Update Dependencies (#931)

* update secio dependencies: ed25519-dalek, sha2, hmac
* Update websocket dependencies
* Update multiaddr dependencies

misc/multiaddr/Cargo.toml

@@ -11,7 +11,7 @@ version = "0.1.0"
 [dependencies]
 arrayref = "0.3"
 bs58 = "0.2.0"
-byteorder = "0.4"
+byteorder = "1.3.1"
 data-encoding = "2.1"
 multihash = { package = "parity-multihash", version = "0.1.0", path = "../multihash" }
 serde = "1.0.70"
@@ -21,6 +21,6 @@ unsigned-varint = "0.2"
 bincode = "1"
 bs58 = "0.2.0"
 data-encoding = "2"
-quickcheck = "0.7"
-rand = "0.6"
+quickcheck = "0.8.1"
+rand = "0.6.5"
 serde_json = "1.0"

misc/multiaddr/src/errors.rs

@@ -1,7 +1,6 @@
 use std::{net, fmt, error, io, num, str, string};
 use bs58;
 use multihash;
-use byteorder;
 use unsigned_varint::decode;
 
 pub type Result<T> = ::std::result::Result<T, Error>;
@@ -70,12 +69,6 @@ impl From<net::AddrParseError> for Error {
     }
 }
 
-impl From<byteorder::Error> for Error {
-    fn from(err: byteorder::Error) -> Error {
-        Error::ParsingError(err.into())
-    }
-}
-
 impl From<num::ParseIntError> for Error {
     fn from(err: num::ParseIntError) -> Error {
         Error::ParsingError(err.into())

protocols/secio/Cargo.toml

@@ -14,9 +14,9 @@ asn1_der = "0.6.1"
 bytes = "0.4"
 futures = "0.1"
 libp2p-core = { version = "0.3.0", path = "../../core" }
-log = "0.4.1"
+log = "0.4.6"
 protobuf = "2.3"
-rand = "0.6"
+rand = "0.6.5"
 secp256k1 = { version = "0.12", features = ["rand"], optional = true }
 aes-ctr = "0.3"
 aesni = { version = "0.6", features = ["nocheck"], optional = true }
@@ -25,9 +25,9 @@ ctr = "0.3"
 lazy_static = "1.2.0"
 rw-stream-sink = { version = "0.1.0", path = "../../misc/rw-stream-sink" }
 tokio-io = "0.1.0"
-sha2 = "0.7.1"
-ed25519-dalek = "0.8.0"
-hmac = "0.6.3"
+sha2 = "0.8.0"
+ed25519-dalek = "1.0.0-pre.1"
+hmac = "0.7.0"
 
 [target.'cfg(not(any(target_os = "emscripten", target_os = "unknown")))'.dependencies]
 ring = { version = "0.14", features = ["use_heap"], default-features = false }

protocols/secio/src/codec/mod.rs

@@ -69,13 +69,15 @@ impl Hmac {
 
     /// Signs the data.
     // TODO: better return type?
-    pub fn sign(&mut self, crypted_data: &[u8]) -> Vec<u8> {
+    pub fn sign(&self, crypted_data: &[u8]) -> Vec<u8> {
         match *self {
-            Hmac::Sha256(ref mut hmac) => {
+            Hmac::Sha256(ref hmac) => {
+                let mut hmac = hmac.clone();
                 hmac.input(crypted_data);
                 hmac.result().code().to_vec()
             },
-            Hmac::Sha512(ref mut hmac) => {
+            Hmac::Sha512(ref hmac) => {
+                let mut hmac = hmac.clone();
                 hmac.input(crypted_data);
                 hmac.result().code().to_vec()
             },
@@ -84,13 +86,15 @@ impl Hmac {
 
     /// Verifies that the data matches the expected hash.
     // TODO: better error?
-    pub fn verify(&mut self, crypted_data: &[u8], expected_hash: &[u8]) -> Result<(), ()> {
+    pub fn verify(&self, crypted_data: &[u8], expected_hash: &[u8]) -> Result<(), ()> {
         match *self {
-            Hmac::Sha256(ref mut hmac) => {
+            Hmac::Sha256(ref hmac) => {
+                let mut hmac = hmac.clone();
                 hmac.input(crypted_data);
                 hmac.verify(expected_hash).map_err(|_| ())
             },
-            Hmac::Sha512(ref mut hmac) => {
+            Hmac::Sha512(ref hmac) => {
+                let mut hmac = hmac.clone();
                 hmac.input(crypted_data);
                 hmac.verify(expected_hash).map_err(|_| ())
             },

protocols/secio/src/handshake.rs

@@ -40,7 +40,7 @@ use ring::signature::{RSA_PKCS1_2048_8192_SHA256, RSA_PKCS1_SHA256, verify as ri
 use ring::rand::SystemRandom;
 #[cfg(feature = "secp256k1")]
 use secp256k1;
-use sha2::{Digest as ShaDigestTrait, Sha256, Sha512};
+use sha2::{Digest as ShaDigestTrait, Sha256};
 use std::cmp::{self, Ordering};
 use std::io::{Error as IoError, ErrorKind as IoErrorKind};
 use crate::structs_proto::{Exchange, Propose};
@@ -385,7 +385,7 @@ where
                             signature
                         },
                         SecioKeyPairInner::Ed25519 { ref key_pair } => {
-                            let signature = key_pair.sign::<Sha512>(&data_to_sign);
+                            let signature = key_pair.sign(&data_to_sign);
                             signature.to_bytes().to_vec()
                         },
                         #[cfg(feature = "secp256k1")]
@@ -468,7 +468,7 @@ where
                     let pubkey = Ed25519PublicKey::from_bytes(remote_public_key);
 
                     if let (Ok(signature), Ok(pubkey)) = (signature, pubkey) {
-                        match pubkey.verify::<Sha512>(&data_to_verify, &signature) {
+                        match pubkey.verify(&data_to_verify, &signature) {
                             Ok(()) => (),
                             Err(_) => {
                                 debug!("failed to verify the remote's signature");
@@ -591,8 +591,11 @@ fn stretch_key(hmac: Hmac, result: &mut [u8]) {
     }
 }
 
-fn stretch_key_inner<D: ::hmac::digest::Digest + Clone>(hmac: ::hmac::Hmac<D>, result: &mut [u8])
-where ::hmac::Hmac<D>: Clone {
+fn stretch_key_inner<D>(hmac: ::hmac::Hmac<D>, result: &mut [u8])
+where D: ::hmac::digest::Input + ::hmac::digest::BlockInput +
+          ::hmac::digest::FixedOutput + ::hmac::digest::Reset + Default + Clone,
+    ::hmac::Hmac<D>: Clone + ::hmac::crypto_mac::Mac
+{
     use ::hmac::Mac;
     const SEED: &[u8] = b"key expansion";
 

protocols/secio/src/lib.rs

@@ -238,7 +238,7 @@ impl SecioKeyPair {
     /// Generates a new Ed25519 key pair and uses it.
     pub fn ed25519_generated() -> Result<SecioKeyPair, Box<Error + Send + Sync>> {
         let mut csprng = rand::thread_rng();
-        let keypair: Ed25519KeyPair = Ed25519KeyPair::generate::<sha2::Sha512, _>(&mut csprng);
+        let keypair: Ed25519KeyPair = Ed25519KeyPair::generate::<_>(&mut csprng);
         Ok(SecioKeyPair {
             inner: SecioKeyPairInner::Ed25519 {
                 key_pair: Arc::new(keypair),
@@ -252,7 +252,7 @@ impl SecioKeyPair {
     pub fn ed25519_raw_key(key: impl AsRef<[u8]>) -> Result<SecioKeyPair, Box<Error + Send + Sync>> {
         let secret = ed25519_dalek::SecretKey::from_bytes(key.as_ref())
             .map_err(|err| err.to_string())?;
-        let public = ed25519_dalek::PublicKey::from_secret::<sha2::Sha512>(&secret);
+        let public = ed25519_dalek::PublicKey::from(&secret);
 
         Ok(SecioKeyPair {
             inner: SecioKeyPairInner::Ed25519 {

transports/websocket/Cargo.toml

@@ -17,7 +17,7 @@ rw-stream-sink = { version = "0.1.0", path = "../../misc/rw-stream-sink" }
 tokio-io = "0.1"
 
 [target.'cfg(not(any(target_os = "emscripten", target_os = "unknown")))'.dependencies]
-websocket = { version = "0.21.0", default-features = false, features = ["async", "async-ssl"] }
+websocket = { version = "0.22.2", default-features = false, features = ["async", "async-ssl"] }
 
 [target.'cfg(any(target_os = "emscripten", target_os = "unknown"))'.dependencies]
 stdweb = { version = "0.4", default-features = false }