Merge pull request #127 from str4d/update-deps

Update dependencies
This commit is contained in:
str4d
2023-03-23 05:31:44 +00:00
committed by GitHub
6 changed files with 385 additions and 373 deletions
+1 -1
View File
@@ -8,7 +8,7 @@ to 0.3.0 are beta releases.
## [Unreleased]
### Changed
- MSRV is now 1.60.0.
- MSRV is now 1.65.0.
- The YubiKey PIV PIN and touch caches are now preserved across processes in
most cases. See [README.md](README.md#agent-support) for exceptions. This has
several usability effects (not applicable to YubiKey 4 series):
Generated
+369 -348
View File
File diff suppressed because it is too large Load Diff
+5 -8
View File
@@ -9,7 +9,7 @@ keywords = ["age", "cli", "encryption", "yubikey"]
categories = ["command-line-utilities", "cryptography"]
license = "MIT OR Apache-2.0"
edition = "2021"
rust-version = "1.60" # MSRV
rust-version = "1.65" # MSRV
[package.metadata.deb]
extended-description = """\
@@ -24,7 +24,7 @@ assets = [
[dependencies]
age-core = "0.9"
age-plugin = "0.4"
base64 = "0.20"
base64 = "0.21"
bech32 = "0.9"
console = { version = "0.15", default-features = false }
dialoguer = { version = "0.10", default-features = false, features = ["password"] }
@@ -32,14 +32,14 @@ env_logger = "0.10"
gumdrop = "0.8"
hex = "0.4"
log = "0.4"
p256 = { version = "0.11", features = ["ecdh"] }
p256 = { version = "0.13", features = ["ecdh"] }
pcsc = "2.4"
rand = "0.8"
sha2 = "0.10"
which = "4.1"
x509 = "0.2"
x509-parser = "0.14"
yubikey = { version = "0.7", features = ["untested"] }
yubikey = { version = "=0.8.0-pre.0", features = ["untested"] }
# Translations
i18n-embed = { version = "0.13", features = ["desktop-requester", "fluent-system"] }
@@ -48,7 +48,7 @@ lazy_static = "1"
rust-embed = "6"
# GnuPG coexistence
sysinfo = "0.27"
sysinfo = "0.28"
[dev-dependencies]
flate2 = "1"
@@ -56,6 +56,3 @@ man = "0.3"
tempfile = "3"
test-with = "0.9"
which = "4"
[patch.crates-io]
yubikey = { git = "https://github.com/iqlusioninc/yubikey.rs.git", rev = "1d33ea174791f699dfc0e6a06648aa3d9e066144" }
+1 -1
View File
@@ -9,7 +9,7 @@ which enables files to be encrypted to age identities stored on YubiKeys.
On Windows, Linux, and macOS, you can use the
[pre-built binaries](https://github.com/str4d/age-plugin-yubikey/releases).
If your system has Rust 1.60+ installed (either via `rustup` or a system
If your system has Rust 1.65+ installed (either via `rustup` or a system
package), you can build directly from source:
```
+1 -1
View File
@@ -1,3 +1,3 @@
[toolchain]
channel = "1.60.0"
channel = "1.65.0"
components = ["clippy", "rustfmt"]
+8 -14
View File
@@ -3,6 +3,7 @@ use age_core::{
primitives::aead_encrypt,
secrecy::ExposeSecret,
};
use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine};
use p256::{
ecdh::EphemeralSecret,
elliptic_curve::sec1::{FromEncodedPoint, ToEncodedPoint},
@@ -18,14 +19,6 @@ const TAG_BYTES: usize = 4;
const EPK_BYTES: usize = 33;
const ENCRYPTED_FILE_KEY_BYTES: usize = 32;
const STANDARD_NO_PAD: &base64::engine::fast_portable::FastPortable = {
use base64::{
alphabet::STANDARD,
engine::fast_portable::{FastPortable, NO_PAD},
};
&FastPortable::from(&STANDARD, NO_PAD)
};
/// The ephemeral key bytes in a piv-p256 stanza.
///
/// The bytes contain a compressed SEC-1 encoding of a valid point.
@@ -34,7 +27,7 @@ pub(crate) struct EphemeralKeyBytes(p256::EncodedPoint);
impl EphemeralKeyBytes {
fn from_bytes(bytes: [u8; EPK_BYTES]) -> Option<Self> {
let encoded = p256::EncodedPoint::from_bytes(&bytes).ok()?;
let encoded = p256::EncodedPoint::from_bytes(bytes).ok()?;
if encoded.is_compressed()
&& p256::PublicKey::from_encoded_point(&encoded)
.is_some()
@@ -73,8 +66,8 @@ impl From<RecipientLine> for Stanza {
Stanza {
tag: STANZA_TAG.to_owned(),
args: vec![
base64::encode_engine(&r.tag, STANDARD_NO_PAD),
base64::encode_engine(r.epk_bytes.as_bytes(), STANDARD_NO_PAD),
BASE64_STANDARD_NO_PAD.encode(r.tag),
BASE64_STANDARD_NO_PAD.encode(r.epk_bytes.as_bytes()),
],
body: r.encrypted_file_key.to_vec(),
}
@@ -92,9 +85,10 @@ impl RecipientLine {
return None;
}
base64::decode_engine_slice(arg, buf.as_mut(), STANDARD_NO_PAD)
BASE64_STANDARD_NO_PAD
.decode_slice_unchecked(arg, buf.as_mut())
.ok()
.map(|_| buf)
.and_then(|len| (len == buf.as_mut().len()).then_some(buf))
}
let (tag, epk_bytes) = match &s.args[..] {
@@ -117,7 +111,7 @@ impl RecipientLine {
}
pub(crate) fn wrap_file_key(file_key: &FileKey, pk: &Recipient) -> Self {
let esk = EphemeralSecret::random(OsRng);
let esk = EphemeralSecret::random(&mut OsRng);
let epk = esk.public_key();
let epk_bytes = EphemeralKeyBytes::from_public_key(&epk);