libp2p · tomaka · Oct 11, 2019 · Sep 18, 2019 · Sep 19, 2019 · Sep 19, 2019
diff --git a/core/Cargo.toml b/core/Cargo.toml
@@ -27,7 +27,7 @@ protobuf = "2.3"
 quick-error = "1.2"
 rand = "0.6"
 rw-stream-sink = { version = "0.1.1", path = "../misc/rw-stream-sink" }
-libsecp256k1 = { version = "0.3.0", optional = true }
+libsecp256k1 = { version = "0.3.1", optional = true }
 sha2 = "0.8.0"
 smallvec = "0.6"
 tokio-executor = "0.1.4"
@@ -38,7 +38,7 @@ void = "1"
 zeroize = "0.9"
 
 [target.'cfg(not(any(target_os = "emscripten", target_os = "unknown")))'.dependencies]
-ring = { version = "0.14", features = ["use_heap"], default-features = false }
+ring = { version = "^0.16", features = ["alloc"], default-features = false }
 untrusted = { version = "0.6" }
 
 [dev-dependencies]

diff --git a/core/src/identity/rsa.rs b/core/src/identity/rsa.rs
@@ -40,7 +40,7 @@ impl Keypair {
     ///
     /// [RFC5208]: https://tools.ietf.org/html/rfc5208#section-5
     pub fn from_pkcs8(der: &mut [u8]) -> Result<Keypair, DecodingError> {
-        let kp = RsaKeyPair::from_pkcs8(Input::from(&der[..]))
+        let kp = RsaKeyPair::from_pkcs8(&der)
             .map_err(|e| DecodingError::new("RSA PKCS#8 PrivateKeyInfo").source(e))?;
         der.zeroize();
         Ok(Keypair(Arc::new(kp)))
@@ -69,10 +69,8 @@ pub struct PublicKey(Vec<u8>);
 impl PublicKey {
     /// Verify an RSA signature on a message using the public key.
     pub fn verify(&self, msg: &[u8], sig: &[u8]) -> bool {
-        signature::verify(&RSA_PKCS1_2048_8192_SHA256,
-                          Input::from(&self.0),
-                          Input::from(msg),
-                          Input::from(sig)).is_ok()
+        let key = signature::UnparsedPublicKey::new(&RSA_PKCS1_2048_8192_SHA256, &self.0);
+        key.verify(msg, sig).is_ok()
     }
 
     /// Encode the RSA public key in DER as a PKCS#1 RSAPublicKey structure,

diff --git a/protocols/noise/Cargo.toml b/protocols/noise/Cargo.toml
@@ -15,9 +15,9 @@ lazy_static = "1.2"
 libp2p-core = { version = "0.12.0", path = "../../core" }
 log = "0.4"
 protobuf = "2.3"
-rand = "0.6.5"
-ring = { version = "0.14", features = ["use_heap"], default-features = false }
-snow = { version = "0.5.2", features = ["ring-resolver"], default-features = false }
+rand = "^0.7"
+ring = { version = "^0.16", features = ["alloc"], default-features = false }
+snow = { version = "0.6.1", features = ["ring-resolver"], default-features = false }
 tokio-io = "0.1"
 x25519-dalek = "0.5"
 zeroize = "0.9"

diff --git a/protocols/noise/src/error.rs b/protocols/noise/src/error.rs
@@ -19,7 +19,7 @@
 // DEALINGS IN THE SOFTWARE.
 
 use libp2p_core::identity;
-use snow::SnowError;
+use snow::error::Error as SnowError;
 use std::{error::Error, fmt, io};
 
 /// libp2p_noise error type.

diff --git a/protocols/noise/src/io.rs b/protocols/noise/src/io.rs
@@ -25,6 +25,7 @@ pub mod handshake;
 use futures::Poll;
 use log::{debug, trace};
 use snow;
+use snow::error::{StateProblem, Error as SnowError};
 use std::{fmt, io};
 use tokio_io::{AsyncRead, AsyncWrite};
 
@@ -55,12 +56,48 @@ impl Buffer {
     }
 }
 
+/// A passthrough enum for the two kinds of state machines in `snow`
+pub(crate) enum SnowState {
-pub(crate) enum SnowState {
+pub(crate) enum Session {
-pub(crate) enum SnowState {
+pub(crate) enum Session {
+    Transport(snow::TransportState),
+    Handshake(snow::HandshakeState)
+}
+
+impl SnowState {
+    pub fn read_message(&mut self, message: &[u8], payload: &mut [u8]) -> Result<usize, SnowError> {
+        match self {
+            SnowState::Handshake(session) => session.read_message(message, payload),
+            SnowState::Transport(session) => session.read_message(message, payload),
+        }
+    }
+
+    pub fn write_message(&mut self, message: &[u8], payload: &mut [u8]) -> Result<usize, SnowError> {
+        match self {
+            SnowState::Handshake(session) => session.write_message(message, payload),
+            SnowState::Transport(session) => session.write_message(message, payload),
+        }
+    }
+
+    pub fn get_remote_static(&self) -> Option<&[u8]> {
+        match self {
+            SnowState::Handshake(session) => session.get_remote_static(),
+            SnowState::Transport(session) => session.get_remote_static(),
+        }
+    }
+
+    pub fn into_transport_mode(self) -> Result<snow::TransportState, SnowError> {
+        match self {
+            SnowState::Handshake(session) => session.into_transport_mode(),
+            SnowState::Transport(_) => Err(SnowError::State(StateProblem::HandshakeAlreadyFinished)),
+        }
+    }
+}
+
 /// A noise session to a remote.
 ///
 /// `T` is the type of the underlying I/O resource.
 pub struct NoiseOutput<T> {
     io: T,
-    session: snow::Session,
+    session: SnowState,
     buffer: Buffer,
     read_state: ReadState,
     write_state: WriteState
@@ -76,9 +113,10 @@ impl<T> fmt::Debug for NoiseOutput<T> {
 }
 
 impl<T> NoiseOutput<T> {
-    fn new(io: T, session: snow::Session) -> Self {
+    fn new(io: T, session: SnowState) -> Self {
         NoiseOutput {
-            io, session,
+            io, 
+            session,
             buffer: Buffer { inner: Box::new([0; TOTAL_BUFFER_LEN]) },
             read_state: ReadState::Init,
             write_state: WriteState::Init

diff --git a/protocols/noise/src/io/handshake.rs b/protocols/noise/src/io/handshake.rs
@@ -24,6 +24,7 @@ mod payload;
 
 use crate::error::NoiseError;
 use crate::protocol::{Protocol, PublicKey, KeypairIdentity};
+use crate::io::SnowState;
 use libp2p_core::identity;
 use futures::{future, Async, Future, future::FutureResult, Poll};
 use std::{mem, io};
@@ -128,7 +129,7 @@ where
     /// ```
     pub fn rt1_initiator(
         io: T,
-        session: Result<snow::Session, NoiseError>,
+        session: Result<snow::HandshakeState, NoiseError>,
         identity: KeypairIdentity,
         identity_x: IdentityExchange
     ) -> Handshake<T, C> {
@@ -157,7 +158,7 @@ where
     /// ```
     pub fn rt1_responder(
         io: T,
-        session: Result<snow::Session, NoiseError>,
+        session: Result<snow::HandshakeState, NoiseError>,
         identity: KeypairIdentity,
         identity_x: IdentityExchange,
     ) -> Handshake<T, C> {
@@ -188,7 +189,7 @@ where
     /// ```
     pub fn rt15_initiator(
         io: T,
-        session: Result<snow::Session, NoiseError>,
+        session: Result<snow::HandshakeState, NoiseError>,
         identity: KeypairIdentity,
         identity_x: IdentityExchange
     ) -> Handshake<T, C> {
@@ -220,7 +221,7 @@ where
     /// ```
     pub fn rt15_responder(
         io: T,
-        session: Result<snow::Session, NoiseError>,
+        session: Result<snow::HandshakeState, NoiseError>,
         identity: KeypairIdentity,
         identity_x: IdentityExchange
     ) -> Handshake<T, C> {
@@ -289,7 +290,7 @@ impl<T> State<T> {
     /// Noise handshake pattern.
     fn new(
         io: T,
-        session: Result<snow::Session, NoiseError>,
+        session: Result<snow::HandshakeState, NoiseError>,
         identity: KeypairIdentity,
         identity_x: IdentityExchange
     ) -> FutureResult<Self, NoiseError> {
@@ -302,7 +303,7 @@ impl<T> State<T> {
         future::result(session.map(|s|
             State {
                 identity,
-                io: NoiseOutput::new(io, s),
+                io: NoiseOutput::new(io, SnowState::Handshake(s)),
                 dh_remote_pubkey_sig: None,
                 id_remote_pubkey,
                 send_identity
@@ -340,7 +341,7 @@ impl<T> State<T>
                         }
                     }
                 };
-                future::ok((remote, NoiseOutput { session: s, .. self.io }))
+                future::ok((remote, NoiseOutput { session: SnowState::Transport(s), .. self.io }))
             }
         }
     }

diff --git a/protocols/noise/src/protocol.rs b/protocols/noise/src/protocol.rs
@@ -24,7 +24,7 @@ pub mod x25519;
 
 use crate::NoiseError;
 use libp2p_core::identity;
-use rand::FromEntropy;
+use rand::SeedableRng;
 use zeroize::Zeroize;
 
 /// The parameters of a Noise protocol, consisting of a choice

diff --git a/protocols/secio/Cargo.toml b/protocols/secio/Cargo.toml
@@ -27,7 +27,7 @@ sha2 = "0.8.0"
 hmac = "0.7.0"
 
 [target.'cfg(not(target_arch = "wasm32"))'.dependencies]
-ring = { version = "0.14", features = ["use_heap"], default-features = false }
+ring = { version = "^0.16", features = ["alloc"], default-features = false }
 untrusted = { version = "0.6" }
 
 [target.'cfg(target_arch = "wasm32")'.dependencies]

diff --git a/protocols/secio/src/exchange/impl_ring.rs b/protocols/secio/src/exchange/impl_ring.rs
@@ -64,8 +64,8 @@ pub fn generate_agreement(algorithm: KeyAgreement) -> impl Future<Item = (Agreem
 pub fn agree(algorithm: KeyAgreement, my_private_key: AgreementPrivateKey, other_public_key: &[u8], _out_size: usize)
     -> impl Future<Item = Vec<u8>, Error = SecioError>
 {
-    ring_agreement::agree_ephemeral(my_private_key, algorithm.into(),
-                                    UntrustedInput::from(other_public_key),
+    ring_agreement::agree_ephemeral(my_private_key,
+                                    &ring_agreement::UnparsedPublicKey::new(algorithm.into(), other_public_key),
                                     SecioError::SecretGenerationFailed,
                                     |key_material| Ok(key_material.to_vec()))
         .into_future()

diff --git a/transports/websocket/Cargo.toml b/transports/websocket/Cargo.toml
@@ -17,10 +17,10 @@ log = "0.4.1"
 rw-stream-sink = { version = "0.1.1", path = "../../misc/rw-stream-sink" }
 tokio-codec = "0.1.1"
 tokio-io = "0.1.12"
-tokio-rustls = "0.10.0-alpha.3"
+tokio-rustls = "0.10.1"
 soketto = { version = "0.2.3", features = ["deflate"] }
 url = "2.1.0"
-webpki-roots = "0.16.0"
+webpki-roots = "0.17.0"
 
 [dev-dependencies]
 libp2p-tcp = { version = "0.12.0", path = "../tcp" }

diff --git a/transports/websocket/src/tls.rs b/transports/websocket/src/tls.rs
@@ -128,7 +128,7 @@ impl Builder {
 }
 
 pub(crate) fn dns_name_ref(name: &str) -> Result<webpki::DNSNameRef<'_>, Error> {
-    webpki::DNSNameRef::try_from_ascii_str(name).map_err(|()| Error::InvalidDnsName(name.into()))
+    webpki::DNSNameRef::try_from_ascii_str(name).map_err(|_| Error::InvalidDnsName(name.into()))
 }
 
 // Error //////////////////////////////////////////////////////////////////////////////////////////