Add CTR and GCM support

README.md

@@ -1,22 +1,13 @@
 This package provides Rust bindings for the functionality exposed by OpenSSL's
-libcrypto. Currently provided:
+libcrypto. OpenSSL 1.0.1 or higher is required. Currently provided:
 
-* Hashes (hash.rs)
+* Hash functions (hash.rs)
-  * MD5
+  * SHA-512, SHA-384, SHA-256, SHA-224
   * SHA-1
-  * SHA-2 (224, 256, 384, 512)
+  * MD5
 * Symmetric crypto (symm.rs)
-  * AES-128 or AES-256 in ECB or CBC mode
+  * AES-128 and AES-256 (ECB, CBC, CTR or GCM mode)
   * RC4-128
-* Keypair generation (pkey.rs)
+* RSA (pkey.rs)
-  * RSA, all key lengths
+  * Encryption with PKCS #1 OAEP padding or PKCS #1 v1.5 padding
-* Asymmetric encryption (pkey.rs)
+  * Signatures with PKCS #1 v1.5 padding and any supported hash
-  * RSA with PKCS #1 OAEP padding or PKCS #1 v1.5 padding
-* Digital signatures (pkey.rs)
-  * RSA with PKCS #1 v1.5 padding and any supported hash
-
-Each module provides two interfaces: a low-level API which wraps the OpenSSL
-interfaces as directly as possible and a high-level API which presents the
-OpenSSL API as a Rust object and tries to make sensible default choices about
-parameters most users won't care about. You probably want to use the high-level
-API. For documentation on these, see the individual source files.

symm.rs

@@ -18,10 +18,13 @@ extern mod libcrypto {
 
     fn EVP_aes_128_ecb() -> EVP_CIPHER;
     fn EVP_aes_128_cbc() -> EVP_CIPHER;
-    fn EVP_aes_192_ecb() -> EVP_CIPHER;
+    fn EVP_aes_128_ctr() -> EVP_CIPHER;
-    fn EVP_aes_192_cbc() -> EVP_CIPHER;
+    fn EVP_aes_128_gcm() -> EVP_CIPHER;
+
     fn EVP_aes_256_ecb() -> EVP_CIPHER;
     fn EVP_aes_256_cbc() -> EVP_CIPHER;
+    fn EVP_aes_256_ctr() -> EVP_CIPHER;
+    fn EVP_aes_256_gcm() -> EVP_CIPHER;
 
     fn EVP_rc4() -> EVP_CIPHER;
 
@@ -41,9 +44,13 @@ pub enum Mode {
 pub enum Type {
     AES_128_ECB,
     AES_128_CBC,
+    AES_128_CTR,
+    AES_128_GCM,
 
     AES_256_ECB,
     AES_256_CBC,
+    AES_256_CTR,
+    AES_256_GCM,
 
     RC4_128,
 }
@@ -52,9 +59,13 @@ fn evpc(t: Type) -> (EVP_CIPHER, uint, uint) {
     match t {
         AES_128_ECB => (libcrypto::EVP_aes_128_ecb(), 16u, 16u),
         AES_128_CBC => (libcrypto::EVP_aes_128_cbc(), 16u, 16u),
+        AES_128_CTR => (libcrypto::EVP_aes_128_ctr(), 16u, 16u),
+        AES_128_GCM => (libcrypto::EVP_aes_128_gcm(), 16u, 16u),
 
         AES_256_ECB => (libcrypto::EVP_aes_256_ecb(), 32u, 16u),
         AES_256_CBC => (libcrypto::EVP_aes_256_cbc(), 32u, 16u),
+        AES_256_CTR => (libcrypto::EVP_aes_256_ctr(), 32u, 16u),
+        AES_256_GCM => (libcrypto::EVP_aes_256_gcm(), 32u, 16u),
 
         RC4_128 => (libcrypto::EVP_rc4(), 16u, 0u),
     }
@@ -177,6 +188,8 @@ fn decrypt(t: Type, key: &[u8], iv: ~[u8], data: &[u8]) -> ~[u8] {
 
 #[cfg(test)]
 mod tests {
+    use hex::FromHex;
+
     // Test vectors from FIPS-197:
     // http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
     #[test]
@@ -203,16 +216,8 @@ mod tests {
         assert(p1 == p0);
     }
 
-    #[test]
+    fn cipher_test(ciphertype: Type, pt: ~str, ct: ~str, key: ~str, iv: ~str) {
-    pub fn test_rc4() {
+        let cipher = Crypter(ciphertype);
-        use hex::FromHex;
-
-        let pt = ~"0000000000000000000000000000000000000000000000000000000000000000000000000000";
-        let ct = ~"A68686B04D686AA107BD8D4CAB191A3EEC0A6294BC78B60F65C25CB47BD7BB3A48EFC4D26BE4";
-        let key = ~"97CD440324DA5FD1F7955C1C13B6B466";
-        let iv = ~"";
-
-        let cipher = Crypter(RC4_128);
         cipher.init(Encrypt, key.from_hex(), iv.from_hex());
 
         let computed = cipher.update(pt.from_hex());
@@ -220,4 +225,15 @@ mod tests {
         assert computed == ct.from_hex();
     }
 
+    #[test]
+    fn test_rc4() {
+
+        let pt = ~"0000000000000000000000000000000000000000000000000000000000000000000000000000";
+        let ct = ~"A68686B04D686AA107BD8D4CAB191A3EEC0A6294BC78B60F65C25CB47BD7BB3A48EFC4D26BE4";
+        let key = ~"97CD440324DA5FD1F7955C1C13B6B466";
+        let iv = ~"";
+
+        cipher_test(RC4_128, pt, ct, key, iv);
+    }
+
 }