Generates "low-level" bindings for Rust using bindgen
This is designed to be the minimal infrastructure required to support
using BoringSSL in the Rust ecosystem without fear of ABI drift. Bindgen
is used to generate Rust bindings in lockstep with the rest of the
build. `rust-openssl` can consume these generated bindings with minimal
changes.
Change-Id: I1dacd36a4131e22a930ebb01da00407e8465ad7e
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49645
Reviewed-by: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/.gitignore b/.gitignore
index 08d99a1..a8e3184 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,6 +7,7 @@
*.swo
doc/*.html
doc/doc.css
+rust/target
util/bot/android_ndk
util/bot/android_sdk/public
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 6c70b55..7f02b29 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -31,6 +31,7 @@
else()
find_package(Perl REQUIRED)
find_program(GO_EXECUTABLE go)
+ find_program(BINDGEN_EXECUTABLE bindgen)
endif()
if(CMAKE_SYSTEM_NAME STREQUAL "Linux" AND NOT CMAKE_CROSSCOMPILING)
@@ -51,6 +52,12 @@
message(FATAL_ERROR "Could not find Go")
endif()
+if(NOT BINDGEN_EXECUTABLE)
+ message("Could not find bindgen. Not generating Rust bindings.")
+else()
+ add_subdirectory(rust)
+endif()
+
if(USE_CUSTOM_LIBCXX)
set(BORINGSSL_ALLOW_CXX_RUNTIME 1)
endif()
diff --git a/include/openssl/bn.h b/include/openssl/bn.h
index 2b4d063..a95a894 100644
--- a/include/openssl/bn.h
+++ b/include/openssl/bn.h
@@ -148,14 +148,14 @@
// Projects which use |BN_*_FMT*| with outdated C headers may need to define it
// externally.
#if defined(OPENSSL_64_BIT)
-#define BN_ULONG uint64_t
+typedef uint64_t BN_ULONG;
#define BN_BITS2 64
#define BN_DEC_FMT1 "%" PRIu64
#define BN_DEC_FMT2 "%019" PRIu64
#define BN_HEX_FMT1 "%" PRIx64
#define BN_HEX_FMT2 "%016" PRIx64
#elif defined(OPENSSL_32_BIT)
-#define BN_ULONG uint32_t
+typedef uint32_t BN_ULONG;
#define BN_BITS2 32
#define BN_DEC_FMT1 "%" PRIu32
#define BN_DEC_FMT2 "%09" PRIu32
diff --git a/rust/CMakeLists.txt b/rust/CMakeLists.txt
new file mode 100644
index 0000000..d830bdd
--- /dev/null
+++ b/rust/CMakeLists.txt
@@ -0,0 +1,68 @@
+# additional interop for things like macros and inlined functions
+add_library(
+ rust_wrapper
+ STATIC
+ rust_wrapper.c
+)
+
+# generate architecture specific wrappers
+foreach(TARGET
+ aarch64-unknown-linux-gnu
+ i686-pc-windows-gnu
+ x86_64-unknown-linux-gnu
+ )
+
+ set(WRAPPER_TARGET ${CMAKE_BINARY_DIR}/rust/src/wrapper_${TARGET}.rs)
+ set(COMMAND ${BINDGEN_EXECUTABLE} "wrapper.h"
+ -o ${WRAPPER_TARGET}
+ --no-derive-default
+ --enable-function-attribute-detection
+ --use-core
+ --size_t-is-usize
+ --default-macro-constant-type="signed"
+ --rustified-enum="point_conversion_form_t"
+ # These are not BoringSSL symbols, they are from glibc
+ # and are not relevant to the build besides throwing warnings
+ # about their 'long double' (aka u128) not being FFI safe.
+ # We block those functions so that the build doesn't
+ # spam warnings.
+ #
+ # https://github.com/rust-lang/rust-bindgen/issues/1549 describes the current problem
+ # and other folks' solutions.
+ #
+ # We will explore migrating to https://github.com/rust-lang/rust-bindgen/pull/2122
+ # when it lands
+ --blocklist-function="strtold"
+ --blocklist-function="qecvt"
+ --blocklist-function="qecvt_r"
+ --blocklist-function="qgcvt"
+ --blocklist-function="qfcvt"
+ --blocklist-function="qfcvt_r"
+ -- # these are LLVM arg passthroughs
+ -I../include
+ --target=${TARGET})
+
+ add_custom_target(
+ bindgen_rust_${TARGET}
+ ALL
+ ${COMMAND}
+ BYPRODUCTS ${WRAPPER_TARGET}
+ WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
+ )
+ string(REPLACE "-" ";" TARGET_LIST ${TARGET})
+ list(GET TARGET_LIST 0 ARCH)
+ list(GET TARGET_LIST 1 VENDOR)
+
+ set(INCLUDES "${INCLUDES}\
+ #[cfg(all(target_arch = \"${ARCH}\", target_vendor = \"${VENDOR}\"))]\n\
+ include!(\"wrapper_${TARGET}.rs\");\n")
+endforeach()
+
+# move files into build directory
+configure_file("src/lib.rs" "src/lib.rs")
+
+if(NOT BUILD_SHARED_LIBS)
+ configure_file("build.rs" "build.rs" COPYONLY)
+endif()
+
+configure_file("Cargo.toml" "Cargo.toml" COPYONLY)
diff --git a/rust/Cargo.toml b/rust/Cargo.toml
new file mode 100644
index 0000000..6a2bb40
--- /dev/null
+++ b/rust/Cargo.toml
@@ -0,0 +1,8 @@
+[package]
+name = "bssl-sys"
+version = "0.1.0"
+authors = ["Benjamin Brittain <bwb@google.com>"]
+edition = "2018"
+
+[dependencies]
+libc = "0.2"
diff --git a/rust/README.md b/rust/README.md
new file mode 100644
index 0000000..271d4d5
--- /dev/null
+++ b/rust/README.md
@@ -0,0 +1,8 @@
+bssl-sys
+============
+
+A low-level binding crate for Rust that moves in lockstop with BoringSSL. BoringSSL explicitly does not have a stable ABI, `bssl-sys` is the solution for preventing subtle-memory corruption bugs due to version skew.
+
+### How it works
+`bssl-sys` uses `bindgen` as part of the cmake build process to generate Rust compatibility shims for each supported target platform. It is important to generate it for each platform because `bindgen` uses LLVM information for alignment which varies depending on architecture. These files are then packaged into a Rust crate.
+
diff --git a/rust/build.rs b/rust/build.rs
new file mode 100644
index 0000000..f6ce794
--- /dev/null
+++ b/rust/build.rs
@@ -0,0 +1,26 @@
+/* Copyright (c) 2021, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+fn main() {
+ // Statically link libraries.
+ println!("cargo:rustc-link-search=native=../crypto");
+ println!("cargo:rustc-link-lib=static=crypto");
+
+ println!("cargo:rustc-link-search=native=../ssl");
+ println!("cargo:rustc-link-lib=static=ssl");
+
+ println!("cargo:rustc-link-search=native=.");
+ println!("cargo:rustc-link-lib=static=rust_wrapper");
+}
diff --git a/rust/rust_wrapper.c b/rust/rust_wrapper.c
new file mode 100644
index 0000000..d5419a9
--- /dev/null
+++ b/rust/rust_wrapper.c
@@ -0,0 +1,28 @@
+/* Copyright (c) 2022, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#include "rust_wrapper.h"
+
+
+int ERR_GET_LIB_RUST(uint32_t packed_error) {
+ return ERR_GET_LIB(packed_error);
+}
+
+int ERR_GET_REASON_RUST(uint32_t packed_error) {
+ return ERR_GET_REASON(packed_error);
+}
+
+int ERR_GET_FUNC_RUST(uint32_t packed_error) {
+ return ERR_GET_FUNC(packed_error);
+}
diff --git a/rust/rust_wrapper.h b/rust/rust_wrapper.h
new file mode 100644
index 0000000..632622a
--- /dev/null
+++ b/rust/rust_wrapper.h
@@ -0,0 +1,37 @@
+/* Copyright (c) 2022, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#ifndef OPENSSL_HEADER_RUST_WRAPPER_H
+#define OPENSSL_HEADER_RUST_WRAPPER_H
+
+#include <openssl/err.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+
+// The following functions are wrappers over inline functions and macros in
+// BoringSSL, which bindgen cannot currently correctly bind. These wrappers
+// ensure changes to the functions remain in lockstep with the Rust versions.
+int ERR_GET_LIB_RUST(uint32_t packed_error);
+int ERR_GET_REASON_RUST(uint32_t packed_error);
+int ERR_GET_FUNC_RUST(uint32_t packed_error);
+
+
+#if defined(__cplusplus)
+} // extern C
+#endif
+
+#endif // OPENSSL_HEADER_RUST_WRAPPER_H
diff --git a/rust/src/lib.rs b/rust/src/lib.rs
new file mode 100644
index 0000000..d8c2c00
--- /dev/null
+++ b/rust/src/lib.rs
@@ -0,0 +1,22 @@
+#![allow(non_upper_case_globals)]
+#![allow(non_camel_case_types)]
+#![allow(non_snake_case)]
+
+// populated by cmake
+${INCLUDES}
+
+pub fn ERR_GET_LIB(packed_error: u32) -> i32 {
+ unsafe { ERR_GET_LIB_RUST(packed_error) }
+}
+
+pub fn ERR_GET_REASON(packed_error: u32) -> i32 {
+ unsafe { ERR_GET_REASON_RUST(packed_error) }
+}
+
+pub fn ERR_GET_FUNC(packed_error: u32) -> i32 {
+ unsafe { ERR_GET_FUNC_RUST(packed_error) }
+}
+
+pub fn init() {
+ unsafe { CRYPTO_library_init(); }
+}
diff --git a/rust/wrapper.h b/rust/wrapper.h
new file mode 100644
index 0000000..aa5aeed
--- /dev/null
+++ b/rust/wrapper.h
@@ -0,0 +1,78 @@
+#include "../include/openssl/aes.h"
+#include "../include/openssl/asn1.h"
+#include "../include/openssl/asn1_mac.h"
+#include "../include/openssl/asn1t.h"
+#include "../include/openssl/base.h"
+#include "../include/openssl/base64.h"
+#include "../include/openssl/bio.h"
+#include "../include/openssl/blake2.h"
+#include "../include/openssl/blowfish.h"
+#include "../include/openssl/bn.h"
+#include "../include/openssl/buf.h"
+#include "../include/openssl/buffer.h"
+#include "../include/openssl/bytestring.h"
+#include "../include/openssl/cast.h"
+#include "../include/openssl/chacha.h"
+#include "../include/openssl/cipher.h"
+#include "../include/openssl/cmac.h"
+#include "../include/openssl/conf.h"
+#include "../include/openssl/cpu.h"
+#include "../include/openssl/crypto.h"
+#include "../include/openssl/curve25519.h"
+#include "../include/openssl/des.h"
+#include "../include/openssl/dh.h"
+#include "../include/openssl/digest.h"
+#include "../include/openssl/dsa.h"
+#include "../include/openssl/dtls1.h"
+#include "../include/openssl/e_os2.h"
+#include "../include/openssl/ec.h"
+#include "../include/openssl/ec_key.h"
+#include "../include/openssl/ecdh.h"
+#include "../include/openssl/ecdsa.h"
+#include "../include/openssl/engine.h"
+#include "../include/openssl/err.h"
+#include "../include/openssl/evp.h"
+#include "../include/openssl/evp_errors.h"
+#include "../include/openssl/ex_data.h"
+#include "../include/openssl/hkdf.h"
+#include "../include/openssl/hmac.h"
+#include "../include/openssl/hpke.h"
+#include "../include/openssl/hrss.h"
+#include "../include/openssl/is_boringssl.h"
+#include "../include/openssl/lhash.h"
+#include "../include/openssl/md4.h"
+#include "../include/openssl/md5.h"
+#include "../include/openssl/mem.h"
+#include "../include/openssl/obj.h"
+#include "../include/openssl/obj_mac.h"
+#include "../include/openssl/objects.h"
+#include "../include/openssl/opensslconf.h"
+#include "../include/openssl/opensslv.h"
+#include "../include/openssl/ossl_typ.h"
+#include "../include/openssl/pem.h"
+#include "../include/openssl/pkcs12.h"
+#include "../include/openssl/pkcs7.h"
+#include "../include/openssl/pkcs8.h"
+#include "../include/openssl/poly1305.h"
+#include "../include/openssl/pool.h"
+#include "../include/openssl/rand.h"
+#include "../include/openssl/rc4.h"
+#include "../include/openssl/ripemd.h"
+#include "../include/openssl/rsa.h"
+#include "../include/openssl/safestack.h"
+#include "../include/openssl/sha.h"
+#include "../include/openssl/siphash.h"
+#include "../include/openssl/span.h"
+#include "../include/openssl/srtp.h"
+#include "../include/openssl/ssl.h"
+#include "../include/openssl/ssl3.h"
+#include "../include/openssl/stack.h"
+#include "../include/openssl/thread.h"
+#include "../include/openssl/tls1.h"
+#include "../include/openssl/trust_token.h"
+#include "../include/openssl/type_check.h"
+#include "../include/openssl/x509.h"
+#include "../include/openssl/x509_vfy.h"
+#include "../include/openssl/x509v3.h"
+
+#include "rust_wrapper.h"
