|
|
@ -449,13 +449,13 @@ mod tests
|
|
|
|
struct Dec(rsa::RsaPrivateKey);
|
|
|
|
struct Dec(rsa::RsaPrivateKey);
|
|
|
|
struct Enc(rsa::RsaPublicKey);
|
|
|
|
struct Enc(rsa::RsaPublicKey);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
impl MessageSender for Enc
|
|
|
|
impl MessageSender for Enc
|
|
|
|
{
|
|
|
|
{
|
|
|
|
const CAP_ENCRYPT: bool = true;
|
|
|
|
const CAP_ENCRYPT: bool = true;
|
|
|
|
|
|
|
|
|
|
|
|
fn encrypt_key(&self, key: &aes::AesKey) -> Option<[u8; RSA_BLOCK_SIZE]> {
|
|
|
|
fn encrypt_key(&self, key: &aes::AesKey) -> Option<[u8; RSA_BLOCK_SIZE]> {
|
|
|
|
let mut output = [0u8; RSA_BLOCK_SIZE];
|
|
|
|
let mut output = [0u8; RSA_BLOCK_SIZE];
|
|
|
|
use rsa::HasPublicComponents;
|
|
|
|
|
|
|
|
let w = rsa::encrypt_slice_sync(key, &self.0, &mut &mut output[..]).expect("Failed to encrypt session key");
|
|
|
|
let w = rsa::encrypt_slice_sync(key, &self.0, &mut &mut output[..]).expect("Failed to encrypt session key");
|
|
|
|
assert_eq!(w, output.len());
|
|
|
|
assert_eq!(w, output.len());
|
|
|
|
|
|
|
|
|
|
|
@ -474,11 +474,58 @@ mod tests
|
|
|
|
Some(Ok(output))
|
|
|
|
Some(Ok(output))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
let enc = Enc(rsa_priv.get_public_parts());
|
|
|
|
let enc = Enc(rsa_priv.get_public_parts());
|
|
|
|
println!("Encrypting pub-key: {:?}", enc.0);
|
|
|
|
println!("Encrypting pub-key: {:?}", enc.0);
|
|
|
|
println!("Decrypting priv-key: {:?}", rsa_priv);
|
|
|
|
println!("Decrypting priv-key: {:?}", rsa_priv);
|
|
|
|
message_serial_generic(enc, Dec(rsa_priv));
|
|
|
|
message_serial_generic(enc, Dec(rsa_priv));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
|
|
|
|
fn message_serial_encrypt_sign()
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
let rsa_priv = rsa::RsaPrivateKey::generate().unwrap();
|
|
|
|
|
|
|
|
let rsa_priv2 = rsa::RsaPrivateKey::generate().unwrap();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
struct Dec(rsa::RsaPrivateKey, rsa::RsaPublicKey);
|
|
|
|
|
|
|
|
struct Enc(rsa::RsaPublicKey, rsa::RsaPrivateKey);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
impl MessageSender for Enc
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
const CAP_ENCRYPT: bool = true;
|
|
|
|
|
|
|
|
const CAP_SIGN: bool = true;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
fn sign_data(&self, data: &[u8]) -> Option<rsa::Signature> {
|
|
|
|
|
|
|
|
Some(rsa::sign_slice(data, &self.1).expect("Failed to sign"))
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
fn encrypt_key(&self, key: &aes::AesKey) -> Option<[u8; RSA_BLOCK_SIZE]> {
|
|
|
|
|
|
|
|
let mut output = [0u8; RSA_BLOCK_SIZE];
|
|
|
|
|
|
|
|
let w = rsa::encrypt_slice_sync(key, &self.0, &mut &mut output[..]).expect("Failed to encrypt session key");
|
|
|
|
|
|
|
|
assert_eq!(w, output.len());
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Some(output)
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
impl MessageReceiver for Dec
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
fn verify_data(&self, data: &[u8], sig: &rsa::Signature) -> Option<eyre::Result<bool>> {
|
|
|
|
|
|
|
|
Some(sig.verify_slice(data, &self.1).map_err(Into::into))
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
fn decrypt_key(&self, enc_key: &[u8; RSA_BLOCK_SIZE]) -> Option<eyre::Result<aes::AesKey>> {
|
|
|
|
|
|
|
|
let mut output = aes::AesKey::empty();
|
|
|
|
|
|
|
|
match rsa::decrypt_slice_sync(enc_key, &self.0, &mut output.as_mut()) {
|
|
|
|
|
|
|
|
Ok(sz) => assert_eq!(sz,
|
|
|
|
|
|
|
|
output.as_ref().len()),
|
|
|
|
|
|
|
|
Err(err) => return Some(Err(err.into())),
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
Some(Ok(output))
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
let enc = Enc(rsa_priv.get_public_parts(), rsa_priv2.clone());
|
|
|
|
|
|
|
|
println!("Encrypting pub-key: {:?}", enc.0);
|
|
|
|
|
|
|
|
println!("Decrypting priv-key: {:?}", rsa_priv);
|
|
|
|
|
|
|
|
message_serial_generic(enc, Dec(rsa_priv, rsa_priv2.get_public_parts()));
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
#[test]
|
|
|
|
fn rsa_bullshit()
|
|
|
|
fn rsa_bullshit()
|
|
|
|