ring-native 0.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +9 -0
- data/Gemfile +3 -0
- data/README.md +22 -0
- data/Rakefile +1 -0
- data/ext/ring/extconf.rb +29 -0
- data/lib/ring/native.rb +8 -0
- data/lib/ring/native/version.rb +5 -0
- data/ring-native.gemspec +25 -0
- data/vendor/ring/BUILDING.md +40 -0
- data/vendor/ring/Cargo.toml +43 -0
- data/vendor/ring/LICENSE +185 -0
- data/vendor/ring/Makefile +35 -0
- data/vendor/ring/PORTING.md +163 -0
- data/vendor/ring/README.md +113 -0
- data/vendor/ring/STYLE.md +197 -0
- data/vendor/ring/appveyor.yml +27 -0
- data/vendor/ring/build.rs +108 -0
- data/vendor/ring/crypto/aes/aes.c +1142 -0
- data/vendor/ring/crypto/aes/aes_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/aes/aes_test.cc +93 -0
- data/vendor/ring/crypto/aes/asm/aes-586.pl +2368 -0
- data/vendor/ring/crypto/aes/asm/aes-armv4.pl +1249 -0
- data/vendor/ring/crypto/aes/asm/aes-x86_64.pl +2246 -0
- data/vendor/ring/crypto/aes/asm/aesni-x86.pl +1318 -0
- data/vendor/ring/crypto/aes/asm/aesni-x86_64.pl +2084 -0
- data/vendor/ring/crypto/aes/asm/aesv8-armx.pl +675 -0
- data/vendor/ring/crypto/aes/asm/bsaes-armv7.pl +1364 -0
- data/vendor/ring/crypto/aes/asm/bsaes-x86_64.pl +1565 -0
- data/vendor/ring/crypto/aes/asm/vpaes-x86.pl +841 -0
- data/vendor/ring/crypto/aes/asm/vpaes-x86_64.pl +1116 -0
- data/vendor/ring/crypto/aes/internal.h +87 -0
- data/vendor/ring/crypto/aes/mode_wrappers.c +61 -0
- data/vendor/ring/crypto/bn/add.c +394 -0
- data/vendor/ring/crypto/bn/asm/armv4-mont.pl +694 -0
- data/vendor/ring/crypto/bn/asm/armv8-mont.pl +1503 -0
- data/vendor/ring/crypto/bn/asm/bn-586.pl +774 -0
- data/vendor/ring/crypto/bn/asm/co-586.pl +287 -0
- data/vendor/ring/crypto/bn/asm/rsaz-avx2.pl +1882 -0
- data/vendor/ring/crypto/bn/asm/x86-mont.pl +592 -0
- data/vendor/ring/crypto/bn/asm/x86_64-gcc.c +599 -0
- data/vendor/ring/crypto/bn/asm/x86_64-mont.pl +1393 -0
- data/vendor/ring/crypto/bn/asm/x86_64-mont5.pl +3507 -0
- data/vendor/ring/crypto/bn/bn.c +352 -0
- data/vendor/ring/crypto/bn/bn_asn1.c +74 -0
- data/vendor/ring/crypto/bn/bn_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/bn/bn_test.cc +1696 -0
- data/vendor/ring/crypto/bn/cmp.c +200 -0
- data/vendor/ring/crypto/bn/convert.c +433 -0
- data/vendor/ring/crypto/bn/ctx.c +311 -0
- data/vendor/ring/crypto/bn/div.c +594 -0
- data/vendor/ring/crypto/bn/exponentiation.c +1335 -0
- data/vendor/ring/crypto/bn/gcd.c +711 -0
- data/vendor/ring/crypto/bn/generic.c +1019 -0
- data/vendor/ring/crypto/bn/internal.h +316 -0
- data/vendor/ring/crypto/bn/montgomery.c +516 -0
- data/vendor/ring/crypto/bn/mul.c +888 -0
- data/vendor/ring/crypto/bn/prime.c +829 -0
- data/vendor/ring/crypto/bn/random.c +334 -0
- data/vendor/ring/crypto/bn/rsaz_exp.c +262 -0
- data/vendor/ring/crypto/bn/rsaz_exp.h +53 -0
- data/vendor/ring/crypto/bn/shift.c +276 -0
- data/vendor/ring/crypto/bytestring/bytestring_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/bytestring/bytestring_test.cc +421 -0
- data/vendor/ring/crypto/bytestring/cbb.c +399 -0
- data/vendor/ring/crypto/bytestring/cbs.c +227 -0
- data/vendor/ring/crypto/bytestring/internal.h +46 -0
- data/vendor/ring/crypto/chacha/chacha_generic.c +140 -0
- data/vendor/ring/crypto/chacha/chacha_vec.c +323 -0
- data/vendor/ring/crypto/chacha/chacha_vec_arm.S +1447 -0
- data/vendor/ring/crypto/chacha/chacha_vec_arm_generate.go +153 -0
- data/vendor/ring/crypto/cipher/cipher_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/cipher/e_aes.c +390 -0
- data/vendor/ring/crypto/cipher/e_chacha20poly1305.c +208 -0
- data/vendor/ring/crypto/cipher/internal.h +173 -0
- data/vendor/ring/crypto/cipher/test/aes_128_gcm_tests.txt +543 -0
- data/vendor/ring/crypto/cipher/test/aes_128_key_wrap_tests.txt +9 -0
- data/vendor/ring/crypto/cipher/test/aes_256_gcm_tests.txt +475 -0
- data/vendor/ring/crypto/cipher/test/aes_256_key_wrap_tests.txt +23 -0
- data/vendor/ring/crypto/cipher/test/chacha20_poly1305_old_tests.txt +422 -0
- data/vendor/ring/crypto/cipher/test/chacha20_poly1305_tests.txt +484 -0
- data/vendor/ring/crypto/cipher/test/cipher_test.txt +100 -0
- data/vendor/ring/crypto/constant_time_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/constant_time_test.c +304 -0
- data/vendor/ring/crypto/cpu-arm-asm.S +32 -0
- data/vendor/ring/crypto/cpu-arm.c +199 -0
- data/vendor/ring/crypto/cpu-intel.c +261 -0
- data/vendor/ring/crypto/crypto.c +151 -0
- data/vendor/ring/crypto/curve25519/asm/x25519-arm.S +2118 -0
- data/vendor/ring/crypto/curve25519/curve25519.c +4888 -0
- data/vendor/ring/crypto/curve25519/x25519_test.cc +128 -0
- data/vendor/ring/crypto/digest/md32_common.h +181 -0
- data/vendor/ring/crypto/ec/asm/p256-x86_64-asm.pl +2725 -0
- data/vendor/ring/crypto/ec/ec.c +193 -0
- data/vendor/ring/crypto/ec/ec_curves.c +61 -0
- data/vendor/ring/crypto/ec/ec_key.c +228 -0
- data/vendor/ring/crypto/ec/ec_montgomery.c +114 -0
- data/vendor/ring/crypto/ec/example_mul.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/ec/internal.h +243 -0
- data/vendor/ring/crypto/ec/oct.c +253 -0
- data/vendor/ring/crypto/ec/p256-64.c +1794 -0
- data/vendor/ring/crypto/ec/p256-x86_64-table.h +9548 -0
- data/vendor/ring/crypto/ec/p256-x86_64.c +509 -0
- data/vendor/ring/crypto/ec/simple.c +1007 -0
- data/vendor/ring/crypto/ec/util-64.c +183 -0
- data/vendor/ring/crypto/ec/wnaf.c +508 -0
- data/vendor/ring/crypto/ecdh/ecdh.c +155 -0
- data/vendor/ring/crypto/ecdsa/ecdsa.c +304 -0
- data/vendor/ring/crypto/ecdsa/ecdsa_asn1.c +193 -0
- data/vendor/ring/crypto/ecdsa/ecdsa_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/ecdsa/ecdsa_test.cc +327 -0
- data/vendor/ring/crypto/header_removed.h +17 -0
- data/vendor/ring/crypto/internal.h +495 -0
- data/vendor/ring/crypto/libring.Windows.vcxproj +101 -0
- data/vendor/ring/crypto/mem.c +98 -0
- data/vendor/ring/crypto/modes/asm/aesni-gcm-x86_64.pl +1045 -0
- data/vendor/ring/crypto/modes/asm/ghash-armv4.pl +517 -0
- data/vendor/ring/crypto/modes/asm/ghash-x86.pl +1393 -0
- data/vendor/ring/crypto/modes/asm/ghash-x86_64.pl +1741 -0
- data/vendor/ring/crypto/modes/asm/ghashv8-armx.pl +422 -0
- data/vendor/ring/crypto/modes/ctr.c +226 -0
- data/vendor/ring/crypto/modes/gcm.c +1206 -0
- data/vendor/ring/crypto/modes/gcm_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/modes/gcm_test.c +348 -0
- data/vendor/ring/crypto/modes/internal.h +299 -0
- data/vendor/ring/crypto/perlasm/arm-xlate.pl +170 -0
- data/vendor/ring/crypto/perlasm/readme +100 -0
- data/vendor/ring/crypto/perlasm/x86_64-xlate.pl +1164 -0
- data/vendor/ring/crypto/perlasm/x86asm.pl +292 -0
- data/vendor/ring/crypto/perlasm/x86gas.pl +263 -0
- data/vendor/ring/crypto/perlasm/x86masm.pl +200 -0
- data/vendor/ring/crypto/perlasm/x86nasm.pl +187 -0
- data/vendor/ring/crypto/poly1305/poly1305.c +331 -0
- data/vendor/ring/crypto/poly1305/poly1305_arm.c +301 -0
- data/vendor/ring/crypto/poly1305/poly1305_arm_asm.S +2015 -0
- data/vendor/ring/crypto/poly1305/poly1305_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/poly1305/poly1305_test.cc +80 -0
- data/vendor/ring/crypto/poly1305/poly1305_test.txt +52 -0
- data/vendor/ring/crypto/poly1305/poly1305_vec.c +892 -0
- data/vendor/ring/crypto/rand/asm/rdrand-x86_64.pl +75 -0
- data/vendor/ring/crypto/rand/internal.h +32 -0
- data/vendor/ring/crypto/rand/rand.c +189 -0
- data/vendor/ring/crypto/rand/urandom.c +219 -0
- data/vendor/ring/crypto/rand/windows.c +56 -0
- data/vendor/ring/crypto/refcount_c11.c +66 -0
- data/vendor/ring/crypto/refcount_lock.c +53 -0
- data/vendor/ring/crypto/refcount_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/refcount_test.c +58 -0
- data/vendor/ring/crypto/rsa/blinding.c +462 -0
- data/vendor/ring/crypto/rsa/internal.h +108 -0
- data/vendor/ring/crypto/rsa/padding.c +300 -0
- data/vendor/ring/crypto/rsa/rsa.c +450 -0
- data/vendor/ring/crypto/rsa/rsa_asn1.c +261 -0
- data/vendor/ring/crypto/rsa/rsa_impl.c +944 -0
- data/vendor/ring/crypto/rsa/rsa_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/rsa/rsa_test.cc +437 -0
- data/vendor/ring/crypto/sha/asm/sha-armv8.pl +436 -0
- data/vendor/ring/crypto/sha/asm/sha-x86_64.pl +2390 -0
- data/vendor/ring/crypto/sha/asm/sha256-586.pl +1275 -0
- data/vendor/ring/crypto/sha/asm/sha256-armv4.pl +735 -0
- data/vendor/ring/crypto/sha/asm/sha256-armv8.pl +14 -0
- data/vendor/ring/crypto/sha/asm/sha256-x86_64.pl +14 -0
- data/vendor/ring/crypto/sha/asm/sha512-586.pl +911 -0
- data/vendor/ring/crypto/sha/asm/sha512-armv4.pl +666 -0
- data/vendor/ring/crypto/sha/asm/sha512-armv8.pl +14 -0
- data/vendor/ring/crypto/sha/asm/sha512-x86_64.pl +14 -0
- data/vendor/ring/crypto/sha/sha1.c +271 -0
- data/vendor/ring/crypto/sha/sha256.c +204 -0
- data/vendor/ring/crypto/sha/sha512.c +355 -0
- data/vendor/ring/crypto/test/file_test.cc +326 -0
- data/vendor/ring/crypto/test/file_test.h +181 -0
- data/vendor/ring/crypto/test/malloc.cc +150 -0
- data/vendor/ring/crypto/test/scoped_types.h +95 -0
- data/vendor/ring/crypto/test/test.Windows.vcxproj +35 -0
- data/vendor/ring/crypto/test/test_util.cc +46 -0
- data/vendor/ring/crypto/test/test_util.h +41 -0
- data/vendor/ring/crypto/thread_none.c +55 -0
- data/vendor/ring/crypto/thread_pthread.c +165 -0
- data/vendor/ring/crypto/thread_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/thread_test.c +200 -0
- data/vendor/ring/crypto/thread_win.c +282 -0
- data/vendor/ring/examples/checkdigest.rs +103 -0
- data/vendor/ring/include/openssl/aes.h +121 -0
- data/vendor/ring/include/openssl/arm_arch.h +129 -0
- data/vendor/ring/include/openssl/base.h +156 -0
- data/vendor/ring/include/openssl/bn.h +794 -0
- data/vendor/ring/include/openssl/buffer.h +18 -0
- data/vendor/ring/include/openssl/bytestring.h +235 -0
- data/vendor/ring/include/openssl/chacha.h +37 -0
- data/vendor/ring/include/openssl/cmac.h +76 -0
- data/vendor/ring/include/openssl/cpu.h +184 -0
- data/vendor/ring/include/openssl/crypto.h +43 -0
- data/vendor/ring/include/openssl/curve25519.h +88 -0
- data/vendor/ring/include/openssl/ec.h +225 -0
- data/vendor/ring/include/openssl/ec_key.h +129 -0
- data/vendor/ring/include/openssl/ecdh.h +110 -0
- data/vendor/ring/include/openssl/ecdsa.h +156 -0
- data/vendor/ring/include/openssl/err.h +201 -0
- data/vendor/ring/include/openssl/mem.h +101 -0
- data/vendor/ring/include/openssl/obj_mac.h +71 -0
- data/vendor/ring/include/openssl/opensslfeatures.h +68 -0
- data/vendor/ring/include/openssl/opensslv.h +18 -0
- data/vendor/ring/include/openssl/ossl_typ.h +18 -0
- data/vendor/ring/include/openssl/poly1305.h +51 -0
- data/vendor/ring/include/openssl/rand.h +70 -0
- data/vendor/ring/include/openssl/rsa.h +399 -0
- data/vendor/ring/include/openssl/thread.h +133 -0
- data/vendor/ring/include/openssl/type_check.h +71 -0
- data/vendor/ring/mk/Common.props +63 -0
- data/vendor/ring/mk/Windows.props +42 -0
- data/vendor/ring/mk/WindowsTest.props +18 -0
- data/vendor/ring/mk/appveyor.bat +62 -0
- data/vendor/ring/mk/bottom_of_makefile.mk +54 -0
- data/vendor/ring/mk/ring.mk +266 -0
- data/vendor/ring/mk/top_of_makefile.mk +214 -0
- data/vendor/ring/mk/travis.sh +40 -0
- data/vendor/ring/mk/update-travis-yml.py +229 -0
- data/vendor/ring/ring.sln +153 -0
- data/vendor/ring/src/aead.rs +682 -0
- data/vendor/ring/src/agreement.rs +248 -0
- data/vendor/ring/src/c.rs +129 -0
- data/vendor/ring/src/constant_time.rs +37 -0
- data/vendor/ring/src/der.rs +96 -0
- data/vendor/ring/src/digest.rs +690 -0
- data/vendor/ring/src/digest_tests.txt +57 -0
- data/vendor/ring/src/ecc.rs +28 -0
- data/vendor/ring/src/ecc_build.rs +279 -0
- data/vendor/ring/src/ecc_curves.rs +117 -0
- data/vendor/ring/src/ed25519_tests.txt +2579 -0
- data/vendor/ring/src/exe_tests.rs +46 -0
- data/vendor/ring/src/ffi.rs +29 -0
- data/vendor/ring/src/file_test.rs +187 -0
- data/vendor/ring/src/hkdf.rs +153 -0
- data/vendor/ring/src/hkdf_tests.txt +59 -0
- data/vendor/ring/src/hmac.rs +414 -0
- data/vendor/ring/src/hmac_tests.txt +97 -0
- data/vendor/ring/src/input.rs +312 -0
- data/vendor/ring/src/lib.rs +41 -0
- data/vendor/ring/src/pbkdf2.rs +265 -0
- data/vendor/ring/src/pbkdf2_tests.txt +113 -0
- data/vendor/ring/src/polyfill.rs +57 -0
- data/vendor/ring/src/rand.rs +28 -0
- data/vendor/ring/src/signature.rs +314 -0
- data/vendor/ring/third-party/NIST/README.md +9 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA1LongMsg.rsp +263 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA1Monte.rsp +309 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA1ShortMsg.rsp +267 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA224LongMsg.rsp +263 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA224Monte.rsp +309 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA224ShortMsg.rsp +267 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA256LongMsg.rsp +263 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA256Monte.rsp +309 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA256ShortMsg.rsp +267 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA384LongMsg.rsp +519 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA384Monte.rsp +309 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA384ShortMsg.rsp +523 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA512LongMsg.rsp +519 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA512Monte.rsp +309 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA512ShortMsg.rsp +523 -0
- data/vendor/ring/third-party/NIST/sha256sums.txt +1 -0
- metadata +333 -0
@@ -0,0 +1,40 @@
|
|
1
|
+
#!/usr/bin/env bash
|
2
|
+
#
|
3
|
+
# Copyright 2015 Brian Smith.
|
4
|
+
#
|
5
|
+
# Permission to use, copy, modify, and/or distribute this software for any
|
6
|
+
# purpose with or without fee is hereby granted, provided that the above
|
7
|
+
# copyright notice and this permission notice appear in all copies.
|
8
|
+
#
|
9
|
+
# THE SOFTWARE IS PROVIDED "AS IS" AND AND THE AUTHORS DISCLAIM ALL WARRANTIES
|
10
|
+
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
11
|
+
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
|
12
|
+
# SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
13
|
+
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
|
14
|
+
# OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
15
|
+
# CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
16
|
+
|
17
|
+
set -eux -o pipefail
|
18
|
+
IFS=$'\n\t'
|
19
|
+
|
20
|
+
printenv
|
21
|
+
$CC_X --version
|
22
|
+
$CXX_X --version
|
23
|
+
make --version
|
24
|
+
|
25
|
+
cargo version
|
26
|
+
rustc --version
|
27
|
+
|
28
|
+
if [[ "$MODE_X" == "RELWITHDEBINFO" ]]; then mode=--release; fi
|
29
|
+
|
30
|
+
# TODO: Add --target $TARGET_X.
|
31
|
+
|
32
|
+
CC=$CC_X CXX=$CXX_X cargo build -j2 ${mode-} --verbose
|
33
|
+
|
34
|
+
CC=$CC_X CXX=$CXX_X cargo test -j2 ${mode-} --verbose
|
35
|
+
|
36
|
+
CC=$CC_X CXX=$CXX_X cargo doc --verbose
|
37
|
+
|
38
|
+
CC=$CC_X CXX=$CXX_X cargo clean --verbose
|
39
|
+
|
40
|
+
echo end of mk/travis.sh
|
@@ -0,0 +1,229 @@
|
|
1
|
+
# Run this as "python mk/update-travis-yml.py"
|
2
|
+
|
3
|
+
# Copyright 2015 Brian Smith.
|
4
|
+
#
|
5
|
+
# Permission to use, copy, modify, and/or distribute this software for any
|
6
|
+
# purpose with or without fee is hereby granted, provided that the above
|
7
|
+
# copyright notice and this permission notice appear in all copies.
|
8
|
+
#
|
9
|
+
# THE SOFTWARE IS PROVIDED "AS IS" AND BRIAN SMITH AND THE AUTHORS DISCLAIM
|
10
|
+
# ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
|
11
|
+
# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL BRIAN SMITH OR THE AUTHORS
|
12
|
+
# BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY
|
13
|
+
# DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
|
14
|
+
# AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
15
|
+
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
16
|
+
|
17
|
+
import re
|
18
|
+
import shutil
|
19
|
+
|
20
|
+
latest_clang = "clang-3.8"
|
21
|
+
|
22
|
+
rusts = [
|
23
|
+
"stable",
|
24
|
+
"nightly",
|
25
|
+
"beta",
|
26
|
+
]
|
27
|
+
|
28
|
+
linux_compilers = [
|
29
|
+
# Pre-release of clang.
|
30
|
+
"clang-3.8",
|
31
|
+
|
32
|
+
# Newest clang and GCC.
|
33
|
+
"clang-3.7",
|
34
|
+
"gcc-5",
|
35
|
+
|
36
|
+
# All other clang versions, newest to oldest.
|
37
|
+
"clang-3.6",
|
38
|
+
"clang-3.4",
|
39
|
+
|
40
|
+
# All other GCC versions, newest to oldest.
|
41
|
+
"gcc-4.9",
|
42
|
+
"gcc-4.8",
|
43
|
+
]
|
44
|
+
|
45
|
+
osx_compilers = [
|
46
|
+
"clang",
|
47
|
+
]
|
48
|
+
|
49
|
+
compilers = {
|
50
|
+
"linux" : linux_compilers,
|
51
|
+
"osx" : osx_compilers,
|
52
|
+
}
|
53
|
+
|
54
|
+
modes = [
|
55
|
+
"DEBUG",
|
56
|
+
"RELWITHDEBINFO"
|
57
|
+
]
|
58
|
+
|
59
|
+
# Mac OS X is first because we don't want to have to wait until all the Linux
|
60
|
+
# configurations have been built to find out that there is a failure on Mac.
|
61
|
+
oss = [
|
62
|
+
"osx",
|
63
|
+
"linux",
|
64
|
+
]
|
65
|
+
|
66
|
+
targets = {
|
67
|
+
"osx" : [
|
68
|
+
"x86_64-apple-darwin",
|
69
|
+
"i586-apple-darwin",
|
70
|
+
],
|
71
|
+
"linux" : [
|
72
|
+
"x86_64-pc-linux-gnu",
|
73
|
+
"i586-pc-linux-gnu",
|
74
|
+
],
|
75
|
+
}
|
76
|
+
|
77
|
+
def format_entries():
|
78
|
+
return "\n".join([format_entry(os, target, compiler, rust, mode)
|
79
|
+
for rust in rusts
|
80
|
+
for os in oss
|
81
|
+
for compiler in compilers[os]
|
82
|
+
for target in targets[os]
|
83
|
+
for mode in modes
|
84
|
+
# XXX: 32-bit GCC 4.9 does not work because Travis does
|
85
|
+
# not have g++-4.9-multilib whitelisted for use.
|
86
|
+
if (not (compiler == "gcc-4.9" and
|
87
|
+
target == "i586-pc-linux-gnu"))])
|
88
|
+
|
89
|
+
# We use alternative names (the "_X" suffix) so that, in mk/travis.sh, we can
|
90
|
+
# enure that we set the specific variables we want and that no relevant
|
91
|
+
# variables are unintentially inherited into the build process. Also, we have
|
92
|
+
# to set |USE_CC| and |USE_CXX| instead of |CC| and |CXX| since Travis sets
|
93
|
+
# |CC| and |CXX| to their default values *after* processing the |env:|
|
94
|
+
# directive here. Also, we keep these variable names short so that the env
|
95
|
+
# line does not get cut off in the Travis CI UI.
|
96
|
+
entry_template = """
|
97
|
+
- env: TARGET_X=%(target)s CC_X=%(cc)s CXX_X=%(cxx)s MODE_X=%(mode)s
|
98
|
+
rust: %(rust)s
|
99
|
+
os: %(os)s"""
|
100
|
+
|
101
|
+
entry_packages_template = """
|
102
|
+
addons:
|
103
|
+
apt:
|
104
|
+
packages:
|
105
|
+
%(packages)s"""
|
106
|
+
|
107
|
+
entry_sources_template = """
|
108
|
+
sources:
|
109
|
+
%(sources)s"""
|
110
|
+
|
111
|
+
def format_entry(os, target, compiler, rust, mode):
|
112
|
+
target_words = target.split("-")
|
113
|
+
arch = target_words[0]
|
114
|
+
vendor = target_words[1]
|
115
|
+
sys = target_words[2]
|
116
|
+
|
117
|
+
def prefix_all(prefix, xs):
|
118
|
+
return [prefix + x for x in xs]
|
119
|
+
|
120
|
+
template = entry_template
|
121
|
+
|
122
|
+
if sys == "linux":
|
123
|
+
packages = sorted(get_linux_packages_to_install(compiler, arch))
|
124
|
+
sources_with_dups = sum([get_sources_for_package(p) for p in packages],[])
|
125
|
+
sources = sorted(list(set(sources_with_dups)))
|
126
|
+
if packages:
|
127
|
+
template += entry_packages_template
|
128
|
+
if sources:
|
129
|
+
template += entry_sources_template
|
130
|
+
else:
|
131
|
+
packages = []
|
132
|
+
sources = []
|
133
|
+
|
134
|
+
cc = get_cc(sys, compiler)
|
135
|
+
cxx = replace_cc_with_cxx(sys, compiler)
|
136
|
+
|
137
|
+
return template % {
|
138
|
+
"cc" : cc,
|
139
|
+
"cxx" : cxx,
|
140
|
+
"mode" : mode,
|
141
|
+
"packages" : "\n ".join(prefix_all("- ", packages)),
|
142
|
+
"rust" : rust,
|
143
|
+
"sources" : "\n ".join(prefix_all("- ", sources)),
|
144
|
+
"target" : target,
|
145
|
+
"os" : os,
|
146
|
+
}
|
147
|
+
|
148
|
+
def get_linux_packages_to_install(compiler, arch):
|
149
|
+
# clang 3.4 is already installed
|
150
|
+
if compiler == "clang-3.4":
|
151
|
+
packages = []
|
152
|
+
elif compiler.startswith("clang-"):
|
153
|
+
packages = [compiler]
|
154
|
+
elif compiler.startswith("gcc-"):
|
155
|
+
packages = [compiler, replace_cc_with_cxx("linux", compiler)]
|
156
|
+
else:
|
157
|
+
raise ValueError("unexpected compiler: %s" % compiler)
|
158
|
+
|
159
|
+
if arch == "i586":
|
160
|
+
if compiler.startswith("clang-"):
|
161
|
+
packages += ["libc6-dev-i386",
|
162
|
+
"gcc-multilib",
|
163
|
+
"g++-multilib"]
|
164
|
+
elif compiler.startswith("gcc-"):
|
165
|
+
packages += [compiler + "-multilib",
|
166
|
+
replace_cc_with_cxx("linux", compiler) + "-multilib",
|
167
|
+
"linux-libc-dev:i386"]
|
168
|
+
else:
|
169
|
+
raise ValueError("unexpected compiler: %s" % compiler)
|
170
|
+
elif arch == "x86_64":
|
171
|
+
pass
|
172
|
+
else:
|
173
|
+
raise ValueError("unexpected arch: %s" % arch)
|
174
|
+
|
175
|
+
packages.append("yasm")
|
176
|
+
|
177
|
+
return packages
|
178
|
+
|
179
|
+
def get_sources_for_package(package):
|
180
|
+
# Packages in the default repo.
|
181
|
+
if package in ["yasm"]:
|
182
|
+
return []
|
183
|
+
|
184
|
+
ubuntu_toolchain = "ubuntu-toolchain-r-test"
|
185
|
+
if package.startswith("clang-"):
|
186
|
+
if package == latest_clang:
|
187
|
+
llvm_toolchain = "llvm-toolchain-precise"
|
188
|
+
else:
|
189
|
+
_, version = package.split("-")
|
190
|
+
llvm_toolchain = "llvm-toolchain-precise-%s" % version
|
191
|
+
|
192
|
+
# Stuff in llvm-toolchain-precise depends on stuff in the toolchain
|
193
|
+
# packages.
|
194
|
+
return [llvm_toolchain, ubuntu_toolchain]
|
195
|
+
else:
|
196
|
+
return [ubuntu_toolchain]
|
197
|
+
|
198
|
+
def get_cc(sys, compiler):
|
199
|
+
if sys == "linux" and compiler == "clang-3.4":
|
200
|
+
return "clang"
|
201
|
+
|
202
|
+
return compiler
|
203
|
+
|
204
|
+
def replace_cc_with_cxx(sys, compiler):
|
205
|
+
return get_cc(sys, compiler) \
|
206
|
+
.replace("gcc", "g++") \
|
207
|
+
.replace("clang", "clang++")
|
208
|
+
|
209
|
+
def main():
|
210
|
+
# Make a backup of the file we are about to update.
|
211
|
+
shutil.copyfile(".travis.yml", ".travis.yml~")
|
212
|
+
with open(".travis.yml", "r+b") as file:
|
213
|
+
begin = " # BEGIN GENERATED\n"
|
214
|
+
end = " # END GENERATED\n"
|
215
|
+
old_contents = file.read()
|
216
|
+
new_contents = re.sub("%s(.*?)\n[ ]*%s" % (begin, end),
|
217
|
+
"".join([begin, format_entries(), "\n\n", end]),
|
218
|
+
old_contents, flags=re.S)
|
219
|
+
if old_contents == new_contents:
|
220
|
+
print "No changes"
|
221
|
+
return
|
222
|
+
|
223
|
+
file.seek(0)
|
224
|
+
file.write(new_contents)
|
225
|
+
file.truncate()
|
226
|
+
print new_contents
|
227
|
+
|
228
|
+
if __name__ == '__main__':
|
229
|
+
main()
|
@@ -0,0 +1,153 @@
|
|
1
|
+
|
2
|
+
Microsoft Visual Studio Solution File, Format Version 12.00
|
3
|
+
# Visual Studio 14
|
4
|
+
VisualStudioVersion = 14.0.23107.0
|
5
|
+
MinimumVisualStudioVersion = 12.0.21005.1
|
6
|
+
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libring.Windows", "crypto\libring.Windows.vcxproj", "{F4C0A1B6-5E09-41C8-8242-3E1F6762FB18}"
|
7
|
+
EndProject
|
8
|
+
Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Tests", "Tests", "{73F15439-77AE-4EA2-8CB7-D82876016316}"
|
9
|
+
EndProject
|
10
|
+
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "aes_test.Windows", "crypto\aes\aes_test.Windows.vcxproj", "{1C3071CC-26DA-4790-B48A-3936DDD0E7E7}"
|
11
|
+
EndProject
|
12
|
+
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "bn_test.Windows", "crypto\bn\bn_test.Windows.vcxproj", "{06C8B12A-97C3-4326-B0AB-8C8004E94A76}"
|
13
|
+
EndProject
|
14
|
+
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "bytestring_test.Windows", "crypto\bytestring\bytestring_test.Windows.vcxproj", "{8B0DEF57-6FC5-404F-A1D0-A8FC0FCAD787}"
|
15
|
+
EndProject
|
16
|
+
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ecdsa_test.Windows", "crypto\ecdsa\ecdsa_test.Windows.vcxproj", "{8ECBC55D-D42D-40AA-9ACF-EDE67739EE20}"
|
17
|
+
EndProject
|
18
|
+
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gcm_test.Windows", "crypto\modes\gcm_test.Windows.vcxproj", "{A8616FF5-8273-4C80-8BF0-1785D8E1DF74}"
|
19
|
+
EndProject
|
20
|
+
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "poly1305_test.Windows", "crypto\poly1305\poly1305_test.Windows.vcxproj", "{CD0F021B-E347-4CCA-B5B7-CD1F757E15D6}"
|
21
|
+
EndProject
|
22
|
+
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libring.test.Windows", "crypto\test\test.Windows.vcxproj", "{1DACE503-6498-492D-B1FF-F9EE18624443}"
|
23
|
+
EndProject
|
24
|
+
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "constant_time_test.Windows", "crypto\constant_time_test.Windows.vcxproj", "{C8E7CDAF-3953-48E8-95F2-97DAC472E2E0}"
|
25
|
+
EndProject
|
26
|
+
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "thread_test.Windows", "crypto\thread_test.Windows.vcxproj", "{52C6E909-4E56-4329-8B99-E1B5C2E1FB19}"
|
27
|
+
EndProject
|
28
|
+
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "refcount_test.Windows", "crypto\refcount_test.Windows.vcxproj", "{5C80997F-DB68-4996-BF6D-2B0EAF69D035}"
|
29
|
+
EndProject
|
30
|
+
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_test.Windows", "crypto\rsa\rsa_test.Windows.vcxproj", "{F28F10A9-540F-4FC9-AD81-79E79F3FC73D}"
|
31
|
+
EndProject
|
32
|
+
Global
|
33
|
+
GlobalSection(SolutionConfigurationPlatforms) = preSolution
|
34
|
+
Debug|Win32 = Debug|Win32
|
35
|
+
Debug|x64 = Debug|x64
|
36
|
+
Release|Win32 = Release|Win32
|
37
|
+
Release|x64 = Release|x64
|
38
|
+
EndGlobalSection
|
39
|
+
GlobalSection(ProjectConfigurationPlatforms) = postSolution
|
40
|
+
{F4C0A1B6-5E09-41C8-8242-3E1F6762FB18}.Debug|Win32.ActiveCfg = Debug|Win32
|
41
|
+
{F4C0A1B6-5E09-41C8-8242-3E1F6762FB18}.Debug|Win32.Build.0 = Debug|Win32
|
42
|
+
{F4C0A1B6-5E09-41C8-8242-3E1F6762FB18}.Debug|x64.ActiveCfg = Debug|x64
|
43
|
+
{F4C0A1B6-5E09-41C8-8242-3E1F6762FB18}.Debug|x64.Build.0 = Debug|x64
|
44
|
+
{F4C0A1B6-5E09-41C8-8242-3E1F6762FB18}.Release|Win32.ActiveCfg = Release|Win32
|
45
|
+
{F4C0A1B6-5E09-41C8-8242-3E1F6762FB18}.Release|Win32.Build.0 = Release|Win32
|
46
|
+
{F4C0A1B6-5E09-41C8-8242-3E1F6762FB18}.Release|x64.ActiveCfg = Release|x64
|
47
|
+
{F4C0A1B6-5E09-41C8-8242-3E1F6762FB18}.Release|x64.Build.0 = Release|x64
|
48
|
+
{1C3071CC-26DA-4790-B48A-3936DDD0E7E7}.Debug|Win32.ActiveCfg = Debug|Win32
|
49
|
+
{1C3071CC-26DA-4790-B48A-3936DDD0E7E7}.Debug|Win32.Build.0 = Debug|Win32
|
50
|
+
{1C3071CC-26DA-4790-B48A-3936DDD0E7E7}.Debug|x64.ActiveCfg = Debug|x64
|
51
|
+
{1C3071CC-26DA-4790-B48A-3936DDD0E7E7}.Debug|x64.Build.0 = Debug|x64
|
52
|
+
{1C3071CC-26DA-4790-B48A-3936DDD0E7E7}.Release|Win32.ActiveCfg = Release|Win32
|
53
|
+
{1C3071CC-26DA-4790-B48A-3936DDD0E7E7}.Release|Win32.Build.0 = Release|Win32
|
54
|
+
{1C3071CC-26DA-4790-B48A-3936DDD0E7E7}.Release|x64.ActiveCfg = Release|x64
|
55
|
+
{1C3071CC-26DA-4790-B48A-3936DDD0E7E7}.Release|x64.Build.0 = Release|x64
|
56
|
+
{06C8B12A-97C3-4326-B0AB-8C8004E94A76}.Debug|Win32.ActiveCfg = Debug|Win32
|
57
|
+
{06C8B12A-97C3-4326-B0AB-8C8004E94A76}.Debug|Win32.Build.0 = Debug|Win32
|
58
|
+
{06C8B12A-97C3-4326-B0AB-8C8004E94A76}.Debug|x64.ActiveCfg = Debug|x64
|
59
|
+
{06C8B12A-97C3-4326-B0AB-8C8004E94A76}.Debug|x64.Build.0 = Debug|x64
|
60
|
+
{06C8B12A-97C3-4326-B0AB-8C8004E94A76}.Release|Win32.ActiveCfg = Release|Win32
|
61
|
+
{06C8B12A-97C3-4326-B0AB-8C8004E94A76}.Release|Win32.Build.0 = Release|Win32
|
62
|
+
{06C8B12A-97C3-4326-B0AB-8C8004E94A76}.Release|x64.ActiveCfg = Release|x64
|
63
|
+
{06C8B12A-97C3-4326-B0AB-8C8004E94A76}.Release|x64.Build.0 = Release|x64
|
64
|
+
{8B0DEF57-6FC5-404F-A1D0-A8FC0FCAD787}.Debug|Win32.ActiveCfg = Debug|Win32
|
65
|
+
{8B0DEF57-6FC5-404F-A1D0-A8FC0FCAD787}.Debug|Win32.Build.0 = Debug|Win32
|
66
|
+
{8B0DEF57-6FC5-404F-A1D0-A8FC0FCAD787}.Debug|x64.ActiveCfg = Debug|x64
|
67
|
+
{8B0DEF57-6FC5-404F-A1D0-A8FC0FCAD787}.Debug|x64.Build.0 = Debug|x64
|
68
|
+
{8B0DEF57-6FC5-404F-A1D0-A8FC0FCAD787}.Release|Win32.ActiveCfg = Release|Win32
|
69
|
+
{8B0DEF57-6FC5-404F-A1D0-A8FC0FCAD787}.Release|Win32.Build.0 = Release|Win32
|
70
|
+
{8B0DEF57-6FC5-404F-A1D0-A8FC0FCAD787}.Release|x64.ActiveCfg = Release|x64
|
71
|
+
{8B0DEF57-6FC5-404F-A1D0-A8FC0FCAD787}.Release|x64.Build.0 = Release|x64
|
72
|
+
{8ECBC55D-D42D-40AA-9ACF-EDE67739EE20}.Debug|Win32.ActiveCfg = Debug|Win32
|
73
|
+
{8ECBC55D-D42D-40AA-9ACF-EDE67739EE20}.Debug|Win32.Build.0 = Debug|Win32
|
74
|
+
{8ECBC55D-D42D-40AA-9ACF-EDE67739EE20}.Debug|x64.ActiveCfg = Debug|x64
|
75
|
+
{8ECBC55D-D42D-40AA-9ACF-EDE67739EE20}.Debug|x64.Build.0 = Debug|x64
|
76
|
+
{8ECBC55D-D42D-40AA-9ACF-EDE67739EE20}.Release|Win32.ActiveCfg = Release|Win32
|
77
|
+
{8ECBC55D-D42D-40AA-9ACF-EDE67739EE20}.Release|Win32.Build.0 = Release|Win32
|
78
|
+
{8ECBC55D-D42D-40AA-9ACF-EDE67739EE20}.Release|x64.ActiveCfg = Release|x64
|
79
|
+
{8ECBC55D-D42D-40AA-9ACF-EDE67739EE20}.Release|x64.Build.0 = Release|x64
|
80
|
+
{A8616FF5-8273-4C80-8BF0-1785D8E1DF74}.Debug|Win32.ActiveCfg = Debug|Win32
|
81
|
+
{A8616FF5-8273-4C80-8BF0-1785D8E1DF74}.Debug|Win32.Build.0 = Debug|Win32
|
82
|
+
{A8616FF5-8273-4C80-8BF0-1785D8E1DF74}.Debug|x64.ActiveCfg = Debug|x64
|
83
|
+
{A8616FF5-8273-4C80-8BF0-1785D8E1DF74}.Debug|x64.Build.0 = Debug|x64
|
84
|
+
{A8616FF5-8273-4C80-8BF0-1785D8E1DF74}.Release|Win32.ActiveCfg = Release|Win32
|
85
|
+
{A8616FF5-8273-4C80-8BF0-1785D8E1DF74}.Release|Win32.Build.0 = Release|Win32
|
86
|
+
{A8616FF5-8273-4C80-8BF0-1785D8E1DF74}.Release|x64.ActiveCfg = Release|x64
|
87
|
+
{A8616FF5-8273-4C80-8BF0-1785D8E1DF74}.Release|x64.Build.0 = Release|x64
|
88
|
+
{CD0F021B-E347-4CCA-B5B7-CD1F757E15D6}.Debug|Win32.ActiveCfg = Debug|Win32
|
89
|
+
{CD0F021B-E347-4CCA-B5B7-CD1F757E15D6}.Debug|Win32.Build.0 = Debug|Win32
|
90
|
+
{CD0F021B-E347-4CCA-B5B7-CD1F757E15D6}.Debug|x64.ActiveCfg = Debug|x64
|
91
|
+
{CD0F021B-E347-4CCA-B5B7-CD1F757E15D6}.Debug|x64.Build.0 = Debug|x64
|
92
|
+
{CD0F021B-E347-4CCA-B5B7-CD1F757E15D6}.Release|Win32.ActiveCfg = Release|Win32
|
93
|
+
{CD0F021B-E347-4CCA-B5B7-CD1F757E15D6}.Release|Win32.Build.0 = Release|Win32
|
94
|
+
{CD0F021B-E347-4CCA-B5B7-CD1F757E15D6}.Release|x64.ActiveCfg = Release|x64
|
95
|
+
{CD0F021B-E347-4CCA-B5B7-CD1F757E15D6}.Release|x64.Build.0 = Release|x64
|
96
|
+
{1DACE503-6498-492D-B1FF-F9EE18624443}.Debug|Win32.ActiveCfg = Debug|Win32
|
97
|
+
{1DACE503-6498-492D-B1FF-F9EE18624443}.Debug|Win32.Build.0 = Debug|Win32
|
98
|
+
{1DACE503-6498-492D-B1FF-F9EE18624443}.Debug|x64.ActiveCfg = Debug|x64
|
99
|
+
{1DACE503-6498-492D-B1FF-F9EE18624443}.Debug|x64.Build.0 = Debug|x64
|
100
|
+
{1DACE503-6498-492D-B1FF-F9EE18624443}.Release|Win32.ActiveCfg = Release|Win32
|
101
|
+
{1DACE503-6498-492D-B1FF-F9EE18624443}.Release|Win32.Build.0 = Release|Win32
|
102
|
+
{1DACE503-6498-492D-B1FF-F9EE18624443}.Release|x64.ActiveCfg = Release|x64
|
103
|
+
{1DACE503-6498-492D-B1FF-F9EE18624443}.Release|x64.Build.0 = Release|x64
|
104
|
+
{C8E7CDAF-3953-48E8-95F2-97DAC472E2E0}.Debug|Win32.ActiveCfg = Debug|Win32
|
105
|
+
{C8E7CDAF-3953-48E8-95F2-97DAC472E2E0}.Debug|Win32.Build.0 = Debug|Win32
|
106
|
+
{C8E7CDAF-3953-48E8-95F2-97DAC472E2E0}.Debug|x64.ActiveCfg = Debug|x64
|
107
|
+
{C8E7CDAF-3953-48E8-95F2-97DAC472E2E0}.Debug|x64.Build.0 = Debug|x64
|
108
|
+
{C8E7CDAF-3953-48E8-95F2-97DAC472E2E0}.Release|Win32.ActiveCfg = Release|Win32
|
109
|
+
{C8E7CDAF-3953-48E8-95F2-97DAC472E2E0}.Release|Win32.Build.0 = Release|Win32
|
110
|
+
{C8E7CDAF-3953-48E8-95F2-97DAC472E2E0}.Release|x64.ActiveCfg = Release|x64
|
111
|
+
{C8E7CDAF-3953-48E8-95F2-97DAC472E2E0}.Release|x64.Build.0 = Release|x64
|
112
|
+
{52C6E909-4E56-4329-8B99-E1B5C2E1FB19}.Debug|Win32.ActiveCfg = Debug|Win32
|
113
|
+
{52C6E909-4E56-4329-8B99-E1B5C2E1FB19}.Debug|Win32.Build.0 = Debug|Win32
|
114
|
+
{52C6E909-4E56-4329-8B99-E1B5C2E1FB19}.Debug|x64.ActiveCfg = Debug|x64
|
115
|
+
{52C6E909-4E56-4329-8B99-E1B5C2E1FB19}.Debug|x64.Build.0 = Debug|x64
|
116
|
+
{52C6E909-4E56-4329-8B99-E1B5C2E1FB19}.Release|Win32.ActiveCfg = Release|Win32
|
117
|
+
{52C6E909-4E56-4329-8B99-E1B5C2E1FB19}.Release|Win32.Build.0 = Release|Win32
|
118
|
+
{52C6E909-4E56-4329-8B99-E1B5C2E1FB19}.Release|x64.ActiveCfg = Release|x64
|
119
|
+
{52C6E909-4E56-4329-8B99-E1B5C2E1FB19}.Release|x64.Build.0 = Release|x64
|
120
|
+
{5C80997F-DB68-4996-BF6D-2B0EAF69D035}.Debug|Win32.ActiveCfg = Debug|Win32
|
121
|
+
{5C80997F-DB68-4996-BF6D-2B0EAF69D035}.Debug|Win32.Build.0 = Debug|Win32
|
122
|
+
{5C80997F-DB68-4996-BF6D-2B0EAF69D035}.Debug|x64.ActiveCfg = Debug|x64
|
123
|
+
{5C80997F-DB68-4996-BF6D-2B0EAF69D035}.Debug|x64.Build.0 = Debug|x64
|
124
|
+
{5C80997F-DB68-4996-BF6D-2B0EAF69D035}.Release|Win32.ActiveCfg = Release|Win32
|
125
|
+
{5C80997F-DB68-4996-BF6D-2B0EAF69D035}.Release|Win32.Build.0 = Release|Win32
|
126
|
+
{5C80997F-DB68-4996-BF6D-2B0EAF69D035}.Release|x64.ActiveCfg = Release|x64
|
127
|
+
{5C80997F-DB68-4996-BF6D-2B0EAF69D035}.Release|x64.Build.0 = Release|x64
|
128
|
+
{F28F10A9-540F-4FC9-AD81-79E79F3FC73D}.Debug|Win32.ActiveCfg = Debug|Win32
|
129
|
+
{F28F10A9-540F-4FC9-AD81-79E79F3FC73D}.Debug|Win32.Build.0 = Debug|Win32
|
130
|
+
{F28F10A9-540F-4FC9-AD81-79E79F3FC73D}.Debug|x64.ActiveCfg = Debug|x64
|
131
|
+
{F28F10A9-540F-4FC9-AD81-79E79F3FC73D}.Debug|x64.Build.0 = Debug|x64
|
132
|
+
{F28F10A9-540F-4FC9-AD81-79E79F3FC73D}.Release|Win32.ActiveCfg = Release|Win32
|
133
|
+
{F28F10A9-540F-4FC9-AD81-79E79F3FC73D}.Release|Win32.Build.0 = Release|Win32
|
134
|
+
{F28F10A9-540F-4FC9-AD81-79E79F3FC73D}.Release|x64.ActiveCfg = Release|x64
|
135
|
+
{F28F10A9-540F-4FC9-AD81-79E79F3FC73D}.Release|x64.Build.0 = Release|x64
|
136
|
+
EndGlobalSection
|
137
|
+
GlobalSection(SolutionProperties) = preSolution
|
138
|
+
HideSolutionNode = FALSE
|
139
|
+
EndGlobalSection
|
140
|
+
GlobalSection(NestedProjects) = preSolution
|
141
|
+
{1C3071CC-26DA-4790-B48A-3936DDD0E7E7} = {73F15439-77AE-4EA2-8CB7-D82876016316}
|
142
|
+
{06C8B12A-97C3-4326-B0AB-8C8004E94A76} = {73F15439-77AE-4EA2-8CB7-D82876016316}
|
143
|
+
{8B0DEF57-6FC5-404F-A1D0-A8FC0FCAD787} = {73F15439-77AE-4EA2-8CB7-D82876016316}
|
144
|
+
{8ECBC55D-D42D-40AA-9ACF-EDE67739EE20} = {73F15439-77AE-4EA2-8CB7-D82876016316}
|
145
|
+
{A8616FF5-8273-4C80-8BF0-1785D8E1DF74} = {73F15439-77AE-4EA2-8CB7-D82876016316}
|
146
|
+
{CD0F021B-E347-4CCA-B5B7-CD1F757E15D6} = {73F15439-77AE-4EA2-8CB7-D82876016316}
|
147
|
+
{1DACE503-6498-492D-B1FF-F9EE18624443} = {73F15439-77AE-4EA2-8CB7-D82876016316}
|
148
|
+
{C8E7CDAF-3953-48E8-95F2-97DAC472E2E0} = {73F15439-77AE-4EA2-8CB7-D82876016316}
|
149
|
+
{52C6E909-4E56-4329-8B99-E1B5C2E1FB19} = {73F15439-77AE-4EA2-8CB7-D82876016316}
|
150
|
+
{5C80997F-DB68-4996-BF6D-2B0EAF69D035} = {73F15439-77AE-4EA2-8CB7-D82876016316}
|
151
|
+
{F28F10A9-540F-4FC9-AD81-79E79F3FC73D} = {73F15439-77AE-4EA2-8CB7-D82876016316}
|
152
|
+
EndGlobalSection
|
153
|
+
EndGlobal
|
@@ -0,0 +1,682 @@
|
|
1
|
+
// Copyright 2015 Brian Smith.
|
2
|
+
//
|
3
|
+
// Permission to use, copy, modify, and/or distribute this software for any
|
4
|
+
// purpose with or without fee is hereby granted, provided that the above
|
5
|
+
// copyright notice and this permission notice appear in all copies.
|
6
|
+
//
|
7
|
+
// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
|
8
|
+
// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
9
|
+
// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR
|
10
|
+
// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
11
|
+
// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
12
|
+
// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
13
|
+
// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
14
|
+
|
15
|
+
//! Authenticated Encryption with Associated Data (AEAD).
|
16
|
+
//!
|
17
|
+
//! See [Authenticated encryption: relations among notions and analysis of the
|
18
|
+
//! generic composition
|
19
|
+
//! paradigm](http://www-cse.ucsd.edu/~mihir/papers/oem.html) for an
|
20
|
+
//! introduction to the concept of AEADs.
|
21
|
+
//!
|
22
|
+
//! C analog: `openssl/aead.h`
|
23
|
+
//!
|
24
|
+
//! Go analog: [`crypto.cipher.AEAD`](https://golang.org/pkg/crypto/cipher/#AEAD)
|
25
|
+
|
26
|
+
use std;
|
27
|
+
use super::{c, ffi};
|
28
|
+
|
29
|
+
/// A key for authenticating and decrypting (“opening”)
|
30
|
+
/// AEAD-protected data.
|
31
|
+
///
|
32
|
+
/// C analog: `EVP_AEAD_CTX` with direction `evp_aead_open`
|
33
|
+
///
|
34
|
+
/// Go analog: [`crypto.cipher.AEAD`](https://golang.org/pkg/crypto/cipher/#AEAD)
|
35
|
+
pub struct OpeningKey {
|
36
|
+
key: Key,
|
37
|
+
}
|
38
|
+
|
39
|
+
impl OpeningKey {
|
40
|
+
/// Create a new opening key.
|
41
|
+
///
|
42
|
+
/// `key_bytes` must be exactly `algorithm.key_len` bytes long.
|
43
|
+
///
|
44
|
+
/// C analogs: `EVP_AEAD_CTX_init_with_direction` with direction
|
45
|
+
/// `evp_aead_open`, `EVP_AEAD_CTX_init`.
|
46
|
+
///
|
47
|
+
/// Go analog: [`crypto.aes.NewCipher`](https://golang.org/pkg/crypto/aes/#NewCipher)
|
48
|
+
/// + [`crypto.cipher.NewGCM`](https://golang.org/pkg/crypto/cipher/#NewGCM)
|
49
|
+
#[inline]
|
50
|
+
pub fn new(algorithm: &'static Algorithm, key_bytes: &[u8])
|
51
|
+
-> Result<OpeningKey, ()> {
|
52
|
+
let mut key = OpeningKey {
|
53
|
+
key: Key {
|
54
|
+
algorithm: algorithm,
|
55
|
+
ctx_buf: [0; KEY_CTX_BUF_ELEMS]
|
56
|
+
}
|
57
|
+
};
|
58
|
+
try!(key.key.init(key_bytes));
|
59
|
+
Ok(key)
|
60
|
+
}
|
61
|
+
|
62
|
+
/// The key's AEAD algorithm.
|
63
|
+
///
|
64
|
+
/// C analog: `EVP_AEAD_CTX.aead`
|
65
|
+
#[inline(always)]
|
66
|
+
pub fn algorithm(&self) -> &'static Algorithm { self.key.algorithm() }
|
67
|
+
}
|
68
|
+
|
69
|
+
/// Authenticates and decrypts (“opens”) data in place.
|
70
|
+
///
|
71
|
+
/// The input is `in_out[in_prefix_len..]`; i.e. the input is the part of
|
72
|
+
/// `in_out` after the prefix. When `open` returns `Ok(out_len)`, the decrypted
|
73
|
+
/// output is `in_out[0..out_len]`; i.e. the output has been written over the
|
74
|
+
/// top of the prefix and the input. To put it a different way, the output
|
75
|
+
/// overwrites the input, shifted by `in_prefix_len` bytes. To have the output
|
76
|
+
/// overwrite the input without shifting, pass 0 as `in_prefix_len`. (The input
|
77
|
+
/// and output buffers are expressed this way because Rust's type system does
|
78
|
+
/// not allow us to have two slices, one mutable and one immutable, that
|
79
|
+
/// reference overlapping memory.)
|
80
|
+
///
|
81
|
+
/// C analog: `EVP_AEAD_CTX_open`
|
82
|
+
///
|
83
|
+
/// Go analog: [`AEAD.Open`](https://golang.org/pkg/crypto/cipher/#AEAD)
|
84
|
+
pub fn open_in_place(key: &OpeningKey, nonce: &[u8], in_prefix_len: usize,
|
85
|
+
in_out: &mut [u8], ad: &[u8]) -> Result<usize, ()> {
|
86
|
+
if in_out.len() < in_prefix_len {
|
87
|
+
return Err(());
|
88
|
+
}
|
89
|
+
let ciphertext_len = in_out.len() - in_prefix_len;
|
90
|
+
// For AEADs where `max_overhead_len` == `tag_len`, this is the only check
|
91
|
+
// of plaintext_len that is needed. For AEADs where
|
92
|
+
// `max_overhead_len > tag_len`, this check isn't precise enough and the
|
93
|
+
// AEAD's `open` function will have to do an additional check.
|
94
|
+
if ciphertext_len < key.key.algorithm.tag_len {
|
95
|
+
return Err(());
|
96
|
+
}
|
97
|
+
unsafe {
|
98
|
+
key.key.open_or_seal_in_place(key.key.algorithm.open, nonce,
|
99
|
+
in_out[in_prefix_len..].as_ptr(),
|
100
|
+
in_out.len() - in_prefix_len, ad, in_out)
|
101
|
+
}
|
102
|
+
}
|
103
|
+
|
104
|
+
/// A key for encrypting and signing (“sealing”) data.
|
105
|
+
///
|
106
|
+
/// C analog: `EVP_AEAD_CTX` with direction `evp_aead_seal`.
|
107
|
+
///
|
108
|
+
/// Go analog: [`AEAD`](https://golang.org/pkg/crypto/cipher/#AEAD)
|
109
|
+
pub struct SealingKey {
|
110
|
+
key: Key,
|
111
|
+
}
|
112
|
+
|
113
|
+
impl SealingKey {
|
114
|
+
/// C analogs: `EVP_AEAD_CTX_init_with_direction` with direction
|
115
|
+
/// `evp_aead_seal`, `EVP_AEAD_CTX_init`.
|
116
|
+
///
|
117
|
+
/// Go analog: [`crypto.aes.NewCipher`](https://golang.org/pkg/crypto/aes/#NewCipher)
|
118
|
+
/// + [`crypto.cipher.NewGCM`](https://golang.org/pkg/crypto/cipher/#NewGCM)
|
119
|
+
#[inline]
|
120
|
+
pub fn new(algorithm: &'static Algorithm, key_bytes: &[u8])
|
121
|
+
-> Result<SealingKey, ()> {
|
122
|
+
let mut key = SealingKey {
|
123
|
+
key: Key {
|
124
|
+
algorithm: algorithm,
|
125
|
+
ctx_buf: [0; KEY_CTX_BUF_ELEMS],
|
126
|
+
}
|
127
|
+
};
|
128
|
+
try!(key.key.init(key_bytes));
|
129
|
+
Ok(key)
|
130
|
+
}
|
131
|
+
|
132
|
+
/// The key's AEAD algorithm.
|
133
|
+
///
|
134
|
+
/// C analog: `EVP_AEAD_CTX.aead`
|
135
|
+
#[inline(always)]
|
136
|
+
pub fn algorithm(&self) -> &'static Algorithm { self.key.algorithm() }
|
137
|
+
}
|
138
|
+
|
139
|
+
/// Encrypts and signs (“seals”) data in place.
|
140
|
+
///
|
141
|
+
/// `nonce` must be unique for every use of the key to seal data.
|
142
|
+
///
|
143
|
+
/// The input is `in_out[0..(in_out.len() - out_suffix_capacity]`; i.e. the
|
144
|
+
/// input is the part of `in_out` that precedes the suffix. When `seal` returns
|
145
|
+
/// `Ok(out_len)`, the encrypted and signed output is `in_out[0..out_len]`; i.e.
|
146
|
+
/// the output has been written over input and at least part of the data
|
147
|
+
/// reserved for the suffix. (This way the input and output buffers are
|
148
|
+
/// expressed this way because Rust's type system does not allow us to have two
|
149
|
+
/// slices, one mutable and one immutable, that reference overlapping memory.)
|
150
|
+
///
|
151
|
+
/// `out_suffix_capacity` must be at least `key.algorithm.max_overhead_len`.
|
152
|
+
/// See also `MAX_OVERHEAD_LEN`.
|
153
|
+
///
|
154
|
+
/// `ad` is the additional authenticated data, if any.
|
155
|
+
///
|
156
|
+
/// C analog: `EVP_AEAD_CTX_seal`.
|
157
|
+
///
|
158
|
+
/// Go analog: [`AEAD.Seal`](https://golang.org/pkg/crypto/cipher/#AEAD)
|
159
|
+
pub fn seal_in_place(key: &SealingKey, nonce: &[u8], in_out: &mut [u8],
|
160
|
+
out_suffix_capacity: usize, ad: &[u8])
|
161
|
+
-> Result<usize, ()> {
|
162
|
+
if in_out.len() < out_suffix_capacity ||
|
163
|
+
out_suffix_capacity < key.key.algorithm.max_overhead_len {
|
164
|
+
return Err(());
|
165
|
+
}
|
166
|
+
unsafe {
|
167
|
+
key.key.open_or_seal_in_place(key.key.algorithm.seal, nonce,
|
168
|
+
in_out.as_ptr(),
|
169
|
+
in_out.len() - out_suffix_capacity, ad,
|
170
|
+
in_out)
|
171
|
+
}
|
172
|
+
}
|
173
|
+
|
174
|
+
/// `OpeningKey` and `SealingKey` are type-safety wrappers around `Key`, which
|
175
|
+
/// does all the actual work via the C AEAD interface.
|
176
|
+
///
|
177
|
+
/// C analog: `EVP_AEAD_CTX`
|
178
|
+
struct Key {
|
179
|
+
ctx_buf: [u64; KEY_CTX_BUF_ELEMS],
|
180
|
+
algorithm: &'static Algorithm,
|
181
|
+
}
|
182
|
+
|
183
|
+
// TODO: Implement Drop for Key that zeroizes the key data?
|
184
|
+
|
185
|
+
const KEY_CTX_BUF_ELEMS: usize = (KEY_CTX_BUF_LEN + 7) / 8;
|
186
|
+
|
187
|
+
// Keep this in sync with `aead_aes_gcm_ctx` in e_aes.c.
|
188
|
+
const KEY_CTX_BUF_LEN: usize = AES_KEY_BUF_LEN + GCM128_CONTEXT_BUF_LEN + 8;
|
189
|
+
|
190
|
+
// Keep this in sync with `AES_KEY` in aes.h.
|
191
|
+
const AES_KEY_BUF_LEN: usize = (4 * 4 * (AES_MAX_ROUNDS + 1)) + 8;
|
192
|
+
|
193
|
+
// Keep this in sync with `AES_MAXNR` in aes.h.
|
194
|
+
const AES_MAX_ROUNDS: usize = 14;
|
195
|
+
|
196
|
+
// Keep this in sync with `gcm128_context` in gcm.h.
|
197
|
+
const GCM128_CONTEXT_BUF_LEN: usize = (16 * 6) + (16 * 16) + (6 * 8);
|
198
|
+
|
199
|
+
impl Key {
|
200
|
+
/// XXX: Assumes self.algorithm is already filled in.
|
201
|
+
///
|
202
|
+
/// C analogs: `EVP_AEAD_CTX_init`, `EVP_AEAD_CTX_init_with_direction`
|
203
|
+
fn init(&mut self, key_bytes: &[u8]) -> Result<(), ()> {
|
204
|
+
if key_bytes.len() != self.algorithm.key_len {
|
205
|
+
return Err(());
|
206
|
+
}
|
207
|
+
|
208
|
+
ffi::map_bssl_result(unsafe {
|
209
|
+
(self.algorithm.init)(
|
210
|
+
self.ctx_buf.as_mut_ptr(),
|
211
|
+
std::mem::size_of::<[u64; KEY_CTX_BUF_ELEMS]>(),
|
212
|
+
key_bytes.as_ptr(), key_bytes.len())
|
213
|
+
})
|
214
|
+
}
|
215
|
+
|
216
|
+
/// The key's AEAD algorithm.
|
217
|
+
#[inline(always)]
|
218
|
+
fn algorithm(&self) -> &'static Algorithm { self.algorithm }
|
219
|
+
|
220
|
+
unsafe fn open_or_seal_in_place(&self, open_or_seal_fn: OpenOrSealFn,
|
221
|
+
nonce: &[u8], in_ptr: *const u8,
|
222
|
+
in_len: usize, ad: &[u8], out: &mut [u8])
|
223
|
+
-> Result<usize, ()> {
|
224
|
+
debug_assert!(self.algorithm.max_overhead_len >= self.algorithm.tag_len);
|
225
|
+
if nonce.len() != self.algorithm.nonce_len {
|
226
|
+
return Err(()) // CIPHER_R_INVALID_NONCE_SIZE
|
227
|
+
}
|
228
|
+
let mut out_len: c::size_t = 0;
|
229
|
+
match (open_or_seal_fn)(self.ctx_buf.as_ptr(), out.as_mut_ptr(),
|
230
|
+
&mut out_len, out.len(), nonce.as_ptr(), in_ptr,
|
231
|
+
in_len, ad.as_ptr(), ad.len()) {
|
232
|
+
1 => Ok(out_len),
|
233
|
+
_ => {
|
234
|
+
// Follow BoringSSL's lead in zeroizing the output buffer on
|
235
|
+
// error just in case an application accidentally and wrongly
|
236
|
+
// fails to check whether an open or seal operation failed.
|
237
|
+
for b in out {
|
238
|
+
*b = 0;
|
239
|
+
}
|
240
|
+
Err(())
|
241
|
+
}
|
242
|
+
}
|
243
|
+
}
|
244
|
+
}
|
245
|
+
|
246
|
+
/// An AEAD Algorithm.
|
247
|
+
///
|
248
|
+
/// C analog: `EVP_AEAD`
|
249
|
+
///
|
250
|
+
/// Go analog: [`crypto.cipher.AEAD`](https://golang.org/pkg/crypto/cipher/#AEAD)
|
251
|
+
pub struct Algorithm {
|
252
|
+
// Keep the layout of this in sync with the layout of `EVP_AEAD`.
|
253
|
+
|
254
|
+
/// The length of the key.
|
255
|
+
///
|
256
|
+
/// C analog: `EVP_AEAD_key_length`
|
257
|
+
pub key_len: usize,
|
258
|
+
|
259
|
+
/// The length of the nonces.
|
260
|
+
///
|
261
|
+
/// C analog: `EVP_AEAD_nonce_length`
|
262
|
+
///
|
263
|
+
/// Go analog: [`crypto.cipher.AEAD.NonceSize`](https://golang.org/pkg/crypto/cipher/#AEAD)
|
264
|
+
pub nonce_len: usize,
|
265
|
+
|
266
|
+
/// The maximum number of bytes that sealing operations may add to plaintexts.
|
267
|
+
/// See also `MAX_OVERHEAD_LEN`.
|
268
|
+
///
|
269
|
+
/// C analog: `EVP_AEAD_max_overhead`
|
270
|
+
///
|
271
|
+
/// Go analog: [`crypto.cipher.AEAD.Overhead`](https://golang.org/pkg/crypto/cipher/#AEAD)
|
272
|
+
pub max_overhead_len: usize,
|
273
|
+
|
274
|
+
/// The length of the authentication tags or MACs.
|
275
|
+
///
|
276
|
+
/// Use `max_overhead_len` or `MAX_OVERHEAD_LEN` when sizing buffers for
|
277
|
+
/// sealing operations.
|
278
|
+
///
|
279
|
+
/// C analog: `EVP_AEAD_tag_len`
|
280
|
+
pub tag_len: usize,
|
281
|
+
|
282
|
+
init: unsafe extern fn(ctx_buf: *mut u64, ctx_buf_len: c::size_t,
|
283
|
+
key: *const u8, key_len: c::size_t) -> c::int,
|
284
|
+
|
285
|
+
seal: OpenOrSealFn,
|
286
|
+
open: OpenOrSealFn,
|
287
|
+
}
|
288
|
+
|
289
|
+
const AES_128_KEY_LEN: usize = 128 / 8;
|
290
|
+
const AES_256_KEY_LEN: usize = 32; // 256 / 8
|
291
|
+
const AES_GCM_NONCE_LEN: usize = 96 / 8;
|
292
|
+
const AES_GCM_TAG_LEN: usize = 128 / 8;
|
293
|
+
|
294
|
+
const CHACHA20_KEY_LEN: usize = 32; // 256 / 8
|
295
|
+
const POLY1305_TAG_LEN: usize = 128 / 8;
|
296
|
+
|
297
|
+
/// The maximum value of `Algorithm.max_overhead_len` for the algorithms in
|
298
|
+
/// this module.
|
299
|
+
pub const MAX_OVERHEAD_LEN: usize = AES_GCM_TAG_LEN;
|
300
|
+
|
301
|
+
/// AES-128 in GCM mode with 128-bit tags and 96 bit nonces.
|
302
|
+
///
|
303
|
+
/// C analog: `EVP_aead_aes_128_gcm`
|
304
|
+
///
|
305
|
+
/// Go analog: [`crypto.aes`](https://golang.org/pkg/crypto/aes/)
|
306
|
+
pub static AES_128_GCM: Algorithm = Algorithm {
|
307
|
+
key_len: AES_128_KEY_LEN,
|
308
|
+
nonce_len: AES_GCM_NONCE_LEN,
|
309
|
+
max_overhead_len: AES_GCM_TAG_LEN,
|
310
|
+
tag_len: AES_GCM_TAG_LEN,
|
311
|
+
init: evp_aead_aes_gcm_init,
|
312
|
+
seal: evp_aead_aes_gcm_seal,
|
313
|
+
open: evp_aead_aes_gcm_open,
|
314
|
+
};
|
315
|
+
|
316
|
+
/// AES-256 in GCM mode with 128-bit tags and 96 bit nonces.
|
317
|
+
///
|
318
|
+
/// C analog: `EVP_aead_aes_256_gcm`
|
319
|
+
///
|
320
|
+
/// Go analog: [`crypto.aes`](https://golang.org/pkg/crypto/aes/)
|
321
|
+
pub static AES_256_GCM: Algorithm = Algorithm {
|
322
|
+
key_len: AES_256_KEY_LEN,
|
323
|
+
nonce_len: AES_GCM_NONCE_LEN,
|
324
|
+
max_overhead_len: AES_GCM_TAG_LEN,
|
325
|
+
tag_len: AES_GCM_TAG_LEN,
|
326
|
+
init: evp_aead_aes_gcm_init,
|
327
|
+
seal: evp_aead_aes_gcm_seal,
|
328
|
+
open: evp_aead_aes_gcm_open,
|
329
|
+
};
|
330
|
+
|
331
|
+
/// ChaCha20-Poly1305 as described in
|
332
|
+
/// [RFC 7539](https://tools.ietf.org/html/rfc7539).
|
333
|
+
///
|
334
|
+
/// The keys are 256 bits long and the nonces are 96 bits long.
|
335
|
+
pub static CHACHA20_POLY1305: Algorithm = Algorithm {
|
336
|
+
key_len: CHACHA20_KEY_LEN,
|
337
|
+
nonce_len: 96 / 8,
|
338
|
+
max_overhead_len: POLY1305_TAG_LEN,
|
339
|
+
tag_len: POLY1305_TAG_LEN,
|
340
|
+
init: evp_aead_chacha20_poly1305_init,
|
341
|
+
seal: evp_aead_chacha20_poly1305_seal,
|
342
|
+
open: evp_aead_chacha20_poly1305_open,
|
343
|
+
};
|
344
|
+
|
345
|
+
/// The old ChaCha20-Poly13065 construction used in OpenSSH's
|
346
|
+
/// [chacha20-poly1305@openssh.com](http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.bin/ssh/PROTOCOL.chacha20poly1305)
|
347
|
+
/// and the experimental TLS cipher suites with IDs `0xCC13` (ECDHE-RSA) and
|
348
|
+
/// `0xCC14` (ECDHE-ECDSA). Use `CHACHA20_POLY1305` instead.
|
349
|
+
///
|
350
|
+
/// The keys are 256 bits long and the nonces are 96 bits. The first four bytes
|
351
|
+
/// of the nonce must be `[0, 0, 0, 0]` in order to interoperate with other
|
352
|
+
/// implementations, which use 64-bit nonces.
|
353
|
+
pub static CHACHA20_POLY1305_OLD: Algorithm = Algorithm {
|
354
|
+
key_len: CHACHA20_KEY_LEN,
|
355
|
+
nonce_len: 96 / 8,
|
356
|
+
max_overhead_len: POLY1305_TAG_LEN,
|
357
|
+
tag_len: POLY1305_TAG_LEN,
|
358
|
+
init: evp_aead_chacha20_poly1305_init,
|
359
|
+
seal: evp_aead_chacha20_poly1305_old_seal,
|
360
|
+
open: evp_aead_chacha20_poly1305_old_open,
|
361
|
+
};
|
362
|
+
|
363
|
+
type OpenOrSealFn =
|
364
|
+
unsafe extern fn(ctx: *const u64, out: *mut u8,
|
365
|
+
out_len: &mut c::size_t, max_out_len: c::size_t,
|
366
|
+
nonce: *const u8, in_: *const u8, in_len: c::size_t,
|
367
|
+
ad: *const u8, ad_len: c::size_t) -> c::int;
|
368
|
+
|
369
|
+
extern {
|
370
|
+
fn evp_aead_aes_gcm_init(ctx_buf: *mut u64, ctx_buf_len: c::size_t,
|
371
|
+
key: *const u8, key_len: c::size_t) -> c::int;
|
372
|
+
|
373
|
+
fn evp_aead_aes_gcm_seal(ctx_buf: *const u64, out: *mut u8,
|
374
|
+
out_len: &mut c::size_t, max_out_len: c::size_t,
|
375
|
+
nonce: *const u8, in_: *const u8,
|
376
|
+
in_len: c::size_t, ad: *const u8,
|
377
|
+
ad_len: c::size_t) -> c::int;
|
378
|
+
|
379
|
+
fn evp_aead_aes_gcm_open(ctx_buf: *const u64, out: *mut u8,
|
380
|
+
out_len: &mut c::size_t, max_out_len: c::size_t,
|
381
|
+
nonce: *const u8, in_: *const u8,
|
382
|
+
in_len: c::size_t, ad: *const u8,
|
383
|
+
ad_len: c::size_t) -> c::int;
|
384
|
+
|
385
|
+
fn evp_aead_chacha20_poly1305_init(ctx_buf: *mut u64,
|
386
|
+
ctx_buf_len: c::size_t, key: *const u8,
|
387
|
+
key_len: c::size_t) -> c::int;
|
388
|
+
|
389
|
+
fn evp_aead_chacha20_poly1305_seal(ctx_buf: *const u64, out: *mut u8,
|
390
|
+
out_len: &mut c::size_t,
|
391
|
+
max_out_len: c::size_t,
|
392
|
+
nonce: *const u8, in_: *const u8,
|
393
|
+
in_len: c::size_t, ad: *const u8,
|
394
|
+
ad_len: c::size_t) -> c::int;
|
395
|
+
|
396
|
+
fn evp_aead_chacha20_poly1305_open(ctx_buf: *const u64, out: *mut u8,
|
397
|
+
out_len: &mut c::size_t,
|
398
|
+
max_out_len: c::size_t,
|
399
|
+
nonce: *const u8, in_: *const u8,
|
400
|
+
in_len: c::size_t, ad: *const u8,
|
401
|
+
ad_len: c::size_t) -> c::int;
|
402
|
+
|
403
|
+
fn evp_aead_chacha20_poly1305_old_seal(ctx_buf: *const u64, out: *mut u8,
|
404
|
+
out_len: &mut c::size_t,
|
405
|
+
max_out_len: c::size_t,
|
406
|
+
nonce: *const u8, in_: *const u8,
|
407
|
+
in_len: c::size_t, ad: *const u8,
|
408
|
+
ad_len: c::size_t) -> c::int;
|
409
|
+
|
410
|
+
fn evp_aead_chacha20_poly1305_old_open(ctx_buf: *const u64, out: *mut u8,
|
411
|
+
out_len: &mut c::size_t,
|
412
|
+
max_out_len: c::size_t,
|
413
|
+
nonce: *const u8, in_: *const u8,
|
414
|
+
in_len: c::size_t, ad: *const u8,
|
415
|
+
ad_len: c::size_t) -> c::int;
|
416
|
+
}
|
417
|
+
|
418
|
+
#[cfg(test)]
|
419
|
+
mod tests {
|
420
|
+
|
421
|
+
use super::super::{aead, file_test};
|
422
|
+
use rustc_serialize::hex::ToHex;
|
423
|
+
|
424
|
+
#[test]
|
425
|
+
pub fn test_aes_gcm_128() {
|
426
|
+
test_aead(&aead::AES_128_GCM,
|
427
|
+
"crypto/cipher/test/aes_128_gcm_tests.txt");
|
428
|
+
}
|
429
|
+
|
430
|
+
#[test]
|
431
|
+
pub fn test_aes_gcm_256() {
|
432
|
+
test_aead(&aead::AES_256_GCM,
|
433
|
+
"crypto/cipher/test/aes_256_gcm_tests.txt");
|
434
|
+
}
|
435
|
+
|
436
|
+
#[test]
|
437
|
+
pub fn test_chacha20_poly1305() {
|
438
|
+
test_aead(&aead::CHACHA20_POLY1305,
|
439
|
+
"crypto/cipher/test/chacha20_poly1305_tests.txt");
|
440
|
+
}
|
441
|
+
|
442
|
+
#[test]
|
443
|
+
pub fn test_chacha20_poly1305_old() {
|
444
|
+
test_aead(&aead::CHACHA20_POLY1305_OLD,
|
445
|
+
"crypto/cipher/test/chacha20_poly1305_old_tests.txt");
|
446
|
+
}
|
447
|
+
|
448
|
+
fn test_aead(aead_alg: &'static aead::Algorithm, file_path: &str) {
|
449
|
+
test_aead_key_sizes(aead_alg);
|
450
|
+
test_aead_nonce_sizes(aead_alg);
|
451
|
+
|
452
|
+
file_test::run(file_path, |section, test_case| {
|
453
|
+
assert_eq!(section, "");
|
454
|
+
let key_bytes = test_case.consume_bytes("KEY");
|
455
|
+
let nonce = test_case.consume_bytes("NONCE");
|
456
|
+
let plaintext = test_case.consume_bytes("IN");
|
457
|
+
let ad = test_case.consume_bytes("AD");
|
458
|
+
let mut ct = test_case.consume_bytes("CT");
|
459
|
+
let tag = test_case.consume_bytes("TAG");
|
460
|
+
let error = test_case.consume_optional_string("FAILS");
|
461
|
+
|
462
|
+
ct.extend(tag);
|
463
|
+
|
464
|
+
// TODO: test shifting.
|
465
|
+
|
466
|
+
let max_overhead_len = aead_alg.max_overhead_len;
|
467
|
+
let mut s_in_out = plaintext.clone();
|
468
|
+
for _ in 0..max_overhead_len {
|
469
|
+
s_in_out.push(0);
|
470
|
+
}
|
471
|
+
let s_key = aead::SealingKey::new(aead_alg, &key_bytes).unwrap();
|
472
|
+
let s_result = aead::seal_in_place(&s_key, &nonce,
|
473
|
+
&mut s_in_out[..],
|
474
|
+
max_overhead_len, &ad);
|
475
|
+
println!("ACTUAL: {}", s_in_out.to_hex());
|
476
|
+
|
477
|
+
let mut o_in_out = ct.clone();
|
478
|
+
let o_key = aead::OpeningKey::new(aead_alg, &key_bytes).unwrap();
|
479
|
+
let o_result = aead::open_in_place(&o_key, &nonce, 0,
|
480
|
+
&mut o_in_out[..], &ad);
|
481
|
+
|
482
|
+
match error {
|
483
|
+
None => {
|
484
|
+
assert_eq!(Ok(ct.len()), s_result);
|
485
|
+
assert_eq!(&ct[..], &s_in_out[0..ct.len()]);
|
486
|
+
assert_eq!(Ok(plaintext.len()), o_result);
|
487
|
+
assert_eq!(&plaintext[..], &o_in_out[0..plaintext.len()]);
|
488
|
+
},
|
489
|
+
Some(ref error) if error == "WRONG_NONCE_LENGTH" => {
|
490
|
+
assert_eq!(Err(()), s_result);
|
491
|
+
assert_eq!(Err(()), o_result);
|
492
|
+
},
|
493
|
+
Some(error) => {
|
494
|
+
unreachable!("Unexpected error test case: {}", error);
|
495
|
+
}
|
496
|
+
};
|
497
|
+
});
|
498
|
+
}
|
499
|
+
|
500
|
+
fn test_aead_key_sizes(aead_alg: &'static aead::Algorithm) {
|
501
|
+
let key_len = aead_alg.key_len;
|
502
|
+
let key_data = vec![0u8; key_len * 2];
|
503
|
+
|
504
|
+
// Key is the right size.
|
505
|
+
assert!(aead::OpeningKey::new(aead_alg, &key_data[0..key_len])
|
506
|
+
.is_ok());
|
507
|
+
assert!(aead::SealingKey::new(aead_alg, &key_data[0..key_len])
|
508
|
+
.is_ok());
|
509
|
+
|
510
|
+
// Key is one byte too small.
|
511
|
+
assert!(aead::OpeningKey::new(aead_alg, &key_data[0..(key_len - 1)])
|
512
|
+
.is_err());
|
513
|
+
assert!(aead::SealingKey::new(aead_alg, &key_data[0..(key_len - 1)])
|
514
|
+
.is_err());
|
515
|
+
|
516
|
+
// Key is one byte too large.
|
517
|
+
assert!(aead::OpeningKey::new(aead_alg, &key_data[0..(key_len + 1)])
|
518
|
+
.is_err());
|
519
|
+
assert!(aead::SealingKey::new(aead_alg, &key_data[0..(key_len + 1)])
|
520
|
+
.is_err());
|
521
|
+
|
522
|
+
// Key is half the required size.
|
523
|
+
assert!(aead::OpeningKey::new(aead_alg, &key_data[0..(key_len / 2)])
|
524
|
+
.is_err());
|
525
|
+
assert!(aead::SealingKey::new(aead_alg, &key_data[0..(key_len / 2)])
|
526
|
+
.is_err());
|
527
|
+
|
528
|
+
// Key is twice the required size.
|
529
|
+
assert!(aead::OpeningKey::new(aead_alg, &key_data[0..(key_len * 2)])
|
530
|
+
.is_err());
|
531
|
+
assert!(aead::SealingKey::new(aead_alg, &key_data[0..(key_len * 2)])
|
532
|
+
.is_err());
|
533
|
+
|
534
|
+
// Key is empty.
|
535
|
+
assert!(aead::OpeningKey::new(aead_alg, &[]).is_err());
|
536
|
+
assert!(aead::SealingKey::new(aead_alg, &[]).is_err());
|
537
|
+
|
538
|
+
// Key is one byte.
|
539
|
+
assert!(aead::OpeningKey::new(aead_alg, &[0]).is_err());
|
540
|
+
assert!(aead::SealingKey::new(aead_alg, &[0]).is_err());
|
541
|
+
}
|
542
|
+
|
543
|
+
// Test that we reject non-standard nonce sizes.
|
544
|
+
//
|
545
|
+
// XXX: This test isn't that great in terms of how it tests
|
546
|
+
// `open_in_place`. It should be constructing a valid ciphertext using the
|
547
|
+
// unsupported nonce size using a different implementation that supports
|
548
|
+
// non-standard nonce sizes. So, when `open_in_place` returns `Err(())`, we
|
549
|
+
// don't know if it is because it rejected the non-standard nonce size or
|
550
|
+
// because it tried to process the input with the wrong nonce. But at least
|
551
|
+
// we're verifying that `open_in_place` won't crash or access out-of-bounds
|
552
|
+
// memory (when run under valgrind or similar). The AES-128-GCM tests have
|
553
|
+
// some WRONG_NONCE_LENGTH test cases that tests this more correctly.
|
554
|
+
fn test_aead_nonce_sizes(aead_alg: &'static aead::Algorithm) {
|
555
|
+
let key_len = aead_alg.key_len;
|
556
|
+
let key_data = vec![0u8; key_len];
|
557
|
+
let o_key =
|
558
|
+
aead::OpeningKey::new(aead_alg, &key_data[0..key_len]).unwrap();
|
559
|
+
let s_key =
|
560
|
+
aead::SealingKey::new(aead_alg, &key_data[0..key_len]).unwrap();
|
561
|
+
|
562
|
+
let nonce_len = aead_alg.nonce_len;
|
563
|
+
|
564
|
+
let nonce = vec![0u8; nonce_len * 2];
|
565
|
+
|
566
|
+
let prefix_len = 0;
|
567
|
+
let suffix_space = aead_alg.max_overhead_len;
|
568
|
+
let ad: [u8; 0] = [];
|
569
|
+
|
570
|
+
// Construct a template input for `seal_in_place`.
|
571
|
+
let plaintext = "hello, world".as_bytes();
|
572
|
+
let mut to_seal = Vec::from(plaintext);
|
573
|
+
// Reserve space for tag.
|
574
|
+
for _ in 0..suffix_space {
|
575
|
+
to_seal.push(0);
|
576
|
+
}
|
577
|
+
let to_seal = &to_seal[..]; // to_seal is no longer mutable.
|
578
|
+
|
579
|
+
// Construct a template input for `open_in_place`.
|
580
|
+
let mut to_open = Vec::from(to_seal);
|
581
|
+
let ciphertext_len = aead::seal_in_place(&s_key, &nonce[0..nonce_len],
|
582
|
+
&mut to_open, suffix_space,
|
583
|
+
&ad).unwrap();
|
584
|
+
let to_open = &to_open[0..ciphertext_len];
|
585
|
+
|
586
|
+
// Nonce is the correct length.
|
587
|
+
{
|
588
|
+
let mut in_out = Vec::from(to_seal);
|
589
|
+
assert!(aead::seal_in_place(&s_key, &nonce[0..nonce_len],
|
590
|
+
&mut in_out, suffix_space, &ad).is_ok());
|
591
|
+
}
|
592
|
+
{
|
593
|
+
let mut in_out = Vec::from(to_open);
|
594
|
+
assert!(aead::open_in_place(&o_key, &nonce[0..nonce_len],
|
595
|
+
prefix_len, &mut in_out, &ad).is_ok());
|
596
|
+
}
|
597
|
+
|
598
|
+
// Nonce is one byte too small.
|
599
|
+
{
|
600
|
+
let mut in_out = Vec::from(to_seal);
|
601
|
+
assert!(aead::seal_in_place(&s_key, &nonce[0..(nonce_len - 1)],
|
602
|
+
&mut in_out, suffix_space, &ad).is_err());
|
603
|
+
}
|
604
|
+
{
|
605
|
+
let mut in_out = Vec::from(to_open);
|
606
|
+
assert!(aead::open_in_place(&o_key, &nonce[0..(nonce_len - 1)],
|
607
|
+
prefix_len, &mut in_out, &ad).is_err());
|
608
|
+
}
|
609
|
+
|
610
|
+
// Nonce is one byte too large.
|
611
|
+
{
|
612
|
+
let mut in_out = Vec::from(to_seal);
|
613
|
+
assert!(aead::seal_in_place(&s_key, &nonce[0..(nonce_len + 1)],
|
614
|
+
&mut in_out, suffix_space, &ad).is_err());
|
615
|
+
}
|
616
|
+
{
|
617
|
+
let mut in_out = Vec::from(to_open);
|
618
|
+
assert!(aead::open_in_place(&o_key, &nonce[0..(nonce_len + 1)],
|
619
|
+
prefix_len, &mut in_out, &ad).is_err());
|
620
|
+
}
|
621
|
+
|
622
|
+
// Nonce is half the required size.
|
623
|
+
{
|
624
|
+
let mut in_out = Vec::from(to_seal);
|
625
|
+
assert!(aead::seal_in_place(&s_key, &nonce[0..(nonce_len / 2)],
|
626
|
+
&mut in_out, suffix_space, &ad).is_err());
|
627
|
+
}
|
628
|
+
{
|
629
|
+
let mut in_out = Vec::from(to_open);
|
630
|
+
assert!(aead::open_in_place(&o_key, &nonce[0..(nonce_len / 2)],
|
631
|
+
prefix_len, &mut in_out, &ad).is_err());
|
632
|
+
}
|
633
|
+
|
634
|
+
// Nonce is twice the required size.
|
635
|
+
{
|
636
|
+
let mut in_out = Vec::from(to_seal);
|
637
|
+
assert!(aead::seal_in_place(&s_key, &nonce[0..(nonce_len * 2)],
|
638
|
+
&mut in_out, suffix_space, &ad).is_err());
|
639
|
+
}
|
640
|
+
{
|
641
|
+
let mut in_out = Vec::from(to_open);
|
642
|
+
assert!(aead::open_in_place(&o_key, &nonce[0..(nonce_len * 2)],
|
643
|
+
prefix_len, &mut in_out, &ad).is_err());
|
644
|
+
}
|
645
|
+
|
646
|
+
// Nonce is empty.
|
647
|
+
{
|
648
|
+
let mut in_out = Vec::from(to_seal);
|
649
|
+
assert!(aead::seal_in_place(&s_key, &[], &mut in_out, suffix_space,
|
650
|
+
&ad).is_err());
|
651
|
+
}
|
652
|
+
{
|
653
|
+
let mut in_out = Vec::from(to_open);
|
654
|
+
assert!(aead::open_in_place(&o_key, &[], prefix_len, &mut in_out,
|
655
|
+
&ad).is_err());
|
656
|
+
}
|
657
|
+
|
658
|
+
// Nonce is one byte.
|
659
|
+
{
|
660
|
+
let mut in_out = Vec::from(to_seal);
|
661
|
+
assert!(aead::seal_in_place(&s_key, &nonce[0..1], &mut in_out,
|
662
|
+
suffix_space, &ad).is_err());
|
663
|
+
}
|
664
|
+
{
|
665
|
+
let mut in_out = Vec::from(to_open);
|
666
|
+
assert!(aead::open_in_place(&o_key, &nonce[0..1], prefix_len,
|
667
|
+
&mut in_out, &ad).is_err());
|
668
|
+
}
|
669
|
+
|
670
|
+
// Nonce is 128 bits (16 bytes).
|
671
|
+
{
|
672
|
+
let mut in_out = Vec::from(to_seal);
|
673
|
+
assert!(aead::seal_in_place(&s_key, &nonce[0..16], &mut in_out,
|
674
|
+
suffix_space, &ad).is_err());
|
675
|
+
}
|
676
|
+
{
|
677
|
+
let mut in_out = Vec::from(to_open);
|
678
|
+
assert!(aead::open_in_place(&o_key, &nonce[0..16], prefix_len,
|
679
|
+
&mut in_out, &ad).is_err());
|
680
|
+
}
|
681
|
+
}
|
682
|
+
}
|