diff --git a/Cargo.lock b/Cargo.lock index 46d19fec..abb0e54c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -258,9 +258,9 @@ dependencies = [ [[package]] name = "const-oid" -version = "0.7.1" +version = "0.9.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e4c78c047431fee22c1a7bb92e00ad095a02a983affe4d8a72e2a2c62c1b94f3" +checksum = "520fbf3c07483f94e3e3ca9d0cfd913d7718ef2483d2cfd91c0d9e91474ab913" [[package]] name = "core-foundation" @@ -339,16 +339,6 @@ dependencies = [ "libc", ] -[[package]] -name = "crypto-bigint" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "03c6a1d5fa1de37e071642dfa44ec552ca5b299adb128fab16138e24b548fd21" -dependencies = [ - "generic-array", - "subtle", -] - [[package]] name = "crypto-common" version = "0.1.6" @@ -385,13 +375,13 @@ checksum = "0c87e182de0887fd5361989c677c4e8f5000cd9491d6d563161a8f3a5519fc7f" [[package]] name = "der" -version = "0.5.1" +version = "0.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6919815d73839e7ad218de758883aae3a257ba6759ce7a9992501efbb53d705c" +checksum = "f1a467a65c5e759bce6e65eaf91cc29f466cdc57cb65777bd646872a8a1fd4de" dependencies = [ "const-oid", - "crypto-bigint", "pem-rfc7468", + "zeroize", ] [[package]] @@ -401,6 +391,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f" dependencies = [ "block-buffer", + "const-oid", "crypto-common", "subtle", ] @@ -1995,9 +1986,9 @@ checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" [[package]] name = "pem-rfc7468" -version = "0.3.1" +version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "01de5d978f34aa4b2296576379fcc416034702fd94117c56ffd8a1a767cefb30" +checksum = "24d159833a9105500e0398934e205e0773f0b27529557134ecfc51c27646adac" dependencies = [ "base64ct", ] @@ -2032,24 +2023,24 @@ checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" [[package]] name = "pkcs1" -version = "0.3.3" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a78f66c04ccc83dd4486fd46c33896f4e17b24a7a3a6400dedc48ed0ddd72320" +checksum = "eff33bdbdfc54cc98a2eca766ebdec3e1b8fb7387523d5c9c9a2891da856f719" dependencies = [ "der", "pkcs8", + "spki", "zeroize", ] [[package]] name = "pkcs8" -version = "0.8.0" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7cabda3fb821068a9a4fab19a683eac3af12edf0f34b94a8be53c4972b8149d0" +checksum = "9eca2c590a5f85da82668fa685c09ce2888b9430e83299debf1f34b65fd4a4ba" dependencies = [ "der", "spki", - "zeroize", ] [[package]] @@ -2332,9 +2323,9 @@ dependencies = [ [[package]] name = "rsa" -version = "0.6.1" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4cf22754c49613d2b3b119f0e5d46e34a2c628a937e3024b8762de4e7d8c710b" +checksum = "55a77d189da1fee555ad95b7e50e7457d91c0e089ec68ca69ad2989413bbdab4" dependencies = [ "byteorder", "digest", @@ -2345,7 +2336,7 @@ dependencies = [ "pkcs1", "pkcs8", "rand_core", - "smallvec", + "signature", "subtle", "zeroize", ] @@ -2627,6 +2618,16 @@ dependencies = [ "libc", ] +[[package]] +name = "signature" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e1788eed21689f9cf370582dfc467ef36ed9c707f073528ddafa8d83e3b8500" +dependencies = [ + "digest", + "rand_core", +] + [[package]] name = "slab" version = "0.4.8" @@ -2660,9 +2661,9 @@ checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" [[package]] name = "spki" -version = "0.5.4" +version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "44d01ac02a6ccf3e07db148d2be087da624fea0221a16152ed01f0496a6b0a27" +checksum = "67cf02bbac7a337dc36e4f5a693db6c21e7863f45070f7064577eb4367a3212b" dependencies = [ "base64ct", "der", diff --git a/core/Cargo.toml b/core/Cargo.toml index b0c52236..07da591d 100644 --- a/core/Cargo.toml +++ b/core/Cargo.toml @@ -43,10 +43,10 @@ priority-queue = "1.2" protobuf = "3" quick-xml = { version = "0.23", features = ["serialize"] } rand = "0.8" -rsa = "0.6" +rsa = "0.8.2" serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" -sha1 = "0.10" +sha1 = { version = "0.10", features = ["oid"] } shannon = "0.2" sysinfo = { version = "0.28", default-features = false } thiserror = "1.0" diff --git a/core/src/connection/handshake.rs b/core/src/connection/handshake.rs index abcc0a3d..e4fdba4f 100644 --- a/core/src/connection/handshake.rs +++ b/core/src/connection/handshake.rs @@ -4,7 +4,7 @@ use byteorder::{BigEndian, ByteOrder, WriteBytesExt}; use hmac::{Hmac, Mac}; use protobuf::{self, Message}; use rand::{thread_rng, RngCore}; -use rsa::{BigUint, PublicKey}; +use rsa::{BigUint, Pkcs1v15Sign, PublicKey}; use sha1::{Digest, Sha1}; use thiserror::Error; use tokio::io::{AsyncRead, AsyncReadExt, AsyncWrite, AsyncWriteExt}; @@ -83,11 +83,9 @@ pub async fn handshake( })?; let hash = Sha1::digest(&remote_key); - let padding = PaddingScheme(rsa::padding::PaddingScheme::new_pkcs1v15_sign(Some( - rsa::hash::Hash::SHA1, - ))); + let padding = Pkcs1v15Sign::new::(); public_key - .verify(padding.0, &hash, &remote_signature) + .verify(padding, &hash, &remote_signature) .map_err(|_| { io::Error::new( io::ErrorKind::InvalidData, @@ -105,13 +103,6 @@ pub async fn handshake( Ok(codec.framed(connection)) } -// Workaround for https://github.com/RustCrypto/RSA/issues/214 -struct PaddingScheme(rsa::padding::PaddingScheme); - -/// # Safety -/// The `rsa::padding::PaddingScheme` variant we use is actually `Send`. -unsafe impl Send for PaddingScheme {} - async fn client_hello(connection: &mut T, gc: Vec) -> io::Result> where T: AsyncWrite + Unpin,