4 files changed, 208 insertions, 0 deletions

diff --git a/src/BTLS/BoringSSL/Base.chs b/src/BTLS/BoringSSL/Base.chs
new file mode 100644
index 0000000..347e3f4
--- /dev/null
+++ b/src/BTLS/BoringSSL/Base.chs
@@ -0,0 +1,42 @@
+-- Copyright 2018 Google LLC
+--
+-- Licensed under the Apache License, Version 2.0 (the "License"); you may not
+-- use this file except in compliance with the License. You may obtain a copy of
+-- the License at
+--
+--     https://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+-- WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+-- License for the specific language governing permissions and limitations under
+-- the License.
+
+{-# OPTIONS_GHC -Wno-unused-imports #-}
+
+module BTLS.BoringSSL.Base where
+
+import Foreign (Ptr, nullPtr)
+
+#include <openssl/base.h>
+
+-- | The BoringSSL @ENGINE@ type.
+data Engine
+{#pointer *ENGINE as 'Ptr Engine' -> Engine nocode#}
+
+noEngine :: Ptr Engine
+noEngine = nullPtr
+
+-- | The BoringSSL @EVP_MD_CTX@ type, representing the state of a pending
+-- hashing operation.
+data EVPMDCtx
+{#pointer *EVP_MD_CTX as 'Ptr EVPMDCtx' -> EVPMDCtx nocode#}
+
+-- | The BoringSSL @EVP_MD@ type, representing a hash algorithm.
+data EVPMD
+{#pointer *EVP_MD as 'Ptr EVPMD' -> EVPMD nocode#}
+
+-- | The BoringSSL @HMAC_CTX@ type, representing the state of a pending HMAC
+-- operation.
+data HMACCtx
+{#pointer *HMAC_CTX as 'Ptr HMACCtx' -> HMACCtx nocode#}
diff --git a/src/BTLS/BoringSSL/Digest.chs b/src/BTLS/BoringSSL/Digest.chs
new file mode 100644
index 0000000..69f3a0a
--- /dev/null
+++ b/src/BTLS/BoringSSL/Digest.chs
@@ -0,0 +1,67 @@
+-- Copyright 2018 Google LLC
+--
+-- Licensed under the Apache License, Version 2.0 (the "License"); you may not
+-- use this file except in compliance with the License. You may obtain a copy of
+-- the License at
+--
+--     https://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+-- WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+-- License for the specific language governing permissions and limitations under
+-- the License.
+
+{-# OPTIONS_GHC -Wno-missing-methods #-}
+
+module BTLS.BoringSSL.Digest
+  ( evpMD5, evpSHA1, evpSHA224, evpSHA256, evpSHA384, evpSHA512
+  , mallocEVPMDCtx
+  , evpDigestInitEx, evpDigestUpdate, evpDigestFinalEx
+  , evpMaxMDSize
+  ) where
+
+import Foreign (FinalizerPtr, ForeignPtr, Ptr, Storable(alignment, sizeOf))
+import Foreign.C.Types
+
+{#import BTLS.BoringSSL.Base#}
+import BTLS.Cast (asVoidPtr)
+import BTLS.CreateWithFinalizer (createWithFinalizer)
+import BTLS.Result
+
+#include <openssl/digest.h>
+
+evpMD5, evpSHA1, evpSHA224, evpSHA256, evpSHA384, evpSHA512 :: Ptr EVPMD
+evpMD5    = {#call pure EVP_md5 as ^#}
+evpSHA1   = {#call pure EVP_sha1 as ^#}
+evpSHA224 = {#call pure EVP_sha224 as ^#}
+evpSHA256 = {#call pure EVP_sha256 as ^#}
+evpSHA384 = {#call pure EVP_sha384 as ^#}
+evpSHA512 = {#call pure EVP_sha512 as ^#}
+
+-- | Memory-safe allocator for 'EVPMDCtx'.
+mallocEVPMDCtx :: IO (ForeignPtr EVPMDCtx)
+mallocEVPMDCtx =
+  createWithFinalizer {#call EVP_MD_CTX_init as ^#} btlsFinalizeEVPMDCtxPtr
+
+foreign import ccall "&btlsFinalizeEVPMDCtx"
+  btlsFinalizeEVPMDCtxPtr :: FinalizerPtr EVPMDCtx
+
+evpDigestInitEx :: Ptr EVPMDCtx -> Ptr EVPMD -> Ptr Engine -> IO ()
+evpDigestInitEx ctx md engine =
+  requireSuccess $ {#call EVP_DigestInit_ex as ^#} ctx md engine
+
+evpDigestUpdate :: Ptr EVPMDCtx -> Ptr a -> CULong -> IO ()
+evpDigestUpdate ctx md bytes =
+  alwaysSucceeds $ {#call EVP_DigestUpdate as ^#} ctx (asVoidPtr md) bytes
+
+evpDigestFinalEx :: Ptr EVPMDCtx -> Ptr CUChar -> Ptr CUInt -> IO ()
+evpDigestFinalEx ctx mdOut outSize =
+  alwaysSucceeds $ {#call EVP_DigestFinal_ex as ^#} ctx mdOut outSize
+
+evpMaxMDSize :: Int
+evpMaxMDSize = {#const EVP_MAX_MD_SIZE#}
+
+instance Storable EVPMDCtx where
+  sizeOf _ = {#sizeof EVP_MD_CTX#}
+  alignment _ = {#alignof EVP_MD_CTX#}
diff --git a/src/BTLS/BoringSSL/HKDF.chs b/src/BTLS/BoringSSL/HKDF.chs
new file mode 100644
index 0000000..3710c0c
--- /dev/null
+++ b/src/BTLS/BoringSSL/HKDF.chs
@@ -0,0 +1,45 @@
+-- Copyright 2018 Google LLC
+--
+-- Licensed under the Apache License, Version 2.0 (the "License"); you may not
+-- use this file except in compliance with the License. You may obtain a copy of
+-- the License at
+--
+--     https://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+-- WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+-- License for the specific language governing permissions and limitations under
+-- the License.
+
+module BTLS.BoringSSL.HKDF
+  ( hkdfExtract, hkdfExpand
+  ) where
+
+import Foreign (Ptr)
+import Foreign.C.Types
+
+{#import BTLS.BoringSSL.Base#}
+import BTLS.Result
+
+#include <openssl/hkdf.h>
+
+hkdfExtract ::
+  Ptr CUChar -> Ptr CULong
+  -> Ptr EVPMD
+  -> Ptr CUChar -> CULong
+  -> Ptr CUChar -> CULong
+  -> IO ()
+hkdfExtract outKey outLen digest secret secretLen salt saltLen =
+  requireSuccess $
+    {#call HKDF_extract as ^#} outKey outLen digest secret secretLen salt saltLen
+
+hkdfExpand ::
+  Ptr CUChar -> CULong
+  -> Ptr EVPMD
+  -> Ptr CUChar -> CULong
+  -> Ptr CUChar -> CULong
+  -> IO ()
+hkdfExpand outKey outLen digest prk prkLen info infoLen =
+  requireSuccess $
+    {#call HKDF_expand as ^#} outKey outLen digest prk prkLen info infoLen
diff --git a/src/BTLS/BoringSSL/HMAC.chs b/src/BTLS/BoringSSL/HMAC.chs
new file mode 100644
index 0000000..5c53122
--- /dev/null
+++ b/src/BTLS/BoringSSL/HMAC.chs
@@ -0,0 +1,54 @@
+-- Copyright 2018 Google LLC
+--
+-- Licensed under the Apache License, Version 2.0 (the "License"); you may not
+-- use this file except in compliance with the License. You may obtain a copy of
+-- the License at
+--
+--     https://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+-- WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+-- License for the specific language governing permissions and limitations under
+-- the License.
+
+{-# OPTIONS_GHC -Wno-missing-methods #-}
+
+module BTLS.BoringSSL.HMAC
+  ( mallocHMACCtx
+  , hmacInitEx, hmacUpdate, hmacFinal
+  ) where
+
+import Foreign (FinalizerPtr, ForeignPtr, Ptr, Storable(alignment, sizeOf))
+import Foreign.C.Types
+
+{#import BTLS.BoringSSL.Base#}
+import BTLS.Cast (asVoidPtr)
+import BTLS.CreateWithFinalizer (createWithFinalizer)
+import BTLS.Result
+
+#include <openssl/hmac.h>
+
+-- | Memory-safe allocator for 'HMACCtx'.
+mallocHMACCtx :: IO (ForeignPtr HMACCtx)
+mallocHMACCtx = createWithFinalizer {#call HMAC_CTX_init as ^#} hmacCtxCleanup
+
+foreign import ccall "&HMAC_CTX_cleanup"
+  hmacCtxCleanup :: FinalizerPtr HMACCtx
+
+hmacInitEx :: Ptr HMACCtx -> Ptr a -> CULong -> Ptr EVPMD -> Ptr Engine -> IO ()
+hmacInitEx ctx bytes size md engine =
+  requireSuccess $
+    {#call HMAC_Init_ex as ^#} ctx (asVoidPtr bytes) size md engine
+
+hmacUpdate :: Ptr HMACCtx -> Ptr CUChar -> CULong -> IO ()
+hmacUpdate ctx bytes size =
+  alwaysSucceeds $ {#call HMAC_Update as ^#} ctx bytes size
+
+hmacFinal :: Ptr HMACCtx -> Ptr CUChar -> Ptr CUInt -> IO ()
+hmacFinal ctx out outSize =
+  requireSuccess $ {#call HMAC_Final as ^#} ctx out outSize
+
+instance Storable HMACCtx where
+  sizeOf _ = {#sizeof HMAC_CTX#}
+  alignment _ = {#alignof HMAC_CTX#}