diff --git a/Cargo.lock b/Cargo.lock index 0f329a4e8..22dff698d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -411,7 +411,7 @@ checksum = "d748d1f5b807ee6d0df5a548d0130417295c3aaed1dcbbb3d6a2e7106e11fcca" dependencies = [ "hybrid-array", "num-traits", - "rand_core", + "rand_core 0.6.4", "subtle", "zeroize", ] @@ -424,7 +424,7 @@ checksum = "b0b8ce8218c97789f16356e7896b3714f26c2ee1079b79c0b7ae7064bb9089fa" dependencies = [ "getrandom 0.2.15", "hybrid-array", - "rand_core", + "rand_core 0.6.4", ] [[package]] @@ -536,7 +536,7 @@ dependencies = [ "hybrid-array", "pem-rfc7468", "pkcs8", - "rand_core", + "rand_core 0.6.4", "sec1", "subtle", "zeroize", @@ -570,7 +570,7 @@ version = "0.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449" dependencies = [ - "rand_core", + "rand_core 0.6.4", "subtle", ] @@ -681,7 +681,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" dependencies = [ "ff", - "rand_core", + "rand_core 0.6.4", "subtle", ] @@ -1007,7 +1007,7 @@ dependencies = [ "des", "hex-literal", "pbkdf2", - "rand_core", + "rand_core 0.9.0", "scrypt", "sha1", "sha2", @@ -1021,7 +1021,7 @@ dependencies = [ "der", "hex-literal", "pkcs5", - "rand_core", + "rand_core 0.9.0", "spki", "subtle", "tempfile", @@ -1051,7 +1051,7 @@ version = "0.2.20" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "77957b295656769bb8ad2b6a6b09d897d94f05c41b069aede1fcdaa675eaea04" dependencies = [ - "zerocopy", + "zerocopy 0.7.35", ] [[package]] @@ -1124,7 +1124,7 @@ checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" dependencies = [ "libc", "rand_chacha", - "rand_core", + "rand_core 0.6.4", ] [[package]] @@ -1134,7 +1134,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" dependencies = [ "ppv-lite86", - "rand_core", + "rand_core 0.6.4", ] [[package]] @@ -1146,13 +1146,23 @@ dependencies = [ "getrandom 0.2.15", ] +[[package]] +name = "rand_core" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b08f3c9802962f7e1b25113931d94f43ed9725bebc59db9d0c3e9a23b67e15ff" +dependencies = [ + "getrandom 0.3.1", + "zerocopy 0.8.17", +] + [[package]] name = "rand_xorshift" version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d25bf25ec5ae4a3f1b92f929810509a2f53d7dca2f50b794ff57e3face536c8f" dependencies = [ - "rand_core", + "rand_core 0.6.4", ] [[package]] @@ -1235,7 +1245,7 @@ dependencies = [ "num-traits", "pkcs1", "pkcs8", - "rand_core", + "rand_core 0.6.4", "sha2", "signature", "spki", @@ -1477,7 +1487,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "054d71959c7051b9042c26af337f05cc930575ed2604d7d3ced3158383e59734" dependencies = [ "digest", - "rand_core", + "rand_core 0.6.4", ] [[package]] @@ -1910,7 +1920,7 @@ dependencies = [ "hex-literal", "lazy_static", "rand", - "rand_core", + "rand_core 0.6.4", "rsa", "sha1", "sha2", @@ -1937,7 +1947,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1b9b4fd18abc82b8136838da5d50bae7bdea537c574d8dc1a34ed098d6c166f0" dependencies = [ "byteorder", - "zerocopy-derive", + "zerocopy-derive 0.7.35", +] + +[[package]] +name = "zerocopy" +version = "0.8.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa91407dacce3a68c56de03abe2760159582b846c6a4acd2f456618087f12713" +dependencies = [ + "zerocopy-derive 0.8.17", ] [[package]] @@ -1951,6 +1970,17 @@ dependencies = [ "syn", ] +[[package]] +name = "zerocopy-derive" +version = "0.8.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06718a168365cad3d5ff0bb133aad346959a2074bd4a85c121255a11304a8626" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "zeroize" version = "1.8.1" diff --git a/pkcs5/Cargo.toml b/pkcs5/Cargo.toml index c84622e78..052950b1c 100644 --- a/pkcs5/Cargo.toml +++ b/pkcs5/Cargo.toml @@ -25,7 +25,7 @@ aes = { version = "=0.9.0-pre.2", optional = true, default-features = false } aes-gcm = { version = "=0.11.0-pre.2", optional = true, default-features = false, features = ["aes"] } des = { version = "=0.9.0-pre.2", optional = true, default-features = false } pbkdf2 = { version = "=0.13.0-pre.1", optional = true, default-features = false, features = ["hmac"] } -rand_core = { version = "0.6.4", optional = true, default-features = false } +rand_core = { version = "0.9.0", optional = true, default-features = false } scrypt = { version = "=0.12.0-pre.2", optional = true, default-features = false } sha1 = { version = "=0.11.0-pre.4", optional = true, default-features = false } sha2 = { version = "=0.11.0-pre.4", optional = true, default-features = false } @@ -39,7 +39,7 @@ std = [] 3des = ["dep:des", "pbes2"] des-insecure = ["dep:des", "pbes2"] -getrandom = ["rand_core/getrandom"] +getrandom = ["rand_core/os_rng"] pbes2 = ["dep:aes", "dep:cbc", "dep:pbkdf2", "dep:scrypt", "dep:sha2", "dep:aes-gcm"] sha1-insecure = ["dep:sha1", "pbes2"] diff --git a/pkcs5/src/pbes2.rs b/pkcs5/src/pbes2.rs index 80f7485e5..45df06be7 100644 --- a/pkcs5/src/pbes2.rs +++ b/pkcs5/src/pbes2.rs @@ -19,7 +19,7 @@ use der::{ }; #[cfg(feature = "rand_core")] -use rand_core::CryptoRngCore; +use rand_core::CryptoRng; #[cfg(all(feature = "alloc", feature = "pbes2"))] use alloc::vec::Vec; @@ -106,7 +106,7 @@ impl Parameters { /// This is currently an alias for [`Parameters::scrypt`]. See that method /// for more information. #[cfg(all(feature = "pbes2", feature = "rand_core"))] - pub fn recommended(rng: &mut impl CryptoRngCore) -> Self { + pub fn recommended(rng: &mut R) -> Self { Self::scrypt(rng) } @@ -118,7 +118,7 @@ impl Parameters { /// This will use AES-256-CBC as the encryption algorithm and SHA-256 as /// the hash function for PBKDF2. #[cfg(feature = "rand_core")] - pub fn pbkdf2(rng: &mut impl CryptoRngCore) -> Self { + pub fn pbkdf2(rng: &mut R) -> Self { let mut iv = [0u8; Self::DEFAULT_IV_LEN]; rng.fill_bytes(&mut iv); @@ -169,7 +169,7 @@ impl Parameters { /// /// [RustCrypto/formats#1205]: https://github.com/RustCrypto/formats/issues/1205 #[cfg(all(feature = "pbes2", feature = "rand_core"))] - pub fn scrypt(rng: &mut impl CryptoRngCore) -> Self { + pub fn scrypt(rng: &mut R) -> Self { let mut iv = [0u8; Self::DEFAULT_IV_LEN]; rng.fill_bytes(&mut iv); diff --git a/pkcs8/Cargo.toml b/pkcs8/Cargo.toml index 56cb3d629..7c72f3830 100644 --- a/pkcs8/Cargo.toml +++ b/pkcs8/Cargo.toml @@ -21,7 +21,7 @@ der = { version = "0.8.0-rc.0", features = ["oid"] } spki = { version = "0.8.0-rc.0" } # optional dependencies -rand_core = { version = "0.6", optional = true, default-features = false } +rand_core = { version = "0.9.0", optional = true, default-features = false } pkcs5 = { version = "0.8.0-rc.0", optional = true, features = ["rand_core"] } subtle = { version = "2", optional = true, default-features = false } @@ -36,7 +36,7 @@ std = ["alloc", "der/std", "spki/std"] 3des = ["encryption", "pkcs5/3des"] des-insecure = ["encryption", "pkcs5/des-insecure"] encryption = ["alloc", "pkcs5/alloc", "pkcs5/pbes2", "rand_core"] -getrandom = ["rand_core/getrandom"] +getrandom = ["rand_core/os_rng"] pem = ["alloc", "der/pem", "spki/pem"] sha1-insecure = ["encryption", "pkcs5/sha1-insecure"] diff --git a/pkcs8/src/encrypted_private_key_info.rs b/pkcs8/src/encrypted_private_key_info.rs index 9e4ec471f..423566d69 100644 --- a/pkcs8/src/encrypted_private_key_info.rs +++ b/pkcs8/src/encrypted_private_key_info.rs @@ -12,7 +12,7 @@ use pkcs5::EncryptionScheme; use der::{asn1::OctetString, SecretDocument}; #[cfg(feature = "encryption")] -use {pkcs5::pbes2, rand_core::CryptoRngCore}; +use {pkcs5::pbes2, rand_core::CryptoRng}; #[cfg(feature = "pem")] use der::pem::PemLabel; @@ -64,8 +64,8 @@ where /// Encrypt the given ASN.1 DER document using a symmetric encryption key /// derived from the provided password. #[cfg(feature = "encryption")] - pub(crate) fn encrypt( - rng: &mut impl CryptoRngCore, + pub(crate) fn encrypt( + rng: &mut R, password: impl AsRef<[u8]>, doc: &[u8], ) -> Result { diff --git a/pkcs8/src/private_key_info.rs b/pkcs8/src/private_key_info.rs index 1fdaf183d..8fe923c81 100644 --- a/pkcs8/src/private_key_info.rs +++ b/pkcs8/src/private_key_info.rs @@ -17,8 +17,7 @@ use der::{ #[cfg(feature = "encryption")] use { - crate::EncryptedPrivateKeyInfoRef, der::zeroize::Zeroizing, pkcs5::pbes2, - rand_core::CryptoRngCore, + crate::EncryptedPrivateKeyInfoRef, der::zeroize::Zeroizing, pkcs5::pbes2, rand_core::CryptoRng, }; #[cfg(feature = "pem")] @@ -146,9 +145,9 @@ where /// - p: 1 /// - Cipher: AES-256-CBC (best available option for PKCS#5 encryption) #[cfg(feature = "encryption")] - pub fn encrypt( + pub fn encrypt( &self, - rng: &mut impl CryptoRngCore, + rng: &mut R, password: impl AsRef<[u8]>, ) -> Result { let der = Zeroizing::new(self.to_der()?); diff --git a/pkcs8/src/traits.rs b/pkcs8/src/traits.rs index 6d110b6e6..394089ee3 100644 --- a/pkcs8/src/traits.rs +++ b/pkcs8/src/traits.rs @@ -6,7 +6,7 @@ use crate::{Error, PrivateKeyInfoRef, Result}; use der::SecretDocument; #[cfg(feature = "encryption")] -use {crate::EncryptedPrivateKeyInfoRef, rand_core::CryptoRngCore}; +use {crate::EncryptedPrivateKeyInfoRef, rand_core::CryptoRng}; #[cfg(feature = "pem")] use { @@ -101,9 +101,9 @@ pub trait EncodePrivateKey { /// Create an [`SecretDocument`] containing the ciphertext of /// a PKCS#8 encoded private key encrypted under the given `password`. #[cfg(feature = "encryption")] - fn to_pkcs8_encrypted_der( + fn to_pkcs8_encrypted_der( &self, - rng: &mut impl CryptoRngCore, + rng: &mut R, password: impl AsRef<[u8]>, ) -> Result { EncryptedPrivateKeyInfoRef::encrypt(rng, password, self.to_pkcs8_der()?.as_bytes()) @@ -119,9 +119,9 @@ pub trait EncodePrivateKey { /// Serialize this private key as an encrypted PEM-encoded PKCS#8 private /// key using the `provided` to derive an encryption key. #[cfg(all(feature = "encryption", feature = "pem"))] - fn to_pkcs8_encrypted_pem( + fn to_pkcs8_encrypted_pem( &self, - rng: &mut impl CryptoRngCore, + rng: &mut R, password: impl AsRef<[u8]>, line_ending: LineEnding, ) -> Result> {