (libcrypto::EVP_md5(), 16u), SHA1 => (libcrypto::EVP_sha1(), 20u), SHA224 => (libcrypto::EVP_sha224(), 28u), SHA256 => (libcrypto::EVP_sha256(), 32u), SHA384 => (libcrypto::EVP_sha384(), 48u), SHA512 => (libcrypto::EVP_sha512(), 64u), } } } Loading @@ -52,29 +59,22 @@ pub struct Hasher { priv len: uint, } pub fn Hasher(ht: HashType) -> Hasher { unsafe { let ctx = EVP_MD_CTX_create(); let (evp, mdlen) = evpmd(ht); let h = Hasher { evp: evp, ctx: ctx, len: mdlen }; h.init(); h } } impl Hasher { /// Initializes this hasher pub fn init(&self) { pub fn new(ht: HashType) -> Hasher { let ctx = unsafe { libcrypto::EVP_MD_CTX_create() }; let (evp, mdlen) = evpmd(ht); unsafe { EVP_DigestInit(self.ctx, self.evp); libcrypto::EVP_DigestInit(ctx, evp); } Hasher { evp: evp, ctx: ctx, len: mdlen } } /// Update this hasher with more input bytes pub fn update(&self, data: &[u8]) { unsafe { do data.as_imm_buf |pdata, len| { EVP_DigestUpdate(self.ctx, pdata, len as c_uint) unsafe { libcrypto::EVP_DigestUpdate(self.ctx, pdata, len as c_uint) } } } Loading @@ -84,14 +84,22 @@ impl Hasher { * initialization */ pub fn final(&self) -> ~[u8] { unsafe { let mut res = vec::from_elem(self.len, 0u8); do res.as_mut_buf |pres, _len| { EVP_DigestFinal(self.ctx, pres, ptr::null()); unsafe { libcrypto::EVP_DigestFinal(self.ctx, pres, ptr::null()); } } res } } impl Drop for Hasher { fn drop(&self) { unsafe { libcrypto::EVP_MD_CTX_destroy(self.ctx); } } } /** Loading @@ -99,7 +107,7 @@ impl Hasher { * value */ pub fn hash(t: HashType, data: &[u8]) -> ~[u8] { let h = Hasher(t); let h = Hasher::new(t); h.update(data); h.final() } Loading Loading @@ -135,7 +143,6 @@ mod tests { // Test vectors from http://www.nsrl.nist.gov/testdata/ #[test] fn test_md5() { let tests = [ HashTest(~"", ~"D41D8CD98F00B204E9800998ECF8427E"), HashTest(~"7F", ~"83ACB6E67E50E31DB6ED341DD2DE1595"), Loading @@ -158,7 +165,6 @@ mod tests { #[test] fn test_sha1() { let tests = [ HashTest(~"616263", ~"A9993E364706816ABA3E25717850C26C9CD0D89D"), ]; Loading
pkcs5.rs +94 −73 Original line number Diff line number Diff line use std::libc::c_int; use std::vec; mod libcrypto { use std::libc::c_int; #[link_args = "-lcrypto"] #[abi = "cdecl"] extern { fn PKCS5_PBKDF2_HMAC_SHA1(pass: *u8, passlen: c_int, salt: *u8, saltlen: c_int, iter: c_int, keylen: c_int, out: *mut u8) -> c_int; } } #[doc = " Derives a key from a password and salt using the PBKDF2-HMAC-SHA1 algorithm. Loading @@ -23,16 +26,16 @@ pub fn pbkdf2_hmac_sha1(pass: &str, salt: &[u8], iter: uint, let mut out = vec::with_capacity(keylen); do out.as_mut_buf |out_buf, _out_len| { unsafe { let r = PKCS5_PBKDF2_HMAC_SHA1( let r = unsafe { libcrypto::PKCS5_PBKDF2_HMAC_SHA1( pass_buf, pass_len as c_int, salt_buf, salt_len as c_int, iter as c_int, keylen as c_int, out_buf); out_buf) }; if r != 1 as c_int { fail!(); } } } unsafe { vec::raw::set_len(&mut out, keylen); } Loading @@ -49,71 +52,89 @@ mod tests { // http://tools.ietf.org/html/draft-josefsson-pbkdf2-test-vectors-06 #[test] fn test_pbkdf2_hmac_sha1() { assert!(pbkdf2_hmac_sha1( assert_eq!( pbkdf2_hmac_sha1( "password", "salt".as_bytes(), 1u, 20u ) == ~[ ), ~[ 0x0c_u8, 0x60_u8, 0xc8_u8, 0x0f_u8, 0x96_u8, 0x1f_u8, 0x0e_u8, 0x71_u8, 0xf3_u8, 0xa9_u8, 0xb5_u8, 0x24_u8, 0xaf_u8, 0x60_u8, 0x12_u8, 0x06_u8, 0x2f_u8, 0xe0_u8, 0x37_u8, 0xa6_u8 ]); ] ); assert!(pbkdf2_hmac_sha1( assert_eq!( pbkdf2_hmac_sha1( "password", "salt".as_bytes(), 2u, 20u ) == ~[ ), ~[ 0xea_u8, 0x6c_u8, 0x01_u8, 0x4d_u8, 0xc7_u8, 0x2d_u8, 0x6f_u8, 0x8c_u8, 0xcd_u8, 0x1e_u8, 0xd9_u8, 0x2a_u8, 0xce_u8, 0x1d_u8, 0x41_u8, 0xf0_u8, 0xd8_u8, 0xde_u8, 0x89_u8, 0x57_u8 ]); ] ); assert!(pbkdf2_hmac_sha1( assert_eq!( pbkdf2_hmac_sha1( "password", "salt".as_bytes(), 4096u, 20u ) == ~[ ), ~[ 0x4b_u8, 0x00_u8, 0x79_u8, 0x01_u8, 0xb7_u8, 0x65_u8, 0x48_u8, 0x9a_u8, 0xbe_u8, 0xad_u8, 0x49_u8, 0xd9_u8, 0x26_u8, 0xf7_u8, 0x21_u8, 0xd0_u8, 0x65_u8, 0xa4_u8, 0x29_u8, 0xc1_u8 ]); ] ); assert!(pbkdf2_hmac_sha1( assert_eq!( pbkdf2_hmac_sha1( "password", "salt".as_bytes(), 16777216u, 20u ) == ~[ ), ~[ 0xee_u8, 0xfe_u8, 0x3d_u8, 0x61_u8, 0xcd_u8, 0x4d_u8, 0xa4_u8, 0xe4_u8, 0xe9_u8, 0x94_u8, 0x5b_u8, 0x3d_u8, 0x6b_u8, 0xa2_u8, 0x15_u8, 0x8c_u8, 0x26_u8, 0x34_u8, 0xe9_u8, 0x84_u8 ]); ] ); assert!(pbkdf2_hmac_sha1( assert_eq!( pbkdf2_hmac_sha1( "passwordPASSWORDpassword", "saltSALTsaltSALTsaltSALTsaltSALTsalt".as_bytes(), 4096u, 25u ) == ~[ ), ~[ 0x3d_u8, 0x2e_u8, 0xec_u8, 0x4f_u8, 0xe4_u8, 0x1c_u8, 0x84_u8, 0x9b_u8, 0x80_u8, 0xc8_u8, 0xd8_u8, 0x36_u8, 0x62_u8, 0xc0_u8, 0xe4_u8, 0x4a_u8, 0x8b_u8, 0x29_u8, 0x1a_u8, 0x96_u8, 0x4c_u8, 0xf2_u8, 0xf0_u8, 0x70_u8, 0x38_u8 ]); ] ); assert!(pbkdf2_hmac_sha1( assert_eq!( pbkdf2_hmac_sha1( "pass\x00word", "sa\x00lt".as_bytes(), 4096u, 16u ) == ~[ ), ~[ 0x56_u8, 0xfa_u8, 0x6a_u8, 0xa7_u8, 0x55_u8, 0x48_u8, 0x09_u8, 0x9d_u8, 0xcc_u8, 0x37_u8, 0xd7_u8, 0xf0_u8, 0x34_u8, 0x25_u8, 0xe0_u8, 0xc3_u8 ]); ] ); } }
pkey.rs +111 −115 Original line number Diff line number Diff line use std::cast; use std::libc::{c_int, c_uint}; use std::{libc,cast,ptr,vec}; use std::libc; use std::ptr; use std::vec; use hash::{HashType, MD5, SHA1, SHA224, SHA256, SHA384, SHA512}; #[allow(non_camel_case_types)] type EVP_PKEY = *libc::c_void; pub type EVP_PKEY = *libc::c_void; #[allow(non_camel_case_types)] type ANYKEY = *libc::c_void; pub type RSA = *libc::c_void; #[allow(non_camel_case_types)] type RSA = *libc::c_void; mod libcrypto { use super::*; use std::libc::{c_char, c_int, c_uint}; #[link_args = "-lcrypto"] #[abi = "cdecl"] extern { fn EVP_PKEY_new() -> *EVP_PKEY; fn EVP_PKEY_free(k: *EVP_PKEY); fn EVP_PKEY_assign(k: *EVP_PKEY, t: c_int, inner: *ANYKEY); fn EVP_PKEY_assign(pkey: *EVP_PKEY, typ: c_int, key: *c_char) -> c_int; fn EVP_PKEY_get1_RSA(k: *EVP_PKEY) -> *RSA; fn i2d_PublicKey(k: *EVP_PKEY, buf: &*mut u8) -> c_int; fn d2i_PublicKey(t: c_int, k: &*EVP_PKEY, buf: &*u8, len: c_uint) -> *EVP_PKEY; fn i2d_PrivateKey(k: *EVP_PKEY, buf: &*mut u8) -> c_int; fn d2i_PrivateKey(t: c_int, k: &*EVP_PKEY, buf: &*u8, len: c_uint) -> *EVP_PKEY; fn i2d_PublicKey(k: *EVP_PKEY, buf: **mut u8) -> c_int; fn d2i_PublicKey(t: c_int, k: **EVP_PKEY, buf: **u8, len: c_uint) -> *EVP_PKEY; fn i2d_PrivateKey(k: *EVP_PKEY, buf: **mut u8) -> c_int; fn d2i_PrivateKey(t: c_int, k: **EVP_PKEY, buf: **u8, len: c_uint) -> *EVP_PKEY; fn RSA_generate_key(modsz: c_uint, e: c_uint, cb: *u8, cbarg: *u8) -> *RSA; fn RSA_size(k: *RSA) -> c_uint; Loading @@ -31,11 +34,12 @@ extern { pad: c_int) -> c_int; fn RSA_private_decrypt(flen: c_uint, from: *u8, to: *mut u8, k: *RSA, pad: c_int) -> c_int; fn RSA_sign(t: c_int, m: *u8, mlen: c_uint, sig: *mut u8, siglen: *c_uint, fn RSA_sign(t: c_int, m: *u8, mlen: c_uint, sig: *mut u8, siglen: *mut c_uint, k: *RSA) -> c_int; fn RSA_verify(t: c_int, m: *u8, mlen: c_uint, sig: *u8, siglen: c_uint, k: *RSA) -> c_int; } } enum Parts { Neither, Loading Loading @@ -75,70 +79,60 @@ fn openssl_hash_nid(hash: HashType) -> c_int { } } fn rsa_to_any(rsa: *RSA) -> *ANYKEY { unsafe { cast::transmute_copy(&rsa) } } fn any_to_rsa(anykey: *ANYKEY) -> *RSA { unsafe { cast::transmute_copy(&anykey) } } pub struct PKey { priv evp: *EVP_PKEY, priv parts: Parts, } pub fn PKey() -> PKey { unsafe { PKey { evp: EVP_PKEY_new(), parts: Neither } ///Represents a public key, optionally with a private key attached. impl PKey { pub fn new() -> PKey { PKey { evp: unsafe { libcrypto::EVP_PKEY_new() }, parts: Neither, } } ///Represents a public key, optionally with a private key attached. impl PKey { unsafe fn _tostr(&self, f: extern "C" unsafe fn(*EVP_PKEY, &*mut u8) -> c_int) -> ~[u8] { let buf = ptr::mut_null(); let len = f(self.evp, &buf); fn _tostr(&self, f: extern "C" unsafe fn(*EVP_PKEY, **mut u8) -> c_int) -> ~[u8] { unsafe { let len = f(self.evp, ptr::null()); if len < 0 as c_int { return ~[]; } let mut s = vec::from_elem(len as uint, 0u8); let r = do s.as_mut_buf |ps, _len| { f(self.evp, &ps) let r = do s.as_mut_buf |buf, _| { f(self.evp, &buf) }; s.slice(0u, r as uint).to_owned() s.truncate(r as uint); s } } unsafe fn _fromstr( &mut self, s: &[u8], f: extern "C" unsafe fn(c_int, &*EVP_PKEY, &*u8, c_uint) -> *EVP_PKEY ) { fn _fromstr(&mut self, s: &[u8], f: extern "C" unsafe fn(c_int, **EVP_PKEY, **u8, c_uint) -> *EVP_PKEY) { do s.as_imm_buf |ps, len| { let evp = ptr::null(); unsafe { f(6 as c_int, &evp, &ps, len as c_uint); self.evp = evp; } self.evp = evp; } } impl PKey { pub fn gen(&mut self, keysz: uint) { unsafe { let rsa = RSA_generate_key( let rsa = libcrypto::RSA_generate_key( keysz as c_uint, 65537u as c_uint, ptr::null(), ptr::null() ); let rsa_ = rsa_to_any(rsa); // XXX: 6 == NID_rsaEncryption EVP_PKEY_assign(self.evp, 6 as c_int, rsa_); libcrypto::EVP_PKEY_assign( self.evp, 6 as c_int, cast::transmute(rsa)); self.parts = Both; } } Loading @@ -147,47 +141,39 @@ impl PKey { * Returns a serialized form of the public key, suitable for load_pub(). */ pub fn save_pub(&self) -> ~[u8] { unsafe { self._tostr(i2d_PublicKey) } self._tostr(libcrypto::i2d_PublicKey) } /** * Loads a serialized form of the public key, as produced by save_pub(). */ pub fn load_pub(&mut self, s: &[u8]) { unsafe { self._fromstr(s, d2i_PublicKey); self._fromstr(s, libcrypto::d2i_PublicKey); self.parts = Public; } } /** * Returns a serialized form of the public and private keys, suitable for * load_priv(). */ pub fn save_priv(&self, ) -> ~[u8] { unsafe { self._tostr(i2d_PrivateKey) } pub fn save_priv(&self) -> ~[u8] { self._tostr(libcrypto::i2d_PrivateKey) } /** * Loads a serialized form of the public and private keys, as produced by * save_priv(). */ pub fn load_priv(&mut self, s: &[u8]) { unsafe { self._fromstr(s, d2i_PrivateKey); self._fromstr(s, libcrypto::d2i_PrivateKey); self.parts = Both; } } /** * Returns the size of the public key modulus. */ pub fn size(&self) -> uint { unsafe { RSA_size(EVP_PKEY_get1_RSA(self.evp)) as uint libcrypto::RSA_size(libcrypto::EVP_PKEY_get1_RSA(self.evp)) as uint } } Loading Loading @@ -225,8 +211,8 @@ impl PKey { */ pub fn max_data(&self) -> uint { unsafe { let rsa = EVP_PKEY_get1_RSA(self.evp); let len = RSA_size(rsa); let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); // 41 comes from RSA_public_encrypt(3) for OAEP len as uint - 41u Loading @@ -235,8 +221,8 @@ impl PKey { pub fn encrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> ~[u8] { unsafe { let rsa = EVP_PKEY_get1_RSA(self.evp); let len = RSA_size(rsa); let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); assert!(s.len() < self.max_data()); Loading @@ -244,7 +230,7 @@ impl PKey { let rv = do r.as_mut_buf |pr, _len| { do s.as_imm_buf |ps, s_len| { RSA_public_encrypt( libcrypto::RSA_public_encrypt( s_len as c_uint, ps, pr, Loading @@ -256,23 +242,24 @@ impl PKey { if rv < 0 as c_int { ~[] } else { r.slice(0u, rv as uint).to_owned() r.truncate(rv as uint); r } } } pub fn decrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> ~[u8] { unsafe { let rsa = EVP_PKEY_get1_RSA(self.evp); let len = RSA_size(rsa); let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); assert!(s.len() as c_uint == RSA_size(rsa)); assert_eq!(s.len() as c_uint, libcrypto::RSA_size(rsa)); let mut r = vec::from_elem(len as uint + 1u, 0u8); let rv = do r.as_mut_buf |pr, _len| { do s.as_imm_buf |ps, s_len| { RSA_private_decrypt( libcrypto::RSA_private_decrypt( s_len as c_uint, ps, pr, Loading @@ -285,7 +272,8 @@ impl PKey { if rv < 0 as c_int { ~[] } else { r.slice(0u, rv as uint).to_owned() r.truncate(rv as uint); r } } } Loading Loading @@ -315,18 +303,18 @@ impl PKey { pub fn sign_with_hash(&self, s: &[u8], hash: HashType) -> ~[u8] { unsafe { let rsa = EVP_PKEY_get1_RSA(self.evp); let len = RSA_size(rsa); let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let mut len = libcrypto::RSA_size(rsa); let mut r = vec::from_elem(len as uint + 1u, 0u8); let rv = do r.as_mut_buf |pr, _len| { do s.as_imm_buf |ps, s_len| { RSA_sign( libcrypto::RSA_sign( openssl_hash_nid(hash), ps, s_len as c_uint, pr, &len, &mut len, rsa) } }; Loading @@ -334,18 +322,19 @@ impl PKey { if rv < 0 as c_int { ~[] } else { r.slice(0u, len as uint).to_owned() r.truncate(len as uint); r } } } pub fn verify_with_hash(&self, m: &[u8], s: &[u8], hash: HashType) -> bool { unsafe { let rsa = EVP_PKEY_get1_RSA(self.evp); let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); do m.as_imm_buf |pm, m_len| { do s.as_imm_buf |ps, s_len| { let rv = RSA_verify( let rv = libcrypto::RSA_verify( openssl_hash_nid(hash), pm, m_len as c_uint, Loading @@ -361,6 +350,14 @@ impl PKey { } } impl Drop for PKey { fn drop(&self) { unsafe { libcrypto::EVP_PKEY_free(self.evp); } } } #[cfg(test)] mod tests { use super::*; Loading @@ -368,8 +365,8 @@ mod tests { #[test] fn test_gen_pub() { let mut k0 = PKey(); let mut k1 = PKey(); let mut k0 = PKey::new(); let mut k1 = PKey::new(); k0.gen(512u); k1.load_pub(k0.save_pub()); assert!(k0.save_pub() == k1.save_pub()); Loading @@ -386,8 +383,8 @@ mod tests { #[test] fn test_gen_priv() { let mut k0 = PKey(); let mut k1 = PKey(); let mut k0 = PKey::new(); let mut k1 = PKey::new(); k0.gen(512u); k1.load_priv(k0.save_priv()); assert!(k0.save_priv() == k1.save_priv()); Loading @@ -404,8 +401,8 @@ mod tests { #[test] fn test_encrypt() { let mut k0 = PKey(); let mut k1 = PKey(); let mut k0 = PKey::new(); let mut k1 = PKey::new(); let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); Loading @@ -416,8 +413,8 @@ mod tests { #[test] fn test_encrypt_pkcs() { let mut k0 = PKey(); let mut k1 = PKey(); let mut k0 = PKey::new(); let mut k1 = PKey::new(); let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); Loading @@ -428,8 +425,8 @@ mod tests { #[test] fn test_sign() { let mut k0 = PKey(); let mut k1 = PKey(); let mut k0 = PKey::new(); let mut k1 = PKey::new(); let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); Loading @@ -440,8 +437,8 @@ mod tests { #[test] fn test_sign_hashes() { let mut k0 = PKey(); let mut k1 = PKey(); let mut k0 = PKey::new(); let mut k1 = PKey::new(); let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); Loading @@ -451,5 +448,4 @@ mod tests { assert!(k1.verify_with_hash(msg, sig, MD5)); assert!(!k1.verify_with_hash(msg, sig, SHA1)); } }
