Skip to content

Commit

Permalink
chore: use aws_lc_rs
Browse files Browse the repository at this point in the history
  • Loading branch information
@littledivy
littledivy committed Feb 22, 2025
1 parent 648ee8f commit d4150e3
Show file tree
Hide file tree
Showing 6 changed files with 76 additions and 20 deletions.
82 changes: 69 additions & 13 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -185,7 +185,8 @@ prost-build = "0.13"
rand = "=0.8.5"
regex = "^1.7.0"
reqwest = { version = "=0.12.5", default-features = false, features = ["rustls-tls", "stream", "gzip", "brotli", "socks", "json", "http2"] } # pinned because of https://github.com/seanmonstar/reqwest/pull/1955
ring = "^0.17.0"
# ring = "^0.17.0"
ring = { version = "1.0.0", package = "aws-lc-rs" }
rusqlite = { version = "0.32.0", features = ["unlock_notify", "bundled", "session"] }
rustls = { version = "0.23.11", default-features = false, features = ["logging", "std", "tls12", "ring"] }
rustls-pemfile = "2"
Expand Down
2 changes: 1 addition & 1 deletion cli/tools/registry/provenance.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -437,7 +437,7 @@ impl<'a> FulcioSigner<'a> {
let rng = SystemRandom::new();
let document = EcdsaKeyPair::generate_pkcs8(ALGORITHM, &rng)?;
let ephemeral_signer =
EcdsaKeyPair::from_pkcs8(ALGORITHM, document.as_ref(), &rng)?;
EcdsaKeyPair::from_pkcs8(ALGORITHM, document.as_ref())?;

Ok(Self {
ephemeral_signer,
Expand Down
2 changes: 1 addition & 1 deletion ext/crypto/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ p256 = { version = "0.13.2", features = ["ecdh"] }
p384 = "0.13.0"
p521 = "0.13.3"
rand.workspace = true
ring = { workspace = true, features = ["std"] }
ring.workspace = true
rsa.workspace = true
sec1.workspace = true
serde.workspace = true
Expand Down
5 changes: 2 additions & 3 deletions ext/crypto/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -360,7 +360,7 @@ pub async fn op_crypto_sign_key(
.into();

let rng = RingRand::SystemRandom::new();
let key_pair = EcdsaKeyPair::from_pkcs8(curve, &args.key.data, &rng)?;
let key_pair = EcdsaKeyPair::from_pkcs8(curve, &args.key.data)?;
// We only support P256-SHA256 & P384-SHA384. These are recommended signature pairs.
// https://briansmith.org/rustdoc/ring/signature/index.html#statics
if let Some(hash) = args.hash {
Expand Down Expand Up @@ -489,9 +489,8 @@ pub async fn op_crypto_verify_key(

let public_key_bytes = match args.key.r#type {
KeyType::Private => {
let rng = RingRand::SystemRandom::new();
private_key =
EcdsaKeyPair::from_pkcs8(signing_alg, &args.key.data, &rng)?;
EcdsaKeyPair::from_pkcs8(signing_alg, &args.key.data)?;

private_key.public_key().as_ref()
}
Expand Down
2 changes: 1 addition & 1 deletion ext/net/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ deno_tls.workspace = true
hickory-proto = "0.25.0-alpha.4"
hickory-resolver.workspace = true
pin-project.workspace = true
quinn = { version = "0.11.6", default-features = false, features = ["runtime-tokio", "rustls", "ring"] }
quinn = { version = "0.11.6", default-features = false, features = ["runtime-tokio", "rustls-aws-lc-rs"] }
rustls-tokio-stream.workspace = true
serde.workspace = true
sha2.workspace = true
Expand Down

0 comments on commit d4150e3

Please sign in to comment.