diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b25c1f0ed..260d773d3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -60,6 +60,25 @@ jobs: aws s3 cp --debug s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh ./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-swift-5-${{ matrix.image }} build -p ${{ env.PACKAGE_NAME }} + linux-android: + runs-on: ubuntu-latest + steps: + - uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ env.CRT_CI_ROLE }} + aws-region: ${{ env.AWS_DEFAULT_REGION }} + - name: Checkout repository + uses: actions/checkout@v4 + with: + submodules: true + fetch-depth: 0 + - name: "Test Swift Package on Android" + uses: skiptools/swift-android-action@v2 + with: + # Ubuntu runners low on space causes the emulator to fail to install + free-disk-space: true + run-tests: false + macos: runs-on: ${{ matrix.runner }} env: diff --git a/.gitmodules b/.gitmodules index b07e914a4..1606f57c8 100644 --- a/.gitmodules +++ b/.gitmodules @@ -31,3 +31,6 @@ [submodule "aws-common-runtime/aws-c-mqtt"] path = aws-common-runtime/aws-c-mqtt url = https://github.com/awslabs/aws-c-mqtt.git +[submodule "aws-common-runtime/aws-lc"] + path = aws-common-runtime/aws-lc + url = https://github.com/aws/aws-lc diff --git a/Package.swift b/Package.swift index 128c9fa64..88a3c64df 100644 --- a/Package.swift +++ b/Package.swift @@ -13,15 +13,170 @@ var package = Package( platforms: [.iOS(.v13), .macOS(.v10_15), .tvOS(.v13), .watchOS(.v6)], products: [ .library(name: "AwsCommonRuntimeKit", targets: ["AwsCommonRuntimeKit"]) - ] + ], + cxxLanguageStandard: .cxx14 ) +////////////////////////////////////////////////////////////////////// +// MARK: - aws-lc (libcrypto) +// +// Built from source for all non-Apple platforms (Linux, Android, etc). +// On Apple platforms, native Security.framework / CommonCrypto are used +// by aws-c-cal and aws-c-io, so this target is conditionally linked. +// +// Uses OPENSSL_NO_ASM for portability (pure C fallbacks). +// Uses DISABLE_CPU_JITTER_ENTROPY (OS entropy is sufficient for non-FIPS). +////////////////////////////////////////////////////////////////////// +// Explicit source file list for aws-lc's libcrypto. +// Directory-based auto-discovery is impractical here because aws-lc has +// test data files (.pem, .txt, .errordata, .p12) deeply embedded alongside +// source files in 15+ directories, and SwiftPM tries to compile them all. +let awsLCSources: [String] = [ + // crypto/ sources (from crypto/CMakeLists.txt crypto_objects) + "crypto/asn1/a_bitstr.c", "crypto/asn1/a_bool.c", "crypto/asn1/a_d2i_fp.c", + "crypto/asn1/a_dup.c", "crypto/asn1/a_gentm.c", "crypto/asn1/a_i2d_fp.c", + "crypto/asn1/a_int.c", "crypto/asn1/a_mbstr.c", "crypto/asn1/a_object.c", + "crypto/asn1/a_octet.c", "crypto/asn1/a_strex.c", "crypto/asn1/a_strnid.c", + "crypto/asn1/a_time.c", "crypto/asn1/a_type.c", "crypto/asn1/a_utctm.c", + "crypto/asn1/a_utf8.c", "crypto/asn1/asn1_lib.c", "crypto/asn1/asn1_par.c", + "crypto/asn1/asn_pack.c", "crypto/asn1/f_int.c", "crypto/asn1/f_string.c", + "crypto/asn1/tasn_dec.c", "crypto/asn1/tasn_enc.c", "crypto/asn1/tasn_fre.c", + "crypto/asn1/tasn_new.c", "crypto/asn1/tasn_typ.c", "crypto/asn1/tasn_utl.c", + "crypto/asn1/posix_time.c", + "crypto/base64/base64.c", + "crypto/bio/bio.c", "crypto/bio/bio_addr.c", "crypto/bio/bio_mem.c", + "crypto/bio/connect.c", "crypto/bio/dgram.c", "crypto/bio/errno.c", + "crypto/bio/fd.c", "crypto/bio/file.c", "crypto/bio/hexdump.c", + "crypto/bio/md.c", "crypto/bio/pair.c", "crypto/bio/printf.c", + "crypto/bio/socket.c", "crypto/bio/socket_helper.c", + "crypto/blake2/blake2.c", + "crypto/bn_extra/bn_asn1.c", "crypto/bn_extra/convert.c", + "crypto/buf/buf.c", + "crypto/bytestring/asn1_compat.c", "crypto/bytestring/ber.c", + "crypto/bytestring/cbb.c", "crypto/bytestring/cbs.c", + "crypto/bytestring/unicode.c", + "crypto/chacha/chacha.c", + "crypto/cipher_extra/cipher_extra.c", "crypto/cipher_extra/derive_key.c", + "crypto/cipher_extra/e_aesctrhmac.c", "crypto/cipher_extra/e_aesgcmsiv.c", + "crypto/cipher_extra/e_chacha20poly1305.c", + "crypto/cipher_extra/e_aes_cbc_hmac_sha1.c", + "crypto/cipher_extra/e_aes_cbc_hmac_sha256.c", + "crypto/cipher_extra/e_des.c", "crypto/cipher_extra/e_null.c", + "crypto/cipher_extra/e_rc2.c", "crypto/cipher_extra/e_rc4.c", + "crypto/cipher_extra/e_tls.c", "crypto/cipher_extra/tls_cbc.c", + "crypto/conf/conf.c", + "crypto/console/console.c", + "crypto/crypto.c", + "crypto/des/des.c", + "crypto/dh_extra/params.c", "crypto/dh_extra/dh_asn1.c", + "crypto/digest_extra/digest_extra.c", + "crypto/dsa/dsa.c", "crypto/dsa/dsa_asn1.c", + "crypto/ecdh_extra/ecdh_extra.c", + "crypto/ecdsa_extra/ecdsa_asn1.c", + "crypto/ec_extra/ec_asn1.c", "crypto/ec_extra/ec_derive.c", + "crypto/ec_extra/hash_to_curve.c", + "crypto/err/err.c", + "crypto/engine/engine.c", + "crypto/evp_extra/evp_asn1.c", "crypto/evp_extra/p_dh.c", + "crypto/evp_extra/p_dh_asn1.c", "crypto/evp_extra/p_dsa.c", + "crypto/evp_extra/p_dsa_asn1.c", "crypto/evp_extra/p_ec_asn1.c", + "crypto/evp_extra/p_ed25519_asn1.c", "crypto/evp_extra/p_hmac_asn1.c", + "crypto/evp_extra/p_kem_asn1.c", "crypto/evp_extra/p_pqdsa_asn1.c", + "crypto/evp_extra/p_rsa_asn1.c", "crypto/evp_extra/p_x25519.c", + "crypto/evp_extra/p_x25519_asn1.c", "crypto/evp_extra/p_methods.c", + "crypto/evp_extra/print.c", "crypto/evp_extra/scrypt.c", + "crypto/evp_extra/sign.c", + "crypto/ex_data.c", + "crypto/hpke/hpke.c", + "crypto/hrss/hrss.c", + "crypto/lhash/lhash.c", + "crypto/md4/md4.c", + "crypto/mem.c", + "crypto/obj/obj.c", "crypto/obj/obj_xref.c", + "crypto/ocsp/ocsp_asn.c", "crypto/ocsp/ocsp_client.c", + "crypto/ocsp/ocsp_extension.c", "crypto/ocsp/ocsp_http.c", + "crypto/ocsp/ocsp_lib.c", "crypto/ocsp/ocsp_print.c", + "crypto/ocsp/ocsp_server.c", "crypto/ocsp/ocsp_verify.c", + "crypto/pem/pem_all.c", "crypto/pem/pem_info.c", "crypto/pem/pem_lib.c", + "crypto/pem/pem_oth.c", "crypto/pem/pem_pk8.c", "crypto/pem/pem_pkey.c", + "crypto/pem/pem_x509.c", "crypto/pem/pem_xaux.c", + "crypto/pkcs7/bio/cipher.c", "crypto/pkcs7/pkcs7.c", + "crypto/pkcs7/pkcs7_asn1.c", "crypto/pkcs7/pkcs7_x509.c", + "crypto/pkcs8/pkcs8.c", "crypto/pkcs8/pkcs8_x509.c", + "crypto/pkcs8/p5_pbev2.c", + "crypto/poly1305/poly1305.c", "crypto/poly1305/poly1305_arm.c", + "crypto/poly1305/poly1305_vec.c", + "crypto/pool/pool.c", + "crypto/rand_extra/ccrandomgeneratebytes.c", + "crypto/rand_extra/deterministic.c", "crypto/rand_extra/getentropy.c", + "crypto/rand_extra/rand_extra.c", "crypto/rand_extra/vm_ube_fallback.c", + "crypto/rand_extra/urandom.c", "crypto/rand_extra/windows.c", + "crypto/rc4/rc4.c", + "crypto/refcount_c11.c", "crypto/refcount_lock.c", "crypto/refcount_win.c", + "crypto/rsa_extra/rsa_asn1.c", "crypto/rsa_extra/rsassa_pss_asn1.c", + "crypto/rsa_extra/rsa_crypt.c", "crypto/rsa_extra/rsa_print.c", + "crypto/stack/stack.c", + "crypto/siphash/siphash.c", + "crypto/spake25519/spake25519.c", + "crypto/thread.c", "crypto/thread_none.c", + "crypto/thread_pthread.c", "crypto/thread_win.c", + "crypto/trust_token/pmbtoken.c", "crypto/trust_token/trust_token.c", + "crypto/trust_token/voprf.c", + "crypto/ube/ube.c", "crypto/ube/fork_ube_detect.c", + "crypto/ube/vm_ube_detect.c", + "crypto/x509/a_digest.c", "crypto/x509/a_sign.c", "crypto/x509/a_verify.c", + "crypto/x509/algorithm.c", "crypto/x509/asn1_gen.c", + "crypto/x509/by_dir.c", "crypto/x509/by_file.c", "crypto/x509/i2d_pr.c", + "crypto/x509/name_print.c", "crypto/x509/policy.c", + "crypto/x509/rsa_pss.c", "crypto/x509/t_crl.c", "crypto/x509/t_req.c", + "crypto/x509/t_x509.c", "crypto/x509/t_x509a.c", + "crypto/x509/v3_akey.c", "crypto/x509/v3_akeya.c", "crypto/x509/v3_alt.c", + "crypto/x509/v3_bcons.c", "crypto/x509/v3_bitst.c", + "crypto/x509/v3_conf.c", "crypto/x509/v3_cpols.c", + "crypto/x509/v3_crld.c", "crypto/x509/v3_enum.c", + "crypto/x509/v3_extku.c", "crypto/x509/v3_genn.c", + "crypto/x509/v3_ia5.c", "crypto/x509/v3_info.c", "crypto/x509/v3_int.c", + "crypto/x509/v3_lib.c", "crypto/x509/v3_ncons.c", "crypto/x509/v3_ocsp.c", + "crypto/x509/v3_pcons.c", "crypto/x509/v3_pmaps.c", + "crypto/x509/v3_prn.c", "crypto/x509/v3_purp.c", "crypto/x509/v3_skey.c", + "crypto/x509/v3_utl.c", + "crypto/x509/x_algor.c", "crypto/x509/x_all.c", "crypto/x509/x_attrib.c", + "crypto/x509/x_crl.c", "crypto/x509/x_exten.c", "crypto/x509/x_name.c", + "crypto/x509/x_pubkey.c", "crypto/x509/x_req.c", "crypto/x509/x_sig.c", + "crypto/x509/x_spki.c", "crypto/x509/x_val.c", "crypto/x509/x_x509.c", + "crypto/x509/x_x509a.c", "crypto/x509/x509_att.c", + "crypto/x509/x509_cmp.c", "crypto/x509/x509_d2.c", + "crypto/x509/x509_def.c", "crypto/x509/x509_ext.c", + "crypto/x509/x509_lu.c", "crypto/x509/x509_obj.c", + "crypto/x509/x509_req.c", "crypto/x509/x509_set.c", + "crypto/x509/x509_trs.c", "crypto/x509/x509_txt.c", + "crypto/x509/x509_v3.c", "crypto/x509/x509_vfy.c", + "crypto/x509/x509_vpm.c", "crypto/x509/x509.c", "crypto/x509/x509cset.c", + "crypto/x509/x509name.c", "crypto/x509/x509rset.c", + "crypto/x509/x509spki.c", + "crypto/ui/ui.c", + "crypto/decrepit/bio/base64_bio.c", "crypto/decrepit/blowfish/blowfish.c", + "crypto/decrepit/cast/cast.c", "crypto/decrepit/cast/cast_tables.c", + "crypto/decrepit/cfb/cfb.c", "crypto/decrepit/dh/dh_decrepit.c", + "crypto/decrepit/evp/evp_do_all.c", "crypto/decrepit/obj/obj_decrepit.c", + "crypto/decrepit/ripemd/ripemd.c", "crypto/decrepit/rsa/rsa_decrepit.c", + "crypto/decrepit/x509/x509_decrepit.c", + + // Pre-generated err_data.c (replaces CMake-generated version) + "generated-src/err_data.c", + + // fipsmodule: compiled via bcm.c unity build (individual files rely on + // headers included by bcm.c and cannot compile independently) + "crypto/fipsmodule/bcm.c", + "crypto/fipsmodule/fips_shared_support.c", + "crypto/fipsmodule/cpucap/cpucap.c", +] + let cSettings: [CSetting] = [ .define("DEBUG_BUILD", .when(configuration: .debug)), - // Disable Intel VTune tracing API here since aws-crt-swift doesn't use CMake .define("INTEL_NO_ITTNOTIFY_API"), - // Don't use APIs forbidden by App Stores (e.g. non-public system APIs) .define("AWS_APPSTORE_SAFE"), + .define("__ANDROID__", .when(platforms: [.android])), ] /// Store any defines that will be used by Swift Tests in swiftTestSettings @@ -31,7 +186,15 @@ var swiftTestSettings: [SwiftSetting] = [] /// Configure C targets. /// Note: We can not use unsafe flags because SwiftPM makes the target ineligible for use by other packages. /// We are also not using any architecture based conditionals due to lack of proper cross compilation support. -/// Configure aws-c-common +/// +/// Platform-specific source files are handled via wrapper targets (*_Platform, *_Android) +/// that use C preprocessor guards (#ifdef __APPLE__, #ifdef __linux__, etc.) to conditionally +/// include the correct source files. This avoids relying on #if os() in Package.swift, which +/// evaluates on the HOST platform and breaks cross-compilation scenarios. +////////////////////////////////////////////////////////////////////// + +////////////////////////////////////////////////////////////////////// +// MARK: - aws-c-common ////////////////////////////////////////////////////////////////////// var awsCCommonPlatformExcludes = [ @@ -41,6 +204,7 @@ var awsCCommonPlatformExcludes = "scripts/appverifier_ctest.py", "scripts/appverifier_xml.py", "source/linux/system_info.c", + "source/unix", "bin/", ] + excludesFromAll @@ -55,136 +219,96 @@ awsCCommonPlatformExcludes.append("source/arch/arm") #else awsCCommonPlatformExcludes.append("source/platform_fallback_stubs/file_direct_io.c") #endif + let cSettingsCommon: [CSetting] = [ .headerSearchPath("source/external/libcbor"), .define("DEBUG_BUILD", .when(configuration: .debug)), + .define("__ANDROID__", .when(platforms: [.android])), ] ////////////////////////////////////////////////////////////////////// -/// aws-c-cal +// MARK: - aws-c-cal +// +// Platform sources (source/darwin, source/unix, source/windows) are +// excluded from the main target and compiled via AwsCCal_Platform +// wrapper target using preprocessor guards. ////////////////////////////////////////////////////////////////////// -var calDependencies: [Target.Dependency] = ["AwsCCommon"] -#if os(Linux) - packageTargets.append( - .systemLibrary( - name: "LibCrypto", - pkgConfig: "libcrypto", - providers: [ - .apt(["openssl libssl-dev"]), - .yum(["openssl openssl-devel"]), - ] - )) - calDependencies.append("LibCrypto") -#endif - -var awsCCalPlatformExcludes = - [ - "bin", - "include/aws/cal/private", - "source/shared/ed25519.c", - "CODE_OF_CONDUCT.md", - "ecdsa-fuzz-corpus/windows/p256_sig_corpus.txt", - "ecdsa-fuzz-corpus/darwin/p256_sig_corpus.txt", - ] + excludesFromAll +let awsCCalPlatformExcludes = [ + "bin", + "include/aws/cal/private", + "source/shared/ed25519.c", + "source/shared/lccrypto_common.c", + "CODE_OF_CONDUCT.md", + "ecdsa-fuzz-corpus/windows/p256_sig_corpus.txt", + "ecdsa-fuzz-corpus/darwin/p256_sig_corpus.txt", + "source/darwin", + "source/unix", + "source/windows", +] + excludesFromAll -#if os(Windows) - awsCCalPlatformExcludes.append("source/darwin") - awsCCalPlatformExcludes.append("source/unix") - awsCCalPlatformExcludes.append("source/shared/lccrypto_common.c") -#elseif os(Linux) - awsCCalPlatformExcludes.append("source/windows") - awsCCalPlatformExcludes.append("source/darwin") -#else // macOS, iOS, watchOS, tvOS - awsCCalPlatformExcludes.append("source/windows") - awsCCalPlatformExcludes.append("source/unix") - awsCCalPlatformExcludes.append("source/shared/lccrypto_common.c") -#endif +var calDependencies: [Target.Dependency] = [ + "AwsCCommon", + "AwsCCal_Platform", + .target(name: "AwsLC", condition: .when(platforms: [.linux, .android])), +] ////////////////////////////////////////////////////////////////////// -/// s2n-tls +// MARK: - s2n-tls ////////////////////////////////////////////////////////////////////// -#if os(Linux) - let s2nExcludes = [ - "bin", "codebuild", "coverage", "docker-images", - "docs", "lib", - "libcrypto-build", "scram", - "s2n.mk", "Makefile", "stuffer/Makefile", "crypto/Makefile", - "tls/Makefile", "utils/Makefile", "error/Makefile", "tls/extensions/Makefile", - "scripts/", "codebuild", "bindings/rust", "VERSIONING.rst", "tests", - "cmake/s2n-config.cmake", "CMakeLists.txt", "README.md", "cmake", "NOTICE", "LICENSE", - ] - packageTargets.append( - .target( - name: "S2N_TLS", - dependencies: ["LibCrypto"], - path: "aws-common-runtime/s2n", - exclude: s2nExcludes, - publicHeadersPath: "api", - cSettings: [ - .headerSearchPath("./"), - .define("S2N_NO_PQ"), - // This is a hack to get around the fact that S2N uses the compiler option `-include` - // to include `s2n_prelude.h` in all .c files. Since SwiftPM doesn't support compiler flags, - // we manually define the macros from `s2n_prelude.h`. When SwiftPM supports compiler flags - // or building packages using CMake, this hack should be removed. - // We are not defining `S2N_API` because we don't need to expose any symbols from S2N in crt-swift. - .define("_S2N_PRELUDE_INCLUDED"), - .define("S2N_BUILD_RELEASE"), - .define("_FORTIFY_SOURCE", to: "2"), - .define("POSIX_C_SOURCE", to: "200809L"), - ] - )) -#endif - +let s2nExcludes = [ + "bin", "codebuild", "coverage", + "docs", "lib", "scram", "nix", "compliance", + "s2n.mk", "stuffer/Makefile", "crypto/Makefile", + "utils/Makefile", "error/Makefile", + "scripts", "bindings", "VERSIONING.rst", "tests", + "cmake/s2n-config.cmake", "CMakeLists.txt", "README.md", "cmake", "NOTICE", "LICENSE", + "flake.lock", "flake.nix", +] ////////////////////////////////////////////////////////////////////// -/// aws-c-io +// MARK: - aws-c-io +// +// Platform sources (source/darwin, source/bsd, source/linux, source/s2n, +// source/windows) are excluded from the main target and compiled via +// AwsCIo_Platform wrapper target using preprocessor guards. +// source/posix is kept in the main target (used on macOS, Linux, and Android). ////////////////////////////////////////////////////////////////////// -var ioDependencies: [Target.Dependency] = ["AwsCCommon", "AwsCCal"] -var awsCIoPlatformExcludes = - [ - "docs", "CODE_OF_CONDUCT.md", "codebuild", "PKCS11.md", - "source/pkcs11/v2.40", - ] + excludesFromAll -var cSettingsIO = cSettings -var cSettingsHttp = cSettings +let awsCIoPlatformExcludes = [ + "docs", "CODE_OF_CONDUCT.md", "codebuild", "PKCS11.md", + "source/pkcs11/v2.40", + "source/darwin", + "source/bsd", + "source/linux", + "source/s2n", + "source/windows", +] + excludesFromAll -#if os(Linux) - ioDependencies.append("S2N_TLS") - cSettingsIO.append(.define("USE_S2N")) -#endif +var cSettingsIO: [CSetting] = cSettings + [ + .define("AWS_ENABLE_DISPATCH_QUEUE", .when(platforms: [.macOS, .iOS, .tvOS, .watchOS, .visionOS])), + .define("AWS_ENABLE_KQUEUE", .when(platforms: [.macOS])), + .define("AWS_USE_SECITEM", .when(platforms: [.iOS, .tvOS])), + .define("AWS_ENABLE_EPOLL", .when(platforms: [.linux, .android])), + .define("USE_S2N", .when(platforms: [.linux, .android])), +] -#if os(Windows) - awsCIoPlatformExcludes.append("source/posix") - awsCIoPlatformExcludes.append("source/linux") - awsCIoPlatformExcludes.append("source/s2n") - awsCIoPlatformExcludes.append("source/darwin") - cSettingsIO.append(.define("AWS_ENABLE_IO_COMPLETION_PORTS")) - swiftTestSettings.append(.define("AWS_ENABLE_IO_COMPLETION_PORTS")) -#elseif os(Linux) - awsCIoPlatformExcludes.append("source/windows") - awsCIoPlatformExcludes.append("source/bsd") - awsCIoPlatformExcludes.append("source/darwin") - cSettingsIO.append(.define("AWS_ENABLE_EPOLL")) - swiftTestSettings.append(.define("AWS_ENABLE_EPOLL")) -#else // macOS, iOS, watchOS, tvOS - awsCIoPlatformExcludes.append("source/windows") - awsCIoPlatformExcludes.append("source/linux") - awsCIoPlatformExcludes.append("source/s2n") - cSettingsIO.append(.define("__APPLE__")) - cSettingsIO.append(.define("AWS_ENABLE_DISPATCH_QUEUE")) - cSettingsIO.append(.define("AWS_USE_SECITEM", .when(platforms: [.iOS, .tvOS]))) - cSettingsIO.append(.define("AWS_ENABLE_KQUEUE", .when(platforms: [.macOS]))) +var cSettingsHttp: [CSetting] = cSettings + [ // Http proxy is not supported with AWS_USE_SECITEM. Currently, we only support Apple Network Framework // on iOS, and tvOS. - cSettingsHttp.append(.define("AWS_USE_SECITEM", .when(platforms: [.iOS, .tvOS]))) - swiftTestSettings.append(.define("__APPLE__")) - swiftTestSettings.append(.define("AWS_ENABLE_DISPATCH_QUEUE")) - swiftTestSettings.append(.define("AWS_USE_SECITEM", .when(platforms: [.iOS, .tvOS]))) - swiftTestSettings.append(.define("AWS_ENABLE_KQUEUE", .when(platforms: [.macOS]))) -#endif + .define("AWS_USE_SECITEM", .when(platforms: [.iOS, .tvOS])), +] + +var ioDependencies: [Target.Dependency] = [ + "AwsCCommon", + "AwsCCal", + "AwsCIo_Platform", + .target(name: "S2N_TLS", condition: .when(platforms: [.linux, .android])), +] + +swiftTestSettings.append(.define("AWS_ENABLE_DISPATCH_QUEUE")) +swiftTestSettings.append(.define("AWS_USE_SECITEM", .when(platforms: [.iOS, .tvOS]))) +swiftTestSettings.append(.define("AWS_ENABLE_KQUEUE", .when(platforms: [.macOS]))) ////////////////////////////////////////////////////////////////////// -/// aws-c-checksums +// MARK: - aws-c-checksums ////////////////////////////////////////////////////////////////////// var awsCChecksumsExcludes = [ "bin", @@ -256,6 +380,42 @@ let awsCMqttExcludes = "CODE_OF_CONDUCT.md", ] + excludesFromAll +packageTargets.append( + .target( + name: "AwsLC", + path: "aws-common-runtime/aws-lc", + sources: awsLCSources, + publicHeadersPath: "include", + cSettings: [ + .define("BORINGSSL_IMPLEMENTATION"), + .define("OPENSSL_NO_ASM"), + .define("DISABLE_CPU_JITTER_ENTROPY"), + .headerSearchPath("crypto/fipsmodule/cpucap"), + .headerSearchPath("crypto/fipsmodule"), + .headerSearchPath("third_party/s2n-bignum/s2n-bignum-imported/include"), + ] + ) +) + +packageTargets.append( + .target( + name: "S2N_TLS", + dependencies: ["AwsLC"], + path: "aws-common-runtime/s2n", + exclude: s2nExcludes, + publicHeadersPath: "api", + cSettings: [ + .headerSearchPath("./"), + .define("S2N_NO_PQ"), + .define("_S2N_PRELUDE_INCLUDED"), + .define("S2N_BUILD_RELEASE"), + .define("_FORTIFY_SOURCE", to: "2"), + .define("POSIX_C_SOURCE", to: "200809L"), + .define("__ANDROID__", .when(platforms: [.android])), + ] + ) +) + packageTargets.append(contentsOf: [ .target( name: "AwsCPlatformConfig", @@ -265,11 +425,44 @@ packageTargets.append(contentsOf: [ ), .target( name: "AwsCCommon", - dependencies: ["AwsCPlatformConfig"], + dependencies: [ + "AwsCPlatformConfig", + "AwsCCommon_Platform", + ], path: "aws-common-runtime/aws-c-common", exclude: awsCCommonPlatformExcludes, cSettings: cSettingsCommon ), + .target( + name: "AwsCCommon_Platform", + dependencies: ["AwsCPlatformConfig"], + path: "aws-common-runtime/aws-c-common-platform", + publicHeadersPath: "include", + cSettings: [ + .headerSearchPath("../aws-c-common/include"), + .define("DEBUG_BUILD", .when(configuration: .debug)), + .define("__ANDROID__", .when(platforms: [.android])), + ], + linkerSettings: [ + .linkedLibrary("log", .when(platforms: [.android])), + ] + ), + .target( + name: "AwsCCal_Platform", + dependencies: [ + "AwsCCommon", + .target(name: "AwsLC", condition: .when(platforms: [.linux, .android])), + ], + path: "aws-common-runtime/aws-c-cal-platform", + publicHeadersPath: "include", + cSettings: [ + .headerSearchPath("../aws-c-cal/include"), + .define("DEBUG_BUILD", .when(configuration: .debug)), + .define("INTEL_NO_ITTNOTIFY_API"), + .define("AWS_APPSTORE_SAFE"), + .define("__ANDROID__", .when(platforms: [.android])), + ] + ), .target( name: "AwsCSdkUtils", dependencies: ["AwsCCommon"], @@ -284,6 +477,29 @@ packageTargets.append(contentsOf: [ exclude: awsCCalPlatformExcludes, cSettings: cSettings ), + .target( + name: "AwsCIo_Platform", + dependencies: [ + "AwsCCommon", + "AwsCCal", + .target(name: "S2N_TLS", condition: .when(platforms: [.linux, .android])), + ], + path: "aws-common-runtime/aws-c-io-platform", + publicHeadersPath: "include", + cSettings: [ + .headerSearchPath("../aws-c-io/include"), + .headerSearchPath("../s2n/api"), + .define("DEBUG_BUILD", .when(configuration: .debug)), + .define("INTEL_NO_ITTNOTIFY_API"), + .define("AWS_APPSTORE_SAFE"), + .define("AWS_ENABLE_DISPATCH_QUEUE", .when(platforms: [.macOS, .iOS, .tvOS, .watchOS, .visionOS])), + .define("AWS_ENABLE_KQUEUE", .when(platforms: [.macOS])), + .define("AWS_USE_SECITEM", .when(platforms: [.iOS, .tvOS])), + .define("AWS_ENABLE_EPOLL", .when(platforms: [.linux, .android])), + .define("USE_S2N", .when(platforms: [.linux, .android])), + .define("__ANDROID__", .when(platforms: [.android])), + ] + ), .target( name: "AwsCIo", dependencies: ioDependencies, diff --git a/Source/LibCrypto/module.modulemap b/Source/LibCrypto/module.modulemap deleted file mode 100644 index f4deeaa07..000000000 --- a/Source/LibCrypto/module.modulemap +++ /dev/null @@ -1,7 +0,0 @@ - -module LibCrypto { - header "shim.h" - link "crypto" - export * -} - diff --git a/Source/LibCrypto/shim.h b/Source/LibCrypto/shim.h deleted file mode 100644 index f6d6122ca..000000000 --- a/Source/LibCrypto/shim.h +++ /dev/null @@ -1,17 +0,0 @@ -#ifndef OpenSSLHelper_h -#define OpenSSLHelper_h - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#endif - diff --git a/Test/AwsCommonRuntimeKitTests/XCBaseTestCase.swift b/Test/AwsCommonRuntimeKitTests/XCBaseTestCase.swift index 143715717..b2e2e4ead 100644 --- a/Test/AwsCommonRuntimeKitTests/XCBaseTestCase.swift +++ b/Test/AwsCommonRuntimeKitTests/XCBaseTestCase.swift @@ -52,7 +52,7 @@ extension XCTestCase { } func skipIfLinux() throws { - #if os(Linux) + #if os(Linux) || os(Android) throw XCTSkip("Skipping test on linux") #endif } diff --git a/Test/AwsCommonRuntimeKitTests/io/TLSContextTests.swift b/Test/AwsCommonRuntimeKitTests/io/TLSContextTests.swift index 404968bfa..7eec37608 100644 --- a/Test/AwsCommonRuntimeKitTests/io/TLSContextTests.swift +++ b/Test/AwsCommonRuntimeKitTests/io/TLSContextTests.swift @@ -12,7 +12,7 @@ class TLSContextTests: XCBaseTestCase { _ = TLSConnectionOptions(context: context) } - #if os(macOS) || os(Linux) + #if os(macOS) || os(Linux) || os(Android) func testCreateTlsContextWithFilePath() throws { let certPath = try getEnvironmentVarOrSkipTest( @@ -28,7 +28,7 @@ class TLSContextTests: XCBaseTestCase { } #endif - #if os(macOS) || os(Linux) + #if os(macOS) || os(Linux) || os(Android) func testCreateTlsContextWithData() throws { let certPath = try getEnvironmentVarOrSkipTest( diff --git a/aws-common-runtime/aws-c-cal-platform/include/module.modulemap b/aws-common-runtime/aws-c-cal-platform/include/module.modulemap new file mode 100644 index 000000000..10a569da3 --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/include/module.modulemap @@ -0,0 +1,2 @@ +module AwsCCal_Platform { +} diff --git a/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_aes.c b/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_aes.c new file mode 100644 index 000000000..df588af7e --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_aes.c @@ -0,0 +1,3 @@ +#ifdef __APPLE__ +#include "../../aws-c-cal/source/darwin/commoncrypto_aes.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_hmac.c b/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_hmac.c new file mode 100644 index 000000000..13a31b4a9 --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_hmac.c @@ -0,0 +1,3 @@ +#ifdef __APPLE__ +#include "../../aws-c-cal/source/darwin/commoncrypto_hmac.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_md5.c b/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_md5.c new file mode 100644 index 000000000..f369ab14e --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_md5.c @@ -0,0 +1,3 @@ +#ifdef __APPLE__ +#include "../../aws-c-cal/source/darwin/commoncrypto_md5.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_platform_init.c b/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_platform_init.c new file mode 100644 index 000000000..999a7876d --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_platform_init.c @@ -0,0 +1,3 @@ +#ifdef __APPLE__ +#include "../../aws-c-cal/source/darwin/commoncrypto_platform_init.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_sha1.c b/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_sha1.c new file mode 100644 index 000000000..48353539a --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_sha1.c @@ -0,0 +1,3 @@ +#ifdef __APPLE__ +#include "../../aws-c-cal/source/darwin/commoncrypto_sha1.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_sha256.c b/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_sha256.c new file mode 100644 index 000000000..0a3600ec2 --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_sha256.c @@ -0,0 +1,3 @@ +#ifdef __APPLE__ +#include "../../aws-c-cal/source/darwin/commoncrypto_sha256.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_sha512.c b/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_sha512.c new file mode 100644 index 000000000..62d1e9cf1 --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/commoncrypto_sha512.c @@ -0,0 +1,3 @@ +#ifdef __APPLE__ +#include "../../aws-c-cal/source/darwin/commoncrypto_sha512.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/lccrypto_common.c b/aws-common-runtime/aws-c-cal-platform/sources/lccrypto_common.c new file mode 100644 index 000000000..08673d94e --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/lccrypto_common.c @@ -0,0 +1,3 @@ +#if defined(__linux__) || defined(__ANDROID__) +#include "../../aws-c-cal/source/shared/lccrypto_common.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/openssl_aes.c b/aws-common-runtime/aws-c-cal-platform/sources/openssl_aes.c new file mode 100644 index 000000000..c41a9dd11 --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/openssl_aes.c @@ -0,0 +1,3 @@ +#if defined(__linux__) || defined(__ANDROID__) +#include "../../aws-c-cal/source/unix/openssl_aes.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/openssl_platform_init.c b/aws-common-runtime/aws-c-cal-platform/sources/openssl_platform_init.c new file mode 100644 index 000000000..47c314021 --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/openssl_platform_init.c @@ -0,0 +1,3 @@ +#if defined(__linux__) || defined(__ANDROID__) +#include "../../aws-c-cal/source/unix/openssl_platform_init.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/openssl_rsa.c b/aws-common-runtime/aws-c-cal-platform/sources/openssl_rsa.c new file mode 100644 index 000000000..7ce4db733 --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/openssl_rsa.c @@ -0,0 +1,3 @@ +#if defined(__linux__) || defined(__ANDROID__) +#include "../../aws-c-cal/source/unix/openssl_rsa.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/opensslcrypto_ecc.c b/aws-common-runtime/aws-c-cal-platform/sources/opensslcrypto_ecc.c new file mode 100644 index 000000000..a86a7dbc9 --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/opensslcrypto_ecc.c @@ -0,0 +1,3 @@ +#if defined(__linux__) || defined(__ANDROID__) +#include "../../aws-c-cal/source/unix/opensslcrypto_ecc.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/opensslcrypto_hash.c b/aws-common-runtime/aws-c-cal-platform/sources/opensslcrypto_hash.c new file mode 100644 index 000000000..4624b0b47 --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/opensslcrypto_hash.c @@ -0,0 +1,3 @@ +#if defined(__linux__) || defined(__ANDROID__) +#include "../../aws-c-cal/source/unix/opensslcrypto_hash.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/opensslcrypto_hmac.c b/aws-common-runtime/aws-c-cal-platform/sources/opensslcrypto_hmac.c new file mode 100644 index 000000000..f3cc1eff3 --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/opensslcrypto_hmac.c @@ -0,0 +1,3 @@ +#if defined(__linux__) || defined(__ANDROID__) +#include "../../aws-c-cal/source/unix/opensslcrypto_hmac.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/securityframework_ecc.c b/aws-common-runtime/aws-c-cal-platform/sources/securityframework_ecc.c new file mode 100644 index 000000000..675e45e3e --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/securityframework_ecc.c @@ -0,0 +1,3 @@ +#ifdef __APPLE__ +#include "../../aws-c-cal/source/darwin/securityframework_ecc.c" +#endif diff --git a/aws-common-runtime/aws-c-cal-platform/sources/securityframework_rsa.c b/aws-common-runtime/aws-c-cal-platform/sources/securityframework_rsa.c new file mode 100644 index 000000000..fd0e08e4d --- /dev/null +++ b/aws-common-runtime/aws-c-cal-platform/sources/securityframework_rsa.c @@ -0,0 +1,3 @@ +#ifdef __APPLE__ +#include "../../aws-c-cal/source/darwin/securityframework_rsa.c" +#endif diff --git a/aws-common-runtime/aws-c-common-platform/include/module.modulemap b/aws-common-runtime/aws-c-common-platform/include/module.modulemap new file mode 100644 index 000000000..0b1220e86 --- /dev/null +++ b/aws-common-runtime/aws-c-common-platform/include/module.modulemap @@ -0,0 +1,2 @@ +module AwsCCommon_Platform { +} diff --git a/aws-common-runtime/aws-c-common-platform/sources/logging_android.c b/aws-common-runtime/aws-c-common-platform/sources/logging_android.c new file mode 100644 index 000000000..4b28ec1c0 --- /dev/null +++ b/aws-common-runtime/aws-c-common-platform/sources/logging_android.c @@ -0,0 +1,3 @@ +#ifdef __ANDROID__ +#include "../../aws-c-common/source/android/logging.c" +#endif diff --git a/aws-common-runtime/aws-c-io-platform/include/module.modulemap b/aws-common-runtime/aws-c-io-platform/include/module.modulemap new file mode 100644 index 000000000..7e0572801 --- /dev/null +++ b/aws-common-runtime/aws-c-io-platform/include/module.modulemap @@ -0,0 +1,2 @@ +module AwsCIo_Platform { +} diff --git a/aws-common-runtime/aws-c-io-platform/sources/darwin_pki_utils.c b/aws-common-runtime/aws-c-io-platform/sources/darwin_pki_utils.c new file mode 100644 index 000000000..22e47af39 --- /dev/null +++ b/aws-common-runtime/aws-c-io-platform/sources/darwin_pki_utils.c @@ -0,0 +1,3 @@ +#ifdef __APPLE__ +#include "../../aws-c-io/source/darwin/darwin_pki_utils.c" +#endif diff --git a/aws-common-runtime/aws-c-io-platform/sources/dispatch_queue_event_loop.c b/aws-common-runtime/aws-c-io-platform/sources/dispatch_queue_event_loop.c new file mode 100644 index 000000000..428d6e869 --- /dev/null +++ b/aws-common-runtime/aws-c-io-platform/sources/dispatch_queue_event_loop.c @@ -0,0 +1,3 @@ +#ifdef __APPLE__ +#include "../../aws-c-io/source/darwin/dispatch_queue_event_loop.c" +#endif diff --git a/aws-common-runtime/aws-c-io-platform/sources/epoll_event_loop.c b/aws-common-runtime/aws-c-io-platform/sources/epoll_event_loop.c new file mode 100644 index 000000000..f027b5c89 --- /dev/null +++ b/aws-common-runtime/aws-c-io-platform/sources/epoll_event_loop.c @@ -0,0 +1,3 @@ +#ifdef __linux__ +#include "../../aws-c-io/source/linux/epoll_event_loop.c" +#endif diff --git a/aws-common-runtime/aws-c-io-platform/sources/kqueue_event_loop.c b/aws-common-runtime/aws-c-io-platform/sources/kqueue_event_loop.c new file mode 100644 index 000000000..d4fba75fd --- /dev/null +++ b/aws-common-runtime/aws-c-io-platform/sources/kqueue_event_loop.c @@ -0,0 +1,3 @@ +#ifdef __APPLE__ +#include "../../aws-c-io/source/bsd/kqueue_event_loop.c" +#endif diff --git a/aws-common-runtime/aws-c-io-platform/sources/nw_socket.c b/aws-common-runtime/aws-c-io-platform/sources/nw_socket.c new file mode 100644 index 000000000..057c1ef10 --- /dev/null +++ b/aws-common-runtime/aws-c-io-platform/sources/nw_socket.c @@ -0,0 +1,3 @@ +#ifdef __APPLE__ +#include "../../aws-c-io/source/darwin/nw_socket.c" +#endif diff --git a/aws-common-runtime/aws-c-io-platform/sources/s2n_tls_channel_handler.c b/aws-common-runtime/aws-c-io-platform/sources/s2n_tls_channel_handler.c new file mode 100644 index 000000000..bb1baa6a6 --- /dev/null +++ b/aws-common-runtime/aws-c-io-platform/sources/s2n_tls_channel_handler.c @@ -0,0 +1,3 @@ +#if defined(__linux__) || defined(__ANDROID__) +#include "../../aws-c-io/source/s2n/s2n_tls_channel_handler.c" +#endif diff --git a/aws-common-runtime/aws-c-io-platform/sources/secure_transport_tls_channel_handler.c b/aws-common-runtime/aws-c-io-platform/sources/secure_transport_tls_channel_handler.c new file mode 100644 index 000000000..e99a2f561 --- /dev/null +++ b/aws-common-runtime/aws-c-io-platform/sources/secure_transport_tls_channel_handler.c @@ -0,0 +1,3 @@ +#ifdef __APPLE__ +#include "../../aws-c-io/source/darwin/secure_transport_tls_channel_handler.c" +#endif diff --git a/aws-common-runtime/aws-lc b/aws-common-runtime/aws-lc new file mode 160000 index 000000000..9124e2b67 --- /dev/null +++ b/aws-common-runtime/aws-lc @@ -0,0 +1 @@ +Subproject commit 9124e2b6746f07fa9abcbfb6dfe873fa0a38b226 diff --git a/aws-common-runtime/config/aws/common/config.h b/aws-common-runtime/config/aws/common/config.h index df0e2d394..1627c61d7 100644 --- a/aws-common-runtime/config/aws/common/config.h +++ b/aws-common-runtime/config/aws/common/config.h @@ -12,7 +12,7 @@ * should be considered to be an implementation detail, and can change at any * time. */ -#ifdef __APPLE__ +#if defined(__APPLE__) && !defined(__ANDROID__) /* This is a trick to skip OpenSSL header on Apple platforms since Swift Package Manager is not smart enough to exclude * some headers. */ @@ -21,6 +21,10 @@ #define AWS_UNSTABLE_TESTING_API 1 #define AWS_AFFINITY_METHOD 0 -#define AWS_HAVE_EXECINFO 1 + +/* Android doesn't have execinfo.h (backtrace functions) */ +#if !defined(__ANDROID__) +# define AWS_HAVE_EXECINFO 1 +#endif #endif