ring-native 0.0.0 → 0.1.0

data/vendor/ring/src/pbkdf2_tests.txt

@@ -1,113 +0,0 @@
-# The|dkLen| parameter is given implicitly as the length of |DK|.
-
-# RFC 6070 Section 2. PBKDF2 HMAC-SHA1 Test Vectors
-
-Hash = SHA1
-P = "password"
-S = "salt"
-c = 1
-DK = 0c60c80f961f0e71f3a9b524af6012062fe037a6
-
-Hash = SHA1
-P = "password"
-S = "salt"
-c = 2
-DK = ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957
-
-Hash = SHA1
-P = "password"
-S = "salt"
-c = 4096
-DK = 4b007901b765489abead49d926f721d065a429c1
-
-Hash = SHA1
-P = "password"
-S = "salt"
-c = 16777216
-DK = eefe3d61cd4da4e4e9945b3d6ba2158c2634e984
-
-# Skipped because we panic if the output length requested is larger than the
-# digest block size.
-# Hash = SHA1
-# P = "passwordPASSWORDpassword"
-# S = "saltSALTsaltSALTsaltSALTsaltSALTsalt"
-# c = 4096
-# DK = 3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038
-
-# P is "pass\0word" S is "sa\0lt"
-Hash = SHA1
-P = 7061737300776f7264
-S = 7361006c74
-c = 4096
-DK = 56fa6aa75548099dcc37d7f03425e0c3
-
-# PBKDF2 HMAC-SHA256 Test Vectors from
-# https://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors
-
-Hash = SHA256
-P = "password"
-S = "salt"
-c = 1
-DK = 120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b
-
-Hash = SHA256
-P = "password"
-S = "salt"
-c = 2
-DK = ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43
-
-Hash = SHA256
-P = "password"
-S = "salt"
-c = 4096
-DK = c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a
-
-# Skipped because we panic if the output length requested is larger than the
-# digest block size.
-# Hash = SHA256
-# P = "password"
-# S = "salt"
-# c = 16777216
-# DK = cf81c66fe8cfc04d1f31ecb65dab4089f7f179e89b3b0bcb17ad10e3ac6eba46
-
-# Skipped because we panic if the output length requested is larger than the
-# digest block size.
-# Hash = SHA256
-# P = "passwordPASSWORDpassword"
-# S = "saltSALTsaltSALTsaltSALTsaltSALTsalt"
-# c = 4096
-# DK = 348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c635518c7dac47e9
-
-# P is "pass\0word" S is "sa\0lt"
-Hash = SHA256
-P = 7061737300776f7264
-S = 7361006c74
-c = 4096
-DK = 89b69d0516f829893c696226650a8687
-
-# PBKDF2 HMAC-SHA512 Test Vectors from
-# https://stackoverflow.com/questions/15593184/pbkdf2-hmac-sha-512-test-vectors
-
-Hash = SHA512
-P = "password"
-S = "salt"
-c = 1
-DK = 867f70cf1ade02cff3752599a3a53dc4af34c7a669815ae5d513554e1c8cf252c02d470a285a0501bad999bfe943c08f050235d7d68b1da55e63f73b60a57fce
-
-Hash = SHA512
-P = "password"
-S = "salt"
-c = 2
-DK = e1d9c16aa681708a45f5c7c4e215ceb66e011a2e9f0040713f18aefdb866d53cf76cab2868a39b9f7840edce4fef5a82be67335c77a6068e04112754f27ccf4e
-
-Hash = SHA512
-P = "password"
-S = "salt"
-c = 4096
-DK = d197b1b33db0143e018b12f3d1d1479e6cdebdcc97c5c0f87f6902e072f457b5143f30602641b3d55cd335988cb36b84376060ecd532e039b742a239434af2d5
-
-Hash = SHA512
-P = "passwordPASSWORDpassword"
-S = "saltSALTsaltSALTsaltSALTsaltSALTsalt"
-c = 4096
-DK = 8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868c005174dc4ee71115b59f9e60cd9532fa33e0f75aefe30225c583a186cd82bd4daea9724a3d3b8

data/vendor/ring/src/polyfill.rs

@@ -1,57 +0,0 @@
-// Copyright 2015 Brian Smith.
-//
-// Permission to use, copy, modify, and/or distribute this software for any
-// purpose with or without fee is hereby granted, provided that the above
-// copyright notice and this permission notice appear in all copies.
-//
-// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
-// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR
-// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-//! Polyfills for functionality that will (hopefully) be added to Rust's
-//! standard library soon.
-
-pub mod slice {
-    // https://github.com/rust-lang/rust/issues/27750
-    // https://internals.rust-lang.org/t/stabilizing-basic-functions-on-arrays-and-slices/2868
-    #[inline(always)]
-    pub fn fill(dest: &mut [u8], value: u8) {
-        for d in dest {
-            *d = value;
-        }
-    }
-
-    // https://github.com/rust-lang/rust/issues/27750
-    // https://internals.rust-lang.org/t/stabilizing-basic-functions-on-arrays-and-slices/2868
-    #[inline(always)]
-    pub fn fill_from_slice(dest: &mut [u8], src: &[u8]) {
-        use std;
-        assert_eq!(dest.len(), src.len());
-        unsafe {
-            std::ptr::copy_nonoverlapping(src.as_ptr(), dest.as_mut_ptr(),
-                                          src.len())
-        }
-    }
-
-    // https://internals.rust-lang.org/t/safe-trasnsmute-for-slices-e-g-u64-u32-particularly-simd-types/2871
-    #[inline(always)]
-    pub fn u64_as_u8<'a>(src: &'a [u64]) -> &'a [u8] {
-        use std;
-        unsafe {
-            std::slice::from_raw_parts(src.as_ptr() as *const u8, src.len() * 8)
-        }
-    }
-
-    // https://internals.rust-lang.org/t/safe-trasnsmute-for-slices-e-g-u64-u32-particularly-simd-types/2871
-    #[inline(always)]
-    pub fn u64_as_u32<'a>(src: &'a [u64]) -> &'a [u32] {
-        use std;
-        unsafe {
-            std::slice::from_raw_parts(src.as_ptr() as *const u32, src.len() * 2)
-        }
-    }
-}

data/vendor/ring/src/rand.rs

@@ -1,28 +0,0 @@
-// Copyright 2015 Brian Smith.
-//
-// Permission to use, copy, modify, and/or distribute this software for any
-// purpose with or without fee is hereby granted, provided that the above
-// copyright notice and this permission notice appear in all copies.
-//
-// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
-// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
-// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
-// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
-// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-//! Cryptographic psuedo-random number generation.
-
-use super::{c, ffi};
-
-/// Fills the given slice with random bytes generated from a PRNG.
-pub fn fill_secure_random(out: &mut [u8]) -> Result<(), ()> {
-    ffi::map_bssl_result(unsafe {
-        RAND_bytes(out.as_mut_ptr(), out.len())
-    })
-}
-
-extern {
-    fn RAND_bytes(buf: *mut u8, len: c::size_t) -> c::int;
-}

data/vendor/ring/src/signature.rs

@@ -1,314 +0,0 @@
-// Copyright 2015 Brian Smith.
-//
-// Permission to use, copy, modify, and/or distribute this software for any
-// purpose with or without fee is hereby granted, provided that the above
-// copyright notice and this permission notice appear in all copies.
-//
-// THE SOFTWARE IS PROVIDED "AS IS" AND AND THE AUTHORS DISCLAIM ALL WARRANTIES
-// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
-// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
-// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
-// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-//! Public key signatures: signing and verification.
-//!
-//! Use the `verify` function to verify signatures, passing a reference to the
-//! `_VERIFY` algorithm that identifies the algorithm. See the documentation
-//! for `verify` for examples.
-//!
-//! The design of this module is unusual compared to other public key signature
-//! APIs. Algorithms like split into "signing" and "verification" algorithms.
-//! Also, this API treats each combination of parameters as a separate
-//! algorithm. For example, instead of having a single "RSA" algorithm with a
-//! verification function that takes a bunch of parameters, there are
-//! `RSA_PKCS1_2048_8192_SHA256`, `RSA_PKCS1_2048_8192_SHA512`,
-//! etc. which encode sets of parameter choices into objects. This design is
-//! designed to reduce the risks of algorithm agility. It is also designed to
-//! be optimized for Ed25519, which has a fixed signature format, a fixed curve,
-//! a fixed key size, and a fixed digest algorithm.
-//!
-//! Currently this module does not support digesting the message to be signed
-//! separately from the public key operation, as it is currently being
-//! optimized for Ed25519 and for the implementation of protocols that do not
-//! requiring signing large messages. An interface for efficiently supporting
-//! larger messages will be added later. Similarly, the signing interface is
-//! not available yet.
-
-use super::{c, digest, ecc, ffi};
-use super::input::Input;
-
-/// A signature verification algorithm.
-pub trait VerificationAlgorithm {
-    #[doc(hidden)]
-    fn verify(&self, public_key: Input, msg: Input, signature: Input)
-              -> Result<(), ()>;
-}
-
-/// Verify the signature `signature` of message `msg` with the public key
-/// `public_key` using the algorithm `alg`.
-///
-/// # Examples
-///
-/// ## Verify a RSA PKCS#1 signature that uses the SHA-256 digest
-///
-/// ```
-/// use ring::input::Input;
-/// use ring::signature;
-///
-/// // Ideally this function should take its inputs as `Input`s instead of
-/// // slices. It takes its input as slices to illustrate how to convert slices
-/// // to `Input`s.
-/// fn verify_rsa_pkcs1_sha256(public_key: &[u8], msg: &[u8], sig: &[u8])
-///                            -> Result<(), ()> {
-///    let public_key = try!(Input::new(public_key));
-///    let msg = try!(Input::new(msg));
-///    let sig = try!(Input::new(sig));
-///    signature::verify(&signature::RSA_PKCS1_2048_8192_SHA256, public_key,
-///                      msg, sig)
-/// }
-/// ```
-///
-/// ## Verify an Ed25519 signature
-///
-/// ```
-/// use ring::input::Input;
-/// use ring::signature;
-///
-/// fn verify_ed25519(public_key: Input, msg: Input, sig: Input)
-///                   -> Result<(), ()> {
-///    signature::verify(&signature::ED25519, public_key, msg, sig)
-/// }
-/// ```
-pub fn verify(alg: &VerificationAlgorithm, public_key: Input, msg: Input,
-              signature: Input) -> Result<(), ()> {
-    alg.verify(public_key, msg, signature)
-}
-
-
-/// ECDSA Signatures (ASN.1 DER encoded) with public keys in uncompressed form.
-///
-/// The public key will be decoded using the
-/// `Octet-String-to-Elliptic-Curve-Point` algorithm in [SEC 1: Elliptic
-/// Curve Cryptography, Version 2.0](http://www.secg.org/sec1-v2.pdf); it must
-/// in be in uncompressed form. The signature will be parsed as a DER-encoded
-/// `Ecdsa-Sig-Value` as described in [RFC 3279 Section
-/// 2.2.3](https://tools.ietf.org/html/rfc3279#section-2.2.3).
-pub struct ECDSA {
-    #[doc(hidden)]
-    digest_alg: &'static digest::Algorithm,
-
-    #[doc(hidden)]
-    ec_group_fn: unsafe extern fn() -> *const ecc::EC_GROUP,
-}
-
-impl VerificationAlgorithm for ECDSA {
-    fn verify(&self, public_key: Input, msg: Input, signature: Input)
-              -> Result<(), ()> {
-        let digest = digest::digest(self.digest_alg, msg.as_slice_less_safe());
-        let signature = signature.as_slice_less_safe();
-        let public_key = public_key.as_slice_less_safe();
-        ffi::map_bssl_result(unsafe {
-            ECDSA_verify_signed_digest((self.ec_group_fn)(),
-                                       digest.algorithm().nid,
-                                       digest.as_ref().as_ptr(),
-                                       digest.as_ref().len(), signature.as_ptr(),
-                                       signature.len(), public_key.as_ptr(),
-                                       public_key.len())
-        })
-    }
-}
-
-macro_rules! ecdsa {
-    ( $VERIFY_ALGORITHM:ident, $curve_name:expr, $ec_group_fn:expr,
-      $digest_alg_name:expr, $digest_alg:expr ) => {
-        #[doc="ECDSA signatures using the "]
-        #[doc=$curve_name]
-        #[doc=" curve and the "]
-        #[doc=$digest_alg_name]
-        #[doc=" digest algorithm."]
-        ///
-        /// See the documentation for `ECDSA` for details of how the public key
-        /// and signature are encoded.
-        pub static $VERIFY_ALGORITHM: ECDSA = ECDSA {
-            digest_alg: $digest_alg,
-            ec_group_fn: $ec_group_fn,
-        };
-    }
-}
-
-ecdsa!(ECDSA_P256_SHA1, "P-256 (secp256r1)", ecc::EC_GROUP_P256, "SHA-1",
-       &digest::SHA1);
-ecdsa!(ECDSA_P256_SHA256, "P-256 (secp256r1)", ecc::EC_GROUP_P256, "SHA-256",
-       &digest::SHA256);
-ecdsa!(ECDSA_P256_SHA384, "P-256 (secp256r1)", ecc::EC_GROUP_P256, "SHA-384",
-       &digest::SHA384);
-ecdsa!(ECDSA_P256_SHA512, "P-256 (secp256r1)", ecc::EC_GROUP_P256, "SHA-512",
-       &digest::SHA512);
-
-ecdsa!(ECDSA_P384_SHA1, "P-384 (secp384r1)", ecc::EC_GROUP_P384, "SHA-1",
-       &digest::SHA1);
-ecdsa!(ECDSA_P384_SHA256, "P-384 (secp384r1)", ecc::EC_GROUP_P384, "SHA-256",
-       &digest::SHA256);
-ecdsa!(ECDSA_P384_SHA384, "P-384 (secp384r1)", ecc::EC_GROUP_P384, "SHA-384",
-       &digest::SHA384);
-ecdsa!(ECDSA_P384_SHA512, "P-384 (secp384r1)", ecc::EC_GROUP_P384, "SHA-512",
-       &digest::SHA512);
-
-ecdsa!(ECDSA_P521_SHA1, "P-521 (secp521r1)", ecc::EC_GROUP_P521, "SHA-1",
-       &digest::SHA1);
-ecdsa!(ECDSA_P521_SHA256, "P-521 (secp521r1)", ecc::EC_GROUP_P521, "SHA-256",
-       &digest::SHA256);
-ecdsa!(ECDSA_P521_SHA384, "P-521 (secp521r1)", ecc::EC_GROUP_P521, "SHA-384",
-       &digest::SHA384);
-ecdsa!(ECDSA_P521_SHA512, "P-521 (secp521r1)", ecc::EC_GROUP_P521, "SHA-512",
-       &digest::SHA512);
-
-
-/// EdDSA signatures.
-pub struct EdDSA {
-    #[doc(hidden)]
-    _unused: u8, // XXX: Stable Rust doesn't allow empty structs.
-}
-
-/// [Ed25519](http://ed25519.cr.yp.to/) signatures.
-///
-/// Ed25519 uses SHA-512 as the digest algorithm.
-pub static ED25519: EdDSA = EdDSA {
-    _unused: 1,
-};
-
-#[cfg(test)]
-fn ed25519_sign(private_key: &[u8], msg: &[u8], signature: &mut [u8])
-                -> Result<(), ()> {
-    if private_key.len() != 64 || signature.len() != 64 {
-        return Err(());
-    }
-    ffi::map_bssl_result(unsafe {
-        ED25519_sign(signature.as_mut_ptr(), msg.as_ptr(), msg.len(),
-                     private_key.as_ptr())
-    })
-}
-
-impl VerificationAlgorithm for EdDSA {
-    fn verify(&self, public_key: Input, msg: Input, signature: Input)
-              -> Result<(), ()> {
-        let public_key = public_key.as_slice_less_safe();
-        if public_key.len() != 32 || signature.len() != 64 {
-            return Err(())
-        }
-        let msg = msg.as_slice_less_safe();
-        let signature = signature.as_slice_less_safe();
-        ffi::map_bssl_result(unsafe {
-            ED25519_verify(msg.as_ptr(), msg.len(), signature.as_ptr(),
-                           public_key.as_ptr())
-        })
-    }
-}
-
-
-/// RSA PKCS#1 1.5 signatures.
-#[allow(non_camel_case_types)]
-pub struct RSA_PKCS1 {
-    #[doc(hidden)]
-    digest_alg: &'static digest::Algorithm,
-
-    #[doc(hidden)]
-    min_bits: usize,
-}
-
-impl VerificationAlgorithm for RSA_PKCS1 {
-    fn verify(&self, public_key: Input, msg: Input, signature: Input)
-              -> Result<(), ()> {
-        let digest = digest::digest(self.digest_alg, msg.as_slice_less_safe());
-        let signature = signature.as_slice_less_safe();
-        let public_key = public_key.as_slice_less_safe();
-        ffi::map_bssl_result(unsafe {
-            RSA_verify_pkcs1_signed_digest(self.min_bits, 8192,
-                                           digest.algorithm().nid,
-                                           digest.as_ref().as_ptr(),
-                                           digest.as_ref().len(),
-                                           signature.as_ptr(), signature.len(),
-                                           public_key.as_ptr(), public_key.len())
-        })
-    }
-}
-
-macro_rules! rsa_pkcs1 {
-    ( $VERIFY_ALGORITHM:ident, $min_bits:expr, $min_bits_str:expr,
-      $digest_alg_name:expr, $digest_alg:expr ) => {
-        #[doc="RSA PKCS#1 1.5 signatures of "]
-        #[doc=$min_bits_str]
-        #[doc="-8192 bits "]
-        #[doc="using the "]
-        #[doc=$digest_alg_name]
-        #[doc=" digest algorithm."]
-        pub static $VERIFY_ALGORITHM: RSA_PKCS1 = RSA_PKCS1 {
-            digest_alg: $digest_alg,
-            min_bits: $min_bits
-        };
-    }
-}
-
-rsa_pkcs1!(RSA_PKCS1_2048_8192_SHA1,   2048, "2048", "SHA-1", &digest::SHA1);
-rsa_pkcs1!(RSA_PKCS1_2048_8192_SHA256, 2048, "2048", "SHA-256", &digest::SHA256);
-rsa_pkcs1!(RSA_PKCS1_2048_8192_SHA384, 2048, "2048", "SHA-384", &digest::SHA384);
-rsa_pkcs1!(RSA_PKCS1_2048_8192_SHA512, 2048, "2048", "SHA-512", &digest::SHA512);
-
-rsa_pkcs1!(RSA_PKCS1_3072_8192_SHA384, 3072, "3072", "SHA-384", &digest::SHA384);
-
-
-extern {
-    fn ECDSA_verify_signed_digest(group: *const ecc::EC_GROUP, hash_nid: c::int,
-                                  digest: *const u8, digest_len: c::size_t,
-                                  sig_der: *const u8, sig_der_len: c::size_t,
-                                  key_octets: *const u8,
-                                  key_octets_len: c::size_t) -> c::int;
-
-    #[cfg(test)]
-    fn ED25519_sign(out_sig: *mut u8/*[64]*/, message: *const u8,
-                    message_len: c::size_t, private_key: *const u8/*[64]*/)
-                    -> c::int;
-
-    fn ED25519_verify(message: *const u8, message_len: c::size_t,
-                      signature: *const u8/*[64]*/,
-                      public_key: *const u8/*[32]*/) -> c::int;
-
-    fn RSA_verify_pkcs1_signed_digest(min_bits: usize, max_bits: usize,
-                                      digest_nid: c::int, digest: *const u8,
-                                      digest_len: c::size_t, sig: *const u8,
-                                      sig_len: c::size_t, key_der: *const u8,
-                                      key_der_len: c::size_t) -> c::int;
-}
-
-#[cfg(test)]
-mod tests {
-    use super::{ed25519_sign, ED25519, verify};
-    use super::super::file_test;
-    use super::super::input::Input;
-
-    /// Test vectors from BoringSSL.
-    #[test]
-    fn test_ed25519() {
-        file_test::run("src/ed25519_tests.txt", |section, test_case| {
-            assert_eq!(section, "");
-            let private_key = test_case.consume_bytes("PRIV");
-            assert_eq!(64, private_key.len());
-            let public_key = test_case.consume_bytes("PUB");
-            assert_eq!(32, public_key.len());
-            let msg = test_case.consume_bytes("MESSAGE");
-            let expected_sig = test_case.consume_bytes("SIG");
-
-            let mut actual_sig = [0u8; 64];
-            assert!(ed25519_sign(&private_key, &msg, &mut actual_sig).is_ok());
-            assert_eq!(&expected_sig[..], &actual_sig[..]);
-
-            let public_key = Input::new(&public_key).unwrap();
-            let msg = Input::new(&msg).unwrap();
-            let expected_sig = Input::new(&expected_sig).unwrap();
-
-            assert!(verify(&ED25519, public_key, msg, expected_sig).is_ok());
-        });
-    }
-}