matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-07-31 09:24:31 +03:00
Code Activity

Bump all Rust dependencies to latest version (#828)

Browse Source
This commit is contained in:
Quentin Gliech
2023-01-27 15:23:59 +01:00
committed by GitHub
parent 1e78f37353
commit 6bda071e3f
28 changed files with 435 additions and 375 deletions
Download Patch File Download Diff File Expand all files Collapse all files

553
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

8
crates/axum-utils/Cargo.toml
View File

@ -6,8 +6,8 @@ edition = "2021"
license = "Apache-2.0" license = "Apache-2.0"
[dependencies] [dependencies]
async-trait = "0.1.61" async-trait = "0.1.63"
axum = { version = "0.6.2", features = ["headers"] } axum = { version = "0.6.4", features = ["headers"] }
axum-extra = { version = "0.4.2", features = ["cookie-private"] } axum-extra = { version = "0.4.2", features = ["cookie-private"] }
chrono = "0.4.23" chrono = "0.4.23"
data-encoding = "2.3.3" data-encoding = "2.3.3"
@ -18,11 +18,11 @@ http-body = "0.4.5"
mime = "0.3.16" mime = "0.3.16"
rand = "0.8.5" rand = "0.8.5"
serde = "1.0.152" serde = "1.0.152"
serde_with = "2.1.0" serde_with = "2.2.0"
serde_urlencoded = "0.7.1" serde_urlencoded = "0.7.1"
serde_json = "1.0.91" serde_json = "1.0.91"
thiserror = "1.0.38" thiserror = "1.0.38"
tokio = "1.24.1" tokio = "1.24.2"
tower = { version = "0.4.13", features = ["util"] } tower = { version = "0.4.13", features = ["util"] }
tracing = "0.1.37" tracing = "0.1.37"
url = "2.3.1" url = "2.3.1"

10
crates/cli/Cargo.toml
View File

@ -8,20 +8,20 @@ license = "Apache-2.0"
[dependencies] [dependencies]
anyhow = "1.0.68" anyhow = "1.0.68"
atty = "0.2.14" atty = "0.2.14"
axum = "0.6.2" axum = "0.6.4"
camino = "1.1.2" camino = "1.1.2"
clap = { version = "4.0.32", features = ["derive"] } clap = { version = "4.1.4", features = ["derive"] }
dotenv = "0.15.0" dotenv = "0.15.0"
hyper = { version = "0.14.23", features = ["full"] } hyper = { version = "0.14.23", features = ["full"] }
itertools = "0.10.5" itertools = "0.10.5"
listenfd = "1.0.0" listenfd = "1.0.0"
rand = "0.8.5" rand = "0.8.5"
rand_chacha = "0.3.1" rand_chacha = "0.3.1"
rustls = "0.20.7" rustls = "0.20.8"
serde_json = "1.0.91" serde_json = "1.0.91"
serde_yaml = "0.9.16" serde_yaml = "0.9.17"
sqlx = { version = "0.6.2", features = ["runtime-tokio-rustls", "postgres"] } sqlx = { version = "0.6.2", features = ["runtime-tokio-rustls", "postgres"] }
tokio = { version = "1.24.1", features = ["full"] } tokio = { version = "1.24.2", features = ["full"] }
tower = { version = "0.4.13", features = ["full"] } tower = { version = "0.4.13", features = ["full"] }
tower-http = { version = "0.3.5", features = ["fs", "compression-full"] } tower-http = { version = "0.3.5", features = ["fs", "compression-full"] }
url = "2.3.1" url = "2.3.1"

8
crates/config/Cargo.toml
View File

@ -6,9 +6,9 @@ edition = "2021"
license = "Apache-2.0" license = "Apache-2.0"
[dependencies] [dependencies]
tokio = { version = "1.24.1", features = ["fs", "rt"] } tokio = { version = "1.24.2", features = ["fs", "rt"] }
tracing = { version = "0.1.37" } tracing = { version = "0.1.37" }
async-trait = "0.1.61" async-trait = "0.1.63"
thiserror = "1.0.38" thiserror = "1.0.38"
anyhow = "1.0.68" anyhow = "1.0.68"
@ -21,11 +21,11 @@ ulid = { version = "1.0.0", features = ["serde"] }
url = { version = "2.3.1", features = ["serde"] } url = { version = "2.3.1", features = ["serde"] }
serde = { version = "1.0.152", features = ["derive"] } serde = { version = "1.0.152", features = ["derive"] }
serde_with = { version = "2.1.0", features = ["hex", "chrono"] } serde_with = { version = "2.2.0", features = ["hex", "chrono"] }
serde_json = "1.0.91" serde_json = "1.0.91"
pem-rfc7468 = "0.6.0" pem-rfc7468 = "0.6.0"
rustls-pemfile = "1.0.1" rustls-pemfile = "1.0.2"
rand = "0.8.5" rand = "0.8.5"
rand_chacha = "0.3.1" rand_chacha = "0.3.1"

10
crates/email/Cargo.toml
View File

@ -6,14 +6,14 @@ edition = "2021"
license = "Apache-2.0" license = "Apache-2.0"
[dependencies] [dependencies]
async-trait = "0.1.61" async-trait = "0.1.63"
tracing = "0.1.37" tracing = "0.1.37"
thiserror = "1.0.38" thiserror = "1.0.38"
aws-sdk-sesv2 = { version = "0.22.0", default-features = false } aws-sdk-sesv2 = { version = "0.24.0", default-features = false }
aws-config = { version = "0.52.0", default-features = false } aws-config = { version = "0.54.1", default-features = false }
aws-smithy-client = { version = "0.52.0", default-features = false, features = ["client-hyper"] } aws-smithy-client = { version = "0.54.1", default-features = false, features = ["client-hyper"] }
aws-smithy-async = { version = "0.52.0", default-features = false, features = ["rt-tokio"] } aws-smithy-async = { version = "0.54.1", default-features = false, features = ["rt-tokio"] }
mas-templates = { path = "../templates" } mas-templates = { path = "../templates" }
mas-http = { path = "../http", features = ["aws-sdk", "client"] } mas-http = { path = "../http", features = ["aws-sdk", "client"] }

2
crates/graphql/Cargo.toml
View File

@ -10,7 +10,7 @@ anyhow = "1.0.68"
async-graphql = { version = "5.0.5", features = ["chrono", "url"] } async-graphql = { version = "5.0.5", features = ["chrono", "url"] }
chrono = "0.4.23" chrono = "0.4.23"
serde = { version = "1.0.152", features = ["derive"] } serde = { version = "1.0.152", features = ["derive"] }
tokio = { version = "1.23.0", features = ["sync"] } tokio = { version = "1.24.2", features = ["sync"] }
thiserror = "1.0.38" thiserror = "1.0.38"
tracing = "0.1.37" tracing = "0.1.37"
ulid = "1.0.0" ulid = "1.0.0"

8
crates/handlers/Cargo.toml
View File

@ -7,7 +7,7 @@ license = "Apache-2.0"
[dependencies] [dependencies]
# Async runtime # Async runtime
tokio = { version = "1.24.1", features = ["macros"] } tokio = { version = "1.24.2", features = ["macros"] }
futures-util = "0.3.25" futures-util = "0.3.25"
# Logging and tracing # Logging and tracing
@ -21,8 +21,8 @@ anyhow = "1.0.68"
hyper = { version = "0.14.23", features = ["full"] } hyper = { version = "0.14.23", features = ["full"] }
tower = "0.4.13" tower = "0.4.13"
tower-http = { version = "0.3.5", features = ["cors"] } tower-http = { version = "0.3.5", features = ["cors"] }
axum = "0.6.2" axum = "0.6.4"
axum-macros = "0.3.1" axum-macros = "0.3.2"
axum-extra = { version = "0.4.2", features = ["cookie-private"] } axum-extra = { version = "0.4.2", features = ["cookie-private"] }
async-graphql = { version = "5.0.5", features = ["tracing", "apollo_tracing"] } async-graphql = { version = "5.0.5", features = ["tracing", "apollo_tracing"] }
@ -35,7 +35,7 @@ sqlx = { version = "0.6.2", features = ["runtime-tokio-rustls", "postgres"] }
# Various structure (de)serialization # Various structure (de)serialization
serde = { version = "1.0.152", features = ["derive"] } serde = { version = "1.0.152", features = ["derive"] }
serde_with = { version = "2.1.0", features = ["hex", "chrono"] } serde_with = { version = "2.2.0", features = ["hex", "chrono"] }
serde_json = "1.0.91" serde_json = "1.0.91"
serde_urlencoded = "0.7.1" serde_urlencoded = "0.7.1"

12
crates/http/Cargo.toml
View File

@ -6,9 +6,9 @@ edition = "2021"
license = "Apache-2.0" license = "Apache-2.0"
[dependencies] [dependencies]
aws-smithy-http = { version = "0.52.0", optional = true } aws-smithy-http = { version = "0.54.1", optional = true }
aws-types = { version = "0.52.0", optional = true } aws-types = { version = "0.54.1", optional = true }
axum = { version = "0.6.2", optional = true } axum = { version = "0.6.4", optional = true }
bytes = "1.3.0" bytes = "1.3.0"
futures-util = "0.3.25" futures-util = "0.3.25"
headers = "0.3.8" headers = "0.3.8"
@ -20,13 +20,13 @@ once_cell = "1.17.0"
opentelemetry = "0.18.0" opentelemetry = "0.18.0"
opentelemetry-http = "0.7.0" opentelemetry-http = "0.7.0"
opentelemetry-semantic-conventions = "0.10.0" opentelemetry-semantic-conventions = "0.10.0"
rustls = { version = "0.20.7", optional = true } rustls = { version = "0.20.8", optional = true }
rustls-native-certs = { version = "0.6.2", optional = true } rustls-native-certs = { version = "0.6.2", optional = true }
serde = "1.0.152" serde = "1.0.152"
serde_json = "1.0.91" serde_json = "1.0.91"
serde_urlencoded = "0.7.1" serde_urlencoded = "0.7.1"
thiserror = "1.0.38" thiserror = "1.0.38"
tokio = { version = "1.24.1", features = ["sync", "parking_lot"], optional = true } tokio = { version = "1.24.2", features = ["sync", "parking_lot"], optional = true }
tower = { version = "0.4.13", features = [] } tower = { version = "0.4.13", features = [] }
tower-http = { version = "0.3.5", features = ["cors"] } tower-http = { version = "0.3.5", features = ["cors"] }
tracing = "0.1.37" tracing = "0.1.37"
@ -37,7 +37,7 @@ webpki-roots = { version = "0.22.6", optional = true }
[dev-dependencies] [dev-dependencies]
anyhow = "1.0.68" anyhow = "1.0.68"
serde = { version = "1.0.152", features = ["derive"] } serde = { version = "1.0.152", features = ["derive"] }
tokio = { version = "1.24.1", features = ["macros", "rt"] } tokio = { version = "1.24.2", features = ["macros", "rt"] }
tower = { version = "0.4.13", features = ["util"] } tower = { version = "0.4.13", features = ["util"] }
[features] [features]

6
crates/iana-codegen/Cargo.toml
View File

@ -7,13 +7,13 @@ license = "Apache-2.0"
[dependencies] [dependencies]
anyhow = "1.0.68" anyhow = "1.0.68"
async-trait = "0.1.61" async-trait = "0.1.63"
camino = "1.1.2" camino = "1.1.2"
convert_case = "0.6.0" convert_case = "0.6.0"
csv = "1.1.6" csv = "1.1.6"
futures-util = "0.3.25" futures-util = "0.3.25"
reqwest = { version = "0.11.13", features = ["blocking", "rustls-tls"], default-features = false } reqwest = { version = "0.11.14", features = ["blocking", "rustls-tls"], default-features = false }
serde = { version = "1.0.152", features = ["derive"] } serde = { version = "1.0.152", features = ["derive"] }
tokio = { version = "1.24.1", features = ["full"] } tokio = { version = "1.24.2", features = ["full"] }
tracing = "0.1.37" tracing = "0.1.37"
tracing-subscriber = "0.3.16" tracing-subscriber = "0.3.16"

2
crates/iana/Cargo.toml
View File

@ -6,6 +6,6 @@ edition = "2021"
license = "Apache-2.0" license = "Apache-2.0"
[dependencies] [dependencies]
serde_with = "2.1.0" serde_with = "2.2.0"
schemars = "0.8.11" schemars = "0.8.11"
parse-display = "0.8.0" parse-display = "0.8.0"

14
crates/jose/Cargo.toml
View File

@ -9,22 +9,22 @@ license = "Apache-2.0"
base64ct = { version = "1.5.3", features = ["std"] } base64ct = { version = "1.5.3", features = ["std"] }
chrono = { version = "0.4.23", features = ["serde"] } chrono = { version = "0.4.23", features = ["serde"] }
digest = "0.10.6" digest = "0.10.6"
ecdsa = { version = "0.14.8", features = ["sign", "verify"] } ecdsa = { version = "0.15.1", features = ["signing", "verifying"] }
elliptic-curve = "0.12.3" elliptic-curve = "0.12.3"
generic-array = "0.14.6" generic-array = "0.14.6"
hmac = "0.12.1" hmac = "0.12.1"
k256 = { version = "0.11.6", features = ["ecdsa"] } k256 = { version = "0.12.0", features = ["ecdsa"] }
p256 = { version = "0.11.1", features = ["ecdsa"] } p256 = { version = "0.12.0", features = ["ecdsa"] }
p384 = { version = "0.11.2", features = ["ecdsa"] } p384 = { version = "0.12.0", features = ["ecdsa"] }
rand = "0.8.5" rand = "0.8.5"
rsa = "0.7.2" rsa = "0.8.1"
schemars = "0.8.11" schemars = "0.8.11"
sec1 = "0.3.0" sec1 = "0.3.0"
serde = { version = "1.0.152", features = ["derive"] } serde = { version = "1.0.152", features = ["derive"] }
serde_json = "1.0.91" serde_json = "1.0.91"
serde_with = { version = "2.1.0", features = ["base64"] } serde_with = { version = "2.2.0", features = ["base64"] }
sha2 = { version = "0.10.6", features = ["oid"] } sha2 = { version = "0.10.6", features = ["oid"] }
signature = "1.6.4" signature = "2.0.0"
thiserror = "1.0.38" thiserror = "1.0.38"
tracing = "0.1.37" tracing = "0.1.37"
url = { version = "2.3.1", features = ["serde"] } url = { version = "2.3.1", features = ["serde"] }

15
crates/jose/src/jwa/asymmetric.rs
View File

@ -15,6 +15,7 @@
use digest::Digest; use digest::Digest;
use mas_iana::jose::{JsonWebKeyEcEllipticCurve, JsonWebSignatureAlg}; use mas_iana::jose::{JsonWebKeyEcEllipticCurve, JsonWebSignatureAlg};
use sha2::{Sha256, Sha384, Sha512}; use sha2::{Sha256, Sha384, Sha512};
use signature::rand_core::CryptoRngCore;
use thiserror::Error; use thiserror::Error;
use super::signature::Signature; use super::signature::Signature;
@ -215,7 +216,7 @@ impl From<super::Es256KSigningKey> for AsymmetricSigningKey {
impl signature::RandomizedSigner<Signature> for AsymmetricSigningKey { impl signature::RandomizedSigner<Signature> for AsymmetricSigningKey {
fn try_sign_with_rng( fn try_sign_with_rng(
&self, &self,
rng: impl rand::CryptoRng + rand::RngCore, rng: &mut impl CryptoRngCore,
msg: &[u8], msg: &[u8],
) -> Result<Signature, signature::Error> { ) -> Result<Signature, signature::Error> {
match self { match self {
@ -244,15 +245,15 @@ impl signature::RandomizedSigner<Signature> for AsymmetricSigningKey {
Ok(Signature::from_signature(&signature)) Ok(Signature::from_signature(&signature))
} }
Self::Es256(key) => { Self::Es256(key) => {
let signature = key.try_sign_with_rng(rng, msg)?; let signature: ecdsa::Signature<_> = key.try_sign_with_rng(rng, msg)?;
Ok(Signature::from_signature(&signature)) Ok(Signature::from_signature(&signature))
} }
Self::Es384(key) => { Self::Es384(key) => {
let signature = key.try_sign_with_rng(rng, msg)?; let signature: ecdsa::Signature<_> = key.try_sign_with_rng(rng, msg)?;
Ok(Signature::from_signature(&signature)) Ok(Signature::from_signature(&signature))
} }
Self::Es256K(key) => { Self::Es256K(key) => {
let signature = key.try_sign_with_rng(rng, msg)?; let signature: ecdsa::Signature<_> = key.try_sign_with_rng(rng, msg)?;
Ok(Signature::from_signature(&signature)) Ok(Signature::from_signature(&signature))
} }
} }
@ -449,15 +450,15 @@ impl signature::Verifier<Signature> for AsymmetricVerifyingKey {
key.verify(msg, &signature) key.verify(msg, &signature)
} }
Self::Es256(key) => { Self::Es256(key) => {
let signature = signature.to_signature()?; let signature: ecdsa::Signature<_> = signature.to_signature()?;
key.verify(msg, &signature) key.verify(msg, &signature)
} }
Self::Es384(key) => { Self::Es384(key) => {
let signature = signature.to_signature()?; let signature: ecdsa::Signature<_> = signature.to_signature()?;
key.verify(msg, &signature) key.verify(msg, &signature)
} }
Self::Es256K(key) => { Self::Es256K(key) => {
let signature = signature.to_signature()?; let signature: ecdsa::Signature<_> = signature.to_signature()?;
key.verify(msg, &signature) key.verify(msg, &signature)
} }
} }

35
crates/jose/src/jwa/hmac.rs
View File

@ -40,18 +40,37 @@ impl<S: ArrayLength<u8>> std::fmt::Debug for Signature<S> {
} }
} }
impl<S: ArrayLength<u8>> signature::Signature for Signature<S> { impl<S: ArrayLength<u8>> Clone for Signature<S> {
fn from_bytes(bytes: &[u8]) -> Result<Self, signature::Error> { fn clone(&self) -> Self {
if bytes.len() != S::to_usize() { Self {
return Err(signature::Error::new()); signature: self.signature.clone(),
} }
Ok(Self {
signature: GenericArray::from_slice(bytes).clone(),
})
} }
} }
impl<S: ArrayLength<u8>> From<Signature<S>> for GenericArray<u8, S> {
fn from(val: Signature<S>) -> Self {
val.signature
}
}
impl<'a, S: ArrayLength<u8>> TryFrom<&'a [u8]> for Signature<S> {
type Error = InvalidLength;
fn try_from(value: &'a [u8]) -> Result<Self, Self::Error> {
if value.len() != S::to_usize() {
return Err(InvalidLength);
}
let mut signature = GenericArray::default();
signature.copy_from_slice(value);
Ok(Self { signature })
}
}
impl<S: ArrayLength<u8>> signature::SignatureEncoding for Signature<S> {
type Repr = GenericArray<u8, S>;
}
impl<S: ArrayLength<u8>> AsRef<[u8]> for Signature<S> { impl<S: ArrayLength<u8>> AsRef<[u8]> for Signature<S> {
fn as_ref(&self) -> &[u8] { fn as_ref(&self) -> &[u8] {
self.signature.as_ref() self.signature.as_ref()

38
crates/jose/src/jwa/signature.rs
View File

@ -12,45 +12,51 @@
// See the License for the specific language governing permissions and // See the License for the specific language governing permissions and
// limitations under the License. // limitations under the License.
use signature::Signature as _; use signature::SignatureEncoding as _;
#[derive(Debug)] #[derive(Debug, Clone)]
pub struct Signature { pub struct Signature {
bytes: Vec<u8>, bytes: Box<[u8]>,
} }
impl AsRef<[u8]> for Signature { impl From<Signature> for Box<[u8]> {
fn as_ref(&self) -> &[u8] { fn from(val: Signature) -> Self {
&self.bytes val.bytes
} }
} }
impl signature::Signature for Signature { impl<'a> From<&'a [u8]> for Signature {
fn from_bytes(bytes: &[u8]) -> Result<Self, signature::Error> { fn from(value: &'a [u8]) -> Self {
Ok(Self { Self {
bytes: bytes.to_vec(), bytes: value.into(),
}) }
} }
} }
impl signature::SignatureEncoding for Signature {
type Repr = Box<[u8]>;
}
impl Signature { impl Signature {
pub fn new(bytes: Vec<u8>) -> Self { pub fn new(bytes: Vec<u8>) -> Self {
Self { bytes } Self {
bytes: bytes.into(),
}
} }
pub fn from_signature<S>(signature: &S) -> Self pub fn from_signature<S>(signature: &S) -> Self
where where
S: signature::Signature, S: signature::SignatureEncoding,
{ {
Self { Self {
bytes: signature.as_bytes().to_vec(), bytes: signature.to_vec().into(),
} }
} }
pub fn to_signature<S>(&self) -> Result<S, signature::Error> pub fn to_signature<S>(&self) -> Result<S, signature::Error>
where where
S: signature::Signature, S: signature::SignatureEncoding,
{ {
S::from_bytes(self.as_bytes()) S::try_from(&self.to_bytes()).map_err(|_| signature::Error::default())
} }
} }

2
crates/jose/src/jwa/symmetric.rs
View File

@ -82,7 +82,7 @@ impl From<super::Hs512Key> for SymmetricKey {
impl signature::RandomizedSigner<Signature> for SymmetricKey { impl signature::RandomizedSigner<Signature> for SymmetricKey {
fn try_sign_with_rng( fn try_sign_with_rng(
&self, &self,
_rng: impl rand::CryptoRng + rand::RngCore, _rng: &mut (impl rand::CryptoRng + rand::RngCore),
msg: &[u8], msg: &[u8],
) -> Result<Signature, signature::Error> { ) -> Result<Signature, signature::Error> {
// XXX: is that implementation alright? // XXX: is that implementation alright?

39
crates/jose/src/jwt/signed.rs
View File

@ -13,9 +13,9 @@
// limitations under the License. // limitations under the License.
use base64ct::{Base64UrlUnpadded, Encoding}; use base64ct::{Base64UrlUnpadded, Encoding};
use rand::{thread_rng, CryptoRng, RngCore}; use rand::thread_rng;
use serde::{de::DeserializeOwned, Serialize}; use serde::{de::DeserializeOwned, Serialize};
use signature::{RandomizedSigner, Signature, Verifier}; use signature::{rand_core::CryptoRngCore, RandomizedSigner, SignatureEncoding, Verifier};
use thiserror::Error; use thiserror::Error;
use super::{header::JsonWebSignatureHeader, raw::RawJwt}; use super::{header::JsonWebSignatureHeader, raw::RawJwt};
@ -165,10 +165,7 @@ where
#[derive(Debug, Error)] #[derive(Debug, Error)]
pub enum JwtVerificationError { pub enum JwtVerificationError {
#[error("failed to parse signature")] #[error("failed to parse signature")]
ParseSignature { ParseSignature,
#[source]
inner: signature::Error,
},
#[error("signature verification failed")] #[error("signature verification failed")]
Verify { Verify {
@ -178,8 +175,9 @@ pub enum JwtVerificationError {
} }
impl JwtVerificationError { impl JwtVerificationError {
fn parse_signature(inner: signature::Error) -> Self { #[allow(clippy::needless_pass_by_value)]
Self::ParseSignature { inner } fn parse_signature<E>(_inner: E) -> Self {
Self::ParseSignature
} }
fn verify(inner: signature::Error) -> Self { fn verify(inner: signature::Error) -> Self {
@ -214,10 +212,10 @@ impl<'a, T> Jwt<'a, T> {
pub fn verify<K, S>(&self, key: &K) -> Result<(), JwtVerificationError> pub fn verify<K, S>(&self, key: &K) -> Result<(), JwtVerificationError>
where where
K: Verifier<S>, K: Verifier<S>,
S: Signature, S: SignatureEncoding,
{ {
let signature = let signature =
S::from_bytes(&self.signature).map_err(JwtVerificationError::parse_signature)?; S::try_from(&self.signature).map_err(JwtVerificationError::parse_signature)?;
key.verify(self.raw.signed_part().as_bytes(), &signature) key.verify(self.raw.signed_part().as_bytes(), &signature)
.map_err(JwtVerificationError::verify) .map_err(JwtVerificationError::verify)
@ -306,23 +304,23 @@ impl<T> Jwt<'static, T> {
) -> Result<Self, JwtSignatureError> ) -> Result<Self, JwtSignatureError>
where where
K: RandomizedSigner<S>, K: RandomizedSigner<S>,
S: Signature, S: SignatureEncoding,
T: Serialize, T: Serialize,
{ {
#[allow(clippy::disallowed_methods)] #[allow(clippy::disallowed_methods)]
Self::sign_with_rng(thread_rng(), header, payload, key) Self::sign_with_rng(&mut thread_rng(), header, payload, key)
} }
pub fn sign_with_rng<R, K, S>( pub fn sign_with_rng<R, K, S>(
rng: R, rng: &mut R,
header: JsonWebSignatureHeader, header: JsonWebSignatureHeader,
payload: T, payload: T,
key: &K, key: &K,
) -> Result<Self, JwtSignatureError> ) -> Result<Self, JwtSignatureError>
where where
R: CryptoRng + RngCore, R: CryptoRngCore,
K: RandomizedSigner<S>, K: RandomizedSigner<S>,
S: Signature, S: SignatureEncoding,
T: Serialize, T: Serialize,
{ {
let header_ = serde_json::to_vec(&header).map_err(JwtSignatureError::encode_header)?; let header_ = serde_json::to_vec(&header).map_err(JwtSignatureError::encode_header)?;
@ -336,10 +334,7 @@ impl<T> Jwt<'static, T> {
let first_dot = header_.len(); let first_dot = header_.len();
let second_dot = inner.len(); let second_dot = inner.len();
let signature = key let signature = key.try_sign_with_rng(rng, inner.as_bytes())?.to_vec();
.try_sign_with_rng(rng, inner.as_bytes())?
.as_bytes()
.to_vec();
let signature_ = Base64UrlUnpadded::encode_string(&signature); let signature_ = Base64UrlUnpadded::encode_string(&signature);
inner.reserve_exact(1 + signature_.len()); inner.reserve_exact(1 + signature_.len());
inner.push('.'); inner.push('.');
@ -386,7 +381,9 @@ mod tests {
let payload = serde_json::json!({"hello": "world"}); let payload = serde_json::json!({"hello": "world"});
let key = ecdsa::SigningKey::<p256::NistP256>::random(&mut thread_rng()); let key = ecdsa::SigningKey::<p256::NistP256>::random(&mut thread_rng());
let signed = Jwt::sign(header, payload, &key).unwrap(); let signed = Jwt::sign::<_, ecdsa::Signature<_>>(header, payload, &key).unwrap();
signed.verify(&key.verifying_key()).unwrap(); signed
.verify::<_, ecdsa::Signature<_>>(key.verifying_key())
.unwrap();
} }
} }

4
crates/jose/tests/jws.rs
View File

@ -116,7 +116,7 @@ macro_rules! asymetric_jwt_test {
#[test] #[test]
fn sign_jwt() { fn sign_jwt() {
let rng = ChaCha8Rng::seed_from_u64(42); let mut rng = ChaCha8Rng::seed_from_u64(42);
let alg = JsonWebSignatureAlg::$alg; let alg = JsonWebSignatureAlg::$alg;
let payload = Payload { let payload = Payload {
hello: "world".to_string(), hello: "world".to_string(),
@ -129,7 +129,7 @@ macro_rules! asymetric_jwt_test {
let key = mas_jose::jwa::AsymmetricSigningKey::from_jwk_and_alg(key.params(), &alg) let key = mas_jose::jwa::AsymmetricSigningKey::from_jwk_and_alg(key.params(), &alg)
.unwrap(); .unwrap();
let jwt: Jwt<'_, Payload> = Jwt::sign_with_rng(rng, header, payload, &key).unwrap(); let jwt: Jwt<'_, Payload> = Jwt::sign_with_rng(&mut rng, header, payload, &key).unwrap();
insta::assert_snapshot!(jwt.as_str()); insta::assert_snapshot!(jwt.as_str());
} }

10
crates/keystore/Cargo.toml
View File

@ -11,16 +11,16 @@ aead = { version = "0.5.1", features = ["std"] }
const-oid = { version = "0.9.1", features = ["std"] } const-oid = { version = "0.9.1", features = ["std"] }
cookie = { version = "0.16.2", features = ["key-expansion", "private"] } cookie = { version = "0.16.2", features = ["key-expansion", "private"] }
der = { version = "0.6.1", features = ["std"] } der = { version = "0.6.1", features = ["std"] }
ecdsa = { version = "0.14.8", features = ["std"] } ecdsa = { version = "0.15.1", features = ["std"] }
elliptic-curve = { version = "0.12.3", features = ["std", "pem", "sec1"] } elliptic-curve = { version = "0.12.3", features = ["std", "pem", "sec1"] }
k256 = { version = "0.11.6", features = ["std"] } k256 = { version = "0.12.0", features = ["std"] }
p256 = { version = "0.11.1", features = ["std"] } p256 = { version = "0.12.0", features = ["std"] }
p384 = { version = "0.11.2", features = ["std"] } p384 = { version = "0.12.0", features = ["std"] }
pem-rfc7468 = { version = "0.6.0", features = ["std"] } pem-rfc7468 = { version = "0.6.0", features = ["std"] }
pkcs1 = { version = "0.4.1", features = ["std"] } pkcs1 = { version = "0.4.1", features = ["std"] }
pkcs8 = { version = "0.9.0", features = ["std", "pkcs5", "encryption"] } pkcs8 = { version = "0.9.0", features = ["std", "pkcs5", "encryption"] }
rand = "0.8.5" rand = "0.8.5"
rsa = { version = "0.7.2", features = ["std", "pem"] } rsa = { version = "0.8.1", features = ["std", "pem"] }
sec1 = { version = "0.3.0", features = ["std"] } sec1 = { version = "0.3.0", features = ["std"] }
spki = { version = "0.6.0", features = ["std"] } spki = { version = "0.6.0", features = ["std"] }
thiserror = "1.0.38" thiserror = "1.0.38"

6
crates/listener/Cargo.toml
View File

@ -12,7 +12,7 @@ http-body = "0.4.5"
hyper = { version = "0.14.23", features = ["server", "http1", "http2", "tcp"] } hyper = { version = "0.14.23", features = ["server", "http1", "http2", "tcp"] }
pin-project-lite = "0.2.9" pin-project-lite = "0.2.9"
thiserror = "1.0.38" thiserror = "1.0.38"
tokio = { version = "1.24.1", features = ["net", "rt", "macros", "signal", "time"] } tokio = { version = "1.24.2", features = ["net", "rt", "macros", "signal", "time"] }
tokio-rustls = "0.23.4" tokio-rustls = "0.23.4"
tower-http = { version = "0.3.5", features = ["add-extension"] } tower-http = { version = "0.3.5", features = ["add-extension"] }
tower-service = "0.3.2" tower-service = "0.3.2"
@ -21,8 +21,8 @@ libc = "0.2.139"
[dev-dependencies] [dev-dependencies]
anyhow = "1.0.68" anyhow = "1.0.68"
rustls-pemfile = "1.0.1" rustls-pemfile = "1.0.2"
tokio = { version = "1.24.1", features = ["net", "rt", "macros", "signal", "time", "rt-multi-thread"] } tokio = { version = "1.24.2", features = ["net", "rt", "macros", "signal", "time", "rt-multi-thread"] }
tokio-test = "0.4.2" tokio-test = "0.4.2"
tracing-subscriber = "0.3.16" tracing-subscriber = "0.3.16"

2
crates/oauth2-types/Cargo.toml
View File

@ -13,7 +13,7 @@ language-tags = { version = "0.3.2", features = ["serde"] }
url = { version = "2.3.1", features = ["serde"] } url = { version = "2.3.1", features = ["serde"] }
parse-display = "0.8.0" parse-display = "0.8.0"
indoc = "1.0.8" indoc = "1.0.8"
serde_with = { version = "2.1.0", features = ["chrono"] } serde_with = { version = "2.2.0", features = ["chrono"] }
chrono = "0.4.23" chrono = "0.4.23"
sha2 = "0.10.6" sha2 = "0.10.6"
data-encoding = "2.3.3" data-encoding = "2.3.3"

8
crates/oidc-client/Cargo.toml
View File

@ -33,9 +33,9 @@ rand = "0.8.5"
serde = { version = "1.0.152", features = ["derive"] } serde = { version = "1.0.152", features = ["derive"] }
serde_json = "1.0.91" serde_json = "1.0.91"
serde_urlencoded = "0.7.1" serde_urlencoded = "0.7.1"
serde_with = "2.1.0" serde_with = "2.2.0"
thiserror = "1.0.38" thiserror = "1.0.38"
tokio = { version = "1.24.1", features = ["rt", "macros", "rt-multi-thread"] } tokio = { version = "1.24.2", features = ["rt", "macros", "rt-multi-thread"] }
tower = { version = "0.4.13", features = ["full"] } tower = { version = "0.4.13", features = ["full"] }
tracing = "0.1.37" tracing = "0.1.37"
url = { version = "2.3.1", features = ["serde"] } url = { version = "2.3.1", features = ["serde"] }
@ -48,7 +48,7 @@ oauth2-types = { path = "../oauth2-types" }
# Default http service # Default http service
http-body = { version = "0.4.5", optional = true } http-body = { version = "0.4.5", optional = true }
rustls = {version = "0.20.7", optional = true } rustls = {version = "0.20.8", optional = true }
[dependencies.hyper-rustls] [dependencies.hyper-rustls]
version = "0.23.2" version = "0.23.2"
features = ["http1", "http2", "rustls-native-certs"] features = ["http1", "http2", "rustls-native-certs"]
@ -68,4 +68,4 @@ assert_matches = "1.5.0"
bitflags = "1.3.2" bitflags = "1.3.2"
mas-keystore = { path = "../keystore" } mas-keystore = { path = "../keystore" }
rand_chacha = "0.3.1" rand_chacha = "0.3.1"
wiremock = "0.5.16" wiremock = "0.5.17"

4
crates/policy/Cargo.toml
View File

@ -11,7 +11,7 @@ opa-wasm = { git = "https://github.com/matrix-org/rust-opa-wasm.git" }
serde = { version = "1.0.152", features = ["derive"] } serde = { version = "1.0.152", features = ["derive"] }
serde_json = "1.0.91" serde_json = "1.0.91"
thiserror = "1.0.38" thiserror = "1.0.38"
tokio = { version = "1.24.1", features = ["io-util"] } tokio = { version = "1.24.2", features = ["io-util"] }
tracing = "0.1.37" tracing = "0.1.37"
wasmtime = { version = "4.0.0", default-features = false, features = ["async", "cranelift"] } wasmtime = { version = "4.0.0", default-features = false, features = ["async", "cranelift"] }
@ -19,7 +19,7 @@ mas-data-model = { path = "../data-model" }
oauth2-types = { path = "../oauth2-types" } oauth2-types = { path = "../oauth2-types" }
[dev-dependencies] [dev-dependencies]
tokio = { version = "1.24.1", features = ["fs", "rt", "macros"] } tokio = { version = "1.24.2", features = ["fs", "rt", "macros"] }
[features] [features]
cache = ["wasmtime/cache"] cache = ["wasmtime/cache"]

2
crates/router/Cargo.toml
View File

@ -6,7 +6,7 @@ edition = "2021"
license = "Apache-2.0" license = "Apache-2.0"
[dependencies] [dependencies]
axum = { version = "0.6.2", default-features = false } axum = { version = "0.6.4", default-features = false }
serde = { version = "1.0.152", features = ["derive"] } serde = { version = "1.0.152", features = ["derive"] }
serde_urlencoded = "0.7.1" serde_urlencoded = "0.7.1"
url = "2.3.1" url = "2.3.1"

2
crates/spa/Cargo.toml
View File

@ -14,7 +14,7 @@ headers = "0.3.8"
http = "0.2.8" http = "0.2.8"
tower-service = "0.3.2" tower-service = "0.3.2"
tower-http = { version = "0.3.5", features = ["fs"] } tower-http = { version = "0.3.5", features = ["fs"] }
tokio = { version = "1.24.1", features = ["fs"] } tokio = { version = "1.24.2", features = ["fs"] }
[[bin]] [[bin]]
name = "render" name = "render"

2
crates/storage-pg/Cargo.toml
View File

@ -6,7 +6,7 @@ edition = "2021"
license = "Apache-2.0" license = "Apache-2.0"
[dependencies] [dependencies]
async-trait = "0.1.60" async-trait = "0.1.63"
sqlx = { version = "0.6.2", features = ["runtime-tokio-rustls", "postgres", "migrate", "chrono", "offline", "json", "uuid"] } sqlx = { version = "0.6.2", features = ["runtime-tokio-rustls", "postgres", "migrate", "chrono", "offline", "json", "uuid"] }
chrono = { version = "0.4.23", features = ["serde"] } chrono = { version = "0.4.23", features = ["serde"] }
serde = { version = "1.0.152", features = ["derive"] } serde = { version = "1.0.152", features = ["derive"] }

2
crates/storage/Cargo.toml
View File

@ -6,7 +6,7 @@ edition = "2021"
license = "Apache-2.0" license = "Apache-2.0"
[dependencies] [dependencies]
async-trait = "0.1.60" async-trait = "0.1.63"
chrono = "0.4.23" chrono = "0.4.23"
thiserror = "1.0.38" thiserror = "1.0.38"
futures-util = "0.3.25" futures-util = "0.3.25"

4
crates/tasks/Cargo.toml
View File

@ -6,8 +6,8 @@ edition = "2021"
license = "Apache-2.0" license = "Apache-2.0"
[dependencies] [dependencies]
tokio = "1.24.1" tokio = "1.24.2"
async-trait = "0.1.61" async-trait = "0.1.63"
tokio-stream = "0.1.11" tokio-stream = "0.1.11"
futures-util = "0.3.25" futures-util = "0.3.25"
tracing = "0.1.37" tracing = "0.1.37"

2
crates/templates/Cargo.toml
View File

@ -7,7 +7,7 @@ license = "Apache-2.0"
[dependencies] [dependencies]
tracing = "0.1.37" tracing = "0.1.37"
tokio = { version = "1.24.1", features = ["macros", "rt"] } tokio = { version = "1.24.2", features = ["macros", "rt"] }
anyhow = "1.0.68" anyhow = "1.0.68"
thiserror = "1.0.38" thiserror = "1.0.38"