Steven Fackler
parent
73ccfe7a29
commit
19440c2981
|
|
@ -236,11 +236,9 @@ impl fmt::Debug for DSA {
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
mod test {
|
mod test {
|
||||||
use std::io::Write;
|
|
||||||
use libc::c_char;
|
use libc::c_char;
|
||||||
|
|
||||||
use super::*;
|
use super::*;
|
||||||
use crypto::hash::*;
|
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
pub fn test_generate() {
|
pub fn test_generate() {
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,7 @@ use std::cmp;
|
||||||
use std::ptr;
|
use std::ptr;
|
||||||
use std::ffi::CString;
|
use std::ffi::CString;
|
||||||
|
|
||||||
|
use {cvt, cvt_p};
|
||||||
use crypto::pkey::PKey;
|
use crypto::pkey::PKey;
|
||||||
use error::ErrorStack;
|
use error::ErrorStack;
|
||||||
use x509::X509;
|
use x509::X509;
|
||||||
|
|
@ -26,7 +27,7 @@ impl Pkcs12 {
|
||||||
ffi::init();
|
ffi::init();
|
||||||
let mut ptr = der.as_ptr() as *const c_uchar;
|
let mut ptr = der.as_ptr() as *const c_uchar;
|
||||||
let length = cmp::min(der.len(), c_long::max_value() as usize) as c_long;
|
let length = cmp::min(der.len(), c_long::max_value() as usize) as c_long;
|
||||||
let p12 = try_ssl_null!(ffi::d2i_PKCS12(ptr::null_mut(), &mut ptr, length));
|
let p12 = try!(cvt_p(ffi::d2i_PKCS12(ptr::null_mut(), &mut ptr, length)));
|
||||||
Ok(Pkcs12(p12))
|
Ok(Pkcs12(p12))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -40,7 +41,7 @@ impl Pkcs12 {
|
||||||
let mut cert = ptr::null_mut();
|
let mut cert = ptr::null_mut();
|
||||||
let mut chain = ptr::null_mut();
|
let mut chain = ptr::null_mut();
|
||||||
|
|
||||||
try_ssl!(ffi::PKCS12_parse(self.0, pass.as_ptr(), &mut pkey, &mut cert, &mut chain));
|
try!(cvt(ffi::PKCS12_parse(self.0, pass.as_ptr(), &mut pkey, &mut cert, &mut chain)));
|
||||||
|
|
||||||
let pkey = PKey::from_ptr(pkey);
|
let pkey = PKey::from_ptr(pkey);
|
||||||
let cert = X509::from_ptr(cert);
|
let cert = X509::from_ptr(cert);
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,7 @@ use std::ptr;
|
||||||
use std::mem;
|
use std::mem;
|
||||||
use ffi;
|
use ffi;
|
||||||
|
|
||||||
|
use {cvt, cvt_p};
|
||||||
use bio::{MemBio, MemBioSlice};
|
use bio::{MemBio, MemBioSlice};
|
||||||
use crypto::dsa::DSA;
|
use crypto::dsa::DSA;
|
||||||
use crypto::rsa::RSA;
|
use crypto::rsa::RSA;
|
||||||
|
|
@ -19,9 +20,9 @@ impl PKey {
|
||||||
/// Create a new `PKey` containing an RSA key.
|
/// Create a new `PKey` containing an RSA key.
|
||||||
pub fn from_rsa(rsa: RSA) -> Result<PKey, ErrorStack> {
|
pub fn from_rsa(rsa: RSA) -> Result<PKey, ErrorStack> {
|
||||||
unsafe {
|
unsafe {
|
||||||
let evp = try_ssl_null!(ffi::EVP_PKEY_new());
|
let evp = try!(cvt_p(ffi::EVP_PKEY_new()));
|
||||||
let pkey = PKey(evp);
|
let pkey = PKey(evp);
|
||||||
try_ssl!(ffi::EVP_PKEY_assign(pkey.0, ffi::EVP_PKEY_RSA, rsa.as_ptr() as *mut _));
|
try!(cvt(ffi::EVP_PKEY_assign(pkey.0, ffi::EVP_PKEY_RSA, rsa.as_ptr() as *mut _)));
|
||||||
mem::forget(rsa);
|
mem::forget(rsa);
|
||||||
Ok(pkey)
|
Ok(pkey)
|
||||||
}
|
}
|
||||||
|
|
@ -30,9 +31,9 @@ impl PKey {
|
||||||
/// Create a new `PKey` containing a DSA key.
|
/// Create a new `PKey` containing a DSA key.
|
||||||
pub fn from_dsa(dsa: DSA) -> Result<PKey, ErrorStack> {
|
pub fn from_dsa(dsa: DSA) -> Result<PKey, ErrorStack> {
|
||||||
unsafe {
|
unsafe {
|
||||||
let evp = try_ssl_null!(ffi::EVP_PKEY_new());
|
let evp = try!(cvt_p(ffi::EVP_PKEY_new()));
|
||||||
let pkey = PKey(evp);
|
let pkey = PKey(evp);
|
||||||
try_ssl!(ffi::EVP_PKEY_assign(pkey.0, ffi::EVP_PKEY_DSA, dsa.as_ptr() as *mut _));
|
try!(cvt(ffi::EVP_PKEY_assign(pkey.0, ffi::EVP_PKEY_DSA, dsa.as_ptr() as *mut _)));
|
||||||
mem::forget(dsa);
|
mem::forget(dsa);
|
||||||
Ok(pkey)
|
Ok(pkey)
|
||||||
}
|
}
|
||||||
|
|
@ -42,10 +43,10 @@ impl PKey {
|
||||||
pub fn hmac(key: &[u8]) -> Result<PKey, ErrorStack> {
|
pub fn hmac(key: &[u8]) -> Result<PKey, ErrorStack> {
|
||||||
unsafe {
|
unsafe {
|
||||||
assert!(key.len() <= c_int::max_value() as usize);
|
assert!(key.len() <= c_int::max_value() as usize);
|
||||||
let key = try_ssl_null!(ffi::EVP_PKEY_new_mac_key(ffi::EVP_PKEY_HMAC,
|
let key = try!(cvt_p(ffi::EVP_PKEY_new_mac_key(ffi::EVP_PKEY_HMAC,
|
||||||
ptr::null_mut(),
|
ptr::null_mut(),
|
||||||
key.as_ptr() as *const _,
|
key.as_ptr() as *const _,
|
||||||
key.len() as c_int));
|
key.len() as c_int)));
|
||||||
Ok(PKey(key))
|
Ok(PKey(key))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -59,10 +60,10 @@ impl PKey {
|
||||||
ffi::init();
|
ffi::init();
|
||||||
let mem_bio = try!(MemBioSlice::new(buf));
|
let mem_bio = try!(MemBioSlice::new(buf));
|
||||||
unsafe {
|
unsafe {
|
||||||
let evp = try_ssl_null!(ffi::PEM_read_bio_PrivateKey(mem_bio.as_ptr(),
|
let evp = try!(cvt_p(ffi::PEM_read_bio_PrivateKey(mem_bio.as_ptr(),
|
||||||
ptr::null_mut(),
|
ptr::null_mut(),
|
||||||
None,
|
None,
|
||||||
ptr::null_mut()));
|
ptr::null_mut())));
|
||||||
Ok(PKey::from_ptr(evp))
|
Ok(PKey::from_ptr(evp))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -79,10 +80,10 @@ impl PKey {
|
||||||
let mut cb = CallbackState::new(pass_cb);
|
let mut cb = CallbackState::new(pass_cb);
|
||||||
let mem_bio = try!(MemBioSlice::new(buf));
|
let mem_bio = try!(MemBioSlice::new(buf));
|
||||||
unsafe {
|
unsafe {
|
||||||
let evp = try_ssl_null!(ffi::PEM_read_bio_PrivateKey(mem_bio.as_ptr(),
|
let evp = try!(cvt_p(ffi::PEM_read_bio_PrivateKey(mem_bio.as_ptr(),
|
||||||
ptr::null_mut(),
|
ptr::null_mut(),
|
||||||
Some(invoke_passwd_cb::<F>),
|
Some(invoke_passwd_cb::<F>),
|
||||||
&mut cb as *mut _ as *mut c_void));
|
&mut cb as *mut _ as *mut c_void)));
|
||||||
Ok(PKey::from_ptr(evp))
|
Ok(PKey::from_ptr(evp))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -92,10 +93,10 @@ impl PKey {
|
||||||
ffi::init();
|
ffi::init();
|
||||||
let mem_bio = try!(MemBioSlice::new(buf));
|
let mem_bio = try!(MemBioSlice::new(buf));
|
||||||
unsafe {
|
unsafe {
|
||||||
let evp = try_ssl_null!(ffi::PEM_read_bio_PUBKEY(mem_bio.as_ptr(),
|
let evp = try!(cvt_p(ffi::PEM_read_bio_PUBKEY(mem_bio.as_ptr(),
|
||||||
ptr::null_mut(),
|
ptr::null_mut(),
|
||||||
None,
|
None,
|
||||||
ptr::null_mut()));
|
ptr::null_mut())));
|
||||||
Ok(PKey::from_ptr(evp))
|
Ok(PKey::from_ptr(evp))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -105,15 +106,15 @@ impl PKey {
|
||||||
unsafe {
|
unsafe {
|
||||||
// this needs to be a reference as the set1_RSA ups the reference count
|
// this needs to be a reference as the set1_RSA ups the reference count
|
||||||
let rsa_ptr = rsa.as_ptr();
|
let rsa_ptr = rsa.as_ptr();
|
||||||
try_ssl!(ffi::EVP_PKEY_set1_RSA(self.0, rsa_ptr));
|
try!(cvt(ffi::EVP_PKEY_set1_RSA(self.0, rsa_ptr)));
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Get a reference to the interal RSA key for direct access to the key components
|
/// Get a reference to the interal RSA key for direct access to the key components
|
||||||
pub fn get_rsa(&self) -> Result<RSA, ErrorStack> {
|
pub fn rsa(&self) -> Result<RSA, ErrorStack> {
|
||||||
unsafe {
|
unsafe {
|
||||||
let rsa = try_ssl_null!(ffi::EVP_PKEY_get1_RSA(self.0));
|
let rsa = try!(cvt_p(ffi::EVP_PKEY_get1_RSA(self.0)));
|
||||||
// this is safe as the ffi increments a reference counter to the internal key
|
// this is safe as the ffi increments a reference counter to the internal key
|
||||||
Ok(RSA::from_ptr(rsa))
|
Ok(RSA::from_ptr(rsa))
|
||||||
}
|
}
|
||||||
|
|
@ -124,13 +125,13 @@ impl PKey {
|
||||||
pub fn private_key_to_pem(&self) -> Result<Vec<u8>, ErrorStack> {
|
pub fn private_key_to_pem(&self) -> Result<Vec<u8>, ErrorStack> {
|
||||||
let mem_bio = try!(MemBio::new());
|
let mem_bio = try!(MemBio::new());
|
||||||
unsafe {
|
unsafe {
|
||||||
try_ssl!(ffi::PEM_write_bio_PrivateKey(mem_bio.as_ptr(),
|
try!(cvt(ffi::PEM_write_bio_PrivateKey(mem_bio.as_ptr(),
|
||||||
self.0,
|
self.0,
|
||||||
ptr::null(),
|
ptr::null(),
|
||||||
ptr::null_mut(),
|
ptr::null_mut(),
|
||||||
-1,
|
-1,
|
||||||
None,
|
None,
|
||||||
ptr::null_mut()));
|
ptr::null_mut())));
|
||||||
|
|
||||||
}
|
}
|
||||||
Ok(mem_bio.get_buf().to_owned())
|
Ok(mem_bio.get_buf().to_owned())
|
||||||
|
|
@ -139,7 +140,9 @@ impl PKey {
|
||||||
/// Stores public key as a PEM
|
/// Stores public key as a PEM
|
||||||
pub fn public_key_to_pem(&self) -> Result<Vec<u8>, ErrorStack> {
|
pub fn public_key_to_pem(&self) -> Result<Vec<u8>, ErrorStack> {
|
||||||
let mem_bio = try!(MemBio::new());
|
let mem_bio = try!(MemBio::new());
|
||||||
unsafe { try_ssl!(ffi::PEM_write_bio_PUBKEY(mem_bio.as_ptr(), self.0)) }
|
unsafe {
|
||||||
|
try!(cvt(ffi::PEM_write_bio_PUBKEY(mem_bio.as_ptr(), self.0)));
|
||||||
|
}
|
||||||
Ok(mem_bio.get_buf().to_owned())
|
Ok(mem_bio.get_buf().to_owned())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,13 +1,14 @@
|
||||||
use libc::c_int;
|
use libc::c_int;
|
||||||
use ffi;
|
use ffi;
|
||||||
|
|
||||||
|
use cvt;
|
||||||
use error::ErrorStack;
|
use error::ErrorStack;
|
||||||
|
|
||||||
pub fn rand_bytes(buf: &mut [u8]) -> Result<(), ErrorStack> {
|
pub fn rand_bytes(buf: &mut [u8]) -> Result<(), ErrorStack> {
|
||||||
unsafe {
|
unsafe {
|
||||||
ffi::init();
|
ffi::init();
|
||||||
assert!(buf.len() <= c_int::max_value() as usize);
|
assert!(buf.len() <= c_int::max_value() as usize);
|
||||||
try_ssl_if!(ffi::RAND_bytes(buf.as_mut_ptr(), buf.len() as c_int) != 1);
|
cvt(ffi::RAND_bytes(buf.as_mut_ptr(), buf.len() as c_int)).map(|_| ())
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -4,6 +4,7 @@ use std::ptr;
|
||||||
use std::mem;
|
use std::mem;
|
||||||
use libc::{c_int, c_void, c_char};
|
use libc::{c_int, c_void, c_char};
|
||||||
|
|
||||||
|
use {cvt, cvt_p, cvt_n};
|
||||||
use bn::{BigNum, BigNumRef};
|
use bn::{BigNum, BigNumRef};
|
||||||
use bio::{MemBio, MemBioSlice};
|
use bio::{MemBio, MemBioSlice};
|
||||||
use error::ErrorStack;
|
use error::ErrorStack;
|
||||||
|
|
@ -42,11 +43,11 @@ impl RSA {
|
||||||
/// the supplied load and save methods for DER formatted keys.
|
/// the supplied load and save methods for DER formatted keys.
|
||||||
pub fn from_public_components(n: BigNum, e: BigNum) -> Result<RSA, ErrorStack> {
|
pub fn from_public_components(n: BigNum, e: BigNum) -> Result<RSA, ErrorStack> {
|
||||||
unsafe {
|
unsafe {
|
||||||
let rsa = RSA(try_ssl_null!(ffi::RSA_new()));
|
let rsa = RSA(try!(cvt_p(ffi::RSA_new())));
|
||||||
try_ssl!(compat::set_key(rsa.0,
|
try!(cvt(compat::set_key(rsa.0,
|
||||||
n.as_ptr(),
|
n.as_ptr(),
|
||||||
e.as_ptr(),
|
e.as_ptr(),
|
||||||
ptr::null_mut()));
|
ptr::null_mut())));
|
||||||
mem::forget((n, e));
|
mem::forget((n, e));
|
||||||
Ok(rsa)
|
Ok(rsa)
|
||||||
}
|
}
|
||||||
|
|
@ -62,13 +63,13 @@ impl RSA {
|
||||||
qi: BigNum)
|
qi: BigNum)
|
||||||
-> Result<RSA, ErrorStack> {
|
-> Result<RSA, ErrorStack> {
|
||||||
unsafe {
|
unsafe {
|
||||||
let rsa = RSA(try_ssl_null!(ffi::RSA_new()));
|
let rsa = RSA(try!(cvt_p(ffi::RSA_new())));
|
||||||
try_ssl!(compat::set_key(rsa.0, n.as_ptr(), e.as_ptr(), d.as_ptr()));
|
try!(cvt(compat::set_key(rsa.0, n.as_ptr(), e.as_ptr(), d.as_ptr())));
|
||||||
mem::forget((n, e, d));
|
mem::forget((n, e, d));
|
||||||
try_ssl!(compat::set_factors(rsa.0, p.as_ptr(), q.as_ptr()));
|
try!(cvt(compat::set_factors(rsa.0, p.as_ptr(), q.as_ptr())));
|
||||||
mem::forget((p, q));
|
mem::forget((p, q));
|
||||||
try_ssl!(compat::set_crt_params(rsa.0, dp.as_ptr(), dq.as_ptr(),
|
try!(cvt(compat::set_crt_params(rsa.0, dp.as_ptr(), dq.as_ptr(),
|
||||||
qi.as_ptr()));
|
qi.as_ptr())));
|
||||||
mem::forget((dp, dq, qi));
|
mem::forget((dp, dq, qi));
|
||||||
Ok(rsa)
|
Ok(rsa)
|
||||||
}
|
}
|
||||||
|
|
@ -83,12 +84,9 @@ impl RSA {
|
||||||
/// The public exponent will be 65537.
|
/// The public exponent will be 65537.
|
||||||
pub fn generate(bits: u32) -> Result<RSA, ErrorStack> {
|
pub fn generate(bits: u32) -> Result<RSA, ErrorStack> {
|
||||||
unsafe {
|
unsafe {
|
||||||
let rsa = try_ssl_null!(ffi::RSA_new());
|
let rsa = RSA(try!(cvt_p(ffi::RSA_new())));
|
||||||
let rsa = RSA(rsa);
|
|
||||||
let e = try!(BigNum::new_from(ffi::RSA_F4 as u32));
|
let e = try!(BigNum::new_from(ffi::RSA_F4 as u32));
|
||||||
|
try!(cvt(ffi::RSA_generate_key_ex(rsa.0, bits as c_int, e.as_ptr(), ptr::null_mut())));
|
||||||
try_ssl!(ffi::RSA_generate_key_ex(rsa.0, bits as c_int, e.as_ptr(), ptr::null_mut()));
|
|
||||||
|
|
||||||
Ok(rsa)
|
Ok(rsa)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -97,10 +95,10 @@ impl RSA {
|
||||||
pub fn private_key_from_pem(buf: &[u8]) -> Result<RSA, ErrorStack> {
|
pub fn private_key_from_pem(buf: &[u8]) -> Result<RSA, ErrorStack> {
|
||||||
let mem_bio = try!(MemBioSlice::new(buf));
|
let mem_bio = try!(MemBioSlice::new(buf));
|
||||||
unsafe {
|
unsafe {
|
||||||
let rsa = try_ssl_null!(ffi::PEM_read_bio_RSAPrivateKey(mem_bio.as_ptr(),
|
let rsa = try!(cvt_p(ffi::PEM_read_bio_RSAPrivateKey(mem_bio.as_ptr(),
|
||||||
ptr::null_mut(),
|
ptr::null_mut(),
|
||||||
None,
|
None,
|
||||||
ptr::null_mut()));
|
ptr::null_mut())));
|
||||||
Ok(RSA(rsa))
|
Ok(RSA(rsa))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -114,11 +112,10 @@ impl RSA {
|
||||||
|
|
||||||
unsafe {
|
unsafe {
|
||||||
let cb_ptr = &mut cb as *mut _ as *mut c_void;
|
let cb_ptr = &mut cb as *mut _ as *mut c_void;
|
||||||
let rsa = try_ssl_null!(ffi::PEM_read_bio_RSAPrivateKey(mem_bio.as_ptr(),
|
let rsa = try!(cvt_p(ffi::PEM_read_bio_RSAPrivateKey(mem_bio.as_ptr(),
|
||||||
ptr::null_mut(),
|
ptr::null_mut(),
|
||||||
Some(invoke_passwd_cb::<F>),
|
Some(invoke_passwd_cb::<F>),
|
||||||
cb_ptr));
|
cb_ptr)));
|
||||||
|
|
||||||
Ok(RSA(rsa))
|
Ok(RSA(rsa))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -127,10 +124,10 @@ impl RSA {
|
||||||
pub fn public_key_from_pem(buf: &[u8]) -> Result<RSA, ErrorStack> {
|
pub fn public_key_from_pem(buf: &[u8]) -> Result<RSA, ErrorStack> {
|
||||||
let mem_bio = try!(MemBioSlice::new(buf));
|
let mem_bio = try!(MemBioSlice::new(buf));
|
||||||
unsafe {
|
unsafe {
|
||||||
let rsa = try_ssl_null!(ffi::PEM_read_bio_RSA_PUBKEY(mem_bio.as_ptr(),
|
let rsa = try!(cvt_p(ffi::PEM_read_bio_RSA_PUBKEY(mem_bio.as_ptr(),
|
||||||
ptr::null_mut(),
|
ptr::null_mut(),
|
||||||
None,
|
None,
|
||||||
ptr::null_mut()));
|
ptr::null_mut())));
|
||||||
Ok(RSA(rsa))
|
Ok(RSA(rsa))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -140,13 +137,13 @@ impl RSA {
|
||||||
let mem_bio = try!(MemBio::new());
|
let mem_bio = try!(MemBio::new());
|
||||||
|
|
||||||
unsafe {
|
unsafe {
|
||||||
try_ssl!(ffi::PEM_write_bio_RSAPrivateKey(mem_bio.as_ptr(),
|
try!(cvt(ffi::PEM_write_bio_RSAPrivateKey(mem_bio.as_ptr(),
|
||||||
self.0,
|
self.0,
|
||||||
ptr::null(),
|
ptr::null(),
|
||||||
ptr::null_mut(),
|
ptr::null_mut(),
|
||||||
0,
|
0,
|
||||||
None,
|
None,
|
||||||
ptr::null_mut()));
|
ptr::null_mut())));
|
||||||
}
|
}
|
||||||
Ok(mem_bio.get_buf().to_owned())
|
Ok(mem_bio.get_buf().to_owned())
|
||||||
}
|
}
|
||||||
|
|
@ -156,93 +153,113 @@ impl RSA {
|
||||||
let mem_bio = try!(MemBio::new());
|
let mem_bio = try!(MemBio::new());
|
||||||
|
|
||||||
unsafe {
|
unsafe {
|
||||||
try_ssl!(ffi::PEM_write_bio_RSA_PUBKEY(mem_bio.as_ptr(), self.0))
|
try!(cvt(ffi::PEM_write_bio_RSA_PUBKEY(mem_bio.as_ptr(), self.0)));
|
||||||
};
|
}
|
||||||
|
|
||||||
Ok(mem_bio.get_buf().to_owned())
|
Ok(mem_bio.get_buf().to_owned())
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn size(&self) -> Option<u32> {
|
pub fn size(&self) -> usize {
|
||||||
if self.n().is_some() {
|
unsafe {
|
||||||
unsafe { Some(ffi::RSA_size(self.0) as u32) }
|
assert!(self.n().is_some());
|
||||||
} else {
|
|
||||||
None
|
ffi::RSA_size(self.0) as usize
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/// Decrypts data using the private key, returning the number of decrypted bytes.
|
||||||
* Decrypts data with the private key, using provided padding, returning the decrypted data.
|
///
|
||||||
*/
|
/// # Panics
|
||||||
pub fn private_decrypt(&self, from: &[u8], padding: Padding) -> Result<Vec<u8>, ErrorStack> {
|
///
|
||||||
|
/// Panics if `self` has no private components, or if `to` is smaller
|
||||||
|
/// than `self.size()`.
|
||||||
|
pub fn private_decrypt(&self,
|
||||||
|
from: &[u8],
|
||||||
|
to: &mut [u8],
|
||||||
|
padding: Padding)
|
||||||
|
-> Result<usize, ErrorStack> {
|
||||||
assert!(self.d().is_some(), "private components missing");
|
assert!(self.d().is_some(), "private components missing");
|
||||||
let k_len = self.size().expect("RSA missing an n");
|
assert!(from.len() <= i32::max_value() as usize);
|
||||||
let mut to: Vec<u8> = vec![0; k_len as usize];
|
assert!(to.len() >= self.size());
|
||||||
|
|
||||||
unsafe {
|
unsafe {
|
||||||
let enc_len = try_ssl_returns_size!(ffi::RSA_private_decrypt(from.len() as i32,
|
let len = try!(cvt_n(ffi::RSA_private_decrypt(from.len() as c_int,
|
||||||
from.as_ptr(),
|
from.as_ptr(),
|
||||||
to.as_mut_ptr(),
|
to.as_mut_ptr(),
|
||||||
self.0,
|
self.0,
|
||||||
padding.0));
|
padding.0)));
|
||||||
to.truncate(enc_len as usize);
|
Ok(len as usize)
|
||||||
Ok(to)
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/// Encrypts data using the private key, returning the number of encrypted bytes.
|
||||||
* Encrypts data with the private key, using provided padding, returning the encrypted data.
|
///
|
||||||
*/
|
/// # Panics
|
||||||
pub fn private_encrypt(&self, from: &[u8], padding: Padding) -> Result<Vec<u8>, ErrorStack> {
|
///
|
||||||
|
/// Panics if `self` has no private components, or if `to` is smaller
|
||||||
|
/// than `self.size()`.
|
||||||
|
pub fn private_encrypt(&self,
|
||||||
|
from: &[u8],
|
||||||
|
to: &mut [u8],
|
||||||
|
padding: Padding)
|
||||||
|
-> Result<usize, ErrorStack> {
|
||||||
assert!(self.d().is_some(), "private components missing");
|
assert!(self.d().is_some(), "private components missing");
|
||||||
let k_len = self.size().expect("RSA missing an n");
|
assert!(from.len() <= i32::max_value() as usize);
|
||||||
let mut to:Vec<u8> = vec![0; k_len as usize];
|
assert!(to.len() >= self.size());
|
||||||
|
|
||||||
unsafe {
|
unsafe {
|
||||||
let enc_len = try_ssl_returns_size!(ffi::RSA_private_encrypt(from.len() as c_int,
|
let len = try!(cvt_n(ffi::RSA_private_encrypt(from.len() as c_int,
|
||||||
from.as_ptr(),
|
from.as_ptr(),
|
||||||
to.as_mut_ptr(),
|
to.as_mut_ptr(),
|
||||||
self.0,
|
self.0,
|
||||||
padding.0));
|
padding.0)));
|
||||||
assert!(enc_len as u32 == k_len);
|
Ok(len as usize)
|
||||||
|
|
||||||
Ok(to)
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/// Decrypts data using the public key, returning the number of decrypted bytes.
|
||||||
* Decrypts data with the public key, using provided padding, returning the decrypted data.
|
///
|
||||||
*/
|
/// # Panics
|
||||||
pub fn public_decrypt(&self, from: &[u8], padding: Padding) -> Result<Vec<u8>, ErrorStack> {
|
///
|
||||||
let k_len = self.size().expect("RSA missing an n");
|
/// Panics if `to` is smaller than `self.size()`.
|
||||||
let mut to: Vec<u8> = vec![0; k_len as usize];
|
pub fn public_decrypt(&self,
|
||||||
|
from: &[u8],
|
||||||
|
to: &mut [u8],
|
||||||
|
padding: Padding)
|
||||||
|
-> Result<usize, ErrorStack> {
|
||||||
|
assert!(from.len() <= i32::max_value() as usize);
|
||||||
|
assert!(to.len() >= self.size());
|
||||||
|
|
||||||
unsafe {
|
unsafe {
|
||||||
let enc_len = try_ssl_returns_size!(ffi::RSA_public_decrypt(from.len() as i32,
|
let len = try!(cvt_n(ffi::RSA_public_decrypt(from.len() as c_int,
|
||||||
from.as_ptr(),
|
from.as_ptr(),
|
||||||
to.as_mut_ptr(),
|
to.as_mut_ptr(),
|
||||||
self.0,
|
self.0,
|
||||||
padding.0));
|
padding.0)));
|
||||||
to.truncate(enc_len as usize);
|
Ok(len as usize)
|
||||||
Ok(to)
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/// Encrypts data using the private key, returning the number of encrypted bytes.
|
||||||
* Encrypts data with the public key, using provided padding, returning the encrypted data.
|
///
|
||||||
*/
|
/// # Panics
|
||||||
pub fn public_encrypt(&self, from: &[u8], padding: Padding) -> Result<Vec<u8>, ErrorStack> {
|
///
|
||||||
let k_len = self.size().expect("RSA missing an n");
|
/// Panics if `to` is smaller than `self.size()`.
|
||||||
let mut to:Vec<u8> = vec![0; k_len as usize];
|
pub fn public_encrypt(&self,
|
||||||
|
from: &[u8],
|
||||||
|
to: &mut [u8],
|
||||||
|
padding: Padding)
|
||||||
|
-> Result<usize, ErrorStack> {
|
||||||
|
assert!(from.len() <= i32::max_value() as usize);
|
||||||
|
assert!(to.len() >= self.size());
|
||||||
|
|
||||||
unsafe {
|
unsafe {
|
||||||
let enc_len = try_ssl_returns_size!(ffi::RSA_public_encrypt(from.len() as c_int,
|
let len = try!(cvt_n(ffi::RSA_public_encrypt(from.len() as c_int,
|
||||||
from.as_ptr(),
|
from.as_ptr(),
|
||||||
to.as_mut_ptr(),
|
to.as_mut_ptr(),
|
||||||
self.0,
|
self.0,
|
||||||
padding.0));
|
padding.0)));
|
||||||
assert!(enc_len as u32 == k_len);
|
Ok(len as usize)
|
||||||
|
|
||||||
Ok(to)
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -424,55 +441,47 @@ mod test {
|
||||||
let key = include_bytes!("../../test/rsa.pem.pub");
|
let key = include_bytes!("../../test/rsa.pem.pub");
|
||||||
let public_key = RSA::public_key_from_pem(key).unwrap();
|
let public_key = RSA::public_key_from_pem(key).unwrap();
|
||||||
|
|
||||||
let original_data: Vec<u8> = "This is test".to_string().into_bytes();
|
let mut result = vec![0; public_key.size()];
|
||||||
let result = public_key.public_encrypt(&original_data, Padding::pkcs1()).unwrap();
|
let original_data = b"This is test";
|
||||||
|
let len = public_key.public_encrypt(original_data, &mut result, Padding::pkcs1()).unwrap();
|
||||||
assert_eq!(result.len(), 256);
|
assert_eq!(len, 256);
|
||||||
|
|
||||||
let pkey = include_bytes!("../../test/rsa.pem");
|
let pkey = include_bytes!("../../test/rsa.pem");
|
||||||
let private_key = RSA::private_key_from_pem(pkey).unwrap();
|
let private_key = RSA::private_key_from_pem(pkey).unwrap();
|
||||||
let dec_result = private_key.private_decrypt(&result, Padding::pkcs1()).unwrap();
|
let mut dec_result = vec![0; private_key.size()];
|
||||||
|
let len = private_key.private_decrypt(&result, &mut dec_result, Padding::pkcs1()).unwrap();
|
||||||
|
|
||||||
assert_eq!(dec_result, original_data);
|
assert_eq!(&dec_result[..len], original_data);
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_private_encrypt() {
|
fn test_private_encrypt() {
|
||||||
let k0 = super::RSA::generate(512).unwrap();
|
let k0 = super::RSA::generate(512).unwrap();
|
||||||
let k0pkey = k0.public_key_to_pem().unwrap();
|
let k0pkey = k0.public_key_to_pem().unwrap();
|
||||||
let k1 = super::RSA::public_key_from_pem(&k0pkey).unwrap();
|
let k1 = super::RSA::public_key_from_pem(&k0pkey).unwrap();
|
||||||
|
|
||||||
let msg = vec!(0xdeu8, 0xadu8, 0xd0u8, 0x0du8);
|
let msg = vec![0xdeu8, 0xadu8, 0xd0u8, 0x0du8];
|
||||||
|
|
||||||
let emsg = k0.private_encrypt(&msg, Padding::pkcs1()).unwrap();
|
let mut emesg = vec![0; k0.size()];
|
||||||
let dmsg = k1.public_decrypt(&emsg, Padding::pkcs1()).unwrap();
|
k0.private_encrypt(&msg, &mut emesg, Padding::pkcs1()).unwrap();
|
||||||
assert!(msg == dmsg);
|
let mut dmesg = vec![0; k1.size()];
|
||||||
|
let len = k1.public_decrypt(&emesg, &mut dmesg, Padding::pkcs1()).unwrap();
|
||||||
|
assert_eq!(msg, &dmesg[..len]);
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_public_encrypt() {
|
fn test_public_encrypt() {
|
||||||
let k0 = super::RSA::generate(512).unwrap();
|
let k0 = super::RSA::generate(512).unwrap();
|
||||||
let k0pkey = k0.public_key_to_pem().unwrap();
|
let k0pkey = k0.private_key_to_pem().unwrap();
|
||||||
let k1 = super::RSA::public_key_from_pem(&k0pkey).unwrap();
|
let k1 = super::RSA::private_key_from_pem(&k0pkey).unwrap();
|
||||||
|
|
||||||
let msg = vec!(0xdeu8, 0xadu8, 0xd0u8, 0x0du8);
|
let msg = vec![0xdeu8, 0xadu8, 0xd0u8, 0x0du8];
|
||||||
|
|
||||||
let emsg = k1.public_encrypt(&msg, Padding::pkcs1_oaep()).unwrap();
|
let mut emesg = vec![0; k0.size()];
|
||||||
let dmsg = k0.private_decrypt(&emsg, Padding::pkcs1_oaep()).unwrap();
|
k0.public_encrypt(&msg, &mut emesg, Padding::pkcs1()).unwrap();
|
||||||
assert!(msg == dmsg);
|
let mut dmesg = vec![0; k1.size()];
|
||||||
}
|
let len = k1.private_decrypt(&emesg, &mut dmesg, Padding::pkcs1()).unwrap();
|
||||||
|
assert_eq!(msg, &dmesg[..len]);
|
||||||
#[test]
|
|
||||||
fn test_public_encrypt_pkcs() {
|
|
||||||
let k0 = super::RSA::generate(512).unwrap();
|
|
||||||
let k0pkey = k0.public_key_to_pem().unwrap();
|
|
||||||
let k1 = super::RSA::public_key_from_pem(&k0pkey).unwrap();
|
|
||||||
|
|
||||||
let msg = vec!(0xdeu8, 0xadu8, 0xd0u8, 0x0du8);
|
|
||||||
|
|
||||||
let emsg = k1.public_encrypt(&msg, super::Padding::pkcs1()).unwrap();
|
|
||||||
let dmsg = k0.private_decrypt(&emsg, super::Padding::pkcs1()).unwrap();
|
|
||||||
assert!(msg == dmsg);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue