Configurable cryptography #23
Conversation
|
Note: let's not land this before @eoger gets a chance to review. |
|
Sure thing. I'd like to get the CI updated before we land, too. |
|
Given the account that seems prudent :P. I'll probably need a pointer on how to do that though, unless slapping in a |
There was a problem hiding this comment.
Let's add a section to the README about this, perhaps "Upgrading", that notes the changes here (seems mostly just things now returning Result, but also Key::new no longer taking a reference).
I guess the "dynamic machinery" you indicate is dyn HmacKey etc., meaning that crypto operations involve a vtable call or two. That's sort of sad since it's in the hot path for this library, but it's a hot path that involves a bunch of crypto math so an indirect jump or two probably isn't a big deal.
Otherwise, I'm quite happy with this. I'll fix up the CI in another push, but don't let that slow you down.
| - If you were passing e.g. `&hawk::SHA256`, you probably just need | ||
| to pass `hawk::SHA256` now instead. | ||
|
|
||
| - BREAKING (though unlikely): `Error::Rng` has been removed, and `Error::Crypto` added |
|
I'll get this merged, but I'd like #27 to get merged too before making a release, since otherwise that PR would constitute a further breaking change. |
|
Hi @djmitche, anything else we can do to help with a new release to include this change? |
|
I think we can do that. I have another PR in the works to support signing |
|
v3.0.0 should be on crates.io shortly! |
By default it has the
use_ringfeature enabled, and uses ring. Someone who wants to use openssl can turn on theuse_opensslfeature, and someone who wants neither (e.g. mozilla/application-services) can turn off both and provide a custom impl with set_cryptographer.Since there's nothing sane we can do if both features are on, we detect it and give a explicit error message in a build.rs.
Annoyingly, this means testing / linting both requires
Cargo doesn't really support mutually exclusive features well.
Note: this needs the latest stable version of Rust to compile (e.g. the one that came out yesterday). I don't know if anything needs to change in the tc config for that to work.
Supports mozilla/application-services#959, assuming @eoger thinks we can shoehorn what we need into the trait I've defined there.
There's probably a way this could have less overhead in the ring/openssl cases, but it would be harder to test, so I didn't go with that. As it is, the dynamic machinery is used every time.