From f28ea68693645a5b70b507150d0c06360762d541 Mon Sep 17 00:00:00 2001
From: Tony Arcieri <bascule@gmail.com>
Date: Tue, 15 Oct 2024 13:36:21 -0600
Subject: [PATCH 1/6] pem-rfc7468: leverage `core::error::Error`; MSRV 1.81
 (#1571)

Allows use of the `Error` trait without the `std` feature enabled, which
was stabilized in Rust 1.81
---
 .github/workflows/pem-rfc7468.yml | 6 +++---
 pem-rfc7468/Cargo.toml            | 2 +-
 pem-rfc7468/README.md             | 4 ++--
 pem-rfc7468/src/error.rs          | 3 +--
 4 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/pem-rfc7468.yml b/.github/workflows/pem-rfc7468.yml
index 037f044ab..098644271 100644
--- a/.github/workflows/pem-rfc7468.yml
+++ b/.github/workflows/pem-rfc7468.yml
@@ -24,7 +24,7 @@ jobs:
     strategy:
       matrix:
         rust:
-          - 1.65.0 # MSRV
+          - 1.81.0 # MSRV
           - stable
         target:
           - thumbv7em-none-eabi
@@ -41,14 +41,14 @@ jobs:
   minimal-versions:
     uses: RustCrypto/actions/.github/workflows/minimal-versions.yml@master
     with:
-        working-directory: ${{ github.workflow }}
+      working-directory: ${{ github.workflow }}
 
   test:
     runs-on: ubuntu-latest
     strategy:
       matrix:
         rust:
-          - 1.65.0 # MSRV
+          - 1.81.0 # MSRV
           - stable
     steps:
       - uses: actions/checkout@v4
diff --git a/pem-rfc7468/Cargo.toml b/pem-rfc7468/Cargo.toml
index 83423fa2a..91797a07a 100644
--- a/pem-rfc7468/Cargo.toml
+++ b/pem-rfc7468/Cargo.toml
@@ -16,7 +16,7 @@ categories = ["cryptography", "data-structures", "encoding", "no-std", "parser-i
 keywords = ["crypto", "key", "pem", "pkcs", "rsa"]
 readme = "README.md"
 edition = "2021"
-rust-version = "1.60"
+rust-version = "1.81"
 
 [dependencies]
 base64ct = { version = "1.4" }
diff --git a/pem-rfc7468/README.md b/pem-rfc7468/README.md
index ad557de7e..5e294d30e 100644
--- a/pem-rfc7468/README.md
+++ b/pem-rfc7468/README.md
@@ -58,7 +58,7 @@ to practically extract RSA private keys from SGX enclaves.
 
 ## Minimum Supported Rust Version
 
-This crate requires **Rust 1.60** at a minimum.
+This crate requires **Rust 1.81** at a minimum.
 
 We may change the MSRV in the future, but it will be accompanied by a minor
 version bump.
@@ -87,7 +87,7 @@ dual licensed as above, without any additional terms or conditions.
 [build-image]: https://github.com/RustCrypto/formats/actions/workflows/pem-rfc7468.yml/badge.svg
 [build-link]: https://github.com/RustCrypto/formats/actions/workflows/pem-rfc7468.yml
 [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg
-[rustc-image]: https://img.shields.io/badge/rustc-1.60+-blue.svg
+[rustc-image]: https://img.shields.io/badge/rustc-1.81+-blue.svg
 [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg
 [chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/300570-formats
 
diff --git a/pem-rfc7468/src/error.rs b/pem-rfc7468/src/error.rs
index 61da64776..ae36ab274 100644
--- a/pem-rfc7468/src/error.rs
+++ b/pem-rfc7468/src/error.rs
@@ -70,8 +70,7 @@ impl fmt::Display for Error {
     }
 }
 
-#[cfg(feature = "std")]
-impl std::error::Error for Error {}
+impl core::error::Error for Error {}
 
 impl From<base64ct::Error> for Error {
     fn from(err: base64ct::Error) -> Error {

From e1193ec781ebe55e910bd989e18f871ee9d66960 Mon Sep 17 00:00:00 2001
From: Tony Arcieri <bascule@gmail.com>
Date: Tue, 15 Oct 2024 14:03:15 -0600
Subject: [PATCH 2/6] pem-rfc7468 v1.0.0-rc.2 (#1572)

---
 Cargo.lock             | 2 +-
 pem-rfc7468/Cargo.toml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 959ac438c..3f3eddf53 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1037,7 +1037,7 @@ dependencies = [
 
 [[package]]
 name = "pem-rfc7468"
-version = "1.0.0-rc.1"
+version = "1.0.0-rc.2"
 dependencies = [
  "base64ct 1.6.0",
 ]
diff --git a/pem-rfc7468/Cargo.toml b/pem-rfc7468/Cargo.toml
index 91797a07a..38f400556 100644
--- a/pem-rfc7468/Cargo.toml
+++ b/pem-rfc7468/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "pem-rfc7468"
-version = "1.0.0-rc.1"
+version = "1.0.0-rc.2"
 description = """
 PEM Encoding (RFC 7468) for PKIX, PKCS, and CMS Structures, implementing a
 strict subset of the original Privacy-Enhanced Mail encoding intended

From 38e4313722cab463ee1f945900501930650798fd Mon Sep 17 00:00:00 2001
From: Tony Arcieri <bascule@gmail.com>
Date: Tue, 15 Oct 2024 14:27:14 -0600
Subject: [PATCH 3/6] sec1: leverage `core::error::Error` (#1573)

Allows use of the `Error` trait without the `std` feature enabled, which
was stabilized in Rust 1.81
---
 sec1/src/error.rs | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/sec1/src/error.rs b/sec1/src/error.rs
index 0d8bc8b70..75e39a5ed 100644
--- a/sec1/src/error.rs
+++ b/sec1/src/error.rs
@@ -36,6 +36,8 @@ pub enum Error {
     Version,
 }
 
+impl core::error::Error for Error {}
+
 impl fmt::Display for Error {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         match self {
@@ -77,6 +79,3 @@ impl From<pkcs8::spki::Error> for Error {
         Error::Pkcs8(pkcs8::Error::PublicKey(err))
     }
 }
-
-#[cfg(feature = "std")]
-impl std::error::Error for Error {}

From 2abff73444e5e5c15c4bf2a8e789b5d57ec4fd46 Mon Sep 17 00:00:00 2001
From: Tony Arcieri <bascule@gmail.com>
Date: Tue, 15 Oct 2024 14:52:17 -0600
Subject: [PATCH 4/6] sec1 v0.8.0-rc.3 (#1574)

---
 Cargo.lock      | 4 ++--
 sec1/Cargo.toml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 3f3eddf53..d3831efad 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1439,7 +1439,7 @@ dependencies = [
 
 [[package]]
 name = "sec1"
-version = "0.8.0-rc.2"
+version = "0.8.0-rc.3"
 dependencies = [
  "base16ct",
  "der",
@@ -1863,7 +1863,7 @@ version = "0.1.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb"
 dependencies = [
- "windows-sys 0.59.0",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
diff --git a/sec1/Cargo.toml b/sec1/Cargo.toml
index b4b4e6701..60d05a128 100644
--- a/sec1/Cargo.toml
+++ b/sec1/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "sec1"
-version = "0.8.0-rc.2"
+version = "0.8.0-rc.3"
 description = """
 Pure Rust implementation of SEC1: Elliptic Curve Cryptography encoding formats
 including ASN.1 DER-serialized private keys as well as the

From d2be079b7bbc20d5f99951138f9623c0aad2e3c5 Mon Sep 17 00:00:00 2001
From: Arthur Gautier <baloo@superbaloo.net>
Date: Tue, 15 Oct 2024 21:44:50 +0000
Subject: [PATCH 5/6] cms: losen lifetime of the signature (#1575)

This is a followup on #1532. The lifetime requirement on the signature
was a mistake.
---
 cms/src/builder.rs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cms/src/builder.rs b/cms/src/builder.rs
index 5f49fd31a..9f658ef50 100644
--- a/cms/src/builder.rs
+++ b/cms/src/builder.rs
@@ -438,7 +438,7 @@ impl<'s> SignedDataBuilder<'s> {
         S: Keypair + DynSignatureAlgorithmIdentifier,
         S: AsyncSigner<Signature>,
         S::VerifyingKey: EncodePublicKey,
-        Signature: SignatureBitStringEncoding + 'static,
+        Signature: SignatureBitStringEncoding,
     {
         let signer_info = signer_info_builder
             .build_async::<S, Signature>(signer)
@@ -461,7 +461,7 @@ impl<'s> SignedDataBuilder<'s> {
         S: Keypair + DynSignatureAlgorithmIdentifier,
         S: AsyncRandomizedSigner<Signature>,
         S::VerifyingKey: EncodePublicKey,
-        Signature: SignatureBitStringEncoding + 'static,
+        Signature: SignatureBitStringEncoding,
     {
         let signer_info = signer_info_builder
             .build_with_rng_async::<S, Signature>(signer, rng)

From 8a854c7d4218d51913d3d777bf4fe793496ffd0e Mon Sep 17 00:00:00 2001
From: Tony Arcieri <bascule@gmail.com>
Date: Wed, 16 Oct 2024 13:31:25 -0600
Subject: [PATCH 6/6] CI: disable `security-audit` cache (#1576)

We're encountering errors like:

      /home/runner/.cargo/bin/cargo-audit: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.39' not found (required by /home/runner/.cargo/bin/cargo-audit)

These are occurring even with freshly-built binaries.

To avoid blocking PRs, temporarily disable the build cache until we have
time to properly investigate.
---
 .github/workflows/security-audit.yml | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/security-audit.yml b/.github/workflows/security-audit.yml
index 4be2b5965..6e72d8e37 100644
--- a/.github/workflows/security-audit.yml
+++ b/.github/workflows/security-audit.yml
@@ -21,10 +21,11 @@ jobs:
       - uses: dtolnay/rust-toolchain@master
         with:
           toolchain: stable
-      - uses: actions/cache@v4
-        with:
-          path: ~/.cargo/bin
-          key: ${{ runner.os }}-cargo-audit-v0.20
+      # TODO(tarcieri): investigate why cached binaries aren't working
+      #- uses: actions/cache@v4
+      #  with:
+      #    path: ~/.cargo/bin
+      #    key: ${{ runner.os }}-cargo-audit-v0.20
       - uses: rustsec/audit-check@v2
         with:
           token: ${{ secrets.GITHUB_TOKEN }}