Merge pull request #15 from andrewwhitehead/021-deps

Update p256, k256, sqlx dependencies; update version to 0.2.1
openwallet-foundation · Jul 23, 2021 · c3eecb0 · c3eecb0
2 parents e875221 + 2a75d75
commit c3eecb0
Show file tree

Hide file tree

Showing 5 changed files with 26 additions and 32 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -3,7 +3,7 @@ members = ["askar-crypto"]
 
 [package]
 name = "aries-askar"
-version = "0.2.0"
+version = "0.2.1"
 authors = ["Hyperledger Aries Contributors <[email protected]>"]
 edition = "2018"
 description = "Hyperledger Aries Askar secure storage"
@@ -64,15 +64,15 @@ sha2 = "0.9"
 tokio = { version = "1.5", features = ["time"] }
 url = { version = "2.1", default-features = false }
 uuid = { version = "0.8", features = ["v4"] }
-zeroize = "1.3"
+zeroize = "1.4"
 
 [dependencies.askar-crypto]
 version = "0.2"
 path = "./askar-crypto"
 features = ["all_keys", "any_key", "argon2", "crypto_box", "std"]
 
 [dependencies.sqlx]
-version = "=0.5.1"
+version = "0.5.5"
 default-features = false
 features = ["chrono", "runtime-tokio-rustls"]
 optional = true

diff --git a/askar-crypto/Cargo.toml b/askar-crypto/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "askar-crypto"
-version = "0.2.0"
+version = "0.2.1"
 authors = ["Hyperledger Aries Contributors <[email protected]>"]
 edition = "2018"
 description = "Hyperledger Aries Askar cryptography"
@@ -62,12 +62,12 @@ digest = "0.9"
 group = "0.9"
 hkdf = { version = "0.11", optional = true }
 hmac = { version = "0.11", optional = true }
-k256 = { version = "0.8", default-features = false, features = ["arithmetic", "ecdsa", "ecdh", "sha256", "zeroize"], optional = true }
-p256 = { version = "0.8", default-features = false, features = ["arithmetic", "ecdsa", "ecdh", "zeroize"], optional = true }
+k256 = { version = "0.9", default-features = false, features = ["arithmetic", "ecdsa", "ecdh", "sha256", "zeroize"], optional = true }
+p256 = { version = "0.9", default-features = false, features = ["arithmetic", "ecdsa", "ecdh", "zeroize"], optional = true }
 rand = { version = "0.8", default-features = false }
 serde = { version = "1.0", default-features = false, features = ["derive"] }
 serde-json-core = { version = "0.4", default-features = false }
 subtle = "2.4"
 sha2 = { version = "0.9", default-features = false }
 x25519-dalek = { version = "1.1", default-features = false, features = ["u64_backend"], optional = true }
-zeroize = { version = "1.3", features = ["zeroize_derive"] }
+zeroize = { version = "1.4", features = ["zeroize_derive"] }
diff --git a/askar-crypto/src/alg/k256.rs b/askar-crypto/src/alg/k256.rs
@@ -7,7 +7,7 @@ use k256::{
         signature::{Signer, Verifier},
         Signature, SigningKey, VerifyingKey,
     },
-    elliptic_curve::{ecdh::diffie_hellman, sec1::Coordinates, Curve, SecretValue},
+    elliptic_curve::{self, ecdh::diffie_hellman, sec1::Coordinates},
     EncodedPoint, PublicKey, SecretKey,
 };
 use subtle::ConstantTimeEq;
@@ -47,7 +47,7 @@ pub static JWK_KEY_TYPE: &'static str = "EC";
 /// The 'crv' value of a K-256 key JWK
 pub static JWK_CURVE: &'static str = "secp256k1";
 
-type FieldSize = <k256::Secp256k1 as Curve>::FieldSize;
+type FieldSize = elliptic_curve::FieldSize<k256::Secp256k1>;
 
 /// A K-256 (secp256k1) public key or keypair
 #[derive(Clone, Debug)]
@@ -115,10 +115,8 @@ impl KeyGen for K256KeyPair {
     fn generate(mut rng: impl KeyMaterial) -> Result<Self, Error> {
         ArrayKey::<FieldSize>::temp(|buf| loop {
             rng.read_okm(buf);
-            if let Some(key) = k256::Secp256k1::from_secret_bytes(&buf) {
-                if key.is_zero().unwrap_u8() == 0 {
-                    return Ok(Self::from_secret_key(SecretKey::new(key)));
-                }
+            if let Ok(key) = SecretKey::from_bytes(&buf) {
+                return Ok(Self::from_secret_key(key));
             }
         })
     }
@@ -133,8 +131,7 @@ impl KeySecretBytes for K256KeyPair {
 
     fn with_secret_bytes<O>(&self, f: impl FnOnce(Option<&[u8]>) -> O) -> O {
         if let Some(sk) = self.secret.as_ref() {
-            let b = k256::SecretBytes::from(sk.to_bytes());
-            f(Some(&b[..]))
+            f(Some(sk.as_scalar_bytes().as_ref()))
         } else {
             f(None)
         }
@@ -160,9 +157,9 @@ impl KeypairBytes for K256KeyPair {
     fn with_keypair_bytes<O>(&self, f: impl FnOnce(Option<&[u8]>) -> O) -> O {
         if let Some(secret) = self.secret.as_ref() {
             ArrayKey::<<Self as KeypairMeta>::KeypairSize>::temp(|arr| {
-                let sk_b = k256::SecretBytes::from(secret.to_bytes());
+                let sk_b = secret.as_scalar_bytes();
                 let pk_enc = EncodedPoint::encode(self.public, true);
-                arr[..SECRET_KEY_LENGTH].copy_from_slice(&sk_b[..]);
+                arr[..SECRET_KEY_LENGTH].copy_from_slice(sk_b.as_ref());
                 arr[SECRET_KEY_LENGTH..].copy_from_slice(pk_enc.as_ref());
                 f(Some(&*arr))
             })
@@ -237,7 +234,7 @@ impl ToJwk for K256KeyPair {
                 ))
             }
             Coordinates::Uncompressed { x, y } => (x, y),
-            Coordinates::Compressed { .. } => unreachable!(),
+            Coordinates::Compressed { .. } | Coordinates::Compact { .. } => unreachable!(),
         };
 
         enc.add_str("crv", JWK_CURVE)?;
@@ -302,7 +299,7 @@ impl KeyExchange for K256KeyPair {
     fn write_key_exchange(&self, other: &Self, out: &mut dyn WriteBuffer) -> Result<(), Error> {
         match self.secret.as_ref() {
             Some(sk) => {
-                let xk = diffie_hellman(sk.secret_scalar(), other.public.as_affine());
+                let xk = diffie_hellman(sk.to_secret_scalar(), other.public.as_affine());
                 out.buffer_write(xk.as_bytes())?;
                 Ok(())
             }

diff --git a/askar-crypto/src/alg/p256.rs b/askar-crypto/src/alg/p256.rs
@@ -7,7 +7,7 @@ use p256::{
         signature::{Signer, Verifier},
         Signature, SigningKey, VerifyingKey,
     },
-    elliptic_curve::{ecdh::diffie_hellman, sec1::Coordinates, Curve, SecretValue},
+    elliptic_curve::{self, ecdh::diffie_hellman, sec1::Coordinates},
     EncodedPoint, PublicKey, SecretKey,
 };
 use subtle::ConstantTimeEq;
@@ -47,7 +47,7 @@ pub static JWK_KEY_TYPE: &'static str = "EC";
 /// The 'crv' value of a P-256 key JWK
 pub static JWK_CURVE: &'static str = "P-256";
 
-type FieldSize = <p256::NistP256 as Curve>::FieldSize;
+type FieldSize = elliptic_curve::FieldSize<p256::NistP256>;
 
 /// A P-256 (secp256r1) public key or keypair
 #[derive(Clone, Debug)]
@@ -115,10 +115,8 @@ impl KeyGen for P256KeyPair {
     fn generate(mut rng: impl KeyMaterial) -> Result<Self, Error> {
         ArrayKey::<FieldSize>::temp(|buf| loop {
             rng.read_okm(buf);
-            if let Some(key) = p256::NistP256::from_secret_bytes(&buf) {
-                if key.is_zero().unwrap_u8() == 0 {
-                    return Ok(Self::from_secret_key(SecretKey::new(key)));
-                }
+            if let Ok(key) = SecretKey::from_bytes(&buf) {
+                return Ok(Self::from_secret_key(key));
             }
         })
     }
@@ -133,8 +131,7 @@ impl KeySecretBytes for P256KeyPair {
 
     fn with_secret_bytes<O>(&self, f: impl FnOnce(Option<&[u8]>) -> O) -> O {
         if let Some(sk) = self.secret.as_ref() {
-            let b = p256::SecretBytes::from(sk.to_bytes());
-            f(Some(&b[..]))
+            f(Some(sk.as_scalar_bytes().as_ref()))
         } else {
             f(None)
         }
@@ -160,9 +157,9 @@ impl KeypairBytes for P256KeyPair {
     fn with_keypair_bytes<O>(&self, f: impl FnOnce(Option<&[u8]>) -> O) -> O {
         if let Some(secret) = self.secret.as_ref() {
             ArrayKey::<<Self as KeypairMeta>::KeypairSize>::temp(|arr| {
-                let sk_b = p256::SecretBytes::from(secret.to_bytes());
+                let sk_b = secret.as_scalar_bytes();
                 let pk_enc = EncodedPoint::encode(self.public, true);
-                arr[..SECRET_KEY_LENGTH].copy_from_slice(&sk_b[..]);
+                arr[..SECRET_KEY_LENGTH].copy_from_slice(sk_b.as_ref());
                 arr[SECRET_KEY_LENGTH..].copy_from_slice(pk_enc.as_ref());
                 f(Some(&*arr))
             })
@@ -237,7 +234,7 @@ impl ToJwk for P256KeyPair {
                 ))
             }
             Coordinates::Uncompressed { x, y } => (x, y),
-            Coordinates::Compressed { .. } => unreachable!(),
+            Coordinates::Compressed { .. } | Coordinates::Compact { .. } => unreachable!(),
         };
 
         enc.add_str("crv", JWK_CURVE)?;
@@ -302,7 +299,7 @@ impl KeyExchange for P256KeyPair {
     fn write_key_exchange(&self, other: &Self, out: &mut dyn WriteBuffer) -> Result<(), Error> {
         match self.secret.as_ref() {
             Some(sk) => {
-                let xk = diffie_hellman(sk.secret_scalar(), other.public.as_affine());
+                let xk = diffie_hellman(sk.to_secret_scalar(), other.public.as_affine());
                 out.buffer_write(xk.as_bytes())?;
                 Ok(())
             }

diff --git a/wrappers/python/aries_askar/version.py b/wrappers/python/aries_askar/version.py
@@ -1,3 +1,3 @@
 """aries_askar library wrapper version."""
 
-__version__ = "0.2.0"
+__version__ = "0.2.1"