From beda97917d8a495da14e677c289fdb21e41bf7fb Mon Sep 17 00:00:00 2001 From: Matthew Keeler Date: Wed, 27 Aug 2025 09:26:57 -0400 Subject: [PATCH] fix: Replace ring usage with aws lc rs for FIPS compliance --- launchdarkly-server-sdk/Cargo.toml | 2 +- launchdarkly-server-sdk/src/client.rs | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/launchdarkly-server-sdk/Cargo.toml b/launchdarkly-server-sdk/Cargo.toml index 71b98b7..e9b7f0b 100644 --- a/launchdarkly-server-sdk/Cargo.toml +++ b/launchdarkly-server-sdk/Cargo.toml @@ -25,7 +25,6 @@ futures = "0.3.12" lazy_static = "1.4.0" log = "0.4.14" lru = { version = "0.13.0", default-features = false } -ring = "0.17.5" launchdarkly-server-sdk-evaluation = "2.0.0" serde = { version = "1.0.132", features = ["derive"] } serde_json = { version = "1.0.73", features = ["float_roundtrip"] } @@ -39,6 +38,7 @@ hyper = { version = "0.14.19", features = ["client", "http1", "http2", "tcp"] } hyper-rustls = { version = "0.24.1" , optional = true} rand = "0.9" flate2 = { version = "1.0.35", optional = true } +aws-lc-rs = "1.13.3" [dev-dependencies] maplit = "1.0.1" diff --git a/launchdarkly-server-sdk/src/client.rs b/launchdarkly-server-sdk/src/client.rs index 84e3f3b..bd3d6d9 100644 --- a/launchdarkly-server-sdk/src/client.rs +++ b/launchdarkly-server-sdk/src/client.rs @@ -561,8 +561,8 @@ impl Client { /// For more information, see the Reference Guide: /// . pub fn secure_mode_hash(&self, context: &Context) -> String { - let key = ring::hmac::Key::new(ring::hmac::HMAC_SHA256, self.sdk_key.as_bytes()); - let tag = ring::hmac::sign(&key, context.canonical_key().as_bytes()); + let key = aws_lc_rs::hmac::Key::new(aws_lc_rs::hmac::HMAC_SHA256, self.sdk_key.as_bytes()); + let tag = aws_lc_rs::hmac::sign(&key, context.canonical_key().as_bytes()); data_encoding::HEXLOWER.encode(tag.as_ref()) }