min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update to rust HEAD

This commit is contained in:
Erick Tryzelaar 2012-09-27 23:32:12 -07:00
parent f9e4b7ab18
commit fb8f201b97
6 changed files with 527 additions and 443 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
crypto.rc
View File

@ -15,11 +15,11 @@
*/ */
#[link(name = "crypto", #[link(name = "crypto",
vers = "0.1", vers = "0.2",
uuid = "38297409-b4c2-4499-8131-a99a7e44dad3")]; uuid = "38297409-b4c2-4499-8131-a99a7e44dad3")];
#[crate_type = "lib"]; #[crate_type = "lib"];
use std; // FIXME https://github.com/mozilla/rust/issues/1127 extern mod std; // FIXME https://github.com/mozilla/rust/issues/1127
mod hash; mod hash;
mod pkey; mod pkey;

129
hash.rs
View File

@ -1,36 +1,18 @@
import libc::c_uint; use libc::c_uint;
export hasher; pub enum HashType {
export hashtype; MD5,
export hash; SHA1,
export libcrypto; SHA224,
SHA256,
export md5, sha1, sha224, sha256, sha384, sha512; SHA384,
SHA512
iface hasher {
#[doc = "Initializes this hasher"]
fn init();
#[doc = "Update this hasher with more input bytes"]
fn update(~[u8]);
#[doc = "
Return the digest of all bytes added to this hasher since its last
initialization
"]
fn final() -> ~[u8];
}
enum hashtype {
md5,
sha1,
sha224,
sha256,
sha384,
sha512
} }
#[allow(non_camel_case_types)]
type EVP_MD_CTX = *libc::c_void; type EVP_MD_CTX = *libc::c_void;
#[allow(non_camel_case_types)]
type EVP_MD = *libc::c_void; type EVP_MD = *libc::c_void;
#[link_name = "crypto"] #[link_name = "crypto"]
@ -47,61 +29,68 @@ extern mod libcrypto {
fn EVP_DigestInit(ctx: EVP_MD_CTX, typ: EVP_MD); fn EVP_DigestInit(ctx: EVP_MD_CTX, typ: EVP_MD);
fn EVP_DigestUpdate(ctx: EVP_MD_CTX, data: *u8, n: c_uint); fn EVP_DigestUpdate(ctx: EVP_MD_CTX, data: *u8, n: c_uint);
fn EVP_DigestFinal(ctx: EVP_MD_CTX, res: *u8, n: *u32); fn EVP_DigestFinal(ctx: EVP_MD_CTX, res: *mut u8, n: *u32);
} }
fn evpmd(t: hashtype) -> (EVP_MD, uint) { fn evpmd(t: HashType) -> (EVP_MD, uint) {
alt t { match t {
md5 { (libcrypto::EVP_md5(), 16u) } MD5 => (libcrypto::EVP_md5(), 16u),
sha1 { (libcrypto::EVP_sha1(), 20u) } SHA1 => (libcrypto::EVP_sha1(), 20u),
sha224 { (libcrypto::EVP_sha224(), 28u) } SHA224 => (libcrypto::EVP_sha224(), 28u),
sha256 { (libcrypto::EVP_sha256(), 32u) } SHA256 => (libcrypto::EVP_sha256(), 32u),
sha384 { (libcrypto::EVP_sha384(), 48u) } SHA384 => (libcrypto::EVP_sha384(), 48u),
sha512 { (libcrypto::EVP_sha512(), 64u) } SHA512 => (libcrypto::EVP_sha512(), 64u),
} }
} }
fn hasher(ht: hashtype) -> hasher { pub struct Hasher {
type hasherstate = { priv evp: EVP_MD,
evp: EVP_MD, priv ctx: EVP_MD_CTX,
ctx: EVP_MD_CTX, priv len: uint,
len: uint }
};
impl of hasher for hasherstate { pub fn Hasher(ht: HashType) -> Hasher {
let ctx = libcrypto::EVP_MD_CTX_create();
let (evp, mdlen) = evpmd(ht);
let h = Hasher { evp: evp, ctx: ctx, len: mdlen };
h.init();
h
}
pub impl Hasher {
/// Initializes this hasher
fn init() unsafe { fn init() unsafe {
libcrypto::EVP_DigestInit(self.ctx, self.evp); libcrypto::EVP_DigestInit(self.ctx, self.evp);
} }
fn update(data: ~[u8]) unsafe { /// Update this hasher with more input bytes
let pdata: *u8 = vec::unsafe::to_ptr::<u8>(data); fn update(data: &[u8]) unsafe {
libcrypto::EVP_DigestUpdate(self.ctx, pdata, vec::len(data) as c_uint); do vec::as_imm_buf(data) |pdata, len| {
libcrypto::EVP_DigestUpdate(self.ctx, pdata, len as c_uint)
}
} }
/**
* Return the digest of all bytes added to this hasher since its last
* initialization
*/
fn final() -> ~[u8] unsafe { fn final() -> ~[u8] unsafe {
let res = vec::to_mut(vec::from_elem::<u8>(self.len, 0u8)); let mut res = vec::from_elem(self.len, 0u8);
let pres = vec::unsafe::to_ptr::<u8>(res); do vec::as_mut_buf(res) |pres, _len| {
libcrypto::EVP_DigestFinal(self.ctx, pres, ptr::null::<u32>()); libcrypto::EVP_DigestFinal(self.ctx, pres, ptr::null());
vec::from_mut::<u8>(res) }
res
} }
} }
let ctx = libcrypto::EVP_MD_CTX_create(); /**
let (evp, mdlen) = evpmd(ht); * Hashes the supplied input data using hash t, returning the resulting hash
let st = { evp: evp, ctx: ctx, len: mdlen }; * value
let h = st as hasher; */
h.init(); pub fn hash(t: HashType, data: &[u8]) -> ~[u8] unsafe {
ret h; let h = Hasher(t);
}
#[doc = "
Hashes the supplied input data using hash t, returning the resulting hash value
"]
fn hash(t: hashtype, data: ~[u8]) -> ~[u8] unsafe {
let h = hasher(t);
h.init();
h.update(data); h.update(data);
ret h.final(); h.final()
} }
#[cfg(test)] #[cfg(test)]
@ -113,7 +102,7 @@ mod tests {
let d0 = let d0 =
~[0x90u8, 0x01u8, 0x50u8, 0x98u8, 0x3cu8, 0xd2u8, 0x4fu8, 0xb0u8, ~[0x90u8, 0x01u8, 0x50u8, 0x98u8, 0x3cu8, 0xd2u8, 0x4fu8, 0xb0u8,
0xd6u8, 0x96u8, 0x3fu8, 0x7du8, 0x28u8, 0xe1u8, 0x7fu8, 0x72u8]; 0xd6u8, 0x96u8, 0x3fu8, 0x7du8, 0x28u8, 0xe1u8, 0x7fu8, 0x72u8];
assert(hash(md5, s0) == d0); assert(hash(MD5, s0) == d0);
} }
#[test] #[test]
@ -123,7 +112,7 @@ mod tests {
~[0xa9u8, 0x99u8, 0x3eu8, 0x36u8, 0x47u8, 0x06u8, 0x81u8, 0x6au8, ~[0xa9u8, 0x99u8, 0x3eu8, 0x36u8, 0x47u8, 0x06u8, 0x81u8, 0x6au8,
0xbau8, 0x3eu8, 0x25u8, 0x71u8, 0x78u8, 0x50u8, 0xc2u8, 0x6cu8, 0xbau8, 0x3eu8, 0x25u8, 0x71u8, 0x78u8, 0x50u8, 0xc2u8, 0x6cu8,
0x9cu8, 0xd0u8, 0xd8u8, 0x9du8]; 0x9cu8, 0xd0u8, 0xd8u8, 0x9du8];
assert(hash(sha1, s0) == d0); assert(hash(SHA1, s0) == d0);
} }
#[test] #[test]
@ -134,6 +123,6 @@ mod tests {
0x41u8, 0x41u8, 0x40u8, 0xdeu8, 0x5du8, 0xaeu8, 0x22u8, 0x23u8, 0x41u8, 0x41u8, 0x40u8, 0xdeu8, 0x5du8, 0xaeu8, 0x22u8, 0x23u8,
0xb0u8, 0x03u8, 0x61u8, 0xa3u8, 0x96u8, 0x17u8, 0x7au8, 0x9cu8, 0xb0u8, 0x03u8, 0x61u8, 0xa3u8, 0x96u8, 0x17u8, 0x7au8, 0x9cu8,
0xb4u8, 0x10u8, 0xffu8, 0x61u8, 0xf2u8, 0x00u8, 0x15u8, 0xadu8]; 0xb4u8, 0x10u8, 0xffu8, 0x61u8, 0xf2u8, 0x00u8, 0x15u8, 0xadu8];
assert(hash(sha256, s0) == d0); assert(hash(SHA256, s0) == d0);
} }
} }

70
pkcs5.rs
View File

@ -1,36 +1,36 @@
import libc::{c_char, c_uchar, c_int}; use libc::{c_char, c_uchar, c_int};
#[link_name = "crypto"] #[link_name = "crypto"]
#[abi = "cdecl"] #[abi = "cdecl"]
extern mod libcrypto { extern mod libcrypto {
fn PKCS5_PBKDF2_HMAC_SHA1(pass: *c_char, passlen: c_int, fn PKCS5_PBKDF2_HMAC_SHA1(pass: *u8, passlen: c_int,
salt: *c_uchar, saltlen: c_int, salt: *u8, saltlen: c_int,
iter: c_int, keylen: c_int, iter: c_int, keylen: c_int,
out: *c_uchar) -> c_int; out: *mut u8) -> c_int;
} }
#[doc = " #[doc = "
Derives a key from a password and salt using the PBKDF2-HMAC-SHA1 algorithm. Derives a key from a password and salt using the PBKDF2-HMAC-SHA1 algorithm.
"] "]
fn pbkdf2_hmac_sha1(pass: str, salt: ~[u8], iter: uint, keylen: uint) -> ~[u8] { pub fn pbkdf2_hmac_sha1(pass: &str, salt: &[u8], iter: uint,
keylen: uint) -> ~[u8] {
assert iter >= 1u; assert iter >= 1u;
assert keylen >= 1u; assert keylen >= 1u;
do str::as_c_str(pass) |pass_buf| { do str::as_buf(pass) |pass_buf, pass_len| {
do vec::as_buf(salt) |salt_buf| { do vec::as_imm_buf(salt) |salt_buf, salt_len| {
let mut out = ~[]; let mut out = vec::with_capacity(keylen);
vec::reserve(out, keylen);
do vec::as_buf(out) |out_buf| { do vec::as_mut_buf(out) |out_buf, _out_len| {
let r = libcrypto::PKCS5_PBKDF2_HMAC_SHA1( let r = libcrypto::PKCS5_PBKDF2_HMAC_SHA1(
pass_buf, str::len(pass) as c_int, pass_buf, pass_len as c_int,
salt_buf, vec::len(salt) as c_int, salt_buf, salt_len as c_int,
iter as c_int, keylen as c_int, iter as c_int, keylen as c_int,
out_buf); out_buf);
if r != 1 as c_int { fail; } if r != 1 as c_int { fail; }
unsafe { vec::unsafe::set_len(out, keylen); } unsafe { vec::raw::set_len(out, keylen); }
} }
out out
@ -44,27 +44,45 @@ mod tests {
// http://tools.ietf.org/html/draft-josefsson-pbkdf2-test-vectors-06 // http://tools.ietf.org/html/draft-josefsson-pbkdf2-test-vectors-06
#[test] #[test]
fn test_pbkdf2_hmac_sha1() { fn test_pbkdf2_hmac_sha1() {
assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 1u, 20u) == ~[ assert pbkdf2_hmac_sha1(
"password",
str::to_bytes("salt"),
1u,
20u
) == ~[
0x0c_u8, 0x60_u8, 0xc8_u8, 0x0f_u8, 0x96_u8, 0x1f_u8, 0x0e_u8, 0x0c_u8, 0x60_u8, 0xc8_u8, 0x0f_u8, 0x96_u8, 0x1f_u8, 0x0e_u8,
0x71_u8, 0xf3_u8, 0xa9_u8, 0xb5_u8, 0x24_u8, 0xaf_u8, 0x60_u8, 0x71_u8, 0xf3_u8, 0xa9_u8, 0xb5_u8, 0x24_u8, 0xaf_u8, 0x60_u8,
0x12_u8, 0x06_u8, 0x2f_u8, 0xe0_u8, 0x37_u8, 0xa6_u8 0x12_u8, 0x06_u8, 0x2f_u8, 0xe0_u8, 0x37_u8, 0xa6_u8
]; ];
assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 2u, 20u) == ~[ assert pbkdf2_hmac_sha1(
"password",
str::to_bytes("salt"),
2u,
20u
) == ~[
0xea_u8, 0x6c_u8, 0x01_u8, 0x4d_u8, 0xc7_u8, 0x2d_u8, 0x6f_u8, 0xea_u8, 0x6c_u8, 0x01_u8, 0x4d_u8, 0xc7_u8, 0x2d_u8, 0x6f_u8,
0x8c_u8, 0xcd_u8, 0x1e_u8, 0xd9_u8, 0x2a_u8, 0xce_u8, 0x1d_u8, 0x8c_u8, 0xcd_u8, 0x1e_u8, 0xd9_u8, 0x2a_u8, 0xce_u8, 0x1d_u8,
0x41_u8, 0xf0_u8, 0xd8_u8, 0xde_u8, 0x89_u8, 0x57_u8 0x41_u8, 0xf0_u8, 0xd8_u8, 0xde_u8, 0x89_u8, 0x57_u8
]; ];
assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 4096u, assert pbkdf2_hmac_sha1(
20u) == ~[ "password",
str::to_bytes("salt"),
4096u,
20u
) == ~[
0x4b_u8, 0x00_u8, 0x79_u8, 0x01_u8, 0xb7_u8, 0x65_u8, 0x48_u8, 0x4b_u8, 0x00_u8, 0x79_u8, 0x01_u8, 0xb7_u8, 0x65_u8, 0x48_u8,
0x9a_u8, 0xbe_u8, 0xad_u8, 0x49_u8, 0xd9_u8, 0x26_u8, 0xf7_u8, 0x9a_u8, 0xbe_u8, 0xad_u8, 0x49_u8, 0xd9_u8, 0x26_u8, 0xf7_u8,
0x21_u8, 0xd0_u8, 0x65_u8, 0xa4_u8, 0x29_u8, 0xc1_u8 0x21_u8, 0xd0_u8, 0x65_u8, 0xa4_u8, 0x29_u8, 0xc1_u8
]; ];
assert pbkdf2_hmac_sha1("password", str::bytes("salt"), 16777216u, assert pbkdf2_hmac_sha1(
20u) == ~[ "password",
str::to_bytes("salt"),
16777216u,
20u
) == ~[
0xee_u8, 0xfe_u8, 0x3d_u8, 0x61_u8, 0xcd_u8, 0x4d_u8, 0xa4_u8, 0xee_u8, 0xfe_u8, 0x3d_u8, 0x61_u8, 0xcd_u8, 0x4d_u8, 0xa4_u8,
0xe4_u8, 0xe9_u8, 0x94_u8, 0x5b_u8, 0x3d_u8, 0x6b_u8, 0xa2_u8, 0xe4_u8, 0xe9_u8, 0x94_u8, 0x5b_u8, 0x3d_u8, 0x6b_u8, 0xa2_u8,
0x15_u8, 0x8c_u8, 0x26_u8, 0x34_u8, 0xe9_u8, 0x84_u8 0x15_u8, 0x8c_u8, 0x26_u8, 0x34_u8, 0xe9_u8, 0x84_u8
@ -72,16 +90,22 @@ mod tests {
assert pbkdf2_hmac_sha1( assert pbkdf2_hmac_sha1(
"passwordPASSWORDpassword", "passwordPASSWORDpassword",
str::bytes("saltSALTsaltSALTsaltSALTsaltSALTsalt"), str::to_bytes("saltSALTsaltSALTsaltSALTsaltSALTsalt"),
4096u, 25u) == ~[ 4096u,
25u
) == ~[
0x3d_u8, 0x2e_u8, 0xec_u8, 0x4f_u8, 0xe4_u8, 0x1c_u8, 0x84_u8, 0x3d_u8, 0x2e_u8, 0xec_u8, 0x4f_u8, 0xe4_u8, 0x1c_u8, 0x84_u8,
0x9b_u8, 0x80_u8, 0xc8_u8, 0xd8_u8, 0x36_u8, 0x62_u8, 0xc0_u8, 0x9b_u8, 0x80_u8, 0xc8_u8, 0xd8_u8, 0x36_u8, 0x62_u8, 0xc0_u8,
0xe4_u8, 0x4a_u8, 0x8b_u8, 0x29_u8, 0x1a_u8, 0x96_u8, 0x4c_u8, 0xe4_u8, 0x4a_u8, 0x8b_u8, 0x29_u8, 0x1a_u8, 0x96_u8, 0x4c_u8,
0xf2_u8, 0xf0_u8, 0x70_u8, 0x38_u8 0xf2_u8, 0xf0_u8, 0x70_u8, 0x38_u8
]; ];
assert pbkdf2_hmac_sha1("pass\x00word", str::bytes("sa\x00lt"), 4096u, assert pbkdf2_hmac_sha1(
16u) == ~[ "pass\x00word",
str::to_bytes("sa\x00lt"),
4096u,
16u
) == ~[
0x56_u8, 0xfa_u8, 0x6a_u8, 0xa7_u8, 0x55_u8, 0x48_u8, 0x09_u8, 0x56_u8, 0xfa_u8, 0x6a_u8, 0xa7_u8, 0x55_u8, 0x48_u8, 0x09_u8,
0x9d_u8, 0xcc_u8, 0x37_u8, 0xd7_u8, 0xf0_u8, 0x34_u8, 0x25_u8, 0x9d_u8, 0xcc_u8, 0x37_u8, 0xd7_u8, 0xf0_u8, 0x34_u8, 0x25_u8,
0xe0_u8, 0xc3_u8 0xe0_u8, 0xc3_u8

484
pkey.rs
View File

@ -1,11 +1,12 @@
import libc::{c_int, c_uint}; use libc::{c_int, c_uint};
export pkeyrole, encrypt, decrypt, sign, verify;
export pkey;
export libcrypto;
#[allow(non_camel_case_types)]
type EVP_PKEY = *libc::c_void; type EVP_PKEY = *libc::c_void;
#[allow(non_camel_case_types)]
type ANYKEY = *libc::c_void; type ANYKEY = *libc::c_void;
#[allow(non_camel_case_types)]
type RSA = *libc::c_void; type RSA = *libc::c_void;
#[link_name = "crypto"] #[link_name = "crypto"]
@ -16,281 +17,336 @@ extern mod libcrypto {
fn EVP_PKEY_assign(k: *EVP_PKEY, t: c_int, inner: *ANYKEY); fn EVP_PKEY_assign(k: *EVP_PKEY, t: c_int, inner: *ANYKEY);
fn EVP_PKEY_get1_RSA(k: *EVP_PKEY) -> *RSA; fn EVP_PKEY_get1_RSA(k: *EVP_PKEY) -> *RSA;
fn i2d_PublicKey(k: *EVP_PKEY, buf: **u8) -> c_int; fn i2d_PublicKey(k: *EVP_PKEY, buf: &*mut u8) -> c_int;
fn d2i_PublicKey(t: c_int, k: **EVP_PKEY, buf: **u8, len: c_uint) -> *EVP_PKEY; fn d2i_PublicKey(t: c_int, k: &*EVP_PKEY, buf: &*u8, len: c_uint) -> *EVP_PKEY;
fn i2d_PrivateKey(k: *EVP_PKEY, buf: **u8) -> c_int; fn i2d_PrivateKey(k: *EVP_PKEY, buf: &*mut u8) -> c_int;
fn d2i_PrivateKey(t: c_int, k: **EVP_PKEY, buf: **u8, len: c_uint) -> *EVP_PKEY; fn d2i_PrivateKey(t: c_int, k: &*EVP_PKEY, buf: &*u8, len: c_uint) -> *EVP_PKEY;
fn RSA_generate_key(modsz: c_uint, e: c_uint, cb: *u8, cbarg: *u8) -> *RSA; fn RSA_generate_key(modsz: c_uint, e: c_uint, cb: *u8, cbarg: *u8) -> *RSA;
fn RSA_size(k: *RSA) -> c_uint; fn RSA_size(k: *RSA) -> c_uint;
fn RSA_public_encrypt(flen: c_uint, from: *u8, to: *u8, k: *RSA, fn RSA_public_encrypt(flen: c_uint, from: *u8, to: *mut u8, k: *RSA,
pad: c_int) -> c_int; pad: c_int) -> c_int;
fn RSA_private_decrypt(flen: c_uint, from: *u8, to: *u8, k: *RSA, fn RSA_private_decrypt(flen: c_uint, from: *u8, to: *mut u8, k: *RSA,
pad: c_int) -> c_int; pad: c_int) -> c_int;
fn RSA_sign(t: c_int, m: *u8, mlen: c_uint, sig: *u8, siglen: *c_uint, fn RSA_sign(t: c_int, m: *u8, mlen: c_uint, sig: *mut u8, siglen: *c_uint,
k: *RSA) -> c_int; k: *RSA) -> c_int;
fn RSA_verify(t: c_int, m: *u8, mlen: c_uint, sig: *u8, siglen: c_uint, fn RSA_verify(t: c_int, m: *u8, mlen: c_uint, sig: *u8, siglen: c_uint,
k: *RSA) -> c_int; k: *RSA) -> c_int;
} }
enum pkeyparts { enum Parts {
neither, Neither,
public, Public,
both Both
} }
#[doc = "Represents a role an asymmetric key might be appropriate for."] #[doc = "Represents a role an asymmetric key might be appropriate for."]
enum pkeyrole { pub enum Role {
encrypt, Encrypt,
decrypt, Decrypt,
sign, Sign,
verify Verify
}
#[doc = "Represents a public key, optionally with a private key attached."]
iface pkey {
#[doc = "
Returns a serialized form of the public key, suitable for load_pub().
"]
fn save_pub() -> ~[u8];
#[doc = "
Loads a serialized form of the public key, as produced by save_pub().
"]
fn load_pub(s: ~[u8]);
#[doc = "
Returns a serialized form of the public and private keys, suitable for
load_priv().
"]
fn save_priv() -> ~[u8];
#[doc = "
Loads a serialized form of the public and private keys, as produced by
save_priv().
"]
fn load_priv(s: ~[u8]);
#[doc = "Returns the size of the public key modulus."]
fn size() -> uint;
#[doc = "Generates a public/private keypair of the specified size."]
fn gen(keysz: uint);
#[doc = "
Returns whether this pkey object can perform the specified role.
"]
fn can(role: pkeyrole) -> bool;
#[doc = "
Returns the maximum amount of data that can be encrypted by an encrypt()
call.
"]
fn max_data() -> uint;
#[doc = "
Encrypts data using OAEP padding, returning the encrypted data. The supplied
data must not be larger than max_data().
"]
fn encrypt(s: ~[u8]) -> ~[u8];
#[doc = "
Decrypts data, expecting OAEP padding, returning the decrypted data.
"]
fn decrypt(s: ~[u8]) -> ~[u8];
#[doc = "
Signs data, using OpenSSL's default scheme and sha256. Unlike encrypt(), can
process an arbitrary amount of data; returns the signature.
"]
fn sign(s: ~[u8]) -> ~[u8];
#[doc = "
Verifies a signature s (using OpenSSL's default scheme and sha256) on a
message m. Returns true if the signature is valid, and false otherwise.
"]
fn verify(m: ~[u8], s: ~[u8]) -> bool;
} }
fn rsa_to_any(rsa: *RSA) -> *ANYKEY unsafe { fn rsa_to_any(rsa: *RSA) -> *ANYKEY unsafe {
unsafe::reinterpret_cast::<*RSA, *ANYKEY>(rsa) cast::reinterpret_cast(&rsa)
} }
fn any_to_rsa(anykey: *ANYKEY) -> *RSA unsafe { fn any_to_rsa(anykey: *ANYKEY) -> *RSA unsafe {
unsafe::reinterpret_cast::<*ANYKEY, *RSA>(anykey) cast::reinterpret_cast(&anykey)
} }
fn pkey() -> pkey { pub struct PKey {
type pkeystate = { priv mut evp: *EVP_PKEY,
mut evp: *EVP_PKEY, priv mut parts: Parts,
mut parts: pkeyparts }
pub fn PKey() -> PKey {
PKey { evp: libcrypto::EVP_PKEY_new(), parts: Neither }
}
priv impl PKey {
fn _tostr(f: fn@(*EVP_PKEY, &*mut u8) -> c_int) -> ~[u8] unsafe {
let buf = ptr::mut_null();
let len = f(self.evp, &buf);
if len < 0 as c_int { return ~[]; }
let mut s = vec::from_elem(len as uint, 0u8);
let r = do vec::as_mut_buf(s) |ps, _len| {
f(self.evp, &ps)
}; };
fn _tostr(st: pkeystate, vec::slice(s, 0u, r as uint)
f: fn@(*EVP_PKEY, **u8) -> c_int) -> ~[u8] unsafe {
let len = f(st.evp, ptr::null());
if len < 0 as c_int { ret ~[]; }
let s = vec::to_mut(vec::from_elem::<u8>(len as uint, 0u8));
let ps = vec::unsafe::to_ptr::<u8>(s);
let pps = ptr::addr_of(ps);
let r = f(st.evp, pps);
let bytes = vec::slice::<u8>(s, 0u, r as uint);
ret bytes;
} }
fn _fromstr(st: pkeystate, fn _fromstr(
f: fn@(c_int, **EVP_PKEY, **u8, c_uint) -> *EVP_PKEY, s: &[u8],
s: ~[u8]) unsafe { f: fn@(c_int, &*EVP_PKEY, &*u8, c_uint) -> *EVP_PKEY
let ps: *u8 = vec::unsafe::to_ptr::<u8>(s); ) unsafe {
let pps: **u8 = ptr::addr_of(ps); do vec::as_imm_buf(s) |ps, len| {
let evp: *EVP_PKEY = ptr::null(); let evp = ptr::null();
let pevp: **EVP_PKEY = ptr::addr_of(evp); f(6 as c_int, &evp, &ps, len as c_uint);
f(6 as c_int, pevp, pps, vec::len(s) as c_uint); self.evp = evp;
st.evp = *pevp; }
}
} }
impl of pkey for pkeystate { ///Represents a public key, optionally with a private key attached.
pub impl PKey {
fn gen(keysz: uint) unsafe { fn gen(keysz: uint) unsafe {
let rsa = libcrypto::RSA_generate_key(keysz as c_uint, 65537u as c_uint, let rsa = libcrypto::RSA_generate_key(
ptr::null(), ptr::null()); keysz as c_uint,
65537u as c_uint,
ptr::null(),
ptr::null()
);
let rsa_ = rsa_to_any(rsa); let rsa_ = rsa_to_any(rsa);
// XXX: 6 == NID_rsaEncryption // XXX: 6 == NID_rsaEncryption
libcrypto::EVP_PKEY_assign(self.evp, 6 as c_int, rsa_); libcrypto::EVP_PKEY_assign(self.evp, 6 as c_int, rsa_);
self.parts = both; self.parts = Both;
} }
/**
* Returns a serialized form of the public key, suitable for load_pub().
*/
fn save_pub() -> ~[u8] { fn save_pub() -> ~[u8] {
_tostr(self, libcrypto::i2d_PublicKey) self._tostr(libcrypto::i2d_PublicKey)
} }
fn load_pub(s: ~[u8]) {
_fromstr(self, libcrypto::d2i_PublicKey, s); /**
self.parts = public; * Loads a serialized form of the public key, as produced by save_pub().
*/
fn load_pub(s: &[u8]) {
self._fromstr(s, libcrypto::d2i_PublicKey);
self.parts = Public;
} }
/**
* Returns a serialized form of the public and private keys, suitable for
* load_priv().
*/
fn save_priv() -> ~[u8] { fn save_priv() -> ~[u8] {
_tostr(self, libcrypto::i2d_PrivateKey) self._tostr(libcrypto::i2d_PrivateKey)
} }
fn load_priv(s: ~[u8]) { /**
_fromstr(self, libcrypto::d2i_PrivateKey, s); * Loads a serialized form of the public and private keys, as produced by
self.parts = both; * save_priv().
*/
fn load_priv(s: &[u8]) {
self._fromstr(s, libcrypto::d2i_PrivateKey);
self.parts = Both;
} }
/**
* Returns the size of the public key modulus.
*/
fn size() -> uint { fn size() -> uint {
libcrypto::RSA_size(libcrypto::EVP_PKEY_get1_RSA(self.evp)) as uint libcrypto::RSA_size(libcrypto::EVP_PKEY_get1_RSA(self.evp)) as uint
} }
fn can(r: pkeyrole) -> bool {
alt r { /**
encrypt { self.parts != neither } * Returns whether this pkey object can perform the specified role.
verify { self.parts != neither } */
decrypt { self.parts == both } fn can(r: Role) -> bool {
sign { self.parts == both } match r {
} Encrypt =>
} match self.parts {
fn max_data() -> uint unsafe { Neither => false,
let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); _ => true,
let len = libcrypto::RSA_size(rsa); },
// 41 comes from RSA_public_encrypt(3) for OAEP Verify =>
ret len as uint - 41u; match self.parts {
} Neither => false,
fn encrypt(s: ~[u8]) -> ~[u8] unsafe { _ => true,
let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp); },
let len = libcrypto::RSA_size(rsa); Decrypt =>
// 41 comes from RSA_public_encrypt(3) for OAEP match self.parts {
assert(vec::len(s) < libcrypto::RSA_size(rsa) as uint - 41u); Both => true,
let r = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8)); _ => false,
let pr = vec::unsafe::to_ptr::<u8>(r); },
let ps = vec::unsafe::to_ptr::<u8>(s); Sign =>
// XXX: 4 == RSA_PKCS1_OAEP_PADDING match self.parts {
let rv = libcrypto::RSA_public_encrypt(vec::len(s) as c_uint, ps, pr, Both => true,
rsa, 4 as c_int); _ => false,
if rv < 0 as c_int { ret ~[]; } },
ret vec::slice::<u8>(r, 0u, rv as uint);
}
fn decrypt(s: ~[u8]) -> ~[u8] unsafe {
let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp);
let len = libcrypto::RSA_size(rsa);
assert(vec::len(s) as c_uint == libcrypto::RSA_size(rsa));
let r = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8));
let pr = vec::unsafe::to_ptr::<u8>(r);
let ps = vec::unsafe::to_ptr::<u8>(s);
// XXX: 4 == RSA_PKCS1_OAEP_PADDING
let rv = libcrypto::RSA_private_decrypt(vec::len(s) as c_uint, ps,
pr, rsa, 4 as c_int);
if rv < 0 as c_int { ret ~[]; }
ret vec::slice::<u8>(r, 0u, rv as uint);
}
fn sign(s: ~[u8]) -> ~[u8] unsafe {
let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp);
let len = libcrypto::RSA_size(rsa);
let r = vec::to_mut(vec::from_elem::<u8>(len as uint + 1u, 0u8));
let pr = vec::unsafe::to_ptr::<u8>(r);
let ps = vec::unsafe::to_ptr::<u8>(s);
let plen = ptr::addr_of(len);
// XXX: 672 == NID_sha256
let rv = libcrypto::RSA_sign(672 as c_int, ps,
vec::len(s) as c_uint, pr,
plen, rsa);
if rv < 0 as c_int { ret ~[]; }
ret vec::slice::<u8>(r, 0u, *plen as uint);
}
fn verify(m: ~[u8], s: ~[u8]) -> bool unsafe {
let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp);
let pm: *u8 = vec::unsafe::to_ptr::<u8>(m);
let ps: *u8 = vec::unsafe::to_ptr::<u8>(s);
// XXX: 672 == NID_sha256
let rv = libcrypto::RSA_verify(672 as c_int, pm,
vec::len(m) as c_uint, ps,
vec::len(s) as c_uint, rsa);
ret rv == 1 as c_int;
} }
} }
let st = { mut evp: libcrypto::EVP_PKEY_new(), mut parts: neither }; /**
let p = st as pkey; * Returns the maximum amount of data that can be encrypted by an encrypt()
ret p; * call.
*/
fn max_data() -> uint unsafe {
let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp);
let len = libcrypto::RSA_size(rsa);
// 41 comes from RSA_public_encrypt(3) for OAEP
len as uint - 41u
}
/**
* Encrypts data using OAEP padding, returning the encrypted data. The
* supplied data must not be larger than max_data().
*/
fn encrypt(s: &[u8]) -> ~[u8] unsafe {
let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp);
let len = libcrypto::RSA_size(rsa);
// 41 comes from RSA_public_encrypt(3) for OAEP
assert s.len() < libcrypto::RSA_size(rsa) as uint - 41u;
let mut r = vec::from_elem(len as uint + 1u, 0u8);
do vec::as_mut_buf(r) |pr, _len| {
do vec::as_imm_buf(s) |ps, s_len| {
// XXX: 4 == RSA_PKCS1_OAEP_PADDING
let rv = libcrypto::RSA_public_encrypt(
s_len as c_uint,
ps,
pr,
rsa, 4 as c_int
);
if rv < 0 as c_int {
~[]
} else {
vec::slice(r, 0u, rv as uint)
}
}
}
}
/**
* Decrypts data, expecting OAEP padding, returning the decrypted data.
*/
fn decrypt(s: &[u8]) -> ~[u8] unsafe {
let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp);
let len = libcrypto::RSA_size(rsa);
assert s.len() as c_uint == libcrypto::RSA_size(rsa);
let mut r = vec::from_elem(len as uint + 1u, 0u8);
do vec::as_mut_buf(r) |pr, _len| {
do vec::as_imm_buf(s) |ps, s_len| {
// XXX: 4 == RSA_PKCS1_OAEP_PADDING
let rv = libcrypto::RSA_private_decrypt(
s_len as c_uint,
ps,
pr,
rsa,
4 as c_int
);
if rv < 0 as c_int {
~[]
} else {
vec::slice(r, 0u, rv as uint)
}
}
}
}
/**
* Signs data, using OpenSSL's default scheme and sha256. Unlike encrypt(),
* can process an arbitrary amount of data; returns the signature.
*/
fn sign(s: &[u8]) -> ~[u8] unsafe {
let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp);
let len = libcrypto::RSA_size(rsa);
let mut r = vec::from_elem(len as uint + 1u, 0u8);
do vec::as_mut_buf(r) |pr, _len| {
do vec::as_imm_buf(s) |ps, s_len| {
let plen = ptr::addr_of(len);
// XXX: 672 == NID_sha256
let rv = libcrypto::RSA_sign(
672 as c_int,
ps,
s_len as c_uint,
pr,
plen,
rsa);
if rv < 0 as c_int {
~[]
} else {
vec::slice(r, 0u, *plen as uint)
}
}
}
}
/**
* Verifies a signature s (using OpenSSL's default scheme and sha256) on a
* message m. Returns true if the signature is valid, and false otherwise.
*/
fn verify(m: &[u8], s: &[u8]) -> bool unsafe {
let rsa = libcrypto::EVP_PKEY_get1_RSA(self.evp);
do vec::as_imm_buf(m) |pm, m_len| {
do vec::as_imm_buf(s) |ps, s_len| {
// XXX: 672 == NID_sha256
let rv = libcrypto::RSA_verify(
672 as c_int,
pm,
m_len as c_uint,
ps,
s_len as c_uint,
rsa
);
rv == 1 as c_int
}
}
}
} }
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
#[test] #[test]
fn test_gen_pub() { fn test_gen_pub() {
let k0 = pkey(); let k0 = PKey();
let k1 = pkey(); let k1 = PKey();
k0.gen(512u); k0.gen(512u);
k1.load_pub(k0.save_pub()); k1.load_pub(k0.save_pub());
assert(k0.save_pub() == k1.save_pub()); assert(k0.save_pub() == k1.save_pub());
assert(k0.size() == k1.size()); assert(k0.size() == k1.size());
assert(k0.can(encrypt)); assert(k0.can(Encrypt));
assert(k0.can(decrypt)); assert(k0.can(Decrypt));
assert(k0.can(verify)); assert(k0.can(Verify));
assert(k0.can(sign)); assert(k0.can(Sign));
assert(k1.can(encrypt)); assert(k1.can(Encrypt));
assert(!k1.can(decrypt)); assert(!k1.can(Decrypt));
assert(k1.can(verify)); assert(k1.can(Verify));
assert(!k1.can(sign)); assert(!k1.can(Sign));
} }
#[test] #[test]
fn test_gen_priv() { fn test_gen_priv() {
let k0 = pkey(); let k0 = PKey();
let k1 = pkey(); let k1 = PKey();
k0.gen(512u); k0.gen(512u);
k1.load_priv(k0.save_priv()); k1.load_priv(k0.save_priv());
assert(k0.save_priv() == k1.save_priv()); assert(k0.save_priv() == k1.save_priv());
assert(k0.size() == k1.size()); assert(k0.size() == k1.size());
assert(k0.can(encrypt)); assert(k0.can(Encrypt));
assert(k0.can(decrypt)); assert(k0.can(Decrypt));
assert(k0.can(verify)); assert(k0.can(Verify));
assert(k0.can(sign)); assert(k0.can(Sign));
assert(k1.can(encrypt)); assert(k1.can(Encrypt));
assert(k1.can(decrypt)); assert(k1.can(Decrypt));
assert(k1.can(verify)); assert(k1.can(Verify));
assert(k1.can(sign)); assert(k1.can(Sign));
} }
#[test] #[test]
fn test_encrypt() { fn test_encrypt() {
let k0 = pkey(); let k0 = PKey();
let k1 = pkey(); let k1 = PKey();
let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8];
k0.gen(512u); k0.gen(512u);
k1.load_pub(k0.save_pub()); k1.load_pub(k0.save_pub());
@ -301,8 +357,8 @@ mod tests {
#[test] #[test]
fn test_sign() { fn test_sign() {
let k0 = pkey(); let k0 = PKey();
let k1 = pkey(); let k1 = PKey();
let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8]; let msg = ~[0xdeu8, 0xadu8, 0xd0u8, 0x0du8];
k0.gen(512u); k0.gen(512u);
k1.load_pub(k0.save_pub()); k1.load_pub(k0.save_pub());

15
rand.rs
View File

@ -1,22 +1,21 @@
import libc::{c_uchar, c_int}; use libc::{c_uchar, c_int};
#[link_name = "crypto"] #[link_name = "crypto"]
#[abi = "cdecl"] #[abi = "cdecl"]
extern mod libcrypto { extern mod libcrypto {
fn RAND_bytes(buf: *c_uchar, num: c_int) -> c_int; fn RAND_bytes(buf: *mut u8, num: c_int) -> c_int;
} }
fn rand_bytes(len: uint) -> ~[u8] { pub fn rand_bytes(len: uint) -> ~[u8] {
let mut out = ~[]; let mut out = vec::with_capacity(len);
vec::reserve(out, len);
do vec::as_buf(out) |out_buf| { do vec::as_mut_buf(out) |out_buf, len| {
let r = libcrypto::RAND_bytes(out_buf, len as c_int); let r = libcrypto::RAND_bytes(out_buf, len as c_int);
if r != 1 as c_int { fail } if r != 1 as c_int { fail }
unsafe { vec::unsafe::set_len(out, len); }
} }
unsafe { vec::raw::set_len(out, len); }
out out
} }

208
symm.rs
View File

@ -1,14 +1,13 @@
import libc::c_int; use libc::{c_int, c_uint};
export crypter;
export cryptermode;
export encryptmode, decryptmode; export encryptmode, decryptmode;
export cryptertype;
export aes_256_ecb, aes_256_cbc;
export encrypt, decrypt; export encrypt, decrypt;
export libcrypto; export libcrypto;
#[allow(non_camel_case_types)]
type EVP_CIPHER_CTX = *libc::c_void; type EVP_CIPHER_CTX = *libc::c_void;
#[allow(non_camel_case_types)]
type EVP_CIPHER = *libc::c_void; type EVP_CIPHER = *libc::c_void;
#[link_name = "crypto"] #[link_name = "crypto"]
@ -26,123 +25,140 @@ extern mod libcrypto {
fn EVP_CipherInit(ctx: EVP_CIPHER_CTX, evp: EVP_CIPHER, fn EVP_CipherInit(ctx: EVP_CIPHER_CTX, evp: EVP_CIPHER,
key: *u8, iv: *u8, mode: c_int); key: *u8, iv: *u8, mode: c_int);
fn EVP_CipherUpdate(ctx: EVP_CIPHER_CTX, outbuf: *u8, outlen: *u32, fn EVP_CipherUpdate(ctx: EVP_CIPHER_CTX, outbuf: *mut u8,
inbuf: *u8, inlen: u32); outlen: &mut c_uint, inbuf: *u8, inlen: c_int);
fn EVP_CipherFinal(ctx: EVP_CIPHER_CTX, res: *u8, len: *u32); fn EVP_CipherFinal(ctx: EVP_CIPHER_CTX, res: *mut u8, len: &mut c_int);
} }
#[doc = "Represents a symmetric cipher context."] pub enum Mode {
iface crypter { Encrypt,
#[doc = " Decrypt,
Enables or disables padding. If padding is disabled, total amount of data
encrypted must be a multiple of block size.
"]
fn pad(padding: bool);
#[doc = "Initializes this crypter."]
fn init(mode: cryptermode, key: ~[u8], iv: ~[u8]);
#[doc = "
Update this crypter with more data to encrypt or decrypt. Returns encrypted
or decrypted bytes.
"]
fn update(data: ~[u8]) -> ~[u8];
#[doc = "
Finish crypting. Returns the remaining partial block of output, if any.
"]
fn final() -> ~[u8];
} }
enum cryptermode { #[allow(non_camel_case_types)]
encryptmode, pub enum Type {
decryptmode AES_256_ECB,
AES_256_CBC,
} }
enum cryptertype { fn evpc(t: Type) -> (EVP_CIPHER, uint, uint) {
aes_256_ecb, match t {
aes_256_cbc AES_256_ECB => (libcrypto::EVP_aes_256_ecb(), 32u, 16u),
} AES_256_CBC => (libcrypto::EVP_aes_256_cbc(), 32u, 16u),
fn evpc(t: cryptertype) -> (EVP_CIPHER, uint, uint) {
alt t {
aes_256_ecb { (libcrypto::EVP_aes_256_ecb(), 32u, 16u) }
aes_256_cbc { (libcrypto::EVP_aes_256_cbc(), 32u, 16u) }
} }
} }
fn crypter(t: cryptertype) -> crypter { /// Represents a symmetric cipher context.
type crypterstate = { pub struct Crypter {
evp: EVP_CIPHER, priv evp: EVP_CIPHER,
ctx: EVP_CIPHER_CTX, priv ctx: EVP_CIPHER_CTX,
keylen: uint, priv keylen: uint,
blocksize: uint priv blocksize: uint
}; }
impl of crypter for crypterstate { pub fn Crypter(t: Type) -> Crypter {
let ctx = libcrypto::EVP_CIPHER_CTX_new();
let (evp, keylen, blocksz) = evpc(t);
Crypter { evp: evp, ctx: ctx, keylen: keylen, blocksize: blocksz }
}
pub impl Crypter {
/**
* Enables or disables padding. If padding is disabled, total amount of
* data encrypted must be a multiple of block size.
*/
fn pad(padding: bool) { fn pad(padding: bool) {
let v = if padding { 1 } else { 0} as c_int; let v = if padding { 1 } else { 0} as c_int;
libcrypto::EVP_CIPHER_CTX_set_padding(self.ctx, v); libcrypto::EVP_CIPHER_CTX_set_padding(self.ctx, v);
} }
fn init (mode: cryptermode, key: ~[u8], iv: ~[u8]) unsafe { /**
let m = alt mode { encryptmode { 1 } decryptmode { 0 } } as c_int; * Initializes this crypter.
assert(vec::len(key) == self.keylen); */
let pkey: *u8 = vec::unsafe::to_ptr::<u8>(key); fn init(mode: Mode, key: &[u8], iv: &[u8]) unsafe {
let piv: *u8 = vec::unsafe::to_ptr::<u8>(iv); let mode = match mode {
libcrypto::EVP_CipherInit(self.ctx, self.evp, pkey, piv, m); Encrypt => 1 as c_int,
Decrypt => 0 as c_int,
};
assert key.len() == self.keylen;
do vec::as_imm_buf(key) |pkey, _len| {
do vec::as_imm_buf(iv) |piv, _len| {
libcrypto::EVP_CipherInit(
self.ctx,
self.evp,
pkey,
piv,
mode
)
}
}
} }
fn update(data: ~[u8]) -> ~[u8] unsafe { /**
let pdata = vec::unsafe::to_ptr::<u8>(data); * Update this crypter with more data to encrypt or decrypt. Returns
let datalen = vec::len(data) as u32; * encrypted or decrypted bytes.
let reslen = datalen + (self.blocksize as u32); */
let preslen = ptr::addr_of(reslen); fn update(data: &[u8]) -> ~[u8] unsafe {
let res = vec::to_mut(vec::from_elem::<u8>(reslen as uint, 0u8)); do vec::as_imm_buf(data) |pdata, len| {
let pres = vec::unsafe::to_ptr::<u8>(res); let mut res = vec::from_elem(len + self.blocksize, 0u8);
libcrypto::EVP_CipherUpdate(self.ctx, pres, preslen, pdata, datalen);
ret vec::slice::<u8>(res, 0u, *preslen as uint); let reslen = do vec::as_mut_buf(res) |pres, _len| {
let mut reslen = (len + self.blocksize) as u32;
libcrypto::EVP_CipherUpdate(
self.ctx,
pres,
&mut reslen,
pdata,
len as c_int
);
reslen
};
vec::slice(res, 0u, reslen as uint)
}
} }
/**
* Finish crypting. Returns the remaining partial block of output, if any.
*/
fn final() -> ~[u8] unsafe { fn final() -> ~[u8] unsafe {
let reslen = self.blocksize as u32; let res = vec::to_mut(vec::from_elem(self.blocksize, 0u8));
let preslen = ptr::addr_of(reslen);
let res = vec::to_mut(vec::from_elem::<u8>(reslen as uint, 0u8)); let reslen = do vec::as_mut_buf(res) |pres, _len| {
let pres = vec::unsafe::to_ptr::<u8>(res); let mut reslen = self.blocksize as c_int;
libcrypto::EVP_CipherFinal(self.ctx, pres, preslen); libcrypto::EVP_CipherFinal(self.ctx, pres, &mut reslen);
ret vec::slice::<u8>(res, 0u, *preslen as uint); reslen
};
vec::slice(res, 0u, reslen as uint)
} }
} }
let ctx = libcrypto::EVP_CIPHER_CTX_new(); /**
let (evp, keylen, blocksz) = evpc(t); * Encrypts data, using the specified crypter type in encrypt mode with the
let st = { evp: evp, ctx: ctx, keylen: keylen, blocksize: blocksz }; * specified key and iv; returns the resulting (encrypted) data.
let h = st as crypter; */
ret h; fn encrypt(t: Type, key: &[u8], iv: ~[u8], data: &[u8]) -> ~[u8] {
} let c = Crypter(t);
c.init(Encrypt, key, iv);
#[doc = "
Encrypts data, using the specified crypter type in encrypt mode with the
specified key and iv; returns the resulting (encrypted) data.
"]
fn encrypt(t: cryptertype, key: ~[u8], iv: ~[u8], data: ~[u8]) -> ~[u8] {
let c = crypter(t);
c.init(encryptmode, key, iv);
let r = c.update(data); let r = c.update(data);
let rest = c.final(); let rest = c.final();
ret r + rest; r + rest
} }
#[doc = " /**
Decrypts data, using the specified crypter type in decrypt mode with the * Decrypts data, using the specified crypter type in decrypt mode with the
specified key and iv; returns the resulting (decrypted) data. * specified key and iv; returns the resulting (decrypted) data.
"] */
fn decrypt(t: cryptertype, key: ~[u8], iv: ~[u8], data: ~[u8]) -> ~[u8] { fn decrypt(t: Type, key: &[u8], iv: ~[u8], data: &[u8]) -> ~[u8] {
let c = crypter(t); let c = Crypter(t);
c.init(decryptmode, key, iv); c.init(Decrypt, key, iv);
let r = c.update(data); let r = c.update(data);
let rest = c.final(); let rest = c.final();
ret r + rest; r + rest
} }
#[cfg(test)] #[cfg(test)]
@ -162,12 +178,12 @@ mod tests {
let c0 = let c0 =
~[ 0x8eu8, 0xa2u8, 0xb7u8, 0xcau8, 0x51u8, 0x67u8, 0x45u8, 0xbfu8, ~[ 0x8eu8, 0xa2u8, 0xb7u8, 0xcau8, 0x51u8, 0x67u8, 0x45u8, 0xbfu8,
0xeau8, 0xfcu8, 0x49u8, 0x90u8, 0x4bu8, 0x49u8, 0x60u8, 0x89u8 ]; 0xeau8, 0xfcu8, 0x49u8, 0x90u8, 0x4bu8, 0x49u8, 0x60u8, 0x89u8 ];
let c = crypter(aes_256_ecb); let c = Crypter(AES_256_ECB);
c.init(encryptmode, k0, ~[]); c.init(Encrypt, k0, ~[]);
c.pad(false); c.pad(false);
let r0 = c.update(p0) + c.final(); let r0 = c.update(p0) + c.final();
assert(r0 == c0); assert(r0 == c0);
c.init(decryptmode, k0, ~[]); c.init(Decrypt, k0, ~[]);
c.pad(false); c.pad(false);
let p1 = c.update(r0) + c.final(); let p1 = c.update(r0) + c.final();
assert(p1 == p0); assert(p1 == p0);