diff options
| -rw-r--r-- | openssl-sys/src/lib.rs | 35 | ||||
| -rw-r--r-- | openssl/src/crypto/mod.rs | 2 | ||||
| -rw-r--r-- | openssl/src/crypto/pkcs5.rs | 14 | ||||
| -rw-r--r-- | openssl/src/crypto/symm.rs | 77 | ||||
| -rw-r--r-- | openssl/src/crypto/symm_internal.rs | 35 |
5 files changed, 110 insertions, 53 deletions
diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 58b78d9f..6d2090ca 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -16,12 +16,12 @@ use std::sync::{Once, ONCE_INIT}; pub type ASN1_INTEGER = c_void; pub type ASN1_STRING = c_void; pub type ASN1_TIME = c_void; +pub type ASN1_TYPE = c_void; pub type BN_CTX = c_void; pub type BN_GENCB = c_void; pub type COMP_METHOD = c_void; pub type DH = c_void; pub type ENGINE = c_void; -pub type EVP_CIPHER = c_void; pub type EVP_CIPHER_CTX = c_void; pub type EVP_MD = c_void; pub type EVP_PKEY_CTX = c_void; @@ -197,6 +197,39 @@ impl Clone for EVP_MD_CTX { } #[repr(C)] +pub struct EVP_CIPHER { + pub nid: c_int, + pub block_size: c_int, + pub key_len: c_int, + pub iv_len: c_int, + pub flags: c_ulong, + pub init: Option<unsafe extern "C" fn(*mut EVP_CIPHER_CTX, + *mut c_uchar, + *const c_uchar, + size_t) -> c_int>, + pub do_cipher: Option<unsafe extern "C" fn(*mut EVP_CIPHER_CTX, + *mut c_uchar, + *const c_uchar, + size_t) -> c_int>, + pub cleanup: Option<unsafe extern "C" fn(*mut EVP_CIPHER_CTX) -> c_int>, + pub ctx_size: c_int, + pub set_asn1_parameters: Option<unsafe extern "C" fn(*mut EVP_CIPHER_CTX, + *mut ASN1_TYPE) -> c_int>, + pub get_asn1_parameters: Option<unsafe extern "C" fn(*mut EVP_CIPHER_CTX, + *mut ASN1_TYPE) -> c_int>, + pub ctrl: Option<unsafe extern "C" fn(*mut EVP_CIPHER_CTX, + c_int, + c_int, + *mut c_void) -> c_int>, + pub app_data: *mut c_void, +} + +impl Copy for EVP_CIPHER {} +impl Clone for EVP_CIPHER { + fn clone(&self) -> EVP_CIPHER { *self } +} + +#[repr(C)] pub struct HMAC_CTX { md: *mut EVP_MD, md_ctx: EVP_MD_CTX, diff --git a/openssl/src/crypto/mod.rs b/openssl/src/crypto/mod.rs index 873f9d47..453291aa 100644 --- a/openssl/src/crypto/mod.rs +++ b/openssl/src/crypto/mod.rs @@ -24,5 +24,3 @@ pub mod memcmp; pub mod rsa; pub mod dsa; mod util; - -mod symm_internal; diff --git a/openssl/src/crypto/pkcs5.rs b/openssl/src/crypto/pkcs5.rs index 48e61a20..0098de8c 100644 --- a/openssl/src/crypto/pkcs5.rs +++ b/openssl/src/crypto/pkcs5.rs @@ -3,7 +3,6 @@ use std::ptr; use ffi; use HashTypeInternals; -use crypto::symm_internal::evpc; use crypto::hash; use crypto::symm; use error::ErrorStack; @@ -41,12 +40,11 @@ pub fn evp_bytes_to_key_pbkdf1_compatible(typ: symm::Type, ffi::init(); - let (evp, _, _) = evpc(typ); + let typ = typ.as_ptr(); + let message_digest_type = message_digest_type.evp_md(); - let message_digest = message_digest_type.evp_md(); - - let len = ffi::EVP_BytesToKey(evp, - message_digest, + let len = ffi::EVP_BytesToKey(typ, + message_digest_type, salt_ptr, data.as_ptr(), data.len() as c_int, @@ -60,8 +58,8 @@ pub fn evp_bytes_to_key_pbkdf1_compatible(typ: symm::Type, let mut key = vec![0; len as usize]; let mut iv = vec![0; len as usize]; - try_ssl!(ffi::EVP_BytesToKey(evp, - message_digest, + try_ssl!(ffi::EVP_BytesToKey(typ, + message_digest_type, salt_ptr, data.as_ptr(), data.len() as c_int, diff --git a/openssl/src/crypto/symm.rs b/openssl/src/crypto/symm.rs index 935980f3..b9fc5933 100644 --- a/openssl/src/crypto/symm.rs +++ b/openssl/src/crypto/symm.rs @@ -1,7 +1,6 @@ use std::iter::repeat; use libc::c_int; -use crypto::symm_internal::evpc; use ffi; #[derive(Copy, Clone)] @@ -43,13 +42,78 @@ pub enum Type { RC4_128, } +impl Type { + pub fn as_ptr(&self) -> *const ffi::EVP_CIPHER { + unsafe { + match *self { + Type::AES_128_ECB => ffi::EVP_aes_128_ecb(), + Type::AES_128_CBC => ffi::EVP_aes_128_cbc(), + #[cfg(feature = "aes_xts")] + Type::AES_128_XTS => ffi::EVP_aes_128_xts(), + #[cfg(feature = "aes_ctr")] + Type::AES_128_CTR => ffi::EVP_aes_128_ctr(), + // AES_128_GCM => (EVP_aes_128_gcm(), 16, 16), + Type::AES_128_CFB1 => ffi::EVP_aes_128_cfb1(), + Type::AES_128_CFB128 => ffi::EVP_aes_128_cfb128(), + Type::AES_128_CFB8 => ffi::EVP_aes_128_cfb8(), + + Type::AES_256_ECB => ffi::EVP_aes_256_ecb(), + Type::AES_256_CBC => ffi::EVP_aes_256_cbc(), + #[cfg(feature = "aes_xts")] + Type::AES_256_XTS => ffi::EVP_aes_256_xts(), + #[cfg(feature = "aes_ctr")] + Type::AES_256_CTR => ffi::EVP_aes_256_ctr(), + // AES_256_GCM => (EVP_aes_256_gcm(), 32, 16), + Type::AES_256_CFB1 => ffi::EVP_aes_256_cfb1(), + Type::AES_256_CFB128 => ffi::EVP_aes_256_cfb128(), + Type::AES_256_CFB8 => ffi::EVP_aes_256_cfb8(), + + Type::DES_CBC => ffi::EVP_des_cbc(), + Type::DES_ECB => ffi::EVP_des_ecb(), + + Type::RC4_128 => ffi::EVP_rc4(), + } + } + } + + /// Returns the length of keys used with this cipher. + pub fn key_len(&self) -> usize { + unsafe { + (*self.as_ptr()).key_len as usize + } + } + + /// Returns the length of the IV used with this cipher, or `None` if the + /// cipher does not use an IV. + pub fn iv_len(&self) -> Option<usize> { + unsafe { + let len = (*self.as_ptr()).iv_len as usize; + if len == 0 { + None + } else { + Some(len) + } + } + } + + /// Returns the block size of the cipher. + /// + /// # Note + /// + /// Stream ciphers such as RC4 have a block size of 1. + pub fn block_size(&self) -> usize { + unsafe { + (*self.as_ptr()).block_size as usize + } + } +} /// Represents a symmetric cipher context. pub struct Crypter { evp: *const ffi::EVP_CIPHER, ctx: *mut ffi::EVP_CIPHER_CTX, - keylen: u32, - blocksize: u32, + keylen: usize, + blocksize: usize, } impl Crypter { @@ -57,12 +121,11 @@ impl Crypter { ffi::init(); let ctx = unsafe { ffi::EVP_CIPHER_CTX_new() }; - let (evp, keylen, blocksz) = evpc(t); Crypter { - evp: evp, + evp: t.as_ptr(), ctx: ctx, - keylen: keylen, - blocksize: blocksz, + keylen: t.key_len(), + blocksize: t.block_size(), } } diff --git a/openssl/src/crypto/symm_internal.rs b/openssl/src/crypto/symm_internal.rs deleted file mode 100644 index ba01e1c1..00000000 --- a/openssl/src/crypto/symm_internal.rs +++ /dev/null @@ -1,35 +0,0 @@ -use crypto::symm; -use ffi; - -pub fn evpc(t: symm::Type) -> (*const ffi::EVP_CIPHER, u32, u32) { - unsafe { - match t { - symm::Type::AES_128_ECB => (ffi::EVP_aes_128_ecb(), 16, 16), - symm::Type::AES_128_CBC => (ffi::EVP_aes_128_cbc(), 16, 16), - #[cfg(feature = "aes_xts")] - symm::Type::AES_128_XTS => (ffi::EVP_aes_128_xts(), 32, 16), - #[cfg(feature = "aes_ctr")] - symm::Type::AES_128_CTR => (ffi::EVP_aes_128_ctr(), 16, 0), - // AES_128_GCM => (EVP_aes_128_gcm(), 16, 16), - symm::Type::AES_128_CFB1 => (ffi::EVP_aes_128_cfb1(), 16, 16), - symm::Type::AES_128_CFB128 => (ffi::EVP_aes_128_cfb128(), 16, 16), - symm::Type::AES_128_CFB8 => (ffi::EVP_aes_128_cfb8(), 16, 16), - - symm::Type::AES_256_ECB => (ffi::EVP_aes_256_ecb(), 32, 16), - symm::Type::AES_256_CBC => (ffi::EVP_aes_256_cbc(), 32, 16), - #[cfg(feature = "aes_xts")] - symm::Type::AES_256_XTS => (ffi::EVP_aes_256_xts(), 64, 16), - #[cfg(feature = "aes_ctr")] - symm::Type::AES_256_CTR => (ffi::EVP_aes_256_ctr(), 32, 0), - // AES_256_GCM => (EVP_aes_256_gcm(), 32, 16), - symm::Type::AES_256_CFB1 => (ffi::EVP_aes_256_cfb1(), 32, 16), - symm::Type::AES_256_CFB128 => (ffi::EVP_aes_256_cfb128(), 32, 16), - symm::Type::AES_256_CFB8 => (ffi::EVP_aes_256_cfb8(), 32, 16), - - symm::Type::DES_CBC => (ffi::EVP_des_cbc(), 8, 8), - symm::Type::DES_ECB => (ffi::EVP_des_ecb(), 8, 8), - - symm::Type::RC4_128 => (ffi::EVP_rc4(), 16, 0), - } - } -} |