use `core::prelude` instead of `std::prelude`

2023-10-05 16:32:26 +02:00 · 2023-10-05 16:32:26 +02:00 · 5427a4d6e9
parent 21484e16a2
commit 5427a4d6e9
58 changed files with 148 additions and 11 deletions
--- a/rustls/src/builder.rs
+++ b/rustls/src/builder.rs
@ -3,6 +3,8 @@ use crate::error::Error;
 use crate::suites::SupportedCipherSuite;
 use crate::versions;

+use alloc::format;
+use alloc::vec::Vec;
 use core::fmt;
 use core::marker::PhantomData;

--- a/rustls/src/client/builder.rs
+++ b/rustls/src/client/builder.rs
@ -14,6 +14,7 @@ use super::client_conn::Resumption;
 use pki_types::{CertificateDer, PrivateKeyDer};

 use alloc::sync::Arc;
+use alloc::vec::Vec;
 #[cfg(any(feature = "dangerous_configuration", feature = "ring"))]
 use core::marker::PhantomData;

@ -45,8 +46,8 @@ impl ConfigBuilder<ClientConfig, WantsVerifier> {

 /// Container for unsafe APIs
 pub(super) mod danger {
+    use alloc::sync::Arc;
    use core::marker::PhantomData;
-    use std::sync::Arc;

    use crate::client::WantsClientCert;
    use crate::{verify, ClientConfig, ConfigBuilder, WantsVerifier};
--- a/rustls/src/client/client_conn.rs
+++ b/rustls/src/client/client_conn.rs
@ -20,9 +20,11 @@ use super::handy::{ClientSessionMemoryCache, NoClientSessionStorage};
 use super::hs;

 use alloc::sync::Arc;
+use alloc::vec::Vec;
+use core::fmt;
 use core::marker::PhantomData;
+use core::mem;
 use core::ops::{Deref, DerefMut};
-use core::{fmt, mem};
 use std::io;
 use std::net::IpAddr;

--- a/rustls/src/client/common.rs
+++ b/rustls/src/client/common.rs
@ -6,7 +6,9 @@ use crate::msgs::handshake::ServerExtension;
 use crate::msgs::handshake::{CertificatePayload, DistinguishedName};
 use crate::{sign, SignatureScheme};

+use alloc::boxed::Box;
 use alloc::sync::Arc;
+use alloc::vec::Vec;

 #[derive(Debug)]
 pub(super) struct ServerCertDetails {
--- a/rustls/src/client/handy.rs
+++ b/rustls/src/client/handy.rs
@ -13,6 +13,8 @@ use pki_types::{CertificateDer, PrivateKeyDer};

 use alloc::collections::VecDeque;
 use alloc::sync::Arc;
+#[cfg(feature = "ring")]
+use alloc::vec::Vec;
 use std::sync::Mutex;

 /// An implementer of `ClientSessionStore` which does nothing.
--- a/rustls/src/client/hs.rs
+++ b/rustls/src/client/hs.rs
@ -32,7 +32,11 @@ use crate::client::{tls13, ClientConfig, ServerName};

 use pki_types::UnixTime;

+use alloc::borrow::ToOwned;
+use alloc::boxed::Box;
 use alloc::sync::Arc;
+use alloc::vec;
+use alloc::vec::Vec;
 use core::ops::Deref;

 pub(super) type NextState = Box<dyn State<ClientConnectionData>>;
--- a/rustls/src/client/tls12.rs
+++ b/rustls/src/client/tls12.rs
@ -30,7 +30,11 @@ use crate::client::{hs, ClientConfig, ServerName};
 use pki_types::UnixTime;
 use subtle::ConstantTimeEq;

+use alloc::borrow::ToOwned;
+use alloc::boxed::Box;
 use alloc::sync::Arc;
+use alloc::vec;
+use alloc::vec::Vec;

 pub(super) use server_hello::CompleteServerHelloHandling;

--- a/rustls/src/client/tls13.rs
+++ b/rustls/src/client/tls13.rs
@ -44,7 +44,10 @@ use crate::client::{hs, ClientConfig, ClientSessionStore, ServerName};
 use pki_types::UnixTime;
 use subtle::ConstantTimeEq;

+use alloc::boxed::Box;
 use alloc::sync::Arc;
+use alloc::vec;
+use alloc::vec::Vec;

 // Extensions we expect in plaintext in the ServerHello.
 static ALLOWED_PLAINTEXT_EXTS: &[ExtensionType] = &[
--- a/rustls/src/common_state.rs
+++ b/rustls/src/common_state.rs
@ -18,6 +18,9 @@ use crate::suites::SupportedCipherSuite;
 use crate::tls12::ConnectionSecrets;
 use crate::vecbuf::ChunkVecBuffer;

+use alloc::boxed::Box;
+use alloc::vec::Vec;
+
 use pki_types::CertificateDer;

 /// Connection state common to both client and server connections.
--- a/rustls/src/conn.rs
+++ b/rustls/src/conn.rs
@ -9,6 +9,7 @@ use crate::msgs::message::{Message, MessagePayload, PlainMessage};
 use crate::suites::{ExtractedSecrets, PartiallyExtractedSecrets};
 use crate::vecbuf::ChunkVecBuffer;

+use alloc::boxed::Box;
 use core::fmt::Debug;
 use core::mem;
 use core::ops::{Deref, DerefMut};
--- a/rustls/src/crypto/cipher.rs
+++ b/rustls/src/crypto/cipher.rs
@ -1,3 +1,5 @@
+use alloc::boxed::Box;
+use alloc::string::ToString;
 use core::fmt;
 use std::error::Error as StdError;

--- a/rustls/src/crypto/hash.rs
+++ b/rustls/src/crypto/hash.rs
@ -1,5 +1,7 @@
 pub use crate::msgs::enums::HashAlgorithm;

+use alloc::boxed::Box;
+
 /// Describes a single cryptographic hash function.
 ///
 /// This interface can do both one-shot and incremental hashing, using
--- a/rustls/src/crypto/hmac.rs
+++ b/rustls/src/crypto/hmac.rs
@ -1,3 +1,5 @@
+use alloc::boxed::Box;
+
 /// A concrete HMAC implementation, for a single cryptographic hash function.
 ///
 /// You should have one object that implements this trait for HMAC-SHA256, another
--- a/rustls/src/crypto/mod.rs
+++ b/rustls/src/crypto/mod.rs
@ -1,6 +1,8 @@
 use crate::suites;
 use crate::{Error, NamedGroup};

+use alloc::boxed::Box;
+use alloc::vec::Vec;
 use core::fmt::Debug;

 /// *ring* based CryptoProvider.
--- a/rustls/src/crypto/ring/hash.rs
+++ b/rustls/src/crypto/ring/hash.rs
@ -2,6 +2,8 @@ use crate::crypto;
 use crate::msgs::enums::HashAlgorithm;
 use ring;

+use alloc::boxed::Box;
+
 pub(crate) static SHA256: Hash = Hash(&ring::digest::SHA256, HashAlgorithm::SHA256);
 pub(crate) static SHA384: Hash = Hash(&ring::digest::SHA384, HashAlgorithm::SHA384);

--- a/rustls/src/crypto/ring/hmac.rs
+++ b/rustls/src/crypto/ring/hmac.rs
@ -1,6 +1,8 @@
 use crate::crypto;
 use ring;

+use alloc::boxed::Box;
+
 pub(crate) static HMAC_SHA256: Hmac = Hmac(&ring::hmac::HMAC_SHA256);
 pub(crate) static HMAC_SHA384: Hmac = Hmac(&ring::hmac::HMAC_SHA384);
 #[cfg(all(test, feature = "tls12"))]
--- a/rustls/src/crypto/ring/kx.rs
+++ b/rustls/src/crypto/ring/kx.rs
@ -6,6 +6,7 @@ use crate::rand::GetRandomFailed;
 use ring::agreement::{agree_ephemeral, EphemeralPrivateKey, UnparsedPublicKey};
 use ring::rand::SystemRandom;

+use alloc::boxed::Box;
 use core::fmt;

 /// A key-exchange group supported by *ring*.
--- a/rustls/src/crypto/ring/quic.rs
+++ b/rustls/src/crypto/ring/quic.rs
@ -5,6 +5,8 @@ use crate::quic;
 use crate::tls13::key_schedule::{hkdf_expand_label, hkdf_expand_label_aead_key};
 use crate::tls13::Tls13CipherSuite;

+use alloc::boxed::Box;
+
 use ring::aead;

 pub(crate) struct HeaderProtectionKey(aead::quic::HeaderProtectionKey);
--- a/rustls/src/crypto/ring/sign.rs
+++ b/rustls/src/crypto/ring/sign.rs
@ -8,7 +8,11 @@ use ring::io::der;
 use ring::rand::{SecureRandom, SystemRandom};
 use ring::signature::{self, EcdsaKeyPair, Ed25519KeyPair, RsaKeyPair};

+use alloc::boxed::Box;
+use alloc::string::ToString;
 use alloc::sync::Arc;
+use alloc::vec;
+use alloc::vec::Vec;
 use core::fmt;
 use std::error::Error as StdError;

--- a/rustls/src/crypto/ring/ticketer.rs
+++ b/rustls/src/crypto/ring/ticketer.rs
@ -4,7 +4,9 @@ use crate::server::ProducesTickets;

 use ring::aead;

+use alloc::boxed::Box;
 use alloc::sync::Arc;
+use alloc::vec::Vec;

 /// A concrete, safe ticket creation mechanism.
 pub struct Ticketer {}
--- a/rustls/src/crypto/ring/tls12.rs
+++ b/rustls/src/crypto/ring/tls12.rs
@ -10,6 +10,9 @@ use crate::msgs::message::{BorrowedPlainMessage, OpaqueMessage, PlainMessage};
 use crate::suites::{CipherSuiteCommon, ConnectionTrafficSecrets, SupportedCipherSuite};
 use crate::tls12::Tls12CipherSuite;

+use alloc::boxed::Box;
+use alloc::vec::Vec;
+
 use ring::aead;

 /// The TLS1.2 ciphersuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256.
--- a/rustls/src/crypto/ring/tls13.rs
+++ b/rustls/src/crypto/ring/tls13.rs
@ -1,3 +1,6 @@
+use alloc::boxed::Box;
+use alloc::vec::Vec;
+
 use crate::crypto::cipher::{
    make_tls13_aad, AeadKey, Iv, MessageDecrypter, MessageEncrypter, Nonce, Tls13AeadAlgorithm,
    UnsupportedOperationError,
--- a/rustls/src/crypto/signer.rs
+++ b/rustls/src/crypto/signer.rs
@ -3,7 +3,9 @@ use crate::error::Error;

 use pki_types::CertificateDer;

+use alloc::boxed::Box;
 use alloc::sync::Arc;
+use alloc::vec::Vec;

 /// An abstract signing key.
 pub trait SigningKey: Send + Sync {
--- a/rustls/src/dns_name.rs
+++ b/rustls/src/dns_name.rs
@ -1,5 +1,6 @@
 //! DNS name validation according to RFC1035, but with underscores allowed.

+use alloc::string::{String, ToString};
 use core::fmt;
 use std::error::Error as StdError;

--- a/rustls/src/error.rs
+++ b/rustls/src/error.rs
@ -2,7 +2,10 @@ use crate::enums::{AlertDescription, ContentType, HandshakeType};
 use crate::msgs::handshake::KeyExchangeAlgorithm;
 use crate::rand;

+use alloc::format;
+use alloc::string::String;
 use alloc::sync::Arc;
+use alloc::vec::Vec;
 use core::fmt;
 use std::error::Error as StdError;
 use std::time::SystemTimeError;
--- a/rustls/src/hash_hs.rs
+++ b/rustls/src/hash_hs.rs
@ -3,6 +3,9 @@ use crate::msgs::codec::Codec;
 use crate::msgs::enums::HashAlgorithm;
 use crate::msgs::handshake::HandshakeMessagePayload;
 use crate::msgs::message::{Message, MessagePayload};
+
+use alloc::boxed::Box;
+use alloc::vec::Vec;
 use core::mem;

 /// Early stage buffering of handshake payloads.
--- a/rustls/src/hkdf.rs
+++ b/rustls/src/hkdf.rs
@ -2,6 +2,8 @@

 use crate::crypto::{hash, hmac};

+use alloc::boxed::Box;
+
 /// This is the inputs to HKDF-Extract, except for IKM
 /// ("input keying material") which is supplied in [`Extractor::extract()`].
 pub(crate) struct Extractor {
--- a/rustls/src/key_log_file.rs
+++ b/rustls/src/key_log_file.rs
@ -1,6 +1,9 @@
 #[cfg(feature = "logging")]
 use crate::log::warn;
 use crate::KeyLog;
+
+use alloc::string::String;
+use alloc::vec::Vec;
 use std::env;
 use std::fs::{File, OpenOptions};
 use std::io;
--- a/rustls/src/lib.rs
+++ b/rustls/src/lib.rs
@ -300,8 +300,16 @@
 // cross-compiling.
 #![cfg_attr(read_buf, feature(read_buf))]
 #![cfg_attr(bench, feature(test))]
+#![cfg_attr(not(test), no_std)]

 extern crate alloc;
+// This `extern crate` plus the `#![no_std]` attribute changes the default prelude from
+// `std::prelude` to `core::prelude`. That forces one to _explicitly_ import (`use`) everything that
+// is in `std::prelude` but not in `core::prelude`. This helps maintain no-std support as even
+// developers that are not interested in, or aware of, no-std support and / or that never run
+// `cargo build --no-default-features` locally will get errors when they rely on `std::prelude` API.
+#[cfg(not(test))]
+extern crate std;

 // Import `test` sysroot crate for `Bencher` definitions.
 #[cfg(bench)]
--- a/rustls/src/msgs/alert.rs
+++ b/rustls/src/msgs/alert.rs
@ -3,6 +3,8 @@ use crate::error::InvalidMessage;
 use crate::msgs::codec::{Codec, Reader};
 use crate::msgs::enums::AlertLevel;

+use alloc::vec::Vec;
+
 #[derive(Debug)]
 pub struct AlertMessagePayload {
    pub level: AlertLevel,
--- a/rustls/src/msgs/base.rs
+++ b/rustls/src/msgs/base.rs
@ -1,9 +1,10 @@
-use core::fmt;
-
 use crate::error::InvalidMessage;
 use crate::msgs::codec;
 use crate::msgs::codec::{Codec, Reader};

+use alloc::vec::Vec;
+use core::fmt;
+
 use pki_types::CertificateDer;

 /// An externally length'd payload
--- a/rustls/src/msgs/ccs.rs
+++ b/rustls/src/msgs/ccs.rs
@ -1,3 +1,5 @@
+use alloc::vec::Vec;
+
 use crate::error::InvalidMessage;
 use crate::msgs::codec::{Codec, Reader};

--- a/rustls/src/msgs/codec.rs
+++ b/rustls/src/msgs/codec.rs
@ -1,7 +1,8 @@
-use core::fmt::Debug;
-
 use crate::error::InvalidMessage;

+use alloc::vec::Vec;
+use core::fmt::Debug;
+
 /// Wrapper over a slice of bytes that allows reading chunks from
 /// with the current position state held using a cursor.
 ///
--- a/rustls/src/msgs/deframer.rs
+++ b/rustls/src/msgs/deframer.rs
@ -1,3 +1,4 @@
+use alloc::vec::Vec;
 use core::ops::Range;
 use std::io;

--- a/rustls/src/msgs/handshake.rs
+++ b/rustls/src/msgs/handshake.rs
@ -1,4 +1,5 @@
 #![allow(non_camel_case_types)]
+
 use crate::crypto::{ActiveKeyExchange, CryptoProvider};
 use crate::dns_name::{DnsName, DnsNameRef};
 use crate::enums::{CipherSuite, HandshakeType, ProtocolVersion, SignatureScheme};
@ -16,6 +17,11 @@ use crate::{rand, x509};

 use pki_types::CertificateDer;

+use alloc::borrow::ToOwned;
+#[cfg(feature = "logging")]
+use alloc::string::String;
+use alloc::vec;
+use alloc::vec::Vec;
 use core::fmt;
 use std::collections;

--- a/rustls/src/msgs/macros.rs
+++ b/rustls/src/msgs/macros.rs
@ -23,7 +23,9 @@ macro_rules! enum_builder {
            }
        }
        impl Codec for $enum_name {
-            fn encode(&self, bytes: &mut Vec<u8>) {
+            // NOTE(allow) fully qualified Vec is only needed in no-std mode
+            #[allow(unused_qualifications)]
+            fn encode(&self, bytes: &mut alloc::vec::Vec<u8>) {
                self.get_u8().encode(bytes);
            }

@ -73,7 +75,9 @@ macro_rules! enum_builder {
            }
        }
        impl Codec for $enum_name {
-            fn encode(&self, bytes: &mut Vec<u8>) {
+            // NOTE(allow) fully qualified Vec is only needed in no-std mode
+            #[allow(unused_qualifications)]
+            fn encode(&self, bytes: &mut alloc::vec::Vec<u8>) {
                self.get_u16().encode(bytes);
            }

--- a/rustls/src/msgs/message.rs
+++ b/rustls/src/msgs/message.rs
@ -9,6 +9,8 @@ use crate::msgs::enums::AlertLevel;
 use crate::msgs::fragmenter::MAX_FRAGMENT_LEN;
 use crate::msgs::handshake::HandshakeMessagePayload;

+use alloc::vec::Vec;
+
 #[derive(Debug)]
 pub enum MessagePayload {
    Alert(AlertMessagePayload),
--- a/rustls/src/msgs/persist.rs
+++ b/rustls/src/msgs/persist.rs
@ -11,6 +11,7 @@ use crate::tls13::Tls13CipherSuite;

 use pki_types::{CertificateDer, UnixTime};

+use alloc::vec::Vec;
 use core::cmp;
 #[cfg(feature = "tls12")]
 use core::mem;
--- a/rustls/src/quic.rs
+++ b/rustls/src/quic.rs
@ -10,8 +10,11 @@ use crate::server::{ServerConfig, ServerConnectionData};
 use crate::tls13::key_schedule::hkdf_expand_label_block;
 use crate::tls13::Tls13CipherSuite;

+use alloc::boxed::Box;
 use alloc::collections::VecDeque;
 use alloc::sync::Arc;
+use alloc::vec;
+use alloc::vec::Vec;
 use core::fmt::{self, Debug};
 use core::ops::{Deref, DerefMut};

--- a/rustls/src/rand.rs
+++ b/rustls/src/rand.rs
@ -2,6 +2,9 @@

 use crate::crypto::CryptoProvider;

+use alloc::vec;
+use alloc::vec::Vec;
+
 /// Make a [`Vec<u8>`] of the given size containing random material.
 pub(crate) fn random_vec(
    provider: &dyn CryptoProvider,
--- a/rustls/src/record_layer.rs
+++ b/rustls/src/record_layer.rs
@ -5,6 +5,8 @@ use crate::msgs::message::{BorrowedPlainMessage, OpaqueMessage, PlainMessage};
 #[cfg(feature = "logging")]
 use crate::log::trace;

+use alloc::boxed::Box;
+
 static SEQ_SOFT_LIMIT: u64 = 0xffff_ffff_ffff_0000u64;
 static SEQ_HARD_LIMIT: u64 = 0xffff_ffff_ffff_fffeu64;

--- a/rustls/src/server/builder.rs
+++ b/rustls/src/server/builder.rs
@ -13,6 +13,7 @@ use crate::NoKeyLog;
 use pki_types::{CertificateDer, PrivateKeyDer};

 use alloc::sync::Arc;
+use alloc::vec::Vec;
 use core::marker::PhantomData;

 impl ConfigBuilder<ServerConfig, WantsVerifier> {
--- a/rustls/src/server/handy.rs
+++ b/rustls/src/server/handy.rs
@ -12,7 +12,9 @@ use crate::ServerName;
 #[cfg(feature = "ring")]
 use pki_types::{CertificateDer, PrivateKeyDer};

+use alloc::string::{String, ToString};
 use alloc::sync::Arc;
+use alloc::vec::Vec;
 use std::collections;
 use std::sync::Mutex;

--- a/rustls/src/server/hs.rs
+++ b/rustls/src/server/hs.rs
@ -25,7 +25,10 @@ use super::tls12;
 use crate::server::common::ActiveCertifiedKey;
 use crate::server::tls13;

+use alloc::borrow::ToOwned;
+use alloc::boxed::Box;
 use alloc::sync::Arc;
+use alloc::vec::Vec;

 pub(super) type NextState = Box<dyn State<ServerConnectionData>>;
 pub(super) type NextStateOrError = Result<NextState, Error>;
--- a/rustls/src/server/server_conn.rs
+++ b/rustls/src/server/server_conn.rs
@ -18,7 +18,9 @@ use crate::KeyLog;

 use super::hs;

+use alloc::boxed::Box;
 use alloc::sync::Arc;
+use alloc::vec::Vec;
 use core::fmt;
 use core::marker::PhantomData;
 use core::ops::{Deref, DerefMut};
--- a/rustls/src/server/tls12.rs
+++ b/rustls/src/server/tls12.rs
@ -26,7 +26,12 @@ use super::server_conn::{ProducesTickets, ServerConfig, ServerConnectionData};
 use pki_types::{CertificateDer, UnixTime};
 use subtle::ConstantTimeEq;

+use alloc::borrow::ToOwned;
+use alloc::boxed::Box;
+use alloc::string::ToString;
 use alloc::sync::Arc;
+use alloc::vec;
+use alloc::vec::Vec;

 pub(super) use client_hello::CompleteClientHelloHandling;

--- a/rustls/src/server/tls13.rs
+++ b/rustls/src/server/tls13.rs
@ -30,7 +30,11 @@ use crate::verify;
 use super::hs::{self, HandshakeHashOrBuffer, ServerContext};
 use super::server_conn::ServerConnectionData;

+use alloc::borrow::ToOwned;
+use alloc::boxed::Box;
 use alloc::sync::Arc;
+use alloc::vec;
+use alloc::vec::Vec;

 use pki_types::{CertificateDer, UnixTime};
 use subtle::ConstantTimeEq;
--- a/rustls/src/suites.rs
+++ b/rustls/src/suites.rs
@ -1,5 +1,3 @@
-use core::fmt;
-
 use crate::crypto;
 use crate::crypto::cipher::{AeadKey, Iv};
 use crate::enums::{CipherSuite, ProtocolVersion, SignatureAlgorithm, SignatureScheme};
@ -10,6 +8,9 @@ use crate::tls13::Tls13CipherSuite;
 use crate::versions::TLS12;
 use crate::versions::{SupportedProtocolVersion, TLS13};

+use alloc::vec::Vec;
+use core::fmt;
+
 /// Common state for cipher suites (both for TLS 1.2 and TLS 1.3)
 pub struct CipherSuiteCommon {
    /// The TLS enumeration naming this cipher suite.
--- a/rustls/src/ticketer.rs
+++ b/rustls/src/ticketer.rs
@ -4,6 +4,8 @@ use crate::Error;

 use pki_types::UnixTime;

+use alloc::boxed::Box;
+use alloc::vec::Vec;
 use core::mem;
 use std::sync::{Mutex, MutexGuard};

--- a/rustls/src/tls12/mod.rs
+++ b/rustls/src/tls12/mod.rs
@ -9,6 +9,9 @@ use crate::msgs::codec::{Codec, Reader};
 use crate::msgs::handshake::KeyExchangeAlgorithm;
 use crate::suites::{CipherSuiteCommon, PartiallyExtractedSecrets, SupportedCipherSuite};

+use alloc::boxed::Box;
+use alloc::vec;
+use alloc::vec::Vec;
 use core::fmt;

 mod prf;
--- a/rustls/src/tls13/key_schedule.rs
+++ b/rustls/src/tls13/key_schedule.rs
@ -8,6 +8,9 @@ use crate::quic;
 use crate::suites::PartiallyExtractedSecrets;
 use crate::{KeyLog, Tls13CipherSuite};

+use alloc::boxed::Box;
+use alloc::string::ToString;
+
 /// Key schedule maintenance for TLS1.3

 /// The kinds of secret we can extract from `KeySchedule`.
--- a/rustls/src/tls13/mod.rs
+++ b/rustls/src/tls13/mod.rs
@ -2,6 +2,7 @@ use crate::crypto;
 use crate::crypto::hash;
 use crate::suites::{CipherSuiteCommon, SupportedCipherSuite};

+use alloc::vec::Vec;
 use core::fmt;

 pub(crate) mod key_schedule;
--- a/rustls/src/vecbuf.rs
+++ b/rustls/src/vecbuf.rs
@ -1,4 +1,5 @@
 use alloc::collections::VecDeque;
+use alloc::vec::Vec;
 use core::cmp;
 use std::io;
 use std::io::Read;
--- a/rustls/src/verify.rs
+++ b/rustls/src/verify.rs
@ -1,3 +1,4 @@
+use alloc::vec::Vec;
 use core::fmt;

 use pki_types::{CertificateDer, UnixTime};
--- a/rustls/src/webpki/anchors.rs
+++ b/rustls/src/webpki/anchors.rs
@ -1,3 +1,5 @@
+use alloc::vec::Vec;
+
 use pki_types::{CertificateDer, TrustAnchor};
 use webpki::extract_trust_anchor;

--- a/rustls/src/webpki/client_verifier_builder.rs
+++ b/rustls/src/webpki/client_verifier_builder.rs
@ -1,5 +1,7 @@
+use alloc::sync::Arc;
+use alloc::vec::Vec;
 use core::fmt;
-use std::{error::Error as StdError, sync::Arc};
+use std::error::Error as StdError;

 use pki_types::CertificateRevocationListDer;
 use webpki::BorrowedCertRevocationList;
--- a/rustls/src/webpki/verify.rs
+++ b/rustls/src/webpki/verify.rs
@ -1,4 +1,5 @@
 use alloc::sync::Arc;
+use alloc::vec::Vec;
 use core::fmt;

 use pki_types::{CertificateDer, SignatureVerificationAlgorithm, UnixTime};
--- a/rustls/src/x509.rs
+++ b/rustls/src/x509.rs
@ -1,5 +1,7 @@
 // Additional x509/asn1 functions to those provided in webpki/ring.

+use alloc::vec::Vec;
+
 pub(crate) fn wrap_in_asn1_len(bytes: &mut Vec<u8>) {
    let len = bytes.len();