Switch to using hs-bindgen-generated code

Author: jorisdral

.github/workflows/ci.yml

@@ -220,15 +220,18 @@ jobs:
       run: |
         cabal test all -j1 --test-show-details=direct
 
-    - name: 🛠️ Setup cabal-docspec (Linux)
-      if: ${{ runner.os == 'Linux' && !startsWith(matrix.ghc-version, '9.2') && !startsWith(matrix.ghc-version, '9.4') }}
-      uses: jorisdral/actions/setup-cabal-docspec@setup-cabal-docspec-v0
-
-    - name: 🧪 Test with cabal-docspec (Linux)
-      if: ${{ runner.os == 'Linux' && !startsWith(matrix.ghc-version, '9.2') && !startsWith(matrix.ghc-version, '9.4') }}
-      run: ./scripts/test-cabal-docspec.sh
-      env:
-        SKIP_CABAL_BUILD: true
+    # TODO: temporarily disabled testing with cabal-docspec, because it can not
+    # parse the cabal file now that it has a custom-setup component
+
+    # - name: 🛠️ Setup cabal-docspec (Linux)
+    #   if: ${{ runner.os == 'Linux' && !startsWith(matrix.ghc-version, '9.2') && !startsWith(matrix.ghc-version, '9.4') }}
+    #   uses: jorisdral/actions/setup-cabal-docspec@setup-cabal-docspec-v0
+
+    # - name: 🧪 Test with cabal-docspec (Linux)
+    #   if: ${{ runner.os == 'Linux' && !startsWith(matrix.ghc-version, '9.2') && !startsWith(matrix.ghc-version, '9.4') }}
+    #   run: ./scripts/test-cabal-docspec.sh
+    #   env:
+    #     SKIP_CABAL_BUILD: true
 
   ################################################################################
   # Lint with cabal-gild

botan-bindings/botan-bindings.cabal

@@ -78,10 +78,6 @@ common language
 library
   import: warnings, language
   hs-source-dirs: src
-  default-extensions:
-    NoImplicitPrelude
-    OverloadedStrings
-
   exposed-modules:
     Botan.Bindings.Bcrypt
     Botan.Bindings.BlockCipher
@@ -94,7 +90,6 @@ library
     Botan.Bindings.KeyWrap
     Botan.Bindings.MAC
     Botan.Bindings.MPI
-    Botan.Bindings.Prelude
     Botan.Bindings.PubKey
     Botan.Bindings.PubKey.DH
     Botan.Bindings.PubKey.DSA
@@ -121,8 +116,6 @@ library
     Botan.Bindings.X509
     Botan.Bindings.ZFEC
 
-  other-modules: Paths_botan_bindings
-  autogen-modules: Paths_botan_bindings
   build-depends: base >=4.16 && <4.22
   includes: botan/ffi.h
 

botan-bindings/src/Botan/Bindings/Bcrypt.hs

@@ -7,59 +7,11 @@ License     : BSD-3-Clause
 Maintainer  : [email protected], [email protected]
 Stability   : experimental
 Portability : POSIX
-
-Generate and validate Bcrypt password hashes
 -}
 
-{-# LANGUAGE CApiFFI #-}
-
 module Botan.Bindings.Bcrypt (
-    pattern BOTAN_BCRYPT_WORK_FACTOR_FAST
-  , pattern BOTAN_BCRYPT_WORK_FACTOR_GOOD
-  , pattern BOTAN_BCRYPT_WORK_FACTOR_STRONG
-  , botan_bcrypt_generate
-  , botan_bcrypt_is_valid
+    Safe.botan_bcrypt_generate
+  , Safe.botan_bcrypt_is_valid
   ) where
 
-import           Botan.Bindings.Prelude
-import           Botan.Bindings.RNG
-
--- TODO: Maybe move to Botan.Low.Bcrypt
-pattern BOTAN_BCRYPT_WORK_FACTOR_FAST
-    ,   BOTAN_BCRYPT_WORK_FACTOR_GOOD
-    ,   BOTAN_BCRYPT_WORK_FACTOR_STRONG
-    ::  (Eq a, Num a) => a
-
--- | Should not cause noticable CPU usage
-pattern BOTAN_BCRYPT_WORK_FACTOR_FAST = 12
-
--- | May cause noticable CPU usage
-pattern BOTAN_BCRYPT_WORK_FACTOR_GOOD = 14
-
--- | May block for several seconds
-pattern BOTAN_BCRYPT_WORK_FACTOR_STRONG = 16
-
-{- |
-Create a password hash using Bcrypt
-
-Output is formatted bcrypt $2a$...
--}
-foreign import capi safe "botan/ffi.h botan_bcrypt_generate"
-      botan_bcrypt_generate
-            :: Ptr Word8      -- ^ __out__: buffer holding the password hash, should be of length 64 bytes
-            -> Ptr CSize      -- ^ __out_len__: the desired output length in bytes
-            -> ConstPtr CChar -- ^ __password__: the password
-            -> BotanRNG       -- ^ __rng__: a random number generator
-            -> CSize          -- ^ __work_factor__: how much work to do to slow down guessing attacks
-            -> Word32         -- ^ __flags__: should be 0 in current API revision, all other uses are reserved
-                              --   and return BOTAN_FFI_ERROR_BAD_FLAG
-            -> IO CInt        -- ^ 0 on success, a negative value on failure
-
--- | Check a previously created password hash
-foreign import capi safe "botan/ffi.h botan_bcrypt_is_valid"
-      botan_bcrypt_is_valid
-            :: ConstPtr CChar -- ^ __pass__: the password to check against
-            -> ConstPtr CChar -- ^ __hash__: the stored hash to check against
-            -> IO CInt        -- ^ 0 if if this password/hash combination is valid,
-                              --   1 if the combination is not valid (but otherwise well formed),
-                              --   negative on error
+import qualified Botan.Bindings.Generated.Safe as Safe

botan-bindings/src/Botan/Bindings/BlockCipher.hs

@@ -15,20 +15,21 @@ Ciphers](https://botan.randombit.net/handbook/api_ref/block_cipher.html) section
 of the C++ API reference.
 -}
 
-{-# LANGUAGE CApiFFI #-}
+{-# LANGUAGE OverloadedStrings #-}
 
 module Botan.Bindings.BlockCipher (
-    BotanBlockCipherStruct
-  , BotanBlockCipher (..)
-  , botan_block_cipher_destroy
-  , botan_block_cipher_init
-  , botan_block_cipher_clear
+    Types.Botan_block_cipher_t(..)
+  , Types.Botan_block_cipher_struct
+  , Safe.botan_block_cipher_destroy
+  , botan_block_cipher_destroy_ptr
+  , Safe.botan_block_cipher_init
+  , Safe.botan_block_cipher_clear
   , botan_block_cipher_set_key
-  , botan_block_cipher_block_size
+  , Safe.botan_block_cipher_block_size
   , botan_block_cipher_encrypt_blocks
   , botan_block_cipher_decrypt_blocks
-  , botan_block_cipher_name
-  , botan_block_cipher_get_keyspec
+  , Safe.botan_block_cipher_name
+  , Safe.botan_block_cipher_get_keyspec
     -- * Available ciphers
     -- $available-ciphers
   , pattern BOTAN_BLOCK_CIPHER_AES_128
@@ -57,89 +58,27 @@ module Botan.Bindings.BlockCipher (
   , pattern BOTAN_BLOCK_CIPHER_TWOFISH
   ) where
 
-import           Botan.Bindings.Prelude
+import qualified Botan.Bindings.Generated as Types
+import qualified Botan.Bindings.Generated.FunPtr as FunPtr
+import qualified Botan.Bindings.Generated.Safe as Safe
+import           Data.String (IsString)
+import           Data.Word (Word8)
+import           Foreign.C.Types (CInt, CSize)
+import           Foreign.Ptr (FunPtr, Ptr)
+import           HsBindgen.Runtime.ConstPtr (ConstPtr)
 
-{-------------------------------------------------------------------------------
-  Block ciphers
--------------------------------------------------------------------------------}
 
--- | Opaque BlockCipher struct
-data {-# CTYPE "botan/ffi.h" "struct botan_block_cipher_struct" #-} BotanBlockCipherStruct
-
--- | Botan BlockCipher object
-newtype {-# CTYPE "botan/ffi.h" "botan_block_cipher_t" #-} BotanBlockCipher
-    = MkBotanBlockCipher { runBotanBlockCipher :: Ptr BotanBlockCipherStruct }
-        deriving newtype (Eq, Ord, Storable)
-
--- | Destroy a block cipher object
---
--- NOTE: this a binding to the /address/ of the @botan_block_cipher_destroy@ C
--- function.
-foreign import capi safe "botan/ffi.h &botan_block_cipher_destroy"
-  botan_block_cipher_destroy
-    :: FinalizerPtr BotanBlockCipherStruct
-
--- | Initialize a block cipher object
-foreign import capi safe "botan/ffi.h botan_block_cipher_init"
-  botan_block_cipher_init
-    :: Ptr BotanBlockCipher -- ^ __bc__
-    -> ConstPtr CChar       -- ^ __cipher_name__
-    -> IO CInt
-
--- | Reinitializes the block cipher
-foreign import capi safe "botan/ffi.h botan_block_cipher_clear"
-  botan_block_cipher_clear
-    :: BotanBlockCipher -- ^ __bc__
-    -> IO CInt          -- ^ 0 on success, a negative value on failure
-
--- | Set the key for a block cipher instance
-foreign import capi safe "botan/ffi.h botan_block_cipher_set_key"
-  botan_block_cipher_set_key
-    :: BotanBlockCipher -- ^ __bc__
-    -> ConstPtr Word8   -- ^ __key[]__
-    -> CSize            -- ^ __len__
-    -> IO CInt
-
--- | Return the positive block size of this block cipher, or negative to indicate an error
-foreign import capi safe "botan/ffi.h botan_block_cipher_block_size"
-  botan_block_cipher_block_size
-    :: BotanBlockCipher -- ^ __bc__
-    -> IO CInt
-
--- | Encrypt one or more blocks with the cipher
-foreign import capi safe "botan/ffi.h botan_block_cipher_encrypt_blocks"
-  botan_block_cipher_encrypt_blocks
-    :: BotanBlockCipher -- ^ __bc__
-    -> ConstPtr Word8   -- ^ __in[]__
-    -> Ptr Word8        -- ^ __out[]__
-    -> CSize            -- ^ __blocks__
-    -> IO CInt
-
--- | Decrypt one or more blocks with the cipher
-foreign import capi safe "botan/ffi.h botan_block_cipher_decrypt_blocks"
-  botan_block_cipher_decrypt_blocks
-    :: BotanBlockCipher -- ^ __bc__
-    -> ConstPtr Word8   -- ^ __in[]__
-    -> Ptr Word8        -- ^ __out[]__
-    -> CSize            -- ^ __blocks__
-    -> IO CInt
-
--- | Get the name of this block cipher
-foreign import capi safe "botan/ffi.h botan_block_cipher_name"
-  botan_block_cipher_name
-    :: BotanBlockCipher -- ^ __cipher__: the object to read
-    -> Ptr CChar        -- ^ __name__: output buffer
-    -> Ptr CSize        -- ^ __name_len__: on input, the length of buffer, on success the number of bytes written
-    -> IO CInt
-
--- | Get the key length limits of this block cipher
-foreign import capi safe "botan/ffi.h botan_block_cipher_get_keyspec"
-  botan_block_cipher_get_keyspec
-    :: BotanBlockCipher -- ^ __cipher__: the object to read
-    -> Ptr CSize        -- ^ __out_minimum_keylength__: if non-NULL, will be set to minimum keylength of cipher
-    -> Ptr CSize        -- ^ __out_maximum_keylength__: if non-NULL, will be set to maximum keylength of cipher
-    -> Ptr CSize        -- ^ __out_keylength_modulo__: if non-NULL will be set to byte multiple of valid keys
-    -> IO CInt
+botan_block_cipher_destroy_ptr :: FunPtr (Types.Botan_block_cipher_t -> IO CInt)
+botan_block_cipher_destroy_ptr = FunPtr.botan_block_cipher_destroy
+
+botan_block_cipher_set_key :: Types.Botan_block_cipher_t -> ConstPtr Word8 -> CSize -> IO CInt
+botan_block_cipher_set_key = Safe.botan_block_cipher_set_key_wrapper
+
+botan_block_cipher_encrypt_blocks :: Types.Botan_block_cipher_t -> ConstPtr Word8 -> Ptr Word8 -> CSize -> IO CInt
+botan_block_cipher_encrypt_blocks = Safe.botan_block_cipher_encrypt_blocks_wrapper
+
+botan_block_cipher_decrypt_blocks :: Types.Botan_block_cipher_t -> ConstPtr Word8 -> Ptr Word8 -> CSize -> IO CInt
+botan_block_cipher_decrypt_blocks = Safe.botan_block_cipher_decrypt_blocks_wrapper
 
 {-------------------------------------------------------------------------------
   Available ciphers

botan-bindings/src/Botan/Bindings/Cipher.hs

@@ -0,0 +1,114 @@
+{-|
+Module      : Botan.Bindings.Cipher
+Description : Symmetric cipher modes
+Copyright   : (c) 2023-2024, Apotheca Labs
+              (c) 2024-2025, Haskell Foundation
+License     : BSD-3-Clause
+Maintainer  : [email protected], [email protected]
+Stability   : experimental
+Portability : POSIX
+-}
+
+{-# LANGUAGE OverloadedStrings #-}
+
+module Botan.Bindings.Cipher (
+    Types.Botan_cipher_t (..)
+  , Types.Botan_cipher_struct
+  , botan_cipher_destroy_ptr
+  , Types.bOTAN_CIPHER_INIT_FLAG_MASK_DIRECTION
+  , Types.bOTAN_CIPHER_INIT_FLAG_ENCRYPT
+  , Types.bOTAN_CIPHER_INIT_FLAG_DECRYPT
+  , Safe.botan_cipher_init
+  , Safe.botan_cipher_name
+  , Safe.botan_cipher_output_length
+  , Safe.botan_cipher_valid_nonce_length
+  , Safe.botan_cipher_get_tag_length
+  , Safe.botan_cipher_get_default_nonce_length
+  , Safe.botan_cipher_get_update_granularity
+  , Safe.botan_cipher_get_ideal_update_granularity
+  , Safe.botan_cipher_query_keylen
+  , Safe.botan_cipher_get_keyspec
+  , Safe.botan_cipher_set_key
+  , Safe.botan_cipher_reset
+  , Safe.botan_cipher_set_associated_data
+  , Safe.botan_cipher_start
+  , Types.bOTAN_CIPHER_UPDATE_FLAG_FINAL
+  , botan_cipher_update
+  , Safe.botan_cipher_clear
+
+  , pattern BOTAN_CIPHER_MODE_CBC
+  , pattern BOTAN_CIPHER_MODE_CFB
+  , pattern BOTAN_CIPHER_MODE_XTS
+
+  , pattern BOTAN_CBC_PADDING_PKCS7
+  , pattern BOTAN_CBC_PADDING_ONE_AND_ZEROS
+  , pattern BOTAN_CBC_PADDING_X9_23
+  , pattern BOTAN_CBC_PADDING_ESP
+  , pattern BOTAN_CBC_PADDING_CTS
+  , pattern BOTAN_CBC_PADDING_NO_PADDING
+
+  , pattern BOTAN_AEAD_CHACHA20POLY1305
+
+  , pattern BOTAN_AEAD_MODE_GCM
+  , pattern BOTAN_AEAD_MODE_OCB
+  , pattern BOTAN_AEAD_MODE_EAX
+  , pattern BOTAN_AEAD_MODE_SIV
+  , pattern BOTAN_AEAD_MODE_CCM
+  ) where
+
+import qualified Botan.Bindings.Generated as Types
+import qualified Botan.Bindings.Generated.FunPtr as FunPtr
+import qualified Botan.Bindings.Generated.Safe as Safe
+import           Data.String (IsString)
+import           Data.Word (Word32, Word8)
+import           Foreign.C.Types (CInt, CSize)
+import           Foreign.Ptr (FunPtr, Ptr)
+import           HsBindgen.Runtime.ConstPtr (ConstPtr)
+
+botan_cipher_destroy_ptr :: FunPtr (Types.Botan_cipher_t -> IO CInt)
+botan_cipher_destroy_ptr = FunPtr.botan_cipher_destroy
+
+botan_cipher_update :: Types.Botan_cipher_t -> Word32 -> Ptr Word8 -> CSize -> Ptr CSize -> ConstPtr Word8 -> CSize -> Ptr CSize -> IO CInt
+botan_cipher_update = Safe.botan_cipher_update_wrapper
+
+pattern BOTAN_CIPHER_MODE_CBC
+    ,   BOTAN_CIPHER_MODE_CFB
+    ,   BOTAN_CIPHER_MODE_XTS
+    ::  (Eq a, IsString a) => a
+
+pattern BOTAN_CIPHER_MODE_CBC = "CBC"
+pattern BOTAN_CIPHER_MODE_CFB = "CFB"
+pattern BOTAN_CIPHER_MODE_XTS = "XTS"
+
+pattern BOTAN_CBC_PADDING_PKCS7
+    ,   BOTAN_CBC_PADDING_ONE_AND_ZEROS
+    ,   BOTAN_CBC_PADDING_X9_23
+    ,   BOTAN_CBC_PADDING_ESP
+    ,   BOTAN_CBC_PADDING_CTS
+    ,   BOTAN_CBC_PADDING_NO_PADDING
+    ::  (Eq a, IsString a) => a
+
+pattern BOTAN_CBC_PADDING_PKCS7             = "PKCS7"
+pattern BOTAN_CBC_PADDING_ONE_AND_ZEROS    = "OneAndZeros"
+pattern BOTAN_CBC_PADDING_X9_23             = "X9.23"
+pattern BOTAN_CBC_PADDING_ESP               = "ESP"
+pattern BOTAN_CBC_PADDING_CTS               = "CTS"
+pattern BOTAN_CBC_PADDING_NO_PADDING        = "NoPadding"
+
+pattern BOTAN_AEAD_CHACHA20POLY1305
+    ::  (Eq a, IsString a) => a
+
+pattern BOTAN_AEAD_CHACHA20POLY1305 = "ChaCha20Poly1305"
+
+pattern BOTAN_AEAD_MODE_GCM
+    ,   BOTAN_AEAD_MODE_OCB
+    ,   BOTAN_AEAD_MODE_EAX
+    ,   BOTAN_AEAD_MODE_SIV
+    ,   BOTAN_AEAD_MODE_CCM
+    ::  (Eq a, IsString a) => a
+
+pattern BOTAN_AEAD_MODE_GCM         = "GCM"
+pattern BOTAN_AEAD_MODE_OCB         = "OCB"
+pattern BOTAN_AEAD_MODE_EAX         = "EAX"
+pattern BOTAN_AEAD_MODE_SIV         = "SIV"
+pattern BOTAN_AEAD_MODE_CCM         = "CCM"