search

tink-crypto / tink

Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.
https://developers.google.com/tink
Apache License 2.0
13.47k stars 1.18k forks source link

(Java) //:tink fails to build without an Android toolchain present #580

Closed notnarb closed 2 years ago

notnarb commented 2 years ago

Background:

I'm trying to import Tink to my Bazel project to develop against some unreleased features in Master.

Describe the bug:

Building //:tink in java_src fails on my machine presumably because I don't have an Android toolchain configured.

What was the expected behavior?

//:tink I would assume should not require an Android SDK configured (//:tink-android on the other hand should).

How can we reproduce the bug?

(On a machine that does not have the Android SDK configured)

$ cd java_src
$ bazel build //:tink
...
ERROR: While resolving toolchains for target //src/main/java/com/google/crypto/tink:pem_key_type: no matching toolchains found for types @bazel_tools//tools/android:sdk_toolchain_type
ERROR: Analysis of target '//:tink' failed; build aborted: no matching toolchains found for types @bazel_tools//tools/android:sdk_toolchain_type

A dependency on android rules can be seen with bazel query 'somepath(//:tink, "@bazel_tools//tools/android:*")':

Output example ``` //:tink //src/main/java/com/google/crypto/tink/signature:signature_pem_keyset_reader //src/main/java/com/google/crypto/tink:pem_key_type @bazel_tools//tools/android:desugar_java8_extra_bootclasspath @bazel_tools//tools/android:java_base_extras.jar ```

And looking at the definition for .../tink:pem_key_type we can see that it's an android_library and not a java_library.

Provide your version information:

Is there anything else you’d like to add?

I unblocked myself by commenting out the offending libraries in a patch:

Patch ```diff diff --git a/BUILD.bazel b/BUILD.bazel index 8418e5016..f6e3dfcde 100644 --- a/BUILD.bazel +++ b/BUILD.bazel @@ -113,9 +113,9 @@ gen_maven_jar_rules( "//src/main/java/com/google/crypto/tink/signature:rsa_ssa_pkcs1_verify_key_manager", "//src/main/java/com/google/crypto/tink/signature:rsa_ssa_pss_sign_key_manager", "//src/main/java/com/google/crypto/tink/signature:rsa_ssa_pss_verify_key_manager", - "//src/main/java/com/google/crypto/tink/signature:signature_config", - "//src/main/java/com/google/crypto/tink/signature:signature_key_templates", - "//src/main/java/com/google/crypto/tink/signature:signature_pem_keyset_reader", + # "//src/main/java/com/google/crypto/tink/signature:signature_config", + # "//src/main/java/com/google/crypto/tink/signature:signature_key_templates", + # "//src/main/java/com/google/crypto/tink/signature:signature_pem_keyset_reader", "//src/main/java/com/google/crypto/tink/signature/internal:sig_util", "//src/main/java/com/google/crypto/tink/streamingaead:aes_ctr_hmac_streaming_key_manager", "//src/main/java/com/google/crypto/tink/streamingaead:aes_gcm_hkdf_streaming_key_manager", ```

so I believe this problem is self-contained to just those rules, but I assume the real solution is to change /tink:pem_key_type to a java_library from an android_library

chuckx commented 2 years ago

This should be fixed by 59bb34495d1cb8f9d9dbc0f0a52c4f9e21491a14.

notnarb commented 2 years ago

As of that commit it is working for me now, thank you!