diff --git a/curve25519-parser/Cargo.toml b/curve25519-parser/Cargo.toml index 631c65d..4dcb65d 100644 --- a/curve25519-parser/Cargo.toml +++ b/curve25519-parser/Cargo.toml @@ -19,8 +19,8 @@ sha2 = { version = "0", default-features = false} pem = { version = "1", default-features = false} [dependencies.rand_core] -version = "0.5" +version = "0.6" default-features = false [dev-dependencies] -rand = "0.7" +rand = "0.8" diff --git a/mla/Cargo.toml b/mla/Cargo.toml index 63b3ec9..961f220 100644 --- a/mla/Cargo.toml +++ b/mla/Cargo.toml @@ -12,8 +12,8 @@ readme = "../README.md" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] -rand = { version = "0.7", default-features = false, features = ["getrandom", "std"]} -rand_chacha = { version = "0.2", default-features = false} +rand = { version = "0.8", default-features = false, features = ["getrandom", "std"]} +rand_chacha = { version = "0.3", default-features = false} brotli = { version = "3.3", default-features = false, features = ["std"]} bitflags = { version = "1.2", default-features = false} byteorder = { version = "1.3", default-features = false, features = ["std"] } diff --git a/mla/src/crypto/ecc.rs b/mla/src/crypto/ecc.rs index 5cac661..cb4b7cf 100644 --- a/mla/src/crypto/ecc.rs +++ b/mla/src/crypto/ecc.rs @@ -53,7 +53,9 @@ where { // A `StaticSecret` is used instead of an `EphemeralSecret` to allow for // multiple diffie-hellman computation - let ephemeral = StaticSecret::new(csprng); + let mut bytes = [0u8; 32]; + csprng.fill_bytes(&mut bytes); + let ephemeral = StaticSecret::from(bytes); let public = PublicKey::from(&ephemeral); let mut encrypted_keys = Vec::new(); @@ -114,10 +116,13 @@ mod tests { #[test] fn ecies() { let mut csprng = ChaChaRng::from_entropy(); - let ephemeral_scalar = StaticSecret::new(&mut csprng); + let mut bytes = [0u8; 32]; + csprng.fill_bytes(&mut bytes); + let ephemeral_scalar = StaticSecret::from(bytes); let ephemeral_public = PublicKey::from(&ephemeral_scalar); - let receiver_private = StaticSecret::new(&mut csprng); + csprng.fill_bytes(&mut bytes); + let receiver_private = StaticSecret::from(bytes); let receiver_public = PublicKey::from(&receiver_private); let symmetric_key = derive_key(&ephemeral_scalar, &receiver_public).unwrap(); @@ -131,10 +136,12 @@ mod tests { fn multi_recipients() { // Create fake recipients let mut csprng = ChaChaRng::from_entropy(); + let mut bytes = [0u8; 32]; let mut recipients_priv = Vec::new(); let mut recipients_pub = Vec::new(); for _ in 0..5 { - let skey = StaticSecret::new(&mut csprng); + csprng.fill_bytes(&mut bytes); + let skey = StaticSecret::from(bytes); recipients_pub.push(PublicKey::from(&skey)); recipients_priv.push(skey); } @@ -153,7 +160,8 @@ mod tests { } // Ensure another recipient does not obtain the shared key - let fake_recipient = StaticSecret::new(&mut csprng); + csprng.fill_bytes(&mut bytes); + let fake_recipient = StaticSecret::from(bytes); assert!(retrieve_key(&persist, &fake_recipient).unwrap().is_none()); } } diff --git a/mla/src/layers/compress.rs b/mla/src/layers/compress.rs index 0189f6a..2c3d217 100644 --- a/mla/src/layers/compress.rs +++ b/mla/src/layers/compress.rs @@ -749,7 +749,6 @@ mod tests { use crate::layers::raw::{RawLayerFailSafeReader, RawLayerReader, RawLayerWriter}; use rand::distributions::{Alphanumeric, Distribution, Standard}; - use rand::rngs::StdRng; use rand::SeedableRng; use std::io::{Cursor, Read, Write}; use std::time::Instant; @@ -761,7 +760,7 @@ mod tests { // Return a vector of data of size SIZE fn get_data() -> Vec { // Use only alphanumeric charset to allow for compression - let mut rng: StdRng = SeedableRng::from_seed([0u8; 32]); + let mut rng = rand_chacha::ChaCha8Rng::seed_from_u64(0); let data: Vec = Alphanumeric .sample_iter(&mut rng) .take(SIZE) @@ -774,7 +773,7 @@ mod tests { // Return a vector of uncompressable data (ie. purely random) of size SIZE fn get_uncompressable_data() -> Vec { // Use only alphanumeric charset to allow for compression - let mut rng: StdRng = SeedableRng::from_seed([0u8; 32]); + let mut rng = rand_chacha::ChaCha8Rng::seed_from_u64(0); let data: Vec = Standard.sample_iter(&mut rng).take(SIZE).collect(); assert_eq!(data.len(), SIZE); data @@ -973,8 +972,8 @@ mod tests { // Ensure the obtained bytes are correct assert_eq!(buf.as_slice(), &bytes[..buf.len()]); // We hope still having enough data (keeping half of the compressed - // stream should give us at least half of the uncompressed stream) - assert!(buf.len() >= bytes.len() / 2); + // stream should give us at least a third of the uncompressed stream) + assert!(buf.len() >= bytes.len() / 3); } } diff --git a/mla/src/layers/encrypt.rs b/mla/src/layers/encrypt.rs index 73b4e70..4fc228a 100644 --- a/mla/src/layers/encrypt.rs +++ b/mla/src/layers/encrypt.rs @@ -532,7 +532,6 @@ mod tests { use super::*; use rand::distributions::{Alphanumeric, Distribution}; - use rand::rngs::StdRng; use rand::SeedableRng; use std::io::{Cursor, Read, Seek, SeekFrom, Write}; @@ -677,7 +676,7 @@ mod tests { .unwrap(), ); let length = (CHUNK_SIZE * 2) as usize; - let mut rng: StdRng = SeedableRng::from_seed([0u8; 32]); + let mut rng = rand_chacha::ChaCha8Rng::seed_from_u64(0); let data: Vec = Alphanumeric .sample_iter(&mut rng) .take(length) diff --git a/mla/src/lib.rs b/mla/src/lib.rs index 438f5d6..24615fe 100644 --- a/mla/src/lib.rs +++ b/mla/src/lib.rs @@ -1338,7 +1338,9 @@ pub(crate) mod tests { let file = Vec::new(); // Use a deterministic RNG in tests, for reproductability. DO NOT DO THIS IS IN ANY RELEASED BINARY! let mut rng = ChaChaRng::seed_from_u64(0); - let key = StaticSecret::new(&mut rng); + let mut bytes = [0u8; 32]; + rng.fill_bytes(&mut bytes); + let key = StaticSecret::from(bytes); let mut mla = ArchiveWriter::new(file, std::slice::from_ref(&PublicKey::from(&key))) .expect("Writer init failed"); @@ -1393,7 +1395,9 @@ pub(crate) mod tests { let file = Vec::new(); // Use a deterministic RNG in tests, for reproductability. DO NOT DO THIS IS IN ANY RELEASED BINARY! let mut rng = ChaChaRng::seed_from_u64(0); - let key = StaticSecret::new(&mut rng); + let mut bytes = [0u8; 32]; + rng.fill_bytes(&mut bytes); + let key = StaticSecret::from(bytes); let mut config = ArchiveWriterConfig::new(); config .set_layers(layers.unwrap_or_default()) @@ -1502,7 +1506,9 @@ pub(crate) mod tests { // Build initial file in a stream let file = Vec::new(); - let key = StaticSecret::new(&mut rng); + let mut bytes = [0u8; 32]; + rng.fill_bytes(&mut bytes); + let key = StaticSecret::from(bytes); let mut config = ArchiveWriterConfig::new(); config .set_layers(*layering) @@ -2080,7 +2086,9 @@ pub(crate) mod tests { const MAX_SIZE: u64 = 5 * 1024 * 1024 * 1024; // 5 GB const CHUNK_SIZE: usize = 10 * 1024 * 1024; // 10 MB - let key = StaticSecret::new(&mut rng); + let mut bytes = [0u8; 32]; + rng.fill_bytes(&mut bytes); + let key = StaticSecret::from(bytes); let mut config = ArchiveWriterConfig::default(); config.add_public_keys(std::slice::from_ref(&PublicKey::from(&key))); let file = Vec::new(); diff --git a/mlar/Cargo.toml b/mlar/Cargo.toml index 3a392bc..c2d6acc 100644 --- a/mlar/Cargo.toml +++ b/mlar/Cargo.toml @@ -17,13 +17,13 @@ clap = "3" glob = "0.3" mla = { path = "../mla", version = "1" } curve25519-parser = { path = "../curve25519-parser", version = "0.2" } -rand = "0.7" +rand = "0.8" x25519-dalek = "1" humansize = "1" hex = "0.4" # Could be made optional / feature to enable (for binary size) tar = "0.4" -rand_chacha = "0.2" +rand_chacha = "0.3" [dev-dependencies] assert_cmd = "2.0"