Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x509-cert: v0.3 release train #1289

Open
baloo opened this issue Jan 3, 2024 · 6 comments
Open

x509-cert: v0.3 release train #1289

baloo opened this issue Jan 3, 2024 · 6 comments

Comments

@baloo
Copy link
Member

baloo commented Jan 3, 2024
edited

I'd like to start a release train for x509-cert v0.3 and here is a list of things I'd like to fix/merge:

(feel free to comment or edit this issue to add things)
@tarcieri
Copy link
Member

tarcieri commented Jan 3, 2024

I'm ready to flip over whenever you are. It would be very helpful for upgrading the https://github.com/rustcrypto/traits crates which I'm currently in the middle of.

I was mostly holding off so you could finish some of ^^^ PRs, but if you're fine with them all going into the next breaking release I can flip this repo over ASAP.

@baloo
Copy link
Member Author

baloo commented Jan 3, 2024

I'll finish all the PRs I've put up, but I would absolutely love to see AsyncBuilder in and available ASAP.
I'd also take the opportunity to fix #1281 as this requires an API break as well.

@tarcieri
Copy link
Member

tarcieri commented Jan 4, 2024

Here's an initial set of prerelease bumps: #1296

However, it doesn't yet include x509-cert due to its dev-dependencies on pubkey crypto crates used to test the certificate builder.

tarcieri added a commit that referenced this issue Jan 19, 2024
@tarcieri
Bump X.509-based crates to prereleases versions
47e611b 
For next release cycle, as was started in #1296. Due to circular
dependencies (on e.g. digital signature libraries) this wasn't possible
at that time, but is now that we've made prereleases of all of the
requisite dependencies.

This bumps the following crates to prerelease versions (not intended for
release, just to signal we're making breaking changes):

- `cmpv2` v0.3.0-pre
- `cms` v0.3.0-pre
- `crmf` v0.3.0-pre
- `gss-api` v0.2.0-pre
- `pkcs12` v0.2.0-pre
- `x509-cert` v0.3.0-pre
- `x509-ocsp` v0.3.0-pre
- `x509-tsp` v0.2.0-pre

See also: #1289
@tarcieri tarcieri mentioned this issue Jan 19, 2024
Merged
tarcieri added a commit that referenced this issue Jan 19, 2024
@tarcieri
Bump X.509-based crates to prereleases versions; MSRV 1.72
08f53b2 
For next release cycle, as was started in #1296. Due to circular
dependencies (on e.g. digital signature libraries) this wasn't possible
at that time, but is now that we've made prereleases of all of the
requisite dependencies.

This bumps the following crates to prerelease versions (not intended for
release, just to signal we're making breaking changes):

- `cmpv2` v0.3.0-pre
- `cms` v0.3.0-pre
- `crmf` v0.3.0-pre
- `gss-api` v0.2.0-pre
- `pkcs12` v0.2.0-pre
- `x509-cert` v0.3.0-pre
- `x509-ocsp` v0.3.0-pre
- `x509-tsp` v0.2.0-pre

See also: #1289
tarcieri added a commit that referenced this issue Jan 19, 2024
@tarcieri
Bump X.509-based crates to prereleases versions; MSRV 1.72
c0529e1 
For next release cycle, as was started in #1296. Due to circular
dependencies (on e.g. digital signature libraries) this wasn't possible
at that time, but is now that we've made prereleases of all of the
requisite dependencies.

This bumps the following crates to prerelease versions (not intended for
release, just to signal we're making breaking changes):

- `cmpv2` v0.3.0-pre
- `cms` v0.3.0-pre
- `crmf` v0.3.0-pre
- `gss-api` v0.2.0-pre
- `pkcs12` v0.2.0-pre
- `x509-cert` v0.3.0-pre
- `x509-ocsp` v0.3.0-pre
- `x509-tsp` v0.2.0-pre

See also: #1289
tarcieri added a commit that referenced this issue Jan 20, 2024
@tarcieri
Bump X.509-based crates to prerelease versions; MSRV 1.75 (#1326)
a269243 
For next release cycle, as was started in #1296. Due to circular
dependencies (on e.g. digital signature libraries) this wasn't possible
at that time, but is now that we've made prereleases of all of the
requisite dependencies.

This bumps the following crates to prerelease versions (not intended for
release, just to signal we're making breaking changes):

- `cmpv2` v0.3.0-pre
- `cms` v0.3.0-pre
- `crmf` v0.3.0-pre
- `gss-api` v0.2.0-pre
- `pkcs12` v0.2.0-pre
- `x509-cert` v0.3.0-pre
- `x509-ocsp` v0.3.0-pre
- `x509-tsp` v0.2.0-pre

See also: #1289
@itsbalamurali
Copy link

@baloo can you please update the signature dependency on x509-cert to match with latest RSA release ? while cutting a new release.

error: failed to select a version for `signature`.
    ... required by package `x509-cert v0.3.0-pre (https://github.com/RustCrypto/formats.git#f299a423)`
    ... which satisfies git dependency `x509-cert` (locked to 0.3.0-pre) of package `samael v0.0.14 (.../samael)`
versions that meet the requirements `=2.3.0-pre.2` are: 2.3.0-pre.2

all possible versions conflict with previously selected packages.

  previously selected package `signature v2.3.0-pre.3`
    ... which satisfies dependency `signature = "=2.3.0-pre.3"` of package `rsa v0.10.0-pre.1`
    ... which satisfies dependency `rsa = "^0.10.0-pre.1"` of package `samael v0.0.14 (.../samael)`

failed to select a version for `signature` which could resolve this conflict

Thanks!

@baloo
Copy link
Member Author

baloo commented Feb 6, 2024
edited

I've beat you to it #1344 :)

Here is the [patch.crate-io] I currently go with:

[patch.crates-io]
ssh-agent-lib = { git = "https://github.com/wiktor-k/ssh-agent-lib.git" }
#oauth2 = { path = "../oauth2-rs" }

# https://github.com/RustCrypto/signatures/pull/807
ed25519 = { git = "https://github.com/baloo/signatures.git", branch = "baloo/pkcs8-0.11.0-pre.0" }

p256 = { git = "https://github.com/RustCrypto/elliptic-curves.git" }
p384 = { git = "https://github.com/RustCrypto/elliptic-curves.git" }

# https://github.com/iqlusioninc/yubikey.rs/pull/554
yubikey = { git = "https://github.com/baloo/yubikey.rs.git", branch = "baloo/rustcrypto-pre-releases" }

async-signature = { git = "https://github.com/RustCrypto/traits.git" }

# https://github.com/RustCrypto/formats/pull/1344
cms       = { git = "https://github.com/baloo/formats.git", branch = "baloo/prerelease-feb-2024" }
x509-cert = { git = "https://github.com/baloo/formats.git", branch = "baloo/prerelease-feb-2024" }

oauth2 = { git = "https://github.com/baloo/oauth2-rs.git", branch = "baloo/sha2-prerelease" }
openidconnect = { git = "https://github.com/baloo/openidconnect-rs.git", branch = "baloo/prereleases" }

# https://github.com/dalek-cryptography/curve25519-dalek/pull/620
curve25519-dalek = { git = "https://github.com/baloo/curve25519-dalek.git", branch = "baloo/rust-crypto/digest-sha2-bumps" }
ed25519-dalek    = { git = "https://github.com/baloo/curve25519-dalek.git", branch = "baloo/rust-crypto/digest-sha2-bumps" }

# https://github.com/RustCrypto/password-hashes/pull/488
pbkdf2 = { git = "https://github.com/baloo/password-hashes.git", branch = "baloo/prereleases" }

You're probably not going to need everything.

(I can't cut a prerelease of x509-cert because of missing dependencies just yet)

@itsbalamurali
Copy link

Thanks a ton!

@pinkforest pinkforest mentioned this issue Mar 16, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tarcieri @baloo @itsbalamurali