Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support new randomness generation in AWS-LC #708

Merged
merged 3 commits into from
Mar 3, 2025
Merged

Support new randomness generation in AWS-LC #708

merged 3 commits into from
Mar 3, 2025

Conversation

torben-hansen
Copy link
Contributor

@torben-hansen torben-hansen commented Feb 25, 2025
edited
Loading

Description of changes:

aws/aws-lc#2220 introduces a new method to import Jitter Entropy and previous PRs added Jitter Entropy for all build types.

This didn't quite work with aws-lc-rs build that only expected Jitter Entropy for some select FIPS builds.

Testing:

Following succeded"

git clone https://github.com/aws/aws-lc-rs.git
cd aws-lc-rs/
git fetch origin pull/708/head:PR708
git checkout PR708
cd aws-lc-sys/
rm -rf aws-lc/
git clone https://github.com/aws/aws-lc.git
cd aws-lc/
git fetch origin pull/2220/head:PR2220
git checkout PR2220
cd ../..
AWS_LC_SYS_NO_PREFIX=1 AWS_LC_SYS_C_STD=99 cargo test -p aws-lc-sys --features bindgen
./scripts/build/collect_symbols.sh -c aws-lc-sys
./scripts/generate/_generate_prefix_headers.sh -c aws-lc-sys
./scripts/ci/update_sys_crate_metadata.sh aws-lc-sys
AWS_LC_SYS_PREGENERATING_BINDINGS=1 cargo test -p aws-lc-sys --features bindgen
./scripts/build/collect_build_src.sh

It simulates https://github.com/aws/aws-lc/blob/main/.github/workflows/aws-lc-rs.yml#L16 with aws/aws-lc#2220.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

@torben-hansen
Copy link
Contributor Author

I'm implementation the new randomness generation and importing jitter entropy in a new way. Jitter entropy is causing issues with the aws-lc-rs build. aws/aws-lc#2220 shows the current problems.

Firstly, problem with prefixing. Build errors such as

= note:    Creating library D:\a\aws-lc\aws-lc\aws-lc-rs\target\x86_64-pc-windows-msvc\debug\deps\sanity_tests-57e4e5ae6f1e6b01.lib and object D:\a\aws-lc\aws-lc\aws-lc-rs\target\x86_64-pc-windows-msvc\debug\deps\sanity_tests-57e4e5ae6f1e6b01.exp␍
          libaws_lc_sys-c0626afe81e8cfa8.rlib(bcm.obj) : error LNK2019: unresolved external symbol aws_lc_0_26_0_jent_read_entropy referenced in function tree_jitter_get_root_seed␍
          libaws_lc_sys-c0626afe81e8cfa8.rlib(bcm.obj) : error LNK2019: unresolved external symbol aws_lc_0_26_0_jent_entropy_collector_alloc referenced in function tree_jitter_get_root_seed␍
          libaws_lc_sys-c06[26](https://github.com/aws/aws-lc/actions/runs/13525047210/job/37793340748?pr=2220#step:13:27)afe81e8cfa8.rlib(bcm.obj) : error LNK2019: unresolved external symbol aws_lc_0_26_0_jent_entropy_collector_free referenced in function tree_jitter_get_root_seed␍
          D:\a\aws-lc\aws-lc\aws-lc-rs\target\x86_64-pc-windows-msvc\debug\deps\sanity_tests-57e4e5ae6f1e6b01.exe : fatal error LNK1120: 3 unresolved externals␍

I think this can be resolved by just filtering them out during symbol analysis.

The second problem is something like this:

 exit status: 0
  cargo:warning=In file included from /home/runner/work/aws-lc/aws-lc/aws-lc-rs/aws-lc-sys/aws-lc/third_party/jitterentropy/jitterentropy-library/src/jitterentropy-gcd.h:23,
  cargo:warning=                 from /home/runner/work/aws-lc/aws-lc/aws-lc-rs/aws-lc-sys/aws-lc/third_party/jitterentropy/jitterentropy-library/src/jitterentropy-base.c:33:
  cargo:warning=/home/runner/work/aws-lc/aws-lc/aws-lc-rs/aws-lc-sys/aws-lc/third_party/jitterentropy/jitterentropy-library/src/jitterentropy-internal.h:45:10: fatal error: jitterentropy.h: No such file or directory
  cargo:warning=   45 | #include "jitterentropy.h"

Not sure what that is about atm.

@codecov-commenter
Copy link

codecov-commenter commented Feb 25, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 92.89%. Comparing base (c358484) to head (6c2615c).
Report is 177 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #708      +/-   ##
==========================================
- Coverage   95.80%   92.89%   -2.91%     
==========================================
  Files          61       70       +9     
  Lines        8143     9538    +1395     
  Branches        0     9538    +9538     
==========================================
+ Hits         7801     8860    +1059     
- Misses        342      412      +70     
- Partials        0      266     +266

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

justsmth
justsmth previously approved these changes Feb 25, 2025
View reviewed changes
@torben-hansen torben-hansen marked this pull request as ready for review February 26, 2025 00:53
@torben-hansen torben-hansen requested a review from a team as a code owner February 26, 2025 00:53
@torben-hansen torben-hansen enabled auto-merge (squash) February 26, 2025 00:56
@torben-hansen torben-hansen merged commit b18e227 into aws:main Mar 3, 2025
258 of 264 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@skmcgrail skmcgrail skmcgrail approved these changes

@justsmth justsmth justsmth approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@torben-hansen @codecov-commenter @skmcgrail @justsmth