Setup a NULL provider

Signed-off-by: Gowtham Suresh Kumar <[email protected]> # libparsec_openssl_provider_shared # name: Parsec OpenSSL Provider # version: 0.1.0 # status: active
parallaxsecond · Jan 8, 2024 · 031fc50 · 031fc50
1 parent da1917d
commit 031fc50
Show file tree

Hide file tree

Showing 12 changed files with 364 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,5 @@
+/target
+Cargo.lock
+.vscode
+*/Cargo.lock
+*/target
diff --git a/ci.sh b/ci.sh
@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+# Copyright 2023 Contributors to the Parsec project.
+# SPDX-License-Identifier: Apache-2.0
+
+set -ex
+
+openssl version
+openssl list -providers -provider-path ./parsec-openssl-provider-shared/target/debug/ -provider libparsec_openssl_provider_shared
diff --git a/openssl-sys2/Cargo.toml b/openssl-sys2/Cargo.toml
@@ -0,0 +1,7 @@
+[package]
+name = "openssl-sys2"
+version = "0.1.0"
+license = "Apache-2.0"
+authors = ["Parsec maintainers"]
+edition = "2021"
+
diff --git a/openssl-sys2/src/lib.rs b/openssl-sys2/src/lib.rs
@@ -0,0 +1,7 @@
+// Copyright 2023 Contributors to the Parsec project.
+// SPDX-License-Identifier: Apache-2.0
+
+#![allow(non_camel_case_types)]
+
+mod types;
+pub use types::*;
diff --git a/openssl-sys2/src/types.rs b/openssl-sys2/src/types.rs
@@ -0,0 +1,73 @@
+// Copyright 2023 Contributors to the Parsec project.
+// SPDX-License-Identifier: Apache-2.0
+
+pub const OSSL_PROV_PARAM_NAME: &[u8; 5] = b"name\0";
+pub const OSSL_PROV_PARAM_VERSION: &[u8; 8] = b"version\0";
+pub const OSSL_PROV_PARAM_BUILDINFO: &[u8; 10] = b"buildinfo\0";
+pub const OSSL_PROV_PARAM_STATUS: &[u8; 7] = b"status\0";
+pub const OSSL_PARAM_UTF8_PTR: u32 = 6;
+pub const OSSL_PARAM_INTEGER: u32 = 1;
+
+pub const OSSL_FUNC_PROVIDER_TEARDOWN: i32 = 1024;
+pub const OSSL_FUNC_PROVIDER_GETTABLE_PARAMS: i32 = 1025;
+pub const OSSL_FUNC_PROVIDER_GET_PARAMS: i32 = 1026;
+pub const OSSL_FUNC_PROVIDER_QUERY_OPERATION: i32 = 1027;
+pub const OSSL_FUNC_PROVIDER_UNQUERY_OPERATION: i32 = 1028;
+pub const OSSL_FUNC_PROVIDER_GET_REASON_STRINGS: i32 = 1029;
+pub const OSSL_FUNC_PROVIDER_GET_CAPABILITIES: i32 = 1030;
+
+#[repr(C)]
+#[derive(Debug, Copy, Clone)]
+pub struct ossl_core_handle_st {
+    _unused: [u8; 0],
+}
+pub type OSSL_CORE_HANDLE = ossl_core_handle_st;
+
+#[repr(C)]
+#[derive(Debug, Copy, Clone)]
+pub struct ossl_dispatch_st {
+    pub function_id: ::std::os::raw::c_int,
+    pub function: ::std::option::Option<fn()>,
+}
+
+pub type OSSL_DISPATCH = ossl_dispatch_st;
+
+#[repr(C)]
+#[derive(Debug, Copy, Clone)]
+pub struct ossl_param_st {
+    pub key: *const ::std::os::raw::c_char,
+    pub data_type: ::std::os::raw::c_uint,
+    pub data: *mut ::std::os::raw::c_void,
+    pub data_size: usize,
+    pub return_size: usize,
+}
+
+pub type OSSL_PARAM = ossl_param_st;
+
+#[repr(C)]
+#[derive(Debug, Copy, Clone)]
+pub struct ossl_algorithm_st {
+    pub algorithm_names: *const ::std::os::raw::c_char,
+    pub property_definition: *const ::std::os::raw::c_char,
+    pub implementation: *const OSSL_DISPATCH,
+    pub algorithm_description: *const ::std::os::raw::c_char,
+}
+
+pub type OSSL_ALGORITHM = ossl_algorithm_st;
+
+extern "C" {
+    pub fn OSSL_PARAM_locate(
+        p: *mut OSSL_PARAM,
+        key: *const ::std::os::raw::c_char,
+    ) -> *mut OSSL_PARAM;
+
+    pub fn OSSL_PARAM_set_utf8_ptr(
+        p: *mut OSSL_PARAM,
+        val: *const ::std::os::raw::c_char,
+    ) -> ::std::os::raw::c_int;
+
+    pub fn OSSL_PARAM_set_int(
+        p: *mut OSSL_PARAM,
+        val: ::std::os::raw::c_int,
+    ) -> ::std::os::raw::c_int;
+}
diff --git a/openssl2/Cargo.toml b/openssl2/Cargo.toml
@@ -0,0 +1,6 @@
+[package]
+name = "openssl2"
+version = "0.1.0"
+license = "Apache-2.0"
+authors = ["Parsec maintainers"]
+edition = "2021"
diff --git a/openssl2/src/lib.rs b/openssl2/src/lib.rs
@@ -0,0 +1,10 @@
+// Copyright 2023 Contributors to the Parsec project.
+// SPDX-License-Identifier: Apache-2.0
+
+pub fn openssl_returns_0(result: std::os::raw::c_int) -> bool {
+    if result == 0 {
+        true
+    } else {
+        false
+    }
+}
diff --git a/parsec-openssl-provider-shared/Cargo.toml b/parsec-openssl-provider-shared/Cargo.toml
@@ -0,0 +1,20 @@
+[package]
+name = "parsec-openssl-provider-shared"
+version = "0.1.0"
+authors = ["Parsec Project Contributors"]
+description = "A parsec openssl provider dynamic library"
+license = "Apache-2.0"
+readme = "README.md"
+keywords = ["security", "service"]
+categories = ["cryptography", "hardware-support"]
+edition = "2021"
+
+[lib]
+crate-type = ["cdylib"]
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+openssl-sys = "0.9.98"
+openssl-sys2 = { path = "../openssl-sys2" }
+parsec-openssl-provider = { path ="../parsec-openssl-provider" }
diff --git a/parsec-openssl-provider-shared/src/lib.rs b/parsec-openssl-provider-shared/src/lib.rs
@@ -0,0 +1,17 @@
+// Copyright 2023 Contributors to the Parsec project.
+// SPDX-License-Identifier: Apache-2.0
+
+use parsec_openssl_provider;
+
+#[allow(non_upper_case_globals)]
+#[allow(non_snake_case)]
+#[allow(dead_code)]
+#[no_mangle]
+extern "C" fn OSSL_provider_init(
+    handle: *const openssl_sys2::OSSL_CORE_HANDLE,
+    in_: *const openssl_sys2::OSSL_DISPATCH,
+    out: *mut *const openssl_sys2::OSSL_DISPATCH,
+    provctx: *mut *mut std::os::raw::c_void,
+) -> ::std::os::raw::c_int {
+    parsec_openssl_provider::parsec_provider_provider_init(handle, in_, out, provctx)
+}
diff --git a/parsec-openssl-provider/Cargo.toml b/parsec-openssl-provider/Cargo.toml
@@ -0,0 +1,15 @@
+[package]
+name = "parsec-openssl-provider"
+version = "0.1.0"
+authors = ["Parsec Project Contributors"]
+description = "A parsec openssl provider static library"
+license = "Apache-2.0"
+readme = "README.md"
+keywords = ["security", "service"]
+categories = ["cryptography", "hardware-support"]
+edition = "2021"
+
+[dependencies]
+openssl-sys = "0.9.98"
+openssl-sys2 = { path = "../openssl-sys2" }
+openssl2 = { path = "../openssl2" }
diff --git a/parsec-openssl-provider/src/lib.rs b/parsec-openssl-provider/src/lib.rs
@@ -0,0 +1,161 @@
+// Copyright 2023 Contributors to the Parsec project.
+// SPDX-License-Identifier: Apache-2.0
+
+use std::mem;
+
+#[allow(non_upper_case_globals)]
+
+const parsec_provider_param_types: [openssl_sys2::OSSL_PARAM; 5] = [
+    openssl_sys2::OSSL_PARAM {
+        key: openssl_sys2::OSSL_PROV_PARAM_NAME.as_ptr() as *const std::os::raw::c_char,
+        data_type: openssl_sys2::OSSL_PARAM_UTF8_PTR,
+        data: std::ptr::null_mut(),
+        data_size: 0,
+        return_size: usize::MAX,
+    },
+    openssl_sys2::OSSL_PARAM {
+        key: openssl_sys2::OSSL_PROV_PARAM_VERSION.as_ptr() as *const std::os::raw::c_char,
+        data_type: openssl_sys2::OSSL_PARAM_UTF8_PTR,
+        data: std::ptr::null_mut(),
+        data_size: 0,
+        return_size: usize::MAX,
+    },
+    openssl_sys2::OSSL_PARAM {
+        key: openssl_sys2::OSSL_PROV_PARAM_BUILDINFO.as_ptr() as *const std::os::raw::c_char,
+        data_type: openssl_sys2::OSSL_PARAM_UTF8_PTR,
+        data: std::ptr::null_mut(),
+        data_size: 0,
+        return_size: usize::MAX,
+    },
+    openssl_sys2::OSSL_PARAM {
+        key: openssl_sys2::OSSL_PROV_PARAM_STATUS.as_ptr() as *const std::os::raw::c_char,
+        data_type: openssl_sys2::OSSL_PARAM_INTEGER,
+        data: std::ptr::null_mut(),
+        data_size: 0,
+        return_size: usize::MAX,
+    },
+    openssl_sys2::OSSL_PARAM {
+        key: std::ptr::null_mut(),
+        data_type: 0,
+        data: std::ptr::null_mut(),
+        data_size: 0,
+        return_size: 0,
+    },
+];
+
+unsafe extern "C" fn parsec_provider_gettable_params(
+    _provider: *const openssl_sys::OSSL_PROVIDER,
+) -> *const openssl_sys2::OSSL_PARAM {
+    parsec_provider_param_types.as_ptr()
+}
+
+pub const PARSEC_PROVIDER_NAME: &[u8; 24] = b"Parsec OpenSSL Provider\0";
+pub const PARSEC_PROVIDER_VERSION: &[u8; 6] = b"0.1.0\0";
+
+unsafe extern "C" fn parsec_provider_get_params(
+    _provctx: *const openssl_sys::OSSL_PROVIDER,
+    params: *mut openssl_sys2::OSSL_PARAM,
+) -> ::std::os::raw::c_int {
+    let mut ptr: *mut openssl_sys2::OSSL_PARAM;
+
+    ptr = openssl_sys2::OSSL_PARAM_locate(
+        params,
+        openssl_sys2::OSSL_PROV_PARAM_NAME.as_ptr() as *const std::os::raw::c_char,
+    );
+    if !ptr.is_null()
+        && openssl2::openssl_returns_0(openssl_sys2::OSSL_PARAM_set_utf8_ptr(
+            ptr,
+            PARSEC_PROVIDER_NAME.as_ptr() as *const std::os::raw::c_char,
+        ))
+    {
+        return 0;
+    }
+
+    ptr = openssl_sys2::OSSL_PARAM_locate(
+        params,
+        openssl_sys2::OSSL_PROV_PARAM_VERSION.as_ptr() as *const std::os::raw::c_char,
+    );
+    if !ptr.is_null()
+        && openssl2::openssl_returns_0(openssl_sys2::OSSL_PARAM_set_utf8_ptr(
+            ptr,
+            PARSEC_PROVIDER_VERSION.as_ptr() as *const std::os::raw::c_char,
+        ))
+    {
+        return 0;
+    }
+
+    ptr = openssl_sys2::OSSL_PARAM_locate(
+        params,
+        openssl_sys2::OSSL_PROV_PARAM_STATUS.as_ptr() as *const std::os::raw::c_char,
+    );
+    if !ptr.is_null() && openssl2::openssl_returns_0(openssl_sys2::OSSL_PARAM_set_int(ptr, 1)) {
+        return 0;
+    }
+
+    return 1;
+}
+
+unsafe extern "C" fn parsec_provider_query(
+    _prov: *mut openssl_sys::OSSL_PROVIDER,
+    _operation_id: ::std::os::raw::c_int,
+    no_cache: *mut ::std::os::raw::c_int,
+) -> *const openssl_sys2::OSSL_ALGORITHM {
+    unsafe {
+        *no_cache = 0;
+    }
+    std::ptr::null_mut()
+}
+
+pub type ProviderGettableParamsPtr =
+    unsafe extern "C" fn(*const openssl_sys::OSSL_PROVIDER) -> *const openssl_sys2::OSSL_PARAM;
+
+pub type ProviderGetParamsPtr = unsafe extern "C" fn(
+    provctx: *const openssl_sys::OSSL_PROVIDER,
+    params: *mut openssl_sys2::OSSL_PARAM,
+) -> ::std::os::raw::c_int;
+
+pub type ProviderQueryPtr = unsafe extern "C" fn(
+    prov: *mut openssl_sys::OSSL_PROVIDER,
+    operation_id: ::std::os::raw::c_int,
+    no_cache: *mut ::std::os::raw::c_int,
+) -> *const openssl_sys2::OSSL_ALGORITHM;
+
+pub fn parsec_provider_provider_init(
+    _handle: *const openssl_sys2::OSSL_CORE_HANDLE,
+    _in_: *const openssl_sys2::OSSL_DISPATCH,
+    out: *mut *const openssl_sys2::OSSL_DISPATCH,
+    provctx: *mut *mut std::os::raw::c_void,
+) -> ::std::os::raw::c_int {
+    let parsec_provider_gettable_params_ptr: ProviderGettableParamsPtr =
+        parsec_provider_gettable_params;
+
+    let parsec_provider_get_params_ptr: ProviderGetParamsPtr = parsec_provider_get_params;
+
+    let parsec_provider_query_ptr: ProviderQueryPtr = parsec_provider_query;
+
+    unsafe {
+        let parsec_provider_dispatch_table: [openssl_sys2::OSSL_DISPATCH; 4] = [
+            openssl_sys2::OSSL_DISPATCH {
+                function_id: openssl_sys2::OSSL_FUNC_PROVIDER_GETTABLE_PARAMS,
+                function: Some(mem::transmute(parsec_provider_gettable_params_ptr)),
+            },
+            openssl_sys2::OSSL_DISPATCH {
+                function_id: openssl_sys2::OSSL_FUNC_PROVIDER_GET_PARAMS,
+                function: Some(mem::transmute(parsec_provider_get_params_ptr)),
+            },
+            openssl_sys2::OSSL_DISPATCH {
+                function_id: openssl_sys2::OSSL_FUNC_PROVIDER_QUERY_OPERATION,
+                function: Some(mem::transmute(parsec_provider_query_ptr)),
+            },
+            openssl_sys2::OSSL_DISPATCH {
+                function_id: 0,
+                function: std::option::Option::None,
+            },
+        ];
+
+        *out = parsec_provider_dispatch_table.as_ptr();
+        *provctx = std::ptr::null_mut();
+    }
+
+    1
+}
diff --git a/tests/docker_image/parsec-provider-test.Dockerfile b/tests/docker_image/parsec-provider-test.Dockerfile
@@ -0,0 +1,34 @@
+# Copyright 2023 Contributors to the Parsec project.
+# SPDX-License-Identifier: Apache-2.0
+FROM ubuntu:22.04
+
+RUN apt-get update && apt-get -y upgrade
+RUN apt install -y autoconf-archive libcmocka0 libcmocka-dev procps
+RUN apt install -y iproute2 build-essential git pkg-config gcc libtool automake libssl-dev uthash-dev doxygen libjson-c-dev
+RUN apt install -y --fix-missing wget python3 cmake clang
+RUN apt install -y libini-config-dev libcurl4-openssl-dev curl libgcc1
+RUN apt install -y python3-distutils libclang-11-dev protobuf-compiler python3-pip
+RUN apt install -y libgcrypt20-dev uuid-dev
+RUN apt install -y libssl-dev git gcc openssl
+
+# Setup git config
+RUN git config --global user.email "[email protected]"
+RUN git config --global user.name "Parsec Team"
+
+WORKDIR /tmp
+
+# Install Rust toolchain for all users
+# This way of installing allows all users to call the same binaries, but non-root
+# users cannot modify the toolchains or install new ones.
+# See: https://github.com/rust-lang/rustup/issues/1085
+ENV RUSTUP_HOME /opt/rust
+ENV CARGO_HOME /opt/rust
+RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --no-modify-path
+ENV PATH="/root/.cargo/bin:/opt/rust/bin:${PATH}"
+
+# Install the wrappers for the Rust binaries installed earlier
+#COPY _exec_wrapper /usr/local/bin/
+RUN ls /opt/rust/bin | xargs -n1 -I% ln -s /usr/local/bin/_exec_wrapper /usr/local/bin/$(basename %)
+
+# For running tests Parsec is configured with the socket in /tmp/
+ENV PARSEC_SERVICE_ENDPOINT="unix:/tmp/parsec.sock"