Options for `secure` feature with a different crypto library?

[anp]

Hello! What do you think about adding some indirection over the ring APIs used in this crate and optionally allowing users to choose openssl/boring/mundane/etc for their crypto implementation? It would obviously have (potentially severe?) security and ergonomics tradeoffs to consider, but having a more stable option would be very nice given the recent mass-yanking of ring versions.

[justinturpin]

So cookie-rs really only needs the HMAC portion of Ring, which mostly involves hashing and then a constant-time comparison (see https://briansmith.org/rustdoc/src/ring/hmac.rs.html#390). Python's own constant time string comparison function can be found here: https://github.com/python/cpython/blob/d0d3e99120b19a4b800f0f381b2807c93aeecf0e/Modules/_operator.c#L727 . Could such a function be safely written in rust in this library? I see one attempt here https://github.com/cesarb/constant_time_eq/blob/master/src/lib.rs#L4 but I wonder how you would rigorously test that in practice it is actually constant time.

Additionally here is Golangs implementation, which unless I'm missing something, is pure Go and looks pretty straighforward: https://golang.org/src/crypto/subtle/constant_time.go

Update: I just realized that cookie also provides the ability to encrypt the cookies, which none of this would cover and would still need a solution.

[SergioBenitez]

cookie now uses RustCrypto for pure-Rust based cryptography, ideally resolving this issue.