From 05dcf8c97c30c118c0c19af5ce2cf7a41b90aa39 Mon Sep 17 00:00:00 2001 From: Dylan Reid Date: Wed, 2 Apr 2025 22:50:43 -0700 Subject: [PATCH 1/4] Dep upgrade After two years, many crates are out of date and need updating. Doing them all at once as many have second level dependencies on each other. This gets everything back to a state that can build with a recent rust toolchain. This includes many breaking API changes that required minor reworks. The transition from `KeyPair` to `SigningKey` caused much of the churn. Signed-off-by: Dylan Reid --- Cargo.toml | 26 +- bazel-locks/Rice.Cargo.Bazel.lock | 239 ++---- bazel-locks/rice-cargo-bazel-lock.json | 1086 ++++++++---------------- deps.bzl | 27 +- src/cdi.rs | 4 +- src/layer.rs | 24 +- src/local_cdi.rs | 16 +- src/x509.rs | 2 +- src/x509/attr.rs | 10 +- src/x509/certificate.rs | 53 +- src/x509/extensions/dice/tcbinfo.rs | 8 +- src/x509/extensions/pkix/authkeyid.rs | 4 +- src/x509/request.rs | 8 +- src/x509/verify.rs | 6 +- 14 files changed, 550 insertions(+), 963 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 63f7132..23c969f 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -9,19 +9,19 @@ version = "0.1.0" edition = "2021" [dependencies] -arrayvec = { version = "0.7.2", default-features = false } +arrayvec = { version = "0.7.6", default-features = false } const-oid = { version = "0.9.0", features = ["db"] } -der = { version = "0.6.0", features = ["derive", "flagset", "oid"] } -digest = {version = "0.10.3", default-features = false } -ed25519 = { version = "1.5.2", default-features = false, features = ["pkcs8"] } -ed25519-dalek = { version = "1.0.1", default-features = false, features = ["u64_backend"] } -flagset = "0.4.3" -generic-array = "0.14.6" +der = { version = "0.7.9", features = ["derive", "flagset", "oid"] } +digest = { version = "0.10.7", default-features = false } +ed25519 = { version = "2.2.3", default-features = false, features = ["pkcs8"] } +ed25519-dalek = { version = "2.1.1", default-features = false } +flagset = "0.4.6" +generic-array = "0.14.7" hex = { version = "0.4.3", default-features = false } -hkdf = "0.12.3" +hkdf = "0.12.4" hmac = "0.12.1" -sha2 = {version = "0.10", default-features = false } -signature = { version = "1.6.4", default-features = false } -spin = { version = "*", default-features = false, features = ["rwlock"] } -spki = "0.6.0" -zeroize = "1.5.7" +sha2 = { version = "0.10.8", default-features = false } +signature = { version = "2.2.0", default-features = false } +spin = { version = "0.10.0", default-features = false, features = ["rwlock"] } +spki = "0.7.3" +zeroize = "1.8.1" diff --git a/bazel-locks/Rice.Cargo.Bazel.lock b/bazel-locks/Rice.Cargo.Bazel.lock index 94f16af..64a95f6 100644 --- a/bazel-locks/Rice.Cargo.Bazel.lock +++ b/bazel-locks/Rice.Cargo.Bazel.lock @@ -4,18 +4,9 @@ version = 3 [[package]] name = "arrayvec" -version = "0.7.2" +version = "0.7.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8da52d66c7071e2e3fa2a1e5c6d088fec47b593032b254f5e980de8ea54454d6" - -[[package]] -name = "block-buffer" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" -dependencies = [ - "generic-array", -] +checksum = "7c02d123df017efcdfbd739ef81735b36c5ba83ec3c59c80a9d7ecc718f92e50" [[package]] name = "block-buffer" @@ -26,12 +17,6 @@ dependencies = [ "generic-array", ] -[[package]] -name = "byteorder" -version = "1.4.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" - [[package]] name = "cfg-if" version = "1.0.0" @@ -40,15 +25,15 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "const-oid" -version = "0.9.1" +version = "0.9.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cec318a675afcb6a1ea1d4340e2d377e56e47c266f28043ceccbf4412ddfdd3b" +checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" [[package]] name = "cpufeatures" -version = "0.2.5" +version = "0.2.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "28d997bd5e24a5928dd43e46dc529867e207907fe0b239c3477d924f7f2ca320" +checksum = "59ed5838eebb26a2bb2e58f6d5b5316989ae9d08bab10e0e6d103e656d1b0280" dependencies = [ "libc", ] @@ -65,22 +50,35 @@ dependencies = [ [[package]] name = "curve25519-dalek" -version = "3.2.0" +version = "4.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b9fdf9972b2bd6af2d913799d9ebc165ea4d2e65878e329d9c6b372c4491b61" +checksum = "97fb8b7c4503de7d6ae7b42ab72a5a59857b4c937ec27a3d4539dba95b5ab2be" dependencies = [ - "byteorder", - "digest 0.9.0", - "rand_core", + "cfg-if", + "cpufeatures", + "curve25519-dalek-derive", + "digest", + "fiat-crypto", + "rustc_version", "subtle", - "zeroize", +] + +[[package]] +name = "curve25519-dalek-derive" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" +dependencies = [ + "proc-macro2", + "quote", + "syn", ] [[package]] name = "der" -version = "0.6.1" +version = "0.7.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f1a467a65c5e759bce6e65eaf91cc29f466cdc57cb65777bd646872a8a1fd4de" +checksum = "f55bf8e7b65898637379c1b74eb1551107c8294ed26d855ceb9fd1a09cfc9bc0" dependencies = [ "const-oid", "der_derive", @@ -89,11 +87,10 @@ dependencies = [ [[package]] name = "der_derive" -version = "0.6.1" +version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ef71ddb5b3a1f53dee24817c8f70dfa1cb29e804c18d88c228d4bc9c86ee3b9" +checksum = "8034092389675178f570469e6c3b0465d3d30b4505c294a6550db47f3c17ad18" dependencies = [ - "proc-macro-error", "proc-macro2", "quote", "syn", @@ -101,20 +98,11 @@ dependencies = [ [[package]] name = "digest" -version = "0.9.0" +version = "0.10.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" +checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" dependencies = [ - "generic-array", -] - -[[package]] -name = "digest" -version = "0.10.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f" -dependencies = [ - "block-buffer 0.10.3", + "block-buffer", "crypto-common", "subtle", ] @@ -126,7 +114,7 @@ dependencies = [ "arrayvec", "const-oid", "der", - "digest 0.10.6", + "digest", "ed25519", "ed25519-dalek", "flagset", @@ -134,7 +122,7 @@ dependencies = [ "hex", "hkdf", "hmac", - "sha2 0.10.6", + "sha2", "signature", "spin", "spki", @@ -143,9 +131,9 @@ dependencies = [ [[package]] name = "ed25519" -version = "1.5.3" +version = "2.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "91cff35c70bba8a626e3185d8cd48cc11b5437e1a5bcd15b9b5fa3c64b6dfee7" +checksum = "115531babc129696a58c64a4fef0a8bf9e9698629fb97e9e40767d235cfbcd53" dependencies = [ "pkcs8", "signature", @@ -153,27 +141,33 @@ dependencies = [ [[package]] name = "ed25519-dalek" -version = "1.0.1" +version = "2.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c762bae6dcaf24c4c84667b8579785430908723d5c889f469d76a41d59cc7a9d" +checksum = "4a3daa8e81a3963a60642bcc1f90a670680bd4a77535faa384e9d1c79d620871" dependencies = [ "curve25519-dalek", "ed25519", - "sha2 0.9.9", - "zeroize", + "sha2", + "subtle", ] +[[package]] +name = "fiat-crypto" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "28dea519a9695b9977216879a3ebfddf92f1c08c05d984f8996aecd6ecdc811d" + [[package]] name = "flagset" -version = "0.4.3" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cda653ca797810c02f7ca4b804b40b8b95ae046eb989d356bce17919a8c25499" +checksum = "b3ea1ec5f8307826a5b71094dd91fc04d4ae75d5709b20ad351c7fb4815c86ec" [[package]] name = "generic-array" -version = "0.14.6" +version = "0.14.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9" +checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" dependencies = [ "typenum", "version_check", @@ -187,9 +181,9 @@ checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" [[package]] name = "hkdf" -version = "0.12.3" +version = "0.12.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "791a029f6b9fc27657f6f188ec6e5e43f6911f6f878e0dc5501396e09809d437" +checksum = "7b5f8eb2ad728638ea2c7d47a21db23b7b58a72ed6a38256b8a1849f15fbbdf7" dependencies = [ "hmac", ] @@ -200,120 +194,86 @@ version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" dependencies = [ - "digest 0.10.6", + "digest", ] [[package]] name = "libc" -version = "0.2.139" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79" - -[[package]] -name = "opaque-debug" -version = "0.3.0" +version = "0.2.171" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" +checksum = "c19937216e9d3aa9956d9bb8dfc0b0c8beb6058fc4f7a4dc4d850edf86a237d6" [[package]] name = "pkcs8" -version = "0.9.0" +version = "0.10.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9eca2c590a5f85da82668fa685c09ce2888b9430e83299debf1f34b65fd4a4ba" +checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7" dependencies = [ "der", "spki", ] -[[package]] -name = "proc-macro-error" -version = "1.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" -dependencies = [ - "proc-macro-error-attr", - "proc-macro2", - "quote", - "syn", - "version_check", -] - -[[package]] -name = "proc-macro-error-attr" -version = "1.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" -dependencies = [ - "proc-macro2", - "quote", - "version_check", -] - [[package]] name = "proc-macro2" -version = "1.0.51" +version = "1.0.94" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d727cae5b39d21da60fa540906919ad737832fe0b1c165da3a34d6548c849d6" +checksum = "a31971752e70b8b2686d7e46ec17fb38dad4051d94024c88df49b667caea9c84" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.23" +version = "1.0.40" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8856d8364d252a14d474036ea1358d63c9e6965c8e5c1885c18f73d70bff9c7b" +checksum = "1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d" dependencies = [ "proc-macro2", ] [[package]] -name = "rand_core" -version = "0.5.1" +name = "rustc_version" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" +checksum = "cfcb3a22ef46e85b45de6ee7e79d063319ebb6594faafcf1c225ea92ab6e9b92" +dependencies = [ + "semver", +] [[package]] -name = "sha2" -version = "0.9.9" +name = "semver" +version = "1.0.26" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800" -dependencies = [ - "block-buffer 0.9.0", - "cfg-if", - "cpufeatures", - "digest 0.9.0", - "opaque-debug", -] +checksum = "56e6fa9c48d24d85fb3de5ad847117517440f6beceb7798af16b4a87d616b8d0" [[package]] name = "sha2" -version = "0.10.6" +version = "0.10.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" +checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" dependencies = [ "cfg-if", "cpufeatures", - "digest 0.10.6", + "digest", ] [[package]] name = "signature" -version = "1.6.4" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "74233d3b3b2f6d4b006dc19dee745e73e2a6bfb6f93607cd3b02bd5b00797d7c" +checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" [[package]] name = "spin" -version = "0.9.5" +version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7dccf47db1b41fa1573ed27ccf5e08e3ca771cb994f776668c5ebda893b248fc" +checksum = "d5fe4ccb98d9c292d56fec89a5e07da7fc4cf0dc11e156b41793132775d3e591" [[package]] name = "spki" -version = "0.6.0" +version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "67cf02bbac7a337dc36e4f5a693db6c21e7863f45070f7064577eb4367a3212b" +checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d" dependencies = [ "der", ] @@ -326,27 +286,15 @@ checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" [[package]] name = "syn" -version = "1.0.107" +version = "2.0.100" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1f4064b5b16e03ae50984a5a8ed5d4f8803e6bc1fd170a3cda91a1be4b18e3f5" +checksum = "b09a44accad81e1ba1cd74a32461ba89dee89095ba17b32f5d03683b1b1fc2a0" dependencies = [ "proc-macro2", "quote", "unicode-ident", ] -[[package]] -name = "synstructure" -version = "0.12.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f36bdaa60a83aca3921b5259d5400cbf5e90fc51931376a9bd4a0eb79aa7210f" -dependencies = [ - "proc-macro2", - "quote", - "syn", - "unicode-xid", -] - [[package]] name = "typenum" version = "1.16.0" @@ -359,12 +307,6 @@ version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "84a22b9f218b40614adcb3f4ff08b703773ad44fa9423e4e0d346d5db86e4ebc" -[[package]] -name = "unicode-xid" -version = "0.2.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c" - [[package]] name = "version_check" version = "0.9.4" @@ -373,21 +315,6 @@ checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" [[package]] name = "zeroize" -version = "1.5.7" +version = "1.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c394b5bd0c6f669e7275d9c20aa90ae064cb22e75a1cad54e1b34088034b149f" -dependencies = [ - "zeroize_derive", -] - -[[package]] -name = "zeroize_derive" -version = "1.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "44bf07cb3e50ea2003396695d58bf46bc9887a1f362260446fad6bc4e79bd36c" -dependencies = [ - "proc-macro2", - "quote", - "syn", - "synstructure", -] +checksum = "ced3678a2879b30306d323f4542626697a464a97c0a07c9aebf7ebca65cd4dde" diff --git a/bazel-locks/rice-cargo-bazel-lock.json b/bazel-locks/rice-cargo-bazel-lock.json index b26715c..feffc12 100644 --- a/bazel-locks/rice-cargo-bazel-lock.json +++ b/bazel-locks/rice-cargo-bazel-lock.json @@ -1,13 +1,13 @@ { - "checksum": "26573620b7dae2aaf49b554e34294917adcade68b4313d5090962f6c37c69b7b", + "checksum": "d3b10ad5ec035b08f001a951127e7e6ce576a625d22d0eb844c9cdc03f37eb66", "crates": { - "arrayvec 0.7.2": { + "arrayvec 0.7.6": { "name": "arrayvec", - "version": "0.7.2", + "version": "0.7.6", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/arrayvec/0.7.2/download", - "sha256": "8da52d66c7071e2e3fa2a1e5c6d088fec47b593032b254f5e980de8ea54454d6" + "url": "https://static.crates.io/crates/arrayvec/0.7.6/download", + "sha256": "7c02d123df017efcdfbd739ef81735b36c5ba83ec3c59c80a9d7ecc718f92e50" } }, "targets": [ @@ -27,7 +27,7 @@ "**" ], "edition": "2018", - "version": "0.7.2" + "version": "0.7.6" }, "license": "MIT OR Apache-2.0" }, @@ -36,7 +36,7 @@ "version": "0.10.3", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/block-buffer/0.10.3/download", + "url": "https://static.crates.io/crates/block-buffer/0.10.3/download", "sha256": "69cce20737498f97b993470a6e536b8523f0af7892a4f928cceb1ac5e52ebe7e" } }, @@ -59,7 +59,7 @@ "deps": { "common": [ { - "id": "generic-array 0.14.6", + "id": "generic-array 0.14.7", "target": "generic_array" } ], @@ -70,84 +70,12 @@ }, "license": "MIT OR Apache-2.0" }, - "block-buffer 0.9.0": { - "name": "block-buffer", - "version": "0.9.0", - "repository": { - "Http": { - "url": "https://crates.io/api/v1/crates/block-buffer/0.9.0/download", - "sha256": "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" - } - }, - "targets": [ - { - "Library": { - "crate_name": "block_buffer", - "crate_root": "src/lib.rs", - "srcs": [ - "**/*.rs" - ] - } - } - ], - "library_target_name": "block_buffer", - "common_attrs": { - "compile_data_glob": [ - "**" - ], - "deps": { - "common": [ - { - "id": "generic-array 0.14.6", - "target": "generic_array" - } - ], - "selects": {} - }, - "edition": "2018", - "version": "0.9.0" - }, - "license": "MIT OR Apache-2.0" - }, - "byteorder 1.4.3": { - "name": "byteorder", - "version": "1.4.3", - "repository": { - "Http": { - "url": "https://crates.io/api/v1/crates/byteorder/1.4.3/download", - "sha256": "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" - } - }, - "targets": [ - { - "Library": { - "crate_name": "byteorder", - "crate_root": "src/lib.rs", - "srcs": [ - "**/*.rs" - ] - } - } - ], - "library_target_name": "byteorder", - "common_attrs": { - "compile_data_glob": [ - "**" - ], - "crate_features": [ - "i128" - ], - "edition": "2018", - "version": "1.4.3" - }, - "license": "Unlicense OR MIT" - }, "cfg-if 1.0.0": { "name": "cfg-if", "version": "1.0.0", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/cfg-if/1.0.0/download", + "url": "https://static.crates.io/crates/cfg-if/1.0.0/download", "sha256": "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" } }, @@ -172,13 +100,13 @@ }, "license": "MIT/Apache-2.0" }, - "const-oid 0.9.1": { + "const-oid 0.9.6": { "name": "const-oid", - "version": "0.9.1", + "version": "0.9.6", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/const-oid/0.9.1/download", - "sha256": "cec318a675afcb6a1ea1d4340e2d377e56e47c266f28043ceccbf4412ddfdd3b" + "url": "https://static.crates.io/crates/const-oid/0.9.6/download", + "sha256": "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" } }, "targets": [ @@ -201,17 +129,17 @@ "db" ], "edition": "2021", - "version": "0.9.1" + "version": "0.9.6" }, "license": "Apache-2.0 OR MIT" }, - "cpufeatures 0.2.5": { + "cpufeatures 0.2.17": { "name": "cpufeatures", - "version": "0.2.5", + "version": "0.2.17", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/cpufeatures/0.2.5/download", - "sha256": "28d997bd5e24a5928dd43e46dc529867e207907fe0b239c3477d924f7f2ca320" + "url": "https://static.crates.io/crates/cpufeatures/0.2.17/download", + "sha256": "59ed5838eebb26a2bb2e58f6d5b5316989ae9d08bab10e0e6d103e656d1b0280" } }, "targets": [ @@ -233,28 +161,34 @@ "deps": { "common": [], "selects": { - "aarch64-apple-darwin": [ + "aarch64-linux-android": [ { - "id": "libc 0.2.139", + "id": "libc 0.2.171", "target": "libc" } ], - "aarch64-linux-android": [ + "cfg(all(target_arch = \"aarch64\", target_os = \"linux\"))": [ { - "id": "libc 0.2.139", + "id": "libc 0.2.171", "target": "libc" } ], - "cfg(all(target_arch = \"aarch64\", target_os = \"linux\"))": [ + "cfg(all(target_arch = \"aarch64\", target_vendor = \"apple\"))": [ + { + "id": "libc 0.2.171", + "target": "libc" + } + ], + "cfg(all(target_arch = \"loongarch64\", target_os = \"linux\"))": [ { - "id": "libc 0.2.139", + "id": "libc 0.2.171", "target": "libc" } ] } }, "edition": "2018", - "version": "0.2.5" + "version": "0.2.17" }, "license": "MIT OR Apache-2.0" }, @@ -263,7 +197,7 @@ "version": "0.1.6", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/crypto-common/0.1.6/download", + "url": "https://static.crates.io/crates/crypto-common/0.1.6/download", "sha256": "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" } }, @@ -286,7 +220,7 @@ "deps": { "common": [ { - "id": "generic-array 0.14.6", + "id": "generic-array 0.14.7", "target": "generic_array" }, { @@ -301,13 +235,13 @@ }, "license": "MIT OR Apache-2.0" }, - "curve25519-dalek 3.2.0": { + "curve25519-dalek 4.1.3": { "name": "curve25519-dalek", - "version": "3.2.0", + "version": "4.1.3", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/curve25519-dalek/3.2.0/download", - "sha256": "0b9fdf9972b2bd6af2d913799d9ebc165ea4d2e65878e329d9c6b372c4491b61" + "url": "https://static.crates.io/crates/curve25519-dalek/4.1.3/download", + "sha256": "97fb8b7c4503de7d6ae7b42ab72a5a59857b4c937ec27a3d4539dba95b5ab2be" } }, "targets": [ @@ -319,6 +253,15 @@ "**/*.rs" ] } + }, + { + "BuildScript": { + "crate_name": "build_script_build", + "crate_root": "build.rs", + "srcs": [ + "**/*.rs" + ] + } } ], "library_target_name": "curve25519_dalek", @@ -327,45 +270,126 @@ "**" ], "crate_features": [ - "u64_backend" + "digest" ], "deps": { "common": [ { - "id": "byteorder 1.4.3", - "target": "byteorder" + "id": "cfg-if 1.0.0", + "target": "cfg_if" }, { - "id": "digest 0.9.0", - "target": "digest" + "id": "curve25519-dalek 4.1.3", + "target": "build_script_build" }, { - "id": "rand_core 0.5.1", - "target": "rand_core" + "id": "digest 0.10.7", + "target": "digest" }, { "id": "subtle 2.4.1", "target": "subtle" + } + ], + "selects": { + "cfg(curve25519_dalek_backend = \"fiat\")": [ + { + "id": "fiat-crypto 0.2.9", + "target": "fiat_crypto" + } + ], + "cfg(target_arch = \"x86_64\")": [ + { + "id": "cpufeatures 0.2.17", + "target": "cpufeatures" + } + ] + } + }, + "edition": "2021", + "proc_macro_deps": { + "common": [], + "selects": { + "cfg(all(not(curve25519_dalek_backend = \"fiat\"), not(curve25519_dalek_backend = \"serial\"), target_arch = \"x86_64\"))": [ + { + "id": "curve25519-dalek-derive 0.1.1", + "target": "curve25519_dalek_derive" + } + ] + } + }, + "version": "4.1.3" + }, + "build_script_attrs": { + "data_glob": [ + "**" + ], + "deps": { + "common": [ + { + "id": "rustc_version 0.4.1", + "target": "rustc_version" + } + ], + "selects": {} + } + }, + "license": "BSD-3-Clause" + }, + "curve25519-dalek-derive 0.1.1": { + "name": "curve25519-dalek-derive", + "version": "0.1.1", + "repository": { + "Http": { + "url": "https://static.crates.io/crates/curve25519-dalek-derive/0.1.1/download", + "sha256": "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" + } + }, + "targets": [ + { + "ProcMacro": { + "crate_name": "curve25519_dalek_derive", + "crate_root": "src/lib.rs", + "srcs": [ + "**/*.rs" + ] + } + } + ], + "library_target_name": "curve25519_dalek_derive", + "common_attrs": { + "compile_data_glob": [ + "**" + ], + "deps": { + "common": [ + { + "id": "proc-macro2 1.0.94", + "target": "proc_macro2" }, { - "id": "zeroize 1.5.7", - "target": "zeroize" + "id": "quote 1.0.40", + "target": "quote" + }, + { + "id": "syn 2.0.100", + "target": "syn" } ], "selects": {} }, - "edition": "2015", - "version": "3.2.0" + "edition": "2021", + "version": "0.1.1" }, - "license": "BSD-3-Clause" + "license": "MIT/Apache-2.0" }, - "der 0.6.1": { + "der 0.7.9": { "name": "der", - "version": "0.6.1", + "version": "0.7.9", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/der/0.6.1/download", - "sha256": "f1a467a65c5e759bce6e65eaf91cc29f466cdc57cb65777bd646872a8a1fd4de" + "url": "https://static.crates.io/crates/der/0.7.9/download", + "sha256": "f55bf8e7b65898637379c1b74eb1551107c8294ed26d855ceb9fd1a09cfc9bc0" } }, "targets": [ @@ -385,8 +409,6 @@ "**" ], "crate_features": [ - "const-oid", - "der_derive", "derive", "flagset", "oid" @@ -394,11 +416,11 @@ "deps": { "common": [ { - "id": "const-oid 0.9.1", + "id": "const-oid 0.9.6", "target": "const_oid" }, { - "id": "flagset 0.4.3", + "id": "flagset 0.4.6", "target": "flagset" } ], @@ -408,23 +430,23 @@ "proc_macro_deps": { "common": [ { - "id": "der_derive 0.6.1", + "id": "der_derive 0.7.3", "target": "der_derive" } ], "selects": {} }, - "version": "0.6.1" + "version": "0.7.9" }, "license": "Apache-2.0 OR MIT" }, - "der_derive 0.6.1": { + "der_derive 0.7.3": { "name": "der_derive", - "version": "0.6.1", + "version": "0.7.3", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/der_derive/0.6.1/download", - "sha256": "8ef71ddb5b3a1f53dee24817c8f70dfa1cb29e804c18d88c228d4bc9c86ee3b9" + "url": "https://static.crates.io/crates/der_derive/0.7.3/download", + "sha256": "8034092389675178f570469e6c3b0465d3d30b4505c294a6550db47f3c17ad18" } }, "targets": [ @@ -446,36 +468,32 @@ "deps": { "common": [ { - "id": "proc-macro-error 1.0.4", - "target": "proc_macro_error" - }, - { - "id": "proc-macro2 1.0.51", + "id": "proc-macro2 1.0.94", "target": "proc_macro2" }, { - "id": "quote 1.0.23", + "id": "quote 1.0.40", "target": "quote" }, { - "id": "syn 1.0.107", + "id": "syn 2.0.100", "target": "syn" } ], "selects": {} }, "edition": "2021", - "version": "0.6.1" + "version": "0.7.3" }, "license": "Apache-2.0 OR MIT" }, - "digest 0.10.6": { + "digest 0.10.7": { "name": "digest", - "version": "0.10.6", + "version": "0.10.7", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/digest/0.10.6/download", - "sha256": "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f" + "url": "https://static.crates.io/crates/digest/0.10.7/download", + "sha256": "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" } }, "targets": [ @@ -519,46 +537,7 @@ "selects": {} }, "edition": "2018", - "version": "0.10.6" - }, - "license": "MIT OR Apache-2.0" - }, - "digest 0.9.0": { - "name": "digest", - "version": "0.9.0", - "repository": { - "Http": { - "url": "https://crates.io/api/v1/crates/digest/0.9.0/download", - "sha256": "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" - } - }, - "targets": [ - { - "Library": { - "crate_name": "digest", - "crate_root": "src/lib.rs", - "srcs": [ - "**/*.rs" - ] - } - } - ], - "library_target_name": "digest", - "common_attrs": { - "compile_data_glob": [ - "**" - ], - "deps": { - "common": [ - { - "id": "generic-array 0.14.6", - "target": "generic_array" - } - ], - "selects": {} - }, - "edition": "2018", - "version": "0.9.0" + "version": "0.10.7" }, "license": "MIT OR Apache-2.0" }, @@ -585,35 +564,35 @@ "deps": { "common": [ { - "id": "arrayvec 0.7.2", + "id": "arrayvec 0.7.6", "target": "arrayvec" }, { - "id": "const-oid 0.9.1", + "id": "const-oid 0.9.6", "target": "const_oid" }, { - "id": "der 0.6.1", + "id": "der 0.7.9", "target": "der" }, { - "id": "digest 0.10.6", + "id": "digest 0.10.7", "target": "digest" }, { - "id": "ed25519 1.5.3", + "id": "ed25519 2.2.3", "target": "ed25519" }, { - "id": "ed25519-dalek 1.0.1", + "id": "ed25519-dalek 2.1.1", "target": "ed25519_dalek" }, { - "id": "flagset 0.4.3", + "id": "flagset 0.4.6", "target": "flagset" }, { - "id": "generic-array 0.14.6", + "id": "generic-array 0.14.7", "target": "generic_array" }, { @@ -621,7 +600,7 @@ "target": "hex" }, { - "id": "hkdf 0.12.3", + "id": "hkdf 0.12.4", "target": "hkdf" }, { @@ -629,23 +608,23 @@ "target": "hmac" }, { - "id": "sha2 0.10.6", + "id": "sha2 0.10.8", "target": "sha2" }, { - "id": "signature 1.6.4", + "id": "signature 2.2.0", "target": "signature" }, { - "id": "spin 0.9.5", + "id": "spin 0.10.0", "target": "spin" }, { - "id": "spki 0.6.0", + "id": "spki 0.7.3", "target": "spki" }, { - "id": "zeroize 1.5.7", + "id": "zeroize 1.8.1", "target": "zeroize" } ], @@ -656,13 +635,13 @@ }, "license": null }, - "ed25519 1.5.3": { + "ed25519 2.2.3": { "name": "ed25519", - "version": "1.5.3", + "version": "2.2.3", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/ed25519/1.5.3/download", - "sha256": "91cff35c70bba8a626e3185d8cd48cc11b5437e1a5bcd15b9b5fa3c64b6dfee7" + "url": "https://static.crates.io/crates/ed25519/2.2.3/download", + "sha256": "115531babc129696a58c64a4fef0a8bf9e9698629fb97e9e40767d235cfbcd53" } }, "targets": [ @@ -687,28 +666,28 @@ "deps": { "common": [ { - "id": "pkcs8 0.9.0", + "id": "pkcs8 0.10.2", "target": "pkcs8" }, { - "id": "signature 1.6.4", + "id": "signature 2.2.0", "target": "signature" } ], "selects": {} }, "edition": "2021", - "version": "1.5.3" + "version": "2.2.3" }, "license": "Apache-2.0 OR MIT" }, - "ed25519-dalek 1.0.1": { + "ed25519-dalek 2.1.1": { "name": "ed25519-dalek", - "version": "1.0.1", + "version": "2.1.1", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/ed25519-dalek/1.0.1/download", - "sha256": "c762bae6dcaf24c4c84667b8579785430908723d5c889f469d76a41d59cc7a9d" + "url": "https://static.crates.io/crates/ed25519-dalek/2.1.1/download", + "sha256": "4a3daa8e81a3963a60642bcc1f90a670680bd4a77535faa384e9d1c79d620871" } }, "targets": [ @@ -727,42 +706,69 @@ "compile_data_glob": [ "**" ], - "crate_features": [ - "u64_backend" - ], "deps": { "common": [ { - "id": "curve25519-dalek 3.2.0", + "id": "curve25519-dalek 4.1.3", "target": "curve25519_dalek" }, { - "id": "ed25519 1.5.3", + "id": "ed25519 2.2.3", "target": "ed25519" }, { - "id": "sha2 0.9.9", + "id": "sha2 0.10.8", "target": "sha2" }, { - "id": "zeroize 1.5.7", - "target": "zeroize" + "id": "subtle 2.4.1", + "target": "subtle" } ], "selects": {} }, - "edition": "2018", - "version": "1.0.1" + "edition": "2021", + "version": "2.1.1" }, "license": "BSD-3-Clause" }, - "flagset 0.4.3": { + "fiat-crypto 0.2.9": { + "name": "fiat-crypto", + "version": "0.2.9", + "repository": { + "Http": { + "url": "https://static.crates.io/crates/fiat-crypto/0.2.9/download", + "sha256": "28dea519a9695b9977216879a3ebfddf92f1c08c05d984f8996aecd6ecdc811d" + } + }, + "targets": [ + { + "Library": { + "crate_name": "fiat_crypto", + "crate_root": "src/lib.rs", + "srcs": [ + "**/*.rs" + ] + } + } + ], + "library_target_name": "fiat_crypto", + "common_attrs": { + "compile_data_glob": [ + "**" + ], + "edition": "2018", + "version": "0.2.9" + }, + "license": "MIT OR Apache-2.0 OR BSD-1-Clause" + }, + "flagset 0.4.6": { "name": "flagset", - "version": "0.4.3", + "version": "0.4.6", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/flagset/0.4.3/download", - "sha256": "cda653ca797810c02f7ca4b804b40b8b95ae046eb989d356bce17919a8c25499" + "url": "https://static.crates.io/crates/flagset/0.4.6/download", + "sha256": "b3ea1ec5f8307826a5b71094dd91fc04d4ae75d5709b20ad351c7fb4815c86ec" } }, "targets": [ @@ -781,18 +787,18 @@ "compile_data_glob": [ "**" ], - "edition": "2018", - "version": "0.4.3" + "edition": "2021", + "version": "0.4.6" }, "license": "Apache-2.0" }, - "generic-array 0.14.6": { + "generic-array 0.14.7": { "name": "generic-array", - "version": "0.14.6", + "version": "0.14.7", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/generic-array/0.14.6/download", - "sha256": "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9" + "url": "https://static.crates.io/crates/generic-array/0.14.7/download", + "sha256": "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" } }, "targets": [ @@ -826,7 +832,7 @@ "deps": { "common": [ { - "id": "generic-array 0.14.6", + "id": "generic-array 0.14.7", "target": "build_script_build" }, { @@ -837,7 +843,7 @@ "selects": {} }, "edition": "2015", - "version": "0.14.6" + "version": "0.14.7" }, "build_script_attrs": { "data_glob": [ @@ -860,7 +866,7 @@ "version": "0.4.3", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/hex/0.4.3/download", + "url": "https://static.crates.io/crates/hex/0.4.3/download", "sha256": "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" } }, @@ -885,13 +891,13 @@ }, "license": "MIT OR Apache-2.0" }, - "hkdf 0.12.3": { + "hkdf 0.12.4": { "name": "hkdf", - "version": "0.12.3", + "version": "0.12.4", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/hkdf/0.12.3/download", - "sha256": "791a029f6b9fc27657f6f188ec6e5e43f6911f6f878e0dc5501396e09809d437" + "url": "https://static.crates.io/crates/hkdf/0.12.4/download", + "sha256": "7b5f8eb2ad728638ea2c7d47a21db23b7b58a72ed6a38256b8a1849f15fbbdf7" } }, "targets": [ @@ -920,7 +926,7 @@ "selects": {} }, "edition": "2018", - "version": "0.12.3" + "version": "0.12.4" }, "license": "MIT OR Apache-2.0" }, @@ -929,7 +935,7 @@ "version": "0.12.1", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/hmac/0.12.1/download", + "url": "https://static.crates.io/crates/hmac/0.12.1/download", "sha256": "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" } }, @@ -952,7 +958,7 @@ "deps": { "common": [ { - "id": "digest 0.10.6", + "id": "digest 0.10.7", "target": "digest" } ], @@ -963,13 +969,13 @@ }, "license": "MIT OR Apache-2.0" }, - "libc 0.2.139": { + "libc 0.2.171": { "name": "libc", - "version": "0.2.139", + "version": "0.2.171", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/libc/0.2.139/download", - "sha256": "201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79" + "url": "https://static.crates.io/crates/libc/0.2.171/download", + "sha256": "c19937216e9d3aa9956d9bb8dfc0b0c8beb6058fc4f7a4dc4d850edf86a237d6" } }, "targets": [ @@ -997,21 +1003,17 @@ "compile_data_glob": [ "**" ], - "crate_features": [ - "default", - "std" - ], "deps": { "common": [ { - "id": "libc 0.2.139", + "id": "libc 0.2.171", "target": "build_script_build" } ], "selects": {} }, - "edition": "2015", - "version": "0.2.139" + "edition": "2021", + "version": "0.2.171" }, "build_script_attrs": { "data_glob": [ @@ -1020,43 +1022,13 @@ }, "license": "MIT OR Apache-2.0" }, - "opaque-debug 0.3.0": { - "name": "opaque-debug", - "version": "0.3.0", - "repository": { - "Http": { - "url": "https://crates.io/api/v1/crates/opaque-debug/0.3.0/download", - "sha256": "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" - } - }, - "targets": [ - { - "Library": { - "crate_name": "opaque_debug", - "crate_root": "src/lib.rs", - "srcs": [ - "**/*.rs" - ] - } - } - ], - "library_target_name": "opaque_debug", - "common_attrs": { - "compile_data_glob": [ - "**" - ], - "edition": "2018", - "version": "0.3.0" - }, - "license": "MIT OR Apache-2.0" - }, - "pkcs8 0.9.0": { + "pkcs8 0.10.2": { "name": "pkcs8", - "version": "0.9.0", + "version": "0.10.2", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/pkcs8/0.9.0/download", - "sha256": "9eca2c590a5f85da82668fa685c09ce2888b9430e83299debf1f34b65fd4a4ba" + "url": "https://static.crates.io/crates/pkcs8/0.10.2/download", + "sha256": "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7" } }, "targets": [ @@ -1078,34 +1050,34 @@ "deps": { "common": [ { - "id": "der 0.6.1", + "id": "der 0.7.9", "target": "der" }, { - "id": "spki 0.6.0", + "id": "spki 0.7.3", "target": "spki" } ], "selects": {} }, "edition": "2021", - "version": "0.9.0" + "version": "0.10.2" }, "license": "Apache-2.0 OR MIT" }, - "proc-macro-error 1.0.4": { - "name": "proc-macro-error", - "version": "1.0.4", + "proc-macro2 1.0.94": { + "name": "proc-macro2", + "version": "1.0.94", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/proc-macro-error/1.0.4/download", - "sha256": "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" + "url": "https://static.crates.io/crates/proc-macro2/1.0.94/download", + "sha256": "a31971752e70b8b2686d7e46ec17fb38dad4051d94024c88df49b667caea9c84" } }, "targets": [ { "Library": { - "crate_name": "proc_macro_error", + "crate_name": "proc_macro2", "crate_root": "src/lib.rs", "srcs": [ "**/*.rs" @@ -1122,209 +1094,133 @@ } } ], - "library_target_name": "proc_macro_error", + "library_target_name": "proc_macro2", "common_attrs": { "compile_data_glob": [ "**" ], "crate_features": [ "default", - "syn", - "syn-error" + "proc-macro" ], "deps": { "common": [ { - "id": "proc-macro-error 1.0.4", + "id": "proc-macro2 1.0.94", "target": "build_script_build" }, { - "id": "proc-macro2 1.0.51", - "target": "proc_macro2" - }, - { - "id": "quote 1.0.23", - "target": "quote" - }, - { - "id": "syn 1.0.107", - "target": "syn" + "id": "unicode-ident 1.0.6", + "target": "unicode_ident" } ], "selects": {} }, - "edition": "2018", - "proc_macro_deps": { - "common": [ - { - "id": "proc-macro-error-attr 1.0.4", - "target": "proc_macro_error_attr" - } - ], - "selects": {} - }, - "version": "1.0.4" + "edition": "2021", + "version": "1.0.94" }, "build_script_attrs": { "data_glob": [ "**" - ], - "deps": { - "common": [ - { - "id": "version_check 0.9.4", - "target": "version_check" - } - ], - "selects": {} - } + ] }, "license": "MIT OR Apache-2.0" }, - "proc-macro-error-attr 1.0.4": { - "name": "proc-macro-error-attr", - "version": "1.0.4", + "quote 1.0.40": { + "name": "quote", + "version": "1.0.40", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/proc-macro-error-attr/1.0.4/download", - "sha256": "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" + "url": "https://static.crates.io/crates/quote/1.0.40/download", + "sha256": "1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d" } }, "targets": [ { - "ProcMacro": { - "crate_name": "proc_macro_error_attr", + "Library": { + "crate_name": "quote", "crate_root": "src/lib.rs", "srcs": [ "**/*.rs" ] } - }, - { - "BuildScript": { - "crate_name": "build_script_build", - "crate_root": "build.rs", - "srcs": [ - "**/*.rs" - ] - } } ], - "library_target_name": "proc_macro_error_attr", + "library_target_name": "quote", "common_attrs": { "compile_data_glob": [ "**" ], + "crate_features": [ + "default", + "proc-macro" + ], "deps": { "common": [ { - "id": "proc-macro-error-attr 1.0.4", - "target": "build_script_build" - }, - { - "id": "proc-macro2 1.0.51", + "id": "proc-macro2 1.0.94", "target": "proc_macro2" - }, - { - "id": "quote 1.0.23", - "target": "quote" } ], "selects": {} }, "edition": "2018", - "version": "1.0.4" - }, - "build_script_attrs": { - "data_glob": [ - "**" - ], - "deps": { - "common": [ - { - "id": "version_check 0.9.4", - "target": "version_check" - } - ], - "selects": {} - } + "version": "1.0.40" }, "license": "MIT OR Apache-2.0" }, - "proc-macro2 1.0.51": { - "name": "proc-macro2", - "version": "1.0.51", + "rustc_version 0.4.1": { + "name": "rustc_version", + "version": "0.4.1", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/proc-macro2/1.0.51/download", - "sha256": "5d727cae5b39d21da60fa540906919ad737832fe0b1c165da3a34d6548c849d6" + "url": "https://static.crates.io/crates/rustc_version/0.4.1/download", + "sha256": "cfcb3a22ef46e85b45de6ee7e79d063319ebb6594faafcf1c225ea92ab6e9b92" } }, "targets": [ { "Library": { - "crate_name": "proc_macro2", + "crate_name": "rustc_version", "crate_root": "src/lib.rs", "srcs": [ "**/*.rs" ] } - }, - { - "BuildScript": { - "crate_name": "build_script_build", - "crate_root": "build.rs", - "srcs": [ - "**/*.rs" - ] - } } ], - "library_target_name": "proc_macro2", + "library_target_name": "rustc_version", "common_attrs": { "compile_data_glob": [ "**" ], - "crate_features": [ - "default", - "proc-macro" - ], "deps": { "common": [ { - "id": "proc-macro2 1.0.51", - "target": "build_script_build" - }, - { - "id": "unicode-ident 1.0.6", - "target": "unicode_ident" + "id": "semver 1.0.26", + "target": "semver" } ], "selects": {} }, "edition": "2018", - "version": "1.0.51" - }, - "build_script_attrs": { - "data_glob": [ - "**" - ] + "version": "0.4.1" }, "license": "MIT OR Apache-2.0" }, - "quote 1.0.23": { - "name": "quote", - "version": "1.0.23", + "semver 1.0.26": { + "name": "semver", + "version": "1.0.26", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/quote/1.0.23/download", - "sha256": "8856d8364d252a14d474036ea1358d63c9e6965c8e5c1885c18f73d70bff9c7b" + "url": "https://static.crates.io/crates/semver/1.0.26/download", + "sha256": "56e6fa9c48d24d85fb3de5ad847117517440f6beceb7798af16b4a87d616b8d0" } }, "targets": [ { "Library": { - "crate_name": "quote", + "crate_name": "semver", "crate_root": "src/lib.rs", "srcs": [ "**/*.rs" @@ -1341,30 +1237,26 @@ } } ], - "library_target_name": "quote", + "library_target_name": "semver", "common_attrs": { "compile_data_glob": [ "**" ], "crate_features": [ "default", - "proc-macro" + "std" ], "deps": { "common": [ { - "id": "proc-macro2 1.0.51", - "target": "proc_macro2" - }, - { - "id": "quote 1.0.23", + "id": "semver 1.0.26", "target": "build_script_build" } ], "selects": {} }, "edition": "2018", - "version": "1.0.23" + "version": "1.0.26" }, "build_script_attrs": { "data_glob": [ @@ -1373,43 +1265,13 @@ }, "license": "MIT OR Apache-2.0" }, - "rand_core 0.5.1": { - "name": "rand_core", - "version": "0.5.1", - "repository": { - "Http": { - "url": "https://crates.io/api/v1/crates/rand_core/0.5.1/download", - "sha256": "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" - } - }, - "targets": [ - { - "Library": { - "crate_name": "rand_core", - "crate_root": "src/lib.rs", - "srcs": [ - "**/*.rs" - ] - } - } - ], - "library_target_name": "rand_core", - "common_attrs": { - "compile_data_glob": [ - "**" - ], - "edition": "2018", - "version": "0.5.1" - }, - "license": "MIT OR Apache-2.0" - }, - "sha2 0.10.6": { + "sha2 0.10.8": { "name": "sha2", - "version": "0.10.6", + "version": "0.10.8", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/sha2/0.10.6/download", - "sha256": "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" + "url": "https://static.crates.io/crates/sha2/0.10.8/download", + "sha256": "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" } }, "targets": [ @@ -1435,89 +1297,31 @@ "target": "cfg_if" }, { - "id": "digest 0.10.6", + "id": "digest 0.10.7", "target": "digest" } ], "selects": { "cfg(any(target_arch = \"aarch64\", target_arch = \"x86_64\", target_arch = \"x86\"))": [ { - "id": "cpufeatures 0.2.5", + "id": "cpufeatures 0.2.17", "target": "cpufeatures" } ] } }, "edition": "2018", - "version": "0.10.6" + "version": "0.10.8" }, "license": "MIT OR Apache-2.0" }, - "sha2 0.9.9": { - "name": "sha2", - "version": "0.9.9", - "repository": { - "Http": { - "url": "https://crates.io/api/v1/crates/sha2/0.9.9/download", - "sha256": "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800" - } - }, - "targets": [ - { - "Library": { - "crate_name": "sha2", - "crate_root": "src/lib.rs", - "srcs": [ - "**/*.rs" - ] - } - } - ], - "library_target_name": "sha2", - "common_attrs": { - "compile_data_glob": [ - "**" - ], - "deps": { - "common": [ - { - "id": "block-buffer 0.9.0", - "target": "block_buffer" - }, - { - "id": "cfg-if 1.0.0", - "target": "cfg_if" - }, - { - "id": "digest 0.9.0", - "target": "digest" - }, - { - "id": "opaque-debug 0.3.0", - "target": "opaque_debug" - } - ], - "selects": { - "cfg(any(target_arch = \"aarch64\", target_arch = \"x86_64\", target_arch = \"x86\"))": [ - { - "id": "cpufeatures 0.2.5", - "target": "cpufeatures" - } - ] - } - }, - "edition": "2018", - "version": "0.9.9" - }, - "license": "MIT OR Apache-2.0" - }, - "signature 1.6.4": { + "signature 2.2.0": { "name": "signature", - "version": "1.6.4", + "version": "2.2.0", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/signature/1.6.4/download", - "sha256": "74233d3b3b2f6d4b006dc19dee745e73e2a6bfb6f93607cd3b02bd5b00797d7c" + "url": "https://static.crates.io/crates/signature/2.2.0/download", + "sha256": "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" } }, "targets": [ @@ -1537,17 +1341,17 @@ "**" ], "edition": "2021", - "version": "1.6.4" + "version": "2.2.0" }, "license": "Apache-2.0 OR MIT" }, - "spin 0.9.5": { + "spin 0.10.0": { "name": "spin", - "version": "0.9.5", + "version": "0.10.0", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/spin/0.9.5/download", - "sha256": "7dccf47db1b41fa1573ed27ccf5e08e3ca771cb994f776668c5ebda893b248fc" + "url": "https://static.crates.io/crates/spin/0.10.0/download", + "sha256": "d5fe4ccb98d9c292d56fec89a5e07da7fc4cf0dc11e156b41793132775d3e591" } }, "targets": [ @@ -1570,17 +1374,17 @@ "rwlock" ], "edition": "2015", - "version": "0.9.5" + "version": "0.10.0" }, "license": "MIT" }, - "spki 0.6.0": { + "spki 0.7.3": { "name": "spki", - "version": "0.6.0", + "version": "0.7.3", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/spki/0.6.0/download", - "sha256": "67cf02bbac7a337dc36e4f5a693db6c21e7863f45070f7064577eb4367a3212b" + "url": "https://static.crates.io/crates/spki/0.7.3/download", + "sha256": "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d" } }, "targets": [ @@ -1602,14 +1406,14 @@ "deps": { "common": [ { - "id": "der 0.6.1", + "id": "der 0.7.9", "target": "der" } ], "selects": {} }, "edition": "2021", - "version": "0.6.0" + "version": "0.7.3" }, "license": "Apache-2.0 OR MIT" }, @@ -1618,7 +1422,7 @@ "version": "2.4.1", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/subtle/2.4.1/download", + "url": "https://static.crates.io/crates/subtle/2.4.1/download", "sha256": "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" } }, @@ -1643,13 +1447,13 @@ }, "license": "BSD-3-Clause" }, - "syn 1.0.107": { + "syn 2.0.100": { "name": "syn", - "version": "1.0.107", + "version": "2.0.100", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/syn/1.0.107/download", - "sha256": "1f4064b5b16e03ae50984a5a8ed5d4f8803e6bc1fd170a3cda91a1be4b18e3f5" + "url": "https://static.crates.io/crates/syn/2.0.100/download", + "sha256": "b09a44accad81e1ba1cd74a32461ba89dee89095ba17b32f5d03683b1b1fc2a0" } }, "targets": [ @@ -1661,15 +1465,6 @@ "**/*.rs" ] } - }, - { - "BuildScript": { - "crate_name": "build_script_build", - "crate_root": "build.rs", - "srcs": [ - "**/*.rs" - ] - } } ], "library_target_name": "syn", @@ -1682,26 +1477,21 @@ "default", "derive", "extra-traits", + "full", "parsing", "printing", - "proc-macro", - "quote", - "visit" + "proc-macro" ], "deps": { "common": [ { - "id": "proc-macro2 1.0.51", + "id": "proc-macro2 1.0.94", "target": "proc_macro2" }, { - "id": "quote 1.0.23", + "id": "quote 1.0.40", "target": "quote" }, - { - "id": "syn 1.0.107", - "target": "build_script_build" - }, { "id": "unicode-ident 1.0.6", "target": "unicode_ident" @@ -1709,77 +1499,17 @@ ], "selects": {} }, - "edition": "2018", - "version": "1.0.107" - }, - "build_script_attrs": { - "data_glob": [ - "**" - ] + "edition": "2021", + "version": "2.0.100" }, "license": "MIT OR Apache-2.0" }, - "synstructure 0.12.6": { - "name": "synstructure", - "version": "0.12.6", - "repository": { - "Http": { - "url": "https://crates.io/api/v1/crates/synstructure/0.12.6/download", - "sha256": "f36bdaa60a83aca3921b5259d5400cbf5e90fc51931376a9bd4a0eb79aa7210f" - } - }, - "targets": [ - { - "Library": { - "crate_name": "synstructure", - "crate_root": "src/lib.rs", - "srcs": [ - "**/*.rs" - ] - } - } - ], - "library_target_name": "synstructure", - "common_attrs": { - "compile_data_glob": [ - "**" - ], - "crate_features": [ - "default", - "proc-macro" - ], - "deps": { - "common": [ - { - "id": "proc-macro2 1.0.51", - "target": "proc_macro2" - }, - { - "id": "quote 1.0.23", - "target": "quote" - }, - { - "id": "syn 1.0.107", - "target": "syn" - }, - { - "id": "unicode-xid 0.2.4", - "target": "unicode_xid" - } - ], - "selects": {} - }, - "edition": "2018", - "version": "0.12.6" - }, - "license": "MIT" - }, "typenum 1.16.0": { "name": "typenum", "version": "1.16.0", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/typenum/1.16.0/download", + "url": "https://static.crates.io/crates/typenum/1.16.0/download", "sha256": "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" } }, @@ -1832,7 +1562,7 @@ "version": "1.0.6", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/unicode-ident/1.0.6/download", + "url": "https://static.crates.io/crates/unicode-ident/1.0.6/download", "sha256": "84a22b9f218b40614adcb3f4ff08b703773ad44fa9423e4e0d346d5db86e4ebc" } }, @@ -1857,45 +1587,12 @@ }, "license": "(MIT OR Apache-2.0) AND Unicode-DFS-2016" }, - "unicode-xid 0.2.4": { - "name": "unicode-xid", - "version": "0.2.4", - "repository": { - "Http": { - "url": "https://crates.io/api/v1/crates/unicode-xid/0.2.4/download", - "sha256": "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c" - } - }, - "targets": [ - { - "Library": { - "crate_name": "unicode_xid", - "crate_root": "src/lib.rs", - "srcs": [ - "**/*.rs" - ] - } - } - ], - "library_target_name": "unicode_xid", - "common_attrs": { - "compile_data_glob": [ - "**" - ], - "crate_features": [ - "default" - ], - "edition": "2015", - "version": "0.2.4" - }, - "license": "MIT OR Apache-2.0" - }, "version_check 0.9.4": { "name": "version_check", "version": "0.9.4", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/version_check/0.9.4/download", + "url": "https://static.crates.io/crates/version_check/0.9.4/download", "sha256": "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" } }, @@ -1920,13 +1617,13 @@ }, "license": "MIT/Apache-2.0" }, - "zeroize 1.5.7": { + "zeroize 1.8.1": { "name": "zeroize", - "version": "1.5.7", + "version": "1.8.1", "repository": { "Http": { - "url": "https://crates.io/api/v1/crates/zeroize/1.5.7/download", - "sha256": "c394b5bd0c6f669e7275d9c20aa90ae064cb22e75a1cad54e1b34088034b149f" + "url": "https://static.crates.io/crates/zeroize/1.8.1/download", + "sha256": "ced3678a2879b30306d323f4542626697a464a97c0a07c9aebf7ebca65cd4dde" } }, "targets": [ @@ -1947,71 +1644,10 @@ ], "crate_features": [ "alloc", - "default", - "zeroize_derive" - ], - "edition": "2018", - "proc_macro_deps": { - "common": [ - { - "id": "zeroize_derive 1.3.3", - "target": "zeroize_derive" - } - ], - "selects": {} - }, - "version": "1.5.7" - }, - "license": "Apache-2.0 OR MIT" - }, - "zeroize_derive 1.3.3": { - "name": "zeroize_derive", - "version": "1.3.3", - "repository": { - "Http": { - "url": "https://crates.io/api/v1/crates/zeroize_derive/1.3.3/download", - "sha256": "44bf07cb3e50ea2003396695d58bf46bc9887a1f362260446fad6bc4e79bd36c" - } - }, - "targets": [ - { - "ProcMacro": { - "crate_name": "zeroize_derive", - "crate_root": "src/lib.rs", - "srcs": [ - "**/*.rs" - ] - } - } - ], - "library_target_name": "zeroize_derive", - "common_attrs": { - "compile_data_glob": [ - "**" + "default" ], - "deps": { - "common": [ - { - "id": "proc-macro2 1.0.51", - "target": "proc_macro2" - }, - { - "id": "quote 1.0.23", - "target": "quote" - }, - { - "id": "syn 1.0.107", - "target": "syn" - }, - { - "id": "synstructure 0.12.6", - "target": "synstructure" - } - ], - "selects": {} - }, - "edition": "2018", - "version": "1.3.3" + "edition": "2021", + "version": "1.8.1" }, "license": "Apache-2.0 OR MIT" } @@ -2021,15 +1657,26 @@ "direct-cargo-bazel-deps 0.0.1": "" }, "conditions": { - "aarch64-apple-darwin": [ - "aarch64-apple-darwin" - ], "aarch64-linux-android": [ "aarch64-linux-android" ], + "cfg(all(not(curve25519_dalek_backend = \"fiat\"), not(curve25519_dalek_backend = \"serial\"), target_arch = \"x86_64\"))": [ + "x86_64-apple-darwin", + "x86_64-apple-ios", + "x86_64-linux-android", + "x86_64-pc-windows-msvc", + "x86_64-unknown-freebsd", + "x86_64-unknown-linux-gnu" + ], "cfg(all(target_arch = \"aarch64\", target_os = \"linux\"))": [ "aarch64-unknown-linux-gnu" ], + "cfg(all(target_arch = \"aarch64\", target_vendor = \"apple\"))": [ + "aarch64-apple-darwin", + "aarch64-apple-ios", + "aarch64-apple-ios-sim" + ], + "cfg(all(target_arch = \"loongarch64\", target_os = \"linux\"))": [], "cfg(any(target_arch = \"aarch64\", target_arch = \"x86_64\", target_arch = \"x86\"))": [ "aarch64-apple-darwin", "aarch64-apple-ios", @@ -2048,6 +1695,15 @@ "x86_64-pc-windows-msvc", "x86_64-unknown-freebsd", "x86_64-unknown-linux-gnu" + ], + "cfg(curve25519_dalek_backend = \"fiat\")": [], + "cfg(target_arch = \"x86_64\")": [ + "x86_64-apple-darwin", + "x86_64-apple-ios", + "x86_64-linux-android", + "x86_64-pc-windows-msvc", + "x86_64-unknown-freebsd", + "x86_64-unknown-linux-gnu" ] } } diff --git a/deps.bzl b/deps.bzl index a775567..82366ad 100644 --- a/deps.bzl +++ b/deps.bzl @@ -16,7 +16,7 @@ def rice_dependencies(): lockfile = "@salus//rice/bazel-locks:rice-cargo-bazel-lock.json", packages = { "arrayvec": crate.spec( - version = "0.7.2", + version = "0.7.6", default_features = False, ), "const-oid": crate.spec( @@ -24,41 +24,40 @@ def rice_dependencies(): features = ["db"], ), "der": crate.spec( - version = "0.6.0", + version = "0.7.9", features = ["derive", "flagset", "oid"], ), "digest": crate.spec( - version = "0.10.3", + version = "0.10.7", default_features = False, ), "ed25519": crate.spec( - version = "1.5.2", + version = "2.2.3", default_features = False, features = ["pkcs8"], ), "ed25519-dalek": crate.spec( - version = "1.0.1", + version = "2.1.1", default_features = False, - features = ["u64_backend"], ), "flagset": crate.spec( - version = "0.4.3", + version = "0.4.6", ), - "generic-array": crate.spec(version = "0.14.6"), + "generic-array": crate.spec(version = "0.14.7"), "hex": crate.spec( version = "0.4.3", default_features = False, ), - "hkdf": crate.spec(version = "0.12.3"), + "hkdf": crate.spec(version = "0.12.4"), "hmac": crate.spec(version = "0.12.1"), - "sha2": crate.spec(version = "0.10", default_features = False), - "signature": crate.spec(version = "1.6.4", default_features = False), + "sha2": crate.spec(version = "0.10.8", default_features = False), + "signature": crate.spec(version = "2.2.0", default_features = False), "spin": crate.spec( - version = "*", + version = "0.10.0", default_features = False, features = ["rwlock"], ), - "spki": crate.spec(version = "0.6.0"), - "zeroize": crate.spec(version = "1.5.7"), + "spki": crate.spec(version = "0.7.3"), + "zeroize": crate.spec(version = "1.8.1"), }, ) diff --git a/src/cdi.rs b/src/cdi.rs index dfad2a3..bff7f15 100644 --- a/src/cdi.rs +++ b/src/cdi.rs @@ -3,7 +3,7 @@ // SPDX-License-Identifier: Apache-2.0 use crate::Result; -use signature::{Signature, Signer}; +use signature::{SignatureEncoding, Signer}; use zeroize::Zeroize; /// Compound Device Identifier (CDI) Types. @@ -32,7 +32,7 @@ impl CdiType { pub const CDI_ID_LEN: usize = 20; /// Trait to implement a DICE Compound Device Identifier (CDI) -pub trait CompoundDeviceIdentifier: +pub trait CompoundDeviceIdentifier: Signer + Zeroize + Sized { /// Returns the CDI Identifier based on the CDI public key. diff --git a/src/layer.rs b/src/layer.rs index 259f0dd..386a48d 100644 --- a/src/layer.rs +++ b/src/layer.rs @@ -15,18 +15,18 @@ use arrayvec::ArrayVec; use core::marker::PhantomData; use digest::Digest; use hkdf::HmacImpl; -use signature::Signature; +use signature::SignatureEncoding; use spin::{RwLock, RwLockReadGuard}; use zeroize::{Zeroize, ZeroizeOnDrop}; /// A structure representing the basic functionalities of a TCG DICE layer without Certificate handling. -pub struct LayerBase> { +pub struct LayerBase> { cdi: Cdi, next_cdi: RwLock>, _pd_s: PhantomData, } -impl> Zeroize +impl> Zeroize for LayerBase { fn zeroize(&mut self) { @@ -35,12 +35,12 @@ impl> Zeroize } } -impl> ZeroizeOnDrop +impl> ZeroizeOnDrop for LayerBase { } -impl> LayerBase { +impl> LayerBase { /// DICE layer constructor. /// /// # Parameters @@ -82,7 +82,7 @@ impl> LayerBase< /// A TCG DICE layer. pub struct Layer< const N: usize, - S: Signature, + S: SignatureEncoding, C: CompoundDeviceIdentifier, D: Digest, H: HmacImpl = hmac::Hmac, @@ -94,7 +94,7 @@ pub struct Layer< impl< const N: usize, - S: Signature, + S: SignatureEncoding, C: CompoundDeviceIdentifier, D: Digest, H: HmacImpl, @@ -109,7 +109,7 @@ impl< impl< const N: usize, - S: Signature, + S: SignatureEncoding, C: CompoundDeviceIdentifier, D: Digest, H: HmacImpl, @@ -119,7 +119,7 @@ impl< impl< const N: usize, - S: Signature, + S: SignatureEncoding, C: CompoundDeviceIdentifier, D: Digest, H: HmacImpl, @@ -155,13 +155,14 @@ impl< extns: Option<&'a [&'a [u8]]>, ) -> Result> { let mut cert_der_bytes = [0u8; MAX_CERT_SIZE]; - let cert_der = Certificate::from_layer( + Certificate::from_layer( &self.base.cdi, self.base.next_cdi().as_ref().ok_or(Error::MissingNextCdi)?, extns, &mut cert_der_bytes, )?; + let cert_der: &[u8] = &cert_der_bytes; ArrayVec::try_from(cert_der).map_err(Error::CertificateTooLarge) } @@ -172,13 +173,14 @@ impl< extns: Option<&'a [&'a [u8]]>, ) -> Result> { let mut cert_der_bytes = [0u8; MAX_CERT_SIZE]; - let cert_der = Certificate::from_csr::( + Certificate::from_csr::( self.base.current_cdi(), csr, extns, &mut cert_der_bytes, )?; + let cert_der: &[u8] = &cert_der_bytes; ArrayVec::try_from(cert_der).map_err(Error::CertificateTooLarge) } } diff --git a/src/local_cdi.rs b/src/local_cdi.rs index 51561f9..c9cd0fe 100644 --- a/src/local_cdi.rs +++ b/src/local_cdi.rs @@ -9,7 +9,7 @@ use crate::{ }; use core::marker::PhantomData; use digest::Digest; -use ed25519_dalek::{Keypair, SecretKey, Signature, PUBLIC_KEY_LENGTH, SECRET_KEY_LENGTH}; +use ed25519_dalek::{Signature, SigningKey, PUBLIC_KEY_LENGTH, SECRET_KEY_LENGTH}; use hkdf::HmacImpl; use zeroize::{Zeroize, ZeroizeOnDrop}; @@ -30,14 +30,10 @@ pub(crate) const ASYM_SALT: [u8; 64] = [ ]; /// Extract and expand an asymetric key pair from a CDI. -fn key_pair_from_cdi>(cdi: &[u8]) -> Result { +fn key_pair_from_cdi>(cdi: &[u8]) -> Result { let mut private_key_bytes = [0u8; SECRET_KEY_LENGTH]; kdf::(cdi, &ASYM_SALT, &[b"Key_Pair"], &mut private_key_bytes)?; - let secret = SecretKey::from_bytes(&private_key_bytes).map_err(Error::InvalidKey)?; - Ok(Keypair { - public: (&secret).into(), - secret, - }) + Ok(SigningKey::from(private_key_bytes)) } /// A DICE Compound Device Identifier (CDI) implementation. @@ -45,7 +41,7 @@ pub struct LocalCdi = hmac::Hmac> { cdi: [u8; N], cdi_type: CdiType, #[allow(dead_code)] - key_pair: Keypair, + key_pair: SigningKey, _pd_d: PhantomData, _pd_h: PhantomData, @@ -122,13 +118,13 @@ impl> /// Public key for the current CDI. fn public_key(&self) -> [u8; PUBLIC_KEY_LENGTH] { - self.key_pair.public.to_bytes() + self.key_pair.verifying_key().to_bytes() } /// CDI Identifier based on the CDI public key. fn id(&self) -> Result<[u8; CDI_ID_LEN]> { let mut cdi_id = [0u8; CDI_ID_LEN]; - derive_cdi_id::(self.key_pair.public.as_bytes(), &mut cdi_id)?; + derive_cdi_id::(self.key_pair.as_bytes(), &mut cdi_id)?; Ok(cdi_id) } diff --git a/src/x509.rs b/src/x509.rs index 161fd80..e06474a 100644 --- a/src/x509.rs +++ b/src/x509.rs @@ -87,7 +87,7 @@ macro_rules! impl_newtype { #[allow(unused_lifetimes)] impl<'a> ::der::EncodeValue for $newtype { - fn encode_value(&self, encoder: &mut dyn ::der::Writer) -> ::der::Result<()> { + fn encode_value(&self, encoder: &mut impl ::der::Writer) -> ::der::Result<()> { self.0.encode_value(encoder) } diff --git a/src/x509/attr.rs b/src/x509/attr.rs index f40a984..a1b359f 100644 --- a/src/x509/attr.rs +++ b/src/x509/attr.rs @@ -7,7 +7,7 @@ use arrayvec::ArrayVec; use core::fmt::{self, Write}; use const_oid::db::DB; -use der::asn1::{AnyRef, ObjectIdentifier, SetOf}; +use der::asn1::{AnyRef, Ia5StringRef, ObjectIdentifier, PrintableStringRef, SetOf, Utf8StringRef}; use der::{Decode, Encode, Error, ErrorKind, Length, Sequence, Tag, Tagged, ValueOrd}; use crate::x509::{MAX_CSR_ATV, MAX_CSR_ATV_LEN, MAX_CSR_ATV_VALUE, MAX_CSR_ATV_VALUE_LEN}; @@ -241,9 +241,11 @@ impl AttributeTypeAndValue<'_> { impl fmt::Display for AttributeTypeAndValue<'_> { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { let val = match self.value.tag() { - Tag::PrintableString => self.value.printable_string().ok().map(|s| s.as_str()), - Tag::Utf8String => self.value.utf8_string().ok().map(|s| s.as_str()), - Tag::Ia5String => self.value.ia5_string().ok().map(|s| s.as_str()), + Tag::PrintableString => PrintableStringRef::try_from(self.value) + .ok() + .map(|s| s.as_str()), + Tag::Utf8String => Utf8StringRef::try_from(self.value).ok().map(|s| s.as_str()), + Tag::Ia5String => Ia5StringRef::try_from(self.value).ok().map(|s| s.as_str()), _ => None, }; diff --git a/src/x509/certificate.rs b/src/x509/certificate.rs index 5c3e9e9..38d0294 100644 --- a/src/x509/certificate.rs +++ b/src/x509/certificate.rs @@ -4,13 +4,13 @@ // SPDX-License-Identifier: Apache-2.0 use const_oid::AssociatedOid; -use der::asn1::{BitStringRef, OctetStringRef, SequenceOf, SetOf, UIntRef, Utf8StringRef}; +use der::asn1::{BitStringRef, OctetStringRef, SequenceOf, SetOf, UintRef, Utf8StringRef}; use der::{AnyRef, Decode, Encode}; use der::{Enumerated, Sequence}; use digest::Digest; use hkdf::HmacImpl; -use signature::Signature; -use spki::{AlgorithmIdentifier, SubjectPublicKeyInfo}; +use signature::SignatureEncoding; +use spki::{AlgorithmIdentifier, SubjectPublicKeyInfoRef}; use crate::{ cdi::{CompoundDeviceIdentifier, CDI_ID_LEN}, @@ -39,7 +39,7 @@ fn x509_serial_number(id: &[u8]) -> Result { value: AnyRef::from(Utf8StringRef::new(id).map_err(Error::InvalidDer)?), }; let mut sn_atv_set = SetOf::::new(); - sn_atv_set.add(sn_atv).map_err(Error::InvalidDer)?; + sn_atv_set.insert(sn_atv).map_err(Error::InvalidDer)?; let rdn = RelativeDistinguishedName(sn_atv_set); let mut rdn_sequence = SequenceOf::::new(); rdn_sequence.add(rdn).map_err(Error::InvalidDer)?; @@ -129,7 +129,7 @@ impl Default for Version { /// issuer Name, /// validity Validity, /// subject Name, -/// subjectPublicKeyInfo SubjectPublicKeyInfo, +/// subjectPublicKeyInfo SubjectPublicKeyInfoRef, /// issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, /// -- If present, version MUST be v2 or v3 /// subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, @@ -152,12 +152,12 @@ pub struct TbsCertificate<'a> { #[asn1(context_specific = "0", default = "Default::default")] pub version: Version, - pub serial_number: UIntRef<'a>, - pub signature: AlgorithmIdentifier<'a>, + pub serial_number: UintRef<'a>, + pub signature: AlgorithmIdentifier>, pub issuer: Name<'a>, pub validity: Validity, pub subject: Name<'a>, - pub subject_public_key_info: SubjectPublicKeyInfo<'a>, + pub subject_public_key_info: SubjectPublicKeyInfoRef<'a>, #[asn1(context_specific = "1", tag_mode = "IMPLICIT", optional = "true")] pub issuer_unique_id: Option>, @@ -184,7 +184,7 @@ pub struct TbsCertificate<'a> { #[allow(missing_docs)] pub struct Certificate<'a> { pub tbs_certificate: TbsCertificate<'a>, - pub signature_algorithm: AlgorithmIdentifier<'a>, + pub signature_algorithm: AlgorithmIdentifier>, pub signature: BitStringRef<'a>, } @@ -197,12 +197,12 @@ impl<'a> Certificate<'a> { /// @next_cdi: The next layer CDI. /// @extns: An optional slice of x.509 DER-formatted extensions slices. /// @certificate_buf: Buffer to hold the certificate DER. - pub fn from_layer>( + pub fn from_layer>( current_cdi: &C, next_cdi: &C, extns: Option<&'a [&'a [u8]]>, - certificate_buf: &'a mut [u8], - ) -> Result<&'a [u8]> { + certificate_buf: &mut [u8], + ) -> Result<()> { // The serial number is the next layer CDI ID let next_cdi_id = next_cdi.id()?; @@ -210,9 +210,12 @@ impl<'a> Certificate<'a> { let subject = x509_serial_number(&next_cdi_id)?; // The subject public key is the next CDI derived public key. - let subject_public_key_info = SubjectPublicKeyInfo { + let pub_key = next_cdi.public_key(); + let bit_string_ref = + BitStringRef::from_bytes(&pub_key).map_err(|_| Error::InvalidSignature)?; + let subject_public_key_info = SubjectPublicKeyInfoRef { algorithm: ed25519::pkcs8::ALGORITHM_ID, - subject_public_key: &next_cdi.public_key(), + subject_public_key: bit_string_ref, }; Certificate::from_current_cdi( @@ -235,7 +238,7 @@ impl<'a> Certificate<'a> { /// @certificate_buf: Buffer to hold the certificate DER. pub fn from_csr< const N: usize, - S: Signature, + S: SignatureEncoding, C: CompoundDeviceIdentifier, D: Digest, H: HmacImpl, @@ -244,7 +247,7 @@ impl<'a> Certificate<'a> { csr: &CertReq<'a>, extns: Option<&'a [&'a [u8]]>, certificate_buf: &'a mut [u8], - ) -> Result<&'a [u8]> { + ) -> Result<()> { // The serial number is derived from the CSR public key. let mut cdi_id = [0u8; CDI_ID_LEN * 2]; csr.cdi_id::(&mut cdi_id)?; @@ -253,24 +256,24 @@ impl<'a> Certificate<'a> { current_cdi, &cdi_id, csr.info.subject.clone(), - csr.info.public_key, + csr.info.public_key.clone(), extns, certificate_buf, ) } - fn from_current_cdi>( + fn from_current_cdi>( current_cdi: &C, serial_number_bytes: &[u8], subject: RdnSequence, - subject_public_key_info: SubjectPublicKeyInfo, + subject_public_key_info: SubjectPublicKeyInfoRef<'a>, extns: Option<&'a [&'a [u8]]>, certificate_buf: &'a mut [u8], - ) -> Result<&'a [u8]> { + ) -> Result<()> { let mut current_cdi_id = [0u8; 2 * CDI_ID_LEN]; hex::encode_to_slice(current_cdi.id()?, &mut current_cdi_id) .map_err(Error::InvalidCdiId)?; - let serial_number = UIntRef::new(serial_number_bytes).map_err(Error::InvalidDer)?; + let serial_number = UintRef::new(serial_number_bytes).map_err(Error::InvalidDer)?; // Issuer contains one ATV for one RDN: `SN=` let issuer = x509_serial_number(¤t_cdi_id)?; @@ -351,16 +354,18 @@ impl<'a> Certificate<'a> { .encode_to_slice(&mut tbs_bytes_buffer) .map_err(Error::InvalidDer)?; let signature = current_cdi.sign(tbs_bytes); - let signature_bytes = signature.as_bytes(); + let signature_bytes = signature.to_bytes(); + let signature_bytes_ref = signature_bytes.as_ref(); let certificate = Certificate { tbs_certificate, - signature: BitStringRef::from_bytes(signature_bytes).map_err(Error::InvalidDer)?, + signature: BitStringRef::from_bytes(signature_bytes_ref).map_err(Error::InvalidDer)?, signature_algorithm: ed25519::pkcs8::ALGORITHM_ID, }; certificate .encode_to_slice(certificate_buf) - .map_err(Error::InvalidDer) + .map_err(Error::InvalidDer)?; + Ok(()) } } diff --git a/src/x509/extensions/dice/tcbinfo.rs b/src/x509/extensions/dice/tcbinfo.rs index c800333..22aff04 100644 --- a/src/x509/extensions/dice/tcbinfo.rs +++ b/src/x509/extensions/dice/tcbinfo.rs @@ -5,7 +5,7 @@ use const_oid::{AssociatedOid, ObjectIdentifier}; use der::Sequence; use der::{ - asn1::{OctetStringRef, SequenceOf, UIntRef, Utf8StringRef}, + asn1::{OctetStringRef, SequenceOf, UintRef, Utf8StringRef}, Encode, }; use digest::{Digest, OutputSizeUser}; @@ -81,15 +81,15 @@ pub struct DiceTcbInfo<'a> { #[asn1(context_specific = "3", tag_mode = "IMPLICIT", optional = "true")] /// The security version number associated with the target TCB. - pub svn: Option>, + pub svn: Option>, #[asn1(context_specific = "4", tag_mode = "IMPLICIT", optional = "true")] /// The DICE layer associated with this measurement of the target TCB. - pub layer: Option>, + pub layer: Option>, #[asn1(context_specific = "5", tag_mode = "IMPLICIT", optional = "true")] /// A value that enumerates measurement of assets within the target TCB and DICE layer. - pub index: Option>, + pub index: Option>, #[asn1(context_specific = "6", tag_mode = "IMPLICIT", optional = "true")] /// A list of FWID values resulting from applying the hashAlg function over diff --git a/src/x509/extensions/pkix/authkeyid.rs b/src/x509/extensions/pkix/authkeyid.rs index 9a1bd80..869e1a5 100644 --- a/src/x509/extensions/pkix/authkeyid.rs +++ b/src/x509/extensions/pkix/authkeyid.rs @@ -7,7 +7,7 @@ use super::name::GeneralNames; use const_oid::db::rfc5280::ID_CE_AUTHORITY_KEY_IDENTIFIER; use const_oid::{AssociatedOid, ObjectIdentifier}; -use der::asn1::{OctetStringRef, UIntRef}; +use der::asn1::{OctetStringRef, UintRef}; use der::Sequence; pub(crate) const AUTH_KEY_ID_EXTENSION_LEN: usize = 64; @@ -35,7 +35,7 @@ pub struct AuthorityKeyIdentifier<'a> { pub authority_cert_issuer: Option>, #[asn1(context_specific = "2", tag_mode = "IMPLICIT", optional = "true")] - pub authority_cert_serial_number: Option>, + pub authority_cert_serial_number: Option>, } impl<'a> AssociatedOid for AuthorityKeyIdentifier<'a> { diff --git a/src/x509/request.rs b/src/x509/request.rs index 8b6f4b4..748b2e9 100644 --- a/src/x509/request.rs +++ b/src/x509/request.rs @@ -5,7 +5,7 @@ use der::asn1::BitStringRef; use der::{Decode, Enumerated, Sequence}; -use spki::{AlgorithmIdentifier, SubjectPublicKeyInfo}; +use spki::{AlgorithmIdentifier, SubjectPublicKeyInfoRef}; use crate::cdi::CDI_ID_LEN; use crate::x509::{attr::Attributes, name::Name, verify::verifier_from_algorithm}; @@ -43,7 +43,7 @@ pub struct CertReqInfo<'a> { pub subject: Name<'a>, /// Subject public key info. - pub public_key: SubjectPublicKeyInfo<'a>, + pub public_key: SubjectPublicKeyInfoRef<'a>, /// Request attributes. #[asn1(context_specific = "0", tag_mode = "IMPLICIT")] @@ -75,7 +75,7 @@ pub struct CertReq<'a> { pub info: CertReqInfo<'a>, /// Signature algorithm identifier. - pub algorithm: AlgorithmIdentifier<'a>, + pub algorithm: AlgorithmIdentifier<()>, /// Signature. pub signature: BitStringRef<'a>, @@ -99,7 +99,7 @@ impl<'a> CertReq<'a> { pub fn cdi_id>(&self, cdi_id: &mut [u8]) -> Result<()> { let mut cdi_id_bytes = [0u8; CDI_ID_LEN]; crate::kdf::derive_cdi_id::( - self.info.public_key.subject_public_key, + self.info.public_key.subject_public_key.raw_bytes(), &mut cdi_id_bytes, )?; hex::encode_to_slice(cdi_id_bytes, cdi_id).map_err(Error::InvalidCdiId) diff --git a/src/x509/verify.rs b/src/x509/verify.rs index 889f40a..286d4b3 100644 --- a/src/x509/verify.rs +++ b/src/x509/verify.rs @@ -4,7 +4,7 @@ use der::Encode; use ed25519::pkcs8::{DecodePublicKey, PublicKeyBytes}; -use ed25519_dalek::{PublicKey, Signature, Verifier}; +use ed25519_dalek::{Signature, Verifier, VerifyingKey}; use spki::AlgorithmIdentifier; use crate::{ @@ -35,7 +35,7 @@ impl CertVerifier for Ed25519Verifier { .map_err(Error::InvalidDer)?; let pub_key_bytes = PublicKeyBytes::from_public_key_der(pub_key_der).map_err(Error::InvalidPublicKeyDer)?; - let pub_key = PublicKey::from_bytes(&pub_key_bytes.to_bytes()) + let pub_key = VerifyingKey::from_bytes(&pub_key_bytes.to_bytes()) .map_err(|_| Error::InvalidPublicKey)?; let mut csr_info_bytes = [0u8; MAX_CSR_LEN]; @@ -53,7 +53,7 @@ impl CertVerifier for Ed25519Verifier { } } -pub fn verifier_from_algorithm(alg: AlgorithmIdentifier) -> Result<&'static dyn CertVerifier> { +pub fn verifier_from_algorithm(alg: AlgorithmIdentifier<()>) -> Result<&'static dyn CertVerifier> { match alg.oid { ed25519::pkcs8::ALGORITHM_OID => Ok(&ED25519_V), From bb8e267fa7a3c9cbca124ed2a3df255a27fd56a4 Mon Sep 17 00:00:00 2001 From: Dylan Reid Date: Thu, 3 Apr 2025 11:59:41 -0700 Subject: [PATCH 2/4] tests: Remove other test The test in other was disabled without the alloc feature, which doesn't exist. It also depends on hex_literal, which has no way of being included. Remove it so test runs stop warning about the disabled test. Signed-off-by: Dylan Reid --- src/x509/extensions/pkix/name/other.rs | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/src/x509/extensions/pkix/name/other.rs b/src/x509/extensions/pkix/name/other.rs index 38c38c9..3e5d294 100644 --- a/src/x509/extensions/pkix/name/other.rs +++ b/src/x509/extensions/pkix/name/other.rs @@ -23,21 +23,3 @@ pub struct OtherName<'a> { #[asn1(context_specific = "0", tag_mode = "EXPLICIT")] pub value: AnyRef<'a>, } - -#[test] -#[cfg(test)] -#[cfg(feature = "alloc")] -fn test() { - use alloc::string::ToString; - use der::{Decode, Encode}; - use hex_literal::hex; - - let input = hex!("3021060A2B060104018237140203A0130C1155706E5F323134393530313330406D696C"); - let decoded = OtherName::from_der(&input).unwrap(); - - let onval = decoded.value.utf8_string().unwrap(); - assert_eq!(onval.to_string(), "Upn_214950130@mil"); - - let encoded = decoded.to_vec().unwrap(); - assert_eq!(&input[..], &encoded); -} From e44d867736a8eee56be6d2399ae5609a4f76d989 Mon Sep 17 00:00:00 2001 From: Dylan Reid Date: Thu, 3 Apr 2025 12:01:50 -0700 Subject: [PATCH 3/4] x509 name: clippy lint Remove a clippy lint for converting to an interator for a function that takes `IntoIterator`. Signed-off-by: Dylan Reid --- src/x509/name.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/x509/name.rs b/src/x509/name.rs index deb0609..ea31c00 100644 --- a/src/x509/name.rs +++ b/src/x509/name.rs @@ -102,7 +102,7 @@ fn find(s: &str, b: u8) -> impl '_ + Iterator { /// Split a string at all non-escaped separators. fn split(s: &str, b: u8) -> impl '_ + Iterator { let mut prev = 0; - find(s, b).chain([s.len()].into_iter()).map(move |i| { + find(s, b).chain([s.len()]).map(move |i| { let x = &s[prev..i]; prev = i + 1; x From edf08778d9843c6542c58ce81d13790d5b542c13 Mon Sep 17 00:00:00 2001 From: Dylan Reid Date: Fri, 4 Apr 2025 20:14:16 -0700 Subject: [PATCH 4/4] clippy: fix elided lifetimes A recent cargo clippy doesn't like named, but elide-able lifetimes. Signed-off-by: Dylan Reid --- src/x509/extensions/dice/tcbinfo.rs | 2 +- src/x509/extensions/pkix.rs | 8 ++++---- src/x509/extensions/pkix/authkeyid.rs | 2 +- src/x509/request.rs | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/x509/extensions/dice/tcbinfo.rs b/src/x509/extensions/dice/tcbinfo.rs index 22aff04..05e332c 100644 --- a/src/x509/extensions/dice/tcbinfo.rs +++ b/src/x509/extensions/dice/tcbinfo.rs @@ -159,7 +159,7 @@ impl<'a> DiceTcbInfo<'a> { } } -impl<'a> AssociatedOid for DiceTcbInfo<'a> { +impl AssociatedOid for DiceTcbInfo<'_> { const OID: ObjectIdentifier = TCG_DICE_TCB_INFO; } diff --git a/src/x509/extensions/pkix.rs b/src/x509/extensions/pkix.rs index 259a8b2..de6c586 100644 --- a/src/x509/extensions/pkix.rs +++ b/src/x509/extensions/pkix.rs @@ -44,7 +44,7 @@ use der::asn1::{OctetStringRef, SequenceOf}; #[derive(Copy, Clone, Debug, PartialEq, Eq)] pub struct SubjectKeyIdentifier<'a>(pub OctetStringRef<'a>); -impl<'a> AssociatedOid for SubjectKeyIdentifier<'a> { +impl AssociatedOid for SubjectKeyIdentifier<'_> { const OID: ObjectIdentifier = ID_CE_SUBJECT_KEY_IDENTIFIER; } @@ -60,7 +60,7 @@ impl_newtype!(SubjectKeyIdentifier<'a>, OctetStringRef<'a>); #[derive(Clone, Debug, Default, PartialEq, Eq)] pub struct SubjectAltName<'a>(pub name::GeneralNames<'a>); -impl<'a> AssociatedOid for SubjectAltName<'a> { +impl AssociatedOid for SubjectAltName<'_> { const OID: ObjectIdentifier = ID_CE_SUBJECT_ALT_NAME; } @@ -76,7 +76,7 @@ impl_newtype!(SubjectAltName<'a>, name::GeneralNames<'a>); #[derive(Clone, Debug, Default, PartialEq, Eq)] pub struct IssuerAltName<'a>(pub name::GeneralNames<'a>); -impl<'a> AssociatedOid for IssuerAltName<'a> { +impl AssociatedOid for IssuerAltName<'_> { const OID: ObjectIdentifier = ID_CE_ISSUER_ALT_NAME; } @@ -92,7 +92,7 @@ impl_newtype!(IssuerAltName<'a>, name::GeneralNames<'a>); #[derive(Clone, Debug, Default, PartialEq, Eq)] pub struct SubjectDirectoryAttributes<'a>(pub SequenceOf, 8>); -impl<'a> AssociatedOid for SubjectDirectoryAttributes<'a> { +impl AssociatedOid for SubjectDirectoryAttributes<'_> { const OID: ObjectIdentifier = ID_CE_SUBJECT_DIRECTORY_ATTRIBUTES; } diff --git a/src/x509/extensions/pkix/authkeyid.rs b/src/x509/extensions/pkix/authkeyid.rs index 869e1a5..3c5a61d 100644 --- a/src/x509/extensions/pkix/authkeyid.rs +++ b/src/x509/extensions/pkix/authkeyid.rs @@ -38,6 +38,6 @@ pub struct AuthorityKeyIdentifier<'a> { pub authority_cert_serial_number: Option>, } -impl<'a> AssociatedOid for AuthorityKeyIdentifier<'a> { +impl AssociatedOid for AuthorityKeyIdentifier<'_> { const OID: ObjectIdentifier = ID_CE_AUTHORITY_KEY_IDENTIFIER; } diff --git a/src/x509/request.rs b/src/x509/request.rs index 748b2e9..6d9a1f8 100644 --- a/src/x509/request.rs +++ b/src/x509/request.rs @@ -89,7 +89,7 @@ impl<'a> TryFrom<&'a [u8]> for CertReq<'a> { } } -impl<'a> CertReq<'a> { +impl CertReq<'_> { /// Verifies a CSR signature pub fn verify(&self) -> Result<()> { verifier_from_algorithm(self.algorithm)?.verify_csr(self)