Open KirilNN opened 6 months ago
@Keats thanks for taking a look, I changed the feature name and added it to the CI, do you mind taking a look again?
Have you seen this PR: https://github.com/Keats/jsonwebtoken/pull/318 ? It's something I was considering
Well this is also reasonable imo, for me the question is whether these libs are FIPS compliant, cause this is the biggest issue we are tackling with this PR, as AWS did get it certified. Can we do features as well - like remove ring, get a feature for FIPS using aws lib and all the rest with the lib combo? Does it sound good? I believe removing ring is OK for everyone.
It looks like building this lib on windows is problematic? https://github.com/aws/aws-lc/issues/1477
@Keats that is very unfortunate. I think that there is a compliant Microsoft library for the same that should be windows compilable. Let me do some research and get back.
It looks like the symcrypt from Microsoft does not have wide support of platforms, although has the needed features, so I guess we can either merge the PR you suggest which is not guaranteed we have FIPS compliance, or we wait for the AWS folks to fix the windows build? Or maybe just use ring for windows?
The goal here is to enable feature based on aws-lc-rs library, so it can be used on demand instead of ring which is not FIPS certified.