From f57839379ab1267f8090f053ada71487d11255ad Mon Sep 17 00:00:00 2001 From: topjohnwu Date: Wed, 3 Apr 2024 15:40:03 -0500 Subject: [PATCH] Update RustCrypto dependencies --- native/src/Cargo.lock | 169 ++++++++++++++++++------------------- native/src/Cargo.toml | 35 +++++--- native/src/boot/Cargo.toml | 3 +- native/src/boot/sign.rs | 12 +-- 4 files changed, 112 insertions(+), 107 deletions(-) diff --git a/native/src/Cargo.lock b/native/src/Cargo.lock index 4efbb9ead..4b607856e 100644 --- a/native/src/Cargo.lock +++ b/native/src/Cargo.lock @@ -101,11 +101,11 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" [[package]] name = "block-buffer" -version = "0.10.4" +version = "0.11.0-pre.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" +checksum = "3ded684142010808eb980d9974ef794da2bcf97d13396143b1515e9f0fb4a10e" dependencies = [ - "generic-array", + "crypto-common", ] [[package]] @@ -173,9 +173,9 @@ dependencies = [ [[package]] name = "const-oid" -version = "0.9.6" +version = "0.10.0-pre.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" +checksum = "f7e3352a27098ba6b09546e5f13b15165e6a88b5c2723afecb3ea9576b27e3ea" [[package]] name = "const_format" @@ -208,11 +208,12 @@ dependencies = [ [[package]] name = "crypto-bigint" -version = "0.5.5" +version = "0.6.0-pre.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0dc92fb57ca44df6db8059111ab3af99a63d5d0f8375d9972e319a379c6bab76" +checksum = "1943d7beadd9ce2b25f3bae73b9e9336fccc1edf38bdec1ed58d3aa183989e11" dependencies = [ - "generic-array", + "hybrid-array", + "num-traits", "rand_core", "subtle", "zeroize", @@ -220,12 +221,13 @@ dependencies = [ [[package]] name = "crypto-common" -version = "0.1.6" +version = "0.2.0-pre.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" +checksum = "b7aa2ec04f5120b830272a481e8d9d8ba4dda140d2cda59b0f1110d5eb93c38e" dependencies = [ - "generic-array", - "typenum", + "getrandom", + "hybrid-array", + "rand_core", ] [[package]] @@ -262,9 +264,9 @@ dependencies = [ [[package]] name = "der" -version = "0.7.8" +version = "0.8.0-pre.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fffa369a668c8af7dbf8b5e56c9f744fbd399949ed171606040001947de40b1c" +checksum = "b489fd2221710c1dd46637d66b984161fb66134f81437a8489800306bcc2ecea" dependencies = [ "const-oid", "der_derive", @@ -275,9 +277,9 @@ dependencies = [ [[package]] name = "der_derive" -version = "0.7.2" +version = "0.8.0-pre.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5fe87ce4529967e0ba1dcf8450bab64d97dfd5010a6256187ffe2e43e6f0e049" +checksum = "dd1ee9778ac378876dc78f546d2821fae40a1b69ec8d82f3745392d69ff89ce6" dependencies = [ "proc-macro2", "quote", @@ -286,9 +288,9 @@ dependencies = [ [[package]] name = "digest" -version = "0.10.7" +version = "0.11.0-pre.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" +checksum = "065d93ead7c220b85d5b4be4795d8398eac4ff68b5ee63895de0a3c1fb6edf25" dependencies = [ "block-buffer", "const-oid", @@ -298,9 +300,9 @@ dependencies = [ [[package]] name = "ecdsa" -version = "0.16.9" +version = "0.17.0-pre.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ee27f32b5c5292967d2d4a9d7f1e0b0aed2c15daded5a60300e4abb9d8020bca" +checksum = "d7e045ee5c360512162782f3d4cb07d2f4ce8c4ef9bf7c77ec16d1cf60b3d5ca" dependencies = [ "der", "digest", @@ -312,17 +314,17 @@ dependencies = [ [[package]] name = "elliptic-curve" -version = "0.13.8" +version = "0.14.0-pre.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b5e6043086bf7973472e0c7dff2142ea0b680d30e18d9cc40f267efbf222bd47" +checksum = "4a1775af172997a40c14854c3a9fde9e03e5772084b334b6a0bb18bf7f93ac16" dependencies = [ "base16ct", "crypto-bigint", "digest", "ff", - "generic-array", "group", "hkdf", + "hybrid-array", "pem-rfc7468", "pkcs8", "rand_core", @@ -366,17 +368,6 @@ version = "0.4.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cdeb3aa5e95cf9aabc17f060cfa0ced7b83f042390760ca53bf09df9968acaa1" -[[package]] -name = "generic-array" -version = "0.14.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" -dependencies = [ - "typenum", - "version_check", - "zeroize", -] - [[package]] name = "getrandom" version = "0.2.12" @@ -410,18 +401,18 @@ dependencies = [ [[package]] name = "hkdf" -version = "0.12.4" +version = "0.13.0-pre.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b5f8eb2ad728638ea2c7d47a21db23b7b58a72ed6a38256b8a1849f15fbbdf7" +checksum = "fd5d615ab5c462f96c309b3a00b19f373025a4981312f717f9df5bbd0201530c" dependencies = [ "hmac", ] [[package]] name = "hmac" -version = "0.12.1" +version = "0.13.0-pre.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" +checksum = "ffd790a0795ee332ed3e8959e5b177beb70d7112eb7d345428ec17427897d5ce" dependencies = [ "digest", ] @@ -435,6 +426,16 @@ dependencies = [ "quick-error", ] +[[package]] +name = "hybrid-array" +version = "0.2.0-rc.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "53668f5da5a41d9eaf4bf7064be46d1ebe6a4e1ceed817f387587b18f2b51047" +dependencies = [ + "typenum", + "zeroize", +] + [[package]] name = "lazy_static" version = "1.4.0" @@ -488,7 +489,6 @@ dependencies = [ "cxx-gen", "der", "digest", - "ecdsa", "fdt", "num-traits", "p256", @@ -524,9 +524,9 @@ dependencies = [ [[package]] name = "memchr" -version = "2.7.1" +version = "2.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "523dc4f511e55ab87b694dc30d0f820d60906ef06413f93d4d7a1385599cc149" +checksum = "6c8640c5d730cb13ebd907d8d04b52f55ac9a2eec55b440c8892f40d56c76c1d" [[package]] name = "minimal-lexical" @@ -604,9 +604,8 @@ dependencies = [ [[package]] name = "p256" -version = "0.13.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c9863ad85fa8f4460f9c48cb909d38a0d689dba1f6f6988a5e3e0d31071bcd4b" +version = "0.14.0-pre.0" +source = "git+https://github.com/RustCrypto/elliptic-curves.git?rev=5d1c252c2defb5808f55329f3e2955ca72d7f8b5#5d1c252c2defb5808f55329f3e2955ca72d7f8b5" dependencies = [ "ecdsa", "elliptic-curve", @@ -616,9 +615,8 @@ dependencies = [ [[package]] name = "p384" -version = "0.13.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "70786f51bcc69f6a4c0360e063a4cac5419ef7c5cd5b3c99ad70f3be5ba79209" +version = "0.14.0-pre" +source = "git+https://github.com/RustCrypto/elliptic-curves.git?rev=5d1c252c2defb5808f55329f3e2955ca72d7f8b5#5d1c252c2defb5808f55329f3e2955ca72d7f8b5" dependencies = [ "ecdsa", "elliptic-curve", @@ -628,13 +626,13 @@ dependencies = [ [[package]] name = "p521" -version = "0.13.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0fc9e2161f1f215afdfce23677034ae137bbd45016a880c2eb3ba8eb95f085b2" +version = "0.14.0-pre" +source = "git+https://github.com/RustCrypto/elliptic-curves.git?rev=5d1c252c2defb5808f55329f3e2955ca72d7f8b5#5d1c252c2defb5808f55329f3e2955ca72d7f8b5" dependencies = [ "base16ct", "ecdsa", "elliptic-curve", + "primefield", "primeorder", "rand_core", "sha2", @@ -653,18 +651,18 @@ dependencies = [ [[package]] name = "pem-rfc7468" -version = "0.7.0" +version = "1.0.0-pre.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412" +checksum = "76a65e1c27d1680f8805b3f8c9949f08d6aa5d6cbd088c9896e64a53821dc27d" dependencies = [ "base64ct", ] [[package]] name = "pkcs1" -version = "0.7.5" +version = "0.8.0-pre.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8ffb9f10fa047879315e6625af03c164b16962a5368d724ed16323b68ace47f" +checksum = "4f6af6e88ac39402f67488e22faa9eb15cf065f520cf4a09419393691a6d0133" dependencies = [ "der", "pkcs8", @@ -673,9 +671,9 @@ dependencies = [ [[package]] name = "pkcs8" -version = "0.10.2" +version = "0.11.0-pre.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7" +checksum = "935c09e0aecb0cb8f8907b57438b19a068cb74a25189b06724f061170b2465ff" dependencies = [ "der", "spki", @@ -687,11 +685,15 @@ version = "0.2.17" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" +[[package]] +name = "primefield" +version = "0.14.0-pre" +source = "git+https://github.com/RustCrypto/elliptic-curves.git?rev=5d1c252c2defb5808f55329f3e2955ca72d7f8b5#5d1c252c2defb5808f55329f3e2955ca72d7f8b5" + [[package]] name = "primeorder" -version = "0.13.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "353e1ca18966c16d9deb1c69278edbc5f194139612772bd9537af60ac231e1e6" +version = "0.14.0-pre.0" +source = "git+https://github.com/RustCrypto/elliptic-curves.git?rev=5d1c252c2defb5808f55329f3e2955ca72d7f8b5#5d1c252c2defb5808f55329f3e2955ca72d7f8b5" dependencies = [ "elliptic-curve", ] @@ -782,15 +784,15 @@ dependencies = [ [[package]] name = "regex-syntax" -version = "0.8.2" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f" +checksum = "adad44e29e4c806119491a7f06f03de4d1af22c3a680dd47f1e6e179439d1f56" [[package]] name = "rfc6979" -version = "0.4.0" +version = "0.5.0-pre.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f8dd2a808d456c4a54e300a23e9f5a67e122c3024119acbfd73e3bf664491cb2" +checksum = "045972f2f66b9467a2f6834b7fd0f9b23ca214b4a8700b880c36edb726e96da6" dependencies = [ "hmac", "subtle", @@ -798,9 +800,9 @@ dependencies = [ [[package]] name = "rsa" -version = "0.9.6" +version = "0.10.0-pre.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d0e5124fcb30e76a7e79bfee683a2746db83784b86289f6251b54b7950a0dfc" +checksum = "43e0089f12e510517c97e1adc17d0f8374efbabdd021dfb7645d6619f85633e9" dependencies = [ "const-oid", "digest", @@ -819,13 +821,13 @@ dependencies = [ [[package]] name = "sec1" -version = "0.7.3" +version = "0.8.0-pre.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3e97a565f76233a6003f9f5c54be1d9c5bdfa3eccfb189469f11ec4901c47dc" +checksum = "02dc081ed777a3bab68583b52ffb8221677b6e90d483b320963a247e2c07f328" dependencies = [ "base16ct", "der", - "generic-array", + "hybrid-array", "pkcs8", "subtle", "zeroize", @@ -853,9 +855,9 @@ dependencies = [ [[package]] name = "sha1" -version = "0.10.6" +version = "0.11.0-pre.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba" +checksum = "3885de8cb916f223718c1ccd47a840b91f806333e76002dc5cb3862154b4fed3" dependencies = [ "cfg-if", "cpufeatures", @@ -864,9 +866,9 @@ dependencies = [ [[package]] name = "sha2" -version = "0.10.8" +version = "0.11.0-pre.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" +checksum = "8f33549bf3064b62478926aa89cbfc7c109aab66ae8f0d5d2ef839e482cc30d6" dependencies = [ "cfg-if", "cpufeatures", @@ -875,9 +877,9 @@ dependencies = [ [[package]] name = "signature" -version = "2.2.0" +version = "2.3.0-pre.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" +checksum = "1700c22ba9ce32c7b0a1495068a906c3552e7db386af7cf865162e0dea498523" dependencies = [ "digest", "rand_core", @@ -903,9 +905,9 @@ checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" [[package]] name = "spki" -version = "0.7.3" +version = "0.8.0-pre.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d" +checksum = "cb2b56670f5ef52934c97efad30bf42585de0c33ec3e2a886e38b80d2db67243" dependencies = [ "base64ct", "der", @@ -925,9 +927,9 @@ checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc" [[package]] name = "syn" -version = "2.0.55" +version = "2.0.58" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "002a1b3dbf967edfafc32655d0f377ab0bb7b994aa1d32c8cc7e9b8bf3ebb8f0" +checksum = "44cfb93f38070beee36b3fef7d4f5a16f27751d94b187b666a5cc5e9b0d30687" dependencies = [ "proc-macro2", "quote", @@ -1023,12 +1025,6 @@ version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f1bddf1187be692e79c5ffeab891132dfb0f236ed36a43c7ed39f1165ee20191" -[[package]] -name = "version_check" -version = "0.9.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" - [[package]] name = "wasi" version = "0.11.0+wasi-snapshot-preview1" @@ -1068,9 +1064,8 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "x509-cert" -version = "0.2.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1301e935010a701ae5f8655edc0ad17c44bad3ac5ce8c39185f75453b720ae94" +version = "0.3.0-pre" +source = "git+https://github.com/RustCrypto/formats.git?rev=809df65b20d61e88afb7f514b5cfdd3d1958a40f#809df65b20d61e88afb7f514b5cfdd3d1958a40f" dependencies = [ "const-oid", "der", diff --git a/native/src/Cargo.toml b/native/src/Cargo.toml index f6654269c..45dc82256 100644 --- a/native/src/Cargo.toml +++ b/native/src/Cargo.toml @@ -13,16 +13,15 @@ num-derive = "0.4" thiserror = "1.0" byteorder = "1" size = "0.4" -sha1 = "0.10" -sha2 = "0.10" -digest = "0.10" -p256 = "0.13" -p384 = "0.13" -p521 = "0.13" -ecdsa = "0.16" -rsa = "0.9" -x509-cert = "0.2" -der = "0.7" +sha1 = "0.11.0-pre.3" +sha2 = "=0.11.0-pre.3" +digest = "0.11.0-pre.8" +#p256 = "0.14" +#p384 = "0.14" +#p521 = "0.14" +rsa = "0.10.0-pre.1" +#x509-cert = "0.3" +der = "0.8.0-pre.0" bytemuck = "1.14" fdt = "0.1" const_format = "0.2" @@ -40,6 +39,22 @@ rev = "2f37d5a65504de7d716b5b28fd82219501a901a9" git = "https://github.com/tafia/quick-protobuf.git" rev = "2f37d5a65504de7d716b5b28fd82219501a901a9" +[workspace.dependencies.p256] +git = "https://github.com/RustCrypto/elliptic-curves.git" +rev = "5d1c252c2defb5808f55329f3e2955ca72d7f8b5" + +[workspace.dependencies.p384] +git = "https://github.com/RustCrypto/elliptic-curves.git" +rev = "5d1c252c2defb5808f55329f3e2955ca72d7f8b5" + +[workspace.dependencies.p521] +git = "https://github.com/RustCrypto/elliptic-curves.git" +rev = "5d1c252c2defb5808f55329f3e2955ca72d7f8b5" + +[workspace.dependencies.x509-cert] +git = "https://github.com/RustCrypto/formats.git" +rev = "809df65b20d61e88afb7f514b5cfdd3d1958a40f" + [profile.dev] opt-level = "z" lto = true diff --git a/native/src/boot/Cargo.toml b/native/src/boot/Cargo.toml index f36f97402..e3e0d3005 100644 --- a/native/src/boot/Cargo.toml +++ b/native/src/boot/Cargo.toml @@ -24,10 +24,9 @@ digest = { workspace = true } p256 = { workspace = true } p384 = { workspace = true } p521 = { workspace = true } -ecdsa = { workspace = true } rsa = { workspace = true, features = ["sha2"] } x509-cert = { workspace = true } -der = { workspace = true, features = ["derive"] } +der = { workspace = true, features = ["derive", "pem"] } fdt = { workspace = true } bytemuck = { workspace = true, features = ["derive", "min_const_generics"] } num-traits = { workspace = true } diff --git a/native/src/boot/sign.rs b/native/src/boot/sign.rs index 2b9386957..cec029b36 100644 --- a/native/src/boot/sign.rs +++ b/native/src/boot/sign.rs @@ -1,7 +1,6 @@ use der::referenced::OwnedToRef; use der::{Decode, DecodePem, Encode, Sequence, SliceReader}; use digest::DynDigest; -use ecdsa; use p256::ecdsa::{ Signature as P256Signature, SigningKey as P256SigningKey, VerifyingKey as P256VerifyingKey, }; @@ -9,9 +8,8 @@ use p256::pkcs8::DecodePrivateKey; use p384::ecdsa::{ Signature as P384Signature, SigningKey as P384SigningKey, VerifyingKey as P384VerifyingKey, }; -use p521::{ - ecdsa::{Signature as P521Signature, SigningKey as P521SigningKey}, - NistP521, +use p521::ecdsa::{ + Signature as P521Signature, SigningKey as P521SigningKey, VerifyingKey as P521VerifyingKey, }; use rsa::pkcs1v15::{ Signature as RsaSignature, SigningKey as RsaSigningKey, VerifyingKey as RsaVerifyingKey, @@ -32,8 +30,6 @@ use base::{log_err, LoggedResult, MappedFile, ResultExt, StrErr, Utf8CStr}; use crate::ffi::BootImage; -type P521VerifyingKey = ecdsa::VerifyingKey; - #[allow(clippy::upper_case_acronyms)] pub enum SHA { SHA1(Sha1), @@ -170,9 +166,9 @@ impl Signer { } else if let Ok(ec) = P384SigningKey::from_pkcs8_der(key) { digest = Box::::default(); SigningKey::SHA384withECDSA(ec) - } else if let Ok(ec) = ecdsa::SigningKey::::from_pkcs8_der(key) { + } else if let Ok(ec) = P521SigningKey::from_pkcs8_der(key) { digest = Box::::default(); - SigningKey::SHA521withECDSA(P521SigningKey::from(ec)) + SigningKey::SHA521withECDSA(ec) } else { return Err(log_err!("Unsupported private key")); };