Use features

1 day ago · 2197368961
9 changed files with 53 additions and 51 deletions
--- a/acme_common/Cargo.toml
+++ b/acme_common/Cargo.toml
@ -18,6 +18,8 @@ default = []
 crypto_openssl = []
 openssl_dyn = ["crypto_openssl", "openssl", "openssl-sys"]
 openssl_vendored = ["crypto_openssl", "openssl/vendored", "openssl-sys/vendored"]
+ed25519 = []
+ed448 = []

 [dependencies]
 base64 = "0.22.0"
--- a/acme_common/build.rs
+++ b/acme_common/build.rs
@ -12,8 +12,8 @@ fn main() {
 		let version = u64::from_str_radix(&v, 16).unwrap();
 		// OpenSSL 1.1.1
 		if version >= 0x1_01_01_00_0 {
-			println!("cargo:rustc-cfg=ed25519");
-			println!("cargo:rustc-cfg=ed448");
+			println!("cargo:rustc-cfg=feature=\"ed25519\"");
+			println!("cargo:rustc-cfg=feature=\"ed448\"");
 		}
 		set_rustc_env_var!("ACMED_TLS_LIB_NAME", "OpenSSL");
 	}
--- a/acme_common/src/crypto/jws_signature_algorithm.rs
+++ b/acme_common/src/crypto/jws_signature_algorithm.rs
@ -11,9 +11,9 @@ pub enum JwsSignatureAlgorithm {
 	Es256,
 	Es384,
 	Es512,
-	#[cfg(ed25519)]
+	#[cfg(feature = "ed25519")]
 	Ed25519,
-	#[cfg(ed448)]
+	#[cfg(feature = "ed448")]
 	Ed448,
 }

@ -29,9 +29,9 @@ impl FromStr for JwsSignatureAlgorithm {
 			"es256" => Ok(JwsSignatureAlgorithm::Es256),
 			"es384" => Ok(JwsSignatureAlgorithm::Es384),
 			"es512" => Ok(JwsSignatureAlgorithm::Es512),
-			#[cfg(ed25519)]
+			#[cfg(feature = "ed25519")]
 			"ed25519" => Ok(JwsSignatureAlgorithm::Ed25519),
-			#[cfg(ed448)]
+			#[cfg(feature = "ed448")]
 			"ed448" => Ok(JwsSignatureAlgorithm::Ed448),
 			_ => Err(format!("{s}: unknown algorithm.").into()),
 		}
@ -48,9 +48,9 @@ impl fmt::Display for JwsSignatureAlgorithm {
 			JwsSignatureAlgorithm::Es256 => "ES256",
 			JwsSignatureAlgorithm::Es384 => "ES384",
 			JwsSignatureAlgorithm::Es512 => "ES512",
-			#[cfg(ed25519)]
+			#[cfg(feature = "ed25519")]
 			JwsSignatureAlgorithm::Ed25519 => "Ed25519",
-			#[cfg(ed448)]
+			#[cfg(feature = "ed448")]
 			JwsSignatureAlgorithm::Ed448 => "Ed448",
 		};
 		write!(f, "{s}")
--- a/acme_common/src/crypto/key_type.rs
+++ b/acme_common/src/crypto/key_type.rs
@ -10,9 +10,9 @@ pub enum KeyType {
 	EcdsaP256,
 	EcdsaP384,
 	EcdsaP521,
-	#[cfg(ed25519)]
+	#[cfg(feature = "ed25519")]
 	Ed25519,
-	#[cfg(ed448)]
+	#[cfg(feature = "ed448")]
 	Ed448,
 }

@ -23,9 +23,9 @@ impl KeyType {
 			KeyType::EcdsaP256 => JwsSignatureAlgorithm::Es256,
 			KeyType::EcdsaP384 => JwsSignatureAlgorithm::Es384,
 			KeyType::EcdsaP521 => JwsSignatureAlgorithm::Es512,
-			#[cfg(ed25519)]
+			#[cfg(feature = "ed25519")]
 			KeyType::Ed25519 => JwsSignatureAlgorithm::Ed25519,
-			#[cfg(ed448)]
+			#[cfg(feature = "ed448")]
 			KeyType::Ed448 => JwsSignatureAlgorithm::Ed448,
 		}
 	}
@ -36,9 +36,9 @@ impl KeyType {
 			KeyType::EcdsaP256 | KeyType::EcdsaP384 | KeyType::EcdsaP521 => {
 				*alg == self.get_default_signature_alg()
 			}
-			#[cfg(ed25519)]
+			#[cfg(feature = "ed25519")]
 			KeyType::Ed25519 => *alg == self.get_default_signature_alg(),
-			#[cfg(ed448)]
+			#[cfg(feature = "ed448")]
 			KeyType::Ed448 => *alg == self.get_default_signature_alg(),
 		};
 		if ok {
@ -58,9 +58,9 @@ impl KeyType {
 			"ecdsa-p256",
 			"ecdsa-p384",
 			"ecdsa-p521",
-			#[cfg(ed25519)]
+			#[cfg(feature = "ed25519")]
 			"ed25519",
-			#[cfg(ed448)]
+			#[cfg(feature = "ed448")]
 			"ed448",
 		]
 	}
@ -76,9 +76,9 @@ impl FromStr for KeyType {
 			"ecdsa_p256" => Ok(KeyType::EcdsaP256),
 			"ecdsa_p384" => Ok(KeyType::EcdsaP384),
 			"ecdsa_p521" => Ok(KeyType::EcdsaP521),
-			#[cfg(ed25519)]
+			#[cfg(feature = "ed25519")]
 			"ed25519" => Ok(KeyType::Ed25519),
-			#[cfg(ed448)]
+			#[cfg(feature = "ed448")]
 			"ed448" => Ok(KeyType::Ed448),
 			_ => Err(format!("{s}: unknown algorithm").into()),
 		}
@ -93,9 +93,9 @@ impl fmt::Display for KeyType {
 			KeyType::EcdsaP256 => "ecdsa-p256",
 			KeyType::EcdsaP384 => "ecdsa-p384",
 			KeyType::EcdsaP521 => "ecdsa-p521",
-			#[cfg(ed25519)]
+			#[cfg(feature = "ed25519")]
 			KeyType::Ed25519 => "ed25519",
-			#[cfg(ed448)]
+			#[cfg(feature = "ed448")]
 			KeyType::Ed448 => "ed448",
 		};
 		write!(f, "{s}")
--- a/acme_common/src/crypto/openssl_certificate.rs
+++ b/acme_common/src/crypto/openssl_certificate.rs
@ -13,14 +13,14 @@ use std::net::IpAddr;
 use std::time::Duration;

 fn get_digest(digest: HashFunction, key_pair: &KeyPair) -> MessageDigest {
-	#[cfg(not(any(ed25519, ed448)))]
+	#[cfg(not(any(feature = "ed25519", feature = "ed448")))]
 	let digest = digest.native_digest();
 	let _ = key_pair;
-	#[cfg(any(ed25519, ed448))]
+	#[cfg(any(feature = "ed25519", feature = "ed448"))]
 	let digest = match key_pair.key_type {
-		#[cfg(ed25519)]
+		#[cfg(feature = "ed25519")]
 		KeyType::Ed25519 => MessageDigest::null(),
-		#[cfg(ed448)]
+		#[cfg(feature = "ed448")]
 		KeyType::Ed448 => MessageDigest::null(),
 		_ => digest.native_digest(),
 	};
--- a/acme_common/src/crypto/openssl_keys.rs
+++ b/acme_common/src/crypto/openssl_keys.rs
@ -33,9 +33,9 @@ macro_rules! get_key_type {
 					return Err("unsupported EC key".into());
 				}
 			},
-			#[cfg(ed25519)]
+			#[cfg(feature = "ed25519")]
 			Id::ED25519 => KeyType::Ed25519,
-			#[cfg(ed448)]
+			#[cfg(feature = "ed448")]
 			Id::ED448 => KeyType::Ed448,
 			_ => {
 				return Err("unsupported key type".into());
@ -112,9 +112,9 @@ impl KeyPair {
 			JwsSignatureAlgorithm::Es256 => self.sign_ecdsa(&HashFunction::Sha256, data),
 			JwsSignatureAlgorithm::Es384 => self.sign_ecdsa(&HashFunction::Sha384, data),
 			JwsSignatureAlgorithm::Es512 => self.sign_ecdsa(&HashFunction::Sha512, data),
-			#[cfg(ed25519)]
+			#[cfg(feature = "ed25519")]
 			JwsSignatureAlgorithm::Ed25519 => self.sign_eddsa(data),
-			#[cfg(ed448)]
+			#[cfg(feature = "ed448")]
 			JwsSignatureAlgorithm::Ed448 => self.sign_eddsa(data),
 		}
 	}
@ -144,7 +144,7 @@ impl KeyPair {
 		Ok(signature)
 	}

-	#[cfg(any(ed25519, ed448))]
+	#[cfg(any(feature = "ed25519", feature = "ed448"))]
 	fn sign_eddsa(&self, data: &[u8]) -> Result<Vec<u8>, Error> {
 		let mut signer = Signer::new_without_digest(&self.inner_key)?;
 		let signature = signer.sign_oneshot_to_vec(data)?;
@ -165,9 +165,9 @@ impl KeyPair {
 			KeyType::EcdsaP256 | KeyType::EcdsaP384 | KeyType::EcdsaP521 => {
 				self.get_ecdsa_jwk(thumbprint)
 			}
-			#[cfg(ed25519)]
+			#[cfg(feature = "ed25519")]
 			KeyType::Ed25519 => self.get_eddsa_jwk(thumbprint),
-			#[cfg(ed448)]
+			#[cfg(feature = "ed448")]
 			KeyType::Ed448 => self.get_eddsa_jwk(thumbprint),
 		}
 	}
@ -236,12 +236,12 @@ impl KeyPair {
 		Ok(jwk)
 	}

-	#[cfg(any(ed25519, ed448))]
+	#[cfg(any(feature = "ed25519", feature = "ed448"))]
 	fn get_eddsa_jwk(&self, thumbprint: bool) -> Result<Value, Error> {
 		let crv = match self.key_type {
-			#[cfg(ed25519)]
+			#[cfg(feature = "ed25519")]
 			KeyType::Ed25519 => "Ed25519",
-			#[cfg(ed448)]
+			#[cfg(feature = "ed448")]
 			KeyType::Ed448 => "Ed448",
 			_ => {
 				return Err("not an EdDSA elliptic curve".into());
@ -310,13 +310,13 @@ fn gen_ec_pair(nid: Nid) -> Result<PKey<Private>, Error> {
 	Ok(pk)
 }

-#[cfg(ed25519)]
+#[cfg(feature = "ed25519")]
 fn gen_ed25519_pair() -> Result<PKey<Private>, Error> {
 	let pk = PKey::generate_ed25519().map_err(|_| Error::from(""))?;
 	Ok(pk)
 }

-#[cfg(ed448)]
+#[cfg(feature = "ed448")]
 fn gen_ed448_pair() -> Result<PKey<Private>, Error> {
 	let pk = PKey::generate_ed448().map_err(|_| Error::from(""))?;
 	Ok(pk)
@ -329,9 +329,9 @@ pub fn gen_keypair(key_type: KeyType) -> Result<KeyPair, Error> {
 		KeyType::EcdsaP256 => gen_ec_pair(Nid::X9_62_PRIME256V1),
 		KeyType::EcdsaP384 => gen_ec_pair(Nid::SECP384R1),
 		KeyType::EcdsaP521 => gen_ec_pair(Nid::SECP521R1),
-		#[cfg(ed25519)]
+		#[cfg(feature = "ed25519")]
 		KeyType::Ed25519 => gen_ed25519_pair(),
-		#[cfg(ed448)]
+		#[cfg(feature = "ed448")]
 		KeyType::Ed448 => gen_ed448_pair(),
 	}
 	.map_err(|_| Error::from(format!("unable to generate a {key_type} key pair")))?;
--- a/acme_common/src/tests/certificate.rs
+++ b/acme_common/src/tests/certificate.rs
@ -143,7 +143,7 @@ fn generate_ecdsa_p384_certificate() {
 	assert_eq!(kp.key_type, KeyType::EcdsaP384);
 }

-#[cfg(ed25519)]
+#[cfg(feature = "ed25519")]
 #[test]
 fn generate_ed25519_certificate() {
 	let (kp, _) =
@ -152,7 +152,7 @@ fn generate_ed25519_certificate() {
 	assert_eq!(kp.key_type, KeyType::Ed25519);
 }

-#[cfg(ed448)]
+#[cfg(feature = "ed448")]
 #[test]
 fn generate_ed448_certificate() {
 	let (kp, _) =
--- a/acme_common/src/tests/crypto_keys.rs
+++ b/acme_common/src/tests/crypto_keys.rs
@ -88,15 +88,15 @@ const KEY_ECDSA_P384_PEM: &str = r#"-----BEGIN PRIVATE KEY-----
 ME4CAQAwEAYHKoZIzj0CAQYFK4EEACIENzA1AgEBBDCMsN9kHPueLABk+0PKi7WO
 PO2/53dpt/yV5zOPrYPEoKs4t973nbt46IUN19lLF/s=
 -----END PRIVATE KEY-----"#;
-#[cfg(ed25519)]
+#[cfg(feature = "ed25519")]
 const KEY_ECDSA_ED25519_PEM: &str = r#"-----BEGIN PRIVATE KEY-----
 MC4CAQAwBQYDK2VwBCIEIJhpRNsiUzoWqNkpJKCtKV5++Tttz3locu1gQKkQnrOa
 -----END PRIVATE KEY-----"#;
-#[cfg(ed25519)]
+#[cfg(feature = "ed25519")]
 const KEY_ECDSA_ED25519_PEM_BIS: &str = r#"-----BEGIN PRIVATE KEY-----
 MC4CAQAwBQYDK2VwBCIEIKa3WD0qeUToPQKSwa9cTsLPgCovqAtXMhlMX2KYBz0o
 -----END PRIVATE KEY-----"#;
-#[cfg(ed448)]
+#[cfg(feature = "ed448")]
 const KEY_ECDSA_ED448_PEM: &str = r#"-----BEGIN PRIVATE KEY-----
 MEcCAQAwBQYDK2VxBDsEOcFBwsH4zU7u5RgFh48MgJPzXyjN5uXxDapZv4rG6opU
 uMXco2JR1CSjKWgqgu1CAKadJIYiv2EgIw==
@ -278,7 +278,7 @@ fn test_ecdsa_p384_jwk_thumbprint() {
 	);
 }

-#[cfg(ed25519)]
+#[cfg(feature = "ed25519")]
 #[test]
 fn test_ed25519_jwk() {
 	let k = KeyPair::from_pem(KEY_ECDSA_ED25519_PEM.as_bytes()).unwrap();
@ -301,7 +301,7 @@ fn test_ed25519_jwk() {
 	assert_eq!(jwk.get("alg").unwrap(), "EdDSA");
 }

-#[cfg(ed25519)]
+#[cfg(feature = "ed25519")]
 #[test]
 fn test_ed25519_jwk_thumbprint() {
 	let k = KeyPair::from_pem(KEY_ECDSA_ED25519_PEM.as_bytes()).unwrap();
@ -322,7 +322,7 @@ fn test_ed25519_jwk_thumbprint() {
 	);
 }

-#[cfg(ed25519)]
+#[cfg(feature = "ed25519")]
 #[test]
 fn test_ed25519_jwk_bis() {
 	let k = KeyPair::from_pem(KEY_ECDSA_ED25519_PEM_BIS.as_bytes()).unwrap();
@ -345,7 +345,7 @@ fn test_ed25519_jwk_bis() {
 	assert_eq!(jwk.get("alg").unwrap(), "EdDSA");
 }

-#[cfg(ed25519)]
+#[cfg(feature = "ed25519")]
 #[test]
 fn test_ed25519_jwk_thumbprint_bis() {
 	let k = KeyPair::from_pem(KEY_ECDSA_ED25519_PEM_BIS.as_bytes()).unwrap();
@ -366,7 +366,7 @@ fn test_ed25519_jwk_thumbprint_bis() {
 	);
 }

-#[cfg(ed448)]
+#[cfg(feature = "ed448")]
 #[test]
 fn test_ed448_jwk() {
 	let k = KeyPair::from_pem(KEY_ECDSA_ED448_PEM.as_bytes()).unwrap();
@ -389,7 +389,7 @@ fn test_ed448_jwk() {
 	assert_eq!(jwk.get("alg").unwrap(), "EdDSA");
 }

-#[cfg(ed448)]
+#[cfg(feature = "ed448")]
 #[test]
 fn test_ed448_jwk_thumbprint() {
 	let k = KeyPair::from_pem(KEY_ECDSA_ED448_PEM.as_bytes()).unwrap();
--- a/acme_common/src/tests/jws_signature_algorithm.rs
+++ b/acme_common/src/tests/jws_signature_algorithm.rs
@ -47,14 +47,14 @@ fn test_es384_sign_p256() {
 	assert!(res.is_err());
 }

-#[cfg(ed25519)]
+#[cfg(feature = "ed25519")]
 #[test]
 fn test_ed25519_sign() {
 	let k = gen_keypair(KeyType::Ed25519).unwrap();
 	let _ = k.sign(&JwsSignatureAlgorithm::Ed25519, TEST_DATA).unwrap();
 }

-#[cfg(ed448)]
+#[cfg(feature = "ed448")]
 #[test]
 fn test_ed448_sign() {
 	let k = gen_keypair(KeyType::Ed448).unwrap();