Open chenzhenjia opened 1 year ago
@chenzhenjia Are you still working on that? If not I would like to take over
@chenzhenjia你还在做这方面的工作吗?如果没有我想接手
I don't have time right now, if you have time you can take over
I also need this. @Keats do you have an example of a CI setup? I can take a stab if I have something to work off of
I don't have an example, but it should not be too hard to find one looking at Rust projects with wasm support
I added one in https://github.com/Keats/jsonwebtoken/pull/345.
I'm now wondering if we should just ditch ring vs using the pure rust sha/rsa etc crates entirely?
If someone can try a PR that removes ring, that'd be great. I'll do it otherwise but no idea on when
@Keats The ring has been completely removed
@Keats All steps of ci have been successful
Running cargo test --examples
fails with the following error message (kept only last most useful lines)
...
Running unittests examples/ed25519.rs (target/debug/examples/ed25519-dcfabe976d67ec15)
running 1 test
test tests::test ... FAILED
failures:
---- tests::test stdout ----
thread 'tests::test' panicked at examples/ed25519.rs:65:18:
called `Result::unwrap()` on an `Err` value: Error(InvalidEddsaKey)
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
failures:
tests::test
test result: FAILED. 0 passed; 1 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.00s
error: test failed, to rerun pass `--example ed25519`
It is a result of this example expecting method DecodingKey::from_ed_der
to expect actually DER encoded public key, while this method currently expects raw 32 bytes public key (see issue #362). It means that at least this PR keeps the old behavior in this situation (if supplying raw correct public key still works as it did, with no new bugs, because I didn't test this part).
Running
cargo test --examples
fails with the following error message (kept only last most useful lines)... Running unittests examples/ed25519.rs (target/debug/examples/ed25519-dcfabe976d67ec15) running 1 test test tests::test ... FAILED failures: ---- tests::test stdout ---- thread 'tests::test' panicked at examples/ed25519.rs:65:18: called `Result::unwrap()` on an `Err` value: Error(InvalidEddsaKey) note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace failures: tests::test test result: FAILED. 0 passed; 1 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.00s error: test failed, to rerun pass `--example ed25519`
It is a result of this example expecting method
DecodingKey::from_ed_der
to expect actually DER encoded public key, while this method currently expects raw 32 bytes public key (see issue #362). It means that at least this PR keeps the old behavior in this situation (if supplying raw correct public key still works as it did, with no new bugs, because I didn't test this part).
fixed
@Keats hi.Any questions about the pull request?
So there is another PR replacing ring: https://github.com/Keats/jsonwebtoken/pull/377
I'm not sure what to do tbh, I don't want multiple backends and I don't think the rust crypto crates are FIPS certified right?
So there is another PR replacing ring: #377
I'm not sure what to do tbh, I don't want multiple backends and I don't think the rust crypto crates are FIPS certified right?
Although these libraries are not FIPS certified, their security should not be an issue.
No I completely understand the benefits. It's just that not being FIPS certified means some people can't use the crate at all. On my end I do prefer this PR, maybe I should ask on /r/rust what people think.
Can you add a CI setup for it?