ring-native 0.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +9 -0
- data/Gemfile +3 -0
- data/README.md +22 -0
- data/Rakefile +1 -0
- data/ext/ring/extconf.rb +29 -0
- data/lib/ring/native.rb +8 -0
- data/lib/ring/native/version.rb +5 -0
- data/ring-native.gemspec +25 -0
- data/vendor/ring/BUILDING.md +40 -0
- data/vendor/ring/Cargo.toml +43 -0
- data/vendor/ring/LICENSE +185 -0
- data/vendor/ring/Makefile +35 -0
- data/vendor/ring/PORTING.md +163 -0
- data/vendor/ring/README.md +113 -0
- data/vendor/ring/STYLE.md +197 -0
- data/vendor/ring/appveyor.yml +27 -0
- data/vendor/ring/build.rs +108 -0
- data/vendor/ring/crypto/aes/aes.c +1142 -0
- data/vendor/ring/crypto/aes/aes_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/aes/aes_test.cc +93 -0
- data/vendor/ring/crypto/aes/asm/aes-586.pl +2368 -0
- data/vendor/ring/crypto/aes/asm/aes-armv4.pl +1249 -0
- data/vendor/ring/crypto/aes/asm/aes-x86_64.pl +2246 -0
- data/vendor/ring/crypto/aes/asm/aesni-x86.pl +1318 -0
- data/vendor/ring/crypto/aes/asm/aesni-x86_64.pl +2084 -0
- data/vendor/ring/crypto/aes/asm/aesv8-armx.pl +675 -0
- data/vendor/ring/crypto/aes/asm/bsaes-armv7.pl +1364 -0
- data/vendor/ring/crypto/aes/asm/bsaes-x86_64.pl +1565 -0
- data/vendor/ring/crypto/aes/asm/vpaes-x86.pl +841 -0
- data/vendor/ring/crypto/aes/asm/vpaes-x86_64.pl +1116 -0
- data/vendor/ring/crypto/aes/internal.h +87 -0
- data/vendor/ring/crypto/aes/mode_wrappers.c +61 -0
- data/vendor/ring/crypto/bn/add.c +394 -0
- data/vendor/ring/crypto/bn/asm/armv4-mont.pl +694 -0
- data/vendor/ring/crypto/bn/asm/armv8-mont.pl +1503 -0
- data/vendor/ring/crypto/bn/asm/bn-586.pl +774 -0
- data/vendor/ring/crypto/bn/asm/co-586.pl +287 -0
- data/vendor/ring/crypto/bn/asm/rsaz-avx2.pl +1882 -0
- data/vendor/ring/crypto/bn/asm/x86-mont.pl +592 -0
- data/vendor/ring/crypto/bn/asm/x86_64-gcc.c +599 -0
- data/vendor/ring/crypto/bn/asm/x86_64-mont.pl +1393 -0
- data/vendor/ring/crypto/bn/asm/x86_64-mont5.pl +3507 -0
- data/vendor/ring/crypto/bn/bn.c +352 -0
- data/vendor/ring/crypto/bn/bn_asn1.c +74 -0
- data/vendor/ring/crypto/bn/bn_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/bn/bn_test.cc +1696 -0
- data/vendor/ring/crypto/bn/cmp.c +200 -0
- data/vendor/ring/crypto/bn/convert.c +433 -0
- data/vendor/ring/crypto/bn/ctx.c +311 -0
- data/vendor/ring/crypto/bn/div.c +594 -0
- data/vendor/ring/crypto/bn/exponentiation.c +1335 -0
- data/vendor/ring/crypto/bn/gcd.c +711 -0
- data/vendor/ring/crypto/bn/generic.c +1019 -0
- data/vendor/ring/crypto/bn/internal.h +316 -0
- data/vendor/ring/crypto/bn/montgomery.c +516 -0
- data/vendor/ring/crypto/bn/mul.c +888 -0
- data/vendor/ring/crypto/bn/prime.c +829 -0
- data/vendor/ring/crypto/bn/random.c +334 -0
- data/vendor/ring/crypto/bn/rsaz_exp.c +262 -0
- data/vendor/ring/crypto/bn/rsaz_exp.h +53 -0
- data/vendor/ring/crypto/bn/shift.c +276 -0
- data/vendor/ring/crypto/bytestring/bytestring_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/bytestring/bytestring_test.cc +421 -0
- data/vendor/ring/crypto/bytestring/cbb.c +399 -0
- data/vendor/ring/crypto/bytestring/cbs.c +227 -0
- data/vendor/ring/crypto/bytestring/internal.h +46 -0
- data/vendor/ring/crypto/chacha/chacha_generic.c +140 -0
- data/vendor/ring/crypto/chacha/chacha_vec.c +323 -0
- data/vendor/ring/crypto/chacha/chacha_vec_arm.S +1447 -0
- data/vendor/ring/crypto/chacha/chacha_vec_arm_generate.go +153 -0
- data/vendor/ring/crypto/cipher/cipher_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/cipher/e_aes.c +390 -0
- data/vendor/ring/crypto/cipher/e_chacha20poly1305.c +208 -0
- data/vendor/ring/crypto/cipher/internal.h +173 -0
- data/vendor/ring/crypto/cipher/test/aes_128_gcm_tests.txt +543 -0
- data/vendor/ring/crypto/cipher/test/aes_128_key_wrap_tests.txt +9 -0
- data/vendor/ring/crypto/cipher/test/aes_256_gcm_tests.txt +475 -0
- data/vendor/ring/crypto/cipher/test/aes_256_key_wrap_tests.txt +23 -0
- data/vendor/ring/crypto/cipher/test/chacha20_poly1305_old_tests.txt +422 -0
- data/vendor/ring/crypto/cipher/test/chacha20_poly1305_tests.txt +484 -0
- data/vendor/ring/crypto/cipher/test/cipher_test.txt +100 -0
- data/vendor/ring/crypto/constant_time_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/constant_time_test.c +304 -0
- data/vendor/ring/crypto/cpu-arm-asm.S +32 -0
- data/vendor/ring/crypto/cpu-arm.c +199 -0
- data/vendor/ring/crypto/cpu-intel.c +261 -0
- data/vendor/ring/crypto/crypto.c +151 -0
- data/vendor/ring/crypto/curve25519/asm/x25519-arm.S +2118 -0
- data/vendor/ring/crypto/curve25519/curve25519.c +4888 -0
- data/vendor/ring/crypto/curve25519/x25519_test.cc +128 -0
- data/vendor/ring/crypto/digest/md32_common.h +181 -0
- data/vendor/ring/crypto/ec/asm/p256-x86_64-asm.pl +2725 -0
- data/vendor/ring/crypto/ec/ec.c +193 -0
- data/vendor/ring/crypto/ec/ec_curves.c +61 -0
- data/vendor/ring/crypto/ec/ec_key.c +228 -0
- data/vendor/ring/crypto/ec/ec_montgomery.c +114 -0
- data/vendor/ring/crypto/ec/example_mul.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/ec/internal.h +243 -0
- data/vendor/ring/crypto/ec/oct.c +253 -0
- data/vendor/ring/crypto/ec/p256-64.c +1794 -0
- data/vendor/ring/crypto/ec/p256-x86_64-table.h +9548 -0
- data/vendor/ring/crypto/ec/p256-x86_64.c +509 -0
- data/vendor/ring/crypto/ec/simple.c +1007 -0
- data/vendor/ring/crypto/ec/util-64.c +183 -0
- data/vendor/ring/crypto/ec/wnaf.c +508 -0
- data/vendor/ring/crypto/ecdh/ecdh.c +155 -0
- data/vendor/ring/crypto/ecdsa/ecdsa.c +304 -0
- data/vendor/ring/crypto/ecdsa/ecdsa_asn1.c +193 -0
- data/vendor/ring/crypto/ecdsa/ecdsa_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/ecdsa/ecdsa_test.cc +327 -0
- data/vendor/ring/crypto/header_removed.h +17 -0
- data/vendor/ring/crypto/internal.h +495 -0
- data/vendor/ring/crypto/libring.Windows.vcxproj +101 -0
- data/vendor/ring/crypto/mem.c +98 -0
- data/vendor/ring/crypto/modes/asm/aesni-gcm-x86_64.pl +1045 -0
- data/vendor/ring/crypto/modes/asm/ghash-armv4.pl +517 -0
- data/vendor/ring/crypto/modes/asm/ghash-x86.pl +1393 -0
- data/vendor/ring/crypto/modes/asm/ghash-x86_64.pl +1741 -0
- data/vendor/ring/crypto/modes/asm/ghashv8-armx.pl +422 -0
- data/vendor/ring/crypto/modes/ctr.c +226 -0
- data/vendor/ring/crypto/modes/gcm.c +1206 -0
- data/vendor/ring/crypto/modes/gcm_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/modes/gcm_test.c +348 -0
- data/vendor/ring/crypto/modes/internal.h +299 -0
- data/vendor/ring/crypto/perlasm/arm-xlate.pl +170 -0
- data/vendor/ring/crypto/perlasm/readme +100 -0
- data/vendor/ring/crypto/perlasm/x86_64-xlate.pl +1164 -0
- data/vendor/ring/crypto/perlasm/x86asm.pl +292 -0
- data/vendor/ring/crypto/perlasm/x86gas.pl +263 -0
- data/vendor/ring/crypto/perlasm/x86masm.pl +200 -0
- data/vendor/ring/crypto/perlasm/x86nasm.pl +187 -0
- data/vendor/ring/crypto/poly1305/poly1305.c +331 -0
- data/vendor/ring/crypto/poly1305/poly1305_arm.c +301 -0
- data/vendor/ring/crypto/poly1305/poly1305_arm_asm.S +2015 -0
- data/vendor/ring/crypto/poly1305/poly1305_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/poly1305/poly1305_test.cc +80 -0
- data/vendor/ring/crypto/poly1305/poly1305_test.txt +52 -0
- data/vendor/ring/crypto/poly1305/poly1305_vec.c +892 -0
- data/vendor/ring/crypto/rand/asm/rdrand-x86_64.pl +75 -0
- data/vendor/ring/crypto/rand/internal.h +32 -0
- data/vendor/ring/crypto/rand/rand.c +189 -0
- data/vendor/ring/crypto/rand/urandom.c +219 -0
- data/vendor/ring/crypto/rand/windows.c +56 -0
- data/vendor/ring/crypto/refcount_c11.c +66 -0
- data/vendor/ring/crypto/refcount_lock.c +53 -0
- data/vendor/ring/crypto/refcount_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/refcount_test.c +58 -0
- data/vendor/ring/crypto/rsa/blinding.c +462 -0
- data/vendor/ring/crypto/rsa/internal.h +108 -0
- data/vendor/ring/crypto/rsa/padding.c +300 -0
- data/vendor/ring/crypto/rsa/rsa.c +450 -0
- data/vendor/ring/crypto/rsa/rsa_asn1.c +261 -0
- data/vendor/ring/crypto/rsa/rsa_impl.c +944 -0
- data/vendor/ring/crypto/rsa/rsa_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/rsa/rsa_test.cc +437 -0
- data/vendor/ring/crypto/sha/asm/sha-armv8.pl +436 -0
- data/vendor/ring/crypto/sha/asm/sha-x86_64.pl +2390 -0
- data/vendor/ring/crypto/sha/asm/sha256-586.pl +1275 -0
- data/vendor/ring/crypto/sha/asm/sha256-armv4.pl +735 -0
- data/vendor/ring/crypto/sha/asm/sha256-armv8.pl +14 -0
- data/vendor/ring/crypto/sha/asm/sha256-x86_64.pl +14 -0
- data/vendor/ring/crypto/sha/asm/sha512-586.pl +911 -0
- data/vendor/ring/crypto/sha/asm/sha512-armv4.pl +666 -0
- data/vendor/ring/crypto/sha/asm/sha512-armv8.pl +14 -0
- data/vendor/ring/crypto/sha/asm/sha512-x86_64.pl +14 -0
- data/vendor/ring/crypto/sha/sha1.c +271 -0
- data/vendor/ring/crypto/sha/sha256.c +204 -0
- data/vendor/ring/crypto/sha/sha512.c +355 -0
- data/vendor/ring/crypto/test/file_test.cc +326 -0
- data/vendor/ring/crypto/test/file_test.h +181 -0
- data/vendor/ring/crypto/test/malloc.cc +150 -0
- data/vendor/ring/crypto/test/scoped_types.h +95 -0
- data/vendor/ring/crypto/test/test.Windows.vcxproj +35 -0
- data/vendor/ring/crypto/test/test_util.cc +46 -0
- data/vendor/ring/crypto/test/test_util.h +41 -0
- data/vendor/ring/crypto/thread_none.c +55 -0
- data/vendor/ring/crypto/thread_pthread.c +165 -0
- data/vendor/ring/crypto/thread_test.Windows.vcxproj +25 -0
- data/vendor/ring/crypto/thread_test.c +200 -0
- data/vendor/ring/crypto/thread_win.c +282 -0
- data/vendor/ring/examples/checkdigest.rs +103 -0
- data/vendor/ring/include/openssl/aes.h +121 -0
- data/vendor/ring/include/openssl/arm_arch.h +129 -0
- data/vendor/ring/include/openssl/base.h +156 -0
- data/vendor/ring/include/openssl/bn.h +794 -0
- data/vendor/ring/include/openssl/buffer.h +18 -0
- data/vendor/ring/include/openssl/bytestring.h +235 -0
- data/vendor/ring/include/openssl/chacha.h +37 -0
- data/vendor/ring/include/openssl/cmac.h +76 -0
- data/vendor/ring/include/openssl/cpu.h +184 -0
- data/vendor/ring/include/openssl/crypto.h +43 -0
- data/vendor/ring/include/openssl/curve25519.h +88 -0
- data/vendor/ring/include/openssl/ec.h +225 -0
- data/vendor/ring/include/openssl/ec_key.h +129 -0
- data/vendor/ring/include/openssl/ecdh.h +110 -0
- data/vendor/ring/include/openssl/ecdsa.h +156 -0
- data/vendor/ring/include/openssl/err.h +201 -0
- data/vendor/ring/include/openssl/mem.h +101 -0
- data/vendor/ring/include/openssl/obj_mac.h +71 -0
- data/vendor/ring/include/openssl/opensslfeatures.h +68 -0
- data/vendor/ring/include/openssl/opensslv.h +18 -0
- data/vendor/ring/include/openssl/ossl_typ.h +18 -0
- data/vendor/ring/include/openssl/poly1305.h +51 -0
- data/vendor/ring/include/openssl/rand.h +70 -0
- data/vendor/ring/include/openssl/rsa.h +399 -0
- data/vendor/ring/include/openssl/thread.h +133 -0
- data/vendor/ring/include/openssl/type_check.h +71 -0
- data/vendor/ring/mk/Common.props +63 -0
- data/vendor/ring/mk/Windows.props +42 -0
- data/vendor/ring/mk/WindowsTest.props +18 -0
- data/vendor/ring/mk/appveyor.bat +62 -0
- data/vendor/ring/mk/bottom_of_makefile.mk +54 -0
- data/vendor/ring/mk/ring.mk +266 -0
- data/vendor/ring/mk/top_of_makefile.mk +214 -0
- data/vendor/ring/mk/travis.sh +40 -0
- data/vendor/ring/mk/update-travis-yml.py +229 -0
- data/vendor/ring/ring.sln +153 -0
- data/vendor/ring/src/aead.rs +682 -0
- data/vendor/ring/src/agreement.rs +248 -0
- data/vendor/ring/src/c.rs +129 -0
- data/vendor/ring/src/constant_time.rs +37 -0
- data/vendor/ring/src/der.rs +96 -0
- data/vendor/ring/src/digest.rs +690 -0
- data/vendor/ring/src/digest_tests.txt +57 -0
- data/vendor/ring/src/ecc.rs +28 -0
- data/vendor/ring/src/ecc_build.rs +279 -0
- data/vendor/ring/src/ecc_curves.rs +117 -0
- data/vendor/ring/src/ed25519_tests.txt +2579 -0
- data/vendor/ring/src/exe_tests.rs +46 -0
- data/vendor/ring/src/ffi.rs +29 -0
- data/vendor/ring/src/file_test.rs +187 -0
- data/vendor/ring/src/hkdf.rs +153 -0
- data/vendor/ring/src/hkdf_tests.txt +59 -0
- data/vendor/ring/src/hmac.rs +414 -0
- data/vendor/ring/src/hmac_tests.txt +97 -0
- data/vendor/ring/src/input.rs +312 -0
- data/vendor/ring/src/lib.rs +41 -0
- data/vendor/ring/src/pbkdf2.rs +265 -0
- data/vendor/ring/src/pbkdf2_tests.txt +113 -0
- data/vendor/ring/src/polyfill.rs +57 -0
- data/vendor/ring/src/rand.rs +28 -0
- data/vendor/ring/src/signature.rs +314 -0
- data/vendor/ring/third-party/NIST/README.md +9 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA1LongMsg.rsp +263 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA1Monte.rsp +309 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA1ShortMsg.rsp +267 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA224LongMsg.rsp +263 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA224Monte.rsp +309 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA224ShortMsg.rsp +267 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA256LongMsg.rsp +263 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA256Monte.rsp +309 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA256ShortMsg.rsp +267 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA384LongMsg.rsp +519 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA384Monte.rsp +309 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA384ShortMsg.rsp +523 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA512LongMsg.rsp +519 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA512Monte.rsp +309 -0
- data/vendor/ring/third-party/NIST/SHAVS/SHA512ShortMsg.rsp +523 -0
- data/vendor/ring/third-party/NIST/sha256sums.txt +1 -0
- metadata +333 -0
@@ -0,0 +1,113 @@
|
|
1
|
+
# The|dkLen| parameter is given implicitly as the length of |DK|.
|
2
|
+
|
3
|
+
# RFC 6070 Section 2. PBKDF2 HMAC-SHA1 Test Vectors
|
4
|
+
|
5
|
+
Hash = SHA1
|
6
|
+
P = "password"
|
7
|
+
S = "salt"
|
8
|
+
c = 1
|
9
|
+
DK = 0c60c80f961f0e71f3a9b524af6012062fe037a6
|
10
|
+
|
11
|
+
Hash = SHA1
|
12
|
+
P = "password"
|
13
|
+
S = "salt"
|
14
|
+
c = 2
|
15
|
+
DK = ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957
|
16
|
+
|
17
|
+
Hash = SHA1
|
18
|
+
P = "password"
|
19
|
+
S = "salt"
|
20
|
+
c = 4096
|
21
|
+
DK = 4b007901b765489abead49d926f721d065a429c1
|
22
|
+
|
23
|
+
Hash = SHA1
|
24
|
+
P = "password"
|
25
|
+
S = "salt"
|
26
|
+
c = 16777216
|
27
|
+
DK = eefe3d61cd4da4e4e9945b3d6ba2158c2634e984
|
28
|
+
|
29
|
+
# Skipped because we panic if the output length requested is larger than the
|
30
|
+
# digest block size.
|
31
|
+
# Hash = SHA1
|
32
|
+
# P = "passwordPASSWORDpassword"
|
33
|
+
# S = "saltSALTsaltSALTsaltSALTsaltSALTsalt"
|
34
|
+
# c = 4096
|
35
|
+
# DK = 3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038
|
36
|
+
|
37
|
+
# P is "pass\0word" S is "sa\0lt"
|
38
|
+
Hash = SHA1
|
39
|
+
P = 7061737300776f7264
|
40
|
+
S = 7361006c74
|
41
|
+
c = 4096
|
42
|
+
DK = 56fa6aa75548099dcc37d7f03425e0c3
|
43
|
+
|
44
|
+
# PBKDF2 HMAC-SHA256 Test Vectors from
|
45
|
+
# https://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors
|
46
|
+
|
47
|
+
Hash = SHA256
|
48
|
+
P = "password"
|
49
|
+
S = "salt"
|
50
|
+
c = 1
|
51
|
+
DK = 120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b
|
52
|
+
|
53
|
+
Hash = SHA256
|
54
|
+
P = "password"
|
55
|
+
S = "salt"
|
56
|
+
c = 2
|
57
|
+
DK = ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43
|
58
|
+
|
59
|
+
Hash = SHA256
|
60
|
+
P = "password"
|
61
|
+
S = "salt"
|
62
|
+
c = 4096
|
63
|
+
DK = c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a
|
64
|
+
|
65
|
+
# Skipped because we panic if the output length requested is larger than the
|
66
|
+
# digest block size.
|
67
|
+
# Hash = SHA256
|
68
|
+
# P = "password"
|
69
|
+
# S = "salt"
|
70
|
+
# c = 16777216
|
71
|
+
# DK = cf81c66fe8cfc04d1f31ecb65dab4089f7f179e89b3b0bcb17ad10e3ac6eba46
|
72
|
+
|
73
|
+
# Skipped because we panic if the output length requested is larger than the
|
74
|
+
# digest block size.
|
75
|
+
# Hash = SHA256
|
76
|
+
# P = "passwordPASSWORDpassword"
|
77
|
+
# S = "saltSALTsaltSALTsaltSALTsaltSALTsalt"
|
78
|
+
# c = 4096
|
79
|
+
# DK = 348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c635518c7dac47e9
|
80
|
+
|
81
|
+
# P is "pass\0word" S is "sa\0lt"
|
82
|
+
Hash = SHA256
|
83
|
+
P = 7061737300776f7264
|
84
|
+
S = 7361006c74
|
85
|
+
c = 4096
|
86
|
+
DK = 89b69d0516f829893c696226650a8687
|
87
|
+
|
88
|
+
# PBKDF2 HMAC-SHA512 Test Vectors from
|
89
|
+
# https://stackoverflow.com/questions/15593184/pbkdf2-hmac-sha-512-test-vectors
|
90
|
+
|
91
|
+
Hash = SHA512
|
92
|
+
P = "password"
|
93
|
+
S = "salt"
|
94
|
+
c = 1
|
95
|
+
DK = 867f70cf1ade02cff3752599a3a53dc4af34c7a669815ae5d513554e1c8cf252c02d470a285a0501bad999bfe943c08f050235d7d68b1da55e63f73b60a57fce
|
96
|
+
|
97
|
+
Hash = SHA512
|
98
|
+
P = "password"
|
99
|
+
S = "salt"
|
100
|
+
c = 2
|
101
|
+
DK = e1d9c16aa681708a45f5c7c4e215ceb66e011a2e9f0040713f18aefdb866d53cf76cab2868a39b9f7840edce4fef5a82be67335c77a6068e04112754f27ccf4e
|
102
|
+
|
103
|
+
Hash = SHA512
|
104
|
+
P = "password"
|
105
|
+
S = "salt"
|
106
|
+
c = 4096
|
107
|
+
DK = d197b1b33db0143e018b12f3d1d1479e6cdebdcc97c5c0f87f6902e072f457b5143f30602641b3d55cd335988cb36b84376060ecd532e039b742a239434af2d5
|
108
|
+
|
109
|
+
Hash = SHA512
|
110
|
+
P = "passwordPASSWORDpassword"
|
111
|
+
S = "saltSALTsaltSALTsaltSALTsaltSALTsalt"
|
112
|
+
c = 4096
|
113
|
+
DK = 8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868c005174dc4ee71115b59f9e60cd9532fa33e0f75aefe30225c583a186cd82bd4daea9724a3d3b8
|
@@ -0,0 +1,57 @@
|
|
1
|
+
// Copyright 2015 Brian Smith.
|
2
|
+
//
|
3
|
+
// Permission to use, copy, modify, and/or distribute this software for any
|
4
|
+
// purpose with or without fee is hereby granted, provided that the above
|
5
|
+
// copyright notice and this permission notice appear in all copies.
|
6
|
+
//
|
7
|
+
// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
|
8
|
+
// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
9
|
+
// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR
|
10
|
+
// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
11
|
+
// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
12
|
+
// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
13
|
+
// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
14
|
+
|
15
|
+
//! Polyfills for functionality that will (hopefully) be added to Rust's
|
16
|
+
//! standard library soon.
|
17
|
+
|
18
|
+
pub mod slice {
|
19
|
+
// https://github.com/rust-lang/rust/issues/27750
|
20
|
+
// https://internals.rust-lang.org/t/stabilizing-basic-functions-on-arrays-and-slices/2868
|
21
|
+
#[inline(always)]
|
22
|
+
pub fn fill(dest: &mut [u8], value: u8) {
|
23
|
+
for d in dest {
|
24
|
+
*d = value;
|
25
|
+
}
|
26
|
+
}
|
27
|
+
|
28
|
+
// https://github.com/rust-lang/rust/issues/27750
|
29
|
+
// https://internals.rust-lang.org/t/stabilizing-basic-functions-on-arrays-and-slices/2868
|
30
|
+
#[inline(always)]
|
31
|
+
pub fn fill_from_slice(dest: &mut [u8], src: &[u8]) {
|
32
|
+
use std;
|
33
|
+
assert_eq!(dest.len(), src.len());
|
34
|
+
unsafe {
|
35
|
+
std::ptr::copy_nonoverlapping(src.as_ptr(), dest.as_mut_ptr(),
|
36
|
+
src.len())
|
37
|
+
}
|
38
|
+
}
|
39
|
+
|
40
|
+
// https://internals.rust-lang.org/t/safe-trasnsmute-for-slices-e-g-u64-u32-particularly-simd-types/2871
|
41
|
+
#[inline(always)]
|
42
|
+
pub fn u64_as_u8<'a>(src: &'a [u64]) -> &'a [u8] {
|
43
|
+
use std;
|
44
|
+
unsafe {
|
45
|
+
std::slice::from_raw_parts(src.as_ptr() as *const u8, src.len() * 8)
|
46
|
+
}
|
47
|
+
}
|
48
|
+
|
49
|
+
// https://internals.rust-lang.org/t/safe-trasnsmute-for-slices-e-g-u64-u32-particularly-simd-types/2871
|
50
|
+
#[inline(always)]
|
51
|
+
pub fn u64_as_u32<'a>(src: &'a [u64]) -> &'a [u32] {
|
52
|
+
use std;
|
53
|
+
unsafe {
|
54
|
+
std::slice::from_raw_parts(src.as_ptr() as *const u32, src.len() * 2)
|
55
|
+
}
|
56
|
+
}
|
57
|
+
}
|
@@ -0,0 +1,28 @@
|
|
1
|
+
// Copyright 2015 Brian Smith.
|
2
|
+
//
|
3
|
+
// Permission to use, copy, modify, and/or distribute this software for any
|
4
|
+
// purpose with or without fee is hereby granted, provided that the above
|
5
|
+
// copyright notice and this permission notice appear in all copies.
|
6
|
+
//
|
7
|
+
// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
|
8
|
+
// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
9
|
+
// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
|
10
|
+
// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
11
|
+
// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
|
12
|
+
// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
13
|
+
// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
14
|
+
|
15
|
+
//! Cryptographic psuedo-random number generation.
|
16
|
+
|
17
|
+
use super::{c, ffi};
|
18
|
+
|
19
|
+
/// Fills the given slice with random bytes generated from a PRNG.
|
20
|
+
pub fn fill_secure_random(out: &mut [u8]) -> Result<(), ()> {
|
21
|
+
ffi::map_bssl_result(unsafe {
|
22
|
+
RAND_bytes(out.as_mut_ptr(), out.len())
|
23
|
+
})
|
24
|
+
}
|
25
|
+
|
26
|
+
extern {
|
27
|
+
fn RAND_bytes(buf: *mut u8, len: c::size_t) -> c::int;
|
28
|
+
}
|
@@ -0,0 +1,314 @@
|
|
1
|
+
// Copyright 2015 Brian Smith.
|
2
|
+
//
|
3
|
+
// Permission to use, copy, modify, and/or distribute this software for any
|
4
|
+
// purpose with or without fee is hereby granted, provided that the above
|
5
|
+
// copyright notice and this permission notice appear in all copies.
|
6
|
+
//
|
7
|
+
// THE SOFTWARE IS PROVIDED "AS IS" AND AND THE AUTHORS DISCLAIM ALL WARRANTIES
|
8
|
+
// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
9
|
+
// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
|
10
|
+
// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
11
|
+
// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
|
12
|
+
// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
|
13
|
+
// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
14
|
+
|
15
|
+
//! Public key signatures: signing and verification.
|
16
|
+
//!
|
17
|
+
//! Use the `verify` function to verify signatures, passing a reference to the
|
18
|
+
//! `_VERIFY` algorithm that identifies the algorithm. See the documentation
|
19
|
+
//! for `verify` for examples.
|
20
|
+
//!
|
21
|
+
//! The design of this module is unusual compared to other public key signature
|
22
|
+
//! APIs. Algorithms like split into "signing" and "verification" algorithms.
|
23
|
+
//! Also, this API treats each combination of parameters as a separate
|
24
|
+
//! algorithm. For example, instead of having a single "RSA" algorithm with a
|
25
|
+
//! verification function that takes a bunch of parameters, there are
|
26
|
+
//! `RSA_PKCS1_2048_8192_SHA256`, `RSA_PKCS1_2048_8192_SHA512`,
|
27
|
+
//! etc. which encode sets of parameter choices into objects. This design is
|
28
|
+
//! designed to reduce the risks of algorithm agility. It is also designed to
|
29
|
+
//! be optimized for Ed25519, which has a fixed signature format, a fixed curve,
|
30
|
+
//! a fixed key size, and a fixed digest algorithm.
|
31
|
+
//!
|
32
|
+
//! Currently this module does not support digesting the message to be signed
|
33
|
+
//! separately from the public key operation, as it is currently being
|
34
|
+
//! optimized for Ed25519 and for the implementation of protocols that do not
|
35
|
+
//! requiring signing large messages. An interface for efficiently supporting
|
36
|
+
//! larger messages will be added later. Similarly, the signing interface is
|
37
|
+
//! not available yet.
|
38
|
+
|
39
|
+
use super::{c, digest, ecc, ffi};
|
40
|
+
use super::input::Input;
|
41
|
+
|
42
|
+
/// A signature verification algorithm.
|
43
|
+
pub trait VerificationAlgorithm {
|
44
|
+
#[doc(hidden)]
|
45
|
+
fn verify(&self, public_key: Input, msg: Input, signature: Input)
|
46
|
+
-> Result<(), ()>;
|
47
|
+
}
|
48
|
+
|
49
|
+
/// Verify the signature `signature` of message `msg` with the public key
|
50
|
+
/// `public_key` using the algorithm `alg`.
|
51
|
+
///
|
52
|
+
/// # Examples
|
53
|
+
///
|
54
|
+
/// ## Verify a RSA PKCS#1 signature that uses the SHA-256 digest
|
55
|
+
///
|
56
|
+
/// ```
|
57
|
+
/// use ring::input::Input;
|
58
|
+
/// use ring::signature;
|
59
|
+
///
|
60
|
+
/// // Ideally this function should take its inputs as `Input`s instead of
|
61
|
+
/// // slices. It takes its input as slices to illustrate how to convert slices
|
62
|
+
/// // to `Input`s.
|
63
|
+
/// fn verify_rsa_pkcs1_sha256(public_key: &[u8], msg: &[u8], sig: &[u8])
|
64
|
+
/// -> Result<(), ()> {
|
65
|
+
/// let public_key = try!(Input::new(public_key));
|
66
|
+
/// let msg = try!(Input::new(msg));
|
67
|
+
/// let sig = try!(Input::new(sig));
|
68
|
+
/// signature::verify(&signature::RSA_PKCS1_2048_8192_SHA256, public_key,
|
69
|
+
/// msg, sig)
|
70
|
+
/// }
|
71
|
+
/// ```
|
72
|
+
///
|
73
|
+
/// ## Verify an Ed25519 signature
|
74
|
+
///
|
75
|
+
/// ```
|
76
|
+
/// use ring::input::Input;
|
77
|
+
/// use ring::signature;
|
78
|
+
///
|
79
|
+
/// fn verify_ed25519(public_key: Input, msg: Input, sig: Input)
|
80
|
+
/// -> Result<(), ()> {
|
81
|
+
/// signature::verify(&signature::ED25519, public_key, msg, sig)
|
82
|
+
/// }
|
83
|
+
/// ```
|
84
|
+
pub fn verify(alg: &VerificationAlgorithm, public_key: Input, msg: Input,
|
85
|
+
signature: Input) -> Result<(), ()> {
|
86
|
+
alg.verify(public_key, msg, signature)
|
87
|
+
}
|
88
|
+
|
89
|
+
|
90
|
+
/// ECDSA Signatures (ASN.1 DER encoded) with public keys in uncompressed form.
|
91
|
+
///
|
92
|
+
/// The public key will be decoded using the
|
93
|
+
/// `Octet-String-to-Elliptic-Curve-Point` algorithm in [SEC 1: Elliptic
|
94
|
+
/// Curve Cryptography, Version 2.0](http://www.secg.org/sec1-v2.pdf); it must
|
95
|
+
/// in be in uncompressed form. The signature will be parsed as a DER-encoded
|
96
|
+
/// `Ecdsa-Sig-Value` as described in [RFC 3279 Section
|
97
|
+
/// 2.2.3](https://tools.ietf.org/html/rfc3279#section-2.2.3).
|
98
|
+
pub struct ECDSA {
|
99
|
+
#[doc(hidden)]
|
100
|
+
digest_alg: &'static digest::Algorithm,
|
101
|
+
|
102
|
+
#[doc(hidden)]
|
103
|
+
ec_group_fn: unsafe extern fn() -> *const ecc::EC_GROUP,
|
104
|
+
}
|
105
|
+
|
106
|
+
impl VerificationAlgorithm for ECDSA {
|
107
|
+
fn verify(&self, public_key: Input, msg: Input, signature: Input)
|
108
|
+
-> Result<(), ()> {
|
109
|
+
let digest = digest::digest(self.digest_alg, msg.as_slice_less_safe());
|
110
|
+
let signature = signature.as_slice_less_safe();
|
111
|
+
let public_key = public_key.as_slice_less_safe();
|
112
|
+
ffi::map_bssl_result(unsafe {
|
113
|
+
ECDSA_verify_signed_digest((self.ec_group_fn)(),
|
114
|
+
digest.algorithm().nid,
|
115
|
+
digest.as_ref().as_ptr(),
|
116
|
+
digest.as_ref().len(), signature.as_ptr(),
|
117
|
+
signature.len(), public_key.as_ptr(),
|
118
|
+
public_key.len())
|
119
|
+
})
|
120
|
+
}
|
121
|
+
}
|
122
|
+
|
123
|
+
macro_rules! ecdsa {
|
124
|
+
( $VERIFY_ALGORITHM:ident, $curve_name:expr, $ec_group_fn:expr,
|
125
|
+
$digest_alg_name:expr, $digest_alg:expr ) => {
|
126
|
+
#[doc="ECDSA signatures using the "]
|
127
|
+
#[doc=$curve_name]
|
128
|
+
#[doc=" curve and the "]
|
129
|
+
#[doc=$digest_alg_name]
|
130
|
+
#[doc=" digest algorithm."]
|
131
|
+
///
|
132
|
+
/// See the documentation for `ECDSA` for details of how the public key
|
133
|
+
/// and signature are encoded.
|
134
|
+
pub static $VERIFY_ALGORITHM: ECDSA = ECDSA {
|
135
|
+
digest_alg: $digest_alg,
|
136
|
+
ec_group_fn: $ec_group_fn,
|
137
|
+
};
|
138
|
+
}
|
139
|
+
}
|
140
|
+
|
141
|
+
ecdsa!(ECDSA_P256_SHA1, "P-256 (secp256r1)", ecc::EC_GROUP_P256, "SHA-1",
|
142
|
+
&digest::SHA1);
|
143
|
+
ecdsa!(ECDSA_P256_SHA256, "P-256 (secp256r1)", ecc::EC_GROUP_P256, "SHA-256",
|
144
|
+
&digest::SHA256);
|
145
|
+
ecdsa!(ECDSA_P256_SHA384, "P-256 (secp256r1)", ecc::EC_GROUP_P256, "SHA-384",
|
146
|
+
&digest::SHA384);
|
147
|
+
ecdsa!(ECDSA_P256_SHA512, "P-256 (secp256r1)", ecc::EC_GROUP_P256, "SHA-512",
|
148
|
+
&digest::SHA512);
|
149
|
+
|
150
|
+
ecdsa!(ECDSA_P384_SHA1, "P-384 (secp384r1)", ecc::EC_GROUP_P384, "SHA-1",
|
151
|
+
&digest::SHA1);
|
152
|
+
ecdsa!(ECDSA_P384_SHA256, "P-384 (secp384r1)", ecc::EC_GROUP_P384, "SHA-256",
|
153
|
+
&digest::SHA256);
|
154
|
+
ecdsa!(ECDSA_P384_SHA384, "P-384 (secp384r1)", ecc::EC_GROUP_P384, "SHA-384",
|
155
|
+
&digest::SHA384);
|
156
|
+
ecdsa!(ECDSA_P384_SHA512, "P-384 (secp384r1)", ecc::EC_GROUP_P384, "SHA-512",
|
157
|
+
&digest::SHA512);
|
158
|
+
|
159
|
+
ecdsa!(ECDSA_P521_SHA1, "P-521 (secp521r1)", ecc::EC_GROUP_P521, "SHA-1",
|
160
|
+
&digest::SHA1);
|
161
|
+
ecdsa!(ECDSA_P521_SHA256, "P-521 (secp521r1)", ecc::EC_GROUP_P521, "SHA-256",
|
162
|
+
&digest::SHA256);
|
163
|
+
ecdsa!(ECDSA_P521_SHA384, "P-521 (secp521r1)", ecc::EC_GROUP_P521, "SHA-384",
|
164
|
+
&digest::SHA384);
|
165
|
+
ecdsa!(ECDSA_P521_SHA512, "P-521 (secp521r1)", ecc::EC_GROUP_P521, "SHA-512",
|
166
|
+
&digest::SHA512);
|
167
|
+
|
168
|
+
|
169
|
+
/// EdDSA signatures.
|
170
|
+
pub struct EdDSA {
|
171
|
+
#[doc(hidden)]
|
172
|
+
_unused: u8, // XXX: Stable Rust doesn't allow empty structs.
|
173
|
+
}
|
174
|
+
|
175
|
+
/// [Ed25519](http://ed25519.cr.yp.to/) signatures.
|
176
|
+
///
|
177
|
+
/// Ed25519 uses SHA-512 as the digest algorithm.
|
178
|
+
pub static ED25519: EdDSA = EdDSA {
|
179
|
+
_unused: 1,
|
180
|
+
};
|
181
|
+
|
182
|
+
#[cfg(test)]
|
183
|
+
fn ed25519_sign(private_key: &[u8], msg: &[u8], signature: &mut [u8])
|
184
|
+
-> Result<(), ()> {
|
185
|
+
if private_key.len() != 64 || signature.len() != 64 {
|
186
|
+
return Err(());
|
187
|
+
}
|
188
|
+
ffi::map_bssl_result(unsafe {
|
189
|
+
ED25519_sign(signature.as_mut_ptr(), msg.as_ptr(), msg.len(),
|
190
|
+
private_key.as_ptr())
|
191
|
+
})
|
192
|
+
}
|
193
|
+
|
194
|
+
impl VerificationAlgorithm for EdDSA {
|
195
|
+
fn verify(&self, public_key: Input, msg: Input, signature: Input)
|
196
|
+
-> Result<(), ()> {
|
197
|
+
let public_key = public_key.as_slice_less_safe();
|
198
|
+
if public_key.len() != 32 || signature.len() != 64 {
|
199
|
+
return Err(())
|
200
|
+
}
|
201
|
+
let msg = msg.as_slice_less_safe();
|
202
|
+
let signature = signature.as_slice_less_safe();
|
203
|
+
ffi::map_bssl_result(unsafe {
|
204
|
+
ED25519_verify(msg.as_ptr(), msg.len(), signature.as_ptr(),
|
205
|
+
public_key.as_ptr())
|
206
|
+
})
|
207
|
+
}
|
208
|
+
}
|
209
|
+
|
210
|
+
|
211
|
+
/// RSA PKCS#1 1.5 signatures.
|
212
|
+
#[allow(non_camel_case_types)]
|
213
|
+
pub struct RSA_PKCS1 {
|
214
|
+
#[doc(hidden)]
|
215
|
+
digest_alg: &'static digest::Algorithm,
|
216
|
+
|
217
|
+
#[doc(hidden)]
|
218
|
+
min_bits: usize,
|
219
|
+
}
|
220
|
+
|
221
|
+
impl VerificationAlgorithm for RSA_PKCS1 {
|
222
|
+
fn verify(&self, public_key: Input, msg: Input, signature: Input)
|
223
|
+
-> Result<(), ()> {
|
224
|
+
let digest = digest::digest(self.digest_alg, msg.as_slice_less_safe());
|
225
|
+
let signature = signature.as_slice_less_safe();
|
226
|
+
let public_key = public_key.as_slice_less_safe();
|
227
|
+
ffi::map_bssl_result(unsafe {
|
228
|
+
RSA_verify_pkcs1_signed_digest(self.min_bits, 8192,
|
229
|
+
digest.algorithm().nid,
|
230
|
+
digest.as_ref().as_ptr(),
|
231
|
+
digest.as_ref().len(),
|
232
|
+
signature.as_ptr(), signature.len(),
|
233
|
+
public_key.as_ptr(), public_key.len())
|
234
|
+
})
|
235
|
+
}
|
236
|
+
}
|
237
|
+
|
238
|
+
macro_rules! rsa_pkcs1 {
|
239
|
+
( $VERIFY_ALGORITHM:ident, $min_bits:expr, $min_bits_str:expr,
|
240
|
+
$digest_alg_name:expr, $digest_alg:expr ) => {
|
241
|
+
#[doc="RSA PKCS#1 1.5 signatures of "]
|
242
|
+
#[doc=$min_bits_str]
|
243
|
+
#[doc="-8192 bits "]
|
244
|
+
#[doc="using the "]
|
245
|
+
#[doc=$digest_alg_name]
|
246
|
+
#[doc=" digest algorithm."]
|
247
|
+
pub static $VERIFY_ALGORITHM: RSA_PKCS1 = RSA_PKCS1 {
|
248
|
+
digest_alg: $digest_alg,
|
249
|
+
min_bits: $min_bits
|
250
|
+
};
|
251
|
+
}
|
252
|
+
}
|
253
|
+
|
254
|
+
rsa_pkcs1!(RSA_PKCS1_2048_8192_SHA1, 2048, "2048", "SHA-1", &digest::SHA1);
|
255
|
+
rsa_pkcs1!(RSA_PKCS1_2048_8192_SHA256, 2048, "2048", "SHA-256", &digest::SHA256);
|
256
|
+
rsa_pkcs1!(RSA_PKCS1_2048_8192_SHA384, 2048, "2048", "SHA-384", &digest::SHA384);
|
257
|
+
rsa_pkcs1!(RSA_PKCS1_2048_8192_SHA512, 2048, "2048", "SHA-512", &digest::SHA512);
|
258
|
+
|
259
|
+
rsa_pkcs1!(RSA_PKCS1_3072_8192_SHA384, 3072, "3072", "SHA-384", &digest::SHA384);
|
260
|
+
|
261
|
+
|
262
|
+
extern {
|
263
|
+
fn ECDSA_verify_signed_digest(group: *const ecc::EC_GROUP, hash_nid: c::int,
|
264
|
+
digest: *const u8, digest_len: c::size_t,
|
265
|
+
sig_der: *const u8, sig_der_len: c::size_t,
|
266
|
+
key_octets: *const u8,
|
267
|
+
key_octets_len: c::size_t) -> c::int;
|
268
|
+
|
269
|
+
#[cfg(test)]
|
270
|
+
fn ED25519_sign(out_sig: *mut u8/*[64]*/, message: *const u8,
|
271
|
+
message_len: c::size_t, private_key: *const u8/*[64]*/)
|
272
|
+
-> c::int;
|
273
|
+
|
274
|
+
fn ED25519_verify(message: *const u8, message_len: c::size_t,
|
275
|
+
signature: *const u8/*[64]*/,
|
276
|
+
public_key: *const u8/*[32]*/) -> c::int;
|
277
|
+
|
278
|
+
fn RSA_verify_pkcs1_signed_digest(min_bits: usize, max_bits: usize,
|
279
|
+
digest_nid: c::int, digest: *const u8,
|
280
|
+
digest_len: c::size_t, sig: *const u8,
|
281
|
+
sig_len: c::size_t, key_der: *const u8,
|
282
|
+
key_der_len: c::size_t) -> c::int;
|
283
|
+
}
|
284
|
+
|
285
|
+
#[cfg(test)]
|
286
|
+
mod tests {
|
287
|
+
use super::{ed25519_sign, ED25519, verify};
|
288
|
+
use super::super::file_test;
|
289
|
+
use super::super::input::Input;
|
290
|
+
|
291
|
+
/// Test vectors from BoringSSL.
|
292
|
+
#[test]
|
293
|
+
fn test_ed25519() {
|
294
|
+
file_test::run("src/ed25519_tests.txt", |section, test_case| {
|
295
|
+
assert_eq!(section, "");
|
296
|
+
let private_key = test_case.consume_bytes("PRIV");
|
297
|
+
assert_eq!(64, private_key.len());
|
298
|
+
let public_key = test_case.consume_bytes("PUB");
|
299
|
+
assert_eq!(32, public_key.len());
|
300
|
+
let msg = test_case.consume_bytes("MESSAGE");
|
301
|
+
let expected_sig = test_case.consume_bytes("SIG");
|
302
|
+
|
303
|
+
let mut actual_sig = [0u8; 64];
|
304
|
+
assert!(ed25519_sign(&private_key, &msg, &mut actual_sig).is_ok());
|
305
|
+
assert_eq!(&expected_sig[..], &actual_sig[..]);
|
306
|
+
|
307
|
+
let public_key = Input::new(&public_key).unwrap();
|
308
|
+
let msg = Input::new(&msg).unwrap();
|
309
|
+
let expected_sig = Input::new(&expected_sig).unwrap();
|
310
|
+
|
311
|
+
assert!(verify(&ED25519, public_key, msg, expected_sig).is_ok());
|
312
|
+
});
|
313
|
+
}
|
314
|
+
}
|