Rust wrapper: enable conditional compilation based on C library build options

Author: holtrop

wolfcrypt/src/dh.c

@@ -3228,6 +3228,7 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
     return ret;
 }
 
+#endif /* WOLFSSL_KEY_GEN */
 
 /* Export raw DH parameters from DhKey structure
  *
@@ -3325,6 +3326,4 @@ int wc_DhExportParamsRaw(DhKey* dh, byte* p, word32* pSz,
     return ret;
 }
 
-#endif /* WOLFSSL_KEY_GEN */
-
 #endif /* NO_DH */

wolfssl/wolfcrypt/dh.h

@@ -196,11 +196,12 @@ WOLFSSL_API int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv,
         word32 privSz, const byte* prime, word32 primeSz);
 WOLFSSL_API int wc_DhCheckKeyPair(DhKey* key, const byte* pub, word32 pubSz,
                         const byte* priv, word32 privSz);
+#ifdef WOLFSSL_KEY_GEN
 WOLFSSL_API int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh);
+#endif
 WOLFSSL_API int wc_DhExportParamsRaw(DhKey* dh, byte* p, word32* pSz,
                        byte* q, word32* qSz, byte* g, word32* gSz);
 
-
 #ifdef __cplusplus
     } /* extern "C" */
 #endif

wolfssl/wolfcrypt/ecc.h

@@ -913,9 +913,11 @@ int wc_ecc_export_point_der_ex(const int curve_idx, ecc_point* point, byte* out,
 WOLFSSL_API
 int wc_ecc_export_point_der(const int curve_idx, ecc_point* point,
                             byte* out, word32* outLen);
+#ifdef HAVE_COMP_KEY
 WOLFSSL_LOCAL
 int wc_ecc_export_point_der_compressed(const int curve_idx, ecc_point* point,
                                        byte* out, word32* outLen);
+#endif /* HAVE_COMP_KEY */
 #endif /* HAVE_ECC_KEY_EXPORT */
 
 

wrapper/rust/wolfssl/Cargo.lock

@@ -8,6 +8,7 @@ std = []
 
 [build-dependencies]
 bindgen = "0.72.1"
+regex = "1.5"
 
 [profile.release]
 strip = true

wrapper/rust/wolfssl/Cargo.toml

@@ -1,7 +1,9 @@
 extern crate bindgen;
 
+use regex::Regex;
 use std::env;
-use std::io::{self, Result};
+use std::fs;
+use std::io::{self, Read, Result};
 use std::path::PathBuf;
 
 /// Perform crate build.
@@ -18,9 +20,26 @@ fn main() {
 fn run_build() -> Result<()> {
     generate_bindings()?;
     setup_wolfssl_link()?;
+    scan_cfg()?;
     Ok(())
 }
 
+fn wrapper_dir() -> Result<String> {
+    Ok(std::env::current_dir()?.display().to_string())
+}
+
+fn wolfssl_base_dir() -> Result<String> {
+    Ok(format!("{}/../../..", wrapper_dir()?))
+}
+
+fn wolfssl_lib_dir() -> Result<String> {
+    Ok(format!("{}/src/.libs", wolfssl_base_dir()?))
+}
+
+fn bindings_path() -> String {
+    PathBuf::from(env::var("OUT_DIR").unwrap()).join("bindings.rs").display().to_string()
+}
+
 /// Generate Rust bindings for the wolfssl C library using bindgen.
 ///
 /// This function:
@@ -31,19 +50,15 @@ fn run_build() -> Result<()> {
 ///
 /// Returns `Ok(())` if successful, or an error if binding generation fails.
 fn generate_bindings() -> Result<()> {
-    let wrapper_dir = std::env::current_dir()?.display().to_string();
-    let wolfssl_base_dir = format!("{}/../../..", wrapper_dir);
-
     let bindings = bindgen::Builder::default()
         .header("headers.h")
-        .clang_arg(format!("-I{}", wolfssl_base_dir))
+        .clang_arg(format!("-I{}", wolfssl_base_dir()?))
         .parse_callbacks(Box::new(bindgen::CargoCallbacks::new()))
         .generate()
         .map_err(|_| io::Error::new(io::ErrorKind::Other, "Failed to generate bindings"))?;
 
-    let out_path = PathBuf::from(env::var("OUT_DIR").unwrap());
     bindings
-        .write_to_file(out_path.join("bindings.rs"))
+        .write_to_file(bindings_path())
         .map_err(|e| {
             io::Error::new(
                 io::ErrorKind::Other,
@@ -56,16 +71,112 @@ fn generate_bindings() -> Result<()> {
 ///
 /// Returns `Ok(())` if successful, or an error if any step fails.
 fn setup_wolfssl_link() -> Result<()> {
-    let wrapper_dir = std::env::current_dir()?.display().to_string();
-    let wolfssl_base_dir = format!("{}/../../..", wrapper_dir);
-    let wolfssl_lib_dir = format!("{}/src/.libs", wolfssl_base_dir);
-
-    println!("cargo:rustc-link-search={}", wolfssl_lib_dir);
     println!("cargo:rustc-link-lib=wolfssl");
-    println!("cargo:rustc-link-arg=-Wl,-rpath,{}", wolfssl_lib_dir);
+    println!("cargo:rustc-link-search={}", wolfssl_lib_dir()?);
+    println!("cargo:rustc-link-arg=-Wl,-rpath,{}", wolfssl_lib_dir()?);
 
 //    TODO: do we need this if only a static library is built?
 //    println!("cargo:rustc-link-lib=static=wolfssl");
 
     Ok(())
 }
+
+fn read_file(path: String) -> Result<String> {
+    let mut file = fs::File::open(path)?;
+    let mut content = String::new();
+    file.read_to_string(&mut content)?;
+    Ok(content)
+}
+
+fn check_cfg(binding: &str, function_name: &str, cfg_name: &str) {
+    let pattern = format!(r"\b{}\b", function_name);
+    let re = match Regex::new(&pattern) {
+        Ok(r) => r,
+        Err(e) => {
+            eprintln!("Error compiling regex '{}': {}", pattern, e);
+            return;
+        }
+    };
+    println!("cargo::rustc-check-cfg=cfg({})", cfg_name);
+    if re.is_match(binding) {
+        println!("cargo:rustc-cfg={}", cfg_name);
+    }
+}
+
+fn scan_cfg() -> Result<()> {
+    let binding = read_file(bindings_path())?;
+
+    /* aes */
+    check_cfg(&binding, "wc_AesSetKey", "aes");
+    check_cfg(&binding, "wc_AesCbcEncrypt", "aes_cbc");
+    check_cfg(&binding, "wc_AesCcmSetKey", "aes_ccm");
+    check_cfg(&binding, "wc_AesCfbEncrypt", "aes_cfb");
+    check_cfg(&binding, "wc_AesCtrEncrypt", "aes_ctr");
+    check_cfg(&binding, "wc_AesCtsEncrypt", "aes_cts");
+    check_cfg(&binding, "wc_AesCfbDecrypt", "aes_decrypt");
+    check_cfg(&binding, "wc_AesEaxInit", "aes_eax");
+    check_cfg(&binding, "wc_AesEcbEncrypt", "aes_ecb");
+    check_cfg(&binding, "wc_AesGcmSetKey", "aes_gcm");
+    check_cfg(&binding, "wc_AesGcmInit", "aes_gcm_stream");
+    check_cfg(&binding, "wc_AesOfbEncrypt", "aes_ofb");
+    check_cfg(&binding, "wc_AesXtsInit", "aes_xts");
+    check_cfg(&binding, "wc_AesXtsEncryptInit", "aes_xts_stream");
+
+    /* cmac */
+    check_cfg(&binding, "wc_InitCmac", "cmac");
+
+    /* dh */
+    check_cfg(&binding, "wc_InitDhKey", "dh");
+    check_cfg(&binding, "wc_DhGenerateParams", "dh_keygen");
+
+    /* ecc */
+    check_cfg(&binding, "wc_ecc_init", "ecc");
+    check_cfg(&binding, "wc_ecc_export_point_der_compressed", "ecc_comp_key");
+    check_cfg(&binding, "wc_ecc_shared_secret", "ecc_dh");
+    check_cfg(&binding, "wc_ecc_sign_hash", "ecc_sign");
+    check_cfg(&binding, "wc_ecc_verify_hash", "ecc_verify");
+    check_cfg(&binding, "wc_ecc_export_x963", "ecc_export");
+    check_cfg(&binding, "wc_ecc_import_x963", "ecc_import");
+    check_cfg(&binding, "ecc_curve_ids_ECC_X25519", "ecc_curve_25519");
+    check_cfg(&binding, "ecc_curve_ids_ECC_X448", "ecc_curve_448");
+    check_cfg(&binding, "ecc_curve_ids_ECC_SAKKE_1", "ecc_curve_sakke");
+    check_cfg(&binding, "ecc_curve_ids_ECC_CURVE_CUSTOM", "ecc_custom_curves");
+
+    /* ed25519 */
+    check_cfg(&binding, "wc_ed25519_init", "ed25519");
+    check_cfg(&binding, "wc_ed25519_import_public", "ed25519_import");
+    check_cfg(&binding, "wc_ed25519_export_public", "ed25519_export");
+    check_cfg(&binding, "wc_ed25519_sign_msg", "ed25519_sign");
+    check_cfg(&binding, "wc_ed25519_verify_msg_ex", "ed25519_verify");
+    check_cfg(&binding, "wc_ed25519_verify_msg_init", "ed25519_streaming_verify");
+
+    /* ed448 */
+    check_cfg(&binding, "wc_ed448_init", "ed448");
+    check_cfg(&binding, "wc_ed448_import_public", "ed448_import");
+    check_cfg(&binding, "wc_ed448_export_public", "ed448_export");
+    check_cfg(&binding, "wc_ed448_sign_msg", "ed448_sign");
+    check_cfg(&binding, "wc_ed448_verify_msg_ex", "ed448_verify");
+    check_cfg(&binding, "wc_ed448_verify_msg_init", "ed448_streaming_verify");
+
+    /* kdf */
+    check_cfg(&binding, "wc_PBKDF2", "kdf_pbkdf2");
+    check_cfg(&binding, "wc_PKCS12_PBKDF_ex", "kdf_pkcs12");
+    check_cfg(&binding, "wc_SRTP_KDF", "kdf_srtp");
+    check_cfg(&binding, "wc_SSH_KDF", "kdf_ssh");
+    check_cfg(&binding, "wc_Tls13_HKDF_Extract_ex", "kdf_tls13");
+
+    /* rsa */
+    check_cfg(&binding, "wc_InitRsaKey", "rsa");
+    check_cfg(&binding, "wc_RsaDirect", "rsa_direct");
+    check_cfg(&binding, "wc_MakeRsaKey", "rsa_keygen");
+
+    /* sha */
+    check_cfg(&binding, "wc_InitSha", "sha");
+    check_cfg(&binding, "wc_InitSha256", "sha256");
+    check_cfg(&binding, "wc_InitSha512", "sha512");
+    check_cfg(&binding, "wc_InitSha3_224", "sha3");
+    check_cfg(&binding, "wc_InitShake128", "shake128");
+    check_cfg(&binding, "wc_InitShake256", "shake256");
+
+    Ok(())
+}