Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Include new AWS-LC header files for FIPS bindings. #629

Merged
merged 14 commits into from
Dec 12, 2024
Merged

Include new AWS-LC header files for FIPS bindings. #629

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
89b3fec
Update headers for FIPS bindings
justsmth Dec 12, 2024
196f32a
Symbols from macos-14-xlarge
Dec 12, 2024
5803e40
Symbols from ubuntu-latest
Dec 12, 2024
9bf8fc4
Symbols for aarch64-unknown-linux-gnu
Dec 12, 2024
80e1ced
Symbols from macos-13
Dec 12, 2024
13bb533
Symbols for x86_64-unknown-linux-musl
Dec 12, 2024
f6d930e
Symbols for aarch64-unknown-linux-musl
Dec 12, 2024
78570d5
Generated headers
Dec 12, 2024
b68da1e
Generated bindings from ubuntu-latest
Dec 12, 2024
cf9d650
Generated bindings from macos-14-xlarge
Dec 12, 2024
b3938b6
Generated bindings from macos-13
Dec 12, 2024
7895ee7
Generated bindings for aarch64-unknown-linux-musl
Dec 12, 2024
a8b0075
Generated bindings for x86_64-unknown-linux-musl
Dec 12, 2024
56bceec
Generated bindings for aarch64-unknown-linux-gnu
Dec 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 3 additions & 8 deletions aws-lc-fips-sys/include/rust_wrapper.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
#include "openssl/conf.h"
#include "openssl/cpu.h"
#include "openssl/crypto.h"
#include "openssl/ctrdrbg.h"
#include "openssl/curve25519.h"
#include "openssl/des.h"
#include "openssl/dh.h"
Expand All @@ -45,6 +46,7 @@
#include "openssl/hmac.h"
#include "openssl/hpke.h"
#include "openssl/hrss.h"
#include "openssl/kdf.h"
#include "openssl/lhash.h"
#include "openssl/md4.h"
#include "openssl/md5.h"
Expand Down Expand Up @@ -78,6 +80,7 @@
#include "openssl/x509.h"
#include "openssl/x509_vfy.h"
#include "openssl/x509v3.h"
#include "openssl/experimental/kem_deterministic_api.h"

#if defined(AWS_LC_RUST_INCLUDE_SSL)
#include "openssl/ssl.h"
Expand All @@ -90,14 +93,6 @@
#define AWS_LC_FIPS_SYS_EXPORT __attribute__((visibility("default")))
#endif

// The TLS PRF API is exported in AWS-LC main branch, but in the current FIPS branch, this API is defined in a private header.
AWS_LC_FIPS_SYS_EXPORT int CRYPTO_tls1_prf(const EVP_MD *digest,
uint8_t *out, size_t out_len,
const uint8_t *secret, size_t secret_len,
const char *label, size_t label_len,
const uint8_t *seed1, size_t seed1_len,
const uint8_t *seed2, size_t seed2_len);

#define AWS_LC_WRAPPER_ADD_PREFIX(a, b) AWS_LC_WRAPPER_ADD_PREFIX_INNER(a, b)
#define AWS_LC_WRAPPER_ADD_PREFIX_INNER(a, b) a ## _ ## b

Expand Down
148 changes: 132 additions & 16 deletions aws-lc-fips-sys/src/aarch64_apple_darwin_crypto.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -762,6 +762,8 @@ pub const CONF_R_UNABLE_TO_CREATE_NEW_SECTION: i32 = 104;
pub const CONF_R_VARIABLE_HAS_NO_VALUE: i32 = 105;
pub const CONF_R_VARIABLE_EXPANSION_TOO_LONG: i32 = 106;
pub const CONF_R_VARIABLE_EXPANSION_NOT_SUPPORTED: i32 = 107;
pub const CTR_DRBG_ENTROPY_LEN: i32 = 48;
pub const CTR_DRBG_MAX_GENERATE_LENGTH: i32 = 65536;
pub const X25519_PRIVATE_KEY_LEN: i32 = 32;
pub const X25519_PUBLIC_VALUE_LEN: i32 = 32;
pub const X25519_SHARED_KEY_LEN: i32 = 32;
Expand Down Expand Up @@ -3322,6 +3324,9 @@ pub const HRSS_CIPHERTEXT_BYTES: i32 = 1138;
pub const HRSS_KEY_BYTES: i32 = 32;
pub const HRSS_POLY3_BYTES: i32 = 140;
pub const HRSS_PRIVATE_KEY_BYTES: i32 = 1452;
pub const EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND: i32 = 0;
pub const EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY: i32 = 1;
pub const EVP_PKEY_HKDEF_MODE_EXPAND_ONLY: i32 = 2;
pub const MD4_CBLOCK: i32 = 64;
pub const MD4_DIGEST_LENGTH: i32 = 16;
pub const PKCS7_DETACHED: i32 = 64;
Expand Down Expand Up @@ -13259,6 +13264,41 @@ extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_OPENSSL_no_config"]
pub fn OPENSSL_no_config();
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_CTR_DRBG_new"]
pub fn CTR_DRBG_new(
entropy: *const u8,
personalization: *const u8,
personalization_len: usize,
) -> *mut CTR_DRBG_STATE;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_CTR_DRBG_free"]
pub fn CTR_DRBG_free(state: *mut CTR_DRBG_STATE);
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_CTR_DRBG_reseed"]
pub fn CTR_DRBG_reseed(
drbg: *mut CTR_DRBG_STATE,
entropy: *const u8,
additional_data: *const u8,
additional_data_len: usize,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_CTR_DRBG_generate"]
pub fn CTR_DRBG_generate(
drbg: *mut CTR_DRBG_STATE,
out: *mut u8,
out_len: usize,
additional_data: *const u8,
additional_data_len: usize,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_CTR_DRBG_clear"]
pub fn CTR_DRBG_clear(drbg: *mut CTR_DRBG_STATE);
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_X25519_keypair"]
pub fn X25519_keypair(out_public_value: *mut u8, out_private_key: *mut u8);
Expand Down Expand Up @@ -17920,6 +17960,98 @@ extern "C" {
in_: *const u8,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_CRYPTO_tls1_prf"]
pub fn CRYPTO_tls1_prf(
digest: *const EVP_MD,
out: *mut u8,
out_len: usize,
secret: *const u8,
secret_len: usize,
label: *const ::std::os::raw::c_char,
label_len: usize,
seed1: *const u8,
seed1_len: usize,
seed2: *const u8,
seed2_len: usize,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_SSKDF_digest"]
pub fn SSKDF_digest(
out_key: *mut u8,
out_len: usize,
digest: *const EVP_MD,
secret: *const u8,
secret_len: usize,
info: *const u8,
info_len: usize,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_SSKDF_hmac"]
pub fn SSKDF_hmac(
out_key: *mut u8,
out_len: usize,
digest: *const EVP_MD,
secret: *const u8,
secret_len: usize,
info: *const u8,
info_len: usize,
salt: *const u8,
salt_len: usize,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_KBKDF_ctr_hmac"]
pub fn KBKDF_ctr_hmac(
out_key: *mut u8,
out_len: usize,
digest: *const EVP_MD,
secret: *const u8,
secret_len: usize,
info: *const u8,
info_len: usize,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_EVP_PKEY_CTX_hkdf_mode"]
pub fn EVP_PKEY_CTX_hkdf_mode(
ctx: *mut EVP_PKEY_CTX,
mode: ::std::os::raw::c_int,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_EVP_PKEY_CTX_set_hkdf_md"]
pub fn EVP_PKEY_CTX_set_hkdf_md(
ctx: *mut EVP_PKEY_CTX,
md: *const EVP_MD,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_EVP_PKEY_CTX_set1_hkdf_key"]
pub fn EVP_PKEY_CTX_set1_hkdf_key(
ctx: *mut EVP_PKEY_CTX,
key: *const u8,
key_len: usize,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_EVP_PKEY_CTX_set1_hkdf_salt"]
pub fn EVP_PKEY_CTX_set1_hkdf_salt(
ctx: *mut EVP_PKEY_CTX,
salt: *const u8,
salt_len: usize,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_EVP_PKEY_CTX_add1_hkdf_info"]
pub fn EVP_PKEY_CTX_add1_hkdf_info(
ctx: *mut EVP_PKEY_CTX,
info: *const u8,
info_len: usize,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_MD4_Init"]
pub fn MD4_Init(md4: *mut MD4_CTX) -> ::std::os::raw::c_int;
Expand Down Expand Up @@ -28199,22 +28331,6 @@ extern "C" {
encrypted_bit: u8,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_CRYPTO_tls1_prf"]
pub fn CRYPTO_tls1_prf(
digest: *const EVP_MD,
out: *mut u8,
out_len: usize,
secret: *const u8,
secret_len: usize,
label: *const ::std::os::raw::c_char,
label_len: usize,
seed1: *const u8,
seed1_len: usize,
seed2: *const u8,
seed2_len: usize,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[link_name = "\u{1}_aws_lc_fips_0_13_0_ERR_GET_LIB_RUST"]
pub fn ERR_GET_LIB_RUST(packed_error: u32) -> ::std::os::raw::c_int;
Expand Down
Loading
Loading