From 1515b1bab40cbf5e6a408594a51e90ba0e5cb61c Mon Sep 17 00:00:00 2001
From: Jackson Coxson <jkcoxson@gmail.com>
Date: Thu, 31 Jul 2025 11:52:42 -0600
Subject: [PATCH] Conditionally compile crypto backend

---
 ffi/Cargo.toml     |  8 ++++++--
 idevice/src/lib.rs | 35 +++++++++++++++++++++++++++--------
 tools/Cargo.toml   |  7 ++++++-
 3 files changed, 39 insertions(+), 11 deletions(-)

diff --git a/ffi/Cargo.toml b/ffi/Cargo.toml
index 04878d8..29756ab 100644
--- a/ffi/Cargo.toml
+++ b/ffi/Cargo.toml
@@ -5,7 +5,7 @@ edition = "2024"
 
 
 [dependencies]
-idevice = { path = "../idevice" }
+idevice = { path = "../idevice", default-features = false }
 log = "0.4.26"
 simplelog = "0.12.2"
 once_cell = "1.21.1"
@@ -15,6 +15,10 @@ plist = "1.7.1"
 plist_ffi = "0.1.3"
 
 [features]
+aws-lc = ["idevice/aws-lc"]
+ring = ["idevice/ring"]
+
+
 afc = ["idevice/afc"]
 amfi = ["idevice/amfi"]
 core_device = ["idevice/core_device"]
@@ -64,7 +68,7 @@ full = [
   "springboardservices",
   "syslog_relay",
 ]
-default = ["full"]
+default = ["full", "aws-lc"]
 
 [build-dependencies]
 cbindgen = "0.29.0"
diff --git a/idevice/src/lib.rs b/idevice/src/lib.rs
index 5d02877..162cb63 100644
--- a/idevice/src/lib.rs
+++ b/idevice/src/lib.rs
@@ -390,15 +390,34 @@ impl Idevice {
         pairing_file: &pairing_file::PairingFile,
     ) -> Result<(), IdeviceError> {
         if CryptoProvider::get_default().is_none() {
-            let crypto_provider = if cfg!(feature = "ring") {
-                debug!("Using ring crypto backend");
-                rustls::crypto::ring::default_provider()
-            } else if cfg!(feature = "aws-lc") {
-                debug!("Using aws-lc crypto backend");
-                rustls::crypto::aws_lc_rs::default_provider()
-            } else {
-                panic!("No crypto provider compiled in! Use one of the features for idevice to specify a provider");
+            let crypto_provider = {
+                #[cfg(all(feature = "ring", not(feature = "aws-lc")))]
+                {
+                    debug!("Using ring crypto backend");
+                    rustls::crypto::ring::default_provider()
+                }
+
+                #[cfg(all(feature = "aws-lc", not(feature = "ring")))]
+                {
+                    debug!("Using aws-lc crypto backend");
+                    rustls::crypto::aws_lc_rs::default_provider()
+                }
+
+                #[cfg(not(any(feature = "ring", feature = "aws-lc")))]
+                {
+                    panic!(
+                        "No crypto backend was selected! Specify an idevice feature for a crypto backend"
+                    );
+                }
+
+                #[cfg(all(feature = "ring", feature = "aws-lc"))]
+                {
+                    compile_error!(
+                        "Cannot enable both `ring` and `aws-lc` features at the same time"
+                    );
+                }
             };
+
             if let Err(e) = CryptoProvider::install_default(crypto_provider) {
                 // For whatever reason, getting the default provider will return None on iOS at
                 // random. Installing the default provider a second time will return an error, so
diff --git a/tools/Cargo.toml b/tools/Cargo.toml
index 24f4b20..049c48a 100644
--- a/tools/Cargo.toml
+++ b/tools/Cargo.toml
@@ -94,7 +94,7 @@ name = "restore_service"
 path = "src/restore_service.rs"
 
 [dependencies]
-idevice = { path = "../idevice", features = ["full"] }
+idevice = { path = "../idevice", features = ["full"], default-features = false }
 tokio = { version = "1.43", features = ["full"] }
 log = { version = "0.4" }
 env_logger = { version = "0.11" }
@@ -105,3 +105,8 @@ clap = { version = "4.5" }
 plist = { version = "1.7" }
 ns-keyed-archive = "0.1.2"
 uuid = "1.16"
+
+[features]
+default = ["aws-lc"]
+aws-lc = ["idevice/aws-lc"]
+ring = ["idevice/ring"]