rama icon indicating copy to clipboard operation
rama copied to clipboard
verified publisher icon plabayo

remove `ring` dependency from rama-crypto

Open GlenDC opened this issue 5 months ago • 1 comments

This is not desired if we already use other crypto providers or no providers at all.

Might require upstream contributions to crates such as rcgen and/or x509-parser.

This hardcoded ring dependency is new since the introduction of rama-crypto crate:

$ cargo tree -i ring
ring v0.17.14
└── x509-parser v0.17.0
    └── rcgen v0.14.3
        └── rama-crypto v0.3.0-alpha.2 (/Users/glendc/code/github.com/plabayo/rama/rama-crypto)
            └── rama v0.3.0-alpha.2 (/Users/glendc/code/github.com/plabayo/rama)

For now doesn't seem to be causing issues but it is undesired non the less as we have worked very hard in the past to avoid such forced dependencies.

GlenDC avatar Jul 27 '25 17:07 GlenDC

Once this has been fixed we can move one layer up and also implement proper feature gating in rcgen.

I do find it nasty that this dependency leaks throughout the entire ecosystem, and wonder if a generic solution isn't possible to solve this once. While rustls already has a solution for this its a pretty involved one and probably not something each crate wants to implement.

soundofspace avatar Aug 01 '25 09:08 soundofspace