qubip_aurora 0.11.0

A framework to build OpenSSL Providers tailored for the transition to post-quantum cryptography
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117

use crate as aurora;
use crate::adapters::ObjSigId;

use super::common::macros;
use aurora::adapters::AdapterContextTrait;
use aurora::bindings;
use aurora::forge;
use aurora::traits::*;
use aurora::ProviderInstance;
use aurora::{handleResult, named};
use bindings::{CONST_OSSL_PARAM, OSSL_OP_DECODER, OSSL_OP_ENCODER, OSSL_OP_KEYMGMT};
use macros::{algorithm_to_register, decoder_to_register, encoder_to_register};
use openssl_provider_forge::bindings::OSSL_OP_SIGNATURE;
use std::ffi::CStr;

pub(crate) type OurError = aurora::Error;

const PROPERTY_DEFINITION: &CStr =
    concat_cstr!(super::PROPERTY_DEFINITION, c",aurora.adapter=slhdsa_c");

#[allow(non_snake_case)]
pub(crate) mod SLHDSASHAKE192f;
#[allow(non_snake_case)]
pub(crate) mod SLHDSASHAKE256s;

#[derive(Debug)]
struct SlhdsaCAdapter;

impl AdapterContextTrait for SlhdsaCAdapter {
    #[named]
    fn register_algorithms(&self, handle: &mut super::AdaptersHandle) -> Result<(), aurora::Error> {
        trace!(target: log_target!(), "{}", "Called!");

        let signature_algorithms = Box::new([
            algorithm_to_register!(SLHDSASHAKE192f, SIG_FUNCTIONS),
            algorithm_to_register!(SLHDSASHAKE256s, SIG_FUNCTIONS),
        ]);
        // ownership transfers to the iterator which is transferred to the handle
        handle.register_algorithms(OSSL_OP_SIGNATURE, signature_algorithms.into_iter())?;

        let keymgmt_algorithms = Box::new([
            algorithm_to_register!(SLHDSASHAKE192f, KMGMT_FUNCTIONS),
            algorithm_to_register!(SLHDSASHAKE256s, KMGMT_FUNCTIONS),
        ]);
        // ownership transfers to the iterator which is transferred to the handle
        handle.register_algorithms(OSSL_OP_KEYMGMT, keymgmt_algorithms.into_iter())?;

        // FIXME: probably this should be a const/static
        let decoder_algorithms = Box::new([
            // SLHDSASHAKE192f
            decoder_to_register!(SLHDSASHAKE192f, DECODER_DER2SubjectPublicKeyInfo),
            decoder_to_register!(SLHDSASHAKE192f, DECODER_DER2PrivateKeyInfo),
            // SLHDSASHAKE256s
            decoder_to_register!(SLHDSASHAKE256s, DECODER_DER2SubjectPublicKeyInfo),
            decoder_to_register!(SLHDSASHAKE256s, DECODER_DER2PrivateKeyInfo),
        ]);

        handle.register_algorithms(OSSL_OP_DECODER, decoder_algorithms.into_iter())?;

        let encoder_algorithms = Box::new([
            // SLHDSASHAKE192f
            encoder_to_register!(SLHDSASHAKE192f, ENCODER_PrivateKeyInfo2DER),
            encoder_to_register!(SLHDSASHAKE192f, ENCODER_PrivateKeyInfo2PEM),
            encoder_to_register!(SLHDSASHAKE192f, ENCODER_SubjectPublicKeyInfo2DER),
            encoder_to_register!(SLHDSASHAKE192f, ENCODER_SubjectPublicKeyInfo2PEM),
            // SLHDSASHAKE256s
            encoder_to_register!(SLHDSASHAKE256s, ENCODER_PrivateKeyInfo2DER),
            encoder_to_register!(SLHDSASHAKE256s, ENCODER_PrivateKeyInfo2PEM),
            encoder_to_register!(SLHDSASHAKE256s, ENCODER_SubjectPublicKeyInfo2DER),
            encoder_to_register!(SLHDSASHAKE256s, ENCODER_SubjectPublicKeyInfo2PEM),
        ]);

        handle.register_algorithms(OSSL_OP_ENCODER, encoder_algorithms.into_iter())?;

        Ok(())
    }

    #[named]
    fn register_capabilities(
        &self,
        handle: &mut super::AdaptersHandle,
    ) -> Result<(), aurora::Error> {
        trace!(target: log_target!(), "{}", "Called!");

        let tls_sigalgs = [
            SLHDSASHAKE192f::capabilities::tls_sigalg::OSSL_PARAM_ARRAY,
            SLHDSASHAKE256s::capabilities::tls_sigalg::OSSL_PARAM_ARRAY,
        ];
        for a in tls_sigalgs {
            let first: &bindings::OSSL_PARAM = a.first().unwrap_or(&CONST_OSSL_PARAM::END);
            let ptr: *const bindings::OSSL_PARAM = std::ptr::from_ref(first);
            handle.register_capability(c"TLS-SIGALG", ptr)?;
        }
        Ok(())
    }

    #[named]
    fn register_obj_sigids(&self, handle: &mut super::AdaptersHandle) -> Result<(), aurora::Error> {
        trace!(target: log_target!(), "{}", "Called!");

        let obj_sigids = vec![SLHDSASHAKE192f::OBJ_SIGID, SLHDSASHAKE256s::OBJ_SIGID];

        for obj_sigid in obj_sigids {
            handle.register_obj_sigid(obj_sigid)?;
        }

        Ok(())
    }
}

#[named]
pub fn init(handle: &mut super::AdaptersHandle) -> Result<(), OurError> {
    trace!(target: log_target!(), "{}", "Called!");
    let ourctx = SlhdsaCAdapter {};
    handle.register_adapter(ourctx);
    Ok(())
}