diff --git a/hash.rs b/hash.rs index 2a43cbd2..61f9c80f 100644 --- a/hash.rs +++ b/hash.rs @@ -41,6 +41,7 @@ mod libcrypto { } pub fn evpmd(t: HashType) -> (EVP_MD, uint) { + #[fixed_stack_segment]; #[inline(never)]; unsafe { match t { MD5 => (libcrypto::EVP_md5(), 16u), @@ -61,6 +62,7 @@ pub struct Hasher { impl Hasher { pub fn new(ht: HashType) -> Hasher { + #[fixed_stack_segment]; #[inline(never)]; let ctx = unsafe { libcrypto::EVP_MD_CTX_create() }; let (evp, mdlen) = evpmd(ht); unsafe { @@ -72,6 +74,7 @@ impl Hasher { /// Update this hasher with more input bytes pub fn update(&self, data: &[u8]) { + #[fixed_stack_segment]; #[inline(never)]; do data.as_imm_buf |pdata, len| { unsafe { libcrypto::EVP_DigestUpdate(self.ctx, pdata, len as c_uint) @@ -84,6 +87,7 @@ impl Hasher { * initialization */ pub fn final(&self) -> ~[u8] { + #[fixed_stack_segment]; #[inline(never)]; let mut res = vec::from_elem(self.len, 0u8); do res.as_mut_buf |pres, _len| { unsafe { @@ -96,6 +100,7 @@ impl Hasher { impl Drop for Hasher { fn drop(&self) { + #[fixed_stack_segment]; #[inline(never)]; unsafe { libcrypto::EVP_MD_CTX_destroy(self.ctx); } diff --git a/hmac.rs b/hmac.rs index 1e71ed1b..638e35c9 100644 --- a/hmac.rs +++ b/hmac.rs @@ -43,6 +43,7 @@ pub struct HMAC { } pub fn HMAC(ht: HashType, key: ~[u8]) -> HMAC { + #[fixed_stack_segment]; #[inline(never)]; unsafe { let (evp, mdlen) = evpmd(ht); @@ -67,6 +68,7 @@ pub fn HMAC(ht: HashType, key: ~[u8]) -> HMAC { impl HMAC { pub fn update(&mut self, data: &[u8]) { + #[fixed_stack_segment]; #[inline(never)]; unsafe { do data.as_imm_buf |pdata, len| { HMAC_Update(&mut self.ctx, pdata, len as libc::c_uint) @@ -75,6 +77,7 @@ impl HMAC { } pub fn final(&mut self) -> ~[u8] { + #[fixed_stack_segment]; #[inline(never)]; unsafe { let mut res = vec::from_elem(self.len, 0u8); let mut outlen: libc::c_uint = 0; diff --git a/pkcs5.rs b/pkcs5.rs index 400d3207..f9e2a48d 100644 --- a/pkcs5.rs +++ b/pkcs5.rs @@ -13,9 +13,9 @@ mod libcrypto { } } -#[doc = " -Derives a key from a password and salt using the PBKDF2-HMAC-SHA1 algorithm. -"] +/// Derives a key from a password and salt using the PBKDF2-HMAC-SHA1 algorithm. +#[fixed_stack_segment] +#[inline(never)] pub fn pbkdf2_hmac_sha1(pass: &str, salt: &[u8], iter: uint, keylen: uint) -> ~[u8] { assert!(iter >= 1u); diff --git a/pkey.rs b/pkey.rs index 9b97721b..c6aac6d4 100644 --- a/pkey.rs +++ b/pkey.rs @@ -47,7 +47,7 @@ enum Parts { Both } -#[doc = "Represents a role an asymmetric key might be appropriate for."] +/// Represents a role an asymmetric key might be appropriate for. pub enum Role { Encrypt, Decrypt, @@ -55,7 +55,7 @@ pub enum Role { Verify } -#[doc = "Type of encryption padding to use."] +/// Type of encryption padding to use. pub enum EncryptionPadding { OAEP, PKCS1v15 @@ -84,9 +84,10 @@ pub struct PKey { priv parts: Parts, } -///Represents a public key, optionally with a private key attached. +/// Represents a public key, optionally with a private key attached. impl PKey { pub fn new() -> PKey { + #[fixed_stack_segment]; #[inline(never)]; PKey { evp: unsafe { libcrypto::EVP_PKEY_new() }, parts: Neither, @@ -94,6 +95,7 @@ impl PKey { } fn _tostr(&self, f: extern "C" unsafe fn(*EVP_PKEY, **mut u8) -> c_int) -> ~[u8] { + #[fixed_stack_segment]; #[inline(never)]; unsafe { let len = f(self.evp, ptr::null()); if len < 0 as c_int { return ~[]; } @@ -109,6 +111,7 @@ impl PKey { } fn _fromstr(&mut self, s: &[u8], f: extern "C" unsafe fn(c_int, **EVP_PKEY, **u8, c_uint) -> *EVP_PKEY) { + #[fixed_stack_segment]; #[inline(never)]; do s.as_imm_buf |ps, len| { let evp = ptr::null(); unsafe { @@ -119,6 +122,7 @@ impl PKey { } pub fn gen(&mut self, keysz: uint) { + #[fixed_stack_segment]; #[inline(never)]; unsafe { let rsa = libcrypto::RSA_generate_key( keysz as c_uint, @@ -172,6 +176,7 @@ impl PKey { * Returns the size of the public key modulus. */ pub fn size(&self) -> uint { + #[fixed_stack_segment]; #[inline(never)]; unsafe { libcrypto::RSA_size(libcrypto::EVP_PKEY_get1_RSA(self.evp)) as uint } @@ -210,6 +215,7 @@ impl PKey { * call. */ pub fn max_data(&self) -> uint { + #[fixed_stack_segment]; #[inline(never)]; unsafe { let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); @@ -220,6 +226,7 @@ impl PKey { } pub fn encrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> ~[u8] { + #[fixed_stack_segment]; #[inline(never)]; unsafe { let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); @@ -249,6 +256,7 @@ impl PKey { } pub fn decrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> ~[u8] { + #[fixed_stack_segment]; #[inline(never)]; unsafe { let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let len = libcrypto::RSA_size(rsa); @@ -302,6 +310,7 @@ impl PKey { pub fn verify(&self, m: &[u8], s: &[u8]) -> bool { self.verify_with_hash(m, s, SHA256) } pub fn sign_with_hash(&self, s: &[u8], hash: HashType) -> ~[u8] { + #[fixed_stack_segment]; #[inline(never)]; unsafe { let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); let mut len = libcrypto::RSA_size(rsa); @@ -329,6 +338,7 @@ impl PKey { } pub fn verify_with_hash(&self, m: &[u8], s: &[u8], hash: HashType) -> bool { + #[fixed_stack_segment]; #[inline(never)]; unsafe { let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); @@ -352,6 +362,7 @@ impl PKey { impl Drop for PKey { fn drop(&self) { + #[fixed_stack_segment]; #[inline(never)]; unsafe { libcrypto::EVP_PKEY_free(self.evp); } diff --git a/rand.rs b/rand.rs index eedac4ab..dd6ee8a3 100644 --- a/rand.rs +++ b/rand.rs @@ -11,6 +11,7 @@ mod libcrypto { } pub fn rand_bytes(len: uint) -> ~[u8] { + #[fixed_stack_segment]; #[inline(never)]; let mut out = vec::with_capacity(len); do out.as_mut_buf |out_buf, len| { diff --git a/symm.rs b/symm.rs index bc28624a..b9353fcc 100644 --- a/symm.rs +++ b/symm.rs @@ -59,6 +59,7 @@ pub enum Type { } fn evpc(t: Type) -> (EVP_CIPHER, uint, uint) { + #[fixed_stack_segment]; #[inline(never)]; unsafe { match t { AES_128_ECB => (libcrypto::EVP_aes_128_ecb(), 16u, 16u), @@ -86,6 +87,7 @@ pub struct Crypter { impl Crypter { pub fn new(t: Type) -> Crypter { + #[fixed_stack_segment]; #[inline(never)]; let ctx = unsafe { libcrypto::EVP_CIPHER_CTX_new() }; let (evp, keylen, blocksz) = evpc(t); Crypter { evp: evp, ctx: ctx, keylen: keylen, blocksize: blocksz } @@ -96,6 +98,7 @@ impl Crypter { * data encrypted must be a multiple of block size. */ pub fn pad(&self, padding: bool) { + #[fixed_stack_segment]; #[inline(never)]; if self.blocksize > 0 { unsafe { let v = if padding { 1 } else { 0 } as c_int; @@ -108,6 +111,7 @@ impl Crypter { * Initializes this crypter. */ pub fn init(&self, mode: Mode, key: &[u8], iv: &[u8]) { + #[fixed_stack_segment]; #[inline(never)]; unsafe { let mode = match mode { Encrypt => 1 as c_int, @@ -134,6 +138,7 @@ impl Crypter { * encrypted or decrypted bytes. */ pub fn update(&self, data: &[u8]) -> ~[u8] { + #[fixed_stack_segment]; #[inline(never)]; unsafe { do data.as_imm_buf |pdata, len| { let mut res = vec::from_elem(len + self.blocksize, 0u8); @@ -162,6 +167,7 @@ impl Crypter { * Finish crypting. Returns the remaining partial block of output, if any. */ pub fn final(&self) -> ~[u8] { + #[fixed_stack_segment]; #[inline(never)]; unsafe { let mut res = vec::from_elem(self.blocksize, 0u8); @@ -179,6 +185,7 @@ impl Crypter { impl Drop for Crypter { fn drop(&self) { + #[fixed_stack_segment]; #[inline(never)]; unsafe { libcrypto::EVP_CIPHER_CTX_free(self.ctx); }