diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2021-12-10 13:02:52 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2021-12-10 13:02:52 +0100 |
commit | cf4c70b46040a53bf3992a124ba70b1b1ca852f1 (patch) | |
tree | c321c5f549dc2d69519bd68bf540f78e7a294735 /ffi | |
parent | 34b930595f7e125cbbad64404c79de454c6e62ef (diff) |
Remove the ffi crates.
- Remove the general-purpose ffi crates. They will be moved into
their own repository. Note that we consider general-purpose ffi
crates to be a dead end: exposing Sequoia's interface requires a
large number of types and functions, and using the interface from
C turned out to be verbose and error-prone. Instead, we prefer to
write point solutions in Rust that implement exactly the
functionality the downstream consumer needs, then expose this via
ffi bindings.
- See https://gitlab.com/sequoia-pgp/sequoia-ffi.
Diffstat (limited to 'ffi')
36 files changed, 0 insertions, 2786 deletions
diff --git a/ffi/.gitignore b/ffi/.gitignore deleted file mode 100644 index 4e5bd39d..00000000 --- a/ffi/.gitignore +++ /dev/null @@ -1 +0,0 @@ -sequoia.pc diff --git a/ffi/Cargo.toml b/ffi/Cargo.toml deleted file mode 100644 index 8c063981..00000000 --- a/ffi/Cargo.toml +++ /dev/null @@ -1,49 +0,0 @@ -[package] -name = "sequoia-ffi" -description = "C API for Sequoia" -version = "0.22.0" -authors = [ - "Justus Winter <justus@sequoia-pgp.org>", - "Kai Michaelis <kai@sequoia-pgp.org>", - "Neal H. Walfield <neal@sequoia-pgp.org>", -] -documentation = "https://docs.sequoia-pgp.org/0.22.0/sequoia_ffi" -homepage = "https://sequoia-pgp.org/" -repository = "https://gitlab.com/sequoia-pgp/sequoia" -readme = "../README.md" -keywords = ["cryptography", "openpgp", "pgp", "encryption", "signing"] -categories = ["cryptography", "authentication", "development-tools::ffi", - "email"] -license = "LGPL-2.0-or-later" -edition = "2018" - -[badges] -gitlab = { repository = "sequoia-pgp/sequoia" } -maintenance = { status = "actively-developed" } - -[dependencies] -sequoia-ffi-macros = { path = "../ffi-macros", version = "0.22" } -sequoia-openpgp = { path = "../openpgp", version = "1.0.0", default-features = false } -sequoia-net = { path = "../net", version = "0.24", default-features = false } -sequoia-ipc = { path = "../ipc", version = "0.27", default-features = false } -anyhow = "1.0.18" -lazy_static = "1.4.0" -libc = "0.2.66" -memsec = { version = ">=0.5", default-features = false } -native-tls = "0.2.0" -tokio = { version = "1.13.1", features = ["rt", "time"] } - -[dev-dependencies] -filetime = "0.2" - -[lib] -crate-type = ["cdylib", "staticlib"] -bench = false - -[features] -default = ["sequoia-openpgp/default"] -crypto-nettle = ["sequoia-openpgp/crypto-nettle"] -crypto-cng = ["sequoia-openpgp/crypto-cng"] -compression = ["sequoia-openpgp/compression"] -compression-deflate = ["sequoia-openpgp/compression-deflate"] -compression-bzip2 = ["sequoia-openpgp/compression-bzip2"] diff --git a/ffi/LICENSE.txt b/ffi/LICENSE.txt deleted file mode 120000 index 4ab43736..00000000 --- a/ffi/LICENSE.txt +++ /dev/null @@ -1 +0,0 @@ -../LICENSE.txt
\ No newline at end of file diff --git a/ffi/Makefile b/ffi/Makefile deleted file mode 100644 index 9a10501b..00000000 --- a/ffi/Makefile +++ /dev/null @@ -1,91 +0,0 @@ -# Makefile for Sequoia's bindings. - -# Configuration. -PREFIX ?= /usr/local -DESTDIR ?= - -CARGO ?= cargo -CARGO_TARGET_DIR ?= $(shell pwd)/../target -# We currently only support absolute paths. -CARGO_TARGET_DIR := $(abspath $(CARGO_TARGET_DIR)) - -VERSION ?= $(shell grep '^version[[:space:]]*=[[:space:]]*' Cargo.toml | cut -d'"' -f2) -VERSION_MAJOR = $(shell echo $(VERSION) | cut -d'.' -f1) - -# Build the right library -ifeq ($(shell uname -s), Darwin) - _SEQ_LIB_EXT = dylib -else - _SEQ_LIB_EXT = so -endif - -# Tools. -ifneq ($(filter Darwin %BSD,$(shell uname -s)),) - INSTALL ?= ginstall -else - INSTALL ?= install -endif - -# Make sure subprocesses pick these up. -export PREFIX -export DESTDIR - -# $(1) = install dir -# $(2) = whether to set libdir and prefix to $(1) (empty string = false) -sequoia_pc = \ - sed -e 's|VERSION|$(VERSION)|g' \ - $(if $(2),-e 's|PREFIX|$(shell pwd)|g',-e's|PREFIX|$(PREFIX)|g') \ - $(if $(2),-e 's|libdir=.*|libdir=$(1)|g') \ - sequoia.pc.in \ - >$(1)/sequoia.pc - -all: build - -.PHONY: build -build: - $(MAKE) -Clang/python build - $(call sequoia_pc,$(CARGO_TARGET_DIR)/debug,true) - -# Testing and examples. -.PHONY: test check -test check: - $(MAKE) -Clang/python test - -.PHONY: examples -examples: - $(MAKE) -Cexamples --always-make - -# Installation. -.PHONY: build-release -build-release: - CARGO_TARGET_DIR=$(CARGO_TARGET_DIR) \ - $(CARGO) build $(CARGO_FLAGS) --release --package sequoia-ffi - $(MAKE) -Clang/python build-release - $(call sequoia_pc,$(CARGO_TARGET_DIR)/release,true) - -.PHONY: install -install: build-release - $(INSTALL) -d $(DESTDIR)$(PREFIX)/share/pkgconfig - $(call sequoia_pc,$(DESTDIR)$(PREFIX)/share/pkgconfig,) - $(INSTALL) -d $(DESTDIR)$(PREFIX)/include - $(INSTALL) -t $(DESTDIR)$(PREFIX)/include include/sequoia.h - $(INSTALL) -d $(DESTDIR)$(PREFIX)/include/sequoia - $(INSTALL) -t $(DESTDIR)$(PREFIX)/include/sequoia \ - include/sequoia/*.h - $(INSTALL) -d $(DESTDIR)$(PREFIX)/lib - $(INSTALL) $(CARGO_TARGET_DIR)/release/libsequoia_ffi.$(_SEQ_LIB_EXT) \ - $(DESTDIR)$(PREFIX)/lib/libsequoia_ffi.$(_SEQ_LIB_EXT).$(VERSION) - ln -fs libsequoia_ffi.$(_SEQ_LIB_EXT).$(VERSION) \ - $(DESTDIR)$(PREFIX)/lib/libsequoia_ffi.$(_SEQ_LIB_EXT).$(VERSION_MAJOR) - ln -fs libsequoia_ffi.$(_SEQ_LIB_EXT).$(VERSION) \ - $(DESTDIR)$(PREFIX)/lib/libsequoia_ffi.$(_SEQ_LIB_EXT) - $(INSTALL) $(CARGO_TARGET_DIR)/release/libsequoia_ffi.a \ - $(DESTDIR)$(PREFIX)/lib/libsequoia_ffi.a - # Now the bindings. - $(MAKE) -Clang/python install - -# Housekeeping. -.PHONY: clean -clean: - $(MAKE) -Cexamples clean - $(MAKE) -Clang/python clean diff --git a/ffi/examples/Makefile b/ffi/examples/Makefile deleted file mode 100644 index 6186d6b9..00000000 --- a/ffi/examples/Makefile +++ /dev/null @@ -1,28 +0,0 @@ -# Makefile for examples written in C. - -CARGO ?= cargo -CARGO_TARGET_DIR ?= $(shell pwd)/../../target -# We currently only support absolute paths. -CARGO_TARGET_DIR := $(abspath $(CARGO_TARGET_DIR)) - -# We are producing binaries here. -EXAMPLE_TARGET_DIR ?= $(CARGO_TARGET_DIR)/debug/c-examples/ffi - -EXAMPLES = keyserver configure -CFLAGS = -I../include -I../../openpgp-ffi/include -O0 -g -Wall -Werror -LDFLAGS = -L$(CARGO_TARGET_DIR)/debug -LDLIBS = -lsequoia_ffi - -# Prefix our target directory. -TARGETS := $(foreach example,$(EXAMPLES),$(EXAMPLE_TARGET_DIR)/$(example)) - -all: $(TARGETS) - -clean: - rm -f $(TARGETS) - -$(TARGETS): ../include/sequoia.h - -$(EXAMPLE_TARGET_DIR)/%: %.c - mkdir -p $(EXAMPLE_TARGET_DIR) - $(CC) $(CFLAGS) $(LDFLAGS) -o "$@" "$<" $(LDLIBS) diff --git a/ffi/examples/configure.c b/ffi/examples/configure.c deleted file mode 100644 index 6551e196..00000000 --- a/ffi/examples/configure.c +++ /dev/null @@ -1,51 +0,0 @@ -#define _GNU_SOURCE -#include <assert.h> -/* Roughly glibc compatible error reporting. */ -#define error(S, E, F, ...) do { \ - fprintf (stderr, (F), __VA_ARGS__); \ - int s = (S), e = (E); \ - if (e) { fprintf (stderr, ": %s", strerror (e)); } \ - fprintf (stderr, "\n"); \ - fflush (stderr); \ - if (s) { exit (s); } \ - } while (0) -#include <errno.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#include <sequoia.h> - -int -main (int argc, char **argv) -{ - pgp_error_t err; - sq_config_t cfg; - sq_context_t ctx; - sq_keyserver_t ks; - - cfg = sq_context_configure (); - sq_config_home (cfg, "/tmp"); - ctx = sq_config_build (cfg, &err); - if (ctx == NULL) - error (1, 0, "Initializing sequoia failed: %s", - pgp_error_to_string (err)); - - ks = sq_keyserver_keys_openpgp_org (ctx, SQ_NETWORK_POLICY_OFFLINE); - if (ks == NULL) - { - pgp_error_t err = sq_context_last_error (ctx); - assert (pgp_error_status (err) == PGP_STATUS_NETWORK_POLICY_VIOLATION); - char *msg = pgp_error_to_string (err); - error (0, 0, "Initializing KeyServer failed as expected: %s", - msg); - free (msg); - pgp_error_free (err); - } - else - assert (! "reachable"); - - sq_keyserver_free (ks); - sq_context_free (ctx); - return 0; -} diff --git a/ffi/examples/keyserver.c b/ffi/examples/keyserver.c deleted file mode 100644 index 08624ea7..00000000 --- a/ffi/examples/keyserver.c +++ /dev/null @@ -1,56 +0,0 @@ -#define _GNU_SOURCE -/* Roughly glibc compatible error reporting. */ -#define error(S, E, F, ...) do { \ - fprintf (stderr, (F), __VA_ARGS__); \ - int s = (S), e = (E); \ - if (e) { fprintf (stderr, ": %s", strerror (e)); } \ - fprintf (stderr, "\n"); \ - fflush (stderr); \ - if (s) { exit (s); } \ - } while (0) -#include <errno.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#include <sequoia.h> - -int -main (int argc, char **argv) -{ - pgp_error_t err; - sq_context_t ctx; - pgp_keyid_t id; - sq_keyserver_t ks; - pgp_cert_t cert; - - ctx = sq_context_new (&err); - if (ctx == NULL) - error (1, 0, "Initializing sequoia failed: %s", - pgp_error_to_string (err)); - - ks = sq_keyserver_keys_openpgp_org (ctx, SQ_NETWORK_POLICY_ENCRYPTED); - if (ks == NULL) - { - pgp_error_t err = sq_context_last_error (ctx); - error (1, 0, "Initializing Keyserver failed: %s", pgp_error_to_string (err)); - } - - id = pgp_keyid_from_bytes ((uint8_t *) "\x24\x7F\x6D\xAB\xC8\x49\x14\xFE"); - cert = sq_keyserver_get (ctx, ks, id); - if (cert == NULL) - { - pgp_error_t err = sq_context_last_error (ctx); - error (1, 0, "Failed to retrieve key: %s", pgp_error_to_string (err)); - } - - char *debug = pgp_cert_debug (cert); - printf ("%s", debug); - free (debug); - - pgp_cert_free (cert); - pgp_keyid_free (id); - sq_keyserver_free (ks); - sq_context_free (ctx); - return 0; -} diff --git a/ffi/include/sequoia.h b/ffi/include/sequoia.h deleted file mode 100644 index c32a2f3e..00000000 --- a/ffi/include/sequoia.h +++ /dev/null @@ -1,9 +0,0 @@ -#ifndef SEQUOIA_H -#define SEQUOIA_H - -#include <sequoia/openpgp/error.h> -#include <sequoia/core.h> -#include <sequoia/openpgp.h> -#include <sequoia/net.h> - -#endif diff --git a/ffi/include/sequoia/core.h b/ffi/include/sequoia/core.h deleted file mode 100644 index c73d54c1..00000000 --- a/ffi/include/sequoia/core.h +++ /dev/null @@ -1,172 +0,0 @@ -#ifndef SEQUOIA_CORE_H -#define SEQUOIA_CORE_H - -#include <stddef.h> -#include <stdint.h> -#include <limits.h> -#include <unistd.h> - -/* sequoia::Context. */ - -/*/ -/// A `struct sq_context *` is required for many operations. -/// -/// # Example -/// -/// ```c -/// struct sq_context *ctx sq_context_new(); -/// if (ctx == NULL) { ... } -/// ``` -/*/ -typedef struct sq_context *sq_context_t; - -/*/ -/// Returns the last error. -/// -/// Returns and removes the last error from the context. -/*/ -pgp_error_t sq_context_last_error (sq_context_t ctx); - -/*/ -/// Represents a `Context` configuration. -/*/ -typedef struct sq_config *sq_config_t; - -/*/ -/// IPC policy for Sequoia. -/// -/// With this policy you can control how Sequoia starts background -/// servers. -/*/ -typedef enum sq_ipc_policy { - /*/ - /// External background servers only. - /// - /// We will always use external background servers. If starting - /// one fails, the operation will fail. - /// - /// The advantage is that we never spawn a thread. - /// - /// The disadvantage is that we need to locate the background - /// server to start. If you are distribute Sequoia with your - /// application, make sure to include the binaries, and to - /// configure the Context so that `context.lib()` points to the - /// directory containing the binaries. - /*/ - SQ_IPC_POLICY_EXTERNAL = 0, - - /*/ - /// Internal background servers only. - /// - /// We will always use internal background servers. It is very - /// unlikely that this fails. - /// - /// The advantage is that this method is very robust. If you - /// distribute Sequoia with your application, you do not need to - /// ship the binary, and it does not matter what `context.lib()` - /// points to. This is very robust and convenient. - /// - /// The disadvantage is that we spawn a thread in your - /// application. Threads may play badly with `fork(2)`, file - /// handles, and locks. If you are not doing anything fancy, - /// however, and only use fork-then-exec, you should be okay. - /*/ - SQ_IPC_POLICY_INTERNAL = 1, - - /*/ - /// Prefer external, fall back to internal. - /// - /// We will first try to use an external background server, but - /// fall back on an internal one should that fail. - /// - /// The advantage is that if Sequoia is properly set up to find - /// the background servers, we will use these and get the - /// advantages of that approach. Because we fail back on using an - /// internal server, we gain the robustness of that approach. - /// - /// The disadvantage is that we may or may not spawn a thread in - /// your application. If this is unacceptable in your - /// environment, use the `External` policy. - /*/ - SQ_IPC_POLICY_ROBUST = 2, - - /* Dummy value to make sure the enumeration has a defined size. Do - not use this value. */ - SQ_IPC_POLICY_FORCE_WIDTH = INT_MAX, -} sq_ipc_policy_t; - - -/*/ -/// Creates a Context with reasonable defaults. -/// -/// Returns `NULL` on errors. If `errp` is not `NULL`, the error is -/// stored there. -/*/ -sq_context_t sq_context_new(pgp_error_t *errp); - -/*/ -/// Frees a context. -/*/ -void sq_context_free(sq_context_t context); - -/*/ -/// Creates a Context that can be configured. -/// -/// The configuration is seeded like in `sq_context_new`, but can be -/// modified. A configuration has to be finalized using -/// `sq_config_build()` in order to turn it into a Context. -/*/ -sq_config_t sq_context_configure(void); - -/*/ -/// Returns the directory containing shared state. -/*/ -const char *sq_context_home(const sq_context_t ctx); - -/*/ -/// Returns the directory containing backend servers. -/*/ -const char *sq_context_lib(const sq_context_t ctx); - -/*/ -/// Returns the IPC policy. -/*/ -sq_ipc_policy_t sq_context_ipc_policy(const sq_context_t ctx); - -/*/ -/// Returns whether or not this is an ephemeral context. -/*/ -uint8_t sq_context_ephemeral(const sq_context_t ctx); - - -/* sequoia::Config. */ - -/*/ -/// Finalizes the configuration and return a `Context`. -/// -/// Consumes `cfg`. Returns `NULL` on errors. Returns `NULL` on -/// errors. If `errp` is not `NULL`, the error is stored there. -/*/ -sq_context_t sq_config_build(sq_config_t cfg, pgp_error_t *errp); - -/*/ -/// Sets the directory containing shared state. -/*/ -void sq_config_home(sq_config_t cfg, const char *home); - -/*/ -/// Sets the directory containing backend servers. -/*/ -void sq_config_lib(sq_config_t cfg, const char *lib); - -/*/ -/// Sets the IPC policy. -/*/ -void sq_config_ipc_policy(sq_config_t cfg, sq_ipc_policy_t policy); - -/*/ -/// Makes this context ephemeral. -/*/ -void sq_config_ephemeral(sq_config_t cfg); - -#endif diff --git a/ffi/include/sequoia/net.h b/ffi/include/sequoia/net.h deleted file mode 100644 index f1d850d3..00000000 --- a/ffi/include/sequoia/net.h +++ /dev/null @@ -1,99 +0,0 @@ -#ifndef SEQUOIA_NET_H -#define SEQUOIA_NET_H - -#include <sequoia/core.h> - -/*/ -/// For accessing keyservers using HKP. -/*/ -typedef struct sq_keyserver *sq_keyserver_t; - -/*/ -/// Network policy for Sequoia. -/// -/// With this policy you can control how Sequoia accesses remote -/// systems. -/*/ -typedef enum sq_network_policy { - /* Do not contact remote systems. */ - SQ_NETWORK_POLICY_OFFLINE = 0, - - /* Only contact remote systems using anonymization techniques like - * TOR. */ - SQ_NETWORK_POLICY_ANONYMIZED = 1, - - /* Only contact remote systems using transports offering - * encryption and authentication like TLS. */ - SQ_NETWORK_POLICY_ENCRYPTED = 2, - - /* Contact remote systems even with insecure transports. */ - SQ_NETWORK_POLICY_INSECURE = 3, - - /* Dummy value to make sure the enumeration has a defined size. Do - not use this value. */ - SQ_NETWORK_POLICY_FORCE_WIDTH = INT_MAX, -} sq_network_policy_t; - - -/*/ -/// Returns a handle for the given URI. -/// -/// `uri` is a UTF-8 encoded value of a keyserver URI, -/// e.g. `hkps://examle.org`. -/// -/// Returns `NULL` on errors. -/*/ -sq_keyserver_t sq_keyserver_new (sq_context_t ctx, - sq_network_policy_t policy, - const char *uri); - -/*/ -/// Returns a handle for the given URI. -/// -/// `uri` is a UTF-8 encoded value of a keyserver URI, -/// e.g. `hkps://examle.org`. `cert` is a DER encoded certificate of -/// size `len` used to authenticate the server. -/// -/// Returns `NULL` on errors. -/*/ -sq_keyserver_t sq_keyserver_with_cert (sq_context_t ctx, - sq_network_policy_t policy, - const char *uri, - const uint8_t *cert, - size_t len); - -/*/ -/// Returns a handle for keys.openpgp.org. -/// -/// The server at `hkps://keys.openpgp.org` distributes updates for -/// OpenPGP certificates. It is a good default choice. -/// -/// Returns `NULL` on errors. -/*/ -sq_keyserver_t sq_keyserver_keys_openpgp_org (sq_context_t ctx, - sq_network_policy_t policy); - -/*/ -/// Frees a keyserver object. -/*/ -void sq_keyserver_free (sq_keyserver_t ks); - -/*/ -/// Retrieves the key with the given `keyid`. -/// -/// Returns `NULL` on errors. -/*/ -pgp_cert_t sq_keyserver_get (sq_context_t ctx, - sq_keyserver_t ks, < |