Skip to content

Commit 7546f16

Browse files
karalabekaralabe
committed
x509: replace ring with pure rust sha1
1 parent 268ac11 commit 7546f16

File tree

5 files changed

+91
-102
lines changed

5 files changed

+91
-102
lines changed

Cargo.lock

Lines changed: 12 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Cargo.toml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ pem = ["dep:base64"]
2626
rand = []
2727
rsa = ["pem", "dep:rsa", "dep:signature"]
2828
stream = ["dep:age-core", "dep:chacha20poly1305", "dep:pin-project", "dep:zeroize"]
29-
x509 = ["xdsa", "dep:bcder", "dep:bytes", "dep:chrono", "dep:ring", "dep:x509-certificate"]
29+
x509 = ["xdsa", "dep:bcder", "dep:bytes", "dep:chrono", "dep:sha1", "dep:x509-certificate"]
3030
xdsa = ["pem", "eddsa", "mldsa", "x509", "dep:x509-parser"]
3131
xhpke = ["pem", "xdsa", "dep:generic-array", "dep:hpke", "dep:rand", "dep:rand_chacha", "dep:x-wing"]
3232

@@ -51,7 +51,7 @@ pin-project = { version = "1.1.9", optional = true }
5151
pkcs8 = { version = "0.10.2", features = ["std"], optional = true }
5252
rand = { version = "0.9.2", optional = true }
5353
rand_chacha = { version = "0.9.0", optional = true }
54-
ring = { version = "0.17.14", features = ["wasm32_unknown_unknown_js"], optional = true }
54+
sha1 = { version = "0.10.6", optional = true }
5555
rsa = { version = "0.9.8", features = ["sha2"], optional = true }
5656
sha2 = { version = "0.10.9", optional = true }
5757
signature = { version = "2.2.0", features = ["rand_core"], optional = true }

fuzz/Cargo.lock

Lines changed: 49 additions & 71 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

src/x509/mod.rs

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ use bcder::Oid;
1414
use bcder::encode::Values;
1515
use bytes::Bytes;
1616
use chrono::{TimeZone, Utc};
17-
use ring::digest::{Context, SHA1_FOR_LEGACY_USE_ONLY};
17+
use sha1::{Digest, Sha1};
1818
use std::error::Error;
1919
use x509_certificate::asn1time::Time;
2020
use x509_certificate::rfc3280::{
@@ -72,9 +72,9 @@ fn make_cn_name(cn: &str) -> Name {
7272
fn make_ski_ext(public_key: &[u8]) -> Extension {
7373
// Create the SHA1 hash of the subject public key
7474
let id = {
75-
let mut ctx = Context::new(&SHA1_FOR_LEGACY_USE_ONLY);
76-
ctx.update(public_key);
77-
ctx.finish()
75+
let mut hasher = Sha1::new();
76+
hasher.update(public_key);
77+
hasher.finalize()
7878
};
7979
// Encode the subject extension value
8080
let mut buf = Vec::new();
@@ -93,9 +93,9 @@ fn make_ski_ext(public_key: &[u8]) -> Extension {
9393
fn make_aki_ext(public_key: &[u8]) -> Extension {
9494
// Create the SHA1 hash of the issuer public key
9595
let id = {
96-
let mut ctx = Context::new(&SHA1_FOR_LEGACY_USE_ONLY);
97-
ctx.update(public_key);
98-
ctx.finish()
96+
let mut hasher = Sha1::new();
97+
hasher.update(public_key);
98+
hasher.finalize()
9999
};
100100
// Encode the issuer extension value
101101
let mut buf = vec![

0 commit comments

Comments
 (0)