diff --git a/Cargo.lock b/Cargo.lock index 03934f8c1..50fd9ed74 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -452,7 +452,7 @@ version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b88d82667eca772c4aa12f0f1348b3ae643424c8876448f3f7bd5787032e234c" dependencies = [ - "autocfg 1.1.0", + "autocfg", ] [[package]] @@ -472,15 +472,6 @@ dependencies = [ "winapi 0.3.9", ] -[[package]] -name = "autocfg" -version = "0.1.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0dde43e75fd43e8a1bf86103336bc699aa8d17ad1be60c76c0bdfd4828e19b78" -dependencies = [ - "autocfg 1.1.0", -] - [[package]] name = "autocfg" version = "1.1.0" @@ -680,9 +671,9 @@ dependencies = [ [[package]] name = "const-oid" -version = "0.6.2" +version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9d6f2aa4d0537bcc1c74df8755072bd31c1ef1a3a1b85a68e8404a8c353b7b8b" +checksum = "e4c78c047431fee22c1a7bb92e00ad095a02a983affe4d8a72e2a2c62c1b94f3" [[package]] name = "convert_case" @@ -756,12 +747,11 @@ dependencies = [ [[package]] name = "crypto-bigint" -version = "0.2.11" +version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f83bd3bb4314701c568e340cd8cf78c975aa0ca79e03d3f6d1677d5b0c9c0c03" +checksum = "03c6a1d5fa1de37e071642dfa44ec552ca5b299adb128fab16138e24b548fd21" dependencies = [ "generic-array", - "rand_core 0.6.3", "subtle", ] @@ -806,9 +796,9 @@ dependencies = [ [[package]] name = "curve25519-dalek" -version = "3.2.1" +version = "3.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90f9d052967f590a76e62eb387bd0bbb1b000182c3cefe5364db6b7211651bc0" +checksum = "0b9fdf9972b2bd6af2d913799d9ebc165ea4d2e65878e329d9c6b372c4491b61" dependencies = [ "byteorder", "digest 0.9.0", @@ -895,12 +885,13 @@ checksum = "3ee2393c4a91429dffb4bedf19f4d6abf27d8a732c8ce4980305d782e5426d57" [[package]] name = "der" -version = "0.4.5" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "79b71cca7d95d7681a4b3b9cdf63c8dbc3730d0584c2c74e31416d64a90493f4" +checksum = "6919815d73839e7ad218de758883aae3a257ba6759ce7a9992501efbb53d705c" dependencies = [ "const-oid", "crypto-bigint", + "pem-rfc7468", ] [[package]] @@ -1792,7 +1783,7 @@ version = "0.4.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "327fa5b6a6940e4699ec49a9beae1ea4845c6bab9314e4f84ac68742139d8c53" dependencies = [ - "autocfg 1.1.0", + "autocfg", "scopeguard", ] @@ -2041,18 +2032,17 @@ version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f93ab6289c7b344a8a9f60f88d80aa20032336fe78da341afc91c8a2341fc75f" dependencies = [ - "autocfg 1.1.0", + "autocfg", "num-integer", "num-traits", ] [[package]] name = "num-bigint-dig" -version = "0.7.0" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4547ee5541c18742396ae2c895d0717d0f886d8823b8399cdaf7b07d63ad0480" +checksum = "566d173b2f9406afbc5510a90925d5a2cd80cae4605631f1212303df265de011" dependencies = [ - "autocfg 0.1.8", "byteorder", "lazy_static", "libm", @@ -2079,7 +2069,7 @@ version = "0.1.45" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9" dependencies = [ - "autocfg 1.1.0", + "autocfg", "num-traits", ] @@ -2089,7 +2079,7 @@ version = "0.1.43" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7d03e6c028c5dc5cac6e2dec0efda81fc887605bb3d884578bb6d6bf7514e252" dependencies = [ - "autocfg 1.1.0", + "autocfg", "num-integer", "num-traits", ] @@ -2100,7 +2090,7 @@ version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0638a1c9d0a3c0914158145bc76cff373a75a627e6ecbfb71cbe6f453a5a19b0" dependencies = [ - "autocfg 1.1.0", + "autocfg", "num-integer", "num-traits", ] @@ -2111,7 +2101,7 @@ version = "0.2.15" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" dependencies = [ - "autocfg 1.1.0", + "autocfg", "libm", ] @@ -2202,7 +2192,7 @@ version = "0.9.74" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "835363342df5fba8354c5b453325b110ffd54044e588c539cf2f20a8014e4cb1" dependencies = [ - "autocfg 1.1.0", + "autocfg", "cc", "libc", "openssl-src", @@ -2289,9 +2279,9 @@ dependencies = [ [[package]] name = "pem-rfc7468" -version = "0.2.3" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f22eb0e3c593294a99e9ff4b24cf6b752d43f193aa4415fe5077c159996d497" +checksum = "01de5d978f34aa4b2296576379fcc416034702fd94117c56ffd8a1a767cefb30" dependencies = [ "base64ct", ] @@ -2380,24 +2370,22 @@ checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" [[package]] name = "pkcs1" -version = "0.2.4" +version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "116bee8279d783c0cf370efa1a94632f2108e5ef0bb32df31f051647810a4e2c" +checksum = "a78f66c04ccc83dd4486fd46c33896f4e17b24a7a3a6400dedc48ed0ddd72320" dependencies = [ "der", - "pem-rfc7468", + "pkcs8", "zeroize", ] [[package]] name = "pkcs8" -version = "0.7.6" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ee3ef9b64d26bad0536099c816c6734379e45bbd5f14798def6809e5cc350447" +checksum = "7cabda3fb821068a9a4fab19a683eac3af12edf0f34b94a8be53c4972b8149d0" dependencies = [ "der", - "pem-rfc7468", - "pkcs1", "spki", "zeroize", ] @@ -2699,20 +2687,20 @@ dependencies = [ [[package]] name = "rsa" -version = "0.5.0" +version = "0.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e05c2603e2823634ab331437001b411b9ed11660fbc4066f3908c84a9439260d" +checksum = "4cf22754c49613d2b3b119f0e5d46e34a2c628a937e3024b8762de4e7d8c710b" dependencies = [ "byteorder", - "digest 0.9.0", - "lazy_static", + "digest 0.10.3", "num-bigint-dig", "num-integer", "num-iter", "num-traits", "pkcs1", "pkcs8", - "rand 0.8.5", + "rand_core 0.6.3", + "smallvec", "subtle", "zeroize", ] @@ -3113,10 +3101,11 @@ checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" [[package]] name = "spki" -version = "0.4.1" +version = "0.5.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c01a0c15da1b0b0e1494112e7af814a678fec9bd157881b49beac661e9b6f32" +checksum = "44d01ac02a6ccf3e07db148d2be087da624fea0221a16152ed01f0496a6b0a27" dependencies = [ + "base64ct", "der", ] @@ -4499,12 +4488,12 @@ dependencies = [ [[package]] name = "x25519-dalek" -version = "1.2.0" +version = "2.0.0-pre.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2392b6b94a576b4e2bf3c5b2757d63f10ada8020a2e4d08ac849ebcf6ea8e077" +checksum = "e5da623d8af10a62342bcbbb230e33e58a63255a58012f8653c578e54bab48df" dependencies = [ "curve25519-dalek", - "rand_core 0.5.1", + "rand_core 0.6.3", "zeroize", ] @@ -4529,9 +4518,9 @@ dependencies = [ [[package]] name = "zeroize" -version = "1.3.0" +version = "1.5.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4756f7db3f7b5574938c3eb1c117038b8e07f95ee6718c0efad4ac21508f1efd" +checksum = "20b578acffd8516a6c3f2a1bdefc1ec37e547bb4e0fb8b6b01a4cafc886b4442" dependencies = [ "zeroize_derive", ] diff --git a/crates/tor-llcrypto/Cargo.toml b/crates/tor-llcrypto/Cargo.toml index 804d62485..941782b54 100644 --- a/crates/tor-llcrypto/Cargo.toml +++ b/crates/tor-llcrypto/Cargo.toml @@ -35,7 +35,7 @@ hex = "0.4" old_rand_core = { package = "rand_core", version = "0.5.1" } openssl = { version = "0.10.30", optional = true } rand_core = "0.6.2" -rsa = "0.5.0" +rsa = "0.6.0" serde = "1.0.103" sha-1 = "0.10.0" sha2 = "0.10.0" @@ -45,7 +45,7 @@ simple_asn1 = "0.6" subtle = "2" thiserror = "1" typenum = { version = "1.15.0", optional = true } -x25519-dalek = "1.2" +x25519-dalek = "2.0.0-pre.1" zeroize = "1" [dev-dependencies] diff --git a/crates/tor-llcrypto/src/pk/rsa.rs b/crates/tor-llcrypto/src/pk/rsa.rs index 4afa1dca1..dd95e17b0 100644 --- a/crates/tor-llcrypto/src/pk/rsa.rs +++ b/crates/tor-llcrypto/src/pk/rsa.rs @@ -16,7 +16,7 @@ //! This module should expose RustCrypto trait-based wrappers, //! but the [`rsa`] crate didn't support them as of initial writing. use arrayref::array_ref; -use rsa::pkcs1::{FromRsaPrivateKey, FromRsaPublicKey}; +use rsa::pkcs1::{DecodeRsaPrivateKey, DecodeRsaPublicKey}; use std::fmt; use subtle::{Choice, ConstantTimeEq}; use zeroize::Zeroize; diff --git a/crates/tor-llcrypto/src/util/rand_compat.rs b/crates/tor-llcrypto/src/util/rand_compat.rs index 4f216784e..4ac69523b 100644 --- a/crates/tor-llcrypto/src/util/rand_compat.rs +++ b/crates/tor-llcrypto/src/util/rand_compat.rs @@ -8,29 +8,32 @@ //! //! # Example: //! -//! As of May 2021, if you're using the current version of -//! [`x25519-dalek`], and the latest [`rand_core`], then you can't use +//! As of July 2022, if you're using the current version of +//! [`ed25519-dalek`], and the latest [`rand_core`], then you can't use //! this code, because of the compatibility issue mentioned above. //! //! ```compile_fail //! use rand_core::OsRng; -//! use x25519_dalek::EphemeralSecret; +//! use ed25519_dalek::Keypair; //! -//! let my_secret = EphemeralSecret::new(OsRng); +//! let keypair = Keypair::generate(&mut OsRng); //! ``` //! +//! (This used to be a problem for `x25519-dalek` too, but that crate has +//! been updated to a version that doesn't have this problem.) +//! //! But instead, you can wrap the random number generator using the //! [`RngCompatExt`] extension trait. //! //! ``` //! use tor_llcrypto::util::rand_compat::RngCompatExt; //! use rand_core::OsRng; -//! use x25519_dalek::EphemeralSecret; +//! use ed25519_dalek::Keypair; //! -//! let my_secret = EphemeralSecret::new(OsRng.rng_compat()); +//! let keypair = Keypair::generate(&mut OsRng.rng_compat()); //! ``` //! -//! The wrapped RNG can be used with the old version of the RngCode +//! The wrapped RNG can be used with the old version of the RngCore //! trait, as well as the new one. use old_rand_core::{CryptoRng as OldCryptoRng, Error as OldError, RngCore as OldRngCore}; diff --git a/crates/tor-proto/src/crypto/handshake/ntor.rs b/crates/tor-proto/src/crypto/handshake/ntor.rs index 74e14f332..9ff5d6a5b 100644 --- a/crates/tor-proto/src/crypto/handshake/ntor.rs +++ b/crates/tor-proto/src/crypto/handshake/ntor.rs @@ -7,7 +7,6 @@ use tor_bytes::{Reader, Writer}; use tor_llcrypto::d; use tor_llcrypto::pk::curve25519::*; use tor_llcrypto::pk::rsa::RsaIdentity; -use tor_llcrypto::util::rand_compat::RngCompatExt; use digest::Mac; use rand_core::{CryptoRng, RngCore}; @@ -134,7 +133,7 @@ fn client_handshake_ntor_v1( where R: RngCore + CryptoRng, { - let my_sk = StaticSecret::new(rng.rng_compat()); + let my_sk = StaticSecret::new(rng); let my_public = PublicKey::from(&my_sk); client_handshake_ntor_v1_no_keygen(my_public, my_sk, relay_public) @@ -262,7 +261,7 @@ where // actually going to find our nodeid or keyid. Perhaps we should // delay that till later? It shouldn't matter for most cases, // though. - let ephem = EphemeralSecret::new(rng.rng_compat()); + let ephem = EphemeralSecret::new(rng); let ephem_pub = PublicKey::from(&ephem); server_handshake_ntor_v1_no_keygen(ephem_pub, ephem, msg, keys) @@ -323,7 +322,7 @@ mod tests { #[test] fn simple() -> Result<()> { use crate::crypto::handshake::{ClientHandshake, ServerHandshake}; - let mut rng = testing_rng().rng_compat(); + let mut rng = testing_rng(); let relay_secret = StaticSecret::new(&mut rng); let relay_public = PublicKey::from(&relay_secret); let relay_identity = RsaIdentity::from_bytes(&[12; 20]).unwrap(); @@ -353,7 +352,7 @@ mod tests { fn make_fake_ephem_key(bytes: &[u8]) -> EphemeralSecret { assert_eq!(bytes.len(), 32); - let mut rng = FakePRNG::new(bytes).rng_compat(); + let mut rng = FakePRNG::new(bytes); EphemeralSecret::new(&mut rng) } @@ -405,7 +404,7 @@ mod tests { #[test] fn failing_handshakes() { use crate::crypto::handshake::{ClientHandshake, ServerHandshake}; - let mut rng = testing_rng().rng_compat(); + let mut rng = testing_rng(); // Set up keys. let relay_secret = StaticSecret::new(&mut rng); diff --git a/maint/downgrade_dependencies b/maint/downgrade_dependencies index 120127ebb..33ba6cb37 100755 --- a/maint/downgrade_dependencies +++ b/maint/downgrade_dependencies @@ -16,5 +16,5 @@ set -euo pipefail cargo +nightly update -Z minimal-versions cargo update \ -p crc32fast \ - -p zeroize_derive:1.1.1 \ + -p zeroize_derive:1.3.2 \ -p env_logger:0.5.0