qubip_aurora 0.11.0

A framework to build OpenSSL Providers tailored for the transition to post-quantum cryptography
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96

use super::named;
use crate::forge::{self, bindings::*, keymgmt::selection::Selection};
use crate::ProviderInstance;

#[allow(dead_code)]
#[named]
pub(crate) unsafe extern "C" fn export_forbidden(
    _keydata: *mut c_void,
    _selection: c_int,
    _param_cb: OSSL_CALLBACK,
    _cbarg: *mut c_void,
) -> c_int {
    const ERROR_RET: c_int = 0;
    const SUCCESS_RET: c_int = 1;

    trace!(target: log_target!(), "{}", "Called!");
    debug!(target: log_target!(), "Key export is not allowed");
    return ERROR_RET;
}

#[named]
#[allow(dead_code)]
pub(crate) unsafe extern "C" fn export_types_ex_forbidden(
    vprovctx: *mut c_void,
    selection: c_int,
) -> *const OSSL_PARAM {
    const ERROR_RET: *const OSSL_PARAM = std::ptr::null();
    trace!(target: log_target!(), "{}", "Called!");
    let _provctx: &ProviderInstance<'_> = match vprovctx.try_into() {
        Ok(p) => p,
        Err(e) => {
            error!(target: log_target!(), "{}", e);
            return ERROR_RET;
        }
    };

    return export_types_forbidden(selection);
}

#[named]
pub(crate) unsafe extern "C" fn export_types_forbidden(selection: c_int) -> *const OSSL_PARAM {
    const ERROR_RET: *const OSSL_PARAM = std::ptr::null();
    trace!(target: log_target!(), "{}", "Called!");

    debug!(target: log_target!(), "Key export is not allowed");

    let _selection = crate::handleResult!(Selection::try_from(selection as u32));

    let ret = &forge::osslparams::EMPTY_PARAMS;
    let ret = std::ptr::from_ref(ret).cast();
    return ret;
}

macro_rules! oid_consistency_tests {
    () => {
        #[cfg(test)]
        mod oid_consistency_tests {
            use super::{OID, OID_PKCS8, SIGALG_OID};
            use std::ffi::CString;

            #[test]
            fn oids_consistent() {
                let expected_c_string = SIGALG_OID.unwrap();
                let expected = expected_c_string.to_str().unwrap();

                assert_eq!(OID.to_string(), expected);
                assert_eq!(OID_PKCS8, pkcs8::ObjectIdentifier::new_unwrap(expected));
                assert_eq!(SIGALG_OID, Some(expected_c_string)); // redundant but harmless
            }
        }
    };
}
pub(crate) use oid_consistency_tests;

#[cfg(test)]
mod tests {
    use crate::tests::common::setup;
    #[expect(unused_imports)]
    use crate::tests::common::OurError;

    #[test]
    fn test_compatibility() {
        let testctx = setup().expect("Failed to initialize test setup");
        //let provctx = testctx.provctx;
        let _ = testctx;

        use crate::forge::bindings::OSSL_FUNC_keymgmt_export_fn;
        use crate::forge::bindings::OSSL_FUNC_keymgmt_export_types_ex_fn;
        use crate::forge::bindings::OSSL_FUNC_keymgmt_export_types_fn;

        let _export: OSSL_FUNC_keymgmt_export_fn = Some(super::export_forbidden);
        let _export_types: OSSL_FUNC_keymgmt_export_types_fn = Some(super::export_types_forbidden);
        let _export_types_ex: OSSL_FUNC_keymgmt_export_types_ex_fn =
            Some(super::export_types_ex_forbidden);
    }
}