Relax hard *ring* dep

rustls · Mar 11, 2024 · 9f58145 · 9f58145
1 parent f4de3ba
commit 9f58145
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 10 deletions.
diff --git a/rustls-platform-verifier/Cargo.toml b/rustls-platform-verifier/Cargo.toml
@@ -29,7 +29,7 @@ cert-logging = ["base64"]
 docsrs = ["jni", "once_cell"]
 
 [dependencies]
-rustls = { version = "0.23", default-features = false, features = ["std", "ring"] }
+rustls = { version = "0.23", default-features = false, features = ["std"] }
 log = { version = "0.4" }
 base64 = { version = "0.21", optional = true } # Only used when the `cert-logging` feature is enabled.
 jni = { version = "0.19", default-features = false, optional = true } # Only used during doc generation
@@ -64,6 +64,9 @@ security-framework-sys = { version = "2.4", features = ["OSX_10_14"] }
 [target.'cfg(windows)'.dependencies]
 winapi = { version = "0.3", features = ["wincrypt", "winerror"] }
 
+[dev-dependencies]
+rustls = { version = "0.23", default-features = false, features = ["ring"] }
+
 [package.metadata.docs.rs]
 rustdoc-args = ["--cfg", "docsrs"]
 features = ["dbg", "docsrs"]
diff --git a/rustls-platform-verifier/src/verification/android.rs b/rustls-platform-verifier/src/verification/android.rs
@@ -1,3 +1,5 @@
+use std::sync::Arc;
+
 use jni::{
     objects::{JObject, JValue},
     strings::JavaStr,
@@ -44,7 +46,7 @@ pub struct Verifier {
     /// Testing only: The root CA certificate to trust.
     #[cfg(any(test, feature = "ffi-testing"))]
     test_only_root_ca_override: Option<Vec<u8>>,
-    default_provider: CryptoProvider,
+    default_provider: Arc<CryptoProvider>,
 }
 
 impl Default for Verifier {
@@ -73,7 +75,9 @@ impl Verifier {
         Self {
             #[cfg(any(test, feature = "ffi-testing"))]
             test_only_root_ca_override: None,
-            default_provider: rustls::crypto::ring::default_provider(),
+            default_provider: rustls::crypto::CryptoProvider::get_default()
+                .expect("rustls default CryptoProvider not set")
+                .clone(),
         }
     }
 
@@ -82,7 +86,9 @@ impl Verifier {
     pub(crate) fn new_with_fake_root(root: &[u8]) -> Self {
         Self {
             test_only_root_ca_override: Some(root.into()),
-            default_provider: rustls::crypto::ring::default_provider(),
+            default_provider: rustls::crypto::CryptoProvider::get_default()
+                .expect("rustls default CryptoProvider not set")
+                .clone(),
         }
     }
 

diff --git a/rustls-platform-verifier/src/verification/apple.rs b/rustls-platform-verifier/src/verification/apple.rs
@@ -1,3 +1,5 @@
+use std::sync::Arc;
+
 use super::log_server_cert;
 use crate::verification::invalid_certificate;
 use core_foundation::date::CFDate;
@@ -43,7 +45,7 @@ pub struct Verifier {
     /// Testing only: The root CA certificate to trust.
     #[cfg(any(test, feature = "ffi-testing", feature = "dbg"))]
     test_only_root_ca_override: Option<Vec<u8>>,
-    default_provider: CryptoProvider,
+    default_provider: Arc<CryptoProvider>,
 }
 
 impl Verifier {
@@ -53,7 +55,9 @@ impl Verifier {
         Self {
             #[cfg(any(test, feature = "ffi-testing", feature = "dbg"))]
             test_only_root_ca_override: None,
-            default_provider: rustls::crypto::ring::default_provider(),
+            default_provider: rustls::crypto::CryptoProvider::get_default()
+                .expect("rustls default CryptoProvider not set")
+                .clone(),
         }
     }
 
@@ -62,7 +66,9 @@ impl Verifier {
     pub(crate) fn new_with_fake_root(root: &[u8]) -> Self {
         Self {
             test_only_root_ca_override: Some(root.into()),
-            default_provider: rustls::crypto::ring::default_provider(),
+            default_provider: rustls::crypto::CryptoProvider::get_default()
+                .expect("rustls default CryptoProvider not set")
+                .clone(),
         }
     }
 

diff --git a/rustls-platform-verifier/src/verification/windows.rs b/rustls-platform-verifier/src/verification/windows.rs
@@ -55,6 +55,7 @@ use std::{
     convert::TryInto,
     mem::{self, MaybeUninit},
     ptr::{self, NonNull},
+    sync::Arc,
 };
 
 use crate::verification::invalid_certificate;
@@ -419,7 +420,7 @@ pub struct Verifier {
     /// Testing only: The root CA certificate to trust.
     #[cfg(any(test, feature = "ffi-testing", feature = "dbg"))]
     test_only_root_ca_override: Option<Vec<u8>>,
-    default_provider: CryptoProvider,
+    default_provider: Arc<CryptoProvider>,
 }
 
 impl Verifier {
@@ -429,7 +430,9 @@ impl Verifier {
         Self {
             #[cfg(any(test, feature = "ffi-testing", feature = "dbg"))]
             test_only_root_ca_override: None,
-            default_provider: rustls::crypto::ring::default_provider(),
+            default_provider: rustls::crypto::CryptoProvider::get_default()
+                .expect("rustls default CryptoProvider not set")
+                .clone(),
         }
     }
 
@@ -438,7 +441,9 @@ impl Verifier {
     pub(crate) fn new_with_fake_root(root: &[u8]) -> Self {
         Self {
             test_only_root_ca_override: Some(root.into()),
-            default_provider: rustls::crypto::ring::default_provider(),
+            default_provider: rustls::crypto::CryptoProvider::get_default()
+                .expect("rustls default CryptoProvider not set")
+                .clone(),
         }
     }