From e62c9ddb44b400440f5edc9fc6f5f6eff550774d Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 28 Jan 2025 18:31:09 +0900 Subject: [PATCH 1/4] chore: deps --- httpsig-hyper/Cargo.toml | 2 +- httpsig/Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/httpsig-hyper/Cargo.toml b/httpsig-hyper/Cargo.toml index 49509f4..85ac7ff 100644 --- a/httpsig-hyper/Cargo.toml +++ b/httpsig-hyper/Cargo.toml @@ -21,7 +21,7 @@ futures = { version = "0.3.31", default-features = false, features = [ "std", "async-await", ] } -indexmap = { version = "2.7.0" } +indexmap = { version = "2.7.1" } # content digest with rfc8941 structured field values sha2 = { version = "0.10.8", default-features = false } diff --git a/httpsig/Cargo.toml b/httpsig/Cargo.toml index fd3a2f9..12e3d94 100644 --- a/httpsig/Cargo.toml +++ b/httpsig/Cargo.toml @@ -16,7 +16,7 @@ rust-version.workspace = true thiserror = { version = "2.0.11" } tracing = { version = "0.1.41" } rustc-hash = { version = "2.1.0" } -indexmap = { version = "2.7.0" } +indexmap = { version = "2.7.1" } fxhash = { version = "0.2.1" } rand = { version = "0.8.5" } From 4c7093982f10bacd3af47baf99c45dba927f2934 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Thu, 20 Feb 2025 09:52:35 +0900 Subject: [PATCH 2/4] update rand --- httpsig-hyper/Cargo.toml | 4 ++-- httpsig/Cargo.toml | 13 ++++++++----- httpsig/src/crypto/asymmetric.rs | 3 ++- httpsig/src/signature_params.rs | 4 ++-- 4 files changed, 14 insertions(+), 10 deletions(-) diff --git a/httpsig-hyper/Cargo.toml b/httpsig-hyper/Cargo.toml index 85ac7ff..421c021 100644 --- a/httpsig-hyper/Cargo.toml +++ b/httpsig-hyper/Cargo.toml @@ -25,7 +25,7 @@ indexmap = { version = "2.7.1" } # content digest with rfc8941 structured field values sha2 = { version = "0.10.8", default-features = false } -sfv = { version = "0.9.4" } +sfv = { version = "0.10.4" } # encoding base64 = { version = "0.22.1" } @@ -34,7 +34,7 @@ base64 = { version = "0.22.1" } http = { version = "1.2.0" } http-body = { version = "1.0.1" } http-body-util = { version = "0.1.2" } -bytes = { version = "1.9.0" } +bytes = { version = "1.10.0" } [dev-dependencies] diff --git a/httpsig/Cargo.toml b/httpsig/Cargo.toml index 12e3d94..187ead5 100644 --- a/httpsig/Cargo.toml +++ b/httpsig/Cargo.toml @@ -15,10 +15,10 @@ rust-version.workspace = true [dependencies] thiserror = { version = "2.0.11" } tracing = { version = "0.1.41" } -rustc-hash = { version = "2.1.0" } +rustc-hash = { version = "2.1.1" } indexmap = { version = "2.7.1" } fxhash = { version = "0.2.1" } -rand = { version = "0.8.5" } +rand = { version = "0.9.0" } # crypto pkcs8 = { version = "0.10.2", default-features = false, features = ["pem"] } @@ -34,16 +34,19 @@ p256 = { version = "0.13.2", default-features = false, features = [ "arithmetic", "ecdsa", ] } -p384 = { version = "0.13.0", default-features = false, features = [ +p384 = { version = "0.13.1", default-features = false, features = [ "arithmetic", "ecdsa", ] } hmac = { version = "0.12.1" } sha2 = { version = "0.10.8", default-features = false } -bytes = { version = "1.9.0" } +bytes = { version = "1.10.0" } # encoding base64 = { version = "0.22.1" } # for rfc8941 structured field values -sfv = { version = "0.9.4" } +sfv = { version = "0.10.4" } + +[dev-dependencies] +rand-085 = { package = "rand", version = "0.8.5" } # testing only diff --git a/httpsig/src/crypto/asymmetric.rs b/httpsig/src/crypto/asymmetric.rs index 619e418..c8e3db2 100644 --- a/httpsig/src/crypto/asymmetric.rs +++ b/httpsig/src/crypto/asymmetric.rs @@ -359,7 +359,8 @@ MCowBQYDK2VwAyEA1ixMQcxO46PLlgQfYS46ivFd+n0CcDHSKUnuhm3i1O0= let pk = PublicKey::from_bytes(AlgorithmName::Ed25519, ed25519_pk).unwrap(); assert!(matches!(pk, PublicKey::Ed25519(_))); - let es256_sk = p256::ecdsa::SigningKey::random(&mut rand::thread_rng()); + let mut rng = rand_085::thread_rng(); + let es256_sk = p256::ecdsa::SigningKey::random(&mut rng); let es256_pk = es256_sk.verifying_key(); let sk = SecretKey::from_bytes(AlgorithmName::EcdsaP256Sha256, es256_sk.to_bytes().as_ref()).unwrap(); assert!(matches!(sk, SecretKey::EcdsaP256Sha256(_))); diff --git a/httpsig/src/signature_params.rs b/httpsig/src/signature_params.rs index e2daab5..c2827ae 100644 --- a/httpsig/src/signature_params.rs +++ b/httpsig/src/signature_params.rs @@ -95,8 +95,8 @@ impl HttpSignatureParams { /// Set random nonce pub fn set_random_nonce(&mut self) -> &mut Self { - let mut rng = rand::thread_rng(); - let nonce = rng.gen::<[u8; 32]>(); + let mut rng = rand::rng(); + let nonce = rng.random::<[u8; 32]>(); self.nonce = Some(general_purpose::STANDARD.encode(nonce)); self } From b38cbaa120f941b295f0e185d3ae94a2b97a7245 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Thu, 20 Feb 2025 09:53:44 +0900 Subject: [PATCH 3/4] bump --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 20afd74..a082bcd 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -4,7 +4,7 @@ resolver = "2" [workspace.package] edition = "2021" -version = "0.0.17" +version = "0.0.18" authors = ["Jun Kurihara"] homepage = "https://github.com/junkurihara/httpsig-rs" repository = "https://github.com/junkurihara/httpsig-rs" From f46e141fd5bac007bd3e4109c5de72081dd29829 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Thu, 20 Feb 2025 09:54:50 +0900 Subject: [PATCH 4/4] bump --- httpsig-hyper/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/httpsig-hyper/Cargo.toml b/httpsig-hyper/Cargo.toml index 421c021..7959140 100644 --- a/httpsig-hyper/Cargo.toml +++ b/httpsig-hyper/Cargo.toml @@ -13,7 +13,7 @@ rust-version.workspace = true # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] -httpsig = { path = "../httpsig", version = "0.0.17" } +httpsig = { path = "../httpsig", version = "0.0.18" } thiserror = { version = "2.0.11" } tracing = { version = "0.1.41" }