me
/
guix
Archived
1
0
Fork 0
Code

gnu: rust-ring-0.16: Generate more bundled files. 

* gnu/packages/crates-io.scm (rust-ring-0.16-sources): New variable.
(rust-ring-0.16)[source]: Use rust-ring-0.16-sources.  Drop patches and
snippet.
[arguments]: Remove custom phase generating curve25519 tables.
[native-inputs]: Remove field.
(rust-rustls-0.20)[native-inputs]: Remove field.
* gnu/packages/rust-apps.scm (agate, alfis, maturin, rust-cargo-edit,
sniffglue, spotifyd, tealdeer)[native-inputs]: Remove perl.
* gnu/packages/patches/rust-ring-0.16-missing-files.patch,
gnu/packages/patches/rust-ring-0.16-test-files.patch: Remove files.
* gnu/local.mk (dist_patch_DATA): Remove them.

Change-Id: I919207b6aacab78602ae18123ab345a34b00863f
master
Efraim Flashner 2023-12-24 12:56:49 +02:00
parent 04b2a8d2a7
commit eeaead0d2e
No known key found for this signature in database
GPG Key ID: 41AAE7DCCA3D8351
5 changed files with 183 additions and 2394 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
gnu/local.mk
View File

@ -2001,8 +2001,6 @@ dist_patch_DATA = \
%D%/packages/patches/rustc-1.54.0-src.patch \
%D%/packages/patches/rust-1.64-fix-riscv64-bootstrap.patch \
%D%/packages/patches/rust-1.70-fix-rustix-build.patch \
%D%/packages/patches/rust-ring-0.16-missing-files.patch \
%D%/packages/patches/rust-ring-0.16-test-files.patch \
%D%/packages/patches/rust-ring-0.17-ring-core.patch \
%D%/packages/patches/i3status-rust-enable-unstable-features.patch \
%D%/packages/patches/rust-ndarray-remove-blas-src-dep.patch \

213
gnu/packages/crates-io.scm
View File

@ -64190,33 +64190,187 @@ Digital Signature Algorithm} (ECDSA).")
(description "This package provided safe, fast, small crypto using Rust.")
(license (list license:isc license:openssl))))
(define rust-ring-0.16-sources
(let* ((version "0.16.20")
(upstream-source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/briansmith/ring")
(commit "9cc0d45f4d8521f467bb3a621e74b1535e118188")))
(file-name (git-file-name "rust-ring" version))
(sha256
(base32 "1aps05i5308ka03968glnnqr4kdkk2x4ghlg5vrqhl78jm6ivvby")))))
(origin
(method computed-origin-method)
(file-name (string-append "rust-ring-" version ".tar.gz"))
(sha256 #f)
(uri
(delay
(with-imported-modules '((guix build utils))
#~(begin
(use-modules (guix build utils))
(set-path-environment-variable
"PATH" '("bin")
(list #+(canonical-package gzip)
#+(canonical-package tar)
#+perl
#+nasm
#+go
#+clang ; clang-format
#+python2-minimal))
(setenv "HOME" (getcwd))
(copy-recursively #+upstream-source
(string-append "ring-" #$version))
(with-directory-excursion (string-append "ring-" #$version)
(begin
;; It turns out Guix's nasm works just fine here.
(substitute* "build.rs"
(("./target/tools/nasm") "nasm"))
;; Files which would be deleted in a snippet:
(delete-file "crypto/curve25519/curve25519_tables.h")
(delete-file "crypto/fipsmodule/ec/ecp_nistz256_table.inl")
;; Files to be generated in the sources:
(format #t "Generating the missing files ...~%")
(force-output)
(with-directory-excursion "crypto/curve25519"
(with-output-to-file "curve25519_tables.h"
(lambda _ (invoke "python" "make_curve25519_tables.py"))))
(with-directory-excursion "crypto/fipsmodule/ec"
(with-output-to-file "ecp_nistz256_table.inl"
(lambda _ (invoke "go" "run" "make_p256-x86_64-table.go"))))
(format #t "Generating the pregenerated files ...~%")
(force-output)
(mkdir-p "pregenerated/tmp")
;; We generate all the files which upstream would normally be
;; generate by using '(cd pregenerate_asm && cargo clean &&
;; cargo build) ./pregenerate_asm/target/debug/pregenerate_asm'
;; in order to not include a dependency on cargo when
;; generating the sources.
(define (prefix script)
(string-append
"pregenerated/"
(string-drop-right
(string-drop script
(string-index-right script #\/)) 3)))
(for-each
(lambda (script)
(invoke "perl" script "elf"
(string-append (prefix script) "-elf.S"))
(invoke "perl" script "macosx"
(string-append (prefix script) "-macosx.S"))
(invoke "perl" script "nasm"
(string-append
"pregenerated/tmp/"
(string-drop (prefix script) 13) "-nasm.asm")))
'("crypto/fipsmodule/aes/asm/aesni-x86_64.pl"
"crypto/fipsmodule/aes/asm/vpaes-x86_64.pl"
"crypto/fipsmodule/bn/asm/x86_64-mont.pl"
"crypto/fipsmodule/bn/asm/x86_64-mont5.pl"
"crypto/chacha/asm/chacha-x86_64.pl"
"crypto/fipsmodule/ec/asm/p256-x86_64-asm.pl"
"crypto/fipsmodule/modes/asm/aesni-gcm-x86_64.pl"
"crypto/fipsmodule/modes/asm/ghash-x86_64.pl"
"crypto/fipsmodule/sha/asm/sha512-x86_64.pl"
"crypto/cipher_extra/asm/chacha20_poly1305_x86_64.pl"))
(invoke "perl" "crypto/fipsmodule/sha/asm/sha512-x86_64.pl"
"elf" "pregenerated/sha256-x86_64-elf.S")
(invoke "perl" "crypto/fipsmodule/sha/asm/sha512-x86_64.pl"
"macosx" "pregenerated/sha256-x86_64-macosx.S")
(invoke "perl" "crypto/fipsmodule/sha/asm/sha512-x86_64.pl"
"nasm" "pregenerated/tmp/sha256-x86_64-nasm.asm")
(for-each
(lambda (script)
(invoke "nasm" "-o" (string-append (prefix script) "obj")
"-f" "win64" "-Xgnu" "-gcv8" script))
(find-files "pregenerated/tmp" "\\.asm"))
(for-each
(lambda (script)
(invoke "perl" script "ios64"
(string-append (prefix script) "-ios64.S"))
(invoke "perl" script "linux64"
(string-append (prefix script) "-linux64.S")))
'("crypto/fipsmodule/aes/asm/aesv8-armx.pl"
"crypto/fipsmodule/modes/asm/ghashv8-armx.pl"
"crypto/fipsmodule/aes/asm/vpaes-armv8.pl"
"crypto/fipsmodule/bn/asm/armv8-mont.pl"
"crypto/chacha/asm/chacha-armv8.pl"
"crypto/fipsmodule/ec/asm/ecp_nistz256-armv8.pl"
"crypto/fipsmodule/modes/asm/ghash-neon-armv8.pl"
"crypto/fipsmodule/sha/asm/sha512-armv8.pl"))
(invoke "perl" "crypto/fipsmodule/sha/asm/sha512-armv8.pl"
"ios64" "pregenerated/sha256-armv8-ios64.S")
(invoke "perl" "crypto/fipsmodule/sha/asm/sha512-armv8.pl"
"linux64" "pregenerated/sha256-armv8-linux64.S")
(for-each
(lambda (script)
(invoke "perl" script "elf"
"-fPIC" "-DOPENSSL_IA32_SSE2"
(string-append (prefix script) "-elf.S"))
(invoke "perl" script "macosx"
"-fPIC" "-DOPENSSL_IA32_SSE2"
(string-append (prefix script) "-macosx.S"))
(invoke "perl" script "win32n"
"-fPIC" "-DOPENSSL_IA32_SSE2"
(string-append
"pregenerated/tmp/"
(string-drop (prefix script) 13) "-win32n.asm")))
'("crypto/fipsmodule/aes/asm/aesni-x86.pl"
"crypto/fipsmodule/aes/asm/vpaes-x86.pl"
"crypto/fipsmodule/bn/asm/x86-mont.pl"
"crypto/chacha/asm/chacha-x86.pl"
"crypto/fipsmodule/ec/asm/ecp_nistz256-x86.pl"
"crypto/fipsmodule/modes/asm/ghash-x86.pl"))
(for-each
(lambda (script)
(invoke "nasm" "-o" (string-append (prefix script) "obj")
"-f" "win32" "-Xgnu" "-gcv8" script))
(find-files "pregenerated/tmp" "-win32n\\.asm"))
(for-each
(lambda (script)
(invoke "perl" script "ios32"
(string-append (prefix script) "-ios32.S"))
(invoke "perl" script "linux32"
(string-append (prefix script) "-linux32.S")))
'("crypto/fipsmodule/aes/asm/aesv8-armx.pl"
"crypto/fipsmodule/modes/asm/ghashv8-armx.pl"
"crypto/fipsmodule/aes/asm/bsaes-armv7.pl"
"crypto/fipsmodule/aes/asm/vpaes-armv7.pl"
"crypto/fipsmodule/bn/asm/armv4-mont.pl"
"crypto/chacha/asm/chacha-armv4.pl"
"crypto/fipsmodule/ec/asm/ecp_nistz256-armv4.pl"
"crypto/fipsmodule/modes/asm/ghash-armv4.pl"
"crypto/fipsmodule/sha/asm/sha256-armv4.pl"
"crypto/fipsmodule/sha/asm/sha512-armv4.pl"))
(format #t "Creating the tarball ...~%")
(force-output)
;; The other option is to use cargo package --allow-dirty
(with-directory-excursion "../"
(invoke "tar" "czf" #$output
;; avoid non-determinism in the archive
"--sort=name" "--mtime=@0"
"--owner=root:0" "--group=root:0"
(string-append "ring-" #$version))))))))))))
(define-public rust-ring-0.16
(package
(inherit rust-ring-0.17)
(name "rust-ring")
(version "0.16.20")
(source
(origin
(method url-fetch)
(uri (crate-uri "ring" version))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32 "1z682xp7v38ayq9g9nkbhhfpj6ygralmlx7wdmsfv8rnw99cylrh"))
(patches (search-patches "rust-ring-0.16-missing-files.patch"
"rust-ring-0.16-test-files.patch"))
(modules '((guix build utils)))
(snippet
'(begin
(delete-file-recursively "pregenerated")
;; Regenerating the curve25519_tables requires python2 and clang-format.
;; Luckily we've added the script back in the patch.
;; Rust doesn't provide a clear way to regenerate files located in
;; source directories, so for now we don't remove the file here.
;(delete-file "crypto/curve25519/curve25519_tables.h")
;; Pretend this isn't a relase tarball.
(with-output-to-file ".git"
(lambda _
(format #t "")))))))
(source rust-ring-0.16-sources)
(arguments
`(#:cargo-inputs
(("rust-libc" ,rust-libc-0.2)
@ -64229,17 +64383,7 @@ Digital Signature Algorithm} (ECDSA).")
("rust-cc" ,rust-cc-1))
#:cargo-development-inputs
(("rust-libc" ,rust-libc-0.2)
("rust-wasm-bindgen-test" ,rust-wasm-bindgen-test-0.3))
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'generate-curve25519-tables
(lambda _
(with-directory-excursion "crypto/curve25519"
(with-output-to-file "curve25519_tables.h"
(lambda _
(invoke "python" "make_curve25519_tables.py")))))))))
(native-inputs
(list clang perl python-2))
("rust-wasm-bindgen-test" ,rust-wasm-bindgen-test-0.3))))
;; For a mostly complete list of supported systems see:
;; https://github.com/briansmith/ring/blob/main/.github/workflows/ci.yml#L170
(supported-systems (list "aarch64-linux" "armhf-linux"
@ -67144,8 +67288,7 @@ rustc compiler.")
("rust-env-logger" ,rust-env-logger-0.9)
("rust-log" ,rust-log-0.4)
("rust-rustls-pemfile" ,rust-rustls-pemfile-1)
("rust-webpki-roots" ,rust-webpki-roots-0.22))))
(native-inputs (list perl))))
("rust-webpki-roots" ,rust-webpki-roots-0.22))))))
(define-public rust-rustls-0.19
(package

2293
gnu/packages/patches/rust-ring-0.16-missing-files.patch
View File

File diff suppressed because it is too large Load Diff

54
gnu/packages/patches/rust-ring-0.16-test-files.patch
View File

@ -1,54 +0,0 @@
This file exists in the upstream repository at the commit which
corresponds to the ring-0.16.20 release, but was excluded from the
release tarball.
---
tests/ed25519_verify_tests.txt | 34 ++++++++++++++++++++++++++++++++++
1 file changed, 34 insertions(+)
create mode 100644 tests/ed25519_verify_tests.txt
diff --git a/tests/ed25519_verify_tests.txt b/tests/ed25519_verify_tests.txt
new file mode 100644
index 0000000..74c94b3
--- /dev/null
+++ b/tests/ed25519_verify_tests.txt
@@ -0,0 +1,34 @@
+# BoringSSL TEST(Ed25519Test Malleability)
+
+# Control; S is in range.
+MESSAGE = 54657374
+SIG = 7c38e026f29e14aabd059a0f2db8b0cd783040609a8be684db12f82a27774ab07a9155711ecfaf7f99f277bad0c6ae7e39d4eef676573336a5c51eb6f946b30d
+PUB = 7d4d0e7f6153a69b6242b522abbee685fda4420f8834b108c3bdae369ef549fa
+Result = P
+
+# Same as above, but with the order L added to S so it is out of range.
+# BoringSSL commit 472ba2c2dd52d06a657a63b7fbf02732a6649d21
+MESSAGE = 54657374
+SIG = 7c38e026f29e14aabd059a0f2db8b0cd783040609a8be684db12f82a27774ab067654bce3832c2d76f8f6f5dafc08d9339d4eef676573336a5c51eb6f946b31d
+PUB = 7d4d0e7f6153a69b6242b522abbee685fda4420f8834b108c3bdae369ef549fa
+Result = F
+
+
+# BoringSSL commit 3094902fcdc2db2cc832fa854b9a6a8be383926c
+MESSAGE = 124e583f8b8eca58bb29c271b41d36986bbc45541f8e51f9cb0133eca447601e
+SIG = dac119d6ca87fc59ae611c157048f4d4fc932a149dbe20ec6effd1436abf83ea05c7df0fef06147241259113909bc71bd3c53ba4464ffcad3c0968f2ffffff0f
+PUB = 100fdf47fb94f1536a4f7c3fda27383fa03375a8f527c537e6f1703c47f94f86
+Result = P
+
+# Control. Same key as above; same message and signature as below, except S is in range.
+PUB = 100fdf47fb94f1536a4f7c3fda27383fa03375a8f527c537e6f1703c47f94f86
+MESSAGE = 6a0bc2b0057cedfc0fa2e3f7f7d39279b30f454a69dfd1117c758d86b19d85e0
+SIG = 0971f86d2c9c78582524a103cb9cf949522ae528f8054dc20107d999be673ff4f58ac9d20ec563133cabc6230b1db8625f8446639ede46ad4df4053000000000
+Result = P
+
+# Same key as above, but S is out of range.
+# BoringSSL commit 472ba2c2dd52d06a657a63b7fbf02732a6649d21
+PUB = 100fdf47fb94f1536a4f7c3fda27383fa03375a8f527c537e6f1703c47f94f86
+MESSAGE = 6a0bc2b0057cedfc0fa2e3f7f7d39279b30f454a69dfd1117c758d86b19d85e0
+SIG = 0971f86d2c9c78582524a103cb9cf949522ae528f8054dc20107d999be673ff4e25ebf2f2928766b1248bec6e91697775f8446639ede46ad4df4053000000010
+Result = F
--
Efraim Flashner <efraim@flashner.co.il> רנשלפ םירפא
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

15
gnu/packages/rust-apps.scm
View File

@ -114,8 +114,6 @@
("rust-tokio" ,rust-tokio-1)
("rust-tokio-rustls" ,rust-tokio-rustls-0.22)
("rust-url" ,rust-url-2))))
(native-inputs
(list perl))
(home-page "https://github.com/mbrubeck/agate")
(synopsis "Very simple server for the Gemini hypertext protocol")
(description
@ -192,7 +190,7 @@ low-end hardware and serving many concurrent requests.")
(("rust-serde-bytes" ,rust-serde-bytes-0.11)
("rust-serde-derive" ,rust-serde-derive-1))))
(native-inputs
(list perl pkg-config))
(list pkg-config))
(inputs
(list at-spi2-core
gtk
@ -1193,8 +1191,7 @@ on the terminal in a visually appealing way.")
(list python-tomli))
(inputs (list bzip2))
(native-inputs
(list perl
python-wheel
(list python-wheel
python-wrapper
python-setuptools-rust))
(home-page "https://github.com/pyo3/maturin")
@ -1504,7 +1501,7 @@ browsers.")
(substitute* "Cargo.toml"
((".*\"vendored-libgit2\".*") "")))))))
(native-inputs
(list perl pkg-config))
(list pkg-config))
(inputs
(list libgit2-1.4
libssh2
@ -1695,8 +1692,6 @@ rebase.")
(("rust-boxxy" ,rust-boxxy-0.12))))
(inputs
(list libpcap libseccomp))
(native-inputs
(list perl))
(home-page "https://github.com/kpcyrd/sniffglue")
(synopsis "Secure multithreaded packet sniffer")
(description
@ -2366,7 +2361,7 @@ consecutive lines and since program start.")
;"dbus_mpris" ; Conflicts with rust-chrono-0.4 version.
"pulseaudio_backend"
"rodio_backend")))
(native-inputs (list perl pkg-config))
(native-inputs (list pkg-config))
(inputs (list alsa-lib dbus pulseaudio))
(home-page "https://github.com/Spotifyd/spotifyd")
(synopsis "Spotify streaming daemon with Spotify Connect support")
@ -2543,7 +2538,7 @@ daemon which executes them.")
("rust-predicates" ,rust-predicates-2)
("rust-tempfile" ,rust-tempfile-3))))
(native-inputs
(list perl pkg-config))
(list pkg-config))
(inputs
(list openssl))
(home-page "https://github.com/dbrgn/tealdeer/")