tarcieri
commented
1 month ago Moving to verification only, possibly placing signing under a hazmat feature, seems like a reasonable approach to me
Open msedzins opened 1 month ago
tarcieri
commented
1 month ago Moving to verification only, possibly placing signing under a hazmat feature, seems like a reasonable approach to me
msedzins
commented
1 month ago I tried to put signing under hazmat feature (in signing_key.rs) but tests stopped working (for example: signature.rs/signer_verifier_signature).
I don't think it's a good idea to put all those tests under hazmat feature.
It would be good if we could enable hazmat feature for dev/test profiles by default but it is not supported.
Any other possible approach?
tarcieri
commented
1 month ago It's fine to gate the tests on the corresponding feature. They won't work unless the feature is enabled.
msedzins
commented
1 month ago Please have a look at PR #859
There are two main issues there:
tarcieri
commented
1 month ago You can also feature gate the examples. Here's an example of a pattern we use to do this:
https://github.com/RustCrypto/SSH/blob/f741cf0/ssh-key/src/lib.rs#L44-L45
msedzins
commented
1 month ago I think we are talking about different "examples".
In my case example is just a binary crate, binary crate must have "main" function. So, the error I get is this:
% cargo run --package dsa --example sign
error[E0601]: `main` function not found in crate `sign`
--> dsa/examples/sign.rs:35:2
|
35 | }
| ^ consider adding a `main` function to `dsa/examples/sign.rs`Of course, I can add dummy "main", but I'm not sure if it makes sense.
tarcieri
commented
1 month ago You can use required-features in Cargo.toml for that
msedzins
commented
1 month ago done. please have a look at PR #859
FIPS 186-4 referenced in README.md has been superseded by FIPS 186-5 which no longer approves DSA for digital signature generation. DSA may be used only to verify already existing signatures.
Link: https://csrc.nist.gov/pubs/fips/186-5/final
Should we add this information as part of README.md?