[hsmtool] Add a binding to Entrust's acorn library

Entrust's `acorn` library is their experimental PQ cryptography module for their nShield HSMs. This binding gives us access to their APIs from Rust so we can write `hsmtool` commands to work with SPHINCS+ algorithms. Signed-off-by: Chris Frantz <[email protected]> (cherry picked from commit 05e7c44)
lowRISC · Dec 4, 2024 · 7ea0aa9 · 7ea0aa9
1 parent a20c5ee
commit 7ea0aa9
Show file tree

Hide file tree

Showing 6 changed files with 625 additions and 0 deletions.
diff --git a/quality/BUILD.bazel b/quality/BUILD.bazel
@@ -170,6 +170,9 @@ RUST_TARGETS = [
     "//sw/host/cryptotest:cryptotest_parser_test",
     "//sw/host/hsmtool:hsmlib",
     "//sw/host/hsmtool:hsmlib_test",
+    "//sw/host/hsmtool/acorn:acorn",
+    "//sw/host/ot_certs:ot_certs",
+    "//sw/host/ot_certs:ot_certs_test",
     "//sw/host/opentitanlib:opentitanlib",
     "//sw/host/opentitanlib:opentitanlib_test",
     "//sw/host/opentitansession:opentitansession",

diff --git a/sw/host/hsmtool/acorn/BUILD b/sw/host/hsmtool/acorn/BUILD
@@ -0,0 +1,24 @@
+# Copyright lowRISC contributors (OpenTitan project).
+# Licensed under the Apache License, Version 2.0, see LICENSE for details.
+# SPDX-License-Identifier: Apache-2.0
+
+load("@rules_rust//rust:defs.bzl", "rust_library", "rust_test")
+load("@rules_rust//bindgen:bindgen.bzl", "rust_bindgen_library")
+
+package(default_visibility = ["//visibility:public"])
+
+rust_library(
+    name = "acorn",
+    srcs = [
+        "acorn.rs",
+        "lib.rs",
+    ],
+    crate_root = "lib.rs",
+    deps = [
+        "//sw/host/hsmtool/acorn/vendor:acorn_bindgen",
+        "@crate_index//:anyhow",
+        "@crate_index//:bitflags",
+        "@crate_index//:libloading",
+        "@crate_index//:thiserror",
+    ],
+)