diff --git a/Cargo.lock b/Cargo.lock index 08cc56a50..a91ce8143 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -19,15 +19,13 @@ checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" [[package]] name = "aes" -version = "0.7.5" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e8b47f52ea9bae42228d07ec09eb676433d7c4ed1ebdf0f1d1c29ed446f1ab8" +checksum = "bfe0133578c0986e1fe3dfcd4af1cc5b2dd6c3dbf534d69916ce16a2701d40ba" dependencies = [ "cfg-if 1.0.0", "cipher", "cpufeatures", - "ctr", - "opaque-debug", ] [[package]] @@ -630,11 +628,12 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "cipher" -version = "0.3.0" +version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ee52072ec15386f770805afd189a01c8841be8696bed250fa2f13c4c0d6dfb7" +checksum = "d1873270f8f7942c191139cb8a40fd228da6c3fd2fc376d7e92d47aa14aeb59e" dependencies = [ - "generic-array", + "crypto-common", + "inout", ] [[package]] @@ -796,9 +795,9 @@ dependencies = [ [[package]] name = "ctr" -version = "0.8.0" +version = "0.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "049bb91fb4aaf0e3c7efa6cd5ef877dbbbd15b39dad06d9948de4ec8a75761ea" +checksum = "0d14f329cfbaf5d0e06b5e87fff7e265d2673c5ea7d2c27691a2c107db1442a0" dependencies = [ "cipher", ] @@ -1600,6 +1599,15 @@ dependencies = [ "libc", ] +[[package]] +name = "inout" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" +dependencies = [ + "generic-array", +] + [[package]] name = "instant" version = "0.1.12" @@ -3507,6 +3515,7 @@ dependencies = [ "base64", "cargo-husky", "cipher", + "ctr", "curve25519-dalek", "digest 0.10.3", "ed25519-dalek", diff --git a/crates/tor-llcrypto/Cargo.toml b/crates/tor-llcrypto/Cargo.toml index 009f143eb..e5ae6194f 100644 --- a/crates/tor-llcrypto/Cargo.toml +++ b/crates/tor-llcrypto/Cargo.toml @@ -21,10 +21,11 @@ relay = [] hsv3-client = [] [dependencies] -aes = { version = "0.7.0", features = ["ctr"] } +aes = { version = "0.8" } arrayref = "0.3" base64 = "0.13.0" curve25519-dalek = "3.2" +ctr = "0.9" digest = "0.10.0" ed25519-dalek = { version = "1", features = ["batch"] } hex = "0.4" @@ -45,7 +46,7 @@ thiserror = "1" [dev-dependencies] hex-literal = "0.3" rand = "0.8" -cipher = "0.3.0" +cipher = "0.4.1" serde_test = "1.0.124" # This is a magic crate that runs the tests and checks the format diff --git a/crates/tor-llcrypto/src/cipher.rs b/crates/tor-llcrypto/src/cipher.rs index bbd102ed0..663d44ace 100644 --- a/crates/tor-llcrypto/src/cipher.rs +++ b/crates/tor-llcrypto/src/cipher.rs @@ -9,5 +9,9 @@ /// the [`cipher`](https://docs.rs/cipher) crate to access them. pub mod aes { // These implement StreamCipher. - pub use ::aes::{Aes128Ctr, Aes256Ctr}; + /// AES128 in counter mode as used by Tor. + pub type Aes128Ctr = ctr::Ctr128BE; + + /// AES256 in counter mode as used by Tor. + pub type Aes256Ctr = ctr::Ctr128BE; } diff --git a/crates/tor-llcrypto/tests/testvec.rs b/crates/tor-llcrypto/tests/testvec.rs index 7583790ab..98fba7723 100644 --- a/crates/tor-llcrypto/tests/testvec.rs +++ b/crates/tor-llcrypto/tests/testvec.rs @@ -1,4 +1,4 @@ -use cipher::{NewCipher, StreamCipher}; +use cipher::{KeyIvInit, StreamCipher}; use digest::{self, Digest, ExtendableOutput}; use hex_literal::hex; use tor_llcrypto as ll; diff --git a/crates/tor-proto/Cargo.toml b/crates/tor-proto/Cargo.toml index d906f0132..6c3ed9922 100644 --- a/crates/tor-proto/Cargo.toml +++ b/crates/tor-proto/Cargo.toml @@ -30,7 +30,7 @@ tor-cell = { path = "../tor-cell", version = "0.2.0" } arrayref = "0.3" bytes = "1" -cipher = "0.3.0" +cipher = "0.4.1" coarsetime = "0.1.20" digest = "0.10.0" educe = "0.4.6" diff --git a/crates/tor-proto/src/crypto/cell.rs b/crates/tor-proto/src/crypto/cell.rs index a52cae1a2..2ee6a2133 100644 --- a/crates/tor-proto/src/crypto/cell.rs +++ b/crates/tor-proto/src/crypto/cell.rs @@ -224,7 +224,7 @@ pub(crate) type Tor1RelayCrypto = /// Incomplete untested implementation of Tor's current cell crypto. pub(crate) mod tor1 { use super::*; - use cipher::{NewCipher, StreamCipher}; + use cipher::{KeyIvInit, StreamCipher}; use digest::Digest; use typenum::Unsigned; @@ -251,7 +251,7 @@ pub(crate) mod tor1 { back: CryptState, } - impl CryptInit for CryptStatePair { + impl CryptInit for CryptStatePair { fn seed_len() -> usize { SC::KeySize::to_usize() * 2 + D::OutputSize::to_usize() * 2 } diff --git a/crates/tor-proto/src/crypto/handshake/hs_ntor.rs b/crates/tor-proto/src/crypto/handshake/hs_ntor.rs index 16fb2c27a..40c348d02 100644 --- a/crates/tor-proto/src/crypto/handshake/hs_ntor.rs +++ b/crates/tor-proto/src/crypto/handshake/hs_ntor.rs @@ -32,7 +32,7 @@ use tor_llcrypto::d::Sha3_256; use tor_llcrypto::pk::{curve25519, ed25519}; use tor_llcrypto::util::rand_compat::RngCompatExt; -use cipher::{NewCipher, StreamCipher}; +use cipher::{KeyIvInit, StreamCipher}; use digest::Digest; use generic_array::GenericArray; diff --git a/crates/tor-proto/src/crypto/handshake/ntor_v3.rs b/crates/tor-proto/src/crypto/handshake/ntor_v3.rs index 4ae82dff6..7353b841f 100644 --- a/crates/tor-proto/src/crypto/handshake/ntor_v3.rs +++ b/crates/tor-proto/src/crypto/handshake/ntor_v3.rs @@ -21,7 +21,7 @@ use tor_llcrypto::d::{Sha3_256, Shake256}; use tor_llcrypto::pk::{curve25519, ed25519::Ed25519Identity}; use tor_llcrypto::util::rand_compat::RngCompatExt; -use cipher::{NewCipher, StreamCipher}; +use cipher::{KeyIvInit, StreamCipher}; use generic_array::GenericArray; use rand_core::{CryptoRng, RngCore}; diff --git a/doc/semver_status.md b/doc/semver_status.md index f824ffd5a..fe2a49d32 100644 --- a/doc/semver_status.md +++ b/doc/semver_status.md @@ -57,6 +57,10 @@ BREAKING: AuthorityBuilder::build now throws ConfigBuildError, not a custom erro MODIFIED: New functions to get estimated clock skew. MODIFIED: New functions to report observed clock skew. +### tor-llcrypto + +BREAKING: AES implementations now implement cipher 0.4 traits. + ### tor-proto MODIFIED: New accessors in tor_proto::Channel.