diff options
author | Alexander Kjäll <alexander.kjall@gmail.com> | 2023-05-09 16:52:12 +0200 |
---|---|---|
committer | Neal H. Walfield <neal@pep.foundation> | 2023-05-15 13:12:55 +0200 |
commit | 013bbc3983d7eade008e9b5936f9d9d95aa75283 (patch) | |
tree | 921be407a91555479264de98d2194c2df6e2f145 | |
parent | c9d5e495e4f9c682c22f1b9c02e7679ad97e4637 (diff) |
openpgp: Change crypto-botan to use botan v3.
- Version 3 of Botan was release in April 2023. It is already
distributed by Arch. Switch crypto-botan to select the v3
interface.
- Introduce the `crypto-botan2` feature to use Botan with Botan's v2
interface.
-rw-r--r-- | .gitlab-ci.yml | 4 | ||||
-rw-r--r-- | openpgp/Cargo.toml | 3 | ||||
-rw-r--r-- | openpgp/NEWS | 3 | ||||
-rw-r--r-- | openpgp/README.md | 4 | ||||
-rw-r--r-- | openpgp/build.rs | 8 | ||||
-rw-r--r-- | openpgp/src/crypto/backend.rs | 8 |
6 files changed, 24 insertions, 6 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 875e6cab..8cb9789c 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -126,8 +126,8 @@ bookworm-crypto-botan: interruptible: true image: 192.168.122.1:5000/sequoia-pgp/build-docker-image/bookworm-prebuild:latest script: - - cargo run --manifest-path openpgp/Cargo.toml --no-default-features --features crypto-botan,compression --example supported-algorithms - - cargo test --manifest-path openpgp/Cargo.toml --no-default-features --features crypto-botan,compression + - cargo run --manifest-path openpgp/Cargo.toml --no-default-features --features crypto-botan2,compression --example supported-algorithms + - cargo test --manifest-path openpgp/Cargo.toml --no-default-features --features crypto-botan2,compression variables: CARGO_TARGET_DIR: /target CARGO_HOME: /cargo diff --git a/openpgp/Cargo.toml b/openpgp/Cargo.toml index da69e516..8a4ce2fa 100644 --- a/openpgp/Cargo.toml +++ b/openpgp/Cargo.toml @@ -134,7 +134,8 @@ crypto-cng = [ "num-bigint-dig" ] crypto-openssl = ["openssl", "openssl-sys"] -crypto-botan = ["botan"] +crypto-botan = ["botan/botan3"] +crypto-botan2 = ["botan"] __implicit-crypto-backend-for-tests = [] # Experimental and variable-time cryptographic backends opt-ins diff --git a/openpgp/NEWS b/openpgp/NEWS index 2edd6bf4..4c5bf1ed 100644 --- a/openpgp/NEWS +++ b/openpgp/NEWS @@ -14,6 +14,9 @@ ** Notable fixes - Several parser bugs were fixed. These are all low-severity as Rust correctly detects the out of bounds access and panics. + * Notable changes + - The crypto/botan feature now selects Botan's v3 interface. The + crypt/botan2 feature can be used to select Botan's v2 interface. * Changes in 1.15.0 ** New functionality - StandardPolicy::accept_hash_property diff --git a/openpgp/README.md b/openpgp/README.md index b7541fa4..f814d98c 100644 --- a/openpgp/README.md +++ b/openpgp/README.md @@ -82,7 +82,9 @@ at compile time. Currently, these libraries are available: - The Botan backend. To select this backend, use `default-features = false`, and explicitly include the - `crypto-botan` feature to enable it. + `crypto-botan` feature to enable it. `crypto-botan` defaults to + Botan v3, which was release in April 2023. Use `crypto-botan2` to + use v2. - The Windows Cryptography API: Next Generation (CNG). To select this backend, use `default-features = false`, and explicitly diff --git a/openpgp/build.rs b/openpgp/build.rs index 2a2aa9a1..57969fd3 100644 --- a/openpgp/build.rs +++ b/openpgp/build.rs @@ -67,6 +67,7 @@ fn crypto_backends_sanity_check() { not(all(feature = "__implicit-crypto-backend-for-tests", any(feature = "crypto-openssl", feature = "crypto-botan", + feature = "crypto-botan2", feature = "crypto-rust"))))), Backend { name: "Nettle", @@ -78,6 +79,7 @@ fn crypto_backends_sanity_check() { any(feature = "crypto-nettle", feature = "crypto-openssl", feature = "crypto-botan", + feature = "crypto-botan2", feature = "crypto-rust"))))), Backend { name: "Windows CNG", @@ -102,6 +104,12 @@ fn crypto_backends_sanity_check() { production_ready: true, constant_time: true, }), + (cfg!(feature = "crypto-botan2"), + Backend { + name: "Botan", + production_ready: true, + constant_time: true, + }), ].into_iter().filter_map(|(selected, backend)| { if selected { Some(backend) } else { None } }).collect::<Vec<_>>(); diff --git a/openpgp/src/crypto/backend.rs b/openpgp/src/crypto/backend.rs index 7cae8a8a..2aecfb69 100644 --- a/openpgp/src/crypto/backend.rs +++ b/openpgp/src/crypto/backend.rs @@ -15,12 +15,14 @@ pub(crate) mod sha1cd; not(all(feature = "__implicit-crypto-backend-for-tests", any(feature = "crypto-openssl", feature = "crypto-botan", + feature = "crypto-botan2", feature = "crypto-rust")))))] mod nettle; #[cfg(all(feature = "crypto-nettle", not(all(feature = "__implicit-crypto-backend-for-tests", any(feature = "crypto-openssl", feature = "crypto-botan", + feature = "crypto-botan2", feature = "crypto-rust")))))] pub use self::nettle::*; @@ -37,6 +39,7 @@ pub use self::nettle::*; any(feature = "crypto-nettle", feature = "crypto-openssl", feature = "crypto-botan", + feature = "crypto-botan2", feature = "crypto-rust")))))] mod cng; #[cfg(all(feature = "crypto-cng", @@ -44,6 +47,7 @@ mod cng; any(feature = "crypto-nettle", feature = "crypto-openssl", feature = "crypto-botan", + feature = "crypto-botan2", feature = "crypto-rust")))))] pub use self::cng::*; @@ -57,7 +61,7 @@ mod openssl; #[cfg(feature = "crypto-openssl")] pub use self::openssl::*; -#[cfg(feature = "crypto-botan")] +#[cfg(any(feature = "crypto-botan", feature = "crypto-botan2"))] mod botan; -#[cfg(feature = "crypto-botan")] +#[cfg(any(feature = "crypto-botan", feature = "crypto-botan2"))] pub use self::botan::*; |