Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

remove ring #318

Open
wants to merge 12 commits into
base: master
Choose a base branch
from
Open

remove ring #318

wants to merge 12 commits into from

Conversation

chenzhenjia
Copy link

No description provided.

@Keats
Copy link
Owner

Keats commented Jun 19, 2023

Can you add a CI setup for it?

@kearfy kearfy mentioned this pull request Aug 25, 2023
Closed
2 tasks
@myFavShrimp
Copy link

@chenzhenjia Are you still working on that? If not I would like to take over

@chenzhenjia
Copy link
Author

@chenzhenjia你还在做这方面的工作吗?如果没有我想接手

I don't have time right now, if you have time you can take over

@ash-burnt
Copy link

I also need this. @Keats do you have an example of a CI setup? I can take a stab if I have something to work off of

@Keats
Copy link
Owner

Keats commented Sep 29, 2023

I don't have an example, but it should not be too hard to find one looking at Rust projects with wasm support

@BrandonDyer64 BrandonDyer64 mentioned this pull request Oct 29, 2023
Closed
@Keats
Copy link
Owner

Keats commented Nov 7, 2023

I added one in #345.

I'm now wondering if we should just ditch ring vs using the pure rust sha/rsa etc crates entirely?

@Keats
Copy link
Owner

Keats commented Nov 9, 2023

If someone can try a PR that removes ring, that'd be great. I'll do it otherwise but no idea on when

@chenzhenjia chenzhenjia changed the title support wasm remove ring Mar 15, 2024
@chenzhenjia
Merge branch 'master' into wasm_support
5bb1d75 
# Conflicts:
#	Cargo.toml
#	examples/custom_header.rs
#	examples/validation.rs
#	src/crypto/ecdsa.rs
#	src/crypto/rsa.rs
#	src/jwk.rs
@chenzhenjia
Copy link
Author

@Keats The ring has been completely removed

@Keats Keats mentioned this pull request Mar 15, 2024
Open
@chenzhenjia
Copy link
Author

@Keats All steps of ci have been successful

@tokarevart tokarevart mentioned this pull request Mar 25, 2024
Open
@tokarevart
Copy link

tokarevart commented Apr 4, 2024
edited

Running cargo test --examples fails with the following error message (kept only last most useful lines)

...
     Running unittests examples/ed25519.rs (target/debug/examples/ed25519-dcfabe976d67ec15)

running 1 test
test tests::test ... FAILED

failures:

---- tests::test stdout ----
thread 'tests::test' panicked at examples/ed25519.rs:65:18:
called `Result::unwrap()` on an `Err` value: Error(InvalidEddsaKey)
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace


failures:
    tests::test

test result: FAILED. 0 passed; 1 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.00s

error: test failed, to rerun pass `--example ed25519`

It is a result of this example expecting method DecodingKey::from_ed_der to expect actually DER encoded public key, while this method currently expects raw 32 bytes public key (see issue #362). It means that at least this PR keeps the old behavior in this situation (if supplying raw correct public key still works as it did, with no new bugs, because I didn't test this part).

@chenzhenjia
Copy link
Author

Running cargo test --examples fails with the following error message (kept only last most useful lines)

...
     Running unittests examples/ed25519.rs (target/debug/examples/ed25519-dcfabe976d67ec15)

running 1 test
test tests::test ... FAILED

failures:

---- tests::test stdout ----
thread 'tests::test' panicked at examples/ed25519.rs:65:18:
called `Result::unwrap()` on an `Err` value: Error(InvalidEddsaKey)
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace


failures:
    tests::test

test result: FAILED. 0 passed; 1 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.00s

error: test failed, to rerun pass `--example ed25519`

It is a result of this example expecting method DecodingKey::from_ed_der to expect actually DER encoded public key, while this method currently expects raw 32 bytes public key (see issue #362). It means that at least this PR keeps the old behavior in this situation (if supplying raw correct public key still works as it did, with no new bugs, because I didn't test this part).

fixed

@chenzhenjia
Copy link
Author

@Keats hi.Any questions about the pull request?

@Keats
Copy link
Owner

Keats commented May 24, 2024

So there is another PR replacing ring: #377

I'm not sure what to do tbh, I don't want multiple backends and I don't think the rust crypto crates are FIPS certified right?

@chenzhenjia
Copy link
Author

So there is another PR replacing ring: #377

I'm not sure what to do tbh, I don't want multiple backends and I don't think the rust crypto crates are FIPS certified right?

  1. Both password and hash functionalities are developed entirely in Rust, without needing C compilation, thus speeding up the compilation process.
  2. The compiled output will be smaller.
  3. More CPU architectures will be supported (ring does not support HarmonyOS, and aws-lc-rs support is uncertain).

Although these libraries are not FIPS certified, their security should not be an issue.

@Keats Keats mentioned this pull request Jun 5, 2024
Open
@Keats
Copy link
Owner

Keats commented Jun 5, 2024

No I completely understand the benefits. It's just that not being FIPS certified means some people can't use the crate at all.
On my end I do prefer this PR, maybe I should ask on /r/rust what people think.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@chenzhenjia @Keats @myFavShrimp @ash-burnt @tokarevart