From bb481a181375c32f797b15253fbe348242809294 Mon Sep 17 00:00:00 2001 From: Benjamin Barenblat Date: Sat, 30 Dec 2017 17:50:13 -0500 Subject: Begin writing btls, a Haskell crypto and TLS library using BoringSSL MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit So far, btls provides SHA-224, SHA-256, SHA-384, and SHA-512 algorithms. To do that, I - vendor BoringSSL and create a custom `Setup.hs` to build it, - wrap a number of functions and values from BoringSSL's EVP subsystem, and - implement the four SHA-2 algorithms using the wrapped routines. I provide conformance tests incorporating the official NIST example vectors and the vectors used in the Go SHA-2 test suite. The tests also use SmallCheck to compare btls’s SHA-2 implementations with those provided by the system’s Coreutils and openssl(1) installations. --- Setup.hs | 81 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 Setup.hs (limited to 'Setup.hs') diff --git a/Setup.hs b/Setup.hs new file mode 100644 index 0000000..5a8d654 --- /dev/null +++ b/Setup.hs @@ -0,0 +1,81 @@ +module Main + ( main + ) where + +import qualified Distribution.PackageDescription + as PackageDescription +import qualified Distribution.Simple as Simple +import qualified Distribution.Simple.LocalBuildInfo + as LocalBuildInfo +import qualified Distribution.Simple.Setup as Setup +import qualified Distribution.Simple.Utils as Utils +import System.Directory (getCurrentDirectory) +import System.FilePath (()) + +main = + let h = Simple.simpleUserHooks + in Simple.defaultMainWithHooks + h + { Simple.preConf = + \args flags + -- Cabal expects to find BoringSSL's libraries already built at the + -- time of configuration, so we must build BoringSSL completely + -- here. + -> do + boringsslBuild flags + Simple.preConf h args flags + , Simple.confHook = + \info flags -> do + buildinfo <- Simple.confHook h info flags + boringsslUpdateExtraLibDirs buildinfo + } + +boringsslDir = "third_party" "boringssl" + +boringsslLibDir = boringsslDir "lib" + +boringsslBuild flags + -- Build BoringSSL. + = do + let buildDir = boringsslDir "build" + mkdir buildDir + cmd + [ "cmake" + , "-GNinja" + , "-DCMAKE_BUILD_TYPE=Release" + , "-B" ++ buildDir + , "-H" ++ boringsslDir "src" + ] + cmd ["ninja", "-C", buildDir] + -- Rename BoringSSL's libraries so we don't accidentally grab OpenSSL. + mkdir boringsslLibDir + Utils.installOrdinaryFile + v + (buildDir "crypto" "libcrypto.a") + (boringsslLibDir "libbtls_crypto.a") + where + v = Setup.fromFlag (Setup.configVerbosity flags) + mkdir = Utils.createDirectoryIfMissingVerbose v True + cmd (bin:args) = Utils.rawSystemExit v bin args + +boringsslUpdateExtraLibDirs buildinfo = do + let pkg = LocalBuildInfo.localPkgDescr buildinfo + Just lib = PackageDescription.library pkg + libBuild = PackageDescription.libBuildInfo lib + dirs = PackageDescription.extraLibDirs libBuild + root <- getCurrentDirectory + return + buildinfo + { LocalBuildInfo.localPkgDescr = + pkg + { PackageDescription.library = + Just $ + lib + { PackageDescription.libBuildInfo = + libBuild + { PackageDescription.extraLibDirs = + (root boringsslLibDir) : dirs + } + } + } + } -- cgit v1.2.3