sfackler · alex · Mar 19, 2025 · Mar 18, 2025 · Mar 18, 2025 · Mar 19, 2025
diff --git a/openssl/build.rs b/openssl/build.rs
@@ -33,6 +33,7 @@ fn main() {
     println!("cargo:rustc-check-cfg=cfg(libressl382)");
     println!("cargo:rustc-check-cfg=cfg(libressl390)");
     println!("cargo:rustc-check-cfg=cfg(libressl400)");
+    println!("cargo:rustc-check-cfg=cfg(libressl410)");
 
     println!("cargo:rustc-check-cfg=cfg(ossl101)");
     println!("cargo:rustc-check-cfg=cfg(ossl102)");
@@ -121,6 +122,9 @@ fn main() {
         if version >= 0x4_00_00_00_0 {
             println!("cargo:rustc-cfg=libressl400");
         }
+        if version >= 0x4_01_00_00_0 {
+            println!("cargo:rustc-cfg=libressl410");
+        }
     }
 
     if let Ok(vars) = env::var("DEP_OPENSSL_CONF") {

diff --git a/openssl/src/bn.rs b/openssl/src/bn.rs
@@ -37,18 +37,15 @@ use crate::{cvt, cvt_n, cvt_p, LenType};
 use openssl_macros::corresponds;
 
 cfg_if! {
-    if #[cfg(any(ossl110, libressl350))] {
+    if #[cfg(any(ossl110, libressl350, awslc))] {
         use ffi::{
-            BN_get_rfc2409_prime_1024, BN_get_rfc2409_prime_768, BN_get_rfc3526_prime_1536,
-            BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096,
+            BN_get_rfc3526_prime_1536, BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096,
             BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192, BN_is_negative,
         };
-    } else if #[cfg(any(boringssl, awslc))] {
+    } else if #[cfg(boringssl)] {
         use ffi::BN_is_negative;
     } else {
         use ffi::{
-            get_rfc2409_prime_1024 as BN_get_rfc2409_prime_1024,
-            get_rfc2409_prime_768 as BN_get_rfc2409_prime_768,
             get_rfc3526_prime_1536 as BN_get_rfc3526_prime_1536,
             get_rfc3526_prime_2048 as BN_get_rfc3526_prime_2048,
             get_rfc3526_prime_3072 as BN_get_rfc3526_prime_3072,
@@ -64,6 +61,19 @@ cfg_if! {
     }
 }
 
+cfg_if! {
+    if #[cfg(any(ossl110, libressl350))] {
+        use ffi::{
+            BN_get_rfc2409_prime_1024, BN_get_rfc2409_prime_768
+        };
+    } else if #[cfg(not(any(boringssl, awslc)))] {
+        use ffi::{
+            get_rfc2409_prime_1024 as BN_get_rfc2409_prime_1024,
+            get_rfc2409_prime_768 as BN_get_rfc2409_prime_768,
+        };
+    }
+}
+
 /// Options for the most significant bits of a randomly generated `BigNum`.
 pub struct MsbOption(c_int);
 
@@ -1014,7 +1024,7 @@ impl BigNum {
     ///
     /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-3
     #[corresponds(BN_get_rfc3526_prime_1536)]
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn get_rfc3526_prime_1536() -> Result<BigNum, ErrorStack> {
         unsafe {
             ffi::init();
@@ -1028,7 +1038,7 @@ impl BigNum {
     ///
     /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-3
     #[corresponds(BN_get_rfc3526_prime_2048)]
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn get_rfc3526_prime_2048() -> Result<BigNum, ErrorStack> {
         unsafe {
             ffi::init();
@@ -1042,7 +1052,7 @@ impl BigNum {
     ///
     /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-4
     #[corresponds(BN_get_rfc3526_prime_3072)]
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn get_rfc3526_prime_3072() -> Result<BigNum, ErrorStack> {
         unsafe {
             ffi::init();
@@ -1056,7 +1066,7 @@ impl BigNum {
     ///
     /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-4
     #[corresponds(BN_get_rfc3526_prime_4096)]
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn get_rfc3526_prime_4096() -> Result<BigNum, ErrorStack> {
         unsafe {
             ffi::init();
@@ -1070,7 +1080,7 @@ impl BigNum {
     ///
     /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-6
     #[corresponds(BN_get_rfc3526_prime_6114)]
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn get_rfc3526_prime_6144() -> Result<BigNum, ErrorStack> {
         unsafe {
             ffi::init();
@@ -1084,7 +1094,7 @@ impl BigNum {
     ///
     /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-6
     #[corresponds(BN_get_rfc3526_prime_8192)]
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn get_rfc3526_prime_8192() -> Result<BigNum, ErrorStack> {
         unsafe {
             ffi::init();

diff --git a/openssl/src/cipher.rs b/openssl/src/cipher.rs
@@ -166,7 +166,7 @@ impl Cipher {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_xts() as *mut _) }
     }
 
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn aes_256_xts() -> &'static CipherRef {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_xts() as *mut _) }
     }
@@ -175,17 +175,17 @@ impl Cipher {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ctr() as *mut _) }
     }
 
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn aes_128_cfb1() -> &'static CipherRef {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb1() as *mut _) }
     }
 
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn aes_128_cfb128() -> &'static CipherRef {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb128() as *mut _) }
     }
 
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn aes_128_cfb8() -> &'static CipherRef {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_cfb8() as *mut _) }
     }
@@ -194,7 +194,7 @@ impl Cipher {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_gcm() as *mut _) }
     }
 
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn aes_128_ccm() -> &'static CipherRef {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_128_ccm() as *mut _) }
     }
@@ -233,7 +233,7 @@ impl Cipher {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ctr() as *mut _) }
     }
 
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn aes_192_cfb1() -> &'static CipherRef {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb1() as *mut _) }
     }
@@ -242,7 +242,7 @@ impl Cipher {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb128() as *mut _) }
     }
 
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn aes_192_cfb8() -> &'static CipherRef {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_cfb8() as *mut _) }
     }
@@ -251,7 +251,7 @@ impl Cipher {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_gcm() as *mut _) }
     }
 
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn aes_192_ccm() -> &'static CipherRef {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_192_ccm() as *mut _) }
     }
@@ -290,7 +290,7 @@ impl Cipher {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ctr() as *mut _) }
     }
 
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn aes_256_cfb1() -> &'static CipherRef {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb1() as *mut _) }
     }
@@ -299,7 +299,7 @@ impl Cipher {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb128() as *mut _) }
     }
 
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn aes_256_cfb8() -> &'static CipherRef {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_cfb8() as *mut _) }
     }
@@ -308,7 +308,7 @@ impl Cipher {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_gcm() as *mut _) }
     }
 
-    #[cfg(not(any(boringssl, awslc)))]
+    #[cfg(not(boringssl))]
     pub fn aes_256_ccm() -> &'static CipherRef {
         unsafe { CipherRef::from_ptr(ffi::EVP_aes_256_ccm() as *mut _) }
     }
@@ -500,7 +500,7 @@ impl Cipher {
         unsafe { CipherRef::from_ptr(ffi::EVP_chacha20() as *mut _) }
     }
 
-    #[cfg(all(any(ossl110, libressl360), not(osslconf = "OPENSSL_NO_CHACHA")))]
+    #[cfg(all(any(ossl110, libressl360, awslc), not(osslconf = "OPENSSL_NO_CHACHA")))]
     pub fn chacha20_poly1305() -> &'static CipherRef {
         unsafe { CipherRef::from_ptr(ffi::EVP_chacha20_poly1305() as *mut _) }
     }

diff --git a/openssl/src/cipher_ctx.rs b/openssl/src/cipher_ctx.rs
@@ -809,8 +809,173 @@ mod test {
         aes_128_cbc(cipher);
     }
 
+    #[cfg(not(boringssl))]
+    #[test]
+    fn default_aes_128_ccm() {
+        // from https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/ccmtestvectors.zip
+        let cipher = Cipher::aes_128_ccm();
+        aes_ccm(
+            cipher,
+            "26511fb51fcfa75cb4b44da75a6e5a0e",
+            "ea98ec44f5a86715014783172e",
+            "4da40b80579c1d9a5309f7efecb7c059a2f914511ca5fc10",
+            "e4692b9f06b666c7451b146c8aeb07a6e30c629d28065c3dde5940325b14b810",
+            "1bf0ba0ebb20d8edba59f29a9371750c9c714078f73c335d",
+            "2f1322ac69b848b001476323aed84c47",
+        );
+    }
+
+    #[cfg(not(boringssl))]
+    #[test]
+    fn default_aes_192_ccm() {
+        // from https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/ccmtestvectors.zip
+        let cipher = Cipher::aes_192_ccm();
+        aes_ccm(
+            cipher,
+            "26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886",
+            "ea98ec44f5a86715014783172e",
+            "4da40b80579c1d9a5309f7efecb7c059a2f914511ca5fc10",
+            "e4692b9f06b666c7451b146c8aeb07a6e30c629d28065c3dde5940325b14b810",
+            "30c154c616946eccc2e241d336ad33720953e449a0e6b0f0",
+            "dbf8e9464909bdf337e48093c082a10b",
+        );
+    }
+
+    #[cfg(not(boringssl))]
+    #[test]
+    fn default_aes_256_ccm() {
+        // from https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/ccmtestvectors.zip
+        let cipher = Cipher::aes_256_ccm();
+        aes_ccm(
+            cipher,
+            "314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e",
+            "3542fbe0f59a6d5f3abf619b7d",
+            "c5b3d71312ea14f2f8fae5bd1a453192b6604a45db75c5ed",
+            "dd4531f158a2fa3bc8a339f770595048f4a42bc1b03f2e824efc6ba4985119d8",
+            "39c2e8f6edfe663b90963b98eb79e2d4f7f28a5053ae8881",
+            "567a6b4426f1667136bed4a5e32a2bc1",
+        );
+    }
+
+    #[cfg(not(boringssl))]
+    fn aes_ccm(
+        cipher: &CipherRef,
+        key: &'static str,
+        iv: &'static str,
+        pt: &'static str,
+        aad: &'static str,
+        ct: &'static str,
+        tag: &'static str,
+    ) {
+        let key = hex::decode(key).unwrap();
+        let iv = hex::decode(iv).unwrap();
+        let pt = hex::decode(pt).unwrap();
+        let ct = hex::decode(ct).unwrap();
+        let aad = hex::decode(aad).unwrap();
+        let tag = hex::decode(tag).unwrap();
+
+        let mut ctx = CipherCtx::new().unwrap();
+
+        ctx.encrypt_init(Some(cipher), None, None).unwrap();
+        ctx.set_iv_length(iv.len()).unwrap();
+        ctx.set_tag_length(tag.len()).unwrap();
+        ctx.encrypt_init(None, Some(&key), Some(&iv)).unwrap();
+        ctx.set_data_len(pt.len()).unwrap();
+
+        let mut buf = vec![];
+        ctx.cipher_update(&aad, None).unwrap();
+        ctx.cipher_update_vec(&pt, &mut buf).unwrap();
+        ctx.cipher_final_vec(&mut buf).unwrap();
+        assert_eq!(buf, ct);
+
+        let mut out_tag = vec![0u8; tag.len()];
+        ctx.tag(&mut out_tag).unwrap();
+        assert_eq!(tag, out_tag);
+
+        ctx.decrypt_init(Some(cipher), None, None).unwrap();
+        ctx.set_iv_length(iv.len()).unwrap();
+        ctx.set_tag(&tag).unwrap();
+        ctx.decrypt_init(None, Some(&key), Some(&iv)).unwrap();
+        ctx.set_data_len(pt.len()).unwrap();
+
+        let mut buf = vec![];
+        ctx.cipher_update(&aad, None).unwrap();
+        ctx.cipher_update_vec(&ct, &mut buf).unwrap();
+        // Some older libraries don't support calling EVP_CipherFinal/EVP_DecryptFinal for CCM
+        // https://wiki.openssl.org/index.php/EVP_Authenticated_Encryption_and_Decryption#Authenticated_Decryption_using_CCM_mode
+        #[cfg(any(ossl111, awslc, boringssl))]
+        ctx.cipher_final_vec(&mut buf).unwrap();
+
+        assert_eq!(buf, pt);
+    }
+
+    #[cfg(not(any(boringssl, awslc)))]
+    #[test]
+    fn default_aes_128_xts() {
+        // https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/aes/XTSTestVectors.zip
+        let cipher = Cipher::aes_128_xts();
+        aes_xts(
+            cipher,
+            "a1b90cba3f06ac353b2c343876081762090923026e91771815f29dab01932f2f",
+            "4faef7117cda59c66e4b92013e768ad5",
+            "ebabce95b14d3c8d6fb350390790311c",
+            "778ae8b43cb98d5a825081d5be471c63",
+        );
+    }
+
+    #[cfg(not(boringssl))]
+    #[test]
+    fn default_aes_256_xts() {
+        // https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/aes/XTSTestVectors.zip
+        let cipher = Cipher::aes_256_xts();
+        aes_xts(cipher, "1ea661c58d943a0e4801e42f4b0947149e7f9f8e3e68d0c7505210bd311a0e7cd6e13ffdf2418d8d1911c004cda58da3d619b7e2b9141e58318eea392cf41b08", "adf8d92627464ad2f0428e84a9f87564", "2eedea52cd8215e1acc647e810bbc3642e87287f8d2e57e36c0a24fbc12a202e", "cbaad0e2f6cea3f50b37f934d46a9b130b9d54f07e34f36af793e86f73c6d7db");
+    }
+
+    #[cfg(not(boringssl))]
+    fn aes_xts(
+        cipher: &CipherRef,
+        key: &'static str,
+        i: &'static str,
+        pt: &'static str,
+        ct: &'static str,
+    ) {
+        let key = hex::decode(key).unwrap();
+        let i = hex::decode(i).unwrap();
+        let pt = hex::decode(pt).unwrap();
+        let ct = hex::decode(ct).unwrap();
+
+        let mut ctx = CipherCtx::new().unwrap();
+        ctx.encrypt_init(Some(cipher), Some(&key), Some(&i))
+            .unwrap();
+        let mut buf = vec![];
+        ctx.cipher_update_vec(&pt, &mut buf).unwrap();
+        ctx.cipher_final_vec(&mut buf).unwrap();
+
+        assert_eq!(ct, buf);
+
+        ctx.decrypt_init(Some(cipher), Some(&key), Some(&i))
+            .unwrap();
+        let mut buf = vec![];
+        ctx.cipher_update_vec(&ct, &mut buf).unwrap();
+        ctx.cipher_final_vec(&mut buf).unwrap();
+
+        assert_eq!(pt, buf);
+    }
+
     #[test]
     fn test_stream_ciphers() {
+        #[cfg(not(boringssl))]
+        {
+            test_stream_cipher(Cipher::aes_128_cfb1());
+            test_stream_cipher(Cipher::aes_128_cfb8());
+            test_stream_cipher(Cipher::aes_128_cfb128());
+            test_stream_cipher(Cipher::aes_192_cfb1());
+            test_stream_cipher(Cipher::aes_192_cfb8());
+            test_stream_cipher(Cipher::aes_192_cfb128());
+            test_stream_cipher(Cipher::aes_256_cfb1());
+            test_stream_cipher(Cipher::aes_256_cfb8());
+            test_stream_cipher(Cipher::aes_256_cfb128());
+        }
         test_stream_cipher(Cipher::aes_192_ctr());
         test_stream_cipher(Cipher::aes_256_ctr());
     }