Don't select a cryptograhic backend in non-leaf crates.

- This way, only the leaf package has to concern itself with the selection of a cryptographic backend for Sequoia. Notably, we don't have to repeat all of sequoia-openpgp's features in all crates that use sequoia-openpgp. - Enable the new feature resolver which allows for this method. - A complication arises because we want to make `cargo test` work by default for the intermediate crates without developers having to select a cryptographic backend. To make that work, we implicitly select a backend in the dev dependencies which are enabled when compiling the tests. To make it even more convenient, we select the most convenient backend, which is CNG for Windows and Nettle, our default, for every other platform. - Now that we have implicitly selected CNG on Windows for running the tests, when the user wants to use Nettle on Windows, and does `cargo test --features sequoia-openpgp/crypto-nettle`, then two backends are selected: the implicitly selected CNG and the explicitly selected Nettle. In this case, we detect that an implicit selection has been made, and ignore the implicitly selected backend. Now, this has already been compiled by cargo (remember that we cannot influence the set of dependencies at the time the build script is run), but we can still ignore the implicit backend using conditional compilation (i.e. it will not be included in the resulting binary). The same happens on non-Windows platforms where Nettle is the implicit default for tests when the user explicitly requests a different backend. In both cases, Nettle and CNG are slim wrappers around native libraries, so the wasted compilation time is low.
author: Justus Winter <justus@sequoia-pgp.org> 2022-12-15 18:04:52 +0100
committer: Justus Winter <justus@sequoia-pgp.org> 2023-01-05 16:56:05 +0100
commit: b7e1b0e5a23923bce97f91fdab16a32d80453876 (patch)
tree: 7a7e90769b0a79560c76fcc0a50d5897ba3261c0
parent: f4d4c9804a29d69ad7b88147c07f5d2639fb7d88 (diff)
7 files changed, 81 insertions, 30 deletions
diff --git a/Cargo.toml b/Cargo.toml
index a29b3830..94ebc202 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,4 +1,5 @@
 [workspace]
+resolver = "2"
 members = [
     "autocrypt",
     "buffered-reader",
diff --git a/autocrypt/Cargo.toml b/autocrypt/Cargo.toml
index b0e2fc0a..cca5041a 100644
--- a/autocrypt/Cargo.toml
+++ b/autocrypt/Cargo.toml
@@ -28,10 +28,14 @@ base64 = ">=0.12"
 [lib]
 bench = false
 
-[features]
-default = ["sequoia-openpgp/default"]
-crypto-nettle = ["sequoia-openpgp/crypto-nettle"]
-crypto-cng = ["sequoia-openpgp/crypto-cng"]
-compression = ["sequoia-openpgp/compression"]
-compression-deflate = ["sequoia-openpgp/compression-deflate"]
-compression-bzip2 = ["sequoia-openpgp/compression-bzip2"]
+# Enables a crypto backend for the tests:
+[target.'cfg(not(windows))'.dev-dependencies]
+sequoia-openpgp = { path = "../openpgp", version = "1", default-features = false, features = ["crypto-nettle", "__implicit-crypto-backend-for-tests"] }
+
+# Enables a crypto backend for the tests:
+[target.'cfg(windows)'.dev-dependencies]
+sequoia-openpgp = { path = "../openpgp", version = "1", default-features = false, features = ["crypto-cng", "__implicit-crypto-backend-for-tests"] }
+
+# Enables a crypto backend for the docs.rs generation:
+[package.metadata.docs.rs]
+features = ["sequoia-openpgp/default"]
diff --git a/ipc/Cargo.toml b/ipc/Cargo.toml
index 038b1a7e..dfe652ae 100644
--- a/ipc/Cargo.toml
+++ b/ipc/Cargo.toml
@@ -55,10 +55,14 @@ tokio = { version = "1", features = [ "macros" ] }
 [lib]
 bench = false
 
-[features]
-default = ["sequoia-openpgp/default"]
-crypto-nettle = ["sequoia-openpgp/crypto-nettle"]
-crypto-cng = ["sequoia-openpgp/crypto-cng"]
-compression = ["sequoia-openpgp/compression"]
-compression-deflate = ["sequoia-openpgp/compression-deflate"]
-compression-bzip2 = ["sequoia-openpgp/compression-bzip2"]
+# Enables a crypto backend for the tests:
+[target.'cfg(not(windows))'.dev-dependencies]
+sequoia-openpgp = { path = "../openpgp", version = "1", default-features = false, features = ["crypto-nettle", "__implicit-crypto-backend-for-tests"] }
+
+# Enables a crypto backend for the tests:
+[target.'cfg(windows)'.dev-dependencies]
+sequoia-openpgp = { path = "../openpgp", version = "1", default-features = false, features = ["crypto-cng", "__implicit-crypto-backend-for-tests"] }
+
+# Enables a crypto backend for the docs.rs generation:
+[package.metadata.docs.rs]
+features = ["sequoia-openpgp/default"]
diff --git a/net/Cargo.toml b/net/Cargo.toml
index 845dad79..724130fa 100644
--- a/net/Cargo.toml
+++ b/net/Cargo.toml
@@ -48,10 +48,14 @@ hyper = { version = "0.14", features = [ "server" ] }
 [lib]
 bench = false
 
-[features]
-default = ["sequoia-openpgp/default"]
-crypto-nettle = ["sequoia-openpgp/crypto-nettle"]
-crypto-cng = ["sequoia-openpgp/crypto-cng"]
-compression = ["sequoia-openpgp/compression"]
-compression-deflate = ["sequoia-openpgp/compression-deflate"]
-compression-bzip2 = ["sequoia-openpgp/compression-bzip2"]
+# Enables a crypto backend for the tests:
+[target.'cfg(not(windows))'.dev-dependencies]
+sequoia-openpgp = { path = "../openpgp", version = "1", default-features = false, features = ["crypto-nettle", "__implicit-crypto-backend-for-tests"] }
+
+# Enables a crypto backend for the tests:
+[target.'cfg(windows)'.dev-dependencies]
+sequoia-openpgp = { path = "../openpgp", version = "1", default-features = false, features = ["crypto-cng", "__implicit-crypto-backend-for-tests"] }
+
+# Enables a crypto backend for the docs.rs generation:
+[package.metadata.docs.rs]
+features = ["sequoia-openpgp/default"]
diff --git a/openpgp/Cargo.toml b/openpgp/Cargo.toml
index 74f9319b..85874b7b 100644
--- a/openpgp/Cargo.toml
+++ b/openpgp/Cargo.toml
@@ -109,6 +109,7 @@ crypto-rust = [
 ]
 crypto-cng = ["eax", "winapi", "win-crypto-ng", "ed25519-dalek", "num-bigint-dig"]
 crypto-openssl = ["openssl", "openssl-sys", "foreign-types-shared"]
+__implicit-crypto-backend-for-tests = []
 
 # Experimental and variable-time cryptographic backends opt-ins
 allow-experimental-crypto = []
diff --git a/openpgp/build.rs b/openpgp/build.rs
index 9de8fb76..60f07620 100644
--- a/openpgp/build.rs
+++ b/openpgp/build.rs
@@ -63,13 +63,20 @@ fn crypto_backends_sanity_check() {
     }
 
     let backends = vec![
-        (cfg!(feature = "crypto-nettle"),
+        (cfg!(all(feature = "crypto-nettle",
+                  not(all(feature = "__implicit-crypto-backend-for-tests",
+                          any(feature = "crypto-openssl",
+                              feature = "crypto-rust"))))),
          Backend {
              name: "Nettle",
              production_ready: true,
              constant_time: true,
          }),
-        (cfg!(feature = "crypto-cng"),
+        (cfg!(all(feature = "crypto-cng",
+                  not(all(feature = "__implicit-crypto-backend-for-tests",
+                          any(feature = "crypto-nettle",
+                              feature = "crypto-openssl",
+                              feature = "crypto-rust"))))),
          Backend {
              name: "Windows CNG",
              production_ready: true,
diff --git a/openpgp/src/crypto/backend.rs b/openpgp/src/crypto/backend.rs
index 780b0bb1..28fcfe14 100644
--- a/openpgp/src/crypto/backend.rs
+++ b/openpgp/src/crypto/backend.rs
@@ -3,21 +3,51 @@
 
 pub(crate) mod sha1cd;
 
-#[cfg(feature = "crypto-nettle")]
+// Nettle is the default backend, but on Windows targets we instead
+// enable CNG for running the tests in non-leaf crates that depend on
+// sequoia-openpgp.  This creates a conflict, and makes `cargo test`
+// fail.  To mitigate this, only enable the Nettle backend if we are
+// not compiling the tests and have a different backend selected.
+//
+// Note: If you add a new crypto backend, add it to the expression,
+// and also synchronize the expression to `build.rs`.
+#[cfg(all(feature = "crypto-nettle",
+          not(all(feature = "__implicit-crypto-backend-for-tests",
+                  any(feature = "crypto-openssl",
+                      feature = "crypto-rust")))))]
 mod nettle;
-#[cfg(feature = "crypto-nettle")]
+#[cfg(all(feature = "crypto-nettle",
+          not(all(feature = "__implicit-crypto-backend-for-tests",
+                  any(feature = "crypto-openssl",
+                      feature = "crypto-rust")))))]
 pub use self::nettle::*;
 
+// Nettle is the default backend, but on Windows targets we instead
+// enable CNG for running the tests in non-leaf crates that depend on
+// sequoia-openpgp.  This creates a conflict, and makes `cargo test`
+// fail.  To mitigate this, only enable the CNG backend if we are
+// not compiling the tests and have a different backend selected.
+//
+// Note: If you add a new crypto backend, add it to the expression,
+// and also synchronize the expression to `build.rs`.
+#[cfg(all(feature = "crypto-cng",
+          not(all(feature = "__implicit-crypto-backend-for-tests",
+                  any(feature = "crypto-nettle",
+                      feature = "crypto-openssl",
+                      feature = "crypto-rust")))))]
+mod cng;
+#[cfg(all(feature = "crypto-cng",
+          not(all(feature = "__implicit-crypto-backend-for-tests",
+                  any(feature = "crypto-nettle",
+                      feature = "crypto-openssl",
+                      feature = "crypto-rust")))))]
+pub use self::cng::*;
+
 #[cfg(feature = "crypto-rust")]
 mod rust;
 #[cfg(feature = "crypto-rust")]
 pub use self::rust::*;
 
-#[cfg(feature = "crypto-cng")]
-mod cng;
-#[cfg(feature = "crypto-cng")]
-pub use self::cng::*;
-
 #[cfg(feature = "crypto-openssl")]
 mod openssl;
 #[cfg(feature = "crypto-openssl")]
author	Justus Winter <justus@sequoia-pgp.org>	2022-12-15 18:04:52 +0100
committer	Justus Winter <justus@sequoia-pgp.org>	2023-01-05 16:56:05 +0100
commit	b7e1b0e5a23923bce97f91fdab16a32d80453876 (patch)
tree	7a7e90769b0a79560c76fcc0a50d5897ba3261c0
parent	f4d4c9804a29d69ad7b88147c07f5d2639fb7d88 (diff)