Skip to main content

native_ossl_sys/
lib.rs

1#![allow(
2    non_upper_case_globals,
3    non_camel_case_types,
4    non_snake_case,
5    dead_code,
6    clippy::pedantic,
7    clippy::restriction,
8    clippy::all,
9)]
10
11include!(concat!(env!("OUT_DIR"), "/ossl_bindings.rs"));
12
13/// Non-public OpenSSL internals required to implement a FIPS provider.
14///
15/// Only available with the `fips-provider` cargo feature.  The types here
16/// give direct access to the `EVP_SIGNATURE` vtable struct and the `evp_pkey_st`
17/// internals needed to invoke signature function pointers without going through
18/// the high-level `EVP_DigestSign*` API (which is unavailable inside a FIPS
19/// provider due to circular provider dependencies).
20#[cfg(feature = "fips-provider")]
21pub mod fips_internal {
22    #![allow(
23        non_upper_case_globals,
24        non_camel_case_types,
25        non_snake_case,
26        dead_code,
27        clippy::all,
28    )]
29    include!(concat!(env!("OUT_DIR"), "/fips_bindings.rs"));
30    include!(concat!(env!("OUT_DIR"), "/keydata_offset.rs"));
31}
32
33#[cfg(test)]
34mod tests {
35    use super::*;
36
37    /// Smoke-test: confirm that key opaque types are bound and reachable.
38    #[test]
39    fn opaque_type_sizes_are_nonzero() {
40        // Opaque structs are represented as zero-sized types in bindgen output,
41        // but the pointer sizes must be word-sized on this platform.
42        assert_eq!(std::mem::size_of::<*mut EVP_MD>(), std::mem::size_of::<usize>());
43        assert_eq!(std::mem::size_of::<*mut EVP_MD_CTX>(), std::mem::size_of::<usize>());
44        assert_eq!(std::mem::size_of::<*mut EVP_CIPHER>(), std::mem::size_of::<usize>());
45        assert_eq!(std::mem::size_of::<*mut EVP_CIPHER_CTX>(), std::mem::size_of::<usize>());
46        assert_eq!(std::mem::size_of::<*mut EVP_MAC>(), std::mem::size_of::<usize>());
47        assert_eq!(std::mem::size_of::<*mut EVP_MAC_CTX>(), std::mem::size_of::<usize>());
48        assert_eq!(std::mem::size_of::<*mut EVP_PKEY>(), std::mem::size_of::<usize>());
49        assert_eq!(std::mem::size_of::<*mut EVP_PKEY_CTX>(), std::mem::size_of::<usize>());
50        assert_eq!(std::mem::size_of::<*mut X509>(), std::mem::size_of::<usize>());
51        assert_eq!(std::mem::size_of::<*mut SSL_CTX>(), std::mem::size_of::<usize>());
52        assert_eq!(std::mem::size_of::<*mut SSL>(), std::mem::size_of::<usize>());
53    }
54
55    /// Confirm that OPENSSL_VERSION_NUMBER is >= 3.5.0 (enforced by build.rs too,
56    /// but this makes the requirement visible at test time).
57    #[test]
58    fn openssl_version_at_least_3_5_0() {
59        // OPENSSL_VERSION_NUMBER is included via the bindings.
60        // 3.5.0 = 0x3050_0000
61        assert!(OPENSSL_VERSION_NUMBER >= 0x3050_0000);
62    }
63}