Skip to content

Commit

Permalink
Raise MSRV to 1.60.0
Browse files Browse the repository at this point in the history
  • Loading branch information
alex committed Jun 8, 2023
1 parent 6761d76 commit a57b722
Show file tree
Hide file tree
Showing 17 changed files with 35 additions and 37 deletions.
3 changes: 1 addition & 2 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -52,10 +52,9 @@ jobs:
- {VERSION: "3.11", NOXSESSION: "tests", OPENSSL: {TYPE: "openssl", VERSION: "80935bf5ad309bf6c03591acf1d48fe1db57b78f"}}
# Builds with various Rust versions. Includes MSRV and next
# potential future MSRV:
# 1.60 - pem 2.0.1, once_cell 1.18.0
# 1.64 - maturin
- {VERSION: "3.11", NOXSESSION: "tests-nocoverage", RUST: "1.56.0"}
- {VERSION: "3.11", NOXSESSION: "rust,tests", RUST: "1.60.0"}
- {VERSION: "3.11", NOXSESSION: "rust,tests", RUST: "1.64.0"}
- {VERSION: "3.11", NOXSESSION: "rust,tests", RUST: "beta"}
- {VERSION: "3.11", NOXSESSION: "rust,tests", RUST: "nightly"}
timeout-minutes: 15
Expand Down
2 changes: 2 additions & 0 deletions CHANGELOG.rst
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ Changelog

.. note:: This version is not yet released and is under active development.

* Updated the minimum supported Rust version (MSRV) to 1.60.0, from 1.56.0.

.. _v41-0-1:

41.0.1 - 2023-06-01
Expand Down
8 changes: 4 additions & 4 deletions docs/installation.rst
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ Alpine

.. warning::

The Rust available by default in Alpine < 3.15 is older than the minimum
The Rust available by default in Alpine < 3.16 is older than the minimum
supported version. See the :ref:`Rust installation instructions
<installation:Rust>` for information about installing a newer Rust.

Expand Down Expand Up @@ -135,8 +135,8 @@ Fedora/RHEL/CentOS

.. warning::

For RHEL and CentOS you must be on version 8.6 or newer for the command
below to install a sufficiently new Rust. If your Rust is less than 1.56.0
For RHEL and CentOS you must be on version 8.7 or newer for the command
below to install a sufficiently new Rust. If your Rust is less than 1.60.0
please see the :ref:`Rust installation instructions <installation:Rust>`
for information about installing a newer Rust.

Expand Down Expand Up @@ -314,7 +314,7 @@ Rust
a Rust toolchain.

Building ``cryptography`` requires having a working Rust toolchain. The current
minimum supported Rust version is 1.56.0. **This is newer than the Rust some
minimum supported Rust version is 1.60.0. **This is newer than the Rust some
package managers ship**, so users may need to install with the
instructions below.

Expand Down
2 changes: 1 addition & 1 deletion setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@
"cryptography.hazmat.bindings._rust",
"src/rust/Cargo.toml",
py_limited_api=True,
rust_version=">=1.56.0",
rust_version=">=1.60.0",
)
],
)
Expand Down
12 changes: 6 additions & 6 deletions src/rust/Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions src/rust/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ authors = ["The cryptography developers <cryptography-dev@python.org>"]
edition = "2021"
publish = false
# This specifies the MSRV
rust-version = "1.56.0"
rust-version = "1.60.0"

[dependencies]
once_cell = "1"
Expand All @@ -14,7 +14,7 @@ asn1 = { version = "0.15.2", default-features = false }
cryptography-cffi = { path = "cryptography-cffi" }
cryptography-x509 = { path = "cryptography-x509" }
cryptography-openssl = { path = "cryptography-openssl" }
pem = "1.1"
pem = { version = "2", default-features = false }
ouroboros = "0.15"
openssl = "0.10.54"
openssl-sys = "0.9.88"
Expand Down
2 changes: 1 addition & 1 deletion src/rust/cryptography-cffi/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ authors = ["The cryptography developers <cryptography-dev@python.org>"]
edition = "2021"
publish = false
# This specifies the MSRV
rust-version = "1.56.0"
rust-version = "1.60.0"

[dependencies]
pyo3 = { version = "0.19", features = ["abi3-py37"] }
Expand Down
2 changes: 1 addition & 1 deletion src/rust/cryptography-openssl/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ authors = ["The cryptography developers <cryptography-dev@python.org>"]
edition = "2021"
publish = false
# This specifies the MSRV
rust-version = "1.56.0"
rust-version = "1.60.0"

[dependencies]
openssl = "0.10.54"
Expand Down
2 changes: 1 addition & 1 deletion src/rust/cryptography-x509/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ authors = ["The cryptography developers <cryptography-dev@python.org>"]
edition = "2021"
publish = false
# This specifies the MSRV
rust-version = "1.56.0"
rust-version = "1.60.0"

[dependencies]
asn1 = { version = "0.15.2", default-features = false }
2 changes: 1 addition & 1 deletion src/rust/cryptography-x509/src/certificate.rs
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ impl<'a> TbsCertificate<'a> {
}
}

#[derive(asn1::Asn1Read, asn1::Asn1Write, Hash, PartialEq, Clone)]
#[derive(asn1::Asn1Read, asn1::Asn1Write, Hash, PartialEq, Eq, Clone)]
pub struct Validity {
pub not_before: common::Time,
pub not_after: common::Time,
Expand Down
6 changes: 3 additions & 3 deletions src/rust/cryptography-x509/src/common.rs
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,7 @@ pub enum AlgorithmParameters<'a> {
Other(asn1::ObjectIdentifier, Option<asn1::Tlv<'a>>),
}

#[derive(asn1::Asn1Read, asn1::Asn1Write, Hash, PartialEq, Clone)]
#[derive(asn1::Asn1Read, asn1::Asn1Write, Hash, PartialEq, Eq, Clone)]
pub struct SubjectPublicKeyInfo<'a> {
_algorithm: AlgorithmIdentifier<'a>,
pub subject_public_key: asn1::BitString<'a>,
Expand Down Expand Up @@ -157,7 +157,7 @@ impl<'a> asn1::Asn1Writable for RawTlv<'a> {
}
}

#[derive(asn1::Asn1Read, asn1::Asn1Write, PartialEq, Hash, Clone)]
#[derive(asn1::Asn1Read, asn1::Asn1Write, PartialEq, Eq, Hash, Clone)]
pub enum Time {
UtcTime(asn1::UtcTime),
GeneralizedTime(asn1::GeneralizedTime),
Expand All @@ -172,7 +172,7 @@ impl Time {
}
}

#[derive(Hash, PartialEq, Clone)]
#[derive(Hash, PartialEq, Eq, Clone)]
pub enum Asn1ReadableOrWritable<'a, T, U> {
Read(T, PhantomData<&'a ()>),
Write(U, PhantomData<&'a ()>),
Expand Down
2 changes: 1 addition & 1 deletion src/rust/cryptography-x509/src/name.rs
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ impl<'a> asn1::SimpleAsn1Writable for UnvalidatedIA5String<'a> {
}
}

#[derive(asn1::Asn1Read, asn1::Asn1Write, PartialEq, Hash)]
#[derive(asn1::Asn1Read, asn1::Asn1Write, PartialEq, Eq, Hash)]
pub struct OtherName<'a> {
pub type_id: asn1::ObjectIdentifier,
#[explicit(0, required)]
Expand Down
5 changes: 1 addition & 4 deletions src/rust/src/asn1.rs
Original file line number Diff line number Diff line change
Expand Up @@ -104,10 +104,7 @@ pub(crate) fn encode_der_data<'p>(
Ok(pyo3::types::PyBytes::new(
py,
&pem::encode_config(
&pem::Pem {
tag: pem_tag,
contents: data,
},
&pem::Pem::new(pem_tag, data),
pem::EncodeConfig {
line_ending: pem::LineEnding::LF,
},
Expand Down
4 changes: 2 additions & 2 deletions src/rust/src/backend/dh.rs
Original file line number Diff line number Diff line change
Expand Up @@ -83,11 +83,11 @@ fn from_der_parameters(data: &[u8]) -> CryptographyResult<DHParameters> {
fn from_pem_parameters(data: &[u8]) -> CryptographyResult<DHParameters> {
let parsed = x509::find_in_pem(
data,
|p| p.tag == "DH PARAMETERS" || p.tag == "X9.42 DH PARAMETERS",
|p| p.tag() == "DH PARAMETERS" || p.tag() == "X9.42 DH PARAMETERS",
"Valid PEM but no BEGIN DH PARAMETERS/END DH PARAMETERS delimiters. Are you sure this is a DH parameters?",
)?;

from_der_parameters(&parsed.contents)
from_der_parameters(parsed.contents())
}

fn dh_parameters_from_numbers(
Expand Down
8 changes: 4 additions & 4 deletions src/rust/src/x509/certificate.rs
Original file line number Diff line number Diff line change
Expand Up @@ -351,12 +351,12 @@ fn load_pem_x509_certificate(py: pyo3::Python<'_>, data: &[u8]) -> CryptographyR
// https://github.com/openssl/openssl/blob/5e2d22d53ed322a7124e26a4fbd116a8210eb77a/include/openssl/pem.h#L32-L33
let parsed = x509::find_in_pem(
data,
|p| p.tag == "CERTIFICATE" || p.tag == "X509 CERTIFICATE",
|p| p.tag() == "CERTIFICATE" || p.tag() == "X509 CERTIFICATE",
"Valid PEM but no BEGIN CERTIFICATE/END CERTIFICATE delimiters. Are you sure this is a certificate?",
)?;
load_der_x509_certificate(
py,
pyo3::types::PyBytes::new(py, &parsed.contents).into_py(py),
pyo3::types::PyBytes::new(py, parsed.contents()).into_py(py),
)
}

Expand All @@ -367,9 +367,9 @@ fn load_pem_x509_certificates(
) -> CryptographyResult<Vec<Certificate>> {
let certs = pem::parse_many(data)?
.iter()
.filter(|p| p.tag == "CERTIFICATE" || p.tag == "X509 CERTIFICATE")
.filter(|p| p.tag() == "CERTIFICATE" || p.tag() == "X509 CERTIFICATE")
.map(|p| {
load_der_x509_certificate(py, pyo3::types::PyBytes::new(py, &p.contents).into_py(py))
load_der_x509_certificate(py, pyo3::types::PyBytes::new(py, p.contents()).into_py(py))
})
.collect::<Result<Vec<_>, _>>()?;

Expand Down
4 changes: 2 additions & 2 deletions src/rust/src/x509/crl.rs
Original file line number Diff line number Diff line change
Expand Up @@ -45,12 +45,12 @@ fn load_pem_x509_crl(
) -> Result<CertificateRevocationList, CryptographyError> {
let block = x509::find_in_pem(
data,
|p| p.tag == "X509 CRL",
|p| p.tag() == "X509 CRL",
"Valid PEM but no BEGIN X509 CRL/END X509 delimiters. Are you sure this is a CRL?",
)?;
load_der_x509_crl(
py,
pyo3::types::PyBytes::new(py, &block.contents).into_py(py),
pyo3::types::PyBytes::new(py, block.contents()).into_py(py),
)
}

Expand Down
4 changes: 2 additions & 2 deletions src/rust/src/x509/csr.rs
Original file line number Diff line number Diff line change
Expand Up @@ -256,12 +256,12 @@ fn load_pem_x509_csr(
// https://github.com/openssl/openssl/blob/5e2d22d53ed322a7124e26a4fbd116a8210eb77a/include/openssl/pem.h#L35-L36
let parsed = x509::find_in_pem(
data,
|p| p.tag == "CERTIFICATE REQUEST" || p.tag == "NEW CERTIFICATE REQUEST",
|p| p.tag() == "CERTIFICATE REQUEST" || p.tag() == "NEW CERTIFICATE REQUEST",
"Valid PEM but no BEGIN CERTIFICATE REQUEST/END CERTIFICATE REQUEST delimiters. Are you sure this is a CSR?",
)?;
load_der_x509_csr(
py,
pyo3::types::PyBytes::new(py, &parsed.contents).into_py(py),
pyo3::types::PyBytes::new(py, parsed.contents()).into_py(py),
)
}

Expand Down

0 comments on commit a57b722

Please sign in to comment.