Begin writing btls, a Haskell crypto and TLS library using BoringSSL

So far, btls provides SHA-224, SHA-256, SHA-384, and SHA-512 algorithms.
To do that, I

  - vendor BoringSSL and create a custom `Setup.hs` to build it,

  - wrap a number of functions and values from BoringSSL's EVP
    subsystem, and

  - implement the four SHA-2 algorithms using the wrapped routines.

I provide conformance tests incorporating the official NIST example
vectors and the vectors used in the Go SHA-2 test suite. The tests also
use SmallCheck to compare btls’s SHA-2 implementations with those
provided by the system’s Coreutils and openssl(1) installations.

1 files changed, 81 insertions, 0 deletions

diff --git a/Setup.hs b/Setup.hs
new file mode 100644
index 0000000..5a8d654
--- /dev/null
+++ b/Setup.hs
@@ -0,0 +1,81 @@
+module Main
+  ( main
+  ) where
+
+import qualified Distribution.PackageDescription
+       as PackageDescription
+import qualified Distribution.Simple as Simple
+import qualified Distribution.Simple.LocalBuildInfo
+       as LocalBuildInfo
+import qualified Distribution.Simple.Setup as Setup
+import qualified Distribution.Simple.Utils as Utils
+import System.Directory (getCurrentDirectory)
+import System.FilePath ((</>))
+
+main =
+  let h = Simple.simpleUserHooks
+  in Simple.defaultMainWithHooks
+       h
+       { Simple.preConf =
+           \args flags
+             -- Cabal expects to find BoringSSL's libraries already built at the
+             -- time of configuration, so we must build BoringSSL completely
+             -- here.
+            -> do
+             boringsslBuild flags
+             Simple.preConf h args flags
+       , Simple.confHook =
+           \info flags -> do
+             buildinfo <- Simple.confHook h info flags
+             boringsslUpdateExtraLibDirs buildinfo
+       }
+
+boringsslDir = "third_party" </> "boringssl"
+
+boringsslLibDir = boringsslDir </> "lib"
+
+boringsslBuild flags
+  -- Build BoringSSL.
+ = do
+  let buildDir = boringsslDir </> "build"
+  mkdir buildDir
+  cmd
+    [ "cmake"
+    , "-GNinja"
+    , "-DCMAKE_BUILD_TYPE=Release"
+    , "-B" ++ buildDir
+    , "-H" ++ boringsslDir </> "src"
+    ]
+  cmd ["ninja", "-C", buildDir]
+  -- Rename BoringSSL's libraries so we don't accidentally grab OpenSSL.
+  mkdir boringsslLibDir
+  Utils.installOrdinaryFile
+    v
+    (buildDir </> "crypto" </> "libcrypto.a")
+    (boringsslLibDir </> "libbtls_crypto.a")
+  where
+    v = Setup.fromFlag (Setup.configVerbosity flags)
+    mkdir = Utils.createDirectoryIfMissingVerbose v True
+    cmd (bin:args) = Utils.rawSystemExit v bin args
+
+boringsslUpdateExtraLibDirs buildinfo = do
+  let pkg = LocalBuildInfo.localPkgDescr buildinfo
+      Just lib = PackageDescription.library pkg
+      libBuild = PackageDescription.libBuildInfo lib
+      dirs = PackageDescription.extraLibDirs libBuild
+  root <- getCurrentDirectory
+  return
+    buildinfo
+    { LocalBuildInfo.localPkgDescr =
+        pkg
+        { PackageDescription.library =
+            Just $
+            lib
+            { PackageDescription.libBuildInfo =
+                libBuild
+                { PackageDescription.extraLibDirs =
+                    (root </> boringsslLibDir) : dirs
+                }
+            }
+        }
+    }