Update `rsa` dependency (and use `x25519-dalek` prerelease)

- arti#448 and arti!607 highlight an issue with upgrading `rsa`: namely,
  the `x25519-dalek` version previously used has a hard dependency on
  `zeroize` 1.3, which creates a dependency conflict.
- However, `x25519-dalek` version `2.0.0-pre.1` relaxes this dependency.
  Reviewing the changelogs, it doesn't look like that version is
  substantially different from the current one at all, so it should be
  safe to use despite the "prerelease" tag.
- The new `x25519-dalek` version also bumps `rand_core`, which means we
  don't have to use the RNG compat wrapper in `tor-llcrypto` as much.

closes arti#448

Cargo.lock

@@ -452,7 +452,7 @@ version = "0.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b88d82667eca772c4aa12f0f1348b3ae643424c8876448f3f7bd5787032e234c"
 dependencies = [
- "autocfg 1.1.0",
+ "autocfg",
 ]
 
 [[package]]
@@ -472,15 +472,6 @@ dependencies = [
  "winapi 0.3.9",
 ]
 
-[[package]]
-name = "autocfg"
-version = "0.1.8"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0dde43e75fd43e8a1bf86103336bc699aa8d17ad1be60c76c0bdfd4828e19b78"
-dependencies = [
- "autocfg 1.1.0",
-]
-
 [[package]]
 name = "autocfg"
 version = "1.1.0"
@@ -680,9 +671,9 @@ dependencies = [
 
 [[package]]
 name = "const-oid"
-version = "0.6.2"
+version = "0.7.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9d6f2aa4d0537bcc1c74df8755072bd31c1ef1a3a1b85a68e8404a8c353b7b8b"
+checksum = "e4c78c047431fee22c1a7bb92e00ad095a02a983affe4d8a72e2a2c62c1b94f3"
 
 [[package]]
 name = "convert_case"
@@ -756,12 +747,11 @@ dependencies = [
 
 [[package]]
 name = "crypto-bigint"
-version = "0.2.11"
+version = "0.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f83bd3bb4314701c568e340cd8cf78c975aa0ca79e03d3f6d1677d5b0c9c0c03"
+checksum = "03c6a1d5fa1de37e071642dfa44ec552ca5b299adb128fab16138e24b548fd21"
 dependencies = [
  "generic-array",
- "rand_core 0.6.3",
  "subtle",
 ]
 
@@ -806,9 +796,9 @@ dependencies = [
 
 [[package]]
 name = "curve25519-dalek"
-version = "3.2.1"
+version = "3.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "90f9d052967f590a76e62eb387bd0bbb1b000182c3cefe5364db6b7211651bc0"
+checksum = "0b9fdf9972b2bd6af2d913799d9ebc165ea4d2e65878e329d9c6b372c4491b61"
 dependencies = [
  "byteorder",
  "digest 0.9.0",
@@ -895,12 +885,13 @@ checksum = "3ee2393c4a91429dffb4bedf19f4d6abf27d8a732c8ce4980305d782e5426d57"
 
 [[package]]
 name = "der"
-version = "0.4.5"
+version = "0.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "79b71cca7d95d7681a4b3b9cdf63c8dbc3730d0584c2c74e31416d64a90493f4"
+checksum = "6919815d73839e7ad218de758883aae3a257ba6759ce7a9992501efbb53d705c"
 dependencies = [
  "const-oid",
  "crypto-bigint",
+ "pem-rfc7468",
 ]
 
 [[package]]
@@ -1792,7 +1783,7 @@ version = "0.4.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "327fa5b6a6940e4699ec49a9beae1ea4845c6bab9314e4f84ac68742139d8c53"
 dependencies = [
- "autocfg 1.1.0",
+ "autocfg",
  "scopeguard",
 ]
 
@@ -2041,18 +2032,17 @@ version = "0.4.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f93ab6289c7b344a8a9f60f88d80aa20032336fe78da341afc91c8a2341fc75f"
 dependencies = [
- "autocfg 1.1.0",
+ "autocfg",
  "num-integer",
  "num-traits",
 ]
 
 [[package]]
 name = "num-bigint-dig"
-version = "0.7.0"
+version = "0.8.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4547ee5541c18742396ae2c895d0717d0f886d8823b8399cdaf7b07d63ad0480"
+checksum = "566d173b2f9406afbc5510a90925d5a2cd80cae4605631f1212303df265de011"
 dependencies = [
- "autocfg 0.1.8",
  "byteorder",
  "lazy_static",
  "libm",
@@ -2079,7 +2069,7 @@ version = "0.1.45"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9"
 dependencies = [
- "autocfg 1.1.0",
+ "autocfg",
  "num-traits",
 ]
 
@@ -2089,7 +2079,7 @@ version = "0.1.43"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7d03e6c028c5dc5cac6e2dec0efda81fc887605bb3d884578bb6d6bf7514e252"
 dependencies = [
- "autocfg 1.1.0",
+ "autocfg",
  "num-integer",
  "num-traits",
 ]
@@ -2100,7 +2090,7 @@ version = "0.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0638a1c9d0a3c0914158145bc76cff373a75a627e6ecbfb71cbe6f453a5a19b0"
 dependencies = [
- "autocfg 1.1.0",
+ "autocfg",
  "num-integer",
  "num-traits",
 ]
@@ -2111,7 +2101,7 @@ version = "0.2.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd"
 dependencies = [
- "autocfg 1.1.0",
+ "autocfg",
  "libm",
 ]
 
@@ -2202,7 +2192,7 @@ version = "0.9.74"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "835363342df5fba8354c5b453325b110ffd54044e588c539cf2f20a8014e4cb1"
 dependencies = [
- "autocfg 1.1.0",
+ "autocfg",
  "cc",
  "libc",
  "openssl-src",
@@ -2289,9 +2279,9 @@ dependencies = [
 
 [[package]]
 name = "pem-rfc7468"
-version = "0.2.3"
+version = "0.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8f22eb0e3c593294a99e9ff4b24cf6b752d43f193aa4415fe5077c159996d497"
+checksum = "01de5d978f34aa4b2296576379fcc416034702fd94117c56ffd8a1a767cefb30"
 dependencies = [
  "base64ct",
 ]
@@ -2380,24 +2370,22 @@ checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184"
 
 [[package]]
 name = "pkcs1"
-version = "0.2.4"
+version = "0.3.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "116bee8279d783c0cf370efa1a94632f2108e5ef0bb32df31f051647810a4e2c"
+checksum = "a78f66c04ccc83dd4486fd46c33896f4e17b24a7a3a6400dedc48ed0ddd72320"
 dependencies = [
  "der",
- "pem-rfc7468",
+ "pkcs8",
  "zeroize",
 ]
 
 [[package]]
 name = "pkcs8"
-version = "0.7.6"
+version = "0.8.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ee3ef9b64d26bad0536099c816c6734379e45bbd5f14798def6809e5cc350447"
+checksum = "7cabda3fb821068a9a4fab19a683eac3af12edf0f34b94a8be53c4972b8149d0"
 dependencies = [
  "der",
- "pem-rfc7468",
- "pkcs1",
  "spki",
  "zeroize",
 ]
@@ -2699,20 +2687,20 @@ dependencies = [
 
 [[package]]
 name = "rsa"
-version = "0.5.0"
+version = "0.6.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e05c2603e2823634ab331437001b411b9ed11660fbc4066f3908c84a9439260d"
+checksum = "4cf22754c49613d2b3b119f0e5d46e34a2c628a937e3024b8762de4e7d8c710b"
 dependencies = [
  "byteorder",
- "digest 0.9.0",
- "lazy_static",
+ "digest 0.10.3",
  "num-bigint-dig",
  "num-integer",
  "num-iter",
  "num-traits",
  "pkcs1",
  "pkcs8",
- "rand 0.8.5",
+ "rand_core 0.6.3",
+ "smallvec",
  "subtle",
  "zeroize",
 ]
@@ -3113,10 +3101,11 @@ checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d"
 
 [[package]]
 name = "spki"
-version = "0.4.1"
+version = "0.5.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5c01a0c15da1b0b0e1494112e7af814a678fec9bd157881b49beac661e9b6f32"
+checksum = "44d01ac02a6ccf3e07db148d2be087da624fea0221a16152ed01f0496a6b0a27"
 dependencies = [
+ "base64ct",
  "der",
 ]
 
@@ -4499,12 +4488,12 @@ dependencies = [
 
 [[package]]
 name = "x25519-dalek"
-version = "1.2.0"
+version = "2.0.0-pre.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2392b6b94a576b4e2bf3c5b2757d63f10ada8020a2e4d08ac849ebcf6ea8e077"
+checksum = "e5da623d8af10a62342bcbbb230e33e58a63255a58012f8653c578e54bab48df"
 dependencies = [
  "curve25519-dalek",
- "rand_core 0.5.1",
+ "rand_core 0.6.3",
  "zeroize",
 ]
 
@@ -4529,9 +4518,9 @@ dependencies = [
 
 [[package]]
 name = "zeroize"
-version = "1.3.0"
+version = "1.5.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4756f7db3f7b5574938c3eb1c117038b8e07f95ee6718c0efad4ac21508f1efd"
+checksum = "20b578acffd8516a6c3f2a1bdefc1ec37e547bb4e0fb8b6b01a4cafc886b4442"
 dependencies = [
  "zeroize_derive",
 ]

crates/tor-llcrypto/Cargo.toml

@@ -35,7 +35,7 @@ hex = "0.4"
 old_rand_core = { package = "rand_core", version = "0.5.1" }
 openssl = { version = "0.10.30", optional = true }
 rand_core = "0.6.2"
-rsa = "0.5.0"
+rsa = "0.6.0"
 serde = "1.0.103"
 sha-1 = "0.10.0"
 sha2 = "0.10.0"
@@ -45,7 +45,7 @@ simple_asn1 = "0.6"
 subtle = "2"
 thiserror = "1"
 typenum = { version = "1.15.0", optional = true }
-x25519-dalek = "1.2"
+x25519-dalek = "2.0.0-pre.1"
 zeroize = "1"
 
 [dev-dependencies]

crates/tor-llcrypto/src/pk/rsa.rs

@@ -16,7 +16,7 @@
 //! This module should expose RustCrypto trait-based wrappers,
 //! but the [`rsa`] crate didn't support them as of initial writing.
 use arrayref::array_ref;
-use rsa::pkcs1::{FromRsaPrivateKey, FromRsaPublicKey};
+use rsa::pkcs1::{DecodeRsaPrivateKey, DecodeRsaPublicKey};
 use std::fmt;
 use subtle::{Choice, ConstantTimeEq};
 use zeroize::Zeroize;

crates/tor-llcrypto/src/util/rand_compat.rs

@@ -8,29 +8,32 @@
 //!
 //! # Example:
 //!
-//! As of May 2021, if you're using the current version of
-//! [`x25519-dalek`], and the latest [`rand_core`], then you can't use
+//! As of July 2022, if you're using the current version of
+//! [`ed25519-dalek`], and the latest [`rand_core`], then you can't use
 //! this code, because of the compatibility issue mentioned above.
 //!
 //! ```compile_fail
 //! use rand_core::OsRng;
-//! use x25519_dalek::EphemeralSecret;
+//! use ed25519_dalek::Keypair;
 //!
-//! let my_secret = EphemeralSecret::new(OsRng);
+//! let keypair = Keypair::generate(&mut OsRng);
 //! ```
 //!
+//! (This used to be a problem for `x25519-dalek` too, but that crate has
+//! been updated to a version that doesn't have this problem.)
+//!
 //! But instead, you can wrap the random number generator using the
 //! [`RngCompatExt`] extension trait.
 //!
 //! ```
 //! use tor_llcrypto::util::rand_compat::RngCompatExt;
 //! use rand_core::OsRng;
-//! use x25519_dalek::EphemeralSecret;
+//! use ed25519_dalek::Keypair;
 //!
-//! let my_secret = EphemeralSecret::new(OsRng.rng_compat());
+//! let keypair = Keypair::generate(&mut OsRng.rng_compat());
 //! ```
 //!
-//! The wrapped RNG can be used with the old version of the RngCode
+//! The wrapped RNG can be used with the old version of the RngCore
 //! trait, as well as the new one.
 
 use old_rand_core::{CryptoRng as OldCryptoRng, Error as OldError, RngCore as OldRngCore};

crates/tor-proto/src/crypto/handshake/ntor.rs

@@ -7,7 +7,6 @@ use tor_bytes::{Reader, Writer};
 use tor_llcrypto::d;
 use tor_llcrypto::pk::curve25519::*;
 use tor_llcrypto::pk::rsa::RsaIdentity;
-use tor_llcrypto::util::rand_compat::RngCompatExt;
 
 use digest::Mac;
 use rand_core::{CryptoRng, RngCore};
@@ -134,7 +133,7 @@ fn client_handshake_ntor_v1<R>(
 where
     R: RngCore + CryptoRng,
 {
-    let my_sk = StaticSecret::new(rng.rng_compat());
+    let my_sk = StaticSecret::new(rng);
     let my_public = PublicKey::from(&my_sk);
 
     client_handshake_ntor_v1_no_keygen(my_public, my_sk, relay_public)
@@ -262,7 +261,7 @@ where
     // actually going to find our nodeid or keyid. Perhaps we should
     // delay that till later?  It shouldn't matter for most cases,
     // though.
-    let ephem = EphemeralSecret::new(rng.rng_compat());
+    let ephem = EphemeralSecret::new(rng);
     let ephem_pub = PublicKey::from(&ephem);
 
     server_handshake_ntor_v1_no_keygen(ephem_pub, ephem, msg, keys)
@@ -323,7 +322,7 @@ mod tests {
     #[test]
     fn simple() -> Result<()> {
         use crate::crypto::handshake::{ClientHandshake, ServerHandshake};
-        let mut rng = testing_rng().rng_compat();
+        let mut rng = testing_rng();
         let relay_secret = StaticSecret::new(&mut rng);
         let relay_public = PublicKey::from(&relay_secret);
         let relay_identity = RsaIdentity::from_bytes(&[12; 20]).unwrap();
@@ -353,7 +352,7 @@ mod tests {
 
     fn make_fake_ephem_key(bytes: &[u8]) -> EphemeralSecret {
         assert_eq!(bytes.len(), 32);
-        let mut rng = FakePRNG::new(bytes).rng_compat();
+        let mut rng = FakePRNG::new(bytes);
         EphemeralSecret::new(&mut rng)
     }
 
@@ -405,7 +404,7 @@ mod tests {
     #[test]
     fn failing_handshakes() {
         use crate::crypto::handshake::{ClientHandshake, ServerHandshake};
-        let mut rng = testing_rng().rng_compat();
+        let mut rng = testing_rng();
 
         // Set up keys.
         let relay_secret = StaticSecret::new(&mut rng);

maint/downgrade_dependencies

@@ -16,5 +16,5 @@ set -euo pipefail
 cargo +nightly update -Z minimal-versions
 cargo update \
       -p crc32fast \
-      -p zeroize_derive:1.1.1 \
+      -p zeroize_derive:1.3.2 \
       -p env_logger:0.5.0