diff --git a/.taplo.toml b/.taplo.toml index ef61e594..a32034cd 100644 --- a/.taplo.toml +++ b/.taplo.toml @@ -6,7 +6,7 @@ indent_string = ' ' [[rule]] include = ["**/Cargo.toml"] -keys = ["dependencies"] +keys = ["dependencies", "workspace.dependencies"] [rule.formatting] reorder_keys = true diff --git a/Cargo.lock b/Cargo.lock index 451964e8..d2d60c13 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2125,10 +2125,8 @@ dependencies = [ name = "libsignal-jni-testing" version = "0.56.0" dependencies = [ - "jni 0.21.1", "libsignal-bridge-testing", "log", - "log-panics", ] [[package]] @@ -2357,7 +2355,7 @@ dependencies = [ "prost-build", "rand_core", "sha2", - "strum_macros", + "strum", "subtle", "test-case", "zerocopy", @@ -3897,6 +3895,7 @@ dependencies = [ "hex-literal", "hkdf", "hmac", + "rand_core", "sha2", "static_assertions", "thiserror", diff --git a/Cargo.toml b/Cargo.toml index db069054..0ae8b4e8 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -34,10 +34,95 @@ default-members = [ ] resolver = "2" # so that our dev-dependency features don't leak into products +[workspace.dependencies] +# Our forks of some dependencies, accessible as xxx_signal so that usages of them are obvious in source code. Crates +# that want to use the real things can depend on those directly. + +boring-signal = { git = "https://github.com/signalapp/boring", tag = "signal-v4.9.0", package = "boring", default-features = false } +curve25519-dalek-signal = { git = 'https://github.com/signalapp/curve25519-dalek', package = "curve25519-dalek", tag = 'signal-curve25519-4.1.3' } +tokio-boring-signal = { git = "https://github.com/signalapp/boring", package = "tokio-boring", tag = "signal-v4.9.0" } + +aes = "0.8.3" +aes-gcm-siv = "0.11.1" +array-concat = "0.5.2" +arrayvec = "0.7.4" +asn1 = "0.16.1" +assert_matches = "1.5" +async-trait = "0.1.41" +atomic-take = "1.1.0" +base64 = "0.21" +bincode = "1.0" +bitflags = "2.3.3" +boring = { version = "4.6.0", default-features = false } +cbc = "0.1.2" +cfg-if = "1.0.0" +chacha20poly1305 = "0.10.1" +chrono = "0.4" +ciborium = "0.2" +clap = "4.4.11" +criterion = "0.5" +ctr = "0.9.2" +curve25519-dalek = "4.1.3" +derive-where = "1.2.5" +displaydoc = "0.2" +ed25519-dalek = "2.1.0" +env_logger = "0.11.4" +futures = "0.3" +futures-util = "0.3" +heck = "0.5" +hex = "0.4" +hex-literal = "0.4.1" +hkdf = "0.12" +hmac = "0.12.0" +http = "1.0.0" +indexmap = "2.1.0" +itertools = "0.13.0" +jni = "0.21" +lazy_static = "1.4.0" +libc = "0.2" +linkme = "0.3.9" +log = "0.4" +log-panics = "2.1.0" +mediasan-common = "0.5.0" +neon = { version = "1.0.0", default-features = false } +nonzero_ext = "0.3.0" +num_enum = "0.7.2" +once_cell = "1.19.0" +partial-default = "0.1.0" +paste = "1.0" +proc-macro2 = "1.0" +proptest = "1.0" +prost = "0.13.1" +prost-build = "0.13.1" +quote = "1.0" +rand = "0.8" +rand_core = "0.6" +rayon = "1.8.0" +rustls-platform-verifier = "0.3.1" +scopeguard = "1.0" +serde = "1.0" +serde_json = "1.0" +sha1 = "0.10" +sha2 = "0.10" +snow = { version = "0.9.6", default-features = false } +static_assertions = "1.1" +strum = "0.26" +subtle = "2.5" +syn = "2.0" +syn-mid = "0.6" +test-case = "3.3" +testing_logger = "0.1.1" +thiserror = "1.0.57" +tokio = "1" +uuid = "1.1.2" +x25519-dalek = "2.0.0" +zerocopy = "0.7.34" + [patch.crates-io] -# Use our fork of curve25519-dalek for zkgroup support. -curve25519-dalek = { git = 'https://github.com/signalapp/curve25519-dalek', tag = 'signal-curve25519-4.1.3' } +# When building libsignal, just use our forks so we don't end up with two different versions of the libraries. + boring = { git = 'https://github.com/signalapp/boring', tag = 'signal-v4.9.0' } +curve25519-dalek = { git = 'https://github.com/signalapp/curve25519-dalek', tag = 'signal-curve25519-4.1.3' } [profile.dev.package.argon2] opt-level = 2 # signal-signal-pin unit tests are too slow with an unoptimized argon2 diff --git a/rust/attest/Cargo.toml b/rust/attest/Cargo.toml index e5fc205d..c2fc86aa 100644 --- a/rust/attest/Cargo.toml +++ b/rust/attest/Cargo.toml @@ -11,42 +11,41 @@ edition = "2021" license = "AGPL-3.0-only" [dependencies] -boring = { git = "https://github.com/signalapp/boring", tag = "signal-v4.9.0", default-features = false } - -asn1 = "0.16.1" -base64 = "0.21" -bitflags = "2.3.3" +asn1 = { workspace = true } +base64 = { workspace = true } +bitflags = { workspace = true } blake2 = "0.10" -chacha20poly1305 = "0.10.1" -chrono = { version = "0.4", features = ["serde"] } -ciborium = "0.2" -displaydoc = "0.2" -hex = { version = "0.4", features = ["serde"] } -hex-literal = "0.4.1" -lazy_static = "1.4.0" -libc = "0.2" -log = "0.4" -prost = "0.13.1" -rand_core = { version = "0.6", features = ["getrandom"] } -serde = { version = "1.0", features = ["derive"] } -serde_json = { version = "1.0", features = ["raw_value"] } -sha2 = "0.10" -snow = { version = "0.9.5", default-features = false } -static_assertions = "1.1" -strum = { version = "0.26", features = ["derive"] } -subtle = "2.5" -thiserror = "1.0.57" -uuid = "1.1.2" -x25519-dalek = "2.0.0" -zerocopy = { version = "0.7.34", features = ["derive"] } +boring-signal = { workspace = true } +chacha20poly1305 = { workspace = true } +chrono = { workspace = true, features = ["serde"] } +ciborium = { workspace = true } +displaydoc = { workspace = true } +hex = { workspace = true, features = ["serde"] } +hex-literal = { workspace = true } +lazy_static = { workspace = true } +libc = { workspace = true } +log = { workspace = true } +prost = { workspace = true } +rand_core = { workspace = true } +serde = { workspace = true } +serde_json = { workspace = true, features = ["raw_value"] } +sha2 = { workspace = true } +snow = { workspace = true } +static_assertions = { workspace = true } +strum = { workspace = true, features = ["derive"] } +subtle = { workspace = true } +thiserror = { workspace = true } +uuid = { workspace = true } +x25519-dalek = { workspace = true } +zerocopy = { workspace = true, features = ["derive"] } [dev-dependencies] -assert_matches = "1.5" -snow = { version = "0.9.5", features = ["default-resolver"] } -test-case = "3.3" +assert_matches = { workspace = true } +snow = { workspace = true, features = ["default-resolver"] } +test-case = { workspace = true } [build-dependencies] -prost-build = "0.13.1" +prost-build = { workspace = true } [lints.rust] unexpected_cfgs = { level = "warn", check-cfg = ['cfg(fuzzing)'] } diff --git a/rust/attest/src/cert_chain.rs b/rust/attest/src/cert_chain.rs index e6df38c0..01a9b565 100644 --- a/rust/attest/src/cert_chain.rs +++ b/rust/attest/src/cert_chain.rs @@ -3,12 +3,12 @@ // SPDX-License-Identifier: AGPL-3.0-only // -use boring::ec::EcKey; -use boring::pkey::Public; -use boring::stack::{Stack, Stackable}; -use boring::x509::crl::X509CRLRef; -use boring::x509::store::X509StoreRef; -use boring::x509::{X509StoreContext, X509}; +use boring_signal::ec::EcKey; +use boring_signal::pkey::Public; +use boring_signal::stack::{Stack, Stackable}; +use boring_signal::x509::crl::X509CRLRef; +use boring_signal::x509::store::X509StoreRef; +use boring_signal::x509::{X509StoreContext, X509}; use std::time::SystemTime; @@ -93,7 +93,7 @@ impl CertChain { } /// Converts the iterator into a stack, preserving the iterator's original order - fn stack(ts: I) -> std::result::Result, boring::error::ErrorStack> + fn stack(ts: I) -> std::result::Result, boring_signal::error::ErrorStack> where T: Stackable, I: IntoIterator, @@ -164,15 +164,15 @@ impl Expireable for CertChain { pub mod testutil { use super::CertChain; - use boring::asn1::{Asn1Integer, Asn1IntegerRef, Asn1Time}; - use boring::bn::{BigNum, MsbOption}; - use boring::ec::{EcGroup, EcKey}; - use boring::hash::MessageDigest; - use boring::nid::Nid; - use boring::pkey::{PKey, Private}; - use boring::x509::crl::{X509CRLBuilder, X509Revoked, X509CRL}; - use boring::x509::extension::BasicConstraints; - use boring::x509::{X509Name, X509}; + use boring_signal::asn1::{Asn1Integer, Asn1IntegerRef, Asn1Time}; + use boring_signal::bn::{BigNum, MsbOption}; + use boring_signal::ec::{EcGroup, EcKey}; + use boring_signal::hash::MessageDigest; + use boring_signal::nid::Nid; + use boring_signal::pkey::{PKey, Private}; + use boring_signal::x509::crl::{X509CRLBuilder, X509Revoked, X509CRL}; + use boring_signal::x509::extension::BasicConstraints; + use boring_signal::x509::{X509Name, X509}; use std::borrow::Borrow; /// generate EC private key @@ -313,10 +313,10 @@ mod test { use super::*; use assert_matches::assert_matches; - use boring::nid::Nid; - use boring::x509::store::{X509Store, X509StoreBuilder}; - use boring::x509::verify::X509VerifyFlags; - use boring::x509::X509Ref; + use boring_signal::nid::Nid; + use boring_signal::x509::store::{X509Store, X509StoreBuilder}; + use boring_signal::x509::verify::X509VerifyFlags; + use boring_signal::x509::X509Ref; fn names(certs: &[X509]) -> Vec { certs diff --git a/rust/attest/src/dcap.rs b/rust/attest/src/dcap.rs index 4415fbd7..dbb7f9d6 100644 --- a/rust/attest/src/dcap.rs +++ b/rust/attest/src/dcap.rs @@ -25,16 +25,16 @@ use std::collections::HashMap; use std::time::SystemTime; -use boring::asn1::{Asn1Time, Asn1TimeRef}; -use boring::bn::BigNumContext; -use boring::ec::*; -use boring::error::ErrorStack; -use boring::nid::Nid; -use boring::pkey::{PKey, PKeyRef, Public}; -use boring::x509::crl::X509CRLRef; -use boring::x509::store::{X509Store, X509StoreBuilder}; -use boring::x509::verify::X509VerifyFlags; -use boring::x509::{X509Ref, X509}; +use boring_signal::asn1::{Asn1Time, Asn1TimeRef}; +use boring_signal::bn::BigNumContext; +use boring_signal::ec::*; +use boring_signal::error::ErrorStack; +use boring_signal::nid::Nid; +use boring_signal::pkey::{PKey, PKeyRef, Public}; +use boring_signal::x509::crl::X509CRLRef; +use boring_signal::x509::store::{X509Store, X509StoreBuilder}; +use boring_signal::x509::verify::X509VerifyFlags; +use boring_signal::x509::{X509Ref, X509}; use hex::ToHex; use lazy_static::lazy_static; use uuid::Uuid; @@ -653,7 +653,7 @@ mod test { use crate::dcap::endorsements::{QeTcbLevel, TcbInfoVersion}; use crate::dcap::fakes::FakeAttestation; - use boring::bn::BigNum; + use boring_signal::bn::BigNum; use hex_literal::hex; use super::*; diff --git a/rust/attest/src/dcap/ecdsa.rs b/rust/attest/src/dcap/ecdsa.rs index 57357d30..e2273b7d 100644 --- a/rust/attest/src/dcap/ecdsa.rs +++ b/rust/attest/src/dcap/ecdsa.rs @@ -3,10 +3,10 @@ // SPDX-License-Identifier: AGPL-3.0-only // -use boring::bn::BigNum; -use boring::ec::EcKeyRef; -use boring::ecdsa::{EcdsaSig, EcdsaSigRef}; -use boring::pkey::Public; +use boring_signal::bn::BigNum; +use boring_signal::ec::EcKeyRef; +use boring_signal::ecdsa::{EcdsaSig, EcdsaSigRef}; +use boring_signal::pkey::Public; use sha2::Digest; /// Deserialize a 64 byte ECDSA Signature diff --git a/rust/attest/src/dcap/endorsements.rs b/rust/attest/src/dcap/endorsements.rs index eb4418ee..c157cd66 100644 --- a/rust/attest/src/dcap/endorsements.rs +++ b/rust/attest/src/dcap/endorsements.rs @@ -8,9 +8,9 @@ //! through the Intel Provisioning Certification Service (PCS), or a cache (PCCS). //! For specification of the json data structures within the OE structures, //! see -use boring::ec::EcKeyRef; -use boring::ecdsa::{EcdsaSig, EcdsaSigRef}; -use boring::pkey::Public; +use boring_signal::ec::EcKeyRef; +use boring_signal::ecdsa::{EcdsaSig, EcdsaSigRef}; +use boring_signal::pkey::Public; use chrono::Utc; use serde::Deserialize; use serde_json::value::RawValue; diff --git a/rust/attest/src/dcap/fakes.rs b/rust/attest/src/dcap/fakes.rs index d5e23246..684ad0c6 100644 --- a/rust/attest/src/dcap/fakes.rs +++ b/rust/attest/src/dcap/fakes.rs @@ -19,13 +19,13 @@ use crate::dcap::endorsements::SgxEndorsements; use crate::dcap::evidence::Evidence; use crate::dcap::revocation_list::RevocationList; use crate::dcap::{attest_impl, Attestation}; -use boring::asn1::{Asn1Integer, Asn1IntegerRef}; -use boring::bn::{BigNum, BigNumContext}; -use boring::ec::{EcGroup, EcKey, EcKeyRef}; -use boring::ecdsa::EcdsaSig; -use boring::hash::{Hasher, MessageDigest}; -use boring::nid::Nid; -use boring::pkey::{PKey, Private, Public}; +use boring_signal::asn1::{Asn1Integer, Asn1IntegerRef}; +use boring_signal::bn::{BigNum, BigNumContext}; +use boring_signal::ec::{EcGroup, EcKey, EcKeyRef}; +use boring_signal::ecdsa::EcdsaSig; +use boring_signal::hash::{Hasher, MessageDigest}; +use boring_signal::nid::Nid; +use boring_signal::pkey::{PKey, Private, Public}; use chrono::Utc; use std::time::SystemTime; @@ -162,7 +162,7 @@ pub(crate) struct FakeAttestationBuilder { impl FakeAttestationBuilder { fn sign_data(data: &[u8], key: &EcKeyRef) -> EcdsaSig { - let hash = boring::hash::hash(MessageDigest::sha256(), data).unwrap(); + let hash = boring_signal::hash::hash(MessageDigest::sha256(), data).unwrap(); EcdsaSig::sign(&hash, key).unwrap() } diff --git a/rust/attest/src/dcap/revocation_list.rs b/rust/attest/src/dcap/revocation_list.rs index 2e5d5aa6..053b9fd7 100644 --- a/rust/attest/src/dcap/revocation_list.rs +++ b/rust/attest/src/dcap/revocation_list.rs @@ -4,8 +4,8 @@ // use crate::dcap::{Error, Expireable, Result}; -use boring::nid::Nid; -use boring::x509::crl::{X509CRLRef, X509CRL}; +use boring_signal::nid::Nid; +use boring_signal::x509::crl::{X509CRLRef, X509CRL}; use std::collections::HashSet; use std::time::SystemTime; diff --git a/rust/attest/src/dcap/sgx_quote.rs b/rust/attest/src/dcap/sgx_quote.rs index 6ee5caf1..0bb32918 100644 --- a/rust/attest/src/dcap/sgx_quote.rs +++ b/rust/attest/src/dcap/sgx_quote.rs @@ -7,12 +7,12 @@ //! //! See section A.4 -use boring::bn::BigNum; -use boring::ec::{EcGroup, EcKey}; -use boring::ecdsa::{EcdsaSig, EcdsaSigRef}; -use boring::error::ErrorStack; -use boring::nid::Nid; -use boring::pkey::Public; +use boring_signal::bn::BigNum; +use boring_signal::ec::{EcGroup, EcKey}; +use boring_signal::ecdsa::{EcdsaSig, EcdsaSigRef}; +use boring_signal::error::ErrorStack; +use boring_signal::nid::Nid; +use boring_signal::pkey::Public; use sha2::Digest; use zerocopy::{AsBytes, FromBytes, FromZeroes}; @@ -327,7 +327,7 @@ static_assertions::const_assert_eq!(578, std::mem::size_of::> for NitroError { } } -impl From for NitroError { - fn from(err: boring::error::ErrorStack) -> NitroError { +impl From for NitroError { + fn from(err: boring_signal::error::ErrorStack) -> NitroError { NitroError::InvalidCertificate(err.to_string()) } } diff --git a/rust/attest/src/tpm2snp.rs b/rust/attest/src/tpm2snp.rs index d9c45608..77f127f9 100644 --- a/rust/attest/src/tpm2snp.rs +++ b/rust/attest/src/tpm2snp.rs @@ -4,10 +4,10 @@ // use std::time::SystemTime; -use boring::pkey::{PKey, Public}; -use boring::rsa::Rsa; -use boring::x509::store::X509StoreBuilder; -use boring::x509::X509; +use boring_signal::pkey::{PKey, Public}; +use boring_signal::rsa::Rsa; +use boring_signal::x509::store::X509StoreBuilder; +use boring_signal::x509::X509; use prost::Message; use crate::cert_chain::{self, CertChain}; @@ -178,8 +178,8 @@ fn verify_vcek_cert( } } -impl From for Error { - fn from(_err: boring::error::ErrorStack) -> Error { +impl From for Error { + fn from(_err: boring_signal::error::ErrorStack) -> Error { Error::AttestationDataError { reason: "Invalid certificate".to_string(), } diff --git a/rust/attest/src/tpm2snp/snp.rs b/rust/attest/src/tpm2snp/snp.rs index a707f22d..c6f09d61 100644 --- a/rust/attest/src/tpm2snp/snp.rs +++ b/rust/attest/src/tpm2snp/snp.rs @@ -4,10 +4,10 @@ // use base64::prelude::{Engine as _, BASE64_URL_SAFE_NO_PAD}; -use boring::bn::BigNum; -use boring::ecdsa::EcdsaSig; -use boring::pkey::{PKey, Public}; -use boring::rsa::Rsa; +use boring_signal::bn::BigNum; +use boring_signal::ecdsa::EcdsaSig; +use boring_signal::pkey::{PKey, Public}; +use boring_signal::rsa::Rsa; use sha2::{Digest as _, Sha256, Sha384}; use subtle::ConstantTimeEq as _; diff --git a/rust/attest/src/tpm2snp/tpm2.rs b/rust/attest/src/tpm2snp/tpm2.rs index bb763b1f..cab73795 100644 --- a/rust/attest/src/tpm2snp/tpm2.rs +++ b/rust/attest/src/tpm2snp/tpm2.rs @@ -3,9 +3,9 @@ // SPDX-License-Identifier: AGPL-3.0-only // -use boring::hash::MessageDigest; -use boring::sign::Verifier; -use boring::x509::X509; +use boring_signal::hash::MessageDigest; +use boring_signal::sign::Verifier; +use boring_signal::x509::X509; use sha2::{Digest, Sha256}; use subtle::ConstantTimeEq; diff --git a/rust/attest/src/util.rs b/rust/attest/src/util.rs index 93b673f1..8f83b633 100644 --- a/rust/attest/src/util.rs +++ b/rust/attest/src/util.rs @@ -5,7 +5,7 @@ use std::time::SystemTime; -use boring::asn1::Asn1Time; +use boring_signal::asn1::Asn1Time; use libc::time_t; /// A replacement for [`std::collections::HashMap`] that performs linear lookups. diff --git a/rust/bridge/ffi/Cargo.toml b/rust/bridge/ffi/Cargo.toml index a85f6090..e38d0205 100644 --- a/rust/bridge/ffi/Cargo.toml +++ b/rust/bridge/ffi/Cargo.toml @@ -27,9 +27,9 @@ libsignal-net = { path = "../../net" } libsignal-protocol = { path = "../../protocol" } signal-media = { path = "../../media" } -futures-util = "0.3" -log = "0.4" -log-panics = { version = "2.1.0", features = ["with-backtrace"] } +futures-util = { workspace = true } +log = { workspace = true } +log-panics = { workspace = true, features = ["with-backtrace"] } [target.aarch64-apple-ios.dependencies] cpufeatures = "0.2.1" # Make sure iOS gets optimized crypto. diff --git a/rust/bridge/jni/Cargo.toml b/rust/bridge/jni/Cargo.toml index 91ec025c..17dd6dff 100644 --- a/rust/bridge/jni/Cargo.toml +++ b/rust/bridge/jni/Cargo.toml @@ -19,10 +19,10 @@ libsignal-bridge = { path = "../shared", features = ["jni", "signal-media"] } libsignal-protocol = { path = "../../protocol" } signal-crypto = { path = "../../crypto" } -cfg-if = "1.0.0" -jni = "0.21.0" -log = "0.4" -log-panics = { version = "2.1.0", features = ["with-backtrace"] } +cfg-if = { workspace = true } +jni = { workspace = true } +log = { workspace = true } +log-panics = { workspace = true, features = ["with-backtrace"] } [features] testing-fns = ["libsignal-bridge/testing-fns"] diff --git a/rust/bridge/jni/testing/Cargo.toml b/rust/bridge/jni/testing/Cargo.toml index f624d78b..a33a8619 100644 --- a/rust/bridge/jni/testing/Cargo.toml +++ b/rust/bridge/jni/testing/Cargo.toml @@ -17,6 +17,4 @@ crate-type = ["cdylib"] [dependencies] libsignal-bridge-testing = { path = "../../shared/testing", features = ["jni"] } -jni = "0.21.0" -log = { version = "0.4", features = ["release_max_level_info"] } -log-panics = { version = "2.1.0", features = ["with-backtrace"] } +log = { workspace = true } diff --git a/rust/bridge/node/Cargo.toml b/rust/bridge/node/Cargo.toml index 95e9b9b4..301ee712 100644 --- a/rust/bridge/node/Cargo.toml +++ b/rust/bridge/node/Cargo.toml @@ -19,9 +19,9 @@ libsignal-bridge = { path = "../shared", features = ["node", "signal-media"] } libsignal-bridge-testing = { path = "../shared/testing", features = ["node", "signal-media"] } libsignal-protocol = { path = "../../protocol" } -futures = { version = "0.3", default-features = false, features = ["executor"] } -log = "0.4" -log-panics = { version = "2.0.0", features = ["with-backtrace"] } +futures = { workspace = true } +log = { workspace = true } +log-panics = { workspace = true, features = ["with-backtrace"] } minidump = { version = "0.20.0", default-features = false } minidump-processor = { version = "0.20.0", default-features = false } minidump-unwind = { version = "0.20.0", default-features = false } diff --git a/rust/bridge/node/futures/Cargo.toml b/rust/bridge/node/futures/Cargo.toml index ab7c3f9a..550ce77b 100644 --- a/rust/bridge/node/futures/Cargo.toml +++ b/rust/bridge/node/futures/Cargo.toml @@ -21,8 +21,8 @@ path = "benches/node.rs" harness = false [dependencies] -futures-util = "0.3.7" -neon = { version = "1.0.0", default-features = false, features = ["napi-4"] } +futures-util = { workspace = true } +neon = { workspace = true, features = ["napi-4"] } [dev-dependencies] signal-neon-futures-tests = { path = "tests-node-module" } diff --git a/rust/bridge/node/futures/tests-node-module/Cargo.toml b/rust/bridge/node/futures/tests-node-module/Cargo.toml index ebe58e73..fbce2d8f 100644 --- a/rust/bridge/node/futures/tests-node-module/Cargo.toml +++ b/rust/bridge/node/futures/tests-node-module/Cargo.toml @@ -18,8 +18,8 @@ crate-type = ["cdylib"] [dependencies] signal-neon-futures = { path = ".." } -futures-util = "0.3.7" -neon = { version = "1.0.0", default-features = false, features = ["napi-1"] } +futures-util = { workspace = true } +neon = { workspace = true, default-features = false, features = ["napi-1"] } [features] # Enable default-panic-hook to get backtraces of panics. diff --git a/rust/bridge/shared/Cargo.toml b/rust/bridge/shared/Cargo.toml index 3aa24a77..2b7aa748 100644 --- a/rust/bridge/shared/Cargo.toml +++ b/rust/bridge/shared/Cargo.toml @@ -26,36 +26,36 @@ usernames = { path = "../../usernames" } zkgroup = { path = "../../zkgroup" } aes-gcm-siv = "0.11.1" -base64 = "0.21" -bincode = "1.0" -futures-util = "0.3.7" -hkdf = "0.12" -hmac = "0.12.0" -http = "1.0.0" -log = "0.4" -nonzero_ext = "0.3.0" -paste = "1.0" -prost = "0.13.1" -rand = "0.8" -scopeguard = "1.0" -sha2 = "0.10" -static_assertions = "1.1" -tokio = { version = "1", features = ["rt-multi-thread"] } -uuid = "1.1.2" +base64 = { workspace = true } +bincode = { workspace = true } +futures-util = { workspace = true } +hkdf = { workspace = true } +hmac = { workspace = true } +http = { workspace = true } +log = { workspace = true } +nonzero_ext = { workspace = true } +paste = { workspace = true } +prost = { workspace = true } +rand = { workspace = true } +scopeguard = { workspace = true } +sha2 = { workspace = true } +static_assertions = { workspace = true } +tokio = { workspace = true, features = ["rt-multi-thread"] } +uuid = { workspace = true } # Enable this for all libsignal app language libraries -subtle = { version = "2.5", features = ["core_hint_black_box"] } +subtle = { workspace = true, features = ["core_hint_black_box"] } -jni = { version = "0.21", package = "jni", optional = true } -linkme = { version = "0.3.9", optional = true } -neon = { version = "1.0.0", optional = true, default-features = false, features = ["napi-6"] } -strum = { version = "0.26", features = ["derive"] } +jni = { workspace = true, optional = true } +linkme = { workspace = true, optional = true } +neon = { workspace = true, optional = true, default-features = false, features = ["napi-6"] } +strum = { workspace = true, features = ["derive"] } [dev-dependencies] -assert_matches = "1.5" -test-case = "3.3.1" -testing_logger = "0.1.1" -tokio = { version = "1", features = ["test-util", "time", "macros"] } +assert_matches = { workspace = true } +test-case = { workspace = true } +testing_logger = { workspace = true } +tokio = { workspace = true, features = ["test-util", "time", "macros"] } [features] ffi = ["libsignal-bridge-types/ffi"] diff --git a/rust/bridge/shared/macros/Cargo.toml b/rust/bridge/shared/macros/Cargo.toml index 47e2af23..2842b1dc 100644 --- a/rust/bridge/shared/macros/Cargo.toml +++ b/rust/bridge/shared/macros/Cargo.toml @@ -14,11 +14,11 @@ license = "AGPL-3.0-only" proc-macro = true [dependencies] -heck = "0.5" -proc-macro2 = "1.0" -quote = "1.0" -syn = "2.0" -syn-mid = "0.6" +heck = { workspace = true } +proc-macro2 = { workspace = true } +quote = { workspace = true } +syn = { workspace = true } +syn-mid = { workspace = true } [dev-dependencies] -syn = { version = "2.0", features = ["extra-traits"] } +syn = { workspace = true, features = ["extra-traits"] } diff --git a/rust/bridge/shared/testing/Cargo.toml b/rust/bridge/shared/testing/Cargo.toml index 125488b6..b12773ae 100644 --- a/rust/bridge/shared/testing/Cargo.toml +++ b/rust/bridge/shared/testing/Cargo.toml @@ -15,14 +15,14 @@ libsignal-bridge-macros = { path = "../macros" } libsignal-bridge-types = { path = "../types" } libsignal-message-backup = { path = "../../../message-backup", features = ["json"] } -futures-util = "0.3.7" -paste = "1.0" -scopeguard = "1.0" -tokio = "1" +futures-util = { workspace = true } +paste = { workspace = true } +scopeguard = { workspace = true } +tokio = { workspace = true } -jni = { version = "0.21", package = "jni", optional = true } -linkme = { version = "0.3.9", optional = true } -neon = { version = "1.0.0", optional = true, default-features = false, features = ["napi-6"] } +jni = { workspace = true, optional = true } +linkme = { workspace = true, optional = true } +neon = { workspace = true, optional = true, default-features = false, features = ["napi-6"] } [features] ffi = ["libsignal-bridge-types/ffi"] diff --git a/rust/bridge/shared/types/Cargo.toml b/rust/bridge/shared/types/Cargo.toml index f43a716b..0111f0b3 100644 --- a/rust/bridge/shared/types/Cargo.toml +++ b/rust/bridge/shared/types/Cargo.toml @@ -24,42 +24,42 @@ signal-pin = { path = "../../../pin" } usernames = { path = "../../../usernames" } zkgroup = { path = "../../../zkgroup" } -aes-gcm-siv = "0.11.1" -async-trait = "0.1.41" -atomic-take = "1.1.0" -derive-where = "1.2.5" -displaydoc = "0.2" -futures-util = "0.3.30" -hmac = "0.12.0" -http = "1.0.0" -log = "0.4" -mediasan-common = "0.5.0" -num_enum = "0.7.2" -once_cell = "1.19.0" -partial-default = "0.1.0" -paste = "1.0" -rayon = "1.8.0" -serde = "1.0" -sha2 = "0.10" -static_assertions = "1.1" -thiserror = "1.0.50" -tokio = { version = "1", features = ["rt-multi-thread"] } -uuid = "1.1.2" +aes-gcm-siv = { workspace = true } +async-trait = { workspace = true } +atomic-take = { workspace = true } +derive-where = { workspace = true } +displaydoc = { workspace = true } +futures-util = { workspace = true } +hmac = { workspace = true } +http = { workspace = true } +log = { workspace = true } +mediasan-common = { workspace = true } +num_enum = { workspace = true } +once_cell = { workspace = true } +partial-default = { workspace = true } +paste = { workspace = true } +rayon = { workspace = true } +serde = { workspace = true } +sha2 = { workspace = true } +static_assertions = { workspace = true } +thiserror = { workspace = true } +tokio = { workspace = true, features = ["rt-multi-thread"] } +uuid = { workspace = true } # Enable this for all libsignal app language libraries -subtle = { version = "2.5", features = ["core_hint_black_box"] } +subtle = { workspace = true, features = ["core_hint_black_box"] } -jni = { version = "0.21", package = "jni", optional = true } -linkme = { version = "0.3.9", optional = true } -neon = { version = "1.0.0", optional = true, default-features = false, features = ["napi-6"] } +jni = { workspace = true, optional = true } +linkme = { workspace = true, optional = true } +neon = { workspace = true, optional = true, default-features = false, features = ["napi-6"] } signal-neon-futures = { path = "../../node/futures", optional = true } -strum = { version = "0.26", features = ["derive"] } -zerocopy = { version = "0.7.34", optional = true } +strum = { workspace = true } +zerocopy = { workspace = true, optional = true } [dev-dependencies] -assert_matches = "1.5" -test-case = "3.3.1" -tokio = { version = "1", features = ["test-util", "time", "macros"] } +assert_matches = { workspace = true } +test-case = { workspace = true } +tokio = { workspace = true, features = ["test-util", "time", "macros"] } [features] ffi = [] diff --git a/rust/core/Cargo.toml b/rust/core/Cargo.toml index ac2fb53f..fd781696 100644 --- a/rust/core/Cargo.toml +++ b/rust/core/Cargo.toml @@ -11,10 +11,10 @@ edition = "2021" license = "AGPL-3.0-only" [dependencies] -num_enum = "0.7.2" -uuid = "1.1.2" +num_enum = { workspace = true } +uuid = { workspace = true } [dev-dependencies] -hex-literal = "0.4.1" -proptest = "1.0" -rand = "0.8" +hex-literal = { workspace = true } +proptest = { workspace = true } +rand = { workspace = true } diff --git a/rust/crypto/Cargo.toml b/rust/crypto/Cargo.toml index a50cb117..f3b6622e 100644 --- a/rust/crypto/Cargo.toml +++ b/rust/crypto/Cargo.toml @@ -11,23 +11,23 @@ edition = "2021" license = "AGPL-3.0-only" [dependencies] -aes = { version = "0.8.3", features = ["zeroize"] } -cbc = { version = "0.1.2", features = ["std", "zeroize"] } -ctr = { version = "0.9.2", features = ["zeroize"] } -displaydoc = "0.2" +aes = { workspace = true, features = ["zeroize"] } +cbc = { workspace = true, features = ["std", "zeroize"] } +ctr = { workspace = true, features = ["zeroize"] } +displaydoc = { workspace = true } ghash = { version = "0.5.0", features = ["zeroize"] } -hmac = { version = "0.12", features = ["reset"] } -sha1 = "0.10" -sha2 = "0.10" -subtle = "2.3" -thiserror = "1.0.38" +hmac = { workspace = true, features = ["reset"] } +sha1 = { workspace = true } +sha2 = { workspace = true } +subtle = { workspace = true } +thiserror = { workspace = true } [dev-dependencies] -criterion = "0.5" -hex = "0.4" -hex-literal = "0.4.1" -rand = "0.8" -serde = { version = "1.0", features = ["derive"] } +criterion = { workspace = true } +hex = { workspace = true } +hex-literal = { workspace = true } +rand = { workspace = true } +serde = { workspace = true } serde_json = "1.0" [[bench]] diff --git a/rust/device-transfer/Cargo.toml b/rust/device-transfer/Cargo.toml index c6d39c83..06ec19f6 100644 --- a/rust/device-transfer/Cargo.toml +++ b/rust/device-transfer/Cargo.toml @@ -6,8 +6,8 @@ edition = "2021" license = "AGPL-3.0-only" [dependencies] -boring = { version = "4.6.0", default-features = false } -libc = "0.2" +boring = { workspace = true } +libc = { workspace = true } [dev-dependencies] -hex = "0.4" +hex = { workspace = true } diff --git a/rust/keytrans/Cargo.toml b/rust/keytrans/Cargo.toml index 22b262ed..335b90d6 100644 --- a/rust/keytrans/Cargo.toml +++ b/rust/keytrans/Cargo.toml @@ -11,18 +11,18 @@ edition = "2021" license = "AGPL-3.0-only" [dependencies] -curve25519-dalek = { version = "4.1.3" } -displaydoc = "0.2" -ed25519-dalek = "2.1.0" -hmac = "0.12.1" -prost = "0.13" -sha2 = "0.10" +curve25519-dalek = { workspace = true } +displaydoc = { workspace = true } +ed25519-dalek = { workspace = true } +hmac = { workspace = true } +prost = { workspace = true } +sha2 = { workspace = true } [build-dependencies] -prost-build = "0.13" +prost-build = { workspace = true } [dev-dependencies] -assert_matches = "1.5.0" -hex-literal = "0.4.1" -proptest = "1.5.0" -test-case = "3.3.1" +assert_matches = { workspace = true } +hex-literal = { workspace = true } +proptest = { workspace = true } +test-case = { workspace = true } diff --git a/rust/media/Cargo.toml b/rust/media/Cargo.toml index 5b9b7773..cbe4f8ef 100644 --- a/rust/media/Cargo.toml +++ b/rust/media/Cargo.toml @@ -6,10 +6,10 @@ edition = "2021" license = "AGPL-3.0-only" [dependencies] -futures-util = "0.3.7" -mediasan-common = "0.5.0" +futures-util = { workspace = true } +mediasan-common = { workspace = true } mp4san = { version = "0.5.0", optional = true } -thiserror = "1.0.38" +thiserror = { workspace = true } webpsan = { version = "0.5.0", optional = true, default-features = false } [features] diff --git a/rust/message-backup/Cargo.toml b/rust/message-backup/Cargo.toml index bc5f2b97..4d52574d 100644 --- a/rust/message-backup/Cargo.toml +++ b/rust/message-backup/Cargo.toml @@ -29,55 +29,55 @@ usernames = { path = "../usernames" } zkcredential = { path = "../zkcredential", features = ["rayon"] } zkgroup = { path = "../zkgroup" } -aes = "0.8.3" -arrayvec = "0.7.4" +aes = { workspace = true } +arrayvec = { workspace = true } async-compression = { version = "0.4.5", features = ["futures-io", "gzip"] } -async-trait = "0.1.41" -cbc = "0.1.2" -clap = { version = "4.2.1", features = ["derive"] } +async-trait = { workspace = true } +cbc = { workspace = true } +clap = { workspace = true, features = ["derive"] } clap-stdin = "0.3.0" -derive-where = "1.2.5" -displaydoc = "0.2.5" -env_logger = "0.11.4" -futures = "0.3.29" -hex = { version = "0.4.3", features = ["serde"] } -hkdf = "0.12" -hmac = "0.12" -itertools = "0.13.0" -log = "0.4" +derive-where = { workspace = true } +displaydoc = { workspace = true } +env_logger = { workspace = true } +futures = { workspace = true } +hex = { workspace = true, features = ["serde"] } +hkdf = { workspace = true } +hmac = { workspace = true } +itertools = { workspace = true } +log = { workspace = true } macro_rules_attribute = "0.2.0" -mediasan-common = "0.5.0" -num_enum = "0.7.2" +mediasan-common = { workspace = true } +num_enum = { workspace = true } protobuf = "3.3.0" protobuf-json-mapping = { version = "3.3.0", optional = true } -serde = { version = "1.0", features = ["derive", "rc"] } -serde_json = { version = "1.0", optional = true, features = ["preserve_order"] } -sha2 = "0.10" -strum = { version = "0.26", features = ["derive"] } +serde = { workspace = true, features = ["derive", "rc"] } +serde_json = { workspace = true, optional = true, features = ["preserve_order"] } +sha2 = { workspace = true } +strum = { workspace = true, features = ["derive"] } # This isn't strictly necessary but we need at least this version to avoid # warnings from the latest nightly rustc. Remove this when the referenced strum # version has at least this version as a dependency. strum_macros = { version = "0.26.4" } -subtle = "2.5.0" -thiserror = "1.0.50" -uuid = { version = "1.1.2", features = ["serde"] } +subtle = { workspace = true } +thiserror = { workspace = true } +uuid = { workspace = true, features = ["serde"] } [dev-dependencies] libsignal-message-backup = { path = "./", features = ["json"] } signal-crypto = { path = "../crypto" } -array-concat = "0.5.2" +array-concat = { workspace = true } assert_cmd = "2.0.13" -assert_matches = "1.5.0" +assert_matches = { workspace = true } dir-test = "0.2.0" -futures = { version = "0.3.29", features = ["executor"] } -hex-literal = "0.4.1" +futures = { workspace = true, features = ["executor"] } +hex-literal = { workspace = true } json5 = "0.4.1" -nonzero_ext = "0.3.0" -once_cell = "1.19" -test-case = "3.3.1" +nonzero_ext = { workspace = true } +once_cell = { workspace = true } +test-case = { workspace = true } test-log = "0.2.14" -testing_logger = "0.1.1" +testing_logger = { workspace = true } pretty_assertions = "1.4.0" [build-dependencies] diff --git a/rust/message-backup/macros/Cargo.toml b/rust/message-backup/macros/Cargo.toml index 64877d0e..21ae096d 100644 --- a/rust/message-backup/macros/Cargo.toml +++ b/rust/message-backup/macros/Cargo.toml @@ -13,10 +13,10 @@ license = "AGPL-3.0-only" proc-macro = true [dependencies] -heck = "0.5" -proc-macro2 = "1.0.74" -quote = "1.0.35" -syn = { version = "2.0.46", features = ["full", "extra-traits"] } +heck = { workspace = true } +proc-macro2 = { workspace = true } +quote = { workspace = true } +syn = { workspace = true, features = ["full", "extra-traits"] } [dev-dependencies] -test-case = "3.3.1" +test-case = { workspace = true } diff --git a/rust/net/Cargo.toml b/rust/net/Cargo.toml index 8190f432..ab7079b7 100644 --- a/rust/net/Cargo.toml +++ b/rust/net/Cargo.toml @@ -14,69 +14,72 @@ libsignal-core = { path = "../core" } libsignal-protocol = { path = "../protocol" } libsignal-svr3 = { path = "../svr3" } -async-trait = "0.1.41" -base64 = "0.21" -bincode = "1.0" +async-trait = { workspace = true } +base64 = { workspace = true } +bincode = { workspace = true } bitstream-io = "1.10.0" -boring = { git = "https://github.com/signalapp/boring", tag = "signal-v4.9.0" } +boring-signal = { workspace = true } bytes = "1.4.0" const-str = { version = "0.5.6", features = ["std"] } -derive-where = "1.2.7" -displaydoc = "0.2" +derive-where = { workspace = true } +displaydoc = { workspace = true } either = "1.10.0" -futures-util = "0.3.7" -hex = "0.4" -hmac = "0.12" -http = "1.0.0" +futures-util = { workspace = true } +hex = { workspace = true } +hmac = { workspace = true } +http = { workspace = true } http-body-util = "0.1.1" hyper = { version = "1.3.1", features = ["http2", "client"] } hyper-util = { version = "0.1.3", features = ["tokio"] } -indexmap = "2.1.0" -itertools = "0.13.0" -log = "0.4.19" -nonzero_ext = "0.3.0" -num_enum = "0.7.2" -prost = "0.13.1" -rand = "0.8.0" -rand_core = "0.6" +indexmap = { workspace = true } +itertools = { workspace = true } +log = { workspace = true } +nonzero_ext = { workspace = true } +num_enum = { workspace = true } +prost = { workspace = true } +rand = { workspace = true } +rand_core = { workspace = true } rustls = { version = "0.23.4", default-features = false, features = ["ring", "std", "tls12"] } -rustls-platform-verifier = "0.3.1" -serde = { version = "1.0", features = ["derive"] } -serde_json = "1.0" -sha2 = "0.10.8" -snow = { version = "0.9.5", default-features = false } -static_assertions = "1.1" -strum = { version = "0.26", features = ["derive"] } -thiserror = "1.0.38" -tokio = { version = "1", features = ["rt", "time", "macros"] } -tokio-boring = { git = "https://github.com/signalapp/boring", tag = "signal-v4.9.0" } +rustls-platform-verifier = { workspace = true } +serde = { workspace = true, features = ["derive"] } +serde_json = { workspace = true } +sha2 = { workspace = true } +snow = { workspace = true } +static_assertions = { workspace = true } +strum = { workspace = true, features = ["derive"] } +thiserror = { workspace = true } +tokio = { workspace = true, features = ["rt", "time", "macros"] } +tokio-boring-signal = { workspace = true } tokio-stream = "0.1.14" tokio-tungstenite = "0.23.0" tokio-util = "0.7.9" tungstenite = { version = "0.23.0", features = ["url"] } url = "2.4.1" -uuid = "1.1.2" -zerocopy = { version = "0.7", features = ["derive"] } +uuid = { workspace = true } +zerocopy = { workspace = true } [build-dependencies] -prost-build = "0.13.1" +prost-build = { workspace = true } [dev-dependencies] -assert_matches = "1.5.0" -clap = { version = "4.4.11", features = ["derive"] } +assert_matches = { workspace = true } +clap = { workspace = true, features = ["derive"] } colored = "2.1" -env_logger = "0.11.4" -hex-literal = "0.4.1" +env_logger = { workspace = true } +hex-literal = { workspace = true } hickory-proto = "0.24.1" -lazy_static = "1.4.0" -proptest = "1.4.0" +lazy_static = { workspace = true } +proptest = { workspace = true } proptest-state-machine = "0.1.0" rcgen = "0.13.0" -snow = "0.9.5" -test-case = "3.3.1" +snow = { workspace = true } +test-case = { workspace = true } tls-parser = "0.11.0" -tokio = { version = "1", features = ["test-util", "io-std", "rt-multi-thread"] } -url = "2.4.1" +tokio = { workspace = true, features = [ + "test-util", + "io-std", + "rt-multi-thread", +] } warp = { version = "0.3.6", features = ["tls"] } [[example]] diff --git a/rust/net/src/cdsi.rs b/rust/net/src/cdsi.rs index 32b85297..3d275b69 100644 --- a/rust/net/src/cdsi.rs +++ b/rust/net/src/cdsi.rs @@ -13,7 +13,7 @@ use libsignal_core::{Aci, Pni}; use prost::Message as _; use thiserror::Error; use tokio::net::TcpStream; -use tokio_boring::SslStream; +use tokio_boring_signal::SslStream; use tungstenite::protocol::frame::coding::CloseCode; use tungstenite::protocol::CloseFrame; use uuid::Uuid; diff --git a/rust/net/src/enclave.rs b/rust/net/src/enclave.rs index 5e91d93d..7a4399d8 100644 --- a/rust/net/src/enclave.rs +++ b/rust/net/src/enclave.rs @@ -439,7 +439,7 @@ mod test { use async_trait::async_trait; use nonzero_ext::nonzero; use tokio::net::TcpStream; - use tokio_boring::SslStream; + use tokio_boring_signal::SslStream; use crate::auth::Auth; use crate::infra::connection_manager::ConnectionAttemptOutcome; diff --git a/rust/net/src/infra/certs.rs b/rust/net/src/infra/certs.rs index cc77a86c..3c408d49 100644 --- a/rust/net/src/infra/certs.rs +++ b/rust/net/src/infra/certs.rs @@ -5,10 +5,10 @@ use std::borrow::Cow; -use boring::error::ErrorStack; -use boring::ssl::{SslAlert, SslConnectorBuilder, SslVerifyError, SslVerifyMode}; -use boring::x509::store::X509StoreBuilder; -use boring::x509::X509; +use boring_signal::error::ErrorStack; +use boring_signal::ssl::{SslAlert, SslConnectorBuilder, SslVerifyError, SslVerifyMode}; +use boring_signal::x509::store::X509StoreBuilder; +use boring_signal::x509::X509; use rustls::client::danger::ServerCertVerifier; const SIGNAL_ROOT_CERT_DER: &[u8] = include_bytes!("../../res/signal.cer"); @@ -93,7 +93,7 @@ fn set_up_platform_verifier( // The rest of the chain should be valid intermediate certificates. let intermediates: Vec<_> = cert_chain - .collect::>() + .collect::>() .map_err(|_| SslVerifyError::Invalid(SslAlert::BAD_CERTIFICATE))?; // We don't do our own OCSP. Either the platform will do its own checks, or it won't. @@ -168,7 +168,7 @@ mod test { use std::sync::Arc; use assert_matches::assert_matches; - use boring::ssl::{ErrorCode, SslConnector, SslMethod}; + use boring_signal::ssl::{ErrorCode, SslConnector, SslMethod}; use rustls::RootCertStore; use tokio::net::TcpStream; @@ -201,7 +201,7 @@ mod test { .expect("valid"); let transport = TcpStream::connect(addr).await.expect("can connect"); - let connection = tokio_boring::connect( + let connection = tokio_boring_signal::connect( ssl.build().configure().expect("valid"), SERVER_HOSTNAME, transport, @@ -236,7 +236,7 @@ mod test { let transport = TcpStream::connect(addr).await.expect("can connect"); assert_matches!( - tokio_boring::connect( + tokio_boring_signal::connect( ssl.build().configure().expect("valid"), SERVER_HOSTNAME, transport, diff --git a/rust/net/src/infra/errors.rs b/rust/net/src/infra/errors.rs index 5dbd7bb5..b007b158 100644 --- a/rust/net/src/infra/errors.rs +++ b/rust/net/src/infra/errors.rs @@ -5,7 +5,7 @@ use std::fmt::Display; -use tokio_boring::HandshakeError; +use tokio_boring_signal::HandshakeError; use crate::infra::certs; @@ -29,7 +29,7 @@ pub enum TransportConnectError { } #[derive(Debug)] -pub struct SslErrorReasons(boring::error::ErrorStack); +pub struct SslErrorReasons(boring_signal::error::ErrorStack); impl Display for SslErrorReasons { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { @@ -38,7 +38,7 @@ impl Display for SslErrorReasons { self.0 .errors() .iter() - .flat_map::, _>(boring::error::Error::reason), + .flat_map::, _>(boring_signal::error::Error::reason), ) .finish() } @@ -47,7 +47,7 @@ impl Display for SslErrorReasons { #[derive(Debug)] pub struct FailedHandshakeReason { io: Option, - code: Option, + code: Option, } impl From> for FailedHandshakeReason { @@ -77,8 +77,8 @@ impl Display for FailedHandshakeReason { } } -impl From for TransportConnectError { - fn from(value: boring::error::ErrorStack) -> Self { +impl From for TransportConnectError { + fn from(value: boring_signal::error::ErrorStack) -> Self { Self::SslError(SslErrorReasons(value)) } } diff --git a/rust/net/src/infra/tcp_ssl.rs b/rust/net/src/infra/tcp_ssl.rs index b493bbb3..a3b19475 100644 --- a/rust/net/src/infra/tcp_ssl.rs +++ b/rust/net/src/infra/tcp_ssl.rs @@ -9,11 +9,11 @@ use std::sync::Arc; use crate::timeouts::TCP_CONNECTION_ATTEMPT_DELAY; use async_trait::async_trait; -use boring::ssl::{ConnectConfiguration, SslConnector, SslMethod}; +use boring_signal::ssl::{ConnectConfiguration, SslConnector, SslMethod}; use futures_util::TryFutureExt; use tokio::io::{AsyncRead, AsyncWrite}; use tokio::net::TcpStream; -use tokio_boring::SslStream; +use tokio_boring_signal::SslStream; use tokio_util::either::Either; use crate::infra::certs::RootCertificates; @@ -130,7 +130,9 @@ impl TransportConnector for ProxyConnector { self.proxy_port ); let ssl_config = ssl_config(&self.proxy_certs, &self.proxy_host, None)?; - Either::Left(tokio_boring::connect(ssl_config, &self.proxy_host, tcp_stream).await?) + Either::Left( + tokio_boring_signal::connect(ssl_config, &self.proxy_host, tcp_stream).await?, + ) } ShouldUseTls::No => { log::debug!( @@ -209,7 +211,7 @@ async fn connect_tls( ) -> Result, TransportConnectError> { let ssl_config = ssl_config(&connection_params.certs, &connection_params.sni, Some(alpn))?; - Ok(tokio_boring::connect(ssl_config, &connection_params.sni, transport).await?) + Ok(tokio_boring_signal::connect(ssl_config, &connection_params.sni, transport).await?) } async fn connect_tcp( @@ -349,9 +351,9 @@ pub(crate) mod testutil { use std::net::{Ipv6Addr, SocketAddr}; use assert_matches::assert_matches; - use boring::pkey::PKey; - use boring::ssl::{SslAcceptor, SslMethod}; - use boring::x509::X509; + use boring_signal::pkey::PKey; + use boring_signal::ssl::{SslAcceptor, SslMethod}; + use boring_signal::x509::X509; use lazy_static::lazy_static; use rcgen::CertifiedKey; use tls_parser::{ClientHello, TlsExtension, TlsMessage, TlsMessageHandshake, TlsPlaintext}; @@ -458,7 +460,7 @@ pub(crate) mod testutil { let (tcp_stream, _remote_addr) = tcp_listener.accept().await.expect("incoming connection"); let mut input_stream = if let Some(ssl_acceptor) = &ssl_acceptor { - let ssl_stream = tokio_boring::accept(ssl_acceptor, tcp_stream) + let ssl_stream = tokio_boring_signal::accept(ssl_acceptor, tcp_stream) .await .expect("handshake successful"); diff --git a/rust/net/src/infra/ws.rs b/rust/net/src/infra/ws.rs index bb0aaedd..9f094482 100644 --- a/rust/net/src/infra/ws.rs +++ b/rust/net/src/infra/ws.rs @@ -479,7 +479,7 @@ impl From for AttestedConnectionError { } } -pub type DefaultStream = tokio_boring::SslStream; +pub type DefaultStream = tokio_boring_signal::SslStream; /// Encrypted connection to an attested host. #[derive(Debug)] diff --git a/rust/pin/Cargo.toml b/rust/pin/Cargo.toml index fa1b70f7..4802824e 100644 --- a/rust/pin/Cargo.toml +++ b/rust/pin/Cargo.toml @@ -13,16 +13,17 @@ license = "AGPL-3.0-only" [dependencies] argon2 = { version = "0.5.0", features = ["zeroize"] } -displaydoc = "0.2" -hkdf = "0.12" -sha2 = "0.10" -static_assertions = "1.1" -thiserror = "1.0.57" +displaydoc = { workspace = true } +hkdf = { workspace = true } +rand_core = { workspace = true, features = ["getrandom"] } +sha2 = { workspace = true } +static_assertions = { workspace = true } +thiserror = { workspace = true } [dev-dependencies] -hex-literal = "0.4.1" -hmac = { version = "0.12", features = ["reset"] } -criterion = "0.5" +hex-literal = { workspace = true } +hmac = { workspace = true, features = ["reset"] } +criterion = { workspace = true } [[bench]] diff --git a/rust/poksho/Cargo.toml b/rust/poksho/Cargo.toml index c94a84bf..49219a89 100644 --- a/rust/poksho/Cargo.toml +++ b/rust/poksho/Cargo.toml @@ -11,16 +11,16 @@ edition = "2021" license = "AGPL-3.0-only" [dependencies] -curve25519-dalek = "4.1.3" -hmac = { version = "0.12", features = ["reset"] } -sha2 = "0.10" +curve25519-dalek = { workspace = true } +hmac = { workspace = true, features = ["reset"] } +sha2 = { workspace = true } [dev-dependencies] -hex = "0.4" +hex = { workspace = true } # For benchmarking -criterion = "0.5" -rand = "0.8" +criterion = { workspace = true } +rand = { workspace = true } [[bench]] name = "sho" diff --git a/rust/protocol/Cargo.toml b/rust/protocol/Cargo.toml index 0e444359..6c7af1a4 100644 --- a/rust/protocol/Cargo.toml +++ b/rust/protocol/Cargo.toml @@ -14,32 +14,32 @@ license = "AGPL-3.0-only" libsignal-core = { path = "../core" } signal-crypto = { path = "../crypto" } -aes = { version = "0.8.3", features = ["zeroize"] } -aes-gcm-siv = "0.11.1" +aes = { workspace = true, features = ["zeroize"] } +aes-gcm-siv = { workspace = true } arrayref = "0.3.6" -async-trait = "0.1.41" -ctr = { version = "0.9.2", features = ["zeroize"] } -curve25519-dalek = { version = "4.1.3", features = ["digest"] } -derive-where = "1.2.5" -displaydoc = "0.2" -hex = "0.4" -hkdf = "0.12" -hmac = "0.12" -indexmap = "2.1.0" -itertools = "0.13.0" -log = "0.4" -num_enum = "0.7.2" +async-trait = { workspace = true } +ctr = { workspace = true, features = ["zeroize"] } +curve25519-dalek = { workspace = true, features = ["digest"] } +derive-where = { workspace = true } +displaydoc = { workspace = true } +hex = { workspace = true } +hkdf = { workspace = true } +hmac = { workspace = true } +indexmap = { workspace = true } +itertools = { workspace = true } +log = { workspace = true } +num_enum = { workspace = true } pqcrypto-kyber = { version = "0.7.6", default-features = false, features = ["std"] } pqcrypto-traits = "0.3.4" -prost = "0.13.1" -rand = "0.8" -rayon = "1.8.0" -serde = { version = "1.0", features = ["derive"] } -sha2 = "0.10" -subtle = "2.3" -thiserror = "1.0.30" -uuid = "1.1.2" -x25519-dalek = { version = "2.0.0", features = ["static_secrets"] } +prost = { workspace = true } +rand = { workspace = true } +rayon = { workspace = true } +serde = { workspace = true, features = ["derive"] } +sha2 = { workspace = true } +subtle = { workspace = true } +thiserror = { workspace = true } +uuid = { workspace = true } +x25519-dalek = { workspace = true, features = ["static_secrets"] } # WARNING: pqcrypto-kyber 0.8 and 0.7 don't actually coexist, they both depend on the same C symbols. # We keep this here for if/when that gets cleared up. @@ -53,15 +53,15 @@ kyber768 = [] mlkem1024 = ["pqcrypto-ml-kem"] [dev-dependencies] -clap = { version = "4.4.11", features = ["derive"] } -criterion = "0.5" -hex-literal = "0.4.1" -proptest = "1.0" -futures-util = "0.3.7" -env_logger = "0.11.4" +clap = { workspace = true, features = ["derive"] } +criterion = { workspace = true } +hex-literal = { workspace = true } +proptest = { workspace = true } +futures-util = { workspace = true } +env_logger = { workspace = true } [build-dependencies] -prost-build = "0.13.1" +prost-build = { workspace = true } [[bench]] name = "curve" diff --git a/rust/svr3/Cargo.toml b/rust/svr3/Cargo.toml index 7bf360ab..3590f0af 100644 --- a/rust/svr3/Cargo.toml +++ b/rust/svr3/Cargo.toml @@ -10,24 +10,24 @@ authors = ["Signal Messenger LLC"] license = "AGPL-3.0-only" [dependencies] -curve25519-dalek = { version = "4.1.3", features = ["rand_core"] } -displaydoc = "0.2" -hkdf = "0.12" -prost = "0.13.1" -rand_core = { version = "0.6", features = ["getrandom"] } -sha2 = "0.10" -strum_macros = "0.26" -subtle = "2.5" +curve25519-dalek = { workspace = true, features = ["rand_core"] } +displaydoc = { workspace = true } +hkdf = { workspace = true } +prost = { workspace = true } +rand_core = { workspace = true, features = ["getrandom"] } +sha2 = { workspace = true } +strum = { workspace = true, features = ["derive"] } +subtle = { workspace = true } [dev-dependencies] -assert_matches = "1.5" -zerocopy = "0.7.34" -criterion = "0.5" -hex = "0.4" -hex-literal = "0.4.1" -nonzero_ext = "0.3.0" -test-case = "3.2.1" -proptest = "1.0" +assert_matches = { workspace = true } +zerocopy = { workspace = true } +criterion = { workspace = true } +hex = { workspace = true } +hex-literal = { workspace = true } +nonzero_ext = { workspace = true } +test-case = { workspace = true } +proptest = { workspace = true } [build-dependencies] -prost-build = "0.13.1" +prost-build = { workspace = true } diff --git a/rust/svr3/src/errors.rs b/rust/svr3/src/errors.rs index 26f63afc..ca90cbd5 100644 --- a/rust/svr3/src/errors.rs +++ b/rust/svr3/src/errors.rs @@ -38,7 +38,7 @@ impl std::fmt::Display for svr4::response4::Status { } /// Represents an erroneous SVR3 response status -#[derive(Debug, strum_macros::Display, PartialEq)] +#[derive(Debug, strum::Display, PartialEq)] pub enum ErrorStatus { Unset, Missing, diff --git a/rust/usernames/Cargo.toml b/rust/usernames/Cargo.toml index 8c835c5f..5f7bd4cc 100644 --- a/rust/usernames/Cargo.toml +++ b/rust/usernames/Cargo.toml @@ -15,27 +15,27 @@ license = "AGPL-3.0-only" poksho = { path = "../poksho" } signal-crypto = { path = "../crypto" } -curve25519-dalek = { version = "4.1.3", features = ["digest"] } -displaydoc = "0.2" -hkdf = "0.12" -hmac = "0.12" -lazy_static = "1.4.0" -log = "0.4" -prost = "0.13.1" -rand = "0.8" -sha2 = "0.10" -subtle = "2.5.0" -thiserror = "1.0.40" +curve25519-dalek = { workspace = true, features = ["digest"] } +displaydoc = { workspace = true } +hkdf = { workspace = true } +hmac = { workspace = true } +lazy_static = { workspace = true } +log = { workspace = true } +prost = { workspace = true } +rand = { workspace = true } +sha2 = { workspace = true } +subtle = { workspace = true } +thiserror = { workspace = true } [dev-dependencies] zkgroup = { path = "../zkgroup" } -proptest = "1.0" -criterion = "0.5" +proptest = { workspace = true } +criterion = { workspace = true } [[bench]] name = "usernames_benchmarks" harness = false [build-dependencies] -prost-build = "0.13.1" +prost-build = { workspace = true } diff --git a/rust/zkcredential/Cargo.toml b/rust/zkcredential/Cargo.toml index b28d8843..68a91a05 100644 --- a/rust/zkcredential/Cargo.toml +++ b/rust/zkcredential/Cargo.toml @@ -13,27 +13,27 @@ license = "AGPL-3.0-only" [dependencies] poksho = { path = "../poksho" } -cfg-if = "1.0.0" -curve25519-dalek = { version = "4.1.3", features = ["serde"] } -derive-where = "1.2.5" -displaydoc = "0.2" -lazy_static = "1.4.0" -partial-default = { version = "0.1.0", features = ["derive"] } -serde = { version = "1.0.106", features = ["derive"] } -sha2 = "0.10" -subtle = "2.3" -thiserror = "1.0.57" +cfg-if = { workspace = true } +curve25519-dalek = { workspace = true, features = ["serde"] } +derive-where = { workspace = true } +displaydoc = { workspace = true } +lazy_static = { workspace = true } +partial-default = { workspace = true, features = ["derive"] } +serde = { workspace = true, features = ["derive"] } +sha2 = { workspace = true } +subtle = { workspace = true } +thiserror = { workspace = true } # If rayon is enabled, certain operations will use rayon's thread pool. rayon = { version = "1.8.0", optional = true } [dev-dependencies] -bincode = "1.2.1" -hex = "0.4" -hex-literal = "0.4.1" +bincode = { workspace = true } +hex = { workspace = true } +hex-literal = { workspace = true } # For benchmarking -criterion = "0.5" +criterion = { workspace = true } # Many of zkcredential's tests live in the zkgroup crate, # since zkcredential was designed to work with existing verifiably encrypted attribute types. diff --git a/rust/zkgroup/Cargo.toml b/rust/zkgroup/Cargo.toml index 861a1924..5c9ae861 100644 --- a/rust/zkgroup/Cargo.toml +++ b/rust/zkgroup/Cargo.toml @@ -17,35 +17,36 @@ poksho = { path = "../poksho" } signal-crypto = { path = "../crypto" } zkcredential = { path = "../zkcredential", features = ["rayon"] } -curve25519-dalek = { git = 'https://github.com/signalapp/curve25519-dalek', tag = 'signal-curve25519-4.1.3', version = "4.1.1", features = ["serde"] } +# Use our fork of curve25519-dalek for zkgroup support. +curve25519-dalek-signal = { workspace = true, features = ["serde"] } -aes-gcm-siv = "0.11.1" -bincode = "1.2.1" -derive-where = "1.2.5" -displaydoc = "0.2" -hex = "0.4.0" -hex-literal = "0.4.1" -hkdf = "0.12" -lazy_static = "1.4.0" -num_enum = "0.7.2" -partial-default = { version = "0.1.0", features = ["derive"] } -rand = "0.8" -rayon = "1.8.0" -serde = { version = "1.0.106", features = ["derive"] } -sha2 = "0.10.0" -subtle = "2.3" -thiserror = "1.0.57" -uuid = "1.1.2" +aes-gcm-siv = { workspace = true } +bincode = { workspace = true } +derive-where = { workspace = true } +displaydoc = { workspace = true } +hex = { workspace = true } +hex-literal = { workspace = true } +hkdf = { workspace = true } +lazy_static = { workspace = true } +num_enum = { workspace = true } +partial-default = { workspace = true, features = ["derive"] } +rand = { workspace = true } +rayon = { workspace = true } +serde = { workspace = true, features = ["derive"] } +sha2 = { workspace = true } +subtle = { workspace = true } +thiserror = { workspace = true } +uuid = { workspace = true } # For generation -base64 = { version = "0.21", optional = true } +base64 = { workspace = true, optional = true } [dev-dependencies] -uuid = { version = "1", features = ["v5"] } +uuid = { workspace = true, features = ["v5"] } # For benchmarking -criterion = "0.5" -test-case = "3.3.1" +criterion = { workspace = true } +test-case = { workspace = true } [[bench]] name = "zkgroup_benchmarks" diff --git a/rust/zkgroup/src/api/backups/auth_credential.rs b/rust/zkgroup/src/api/backups/auth_credential.rs index 7f8a93cd..2e2647a5 100644 --- a/rust/zkgroup/src/api/backups/auth_credential.rs +++ b/rust/zkgroup/src/api/backups/auth_credential.rs @@ -15,7 +15,7 @@ //! The BackupAuthCredential has the additional constraint that it should be deterministically reproducible. Rather than a randomly //! seeded blinding key pair, the key pair is derived from, you guessed it, the client's master key. -use curve25519_dalek::ristretto::RistrettoPoint; +use curve25519_dalek_signal::ristretto::RistrettoPoint; use hkdf::Hkdf; use partial_default::PartialDefault; use poksho::ShoApi; diff --git a/rust/zkgroup/src/api/call_links/create_credential.rs b/rust/zkgroup/src/api/call_links/create_credential.rs index 33bdd48b..ddb4b383 100644 --- a/rust/zkgroup/src/api/call_links/create_credential.rs +++ b/rust/zkgroup/src/api/call_links/create_credential.rs @@ -10,7 +10,7 @@ //! - the user's ACI (provided by the chat server at issuance, passed encrypted to the calling server for verification) //! - a timestamp, truncated to day granularity (chosen by the chat server at issuance, passed publicly to the calling server for verification) -use curve25519_dalek::ristretto::RistrettoPoint; +use curve25519_dalek_signal::ristretto::RistrettoPoint; use partial_default::PartialDefault; use poksho::ShoApi; use serde::{Deserialize, Serialize}; diff --git a/rust/zkgroup/src/api/groups/group_send_endorsement.rs b/rust/zkgroup/src/api/groups/group_send_endorsement.rs index 1c3da2f9..358eac8a 100644 --- a/rust/zkgroup/src/api/groups/group_send_endorsement.rs +++ b/rust/zkgroup/src/api/groups/group_send_endorsement.rs @@ -93,9 +93,9 @@ impl GroupSendEndorsementsResponse { /// it. /// /// The `usize` in each pair must be the original index of the point. - fn sort_points(points: &mut [(usize, curve25519_dalek::RistrettoPoint)]) { + fn sort_points(points: &mut [(usize, curve25519_dalek_signal::RistrettoPoint)]) { debug_assert!(points.iter().enumerate().all(|(i, (j, _))| i == *j)); - let sort_keys = curve25519_dalek::RistrettoPoint::double_and_compress_batch( + let sort_keys = curve25519_dalek_signal::RistrettoPoint::double_and_compress_batch( points.iter().map(|(_i, point)| point), ); points.sort_unstable_by_key(|(i, _point)| sort_keys[*i].as_bytes()); @@ -112,11 +112,12 @@ impl GroupSendEndorsementsResponse { // Note: we could save some work here by pulling the single point we need out of the // serialized bytes, and operating directly on that. However, we'd have to remember to // update that if the serialization format ever changes. - let mut points_to_sign: Vec<(usize, curve25519_dalek::RistrettoPoint)> = member_ciphertexts - .into_iter() - .map(|ciphertext| ciphertext.ciphertext.as_points()[0]) - .enumerate() - .collect(); + let mut points_to_sign: Vec<(usize, curve25519_dalek_signal::RistrettoPoint)> = + member_ciphertexts + .into_iter() + .map(|ciphertext| ciphertext.ciphertext.as_points()[0]) + .enumerate() + .collect(); Self::sort_points(&mut points_to_sign); let endorsements = zkcredential::endorsements::EndorsementResponse::issue( @@ -194,7 +195,7 @@ impl GroupSendEndorsementsResponse { // We have to compute the ciphertexts (expensive), but we can skip the second point (which // would be much more expensive). // We zip the results together with a set of indexes so we can un-sort the results later. - let mut member_points: Vec<(usize, curve25519_dalek::RistrettoPoint)> = user_ids + let mut member_points: Vec<(usize, curve25519_dalek_signal::RistrettoPoint)> = user_ids .into_iter() .map(|user_id| { group_params.uid_enc_key_pair.a1 * crypto::uid_struct::UidStruct::calc_M1(user_id) @@ -251,7 +252,7 @@ impl GroupSendEndorsementsResponse { // We have to compute the ciphertexts (expensive), but we can skip the second point (which // would be much more expensive). // We zip the results together with a set of indexes so we can un-sort the results later. - let mut member_points: Vec<(usize, curve25519_dalek::RistrettoPoint)> = user_ids + let mut member_points: Vec<(usize, curve25519_dalek_signal::RistrettoPoint)> = user_ids .into_par_iter() .map(|user_id| { group_params.uid_enc_key_pair.a1 * crypto::uid_struct::UidStruct::calc_M1(user_id) @@ -340,18 +341,18 @@ impl GroupSendEndorsementsResponse { /// A single endorsement, for one or multiple group members. /// -/// `Storage` is usually [`curve25519_dalek::RistrettoPoint`], but the `receive` APIs on +/// `Storage` is usually [`curve25519_dalek_signal::RistrettoPoint`], but the `receive` APIs on /// [`GroupSendEndorsementsResponse`] produce "compressed" endorsements, since they are usually /// immediately serialized. #[derive(Serialize, Deserialize, PartialDefault, Clone, Copy)] -#[partial_default(bound = "Storage: curve25519_dalek::traits::Identity")] +#[partial_default(bound = "Storage: curve25519_dalek_signal::traits::Identity")] #[derive_where(PartialEq; Storage: subtle::ConstantTimeEq)] -pub struct GroupSendEndorsement { +pub struct GroupSendEndorsement { reserved: ReservedByte, endorsement: zkcredential::endorsements::Endorsement, } -impl Debug for GroupSendEndorsement { +impl Debug for GroupSendEndorsement { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { f.debug_struct("GroupSendEndorsement") .field("reserved", &self.reserved) @@ -360,7 +361,7 @@ impl Debug for GroupSendEndorsement { } } -impl Debug for GroupSendEndorsement { +impl Debug for GroupSendEndorsement { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { f.debug_struct("GroupSendEndorsement") .field("reserved", &self.reserved) @@ -388,11 +389,11 @@ pub struct ReceivedEndorsement { // existing memory allocation isn't sufficient anyway, and thus we're better off constructing a // single big Vec rather than two smaller ones, especially since we have to un-permute the // results. (It's close, though, only a 3-6% difference at the largest group sizes.) - pub compressed: GroupSendEndorsement, + pub compressed: GroupSendEndorsement, pub decompressed: GroupSendEndorsement, } -impl GroupSendEndorsement { +impl GroupSendEndorsement { /// Attempts to decompress the GroupSendEndorsement. /// /// Produces [`ZkGroupDeserializationFailure`] if the compressed storage isn't a valid @@ -402,8 +403,10 @@ impl GroupSendEndorsement { /// `GroupSendEndorsement` and then calling `decompress`. pub fn decompress( self, - ) -> Result, ZkGroupDeserializationFailure> - { + ) -> Result< + GroupSendEndorsement, + ZkGroupDeserializationFailure, + > { Ok(GroupSendEndorsement { reserved: self.reserved, endorsement: self @@ -414,14 +417,14 @@ impl GroupSendEndorsement { } } -impl GroupSendEndorsement { +impl GroupSendEndorsement { /// Compresses the GroupSendEndorsement for storage. /// /// Serializing an `GroupSendEndorsement` is equivalent to calling `compress` and /// serializing the resulting `GroupSendEndorsement`. pub fn compress( self, - ) -> GroupSendEndorsement { + ) -> GroupSendEndorsement { GroupSendEndorsement { reserved: self.reserved, endorsement: self.endorsement.compress(), @@ -567,7 +570,7 @@ impl GroupSendFullToken { "wrong key pair used for this token" ); - let user_id_sum: curve25519_dalek::RistrettoPoint = user_ids + let user_id_sum: curve25519_dalek_signal::RistrettoPoint = user_ids .into_iter() .map(crypto::uid_struct::UidStruct::calc_M1) .sum(); diff --git a/rust/zkgroup/src/common/sho.rs b/rust/zkgroup/src/common/sho.rs index 24129114..a2162dc8 100644 --- a/rust/zkgroup/src/common/sho.rs +++ b/rust/zkgroup/src/common/sho.rs @@ -3,8 +3,8 @@ // SPDX-License-Identifier: AGPL-3.0-only // -use curve25519_dalek::ristretto::RistrettoPoint; -use curve25519_dalek::scalar::Scalar; +use curve25519_dalek_signal::ristretto::RistrettoPoint; +use curve25519_dalek_signal::scalar::Scalar; use poksho::ShoApi; pub struct Sho { diff --git a/rust/zkgroup/src/common/simple_types.rs b/rust/zkgroup/src/common/simple_types.rs index 70e56abf..1c6e46de 100644 --- a/rust/zkgroup/src/common/simple_types.rs +++ b/rust/zkgroup/src/common/simple_types.rs @@ -3,7 +3,7 @@ // SPDX-License-Identifier: AGPL-3.0-only // -use curve25519_dalek::scalar::Scalar; +use curve25519_dalek_signal::scalar::Scalar; use partial_default::PartialDefault; use serde::{Deserialize, Serialize}; use zkcredential::attributes::PublicAttribute; diff --git a/rust/zkgroup/src/crypto/credentials.rs b/rust/zkgroup/src/crypto/credentials.rs index 8f04c0c5..12547283 100644 --- a/rust/zkgroup/src/crypto/credentials.rs +++ b/rust/zkgroup/src/crypto/credentials.rs @@ -5,9 +5,9 @@ #![allow(non_snake_case)] -use curve25519_dalek::constants::RISTRETTO_BASEPOINT_POINT; -use curve25519_dalek::ristretto::RistrettoPoint; -use curve25519_dalek::scalar::Scalar; +use curve25519_dalek_signal::constants::RISTRETTO_BASEPOINT_POINT; +use curve25519_dalek_signal::ristretto::RistrettoPoint; +use curve25519_dalek_signal::scalar::Scalar; use partial_default::PartialDefault; use serde::{Deserialize, Serialize}; diff --git a/rust/zkgroup/src/crypto/profile_key_commitment.rs b/rust/zkgroup/src/crypto/profile_key_commitment.rs index 83105cf4..25fa7b6e 100644 --- a/rust/zkgroup/src/crypto/profile_key_commitment.rs +++ b/rust/zkgroup/src/crypto/profile_key_commitment.rs @@ -9,8 +9,8 @@ use crate::common::constants::*; use crate::common::sho::*; use crate::common::simple_types::*; use crate::crypto::profile_key_struct; -use curve25519_dalek::ristretto::RistrettoPoint; -use curve25519_dalek::scalar::Scalar; +use curve25519_dalek_signal::ristretto::RistrettoPoint; +use curve25519_dalek_signal::scalar::Scalar; use partial_default::PartialDefault; use serde::{Deserialize, Serialize}; diff --git a/rust/zkgroup/src/crypto/profile_key_credential_request.rs b/rust/zkgroup/src/crypto/profile_key_credential_request.rs index dc308875..f42d9bee 100644 --- a/rust/zkgroup/src/crypto/profile_key_credential_request.rs +++ b/rust/zkgroup/src/crypto/profile_key_credential_request.rs @@ -10,9 +10,9 @@ use crate::crypto::credentials::{ BlindedExpiringProfileKeyCredential, ExpiringProfileKeyCredential, }; use crate::crypto::profile_key_struct; -use curve25519_dalek::constants::RISTRETTO_BASEPOINT_POINT; -use curve25519_dalek::ristretto::RistrettoPoint; -use curve25519_dalek::scalar::Scalar; +use curve25519_dalek_signal::constants::RISTRETTO_BASEPOINT_POINT; +use curve25519_dalek_signal::ristretto::RistrettoPoint; +use curve25519_dalek_signal::scalar::Scalar; use partial_default::PartialDefault; use serde::{Deserialize, Serialize}; diff --git a/rust/zkgroup/src/crypto/profile_key_encryption.rs b/rust/zkgroup/src/crypto/profile_key_encryption.rs index 709d91f3..88009e62 100644 --- a/rust/zkgroup/src/crypto/profile_key_encryption.rs +++ b/rust/zkgroup/src/crypto/profile_key_encryption.rs @@ -9,7 +9,7 @@ use crate::common::errors::*; use crate::common::sho::*; use crate::common::simple_types::*; use crate::crypto::profile_key_struct; -use curve25519_dalek::ristretto::RistrettoPoint; +use curve25519_dalek_signal::ristretto::RistrettoPoint; use partial_default::PartialDefault; use serde::{Deserialize, Serialize}; diff --git a/rust/zkgroup/src/crypto/profile_key_struct.rs b/rust/zkgroup/src/crypto/profile_key_struct.rs index e73e6402..b6e7b5f3 100644 --- a/rust/zkgroup/src/crypto/profile_key_struct.rs +++ b/rust/zkgroup/src/crypto/profile_key_struct.rs @@ -8,7 +8,7 @@ use crate::common::constants::*; use crate::common::sho::*; use crate::common::simple_types::*; -use curve25519_dalek::ristretto::RistrettoPoint; +use curve25519_dalek_signal::ristretto::RistrettoPoint; use partial_default::PartialDefault; use serde::{Deserialize, Serialize}; diff --git a/rust/zkgroup/src/crypto/proofs.rs b/rust/zkgroup/src/crypto/proofs.rs index 1502d456..13b3a54f 100644 --- a/rust/zkgroup/src/crypto/proofs.rs +++ b/rust/zkgroup/src/crypto/proofs.rs @@ -5,9 +5,9 @@ #![allow(non_snake_case)] -use curve25519_dalek::constants::RISTRETTO_BASEPOINT_POINT; -use curve25519_dalek::ristretto::RistrettoPoint; -use curve25519_dalek::traits::Identity; +use curve25519_dalek_signal::constants::RISTRETTO_BASEPOINT_POINT; +use curve25519_dalek_signal::ristretto::RistrettoPoint; +use curve25519_dalek_signal::traits::Identity; use partial_default::PartialDefault; use serde::{Deserialize, Serialize}; diff --git a/rust/zkgroup/src/crypto/receipt_credential_request.rs b/rust/zkgroup/src/crypto/receipt_credential_request.rs index f0349ef1..d1c46b79 100644 --- a/rust/zkgroup/src/crypto/receipt_credential_request.rs +++ b/rust/zkgroup/src/crypto/receipt_credential_request.rs @@ -5,9 +5,9 @@ #![allow(non_snake_case)] -use curve25519_dalek::constants::RISTRETTO_BASEPOINT_POINT; -use curve25519_dalek::ristretto::RistrettoPoint; -use curve25519_dalek::scalar::Scalar; +use curve25519_dalek_signal::constants::RISTRETTO_BASEPOINT_POINT; +use curve25519_dalek_signal::ristretto::RistrettoPoint; +use curve25519_dalek_signal::scalar::Scalar; use partial_default::PartialDefault; use serde::{Deserialize, Serialize}; diff --git a/rust/zkgroup/src/crypto/receipt_struct.rs b/rust/zkgroup/src/crypto/receipt_struct.rs index c0aeaec2..3c0ad887 100644 --- a/rust/zkgroup/src/crypto/receipt_struct.rs +++ b/rust/zkgroup/src/crypto/receipt_struct.rs @@ -3,7 +3,7 @@ // SPDX-License-Identifier: AGPL-3.0-only // -use curve25519_dalek::scalar::Scalar; +use curve25519_dalek_signal::scalar::Scalar; use serde::{Deserialize, Serialize}; use crate::common::sho::Sho; diff --git a/rust/zkgroup/src/crypto/signature.rs b/rust/zkgroup/src/crypto/signature.rs index e1f268b5..c03deec0 100644 --- a/rust/zkgroup/src/crypto/signature.rs +++ b/rust/zkgroup/src/crypto/signature.rs @@ -7,9 +7,9 @@ use crate::common::constants::*; use crate::common::errors::*; use crate::common::sho::*; use crate::common::simple_types::*; -use curve25519_dalek::constants::RISTRETTO_BASEPOINT_POINT; -use curve25519_dalek::ristretto::RistrettoPoint; -use curve25519_dalek::scalar::Scalar; +use curve25519_dalek_signal::constants::RISTRETTO_BASEPOINT_POINT; +use curve25519_dalek_signal::ristretto::RistrettoPoint; +use curve25519_dalek_signal::scalar::Scalar; use partial_default::PartialDefault; use serde::{Deserialize, Serialize}; diff --git a/rust/zkgroup/src/crypto/timestamp_struct.rs b/rust/zkgroup/src/crypto/timestamp_struct.rs index 5a659259..f97685b4 100644 --- a/rust/zkgroup/src/crypto/timestamp_struct.rs +++ b/rust/zkgroup/src/crypto/timestamp_struct.rs @@ -3,7 +3,7 @@ // SPDX-License-Identifier: AGPL-3.0-only // -use curve25519_dalek::scalar::Scalar; +use curve25519_dalek_signal::scalar::Scalar; use serde::{Deserialize, Serialize}; use crate::common::sho::Sho; diff --git a/rust/zkgroup/src/crypto/uid_encryption.rs b/rust/zkgroup/src/crypto/uid_encryption.rs index 076a9c78..5f8f7838 100644 --- a/rust/zkgroup/src/crypto/uid_encryption.rs +++ b/rust/zkgroup/src/crypto/uid_encryption.rs @@ -9,7 +9,7 @@ use crate::common::errors::*; use crate::common::sho::*; use crate::crypto::uid_struct; -use curve25519_dalek::ristretto::RistrettoPoint; +use curve25519_dalek_signal::ristretto::RistrettoPoint; use lazy_static::lazy_static; use partial_default::PartialDefault; use serde::{Deserialize, Serialize}; diff --git a/rust/zkgroup/src/crypto/uid_struct.rs b/rust/zkgroup/src/crypto/uid_struct.rs index e8b8401b..3dc8b2de 100644 --- a/rust/zkgroup/src/crypto/uid_struct.rs +++ b/rust/zkgroup/src/crypto/uid_struct.rs @@ -7,7 +7,7 @@ use crate::common::sho::*; use crate::common::simple_types::*; -use curve25519_dalek::ristretto::RistrettoPoint; +use curve25519_dalek_signal::ristretto::RistrettoPoint; use libsignal_core::ServiceId; use partial_default::PartialDefault; use serde::{Deserialize, Serialize}; diff --git a/rust/zkgroup/src/crypto/zkcredential_examples.rs b/rust/zkgroup/src/crypto/zkcredential_examples.rs index 5e3ca508..fd350fa3 100644 --- a/rust/zkgroup/src/crypto/zkcredential_examples.rs +++ b/rust/zkgroup/src/crypto/zkcredential_examples.rs @@ -7,7 +7,7 @@ //! //! Has to live in zkgroup because they implement zkcredential traits on zkgroup types. -use curve25519_dalek::ristretto::RistrettoPoint; +use curve25519_dalek_signal::ristretto::RistrettoPoint; use poksho::{ShoApi, ShoSha256}; use serde::{Deserialize, Serialize}; use zkcredential::attributes::{Attribute, Domain, RevealedAttribute}; @@ -453,8 +453,8 @@ struct InverseUidDecryptionKey; impl zkcredential::attributes::Domain for InverseUidDecryptionKey { type Attribute = uid_encryption::Ciphertext; const ID: &'static str = "InverseUidEncryptionDomain_20231011"; - fn G_a() -> [curve25519_dalek::RistrettoPoint; 2] { - static STORAGE: std::sync::OnceLock<[curve25519_dalek::RistrettoPoint; 2]> = + fn G_a() -> [curve25519_dalek_signal::RistrettoPoint; 2] { + static STORAGE: std::sync::OnceLock<[curve25519_dalek_signal::RistrettoPoint; 2]> = std::sync::OnceLock::new(); *zkcredential::attributes::derive_default_generator_points::(&STORAGE) } diff --git a/rust/zkgroup/tests/integration_tests.rs b/rust/zkgroup/tests/integration_tests.rs index ed6f19d6..b6ed32f7 100644 --- a/rust/zkgroup/tests/integration_tests.rs +++ b/rust/zkgroup/tests/integration_tests.rs @@ -3,7 +3,7 @@ // SPDX-License-Identifier: AGPL-3.0-only // -use curve25519_dalek::ristretto::RistrettoPoint; +use curve25519_dalek_signal::ristretto::RistrettoPoint; use hex_literal::hex; use sha2::Sha256; use zkgroup::{Timestamp, SECONDS_PER_DAY};