Make ring optional #74
Comments
|
That's an interesting proposal. I've thought about adding optional support for the rust crypto crates so you can choose between them and ring. I'm not sure about the review side of things though. Openssl, at least the CLI, provides facilities to generate certificates as well, so I'm not sure why one wants to use it with |
|
What I'm trying to do is have my code port to as many systems / crypto libraries as possible while sharing as much as they can. One thing I want to be able to do is sign using WebCrypto API in the browser so I don't need any additional crypto library dependencies, the OpenSSL thing was just an example. |
|
While |
|
@tomleavy I see, that makes sense. |
|
|
|
Also under consideration for |
|
As of acec387 it's possible to build rcgen with aws-lc-rs instead of ring using Being able to use an arbitrary cryptographic library will require more foundational work, closer to Rustls crypto provider struct and associated traits. I suspect that's what the OP wanted, so I think we should leave this issue open despite the fact that ring is technically now an optional dependency as the title of the issue requests. |
|
I'm good to close this based on aws-lc-rs ... my original goal was to build in additional x509 support for mls-rs which is also an AWS project and has bindings for aws-lc-rs |
|
Okay, closing as per #201. Thanks, everyone! |
It would be nice to take advantage of the serialization part of the library without being tied specifically to ring. I believe
RemoteKeypaircould be leveraged to provide your own implementation of signing (perhaps with the Openssl crate)?The text was updated successfully, but these errors were encountered: