From 4a4b50bd05ae334c8cb176541d071481efb37c4b Mon Sep 17 00:00:00 2001
From: Timshel <timshel@users.noreply.github.com>
Date: Mon, 10 Mar 2025 17:38:21 +0100
Subject: [PATCH] Use subtle to replace deprecated
 ring::constant_time::verify_slices_are_equal

---
 Cargo.lock    | 5 +++--
 Cargo.toml    | 3 ++-
 src/crypto.rs | 5 ++---
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 9db5a23c..72728273 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2972,9 +2972,9 @@ dependencies = [
 
 [[package]]
 name = "ring"
-version = "0.17.11"
+version = "0.17.13"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "da5349ae27d3887ca812fb375b45a4fbb36d8d12d2df394968cd86e35683fe73"
+checksum = "70ac5d832aa16abd7d1def883a8545280c20a60f523a370aa3a9617c2b8550ee"
 dependencies = [
  "cc",
  "cfg-if",
@@ -4142,6 +4142,7 @@ dependencies = [
  "semver",
  "serde",
  "serde_json",
+ "subtle",
  "syslog",
  "time",
  "tokio",
diff --git a/Cargo.toml b/Cargo.toml
index 68ef1866..8fdd6866 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -90,7 +90,8 @@ libsqlite3-sys = { version = "0.31.0", features = ["bundled"], optional = true }
 
 # Crypto-related libraries
 rand = "0.9.0"
-ring = "0.17.11"
+ring = "0.17.13"
+subtle = "2.6.1"
 
 # UUID generation
 uuid = { version = "1.14.0", features = ["v4"] }
diff --git a/src/crypto.rs b/src/crypto.rs
index 5ab8f1fb..ada0a26a 100644
--- a/src/crypto.rs
+++ b/src/crypto.rs
@@ -110,7 +110,6 @@ pub fn generate_api_key() -> String {
 // Constant time compare
 //
 pub fn ct_eq<T: AsRef<[u8]>, U: AsRef<[u8]>>(a: T, b: U) -> bool {
-    use ring::constant_time::verify_slices_are_equal;
-
-    verify_slices_are_equal(a.as_ref(), b.as_ref()).is_ok()
+    use subtle::ConstantTimeEq;
+    a.as_ref().ct_eq(b.as_ref()).into()
 }