Skip to main content

boring_sys/
lib.rs

1#![allow(
2    clippy::missing_safety_doc,
3    clippy::redundant_static_lifetimes,
4    clippy::too_many_arguments,
5    clippy::unreadable_literal,
6    clippy::upper_case_acronyms,
7    improper_ctypes,
8    non_camel_case_types,
9    non_snake_case,
10    non_upper_case_globals,
11    unused_imports
12)]
13
14use std::convert::TryInto;
15use std::ffi::c_void;
16use std::os::raw::{c_char, c_int, c_uint, c_ulong};
17
18#[allow(
19    clippy::useless_transmute,
20    clippy::derive_partial_eq_without_eq,
21    clippy::ptr_offset_with_cast,
22    dead_code
23)]
24mod generated {
25    include!(concat!(env!("OUT_DIR"), "/bindings.rs"));
26}
27
28// explicitly require presence of some symbols to check if the bindings worked
29pub use generated::{ssl_compliance_policy_t, ERR_add_error_data, SSL_set1_groups}; // if these are missing, your include path is incorrect or has a wrong version of boringssl
30pub use generated::{BIO_new, OPENSSL_free, SSL_ERROR_NONE}; // if these are missing, your include path is incorrect
31#[cfg(feature = "fips")]
32pub use generated::{FIPS_mode, SSL_CTX_set_compliance_policy}; // your include path is incorrect or has a version of boringssl without FIPS support
33#[cfg(feature = "mlkem")]
34pub use generated::{MLKEM768_encap, MLKEM768_private_key_from_seed}; // your include path is incorrect or has a version of boringssl without mlkem support
35#[cfg(feature = "rpk")]
36pub use generated::{SSL_CREDENTIAL_new_raw_public_key, SSL_CREDENTIAL_set1_spki}; // your include path is incorrect or has a version of boringssl without rpk support
37
38pub use generated::*;
39
40#[cfg(target_pointer_width = "64")]
41pub type BN_ULONG = u64;
42#[cfg(target_pointer_width = "32")]
43pub type BN_ULONG = u32;
44
45#[must_use]
46pub const fn ERR_PACK(l: c_int, f: c_int, r: c_int) -> c_ulong {
47    ((l as c_ulong & 0x0FF) << 24) | ((f as c_ulong & 0xFFF) << 12) | (r as c_ulong & 0xFFF)
48}
49
50#[must_use]
51pub const fn ERR_GET_LIB(l: c_uint) -> c_int {
52    ((l >> 24) & 0x0FF) as c_int
53}
54
55#[must_use]
56pub const fn ERR_GET_FUNC(l: c_uint) -> c_int {
57    ((l >> 12) & 0xFFF) as c_int
58}
59
60#[must_use]
61pub const fn ERR_GET_REASON(l: c_uint) -> c_int {
62    (l & 0xFFF) as c_int
63}
64
65pub fn init() {
66    unsafe {
67        CRYPTO_library_init();
68    }
69}
70
71pub mod internal {
72    use super::EVP_MD;
73    use std::os::raw::c_int;
74
75    extern "C" {
76        /// Calculates `out_len` bytes of the TLS 1.2 PRF using `digest` and writes
77        /// them to `out`.
78        ///
79        /// This symbol is exported by BoringSSL, but it is declared in an internal
80        /// header (`crypto/fipsmodule/tls/internal.h`) and is therefore not present
81        /// in generated bindgen output.
82        pub fn CRYPTO_tls1_prf(
83            digest: *const EVP_MD,
84            out: *mut u8,
85            out_len: usize,
86            secret: *const u8,
87            secret_len: usize,
88            label: *const u8,
89            label_len: usize,
90            seed1: *const u8,
91            seed1_len: usize,
92            seed2: *const u8,
93            seed2_len: usize,
94        ) -> c_int;
95    }
96}