From 65cbe5d2f3530692e165eb2cd6a6d382da0463a3 Mon Sep 17 00:00:00 2001 From: Michal Kuratczyk Date: Wed, 29 May 2024 08:45:27 +0200 Subject: [PATCH 1/3] Switch to upstream Jose We had to fork it for Thoas support but it's been merged a long time ago https://github.com/potatosalad/erlang-jose/pull/126 --- MODULE.bazel | 6 +++--- rabbitmq-components.mk | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/MODULE.bazel b/MODULE.bazel index 686f2f481193..dc6c5c6183da 100644 --- a/MODULE.bazel +++ b/MODULE.bazel @@ -289,11 +289,11 @@ erlang_package.git_package( repository = "rabbitmq/horus", ) -erlang_package.git_package( +erlang_package.hex_package( name = "jose", build_file = "@rabbitmq-server//bazel:BUILD.jose", - commit = "d63c1c5c8f9c1a4f1438e234b886de8607a0034e", - repository = "michaelklishin/erlang-jose", + sha256 = "0d6cd36ff8ba174db29148fc112b5842186b68a90ce9fc2b3ec3afe76593e614", + version = "1.11.10", ) erlang_package.hex_package( diff --git a/rabbitmq-components.mk b/rabbitmq-components.mk index 0dc8ac3a45bc..4bca7fa55396 100644 --- a/rabbitmq-components.mk +++ b/rabbitmq-components.mk @@ -118,7 +118,7 @@ dep_cowlib = hex 2.13.0 dep_credentials_obfuscation = hex 3.4.0 dep_cuttlefish = hex 3.1.0 dep_gen_batch_server = hex 0.8.8 -dep_jose = git https://github.com/michaelklishin/erlang-jose mk-thoas-support +dep_jose = hex 1.11.10 dep_khepri = hex 0.13.0 dep_khepri_mnesia_migration = hex 0.4.0 dep_looking_glass = git https://github.com/rabbitmq/looking_glass.git main From ad06ad255269ea94de1a2ea45f5b40a463da95d5 Mon Sep 17 00:00:00 2001 From: Michal Kuratczyk Date: Wed, 29 May 2024 09:46:40 +0200 Subject: [PATCH 2/3] bazel run gazelle-update-repos -- hex.pm/jose@1.11.10 --- bazel/BUILD.jose | 248 +++++++++++++---------------------------------- moduleindex.yaml | 7 +- 2 files changed, 74 insertions(+), 181 deletions(-) diff --git a/bazel/BUILD.jose b/bazel/BUILD.jose index 8d12eecb3fb2..eda11e766dab 100644 --- a/bazel/BUILD.jose +++ b/bazel/BUILD.jose @@ -39,12 +39,12 @@ erlang_bytecode( name = "behaviours", srcs = [ "src/jose_block_encryptor.erl", - "src/jose_chacha20_poly1305.erl", - "src/jose_curve25519.erl", - "src/jose_curve448.erl", - "src/jose_sha3.erl", - "src/jose_xchacha20_poly1305.erl", "src/json/jose_json.erl", + "src/jwa/chacha20_poly1305/jose_chacha20_poly1305.erl", + "src/jwa/curve25519/jose_curve25519.erl", + "src/jwa/curve448/jose_curve448.erl", + "src/jwa/sha3/jose_sha3.erl", + "src/jwa/xchacha20_poly1305/jose_xchacha20_poly1305.erl", "src/jwe/jose_jwe.erl", "src/jwe/jose_jwe_alg.erl", "src/jwe/jose_jwe_enc.erl", @@ -56,37 +56,9 @@ erlang_bytecode( "src/jws/jose_jws.erl", "src/jws/jose_jws_alg.erl", ], - outs = [ - "ebin/jose_block_encryptor.beam", - "ebin/jose_chacha20_poly1305.beam", - "ebin/jose_curve25519.beam", - "ebin/jose_curve448.beam", - "ebin/jose_json.beam", - "ebin/jose_jwe.beam", - "ebin/jose_jwe_alg.beam", - "ebin/jose_jwe_enc.beam", - "ebin/jose_jwk.beam", - "ebin/jose_jwk_kty.beam", - "ebin/jose_jwk_oct.beam", - "ebin/jose_jwk_use_enc.beam", - "ebin/jose_jwk_use_sig.beam", - "ebin/jose_jws.beam", - "ebin/jose_jws_alg.beam", - "ebin/jose_sha3.beam", - "ebin/jose_xchacha20_poly1305.beam", - ], - hdrs = [ - "include/jose.hrl", - "include/jose_base.hrl", - "include/jose_compat.hrl", - "include/jose_jwe.hrl", - "include/jose_jwk.hrl", - "include/jose_jws.hrl", - "include/jose_jwt.hrl", - "include/jose_public_key.hrl", - ], + hdrs = [":public_and_private_hdrs"], app_name = "jose", - beam = [":parse_transforms"], + dest = "ebin", erlc_opts = "//:erlc_opts", ) @@ -97,24 +69,10 @@ erlang_bytecode( "src/base/jose_base64url.erl", "src/jose.erl", "src/jose_app.erl", - "src/jose_chacha20_poly1305_crypto.erl", - "src/jose_chacha20_poly1305_libsodium.erl", - "src/jose_chacha20_poly1305_unsupported.erl", "src/jose_crypto_compat.erl", - "src/jose_curve25519_libdecaf.erl", - "src/jose_curve25519_libsodium.erl", - "src/jose_curve25519_unsupported.erl", - "src/jose_curve448_libdecaf.erl", - "src/jose_curve448_unsupported.erl", "src/jose_public_key.erl", "src/jose_server.erl", - "src/jose_sha3_keccakf1600_driver.erl", - "src/jose_sha3_keccakf1600_nif.erl", - "src/jose_sha3_libdecaf.erl", - "src/jose_sha3_unsupported.erl", "src/jose_sup.erl", - "src/jose_xchacha20_poly1305_crypto.erl", - "src/jose_xchacha20_poly1305_unsupported.erl", "src/json/jose_json_jason.erl", "src/json/jose_json_jiffy.erl", "src/json/jose_json_jsone.erl", @@ -125,6 +83,18 @@ erlang_bytecode( "src/json/jose_json_poison_lexical_encoder.erl", "src/json/jose_json_thoas.erl", "src/json/jose_json_unsupported.erl", + "src/jwa/chacha20_poly1305/jose_chacha20_poly1305_crypto.erl", + "src/jwa/chacha20_poly1305/jose_chacha20_poly1305_libsodium.erl", + "src/jwa/chacha20_poly1305/jose_chacha20_poly1305_unsupported.erl", + "src/jwa/curve25519/jose_curve25519_crypto.erl", + "src/jwa/curve25519/jose_curve25519_fallback.erl", + "src/jwa/curve25519/jose_curve25519_libdecaf.erl", + "src/jwa/curve25519/jose_curve25519_libsodium.erl", + "src/jwa/curve25519/jose_curve25519_unsupported.erl", + "src/jwa/curve448/jose_curve448_crypto.erl", + "src/jwa/curve448/jose_curve448_fallback.erl", + "src/jwa/curve448/jose_curve448_libdecaf.erl", + "src/jwa/curve448/jose_curve448_unsupported.erl", "src/jwa/jose_jwa.erl", "src/jwa/jose_jwa_aes.erl", "src/jwa/jose_jwa_aes_kw.erl", @@ -149,11 +119,19 @@ erlang_bytecode( "src/jwa/jose_jwa_x448.erl", "src/jwa/jose_jwa_xchacha20.erl", "src/jwa/jose_jwa_xchacha20_poly1305.erl", + "src/jwa/sha3/jose_sha3_keccakf1600_driver.erl", + "src/jwa/sha3/jose_sha3_keccakf1600_nif.erl", + "src/jwa/sha3/jose_sha3_libdecaf.erl", + "src/jwa/sha3/jose_sha3_unsupported.erl", + "src/jwa/xchacha20_poly1305/jose_xchacha20_poly1305_crypto.erl", + "src/jwa/xchacha20_poly1305/jose_xchacha20_poly1305_libsodium.erl", + "src/jwa/xchacha20_poly1305/jose_xchacha20_poly1305_unsupported.erl", "src/jwe/jose_jwe_alg_aes_kw.erl", "src/jwe/jose_jwe_alg_c20p_kw.erl", "src/jwe/jose_jwe_alg_dir.erl", "src/jwe/jose_jwe_alg_ecdh_1pu.erl", "src/jwe/jose_jwe_alg_ecdh_es.erl", + "src/jwe/jose_jwe_alg_ecdh_ss.erl", "src/jwe/jose_jwe_alg_pbes2.erl", "src/jwe/jose_jwe_alg_rsa.erl", "src/jwe/jose_jwe_alg_xc20p_kw.erl", @@ -183,112 +161,10 @@ erlang_bytecode( "src/jws/jose_jws_alg_rsa_pss.erl", "src/jwt/jose_jwt.erl", ], - outs = [ - "ebin/jose.beam", - "ebin/jose_app.beam", - "ebin/jose_base64.beam", - "ebin/jose_base64url.beam", - "ebin/jose_chacha20_poly1305_crypto.beam", - "ebin/jose_chacha20_poly1305_libsodium.beam", - "ebin/jose_chacha20_poly1305_unsupported.beam", - "ebin/jose_crypto_compat.beam", - "ebin/jose_curve25519_libdecaf.beam", - "ebin/jose_curve25519_libsodium.beam", - "ebin/jose_curve25519_unsupported.beam", - "ebin/jose_curve448_libdecaf.beam", - "ebin/jose_curve448_unsupported.beam", - "ebin/jose_json_jason.beam", - "ebin/jose_json_jiffy.beam", - "ebin/jose_json_jsone.beam", - "ebin/jose_json_jsx.beam", - "ebin/jose_json_ojson.beam", - "ebin/jose_json_poison.beam", - "ebin/jose_json_poison_compat_encoder.beam", - "ebin/jose_json_poison_lexical_encoder.beam", - "ebin/jose_json_thoas.beam", - "ebin/jose_json_unsupported.beam", - "ebin/jose_jwa.beam", - "ebin/jose_jwa_aes.beam", - "ebin/jose_jwa_aes_kw.beam", - "ebin/jose_jwa_base64url.beam", - "ebin/jose_jwa_bench.beam", - "ebin/jose_jwa_chacha20.beam", - "ebin/jose_jwa_chacha20_poly1305.beam", - "ebin/jose_jwa_concat_kdf.beam", - "ebin/jose_jwa_curve25519.beam", - "ebin/jose_jwa_curve448.beam", - "ebin/jose_jwa_ed25519.beam", - "ebin/jose_jwa_ed448.beam", - "ebin/jose_jwa_hchacha20.beam", - "ebin/jose_jwa_math.beam", - "ebin/jose_jwa_pkcs1.beam", - "ebin/jose_jwa_pkcs5.beam", - "ebin/jose_jwa_pkcs7.beam", - "ebin/jose_jwa_poly1305.beam", - "ebin/jose_jwa_sha3.beam", - "ebin/jose_jwa_unsupported.beam", - "ebin/jose_jwa_x25519.beam", - "ebin/jose_jwa_x448.beam", - "ebin/jose_jwa_xchacha20.beam", - "ebin/jose_jwa_xchacha20_poly1305.beam", - "ebin/jose_jwe_alg_aes_kw.beam", - "ebin/jose_jwe_alg_c20p_kw.beam", - "ebin/jose_jwe_alg_dir.beam", - "ebin/jose_jwe_alg_ecdh_1pu.beam", - "ebin/jose_jwe_alg_ecdh_es.beam", - "ebin/jose_jwe_alg_pbes2.beam", - "ebin/jose_jwe_alg_rsa.beam", - "ebin/jose_jwe_alg_xc20p_kw.beam", - "ebin/jose_jwe_enc_aes.beam", - "ebin/jose_jwe_enc_c20p.beam", - "ebin/jose_jwe_enc_xc20p.beam", - "ebin/jose_jwe_zip.beam", - "ebin/jose_jwk_der.beam", - "ebin/jose_jwk_kty_ec.beam", - "ebin/jose_jwk_kty_oct.beam", - "ebin/jose_jwk_kty_okp_ed25519.beam", - "ebin/jose_jwk_kty_okp_ed25519ph.beam", - "ebin/jose_jwk_kty_okp_ed448.beam", - "ebin/jose_jwk_kty_okp_ed448ph.beam", - "ebin/jose_jwk_kty_okp_x25519.beam", - "ebin/jose_jwk_kty_okp_x448.beam", - "ebin/jose_jwk_kty_rsa.beam", - "ebin/jose_jwk_openssh_key.beam", - "ebin/jose_jwk_pem.beam", - "ebin/jose_jwk_set.beam", - "ebin/jose_jws_alg_ecdsa.beam", - "ebin/jose_jws_alg_eddsa.beam", - "ebin/jose_jws_alg_hmac.beam", - "ebin/jose_jws_alg_none.beam", - "ebin/jose_jws_alg_poly1305.beam", - "ebin/jose_jws_alg_rsa_pkcs1_v1_5.beam", - "ebin/jose_jws_alg_rsa_pss.beam", - "ebin/jose_jwt.beam", - "ebin/jose_public_key.beam", - "ebin/jose_server.beam", - "ebin/jose_sha3_keccakf1600_driver.beam", - "ebin/jose_sha3_keccakf1600_nif.beam", - "ebin/jose_sha3_libdecaf.beam", - "ebin/jose_sha3_unsupported.beam", - "ebin/jose_sup.beam", - "ebin/jose_xchacha20_poly1305_crypto.beam", - "ebin/jose_xchacha20_poly1305_unsupported.beam", - ], - hdrs = [ - "include/jose.hrl", - "include/jose_base.hrl", - "include/jose_compat.hrl", - "include/jose_jwe.hrl", - "include/jose_jwk.hrl", - "include/jose_jws.hrl", - "include/jose_jwt.hrl", - "include/jose_public_key.hrl", - ], + hdrs = [":public_and_private_hdrs"], app_name = "jose", - beam = [ - ":parse_transforms", - ":behaviours", - ], + beam = [":behaviours"], + dest = "ebin", erlc_opts = "//:erlc_opts", ) @@ -297,43 +173,22 @@ filegroup( srcs = [ ":behaviours", ":other_beam", - ":parse_transforms", ], ) filegroup( name = "srcs", srcs = [ - "src/base/jose_base.erl", "src/base/jose_base64.erl", "src/base/jose_base64url.erl", "src/jose.app.src", "src/jose.erl", "src/jose_app.erl", "src/jose_block_encryptor.erl", - "src/jose_chacha20_poly1305.erl", - "src/jose_chacha20_poly1305_crypto.erl", - "src/jose_chacha20_poly1305_libsodium.erl", - "src/jose_chacha20_poly1305_unsupported.erl", "src/jose_crypto_compat.erl", - "src/jose_curve25519.erl", - "src/jose_curve25519_libdecaf.erl", - "src/jose_curve25519_libsodium.erl", - "src/jose_curve25519_unsupported.erl", - "src/jose_curve448.erl", - "src/jose_curve448_libdecaf.erl", - "src/jose_curve448_unsupported.erl", "src/jose_public_key.erl", "src/jose_server.erl", - "src/jose_sha3.erl", - "src/jose_sha3_keccakf1600_driver.erl", - "src/jose_sha3_keccakf1600_nif.erl", - "src/jose_sha3_libdecaf.erl", - "src/jose_sha3_unsupported.erl", "src/jose_sup.erl", - "src/jose_xchacha20_poly1305.erl", - "src/jose_xchacha20_poly1305_crypto.erl", - "src/jose_xchacha20_poly1305_unsupported.erl", "src/json/jose_json.erl", "src/json/jose_json_jason.erl", "src/json/jose_json_jiffy.erl", @@ -345,6 +200,21 @@ filegroup( "src/json/jose_json_poison_lexical_encoder.erl", "src/json/jose_json_thoas.erl", "src/json/jose_json_unsupported.erl", + "src/jwa/chacha20_poly1305/jose_chacha20_poly1305.erl", + "src/jwa/chacha20_poly1305/jose_chacha20_poly1305_crypto.erl", + "src/jwa/chacha20_poly1305/jose_chacha20_poly1305_libsodium.erl", + "src/jwa/chacha20_poly1305/jose_chacha20_poly1305_unsupported.erl", + "src/jwa/curve25519/jose_curve25519.erl", + "src/jwa/curve25519/jose_curve25519_crypto.erl", + "src/jwa/curve25519/jose_curve25519_fallback.erl", + "src/jwa/curve25519/jose_curve25519_libdecaf.erl", + "src/jwa/curve25519/jose_curve25519_libsodium.erl", + "src/jwa/curve25519/jose_curve25519_unsupported.erl", + "src/jwa/curve448/jose_curve448.erl", + "src/jwa/curve448/jose_curve448_crypto.erl", + "src/jwa/curve448/jose_curve448_fallback.erl", + "src/jwa/curve448/jose_curve448_libdecaf.erl", + "src/jwa/curve448/jose_curve448_unsupported.erl", "src/jwa/jose_jwa.erl", "src/jwa/jose_jwa_aes.erl", "src/jwa/jose_jwa_aes_kw.erl", @@ -369,6 +239,15 @@ filegroup( "src/jwa/jose_jwa_x448.erl", "src/jwa/jose_jwa_xchacha20.erl", "src/jwa/jose_jwa_xchacha20_poly1305.erl", + "src/jwa/sha3/jose_sha3.erl", + "src/jwa/sha3/jose_sha3_keccakf1600_driver.erl", + "src/jwa/sha3/jose_sha3_keccakf1600_nif.erl", + "src/jwa/sha3/jose_sha3_libdecaf.erl", + "src/jwa/sha3/jose_sha3_unsupported.erl", + "src/jwa/xchacha20_poly1305/jose_xchacha20_poly1305.erl", + "src/jwa/xchacha20_poly1305/jose_xchacha20_poly1305_crypto.erl", + "src/jwa/xchacha20_poly1305/jose_xchacha20_poly1305_libsodium.erl", + "src/jwa/xchacha20_poly1305/jose_xchacha20_poly1305_unsupported.erl", "src/jwe/jose_jwe.erl", "src/jwe/jose_jwe_alg.erl", "src/jwe/jose_jwe_alg_aes_kw.erl", @@ -376,6 +255,7 @@ filegroup( "src/jwe/jose_jwe_alg_dir.erl", "src/jwe/jose_jwe_alg_ecdh_1pu.erl", "src/jwe/jose_jwe_alg_ecdh_es.erl", + "src/jwe/jose_jwe_alg_ecdh_ss.erl", "src/jwe/jose_jwe_alg_pbes2.erl", "src/jwe/jose_jwe_alg_rsa.erl", "src/jwe/jose_jwe_alg_xc20p_kw.erl", @@ -415,10 +295,7 @@ filegroup( ], ) -filegroup( - name = "private_hdrs", - srcs = [], -) +filegroup(name = "private_hdrs") filegroup( name = "public_hdrs", @@ -436,7 +313,9 @@ filegroup( filegroup( name = "priv", - srcs = ["priv/Dockerfile"], + srcs = [ + "priv/.keep", + ], ) filegroup( @@ -471,6 +350,8 @@ erlang_app( "crypto", "public_key", ], + license_files = [":license_files"], + priv = [":priv"], deps = ["@thoas//:erlang_app"], ) @@ -479,3 +360,10 @@ alias( actual = ":erlang_app", visibility = ["//visibility:public"], ) + +filegroup( + name = "license_files", + srcs = [ + "LICENSE.md", + ], +) diff --git a/moduleindex.yaml b/moduleindex.yaml index 4fae6a2e6c3d..5efe8f9ab3b1 100755 --- a/moduleindex.yaml +++ b/moduleindex.yaml @@ -217,7 +217,6 @@ inet_tcp_proxy_dist: jose: - jose - jose_app -- jose_base - jose_base64 - jose_base64url - jose_block_encryptor @@ -227,10 +226,14 @@ jose: - jose_chacha20_poly1305_unsupported - jose_crypto_compat - jose_curve25519 +- jose_curve25519_crypto +- jose_curve25519_fallback - jose_curve25519_libdecaf - jose_curve25519_libsodium - jose_curve25519_unsupported - jose_curve448 +- jose_curve448_crypto +- jose_curve448_fallback - jose_curve448_libdecaf - jose_curve448_unsupported - jose_json @@ -275,6 +278,7 @@ jose: - jose_jwe_alg_dir - jose_jwe_alg_ecdh_1pu - jose_jwe_alg_ecdh_es +- jose_jwe_alg_ecdh_ss - jose_jwe_alg_pbes2 - jose_jwe_alg_rsa - jose_jwe_alg_xc20p_kw @@ -321,6 +325,7 @@ jose: - jose_sup - jose_xchacha20_poly1305 - jose_xchacha20_poly1305_crypto +- jose_xchacha20_poly1305_libsodium - jose_xchacha20_poly1305_unsupported katana_code: - ktn_code From fbf896c05cfbe2742ec93120f6b2f50319a23de8 Mon Sep 17 00:00:00 2001 From: Rin Kuryloski Date: Tue, 4 Jun 2024 16:13:06 +0200 Subject: [PATCH 3/3] Remove +warnings_as_errors from the jose compilation options Why? 1. Generally +warnings_as_errors is unnecessary for deps anyway 2. The gazelle plugin in rules_erlang, for the sake of simplicity, splits compilation of a given application into at most 3 phases, parse_transforms, behaviours & everything else. Therefore, if there are behaviours that are behaviours, this produces warnings. It's certainly possible to write an extra phase into BUILD.jose so that the warning does not occur, but in this case it's much simpler to just to allow the warning. Futhermore, this should not be an issue with rules_erlang 4, as it is not limited to the finite number of compilation phases, nor does it even have a gazelle plugin. --- bazel/BUILD.jose | 2 -- 1 file changed, 2 deletions(-) diff --git a/bazel/BUILD.jose b/bazel/BUILD.jose index eda11e766dab..50bca8223f68 100644 --- a/bazel/BUILD.jose +++ b/bazel/BUILD.jose @@ -6,12 +6,10 @@ erlc_opts( values = select({ "@rules_erlang//:debug_build": [ "+debug_info", - "+warnings_as_errors", ], "//conditions:default": [ "+debug_info", "+deterministic", - "+warnings_as_errors", ], }), visibility = [":__subpackages__"],