diff options
| author | Erick Tryzelaar <[email protected]> | 2013-12-27 22:02:38 -0500 |
|---|---|---|
| committer | Erick Tryzelaar <[email protected]> | 2013-12-27 22:02:38 -0500 |
| commit | 85e6d1db12e63a24e9afc1d61c604597dc6c91d5 (patch) | |
| tree | a75a30f41deba1b09966acd8df637ccfbfb533ce /src/crypto/pkey.rs | |
| parent | Switch over to rustpkg (diff) | |
| download | rust-openssl-85e6d1db12e63a24e9afc1d61c604597dc6c91d5.tar.xz rust-openssl-85e6d1db12e63a24e9afc1d61c604597dc6c91d5.zip | |
update to rust 0.9-pre (a5fa1d9)
Diffstat (limited to 'src/crypto/pkey.rs')
| -rw-r--r-- | src/crypto/pkey.rs | 257 |
1 files changed, 116 insertions, 141 deletions
diff --git a/src/crypto/pkey.rs b/src/crypto/pkey.rs index 7b5245b2..b8206d4e 100644 --- a/src/crypto/pkey.rs +++ b/src/crypto/pkey.rs @@ -1,5 +1,5 @@ use std::cast; -use std::libc::{c_int, c_uint}; +use std::libc::{c_char, c_int, c_uint}; use std::libc; use std::ptr; use std::vec; @@ -11,34 +11,29 @@ pub type EVP_PKEY = *libc::c_void; #[allow(non_camel_case_types)] pub type RSA = *libc::c_void; -mod libcrypto { - use super::*; - use std::libc::{c_char, c_int, c_uint}; - - #[link(name = "crypto")] - extern { - pub fn EVP_PKEY_new() -> *EVP_PKEY; - pub fn EVP_PKEY_free(k: *EVP_PKEY); - pub fn EVP_PKEY_assign(pkey: *EVP_PKEY, typ: c_int, key: *c_char) -> c_int; - pub fn EVP_PKEY_get1_RSA(k: *EVP_PKEY) -> *RSA; - - pub fn i2d_PublicKey(k: *EVP_PKEY, buf: **mut u8) -> c_int; - pub fn d2i_PublicKey(t: c_int, k: **EVP_PKEY, buf: **u8, len: c_uint) -> *EVP_PKEY; - pub fn i2d_PrivateKey(k: *EVP_PKEY, buf: **mut u8) -> c_int; - pub fn d2i_PrivateKey(t: c_int, k: **EVP_PKEY, buf: **u8, len: c_uint) -> *EVP_PKEY; - - pub fn RSA_generate_key(modsz: c_uint, e: c_uint, cb: *u8, cbarg: *u8) -> *RSA; - pub fn RSA_size(k: *RSA) -> c_uint; - - pub fn RSA_public_encrypt(flen: c_uint, from: *u8, to: *mut u8, k: *RSA, - pad: c_int) -> c_int; - pub fn RSA_private_decrypt(flen: c_uint, from: *u8, to: *mut u8, k: *RSA, - pad: c_int) -> c_int; - pub fn RSA_sign(t: c_int, m: *u8, mlen: c_uint, sig: *mut u8, siglen: *mut c_uint, - k: *RSA) -> c_int; - pub fn RSA_verify(t: c_int, m: *u8, mlen: c_uint, sig: *u8, siglen: c_uint, - k: *RSA) -> c_int; - } +#[link(name = "crypto")] +extern { + fn EVP_PKEY_new() -> *EVP_PKEY; + fn EVP_PKEY_free(k: *EVP_PKEY); + fn EVP_PKEY_assign(pkey: *EVP_PKEY, typ: c_int, key: *c_char) -> c_int; + fn EVP_PKEY_get1_RSA(k: *EVP_PKEY) -> *RSA; + + fn i2d_PublicKey(k: *EVP_PKEY, buf: **mut u8) -> c_int; + fn d2i_PublicKey(t: c_int, k: **EVP_PKEY, buf: **u8, len: c_uint) -> *EVP_PKEY; + fn i2d_PrivateKey(k: *EVP_PKEY, buf: **mut u8) -> c_int; + fn d2i_PrivateKey(t: c_int, k: **EVP_PKEY, buf: **u8, len: c_uint) -> *EVP_PKEY; + + fn RSA_generate_key(modsz: c_uint, e: c_uint, cb: *u8, cbarg: *u8) -> *RSA; + fn RSA_size(k: *RSA) -> c_uint; + + fn RSA_public_encrypt(flen: c_uint, from: *u8, to: *mut u8, k: *RSA, + pad: c_int) -> c_int; + fn RSA_private_decrypt(flen: c_uint, from: *u8, to: *mut u8, k: *RSA, + pad: c_int) -> c_int; + fn RSA_sign(t: c_int, m: *u8, mlen: c_uint, sig: *mut u8, siglen: *mut c_uint, + k: *RSA) -> c_int; + fn RSA_verify(t: c_int, m: *u8, mlen: c_uint, sig: *u8, siglen: c_uint, + k: *RSA) -> c_int; } enum Parts { @@ -87,9 +82,11 @@ pub struct PKey { /// Represents a public key, optionally with a private key attached. impl PKey { pub fn new() -> PKey { - PKey { - evp: unsafe { libcrypto::EVP_PKEY_new() }, - parts: Neither, + unsafe { + PKey { + evp: EVP_PKEY_new(), + parts: Neither, + } } } @@ -99,9 +96,7 @@ impl PKey { if len < 0 as c_int { return ~[]; } let mut s = vec::from_elem(len as uint, 0u8); - let r = s.as_mut_buf(|buf, _| { - f(self.evp, &buf) - }); + let r = f(self.evp, &s.as_mut_ptr()); s.truncate(r as uint); s @@ -109,18 +104,16 @@ impl PKey { } fn _fromstr(&mut self, s: &[u8], f: extern "C" unsafe fn(c_int, **EVP_PKEY, **u8, c_uint) -> *EVP_PKEY) { - s.as_imm_buf(|ps, len| { + unsafe { let evp = ptr::null(); - unsafe { - f(6 as c_int, &evp, &ps, len as c_uint); - } + f(6 as c_int, &evp, &s.as_ptr(), s.len() as c_uint); self.evp = evp; - }); + } } pub fn gen(&mut self, keysz: uint) { unsafe { - let rsa = libcrypto::RSA_generate_key( + let rsa = RSA_generate_key( keysz as c_uint, 65537u as c_uint, ptr::null(), @@ -128,7 +121,7 @@ impl PKey { ); // XXX: 6 == NID_rsaEncryption - libcrypto::EVP_PKEY_assign( + EVP_PKEY_assign( self.evp, 6 as c_int, cast::transmute(rsa)); @@ -141,14 +134,14 @@ impl PKey { * Returns a serialized form of the public key, suitable for load_pub(). */ pub fn save_pub(&self) -> ~[u8] { - self._tostr(libcrypto::i2d_PublicKey) + self._tostr(i2d_PublicKey) } /** * Loads a serialized form of the public key, as produced by save_pub(). */ pub fn load_pub(&mut self, s: &[u8]) { - self._fromstr(s, libcrypto::d2i_PublicKey); + self._fromstr(s, d2i_PublicKey); self.parts = Public; } @@ -157,14 +150,14 @@ impl PKey { * load_priv(). */ pub fn save_priv(&self) -> ~[u8] { - self._tostr(libcrypto::i2d_PrivateKey) + self._tostr(i2d_PrivateKey) } /** * Loads a serialized form of the public and private keys, as produced by * save_priv(). */ pub fn load_priv(&mut self, s: &[u8]) { - self._fromstr(s, libcrypto::d2i_PrivateKey); + self._fromstr(s, d2i_PrivateKey); self.parts = Both; } @@ -173,7 +166,7 @@ impl PKey { */ pub fn size(&self) -> uint { unsafe { - libcrypto::RSA_size(libcrypto::EVP_PKEY_get1_RSA(self.evp)) as uint + RSA_size(EVP_PKEY_get1_RSA(self.evp)) as uint } } @@ -211,8 +204,8 @@ impl PKey { */ pub fn max_data(&self) -> uint { unsafe { - let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); - let len = libcrypto::RSA_size(rsa); + let rsa = EVP_PKEY_get1_RSA(self.evp); + let len = RSA_size(rsa); // 41 comes from RSA_public_encrypt(3) for OAEP len as uint - 41u @@ -221,24 +214,20 @@ impl PKey { pub fn encrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> ~[u8] { unsafe { - let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); - let len = libcrypto::RSA_size(rsa); + let rsa = EVP_PKEY_get1_RSA(self.evp); + let len = RSA_size(rsa); assert!(s.len() < self.max_data()); let mut r = vec::from_elem(len as uint + 1u, 0u8); - let rv = r.as_mut_buf(|pr, _len| { - s.as_imm_buf(|ps, s_len| { - libcrypto::RSA_public_encrypt( - s_len as c_uint, - ps, - pr, - rsa, - openssl_padding_code(padding) - ) - }) - }); + let rv = RSA_public_encrypt( + s.len() as c_uint, + s.as_ptr(), + r.as_mut_ptr(), + rsa, + openssl_padding_code(padding)); + if rv < 0 as c_int { ~[] } else { @@ -250,24 +239,19 @@ impl PKey { pub fn decrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> ~[u8] { unsafe { - let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); - let len = libcrypto::RSA_size(rsa); + let rsa = EVP_PKEY_get1_RSA(self.evp); + let len = RSA_size(rsa); - assert_eq!(s.len() as c_uint, libcrypto::RSA_size(rsa)); + assert_eq!(s.len() as c_uint, RSA_size(rsa)); let mut r = vec::from_elem(len as uint + 1u, 0u8); - let rv = r.as_mut_buf(|pr, _len| { - s.as_imm_buf(|ps, s_len| { - libcrypto::RSA_private_decrypt( - s_len as c_uint, - ps, - pr, - rsa, - openssl_padding_code(padding) - ) - }) - }); + let rv = RSA_private_decrypt( + s.len() as c_uint, + s.as_ptr(), + r.as_mut_ptr(), + rsa, + openssl_padding_code(padding)); if rv < 0 as c_int { ~[] @@ -303,21 +287,17 @@ impl PKey { pub fn sign_with_hash(&self, s: &[u8], hash: HashType) -> ~[u8] { unsafe { - let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); - let mut len = libcrypto::RSA_size(rsa); + let rsa = EVP_PKEY_get1_RSA(self.evp); + let mut len = RSA_size(rsa); let mut r = vec::from_elem(len as uint + 1u, 0u8); - let rv = r.as_mut_buf(|pr, _len| { - s.as_imm_buf(|ps, s_len| { - libcrypto::RSA_sign( - openssl_hash_nid(hash), - ps, - s_len as c_uint, - pr, - &mut len, - rsa) - }) - }); + let rv = RSA_sign( + openssl_hash_nid(hash), + s.as_ptr(), + s.len() as c_uint, + r.as_mut_ptr(), + &mut len, + rsa); if rv < 0 as c_int { ~[] @@ -330,22 +310,18 @@ impl PKey { pub fn verify_with_hash(&self, m: &[u8], s: &[u8], hash: HashType) -> bool { unsafe { - let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); - - m.as_imm_buf(|pm, m_len| { - s.as_imm_buf(|ps, s_len| { - let rv = libcrypto::RSA_verify( - openssl_hash_nid(hash), - pm, - m_len as c_uint, - ps, - s_len as c_uint, - rsa - ); - - rv == 1 as c_int - }) - }) + let rsa = EVP_PKEY_get1_RSA(self.evp); + + let rv = RSA_verify( + openssl_hash_nid(hash), + m.as_ptr(), + m.len() as c_uint, + s.as_ptr(), + s.len() as c_uint, + rsa + ); + + rv == 1 as c_int } } } @@ -353,56 +329,55 @@ impl PKey { impl Drop for PKey { fn drop(&mut self) { unsafe { - libcrypto::EVP_PKEY_free(self.evp); + EVP_PKEY_free(self.evp); } } } #[cfg(test)] mod tests { - use super::*; use hash::{MD5, SHA1}; #[test] fn test_gen_pub() { - let mut k0 = PKey::new(); - let mut k1 = PKey::new(); + let mut k0 = super::PKey::new(); + let mut k1 = super::PKey::new(); k0.gen(512u); k1.load_pub(k0.save_pub()); - assert!(k0.save_pub() == k1.save_pub()); - assert!(k0.size() == k1.size()); - assert!(k0.can(Encrypt)); - assert!(k0.can(Decrypt)); - assert!(k0.can(Verify)); - assert!(k0.can(Sign)); - assert!(k1.can(Encrypt)); - assert!(!k1.can(Decrypt)); - assert!(k1.can(Verify)); - assert!(!k1.can(Sign)); + assert_eq!(k0.save_pub(), k1.save_pub()); + assert_eq!(k0.size(), k1.size()); + assert!(k0.can(super::Encrypt)); + assert!(k0.can(super::Decrypt)); + assert!(k0.can(super::Verify)); + assert!(k0.can(super::Sign)); + assert!(k1.can(super::Encrypt)); + assert!(!k1.can(super::Decrypt)); + assert!(k1.can(super::Verify)); + assert!(!k1.can(super::Sign)); } #[test] fn test_gen_priv() { - let mut k0 = PKey::new(); - let mut k1 = PKey::new(); + let mut k0 = super::PKey::new(); + let mut k1 = super::PKey::new(); k0.gen(512u); k1.load_priv(k0.save_priv()); - assert!(k0.save_priv() == k1.save_priv()); - assert!(k0.size() == k1.size()); - assert!(k0.can(Encrypt)); - assert!(k0.can(Decrypt)); - assert!(k0.can(Verify)); - assert!(k0.can(Sign)); - assert!(k1.can(Encrypt)); - assert!(k1.can(Decrypt)); - assert!(k1.can(Verify)); - assert!(k1.can(Sign)); + assert_eq!(k0.save_priv(), k1.save_priv()); + assert_eq!(k0.size(), k1.size()); + assert!(k0.can(super::Encrypt)); + assert!(k0.can(super::Decrypt)); + assert!(k0.can(super::Verify)); + assert!(k0.can(super::Sign)); + assert!(k1.can(super::Encrypt)); + assert!(k1.can(super::Decrypt)); + assert!(k1.can(super::Verify)); + assert!(k1.can(super::Sign)); } #[test] fn test_encrypt() { - let mut k0 = PKey::new(); - let mut k1 = PKey::new(); + let mut k0 = super::PKey::new(); + let mut k1 = super::PKey::new(); let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); @@ -413,20 +388,20 @@ mod tests { #[test] fn test_encrypt_pkcs() { - let mut k0 = PKey::new(); - let mut k1 = PKey::new(); + let mut k0 = super::PKey::new(); + let mut k1 = super::PKey::new(); let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); - let emsg = k1.encrypt_with_padding(msg, PKCS1v15); - let dmsg = k0.decrypt_with_padding(emsg, PKCS1v15); + let emsg = k1.encrypt_with_padding(msg, super::PKCS1v15); + let dmsg = k0.decrypt_with_padding(emsg, super::PKCS1v15); assert!(msg == dmsg); } #[test] fn test_sign() { - let mut k0 = PKey::new(); - let mut k1 = PKey::new(); + let mut k0 = super::PKey::new(); + let mut k1 = super::PKey::new(); let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); @@ -437,8 +412,8 @@ mod tests { #[test] fn test_sign_hashes() { - let mut k0 = PKey::new(); - let mut k1 = PKey::new(); + let mut k0 = super::PKey::new(); + let mut k1 = super::PKey::new(); let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; k0.gen(512u); k1.load_pub(k0.save_pub()); |