matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-07-29 22:01:14 +03:00
Code Activity

Upgrade more crypto crates

Browse Source
This commit is contained in:
Quentin Gliech
2022-01-05 10:57:18 +01:00
parent 1377e09dbe
commit 767d7649ce
3 changed files with 21 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
crates/jose/Cargo.toml
View File

@ -10,10 +10,10 @@ anyhow = "1.0.52"
async-trait = "0.1.52"
base64ct = { version = "1.0.1", features = ["std"] }
crypto-mac = { version = "0.11.1", features = ["std"] }
digest = "0.9.0"
digest = "0.10.1"
ecdsa = { version = "0.13.3", features = ["sign", "verify", "pem", "pkcs8"] }
elliptic-curve = { version = "0.11.6", features = ["ecdh", "pem"] }
hmac = "0.11.0"
hmac = "0.12.0"
p256 = { version = "0.10.0", features = ["ecdsa", "pem", "pkcs8"] }
pkcs1 = { version = "0.3.1", features = ["pem", "pkcs8"] }
pkcs8 = { version = "0.8.0", features = ["pem"] }
@ -23,7 +23,7 @@ sec1 = "0.2.1"
serde = { version = "1.0.133", features = ["derive"] }
serde_json = "1.0.74"
serde_with = { version = "1.11.0", features = ["base64"] }
sha2 = "0.9.8"
sha2 = "0.10.0"
signature = "1.4.0"
thiserror = "1.0.30"
tokio = { version = "1.15.0", features = ["macros", "rt"] }

8
crates/jose/src/keystore.rs
View File

@ -19,7 +19,7 @@ use async_trait::async_trait;
use base64ct::{Base64UrlUnpadded, Encoding};
use digest::Digest;
use ecdsa::VerifyingKey;
use hmac::{Hmac, Mac, NewMac};
use hmac::{Hmac, Mac};
use p256::{NistP256, PublicKey};
use pkcs1::EncodeRsaPublicKey;
use pkcs8::EncodePublicKey;
@ -117,19 +117,19 @@ impl<'a> VerifyingKeystore for &SharedSecret<'a> {
JsonWebSignatureAlgorithm::Hs256 => {
let mut mac = Hmac::<Sha256>::new_from_slice(self.inner)?;
mac.update(payload);
mac.verify(signature)?;
mac.verify(signature.try_into()?)?;
}
JsonWebSignatureAlgorithm::Hs384 => {
let mut mac = Hmac::<Sha384>::new_from_slice(self.inner)?;
mac.update(payload);
mac.verify(signature)?;
mac.verify(signature.try_into()?)?;
}
JsonWebSignatureAlgorithm::Hs512 => {
let mut mac = Hmac::<Sha512>::new_from_slice(self.inner)?;
mac.update(payload);
mac.verify(signature)?;
mac.verify(signature.try_into()?)?;
}
_ => bail!("unsupported algorithm"),