Comments (14)
changed the title on this to be specific to the crate now that it's been moved to the monorepo.
from ruma.
The ed25519-dalek crate uses rand's traits in its interface so we should use that for keypair generation (probably fine to use thread_rng
, we could then later possibly allow a custom RNG).
from ruma.
Workaround: https://github.com/stoically/ruma-signatures/commit/c9823b2f4e4fafc6cebfd3fc62d9d794d093b236
from ruma.
If ed25519-dalek can fully replace ring for our uses, I think I'd be in favor of switching and AFAIK it's also written by trustworthy people.
I don't really know what our current uses of ring even are though and I don't have much time to understand this crate in more detail. We really need an owner for this crate who is not me...
from ruma.
Looks like it could fully replace ring, would need some adjustments in the tests. ed25519-dalek seems to be geared for this specific use case, which is nice I think, but ring might be the better candidate if one day different algorithms might be needed. I'll look into putting it behind a feature.
from ruma.
While we could support both behind feature flags, I'm not sure what that achieves. Are you interested in maintaining ruma-signatures? If not, maybe the best path forward for now is to have your own fork using ed25519-dalek
and rely on that. There's no dependencies on ruma-signatures in any of the other ruma crates, so no compatibility concerns.
from ruma.
ed25519-dalek 1.0 is out, I'll look into switching away from ring
I'd welcome a PR switching from ring to ed25519-dalek.
from ruma.
/command @iinuwa assign to @ShadowJonathan
from ruma.
ruma-signatures has two spots which uses ring
for other uses;
ruma/crates/ruma-signatures/src/keys.rs
Line 62 in d71fa97
These would also need replacement candidates.
from ruma.
Suggestions from @poljar are;
-
Use
rand
withgetrandom
(which "works everywhere") -
Use
sha2
crate, which is pure rust.
from ruma.
I opened this issue because it doesn't seem ed25519-dalek
supports PKCS8 to support generating/creating Ed25519KeyPair
from them.
from ruma.
Going deeper down the rabbit hole, I discovered that the pkcs8
crate doesn't support PKCS8 v2 documents (as described here), ring::signature::Ed25519KeyPair::as_ref()
produces PKCS8 v2 documents, so I made some noise to have it be supported (possibly): RustCrypto/utils#419
from ruma.
@stoically now that #589 has merged into next
, could you verify that compiling to WASM works?
from ruma.
Closing under the assumption that this now works, if it doesn't please open an issue with details on how it fails.
from ruma.
Related Issues (20)
- Consider not using Cargo workspace feature HOT 2
- URI Path encoding should only encode reserved characters
- Be consistent in character sets for percent encoding HOT 6
- `InitialStateEvent` doesn't implement `Serialize` anymore
- Allow selecting owned identifier memory representation via regular environment variable HOT 7
- OriginalSyncRoomMessageEvent is undocumented HOT 2
- `RoomVersionId` shouldn't allow characters outside of `a-z`, `0-9`, `.`, and `-`.
- Implement MSC3925 HOT 1
- Add support for MSC2399, new to_device event type `m.room_key.withheld`
- Implement Matrix v1.7 changes HOT 1
- Bug: empty localpart of a user ID is a valid localpart
- Be able to interpret `unstable_features`
- JsonWebKey should be independent of Ruma HOT 3
- set_pushrule request uses the wrong HTTP method (GET instead of PUT) HOT 3
- Implement `AsRef<T> for T` for borrowed identifier types
- Why are CustomEventContent fields private? HOT 3
- Error parsing error response for `POST /_matrix/client/v3/keys/signatures/upload` HOT 5
- Make DST ID types less awkward under the `Arc` ID representation HOT 4
- Implement Matrix 1.8 changes
- Relax validation of identifiers for clients HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ruma.