Bump rsa to v0.7.1 (#440)

This commit is contained in:
Tony Arcieri (iqlusion)
2022-11-14 12:08:05 -07:00
committed by GitHub
parent db13fce53b
commit ccf19a3668
3 changed files with 34 additions and 93 deletions
Generated
+24 -77
View File
@@ -205,12 +205,6 @@ dependencies = [
"unicode-width", "unicode-width",
] ]
[[package]]
name = "const-oid"
version = "0.7.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e4c78c047431fee22c1a7bb92e00ad095a02a983affe4d8a72e2a2c62c1b94f3"
[[package]] [[package]]
name = "const-oid" name = "const-oid"
version = "0.9.0" version = "0.9.0"
@@ -238,16 +232,6 @@ dependencies = [
"libc", "libc",
] ]
[[package]]
name = "crypto-bigint"
version = "0.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "03c6a1d5fa1de37e071642dfa44ec552ca5b299adb128fab16138e24b548fd21"
dependencies = [
"generic-array",
"subtle",
]
[[package]] [[package]]
name = "crypto-bigint" name = "crypto-bigint"
version = "0.4.9" version = "0.4.9"
@@ -320,25 +304,14 @@ version = "2.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3ee2393c4a91429dffb4bedf19f4d6abf27d8a732c8ce4980305d782e5426d57" checksum = "3ee2393c4a91429dffb4bedf19f4d6abf27d8a732c8ce4980305d782e5426d57"
[[package]]
name = "der"
version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6919815d73839e7ad218de758883aae3a257ba6759ce7a9992501efbb53d705c"
dependencies = [
"const-oid 0.7.1",
"crypto-bigint 0.3.2",
"pem-rfc7468 0.3.1",
]
[[package]] [[package]]
name = "der" name = "der"
version = "0.6.0" version = "0.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "13dd2ae565c0a381dde7fade45fce95984c568bdcb4700a4fdbe3175e0380b2f" checksum = "13dd2ae565c0a381dde7fade45fce95984c568bdcb4700a4fdbe3175e0380b2f"
dependencies = [ dependencies = [
"const-oid 0.9.0", "const-oid",
"pem-rfc7468 0.6.0", "pem-rfc7468",
"zeroize", "zeroize",
] ]
@@ -396,6 +369,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "adfbc57365a37acbd2ebf2b64d7e69bb766e2fea813521ed536f5d0520dcf86c" checksum = "adfbc57365a37acbd2ebf2b64d7e69bb766e2fea813521ed536f5d0520dcf86c"
dependencies = [ dependencies = [
"block-buffer", "block-buffer",
"const-oid",
"crypto-common", "crypto-common",
"subtle", "subtle",
] ]
@@ -417,7 +391,7 @@ version = "0.14.8"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "413301934810f597c1d19ca71c8710e99a3f1ba28a0d2ebc01551a2daeea3c5c" checksum = "413301934810f597c1d19ca71c8710e99a3f1ba28a0d2ebc01551a2daeea3c5c"
dependencies = [ dependencies = [
"der 0.6.0", "der",
"elliptic-curve", "elliptic-curve",
"rfc6979", "rfc6979",
"signature", "signature",
@@ -430,15 +404,15 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e7bb888ab5300a19b8e5bceef25ac745ad065f3c9f7efc6de1b91958110891d3" checksum = "e7bb888ab5300a19b8e5bceef25ac745ad065f3c9f7efc6de1b91958110891d3"
dependencies = [ dependencies = [
"base16ct", "base16ct",
"crypto-bigint 0.4.9", "crypto-bigint",
"der 0.6.0", "der",
"digest", "digest",
"ff", "ff",
"generic-array", "generic-array",
"group", "group",
"hkdf", "hkdf",
"pem-rfc7468 0.6.0", "pem-rfc7468",
"pkcs8 0.9.0", "pkcs8",
"rand_core", "rand_core",
"sec1", "sec1",
"subtle", "subtle",
@@ -788,15 +762,6 @@ dependencies = [
"pkg-config", "pkg-config",
] ]
[[package]]
name = "pem-rfc7468"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "01de5d978f34aa4b2296576379fcc416034702fd94117c56ffd8a1a767cefb30"
dependencies = [
"base64ct",
]
[[package]] [[package]]
name = "pem-rfc7468" name = "pem-rfc7468"
version = "0.6.0" version = "0.6.0"
@@ -808,23 +773,13 @@ dependencies = [
[[package]] [[package]]
name = "pkcs1" name = "pkcs1"
version = "0.3.3" version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a78f66c04ccc83dd4486fd46c33896f4e17b24a7a3a6400dedc48ed0ddd72320" checksum = "eff33bdbdfc54cc98a2eca766ebdec3e1b8fb7387523d5c9c9a2891da856f719"
dependencies = [ dependencies = [
"der 0.5.1", "der",
"pkcs8 0.8.0", "pkcs8",
"zeroize", "spki",
]
[[package]]
name = "pkcs8"
version = "0.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7cabda3fb821068a9a4fab19a683eac3af12edf0f34b94a8be53c4972b8149d0"
dependencies = [
"der 0.5.1",
"spki 0.5.4",
"zeroize", "zeroize",
] ]
@@ -834,8 +789,8 @@ version = "0.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9eca2c590a5f85da82668fa685c09ce2888b9430e83299debf1f34b65fd4a4ba" checksum = "9eca2c590a5f85da82668fa685c09ce2888b9430e83299debf1f34b65fd4a4ba"
dependencies = [ dependencies = [
"der 0.6.0", "der",
"spki 0.6.0", "spki",
] ]
[[package]] [[package]]
@@ -945,16 +900,16 @@ version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7743f17af12fa0b03b803ba12cd6a8d9483a587e89c69445e3909655c0b9fabb" checksum = "7743f17af12fa0b03b803ba12cd6a8d9483a587e89c69445e3909655c0b9fabb"
dependencies = [ dependencies = [
"crypto-bigint 0.4.9", "crypto-bigint",
"hmac", "hmac",
"zeroize", "zeroize",
] ]
[[package]] [[package]]
name = "rsa" name = "rsa"
version = "0.6.1" version = "0.7.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4cf22754c49613d2b3b119f0e5d46e34a2c628a937e3024b8762de4e7d8c710b" checksum = "b0ecc3307be66bfb3574577895555bacfb9a37a8d5cd959444b72ff02495c618"
dependencies = [ dependencies = [
"byteorder", "byteorder",
"digest", "digest",
@@ -963,8 +918,9 @@ dependencies = [
"num-iter", "num-iter",
"num-traits", "num-traits",
"pkcs1", "pkcs1",
"pkcs8 0.8.0", "pkcs8",
"rand_core", "rand_core",
"signature",
"smallvec", "smallvec",
"subtle", "subtle",
"zeroize", "zeroize",
@@ -992,9 +948,9 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3be24c1842290c45df0a7bf069e0c268a747ad05a192f2fd7dcfdbc1cba40928" checksum = "3be24c1842290c45df0a7bf069e0c268a747ad05a192f2fd7dcfdbc1cba40928"
dependencies = [ dependencies = [
"base16ct", "base16ct",
"der 0.6.0", "der",
"generic-array", "generic-array",
"pkcs8 0.9.0", "pkcs8",
"subtle", "subtle",
"zeroize", "zeroize",
] ]
@@ -1058,16 +1014,6 @@ version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d"
[[package]]
name = "spki"
version = "0.5.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "44d01ac02a6ccf3e07db148d2be087da624fea0221a16152ed01f0496a6b0a27"
dependencies = [
"base64ct",
"der 0.5.1",
]
[[package]] [[package]]
name = "spki" name = "spki"
version = "0.6.0" version = "0.6.0"
@@ -1075,7 +1021,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "67cf02bbac7a337dc36e4f5a693db6c21e7863f45070f7064577eb4367a3212b" checksum = "67cf02bbac7a337dc36e4f5a693db6c21e7863f45070f7064577eb4367a3212b"
dependencies = [ dependencies = [
"base64ct", "base64ct",
"der 0.6.0", "der",
] ]
[[package]] [[package]]
@@ -1396,6 +1342,7 @@ dependencies = [
"secrecy", "secrecy",
"sha1", "sha1",
"sha2", "sha2",
"signature",
"subtle", "subtle",
"subtle-encoding", "subtle-encoding",
"uuid", "uuid",
+5 -3
View File
@@ -36,10 +36,10 @@ p256 = "0.11"
p384 = "0.11" p384 = "0.11"
pcsc = "2" pcsc = "2"
rand_core = { version = "0.6", features = ["std"] } rand_core = { version = "0.6", features = ["std"] }
rsa = "0.6" rsa = "0.7"
secrecy = "0.8" secrecy = "0.8"
sha1 = "0.10" sha1 = { version = "0.10", features = ["oid"] }
sha2 = "0.10" sha2 = { version = "0.10", features = ["oid"] }
subtle = "2" subtle = "2"
subtle-encoding = "0.5" subtle-encoding = "0.5"
uuid = { version = "1.2", features = ["v4"] } uuid = { version = "1.2", features = ["v4"] }
@@ -50,6 +50,8 @@ zeroize = "1"
[dev-dependencies] [dev-dependencies]
env_logger = "0.9" env_logger = "0.9"
lazy_static = "1" lazy_static = "1"
rsa = { version = "0.7.1", features = ["hazmat"] }
signature = { version = "1.6.4", features = ["hazmat-preview"] }
[features] [features]
untested = [] untested = []
+5 -13
View File
@@ -6,8 +6,9 @@
use lazy_static::lazy_static; use lazy_static::lazy_static;
use log::trace; use log::trace;
use rand_core::{OsRng, RngCore}; use rand_core::{OsRng, RngCore};
use rsa::{hash::Hash::SHA2_256, PaddingScheme, PublicKey}; use rsa::pkcs1v15;
use sha2::{Digest, Sha256}; use sha2::{Digest, Sha256};
use signature::{hazmat::PrehashVerifier, Signature as _};
use std::{env, str::FromStr, sync::Mutex}; use std::{env, str::FromStr, sync::Mutex};
use x509::RelativeDistinguishedName; use x509::RelativeDistinguishedName;
use yubikey::{ use yubikey::{
@@ -200,26 +201,17 @@ fn generate_self_signed_rsa_cert() {
// //
let pubkey = match cert.subject_pki() { let pubkey = match cert.subject_pki() {
PublicKeyInfo::Rsa { pubkey, .. } => pubkey, PublicKeyInfo::Rsa { pubkey, .. } => pkcs1v15::VerifyingKey::<Sha256>::from(pubkey.clone()),
_ => unreachable!(), _ => unreachable!(),
}; };
let data = cert.as_ref(); let data = cert.as_ref();
let tbs_cert_len = u16::from_be_bytes(data[6..8].try_into().unwrap()) as usize; let tbs_cert_len = u16::from_be_bytes(data[6..8].try_into().unwrap()) as usize;
let msg = &data[4..8 + tbs_cert_len]; let msg = &data[4..8 + tbs_cert_len];
let sig = &data[data.len() - 128..]; let sig = pkcs1v15::Signature::from_bytes(&data[data.len() - 128..]).unwrap();
let hash = Sha256::digest(msg); let hash = Sha256::digest(msg);
assert!(pubkey assert!(pubkey.verify_prehash(&hash, &sig).is_ok());
.verify(
PaddingScheme::PKCS1v15Sign {
hash: Some(SHA2_256)
},
&hash,
sig
)
.is_ok());
} }
#[test] #[test]