cargo: Bump tss-esapi, picky-asn1-x509, and picky-asn1-der

[ansasaki]

Bump:

• tss-esapi to version 7.7.0
• picky-asn1-x509 to version 0.15.4
• picky-asn1-der to version 0.5.6

The tss-esapi version 7.7.0 allows building with clang 22.

Also re-add the generate-bindings feature, which allows building in arches for which the bindings are not pre-generated.

Note that this reverts changes made in #1205.

Resolves: #1229

Summary by CodeRabbit

• Chores
  • Upgraded cryptography-related dependencies and added supporting packages for internal platform tooling.
  • No changes to public APIs or exported interfaces; no user-facing behavior changes expected.
  • Maintenance update to keep build and security posture current.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: bed2837b-26af-48c9-86ad-40f9df16d529

📥 Commits

Reviewing files that changed from the base of the PR and between 1c8bd1f and 3ca2538.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• Cargo.toml

---

📝 Walkthrough

Walkthrough

Updated Cargo.toml dependencies: tss-esapi bumped to 7.7.0 with generate-bindings feature, and picky-asn1-der and picky-asn1-x509 versions were raised. No public API changes.

Changes

Dependency Bump: tss-esapi & ASN.1 crates

Layer / File(s)	Summary
Manifest configuration Cargo.toml	Added/updated dependency entries: picky-asn1-der -> 0.5, picky-asn1-x509 -> 0.15; tss-esapi -> 7.7.0 with feature "generate-bindings".
Rationale / Context (manifest-level only) Cargo.toml	Bump to tss-esapi 7.7.0 to pick up tss-esapi-sys/bindgen fixes addressing Clang 22 binding generation issues; ASN.1 crate versions updated alongside.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately and concisely summarizes the main change: bumping three dependencies (tss-esapi, picky-asn1-x509, picky-asn1-der) in the Cargo.toml file.
Linked Issues check	✅ Passed	The PR successfully addresses issue #1229 by upgrading tss-esapi to 7.7.0, which fixes build failures with Clang 22 by including the patched bindgen 0.72.1+ that resolves typedef-to-struct opaque type generation issues.
Out of Scope Changes check	✅ Passed	All changes are within scope: the PR updates three dependencies (tss-esapi 7.7.0, picky-asn1-x509 0.15.4, picky-asn1-der 0.5.6) as required to resolve the Clang 22 build failures identified in issue #1229.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@Cargo.toml`:
- Line 59: Update the tss-esapi dependency declaration in Cargo.toml from
version "7.6.0" to "7.7.0" so the project picks up the Clang 22/bindgen opaque
type regression fix; keep the existing features (e.g., "generate-bindings")
unchanged in the tss-esapi entry to preserve current build behavior.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: ac5179bb-4485-473a-84ba-3e9de599d544

📥 Commits

Reviewing files that changed from the base of the PR and between 718d4f9 and 1c8bd1f.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• Cargo.toml

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 58.63%. Comparing base (718d4f9) to head (3ca2538).

Additional details and impacted files

Flag	Coverage Δ
e2e-testsuite	38.93% <ø> (-0.08%)	⬇️
upstream-unit-tests	66.38% <ø> (-0.04%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.
see 8 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.