rama-boring 0.6.0

BoringSSL bindings for Rama
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131

use openssl_macros::corresponds;

use crate::cvt;
use crate::error::ErrorStack;
use crate::foreign_types::ForeignTypeRef;
use crate::hash::MessageDigest;

foreign_type_and_impl_send_sync! {
    type CType = ffi::HMAC_CTX;
    fn drop = ffi::HMAC_CTX_free;

    pub struct HmacCtx;
}

impl HmacCtxRef {
    /// Configures HmacCtx to use `md` as the hash function and `key` as the key.
    ///
    #[corresponds(HMAC_Init_ex)]
    pub fn init(&mut self, key: &[u8], md: &MessageDigest) -> Result<(), ErrorStack> {
        ffi::init();

        unsafe {
            cvt(ffi::HMAC_Init_ex(
                self.as_ptr(),
                key.as_ptr().cast(),
                key.len(),
                md.as_ptr(),
                // ENGINE api is deprecated
                core::ptr::null_mut(),
            ))
        }
    }
}

/// Provides an init-update-finalize API for HMAC.
pub struct Hmac(*mut ffi::HMAC_CTX);

impl Hmac {
    /// Creates a new HMAC object with the given key and hash algorithm.
    pub fn init(key: &[u8], md: &MessageDigest) -> Result<Hmac, ErrorStack> {
        ffi::init();

        let ctx = unsafe {
            let ctx = ffi::HMAC_CTX_new();
            cvt(ffi::HMAC_Init_ex(
                ctx,
                key.as_ptr().cast(),
                key.len(),
                md.as_ptr(),
                // ENGINE api is deprecated
                core::ptr::null_mut(),
            ))?;
            ctx
        };

        Ok(Hmac(ctx))
    }

    /// Updates the HMAC input.
    pub fn update(&mut self, data: &[u8]) -> Result<(), ErrorStack> {
        unsafe { cvt(ffi::HMAC_Update(self.0, data.as_ptr().cast(), data.len())) }
    }

    /// Finalizes the HMAC and returns the output.
    pub fn finalize(self) -> Result<Vec<u8>, ErrorStack> {
        let out_len = unsafe { ffi::HMAC_size(self.0) };
        let mut out = vec![0; out_len];
        unsafe {
            cvt(ffi::HMAC_Final(
                self.0,
                out.as_mut_ptr().cast(),
                // ENGINE api is deprecated
                core::ptr::null_mut(),
            ))?;
        }
        Ok(out)
    }
}

impl Drop for Hmac {
    fn drop(&mut self) {
        unsafe { ffi::HMAC_CTX_free(self.0) }
    }
}

#[cfg(test)]
mod tests {
    use crate::hash;

    use super::*;

    fn test<const N: usize>(md: MessageDigest) {
        assert_eq!(N, md.size());
        let key = vec![0; N];
        let message_parts = [
            b"hello".to_vec(),
            b"world!".to_vec(),
            b"".to_vec(),
            vec![0; 23],
            b"fella guy".to_vec(),
        ];
        let message = message_parts.concat();

        let mut hmac = Hmac::init(&key, &md).unwrap();
        for part in &message_parts {
            hmac.update(part).unwrap();
        }
        let res = hmac.finalize().unwrap();
        assert_eq!(res, hash::hmac::<N>(md, &key, &message).unwrap());
    }

    #[test]
    fn test_sha1() {
        test::<20>(MessageDigest::sha1());
    }

    #[test]
    fn test_sha256() {
        test::<32>(MessageDigest::sha256());
    }

    #[test]
    fn test_sha384() {
        test::<48>(MessageDigest::sha384());
    }

    #[test]
    fn test_sha512() {
        test::<64>(MessageDigest::sha512());
    }
}