aws-lc-fips-sys update and regenerate (#239)

aws-lc-fips-sys/Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 name = "aws-lc-fips-sys"
 description = "AWS-LC is a general-purpose cryptographic library maintained by the AWS Cryptography team for AWS and their customers. This is the FIPS validated version of AWS-LC."
-version = "0.10.1"
+version = "0.11.0"
 authors = ["AWS-LC"]
 edition = "2021"
 repository = "https://github.com/aws/aws-lc-rs"

aws-lc-fips-sys/builder/bindgen.rs

@@ -34,31 +34,37 @@ impl ParseCallbacks for StripPrefixCallback {
     }
 }
 
-fn prepare_clang_args(manifest_dir: &Path, build_prefix: Option<&str>) -> Vec<String> {
-    let mut clang_args: Vec<String> = vec![
-        "-I".to_string(),
+fn add_header_include_path(args: &mut Vec<String>, path: String) {
+    args.push("-I".to_string());
+    args.push(path);
+}
+
+fn prepare_clang_args(manifest_dir: &Path) -> Vec<String> {
+    let mut clang_args: Vec<String> = Vec::new();
+
+    add_header_include_path(
+        &mut clang_args,
         get_rust_include_path(manifest_dir).display().to_string(),
-        "-I".to_string(),
+    );
+
+    add_header_include_path(
+        &mut clang_args,
+        get_generated_include_path(manifest_dir)
+            .display()
+            .to_string(),
+    );
+
+    add_header_include_path(
+        &mut clang_args,
         get_aws_lc_include_path(manifest_dir).display().to_string(),
-    ];
+    );
 
     if let Some(include_paths) = get_aws_lc_fips_sys_includes_path() {
         for path in include_paths {
-            clang_args.push("-I".to_string());
-            clang_args.push(path.display().to_string());
+            add_header_include_path(&mut clang_args, path.display().to_string());
         }
     }
 
-    if let Some(prefix) = build_prefix {
-        clang_args.push(format!("-DBORINGSSL_PREFIX={prefix}"));
-        clang_args.push("-I".to_string());
-        clang_args.push(
-            get_generated_include_path(manifest_dir)
-                .display()
-                .to_string(),
-        );
-    }
-
     clang_args
 }
 
@@ -90,13 +96,13 @@ const PRELUDE: &str = r"
 
 #[derive(Default)]
 pub(crate) struct BindingOptions<'a> {
-    pub build_prefix: Option<&'a str>,
+    pub build_prefix: &'a str,
     pub include_ssl: bool,
     pub disable_prelude: bool,
 }
 
 fn prepare_bindings_builder(manifest_dir: &Path, options: &BindingOptions<'_>) -> bindgen::Builder {
-    let clang_args = prepare_clang_args(manifest_dir, options.build_prefix);
+    let clang_args = prepare_clang_args(manifest_dir);
 
     let mut builder = bindgen::Builder::default()
         .derive_copy(true)
@@ -130,9 +136,7 @@ fn prepare_bindings_builder(manifest_dir: &Path, options: &BindingOptions<'_>) -
         builder = builder.clang_arg("-DAWS_LC_RUST_INCLUDE_SSL");
     }
 
-    if let Some(ps) = &options.build_prefix {
-        builder = builder.parse_callbacks(Box::new(StripPrefixCallback::new(ps)));
-    }
+    builder = builder.parse_callbacks(Box::new(StripPrefixCallback::new(options.build_prefix)));
 
     builder
 }

aws-lc-fips-sys/builder/main.rs

@@ -153,7 +153,7 @@ fn get_cmake_config(manifest_dir: &PathBuf) -> cmake::Config {
     cmake::Config::new(manifest_dir)
 }
 
-fn prepare_cmake_build(manifest_dir: &PathBuf, build_prefix: Option<&str>) -> cmake::Config {
+fn prepare_cmake_build(manifest_dir: &PathBuf, build_prefix: String) -> cmake::Config {
     let mut cmake_cfg = get_cmake_config(manifest_dir);
 
     if OutputLibType::default() == OutputLibType::Dynamic {
@@ -171,14 +171,12 @@ fn prepare_cmake_build(manifest_dir: &PathBuf, build_prefix: Option<&str>) -> cm
         }
     }
 
-    if let Some(symbol_prefix) = build_prefix {
-        cmake_cfg.define("BORINGSSL_PREFIX", symbol_prefix);
-        let include_path = manifest_dir.join("generated-include");
-        cmake_cfg.define(
-            "BORINGSSL_PREFIX_HEADERS",
-            include_path.display().to_string(),
-        );
-    }
+    cmake_cfg.define("BORINGSSL_PREFIX", build_prefix);
+    let include_path = manifest_dir.join("generated-include");
+    cmake_cfg.define(
+        "BORINGSSL_PREFIX_HEADERS",
+        include_path.display().to_string(),
+    );
 
     // Build flags that minimize our crate size.
     cmake_cfg.define("BUILD_TESTING", "OFF");
@@ -201,7 +199,7 @@ fn prepare_cmake_build(manifest_dir: &PathBuf, build_prefix: Option<&str>) -> cm
 }
 
 fn build_rust_wrapper(manifest_dir: &PathBuf) -> PathBuf {
-    prepare_cmake_build(manifest_dir, Some(&prefix_string()))
+    prepare_cmake_build(manifest_dir, prefix_string())
         .configure_arg("--no-warn-unused-cli")
         .build()
 }
@@ -215,7 +213,7 @@ fn build_rust_wrapper(manifest_dir: &PathBuf) -> PathBuf {
 ))]
 fn generate_bindings(manifest_dir: &Path, prefix: &str, bindings_path: &PathBuf) {
     let options = bindgen::BindingOptions {
-        build_prefix: Some(prefix),
+        build_prefix: prefix,
         include_ssl: cfg!(feature = "ssl"),
         disable_prelude: true,
     };
@@ -232,7 +230,7 @@ fn generate_src_bindings(manifest_dir: &Path, prefix: &str, src_bindings_path: &
     bindgen::generate_bindings(
         manifest_dir,
         &bindgen::BindingOptions {
-            build_prefix: Some(prefix),
+            build_prefix: prefix,
             include_ssl: false,
             ..Default::default()
         },
@@ -243,7 +241,7 @@ fn generate_src_bindings(manifest_dir: &Path, prefix: &str, src_bindings_path: &
     bindgen::generate_bindings(
         manifest_dir,
         &bindgen::BindingOptions {
-            build_prefix: Some(prefix),
+            build_prefix: prefix,
             include_ssl: true,
             ..Default::default()
         },

aws-lc-fips-sys/generated-include/boringssl_prefix_symbols.h → aws-lc-fips-sys/generated-include/openssl/boringssl_prefix_symbols.h

@@ -12,6 +12,10 @@
 // OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
 // CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
+#ifndef BORINGSSL_PREFIX
+#define BORINGSSL_PREFIX aws_lc_fips_0_11_0
+#endif
+
 // BORINGSSL_ADD_PREFIX pastes two identifiers into one. It performs one
 // iteration of macro expansion on its arguments before pasting.
 #define BORINGSSL_ADD_PREFIX(a, b) BORINGSSL_ADD_PREFIX_INNER(a, b)
@@ -498,6 +502,11 @@
 #define CAST_S_table5 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CAST_S_table5)
 #define CAST_S_table6 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CAST_S_table6)
 #define CAST_S_table7 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CAST_S_table7)
+#define CAST_cbc_encrypt BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CAST_cbc_encrypt)
+#define CAST_decrypt BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CAST_decrypt)
+#define CAST_ecb_encrypt BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CAST_ecb_encrypt)
+#define CAST_encrypt BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CAST_encrypt)
+#define CAST_set_key BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CAST_set_key)
 #define CBB_add_asn1 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CBB_add_asn1)
 #define CBB_add_asn1_bool BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CBB_add_asn1_bool)
 #define CBB_add_asn1_int64 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CBB_add_asn1_int64)
@@ -653,6 +662,7 @@
 #define CRYPTO_get_fork_generation BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CRYPTO_get_fork_generation)
 #define CRYPTO_get_lock_name BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CRYPTO_get_lock_name)
 #define CRYPTO_get_locking_callback BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CRYPTO_get_locking_callback)
+#define CRYPTO_get_seed_entropy BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CRYPTO_get_seed_entropy)
 #define CRYPTO_get_thread_local BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CRYPTO_get_thread_local)
 #define CRYPTO_ghash_init BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CRYPTO_ghash_init)
 #define CRYPTO_has_asm BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, CRYPTO_has_asm)
@@ -1289,6 +1299,8 @@
 #define EVP_bf_cfb BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, EVP_bf_cfb)
 #define EVP_bf_ecb BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, EVP_bf_ecb)
 #define EVP_blake2b256 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, EVP_blake2b256)
+#define EVP_cast5_cbc BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, EVP_cast5_cbc)
+#define EVP_cast5_ecb BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, EVP_cast5_ecb)
 #define EVP_cleanup BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, EVP_cleanup)
 #define EVP_des_cbc BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, EVP_des_cbc)
 #define EVP_des_ecb BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, EVP_des_ecb)
@@ -1717,7 +1729,9 @@
 #define RAND_file_name BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RAND_file_name)
 #define RAND_get_rand_method BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RAND_get_rand_method)
 #define RAND_get_system_entropy_for_custom_prng BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RAND_get_system_entropy_for_custom_prng)
+#define RAND_load_entropy BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RAND_load_entropy)
 #define RAND_load_file BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RAND_load_file)
+#define RAND_module_entropy_depleted BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RAND_module_entropy_depleted)
 #define RAND_poll BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RAND_poll)
 #define RAND_pseudo_bytes BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RAND_pseudo_bytes)
 #define RAND_seed BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, RAND_seed)
@@ -3063,7 +3077,9 @@
 #define aes256gcmsiv_kdf BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aes256gcmsiv_kdf)
 #define aes_ctr_set_key BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aes_ctr_set_key)
 #define aes_gcm_dec_kernel BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aes_gcm_dec_kernel)
+#define aes_gcm_decrypt_avx512 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aes_gcm_decrypt_avx512)
 #define aes_gcm_enc_kernel BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aes_gcm_enc_kernel)
+#define aes_gcm_encrypt_avx512 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aes_gcm_encrypt_avx512)
 #define aes_hw_cbc_encrypt BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aes_hw_cbc_encrypt)
 #define aes_hw_ctr32_encrypt_blocks BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aes_hw_ctr32_encrypt_blocks)
 #define aes_hw_decrypt BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aes_hw_decrypt)
@@ -3088,6 +3104,12 @@
 #define aesni_cbc_sha256_enc BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aesni_cbc_sha256_enc)
 #define aesni_gcm_decrypt BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aesni_gcm_decrypt)
 #define aesni_gcm_encrypt BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aesni_gcm_encrypt)
+#define aesv8_gcm_8x_dec_128 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aesv8_gcm_8x_dec_128)
+#define aesv8_gcm_8x_dec_192 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aesv8_gcm_8x_dec_192)
+#define aesv8_gcm_8x_dec_256 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aesv8_gcm_8x_dec_256)
+#define aesv8_gcm_8x_enc_128 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aesv8_gcm_8x_enc_128)
+#define aesv8_gcm_8x_enc_192 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aesv8_gcm_8x_enc_192)
+#define aesv8_gcm_8x_enc_256 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, aesv8_gcm_8x_enc_256)
 #define asn1_bit_string_length BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, asn1_bit_string_length)
 #define asn1_do_adb BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, asn1_do_adb)
 #define asn1_enc_free BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, asn1_enc_free)
@@ -3203,6 +3225,7 @@
 #define cbs_get_utf8 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, cbs_get_utf8)
 #define chacha20_poly1305_open BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, chacha20_poly1305_open)
 #define chacha20_poly1305_seal BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, chacha20_poly1305_seal)
+#define crypto_gcm_avx512_enabled BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, crypto_gcm_avx512_enabled)
 #define crypto_gcm_clmul_enabled BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, crypto_gcm_clmul_enabled)
 #define d2i_ACCESS_DESCRIPTION BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, d2i_ACCESS_DESCRIPTION)
 #define d2i_ASN1_BIT_STRING BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, d2i_ASN1_BIT_STRING)
@@ -3445,23 +3468,27 @@
 #define ed25519_asn1_meth BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ed25519_asn1_meth)
 #define ed25519_pkey_meth BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, ed25519_pkey_meth)
 #define gcm_ghash_avx BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_ghash_avx)
+#define gcm_ghash_avx512 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_ghash_avx512)
 #define gcm_ghash_clmul BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_ghash_clmul)
 #define gcm_ghash_neon BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_ghash_neon)
 #define gcm_ghash_nohw BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_ghash_nohw)
 #define gcm_ghash_ssse3 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_ghash_ssse3)
 #define gcm_ghash_v8 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_ghash_v8)
 #define gcm_gmult_avx BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_gmult_avx)
+#define gcm_gmult_avx512 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_gmult_avx512)
 #define gcm_gmult_clmul BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_gmult_clmul)
 #define gcm_gmult_neon BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_gmult_neon)
 #define gcm_gmult_nohw BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_gmult_nohw)
 #define gcm_gmult_ssse3 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_gmult_ssse3)
 #define gcm_gmult_v8 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_gmult_v8)
 #define gcm_init_avx BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_init_avx)
+#define gcm_init_avx512 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_init_avx512)
 #define gcm_init_clmul BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_init_clmul)
 #define gcm_init_neon BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_init_neon)
 #define gcm_init_nohw BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_init_nohw)
 #define gcm_init_ssse3 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_init_ssse3)
 #define gcm_init_v8 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_init_v8)
+#define gcm_setiv_avx512 BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, gcm_setiv_avx512)
 #define i2a_ACCESS_DESCRIPTION BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, i2a_ACCESS_DESCRIPTION)
 #define i2a_ASN1_ENUMERATED BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, i2a_ASN1_ENUMERATED)
 #define i2a_ASN1_INTEGER BORINGSSL_ADD_PREFIX(BORINGSSL_PREFIX, i2a_ASN1_INTEGER)