m4sterchain commented on code in PR #221: URL: https://github.com/apache/incubator-teaclave-trustzone-sdk/pull/221#discussion_r2278546374
########## examples/tls_client-rs/ta/Cargo.toml: ########## @@ -17,38 +17,30 @@ [package] name = "ta" -version = "0.4.0" +version = "0.5.0" authors = ["Teaclave Contributors <[email protected]>"] license = "Apache-2.0" repository = "https://github.com/apache/incubator-teaclave-trustzone-sdk.git"; description = "An example of Rust OP-TEE TrustZone SDK." edition = "2018" [dependencies] -libc = { path = "../../../rust/libc" } proto = { path = "../proto" } -optee-utee-sys = { path = "../../../optee-utee/optee-utee-sys" } -optee-utee = { path = "../../../optee-utee" } +optee-utee-sys = "0.4.0" +optee-utee = "0.4.0" -# use new ported version -rustls = { git = "https://github.com/DemesneGH/rustls-optee.git";, branch = "0.21.0-optee", features = ["dangerous_configuration"]} -ring = "=0.16.20" -webpki-roots = "0.21" -webpki = "=0.21.0" -sct = "=0.7.0" +rustls_provider = { path = "../../../crates/rustls_provider" } +rustls = { version = "0.23.12", default-features = false, features = ["std"] } +webpki-roots = "1" [build-dependencies] proto = { path = "../proto" } -optee-utee-build = { path = "../../../optee-utee-build" } +optee-utee-build = "0.4.0" [profile.release] panic = "abort" lto = false opt-level = 3 [patch.crates-io] -ring = { git = "https://github.com/DemesneGH/ring-optee.git";, branch = "0.16.20-optee" } - -# Patch optee-utee for rustls -[patch."https://github.com/apache/incubator-teaclave-trustzone-sdk.git";] -optee-utee = { path = "../../../optee-utee" } +getrandom = { git = "https://github.com/DemesneGH/incubator-teaclave-crates.git"; } Review Comment: I agree, and I also believe that adding an OP-TEE target to the upstream `getrandom` crate is the right long-term approach. However, my point here is whether we really need to depend on a modified getrandom. If possible, I’d like to demonstrate to developers that they can customize the upstream getrandom crate directly with SDK's randomness (with just a few lines of code), without reviewing any patched code. Once the OP-TEE target is upstreamed and adopted by the crypto crates, we can seamlessly remove the `custom` feature requirement. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
