From f488b3d7402c0110f48df84d3003a3cbd21659b1 Mon Sep 17 00:00:00 2001 From: pinkforest <36498018+pinkforest@users.noreply.github.com> Date: Tue, 20 Jan 2026 05:05:01 +1300 Subject: [PATCH 1/2] Gate alloc default-on --- Cargo.toml | 21 +++++++++++---------- README.md | 2 +- src/lib.rs | 36 ++++++++++++++++++++++++++---------- 3 files changed, 38 insertions(+), 21 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 661f73e1..d101a7db 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -15,21 +15,21 @@ exclude = ["marvin_toolkit/", "thirdparty/"] [dependencies] const-oid = { version = "0.10", default-features = false } -crypto-bigint = { version = "0.7.0-rc.16", default-features = false, features = ["zeroize", "alloc"] } +crypto-bigint = { version = "0.7.0-rc.16", default-features = false, features = ["zeroize"] } crypto-primes = { version = "0.7.0-pre.6", default-features = false } -digest = { version = "0.11.0-rc.4", default-features = false, features = ["alloc", "oid"] } +digest = { version = "0.11.0-rc.4", default-features = false, features = ["oid"] } rand_core = { version = "0.10.0-rc-2", default-features = false } -signature = { version = "3.0.0-rc.5", default-features = false, features = ["alloc", "digest", "rand_core"] } -zeroize = { version = "1.8", features = ["alloc"] } +signature = { version = "3.0.0-rc.5", default-features = false, features = ["digest", "rand_core"] } +zeroize = { version = "1.8" } # optional dependencies crypto-common = { version = "0.2.0-rc.8", optional = true, features = ["getrandom"] } -pkcs1 = { version = "0.8.0-rc.3", optional = true, default-features = false, features = ["alloc", "pem"] } -pkcs8 = { version = "0.11.0-rc.8", optional = true, default-features = false, features = ["alloc", "pem"] } +pkcs1 = { version = "0.8.0-rc.3", optional = true, default-features = false, features = ["pem"] } +pkcs8 = { version = "0.11.0-rc.8", optional = true, default-features = false, features = ["pem"] } serdect = { version = "0.4", optional = true } sha1 = { version = "0.11.0-rc.3", optional = true, default-features = false, features = ["oid"] } sha2 = { version = "0.11.0-rc.3", optional = true, default-features = false, features = ["oid"] } -spki = { version = "0.8.0-rc.4", optional = true, default-features = false, features = ["alloc"] } +spki = { version = "0.8.0-rc.4", optional = true, default-features = false } serde = { version = "1.0.184", optional = true, default-features = false, features = ["derive"] } [dev-dependencies] @@ -51,16 +51,17 @@ rstest = "0.26.1" name = "key" [features] -default = ["std", "encoding"] +default = ["std", "alloc", "encoding"] encoding = ["dep:pkcs1", "dep:pkcs8", "dep:spki"] hazmat = [] getrandom = ["crypto-bigint/getrandom", "crypto-common"] serde = ["encoding", "dep:serde", "dep:serdect", "crypto-bigint/serde"] pkcs5 = ["pkcs8/encryption"] -std = ["pkcs1?/std", "pkcs8?/std"] +alloc = ["crypto-bigint/alloc", "digest/alloc", "pkcs1?/alloc", "pkcs8?/alloc", "signature/alloc", "spki?/alloc", "zeroize/alloc"] +std = ["alloc", "pkcs1?/std", "pkcs8?/std"] [package.metadata.docs.rs] -features = ["std", "serde", "hazmat", "sha2"] +features = ["std", "alloc", "serde", "hazmat", "sha2"] [profile.dev] opt-level = 2 diff --git a/README.md b/README.md index 85c20f62..a2d12371 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ A portable RSA implementation in pure Rust. ## Example -```rust +```ignore use rsa::{Pkcs1v15Encrypt, RsaPrivateKey, RsaPublicKey}; let mut rng = rand::thread_rng(); diff --git a/src/lib.rs b/src/lib.rs index ef3ea7de..df8f586d 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -22,8 +22,8 @@ //! //! Note: requires `sha2` feature of `rsa` crate is enabled. //! -#![cfg_attr(feature = "sha2", doc = "```")] -#![cfg_attr(not(feature = "sha2"), doc = "```ignore")] +#![cfg_attr(all(feature = "sha2", feature = "alloc"), doc = "```")] +#![cfg_attr(any(not(feature = "sha2"), not(feature = "alloc")), doc = "```ignore")] //! use rsa::{RsaPrivateKey, RsaPublicKey, Oaep, sha2::Sha256}; //! //! let mut rng = rand::thread_rng(); @@ -45,7 +45,8 @@ //! ``` //! //! ## PKCS#1 v1.5 encryption -//! ``` +#![cfg_attr(feature = "alloc", doc = "```")] +#![cfg_attr(not(feature = "alloc"), doc = "```ignore")] //! use rsa::{RsaPrivateKey, RsaPublicKey, Pkcs1v15Encrypt}; //! //! let mut rng = rand::thread_rng(); @@ -68,8 +69,8 @@ //! //! Note: requires `sha2` feature of `rsa` crate is enabled. //! -#![cfg_attr(feature = "sha2", doc = "```")] -#![cfg_attr(not(feature = "sha2"), doc = "```ignore")] +#![cfg_attr(all(feature = "sha2", feature = "alloc"), doc = "```")] +#![cfg_attr(any(not(feature = "sha2"), not(feature = "alloc")), doc = "```ignore")] //! use rsa::RsaPrivateKey; //! use rsa::pkcs1v15::{SigningKey, VerifyingKey}; //! use rsa::signature::{Keypair, RandomizedSigner, SignatureEncoding, Verifier}; @@ -95,8 +96,8 @@ //! //! Note: requires `sha2` feature of `rsa` crate is enabled. //! -#![cfg_attr(feature = "sha2", doc = "```")] -#![cfg_attr(not(feature = "sha2"), doc = "```ignore")] +#![cfg_attr(all(feature = "sha2", feature = "alloc"), doc = "```")] +#![cfg_attr(any(not(feature = "sha2"), not(feature = "alloc")), doc = "```ignore")] //! use rsa::RsaPrivateKey; //! use rsa::pss::{BlindedSigningKey, VerifyingKey}; //! use rsa::signature::{Keypair,RandomizedSigner, SignatureEncoding, Verifier}; @@ -143,7 +144,8 @@ //! //! ### Example //! -//! ``` +#![cfg_attr(feature = "alloc", doc = "```")] +#![cfg_attr(not(feature = "alloc"), doc = "```ignore")] //! # fn main() -> Result<(), Box> { //! # #[cfg(all(feature = "encoding", feature = "std"))] //! # { @@ -187,7 +189,8 @@ //! //! ### Example //! -//! ``` +#![cfg_attr(feature = "alloc", doc = "```")] +#![cfg_attr(not(feature = "alloc"), doc = "```ignore")] //! # fn main() -> Result<(), Box> { //! # #[cfg(all(feature = "encoding", feature = "std"))] //! # { @@ -218,24 +221,36 @@ #[cfg(doctest)] pub struct ReadmeDoctests; +#[cfg(feature = "alloc")] #[macro_use] extern crate alloc; #[cfg(feature = "std")] extern crate std; +#[cfg(feature = "alloc")] pub use crypto_bigint::BoxedUint; pub use rand_core; +#[cfg(feature = "alloc")] pub use signature; +#[cfg(feature = "alloc")] mod algorithms; +#[cfg(feature = "alloc")] pub mod errors; +#[cfg(feature = "alloc")] pub mod oaep; +#[cfg(feature = "alloc")] pub mod pkcs1v15; +#[cfg(feature = "alloc")] pub mod pss; +#[cfg(feature = "alloc")] pub mod traits; +#[cfg(feature = "alloc")] mod dummy_rng; +#[cfg(feature = "alloc")] mod encoding; +#[cfg(feature = "alloc")] mod key; #[cfg(feature = "encoding")] @@ -245,6 +260,7 @@ pub use pkcs8; #[cfg(feature = "sha2")] pub use sha2; +#[cfg(feature = "alloc")] pub use crate::{ errors::{Error, Result}, key::{RsaPrivateKey, RsaPublicKey}, @@ -254,5 +270,5 @@ pub use crate::{ traits::keys::CrtValue, }; -#[cfg(feature = "hazmat")] +#[cfg(all(feature = "alloc", feature = "hazmat"))] pub mod hazmat; From d65d9a56edc36c5683e37a0c3eac2350f5416a4a Mon Sep 17 00:00:00 2001 From: pinkforest <36498018+pinkforest@users.noreply.github.com> Date: Tue, 20 Jan 2026 05:16:40 +1300 Subject: [PATCH 2/2] Gate integration tests --- tests/pkcs1.rs | 2 +- tests/pkcs1v15.rs | 1 + tests/pkcs8.rs | 2 +- tests/proptests.rs | 2 +- tests/wycheproof.rs | 2 +- 5 files changed, 5 insertions(+), 4 deletions(-) diff --git a/tests/pkcs1.rs b/tests/pkcs1.rs index b6384720..faef13d7 100644 --- a/tests/pkcs1.rs +++ b/tests/pkcs1.rs @@ -1,6 +1,6 @@ //! PKCS#1 encoding tests -#![cfg(feature = "encoding")] +#![cfg(all(feature = "alloc", feature = "encoding"))] use crypto_bigint::{BoxedUint, CtEq}; use hex_literal::hex; diff --git a/tests/pkcs1v15.rs b/tests/pkcs1v15.rs index 49f7f7d7..92dd1534 100644 --- a/tests/pkcs1v15.rs +++ b/tests/pkcs1v15.rs @@ -1,3 +1,4 @@ +#![cfg(feature = "alloc")] // simple but prevent regression - see https://github.com/RustCrypto/RSA/issues/329 #[cfg(feature = "encoding")] #[test] diff --git a/tests/pkcs8.rs b/tests/pkcs8.rs index e63f0b0e..3d015d36 100644 --- a/tests/pkcs8.rs +++ b/tests/pkcs8.rs @@ -1,6 +1,6 @@ //! PKCS#8 encoding tests -#![cfg(feature = "encoding")] +#![cfg(all(feature = "alloc", feature = "encoding"))] use crypto_bigint::{BoxedUint, CtEq}; use hex_literal::hex; diff --git a/tests/proptests.rs b/tests/proptests.rs index 42cbe1e4..980b8111 100644 --- a/tests/proptests.rs +++ b/tests/proptests.rs @@ -1,6 +1,6 @@ //! Property-based tests. -#![cfg(feature = "hazmat")] +#![cfg(all(feature = "alloc", feature = "hazmat"))] use proptest::prelude::*; use rand::rngs::ChaCha8Rng; diff --git a/tests/wycheproof.rs b/tests/wycheproof.rs index 3d30e869..013bb844 100644 --- a/tests/wycheproof.rs +++ b/tests/wycheproof.rs @@ -1,6 +1,6 @@ //! Executes tests based on the wycheproof testsuite. -#![cfg(feature = "encoding")] +#![cfg(all(feature = "alloc", feature = "encoding"))] // This implementation here is based on //