From cbe60413cbd5ad155393632f84bb6eb39e4cb635 Mon Sep 17 00:00:00 2001 From: Tony Arcieri Date: Sat, 17 Oct 2020 13:32:05 -0700 Subject: [PATCH] Bump `p256` to v0.5; `p384` to v0.4; MSRV 1.44+ --- .github/workflows/rust.yml | 6 ++-- Cargo.lock | 73 ++++++++++++++++++++++++++++++++++---- Cargo.toml | 6 ++-- README.md | 4 +-- src/certificate.rs | 6 ++-- src/key.rs | 4 +-- 6 files changed, 80 insertions(+), 19 deletions(-) diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index 6ebc24f..755a93a 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -35,7 +35,7 @@ jobs: strategy: matrix: toolchain: - - 1.41.0 + - 1.44.0 # MSRV - stable runs-on: ubuntu-latest steps: @@ -75,7 +75,7 @@ jobs: - macos-latest - windows-latest toolchain: - - 1.41.0 + - 1.44.0 # MSRV - stable runs-on: ${{ matrix.platform }} steps: @@ -136,7 +136,7 @@ jobs: - name: Install stable toolchain uses: actions-rs/toolchain@v1 with: - toolchain: stable + toolchain: 1.44.0 # MSRV override: true - name: Install libpcsclite-dev diff --git a/Cargo.lock b/Cargo.lock index 4e05105..305ac3e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -62,6 +62,17 @@ version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" +[[package]] +name = "bitvec" +version = "0.18.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d2838fdd79e8776dbe07a106c784b0f8dda571a21b2750a092cc4cbaa653c8e" +dependencies = [ + "funty", + "radium", + "wyz", +] + [[package]] name = "block-buffer" version = "0.7.3" @@ -144,6 +155,12 @@ dependencies = [ "winapi", ] +[[package]] +name = "const-oid" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a2d9162b7289a46e86208d6af2c686ca5bfde445878c41a458a9fac706252d0b" + [[package]] name = "cookie-factory" version = "0.3.1" @@ -240,11 +257,15 @@ dependencies = [ [[package]] name = "elliptic-curve" -version = "0.5.0" +version = "0.6.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9abe4578ed343c7a2c9d617cd2b1895ba0a87a6a4dee97bde156d65f608c7b2d" +checksum = "396db09c483e7fca5d4fdb9112685632b3e76c9a607a2649c1bf904404a01366" dependencies = [ + "bitvec", + "const-oid", + "ff", "generic-array 0.14.4", + "group", "rand_core", "subtle", ] @@ -268,6 +289,23 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e88a8acf291dafb59c2d96e8f59828f3838bb1a70398823ade51a84de6a6deed" +[[package]] +name = "ff" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "01646e077d4ebda82b73f1bca002ea1e91561a77df2431a9e79729bcc31950ef" +dependencies = [ + "bitvec", + "rand_core", + "subtle", +] + +[[package]] +name = "funty" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ba62103ce691c2fd80fbae2213dfdda9ce60804973ac6b6e97de818ea7f52c8" + [[package]] name = "generic-array" version = "0.12.3" @@ -298,6 +336,17 @@ dependencies = [ "wasi 0.9.0+wasi-snapshot-preview1", ] +[[package]] +name = "group" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cc11f9f5fbf1943b48ae7c2bf6846e7d827a512d1be4f23af708f5ca5d01dde1" +dependencies = [ + "ff", + "rand_core", + "subtle", +] + [[package]] name = "gumdrop" version = "0.8.0" @@ -506,18 +555,18 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" [[package]] name = "p256" -version = "0.4.1" +version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a9f8aff5e98a6a83e374418a0a510ae4d9d45d714b5b0767c2e23ea007d0ba54" +checksum = "280ed58e7e5f3052b6e2f596fa40c7eff4c27c4b6b6deecb5d685ba5c2080980" dependencies = [ "elliptic-curve", ] [[package]] name = "p384" -version = "0.3.0" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2a21dedbfa7a0603d7c9429b8b427edc4a113c3741e31610ba4a3cbfebe0ff08" +checksum = "06de0548166c258c22bb6bdcff3074eac4b07125040aa74db3f61db87fe5f275" dependencies = [ "elliptic-curve", ] @@ -609,6 +658,12 @@ dependencies = [ "proc-macro2", ] +[[package]] +name = "radium" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64de9a0c5361e034f1aefc9f71a86871ec870e766fe31a009734a989b329286a" + [[package]] name = "rand" version = "0.7.3" @@ -1031,6 +1086,12 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" +[[package]] +name = "wyz" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85e60b0d1b5f99db2556934e21937020776a5d31520bf169e851ac44e6420214" + [[package]] name = "x509" version = "0.1.2" diff --git a/Cargo.toml b/Cargo.toml index 049cbc0..fb26637 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -26,7 +26,7 @@ chrono = "0.4" cookie-factory = "0.3" der-parser = "4" des = "0.5" -elliptic-curve = { version = "0.5", features = ["weierstrass"] } +elliptic-curve = "0.6" getrandom = "0.1" hmac = "0.9" log = "0.4" @@ -35,8 +35,8 @@ num-bigint = { version = "0.6", features = ["rand"], package = "num-bigint-dig" num-traits = "0.2" num-integer = "0.1" pbkdf2 = "0.5" -p256 = "0.4" -p384 = "0.3" +p256 = "0.5" +p384 = "0.4" pcsc = "2" rsa = "0.3.0" secrecy = "0.7" diff --git a/README.md b/README.md index caf6e3f..19ea4a7 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ endorsed by Yubico. ## Minimum Supported Rust Version -- Rust **1.39+** +- Rust **1.44** or newer ## Supported YubiKeys @@ -194,7 +194,7 @@ or conditions. [docs-link]: https://docs.rs/yubikey-piv/ [license-image]: https://img.shields.io/badge/license-BSD-blue.svg [license-link]: https://github.com/iqlusioninc/yubikey-piv.rs/blob/develop/COPYING -[rustc-image]: https://img.shields.io/badge/rustc-1.39+-blue.svg +[rustc-image]: https://img.shields.io/badge/rustc-1.44+-blue.svg [maintenance-image]: https://img.shields.io/badge/maintenance-experimental-blue.svg [safety-image]: https://img.shields.io/badge/unsafe-forbidden-success.svg [safety-link]: https://github.com/rust-secure-code/safety-dance/ diff --git a/src/certificate.rs b/src/certificate.rs index fc0c9cc..9412079 100644 --- a/src/certificate.rs +++ b/src/certificate.rs @@ -39,7 +39,7 @@ use crate::{ Buffer, }; use chrono::{DateTime, Utc}; -use elliptic_curve::weierstrass::PublicKey as EcPublicKey; +use elliptic_curve::sec1::EncodedPoint as EcPublicKey; use log::error; use num_bigint::BigUint; use p256::NistP256; @@ -208,10 +208,10 @@ impl PublicKeyInfo { match read_pki::ec_parameters(&subject_pki.algorithm.parameters)? { AlgorithmId::EccP256 => EcPublicKey::from_bytes(key_bytes) .map(PublicKeyInfo::EcP256) - .ok_or(Error::InvalidObject), + .map_err(|_| Error::InvalidObject), AlgorithmId::EccP384 => EcPublicKey::from_bytes(key_bytes) .map(PublicKeyInfo::EcP384) - .ok_or(Error::InvalidObject), + .map_err(|_| Error::InvalidObject), _ => Err(Error::AlgorithmError), } } diff --git a/src/key.rs b/src/key.rs index d3ab85b..89f41a5 100644 --- a/src/key.rs +++ b/src/key.rs @@ -56,7 +56,7 @@ use crate::{ policy::{PinPolicy, TouchPolicy}, Buffer, }; -use elliptic_curve::weierstrass::PublicKey as EcPublicKey; +use elliptic_curve::sec1::EncodedPoint as EcPublicKey; use log::{error, warn}; #[cfg(feature = "untested")] use num_bigint::traits::ModInverse; @@ -658,7 +658,7 @@ pub fn generate( } else { EcPublicKey::from_bytes(point).map(PublicKeyInfo::EcP384) } - .ok_or(Error::InvalidObject) + .map_err(|_| Error::InvalidObject) } } }