add opt-in FIPS feature, CI coverage

Using `make FIPS=true` with the Makefiles, or `cmake -DFIPS="true" -S
. -B build` with the Windows cmake build will activate the `aws-lc-rs`
feature of `rustls-ffi`, and the `rustls/fips` feature of Rustls.

On MacOS and Windows this requires some additional build tooling (Golang
and Ninja). See the rustls manual[0] and the aws-lc-rs-fips-sys crate[1]
for more information.

Note presently the Mac and Windows FIPS-enabled builds fail with
unresolved symbol errors when building the client/server examples. A fix
is TBD.

[0]: https://docs.rs/rustls/latest/rustls/manual/_06_fips/index.html
[1]: https://crates.io/crates/aws-lc-fips-sys

Author: cpu

.github/workflows/test.yaml

@@ -99,6 +99,32 @@ jobs:
       - name: Integration tests
         run: make PROFILE=debug CERT_COMPRESSION=true integration
 
+  fips:
+    name: FIPS
+    runs-on: "${{ matrix.os }}"
+    continue-on-error: true # TODO(@cpu): remove this after debugging MacOS failures.
+    strategy:
+      matrix:
+        os: [ ubuntu-latest, macos-latest ]
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+      - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+      - name: Install golang for aws-lc-fips-sys on macos
+        if: runner.os == 'MacOS'
+        uses: actions/setup-go@v5
+        with:
+          go-version: "1.22.2"
+      - name: Install nightly rust toolchain
+        uses: dtolnay/rust-toolchain@nightly
+      - name: Unit tests
+        run: make FIPS=true test
+      - name: Integration tests
+        run: make FIPS=true integration
+
   test-windows-cmake-debug:
     name: Windows CMake, Debug configuration
     runs-on: windows-latest
@@ -168,6 +194,31 @@ jobs:
           CLIENT_BINARY: D:\a\rustls-ffi\rustls-ffi\build\tests\Release\client.exe
           SERVER_BINARY: D:\a\rustls-ffi\rustls-ffi\build\tests\Release\server.exe
 
+  test-windows-cmake-fips:
+    name: Windows CMake, FIPS
+    runs-on: windows-latest
+    env:
+      AWS_LC_SYS_PREBUILT_NASM: 1
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+      - name: Install nightly rust toolchain
+        uses: dtolnay/rust-toolchain@nightly
+      - name: Install NASM for aws-lc-rs
+        uses: ilammy/setup-nasm@v1
+      - name: Install ninja-build tool for aws-lc-fips-sys on Windows
+        uses: seanmiddleditch/gha-setup-ninja@v5
+      - name: Configure CMake enabling FIPS
+        run: cmake -DFIPS="true" -S . -B build
+      - name: Build, release configuration, FIPS
+        run: cmake --build build --config Release
+      - name: Integration test, release configuration, FIPS
+        run: cargo test --features=fips --locked --test client_server client_server_integration -- --ignored --exact
+        env:
+          CLIENT_BINARY: D:\a\rustls-ffi\rustls-ffi\build\tests\Release\client.exe
+          SERVER_BINARY: D:\a\rustls-ffi\rustls-ffi\build\tests\Release\server.exe
+
   ensure-header-updated:
     runs-on: ubuntu-latest
     steps:

CMakeLists.txt

@@ -10,6 +10,8 @@ endif ()
 
 set(CERT_COMPRESSION "false" CACHE STRING "Whether to enable brotli and zlib certificate compression support")
 
+set(FIPS "false" CACHE STRING "Whether to enable aws-lc-rs and FIPS support")
+
 set(CARGO_FEATURES --no-default-features)
 if (CRYPTO_PROVIDER STREQUAL "aws-lc-rs")
     list(APPEND CARGO_FEATURES --features=aws-lc-rs)
@@ -21,6 +23,11 @@ if (CERT_COMPRESSION STREQUAL "true")
     list(APPEND CARGO_FEATURES --features=cert_compression)
 endif ()
 
+# See https://docs.rs/rustls/latest/rustls/manual/_06_fips/index.html
+if (FIPS STREQUAL "true")
+    list(APPEND CARGO_FEATURES --features=fips)
+endif ()
+
 add_subdirectory(tests)
 
 include(ExternalProject)

Cargo.lock

@@ -24,6 +24,7 @@ capi = []
 ring = ["rustls/ring", "webpki/ring"]
 aws-lc-rs = ["rustls/aws-lc-rs", "webpki/aws_lc_rs"]
 cert_compression = ["rustls/brotli", "rustls/zlib"]
+fips = ["aws-lc-rs", "rustls/fips"]
 
 [dependencies]
 # Keep in sync with RUSTLS_CRATE_VERSION in build.rs

Cargo.toml

@@ -11,6 +11,7 @@ CFLAGS := -Werror -Wall -Wextra -Wpedantic -g -I src/
 PROFILE := release
 CRYPTO_PROVIDER := aws-lc-rs
 COMPRESSION := false
+FIPS := false
 DESTDIR=/usr/local
 
 ifeq ($(PROFILE), debug)
@@ -41,6 +42,11 @@ ifeq ($(COMPRESSION), true)
 	LDFLAGS += -lm
 endif
 
+# See https://docs.rs/rustls/latest/rustls/manual/_06_fips/index.html
+ifeq ($(FIPS), true)
+	CARGOFLAGS += --features fips
+endif
+
 default: target/$(PROFILE)/librustls_ffi.a
 
 all: default test integration connect-test

Makefile

@@ -15,6 +15,7 @@ CFLAGS := -Werror -Wall -Wextra -Wpedantic -g -I src/
 PROFILE := release
 CRYPTO_PROVIDER := aws-lc-rs
 CERT_COMPRESSION := false
+FIPS := false
 PREFIX=/usr/local
 
 ifeq ($(PROFILE), debug)
@@ -39,6 +40,11 @@ ifeq ($(CERT_COMPRESSION), true)
 	CARGOFLAGS += --features cert_compression
 endif
 
+# See https://docs.rs/rustls/latest/rustls/manual/_06_fips/index.html
+ifeq ($(FIPS), true)
+	CARGOFLAGS += --features fips
+endif
+
 all: target/client target/server
 
 integration: all

Makefile.pkg-config

@@ -110,19 +110,25 @@ fn client_server_integration() {
         ],
     };
 
+    // CHACHA20 is not FIPS approved :)
+    #[cfg(not(feature = "fips"))]
+    let custom_ciphersuite = "TLS13_CHACHA20_POLY1305_SHA256";
+    #[cfg(feature = "fips")]
+    let custom_ciphersuite = "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256";
+
     let custom_ciphersuites = TestCase {
         name: "client/server with limited ciphersuites",
         server_opts: ServerOptions {
             valgrind: valgrind.clone(),
-            env: vec![("RUSTLS_CIPHERSUITE", "TLS13_CHACHA20_POLY1305_SHA256")],
+            env: vec![("RUSTLS_CIPHERSUITE", custom_ciphersuite)],
         },
         client_tests: vec![
             ClientTest {
                 name: "limited ciphersuite, supported by server",
                 valgrind: valgrind.clone(),
                 env: vec![
                     ("NO_CHECK_CERTIFICATE", "1"),
-                    ("RUSTLS_CIPHERSUITE", "TLS13_CHACHA20_POLY1305_SHA256"),
+                    ("RUSTLS_CIPHERSUITE", custom_ciphersuite),
                 ],
                 expect_error: false,
             },