support ring and aws-lc-rs (default = ring) #402
Conversation
|
|
||
| #[inline] | ||
| pub(crate) fn rsa_key_pair_public_modulus_len(key_pair: &RsaKeyPair) -> usize { | ||
| key_pair.public().modulus_len() |
There was a problem hiding this comment.
Ring does have key_pair.public_modulus_len() but it's deprecated.
So this can be removed if we upstream a patch to aws-lc-rs to have public() also available.
| pkcs8: &[u8], | ||
| _rng: &dyn ::aws_lc_rs::rand::SecureRandom, | ||
| ) -> Result<EcdsaKeyPair, ::aws_lc_rs::error::KeyRejected> { | ||
| EcdsaKeyPair::from_pkcs8(alg, pkcs8) |
There was a problem hiding this comment.
All other functions used by jsonwebtoken have the rng param which is ignored. Sadly this one seems to be forgotten. We could also try to upstream this to aws-lc-rs, but would require a major release, not sure how eager they are for that :)
There was a problem hiding this comment.
Hello! -- I stumbled across this thread, and thought I would provide a little context around this difference.
In ring v0.16.x, EcdsaKeyPair::from_pkcs8 only takes two parameters. But in ring 0.17, this function takes three parameters. Because aws-lc-rs v1.x maintains compatibility with ring 0.16.x, our function (likewise) only takes two parameters.
Unfortunately, I don't see a way we could support a 3rd parameter w/o breaking backwards compatibility. But feel free to drop us an issue if you have questions or would like to suggest an improvement to our API. Thanks!
|
All in all this PR is pretty innocent I think. This is AFAIK the only place where you do leak the crypto library used... |
|
ah I thought you meant to do the PR having the 2 rust-crypt/aws-lc-rs backends and not ring/aws-lc |
|
That’s fine for me as well. But then we might need that to be merged first? |
|
I think I can create another branch and merge it on that branch if that's ok |
|
I've made a mess in #404 commit wise i'll try to clean it when I have time but should be ok to start |
|
History on the other PR is fixed |
|
Hey @GlenDC, There seems to be constant refrain of people needing different crypto backends for their use-case. I recently opened an issue (#409), that suggests the use of traits to define a signer and verifier. If a user ever wanted a non-implemented crypto backend they would then be able to implement the traits for it and make use of it with the I realize you have a working PR here, but would you mind if I implemented it with traits instead? I feel it would make the crate more flexible going forward. I am also open to other suggestions that you would prefer. |
|
@sidrubs @GlenDC I'll add my vote in this general direction. I could make use of an external signer and verifier implementation for building out external authentication in NATS. NATS expects a variant of |
I have gone ahead and made a draft PR with a POC on a possible method of implementing this. |
Closes #389
Tested using:
Not ran it with wasm / windows enabled though.
But I would hope the flags manage that?
Current approach does mean you always pull in ring, but it shouldn't compile if you are not using it.
Do not know of an elegant way to do it differently. We can make ring a feature as well that is enabled by default,
but it would make it akward for when you have both ring and aws-lc-rs enabled.
rustls fixes that by then just making a runtime error. Bit odd, I would prefer just it to fail then. So that's an option to still add that here, not sure if it's desired/required.