use libc::c_int;
use std::ptr;
-use ffi;
-use cvt;
-use hash::MessageDigest;
-use symm::Cipher;
-use error::ErrorStack;
+use crate::cvt;
+use crate::error::ErrorStack;
+use crate::hash::MessageDigest;
+use crate::symm::Cipher;
+use openssl_macros::corresponds;
#[derive(Clone, Eq, PartialEq, Hash, Debug)]
pub struct KeyIvPair {
///
/// New applications should not use this and instead use
/// `pbkdf2_hmac` or another more modern key derivation algorithm.
+#[corresponds(EVP_BytesToKey)]
+#[allow(clippy::useless_conversion)]
pub fn bytes_to_key(
cipher: Cipher,
digest: MessageDigest,
))?;
let mut key = vec![0; len as usize];
- let iv_ptr = iv.as_mut()
+ let iv_ptr = iv
+ .as_mut()
.map(|v| v.as_mut_ptr())
.unwrap_or(ptr::null_mut());
iv_ptr,
))?;
- Ok(KeyIvPair { key: key, iv: iv })
+ Ok(KeyIvPair { key, iv })
}
}
/// Derives a key from a password and salt using the PBKDF2-HMAC algorithm with a digest function.
+#[corresponds(PKCS5_PBKDF2_HMAC)]
pub fn pbkdf2_hmac(
pass: &[u8],
salt: &[u8],
hash.as_ptr(),
key.len() as c_int,
key.as_mut_ptr(),
- )).map(|_| ())
+ ))
+ .map(|_| ())
}
}
/// Derives a key from a password and salt using the scrypt algorithm.
///
/// Requires OpenSSL 1.1.0 or newer.
+#[corresponds(EVP_PBE_scrypt)]
#[cfg(any(ossl110))]
pub fn scrypt(
pass: &[u8],
maxmem,
key.as_mut_ptr() as *mut _,
key.len(),
- )).map(|_| ())
+ ))
+ .map(|_| ())
}
}
#[cfg(test)]
mod tests {
- use hash::MessageDigest;
- use symm::Cipher;
+ use crate::hash::MessageDigest;
+ use crate::symm::Cipher;
// Test vectors from
// https://git.lysator.liu.se/nettle/nettle/blob/nettle_3.1.1_release_20150424/testsuite/pbkdf2-test.c
80000,
MessageDigest::sha256(),
&mut buf,
- ).unwrap();
+ )
+ .unwrap();
assert_eq!(
buf,
&[
1,
MessageDigest::sha512(),
&mut buf,
- ).unwrap();
+ )
+ .unwrap();
assert_eq!(
&buf[..],
&[
50,
MessageDigest::sha512(),
&mut buf,
- ).unwrap();
+ )
+ .unwrap();
assert_eq!(
&buf[..],
&[
&data,
Some(&salt),
1,
- ).unwrap(),
+ )
+ .unwrap(),
super::KeyIvPair {
key: expected_key,
iv: Some(expected_iv),
#[test]
#[cfg(any(ossl110))]
fn scrypt() {
- use hex;
-
let pass = "pleaseletmein";
let salt = "SodiumChloride";
let expected =
1,
0,
&mut actual,
- ).unwrap();
+ )
+ .unwrap();
assert_eq!(hex::encode(&actual[..]), expected);
}
}