From 80b22b2b58ce138304b1e0e228e17edada88a195 Mon Sep 17 00:00:00 2001 From: mematthias <107192630+mematthias@users.noreply.github.com> Date: Wed, 25 Jun 2025 22:49:01 +0200 Subject: [PATCH 1/2] Crate now compiles successfully on Windows (compiled with Rust 1.77 and 1.87) Signed-off-by: mematthias <107192630+mematthias@users.noreply.github.com> --- cryptoki/src/mechanism/kbkdf.rs | 1 + cryptoki/src/slot/slot_info.rs | 4 +- cryptoki/src/types.rs | 9 +++- cryptoki/tests/basic.rs | 78 ++++++++++++++++----------------- 4 files changed, 50 insertions(+), 42 deletions(-) diff --git a/cryptoki/src/mechanism/kbkdf.rs b/cryptoki/src/mechanism/kbkdf.rs index 0ec0672f..c6caf011 100644 --- a/cryptoki/src/mechanism/kbkdf.rs +++ b/cryptoki/src/mechanism/kbkdf.rs @@ -4,6 +4,7 @@ //! See: use core::{convert::TryInto, marker::PhantomData, ptr}; +use std::mem::size_of; use std::num::NonZeroUsize; use cryptoki_sys::{ diff --git a/cryptoki/src/slot/slot_info.rs b/cryptoki/src/slot/slot_info.rs index 41e48560..50e74891 100644 --- a/cryptoki/src/slot/slot_info.rs +++ b/cryptoki/src/slot/slot_info.rs @@ -10,8 +10,8 @@ use std::fmt::Debug; bitflags! { /// Collection of flags defined for [`CK_SLOT_INFO`] struct SlotInfoFlags: CK_FLAGS { - const TOKEN_PRESENT=CKF_TOKEN_PRESENT; - const REMOVABLE_DEVICE=CKF_REMOVABLE_DEVICE; + const TOKEN_PRESENT = CKF_TOKEN_PRESENT; + const REMOVABLE_DEVICE = CKF_REMOVABLE_DEVICE; const HW_SLOT = CKF_HW_SLOT; } } diff --git a/cryptoki/src/types.rs b/cryptoki/src/types.rs index 995a8348..dd9c6f12 100644 --- a/cryptoki/src/types.rs +++ b/cryptoki/src/types.rs @@ -127,6 +127,14 @@ pub struct Ulong { val: CK_ULONG, } +impl Ulong { + /// Create a new variable + #[must_use] + pub const fn new(ulong: CK_ULONG) -> Self { + Ulong { val: ulong } + } +} + impl Deref for Ulong { type Target = CK_ULONG; @@ -284,7 +292,6 @@ pub type RawAuthPin = SecretBox>; #[cfg(test)] mod test { - use super::*; const UTC_TIME: UtcTime = UtcTime { year: 1970, diff --git a/cryptoki/tests/basic.rs b/cryptoki/tests/basic.rs index 6f54db3b..2cd3d4ab 100644 --- a/cryptoki/tests/basic.rs +++ b/cryptoki/tests/basic.rs @@ -18,7 +18,7 @@ use cryptoki::object::{ Attribute, AttributeInfo, AttributeType, KeyType, ObjectClass, ObjectHandle, }; use cryptoki::session::{SessionState, UserType}; -use cryptoki::types::AuthPin; +use cryptoki::types::{AuthPin, Ulong}; use serial_test::serial; use std::collections::HashMap; use std::num::NonZeroUsize; @@ -27,8 +27,8 @@ use std::thread; use cryptoki::mechanism::ekdf::AesCbcDeriveParams; use testresult::TestResult; -const AES128_BLOCK_SIZE: usize = 128 / 8; -const AES256_BLOCK_SIZE: usize = 256 / 8; +const AES128_BLOCK_SIZE: Ulong = Ulong::new(128 / 8); +const AES256_BLOCK_SIZE: Ulong = Ulong::new(256 / 8); #[test] #[serial] @@ -455,7 +455,7 @@ fn encrypt_decrypt_multipart() -> TestResult { let template = vec![ Attribute::Token(true), Attribute::Private(false), - Attribute::ValueLen((AES128_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES128_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), ]; @@ -473,7 +473,7 @@ fn encrypt_decrypt_multipart() -> TestResult { session.encrypt_init(&Mechanism::AesEcb, key)?; let mut encrypted_data = vec![]; - for part in data.chunks(AES128_BLOCK_SIZE) { + for part in data.chunks(AES128_BLOCK_SIZE.into()) { encrypted_data.extend(session.encrypt_update(part)?); } encrypted_data.extend(session.encrypt_final()?); @@ -482,7 +482,7 @@ fn encrypt_decrypt_multipart() -> TestResult { session.decrypt_init(&Mechanism::AesEcb, key)?; let mut decrypted_data = vec![]; - for part in encrypted_data.chunks(AES128_BLOCK_SIZE) { + for part in encrypted_data.chunks(AES128_BLOCK_SIZE.into()) { decrypted_data.extend(session.decrypt_update(part)?); } decrypted_data.extend(session.decrypt_final()?); @@ -566,7 +566,7 @@ fn encrypt_decrypt_multipart_already_initialized() -> TestResult { let template = vec![ Attribute::Token(true), Attribute::Private(false), - Attribute::ValueLen((AES128_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES128_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), ]; @@ -1197,7 +1197,7 @@ fn get_attribute_info_test() -> TestResult { session.generate_key_pair(&mechanism, &pub_key_template, &priv_key_template)?; let pub_attribs = vec![AttributeType::PublicExponent, AttributeType::Modulus]; - let mut priv_attribs = [ + let priv_attribs = [ AttributeType::PublicExponent, AttributeType::Modulus, AttributeType::PrivateExponent, @@ -1678,7 +1678,7 @@ fn sha256_digest_multipart_with_key() -> TestResult { let key_template = vec![ Attribute::Token(true), Attribute::Private(false), - Attribute::ValueLen((AES128_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES128_BLOCK_SIZE), // Key must be non-sensitive and extractable to get its bytes and digest them directly, for comparison Attribute::Sensitive(false), Attribute::Extractable(true), @@ -2179,7 +2179,7 @@ fn kbkdf_counter_mode() -> TestResult { let base_template = [ Attribute::Token(true), Attribute::Private(false), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Derive(true), ]; let base_key = session.generate_key(&Mechanism::AesKeyGen, &base_template)?; @@ -2190,7 +2190,7 @@ fn kbkdf_counter_mode() -> TestResult { Attribute::Private(false), Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), ]; @@ -2234,7 +2234,7 @@ fn kbkdf_counter_mode() -> TestResult { let wanted_attributes = [ Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), Attribute::Sign(false), @@ -2272,7 +2272,7 @@ fn kbkdf_feedback_mode() -> TestResult { let base_template = [ Attribute::Token(true), Attribute::Private(false), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Derive(true), ]; let base_key = session.generate_key(&Mechanism::AesKeyGen, &base_template)?; @@ -2283,7 +2283,7 @@ fn kbkdf_feedback_mode() -> TestResult { Attribute::Private(false), Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), ]; @@ -2350,7 +2350,7 @@ fn kbkdf_feedback_mode() -> TestResult { let wanted_attributes = [ Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), Attribute::Sign(false), @@ -2389,7 +2389,7 @@ fn kbkdf_double_pipeline_mode() -> TestResult { let base_template = [ Attribute::Token(true), Attribute::Private(false), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Derive(true), ]; let base_key = session.generate_key(&Mechanism::AesKeyGen, &base_template)?; @@ -2400,7 +2400,7 @@ fn kbkdf_double_pipeline_mode() -> TestResult { Attribute::Private(false), Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), ]; @@ -2440,7 +2440,7 @@ fn kbkdf_double_pipeline_mode() -> TestResult { let wanted_attributes = [ Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), Attribute::Sign(false), @@ -2478,7 +2478,7 @@ fn kbkdf_additional_keys_counter_mode() -> TestResult { let base_template = [ Attribute::Token(true), Attribute::Private(false), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Derive(true), ]; let base_key = session.generate_key(&Mechanism::AesKeyGen, &base_template)?; @@ -2490,7 +2490,7 @@ fn kbkdf_additional_keys_counter_mode() -> TestResult { Attribute::Private(false), Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), ], @@ -2499,7 +2499,7 @@ fn kbkdf_additional_keys_counter_mode() -> TestResult { Attribute::Private(false), Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES128_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES128_BLOCK_SIZE), Attribute::Sign(true), Attribute::Verify(true), ], @@ -2570,7 +2570,7 @@ fn kbkdf_additional_keys_counter_mode() -> TestResult { vec![ Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), Attribute::Sign(false), @@ -2580,7 +2580,7 @@ fn kbkdf_additional_keys_counter_mode() -> TestResult { vec![ Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES128_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES128_BLOCK_SIZE), Attribute::Encrypt(false), Attribute::Decrypt(false), Attribute::Sign(true), @@ -2634,7 +2634,7 @@ fn kbkdf_additional_keys_feedback_mode() -> TestResult { let base_template = [ Attribute::Token(true), Attribute::Private(false), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Derive(true), ]; let base_key = session.generate_key(&Mechanism::AesKeyGen, &base_template)?; @@ -2646,7 +2646,7 @@ fn kbkdf_additional_keys_feedback_mode() -> TestResult { Attribute::Private(false), Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), ], @@ -2655,7 +2655,7 @@ fn kbkdf_additional_keys_feedback_mode() -> TestResult { Attribute::Private(false), Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES128_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES128_BLOCK_SIZE), Attribute::Sign(true), Attribute::Verify(true), ], @@ -2759,7 +2759,7 @@ fn kbkdf_additional_keys_feedback_mode() -> TestResult { vec![ Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), Attribute::Sign(false), @@ -2769,7 +2769,7 @@ fn kbkdf_additional_keys_feedback_mode() -> TestResult { vec![ Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES128_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES128_BLOCK_SIZE), Attribute::Encrypt(false), Attribute::Decrypt(false), Attribute::Sign(true), @@ -2819,7 +2819,7 @@ fn kbkdf_additional_keys_double_pipeline_mode() -> TestResult { let base_template = [ Attribute::Token(true), Attribute::Private(false), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Derive(true), ]; let base_key = session.generate_key(&Mechanism::AesKeyGen, &base_template)?; @@ -2831,7 +2831,7 @@ fn kbkdf_additional_keys_double_pipeline_mode() -> TestResult { Attribute::Private(false), Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), ], @@ -2840,7 +2840,7 @@ fn kbkdf_additional_keys_double_pipeline_mode() -> TestResult { Attribute::Private(false), Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES128_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES128_BLOCK_SIZE), Attribute::Sign(true), Attribute::Verify(true), ], @@ -2907,7 +2907,7 @@ fn kbkdf_additional_keys_double_pipeline_mode() -> TestResult { vec![ Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), Attribute::Sign(false), @@ -2917,7 +2917,7 @@ fn kbkdf_additional_keys_double_pipeline_mode() -> TestResult { vec![ Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES128_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES128_BLOCK_SIZE), Attribute::Encrypt(false), Attribute::Decrypt(false), Attribute::Sign(true), @@ -2971,7 +2971,7 @@ fn kbkdf_invalid_data_params_counter_mode() -> TestResult { let base_template = [ Attribute::Token(true), Attribute::Private(false), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Derive(true), ]; let base_key = session.generate_key(&Mechanism::AesKeyGen, &base_template)?; @@ -2982,7 +2982,7 @@ fn kbkdf_invalid_data_params_counter_mode() -> TestResult { Attribute::Private(false), Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), ]; @@ -3120,7 +3120,7 @@ fn kbkdf_invalid_data_params_feedback_mode() -> TestResult { let base_template = [ Attribute::Token(true), Attribute::Private(false), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Derive(true), ]; let base_key = session.generate_key(&Mechanism::AesKeyGen, &base_template)?; @@ -3131,7 +3131,7 @@ fn kbkdf_invalid_data_params_feedback_mode() -> TestResult { Attribute::Private(false), Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), ]; @@ -3243,7 +3243,7 @@ fn kbkdf_invalid_data_params_double_pipeline_mode() -> TestResult { let base_template = [ Attribute::Token(true), Attribute::Private(false), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Derive(true), ]; let base_key = session.generate_key(&Mechanism::AesKeyGen, &base_template)?; @@ -3254,7 +3254,7 @@ fn kbkdf_invalid_data_params_double_pipeline_mode() -> TestResult { Attribute::Private(false), Attribute::Class(ObjectClass::SECRET_KEY), Attribute::KeyType(KeyType::AES), - Attribute::ValueLen((AES256_BLOCK_SIZE as u64).into()), + Attribute::ValueLen(AES256_BLOCK_SIZE), Attribute::Encrypt(true), Attribute::Decrypt(true), ]; From 07cb1882edcbeffb3f496d0f7c54fdb5cf9e7f78 Mon Sep 17 00:00:00 2001 From: Wiktor Kwapisiewicz Date: Mon, 12 May 2025 16:13:30 +0200 Subject: [PATCH 2/2] Add simple build on Windows CI action Signed-off-by: Wiktor Kwapisiewicz --- .github/workflows/ci.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 98dee93d..085fc4f0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -41,6 +41,13 @@ jobs: - name: "Installs SoftHSM and execute tests" uses: ./.github/actions/ci_script + build-windows: + name: Build on Windows + runs-on: windows-latest + steps: + - uses: actions/checkout@v4 + - run: cargo check --all-features --workspace --all-targets + tests-kryoptic: name: Run tests against Kryoptic runs-on: ubuntu-latest