Fix CI failures and use cfg_if for platform

Most builds/test run with default openssl, but the full rustcrypto impl is exercised with the verification tests. The cfg_if usage means rustcrypto and openssl are no longer mututally exclusive for the default platform.
chipsalliance · Dec 14, 2023 · 229cafb · 229cafb
1 parent 73a865a
commit 229cafb
Show file tree

Hide file tree

Showing 4 changed files with 56 additions and 54 deletions.
diff --git a/ci.sh b/ci.sh
@@ -10,19 +10,19 @@ function build_rust_targets() {
   cargo build --release --manifest-path crypto/Cargo.toml --no-default-features
   cargo build --release --manifest-path platform/Cargo.toml --features=$profile --no-default-features
   cargo build --release --manifest-path dpe/Cargo.toml --features=$profile --no-default-features
-  cargo build --release --manifest-path simulator/Cargo.toml --features=$profile --no-default-features
+  cargo build --release --manifest-path simulator/Cargo.toml --features=$profile,openssl --no-default-features
   cargo build --release --manifest-path tools/Cargo.toml --features=$profile --no-default-features
 
   cargo build --manifest-path crypto/Cargo.toml --no-default-features
   cargo build --manifest-path platform/Cargo.toml --features=$profile --no-default-features
   cargo build --manifest-path dpe/Cargo.toml --features=$profile --no-default-features
-  cargo build --manifest-path simulator/Cargo.toml --features=$profile --no-default-features
+  cargo build --manifest-path simulator/Cargo.toml --features=$profile,openssl --no-default-features
   cargo build --manifest-path tools/Cargo.toml --features=$profile --no-default-features
 
   cargo clippy --manifest-path crypto/Cargo.toml --no-default-features -- --deny=warnings
   cargo clippy --manifest-path platform/Cargo.toml --features=$profile --no-default-features -- --deny=warnings
   cargo clippy --manifest-path dpe/Cargo.toml --features=$profile --no-default-features -- --deny=warnings
-  cargo clippy --manifest-path simulator/Cargo.toml --features=$profile --no-default-features -- --deny=warnings
+  cargo clippy --manifest-path simulator/Cargo.toml --features=$profile,openssl --no-default-features -- --deny=warnings
   cargo clippy --manifest-path tools/Cargo.toml --features=$profile --no-default-features -- --deny=warnings
 }
 
@@ -47,7 +47,7 @@ function test_rust_targets() {
   cargo test --manifest-path platform/Cargo.toml --features=$profile --no-default-features
   cargo test --manifest-path crypto/Cargo.toml --no-default-features
   cargo test --manifest-path dpe/Cargo.toml --features=$profile --no-default-features
-  cargo test --manifest-path simulator/Cargo.toml --features=$profile --no-default-features
+  cargo test --manifest-path simulator/Cargo.toml --features=$profile,openssl --no-default-features
 }
 
 # TODO: Support building the simulator for different profiles

diff --git a/crypto/Cargo.toml b/crypto/Cargo.toml
@@ -26,7 +26,6 @@ zeroize = { version = "1.6.0", default-features = false, features = ["zeroize_de
 [dev-dependencies]
 strum = "0.24"
 strum_macros = "0.24"
-elliptic-curve = "0.13.8"
 
 [build-dependencies]
 openssl = {version = "0.10.57", optional = true}

diff --git a/platform/Cargo.toml b/platform/Cargo.toml
@@ -6,13 +6,14 @@ version = "0.1.0"
 edition = "2021"
 
 [features]
-default = ["dpe_profile_p256_sha256", "openssl"]
+default = ["dpe_profile_p256_sha256", "openssl", "rustcrypto"]
 openssl = ["dep:openssl"]
 rustcrypto = ["dep:x509-cert"]
 dpe_profile_p256_sha256 = []
 dpe_profile_p384_sha384 = []
 
 [dependencies]
+cfg-if = "1.0.0"
 openssl = {version = "0.10.57", optional = true}
 ufmt = { git = "https://github.com/korran/ufmt.git", rev = "1d0743c1ffffc68bc05ca8eeb81c166192863f33", features = ["inline"] }
 x509-cert = {version = "0.2.4", optional = true}
diff --git a/platform/src/default.rs b/platform/src/default.rs
@@ -1,19 +1,19 @@
 // Licensed under the Apache-2.0 license
 
-#[cfg(all(feature = "openssl", feature = "rustcrypto"))]
-compile_error!("feature \"openssl\" and feature \"rustcrypto\" cannot be enabled at the same time, because they provide duplicate definitions");
-
 use crate::{Platform, PlatformError, MAX_CHUNK_SIZE, MAX_SN_SIZE};
+use cfg_if::cfg_if;
 use core::cmp::min;
 
-#[cfg(feature = "openssl")]
-use openssl::x509::X509;
-
-#[cfg(feature = "rustcrypto")]
-use x509_cert::{
-    certificate::Certificate,
-    der::{DecodePem, Encode},
-};
+cfg_if! {
+    if #[cfg(feature = "openssl")] {
+        use openssl::x509::X509;
+    } else if  #[cfg(feature = "rustcrypto")] {
+        use x509_cert::{
+            certificate::Certificate,
+            der::{DecodePem, Encode},
+        };
+    }
+}
 
 pub struct DefaultPlatform;
 
@@ -35,43 +35,45 @@ pub const TEST_CERT_PEM: &[u8] = include_bytes!("test_data/cert_256.pem");
 pub const TEST_CERT_PEM: &[u8] = include_bytes!("test_data/cert_384.pem");
 
 impl DefaultPlatform {
-    #[cfg(feature = "openssl")]
-    fn parse_issuer_name() -> Vec<u8> {
-        X509::from_pem(TEST_CERT_PEM)
-            .unwrap()
-            .subject_name()
-            .to_der()
-            .unwrap()
-    }
-
-    #[cfg(feature = "openssl")]
-    fn parse_issuer_sn() -> Vec<u8> {
-        X509::from_pem(TEST_CERT_PEM)
-            .unwrap()
-            .serial_number()
-            .to_bn()
-            .unwrap()
-            .to_vec()
-    }
-
-    #[cfg(feature = "rustcrypto")]
-    fn parse_issuer_name() -> Vec<u8> {
-        Certificate::from_pem(TEST_CERT_PEM)
-            .unwrap()
-            .tbs_certificate
-            .subject
-            .to_der()
-            .unwrap()
-    }
-
-    #[cfg(feature = "rustcrypto")]
-    fn parse_issuer_sn() -> Vec<u8> {
-        Certificate::from_pem(TEST_CERT_PEM)
-            .unwrap()
-            .tbs_certificate
-            .serial_number
-            .as_bytes()
-            .to_vec()
+    cfg_if! {
+        if #[cfg(feature = "openssl")] {
+        fn parse_issuer_name() -> Vec<u8> {
+            X509::from_pem(TEST_CERT_PEM)
+                .unwrap()
+                .subject_name()
+                .to_der()
+                .unwrap()
+        }} else if  #[cfg(feature = "rustcrypto")] {
+               fn parse_issuer_name() -> Vec<u8> {
+            Certificate::from_pem(TEST_CERT_PEM)
+                .unwrap()
+                .tbs_certificate
+                .subject
+                .to_der()
+                .unwrap()
+        }
+    }}
+
+    cfg_if! {
+        if #[cfg(feature = "openssl")] {
+       fn parse_issuer_sn() -> Vec<u8> {
+            X509::from_pem(TEST_CERT_PEM)
+                .unwrap()
+                .serial_number()
+                .to_bn()
+                .unwrap()
+                .to_vec()
+        }
+        } else if  #[cfg(feature = "rustcrypto")] {
+          fn parse_issuer_sn() -> Vec<u8> {
+            Certificate::from_pem(TEST_CERT_PEM)
+                .unwrap()
+                .tbs_certificate
+                .serial_number
+                .as_bytes()
+                .to_vec()
+        }
+        }
     }
 }