diff options
| -rw-r--r-- | openssl-sys/src/lib.rs | 12 | ||||
| -rw-r--r-- | openssl/src/pkey.rs | 6 | ||||
| -rw-r--r-- | openssl/src/rsa.rs | 19 | ||||
| -rw-r--r-- | openssl/src/sign.rs | 17 |
4 files changed, 43 insertions, 11 deletions
diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs index 6b61aab7..7ef5f7fe 100644 --- a/openssl-sys/src/lib.rs +++ b/openssl-sys/src/lib.rs @@ -1638,6 +1638,9 @@ extern { key: *const c_uchar, keylen: c_int) -> *mut EVP_PKEY; + + pub fn EVP_PKEY_CTX_ctrl(ctx: *mut EVP_PKEY_CTX, keytype: c_int, optype: c_int, cmd: c_int, p1: c_int, p2: *mut c_void) -> c_int; + pub fn HMAC_CTX_copy(dst: *mut HMAC_CTX, src: *mut HMAC_CTX) -> c_int; pub fn OCSP_BASICRESP_new() -> *mut OCSP_BASICRESP; @@ -1732,7 +1735,6 @@ extern { pub fn RSA_new() -> *mut RSA; pub fn RSA_free(rsa: *mut RSA); pub fn RSA_generate_key_ex(rsa: *mut RSA, bits: c_int, e: *mut BIGNUM, cb: *mut BN_GENCB) -> c_int; - pub fn RSA_pkey_ctx_ctrl(ctx: *mut EVP_PKEY_CTX, optype: c_int, cmd: c_int, p1: c_int, p2: *mut c_void) -> c_int; pub fn RSA_private_decrypt(flen: c_int, from: *const u8, to: *mut u8, k: *mut RSA, pad: c_int) -> c_int; pub fn RSA_public_decrypt(flen: c_int, from: *const u8, to: *mut u8, k: *mut RSA, @@ -2005,10 +2007,10 @@ extern { } // EVP_PKEY_CTX_ctrl macros -unsafe fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad: c_int) -> c_int { - RSA_pkey_ctx_ctrl(ctx, -1, RSA_PKEY_CTRL_RSA_PADDING, pad, ptr::null_mut()) +pub unsafe fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad: c_int) -> c_int { + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, RSA_PKEY_CTRL_RSA_PADDING, pad, ptr::null_mut()) } -unsafe fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut EVP_PKEY_CTX, ppad: *mut c_int) -> c_int { - RSA_pkey_ctx_ctrl(ctx, -1, RSA_PKEY_CTRL_GET_RSA_PADDING, 0, ppad as *mut c_void) +pub unsafe fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut EVP_PKEY_CTX, ppad: *mut c_int) -> c_int { + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, RSA_PKEY_CTRL_GET_RSA_PADDING, 0, ppad as *mut c_void) } diff --git a/openssl/src/pkey.rs b/openssl/src/pkey.rs index 7a32692b..fd963c24 100644 --- a/openssl/src/pkey.rs +++ b/openssl/src/pkey.rs @@ -151,6 +151,12 @@ impl PKey { } } +pub struct PKeyCtxRef(::util::Opaque); + +impl ::types::OpenSslTypeRef for PKeyCtxRef { + type CType = ffi::EVP_PKEY_CTX; +} + #[cfg(test)] mod tests { use symm::Cipher; diff --git a/openssl/src/rsa.rs b/openssl/src/rsa.rs index 8c3507f4..75893545 100644 --- a/openssl/src/rsa.rs +++ b/openssl/src/rsa.rs @@ -10,9 +10,10 @@ use bio::MemBioSlice; use error::ErrorStack; use util::{CallbackState, invoke_passwd_cb_old}; use types::OpenSslTypeRef; +use pkey::PKeyCtxRef; /// Type of encryption padding to use. -#[derive(Copy, Clone)] +#[derive(Debug, Copy, Clone, PartialEq, Eq)] pub struct Padding(c_int); pub const NO_PADDING: Padding = Padding(ffi::RSA_NO_PADDING); @@ -343,6 +344,22 @@ mod compat { } } +impl PKeyCtxRef { + pub fn set_rsa_padding(&mut self, pad: Padding) -> Result<(), ErrorStack> { + unsafe { + try!(cvt(ffi::EVP_PKEY_CTX_set_rsa_padding(self.as_ptr(), pad.0))); + } + Ok(()) + } + + pub fn get_rsa_padding(&mut self) -> Result<Padding, ErrorStack> { + let mut pad: c_int = 0; + unsafe { + try!(cvt(ffi::EVP_PKEY_CTX_get_rsa_padding(self.as_ptr(), &mut pad))); + }; + Ok(Padding(pad)) + } +} #[cfg(test)] mod test { diff --git a/openssl/src/sign.rs b/openssl/src/sign.rs index ec37c885..d1fcffd5 100644 --- a/openssl/src/sign.rs +++ b/openssl/src/sign.rs @@ -68,7 +68,7 @@ use std::ptr; use {cvt, cvt_p}; use hash::MessageDigest; -use pkey::PKeyRef; +use pkey::{PKeyRef, PKeyCtxRef}; use error::ErrorStack; use types::OpenSslTypeRef; @@ -77,7 +77,7 @@ use ffi::{EVP_MD_CTX_new, EVP_MD_CTX_free}; #[cfg(any(ossl101, ossl102))] use ffi::{EVP_MD_CTX_create as EVP_MD_CTX_new, EVP_MD_CTX_destroy as EVP_MD_CTX_free}; -pub struct Signer<'a>(*mut ffi::EVP_MD_CTX, PhantomData<&'a PKeyRef>); +pub struct Signer<'a>(*mut ffi::EVP_MD_CTX, *mut ffi::EVP_PKEY_CTX, PhantomData<&'a PKeyRef>, PhantomData<&'a PKeyCtxRef>); impl<'a> Drop for Signer<'a> { fn drop(&mut self) { @@ -93,8 +93,9 @@ impl<'a> Signer<'a> { ffi::init(); let ctx = try!(cvt_p(EVP_MD_CTX_new())); + let mut pctx: *mut ffi::EVP_PKEY_CTX = ptr::null_mut(); let r = ffi::EVP_DigestSignInit(ctx, - ptr::null_mut(), + &mut pctx, type_.as_ptr(), ptr::null_mut(), pkey.as_ptr()); @@ -102,10 +103,14 @@ impl<'a> Signer<'a> { EVP_MD_CTX_free(ctx); return Err(ErrorStack::get()); } - Ok(Signer(ctx, PhantomData)) + Ok(Signer(ctx, pctx, PhantomData, PhantomData)) } } + pub fn pkey_ctx(&mut self) -> Option<&mut PKeyCtxRef> { + unsafe { self.1.as_mut().map(|ctx| ::types::OpenSslTypeRef::from_ptr_mut(ctx)) } + } + pub fn update(&mut self, buf: &[u8]) -> Result<(), ErrorStack> { unsafe { cvt(ffi::EVP_DigestUpdate(self.0, buf.as_ptr() as *const _, buf.len())).map(|_| ()) @@ -219,7 +224,7 @@ mod test { use sign::{Signer, Verifier}; use ec::{EcGroup, EcKey}; use nid; - use rsa::Rsa; + use rsa::{Rsa, PKCS1_PADDING}; use dsa::Dsa; use pkey::PKey; @@ -254,6 +259,8 @@ mod test { let pkey = PKey::from_rsa(private_key).unwrap(); let mut signer = Signer::new(MessageDigest::sha256(), &pkey).unwrap(); + assert_eq!(signer.pkey_ctx().unwrap().get_rsa_padding().unwrap(), PKCS1_PADDING); + signer.pkey_ctx().unwrap().set_rsa_padding(PKCS1_PADDING).unwrap(); signer.update(INPUT).unwrap(); let result = signer.finish().unwrap(); |