Merge pull request #122 from linux-credentials/push-pvqrkwszowyp

- Remove unused dependency on aws-lc-sys
- Add option to control cargo --locked flag.
- Remove libwebauthn dependency from common and ui packages for faster compile times on slower hardware

Author: iinuwa

.github/workflows/main.yml

@@ -28,7 +28,6 @@ jobs:
           workspaces: ". -> build/target"
           cache-workspace-crates: true
 
-
       - name: Update apt cache
         run: sudo apt update
       - name: Install system dependencies
@@ -45,7 +44,7 @@ jobs:
           # Newer version needed for --interactive flag needed below
           python3 -m pip install --user -v 'meson==1.5.0'
       - name: Setup meson project
-        run: meson setup -Dprofile=development build
+        run: meson setup -Dprofile=development -Dcargo_locked=true build
 
       - name: Build
         run: ninja -C build

Cargo.lock

@@ -7,8 +7,6 @@ lto = true
 
 [workspace.dependencies]
 futures-lite = "2.6.0"
-# libwebauthn = "0.2"
-libwebauthn = { git = "https://github.com/linux-credentials/libwebauthn.git", rev="9e4e5d7", features = ["libnfc","pcsc"] }
 serde = { version = "1.0.219", features = ["derive"] }
 tracing = "0.1.41"
 tracing-subscriber = "0.3.19"

Cargo.toml

@@ -7,6 +7,5 @@ license = "LGPL-3.0-only"
 
 [dependencies]
 futures-lite.workspace = true
-libwebauthn.workspace = true
 serde = { workspace = true, features = ["derive"] }
 zvariant.workspace = true

credentialsd-common/Cargo.toml

@@ -8,7 +8,9 @@ cargo_options = [
   '--manifest-path', meson.project_source_root() / meson.current_source_dir() / 'Cargo.toml',
 ]
 cargo_options += ['--target-dir', cargo_target_dir]
-cargo_options += '--locked'
+if get_option('cargo_locked') == true
+  cargo_options += '--locked'
+endif
 if get_option('cargo_offline') == true
   cargo_options += ['--offline']
 endif

credentialsd-common/meson.build

@@ -3,87 +3,13 @@ use std::{fmt::Display, path::PathBuf};
 use serde::{Deserialize, Serialize};
 use zvariant::{SerializeDict, Type};
 
-pub use libwebauthn::ops::webauthn::{
-    Assertion, GetAssertionRequest, MakeCredentialRequest, MakeCredentialResponse,
-};
-
 #[derive(Clone, Debug, Default, Serialize, Deserialize)]
 pub struct Credential {
     pub id: String,
     pub name: String,
     pub username: Option<String>,
 }
 
-#[derive(Clone, Debug)]
-pub enum CredentialRequest {
-    CreatePublicKeyCredentialRequest(MakeCredentialRequest),
-    GetPublicKeyCredentialRequest(GetAssertionRequest),
-}
-
-#[derive(Clone, Debug)]
-pub enum CredentialResponse {
-    CreatePublicKeyCredentialResponse(Box<MakeCredentialResponseInternal>),
-    GetPublicKeyCredentialResponse(Box<GetAssertionResponseInternal>),
-}
-
-impl CredentialResponse {
-    pub fn from_make_credential(
-        response: &MakeCredentialResponse,
-        transports: &[&str],
-        modality: &str,
-    ) -> CredentialResponse {
-        CredentialResponse::CreatePublicKeyCredentialResponse(Box::new(
-            MakeCredentialResponseInternal::new(
-                response.clone(),
-                transports.iter().map(|s| s.to_string()).collect(),
-                modality.to_string(),
-            ),
-        ))
-    }
-
-    pub fn from_get_assertion(assertion: &Assertion, modality: &str) -> CredentialResponse {
-        CredentialResponse::GetPublicKeyCredentialResponse(Box::new(
-            GetAssertionResponseInternal::new(assertion.clone(), modality.to_string()),
-        ))
-    }
-}
-
-#[derive(Clone, Debug)]
-pub struct MakeCredentialResponseInternal {
-    pub ctap: MakeCredentialResponse,
-    pub transport: Vec<String>,
-    pub attachment_modality: String,
-}
-
-impl MakeCredentialResponseInternal {
-    pub fn new(
-        response: MakeCredentialResponse,
-        transport: Vec<String>,
-        attachment_modality: String,
-    ) -> Self {
-        Self {
-            ctap: response,
-            transport,
-            attachment_modality,
-        }
-    }
-}
-
-#[derive(Clone, Debug)]
-pub struct GetAssertionResponseInternal {
-    pub ctap: Assertion,
-    pub attachment_modality: String,
-}
-
-impl GetAssertionResponseInternal {
-    pub fn new(ctap: Assertion, attachment_modality: String) -> Self {
-        Self {
-            ctap,
-            attachment_modality,
-        }
-    }
-}
-
 #[derive(SerializeDict, Type)]
 #[zvariant(signature = "dict", rename_all = "camelCase")]
 pub struct GetClientCapabilitiesResponse {

credentialsd-common/src/model.rs

@@ -65,7 +65,9 @@ cargo_options = [
   '--manifest-path', meson.project_source_root() / gui_source_dir / 'Cargo.toml',
 ]
 cargo_options += ['--target-dir', cargo_target_dir]
-cargo_options += '--locked'
+if get_option('cargo_locked') == true
+  cargo_options += '--locked'
+endif
 if get_option('cargo_offline') == true
   cargo_options += ['--offline']
 endif

credentialsd-ui/meson.build

@@ -10,14 +10,13 @@ async-stream = "0.3.6"
 base64 = "0.22.1"
 credentialsd-common = { path = "../credentialsd-common" }
 futures-lite.workspace = true
-libwebauthn.workspace = true
+libwebauthn = { git = "https://github.com/linux-credentials/libwebauthn.git", rev="80545bff16c4e89a930221e90d3141a76303b84b", features = ["libnfc","pcsc"] }
 # TODO: split nfc and pcsc into separate features
 # Also, 0.6.1 fails to build with non-vendored library.
 # https://github.com/alexrsagen/rs-nfc1/issues/15
 nfc1 = { version = "=0.6.0", default-features = false }
 rand = "0.9.2"
 ring = "0.17.14"
-rustls = { version = "0.23.27", default-features = false, features = ["std", "tls12", "ring", "log", "logging", "prefer-post-quantum"] }
 serde.workspace = true
 serde_json = "1.0.140"
 tokio = { version = "1.45.0", features = ["rt-multi-thread"] }

credentialsd/Cargo.toml

@@ -48,7 +48,9 @@ cargo_options = [
 cargo_options += [
   '--target-dir', cargo_target_dir,
 ]
-cargo_options += '--locked'
+if get_option('cargo_locked') == true
+  cargo_options += '--locked'
+endif
 if get_option('cargo_offline') == true
   cargo_options += ['--offline']
 endif

credentialsd/meson.build

@@ -12,7 +12,9 @@ use libwebauthn::transport::cable::qr_code_device::{CableQrCodeDevice, QrCodeOpe
 use libwebauthn::transport::{Channel, Device};
 use libwebauthn::webauthn::{Error as WebAuthnError, WebAuthn};
 
-use credentialsd_common::model::{CredentialRequest, Error};
+use credentialsd_common::model::Error;
+
+use crate::model::CredentialRequest;
 
 use super::AuthenticatorResponse;
 
@@ -262,7 +264,7 @@ pub(super) mod test {
         proto::ctap2::{Ctap2PublicKeyCredentialDescriptor, Ctap2Transport},
     };
 
-    use credentialsd_common::model::CredentialRequest;
+    use crate::model::CredentialRequest;
 
     use super::{HybridEvent, HybridHandler, HybridStateInternal};
     #[derive(Debug)]