Add aws-lc-fips feature to allow linking the aws-lc-fips-sys crate #2424
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
alex
reviewed
Jun 13, 2025
| if is_aws_lc { | ||
| println!("cargo:rustc-cfg=awslc"); | ||
| println!("cargo:awslc=true"); | ||
| let is_aws_lc = cfg!(all(feature = "aws-lc", not(feature = "aws-lc-fips"))); |
There was a problem hiding this comment.
I think it'd be easier to read if this was just is_aws_lc = cfg!(feature = "aws-lc") and then below for the env var prefix just for fips first.
Comment on lines
38
to
+43
| #[cfg(feature = "aws-lc")] | ||
| pub use aws_lc_sys::*; | ||
|
|
||
| #[cfg(not(feature = "aws-lc"))] | ||
| #[cfg(feature = "aws-lc-fips")] | ||
| pub use aws_lc_fips_sys::*; | ||
|
|
There was a problem hiding this comment.
This will import both, which I think is a compilation error. My impression is we wanted to support feature-unifying aws-lc with aws-lc-fips into => aws-lc-fips only, right?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds the ability for users to enable the
aws-lc-fipscrate feature, which when enabled will utilize theaws-lc-fips-syscrate for the AWS-LC bindings. This version of AWS-LC provides bindings to AWS-LC-FIPS 3.x, which has completed FIPS validation testing by an accredited lab and has been submitted to NIST for certification.Due to the nature of having two crate features for AWS-LC bidnings (
aws-lc, andaws-lc-fips), this feature will take precedence if both features are specified due to feature unification by cargo.