rust-asn1 VS mrustc

> I feel like this really only makes sense if pyca/cryptography had planned on adding the Rust dependency from the very beginning (or from very early on). Is there any indication that was the case?

I am sure this idea surfaced several times in IRC or possibly in the mailing lists. Certainly, the authors have been toying with handling ASN.1 in rust since 2015 [1], which I guess will be the next logical step.

I do agree that this is mostly a political stance. pyca/cryptography is a wrapper sandwiched between a gigantic runtime written in C (CPython/PyPy) and a gigantic library written in C (openssl).

The addition of Rust as dependency enables the inclusion of just 90 lines of Rust [2] where the only part that really couldn't be implemented in pure Python is a line copied from OpenSSL [3] (i.e. it was already available), and which is purely algebraic, therefore not mitigating any real memory issue at all (the reason to use rust in the first place).

The change in this wrapper (pyca/cryptographic) does not move the needle of security in any significant way, and it is really only meant to send the signal that adding Rust in all other Python packages and especially in the runtime itself will now come at no (political) cost.

[1] https://github.com/alex/rust-asn1

[2] https://github.com/pyca/cryptography/blob/main/src/rust/src/...

[3] https://github.com/openssl/openssl/blob/OpenSSL_1_1_1i/inclu...

No, you don't. Existential proof: mrustc ignores lifetimes. Just flat out simply ignores. It changes some corner-cases related to HRBT, yet rustc compiled by mrustc works (that's BTW mrustc exist: to bootsrap the rustc compiler).

Incidentally C++ is the only way to bootstrap rust without rust today.

https://github.com/thepowersgang/mrustc

Well, there is mrustc[0], a Rust compiler that doesn't include a borrow-checker, so it's possible to compile (at least some versions of) Rust without a borrow checker, though it might not result in the most optimized code.

AFAIK there are some optimization like the infamous `noalias` optimization (which took several tries to get turned on[1]) that uses information established during borrow checking.

I'm also not sure what the relation with NLL (non-lexical lifetimes) is, where I would assume you would need at least a primitive borrow-checker to establish some information that the backend might be interested in. Then again, mrustc compiles Rust versions that have NLL features without a borrow-checker, so it's again probably more on the optimization side than being essential.

[0]: https://github.com/thepowersgang/mrustc

[1]: https://stackoverflow.com/a/57259339

> Maybe another memory safe language, but Rust has severe bootstrapping issues which is a hard sell for distros that care about source to binary transparency.

It is possible to bootstrap rustc from just GCC relatively easily, although it's a little bit time consuming.

You can use mrustc to bootstrap Rust 1.54: https://github.com/thepowersgang/mrustc

And from then you can go through each version all the way to the current 1.72. (Each new Rust version officially needs the previous one to compile.)

Have you tried this route : https://github.com/thepowersgang/mrustc ?

Mrustc supports Rust 1.54.0 today

There are three. The official one, mrustc (no borrow checker, but can essentially compile the official rustc) and GCC (can't really compile anything substantial yet). Only rustc is production-ready though.

That probably depends on what you mean by problematic. Having an ever increasing chain of dependencies isn’t the most desirable situation so there has been some work to trim the bootstrap chain. In 2018, when the blogpost I linked above was written, mrustc was used to bootstrap rust 1.19.0; now mrustc can bootstrap rust 1.54.0 so the chain to recent versions is much shorter than if all those intervening versions back through 1.19.0 needed to be built. https://github.com/thepowersgang/mrustc