Skip to content

Avoid rustcrypto backend for release builds #611

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Sep 23, 2025
Merged

Avoid rustcrypto backend for release builds #611

merged 3 commits into from
Sep 23, 2025

Conversation

untitaker
Copy link
Collaborator

@untitaker untitaker commented Sep 21, 2025
edited
Loading

Fix #549

@untitaker untitaker marked this pull request as ready for review September 21, 2025 14:06
simonft
simonft reviewed Sep 21, 2025
View reviewed changes
doc/installing-from-source.md
Comment on lines 39 to 42
cargo build-daemon-firmware-devel
# Alternatively, if you have a cross-compilation toolchain for C installed,
# you can build it exactly like in CI:
# CC_armv7_unknown_linux_musleabihf=arm-linux-gnueabihf-gcc cargo build-daemon-firmware
Copy link
Contributor

@simonft simonft Sep 21, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it worth adding a warning here about the risks of building and using the -devel version, or should it wait until it's actually sending sensitive data?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you're probably right, not sure how to explain it succinctly though

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about this:

The rustcyrpto library, though not known to be insecure, is less well tested than its counterpart and could potentially have severe issues in its cryptographic implementation. We therefore recommend using ring-tls in production builds.

@cooperq cooperq merged commit dd0b805 into main Sep 23, 2025
30 checks passed
@cooperq cooperq deleted the ring-tls branch September 23, 2025 17:05
@simonft simonft mentioned this pull request Sep 30, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cooperq cooperq cooperq approved these changes

+1 more reviewer

@simonft simonft simonft left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Move release builds to use ring instead of rustcrypto

3 participants

@untitaker @simonft @cooperq