rustls 0.1.0

Rustls is a modern TLS library written in Rust.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

use msgs::enums::{HashAlgorithm, SignatureAlgorithm};
use untrusted;
use ring;

/// A thing that can sign a message.
pub trait Signer {
  /// Signs `message`, hashing it with `hash_alg` first.
  fn sign(&self, hash_alg: &HashAlgorithm, message: &[u8]) -> Result<Vec<u8>, ()>;

  /// What kind of key we have.
  fn algorithm(&self) -> SignatureAlgorithm;
}

/// A Signer for RSA-PKCS1
pub struct RSASigner {
  key: ring::signature::RSAKeyPair
}

impl RSASigner {
  pub fn new(der: &[u8]) -> Result<RSASigner, ()> {
    let key = ring::signature::RSAKeyPair::from_der(untrusted::Input::from(der));
    key
      .map(|k| RSASigner { key: k })
      .map_err(|_| ())
  }
}

impl Signer for RSASigner {
  fn sign(&self, hash_alg: &HashAlgorithm, message: &[u8]) -> Result<Vec<u8>, ()> {
    let mut sig = vec![0; self.key.public_modulus_len()];
    let pad = match hash_alg {
      &HashAlgorithm::SHA256 => &ring::signature::RSA_PKCS1_SHA256,
      &HashAlgorithm::SHA384 => &ring::signature::RSA_PKCS1_SHA384,
      &HashAlgorithm::SHA512 => &ring::signature::RSA_PKCS1_SHA512,
      _ => unreachable!()
    };
    let rng = ring::rand::SystemRandom::new();
    self.key.sign(pad, &rng, message, &mut sig)
      .map(|_| sig)
      .map_err(|_| ())
  }

  fn algorithm(&self) -> SignatureAlgorithm {
    SignatureAlgorithm::RSA
  }
}