ring-native 0.0.0

data/vendor/ring/src/digest_tests.txt

@@ -0,0 +1,57 @@
+# SHA-1 tests from RFC 3174.
+
+Hash = SHA1
+Input = "abc"
+Repeat = 1
+Output = a9993e364706816aba3e25717850c26c9cd0d89d
+
+Hash = SHA1
+Input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+Repeat = 1
+Output = 84983e441c3bd26ebaae4aa1f95129e5e54670f1
+
+Hash = SHA1
+Input = "a"
+Repeat = 1000000
+Output = 34aa973cd4c4daa4f61eeb2bdbad27316534016f
+
+Hash = SHA1
+Input = "0123456701234567012345670123456701234567012345670123456701234567"
+Repeat = 10
+Output = dea356a2cddd90c7a7ecedc5ebb563934f460452
+
+# SHA-256 tests from NIST.
+
+Hash = SHA256
+Input = "abc"
+Repeat = 1
+Output = ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad
+
+Hash = SHA256
+Input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+Repeat = 1
+Output = 248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1
+
+# SHA-384 tests from NIST.
+
+Hash = SHA384
+Input = "abc"
+Repeat = 1
+Output = cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7
+
+Hash = SHA384
+Input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+Repeat = 1
+Output = 09330c33f71147e83d192fc782cd1b4753111b173b3b05d22fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039
+
+# SHA-512 tests from NIST
+
+Hash = SHA512
+Input = "abc"
+Repeat = 1
+Output = ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f
+
+Hash = SHA512
+Input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+Repeat = 1
+Output = 8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909

data/vendor/ring/src/ecc.rs

@@ -0,0 +1,28 @@
+// Copyright 2015 Brian Smith.
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+#[allow(non_camel_case_types)]
+#[doc(hidden)]
+pub enum EC_GROUP { }
+
+extern {
+    #[doc(hidden)]
+    pub fn EC_GROUP_P256() -> *const EC_GROUP;
+
+    #[doc(hidden)]
+    pub fn EC_GROUP_P384() -> *const EC_GROUP;
+
+    #[doc(hidden)]
+    pub fn EC_GROUP_P521() -> *const EC_GROUP;
+}

data/vendor/ring/src/ecc_build.rs

@@ -0,0 +1,279 @@
+// Copyright 2015 Brian Smith.
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+use num;
+use num::integer::Integer as Integral;
+use num::traits::{FromPrimitive, Num, One, Signed, ToPrimitive, Zero};
+use std;
+use super::ecc_curves::*;
+
+pub fn generate_code(out_dir: &str) -> std::io::Result<()> {
+    generate_ec_groups(out_dir)
+}
+
+// The math
+
+type Integer = num::bigint::BigInt;
+
+fn mod_inv(a: &Integer, m: &Integer)
+           -> Result<Integer, ()> {
+    fn extended_gcd(aa: &Integer, bb: &Integer) -> (Integer, Integer, Integer) {
+        let mut last_rem = aa.abs();
+        let mut rem = bb.abs();
+        let mut x = Integer::zero();
+        let mut last_x = Integer::one();
+        let mut y = Integer::one();
+        let mut last_y = Integer::zero();
+        while !rem.is_zero() {
+            let (quotient, new_rem) = last_rem.div_rem(&rem);
+            last_rem = rem;
+            rem = new_rem;
+
+            let new_x = last_x - &quotient * &x;
+            last_x = x;
+            x = new_x;
+
+            let new_y = last_y - &quotient * &y;
+            last_y = y;
+            y = new_y;
+        }
+        println!("last_rem: {}, aa: {}, bb: {}, last_x: {}, last_y: {}",
+                 last_rem, aa, bb, last_x, last_y);
+        (last_rem,
+         if aa.is_negative() { -last_x } else { last_x },
+         if bb.is_negative() { -last_y } else { last_y })
+    }
+
+    let (g, x, _) = extended_gcd(a, m);
+    if g != Integer::one() {
+        return Err(());
+    }
+    println!("x: {}, x % m: {}", &x, &x % m);
+    Ok(x % m)
+}
+
+struct ModP {
+    rr: Integer,
+    r: Integer,
+    p: Integer,
+    k: u64,
+}
+
+#[cfg(target_pointer_width = "64")]
+const LIMB_BITS: usize = 64;
+
+#[cfg(target_pointer_width = "32")]
+const LIMB_BITS: usize = 32;
+
+impl ModP {
+    fn new(p_hex_str: &str) -> Result<ModP, ()> {
+        let p = integer_from_hex_str(p_hex_str);
+        let p_bits = (p.to_biguint().unwrap().bits() + LIMB_BITS - 1) /
+                     LIMB_BITS * LIMB_BITS;
+        let neg_p = -&p;
+
+        let r = (Integer::one() << p_bits) % &p;
+        let rr = (&r * &r) % &p;
+        let tmod = Integer::one() << 64;
+        let k = try!(mod_inv(&neg_p, &tmod));
+        let mut k = k % (Integer::one() << 64);
+        if k.is_negative() {
+            k = &k + (Integer::one() << 64);
+        }
+        let k = k.to_u64().unwrap();
+        Ok(ModP {
+            p: p.clone(),
+            r: r.clone(),
+            rr: rr.clone(),
+            k: k.clone(),
+        })
+    }
+
+    fn encode(&self, n: &Integer) -> Integer {
+        (n * &self.r) % &self.p
+    }
+}
+
+fn integer_from_hex_str(hex_str: &str) -> Integer {
+    Integer::from_str_radix(hex_str, 16).unwrap()
+}
+
+// Generation of the C code for |EC_GROUP|
+pub fn generate_ec_groups(out_dir: &str) -> std::io::Result<()> {
+    use std::io::Write;
+
+    let mut fragments = SUPPORTED_CURVES.into_iter()
+                                        .map(|x| ec_group(x))
+                                        .collect::<Vec<_>>();
+    fragments.insert(0, String::from(EC_GROUPS_BOILERPLATE));
+
+    // Ensure file ends with newline to avoid undefined behavior
+    let code = fragments.join("\n") + "\n";
+
+    let dest_path = std::path::Path::new(&out_dir).join("ec_curve_data.inl");
+    let mut f = try!(std::fs::File::create(&dest_path));
+    try!(f.write_all(code.as_bytes()));
+    Ok(())
+}
+
+fn ec_group(curve: &NISTCurve) -> String {
+    assert_eq!(curve.cofactor, 1);
+
+    let q = ModP::new(&curve.q).unwrap();
+
+    let n = ModP::new(&curve.n).unwrap();
+    let n_minus_2 = &n.p - Integer::from_i8(2).unwrap();
+
+    let one = Integer::one();
+    assert_eq!(curve.a, -3);
+    let a = &q.p + Integer::from_i8(curve.a).unwrap();
+    let b = integer_from_hex_str(&curve.b);
+
+    let (generator_x, generator_y) =
+        (integer_from_hex_str(&curve.generator.0),
+         integer_from_hex_str(&curve.generator.1));
+
+    let one_mont = q.encode(&one);
+    let a_mont = q.encode(&a);
+    let b_mont = q.encode(&b);
+    let generator_x_mont = q.encode(&generator_x);
+    let generator_y_mont = q.encode(&generator_y);
+
+    format!("
+        const EC_GROUP *{ec_group_fn_name}(void) {{
+          static const BN_ULONG field_limbs[] = {q};
+          static const BN_ULONG field_rr_limbs[] = {q_rr};
+          static const BN_ULONG order_limbs[] = {n};
+          static const BN_ULONG order_rr_limbs[] = {n_rr};
+          static const BN_ULONG order_minus_2_limbs[] = {n_minus_2};
+        #if defined({name}_NO_MONT)
+          static const BN_ULONG generator_x_limbs[] = {x};
+          static const BN_ULONG generator_y_limbs[] = {y};
+          static const BN_ULONG a_limbs[] = {a};
+          static const BN_ULONG b_limbs[] = {b};
+          static const BN_ULONG one_limbs[] = {one};
+        #else
+          static const BN_ULONG generator_x_limbs[] = {x_mont};
+          static const BN_ULONG generator_y_limbs[] = {y_mont};
+          static const BN_ULONG a_limbs[] = {a_mont};
+          static const BN_ULONG b_limbs[] = {b_mont};
+          static const BN_ULONG one_limbs[] = {one_mont};
+        #endif
+          static const EC_GROUP group = {{
+            FIELD(.meth =) &{name}_EC_METHOD,
+            FIELD(.generator =) {{
+              FIELD(.meth =) &{name}_EC_METHOD,
+              FIELD(.X =) STATIC_BIGNUM(generator_x_limbs),
+              FIELD(.Y =) STATIC_BIGNUM(generator_y_limbs),
+              FIELD(.Z =) STATIC_BIGNUM(one_limbs),
+            }},
+            FIELD(.order =) STATIC_BIGNUM(order_limbs),
+            FIELD(.order_mont =) {{
+              FIELD(.RR =) STATIC_BIGNUM(order_rr_limbs),
+              FIELD(.N =) STATIC_BIGNUM(order_limbs),
+              FIELD(.n0 =) {{ BN_MONT_CTX_N0(0x{n_n1:x}, 0x{n_n0:x}) }},
+            }},
+            FIELD(.order_minus_2 =) STATIC_BIGNUM(order_minus_2_limbs),
+            FIELD(.curve_name =) {nid},
+            FIELD(.field =) STATIC_BIGNUM(field_limbs),
+            FIELD(.a =) STATIC_BIGNUM(a_limbs),
+            FIELD(.b =) STATIC_BIGNUM(b_limbs),
+            FIELD(.mont =) {{
+              FIELD(.RR =) STATIC_BIGNUM(field_rr_limbs),
+              FIELD(.N =) STATIC_BIGNUM(field_limbs),
+              FIELD(.n0 =) {{ BN_MONT_CTX_N0(0x{q_n1:x}, 0x{q_n0:x}) }},
+            }},
+            FIELD(.one =) STATIC_BIGNUM(one_limbs),
+          }};
+          return &group;
+        }}",
+        ec_group_fn_name = curve.name.replace("CURVE", "EC_GROUP"),
+        name = curve.name,
+        nid = curve.nid,
+
+        q = bn_limbs(&q.p),
+        q_rr = bn_limbs(&q.rr),
+        q_n0 = (q.k % (1u64 << 32)) as usize,
+        q_n1 = (q.k / (1u64 << 32)) as usize,
+
+        n = bn_limbs(&n.p),
+        n_minus_2 = bn_limbs(&n_minus_2),
+        n_rr = bn_limbs(&n.rr),
+        n_n0 = (n.k % (1u64 << 32)) as usize,
+        n_n1 = (n.k / (1u64 << 32)) as usize,
+
+        one = bn_limbs(&one),
+        x = bn_limbs(&generator_x),
+        y = bn_limbs(&generator_y),
+        a = bn_limbs(&a),
+        b = bn_limbs(&b),
+
+        one_mont = bn_limbs(&one_mont),
+        x_mont = bn_limbs(&generator_x_mont),
+        y_mont = bn_limbs(&generator_y_mont),
+        a_mont = bn_limbs(&a_mont),
+        b_mont = bn_limbs(&b_mont))
+        .replace("\n        ", "\n")
+}
+
+fn bn_limbs(value: &Integer) -> String {
+    const INDENT: &'static str = "            ";
+
+    let limbs =
+        value
+        .to_bytes_le()
+        .1
+        .chunks(4)
+        .map(|bytes| {
+            let mut place = 0;
+            let mut value = 0;
+            for b in bytes {
+                value |= (*b as u32) << place;
+                place += 8;
+            }
+            value
+        })
+        .collect::<Vec<_>>()
+        .chunks(2)
+        .map(|limbs_32x2| {
+            match limbs_32x2.len() {
+                2 => format!("{}TOBN(0x{:08x}, 0x{:08x}),\n", INDENT,
+                             limbs_32x2[1], limbs_32x2[0]),
+                1 => format!("{}0x{:08x},\n", INDENT,
+                             limbs_32x2[0]),
+                _ => unreachable!()
+            }
+        })
+        .collect::<String>();
+
+    format!("{{\n{}          }}", limbs)
+}
+
+const EC_GROUPS_BOILERPLATE: &'static str = r##"/* Copyright 2015 Brian Smith.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+/* This entire file was generated by ecc_build.rs from
+ * https://github.com/briansmith/ring. */
+"##;

data/vendor/ring/src/ecc_curves.rs

@@ -0,0 +1,117 @@
+// Copyright 2015 Brian Smith.
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+//! Data defining the supported elliptic curves.
+
+pub struct NISTCurve {
+    pub name: &'static str,
+    pub nid: &'static str,
+    pub q: &'static str,
+    pub n: &'static str,
+    pub generator: (&'static str, &'static str),
+    pub a: i8, // Must always be -3.
+    pub b: &'static str,
+    pub cofactor: i8, // Must always be 1.
+}
+
+// The curve parameters are from
+// http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf.
+
+pub static SUPPORTED_CURVES: [NISTCurve; 4] = [
+    NISTCurve {
+        name: "CURVE_P224",
+
+        // 2^224 − 2^96 + 1
+        q: "ffffffffffffffffffffffffffffffff000000000000000000000001",
+
+        n: "ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d",
+
+        generator:
+          ("b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21",
+           "bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34"),
+
+        a: -3,
+        b: "b4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4",
+        cofactor: 1,
+
+        nid: "NID_secp224r1",
+    },
+    NISTCurve {
+        name: "CURVE_P256",
+
+        // 2**256 - 2**224 + 2**192 + 2**96 - 1
+        q: "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff",
+
+        // 2**256 - 2**224 + 2**192 - 2**128 +
+        // 0xbce6faada7179e84f3b9cac2fc632551
+        n: "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551",
+
+        generator:
+          ("6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
+           "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5"),
+
+        a: -3,
+        b: "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b",
+        cofactor: 1,
+
+        nid: "NID_X9_62_prime256v1",
+    },
+    NISTCurve {
+        name: "CURVE_P384",
+
+        // 2^384 − 2^128 − 2^96 + 2^32 − 1
+        q: "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe\
+            ffffffff0000000000000000ffffffff",
+
+        // 2^384 - 2^192 + 0xc7634d81f4372ddf581a0db248b0a77aecec196accc52973
+        n: "ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf\
+            581a0db248b0a77aecec196accc52973",
+
+        generator:
+          ("aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a38\
+            5502f25dbf55296c3a545e3872760ab7",
+           "3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c0\
+            0a60b1ce1d7e819d7a431d7c90ea0e5f"),
+
+        a: -3,
+        b: "b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875a\
+            c656398d8a2ed19d2a85c8edd3ec2aef",
+        cofactor: 1,
+
+        nid: "NID_secp384r1",
+    },
+    NISTCurve {
+        name: "CURVE_P521",
+
+        // 2^521 − 1
+        q: "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\
+            ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
+
+        n: "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\
+            fa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409",
+
+        generator:
+          ("00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3d\
+            baa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66",
+           "011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e66\
+            2c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650"),
+
+        a: -3,
+        b: "0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109\
+            e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00",
+        cofactor: 1,
+
+        nid: "NID_secp521r1",
+    },
+];