diff --git a/Cargo.toml b/Cargo.toml index 20afd74..a082bcd 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -4,7 +4,7 @@ resolver = "2" [workspace.package] edition = "2021" -version = "0.0.17" +version = "0.0.18" authors = ["Jun Kurihara"] homepage = "https://github.com/junkurihara/httpsig-rs" repository = "https://github.com/junkurihara/httpsig-rs" diff --git a/httpsig-hyper/Cargo.toml b/httpsig-hyper/Cargo.toml index 49509f4..7959140 100644 --- a/httpsig-hyper/Cargo.toml +++ b/httpsig-hyper/Cargo.toml @@ -13,7 +13,7 @@ rust-version.workspace = true # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] -httpsig = { path = "../httpsig", version = "0.0.17" } +httpsig = { path = "../httpsig", version = "0.0.18" } thiserror = { version = "2.0.11" } tracing = { version = "0.1.41" } @@ -21,11 +21,11 @@ futures = { version = "0.3.31", default-features = false, features = [ "std", "async-await", ] } -indexmap = { version = "2.7.0" } +indexmap = { version = "2.7.1" } # content digest with rfc8941 structured field values sha2 = { version = "0.10.8", default-features = false } -sfv = { version = "0.9.4" } +sfv = { version = "0.10.4" } # encoding base64 = { version = "0.22.1" } @@ -34,7 +34,7 @@ base64 = { version = "0.22.1" } http = { version = "1.2.0" } http-body = { version = "1.0.1" } http-body-util = { version = "0.1.2" } -bytes = { version = "1.9.0" } +bytes = { version = "1.10.0" } [dev-dependencies] diff --git a/httpsig/Cargo.toml b/httpsig/Cargo.toml index fd3a2f9..187ead5 100644 --- a/httpsig/Cargo.toml +++ b/httpsig/Cargo.toml @@ -15,10 +15,10 @@ rust-version.workspace = true [dependencies] thiserror = { version = "2.0.11" } tracing = { version = "0.1.41" } -rustc-hash = { version = "2.1.0" } -indexmap = { version = "2.7.0" } +rustc-hash = { version = "2.1.1" } +indexmap = { version = "2.7.1" } fxhash = { version = "0.2.1" } -rand = { version = "0.8.5" } +rand = { version = "0.9.0" } # crypto pkcs8 = { version = "0.10.2", default-features = false, features = ["pem"] } @@ -34,16 +34,19 @@ p256 = { version = "0.13.2", default-features = false, features = [ "arithmetic", "ecdsa", ] } -p384 = { version = "0.13.0", default-features = false, features = [ +p384 = { version = "0.13.1", default-features = false, features = [ "arithmetic", "ecdsa", ] } hmac = { version = "0.12.1" } sha2 = { version = "0.10.8", default-features = false } -bytes = { version = "1.9.0" } +bytes = { version = "1.10.0" } # encoding base64 = { version = "0.22.1" } # for rfc8941 structured field values -sfv = { version = "0.9.4" } +sfv = { version = "0.10.4" } + +[dev-dependencies] +rand-085 = { package = "rand", version = "0.8.5" } # testing only diff --git a/httpsig/src/crypto/asymmetric.rs b/httpsig/src/crypto/asymmetric.rs index 619e418..c8e3db2 100644 --- a/httpsig/src/crypto/asymmetric.rs +++ b/httpsig/src/crypto/asymmetric.rs @@ -359,7 +359,8 @@ MCowBQYDK2VwAyEA1ixMQcxO46PLlgQfYS46ivFd+n0CcDHSKUnuhm3i1O0= let pk = PublicKey::from_bytes(AlgorithmName::Ed25519, ed25519_pk).unwrap(); assert!(matches!(pk, PublicKey::Ed25519(_))); - let es256_sk = p256::ecdsa::SigningKey::random(&mut rand::thread_rng()); + let mut rng = rand_085::thread_rng(); + let es256_sk = p256::ecdsa::SigningKey::random(&mut rng); let es256_pk = es256_sk.verifying_key(); let sk = SecretKey::from_bytes(AlgorithmName::EcdsaP256Sha256, es256_sk.to_bytes().as_ref()).unwrap(); assert!(matches!(sk, SecretKey::EcdsaP256Sha256(_))); diff --git a/httpsig/src/signature_params.rs b/httpsig/src/signature_params.rs index e2daab5..c2827ae 100644 --- a/httpsig/src/signature_params.rs +++ b/httpsig/src/signature_params.rs @@ -95,8 +95,8 @@ impl HttpSignatureParams { /// Set random nonce pub fn set_random_nonce(&mut self) -> &mut Self { - let mut rng = rand::thread_rng(); - let nonce = rng.gen::<[u8; 32]>(); + let mut rng = rand::rng(); + let nonce = rng.random::<[u8; 32]>(); self.nonce = Some(general_purpose::STANDARD.encode(nonce)); self }