matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-07-31 09:24:31 +03:00
Code Activity

Bump Rust dependencies

Browse Source
This commit is contained in:
Quentin Gliech
2023-03-13 18:01:23 +01:00
parent c5e1e2ec62
commit c6f31d0102
31 changed files with 549 additions and 533 deletions
Download Patch File Download Diff File Expand all files Collapse all files

637
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

20
crates/axum-utils/Cargo.toml
View File

@ -6,24 +6,24 @@ edition = "2021"
license = "Apache-2.0"
[dependencies]
async-trait = "0.1.64"
axum = { version = "0.6.9", features = ["headers"] }
axum-extra = { version = "0.6.0", features = ["cookie-private"] }
chrono = "0.4.23"
async-trait = "0.1.66"
axum = { version = "0.6.11", features = ["headers"] }
axum-extra = { version = "0.7.1", features = ["cookie-private"] }
chrono = "0.4.24"
data-encoding = "2.3.3"
futures-util = "0.3.26"
futures-util = "0.3.27"
headers = "0.3.8"
http = "0.2.9"
http-body = "0.4.5"
mime = "0.3.16"
rand = "0.8.5"
sentry = { version = "0.30.0", default-features = false }
serde = "1.0.152"
serde_with = "2.2.0"
serde = "1.0.155"
serde_with = "2.3.1"
serde_urlencoded = "0.7.1"
serde_json = "1.0.93"
thiserror = "1.0.38"
tokio = "1.25.0"
serde_json = "1.0.94"
thiserror = "1.0.39"
tokio = "1.26.0"
tower = { version = "0.4.13", features = ["util"] }
tracing = "0.1.37"
url = "2.3.1"

18
crates/cli/Cargo.toml
View File

@ -8,20 +8,20 @@ license = "Apache-2.0"
[dependencies]
anyhow = "1.0.69"
atty = "0.2.14"
axum = "0.6.9"
camino = "1.1.3"
clap = { version = "4.1.6", features = ["derive"] }
axum = "0.6.11"
camino = "1.1.4"
clap = { version = "4.1.8", features = ["derive"] }
dotenv = "0.15.0"
hyper = { version = "0.14.24", features = ["full"] }
hyper = { version = "0.14.25", features = ["full"] }
itertools = "0.10.5"
listenfd = "1.0.0"
listenfd = "1.0.1"
rand = "0.8.5"
rand_chacha = "0.3.1"
rustls = "0.20.8"
serde_json = "1.0.93"
serde_yaml = "0.9.17"
serde_json = "1.0.94"
serde_yaml = "0.9.19"
sqlx = { version = "0.6.2", features = ["runtime-tokio-rustls", "postgres"] }
tokio = { version = "1.25.0", features = ["full"] }
tokio = { version = "1.26.0", features = ["full"] }
tower = { version = "0.4.13", features = ["full"] }
tower-http = { version = "0.4.0", features = ["fs", "compression-full"] }
url = "2.3.1"
@ -59,7 +59,7 @@ mas-templates = { path = "../templates" }
oauth2-types = { path = "../oauth2-types" }
[dev-dependencies]
indoc = "2.0.0"
indoc = "2.0.1"
[features]
default = ["jaeger", "zipkin", "webpki-roots", "policy-cache"]

18
crates/config/Cargo.toml
View File

@ -6,30 +6,30 @@ edition = "2021"
license = "Apache-2.0"
[dependencies]
tokio = { version = "1.25.0", features = ["fs", "rt"] }
tokio = { version = "1.26.0", features = ["fs", "rt"] }
tracing = { version = "0.1.37" }
async-trait = "0.1.64"
async-trait = "0.1.66"
thiserror = "1.0.38"
thiserror = "1.0.39"
anyhow = "1.0.69"
camino = { version = "1.1.3", features = ["serde1"] }
chrono = { version = "0.4.23", features = ["serde"] }
camino = { version = "1.1.4", features = ["serde1"] }
chrono = { version = "0.4.24", features = ["serde"] }
figment = { version = "0.10.8", features = ["env", "yaml", "test"] }
schemars = { version = "0.8.12", features = ["url", "chrono"] }
ulid = { version = "1.0.0", features = ["serde"] }
url = { version = "2.3.1", features = ["serde"] }
serde = { version = "1.0.152", features = ["derive"] }
serde_with = { version = "2.2.0", features = ["hex", "chrono"] }
serde_json = "1.0.93"
serde = { version = "1.0.155", features = ["derive"] }
serde_with = { version = "2.3.1", features = ["hex", "chrono"] }
serde_json = "1.0.94"
pem-rfc7468 = "0.7.0"
rustls-pemfile = "1.0.2"
rand = "0.8.5"
rand_chacha = "0.3.1"
indoc = "2.0.0"
indoc = "2.0.1"
mas-jose = { path = "../jose" }
mas-keystore = { path = "../keystore" }

6
crates/data-model/Cargo.toml
View File

@ -6,9 +6,9 @@ edition = "2021"
license = "Apache-2.0"
[dependencies]
chrono = "0.4.23"
thiserror = "1.0.38"
serde = "1.0.152"
chrono = "0.4.24"
thiserror = "1.0.39"
serde = "1.0.155"
url = { version = "2.3.1", features = ["serde"] }
crc = "3.0.1"
ulid = { version = "1.0.0", features = ["serde"] }

4
crates/email/Cargo.toml
View File

@ -6,9 +6,9 @@ edition = "2021"
license = "Apache-2.0"
[dependencies]
async-trait = "0.1.64"
async-trait = "0.1.66"
tracing = "0.1.37"
thiserror = "1.0.38"
thiserror = "1.0.39"
aws-sdk-sesv2 = { version = "0.24.0", default-features = false }
aws-config = { version = "0.54.1", default-features = false }

8
crates/graphql/Cargo.toml
View File

@ -8,10 +8,10 @@ license = "Apache-2.0"
[dependencies]
anyhow = "1.0.69"
async-graphql = { version = "5.0.6", features = ["chrono", "url"] }
chrono = "0.4.23"
serde = { version = "1.0.152", features = ["derive"] }
tokio = { version = "1.25.0", features = ["sync"] }
thiserror = "1.0.38"
chrono = "0.4.24"
serde = { version = "1.0.155", features = ["derive"] }
tokio = { version = "1.26.0", features = ["sync"] }
thiserror = "1.0.39"
tracing = "0.1.37"
ulid = "1.0.0"
url = "2.3.1"

30
crates/handlers/Cargo.toml
View File

@ -7,24 +7,24 @@ license = "Apache-2.0"
[dependencies]
# Async runtime
tokio = { version = "1.25.0", features = ["macros"] }
futures-util = "0.3.26"
tokio = { version = "1.26.0", features = ["macros"] }
futures-util = "0.3.27"
# Logging and tracing
tracing = "0.1.37"
# Error management
thiserror = "1.0.38"
thiserror = "1.0.39"
anyhow = "1.0.69"
sentry = { version = "0.30.0", default-features = false }
# Web server
hyper = { version = "0.14.24", features = ["full"] }
hyper = { version = "0.14.25", features = ["full"] }
tower = "0.4.13"
tower-http = { version = "0.4.0", features = ["cors"] }
axum = "0.6.9"
axum-macros = "0.3.4"
axum-extra = { version = "0.6.0", features = ["cookie-private"] }
axum = "0.6.11"
axum-macros = "0.3.6"
axum-extra = { version = "0.7.1", features = ["cookie-private"] }
async-graphql = { version = "5.0.6", features = ["tracing", "apollo_tracing"] }
@ -35,20 +35,20 @@ lettre = { version = "0.10.3", default-features = false, features = ["builder"]
sqlx = { version = "0.6.2", features = ["runtime-tokio-rustls", "postgres"] }
# Various structure (de)serialization
serde = { version = "1.0.152", features = ["derive"] }
serde_with = { version = "2.2.0", features = ["hex", "chrono"] }
serde_json = "1.0.93"
serde = { version = "1.0.155", features = ["derive"] }
serde_with = { version = "2.3.1", features = ["hex", "chrono"] }
serde_json = "1.0.94"
serde_urlencoded = "0.7.1"
# Password hashing
argon2 = { version = "0.4.1", features = ["password-hash", "std"] }
argon2 = { version = "0.5.0", features = ["password-hash", "std"] }
bcrypt = "0.14.0"
pbkdf2 = { version = "0.11.0", features = ["password-hash", "std"] }
pbkdf2 = { version = "0.12.1", features = ["password-hash", "std", "simple"] }
zeroize = "1.5.7"
# Various data types and utilities
camino = "1.1.3"
chrono = { version = "0.4.23", features = ["serde"] }
camino = "1.1.4"
chrono = { version = "0.4.24", features = ["serde"] }
time = "0.3.20"
url = { version = "2.3.1", features = ["serde"] }
mime = "0.3.16"
@ -74,7 +74,7 @@ mas-templates = { path = "../templates" }
oauth2-types = { path = "../oauth2-types" }
[dev-dependencies]
indoc = "2.0.0"
indoc = "2.0.1"
insta = "1.28.0"
tracing-subscriber = "0.3.16"

2
crates/handlers/src/snapshots/mas_handlers__passwords__tests__hash_verify_and_upgrade-2.snap
View File

@ -2,4 +2,4 @@
source: crates/handlers/src/passwords.rs
expression: hash
---
$argon2id$v=19$m=4096,t=3,p=1$4aRFZH7bgRs24delZVap/Q$x9rbM2Yx2N/aWfSuyVJGZGaQ+zyoE4Vz1FO2+q9fu2Q
$argon2id$v=19$m=19456,t=2,p=1$4aRFZH7bgRs24delZVap/Q$Y2SNOQuEfwWuBXflRnbJhqpksexRziQ9Wf9BatCuIVY

2
crates/handlers/src/snapshots/mas_handlers__passwords__tests__hash_verify_and_upgrade-3.snap
View File

@ -2,4 +2,4 @@
source: crates/handlers/src/passwords.rs
expression: hash
---
$argon2id$v=19$m=4096,t=3,p=1$1Ke64U6Mrdl5imSjjFRU+g$nL9kuMffxzJtFwANOEudh7FCpNJFPcYOA7xTbBLTCKI
$argon2id$v=19$m=19456,t=2,p=1$1Ke64U6Mrdl5imSjjFRU+g$yirg39x3QVVTxsV5OI4usyIaCw6IRxPl5Li3mQyNmN8

2
crates/handlers/src/snapshots/mas_handlers__passwords__tests__hashing_argon2id-2.snap
View File

@ -2,4 +2,4 @@
source: crates/handlers/src/passwords.rs
expression: hash
---
$argon2id$v=19$m=4096,t=3,p=1$1WdxAF1UChkYSTnJ6NDbKg$5Gxr/7C+gWUwqDLQmLJ2JiAzg/VxVb5Z+A65bqVoFkU
$argon2id$v=19$m=19456,t=2,p=1$1WdxAF1UChkYSTnJ6NDbKg$ajKAfwlUmkbxITSdh55j+Hvoxzppx20ArNUF44oV9Nk

2
crates/handlers/src/snapshots/mas_handlers__passwords__tests__hashing_argon2id.snap
View File

@ -2,4 +2,4 @@
source: crates/handlers/src/passwords.rs
expression: hash
---
$argon2id$v=19$m=4096,t=3,p=1$eEi11xG8mIOZYxej+ckCaQ$pHZ/JwntSCS5qx6+MPK8XJUQSmSZ5rdXtxUew+rnXQI
$argon2id$v=19$m=19456,t=2,p=1$eEi11xG8mIOZYxej+ckCaQ$eBeygPqiuImQAaFQOkE6oVkPfqxIGgnqpQd/MwW4YX4

18
crates/http/Cargo.toml
View File

@ -8,13 +8,13 @@ license = "Apache-2.0"
[dependencies]
aws-smithy-http = { version = "0.54.4", optional = true }
aws-types = { version = "0.54.1", optional = true }
axum = { version = "0.6.9", optional = true }
axum = { version = "0.6.11", optional = true }
bytes = "1.4.0"
futures-util = "0.3.26"
futures-util = "0.3.27"
headers = "0.3.8"
http = "0.2.9"
http-body = "0.4.5"
hyper = "0.14.24"
hyper = "0.14.25"
hyper-rustls = { version = "0.23.2", features = ["http1", "http2"], default-features = false, optional = true }
once_cell = "1.17.1"
opentelemetry = "0.18.0"
@ -22,11 +22,11 @@ opentelemetry-http = "0.7.0"
opentelemetry-semantic-conventions = "0.10.0"
rustls = { version = "0.20.8", optional = true }
rustls-native-certs = { version = "0.6.2", optional = true }
serde = "1.0.152"
serde_json = "1.0.93"
serde = "1.0.155"
serde_json = "1.0.94"
serde_urlencoded = "0.7.1"
thiserror = "1.0.38"
tokio = { version = "1.25.0", features = ["sync", "parking_lot"], optional = true }
thiserror = "1.0.39"
tokio = { version = "1.26.0", features = ["sync", "parking_lot"], optional = true }
tower = { version = "0.4.13", features = [] }
tower-http = { version = "0.4.0", features = ["cors"] }
tracing = "0.1.37"
@ -36,8 +36,8 @@ webpki-roots = { version = "0.22.6", optional = true }
[dev-dependencies]
anyhow = "1.0.69"
serde = { version = "1.0.152", features = ["derive"] }
tokio = { version = "1.25.0", features = ["macros", "rt"] }
serde = { version = "1.0.155", features = ["derive"] }
tokio = { version = "1.26.0", features = ["macros", "rt"] }
tower = { version = "0.4.13", features = ["util"] }
[features]

12
crates/iana-codegen/Cargo.toml
View File

@ -7,13 +7,13 @@ license = "Apache-2.0"
[dependencies]
anyhow = "1.0.69"
async-trait = "0.1.64"
camino = "1.1.3"
async-trait = "0.1.66"
camino = "1.1.4"
convert_case = "0.6.0"
csv = "1.2.0"
futures-util = "0.3.26"
csv = "1.2.1"
futures-util = "0.3.27"
reqwest = { version = "0.11.14", features = ["blocking", "rustls-tls"], default-features = false }
serde = { version = "1.0.152", features = ["derive"] }
tokio = { version = "1.25.0", features = ["full"] }
serde = { version = "1.0.155", features = ["derive"] }
tokio = { version = "1.26.0", features = ["full"] }
tracing = "0.1.37"
tracing-subscriber = "0.3.16"

2
crates/iana/Cargo.toml
View File

@ -6,7 +6,7 @@ edition = "2021"
license = "Apache-2.0"
[dependencies]
serde = { version = "1.0.152", optional = true }
serde = { version = "1.0.155", optional = true }
schemars = { version = "0.8.12", default-features = false, optional = true }
[features]

24
crates/jose/Cargo.toml
View File

@ -7,25 +7,25 @@ license = "Apache-2.0"
[dependencies]
base64ct = { version = "1.6.0", features = ["std"] }
chrono = { version = "0.4.23", features = ["serde"] }
chrono = { version = "0.4.24", features = ["serde"] }
digest = "0.10.6"
ecdsa = { version = "0.15.1", features = ["signing", "verifying"] }
elliptic-curve = "0.12.3"
ecdsa = { version = "0.16.1", features = ["signing", "verifying"] }
elliptic-curve = "0.13.2"
generic-array = "0.14.6"
hmac = "0.12.1"
k256 = { version = "0.12.0", features = ["ecdsa"] }
p256 = { version = "0.12.0", features = ["ecdsa"] }
p384 = { version = "0.12.0", features = ["ecdsa"] }
k256 = { version = "0.13.0", features = ["ecdsa"] }
p256 = { version = "0.13.0", features = ["ecdsa"] }
p384 = { version = "0.13.0", features = ["ecdsa"] }
rand = "0.8.5"
rsa = "0.8.1"
rsa = "0.9.0-pre.0"
schemars = "0.8.12"
sec1 = "0.3.0"
serde = { version = "1.0.152", features = ["derive"] }
serde_json = "1.0.93"
serde_with = { version = "2.2.0", features = ["base64"] }
sec1 = "0.7.1"
serde = { version = "1.0.155", features = ["derive"] }
serde_json = "1.0.94"
serde_with = { version = "2.3.1", features = ["base64"] }
sha2 = { version = "0.10.6", features = ["oid"] }
signature = "2.0.0"
thiserror = "1.0.38"
thiserror = "1.0.39"
tracing = "0.1.37"
url = { version = "2.3.1", features = ["serde"] }

14
crates/jose/src/jwk/private_parameters.rs
View File

@ -306,7 +306,7 @@ impl From<EcPrivateParameters> for super::public_parameters::EcPublicParameters
mod ec_impls {
use elliptic_curve::{
sec1::{Coordinates, FromEncodedPoint, ModulusSize, ToEncodedPoint},
AffinePoint, Curve, FieldSize, SecretKey,
AffinePoint, Curve, SecretKey,
};
use super::{super::JwkEcCurve, EcPrivateParameters};
@ -328,15 +328,15 @@ mod ec_impls {
type Error = elliptic_curve::Error;
fn try_from(value: &EcPrivateParameters) -> Result<Self, Self::Error> {
SecretKey::from_be_bytes(&value.d)
SecretKey::from_slice(&value.d)
}
}
impl<C> From<SecretKey<C>> for EcPrivateParameters
where
C: Curve + elliptic_curve::ProjectiveArithmetic + JwkEcCurve,
C: elliptic_curve::CurveArithmetic + JwkEcCurve,
AffinePoint<C>: FromEncodedPoint<C> + ToEncodedPoint<C>,
FieldSize<C>: ModulusSize,
C::FieldBytesSize: ModulusSize,
{
fn from(key: SecretKey<C>) -> Self {
(&key).into()
@ -345,16 +345,16 @@ mod ec_impls {
impl<C> From<&SecretKey<C>> for EcPrivateParameters
where
C: Curve + elliptic_curve::ProjectiveArithmetic + JwkEcCurve,
C: elliptic_curve::CurveArithmetic + JwkEcCurve,
AffinePoint<C>: FromEncodedPoint<C> + ToEncodedPoint<C>,
FieldSize<C>: ModulusSize,
C::FieldBytesSize: ModulusSize,
{
fn from(key: &SecretKey<C>) -> Self {
let point = key.public_key().to_encoded_point(false);
let Coordinates::Uncompressed { x, y } = point.coordinates() else {
unreachable!()
};
let d = key.to_be_bytes();
let d = key.to_bytes();
EcPrivateParameters {
crv: C::CRV,
x: x.to_vec(),

26
crates/jose/src/jwk/public_parameters.rs
View File

@ -235,26 +235,26 @@ mod ec_impls {
use ecdsa::EncodedPoint;
use elliptic_curve::{
sec1::{Coordinates, FromEncodedPoint, ModulusSize, ToEncodedPoint},
AffinePoint, Curve, FieldBytes, FieldSize, PublicKey,
AffinePoint, FieldBytes, PublicKey,
};
use super::{super::JwkEcCurve, EcPublicParameters, JsonWebKeyPublicParameters};
impl<C> TryFrom<&EcPublicParameters> for PublicKey<C>
where
C: Curve + elliptic_curve::ProjectiveArithmetic,
C: elliptic_curve::CurveArithmetic,
AffinePoint<C>: FromEncodedPoint<C> + ToEncodedPoint<C>,
FieldSize<C>: ModulusSize,
C::FieldBytesSize: ModulusSize + Unsigned,
{
type Error = elliptic_curve::Error;
fn try_from(value: &EcPublicParameters) -> Result<Self, Self::Error> {
let x = value
.x
.get(..FieldSize::<C>::USIZE)
.get(..C::FieldBytesSize::USIZE)
.ok_or(elliptic_curve::Error)?;
let y = value
.y
.get(..FieldSize::<C>::USIZE)
.get(..C::FieldBytesSize::USIZE)
.ok_or(elliptic_curve::Error)?;
let x = FieldBytes::<C>::from_slice(x);
@ -267,9 +267,9 @@ mod ec_impls {
impl<C> From<PublicKey<C>> for JsonWebKeyPublicParameters
where
C: Curve + elliptic_curve::ProjectiveArithmetic + JwkEcCurve,
C: elliptic_curve::CurveArithmetic + JwkEcCurve,
AffinePoint<C>: FromEncodedPoint<C> + ToEncodedPoint<C>,
FieldSize<C>: ModulusSize,
C::FieldBytesSize: ModulusSize,
{
fn from(key: PublicKey<C>) -> Self {
(&key).into()
@ -278,9 +278,9 @@ mod ec_impls {
impl<C> From<&PublicKey<C>> for JsonWebKeyPublicParameters
where
C: Curve + elliptic_curve::ProjectiveArithmetic + JwkEcCurve,
C: elliptic_curve::CurveArithmetic + JwkEcCurve,
AffinePoint<C>: FromEncodedPoint<C> + ToEncodedPoint<C>,
FieldSize<C>: ModulusSize,
C::FieldBytesSize: ModulusSize,
{
fn from(key: &PublicKey<C>) -> Self {
Self::Ec(key.into())
@ -289,9 +289,9 @@ mod ec_impls {
impl<C> From<PublicKey<C>> for EcPublicParameters
where
C: Curve + elliptic_curve::ProjectiveArithmetic + JwkEcCurve,
C: elliptic_curve::CurveArithmetic + JwkEcCurve,
AffinePoint<C>: FromEncodedPoint<C> + ToEncodedPoint<C>,
FieldSize<C>: ModulusSize,
C::FieldBytesSize: ModulusSize,
{
fn from(key: PublicKey<C>) -> Self {
(&key).into()
@ -300,9 +300,9 @@ mod ec_impls {
impl<C> From<&PublicKey<C>> for EcPublicParameters
where
C: Curve + elliptic_curve::ProjectiveArithmetic + JwkEcCurve,
C: elliptic_curve::CurveArithmetic + JwkEcCurve,
AffinePoint<C>: FromEncodedPoint<C> + ToEncodedPoint<C>,
FieldSize<C>: ModulusSize,
C::FieldBytesSize: ModulusSize,
{
fn from(key: &PublicKey<C>) -> Self {
let point = key.to_encoded_point(false);

27
crates/keystore/Cargo.toml
View File

@ -6,24 +6,23 @@ edition = "2021"
license = "Apache-2.0"
[dependencies]
anyhow = "1.0.69"
aead = { version = "0.5.1", features = ["std"] }
const-oid = { version = "0.9.2", features = ["std"] }
cookie = { version = "0.17.0", features = ["key-expansion", "private"] }
der = { version = "0.6.1", features = ["std"] }
ecdsa = { version = "0.15.1", features = ["std"] }
elliptic-curve = { version = "0.12.3", features = ["std", "pem", "sec1"] }
k256 = { version = "0.12.0", features = ["std"] }
p256 = { version = "0.12.0", features = ["std"] }
p384 = { version = "0.12.0", features = ["std"] }
pem-rfc7468 = { version = "0.6.0", features = ["std"] }
pkcs1 = { version = "0.4.1", features = ["std"] }
pkcs8 = { version = "0.9.0", features = ["std", "pkcs5", "encryption"] }
der = { version = "0.7.1", features = ["std"] }
ecdsa = { version = "0.16.1", features = ["std"] }
elliptic-curve = { version = "0.13.2", features = ["std", "pem", "sec1"] }
k256 = { version = "0.13.0", features = ["std"] }
p256 = { version = "0.13.0", features = ["std"] }
p384 = { version = "0.13.0", features = ["std"] }
pem-rfc7468 = { version = "0.7.0", features = ["std"] }
pkcs1 = { version = "0.7.1", features = ["std"] }
pkcs8 = { version = "0.10.1", features = ["std", "pkcs5", "encryption"] }
rand = "0.8.5"
rsa = { version = "0.8.1", features = ["std", "pem"] }
sec1 = { version = "0.3.0", features = ["std"] }
spki = { version = "0.6.0", features = ["std"] }
thiserror = "1.0.38"
rsa = { version = "0.9.0-pre.0", features = ["std", "pem"] }
sec1 = { version = "0.7.1", features = ["std"] }
spki = { version = "0.7.0", features = ["std"] }
thiserror = "1.0.39"
generic-array = "0.14.6"
chacha20poly1305 = { version = "0.10.1", features = ["std"] }
base64ct = "1.6.0"

77
crates/keystore/src/lib.rs
View File

@ -20,8 +20,8 @@
use std::{ops::Deref, sync::Arc};
use der::{zeroize::Zeroizing, Decode};
use elliptic_curve::pkcs8::EncodePrivateKey;
use der::{zeroize::Zeroizing, Decode, Encode, EncodePem};
use elliptic_curve::{pkcs8::EncodePrivateKey, sec1::ToEncodedPoint};
use mas_iana::jose::{JsonWebKeyType, JsonWebSignatureAlg};
pub use mas_jose::jwk::{JsonWebKey, JsonWebKeySet};
use mas_jose::{
@ -33,7 +33,6 @@ use pkcs1::EncodeRsaPrivateKey;
use pkcs8::{AssociatedOid, PrivateKeyInfo};
use rand::{CryptoRng, RngCore};
use rsa::BigUint;
use sec1::EncodeEcPrivateKey;
use thiserror::Error;
mod encrypter;
@ -200,12 +199,12 @@ impl PrivateKey {
/// # Errors
///
/// Returns an error if the encoding failed
pub fn to_der(&self) -> Result<Zeroizing<Vec<u8>>, anyhow::Error> {
pub fn to_der(&self) -> Result<Zeroizing<Vec<u8>>, pkcs1::Error> {
let der = match self {
PrivateKey::Rsa(key) => key.to_pkcs1_der()?.to_bytes(),
PrivateKey::EcP256(key) => key.to_sec1_der()?,
PrivateKey::EcP384(key) => key.to_sec1_der()?,
PrivateKey::EcK256(key) => key.to_sec1_der()?,
PrivateKey::EcP256(key) => to_sec1_der(key)?,
PrivateKey::EcP384(key) => to_sec1_der(key)?,
PrivateKey::EcK256(key) => to_sec1_der(key)?,
};
Ok(der)
@ -216,7 +215,7 @@ impl PrivateKey {
/// # Errors
///
/// Returns an error if the encoding failed
pub fn to_pkcs8_der(&self) -> Result<Zeroizing<Vec<u8>>, anyhow::Error> {
pub fn to_pkcs8_der(&self) -> Result<Zeroizing<Vec<u8>>, pkcs8::Error> {
let der = match self {
PrivateKey::Rsa(key) => key.to_pkcs8_der()?,
PrivateKey::EcP256(key) => key.to_pkcs8_der()?,
@ -238,12 +237,12 @@ impl PrivateKey {
pub fn to_pem(
&self,
line_ending: pem_rfc7468::LineEnding,
) -> Result<Zeroizing<String>, anyhow::Error> {
) -> Result<Zeroizing<String>, pkcs1::Error> {
let pem = match self {
PrivateKey::Rsa(key) => key.to_pkcs1_pem(line_ending)?,
PrivateKey::EcP256(key) => key.to_sec1_pem(line_ending)?,
PrivateKey::EcP384(key) => key.to_sec1_pem(line_ending)?,
PrivateKey::EcK256(key) => key.to_sec1_pem(line_ending)?,
PrivateKey::EcP256(key) => to_sec1_pem(key, line_ending)?,
PrivateKey::EcP384(key) => to_sec1_pem(key, line_ending)?,
PrivateKey::EcK256(key) => to_sec1_pem(key, line_ending)?,
};
Ok(pem)
@ -516,24 +515,66 @@ impl PrivateKey {
}
/// Generate an Elliptic Curve key for the P-256 curve
pub fn generate_ec_p256<R: RngCore + CryptoRng>(rng: R) -> Self {
let key = elliptic_curve::SecretKey::random(rng);
pub fn generate_ec_p256<R: RngCore + CryptoRng>(mut rng: R) -> Self {
let key = elliptic_curve::SecretKey::random(&mut rng);
Self::EcP256(Box::new(key))
}
/// Generate an Elliptic Curve key for the P-384 curve
pub fn generate_ec_p384<R: RngCore + CryptoRng>(rng: R) -> Self {
let key = elliptic_curve::SecretKey::random(rng);
pub fn generate_ec_p384<R: RngCore + CryptoRng>(mut rng: R) -> Self {
let key = elliptic_curve::SecretKey::random(&mut rng);
Self::EcP384(Box::new(key))
}
/// Generate an Elliptic Curve key for the secp256k1 curve
pub fn generate_ec_k256<R: RngCore + CryptoRng>(rng: R) -> Self {
let key = elliptic_curve::SecretKey::random(rng);
pub fn generate_ec_k256<R: RngCore + CryptoRng>(mut rng: R) -> Self {
let key = elliptic_curve::SecretKey::random(&mut rng);
Self::EcK256(Box::new(key))
}
}
// The default implementation of SecretKey::to_sec1_pem/der do not include the
// named curve OID. This is a basic reimplementation of those two functions with
// the OID included, so that it matches the implementation in OpenSSL.
fn to_sec1_der<C>(key: &elliptic_curve::SecretKey<C>) -> Result<Zeroizing<Vec<u8>>, der::Error>
where
C: elliptic_curve::Curve + elliptic_curve::CurveArithmetic + AssociatedOid,
elliptic_curve::PublicKey<C>: elliptic_curve::sec1::ToEncodedPoint<C>,
C::FieldBytesSize: elliptic_curve::sec1::ModulusSize,
{
let private_key_bytes = Zeroizing::new(key.to_bytes());
let public_key_bytes = key.public_key().to_encoded_point(false);
Ok(Zeroizing::new(
sec1::EcPrivateKey {
private_key: &private_key_bytes,
parameters: Some(sec1::EcParameters::NamedCurve(C::OID)),
public_key: Some(public_key_bytes.as_bytes()),
}
.to_der()?,
))
}
fn to_sec1_pem<C>(
key: &elliptic_curve::SecretKey<C>,
line_ending: pem_rfc7468::LineEnding,
) -> Result<Zeroizing<String>, der::Error>
where
C: elliptic_curve::Curve + elliptic_curve::CurveArithmetic + AssociatedOid,
elliptic_curve::PublicKey<C>: elliptic_curve::sec1::ToEncodedPoint<C>,
C::FieldBytesSize: elliptic_curve::sec1::ModulusSize,
{
let private_key_bytes = Zeroizing::new(key.to_bytes());
let public_key_bytes = key.public_key().to_encoded_point(false);
Ok(Zeroizing::new(
sec1::EcPrivateKey {
private_key: &private_key_bytes,
parameters: Some(sec1::EcParameters::NamedCurve(C::OID)),
public_key: Some(public_key_bytes.as_bytes()),
}
.to_pem(line_ending)?,
))
}
impl From<&PrivateKey> for JsonWebKeyPublicParameters {
fn from(val: &PrivateKey) -> Self {
match val {

23
crates/keystore/tests/keystore.rs
View File

@ -76,18 +76,13 @@ macro_rules! enc_test {
/// Generate a PEM decoding and encoding test
macro_rules! pem_test {
($name:ident, $path:literal) => {
pem_test!($name, $path, compare = true);
};
($name:ident, $path:literal, compare = $compare:literal) => {
#[test]
fn $name() {
let pem = include_str!(concat!("./keys/", $path, ".pem"));
let key = PrivateKey::load_pem(pem).unwrap();
let pem2 = key.to_pem(pem_rfc7468::LineEnding::LF).unwrap();
if $compare {
assert_eq!(pem, pem2.as_str());
}
assert_eq!(pem, pem2.as_str());
}
};
}
@ -95,18 +90,13 @@ macro_rules! pem_test {
/// Generate a DER decoding and encoding test
macro_rules! der_test {
($name:ident, $path:literal) => {
der_test!($name, $path, compare = true);
};
($name:ident, $path:literal, compare = $compare:literal) => {
#[test]
fn $name() {
let der = include_bytes!(concat!("./keys/", $path, ".der"));
let key = PrivateKey::load_der(der).unwrap();
let der2 = key.to_der().unwrap();
if $compare {
assert_eq!(der, der2.as_slice());
}
assert_eq!(der, der2.as_slice());
}
};
}
@ -137,16 +127,15 @@ enc_test!(enc_ec_p384_pkcs8_der, EcP384, "ec-p384.pkcs8.encrypted.der");
enc_test!(enc_ec_k256_pkcs8_pem, EcK256, "ec-k256.pkcs8.encrypted.pem");
enc_test!(enc_ec_k256_pkcs8_der, EcK256, "ec-k256.pkcs8.encrypted.der");
// Test PEM/DER serialization. For some reason, DER serialization of EC keys
// have some extra bytes
// Test PEM/DER serialization
pem_test!(serialize_rsa_pkcs1_pem, "rsa.pkcs1");
der_test!(serialize_rsa_pkcs1_der, "rsa.pkcs1");
pem_test!(serialize_ec_p256_sec1_pem, "ec-p256.sec1");
der_test!(serialize_ec_p256_sec1_der, "ec-p256.sec1", compare = false);
der_test!(serialize_ec_p256_sec1_der, "ec-p256.sec1");
pem_test!(serialize_ec_p384_sec1_pem, "ec-p384.sec1");
der_test!(serialize_ec_p384_sec1_der, "ec-p384.sec1", compare = false);
der_test!(serialize_ec_p384_sec1_der, "ec-p384.sec1");
pem_test!(serialize_ec_k256_sec1_pem, "ec-k256.sec1");
der_test!(serialize_ec_k256_sec1_der, "ec-k256.sec1", compare = false);
der_test!(serialize_ec_k256_sec1_der, "ec-k256.sec1");
#[test]
fn load_encrypted_as_unencrypted_error() {

12
crates/listener/Cargo.toml
View File

@ -7,22 +7,22 @@ license = "Apache-2.0"
[dependencies]
bytes = "1.4.0"
futures-util = "0.3.26"
futures-util = "0.3.27"
http-body = "0.4.5"
hyper = { version = "0.14.24", features = ["server", "http1", "http2", "tcp"] }
hyper = { version = "0.14.25", features = ["server", "http1", "http2", "tcp"] }
pin-project-lite = "0.2.9"
thiserror = "1.0.38"
tokio = { version = "1.25.0", features = ["net", "rt", "macros", "signal", "time"] }
thiserror = "1.0.39"
tokio = { version = "1.26.0", features = ["net", "rt", "macros", "signal", "time"] }
tokio-rustls = "0.23.4"
tower-http = { version = "0.4.0", features = ["add-extension"] }
tower-service = "0.3.2"
tracing = "0.1.37"
libc = "0.2.139"
libc = "0.2.140"
[dev-dependencies]
anyhow = "1.0.69"
rustls-pemfile = "1.0.2"
tokio = { version = "1.25.0", features = ["net", "rt", "macros", "signal", "time", "rt-multi-thread"] }
tokio = { version = "1.26.0", features = ["net", "rt", "macros", "signal", "time", "rt-multi-thread"] }
tokio-test = "0.4.2"
tracing-subscriber = "0.3.16"

12
crates/oauth2-types/Cargo.toml
View File

@ -7,17 +7,17 @@ license = "Apache-2.0"
[dependencies]
http = "0.2.9"
serde = "1.0.152"
serde_json = "1.0.93"
serde = "1.0.155"
serde_json = "1.0.94"
language-tags = { version = "0.3.2", features = ["serde"] }
url = { version = "2.3.1", features = ["serde"] }
parse-display = "0.8.0"
indoc = "2.0.0"
serde_with = { version = "2.2.0", features = ["chrono"] }
chrono = "0.4.23"
indoc = "2.0.1"
serde_with = { version = "2.3.1", features = ["chrono"] }
chrono = "0.4.24"
sha2 = "0.10.6"
data-encoding = "2.3.3"
thiserror = "1.0.38"
thiserror = "1.0.39"
mas-iana = { path = "../iana" }
mas-jose = { path = "../jose" }

20
crates/oidc-client/Cargo.toml
View File

@ -20,22 +20,22 @@ keystore = ["dep:mas-keystore"]
[dependencies]
base64ct = { version = "1.6.0", features = ["std"] }
bytes = "1.4.0"
chrono = "0.4.23"
chrono = "0.4.24"
form_urlencoded = "1.1.0"
futures = "0.3.26"
futures = "0.3.27"
futures-signals = "0.3.31"
futures-util = "0.3.26"
futures-util = "0.3.27"
headers = "0.3.8"
http = "0.2.9"
once_cell = "1.17.1"
mime = "0.3.16"
rand = "0.8.5"
serde = { version = "1.0.152", features = ["derive"] }
serde_json = "1.0.93"
serde = { version = "1.0.155", features = ["derive"] }
serde_json = "1.0.94"
serde_urlencoded = "0.7.1"
serde_with = "2.2.0"
thiserror = "1.0.38"
tokio = { version = "1.25.0", features = ["rt", "macros", "rt-multi-thread"] }
serde_with = "2.3.1"
thiserror = "1.0.39"
tokio = { version = "1.26.0", features = ["rt", "macros", "rt-multi-thread"] }
tower = { version = "0.4.13", features = ["full"] }
tracing = "0.1.37"
url = { version = "2.3.1", features = ["serde"] }
@ -55,7 +55,7 @@ features = ["http1", "http2", "rustls-native-certs"]
default-features = false
optional = true
[dependencies.hyper]
version = "0.14.24"
version = "0.14.25"
features = ["client", "http1", "http2", "stream", "runtime" ]
optional = true
[dependencies.tower-http]
@ -65,7 +65,7 @@ optional = true
[dev-dependencies]
assert_matches = "1.5.0"
bitflags = "1.3.2"
bitflags = "2.0.0"
mas-keystore = { path = "../keystore" }
rand_chacha = "0.3.1"
wiremock = "0.5.17"

12
crates/policy/Cargo.toml
View File

@ -8,18 +8,18 @@ license = "Apache-2.0"
[dependencies]
anyhow = "1.0.69"
opa-wasm = { git = "https://github.com/matrix-org/rust-opa-wasm.git" }
serde = { version = "1.0.152", features = ["derive"] }
serde_json = "1.0.93"
thiserror = "1.0.38"
tokio = { version = "1.25.0", features = ["io-util"] }
serde = { version = "1.0.155", features = ["derive"] }
serde_json = "1.0.94"
thiserror = "1.0.39"
tokio = { version = "1.26.0", features = ["io-util"] }
tracing = "0.1.37"
wasmtime = { version = "6.0.0", default-features = false, features = ["async", "cranelift"] }
wasmtime = { version = "6.0.1", default-features = false, features = ["async", "cranelift"] }
mas-data-model = { path = "../data-model" }
oauth2-types = { path = "../oauth2-types" }
[dev-dependencies]
tokio = { version = "1.25.0", features = ["fs", "rt", "macros"] }
tokio = { version = "1.26.0", features = ["fs", "rt", "macros"] }
[features]
cache = ["wasmtime/cache"]

4
crates/router/Cargo.toml
View File

@ -6,8 +6,8 @@ edition = "2021"
license = "Apache-2.0"
[dependencies]
axum = { version = "0.6.9", default-features = false }
serde = { version = "1.0.152", features = ["derive"] }
axum = { version = "0.6.11", default-features = false }
serde = { version = "1.0.155", features = ["derive"] }
serde_urlencoded = "0.7.1"
url = "2.3.1"
ulid = "1.0.0"

10
crates/spa/Cargo.toml
View File

@ -6,15 +6,15 @@ edition = "2021"
license = "Apache-2.0"
[dependencies]
serde = { version = "1.0.152", features = ["derive"] }
serde_json = "1.0.93"
thiserror = "1.0.38"
camino = { version = "1.1.3", features = ["serde1"] }
serde = { version = "1.0.155", features = ["derive"] }
serde_json = "1.0.94"
thiserror = "1.0.39"
camino = { version = "1.1.4", features = ["serde1"] }
headers = "0.3.8"
http = "0.2.9"
tower-service = "0.3.2"
tower-http = { version = "0.4.0", features = ["fs"] }
tokio = { version = "1.25.0", features = ["fs"] }
tokio = { version = "1.26.0", features = ["fs"] }
[[bin]]
name = "render"

12
crates/storage-pg/Cargo.toml
View File

@ -6,14 +6,14 @@ edition = "2021"
license = "Apache-2.0"
[dependencies]
async-trait = "0.1.64"
async-trait = "0.1.66"
sqlx = { version = "0.6.2", features = ["runtime-tokio-rustls", "postgres", "migrate", "chrono", "offline", "json", "uuid"] }
chrono = { version = "0.4.23", features = ["serde"] }
serde = { version = "1.0.152", features = ["derive"] }
serde_json = "1.0.93"
thiserror = "1.0.38"
chrono = { version = "0.4.24", features = ["serde"] }
serde = { version = "1.0.155", features = ["derive"] }
serde_json = "1.0.94"
thiserror = "1.0.39"
tracing = "0.1.37"
futures-util = "0.3.26"
futures-util = "0.3.27"
rand = "0.8.5"
rand_chacha = "0.3.1"

8
crates/storage/Cargo.toml
View File

@ -6,10 +6,10 @@ edition = "2021"
license = "Apache-2.0"
[dependencies]
async-trait = "0.1.64"
chrono = "0.4.23"
thiserror = "1.0.38"
futures-util = "0.3.26"
async-trait = "0.1.66"
chrono = "0.4.24"
thiserror = "1.0.39"
futures-util = "0.3.27"
rand_core = "0.6.4"
url = "2.3.1"

6
crates/tasks/Cargo.toml
View File

@ -6,10 +6,10 @@ edition = "2021"
license = "Apache-2.0"
[dependencies]
tokio = "1.25.0"
async-trait = "0.1.64"
tokio = "1.26.0"
async-trait = "0.1.66"
tokio-stream = "0.1.12"
futures-util = "0.3.26"
futures-util = "0.3.27"
tracing = "0.1.37"
sqlx = { version = "0.6.2", features = ["runtime-tokio-rustls", "postgres"] }

14
crates/templates/Cargo.toml
View File

@ -7,18 +7,18 @@ license = "Apache-2.0"
[dependencies]
tracing = "0.1.37"
tokio = { version = "1.25.0", features = ["macros", "rt"] }
tokio = { version = "1.26.0", features = ["macros", "rt"] }
anyhow = "1.0.69"
thiserror = "1.0.38"
thiserror = "1.0.39"
tera = "1.17.1"
serde = { version = "1.0.152", features = ["derive"] }
serde_json = "1.0.93"
tera = "1.18.0"
serde = { version = "1.0.155", features = ["derive"] }
serde_json = "1.0.94"
serde_urlencoded = "0.7.1"
camino = "1.1.3"
chrono = "0.4.23"
camino = "1.1.4"
chrono = "0.4.24"
url = "2.3.1"
http = "0.2.9"
ulid = { version = "1.0.0", features = ["serde"] }