x509-cert: `no_std` Builder - Replace `std::collections::HashSet` with an alternative?

[juliankrieger]

I'm currently looking into a library which can create CSR in no_std envs. Is there any interest in replacing HashSet with a no_std alternative?

[tarcieri]

Related: #689, #1603

[juliankrieger]

@tarcieri I've read the issues and I am interested in a no-alloc version. However, what I need most is for x509-cert (or any x509 parsing and/or verification crate) to work in no_std + alloc. AFAIK there is little use of std in x509-cert. I would be open to creating a PR where I replace HashSet with hashbrown or something similar.

Alternatively, is there any other crate I can use for this usecase? I must admit, I'm not quite up-to-date on X509 handling in the rust ecosystem.

[tarcieri]

Aah, I see what you're saying. We should probably enable the clippy::std_instead_of_alloc and clippy::std_instead_of_core lints.

[juliankrieger]

very cool! Yes, I agree with the lints :) I actually use those myself. For Sans-IO libraries I have only yet found a few cases where std was actually needed :) Additionally, I build against a no_std target in GH actions to check for transitive std dependencies, but that's probably overkill for x509-cert.

[tarcieri]

I build against a no_std target in GH actions to check for transitive std dependencies, but that's probably overkill for x509-cert.

We already do that (on pretty much every crate we develop):

https://github.com/RustCrypto/formats/blob/master/.github/workflows/x509-cert.yml#L24-L42