diff options
author | Wiktor Kwapisiewicz <wiktor@metacode.biz> | 2023-09-01 11:32:53 +0200 |
---|---|---|
committer | Wiktor Kwapisiewicz <wiktor@metacode.biz> | 2023-09-03 12:43:41 +0200 |
commit | bad1de3de03a519009bd2d77844452971b620fa5 (patch) | |
tree | 3031a60835324fc63360397c3c5d9a4c8fc9c680 | |
parent | bedff19babee71325e5c2be695a468df90892780 (diff) |
WIP: Upgrade dalekwiktor/upgrade-dalek
-rw-r--r-- | Cargo.lock | 226 | ||||
-rw-r--r-- | openpgp/Cargo.toml | 14 | ||||
-rw-r--r-- | openpgp/src/crypto/backend/cng/asymmetric.rs | 48 | ||||
-rw-r--r-- | openpgp/src/crypto/backend/rust.rs | 4 | ||||
-rw-r--r-- | openpgp/src/crypto/backend/rust/asymmetric.rs | 59 | ||||
-rw-r--r-- | openpgp/src/crypto/mem.rs | 12 |
6 files changed, 166 insertions, 197 deletions
@@ -171,15 +171,6 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" [[package]] name = "block-buffer" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" -dependencies = [ - "generic-array", -] - -[[package]] -name = "block-buffer" version = "0.10.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" @@ -592,7 +583,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cf4c2f4e1afd912bc40bfd6fed5d9dc1f288e0ba01bfcc835cc5bc3eb13efe15" dependencies = [ "generic-array", - "rand_core 0.6.4", + "rand_core", "subtle", "zeroize", ] @@ -604,7 +595,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" dependencies = [ "generic-array", - "rand_core 0.6.4", + "rand_core", "typenum", ] @@ -629,18 +620,33 @@ dependencies = [ [[package]] name = "curve25519-dalek" -version = "3.2.0" +version = "4.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b9fdf9972b2bd6af2d913799d9ebc165ea4d2e65878e329d9c6b372c4491b61" +checksum = "f711ade317dd348950a9910f81c5947e3d8907ebd2b83f76203ff1807e6a2bc2" dependencies = [ - "byteorder", - "digest 0.9.0", - "rand_core 0.5.1", + "cfg-if", + "cpufeatures", + "curve25519-dalek-derive", + "digest 0.10.6", + "fiat-crypto", + "platforms", + "rustc_version", "subtle", "zeroize", ] [[package]] +name = "curve25519-dalek-derive" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "83fdaf97f4804dcebfa5862639bc9ce4121e82140bec2a987ac5140294865b5b" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.16", +] + +[[package]] name = "curve25519-dalek-ng" version = "4.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -648,7 +654,7 @@ checksum = "1c359b7249347e46fb28804470d071c921156ad62b3eef5d34e2ba867533dec8" dependencies = [ "byteorder", "digest 0.9.0", - "rand_core 0.6.4", + "rand_core", "subtle-ng", "zeroize", ] @@ -719,7 +725,7 @@ version = "0.10.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f" dependencies = [ - "block-buffer 0.10.4", + "block-buffer", "const-oid", "crypto-common", "subtle", @@ -783,7 +789,7 @@ dependencies = [ "num-traits", "pkcs8 0.9.0", "rfc6979 0.3.1", - "sha2 0.10.6", + "sha2", "signature 2.0.0", "zeroize", ] @@ -840,15 +846,26 @@ dependencies = [ ] [[package]] +name = "ed25519" +version = "2.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "60f6d271ca33075c88028be6f04d502853d63a5ece419d269c15315d4fc1cf1d" +dependencies = [ + "pkcs8 0.10.2", + "signature 2.0.0", +] + +[[package]] name = "ed25519-dalek" -version = "1.0.1" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c762bae6dcaf24c4c84667b8579785430908723d5c889f469d76a41d59cc7a9d" +checksum = "7277392b266383ef8396db7fdeb1e77b6c52fed775f5df15bb24f35b72156980" dependencies = [ "curve25519-dalek", - "ed25519", - "rand 0.7.3", - "sha2 0.9.9", + "ed25519 2.2.2", + "rand_core", + "serde", + "sha2", "zeroize", ] @@ -873,7 +890,7 @@ dependencies = [ "hkdf", "pem-rfc7468", "pkcs8 0.10.2", - "rand_core 0.6.4", + "rand_core", "sec1", "subtle", "zeroize", @@ -942,11 +959,17 @@ version = "0.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449" dependencies = [ - "rand_core 0.6.4", + "rand_core", "subtle", ] [[package]] +name = "fiat-crypto" +version = "0.1.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e825f6987101665dea6ec934c09ec6d721de7bc1bf92248e1d5810c8cd636b77" + +[[package]] name = "fixedbitset" version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1104,19 +1127,6 @@ dependencies = [ [[package]] name = "getrandom" -version = "0.1.16" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8fc3cb4d91f53b50155bdcfd23f6a4c39ae1969c2ae85982b135750cccaf5fce" -dependencies = [ - "cfg-if", - "js-sys", - "libc", - "wasi 0.9.0+wasi-snapshot-preview1", - "wasm-bindgen", -] - -[[package]] -name = "getrandom" version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c85e1d9ab2eadba7e5040d4e09cbd6d072b76a557ad64e797c2cb9d4da21d7e4" @@ -1124,7 +1134,7 @@ dependencies = [ "cfg-if", "js-sys", "libc", - "wasi 0.11.0+wasi-snapshot-preview1", + "wasi", "wasm-bindgen", ] @@ -1151,7 +1161,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" dependencies = [ "ff", - "rand_core 0.6.4", + "rand_core", "subtle", ] @@ -1633,7 +1643,7 @@ checksum = "5b9d9a46eff5b4ff64b45a9e316a6d1e0bc719ef429cbec4dc630684212bfdf9" dependencies = [ "libc", "log", - "wasi 0.11.0+wasi-snapshot-preview1", + "wasi", "windows-sys 0.45.0", ] @@ -1661,7 +1671,7 @@ version = "7.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b9fdccf3eae7b161910d2daa2f0155ca35041322e8fe5c5f1f2c9d0b12356336" dependencies = [ - "getrandom 0.2.9", + "getrandom", "libc", "nettle-sys", "thiserror", @@ -1719,7 +1729,7 @@ dependencies = [ "num-integer", "num-iter", "num-traits", - "rand 0.8.5", + "rand", "smallvec", "zeroize", ] @@ -1842,7 +1852,7 @@ dependencies = [ "ecdsa", "elliptic-curve", "primeorder", - "sha2 0.10.6", + "sha2", ] [[package]] @@ -1958,6 +1968,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964" [[package]] +name = "platforms" +version = "3.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4503fa043bf02cee09a9582e9554b4c6403b2ef55e4612e96561d294419429f8" + +[[package]] name = "plotters" version = "0.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2039,7 +2055,7 @@ version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "588f6378e4dd99458b60ec275b4477add41ce4fa9f64dcba6f15adccb19b50d6" dependencies = [ - "rand 0.8.5", + "rand", ] [[package]] @@ -2063,36 +2079,13 @@ dependencies = [ [[package]] name = "rand" -version = "0.7.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" -dependencies = [ - "getrandom 0.1.16", - "libc", - "rand_chacha 0.2.2", - "rand_core 0.5.1", - "rand_hc", -] - -[[package]] -name = "rand" version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" dependencies = [ "libc", - "rand_chacha 0.3.1", - "rand_core 0.6.4", -] - -[[package]] -name = "rand_chacha" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" -dependencies = [ - "ppv-lite86", - "rand_core 0.5.1", + "rand_chacha", + "rand_core", ] [[package]] @@ -2102,16 +2095,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" dependencies = [ "ppv-lite86", - "rand_core 0.6.4", -] - -[[package]] -name = "rand_core" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" -dependencies = [ - "getrandom 0.1.16", + "rand_core", ] [[package]] @@ -2120,16 +2104,7 @@ version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" dependencies = [ - "getrandom 0.2.9", -] - -[[package]] -name = "rand_hc" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" -dependencies = [ - "rand_core 0.5.1", + "getrandom", ] [[package]] @@ -2178,7 +2153,7 @@ version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b033d837a7cf162d7993aded9304e30a83213c648b6e389db233191f891e5c2b" dependencies = [ - "getrandom 0.2.9", + "getrandom", "redox_syscall 0.2.16", "thiserror", ] @@ -2273,7 +2248,7 @@ dependencies = [ "num-traits", "pkcs1", "pkcs8 0.10.2", - "rand_core 0.6.4", + "rand_core", "signature 2.0.0", "spki 0.7.2", "subtle", @@ -2287,6 +2262,15 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" [[package]] +name = "rustc_version" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366" +dependencies = [ + "semver", +] + +[[package]] name = "rustix" version = "0.37.19" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2374,6 +2358,12 @@ dependencies = [ ] [[package]] +name = "semver" +version = "1.0.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0293b4b29daaf487284529cc2f5675b8e57c61f70167ba415a463651fd6a918" + +[[package]] name = "sequoia-autocrypt" version = "0.25.1" dependencies = [ @@ -2408,7 +2398,7 @@ dependencies = [ "libc", "memsec", "quickcheck", - "rand 0.8.5", + "rand", "sequoia-openpgp", "socket2", "tempfile", @@ -2431,7 +2421,7 @@ dependencies = [ "libc", "native-tls", "percent-encoding", - "rand 0.8.5", + "rand", "sequoia-openpgp", "tempfile", "thiserror", @@ -2468,11 +2458,11 @@ dependencies = [ "eax", "ecb", "ecdsa", - "ed25519", + "ed25519 1.5.3", "ed25519-dalek", "flate2", "generic-array", - "getrandom 0.2.9", + "getrandom", "idea", "idna 0.3.0", "lalrpop", @@ -2488,9 +2478,8 @@ dependencies = [ "openssl-sys", "p256", "quickcheck", - "rand 0.7.3", - "rand 0.8.5", - "rand_core 0.6.4", + "rand", + "rand_core", "regex", "regex-syntax 0.6.29", "ripemd", @@ -2498,7 +2487,7 @@ dependencies = [ "rsa", "sha-1", "sha1collisiondetection", - "sha2 0.10.6", + "sha2", "thiserror", "twofish", "typenum", @@ -2562,19 +2551,6 @@ dependencies = [ [[package]] name = "sha2" -version = "0.9.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800" -dependencies = [ - "block-buffer 0.9.0", - "cfg-if", - "cpufeatures", - "digest 0.9.0", - "opaque-debug", -] - -[[package]] -name = "sha2" version = "0.10.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" @@ -2603,7 +2579,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8fe458c98333f9c8152221191a77e2a44e8325d0193484af2e9421a53019e57d" dependencies = [ "digest 0.10.6", - "rand_core 0.6.4", + "rand_core", ] [[package]] @@ -2928,7 +2904,7 @@ dependencies = [ "futures-util", "lazy_static", "radix_trie", - "rand 0.8.5", + "rand", "thiserror", "time", "tokio", @@ -2953,7 +2929,7 @@ dependencies = [ "ipnet", "lazy_static", "openssl", - "rand 0.8.5", + "rand", "smallvec", "thiserror", "tinyvec", @@ -3085,12 +3061,6 @@ dependencies = [ [[package]] name = "wasi" -version = "0.9.0+wasi-snapshot-preview1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" - -[[package]] -name = "wasi" version = "0.11.0+wasi-snapshot-preview1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" @@ -3167,13 +3137,13 @@ checksum = "17882f045410753661207383517a6f62ec3dbeb6a4ed2acce01f0728238d1983" [[package]] name = "win-crypto-ng" -version = "0.5.0" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aea60789d46dc8aa7d41758143c1b7dc2d6101a421712f88716a9646da2a4e39" +checksum = "99abfb435a71e54ab2971d8d8c32f1a7e006cdbf527f71743b1d45b93517bb92" dependencies = [ "cipher", "doc-comment", - "rand_core 0.5.1", + "rand_core", "winapi", "zeroize", ] @@ -3381,8 +3351,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bf7074de8999662970c3c4c8f7f30925028dd8f4ca31ad4c055efa9cdf2ec326" dependencies = [ "curve25519-dalek-ng", - "rand 0.8.5", - "rand_core 0.6.4", + "rand", + "rand_core", "zeroize", ] diff --git a/openpgp/Cargo.toml b/openpgp/Cargo.toml index 2f48b495..4cadd511 100644 --- a/openpgp/Cargo.toml +++ b/openpgp/Cargo.toml @@ -45,6 +45,8 @@ regex-syntax = "0.6" sha1collisiondetection = { version = "0.2.3", default-features = false, features = ["std"] } thiserror = "1.0.2" xxhash-rust = { version = "0.8", features = ["xxh3"] } +rand = { version = "0.8" } + # At least 0.10.55 is needed due `no-ocb` check: # https://github.com/sfackler/rust-openssl/blob/master/openssl/CHANGELOG.md openssl = { version = "0.10.55", optional = true } @@ -75,16 +77,12 @@ ecdsa = { version = "0.16", optional = true, features = ["hazmat", "arithmetic"] # need the std feature, at least so that ed25519::Error implements # std::error::Error. ed25519 = { version = "1", default-features = false, features = ["std"], optional = true } -ed25519-dalek = { version = "1", default-features = false, features = ["rand", "u64_backend"], optional = true } +ed25519-dalek = { version = "2", features = ["rand_core"], optional = true } generic-array = { version = "0.14.4", optional = true } idea = { version = "0.5", optional = true } md-5 = { version = "0.10", features = ["oid"], optional = true } num-bigint-dig = { version = "0.8", default-features = false, optional = true } p256 = { version = "0.13", optional = true, features = ["ecdh", "ecdsa"] } -# XXX: ed25519-dalek 1.0.1 depends on rand 0.7 and doesn't reexport it. -# https://github.com/dalek-cryptography/ed25519-dalek/blob/1.0.1/Cargo.toml#L28 -rand07 = { package = "rand", version = "0.7.3", optional = true } -rand = { package = "rand", version = "0.8", optional = true } rand_core = { version = "0.6", optional = true } ripemd = { version = "0.1", features = ["oid"], optional = true } rsa = { version = "0.9.0", optional = true } @@ -112,14 +110,12 @@ winapi = { version = "0.3.8", default-features = false, features = ["bcrypt"], o [target.'cfg(all(target_arch = "wasm32", target_os = "unknown"))'.dependencies] chrono = { version = "0.4.10", default-features = false, features = ["std", "wasmbind", "clock"] } getrandom = { version = "0.2", features = ["js"] } -rand07 = { package = "rand", version = "0.7", features = ["wasm-bindgen"] } [build-dependencies] lalrpop = { version = ">=0.17, <0.20", default-features = false } [dev-dependencies] quickcheck = { version = "1", default-features = false } -rand = { version = "0.8" } rpassword = "6.0" criterion = { version = "0.4", features = ["html_reports"] } @@ -130,13 +126,13 @@ crypto-nettle = ["nettle"] crypto-rust = [ "aes", "block-padding", "blowfish", "camellia", "cast5", "cfb-mode", "cipher", "des", "digest", "eax", "ecb", "ed25519", "ed25519-dalek", "generic-array", "idea", - "md-5", "num-bigint-dig", "rand", "rand07", "ripemd", "rsa", "sha-1", "sha2", + "md-5", "num-bigint-dig", "ripemd", "rsa", "sha-1", "sha2", "twofish", "typenum", "x25519-dalek-ng", "p256", "rand_core", "rand_core/getrandom", "ecdsa", "aes-gcm", "dsa" ] crypto-cng = [ "cipher", "eax", "winapi", "win-crypto-ng", "ed25519", "ed25519-dalek", - "num-bigint-dig", "aes-gcm" + "num-bigint-dig", "aes-gcm", "rand_core" ] crypto-openssl = ["openssl", "openssl-sys"] crypto-botan = ["botan/botan3"] diff --git a/openpgp/src/crypto/backend/cng/asymmetric.rs b/openpgp/src/crypto/backend/cng/asymmetric.rs index 668ea7ac..9e7df40d 100644 --- a/openpgp/src/crypto/backend/cng/asymmetric.rs +++ b/openpgp/src/crypto/backend/cng/asymmetric.rs @@ -102,36 +102,31 @@ impl Asymmetric for super::Backend { fn ed25519_generate_key() -> Result<(Protected, [u8; 32])> { let mut rng = cng::random::RandomNumberGenerator::system_preferred(); - let pair = ed25519_dalek::Keypair::generate(&mut rng); - Ok((pair.secret.as_bytes().as_slice().into(), pair.secret.to_bytes())) + let pair = ed25519_dalek::SigningKey::generate(&mut rng); + Ok((pair.to_bytes().into(), pair.verifying_key().to_bytes())) } fn ed25519_derive_public(secret: &Protected) -> Result<[u8; 32]> { - use ed25519_dalek::{PublicKey, SecretKey}; + use ed25519_dalek::SigningKey; - let secret = SecretKey::from_bytes(secret).map_err(|e| { + let secret = secret.as_ref().try_into().map_err(|e: std::array::TryFromSliceError| { Error::InvalidKey(e.to_string()) })?; - let public = PublicKey::from(&secret); + + let secret = SigningKey::from_bytes(secret); + let public = secret.verifying_key(); Ok(public.to_bytes()) } fn ed25519_sign(secret: &Protected, public: &[u8; 32], digest: &[u8]) -> Result<[u8; 64]> { - use ed25519_dalek::{Keypair, Signer}; - use ed25519_dalek::{PUBLIC_KEY_LENGTH, SECRET_KEY_LENGTH}; + use ed25519_dalek::{SigningKey, Signer}; - if secret.len() != SECRET_KEY_LENGTH { - return Err(crate::Error::InvalidArgument( - "Bad Ed25519 secret length".into()).into()); - } + let mut keypair = secret.as_ref().try_into().map_err(|e: std::array::TryFromSliceError| { + Error::InvalidKey(e.to_string()) + })?; - let mut keypair = Protected::from( - vec![0u8; SECRET_KEY_LENGTH + PUBLIC_KEY_LENGTH] - ); - keypair.as_mut()[..SECRET_KEY_LENGTH].copy_from_slice(secret); - keypair.as_mut()[SECRET_KEY_LENGTH..].copy_from_slice(public); - let pair = Keypair::from_bytes(&keypair)?; + let pair = SigningKey::from_bytes(&keypair); unsafe { memsec::memzero(keypair.as_mut_ptr(), keypair.len()); } @@ -141,13 +136,16 @@ impl Asymmetric for super::Backend { fn ed25519_verify(public: &[u8; 32], digest: &[u8], signature: &[u8; 64]) -> Result<bool> { - use ed25519_dalek::{PublicKey, Signature}; - use ed25519_dalek::{Verifier}; + use ed25519_dalek::{VerifyingKey, Verifier, Signature}; - let public = PublicKey::from_bytes(public).map_err(|e| { + let public = VerifyingKey::from_bytes(public).map_err(|e| { Error::InvalidKey(e.to_string()) })?; - let signature = Signature::from_bytes(&signature.clone())?; + let signature = signature.as_ref().try_into().map_err(|e: std::array::TryFromSliceError| { + Error::InvalidArgument(e.to_string()) + })?; + + let signature = Signature::from_bytes(signature); Ok(public.verify(digest, &signature).is_ok()) } @@ -921,18 +919,18 @@ where }, (Curve::Ed25519, true) => { // CNG doesn't support EdDSA, use ed25519-dalek instead - use ed25519_dalek::Keypair; + use ed25519_dalek::SigningKey; let mut rng = cng::random::RandomNumberGenerator::system_preferred(); - let Keypair { public, secret } = Keypair::generate(&mut rng); + let key = SigningKey::generate(&mut rng); - let secret: Protected = secret.as_bytes().as_ref().into(); + let secret: Protected = key.to_bytes().as_ref().into(); // Mark MPI as compressed point with 0x40 prefix. See // https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-07#section-13.2. let mut compressed_public = [0u8; 1 + CURVE25519_SIZE]; compressed_public[0] = 0x40; - compressed_public[1..].copy_from_slice(public.as_bytes()); + compressed_public[1..].copy_from_slice(key.verifying_key().as_bytes()); ( EdDSA, diff --git a/openpgp/src/crypto/backend/rust.rs b/openpgp/src/crypto/backend/rust.rs index 41e95492..90e0ed16 100644 --- a/openpgp/src/crypto/backend/rust.rs +++ b/openpgp/src/crypto/backend/rust.rs @@ -21,8 +21,8 @@ impl super::interface::Backend for Backend { } fn random(buf: &mut [u8]) -> Result<()> { - use rand07::rngs::OsRng; - use rand07::RngCore; + use rand::rngs::OsRng; + use rand::RngCore; OsRng.fill_bytes(buf); Ok(()) } diff --git a/openpgp/src/crypto/backend/rust/asymmetric.rs b/openpgp/src/crypto/backend/rust/asymmetric.rs index 764f6803..3e229ceb 100644 --- a/openpgp/src/crypto/backend/rust/asymmetric.rs +++ b/openpgp/src/crypto/backend/rust/asymmetric.rs @@ -90,39 +90,32 @@ impl Asymmetric for super::Backend { } fn ed25519_generate_key() -> Result<(Protected, [u8; 32])> { - // ed25519_dalek v1.0.1 doesn't reexport OsRng. It - // depends on 0.7. - use rand07::rngs::OsRng as OsRng; - let pair = ed25519_dalek::Keypair::generate(&mut OsRng); - Ok((pair.secret.as_bytes().as_slice().into(), pair.secret.to_bytes())) + use rand::rngs::OsRng as OsRng; + let pair = ed25519_dalek::SigningKey::generate(&mut OsRng); + Ok((pair.to_bytes().into(), pair.verifying_key().to_bytes())) } fn ed25519_derive_public(secret: &Protected) -> Result<[u8; 32]> { - use ed25519_dalek::{PublicKey, SecretKey}; + use ed25519_dalek::SigningKey; - let secret = SecretKey::from_bytes(secret).map_err(|e| { + let secret = secret.as_ref().try_into().map_err(|e: std::array::TryFromSliceError| { Error::InvalidKey(e.to_string()) })?; - let public = PublicKey::from(&secret); + + let secret = SigningKey::from_bytes(secret); + let public = secret.verifying_key(); Ok(public.to_bytes()) } - fn ed25519_sign(secret: &Protected, public: &[u8; 32], digest: &[u8]) + fn ed25519_sign(secret: &Protected, _public: &[u8; 32], digest: &[u8]) -> Result<[u8; 64]> { - use ed25519_dalek::{Keypair, Signer}; - use ed25519_dalek::{PUBLIC_KEY_LENGTH, SECRET_KEY_LENGTH}; + use ed25519_dalek::{SigningKey, Signer}; - if secret.len() != SECRET_KEY_LENGTH { - return Err(crate::Error::InvalidArgument( - "Bad Ed25519 secret length".into()).into()); - } + let mut keypair = secret.as_ref().try_into().map_err(|e: std::array::TryFromSliceError| { + Error::InvalidKey(e.to_string()) + })?; - let mut keypair = Protected::from( - vec![0u8; SECRET_KEY_LENGTH + PUBLIC_KEY_LENGTH] - ); - keypair.as_mut()[..SECRET_KEY_LENGTH].copy_from_slice(secret); - keypair.as_mut()[SECRET_KEY_LENGTH..].copy_from_slice(public); - let pair = Keypair::from_bytes(&keypair)?; + let pair = SigningKey::from_bytes(&keypair); unsafe { memsec::memzero(keypair.as_mut_ptr(), keypair.len()); } @@ -132,13 +125,16 @@ impl Asymmetric for super::Backend { fn ed25519_verify(public: &[u8; 32], digest: &[u8], signature: &[u8; 64]) -> Result<bool> { - use ed25519_dalek::{PublicKey, Signature}; - use ed25519_dalek::{Verifier}; + use ed25519_dalek::{VerifyingKey, Verifier, Signature}; - let public = PublicKey::from_bytes(public).map_err(|e| { + let public = VerifyingKey::from_bytes(public).map_err(|e| { Error::InvalidKey(e.to_string()) })?; - let signature = Signature::from_bytes(&signature.clone())?; + let signature = signature.as_ref().try_into().map_err(|e: std::array::TryFromSliceError| { + Error::InvalidArgument(e.to_string()) + })?; + + let signature = Signature::from_bytes(signature); Ok(public.verify(digest, &signature).is_ok()) } @@ -566,22 +562,19 @@ impl<R> Key4<SecretParts, R> let (algo, public, private) = match (&curve, for_signing) { (Curve::Ed25519, true) => { - use ed25519_dalek::Keypair; + use ed25519_dalek::SigningKey; - // ed25519_dalek v1.0.1 doesn't reexport OsRng. It - // depends on 0.7. - use rand07::rngs::OsRng as OsRng; + use rand::rngs::OsRng as OsRng; - let Keypair { public, secret } - = Keypair::generate(&mut OsRng); + let key = SigningKey::generate(&mut OsRng); - let secret: Protected = secret.as_bytes().as_ref().into(); + let secret: Protected = key.to_bytes().as_ref().into(); // Mark MPI as compressed point with 0x40 prefix. See // https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-07#section-13.2. let mut compressed_public = [0u8; 1 + CURVE25519_SIZE]; compressed_public[0] = 0x40; - compressed_public[1..].copy_from_slice(public.as_bytes()); + compressed_public[1..].copy_from_slice(key.verifying_key().as_bytes()); ( PublicKeyAlgorithm::EdDSA, diff --git a/openpgp/src/crypto/mem.rs b/openpgp/src/crypto/mem.rs index dd63dfbd..f787043c 100644 --- a/openpgp/src/crypto/mem.rs +++ b/openpgp/src/crypto/mem.rs @@ -170,6 +170,18 @@ impl From<&[u8]> for Protected { } } +impl From<[u8; 32]> for Protected { + fn from(v: [u8; 32]) -> Self { + let mut p = Protected::new(v.len()); + + // Very carefully copy the slice. The obvious + // `p.copy_from_slice(v);` indeed leaks secrets. + v.iter().zip(p.iter_mut()).for_each(|(f, t)| *t = *f); + + p + } +} + impl Drop for Protected { fn d |