Skip to content

Commit

Permalink
add HPKE bindings
Browse files Browse the repository at this point in the history
  • Loading branch information
tofay committed Dec 12, 2024
1 parent 538a5cb commit eca4c7f
Show file tree
Hide file tree
Showing 12 changed files with 789 additions and 2 deletions.
4 changes: 4 additions & 0 deletions openssl-sys/build/expando.c
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,10 @@ RUST_CONF_OPENSSL_NO_EC
RUST_CONF_OPENSSL_NO_EC2M
#endif

#ifdef OPENSSL_NO_EC2X
RUST_CONF_OPENSSL_NO_EC2X
#endif

#ifdef OPENSSL_NO_ENGINE
RUST_CONF_OPENSSL_NO_ENGINE
#endif
Expand Down
2 changes: 1 addition & 1 deletion openssl-sys/build/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ fn check_ssl_kind() {
}

fn main() {
println!("cargo:rustc-check-cfg=cfg(osslconf, values(\"OPENSSL_NO_OCB\", \"OPENSSL_NO_SM4\", \"OPENSSL_NO_SEED\", \"OPENSSL_NO_CHACHA\", \"OPENSSL_NO_CAST\", \"OPENSSL_NO_IDEA\", \"OPENSSL_NO_CAMELLIA\", \"OPENSSL_NO_RC4\", \"OPENSSL_NO_BF\", \"OPENSSL_NO_PSK\", \"OPENSSL_NO_DEPRECATED_3_0\", \"OPENSSL_NO_SCRYPT\", \"OPENSSL_NO_SM3\", \"OPENSSL_NO_RMD160\", \"OPENSSL_NO_EC2M\", \"OPENSSL_NO_OCSP\", \"OPENSSL_NO_CMS\", \"OPENSSL_NO_COMP\", \"OPENSSL_NO_SOCK\", \"OPENSSL_NO_STDIO\", \"OPENSSL_NO_EC\", \"OPENSSL_NO_SSL3_METHOD\", \"OPENSSL_NO_KRB5\", \"OPENSSL_NO_TLSEXT\", \"OPENSSL_NO_SRP\", \"OPENSSL_NO_RFC3779\", \"OPENSSL_NO_SHA\", \"OPENSSL_NO_NEXTPROTONEG\", \"OPENSSL_NO_ENGINE\", \"OPENSSL_NO_BUF_FREELISTS\"))");
println!("cargo:rustc-check-cfg=cfg(osslconf, values(\"OPENSSL_NO_OCB\", \"OPENSSL_NO_SM4\", \"OPENSSL_NO_SEED\", \"OPENSSL_NO_CHACHA\", \"OPENSSL_NO_CAST\", \"OPENSSL_NO_IDEA\", \"OPENSSL_NO_CAMELLIA\", \"OPENSSL_NO_RC4\", \"OPENSSL_NO_BF\", \"OPENSSL_NO_PSK\", \"OPENSSL_NO_DEPRECATED_3_0\", \"OPENSSL_NO_SCRYPT\", \"OPENSSL_NO_SM3\", \"OPENSSL_NO_RMD160\", \"OPENSSL_NO_EC2M\", \"OPENSSL_NO_OCSP\", \"OPENSSL_NO_CMS\", \"OPENSSL_NO_COMP\", \"OPENSSL_NO_SOCK\", \"OPENSSL_NO_STDIO\", \"OPENSSL_NO_EC\", \"OPENSSL_NO_SSL3_METHOD\", \"OPENSSL_NO_KRB5\", \"OPENSSL_NO_TLSEXT\", \"OPENSSL_NO_SRP\", \"OPENSSL_NO_RFC3779\", \"OPENSSL_NO_SHA\", \"OPENSSL_NO_NEXTPROTONEG\", \"OPENSSL_NO_ENGINE\", \"OPENSSL_NO_BUF_FREELISTS\", \"OPENSSL_NO_ECX\"))");

println!("cargo:rustc-check-cfg=cfg(openssl)");
println!("cargo:rustc-check-cfg=cfg(libressl)");
Expand Down
4 changes: 4 additions & 0 deletions openssl-sys/build/run_bindgen.rs
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,10 @@ const INCLUDES: &str = "
#if OPENSSL_VERSION_NUMBER >= 0x30200000
#include <openssl/thread.h>
#endif
#if OPENSSL_VERSION_NUMBER >= 0x30200000
#include <openssl/hpke.h>
#endif
";

#[cfg(feature = "bindgen")]
Expand Down
99 changes: 99 additions & 0 deletions openssl-sys/src/handwritten/hpke.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
use super::super::*;
use libc::*;

extern "C" {
pub fn OSSL_HPKE_CTX_new(
mode: c_int,
suite: OSSL_HPKE_SUITE,
role: c_int,
libctx: *mut OSSL_LIB_CTX,
propq: *const c_char,
) -> *mut OSSL_HPKE_CTX;
pub fn OSSL_HPKE_CTX_free(ctx: *mut OSSL_HPKE_CTX);
pub fn OSSL_HPKE_encap(
ctx: *mut OSSL_HPKE_CTX,
enc: *mut u8,
enclen: *mut usize,
pub_: *const u8,
publen: usize,
info: *const u8,
infolen: usize,
) -> c_int;
pub fn OSSL_HPKE_seal(
ctx: *mut OSSL_HPKE_CTX,
ct: *mut u8,
ctlen: *mut usize,
aad: *const u8,
aadlen: usize,
pt: *const u8,
ptlen: usize,
) -> c_int;
pub fn OSSL_HPKE_keygen(
suite: OSSL_HPKE_SUITE,
pub_: *mut u8,
publen: *mut usize,
priv_: *mut *mut EVP_PKEY,
ikm: *const u8,
ikmlen: usize,
libctx: *mut OSSL_LIB_CTX,
propq: *const c_char,
) -> c_int;
pub fn OSSL_HPKE_decap(
ctx: *mut OSSL_HPKE_CTX,
enc: *const u8,
enclen: usize,
recippriv: *mut EVP_PKEY,
info: *const u8,
infolen: usize,
) -> c_int;
pub fn OSSL_HPKE_open(
ctx: *mut OSSL_HPKE_CTX,
pt: *mut u8,
ptlen: *mut usize,
aad: *const u8,
aadlen: usize,
ct: *const u8,
ctlen: usize,
) -> c_int;
pub fn OSSL_HPKE_export(
ctx: *mut OSSL_HPKE_CTX,
secret: *mut u8,
secretlen: usize,
label: *const u8,
labellen: usize,
) -> c_int;
pub fn OSSL_HPKE_CTX_set1_authpriv(ctx: *mut OSSL_HPKE_CTX, priv_: *mut EVP_PKEY) -> c_int;
pub fn OSSL_HPKE_CTX_set1_authpub(
ctx: *mut OSSL_HPKE_CTX,
pub_: *const u8,
publen: usize,
) -> c_int;
pub fn OSSL_HPKE_CTX_set1_psk(
ctx: *mut OSSL_HPKE_CTX,
pskid: *const c_char,
psk: *const u8,
psklen: usize,
) -> c_int;
pub fn OSSL_HPKE_CTX_set1_ikme(
ctx: *mut OSSL_HPKE_CTX,
ikme: *const u8,
ikmelen: usize,
) -> c_int;
pub fn OSSL_HPKE_CTX_set_seq(ctx: *mut OSSL_HPKE_CTX, seq: u64) -> c_int;
pub fn OSSL_HPKE_CTX_get_seq(ctx: *mut OSSL_HPKE_CTX, seq: *mut u64) -> c_int;
pub fn OSSL_HPKE_suite_check(suite: OSSL_HPKE_SUITE) -> c_int;
pub fn OSSL_HPKE_get_grease_value(
suite_in: *const OSSL_HPKE_SUITE,
suite: *mut OSSL_HPKE_SUITE,
enc: *mut u8,
enclen: *mut usize,
ct: *mut u8,
ctlen: usize,
libctx: *mut OSSL_LIB_CTX,
propq: *const c_char,
) -> c_int;
pub fn OSSL_HPKE_str2suite(str_: *const c_char, suite: *mut OSSL_HPKE_SUITE) -> c_int;
pub fn OSSL_HPKE_get_ciphertext_size(suite: OSSL_HPKE_SUITE, clearlen: usize) -> usize;
pub fn OSSL_HPKE_get_public_encap_size(suite: OSSL_HPKE_SUITE) -> usize;
pub fn OSSL_HPKE_get_recommended_ikmelen(suite: OSSL_HPKE_SUITE) -> usize;
}
4 changes: 4 additions & 0 deletions openssl-sys/src/handwritten/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ pub use self::ec::*;
pub use self::err::*;
pub use self::evp::*;
pub use self::hmac::*;
#[cfg(ossl320)]
pub use self::hpke::*;
pub use self::kdf::*;
pub use self::object::*;
pub use self::ocsp::*;
Expand Down Expand Up @@ -51,6 +53,8 @@ mod ec;
mod err;
mod evp;
mod hmac;
#[cfg(ossl320)]
mod hpke;
mod kdf;
mod object;
mod ocsp;
Expand Down
12 changes: 12 additions & 0 deletions openssl-sys/src/handwritten/types.rs
Original file line number Diff line number Diff line change
Expand Up @@ -1144,3 +1144,15 @@ pub struct OSSL_PARAM {
pub enum EVP_KDF {}
#[cfg(ossl300)]
pub enum EVP_KDF_CTX {}

#[cfg(ossl320)]
pub enum OSSL_HPKE_CTX {}

#[cfg(ossl320)]
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct OSSL_HPKE_SUITE {
pub kem_id: u16,
pub kdf_id: u16,
pub aead_id: u16,
}
58 changes: 58 additions & 0 deletions openssl-sys/src/hpke.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
#[cfg(ossl320)]
use crate::OSSL_HPKE_SUITE;
use libc::c_int;

#[cfg(ossl320)]
pub const OSSL_HPKE_MODE_BASE: c_int = 0x00;
#[cfg(ossl320)]
pub const OSSL_HPKE_MODE_PSK: c_int = 0x01;
#[cfg(ossl320)]
pub const OSSL_HPKE_MODE_AUTH: c_int = 0x02;
#[cfg(ossl320)]
pub const OSSL_HPKE_MODE_PSKAUTH: c_int = 0x03;

#[cfg(ossl320)]
pub const OSSL_HPKE_ROLE_SENDER: c_int = 0x00;
#[cfg(ossl320)]
pub const OSSL_HPKE_ROLE_RECEIVER: c_int = 0x01;

#[cfg(ossl320)]
pub const OSSL_HPKE_KEM_ID_P256: u16 = 0x10;
#[cfg(ossl320)]
pub const OSSL_HPKE_KEM_ID_P384: u16 = 0x11;
#[cfg(ossl320)]
pub const OSSL_HPKE_KEM_ID_P521: u16 = 0x12;
#[cfg(ossl320)]
pub const OSSL_HPKE_KEM_ID_X25519: u16 = 0x20;
#[cfg(ossl320)]
pub const OSSL_HPKE_KEM_ID_X448: u16 = 0x21;

#[cfg(ossl320)]
pub const OSSL_HPKE_KDF_ID_HKDF_SHA256: u16 = 0x01;
#[cfg(ossl320)]
pub const OSSL_HPKE_KDF_ID_HKDF_SHA384: u16 = 0x02;
#[cfg(ossl320)]
pub const OSSL_HPKE_KDF_ID_HKDF_SHA512: u16 = 0x03;

#[cfg(ossl320)]
pub const OSSL_HPKE_AEAD_ID_AES_GCM_128: u16 = 0x01;
#[cfg(ossl320)]
pub const OSSL_HPKE_AEAD_ID_AES_GCM_256: u16 = 0x02;
#[cfg(ossl320)]
pub const OSSL_HPKE_AEAD_ID_CHACHA_POLY1305: u16 = 0x03;
#[cfg(ossl320)]
pub const OSSL_HPKE_AEAD_ID_EXPORTONLY: u16 = 0xFFFF;

#[cfg(all(ossl320, not(osslconf = "OPENSSL_NO_ECX")))]
pub const OSSL_HPKE_SUITE_DEFAULT: OSSL_HPKE_SUITE = OSSL_HPKE_SUITE {
kem_id: OSSL_HPKE_KEM_ID_X25519,
kdf_id: OSSL_HPKE_KDF_ID_HKDF_SHA256,
aead_id: OSSL_HPKE_AEAD_ID_AES_GCM_128,
};

#[cfg(all(ossl320, osslconf = "OPENSSL_NO_ECX"))]
pub const OSSL_HPKE_SUITE_DEFAULT: OSSL_HPKE_SUITE = OSSL_HPKE_SUITE {
kem_id: OSSL_HPKE_KEM_ID_P256,
kdf_id: OSSL_HPKE_KDF_ID_HKDF_SHA256,
aead_id: OSSL_HPKE_AEAD_ID_AES_GCM_128,
};
2 changes: 2 additions & 0 deletions openssl-sys/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ mod openssl {
pub use self::evp::*;
#[cfg(not(feature = "bindgen"))]
pub use self::handwritten::*;
pub use self::hpke::*;
pub use self::obj_mac::*;
pub use self::ocsp::*;
pub use self::pem::*;
Expand Down Expand Up @@ -82,6 +83,7 @@ mod openssl {
mod evp;
#[cfg(not(feature = "bindgen"))]
mod handwritten;
mod hpke;
mod obj_mac;
mod ocsp;
mod pem;
Expand Down
2 changes: 1 addition & 1 deletion openssl/build.rs
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
use std::env;

fn main() {
println!("cargo:rustc-check-cfg=cfg(osslconf, values(\"OPENSSL_NO_OCB\", \"OPENSSL_NO_SM4\", \"OPENSSL_NO_SEED\", \"OPENSSL_NO_CHACHA\", \"OPENSSL_NO_CAST\", \"OPENSSL_NO_IDEA\", \"OPENSSL_NO_CAMELLIA\", \"OPENSSL_NO_RC4\", \"OPENSSL_NO_BF\", \"OPENSSL_NO_PSK\", \"OPENSSL_NO_DEPRECATED_3_0\", \"OPENSSL_NO_SCRYPT\", \"OPENSSL_NO_SM3\", \"OPENSSL_NO_RMD160\", \"OPENSSL_NO_EC2M\", \"OPENSSL_NO_OCSP\", \"OPENSSL_NO_CMS\", \"OPENSSL_NO_EC\", \"OPENSSL_NO_ARGON2\"))");
println!("cargo:rustc-check-cfg=cfg(osslconf, values(\"OPENSSL_NO_OCB\", \"OPENSSL_NO_SM4\", \"OPENSSL_NO_SEED\", \"OPENSSL_NO_CHACHA\", \"OPENSSL_NO_CAST\", \"OPENSSL_NO_IDEA\", \"OPENSSL_NO_CAMELLIA\", \"OPENSSL_NO_RC4\", \"OPENSSL_NO_BF\", \"OPENSSL_NO_PSK\", \"OPENSSL_NO_DEPRECATED_3_0\", \"OPENSSL_NO_SCRYPT\", \"OPENSSL_NO_SM3\", \"OPENSSL_NO_RMD160\", \"OPENSSL_NO_EC2M\", \"OPENSSL_NO_OCSP\", \"OPENSSL_NO_CMS\", \"OPENSSL_NO_EC\", \"OPENSSL_NO_ARGON2\", \"OPENSSL_NO_ECX\"))");

println!("cargo:rustc-check-cfg=cfg(libressl)");
println!("cargo:rustc-check-cfg=cfg(boringssl)");
Expand Down
Loading

0 comments on commit eca4c7f

Please sign in to comment.