diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6adf0369..c7630a83 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,7 +16,7 @@ jobs: strategy: matrix: rust: - - 1.60.0 # MSRV + - 1.65.0 # MSRV - stable target: - thumbv7em-none-eabi @@ -37,7 +37,7 @@ jobs: strategy: matrix: rust: - - 1.60.0 # MSRV + - 1.65.0 # MSRV - stable steps: - uses: actions/checkout@v3 diff --git a/Cargo.lock b/Cargo.lock index 064d3abe..5d2c9e1d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -101,9 +101,9 @@ dependencies = [ [[package]] name = "der" -version = "0.6.1" +version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f1a467a65c5e759bce6e65eaf91cc29f466cdc57cb65777bd646872a8a1fd4de" +checksum = "bc302fd9b18d66834a6f092d10ea85489c0ca8ad6b7304092135fab171d853cd" dependencies = [ "const-oid", "pem-rfc7468", @@ -249,27 +249,28 @@ dependencies = [ [[package]] name = "pbkdf2" -version = "0.11.0" +version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "83a0692ec44e4cf1ef28ca317f14f8f07da2d95ec3fa01f86e4467b725e60917" +checksum = "f0ca0b5a68607598bf3bad68f32227a8164f6254833f84eafaac409cd6746c31" dependencies = [ "digest", + "hmac", ] [[package]] name = "pem-rfc7468" -version = "0.6.0" +version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "24d159833a9105500e0398934e205e0773f0b27529557134ecfc51c27646adac" +checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412" dependencies = [ "base64ct", ] [[package]] name = "pkcs1" -version = "0.4.1" +version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eff33bdbdfc54cc98a2eca766ebdec3e1b8fb7387523d5c9c9a2891da856f719" +checksum = "178ba28ece1961eafdff1991bd1744c29564cbab5d803f3ccb4a4895a6c550a7" dependencies = [ "der", "pkcs8", @@ -279,14 +280,13 @@ dependencies = [ [[package]] name = "pkcs5" -version = "0.5.0" +version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d10d862c1f5c302df3c3dbfd837afbae0ad09551a6fa37b10311cb5890a80175" +checksum = "e847e2c91a18bfa887dd028ec33f2fe6f25db77db3619024764914affe8b69a6" dependencies = [ "aes", "cbc", "der", - "hmac", "pbkdf2", "scrypt", "sha2", @@ -295,9 +295,9 @@ dependencies = [ [[package]] name = "pkcs8" -version = "0.9.0" +version = "0.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9eca2c590a5f85da82668fa685c09ce2888b9430e83299debf1f34b65fd4a4ba" +checksum = "3d2820d87d2b008616e5c27212dd9e0e694fb4c6b522de06094106813328cb49" dependencies = [ "der", "pkcs5", @@ -407,11 +407,10 @@ dependencies = [ [[package]] name = "scrypt" -version = "0.10.0" +version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f9e24d2b632954ded8ab2ef9fea0a0c769ea56ea98bddbafbad22caeeadf45d" +checksum = "0516a385866c09368f0b5bcd1caff3366aace790fcd46e2bb032697bb172fd1f" dependencies = [ - "hmac", "pbkdf2", "salsa20", "sha2", @@ -502,9 +501,9 @@ checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" [[package]] name = "spki" -version = "0.6.0" +version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "67cf02bbac7a337dc36e4f5a693db6c21e7863f45070f7064577eb4367a3212b" +checksum = "c0445c905640145c7ea8c1993555957f65e7c46d0535b91ba501bc9bfc85522f" dependencies = [ "base64ct", "der", diff --git a/Cargo.toml b/Cargo.toml index 161d5f4b..a63d58d5 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -10,7 +10,7 @@ repository = "https://github.com/RustCrypto/RSA" keywords = ["rsa", "encryption", "security", "crypto"] categories = ["cryptography"] readme = "README.md" -rust-version = "1.60" +rust-version = "1.65" [dependencies] num-bigint = { version = "0.8.2", features = ["i128", "u64_digit", "prime", "zeroize"], default-features = false, package = "num-bigint-dig" } @@ -21,8 +21,8 @@ rand_core = { version = "0.6.4", default-features = false } byteorder = { version = "1.3.1", default-features = false } subtle = { version = "2.1.1", default-features = false } digest = { version = "0.10.5", default-features = false, features = ["alloc", "oid"] } -pkcs1 = { version = "0.4", default-features = false, features = ["pkcs8", "alloc"] } -pkcs8 = { version = "0.9", default-features = false, features = ["alloc"] } +pkcs1 = { version = "0.7.1", default-features = false, features = ["alloc", "pkcs8"] } +pkcs8 = { version = "0.10", default-features = false, features = ["alloc"] } serde = { version = "1.0.103", optional = true, default-features = false, features = ["derive"] } sha2 = { version = "0.10.6", optional = true, default-features = false, features = ["oid"] } signature = { version = "2", default-features = false , features = ["digest", "rand_core"] } diff --git a/README.md b/README.md index 63c2921c..894b2c1e 100644 --- a/README.md +++ b/README.md @@ -70,9 +70,9 @@ There will be three phases before `1.0` 🚢 can be released. ## Minimum Supported Rust Version (MSRV) -All crates in this repository support Rust 1.60 or higher. In future -minimally supported version of Rust can be changed, but it will be done with -a minor version bump. +All crates in this repository support Rust 1.65 or higher. + +In the future MSRV can be changed, but it will be done with a minor version bump. ## License @@ -97,7 +97,7 @@ dual licensed as above, without any additional terms or conditions. [doc-link]: https://docs.rs/rsa [build-image]: https://github.com/rustcrypto/RSA/workflows/CI/badge.svg [build-link]: https://github.com/RustCrypto/RSA/actions?query=workflow%3ACI+branch%3Amaster -[msrv-image]: https://img.shields.io/badge/rustc-1.60+-blue.svg +[msrv-image]: https://img.shields.io/badge/rustc-1.65+-blue.svg [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg [chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260047-RSA [deps-image]: https://deps.rs/repo/github/RustCrypto/RSA/status.svg diff --git a/src/encoding.rs b/src/encoding.rs index 6c59782b..6b050c07 100644 --- a/src/encoding.rs +++ b/src/encoding.rs @@ -5,14 +5,11 @@ use crate::{key::PublicKeyParts, BigUint, RsaPrivateKey, RsaPublicKey}; use core::convert::{TryFrom, TryInto}; -use pkcs1::der::Encode; -use pkcs8::{ - DecodePrivateKey, DecodePublicKey, Document, EncodePrivateKey, EncodePublicKey, SecretDocument, -}; +use pkcs8::{der::Encode, Document, EncodePrivateKey, EncodePublicKey, SecretDocument}; use zeroize::Zeroizing; /// Verify that the `AlgorithmIdentifier` for a key is correct. -fn verify_algorithm_id(algorithm: &pkcs8::AlgorithmIdentifier) -> pkcs8::spki::Result<()> { +fn verify_algorithm_id(algorithm: &pkcs8::AlgorithmIdentifierRef) -> pkcs8::spki::Result<()> { algorithm.assert_algorithm_oid(pkcs1::ALGORITHM_OID)?; if algorithm.parameters_any()? != pkcs8::der::asn1::Null.into() { @@ -45,23 +42,23 @@ impl TryFrom> for RsaPrivateKey { } } -impl DecodePrivateKey for RsaPrivateKey {} - -impl TryFrom> for RsaPublicKey { +impl TryFrom> for RsaPublicKey { type Error = pkcs8::spki::Error; - fn try_from(spki: pkcs8::SubjectPublicKeyInfo<'_>) -> pkcs8::spki::Result { + fn try_from(spki: pkcs8::SubjectPublicKeyInfoRef<'_>) -> pkcs8::spki::Result { verify_algorithm_id(&spki.algorithm)?; - let pkcs1_key = pkcs1::RsaPublicKey::try_from(spki.subject_public_key)?; + let pkcs1_key = pkcs1::RsaPublicKey::try_from( + spki.subject_public_key + .as_bytes() + .ok_or(pkcs8::spki::Error::KeyMalformed)?, + )?; let n = BigUint::from_bytes_be(pkcs1_key.modulus.as_bytes()); let e = BigUint::from_bytes_be(pkcs1_key.public_exponent.as_bytes()); RsaPublicKey::new(n, e).map_err(|_| pkcs8::spki::Error::KeyMalformed) } } -impl DecodePublicKey for RsaPublicKey {} - impl EncodePrivateKey for RsaPrivateKey { fn to_pkcs8_der(&self) -> pkcs8::Result { // Check if the key is multi prime @@ -83,17 +80,17 @@ impl EncodePrivateKey for RsaPrivateKey { ); let private_key = pkcs1::RsaPrivateKey { - modulus: pkcs1::UIntRef::new(&modulus)?, - public_exponent: pkcs1::UIntRef::new(&public_exponent)?, - private_exponent: pkcs1::UIntRef::new(&private_exponent)?, - prime1: pkcs1::UIntRef::new(&prime1)?, - prime2: pkcs1::UIntRef::new(&prime2)?, - exponent1: pkcs1::UIntRef::new(&exponent1)?, - exponent2: pkcs1::UIntRef::new(&exponent2)?, - coefficient: pkcs1::UIntRef::new(&coefficient)?, + modulus: pkcs1::UintRef::new(&modulus)?, + public_exponent: pkcs1::UintRef::new(&public_exponent)?, + private_exponent: pkcs1::UintRef::new(&private_exponent)?, + prime1: pkcs1::UintRef::new(&prime1)?, + prime2: pkcs1::UintRef::new(&prime2)?, + exponent1: pkcs1::UintRef::new(&exponent1)?, + exponent2: pkcs1::UintRef::new(&exponent2)?, + coefficient: pkcs1::UintRef::new(&coefficient)?, other_prime_infos: None, } - .to_vec()?; + .to_der()?; pkcs8::PrivateKeyInfo::new(pkcs1::ALGORITHM_ID, private_key.as_ref()).try_into() } @@ -105,14 +102,17 @@ impl EncodePublicKey for RsaPublicKey { let public_exponent = self.e().to_bytes_be(); let subject_public_key = pkcs1::RsaPublicKey { - modulus: pkcs1::UIntRef::new(&modulus)?, - public_exponent: pkcs1::UIntRef::new(&public_exponent)?, + modulus: pkcs1::UintRef::new(&modulus)?, + public_exponent: pkcs1::UintRef::new(&public_exponent)?, } - .to_vec()?; + .to_der()?; - pkcs8::SubjectPublicKeyInfo { + pkcs8::SubjectPublicKeyInfoRef { algorithm: pkcs1::ALGORITHM_ID, - subject_public_key: subject_public_key.as_ref(), + subject_public_key: pkcs8::der::asn1::BitStringRef::new( + 0, + subject_public_key.as_ref(), + )?, } .try_into() }