diff --git a/core/Cargo.toml b/core/Cargo.toml index 01012c6d..f3693b39 100644 --- a/core/Cargo.toml +++ b/core/Cargo.toml @@ -27,7 +27,7 @@ protobuf = "2.3" quick-error = "1.2" rand = "0.6" rw-stream-sink = { version = "0.1.1", path = "../misc/rw-stream-sink" } -libsecp256k1 = { version = "0.3.0", optional = true } +libsecp256k1 = { version = "0.3.1", optional = true } sha2 = "0.8.0" smallvec = "0.6" tokio-executor = "0.1.4" @@ -38,7 +38,7 @@ void = "1" zeroize = "0.9" [target.'cfg(not(any(target_os = "emscripten", target_os = "unknown")))'.dependencies] -ring = { version = "0.14", features = ["use_heap"], default-features = false } +ring = { version = "^0.16", features = ["alloc"], default-features = false } untrusted = { version = "0.6" } [dev-dependencies] diff --git a/core/src/identity/rsa.rs b/core/src/identity/rsa.rs index a94df94f..d47bee87 100644 --- a/core/src/identity/rsa.rs +++ b/core/src/identity/rsa.rs @@ -40,7 +40,7 @@ impl Keypair { /// /// [RFC5208]: https://tools.ietf.org/html/rfc5208#section-5 pub fn from_pkcs8(der: &mut [u8]) -> Result { - let kp = RsaKeyPair::from_pkcs8(Input::from(&der[..])) + let kp = RsaKeyPair::from_pkcs8(&der) .map_err(|e| DecodingError::new("RSA PKCS#8 PrivateKeyInfo").source(e))?; der.zeroize(); Ok(Keypair(Arc::new(kp))) @@ -69,10 +69,8 @@ pub struct PublicKey(Vec); impl PublicKey { /// Verify an RSA signature on a message using the public key. pub fn verify(&self, msg: &[u8], sig: &[u8]) -> bool { - signature::verify(&RSA_PKCS1_2048_8192_SHA256, - Input::from(&self.0), - Input::from(msg), - Input::from(sig)).is_ok() + let key = signature::UnparsedPublicKey::new(&RSA_PKCS1_2048_8192_SHA256, &self.0); + key.verify(msg, sig).is_ok() } /// Encode the RSA public key in DER as a PKCS#1 RSAPublicKey structure, diff --git a/protocols/noise/Cargo.toml b/protocols/noise/Cargo.toml index 189c61be..bf30c978 100644 --- a/protocols/noise/Cargo.toml +++ b/protocols/noise/Cargo.toml @@ -15,9 +15,9 @@ lazy_static = "1.2" libp2p-core = { version = "0.12.0", path = "../../core" } log = "0.4" protobuf = "2.3" -rand = "0.6.5" -ring = { version = "0.14", features = ["use_heap"], default-features = false } -snow = { version = "0.5.2", features = ["ring-resolver"], default-features = false } +rand = "^0.7" +ring = { version = "^0.16", features = ["alloc"], default-features = false } +snow = { version = "0.6.1", features = ["ring-resolver"], default-features = false } tokio-io = "0.1" x25519-dalek = "0.5" zeroize = "0.9" diff --git a/protocols/noise/src/error.rs b/protocols/noise/src/error.rs index b074a45c..a3972e27 100644 --- a/protocols/noise/src/error.rs +++ b/protocols/noise/src/error.rs @@ -19,7 +19,7 @@ // DEALINGS IN THE SOFTWARE. use libp2p_core::identity; -use snow::SnowError; +use snow::error::Error as SnowError; use std::{error::Error, fmt, io}; /// libp2p_noise error type. diff --git a/protocols/noise/src/io.rs b/protocols/noise/src/io.rs index 67c1aeb4..472bcefd 100644 --- a/protocols/noise/src/io.rs +++ b/protocols/noise/src/io.rs @@ -25,6 +25,7 @@ pub mod handshake; use futures::Poll; use log::{debug, trace}; use snow; +use snow::error::{StateProblem, Error as SnowError}; use std::{fmt, io}; use tokio_io::{AsyncRead, AsyncWrite}; @@ -55,12 +56,48 @@ impl Buffer { } } +/// A passthrough enum for the two kinds of state machines in `snow` +pub(crate) enum SnowState { + Transport(snow::TransportState), + Handshake(snow::HandshakeState) +} + +impl SnowState { + pub fn read_message(&mut self, message: &[u8], payload: &mut [u8]) -> Result { + match self { + SnowState::Handshake(session) => session.read_message(message, payload), + SnowState::Transport(session) => session.read_message(message, payload), + } + } + + pub fn write_message(&mut self, message: &[u8], payload: &mut [u8]) -> Result { + match self { + SnowState::Handshake(session) => session.write_message(message, payload), + SnowState::Transport(session) => session.write_message(message, payload), + } + } + + pub fn get_remote_static(&self) -> Option<&[u8]> { + match self { + SnowState::Handshake(session) => session.get_remote_static(), + SnowState::Transport(session) => session.get_remote_static(), + } + } + + pub fn into_transport_mode(self) -> Result { + match self { + SnowState::Handshake(session) => session.into_transport_mode(), + SnowState::Transport(_) => Err(SnowError::State(StateProblem::HandshakeAlreadyFinished)), + } + } +} + /// A noise session to a remote. /// /// `T` is the type of the underlying I/O resource. pub struct NoiseOutput { io: T, - session: snow::Session, + session: SnowState, buffer: Buffer, read_state: ReadState, write_state: WriteState @@ -76,9 +113,10 @@ impl fmt::Debug for NoiseOutput { } impl NoiseOutput { - fn new(io: T, session: snow::Session) -> Self { + fn new(io: T, session: SnowState) -> Self { NoiseOutput { - io, session, + io, + session, buffer: Buffer { inner: Box::new([0; TOTAL_BUFFER_LEN]) }, read_state: ReadState::Init, write_state: WriteState::Init diff --git a/protocols/noise/src/io/handshake.rs b/protocols/noise/src/io/handshake.rs index 93a1f206..781d9095 100644 --- a/protocols/noise/src/io/handshake.rs +++ b/protocols/noise/src/io/handshake.rs @@ -24,6 +24,7 @@ mod payload; use crate::error::NoiseError; use crate::protocol::{Protocol, PublicKey, KeypairIdentity}; +use crate::io::SnowState; use libp2p_core::identity; use futures::{future, Async, Future, future::FutureResult, Poll}; use std::{mem, io}; @@ -128,7 +129,7 @@ where /// ``` pub fn rt1_initiator( io: T, - session: Result, + session: Result, identity: KeypairIdentity, identity_x: IdentityExchange ) -> Handshake { @@ -157,7 +158,7 @@ where /// ``` pub fn rt1_responder( io: T, - session: Result, + session: Result, identity: KeypairIdentity, identity_x: IdentityExchange, ) -> Handshake { @@ -188,7 +189,7 @@ where /// ``` pub fn rt15_initiator( io: T, - session: Result, + session: Result, identity: KeypairIdentity, identity_x: IdentityExchange ) -> Handshake { @@ -220,7 +221,7 @@ where /// ``` pub fn rt15_responder( io: T, - session: Result, + session: Result, identity: KeypairIdentity, identity_x: IdentityExchange ) -> Handshake { @@ -289,7 +290,7 @@ impl State { /// Noise handshake pattern. fn new( io: T, - session: Result, + session: Result, identity: KeypairIdentity, identity_x: IdentityExchange ) -> FutureResult { @@ -302,7 +303,7 @@ impl State { future::result(session.map(|s| State { identity, - io: NoiseOutput::new(io, s), + io: NoiseOutput::new(io, SnowState::Handshake(s)), dh_remote_pubkey_sig: None, id_remote_pubkey, send_identity @@ -340,7 +341,7 @@ impl State } } }; - future::ok((remote, NoiseOutput { session: s, .. self.io })) + future::ok((remote, NoiseOutput { session: SnowState::Transport(s), .. self.io })) } } } diff --git a/protocols/noise/src/protocol.rs b/protocols/noise/src/protocol.rs index 50d7ffc6..4908c6be 100644 --- a/protocols/noise/src/protocol.rs +++ b/protocols/noise/src/protocol.rs @@ -24,7 +24,7 @@ pub mod x25519; use crate::NoiseError; use libp2p_core::identity; -use rand::FromEntropy; +use rand::SeedableRng; use zeroize::Zeroize; /// The parameters of a Noise protocol, consisting of a choice diff --git a/protocols/secio/Cargo.toml b/protocols/secio/Cargo.toml index c65d13bd..e7121e4a 100644 --- a/protocols/secio/Cargo.toml +++ b/protocols/secio/Cargo.toml @@ -27,7 +27,7 @@ sha2 = "0.8.0" hmac = "0.7.0" [target.'cfg(not(target_arch = "wasm32"))'.dependencies] -ring = { version = "0.14", features = ["use_heap"], default-features = false } +ring = { version = "^0.16", features = ["alloc"], default-features = false } untrusted = { version = "0.6" } [target.'cfg(target_arch = "wasm32")'.dependencies] diff --git a/protocols/secio/src/exchange/impl_ring.rs b/protocols/secio/src/exchange/impl_ring.rs index 46a0943f..b95219fc 100644 --- a/protocols/secio/src/exchange/impl_ring.rs +++ b/protocols/secio/src/exchange/impl_ring.rs @@ -64,8 +64,8 @@ pub fn generate_agreement(algorithm: KeyAgreement) -> impl Future impl Future, Error = SecioError> { - ring_agreement::agree_ephemeral(my_private_key, algorithm.into(), - UntrustedInput::from(other_public_key), + ring_agreement::agree_ephemeral(my_private_key, + &ring_agreement::UnparsedPublicKey::new(algorithm.into(), other_public_key), SecioError::SecretGenerationFailed, |key_material| Ok(key_material.to_vec())) .into_future() diff --git a/transports/websocket/Cargo.toml b/transports/websocket/Cargo.toml index c6cf2626..7a818d50 100644 --- a/transports/websocket/Cargo.toml +++ b/transports/websocket/Cargo.toml @@ -17,10 +17,10 @@ log = "0.4.1" rw-stream-sink = { version = "0.1.1", path = "../../misc/rw-stream-sink" } tokio-codec = "0.1.1" tokio-io = "0.1.12" -tokio-rustls = "0.10.0-alpha.3" +tokio-rustls = "0.10.1" soketto = { version = "0.2.3", features = ["deflate"] } url = "2.1.0" -webpki-roots = "0.16.0" +webpki-roots = "0.17.0" [dev-dependencies] libp2p-tcp = { version = "0.12.0", path = "../tcp" } diff --git a/transports/websocket/src/tls.rs b/transports/websocket/src/tls.rs index 96f91f20..08c01580 100644 --- a/transports/websocket/src/tls.rs +++ b/transports/websocket/src/tls.rs @@ -128,7 +128,7 @@ impl Builder { } pub(crate) fn dns_name_ref(name: &str) -> Result, Error> { - webpki::DNSNameRef::try_from_ascii_str(name).map_err(|()| Error::InvalidDnsName(name.into())) + webpki::DNSNameRef::try_from_ascii_str(name).map_err(|_| Error::InvalidDnsName(name.into())) } // Error //////////////////////////////////////////////////////////////////////////////////////////