From 37442b45938bd2077f208251c751ae02cdea6261 Mon Sep 17 00:00:00 2001 From: Mike Mulchrone Date: Wed, 23 Jul 2025 20:53:40 -0400 Subject: [PATCH 1/4] developer comments for digital signature --- src/digital_signature/sha_256_ed25519.rs | 4 ++++ src/digital_signature/sha_256_rsa.rs | 6 ++++++ src/digital_signature/sha_512_ed25519.rs | 4 ++++ src/digital_signature/sha_512_rsa.rs | 6 ++++++ 4 files changed, 20 insertions(+) diff --git a/src/digital_signature/sha_256_ed25519.rs b/src/digital_signature/sha_256_ed25519.rs index 50426b4..ef30571 100644 --- a/src/digital_signature/sha_256_ed25519.rs +++ b/src/digital_signature/sha_256_ed25519.rs @@ -11,6 +11,7 @@ use super::cas_digital_signature_rsa::{ pub struct SHA256ED25519DigitalSignature; impl ED25519DigitalSignature for SHA256ED25519DigitalSignature { + /// Creates a digital signature using SHA-256 as the hashing algorithm and Ed25519-Dalek as the signing algorithm. fn digital_signature_ed25519(data_to_sign: Vec) -> SHAED25519DalekDigitalSignatureResult { let mut hasher = Sha3_256::new(); hasher.update(data_to_sign); @@ -25,6 +26,7 @@ impl ED25519DigitalSignature for SHA256ED25519DigitalSignature { result } + /// Verifys a digital signature using SHA-256 as the hashing algorithm and Ed25519-Dalek as the verification algorithm. fn digital_signature_ed25519_verify( public_key: Vec, data_to_verify: Vec, @@ -37,6 +39,7 @@ impl ED25519DigitalSignature for SHA256ED25519DigitalSignature { return ed25519_verify_with_public_key(public_key, signature, sha_hash_bytes); } + /// Creates a digital signature using SHA-256 as the hashing algorithm and Ed25519-Dalek as the signing algorithm on the threadpool. fn digital_signature_ed25519_threadpool(data_to_sign: Vec) -> SHAED25519DalekDigitalSignatureResult { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -47,6 +50,7 @@ impl ED25519DigitalSignature for SHA256ED25519DigitalSignature { result } + /// Verifys a digital signature using SHA-256 as the hashing algorithm and Ed25519-Dalek as the verification algorithm on the threadpool. fn digital_signature_ed25519_verify_threadpool(public_key: Vec, data_to_verify: Vec, signature: Vec) -> bool { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { diff --git a/src/digital_signature/sha_256_rsa.rs b/src/digital_signature/sha_256_rsa.rs index 49a1c97..17a1613 100644 --- a/src/digital_signature/sha_256_rsa.rs +++ b/src/digital_signature/sha_256_rsa.rs @@ -14,6 +14,7 @@ use super::cas_digital_signature_rsa::{RSADigitalSignatureResult, RSADigitalSign pub struct SHA256RSADigitalSignature; impl RSADigitalSignature for SHA256RSADigitalSignature { + /// Creates a digital signature using SHA-256 as the hashing algorithm and RSA as the signing algorithm. fn digital_signature_rsa( rsa_key_size: u32, data_to_sign: Vec, @@ -42,6 +43,7 @@ impl RSADigitalSignature for SHA256RSADigitalSignature { result } + /// Creates a digital signature using SHA-256 as the hashing algorithm and RSA as the signing algorithm on the threadpool. fn digital_signature_rsa_threadpool(rsa_key_size: u32, data_to_sign: Vec) -> RSADigitalSignatureResult { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -52,6 +54,8 @@ impl RSADigitalSignature for SHA256RSADigitalSignature { result } + /// Verifys a digital signature using SHA-256 as the hashing algorithm and RSA as the verification algorithm. + /// The public key is expected to be in PEM format. fn verify_rsa(public_key: String, data_to_verify: Vec, signature: Vec) -> bool { let mut hasher = Sha3_256::new(); hasher.update(data_to_verify); @@ -69,6 +73,8 @@ impl RSADigitalSignature for SHA256RSADigitalSignature { } } + /// Verifys a digital signature using SHA-256 as the hashing algorithm and RSA as the verification algorithm on the threadpool. + /// The public key is expected to be in PEM format. fn verify_rsa_threadpool(public_key: String, data_to_verify: Vec, signature: Vec) -> bool { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { diff --git a/src/digital_signature/sha_512_ed25519.rs b/src/digital_signature/sha_512_ed25519.rs index d0c58a9..34b4f8e 100644 --- a/src/digital_signature/sha_512_ed25519.rs +++ b/src/digital_signature/sha_512_ed25519.rs @@ -11,6 +11,7 @@ use super::cas_digital_signature_rsa::{ pub struct SHA512ED25519DigitalSignature; impl ED25519DigitalSignature for SHA512ED25519DigitalSignature { + /// Creates a digital signature using SHA-512 as the hashing algorithm and Ed25519-Dalek as the signing algorithm. fn digital_signature_ed25519( data_to_sign: Vec, ) -> SHAED25519DalekDigitalSignatureResult { @@ -28,6 +29,7 @@ impl ED25519DigitalSignature for SHA512ED25519DigitalSignature { result } + /// Verifys a digital signature using SHA-512 as the hashing algorithm and Ed25519-Dalek as the verification algorithm. fn digital_signature_ed25519_verify( public_key: Vec, data_to_verify: Vec, @@ -40,6 +42,7 @@ impl ED25519DigitalSignature for SHA512ED25519DigitalSignature { return ed25519_verify_with_public_key(public_key, signature, sha_hash_bytes); } + /// Creates a digital signature using SHA-512 as the hashing algorithm and Ed25519-Dalek as the signing algorithm on the threadpool. fn digital_signature_ed25519_threadpool(data_to_sign: Vec) -> SHAED25519DalekDigitalSignatureResult { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -50,6 +53,7 @@ impl ED25519DigitalSignature for SHA512ED25519DigitalSignature { result } + /// Verifys a digital signature using SHA-512 as the hashing algorithm and Ed25519-Dalek as the verification algorithm on the threadpool. fn digital_signature_ed25519_verify_threadpool(public_key: Vec, data_to_verify: Vec, signature: Vec) -> bool { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { diff --git a/src/digital_signature/sha_512_rsa.rs b/src/digital_signature/sha_512_rsa.rs index 1487edf..9169b74 100644 --- a/src/digital_signature/sha_512_rsa.rs +++ b/src/digital_signature/sha_512_rsa.rs @@ -13,6 +13,7 @@ use super::cas_digital_signature_rsa::{RSADigitalSignatureResult, RSADigitalSign pub struct SHA512RSADigitalSignature; impl RSADigitalSignature for SHA512RSADigitalSignature { + /// Creates a digital signature using SHA-512 as the hashing algorithm and RSA as the signing algorithm. fn digital_signature_rsa( rsa_key_size: u32, data_to_sign: Vec, @@ -41,6 +42,7 @@ impl RSADigitalSignature for SHA512RSADigitalSignature { result } + /// Creates a digital signature using SHA-512 as the hashing algorithm and RSA as the signing algorithm on the threadpool. fn digital_signature_rsa_threadpool(rsa_key_size: u32, data_to_sign: Vec) -> RSADigitalSignatureResult { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -51,6 +53,8 @@ impl RSADigitalSignature for SHA512RSADigitalSignature { result } + /// Verifys a digital signature using SHA-512 as the hashing algorithm and RSA as the verification algorithm. + /// The public key is expected to be in PEM format. fn verify_rsa(public_key: String, data_to_verify: Vec, signature: Vec) -> bool { let mut hasher = Sha3_512::new(); hasher.update(data_to_verify); @@ -68,6 +72,8 @@ impl RSADigitalSignature for SHA512RSADigitalSignature { } } + /// Verifys a digital signature using SHA-512 as the hashing algorithm and RSA as the verification algorithm on the threadpool. + /// The public key is expected to be in PEM format. fn verify_rsa_threadpool(public_key: String, data_to_verify: Vec, signature: Vec) -> bool { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { From 275e9ae26fff737f453b89d03b103f6ce564e251 Mon Sep 17 00:00:00 2001 From: Mike Mulchrone Date: Wed, 23 Jul 2025 20:55:08 -0400 Subject: [PATCH 2/4] zstd developer comments --- src/compression/zstd.rs | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/compression/zstd.rs b/src/compression/zstd.rs index 91a991d..b982476 100644 --- a/src/compression/zstd.rs +++ b/src/compression/zstd.rs @@ -1,5 +1,8 @@ use std::{io::Cursor, sync::mpsc}; +/// Compresses data using Zstandard compression algorithm. +/// The `level` parameter controls the compression level (0-22). +/// Higher levels result in better compression but slower performance. pub fn compress(data_to_compress: Vec, level: i32) -> Vec { let cursor = Cursor::new(data_to_compress); let mut compressed_data = Vec::new(); @@ -7,6 +10,9 @@ pub fn compress(data_to_compress: Vec, level: i32) -> Vec { compressed_data } +/// Compresses data using Zstandard compression algorithm on the threadpool. +/// The `level` parameter controls the compression level (0-22). +/// Higher levels result in better compression but slower performance. pub fn compress_threadpool(data_to_compress: Vec, level: i32) -> Vec { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -17,6 +23,7 @@ pub fn compress_threadpool(data_to_compress: Vec, level: i32) -> Vec { result } +/// Decompresses data using Zstandard decompression algorithm. pub fn decompress(data_to_decompress: Vec) -> Vec { let mut cursor = Cursor::new(data_to_decompress); let mut decompressed_data = Vec::new(); @@ -24,6 +31,7 @@ pub fn decompress(data_to_decompress: Vec) -> Vec { decompressed_data } +/// Decompresses data using Zstandard decompression algorithm on the threadpool. pub fn decompress_threadpool(data_to_decompress: Vec) -> Vec { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { From f1d852cf943b5e7e8ba4bcbd65960b0a42ac8d78 Mon Sep 17 00:00:00 2001 From: Mike Mulchrone Date: Wed, 23 Jul 2025 21:02:59 -0400 Subject: [PATCH 3/4] rest of developer comments --- src/hashers/blake2.rs | 16 ++++++++++++++++ src/hashers/sha.rs | 16 ++++++++++++++++ src/hybrid/hpke.rs | 8 ++++++++ src/key_exchange/x25519.rs | 14 ++++++++++++++ src/message/hmac.rs | 8 ++++++++ src/password_hashers/argon2.rs | 17 +++++++++++++++++ src/password_hashers/bcrypt.rs | 8 ++++++++ src/password_hashers/pbkdf2.rs | 4 ++++ src/password_hashers/scrypt.rs | 8 ++++++++ src/signatures/ed25519.rs | 21 ++++++++++++++++++++- 10 files changed, 119 insertions(+), 1 deletion(-) diff --git a/src/hashers/blake2.rs b/src/hashers/blake2.rs index ce60fa7..3442fc3 100644 --- a/src/hashers/blake2.rs +++ b/src/hashers/blake2.rs @@ -6,6 +6,8 @@ use blake2::{Blake2b512, Blake2s256, Digest}; pub struct CASBlake2; impl CASHasher for CASBlake2 { + /// Hashes data using the Blake2b-512 algorithm. + /// Returns the hash as a vector of bytes. fn hash_512(data_to_hash: Vec) -> Vec { let mut hasher = Blake2b512::new(); hasher.update(data_to_hash); @@ -13,6 +15,8 @@ impl CASHasher for CASBlake2 { return result.to_vec(); } + /// Verifies a hash using the Blake2b-512 algorithm. + /// Returns true if the hash matches the data, false otherwise. fn verify_512(hash_to_verify: Vec, data_to_verify: Vec) -> bool { let mut hasher = Blake2b512::new(); hasher.update(data_to_verify); @@ -20,6 +24,8 @@ impl CASHasher for CASBlake2 { return hash_to_verify.eq(&result.to_vec()); } + /// Hashes data using the Blake2s-256 algorithm. + /// Returns the hash as a vector of bytes. fn hash_256(data_to_hash: Vec) -> Vec { let mut hasher = Blake2s256::new(); hasher.update(data_to_hash); @@ -27,6 +33,8 @@ impl CASHasher for CASBlake2 { return result.to_vec(); } + /// Verifies a hash using the Blake2s-256 algorithm. + /// Returns true if the hash matches the data, false otherwise. fn verify_256(hash_to_verify: Vec, data_to_verify: Vec) -> bool { let mut hasher = Blake2s256::new(); hasher.update(data_to_verify); @@ -34,6 +42,8 @@ impl CASHasher for CASBlake2 { return hash_to_verify.eq(&result.to_vec()); } + /// Hashes data using the Blake2b-512 algorithm on the threadpool. + /// Returns the hash as a vector of bytes. fn hash_512_threadpool(data_to_hash: Vec) -> Vec { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -44,6 +54,8 @@ impl CASHasher for CASBlake2 { result } + /// Verifies a hash using the Blake2b-512 algorithm on the threadpool. + /// Returns true if the hash matches the data, false otherwise. fn verify_512_threadpool(hash_to_verify: Vec, data_to_verify: Vec) -> bool { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -54,6 +66,8 @@ impl CASHasher for CASBlake2 { result } + /// Hashes data using the Blake2s-256 algorithm on the threadpool. + /// Returns the hash as a vector of bytes. fn hash_256_threadpool(data_to_hash: Vec) -> Vec { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -64,6 +78,8 @@ impl CASHasher for CASBlake2 { result } + /// Verifies a hash using the Blake2s-256 algorithm on the threadpool. + /// Returns true if the hash matches the data, false otherwise. fn verify_256_threadpool(hash_to_verify: Vec, data_to_verify: Vec) -> bool { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { diff --git a/src/hashers/sha.rs b/src/hashers/sha.rs index 485298b..d68d810 100644 --- a/src/hashers/sha.rs +++ b/src/hashers/sha.rs @@ -5,6 +5,8 @@ use sha3::{Digest, Sha3_256, Sha3_512}; pub struct CASSHA; impl CASHasher for CASSHA { + /// Hashes data using the SHA-512 algorithm. + /// Returns the hash as a vector of bytes. fn hash_512(data_to_hash: Vec) -> Vec { let mut hasher = Sha3_512::new(); hasher.update(data_to_hash); @@ -12,6 +14,8 @@ impl CASHasher for CASSHA { return result.to_vec(); } + /// Verifies a hash using the SHA-512 algorithm. + /// Returns true if the hash matches the data, false otherwise. fn verify_512(hash_to_verify: Vec, data_to_verify: Vec) -> bool { let mut hasher = Sha3_512::new(); hasher.update(data_to_verify); @@ -19,6 +23,8 @@ impl CASHasher for CASSHA { return hash_to_verify.eq(&result.to_vec()); } + /// Hashes data using the SHA-256 algorithm. + /// Returns the hash as a vector of bytes. fn hash_256(data_to_hash: Vec) -> Vec { let mut hasher = Sha3_256::new(); hasher.update(data_to_hash); @@ -26,6 +32,8 @@ impl CASHasher for CASSHA { return result.to_vec(); } + /// Verifies a hash using the SHA-256 algorithm. + /// Returns true if the hash matches the data, false otherwise. fn verify_256(hash_to_verify: Vec, data_to_verify: Vec) -> bool { let mut hasher = Sha3_256::new(); hasher.update(data_to_verify); @@ -33,6 +41,8 @@ impl CASHasher for CASSHA { return hash_to_verify.eq(&result.to_vec()); } + /// Hashes data using the SHA-512 algorithm on the threadpool. + /// Returns the hash as a vector of bytes. fn hash_512_threadpool(data_to_hash: Vec) -> Vec { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -43,6 +53,8 @@ impl CASHasher for CASSHA { result } + /// Verifies a hash using the SHA-512 algorithm on the threadpool. + /// Returns true if the hash matches the data, false otherwise. fn verify_512_threadpool(hash_to_verify: Vec, data_to_verify: Vec) -> bool { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -53,6 +65,8 @@ impl CASHasher for CASSHA { result } + /// Hashes data using the SHA-256 algorithm on the threadpool. + /// Returns the hash as a vector of bytes. fn hash_256_threadpool(data_to_hash: Vec) -> Vec { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -63,6 +77,8 @@ impl CASHasher for CASSHA { result } + /// Verifies a hash using the SHA-256 algorithm on the threadpool. + /// Returns true if the hash matches the data, false otherwise. fn verify_256_threadpool(hash_to_verify: Vec, data_to_verify: Vec) -> bool { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { diff --git a/src/hybrid/hpke.rs b/src/hybrid/hpke.rs index 51881de..8b5e2a3 100644 --- a/src/hybrid/hpke.rs +++ b/src/hybrid/hpke.rs @@ -17,6 +17,8 @@ type Kdf = HkdfSha512; pub struct CASHPKE; impl CASHybrid for CASHPKE { + /// Generates a key pair for HPKE using X25519 as the KEM algorithm. + /// Returns the private key, public key, and an info string. fn generate_key_pair() -> (Vec, Vec, Vec) { let mut csprng = StdRng::from_entropy(); let (private_key, public_key) = Kem::gen_keypair(&mut csprng); @@ -27,12 +29,16 @@ impl CASHybrid for CASHPKE { ) } + /// Generates an info string for HPKE. + /// Returns a vector of bytes representing the info string. fn generate_info_str() -> Vec { let uuid = Uuid::new_v4(); let uuid_bytes: Vec = uuid.as_bytes().to_vec(); uuid_bytes } + /// Encrypts data using HPKE with the provided public key and info string. + /// Returns the encapsulated key, ciphertext, and tag. fn encrypt( plaintext: Vec, public_key: Vec, @@ -60,6 +66,8 @@ impl CASHybrid for CASHPKE { ) } + /// Decrypts data using HPKE with the provided private key, encapsulated key, tag, and info string. + /// Returns the decrypted plaintext. fn decrypt( ciphertext: Vec, private_key: Vec, diff --git a/src/key_exchange/x25519.rs b/src/key_exchange/x25519.rs index 6acef83..4f8bdc4 100644 --- a/src/key_exchange/x25519.rs +++ b/src/key_exchange/x25519.rs @@ -13,6 +13,8 @@ pub struct X25519SecretPublicKeyResult { pub struct X25519; impl CASKeyExchange for X25519 { + /// Generates a secret key and public key using X25519. + /// Returns a result containing the secret key and public key as vectors of bytes. fn generate_secret_and_public_key() -> X25519SecretPublicKeyResult { let secret_key = StaticSecret::random_from_rng(OsRng); let public_key = PublicKey::from(&secret_key); @@ -23,6 +25,10 @@ impl CASKeyExchange for X25519 { result } + /// Performs a Diffie-Hellman key exchange using the provided secret key and user's public key. + /// Returns the shared secret as a vector of bytes. + /// The shared secret is computed as the Diffie-Hellman result of the secret key and the user's public key. + /// The secret key and user's public key are expected to be in byte array format. fn diffie_hellman(my_secret_key: Vec, users_public_key: Vec) -> Vec { let mut secret_key_box = Box::new([0u8; 32]); secret_key_box.copy_from_slice(&my_secret_key); @@ -34,6 +40,10 @@ impl CASKeyExchange for X25519 { return secret_key.diffie_hellman(&public_key).as_bytes().to_vec(); } + /// Generates a secret key and public key using X25519 on the threadpool. + /// Returns a result containing the secret key and public key as vectors of bytes. + /// This function spawns a thread to perform the key generation. + /// Returns the result of the key generation. fn generate_secret_and_public_key_threadpool() -> X25519SecretPublicKeyResult { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -44,6 +54,10 @@ impl CASKeyExchange for X25519 { result } + /// Performs a Diffie-Hellman key exchange using the provided secret key and user's public key on the threadpool. + /// Returns the shared secret as a vector of bytes. + /// The shared secret is computed as the Diffie-Hellman result of the secret key and the user's public key. + /// The secret key and user's public key are expected to be in byte array format. fn diffie_hellman_threadpool(my_secret_key: Vec, users_public_key: Vec) -> Vec { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { diff --git a/src/message/hmac.rs b/src/message/hmac.rs index 7074769..3e8609a 100644 --- a/src/message/hmac.rs +++ b/src/message/hmac.rs @@ -8,6 +8,8 @@ type HmacSha256 = Hmac; pub struct HMAC; impl CASHMAC for HMAC { + /// Signs a message using HMAC with SHA-256. + /// Returns the signature as a vector of bytes. fn sign(key: Vec, message: Vec) -> Vec { let mut mac = HmacSha256::new_from_slice(&key).unwrap(); mac.update(&message); @@ -15,6 +17,8 @@ impl CASHMAC for HMAC { result } + /// Signs a message using HMAC with SHA-256 on the threadpool. + /// Returns the signature as a vector of bytes. fn sign_threadpool(key: Vec, message: Vec) -> Vec { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -25,12 +29,16 @@ impl CASHMAC for HMAC { result } + /// Verifies a signature using HMAC with SHA-256. + /// Returns true if the signature is valid, false otherwise. fn verify(key: Vec, message: Vec, signature: Vec) -> bool { let mut mac = HmacSha256::new_from_slice(&key).unwrap(); mac.update(&message); return mac.verify_slice(&signature).is_ok(); } + /// Verifies a signature using HMAC with SHA-256 on the threadpool. + /// Returns true if the signature is valid, false otherwise. fn verify_threadpool(key: Vec, message: Vec, signature: Vec) -> bool { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { diff --git a/src/password_hashers/argon2.rs b/src/password_hashers/argon2.rs index 21a176b..137ea5e 100644 --- a/src/password_hashers/argon2.rs +++ b/src/password_hashers/argon2.rs @@ -14,6 +14,8 @@ pub struct CASArgon; impl CASArgon { + /// Derives a 128-bit AES key from a password using Argon2. + /// Returns the derived key as a vector of bytes. pub fn derive_aes_128_key(password: Vec) -> Vec { let mut rng = OsRng; let mut salt: [u8; 16] = [0; 16]; @@ -24,6 +26,8 @@ impl CASArgon { key.to_vec() } + /// Derives a 256-bit AES key from a password using Argon2. + /// Returns the derived key as a vector of bytes. pub fn derive_aes_256_key(password: Vec) -> Vec { let mut rng = OsRng; let mut salt: [u8; 16] = [0; 16]; @@ -34,6 +38,8 @@ impl CASArgon { key.to_vec() } + /// Hashes a password using Argon2. + /// Returns the hashed password as a string. pub fn hash_password(password_to_hash: String) -> String { let salt = SaltString::generate(&mut OsRng); let argon2 = Argon2::default(); @@ -44,6 +50,8 @@ impl CASArgon { return hashed_password; } + /// Verifies a password against a hashed password using Argon2. + /// Returns true if the password matches the hashed password, false otherwise. pub fn verify_password(hashed_password: String, password_to_verify: String) -> bool { let hashed_password = PasswordHash::new(&hashed_password).unwrap(); return Argon2::default() @@ -51,6 +59,11 @@ impl CASArgon { .is_ok(); } + /// Hashes a password using Argon2 on the threadpool. + /// Returns the hashed password as a string. + /// This function spawns a thread to perform the hashing. + /// The password to hash is expected to be in string format. + /// Returns the hashed password. pub fn hash_password_threadpool(password: String) -> String { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -61,6 +74,10 @@ impl CASArgon { hash } + /// Verifies a password against a hashed password using Argon2 on the threadpool. + /// Returns true if the password matches the hashed password, false otherwise. + /// This function spawns a thread to perform the verification. + /// The hashed password and password to verify are expected to be in string format. pub fn verify_password_threadpool(hashed_password: String, password_to_verify: String) -> bool { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { diff --git a/src/password_hashers/bcrypt.rs b/src/password_hashers/bcrypt.rs index 7a7ffec..178aa97 100644 --- a/src/password_hashers/bcrypt.rs +++ b/src/password_hashers/bcrypt.rs @@ -7,14 +7,20 @@ use super::cas_password_hasher::CASPasswordHasher; pub struct CASBCrypt; impl CASPasswordHasher for CASBCrypt { + /// Hashes a password using bcrypt. + /// Returns the hashed password as a string. fn hash_password(password_to_hash: String) -> String { return hash(password_to_hash, DEFAULT_COST).unwrap(); } + /// Verifies a password against a hashed password using bcrypt. + /// Returns true if the password matches the hashed password, false otherwise. fn verify_password(hashed_password: String, password_to_verify: String) -> bool { return verify(password_to_verify, &hashed_password).unwrap(); } + /// Hashes a password using bcrypt on the threadpool. + /// Returns the hashed password as a string. fn hash_password_threadpool(password: String) -> String { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -25,6 +31,8 @@ impl CASPasswordHasher for CASBCrypt { hash } + /// Verifies a password against a hashed password using bcrypt on the threadpool. + /// Returns true if the password matches the hashed password, false otherwise. fn verify_password_threadpool(hashed_password: String, password_to_verify: String) -> bool { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { diff --git a/src/password_hashers/pbkdf2.rs b/src/password_hashers/pbkdf2.rs index 60ef0b6..6af4f94 100644 --- a/src/password_hashers/pbkdf2.rs +++ b/src/password_hashers/pbkdf2.rs @@ -5,6 +5,8 @@ use sha3::Sha3_256; use super::cas_password_hasher::Pbkdf2Result; +/// Derives a 256-bit key using PBKDF2 with SHA-256 as the hashing algorithm. +/// Returns the derived key and salt as a Pbkdf2Result. pub fn derivation(password_vec: Vec, number_of_iterations: u32) -> Pbkdf2Result { // Use Argon 2 salt and return the salt to the user so they can reuse it. let salt = SaltString::generate(&mut OsRng); @@ -17,6 +19,8 @@ pub fn derivation(password_vec: Vec, number_of_iterations: u32) -> Pbkdf2Res } } +/// Derives a key using PBKDF2 with SHA-256 as the hashing algorithm. +/// Returns the derived key as a vector of bytes. pub fn derivation_with_salt(password_vec: Vec, number_of_iterations: u32, salt: Vec) -> Vec { let key = pbkdf2_hmac_array::(&password_vec, &salt, number_of_iterations).to_vec(); key diff --git a/src/password_hashers/scrypt.rs b/src/password_hashers/scrypt.rs index cb05937..ee57d7e 100644 --- a/src/password_hashers/scrypt.rs +++ b/src/password_hashers/scrypt.rs @@ -12,6 +12,8 @@ use super::cas_password_hasher::CASPasswordHasher; pub struct CASScrypt; impl CASPasswordHasher for CASScrypt { + /// Hashes a password using Scrypt. + /// Returns the hashed password as a string. fn hash_password(password_to_hash: String) -> String { let salt = SaltString::generate(&mut OsRng); return Scrypt @@ -20,6 +22,8 @@ impl CASPasswordHasher for CASScrypt { .to_string(); } + /// Verifies a password against a hashed password using Scrypt. + /// Returns true if the password matches the hashed password, false otherwise. fn verify_password(hashed_password: String, password_to_verify: String) -> bool { let parsed_hash = PasswordHash::new(&hashed_password).unwrap(); return Scrypt @@ -27,6 +31,8 @@ impl CASPasswordHasher for CASScrypt { .is_ok(); } + /// Hashes a password using Scrypt on the threadpool. + /// Returns the hashed password as a string. fn hash_password_threadpool(password: String) -> String { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -37,6 +43,8 @@ impl CASPasswordHasher for CASScrypt { hash } + /// Verifies a password against a hashed password using Scrypt on the threadpool. + /// Returns true if the password matches the hashed password, false otherwise. fn verify_password_threadpool(hashed_password: String, password_to_verify: String) -> bool { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { diff --git a/src/signatures/ed25519.rs b/src/signatures/ed25519.rs index e2c7e12..3deb0db 100644 --- a/src/signatures/ed25519.rs +++ b/src/signatures/ed25519.rs @@ -9,6 +9,8 @@ use rand::rngs::OsRng; use super::cas_ed25519::Ed25519ByteSignature; +/// Generates a new Ed25519 key pair. +/// Returns the key pair as a vector of bytes. pub fn get_ed25519_key_pair() -> Vec { let mut csprng = OsRng; let keypair = SigningKey::generate(&mut csprng); @@ -16,6 +18,8 @@ pub fn get_ed25519_key_pair() -> Vec { keypair_vec } +/// Generates a new Ed25519 key pair on the threadpool. +/// Returns the key pair as a vector of bytes. pub fn get_ed25519_key_pair_threadpool() -> Vec { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -26,6 +30,8 @@ pub fn get_ed25519_key_pair_threadpool() -> Vec { result } +/// Signs a message using the provided Ed25519 key pair. +/// Returns the signature and public key as an Ed25519ByteSignature. pub fn ed25519_sign_with_key_pair(key_pair: Vec, message_to_sign: Vec) -> Ed25519ByteSignature { let mut key_pair_box = Box::new([0u8; 32]); key_pair_box.copy_from_slice(&key_pair); @@ -41,6 +47,8 @@ pub fn ed25519_sign_with_key_pair(key_pair: Vec, message_to_sign: Vec) - result } +/// Signs a message using the provided Ed25519 key pair on the threadpool. +/// Returns the signature and public key as an Ed25519ByteSignature. pub fn ed25519_sign_with_key_pair_threadpool(key_pair: Vec, message_to_sign: Vec) -> Ed25519ByteSignature { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -51,7 +59,9 @@ pub fn ed25519_sign_with_key_pair_threadpool(key_pair: Vec, message_to_sign: result } - +/// Verifies a signature using the provided Ed25519 key pair. +/// Returns true if the signature is valid, false otherwise. +/// The key pair is expected to be in byte array format. pub fn ed25519_verify_with_key_pair(key_pair: Vec, signature: Vec, message: Vec) -> bool { let mut key_pair_box = Box::new([0u8; 32]); key_pair_box.copy_from_slice(&key_pair); @@ -63,6 +73,9 @@ pub fn ed25519_verify_with_key_pair(key_pair: Vec, signature: Vec, messa return keypair.verify(&message, &signature).is_ok(); } +/// Verifies a signature using the provided Ed25519 key pair on the threadpool. +/// Returns true if the signature is valid, false otherwise. +/// The key pair is expected to be in byte array format. pub fn ed25519_verify_with_key_pair_threadpool(key_pair: Vec, signature: Vec, message: Vec) -> bool { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { @@ -73,6 +86,9 @@ pub fn ed25519_verify_with_key_pair_threadpool(key_pair: Vec, signature: Vec result } +/// Verifies a signature using the provided public key. +/// Returns true if the signature is valid, false otherwise. +/// The public key and signature are expected to be in byte array format. pub fn ed25519_verify_with_public_key(public_key: Vec, signature: Vec, message: Vec) -> bool { let mut public_key_box = Box::new([0u8; 32]); public_key_box.copy_from_slice(&public_key); @@ -87,6 +103,9 @@ pub fn ed25519_verify_with_public_key(public_key: Vec, signature: Vec, m .is_ok(); } +/// Verifies a signature using the provided public key on the threadpool. +/// Returns true if the signature is valid, false otherwise. +/// The public key and signature are expected to be in byte array format. pub fn ed25519_verify_with_public_key_threadpool(public_key: Vec, signature: Vec, message: Vec) -> bool { let (sender, receiver) = mpsc::channel(); rayon::spawn(move || { From f931ac2a420065acd1af7c430255d6de430ecc38 Mon Sep 17 00:00:00 2001 From: Mike Mulchrone Date: Wed, 23 Jul 2025 21:03:11 -0400 Subject: [PATCH 4/4] version bump --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 607370d..4af0002 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "cas-lib" -version = "0.2.54" +version = "0.2.55" edition = "2021" description = "Core lib for CAS" license = "Apache-2.0"