From f16cd5586f554530aa1511a7586ed7d3b4642235 Mon Sep 17 00:00:00 2001 From: Andrei Oprisan Date: Tue, 4 Oct 2016 12:00:40 +0300 Subject: [PATCH 1/2] added try_ssl_size, which handles -1 as error and returns the value otherwise; added RSA private_decrypt and public encrypt lift_ssl_size Added public/private encrypt/decrypt to RSA from the original commit + tests; added try_ssl_returns_size macro to check for -1 in case of SSL functions which return size --- openssl/src/crypto/rsa.rs | 194 ++++++++++++++++++++++++++++++++++++++ openssl/src/macros.rs | 23 +++++ 2 files changed, 217 insertions(+) diff --git a/openssl/src/crypto/rsa.rs b/openssl/src/crypto/rsa.rs index 3ba063cd..e0d8e7ea 100644 --- a/openssl/src/crypto/rsa.rs +++ b/openssl/src/crypto/rsa.rs @@ -11,6 +11,24 @@ use HashTypeInternals; use crypto::hash; use crypto::util::{CallbackState, invoke_passwd_cb}; +/// Type of encryption padding to use. +#[derive(Copy, Clone)] +pub enum EncryptionPadding { + NoPadding, + OAEP, + PKCS1v15 +} + +impl EncryptionPadding { + pub fn openssl_padding_code(&self) -> c_int { + match self { + &EncryptionPadding::NoPadding => ffi::RSA_NO_PADDING, + &EncryptionPadding::OAEP => ffi::RSA_PKCS1_OAEP_PADDING, + &EncryptionPadding::PKCS1v15 => ffi::RSA_PKCS1_PADDING + } + } +} + pub struct RSA(*mut ffi::RSA); impl Drop for RSA { @@ -162,6 +180,125 @@ impl RSA { } } + pub fn max_data(&self) -> Option { + // 41 comes from RSA_public_encrypt(3) for OAEP + self.size().map(|len| len - 41) + } + + pub fn private_decrypt_with_padding(&self, from: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { + assert!(self.d().is_some(), "private components missing"); + let k_len = self.size().expect("RSA missing an n"); + let mut to: Vec = vec![0; k_len as usize]; + + unsafe { + let enc_len = try_ssl_returns_size!(ffi::RSA_private_decrypt(from.len() as i32, + from.as_ptr(), + to.as_mut_ptr(), + self.0, + padding.openssl_padding_code())); + to.truncate(enc_len as usize); + Ok(to) + } + } + + pub fn private_encrypt_with_padding(&self, from: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { + assert!(self.d().is_some(), "private components missing"); + let k_len = self.size().expect("RSA missing an n"); + let mut to:Vec = vec![0; k_len as usize]; + + assert!(from.len() < self.max_data().unwrap_or_else(|| 0) as usize); + + unsafe { + let enc_len = try_ssl_returns_size!(ffi::RSA_private_encrypt(from.len() as c_int, + from.as_ptr(), + to.as_mut_ptr(), + self.0, + padding.openssl_padding_code())); + assert!(enc_len as u32 == k_len); + + Ok(to) + } + } + + pub fn public_decrypt_with_padding(&self, from: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { + let k_len = self.size().expect("RSA missing an n"); + let mut to: Vec = vec![0; k_len as usize]; + + unsafe { + let enc_len = try_ssl_returns_size!(ffi::RSA_public_decrypt(from.len() as i32, + from.as_ptr(), + to.as_mut_ptr(), + self.0, + padding.openssl_padding_code())); + to.truncate(enc_len as usize); + Ok(to) + } + } + + pub fn public_encrypt_with_padding(&self, from: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { + let k_len = self.size().expect("RSA missing an n"); + let mut to:Vec = vec![0; k_len as usize]; + + assert!(from.len() < self.max_data().unwrap_or_else(|| 0) as usize); + + unsafe { + let enc_len = try_ssl_returns_size!(ffi::RSA_public_encrypt(from.len() as c_int, + from.as_ptr(), + to.as_mut_ptr(), + self.0, + padding.openssl_padding_code())); + assert!(enc_len as u32 == k_len); + + Ok(to) + } + } + + /** + * Encrypts data with the public key, using OAEP padding, returning the encrypted data. The + * supplied data must not be larger than max_data(). + */ + pub fn encrypt(&self, s: &[u8]) -> Result, ErrorStack> { self.public_encrypt_with_padding(s, EncryptionPadding::OAEP) } + + /** + * Encrypts data with the public key, using provided padding, returning the encrypted data. The + * supplied data must not be larger than max_data(). + */ + pub fn encrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { self.public_encrypt_with_padding(s, padding) } + + /** + * Encrypts data with the public key, using OAEP padding, returning the encrypted data. The + * supplied data must not be larger than max_data(). + */ + pub fn public_encrypt(&self, s: &[u8]) -> Result, ErrorStack> { self.public_encrypt_with_padding(s, EncryptionPadding::OAEP) } + + /** + * Decrypts data with the public key, using PKCS1v15 padding, returning the decrypted data. + */ + pub fn public_decrypt(&self, s: &[u8]) -> Result, ErrorStack> { self.public_decrypt_with_padding(s, EncryptionPadding::PKCS1v15) } + + /** + * Decrypts data with the private key, expecting OAEP padding, returning the decrypted data. + */ + pub fn decrypt(&self, s: &[u8]) -> Result, ErrorStack> { self.private_decrypt_with_padding(s, EncryptionPadding::OAEP) } + + /** + * Decrypts data with the private key, using provided padding, returning the encrypted data. The + * supplied data must not be larger than max_data(). + */ + pub fn decrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { self.private_decrypt_with_padding(s, padding) } + + /** + * Decrypts data with the private key, expecting OAEP padding, returning the decrypted data. + */ + pub fn private_decrypt(&self, s: &[u8]) -> Result, ErrorStack> { self.private_decrypt_with_padding(s, EncryptionPadding::OAEP) } + + /** + * Encrypts data with the private key, using PKCS1v15 padding, returning the encrypted data. The + * supplied data must not be larger than max_data(). + */ + pub fn private_encrypt(&self, s: &[u8]) -> Result, ErrorStack> { self.private_encrypt_with_padding(s, EncryptionPadding::PKCS1v15) } + + pub fn sign(&self, hash: hash::Type, message: &[u8]) -> Result, ErrorStack> { assert!(self.d().is_some(), "private components missing"); let k_len = self.size().expect("RSA missing an n"); @@ -335,4 +472,61 @@ mod test { assert!(password_queried); } + + #[test] + pub fn test_public_encrypt_private_decrypt_with_padding() { + let key = include_bytes!("../../test/rsa.pem.pub"); + let public_key = RSA::public_key_from_pem(key).unwrap(); + + let original_data: Vec = "This is test".to_string().into_bytes(); + let result = public_key.public_encrypt_with_padding(&original_data, EncryptionPadding::PKCS1v15).unwrap(); + + assert_eq!(result.len(), 256); + + let pkey = include_bytes!("../../test/rsa.pem"); + let private_key = RSA::private_key_from_pem(pkey).unwrap(); + let dec_result = private_key.private_decrypt_with_padding(&result, EncryptionPadding::PKCS1v15).unwrap(); + + assert_eq!(dec_result, original_data); + } + + #[test] + fn test_private_encrypt() { + let mut k0 = super::RSA::generate(512).unwrap(); + let k0pkey = k0.public_key_to_pem().unwrap(); + let mut k1 = super::RSA::public_key_from_pem(&k0pkey).unwrap(); + + let msg = vec!(0xdeu8, 0xadu8, 0xd0u8, 0x0du8); + + let emsg = k0.private_encrypt(&msg).unwrap(); + let dmsg = k1.public_decrypt(&emsg).unwrap(); + assert!(msg == dmsg); + } + + #[test] + fn test_public_encrypt() { + let mut k0 = super::RSA::generate(512).unwrap(); + let k0pkey = k0.public_key_to_pem().unwrap(); + let mut k1 = super::RSA::public_key_from_pem(&k0pkey).unwrap(); + + let msg = vec!(0xdeu8, 0xadu8, 0xd0u8, 0x0du8); + + let emsg = k1.public_encrypt(&msg).unwrap(); + let dmsg = k0.private_decrypt(&emsg).unwrap(); + assert!(msg == dmsg); + } + + #[test] + fn test_public_encrypt_pkcs() { + let mut k0 = super::RSA::generate(512).unwrap(); + let k0pkey = k0.public_key_to_pem().unwrap(); + let mut k1 = super::RSA::public_key_from_pem(&k0pkey).unwrap(); + + let msg = vec!(0xdeu8, 0xadu8, 0xd0u8, 0x0du8); + + let emsg = k1.public_encrypt_with_padding(&msg, super::EncryptionPadding::PKCS1v15).unwrap(); + let dmsg = k0.private_decrypt_with_padding(&emsg, super::EncryptionPadding::PKCS1v15).unwrap(); + assert!(msg == dmsg); + } + } diff --git a/openssl/src/macros.rs b/openssl/src/macros.rs index 35221f1c..e2d9cae5 100644 --- a/openssl/src/macros.rs +++ b/openssl/src/macros.rs @@ -33,6 +33,17 @@ macro_rules! try_ssl_null{ }) } +/// Shortcut return with SSL error if last error result is -1 +/// (default for size) +macro_rules! try_ssl_returns_size{ + ($e:expr) => ( + if $e == -1 { + return Err(::error::ErrorStack::get().into()) + } else { + $e + } + ) +} /// Lifts current SSL error code into Result<(), Error> /// if expression is true @@ -57,3 +68,15 @@ macro_rules! lift_ssl_if{ macro_rules! lift_ssl { ($e:expr) => (lift_ssl_if!($e == 0)) } + +/// Lifts current SSL error code into Result<(), Error> +/// if SSL returned -1 (default size error indication) +macro_rules! lift_ssl_returns_size { + ($e:expr) => ( { + if $e == -1 { + Err(::error::ErrorStack::get().into()) + } else { + Ok($e) + } + }) +} From 50648b7dac92200f5fb3d32422061e78404649c2 Mon Sep 17 00:00:00 2001 From: Andrei Oprisan Date: Fri, 7 Oct 2016 10:01:16 +0300 Subject: [PATCH 2/2] Removed max_size; removed all encrypt/decrypt methods except private/public encrypt/decrypt which take the padding --- openssl/src/crypto/rsa.rs | 95 +++++++++++---------------------------- 1 file changed, 26 insertions(+), 69 deletions(-) diff --git a/openssl/src/crypto/rsa.rs b/openssl/src/crypto/rsa.rs index e0d8e7ea..da2e1c79 100644 --- a/openssl/src/crypto/rsa.rs +++ b/openssl/src/crypto/rsa.rs @@ -20,7 +20,7 @@ pub enum EncryptionPadding { } impl EncryptionPadding { - pub fn openssl_padding_code(&self) -> c_int { + fn openssl_padding_code(&self) -> c_int { match self { &EncryptionPadding::NoPadding => ffi::RSA_NO_PADDING, &EncryptionPadding::OAEP => ffi::RSA_PKCS1_OAEP_PADDING, @@ -180,12 +180,10 @@ impl RSA { } } - pub fn max_data(&self) -> Option { - // 41 comes from RSA_public_encrypt(3) for OAEP - self.size().map(|len| len - 41) - } - - pub fn private_decrypt_with_padding(&self, from: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { + /** + * Decrypts data with the private key, using provided padding, returning the decrypted data. + */ + pub fn private_decrypt(&self, from: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { assert!(self.d().is_some(), "private components missing"); let k_len = self.size().expect("RSA missing an n"); let mut to: Vec = vec![0; k_len as usize]; @@ -201,13 +199,14 @@ impl RSA { } } - pub fn private_encrypt_with_padding(&self, from: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { + /** + * Encrypts data with the private key, using provided padding, returning the encrypted data. + */ + pub fn private_encrypt(&self, from: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { assert!(self.d().is_some(), "private components missing"); let k_len = self.size().expect("RSA missing an n"); let mut to:Vec = vec![0; k_len as usize]; - assert!(from.len() < self.max_data().unwrap_or_else(|| 0) as usize); - unsafe { let enc_len = try_ssl_returns_size!(ffi::RSA_private_encrypt(from.len() as c_int, from.as_ptr(), @@ -220,7 +219,10 @@ impl RSA { } } - pub fn public_decrypt_with_padding(&self, from: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { + /** + * Decrypts data with the public key, using provided padding, returning the decrypted data. + */ + pub fn public_decrypt(&self, from: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { let k_len = self.size().expect("RSA missing an n"); let mut to: Vec = vec![0; k_len as usize]; @@ -235,12 +237,13 @@ impl RSA { } } - pub fn public_encrypt_with_padding(&self, from: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { + /** + * Encrypts data with the public key, using provided padding, returning the encrypted data. + */ + pub fn public_encrypt(&self, from: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { let k_len = self.size().expect("RSA missing an n"); let mut to:Vec = vec![0; k_len as usize]; - assert!(from.len() < self.max_data().unwrap_or_else(|| 0) as usize); - unsafe { let enc_len = try_ssl_returns_size!(ffi::RSA_public_encrypt(from.len() as c_int, from.as_ptr(), @@ -253,53 +256,7 @@ impl RSA { } } - /** - * Encrypts data with the public key, using OAEP padding, returning the encrypted data. The - * supplied data must not be larger than max_data(). - */ - pub fn encrypt(&self, s: &[u8]) -> Result, ErrorStack> { self.public_encrypt_with_padding(s, EncryptionPadding::OAEP) } - - /** - * Encrypts data with the public key, using provided padding, returning the encrypted data. The - * supplied data must not be larger than max_data(). - */ - pub fn encrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { self.public_encrypt_with_padding(s, padding) } - - /** - * Encrypts data with the public key, using OAEP padding, returning the encrypted data. The - * supplied data must not be larger than max_data(). - */ - pub fn public_encrypt(&self, s: &[u8]) -> Result, ErrorStack> { self.public_encrypt_with_padding(s, EncryptionPadding::OAEP) } - - /** - * Decrypts data with the public key, using PKCS1v15 padding, returning the decrypted data. - */ - pub fn public_decrypt(&self, s: &[u8]) -> Result, ErrorStack> { self.public_decrypt_with_padding(s, EncryptionPadding::PKCS1v15) } - - /** - * Decrypts data with the private key, expecting OAEP padding, returning the decrypted data. - */ - pub fn decrypt(&self, s: &[u8]) -> Result, ErrorStack> { self.private_decrypt_with_padding(s, EncryptionPadding::OAEP) } - - /** - * Decrypts data with the private key, using provided padding, returning the encrypted data. The - * supplied data must not be larger than max_data(). - */ - pub fn decrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> Result, ErrorStack> { self.private_decrypt_with_padding(s, padding) } - - /** - * Decrypts data with the private key, expecting OAEP padding, returning the decrypted data. - */ - pub fn private_decrypt(&self, s: &[u8]) -> Result, ErrorStack> { self.private_decrypt_with_padding(s, EncryptionPadding::OAEP) } - - /** - * Encrypts data with the private key, using PKCS1v15 padding, returning the encrypted data. The - * supplied data must not be larger than max_data(). - */ - pub fn private_encrypt(&self, s: &[u8]) -> Result, ErrorStack> { self.private_encrypt_with_padding(s, EncryptionPadding::PKCS1v15) } - - - pub fn sign(&self, hash: hash::Type, message: &[u8]) -> Result, ErrorStack> { + pub fn sign(&self, hash: hash::Type, message: &[u8]) -> Result, ErrorStack> { assert!(self.d().is_some(), "private components missing"); let k_len = self.size().expect("RSA missing an n"); let mut sig = vec![0; k_len as usize]; @@ -479,13 +436,13 @@ mod test { let public_key = RSA::public_key_from_pem(key).unwrap(); let original_data: Vec = "This is test".to_string().into_bytes(); - let result = public_key.public_encrypt_with_padding(&original_data, EncryptionPadding::PKCS1v15).unwrap(); + let result = public_key.public_encrypt(&original_data, EncryptionPadding::PKCS1v15).unwrap(); assert_eq!(result.len(), 256); let pkey = include_bytes!("../../test/rsa.pem"); let private_key = RSA::private_key_from_pem(pkey).unwrap(); - let dec_result = private_key.private_decrypt_with_padding(&result, EncryptionPadding::PKCS1v15).unwrap(); + let dec_result = private_key.private_decrypt(&result, EncryptionPadding::PKCS1v15).unwrap(); assert_eq!(dec_result, original_data); } @@ -498,8 +455,8 @@ mod test { let msg = vec!(0xdeu8, 0xadu8, 0xd0u8, 0x0du8); - let emsg = k0.private_encrypt(&msg).unwrap(); - let dmsg = k1.public_decrypt(&emsg).unwrap(); + let emsg = k0.private_encrypt(&msg, EncryptionPadding::PKCS1v15).unwrap(); + let dmsg = k1.public_decrypt(&emsg, EncryptionPadding::PKCS1v15).unwrap(); assert!(msg == dmsg); } @@ -511,8 +468,8 @@ mod test { let msg = vec!(0xdeu8, 0xadu8, 0xd0u8, 0x0du8); - let emsg = k1.public_encrypt(&msg).unwrap(); - let dmsg = k0.private_decrypt(&emsg).unwrap(); + let emsg = k1.public_encrypt(&msg, EncryptionPadding::OAEP).unwrap(); + let dmsg = k0.private_decrypt(&emsg, EncryptionPadding::OAEP).unwrap(); assert!(msg == dmsg); } @@ -524,8 +481,8 @@ mod test { let msg = vec!(0xdeu8, 0xadu8, 0xd0u8, 0x0du8); - let emsg = k1.public_encrypt_with_padding(&msg, super::EncryptionPadding::PKCS1v15).unwrap(); - let dmsg = k0.private_decrypt_with_padding(&emsg, super::EncryptionPadding::PKCS1v15).unwrap(); + let emsg = k1.public_encrypt(&msg, super::EncryptionPadding::PKCS1v15).unwrap(); + let dmsg = k0.private_decrypt(&emsg, super::EncryptionPadding::PKCS1v15).unwrap(); assert!(msg == dmsg); }