Merge pull request #176 from ANSSI-FR/bump-dalek

Bump dalek dependencies
ANSSI-FR · Sep 29, 2023 · 84f3979 · 84f3979
2 parents c767c9f + a444ed5
commit 84f3979
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 12 deletions.
diff --git a/curve25519-parser/Cargo.toml b/curve25519-parser/Cargo.toml
@@ -13,8 +13,8 @@ readme = "../README.md"
 
 [dependencies]
 der-parser = { version = "8", default-features = false}
-x25519-dalek = { version = "1", default-features = false}
-curve25519-dalek = { version = "3", default-features = false, features = ["u64_backend"]}
+curve25519-dalek = { version = "4", default-features = false}
+x25519-dalek = { version = "2", default-features = false, features=["static_secrets"]}
 sha2 = { version = "0", default-features = false}
 pem = { version = "3", default-features = false}
 

diff --git a/curve25519-parser/src/lib.rs b/curve25519-parser/src/lib.rs
@@ -211,11 +211,11 @@ pub fn parse_openssl_25519_pubkey_der(data: &[u8]) -> Result<PublicKey, Curve255
         .map_err(|_| Curve25519ParserError::InvalidData)?;
     let read_oid = ed25519_public.header.tag.as_oid()?;
     if read_oid == &ED_25519_OID {
-        if let Some(edwards_val) = CompressedEdwardsY::from_slice(&data).decompress() {
-            Ok(PublicKey::from(edwards_val.to_montgomery().to_bytes()))
-        } else {
-            Err(Curve25519ParserError::InvalidData)
-        }
+        CompressedEdwardsY::from_slice(&data)
+            .ok()
+            .and_then(|c| c.decompress())
+            .map(|v| PublicKey::from(v.to_montgomery().to_bytes()))
+            .ok_or(Curve25519ParserError::InvalidData)
     } else if read_oid == &X_25519_OID {
         Ok(PublicKey::from(MontgomeryPoint(data).to_bytes()))
     } else {

diff --git a/mla/Cargo.toml b/mla/Cargo.toml
@@ -28,7 +28,7 @@ ctr = { version = "0.9", default-features = false}
 subtle = { version = "2", default-features = false}
 digest = { version = "0", default-features = false}
 # ECC
-x25519-dalek = { version = "1", default-features = false}
+x25519-dalek = { version = "2", default-features = false, features = ["zeroize"]}
 hkdf = { version = "0", default-features = false}
 sha2 = { version = "0", default-features = false}
 zeroize = { version = "1", default-features = false}
@@ -44,9 +44,7 @@ hex = { version = "0.4", default-features = false, features = ["alloc"]}
 static_assertions = { version = "1", default-features = false }
 
 [features]
-# x25519-dalek depends on curve25519-dalek, which requires at least one feature to be enabled
-# -> use default u64_backend (x25519-dalek's default) to have a working default compilation
-default = ["x25519-dalek/u64_backend"]
+default = []
 send = []
 
 [[bench]]

diff --git a/mlar/Cargo.toml b/mlar/Cargo.toml
@@ -18,7 +18,7 @@ glob = "0.3"
 mla = { path = "../mla", version = "1" }
 curve25519-parser = { path = "../curve25519-parser", version = "0.3" }
 rand = "0.8"
-x25519-dalek = "1"
+x25519-dalek = "2"
 humansize = {version = "2", features = ["impl_style"]}
 hex = "0.4"
 sha2 = { version = "0", default-features = false}