From eb24a2157a73fcbfbe5c5ee0bb7ddad9ea6cd5b5 Mon Sep 17 00:00:00 2001 From: Ole Herman Schumacher Elgesem Date: Thu, 15 Feb 2018 01:05:29 +0100 Subject: [PATCH 1/3] More tests for pem_pkcs1 methods Signed-off-by: Ole Herman Schumacher Elgesem --- openssl/src/rsa.rs | 48 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/openssl/src/rsa.rs b/openssl/src/rsa.rs index dfa56d70..02240948 100644 --- a/openssl/src/rsa.rs +++ b/openssl/src/rsa.rs @@ -754,9 +754,55 @@ mod test { #[test] #[should_panic] - fn test_public_key_from_pem_pkcs1_panic() { + fn test_public_key_from_pem_pkcs1_file_panic() { let key = include_bytes!("../test/key.pem.pub"); Rsa::public_key_from_pem_pkcs1(key).unwrap(); } + #[test] + fn test_public_key_to_pem_pkcs1() { + let keypair = super::Rsa::generate(512).unwrap(); + let pubkey_pem = keypair.public_key_to_pem_pkcs1().unwrap(); + super::Rsa::public_key_from_pem_pkcs1(&pubkey_pem).unwrap(); + } + + #[test] + #[should_panic] + fn test_public_key_from_pem_pkcs1_generate_panic() { + let keypair = super::Rsa::generate(512).unwrap(); + let pubkey_pem = keypair.public_key_to_pem().unwrap(); + super::Rsa::public_key_from_pem_pkcs1(&pubkey_pem).unwrap(); + } + + #[test] + fn test_pem_pkcs1_encrypt() { + let keypair = super::Rsa::generate(2048).unwrap(); + let pubkey_pem = keypair.public_key_to_pem_pkcs1().unwrap(); + let pubkey = super::Rsa::public_key_from_pem_pkcs1(&pubkey_pem).unwrap(); + let msg = "Hello, world!".as_bytes(); + + let mut encrypted = vec![0; pubkey.size() as usize]; + let len = pubkey.public_encrypt(&msg, &mut encrypted, Padding::PKCS1).unwrap(); + assert!(len > msg.len()); + let mut decrypted = vec![0; keypair.size() as usize]; + let len = keypair.private_decrypt(&encrypted, &mut decrypted, Padding::PKCS1).unwrap(); + assert_eq!(len, msg.len()); + assert_eq!("Hello, world!", String::from_utf8_lossy(&decrypted[..len])); + } + + #[test] + fn test_pem_pkcs1_padding() { + let keypair = super::Rsa::generate(512).unwrap(); + let pubkey_pem = keypair.public_key_to_pem_pkcs1().unwrap(); + let pubkey = super::Rsa::public_key_from_pem_pkcs1(&pubkey_pem).unwrap(); + let msg = "foo".as_bytes(); + + let mut encrypted1 = vec![0; pubkey.size() as usize]; + let mut encrypted2 = vec![0; pubkey.size() as usize]; + let len1 = pubkey.public_encrypt(&msg, &mut encrypted1, Padding::PKCS1).unwrap(); + let len2 = pubkey.public_encrypt(&msg, &mut encrypted2, Padding::PKCS1).unwrap(); + assert!(len1 > (msg.len() + 1)); + assert_eq!(len1, len2); + assert_ne!(encrypted1, encrypted2); + } } From cc34a7149e8149e8786f9f1de2697db60bf5c53e Mon Sep 17 00:00:00 2001 From: Ole Herman Schumacher Elgesem Date: Wed, 14 Feb 2018 15:59:10 +0100 Subject: [PATCH 2/3] Add des_ede3_cbc cipher Signed-off-by: Ole Herman Schumacher Elgesem --- openssl-sys/src/lib.rs | 1 + openssl/src/symm.rs | 15 +++++++++++++++ 2 files changed, 16 insertions(+) diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 52b5eda4..d623bb29 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1889,6 +1889,7 @@ extern "C" { pub fn EVP_des_cbc() -> *const EVP_CIPHER; pub fn EVP_des_ecb() -> *const EVP_CIPHER; pub fn EVP_des_ede3() -> *const EVP_CIPHER; + pub fn EVP_des_ede3_cbc() -> *const EVP_CIPHER; pub fn EVP_BytesToKey( typ: *const EVP_CIPHER, diff --git a/openssl/src/symm.rs b/openssl/src/symm.rs index 5df77785..fdde38a5 100644 --- a/openssl/src/symm.rs +++ b/openssl/src/symm.rs @@ -137,6 +137,10 @@ impl Cipher { unsafe { Cipher(ffi::EVP_des_ede3()) } } + pub fn des_ede3_cbc() -> Cipher { + unsafe { Cipher(ffi::EVP_des_ede3_cbc()) } + } + pub fn rc4() -> Cipher { unsafe { Cipher(ffi::EVP_rc4()) } } @@ -1050,6 +1054,17 @@ mod tests { cipher_test(super::Cipher::des_ede3(), pt, ct, key, iv); } + #[test] + fn test_des_ede3_cbc() { + + let pt = "54686973206973206120746573742e"; + let ct = "6f2867cfefda048a4046ef7e556c7132"; + let key = "7cb66337f3d3c0fe7cb66337f3d3c0fe7cb66337f3d3c0fe"; + let iv = "0001020304050607"; + + cipher_test(super::Cipher::des_ede3_cbc(), pt, ct, key, iv); + } + #[test] fn test_aes128_gcm() { let key = "0e00c76561d2bd9b40c3c15427e2b08f"; From 7e02c09861fe0d82d8345ae22062678ddac57b31 Mon Sep 17 00:00:00 2001 From: Ole Herman Schumacher Elgesem Date: Thu, 15 Feb 2018 03:02:25 +0100 Subject: [PATCH 3/3] Added example/test in symm.rs for encrypting a private key with a symmetric cipher Signed-off-by: Ole Herman Schumacher Elgesem --- openssl/src/symm.rs | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/openssl/src/symm.rs b/openssl/src/symm.rs index fdde38a5..2a0fcf3b 100644 --- a/openssl/src/symm.rs +++ b/openssl/src/symm.rs @@ -22,6 +22,36 @@ //! \xFB\x3C\x5E\xC4\x59\x72\x4A\xF4\x7C\xA1", //! &ciphertext[..]); //! ``` +//! +//! Encrypting an assymetric key with a symmetric cipher +//! +//! ``` +//! use openssl::rsa::{Padding, Rsa}; +//! use openssl::symm::Cipher; +//! +//! // Generate keypair and encrypt private key: +//! let keypair = Rsa::generate(2048).unwrap(); +//! let cipher = Cipher::aes_256_cbc(); +//! let pubkey_pem = keypair.public_key_to_pem_pkcs1().unwrap(); +//! let privkey_pem = keypair.private_key_to_pem_passphrase(cipher, b"Rust").unwrap(); +//! // pubkey_pem and privkey_pem could be written to file here. +//! +//! // Load private and public key from string: +//! let pubkey = Rsa::public_key_from_pem_pkcs1(&pubkey_pem).unwrap(); +//! let privkey = Rsa::private_key_from_pem_passphrase(&privkey_pem, b"Rust").unwrap(); +//! +//! // Use the asymmetric keys to encrypt and decrypt a short message: +//! let msg = b"Foo bar"; +//! let mut encrypted = vec![0; pubkey.size() as usize]; +//! let mut decrypted = vec![0; privkey.size() as usize]; +//! let len = pubkey.public_encrypt(msg, &mut encrypted, Padding::PKCS1).unwrap(); +//! assert!(len > msg.len()); +//! let len = privkey.private_decrypt(&encrypted, &mut decrypted, Padding::PKCS1).unwrap(); +//! let output_string = String::from_utf8(decrypted[..len].to_vec()).unwrap(); +//! assert_eq!("Foo bar", output_string); +//! println!("Decrypted: '{}'", output_string); +//! ``` + use std::cmp; use std::ptr; use libc::c_int;