WASM support for ruma-signatures

[stoically]

Currently rings Ed25519 doesn't work for the WebAssembly target (briansmith/ring#918), hence ruma-signature doesn't work on WASM either.

[stoically]

Workaround: https://github.com/stoically/ruma-signatures/commit/c9823b2f4e4fafc6cebfd3fc62d9d794d093b236

[jplatte]

If ed25519-dalek can fully replace ring for our uses, I think I'd be in favor of switching and AFAIK it's also written by trustworthy people.

I don't really know what our current uses of ring even are though and I don't have much time to understand this crate in more detail. We really need an owner for this crate who is not me...

[stoically]

Looks like it could fully replace ring, would need some adjustments in the tests. ed25519-dalek seems to be geared for this specific use case, which is nice I think, but ring might be the better candidate if one day different algorithms might be needed. I'll look into putting it behind a feature.

[jplatte]

While we could support both behind feature flags, I'm not sure what that achieves. Are you interested in maintaining ruma-signatures? If not, maybe the best path forward for now is to have your own fork using ed25519-dalek and rely on that. There's no dependencies on ruma-signatures in any of the other ruma crates, so no compatibility concerns.

[iinuwa]

changed the title on this to be specific to the crate now that it's been moved to the monorepo.

[jplatte]

ed25519-dalek 1.0 is out, I'll look into switching away from ring

I'd welcome a PR switching from ring to ed25519-dalek.

[ShadowJonathan]

/command @iinuwa assign to @ShadowJonathan

[ShadowJonathan]

ruma-signatures has two spots which uses ring for other uses;

ruma/crates/ruma-signatures/src/functions.rs

Line 11 in d71fa97

use ring::digest::{digest, SHA256};

ruma/crates/ruma-signatures/src/keys.rs

Line 62 in d71fa97

let document = RingEd25519KeyPair::generate_pkcs8(&ring::rand::SystemRandom::new())

These would also need replacement candidates.

[ShadowJonathan]

Suggestions from @poljar are;

• Use rand with getrandom (which "works everywhere")

• Use sha2 crate, which is pure rust.

[jplatte]

The ed25519-dalek crate uses rand's traits in its interface so we should use that for keypair generation (probably fine to use thread_rng, we could then later possibly allow a custom RNG).

[ShadowJonathan]

I opened this issue because it doesn't seem ed25519-dalek supports PKCS8 to support generating/creating Ed25519KeyPair from them.

[ShadowJonathan]

Going deeper down the rabbit hole, I discovered that the pkcs8 crate doesn't support PKCS8 v2 documents (as described here), ring::signature::Ed25519KeyPair::as_ref() produces PKCS8 v2 documents, so I made some noise to have it be supported (possibly): RustCrypto/utils#419

[ShadowJonathan]

@stoically now that #589 has merged into next, could you verify that compiling to WASM works?

[jplatte]

Closing under the assumption that this now works, if it doesn't please open an issue with details on how it fails.