diff options
| author | Steven Fackler <[email protected]> | 2018-02-21 23:03:33 -0800 |
|---|---|---|
| committer | GitHub <[email protected]> | 2018-02-21 23:03:33 -0800 |
| commit | 950c39c2e60674cf5ac4a376385be4a9d69daf7c (patch) | |
| tree | 40f6fb8b520006c102ddc5cd0fe854228ec3569b /openssl/src | |
| parent | Merge pull request #846 from sfackler/client-cipher-update (diff) | |
| parent | Added example/test in symm.rs for encrypting a private key with a symmetric c... (diff) | |
| download | rust-openssl-950c39c2e60674cf5ac4a376385be4a9d69daf7c.tar.xz rust-openssl-950c39c2e60674cf5ac4a376385be4a9d69daf7c.zip | |
Merge pull request #840 from olehermanse/master
Add des_ede3_cbc cipher and more tests/examples
Diffstat (limited to 'openssl/src')
| -rw-r--r-- | openssl/src/rsa.rs | 48 | ||||
| -rw-r--r-- | openssl/src/symm.rs | 45 |
2 files changed, 92 insertions, 1 deletions
diff --git a/openssl/src/rsa.rs b/openssl/src/rsa.rs index dfa56d70..02240948 100644 --- a/openssl/src/rsa.rs +++ b/openssl/src/rsa.rs @@ -754,9 +754,55 @@ mod test { #[test] #[should_panic] - fn test_public_key_from_pem_pkcs1_panic() { + fn test_public_key_from_pem_pkcs1_file_panic() { let key = include_bytes!("../test/key.pem.pub"); Rsa::public_key_from_pem_pkcs1(key).unwrap(); } + #[test] + fn test_public_key_to_pem_pkcs1() { + let keypair = super::Rsa::generate(512).unwrap(); + let pubkey_pem = keypair.public_key_to_pem_pkcs1().unwrap(); + super::Rsa::public_key_from_pem_pkcs1(&pubkey_pem).unwrap(); + } + + #[test] + #[should_panic] + fn test_public_key_from_pem_pkcs1_generate_panic() { + let keypair = super::Rsa::generate(512).unwrap(); + let pubkey_pem = keypair.public_key_to_pem().unwrap(); + super::Rsa::public_key_from_pem_pkcs1(&pubkey_pem).unwrap(); + } + + #[test] + fn test_pem_pkcs1_encrypt() { + let keypair = super::Rsa::generate(2048).unwrap(); + let pubkey_pem = keypair.public_key_to_pem_pkcs1().unwrap(); + let pubkey = super::Rsa::public_key_from_pem_pkcs1(&pubkey_pem).unwrap(); + let msg = "Hello, world!".as_bytes(); + + let mut encrypted = vec![0; pubkey.size() as usize]; + let len = pubkey.public_encrypt(&msg, &mut encrypted, Padding::PKCS1).unwrap(); + assert!(len > msg.len()); + let mut decrypted = vec![0; keypair.size() as usize]; + let len = keypair.private_decrypt(&encrypted, &mut decrypted, Padding::PKCS1).unwrap(); + assert_eq!(len, msg.len()); + assert_eq!("Hello, world!", String::from_utf8_lossy(&decrypted[..len])); + } + + #[test] + fn test_pem_pkcs1_padding() { + let keypair = super::Rsa::generate(512).unwrap(); + let pubkey_pem = keypair.public_key_to_pem_pkcs1().unwrap(); + let pubkey = super::Rsa::public_key_from_pem_pkcs1(&pubkey_pem).unwrap(); + let msg = "foo".as_bytes(); + + let mut encrypted1 = vec![0; pubkey.size() as usize]; + let mut encrypted2 = vec![0; pubkey.size() as usize]; + let len1 = pubkey.public_encrypt(&msg, &mut encrypted1, Padding::PKCS1).unwrap(); + let len2 = pubkey.public_encrypt(&msg, &mut encrypted2, Padding::PKCS1).unwrap(); + assert!(len1 > (msg.len() + 1)); + assert_eq!(len1, len2); + assert_ne!(encrypted1, encrypted2); + } } diff --git a/openssl/src/symm.rs b/openssl/src/symm.rs index e6fcdbd9..630f4ab6 100644 --- a/openssl/src/symm.rs +++ b/openssl/src/symm.rs @@ -22,6 +22,36 @@ //! \xFB\x3C\x5E\xC4\x59\x72\x4A\xF4\x7C\xA1", //! &ciphertext[..]); //! ``` +//! +//! Encrypting an assymetric key with a symmetric cipher +//! +//! ``` +//! use openssl::rsa::{Padding, Rsa}; +//! use openssl::symm::Cipher; +//! +//! // Generate keypair and encrypt private key: +//! let keypair = Rsa::generate(2048).unwrap(); +//! let cipher = Cipher::aes_256_cbc(); +//! let pubkey_pem = keypair.public_key_to_pem_pkcs1().unwrap(); +//! let privkey_pem = keypair.private_key_to_pem_passphrase(cipher, b"Rust").unwrap(); +//! // pubkey_pem and privkey_pem could be written to file here. +//! +//! // Load private and public key from string: +//! let pubkey = Rsa::public_key_from_pem_pkcs1(&pubkey_pem).unwrap(); +//! let privkey = Rsa::private_key_from_pem_passphrase(&privkey_pem, b"Rust").unwrap(); +//! +//! // Use the asymmetric keys to encrypt and decrypt a short message: +//! let msg = b"Foo bar"; +//! let mut encrypted = vec![0; pubkey.size() as usize]; +//! let mut decrypted = vec![0; privkey.size() as usize]; +//! let len = pubkey.public_encrypt(msg, &mut encrypted, Padding::PKCS1).unwrap(); +//! assert!(len > msg.len()); +//! let len = privkey.private_decrypt(&encrypted, &mut decrypted, Padding::PKCS1).unwrap(); +//! let output_string = String::from_utf8(decrypted[..len].to_vec()).unwrap(); +//! assert_eq!("Foo bar", output_string); +//! println!("Decrypted: '{}'", output_string); +//! ``` + use std::cmp; use std::ptr; use libc::c_int; @@ -137,6 +167,10 @@ impl Cipher { unsafe { Cipher(ffi::EVP_des_ede3()) } } + pub fn des_ede3_cbc() -> Cipher { + unsafe { Cipher(ffi::EVP_des_ede3_cbc()) } + } + pub fn rc4() -> Cipher { unsafe { Cipher(ffi::EVP_rc4()) } } @@ -928,6 +962,17 @@ mod tests { } #[test] + fn test_des_ede3_cbc() { + + let pt = "54686973206973206120746573742e"; + let ct = "6f2867cfefda048a4046ef7e556c7132"; + let key = "7cb66337f3d3c0fe7cb66337f3d3c0fe7cb66337f3d3c0fe"; + let iv = "0001020304050607"; + + cipher_test(super::Cipher::des_ede3_cbc(), pt, ct, key, iv); + } + + #[test] fn test_aes128_gcm() { let key = "0e00c76561d2bd9b40c3c15427e2b08f"; let iv = "492cadaccd3ca3fbc9cf9f06eb3325c4e159850b0dbe98199b89b7af528806610b6f63998e1eae80c348e7\ |