mirror of
https://github.com/denoland/deno.git
synced 2025-01-13 01:22:20 -05:00
chore(ext/crypto): upgrade to ring 0.17 (#20824)
Ref https://github.com/denoland/deno/issues/18071
This commit is contained in:
parent
6e2abb2b13
commit
4c6b986f17
7 changed files with 40 additions and 30 deletions
45
Cargo.lock
generated
45
Cargo.lock
generated
|
@ -1161,9 +1161,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "deno_cache_dir"
|
||||
version = "0.6.0"
|
||||
version = "0.6.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "026d622a8251c427bdb506798b003926b059640a247d524e1f773751cce9f0bf"
|
||||
checksum = "2bbb245d9a3719b5eb2b5195aaaa25108c3c93d1762b181a20fb1af1c7703eaf"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"deno_media_type",
|
||||
|
@ -1469,9 +1469,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "deno_lockfile"
|
||||
version = "0.17.1"
|
||||
version = "0.17.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "c7673d66847223bd4115075a96b0699da71b1755524aeb3956f0a3edf3af3217"
|
||||
checksum = "8cd29f62e6dec60e585f579df3e9c2fc562aadf881319152974bc442a9042077"
|
||||
dependencies = [
|
||||
"ring",
|
||||
"serde",
|
||||
|
@ -3120,7 +3120,7 @@ version = "1.4.0"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
|
||||
dependencies = [
|
||||
"spin",
|
||||
"spin 0.5.2",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -4384,17 +4384,16 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "ring"
|
||||
version = "0.16.20"
|
||||
version = "0.17.2"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc"
|
||||
checksum = "911b295d2d302948838c8ac142da1ee09fa7863163b44e6715bc9357905878b8"
|
||||
dependencies = [
|
||||
"cc",
|
||||
"getrandom 0.2.10",
|
||||
"libc",
|
||||
"once_cell",
|
||||
"spin",
|
||||
"spin 0.9.8",
|
||||
"untrusted",
|
||||
"web-sys",
|
||||
"winapi",
|
||||
"windows-sys",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
@ -4495,9 +4494,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "rustls"
|
||||
version = "0.21.7"
|
||||
version = "0.21.8"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "cd8d6c9f025a446bc4d18ad9632e69aec8f287aa84499ee335599fabd20c3fd8"
|
||||
checksum = "446e14c5cda4f3f30fe71863c34ec70f5ac79d6087097ad0bb433e1be5edf04c"
|
||||
dependencies = [
|
||||
"log",
|
||||
"ring",
|
||||
|
@ -4528,9 +4527,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "rustls-webpki"
|
||||
version = "0.101.6"
|
||||
version = "0.101.7"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3c7d5dece342910d9ba34d259310cae3e0154b873b35408b787b59bce53d34fe"
|
||||
checksum = "8b6275d1ee7a1cd780b64aca7726599a1dbc893b1e64144529e55c3c2f745765"
|
||||
dependencies = [
|
||||
"ring",
|
||||
"untrusted",
|
||||
|
@ -4640,9 +4639,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "sct"
|
||||
version = "0.7.0"
|
||||
version = "0.7.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "d53dcdb7c9f8158937a7981b48accfd39a43af418591a5d008c7b22b5e1b7ca4"
|
||||
checksum = "da046153aa2352493d6cb7da4b6e5c0c057d8a1d0a9aa8560baffdd945acd414"
|
||||
dependencies = [
|
||||
"ring",
|
||||
"untrusted",
|
||||
|
@ -4993,6 +4992,12 @@ version = "0.5.2"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d"
|
||||
|
||||
[[package]]
|
||||
name = "spin"
|
||||
version = "0.9.8"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67"
|
||||
|
||||
[[package]]
|
||||
name = "spki"
|
||||
version = "0.6.0"
|
||||
|
@ -6104,7 +6109,7 @@ version = "1.6.3"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "97fee6b57c6a41524a810daee9286c02d7752c4253064d0b05472833a438f675"
|
||||
dependencies = [
|
||||
"cfg-if 1.0.0",
|
||||
"cfg-if 0.1.10",
|
||||
"rand 0.8.5",
|
||||
"static_assertions",
|
||||
]
|
||||
|
@ -6234,9 +6239,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "untrusted"
|
||||
version = "0.7.1"
|
||||
version = "0.9.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a"
|
||||
checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1"
|
||||
|
||||
[[package]]
|
||||
name = "url"
|
||||
|
|
|
@ -45,7 +45,7 @@ deno_runtime = { version = "0.129.0", path = "./runtime" }
|
|||
napi_sym = { version = "0.51.0", path = "./cli/napi/sym" }
|
||||
deno_bench_util = { version = "0.115.0", path = "./bench_util" }
|
||||
test_util = { path = "./test_util" }
|
||||
deno_lockfile = "0.17.1"
|
||||
deno_lockfile = "0.17.2"
|
||||
deno_media_type = { version = "0.1.1", features = ["module_specifier"] }
|
||||
|
||||
# exts
|
||||
|
@ -118,9 +118,9 @@ rand = "=0.8.5"
|
|||
regex = "^1.7.0"
|
||||
lazy-regex = "3"
|
||||
reqwest = { version = "0.11.20", default-features = false, features = ["rustls-tls", "stream", "gzip", "brotli", "socks", "json"] }
|
||||
ring = "=0.16.20"
|
||||
ring = "^0.17.0"
|
||||
rusqlite = { version = "=0.29.0", features = ["unlock_notify", "bundled"] }
|
||||
rustls = "0.21.0"
|
||||
rustls = "0.21.8"
|
||||
rustls-pemfile = "1.0.0"
|
||||
rustls-webpki = "0.101.4"
|
||||
rustls-native-certs = "0.6.2"
|
||||
|
|
|
@ -46,7 +46,7 @@ winres.workspace = true
|
|||
|
||||
[dependencies]
|
||||
deno_ast = { workspace = true, features = ["bundler", "cjs", "codegen", "dep_graph", "module_specifier", "proposal", "react", "sourcemap", "transforms", "typescript", "view", "visit"] }
|
||||
deno_cache_dir = "=0.6.0"
|
||||
deno_cache_dir = "=0.6.1"
|
||||
deno_config = "=0.4.0"
|
||||
deno_core = { workspace = true, features = ["include_js_files_for_snapshotting"] }
|
||||
deno_doc = "=0.70.0"
|
||||
|
|
|
@ -136,7 +136,7 @@ fn generate_key_hmac(
|
|||
|
||||
length
|
||||
} else {
|
||||
hash.digest_algorithm().block_len
|
||||
hash.digest_algorithm().block_len()
|
||||
};
|
||||
|
||||
let rng = ring::rand::SystemRandom::new();
|
||||
|
|
|
@ -556,10 +556,12 @@ fn import_key_ec_jwk(
|
|||
}
|
||||
};
|
||||
|
||||
let rng = ring::rand::SystemRandom::new();
|
||||
let _key_pair = EcdsaKeyPair::from_private_key_and_public_key(
|
||||
key_alg,
|
||||
private_d.as_bytes(),
|
||||
point_bytes.as_ref(),
|
||||
&rng,
|
||||
);
|
||||
|
||||
Ok(ImportKeyResult::Ec {
|
||||
|
@ -658,8 +660,9 @@ fn import_key_ec(
|
|||
}
|
||||
};
|
||||
|
||||
let rng = ring::rand::SystemRandom::new();
|
||||
// deserialize pkcs8 using ring crate, to VALIDATE public key
|
||||
let _private_key = EcdsaKeyPair::from_pkcs8(signing_alg, &data)?;
|
||||
let _private_key = EcdsaKeyPair::from_pkcs8(signing_alg, &data, &rng)?;
|
||||
|
||||
// 11.
|
||||
if named_curve != pk_named_curve {
|
||||
|
|
|
@ -266,7 +266,8 @@ pub async fn op_crypto_sign_key(
|
|||
let curve: &EcdsaSigningAlgorithm =
|
||||
args.named_curve.ok_or_else(not_supported)?.try_into()?;
|
||||
|
||||
let key_pair = EcdsaKeyPair::from_pkcs8(curve, &args.key.data)?;
|
||||
let rng = RingRand::SystemRandom::new();
|
||||
let key_pair = EcdsaKeyPair::from_pkcs8(curve, &args.key.data, &rng)?;
|
||||
// We only support P256-SHA256 & P384-SHA384. These are recommended signature pairs.
|
||||
// https://briansmith.org/rustdoc/ring/signature/index.html#statics
|
||||
if let Some(hash) = args.hash {
|
||||
|
@ -276,7 +277,6 @@ pub async fn op_crypto_sign_key(
|
|||
}
|
||||
};
|
||||
|
||||
let rng = RingRand::SystemRandom::new();
|
||||
let signature = key_pair.sign(&rng, data)?;
|
||||
|
||||
// Signature data as buffer.
|
||||
|
@ -388,7 +388,9 @@ pub async fn op_crypto_verify_key(
|
|||
|
||||
let public_key_bytes = match args.key.r#type {
|
||||
KeyType::Private => {
|
||||
private_key = EcdsaKeyPair::from_pkcs8(signing_alg, &args.key.data)?;
|
||||
let rng = RingRand::SystemRandom::new();
|
||||
private_key =
|
||||
EcdsaKeyPair::from_pkcs8(signing_alg, &args.key.data, &rng)?;
|
||||
|
||||
private_key.public_key().as_ref()
|
||||
}
|
||||
|
|
|
@ -715,7 +715,7 @@ fn ec_generate(
|
|||
let pkcs8 = EcdsaKeyPair::generate_pkcs8(curve, &rng)
|
||||
.map_err(|_| type_error("Failed to generate EC key"))?;
|
||||
|
||||
let public_key = EcdsaKeyPair::from_pkcs8(curve, pkcs8.as_ref())
|
||||
let public_key = EcdsaKeyPair::from_pkcs8(curve, pkcs8.as_ref(), &rng)
|
||||
.map_err(|_| type_error("Failed to generate EC key"))?
|
||||
.public_key()
|
||||
.as_ref()
|
||||
|
|
Loading…
Reference in a new issue