diff options
author | Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2021-01-05 22:52:27 +0100 |
---|---|---|
committer | Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2021-01-05 22:53:27 +0100 |
commit | 1fb7975d3d8d3c3352221e9b296e12f2f5392eb6 (patch) | |
tree | 1965c55bea66ddfcd1ca055304acef82c6493317 /src | |
parent | Fix some clippy warnings (diff) | |
download | wireguard-rs-1fb7975d3d8d3c3352221e9b296e12f2f5392eb6.tar.xz wireguard-rs-1fb7975d3d8d3c3352221e9b296e12f2f5392eb6.zip |
Upgrade dependencies
Signed-off-by: Mathias Hall-Andersen <mathias@hall-andersen.dk>
Diffstat (limited to 'src')
-rw-r--r-- | src/wireguard/handshake/device.rs | 2 | ||||
-rw-r--r-- | src/wireguard/handshake/macs.rs | 18 | ||||
-rw-r--r-- | src/wireguard/handshake/noise.rs | 26 | ||||
-rw-r--r-- | src/wireguard/handshake/tests.rs | 18 |
4 files changed, 34 insertions, 30 deletions
diff --git a/src/wireguard/handshake/device.rs b/src/wireguard/handshake/device.rs index d71f351..47ca401 100644 --- a/src/wireguard/handshake/device.rs +++ b/src/wireguard/handshake/device.rs @@ -8,8 +8,8 @@ use dashmap::mapref::entry::Entry; use dashmap::DashMap; use zerocopy::AsBytes; -use rand::prelude::{CryptoRng, RngCore}; use rand::Rng; +use rand_core::{CryptoRng, RngCore}; use clear_on_drop::clear::Clear; diff --git a/src/wireguard/handshake/macs.rs b/src/wireguard/handshake/macs.rs index cb5d7d4..8d79c5e 100644 --- a/src/wireguard/handshake/macs.rs +++ b/src/wireguard/handshake/macs.rs @@ -1,5 +1,5 @@ use generic_array::GenericArray; -use rand::{CryptoRng, RngCore}; +use rand_core::{CryptoRng, RngCore}; use spin::RwLock; use std::time::{Duration, Instant}; @@ -8,6 +8,7 @@ use std::net::SocketAddr; use x25519_dalek::PublicKey; // AEAD + use aead::{Aead, NewAead, Payload}; use chacha20poly1305::XChaCha20Poly1305; @@ -33,30 +34,29 @@ macro_rules! HASH { use blake2::Digest; let mut hsh = Blake2s::new(); $( - hsh.input($input); + hsh.update($input); )* - hsh.result() + hsh.finalize() }}; } macro_rules! MAC { ( $key:expr, $($input:expr),* ) => {{ use blake2::VarBlake2s; - use digest::Input; - use digest::VariableOutput; + use blake2::digest::{Update, VariableOutput}; let mut tag = [0u8; SIZE_MAC]; let mut mac = VarBlake2s::new_keyed($key, SIZE_MAC); $( - mac.input($input); + mac.update($input); )* - mac.variable_result(|buf| tag.copy_from_slice(buf)); + mac.finalize_variable(|buf| tag.copy_from_slice(buf)); tag }}; } macro_rules! XSEAL { ($key:expr, $nonce:expr, $ad:expr, $pt:expr, $ct:expr) => {{ - let ct = XChaCha20Poly1305::new(*GenericArray::from_slice($key)) + let ct = XChaCha20Poly1305::new(GenericArray::from_slice($key)) .encrypt( GenericArray::from_slice($nonce), Payload { msg: $pt, aad: $ad }, @@ -70,7 +70,7 @@ macro_rules! XSEAL { macro_rules! XOPEN { ($key:expr, $nonce:expr, $ad:expr, $pt:expr, $ct:expr) => {{ debug_assert_eq!($ct.len(), $pt.len() + SIZE_TAG); - XChaCha20Poly1305::new(*GenericArray::from_slice($key)) + XChaCha20Poly1305::new(GenericArray::from_slice($key)) .decrypt( GenericArray::from_slice($nonce), Payload { msg: $ct, aad: $ad }, diff --git a/src/wireguard/handshake/noise.rs b/src/wireguard/handshake/noise.rs index 475b159..92c8c5f 100644 --- a/src/wireguard/handshake/noise.rs +++ b/src/wireguard/handshake/noise.rs @@ -11,13 +11,13 @@ use hmac::Hmac; use aead::{Aead, NewAead, Payload}; use chacha20poly1305::ChaCha20Poly1305; -use rand::prelude::{CryptoRng, RngCore}; +use rand_core::{CryptoRng, RngCore}; use generic_array::typenum::*; use generic_array::*; use clear_on_drop::clear::Clear; -use clear_on_drop::clear_stack_on_return; +use clear_on_drop::clear_stack_on_return_fnonce; use subtle::ConstantTimeEq; @@ -63,20 +63,20 @@ macro_rules! HASH { use blake2::Digest; let mut hsh = Blake2s::new(); $( - hsh.input($input); + hsh.update($input); )* - hsh.result() + hsh.finalize() }}; } macro_rules! HMAC { ($key:expr, $($input:expr),*) => {{ - use hmac::Mac; + use hmac::{Mac, NewMac}; let mut mac = HMACBlake2s::new_varkey($key).unwrap(); $( - mac.input($input); + mac.update($input); )* - mac.result().code() + mac.finalize().into_bytes() }}; } @@ -112,7 +112,7 @@ macro_rules! KDF3 { macro_rules! SEAL { ($key:expr, $ad:expr, $pt:expr, $ct:expr) => { - ChaCha20Poly1305::new(*GenericArray::from_slice($key)) + ChaCha20Poly1305::new(GenericArray::from_slice($key)) .encrypt(&ZERO_NONCE.into(), Payload { msg: $pt, aad: $ad }) .map(|ct| $ct.copy_from_slice(&ct)) .unwrap() @@ -121,7 +121,7 @@ macro_rules! SEAL { macro_rules! OPEN { ($key:expr, $ad:expr, $pt:expr, $ct:expr) => { - ChaCha20Poly1305::new(*GenericArray::from_slice($key)) + ChaCha20Poly1305::new(GenericArray::from_slice($key)) .decrypt(&ZERO_NONCE.into(), Payload { msg: $ct, aad: $ad }) .map_err(|_| HandshakeError::DecryptionFailure) .map(|pt| $pt.copy_from_slice(&pt)) @@ -242,7 +242,7 @@ pub(super) fn create_initiation<R: RngCore + CryptoRng, O>( return Err(HandshakeError::InvalidSharedSecret); } - clear_stack_on_return(CLEAR_PAGES, || { + clear_stack_on_return_fnonce(CLEAR_PAGES, || { // initialize state let ck = INITIAL_CK; @@ -323,7 +323,7 @@ pub(super) fn consume_initiation<'a, O>( ) -> Result<(&'a Peer<O>, PublicKey, TemporaryState), HandshakeError> { log::debug!("consume initiation"); - clear_stack_on_return(CLEAR_PAGES, || { + clear_stack_on_return_fnonce(CLEAR_PAGES, || { // initialize new state let ck = INITIAL_CK; @@ -412,7 +412,7 @@ pub(super) fn create_response<R: RngCore + CryptoRng, O>( msg: &mut NoiseResponse, // resulting response ) -> Result<KeyPair, HandshakeError> { log::debug!("create response"); - clear_stack_on_return(CLEAR_PAGES, || { + clear_stack_on_return_fnonce(CLEAR_PAGES, || { // unpack state let (receiver, eph_r_pk, hs, ck) = state; @@ -497,7 +497,7 @@ pub(super) fn consume_response<'a, O>( msg: &NoiseResponse, ) -> Result<Output<'a, O>, HandshakeError> { log::debug!("consume response"); - clear_stack_on_return(CLEAR_PAGES, || { + clear_stack_on_return_fnonce(CLEAR_PAGES, || { // retrieve peer and copy initiation state let (peer, _) = device.lookup_id(msg.f_receiver.get())?; diff --git a/src/wireguard/handshake/tests.rs b/src/wireguard/handshake/tests.rs index 5174d2e..35ff152 100644 --- a/src/wireguard/handshake/tests.rs +++ b/src/wireguard/handshake/tests.rs @@ -6,8 +6,8 @@ use std::time::Duration; use hex; -use rand::prelude::{CryptoRng, RngCore}; use rand::rngs::OsRng; +use rand_core::{CryptoRng, RngCore}; use x25519_dalek::PublicKey; use x25519_dalek::StaticSecret; @@ -15,20 +15,22 @@ use x25519_dalek::StaticSecret; use super::messages::{Initiation, Response}; fn setup_devices<R: RngCore + CryptoRng, O: Default>( - rng: &mut R, + rng1: &mut R, + rng2: &mut R, + rng3: &mut R, ) -> (PublicKey, Device<O>, PublicKey, Device<O>) { // generate new key pairs - let sk1 = StaticSecret::new(rng); + let sk1 = StaticSecret::new(rng1); let pk1 = PublicKey::from(&sk1); - let sk2 = StaticSecret::new(rng); + let sk2 = StaticSecret::new(rng2); let pk2 = PublicKey::from(&sk2); // pick random psk let mut psk = [0u8; 32]; - rng.fill_bytes(&mut psk[..]); + rng3.fill_bytes(&mut psk[..]); // initialize devices on both ends @@ -63,7 +65,8 @@ fn wait() { */ #[test] fn handshake_under_load() { - let (_pk1, dev1, pk2, dev2): (_, Device<usize>, _, _) = setup_devices(&mut OsRng); + let (_pk1, dev1, pk2, dev2): (_, Device<usize>, _, _) = + setup_devices(&mut OsRng, &mut OsRng, &mut OsRng); let src1: SocketAddr = "172.16.0.1:8080".parse().unwrap(); let src2: SocketAddr = "172.16.0.2:7070".parse().unwrap(); @@ -140,7 +143,8 @@ fn handshake_under_load() { #[test] fn handshake_no_load() { - let (pk1, mut dev1, pk2, mut dev2): (_, Device<usize>, _, _) = setup_devices(&mut OsRng); + let (pk1, mut dev1, pk2, mut dev2): (_, Device<usize>, _, _) = + setup_devices(&mut OsRng, &mut OsRng, &mut OsRng); // do a few handshakes (every handshake should succeed) |