Skip to content

Commit

Permalink
bump dependencies to pre-release versions
Browse files Browse the repository at this point in the history
  • Loading branch information
baloo committed Feb 6, 2024
1 parent 53a82e6 commit 76b2fb6
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 9 deletions.
26 changes: 20 additions & 6 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,20 @@ nightly = []
# see https://github.com/ramosbugs/openidconnect-rs/pull/131#discussion_r1349786021
jwk-alg = []

[patch.crates-io]

# https://github.com/ramosbugs/oauth2-rs/pull/251
oauth2 = { git = "https://github.com/baloo/oauth2-rs.git", branch = "baloo/sha2-prerelease" }

p256 = { git = "https://github.com/RustCrypto/elliptic-curves.git" }
p384 = { git = "https://github.com/RustCrypto/elliptic-curves.git" }

ed25519 = { git = "https://github.com/baloo/signatures.git", branch = "baloo/pkcs8-0.11.0-pre.0" }

# https://github.com/dalek-cryptography/curve25519-dalek/pull/620
curve25519-dalek = { git = "https://github.com/baloo/curve25519-dalek.git", branch = "baloo/rust-crypto/digest-sha2-bumps" }
ed25519-dalek = { git = "https://github.com/baloo/curve25519-dalek.git", branch = "baloo/rust-crypto/digest-sha2-bumps" }

[dependencies]
base64 = "0.13"
# Disable 'time' dependency since it triggers RUSTSEC-2020-0071 and we don't need it.
Expand All @@ -43,11 +57,11 @@ itertools = "0.10"
log = "0.4"
oauth2 = { version = "4.4.1", default-features = false }
rand = "0.8.5"
hmac = "0.12.1"
rsa = "0.9.2"
sha2 = { version = "0.10.6", features = ["oid"] } # Object ID needed for pkcs1v15 padding
p256 = "0.13.2"
p384 = "0.13.0"
hmac = "=0.13.0-pre.3"
rsa = "=0.10.0-pre.1"
sha2 = { version = "=0.11.0-pre.3", features = ["oid"] } # Object ID needed for pkcs1v15 padding
p256 = "=0.14.0-pre.0"
p384 = "=0.14.0-pre"
dyn-clone = "1.0.10"
serde = "1.0"
serde_derive = "1.0"
Expand All @@ -58,7 +72,7 @@ serde_with = "3"
serde-value = "0.7"
url = { version = "2.4", features = ["serde"] }
subtle = "2.4"
ed25519-dalek = { version = "2.0.0", features = ["pem"] }
ed25519-dalek = { version = "2.1.0", features = ["pem"] }

[dev-dependencies]
color-backtrace = { version = "0.5" }
Expand Down
7 changes: 4 additions & 3 deletions src/core/jwk.rs
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
use ed25519_dalek::pkcs8::DecodePrivateKey;
use ed25519_dalek::Signer;
use hmac::KeyInit;
use rsa::pkcs1::DecodeRsaPrivateKey;
use sha2::Digest;

Expand Down Expand Up @@ -301,7 +302,7 @@ impl JsonWebKey<CoreJwsSigningAlgorithm, CoreJsonWebKeyType, CoreJsonWebKeyUse>
SignatureVerificationError::Other(format!("Could not create key: {}", e))
})?;
mac.update(message);
mac.verify(signature.into())
mac.verify_slice(signature)
.map_err(|_| SignatureVerificationError::CryptoError("bad HMAC".to_string()))
}
CoreJwsSigningAlgorithm::HmacSha384 => {
Expand All @@ -316,7 +317,7 @@ impl JsonWebKey<CoreJwsSigningAlgorithm, CoreJsonWebKeyType, CoreJsonWebKeyUse>
SignatureVerificationError::Other(format!("Could not create key: {}", e))
})?;
mac.update(message);
mac.verify(signature.into())
mac.verify_slice(signature)
.map_err(|_| SignatureVerificationError::CryptoError("bad HMAC".to_string()))
}
CoreJwsSigningAlgorithm::HmacSha512 => {
Expand All @@ -331,7 +332,7 @@ impl JsonWebKey<CoreJwsSigningAlgorithm, CoreJsonWebKeyType, CoreJsonWebKeyUse>
SignatureVerificationError::Other(format!("Could not create key: {}", e))
})?;
mac.update(message);
mac.verify(signature.into())
mac.verify_slice(signature)
.map_err(|_| SignatureVerificationError::CryptoError("bad HMAC".to_string()))
}
CoreJwsSigningAlgorithm::EcdsaP256Sha256 => {
Expand Down

0 comments on commit 76b2fb6

Please sign in to comment.