Separate implementation-defined feature in -sys #21
Conversation
There was a problem hiding this comment.
Thanks, that is going to make things simpler 👏
I have a few comments and one request as well: we are starting to have a big range of features. Could you please add in the various README.md a description of the features and what they do? Could you also add a few lines in the CI script that test compilation for the different features combination?
| compile_shim_library(include.clone())?; | ||
| generate_mbed_crypto_bindings(include)?; | ||
| link_to_lib(lib, statically)?; | ||
| generate_mbed_crypto_bindings(include.clone())?; |
There was a problem hiding this comment.
I think this line (144) should also be under this if below. We would only generate the implementation-defined bindings from the header file of the implementation.
There was a problem hiding this comment.
Tried that, didn't work - the constants depend on the shim bindings being generated, all of them are equal to shim_<something something> - plus, the header files are supposed to be implementation independent - we're not compiling or linking a library, simply pulling in the C-defined interface and generating bindings to it.
There was a problem hiding this comment.
Tried that, didn't work - the constants depend on the shim bindings being generated, all of them are equal to shim_
Ideally, we would define the constants which values are indicated in the specification ourselves, the same way as we define the types ourselves. That way we do not have to rely on the vendor folder at all when generating an implementation-independant build. I did not check the context of the change in that file, but basically I think this whole build script should not be executed when the implementation-defined feature is not on: everything is self dependant. That way, we can also remove from the shimmed constants the ones that are specified.
the header files are supposed to be implementation independent - we're not compiling or linking a library, simply pulling in the C-defined interface and generating bindings to it.
Agree for the parts of the header that are defining the specified types and constants, but not everything. We could also chose to generate bindings all the time and only re-surface from them the types and constants (fron the shim) that are specified, but that seems less clean than re-defining them ourselves and not needing bindgen at all.
There was a problem hiding this comment.
I think we've drifted off from how a -sys crate should work and made it non-intuitive. The purpose of this kind of crate is generally to expose the interface and link to the original library. If we just define everything here we're not really doing any of those two. Hence, I'd probably lean towards generating all the bindings and exporting the things we think are important, but having a link feature (that is enabled by default) and which, when turned off, leaves linking to the user. The rest of the build would work the same way.
So someone (e.g. ourselves) could still use the interface, without having to link with the lib.
There was a problem hiding this comment.
It might be cumbersome to do it by hand but we can just copy the ones from one bindgen generation 😃
There was a problem hiding this comment.
I think we've drifted off from how a -sys crate should work and made it non-intuitive. The purpose of this kind of crate is generally to expose the interface and link to the original library.
I disagree, we do exactly the same as before but instead of letting bindgen generate the constants and types, we define them ourselves. We can do that because they are specified and stable in the Crypto API. The constants and types we define can still be used for FFI interactions with a PSA Crypto implementation and so we are filling that objective.
Maybe the link name is better than implementation-defined. When it is not set, this crate only generates what it can from the specified types and constants of the API.
psa-crypto-sys/src/lib.rs
Outdated
| } | ||
| #[cfg(feature = "implementation-defined")] | ||
| pub use psa_crypto_binding::{ | ||
| psa_algorithm_t, psa_close_key, psa_crypto_init, psa_destroy_key, psa_dh_group_t, |
There was a problem hiding this comment.
I think the following types are not implementation defined:
psa_algorithm_t: defined asuint32_tpsa_dh_group_t:uint8_tpsa_ecc_curve_t:uint8_tpsa_key_id_t:uint32_tpsa_key_lifetime_t:uint32_tpsa_key_type_t:uint16_tpsa_key_usage_t:uint32_tpsa_status_t:int32_t
Moreover, some of these types are used in constants.rs but that module is not under implementation-defined.
There was a problem hiding this comment.
I think these types could be removed from here and only put in types.rs.
There was a problem hiding this comment.
Yeah, I didn't even notice that there were types made public, I thought they were all functions, oops 🤡
| @@ -130,3 +130,4 @@ pub const PSA_KEY_USAGE_DECRYPT: psa_key_usage_t = shim_PSA_KEY_USAGE_DECRYPT; | |||
| pub const PSA_KEY_USAGE_SIGN: psa_key_usage_t = shim_PSA_KEY_USAGE_SIGN; | |||
| pub const PSA_KEY_USAGE_VERIFY: psa_key_usage_t = shim_PSA_KEY_USAGE_VERIFY; | |||
| pub const PSA_KEY_USAGE_DERIVE: psa_key_usage_t = shim_PSA_KEY_USAGE_DERIVE; | |||
| pub const PSA_DRV_SE_HAL_VERSION: u32 = 5; | |||
There was a problem hiding this comment.
I think it is better to put this one under implementation-defined as well as SE interface is not yet in the specs.
| @@ -165,7 +164,6 @@ impl From<Error> for Status { | |||
| } | |||
| } | |||
|
|
|||
| #[cfg(feature = "with-mbed-crypto")] | |||
| // Copyright 2020 Contributors to the Parsec project. | ||
| // SPDX-License-Identifier: Apache-2.0 | ||
| #![allow(non_camel_case_types)] | ||
|
|
There was a problem hiding this comment.
I think some of those types are not defined in the spec but just in Mbed Crypto. I think one should be able to find any of those types in the PSA Crypto document. For example psa_app_key_id_t is implementation defined I think.
There was a problem hiding this comment.
I think we'll need a feature to cover the SE-related functionality too, but I won't add that now
There was a problem hiding this comment.
Thanks! The changes look good to me.
Could you please add in the README.md files a description of the crates' features?
psa-crypto-sys:
static
implementation-defined
psa-crypto:
with-mbed-crypto
no-std
And also a few cargo build with only some features selected (or none) to make sure that compilation still work for them? Like:
cargo build -p psa-crypto-sys --no-default-features
cargo build -p psa-crypto --no-default-features
cargo build -p psa-crypto --no-default-features --features no-std
cargo build -p psa-crypto --no-default-features --features with-mbed-crypto
This commit adds a feature that masks the implementation-specific functionality in the -sys crate, while allowing the constants and types to be accessible regardless of a library backing. Signed-off-by: Ionut Mihalcea <ionut.mihalcea@arm.com>
This commit adds a feature that masks the implementation-specific
functionality in the -sys crate, while allowing the constants and types
to be accessible regardless of a library backing.
Signed-off-by: Ionut Mihalcea ionut.mihalcea@arm.com