diff --git a/protocols/secio/Cargo.toml b/protocols/secio/Cargo.toml index 67c66a79..13b41210 100644 --- a/protocols/secio/Cargo.toml +++ b/protocols/secio/Cargo.toml @@ -10,7 +10,7 @@ keywords = ["peer-to-peer", "libp2p", "networking"] categories = ["network-programming", "asynchronous"] [dependencies] -asn1_der = "0.5" +asn1_der = "0.6.1" bytes = "0.4" futures = "0.1" libp2p-core = { version = "0.2.0", path = "../../core" } @@ -18,10 +18,10 @@ log = "0.4.1" protobuf = "2.0.2" rand = "0.6" secp256k1 = { version = "0.12", features = ["rand"], optional = true } -aes-ctr = "0.1.0" -aesni = { version = "0.4.1", features = ["nocheck"], optional = true } -twofish = "0.1.0" -ctr = "0.1" +aes-ctr = "0.3" +aesni = { version = "0.6", features = ["nocheck"], optional = true } +twofish = "0.2.0" +ctr = "0.3" lazy_static = "1.2.0" rw-stream-sink = { version = "0.1.0", path = "../../misc/rw-stream-sink" } tokio-io = "0.1.0" diff --git a/protocols/secio/src/codec/decode.rs b/protocols/secio/src/codec/decode.rs index e79ec20c..4ee5a10f 100644 --- a/protocols/secio/src/codec/decode.rs +++ b/protocols/secio/src/codec/decode.rs @@ -98,8 +98,7 @@ where let mut data_buf = frame.to_vec(); data_buf.truncate(content_length); self.cipher_state - .try_apply_keystream(&mut data_buf) - .map_err::(|e|e.into())?; + .decrypt(&mut data_buf); if !self.nonce.is_empty() { let n = min(data_buf.len(), self.nonce.len()); diff --git a/protocols/secio/src/codec/encode.rs b/protocols/secio/src/codec/encode.rs index 39c2e29b..36c3bcad 100644 --- a/protocols/secio/src/codec/encode.rs +++ b/protocols/secio/src/codec/encode.rs @@ -65,7 +65,7 @@ where } debug_assert!(self.pending.is_none()); // TODO if SinkError gets refactor to SecioError, then use try_apply_keystream - self.cipher_state.apply_keystream(&mut data_buf[..]); + self.cipher_state.encrypt(&mut data_buf[..]); let signature = self.hmac.sign(&data_buf[..]); data_buf.extend_from_slice(signature.as_ref()); if let AsyncSink::NotReady(data) = self.raw_sink.start_send(data_buf)? { diff --git a/protocols/secio/src/codec/mod.rs b/protocols/secio/src/codec/mod.rs index c1603ed3..66d5c73c 100644 --- a/protocols/secio/src/codec/mod.rs +++ b/protocols/secio/src/codec/mod.rs @@ -24,7 +24,7 @@ use self::decode::DecoderMiddleware; use self::encode::EncoderMiddleware; -use aes_ctr::stream_cipher::StreamCipherCore; +use aes_ctr::stream_cipher; use crate::algo_support::Digest; use hmac::{self, Mac}; use sha2::{Sha256, Sha512}; @@ -37,7 +37,7 @@ mod encode; /// Type returned by `full_codec`. pub type FullCodec = DecoderMiddleware>>; -pub type StreamCipher = Box; +pub type StreamCipher = Box; #[derive(Debug, Clone)] pub enum Hmac { diff --git a/protocols/secio/src/lib.rs b/protocols/secio/src/lib.rs index 21ec9bc2..d6cf9e0f 100644 --- a/protocols/secio/src/lib.rs +++ b/protocols/secio/src/lib.rs @@ -85,7 +85,7 @@ extern crate stdweb; pub use self::error::SecioError; #[cfg(feature = "secp256k1")] -use asn1_der::{traits::FromDerEncoded, traits::FromDerObject, DerObject}; +use asn1_der::{FromDerObject, DerObject}; use bytes::BytesMut; use ed25519_dalek::Keypair as Ed25519KeyPair; use futures::stream::MapErr as StreamMapErr; @@ -276,7 +276,7 @@ impl SecioKeyPair { { // See ECPrivateKey in https://tools.ietf.org/html/rfc5915 let obj: Vec = - FromDerEncoded::with_der_encoded(key.as_ref()).map_err(|err| err.to_string())?; + FromDerObject::deserialize(key.as_ref().iter()).map_err(|err| err.to_string())?; let priv_key_obj = obj.into_iter() .nth(1) .ok_or_else(|| "Not enough elements in DER".to_string())?; diff --git a/protocols/secio/src/stream_cipher.rs b/protocols/secio/src/stream_cipher.rs index 7fe4b417..ab15de1a 100644 --- a/protocols/secio/src/stream_cipher.rs +++ b/protocols/secio/src/stream_cipher.rs @@ -20,7 +20,7 @@ use super::codec::StreamCipher; use aes_ctr::stream_cipher::generic_array::GenericArray; -use aes_ctr::stream_cipher::{NewFixStreamCipher, LoopError, StreamCipherCore}; +use aes_ctr::stream_cipher::{NewStreamCipher, LoopError, SyncStreamCipher}; use aes_ctr::{Aes128Ctr, Aes256Ctr}; use ctr::Ctr128; use twofish::Twofish; @@ -60,7 +60,7 @@ impl Cipher { #[derive(Clone, Copy, Debug)] pub struct NullCipher; -impl StreamCipherCore for NullCipher { +impl SyncStreamCipher for NullCipher { fn try_apply_keystream(&mut self, _data: &mut [u8]) -> Result<(), LoopError> { Ok(()) } @@ -71,7 +71,7 @@ impl StreamCipherCore for NullCipher { pub fn ctr(key_size: Cipher, key: &[u8], iv: &[u8]) -> StreamCipher { ctr_int(key_size, key, iv) } - + /// Returns your stream cipher depending on `Cipher`. #[cfg(all(feature = "aes-all", any(target_arch = "x86_64", target_arch = "x86")))] pub fn ctr(key_size: Cipher, key: &[u8], iv: &[u8]) -> StreamCipher { @@ -88,7 +88,7 @@ mod aes_alt { use crate::codec::StreamCipher; use ctr::Ctr128; use aesni::{Aes128, Aes256}; - use ctr::stream_cipher::NewFixStreamCipher; + use ctr::stream_cipher::NewStreamCipher; use ctr::stream_cipher::generic_array::GenericArray; use lazy_static::lazy_static; use twofish::Twofish; @@ -147,7 +147,7 @@ fn ctr_int(key_size: Cipher, key: &[u8], iv: &[u8]) -> StreamCipher { } #[cfg(all( - feature = "aes-all", + feature = "aes-all", any(target_arch = "x86_64", target_arch = "x86"), ))] #[cfg(test)] @@ -159,18 +159,17 @@ mod tests { // this test is for asserting aes unsuported opcode does not break on old cpu let key = [0;16]; let iv = [0;16]; - + let mut aes = ctr(Cipher::Aes128, &key, &iv); let mut content = [0;16]; - assert!(aes - .try_apply_keystream(&mut content).is_ok()); - + aes.encrypt(&mut content); + } } // aesni compile check for aes-all (aes-all import aesni through aes_ctr only if those checks pass) #[cfg(all( - feature = "aes-all", + feature = "aes-all", any(target_arch = "x86_64", target_arch = "x86"), any(target_feature = "aes", target_feature = "ssse3"), ))]