From e9fe12a771d62e4bc4241b0b9879aa0727f43e23 Mon Sep 17 00:00:00 2001 From: Arthur Gautier Date: Mon, 8 Sep 2025 02:26:44 +0000 Subject: [PATCH 1/2] bump dependencies to RustCrypto pre-releases --- Cargo.lock | 546 +++++++++++++++++++++++------------ Cargo.toml | 14 +- age-core/src/format.rs | 15 +- age-core/src/plugin.rs | 6 +- age-core/src/primitives.rs | 2 +- age/Cargo.toml | 14 +- age/src/cli_common.rs | 9 +- age/src/keys.rs | 7 +- age/src/plugin.rs | 6 + age/src/primitives.rs | 4 +- age/src/primitives/stream.rs | 6 +- age/src/protocol.rs | 11 +- age/src/scrypt.rs | 9 +- age/src/ssh.rs | 58 ++-- age/src/ssh/identity.rs | 5 +- age/src/ssh/recipient.rs | 20 +- age/src/x25519.rs | 13 +- 17 files changed, 460 insertions(+), 285 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index a95242b1..369b9277 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -25,12 +25,12 @@ checksum = "320119579fcad9c21884f5c4861d16174d0e06250625266f50fe6898340abefa" [[package]] name = "aead" -version = "0.5.2" +version = "0.6.0-rc.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d122413f284cf2d62fb1b7db97e02edb8cda96d769b16e443a4f6195e35662b0" +checksum = "67a578e7d4edaef88aeb9cdd81556f4a62266ce26601317c006a79e8bc58b5af" dependencies = [ - "crypto-common", - "generic-array", + "crypto-common 0.2.0-rc.9", + "inout 0.2.2", ] [[package]] @@ -40,19 +40,30 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b169f7a6d4742236a0a00c541b845991d0ac43e546831af1249753ab4c3aa3a0" dependencies = [ "cfg-if", - "cipher", + "cipher 0.4.4", + "cpufeatures", +] + +[[package]] +name = "aes" +version = "0.9.0-rc.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd9e1c818b25efb32214df89b0ec22f01aa397aaeb718d1022bf0635a3bfd1a8" +dependencies = [ + "cfg-if", + "cipher 0.5.0-rc.3", "cpufeatures", ] [[package]] name = "aes-gcm" -version = "0.10.3" +version = "0.11.0-rc.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "831010a0f742e1209b3bcea8fab6a8e149051ba6099432c8cb2cc117dec3ead1" +checksum = "7f5c07f414d7dc0755870f84c7900425360288d24e0eae4836f9dee19a30fa5f" dependencies = [ "aead", - "aes", - "cipher", + "aes 0.9.0-rc.2", + "cipher 0.5.0-rc.3", "ctr", "ghash", "subtle", @@ -62,7 +73,7 @@ dependencies = [ name = "age" version = "0.11.2" dependencies = [ - "aes", + "aes 0.9.0-rc.2", "aes-gcm", "age-core", "base64", @@ -70,17 +81,17 @@ dependencies = [ "bech32", "cbc", "chacha20poly1305", - "cipher", + "cipher 0.5.0-rc.3", "console", "cookie-factory", "criterion", "criterion-cycles-per-byte", "ctr", - "curve25519-dalek", + "curve25519-dalek 4.1.3", "futures", "futures-test", "hex", - "hmac", + "hmac 0.13.0-rc.3", "i18n-embed", "i18n-embed-fl", "is-terminal", @@ -92,12 +103,12 @@ dependencies = [ "pinentry", "pprof", "proptest", - "rand", + "rand 0.10.0-rc.6", "rpassword", "rsa", "rust-embed", "scrypt", - "sha2", + "sha2 0.11.0-rc.3", "subtle", "test-case", "tokio", @@ -118,9 +129,9 @@ dependencies = [ "hkdf", "io_tee", "nom", - "rand", + "rand 0.10.0-rc.6", "secrecy", - "sha2", + "sha2 0.11.0-rc.3", "tempfile", ] @@ -306,6 +317,12 @@ dependencies = [ "rustc-demangle", ] +[[package]] +name = "base16ct" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd307490d624467aa6f74b0eabb77633d1f758a7b25f12bceb0b22e08d9726f6" + [[package]] name = "base64" version = "0.22.1" @@ -314,9 +331,9 @@ checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" [[package]] name = "base64ct" -version = "1.6.0" +version = "1.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" +checksum = "7d809780667f4410e7c41b07f52439b94d2bdf8528eeedc287fa38d3b7f95d82" [[package]] name = "basic-toml" @@ -329,13 +346,13 @@ dependencies = [ [[package]] name = "bcrypt-pbkdf" -version = "0.10.0" +version = "0.11.0-rc.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6aeac2e1fe888769f34f05ac343bbef98b14d1ffb292ab69d4608b3abc86f2a2" +checksum = "5f0a790efa000ecb138276d4da57f782c0e6bb60d59150105290d6ec8cfeb2c2" dependencies = [ "blowfish", - "pbkdf2", - "sha2", + "pbkdf2 0.13.0-rc.5", + "sha2 0.11.0-rc.3", ] [[package]] @@ -380,23 +397,32 @@ dependencies = [ "generic-array", ] +[[package]] +name = "block-buffer" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96eb4cdd6cf1b31d671e9efe75c5d1ec614776856cefbe109ca373554a6d514f" +dependencies = [ + "hybrid-array", +] + [[package]] name = "block-padding" -version = "0.3.3" +version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a8894febbff9f758034a5b8e12d87918f56dfc64a8e1fe757d65e29041538d93" +checksum = "710f1dd022ef4e93f8a438b4ba958de7f64308434fa6a87104481645cc30068b" dependencies = [ - "generic-array", + "hybrid-array", ] [[package]] name = "blowfish" -version = "0.9.1" +version = "0.10.0-rc.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e412e2cd0f2b2d93e02543ceae7917b3c70331573df19ee046bcbc35e45e87d7" +checksum = "8ecfb049d43f70154a8a232d709710dc7350bda1fa7d0e539a252f0938adad8e" dependencies = [ "byteorder", - "cipher", + "cipher 0.5.0-rc.3", ] [[package]] @@ -445,11 +471,11 @@ checksum = "37b2a672a2cb129a2e41c10b1224bb368f9f37a2b16b612598138befd7b37eb5" [[package]] name = "cbc" -version = "0.1.2" +version = "0.2.0-rc.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26b52a9543ae338f279b96b0b9fed9c8093744685043739079ce85cd58f289a6" +checksum = "3c34a745c272d1f6124df3006881364190a8f033ff3857ce196a17aa4a753096" dependencies = [ - "cipher", + "cipher 0.5.0-rc.3", ] [[package]] @@ -472,26 +498,26 @@ checksum = "9555578bc9e57714c812a1f84e4fc5b4d21fcb063490c624de019f7464c91268" [[package]] name = "chacha20" -version = "0.9.1" +version = "0.10.0-rc.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3613f74bd2eac03dad61bd53dbe620703d4371614fe0bc3b9f04dd36fe4e818" +checksum = "f895fb33c1ad22da4bc79d37c0bddff8aee2ba4575705345eb73b8ffbc386074" dependencies = [ "cfg-if", - "cipher", + "cipher 0.5.0-rc.3", "cpufeatures", + "rand_core 0.10.0-rc-3", ] [[package]] name = "chacha20poly1305" -version = "0.10.1" +version = "0.11.0-rc.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "10cd79432192d1c0f4e1a0fef9527696cc039165d729fb41b3f4f4f354c2dc35" +checksum = "c662d31454533832974f2b2b3fcbd552ed3cde94c95e614a5039d297dd97076f" dependencies = [ "aead", "chacha20", - "cipher", + "cipher 0.5.0-rc.3", "poly1305", - "zeroize", ] [[package]] @@ -541,9 +567,19 @@ version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad" dependencies = [ - "crypto-common", - "inout", - "zeroize", + "crypto-common 0.1.6", + "inout 0.1.4", +] + +[[package]] +name = "cipher" +version = "0.5.0-rc.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "98d708bac5451350d56398433b19a7889022fa9187df1a769c0edbc3b2c03167" +dependencies = [ + "block-buffer 0.11.0", + "crypto-common 0.2.0-rc.9", + "inout 0.2.2", ] [[package]] @@ -606,6 +642,12 @@ dependencies = [ "roff", ] +[[package]] +name = "cmov" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c11ed919bd3bae4af5ab56372b627dfc32622aba6cec36906e8ab46746037c9d" + [[package]] name = "colorchoice" version = "1.0.2" @@ -626,9 +668,9 @@ dependencies = [ [[package]] name = "const-oid" -version = "0.9.6" +version = "0.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" +checksum = "0dabb6555f92fb9ee4140454eb5dcd14c7960e1225c6d1a6cc361f032947713e" [[package]] name = "constant_time_eq" @@ -671,9 +713,9 @@ dependencies = [ [[package]] name = "cpufeatures" -version = "0.2.12" +version = "0.2.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "53fe5e26ff1b7aef8bca9c6080520cfb8d9333c7568e1829cef191a9723e5504" +checksum = "59ed5838eebb26a2bb2e58f6d5b5316989ae9d08bab10e0e6d103e656d1b0280" dependencies = [ "libc", ] @@ -764,6 +806,19 @@ version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "460fbee9c2c2f33933d720630a6a0bac33ba7053db5344fac858d4b8952d77d5" +[[package]] +name = "crypto-bigint" +version = "0.7.0-rc.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c9c6daa2049db6a5fad90a981b8c63f023dbaf75a0fae73db4dcf234556fc957" +dependencies = [ + "ctutils", + "num-traits", + "rand_core 0.10.0-rc-3", + "serdect", + "zeroize", +] + [[package]] name = "crypto-common" version = "0.1.6" @@ -771,17 +826,38 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" dependencies = [ "generic-array", - "rand_core", "typenum", ] +[[package]] +name = "crypto-common" +version = "0.2.0-rc.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41b8986f836d4aeb30ccf4c9d3bd562fd716074cfd7fc4a2948359fbd21ed809" +dependencies = [ + "getrandom 0.4.0-rc.0", + "hybrid-array", + "rand_core 0.10.0-rc-3", +] + +[[package]] +name = "crypto-primes" +version = "0.7.0-pre.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da0b07a7a616370e8b6efca0c6a25e5f4c6d02fde11f3d570e4af64d8ed7e2e9" +dependencies = [ + "crypto-bigint", + "libm", + "rand_core 0.10.0-rc-3", +] + [[package]] name = "ctr" -version = "0.9.2" +version = "0.10.0-rc.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0369ee1ad671834580515889b80f2ea915f23b8be8d0daa4bbaf2ac5c7590835" +checksum = "3d0ec605a95e78815a4c4b8040217d56d5a1ab37043851ee9e7e65b89afa00e3" dependencies = [ - "cipher", + "cipher 0.5.0-rc.3", ] [[package]] @@ -794,6 +870,15 @@ dependencies = [ "windows-sys 0.52.0", ] +[[package]] +name = "ctutils" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7c67c81499f542d1dd38c6a2a2fe825f4dd4bca5162965dd2eea0c8119873d3c" +dependencies = [ + "cmov", +] + [[package]] name = "curve25519-dalek" version = "4.1.3" @@ -803,7 +888,22 @@ dependencies = [ "cfg-if", "cpufeatures", "curve25519-dalek-derive", - "fiat-crypto", + "fiat-crypto 0.2.9", + "rustc_version", + "subtle", + "zeroize", +] + +[[package]] +name = "curve25519-dalek" +version = "5.0.0-pre.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ae8b2fe5e4995d7fd08a7604e794dc569a65ed19659f5939d529813ed816d38" +dependencies = [ + "cfg-if", + "cpufeatures", + "curve25519-dalek-derive", + "fiat-crypto 0.3.0", "rustc_version", "subtle", "zeroize", @@ -831,11 +931,12 @@ dependencies = [ [[package]] name = "der" -version = "0.7.10" +version = "0.8.0-rc.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e7c1832837b905bbfb5101e07cc24c8deddf52f93225eee6ead5f4d63d53ddcb" +checksum = "02c1d73e9668ea6b6a28172aa55f3ebec38507131ce179051c8033b5c6037653" dependencies = [ "const-oid", + "pem-rfc7468", "zeroize", ] @@ -865,9 +966,20 @@ version = "0.10.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" dependencies = [ - "block-buffer", + "block-buffer 0.10.4", + "crypto-common 0.1.6", + "subtle", +] + +[[package]] +name = "digest" +version = "0.11.0-rc.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebf9423bafb058e4142194330c52273c343f8a5beb7176d052f0e73b17dd35b9" +dependencies = [ + "block-buffer 0.11.0", "const-oid", - "crypto-common", + "crypto-common 0.2.0-rc.9", "subtle", ] @@ -947,6 +1059,12 @@ version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "28dea519a9695b9977216879a3ebfddf92f1c08c05d984f8996aecd6ecdc811d" +[[package]] +name = "fiat-crypto" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64cd1e32ddd350061ae6edb1b082d7c54915b5c672c389143b9a63403a109f24" + [[package]] name = "filetime" version = "0.2.26" @@ -1212,13 +1330,25 @@ dependencies = [ "wasi 0.14.2+wasi-0.2.4", ] +[[package]] +name = "getrandom" +version = "0.4.0-rc.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b99f0d993a2b9b97b9a201193aa8ad21305cde06a3be9a7e1f8f4201e5cc27e" +dependencies = [ + "cfg-if", + "libc", + "r-efi", + "rand_core 0.10.0-rc-3", + "wasip2", +] + [[package]] name = "ghash" -version = "0.5.1" +version = "0.6.0-rc.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0d8a4362ccb29cb0b265253fb0a2728f592895ee6854fd9bc13f2ffda266ff1" +checksum = "333de57ed9494a40df4bbb866752b100819dde0d18f2264c48f5a08a85fe673d" dependencies = [ - "opaque-debug", "polyval", ] @@ -1269,11 +1399,11 @@ checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" [[package]] name = "hkdf" -version = "0.12.4" +version = "0.13.0-rc.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b5f8eb2ad728638ea2c7d47a21db23b7b58a72ed6a38256b8a1849f15fbbdf7" +checksum = "cfbb4225acf2b5cc4e12d384672cd6d1f0cb980ff5859ffcf144db25b593a24d" dependencies = [ - "hmac", + "hmac 0.13.0-rc.3", ] [[package]] @@ -1282,7 +1412,16 @@ version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" dependencies = [ - "digest", + "digest 0.10.7", +] + +[[package]] +name = "hmac" +version = "0.13.0-rc.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1c597ac7d6cc8143e30e83ef70915e7f883b18d8bec2e2b2bce47f5bbb06d57" +dependencies = [ + "digest 0.11.0-rc.5", ] [[package]] @@ -1301,6 +1440,15 @@ dependencies = [ "serde", ] +[[package]] +name = "hybrid-array" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f471e0a81b2f90ffc0cb2f951ae04da57de8baa46fa99112b062a5173a5088d0" +dependencies = [ + "typenum", +] + [[package]] name = "i18n-config" version = "0.4.8" @@ -1426,10 +1574,19 @@ version = "0.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "879f10e63c20629ecabbb64a8010319738c66a5cd0c29b02d63d272b03751d01" dependencies = [ - "block-padding", "generic-array", ] +[[package]] +name = "inout" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4250ce6452e92010fdf7268ccc5d14faa80bb12fc741938534c58f16804e03c7" +dependencies = [ + "block-padding", + "hybrid-array", +] + [[package]] name = "intl-memoizer" version = "0.5.3" @@ -1512,9 +1669,6 @@ name = "lazy_static" version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" -dependencies = [ - "spin", -] [[package]] name = "libc" @@ -1524,9 +1678,9 @@ checksum = "c5a2d376baa530d1238d133232d15e239abad80d05838b4b59354e5268af431f" [[package]] name = "libm" -version = "0.2.11" +version = "0.2.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8355be11b20d696c8f18f6cc018c4e372165b1fa8126cef092399c9951984ffa" +checksum = "f9fbbcab51052fe104eb5e5d351cf728d30a5be1fe14d9be8a3b097481fb97de" [[package]] name = "libredox" @@ -1631,23 +1785,6 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "61807f77802ff30975e01f4f071c8ba10c022052f98b3294119f3e615d13e5be" -[[package]] -name = "num-bigint-dig" -version = "0.8.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc84195820f291c7697304f3cbdadd1cb7199c0efc917ff5eafd71225c136151" -dependencies = [ - "byteorder", - "lazy_static", - "libm", - "num-integer", - "num-iter", - "num-traits", - "rand", - "smallvec", - "zeroize", -] - [[package]] name = "num-conv" version = "0.1.0" @@ -1664,26 +1801,6 @@ dependencies = [ "itoa", ] -[[package]] -name = "num-integer" -version = "0.1.46" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f" -dependencies = [ - "num-traits", -] - -[[package]] -name = "num-iter" -version = "0.1.45" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1429034a0490724d0075ebb2bc9e875d6503c3cf69e235a8941aa757d83ef5bf" -dependencies = [ - "autocfg", - "num-integer", - "num-traits", -] - [[package]] name = "num-traits" version = "0.2.19" @@ -1691,7 +1808,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841" dependencies = [ "autocfg", - "libm", ] [[package]] @@ -1753,12 +1869,6 @@ version = "11.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b410bbe7e14ab526a0e86877eb47c6996a2bd7746f027ba551028c925390e4e9" -[[package]] -name = "opaque-debug" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381" - [[package]] name = "os_pipe" version = "1.2.2" @@ -1802,14 +1912,42 @@ dependencies = [ "windows-targets 0.52.6", ] +[[package]] +name = "password-hash" +version = "0.6.0-rc.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c351143b5ab27b1f1d24712f21ea4d0458fe74f60dd5839297dabcc2ecd24d58" +dependencies = [ + "phc", +] + [[package]] name = "pbkdf2" version = "0.12.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f8ed6a7761f76e3b9f92dfb0a60a6a6477c61024b775147ff0973a02653abaf2" dependencies = [ - "digest", - "hmac", + "digest 0.10.7", + "hmac 0.12.1", +] + +[[package]] +name = "pbkdf2" +version = "0.13.0-rc.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c015873c38594dfb7724f90b2ed912a606697393bda2d39fd83c2394301f808a" +dependencies = [ + "digest 0.11.0-rc.5", + "hmac 0.13.0-rc.3", +] + +[[package]] +name = "pem-rfc7468" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a6305423e0e7738146434843d1694d621cce767262b2a86910beab705e4493d9" +dependencies = [ + "base64ct", ] [[package]] @@ -1818,6 +1956,16 @@ version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" +[[package]] +name = "phc" +version = "0.6.0-rc.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "71d390c5fe8d102c2c18ff39f1e72b9ad5996de282c2d831b0312f56910f5508" +dependencies = [ + "base64ct", + "subtle", +] + [[package]] name = "pin-project" version = "1.1.5" @@ -1867,20 +2015,19 @@ dependencies = [ [[package]] name = "pkcs1" -version = "0.7.5" +version = "0.8.0-rc.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8ffb9f10fa047879315e6625af03c164b16962a5368d724ed16323b68ace47f" +checksum = "986d2e952779af96ea048f160fd9194e1751b4faea78bcf3ceb456efe008088e" dependencies = [ "der", - "pkcs8", "spki", ] [[package]] name = "pkcs8" -version = "0.10.2" +version = "0.11.0-rc.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7" +checksum = "77089aec8290d0b7bb01b671b091095cf1937670725af4fd73d47249f03b12c0" dependencies = [ "der", "spki", @@ -1922,24 +2069,22 @@ dependencies = [ [[package]] name = "poly1305" -version = "0.8.0" +version = "0.9.0-rc.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8159bd90725d2df49889a078b54f4f79e87f1f8a8444194cdca81d38f5393abf" +checksum = "d9c0749ae91cfe6e68c77c4d48802d9720ee06aed3f7100a38975fb0962d50bc" dependencies = [ "cpufeatures", - "opaque-debug", "universal-hash", ] [[package]] name = "polyval" -version = "0.6.2" +version = "0.7.0-rc.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9d1fe60d06143b2430aa532c94cfe9e29783047f06c0d7fd359a9a51b729fa25" +checksum = "1ad60831c19edda4b20878a676595c357e93a9b4e6dca2ba98d75b01066b317b" dependencies = [ "cfg-if", "cpufeatures", - "opaque-debug", "universal-hash", ] @@ -2031,7 +2176,7 @@ dependencies = [ "bitflags 2.6.0", "lazy_static", "num-traits", - "rand", + "rand 0.8.5", "rand_chacha", "rand_xorshift", "regex-syntax", @@ -2106,7 +2251,18 @@ checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" dependencies = [ "libc", "rand_chacha", - "rand_core", + "rand_core 0.6.4", +] + +[[package]] +name = "rand" +version = "0.10.0-rc.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bccc05ac8fad6ee391f3cc6725171817eed960345e2fb42ad229d486c1ca2d98" +dependencies = [ + "chacha20", + "getrandom 0.4.0-rc.0", + "rand_core 0.10.0-rc-3", ] [[package]] @@ -2116,7 +2272,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" dependencies = [ "ppv-lite86", - "rand_core", + "rand_core 0.6.4", ] [[package]] @@ -2128,13 +2284,19 @@ dependencies = [ "getrandom 0.2.16", ] +[[package]] +name = "rand_core" +version = "0.10.0-rc-3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f66ee92bc15280519ef199a274fe0cafff4245d31bc39aaa31c011ad56cb1f05" + [[package]] name = "rand_xorshift" version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d25bf25ec5ae4a3f1b92f929810509a2f53d7dca2f50b794ff57e3face536c8f" dependencies = [ - "rand_core", + "rand_core 0.6.4", ] [[package]] @@ -2223,21 +2385,19 @@ dependencies = [ [[package]] name = "rsa" -version = "0.9.8" +version = "0.10.0-rc.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "78928ac1ed176a5ca1d17e578a1825f3d81ca54cf41053a592584b020cfd691b" +checksum = "d27d813937fdf8e9ad15e3e422a55da4021d29639000139ca19d99f3949060da" dependencies = [ "const-oid", - "digest", - "num-bigint-dig", - "num-integer", - "num-traits", + "crypto-bigint", + "crypto-primes", + "digest 0.11.0-rc.5", "pkcs1", "pkcs8", - "rand_core", + "rand_core 0.10.0-rc-3", "signature", "spki", - "subtle", "zeroize", ] @@ -2281,7 +2441,7 @@ version = "8.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "86f69089032567ffff4eada41c573fc43ff466c7db7c5688b2e7969584345581" dependencies = [ - "sha2", + "sha2 0.10.9", "walkdir", ] @@ -2345,11 +2505,12 @@ checksum = "28d3b2b1366ec20994f1fd18c3c594f05c5dd4bc44d8bb0c1c632c8d6829481f" [[package]] name = "salsa20" -version = "0.10.2" +version = "0.11.0-rc.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97a22f5af31f73a954c10289c93e8a50cc23d971e80ee446f1f6f7137a088213" +checksum = "06522a356e94a02a1f83d699a1d84dd2ba613fbb20b211153bd5a75de9ccdc92" dependencies = [ - "cipher", + "cfg-if", + "cipher 0.5.0-rc.3", ] [[package]] @@ -2369,13 +2530,15 @@ checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" [[package]] name = "scrypt" -version = "0.11.0" +version = "0.12.0-rc.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0516a385866c09368f0b5bcd1caff3366aace790fcd46e2bb032697bb172fd1f" +checksum = "13ac15f5e54b9e1ba72ee618fc8ed94dd9dbe7b09c0eeaed80bced84100d8381" dependencies = [ - "pbkdf2", + "cfg-if", + "password-hash", + "pbkdf2 0.13.0-rc.5", "salsa20", - "sha2", + "sha2 0.11.0-rc.3", ] [[package]] @@ -2450,6 +2613,16 @@ dependencies = [ "serde", ] +[[package]] +name = "serdect" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9af4a3e75ebd5599b30d4de5768e00b5095d518a79fefc3ecbaf77e665d1ec06" +dependencies = [ + "base16ct", + "serde", +] + [[package]] name = "sha1" version = "0.10.6" @@ -2458,7 +2631,7 @@ checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba" dependencies = [ "cfg-if", "cpufeatures", - "digest", + "digest 0.10.7", ] [[package]] @@ -2469,7 +2642,18 @@ checksum = "a7507d819769d01a365ab707794a4084392c824f54a7a6a7862f8c3d0892b283" dependencies = [ "cfg-if", "cpufeatures", - "digest", + "digest 0.10.7", +] + +[[package]] +name = "sha2" +version = "0.11.0-rc.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19d43dc0354d88b791216bb5c1bfbb60c0814460cc653ae0ebd71f286d0bd927" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest 0.11.0-rc.5", ] [[package]] @@ -2480,12 +2664,12 @@ checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" [[package]] name = "signature" -version = "2.2.0" +version = "3.0.0-rc.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" +checksum = "597a96996ccff7dfa16f052bd995b4cecc72af22c35138738dc029f0ead6608d" dependencies = [ - "digest", - "rand_core", + "digest 0.11.0-rc.5", + "rand_core 0.10.0-rc-3", ] [[package]] @@ -2537,17 +2721,11 @@ dependencies = [ "anstream 0.6.21", ] -[[package]] -name = "spin" -version = "0.9.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" - [[package]] name = "spki" -version = "0.7.3" +version = "0.8.0-rc.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d" +checksum = "8baeff88f34ed0691978ec34440140e1572b68c7dd4a495fd14a3dc1944daa80" dependencies = [ "base64ct", "der", @@ -2936,11 +3114,11 @@ checksum = "5a5f39404a5da50712a4c1eecf25e90dd62b613502b7e925fd4e4d19b5c96512" [[package]] name = "universal-hash" -version = "0.5.1" +version = "0.6.0-rc.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc1de2c688dc15305988b563c3854064043356019f97a4b46276fe734c4f07ea" +checksum = "0386f227888b17b65d3e38219a7d41185035471300855c285667811907bb1677" dependencies = [ - "crypto-common", + "crypto-common 0.2.0-rc.9", "subtle", ] @@ -3000,6 +3178,15 @@ dependencies = [ "wit-bindgen-rt", ] +[[package]] +name = "wasip2" +version = "1.0.1+wasi-0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0562428422c63773dad2c345a1882263bbf4d65cf3f42e90921f787ef5ad58e7" +dependencies = [ + "wit-bindgen", +] + [[package]] name = "wasm-bindgen" version = "0.2.100" @@ -3407,6 +3594,12 @@ version = "0.0.19" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d135d17ab770252ad95e9a872d365cf3090e3be864a34ab46f48555993efc904" +[[package]] +name = "wit-bindgen" +version = "0.46.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f17a85883d4e6d00e8a97c586de764dabcc06133f7f1d55dce5cdc070ad7fe59" + [[package]] name = "wit-bindgen-rt" version = "0.39.0" @@ -3424,13 +3617,12 @@ checksum = "f8dab7ac864710bdea6594becbea5b5050333cf34fefb0dc319567eb347950d4" [[package]] name = "x25519-dalek" -version = "2.0.1" +version = "3.0.0-pre.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7e468321c81fb07fa7f4c636c3972b9100f0346e5b6a9f2bd0603a52f7ed277" +checksum = "a5887899407ca8fb861126d509bb08465c14a9c60fad1f24c59ed59630a45586" dependencies = [ - "curve25519-dalek", - "rand_core", - "serde", + "curve25519-dalek 5.0.0-pre.4", + "rand_core 0.10.0-rc-3", "zeroize", ] @@ -3510,20 +3702,6 @@ name = "zeroize" version = "1.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ced3678a2879b30306d323f4542626697a464a97c0a07c9aebf7ebca65cd4dde" -dependencies = [ - "zeroize_derive", -] - -[[package]] -name = "zeroize_derive" -version = "1.4.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] [[package]] name = "zip" @@ -3531,7 +3709,7 @@ version = "1.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9cc23c04387f4da0374be4533ad1208cbb091d5c11d070dfef13676ad6497164" dependencies = [ - "aes", + "aes 0.8.4", "arbitrary", "bzip2", "constant_time_eq", @@ -3539,10 +3717,10 @@ dependencies = [ "crossbeam-utils", "displaydoc", "flate2", - "hmac", + "hmac 0.12.1", "indexmap", "num_enum", - "pbkdf2", + "pbkdf2 0.12.2", "sha1", "thiserror 1.0.69", "time", diff --git a/Cargo.toml b/Cargo.toml index 3d081601..56b71dd5 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -23,22 +23,22 @@ age-core = { version = "0.11.0", path = "age-core" } base64 = "0.22" # - ChaCha20-Poly1305 from RFC 7539 -chacha20poly1305 = { version = "0.10", default-features = false, features = ["alloc"] } +chacha20poly1305 = { version = "0.11.0-rc.1", default-features = false, features = ["alloc"] } # - X25519 from RFC 7748 -x25519-dalek = { version = "2", features = ["static_secrets"] } +x25519-dalek = { version = "3.0.0-pre.3", features = ["static_secrets"] } # - HKDF from RFC 5869 with SHA-256 # - HMAC from RFC 2104 with SHA-256 -hkdf = "0.12" -hmac = "0.12" -sha2 = "0.10" +hkdf = "0.13.0-rc.3" +hmac = "0.13.0-rc.3" +sha2 = "0.11.0-rc.3" # - scrypt from RFC 7914 -scrypt = { version = "0.11", default-features = false } +scrypt = { version = "0.12.0-rc.2", default-features = false, features = ["password-hash", "phc"] } # - CSPRNG -rand = "0.8" +rand = "0.10.0-rc.6" # - Key encoding bech32 = "0.11" diff --git a/age-core/src/format.rs b/age-core/src/format.rs index 2c51e170..75f0cc48 100644 --- a/age-core/src/format.rs +++ b/age-core/src/format.rs @@ -2,8 +2,8 @@ use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; use rand::{ - distributions::{Distribution, Uniform}, - thread_rng, RngCore, + distr::{Distribution, Uniform}, + rng, RngCore, }; use secrecy::{ExposeSecret, ExposeSecretMut, SecretBox}; @@ -122,22 +122,23 @@ pub fn is_arbitrary_string>(s: &S) -> bool { pub fn grease_the_joint() -> Stanza { // Generate arbitrary strings between 1 and 9 characters long. fn gen_arbitrary_string(rng: &mut R) -> String { - let length = Uniform::from(1..9).sample(rng); - Uniform::from(33..=126) + let length = Uniform::try_from(1..9).unwrap().sample(rng); + Uniform::try_from(33..=126) + .unwrap() .sample_iter(rng) .map(char::from) .take(length) .collect() } - let mut rng = thread_rng(); + let mut rng = rng(); // Add a suffix to the random tag so users know what is going on. let tag = format!("{}-grease", gen_arbitrary_string(&mut rng)); // Between this and the above generation bounds, the first line of the recipient // stanza will be between eight and 66 characters. - let args = (0..Uniform::from(0..5).sample(&mut rng)) + let args = (0..Uniform::try_from(0..5).unwrap().sample(&mut rng)) .map(|_| gen_arbitrary_string(&mut rng)) .collect(); @@ -148,7 +149,7 @@ pub fn grease_the_joint() -> Stanza { // - Two lines, second short // - Two lines, both full // - Three lines, last short - let mut body = vec![0; Uniform::from(0..100).sample(&mut rng)]; + let mut body = vec![0; Uniform::try_from(0..100).unwrap().sample(&mut rng)]; rng.fill_bytes(&mut body); Stanza { tag, args, body } diff --git a/age-core/src/plugin.rs b/age-core/src/plugin.rs index aa3e40c3..3cccabdf 100644 --- a/age-core/src/plugin.rs +++ b/age-core/src/plugin.rs @@ -3,7 +3,7 @@ //! These are shared between the client implementation in the `age` crate, and the plugin //! implementations built around the `age-plugin` crate. -use rand::{thread_rng, Rng}; +use rand::{rng, Rng}; use secrecy::zeroize::Zeroize; use std::env; use std::fmt; @@ -176,9 +176,9 @@ impl Connection { fn grease_gun(&mut self) -> impl Iterator { // Add 5% grease - let mut rng = thread_rng(); + let mut rng = rng(); (0..2).filter_map(move |_| { - if rng.gen_range(0..100) < 5 { + if rng.random_range(0..100) < 5 { Some(grease_the_joint()) } else { None diff --git a/age-core/src/primitives.rs b/age-core/src/primitives.rs index 75571873..f0bd3189 100644 --- a/age-core/src/primitives.rs +++ b/age-core/src/primitives.rs @@ -1,7 +1,7 @@ //! Primitive cryptographic operations used across various `age` components. use chacha20poly1305::{ - aead::{self, generic_array::typenum::Unsigned, Aead, AeadCore, KeyInit}, + aead::{self, array::typenum::Unsigned, Aead, AeadCore, KeyInit}, ChaCha20Poly1305, }; use hkdf::Hkdf; diff --git a/age/Cargo.toml b/age/Cargo.toml index 18938067..2f969c8d 100644 --- a/age/Cargo.toml +++ b/age/Cargo.toml @@ -27,7 +27,7 @@ rand.workspace = true # OpenSSH-specific dependencies: # - RSAES-OAEP from RFC 8017 with SHA-256 and MGF1 -rsa = { version = "0.9", default-features = false, optional = true } +rsa = { version = "0.10.0-rc.11", default-features = false, optional = true, features = ["encoding"] } # - Conversion of public keys from Ed25519 to X25519 curve25519-dalek = { version = "4", optional = true } @@ -58,12 +58,12 @@ zeroize.workspace = true num-traits = { version = "0.2", optional = true } # - Encrypted keys -aes = { version = "0.8", optional = true } -aes-gcm = { version = "0.10", optional = true } -bcrypt-pbkdf = { version = "0.10", optional = true } -cbc = { version = "0.1", optional = true } -cipher = { version = "0.4.3", features = ["alloc"], optional = true } -ctr = { version = "0.9", optional = true } +aes = { version = "0.9.0-rc.1", optional = true } +aes-gcm = { version = "0.11.0-rc.1", optional = true } +bcrypt-pbkdf = { version = "0.11.0-rc.1", optional = true } +cbc = { version = "0.2.0-rc.1", optional = true } +cipher = { version = "0.5.0-rc.1", features = ["alloc"], optional = true } +ctr = { version = "0.10.0-rc.1", optional = true } # scrypt Performance timer web-sys = { version = "0.3", optional = true, features = ["Window", "Performance"]} diff --git a/age/src/cli_common.rs b/age/src/cli_common.rs index c508544c..3c42a1a5 100644 --- a/age/src/cli_common.rs +++ b/age/src/cli_common.rs @@ -3,16 +3,15 @@ use age_core::secrecy::{ExposeSecret, SecretString}; use pinentry::{ConfirmationDialog, PassphraseInput}; use rand::{ - distributions::{Distribution, Uniform}, - rngs::OsRng, CryptoRng, RngCore, + distr::{Distribution, Uniform}, }; use rpassword::prompt_password; use std::io; use subtle::ConstantTimeEq; -use crate::{fl, Callbacks}; +use crate::{Callbacks, fl}; mod error; pub use error::ReadError; @@ -184,7 +183,7 @@ pub enum Passphrase { impl Passphrase { /// Generates a secure passphrase. pub fn random(mut rng: R) -> Self { - let between = Uniform::from(0..2048); + let between = Uniform::try_from(0..2048).unwrap(); let new_passphrase = (0..10) .map(|_| { BIP39_WORDLIST @@ -212,7 +211,7 @@ pub fn read_or_generate_passphrase() -> pinentry::Result { )?; if res.expose_secret().is_empty() { - Ok(Passphrase::random(OsRng)) + Ok(Passphrase::random(&mut rand::rng())) } else { Ok(Passphrase::Typed(res)) } diff --git a/age/src/keys.rs b/age/src/keys.rs index 06b6bd55..7234ddf0 100644 --- a/age/src/keys.rs +++ b/age/src/keys.rs @@ -5,12 +5,12 @@ use age_core::{ primitives::hkdf, secrecy::{ExposeSecret, SecretBox}, }; -use rand::{rngs::OsRng, RngCore}; +use rand::RngCore; use crate::{ error::DecryptError, format::HeaderV1, - primitives::{stream::PayloadKey, HmacKey}, + primitives::{HmacKey, stream::PayloadKey}, protocol::Nonce, }; @@ -18,7 +18,8 @@ const HEADER_KEY_LABEL: &[u8] = b"header"; const PAYLOAD_KEY_LABEL: &[u8] = b"payload"; pub(crate) fn new_file_key() -> FileKey { - FileKey::init_with_mut(|file_key| OsRng.fill_bytes(file_key)) + let mut rng = rand::rng(); + FileKey::init_with_mut(|file_key| rng.fill_bytes(file_key)) } pub(crate) fn mac_key(file_key: &FileKey) -> HmacKey { diff --git a/age/src/plugin.rs b/age/src/plugin.rs index 1c9e8374..0d22b680 100644 --- a/age/src/plugin.rs +++ b/age/src/plugin.rs @@ -92,6 +92,12 @@ impl SlowPluginGuard { } } +impl Drop for SlowPluginGuard { + fn drop(&mut self) { + _ = self.0 + } +} + /// A plugin-compatible recipient. #[derive(Clone)] pub struct Recipient { diff --git a/age/src/primitives.rs b/age/src/primitives.rs index bc95b8d6..67a14a23 100644 --- a/age/src/primitives.rs +++ b/age/src/primitives.rs @@ -2,7 +2,7 @@ use age_core::secrecy::{ExposeSecret, SecretBox}; use hmac::{ - digest::{CtOutput, MacError}, + digest::{CtOutput, KeyInit, MacError}, Hmac, Mac, }; use scrypt::{errors::InvalidParams, scrypt as scrypt_inner, Params as ScryptParams}; @@ -62,7 +62,7 @@ impl Write for HmacWriter { /// /// [RFC 7914]: https://tools.ietf.org/html/rfc7914 pub(crate) fn scrypt(salt: &[u8], log_n: u8, password: &str) -> Result<[u8; 32], InvalidParams> { - let params = ScryptParams::new(log_n, 8, 1, 32)?; + let params = ScryptParams::new_with_output_len(log_n, 8, 1, 32)?; let mut output = [0; 32]; scrypt_inner(password.as_bytes(), salt, ¶ms, &mut output) diff --git a/age/src/primitives/stream.rs b/age/src/primitives/stream.rs index 652e79ce..0856ac58 100644 --- a/age/src/primitives/stream.rs +++ b/age/src/primitives/stream.rs @@ -2,7 +2,7 @@ use age_core::secrecy::{ExposeSecret, SecretSlice}; use chacha20poly1305::{ - aead::{generic_array::GenericArray, Aead, KeyInit, KeySizeUser}, + aead::{array::Array, Aead, KeyInit, KeySizeUser}, ChaCha20Poly1305, }; use pin_project::pin_project; @@ -23,9 +23,7 @@ const CHUNK_SIZE: usize = 64 * 1024; const TAG_SIZE: usize = 16; const ENCRYPTED_CHUNK_SIZE: usize = CHUNK_SIZE + TAG_SIZE; -pub(crate) struct PayloadKey( - pub(crate) GenericArray::KeySize>, -); +pub(crate) struct PayloadKey(pub(crate) Array::KeySize>); impl Drop for PayloadKey { fn drop(&mut self) { diff --git a/age/src/protocol.rs b/age/src/protocol.rs index d95b7965..b6991c6b 100644 --- a/age/src/protocol.rs +++ b/age/src/protocol.rs @@ -1,17 +1,18 @@ //! Encryption and decryption routines for age. use age_core::{format::is_arbitrary_string, secrecy::SecretString}; -use rand::{rngs::OsRng, RngCore}; +use rand::RngCore; use std::io::{self, BufRead, Read, Write}; use std::iter; use crate::{ + Identity, Recipient, error::{DecryptError, EncryptError}, format::{Header, HeaderV1}, keys::{mac_key, new_file_key, v1_payload_key}, primitives::stream::{PayloadKey, Stream, StreamReader, StreamWriter}, - scrypt, Identity, Recipient, + scrypt, }; #[cfg(feature = "async")] @@ -28,7 +29,7 @@ impl AsRef<[u8]> for Nonce { impl Nonce { fn random() -> Self { let mut nonce = [0; 16]; - OsRng.fill_bytes(&mut nonce); + rand::rng().fill_bytes(&mut nonce); Nonce(nonce) } @@ -339,14 +340,14 @@ mod tests { use age_core::secrecy::SecretString; use super::{Decryptor, Encryptor}; - use crate::{identity::IdentityFile, scrypt, x25519, EncryptError, Identity, Recipient}; + use crate::{EncryptError, Identity, Recipient, identity::IdentityFile, scrypt, x25519}; #[cfg(feature = "async")] use futures::{ + Future, io::{AsyncRead, AsyncWrite}, pin_mut, task::Poll, - Future, }; #[cfg(feature = "async")] use futures_test::task::noop_context; diff --git a/age/src/scrypt.rs b/age/src/scrypt.rs index 60938e86..7b0e04a5 100644 --- a/age/src/scrypt.rs +++ b/age/src/scrypt.rs @@ -5,15 +5,14 @@ use std::iter; use std::time::Duration; use age_core::{ - format::{FileKey, Stanza, FILE_KEY_BYTES}, + format::{FILE_KEY_BYTES, FileKey, Stanza}, primitives::{aead_decrypt, aead_encrypt}, secrecy::{ExposeSecret, SecretString}, }; -use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; +use base64::{Engine, prelude::BASE64_STANDARD_NO_PAD}; use rand::{ - distributions::{Alphanumeric, DistString}, - rngs::OsRng, RngCore, + distr::{Alphanumeric, SampleString}, }; use zeroize::Zeroize; @@ -139,7 +138,7 @@ impl crate::Recipient for Recipient { &self, file_key: &FileKey, ) -> Result<(Vec, HashSet), EncryptError> { - let mut rng = OsRng; + let mut rng = rand::rng(); let mut salt = [0; SALT_LEN]; rng.fill_bytes(&mut salt); diff --git a/age/src/ssh.rs b/age/src/ssh.rs index a40fa7de..f1eca47d 100644 --- a/age/src/ssh.rs +++ b/age/src/ssh.rs @@ -11,7 +11,7 @@ use aes::{Aes128, Aes192, Aes256}; use aes_gcm::{AeadCore, Aes256Gcm}; use age_core::secrecy::{ExposeSecret, SecretString}; use bcrypt_pbkdf::bcrypt_pbkdf; -use cipher::Unsigned; +use cipher::typenum::Unsigned; use nom::Parser; use sha2::{Digest, Sha256}; @@ -27,7 +27,7 @@ pub(crate) const SSH_RSA_KEY_PREFIX: &str = "ssh-rsa"; pub(crate) const SSH_ED25519_KEY_PREFIX: &str = "ssh-ed25519"; pub(super) const SSH_RSA_RECIPIENT_TAG: &str = "ssh-rsa"; -const SSH_RSA_OAEP_LABEL: &str = "age-encryption.org/v1/ssh-rsa"; +const SSH_RSA_OAEP_LABEL: &[u8] = b"age-encryption.org/v1/ssh-rsa"; pub(super) const SSH_ED25519_RECIPIENT_TAG: &str = "ssh-ed25519"; const SSH_ED25519_RECIPIENT_KEY_LABEL: &[u8] = b"age-encryption.org/v1/ssh-ed25519"; @@ -138,27 +138,27 @@ impl EncryptedKey { } mod decrypt { - use aes::cipher::{block_padding::NoPadding, BlockDecryptMut, KeyIvInit, StreamCipher}; - use aes_gcm::aead::{AeadMut, KeyInit}; + use aes::cipher::{BlockModeDecrypt, KeyIvInit, StreamCipher, block_padding::NoPadding}; + use aes_gcm::aead::{Aead, KeyInit}; use age_core::secrecy::SecretString; - use cipher::generic_array::{ArrayLength, GenericArray}; + use cipher::array::{Array, ArraySize}; use super::OpenSshKdf; use crate::error::DecryptError; - fn derive_key_material, IvSize: ArrayLength>( + fn derive_key_material( kdf: &OpenSshKdf, passphrase: SecretString, - ) -> (GenericArray, GenericArray) { + ) -> (Array, Array) { let kdf_output = kdf.derive(passphrase, KeySize::USIZE + IvSize::USIZE); let (key, iv) = kdf_output.split_at(KeySize::USIZE); ( - GenericArray::from_exact_iter(key.iter().copied()).expect("key is correct length"), - GenericArray::from_exact_iter(iv.iter().copied()).expect("iv is correct length"), + Array::from_iter(key.iter().copied()), + Array::from_iter(iv.iter().copied()), ) } - pub(super) fn aes_cbc( + pub(super) fn aes_cbc( kdf: &OpenSshKdf, passphrase: SecretString, ciphertext: &[u8], @@ -166,7 +166,7 @@ mod decrypt { let (key, iv) = derive_key_material::(kdf, passphrase); let cipher = C::new(&key, &iv); cipher - .decrypt_padded_vec_mut::(ciphertext) + .decrypt_padded_vec::(ciphertext) .map_err(|_| DecryptError::KeyDecryptionFailed) } @@ -182,13 +182,13 @@ mod decrypt { plaintext } - pub(super) fn aes_gcm( + pub(super) fn aes_gcm( kdf: &OpenSshKdf, passphrase: SecretString, ciphertext: &[u8], ) -> Result, DecryptError> { let (key, nonce) = derive_key_material::(kdf, passphrase); - let mut cipher = C::new(&key); + let cipher = C::new(&key); cipher .decrypt(&nonce, ciphertext) .map_err(|_| DecryptError::KeyDecryptionFailed) @@ -199,21 +199,20 @@ mod read_ssh { use age_core::secrecy::SecretBox; use curve25519_dalek::edwards::{CompressedEdwardsY, EdwardsPoint}; use nom::{ + IResult, Parser, branch::alt, bytes::complete::{tag, take}, combinator::{flat_map, map, map_opt, map_parser, map_res, recognize, rest, verify}, multi::{length_data, length_value}, number::complete::be_u32, sequence::{delimited, pair, preceded, terminated}, - IResult, Parser, }; - use num_traits::Zero; - use rsa::BigUint; + use rsa::BoxedUint; use super::{ - identity::{UnencryptedKey, UnsupportedKey}, EncryptedKey, Identity, OpenSshCipher, OpenSshKdf, SSH_ED25519_KEY_PREFIX, SSH_RSA_KEY_PREFIX, + identity::{UnencryptedKey, UnsupportedKey}, }; /// The SSH `string` [data type](https://tools.ietf.org/html/rfc4251#section-5). @@ -240,10 +239,10 @@ mod read_ssh { /// included. The value zero MUST be stored as a string with zero /// bytes of data. /// ``` - fn mpint(input: &[u8]) -> IResult<&[u8], BigUint> { + fn mpint(input: &[u8]) -> IResult<&[u8], BoxedUint> { map_opt(string, |bytes| { if bytes.is_empty() { - Some(BigUint::zero()) + Some(BoxedUint::zero()) } else { // Enforce canonicity let mut non_zero_bytes = bytes; @@ -259,7 +258,7 @@ mod read_ssh { return None; } - Some(BigUint::from_bytes_be(bytes)) + Some(BoxedUint::from_be_slice_vartime(bytes)) } }) .parse_complete(input) @@ -405,11 +404,7 @@ mod read_ssh { // Repeated checkint, intended for verifying correct decryption. // Don't copy this idea into a new protocol; use an AEAD instead. map_opt(pair(take(4usize), take(4usize)), |(c1, c2)| { - if c1 == c2 { - Some(c1) - } else { - None - } + if c1 == c2 { Some(c1) } else { None } }), alt(( map(openssh_rsa_privkey, move |sk| { @@ -536,9 +531,8 @@ mod read_ssh { } mod write_ssh { - use cookie_factory::{bytes::be_u32, combinator::slice, sequence::tuple, SerializeFn}; - use num_traits::identities::Zero; - use rsa::{traits::PublicKeyParts, BigUint}; + use cookie_factory::{SerializeFn, bytes::be_u32, combinator::slice, sequence::tuple}; + use rsa::{BoxedUint, traits::PublicKeyParts}; use std::io::Write; use super::SSH_RSA_KEY_PREFIX; @@ -549,16 +543,16 @@ mod write_ssh { } /// Writes the SSH `mpint` data type. - fn mpint(value: &BigUint) -> impl SerializeFn { - let mut bytes = value.to_bytes_be(); + fn mpint(value: &BoxedUint) -> impl SerializeFn { + let mut bytes = value.to_be_bytes_trimmed_vartime().to_vec(); // From RFC 4251 section 5: // If the most significant bit would be set for a positive number, // the number MUST be preceded by a zero byte. Unnecessary leading // bytes with the value 0 or 255 MUST NOT be included. The value // zero MUST be stored as a string with zero bytes of data. - if value.is_zero() { - // BigUint represents zero as vec![0] + if value.is_zero().into() { + // BoxedUint represents zero as vec![0] bytes = vec![]; } else if bytes[0] >> 7 != 0 { bytes.insert(0, 0); diff --git a/age/src/ssh/identity.rs b/age/src/ssh/identity.rs index 0af6bfb7..3835f07d 100644 --- a/age/src/ssh/identity.rs +++ b/age/src/ssh/identity.rs @@ -12,7 +12,6 @@ use nom::{ sequence::{pair, preceded, terminated}, IResult, Parser, }; -use rand::rngs::OsRng; use rsa::{pkcs1::DecodeRsaPrivateKey, Oaep}; use sha2::{Digest, Sha256, Sha512}; use std::fmt; @@ -68,14 +67,14 @@ impl UnencryptedKey { return None; } - let mut rng = OsRng; + let mut rng = rand::rng(); // A failure to decrypt is fatal, because we assume that we won't // encounter 32-bit collisions on the key tag embedded in the header. Some( sk.decrypt_blinded( &mut rng, - Oaep::new_with_label::(SSH_RSA_OAEP_LABEL), + Oaep::::new_with_label(SSH_RSA_OAEP_LABEL), &stanza.body, ) .map_err(DecryptError::from) diff --git a/age/src/ssh/recipient.rs b/age/src/ssh/recipient.rs index 89ef8340..6ca4c1c5 100644 --- a/age/src/ssh/recipient.rs +++ b/age/src/ssh/recipient.rs @@ -7,27 +7,27 @@ use age_core::{ secrecy::ExposeSecret, }; use base64::{ - prelude::{BASE64_STANDARD, BASE64_STANDARD_NO_PAD}, Engine, + prelude::{BASE64_STANDARD, BASE64_STANDARD_NO_PAD}, }; use curve25519_dalek::edwards::EdwardsPoint; use nom::{ + IResult, Parser, branch::alt, bytes::streaming::{is_not, tag}, combinator::map_opt, sequence::{pair, preceded, separated_pair}, - IResult, Parser, }; -use rand::rngs::OsRng; -use rsa::{traits::PublicKeyParts, Oaep}; +use rsa::{Oaep, traits::PublicKeyParts}; use sha2::Sha256; use x25519_dalek::{EphemeralSecret, PublicKey as X25519PublicKey, StaticSecret}; use super::{ + EncryptedKey, SSH_ED25519_KEY_PREFIX, SSH_ED25519_RECIPIENT_KEY_LABEL, + SSH_ED25519_RECIPIENT_TAG, SSH_RSA_KEY_PREFIX, SSH_RSA_OAEP_LABEL, SSH_RSA_RECIPIENT_TAG, + UnsupportedKey, identity::{Identity, UnencryptedKey}, - read_ssh, ssh_tag, EncryptedKey, UnsupportedKey, SSH_ED25519_KEY_PREFIX, - SSH_ED25519_RECIPIENT_KEY_LABEL, SSH_ED25519_RECIPIENT_TAG, SSH_RSA_KEY_PREFIX, - SSH_RSA_OAEP_LABEL, SSH_RSA_RECIPIENT_TAG, + read_ssh, ssh_tag, }; use crate::{ error::EncryptError, @@ -150,14 +150,14 @@ impl crate::Recipient for Recipient { &self, file_key: &FileKey, ) -> Result<(Vec, HashSet), EncryptError> { - let mut rng = OsRng; + let mut rng = rand::rng(); let stanzas = match self { Recipient::SshRsa(ssh_key, pk) => { let encrypted_file_key = pk .encrypt( &mut rng, - Oaep::new_with_label::(SSH_RSA_OAEP_LABEL), + Oaep::::new_with_label(SSH_RSA_OAEP_LABEL), file_key.expose_secret(), ) .expect("pubkey is valid and file key is not too long"); @@ -173,7 +173,7 @@ impl crate::Recipient for Recipient { Recipient::SshEd25519(ssh_key, ed25519_pk) => { let pk: X25519PublicKey = ed25519_pk.to_montgomery().to_bytes().into(); - let esk = EphemeralSecret::random_from_rng(rng); + let esk = EphemeralSecret::random_from_rng(&mut rng); let epk: X25519PublicKey = (&esk).into(); let tweak: StaticSecret = diff --git a/age/src/x25519.rs b/age/src/x25519.rs index f686c9ff..109d4ff6 100644 --- a/age/src/x25519.rs +++ b/age/src/x25519.rs @@ -4,13 +4,12 @@ use std::collections::HashSet; use std::fmt; use age_core::{ - format::{FileKey, Stanza, FILE_KEY_BYTES}, + format::{FILE_KEY_BYTES, FileKey, Stanza}, primitives::{aead_decrypt, aead_encrypt, hkdf}, secrecy::{ExposeSecret, SecretString}, }; -use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; +use base64::{Engine, prelude::BASE64_STANDARD_NO_PAD}; use bech32::{Bech32, Hrp}; -use rand::rngs::OsRng; use subtle::ConstantTimeEq; use x25519_dalek::{EphemeralSecret, PublicKey, StaticSecret}; use zeroize::Zeroize; @@ -57,8 +56,8 @@ impl std::str::FromStr for Identity { impl Identity { /// Generates a new secret key. pub fn generate() -> Self { - let rng = OsRng; - Identity(StaticSecret::random_from_rng(rng)) + let mut rng = rand::rng(); + Identity(StaticSecret::random_from_rng(&mut rng)) } /// Serializes this secret key as a string. @@ -191,8 +190,8 @@ impl crate::Recipient for Recipient { &self, file_key: &FileKey, ) -> Result<(Vec, HashSet), EncryptError> { - let rng = OsRng; - let esk = EphemeralSecret::random_from_rng(rng); + let mut rng = rand::rng(); + let esk = EphemeralSecret::random_from_rng(&mut rng); let epk: PublicKey = (&esk).into(); let shared_secret = esk.diffie_hellman(&self.0); From b1b93032abc6ff02e18ab0fb6bc992a7234ca83a Mon Sep 17 00:00:00 2001 From: Arthur Gautier Date: Mon, 8 Sep 2025 03:54:28 +0000 Subject: [PATCH 2/2] bump edition to 2024 --- .github/workflows/ci.yml | 2 +- Cargo.toml | 4 +-- age-core/src/format.rs | 17 +++++----- age-core/src/plugin.rs | 14 ++++----- age-core/src/primitives.rs | 2 +- age-plugin/examples/age-plugin-unencrypted.rs | 3 +- age-plugin/src/identity.rs | 6 ++-- age-plugin/src/recipient.rs | 10 +++--- age/Cargo.toml | 3 ++ age/benches/parser.rs | 4 +-- age/benches/throughput.rs | 4 +-- age/src/cli_common.rs | 2 +- age/src/cli_common/error.rs | 2 +- age/src/cli_common/file_io.rs | 5 +-- age/src/cli_common/identities.rs | 4 +-- age/src/cli_common/recipients.rs | 4 +-- age/src/encrypted.rs | 4 +-- age/src/format.rs | 31 +++++++------------ age/src/i18n.rs | 4 +-- age/src/identity.rs | 2 +- age/src/plugin.rs | 11 ++++--- age/src/primitives.rs | 4 +-- age/src/primitives/armor.rs | 18 ++++++----- age/src/primitives/stream.rs | 15 +++++---- age/src/simple.rs | 2 +- age/src/ssh/identity.rs | 23 +++++++------- age/src/util.rs | 16 +++++----- age/tests/testkit.rs | 5 +-- rage/build.rs | 6 ++-- rage/src/bin/rage-keygen/cli.rs | 2 +- rage/src/bin/rage-mount/cli.rs | 2 +- rage/src/bin/rage-mount/main.rs | 2 +- rage/src/bin/rage-mount/tar.rs | 10 +++--- rage/src/bin/rage-mount/zip.rs | 16 ++++------ rage/src/bin/rage/cli.rs | 2 +- rage/src/bin/rage/i18n.rs | 2 +- rage/src/bin/rage/main.rs | 16 +++------- rust-toolchain.toml | 2 +- 38 files changed, 133 insertions(+), 148 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3d92bfdb..27e0a875 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -33,7 +33,7 @@ jobs: strategy: matrix: target: - - wasm32-wasi + - wasm32-wasip1 steps: - uses: actions/checkout@v4 diff --git a/Cargo.toml b/Cargo.toml index 56b71dd5..dfe8917c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -9,8 +9,8 @@ resolver = "2" [workspace.package] authors = ["Jack Grigg "] -edition = "2021" -rust-version = "1.70" +edition = "2024" +rust-version = "1.85" repository = "https://github.com/str4d/rage" license = "MIT OR Apache-2.0" diff --git a/age-core/src/format.rs b/age-core/src/format.rs index 75f0cc48..d791f841 100644 --- a/age-core/src/format.rs +++ b/age-core/src/format.rs @@ -1,9 +1,10 @@ //! Core types and encoding operations used by the age file format. -use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; +use base64::{Engine, prelude::BASE64_STANDARD_NO_PAD}; use rand::{ + RngCore, distr::{Distribution, Uniform}, - rng, RngCore, + rng, }; use secrecy::{ExposeSecret, ExposeSecretMut, SecretBox}; @@ -61,7 +62,7 @@ pub struct AgeStanza<'a> { body: Vec<&'a [u8]>, } -impl<'a> AgeStanza<'a> { +impl AgeStanza<'_> { /// Decodes and returns the body of this stanza. pub fn body(&self) -> Vec { // An AgeStanza will always contain at least one chunk. @@ -158,13 +159,13 @@ pub fn grease_the_joint() -> Stanza { /// Decoding operations for age types. pub mod read { use nom::{ + IResult, Parser, branch::alt, - bytes::streaming::{tag, take_while1, take_while_m_n}, + bytes::streaming::{tag, take_while_m_n, take_while1}, character::streaming::newline, combinator::{map, map_opt, opt, verify}, multi::{many_till, separated_list1}, sequence::{pair, preceded, terminated}, - IResult, Parser, }; use super::{AgeStanza, STANZA_TAG}; @@ -356,12 +357,12 @@ pub mod read { /// Encoding operations for age types. pub mod write { - use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; + use base64::{Engine, prelude::BASE64_STANDARD_NO_PAD}; use cookie_factory::{ + SerializeFn, WriteContext, combinator::string, multi::separated_list, sequence::{pair, tuple}, - SerializeFn, WriteContext, }; use std::io::Write; use std::iter; @@ -410,7 +411,7 @@ pub mod write { #[cfg(test)] mod tests { - use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; + use base64::{Engine, prelude::BASE64_STANDARD_NO_PAD}; use nom::error::ErrorKind; use super::{read, write}; diff --git a/age-core/src/plugin.rs b/age-core/src/plugin.rs index 3cccabdf..982c5441 100644 --- a/age-core/src/plugin.rs +++ b/age-core/src/plugin.rs @@ -3,7 +3,7 @@ //! These are shared between the client implementation in the `age` crate, and the plugin //! implementations built around the `age-plugin` crate. -use rand::{rng, Rng}; +use rand::{Rng, rng}; use secrecy::zeroize::Zeroize; use std::env; use std::fmt; @@ -13,7 +13,7 @@ use std::path::Path; use std::process::{ChildStdin, ChildStdout, Command, Stdio}; use crate::{ - format::{grease_the_joint, read, write, Stanza}, + format::{Stanza, grease_the_joint, read, write}, io::{DebugReader, DebugWriter}, }; @@ -124,7 +124,7 @@ impl Connection { cookie_factory::gen_simple(write::age_stanza(command, metadata, data), &mut self.output) .map_err(|e| match e { GenError::IoError(e) => e, - e => io::Error::new(io::ErrorKind::Other, format!("{}", e)), + e => io::Error::other(format!("{}", e)), }) .and_then(|w| w.flush()) } @@ -174,7 +174,7 @@ impl Connection { Ok(stanza) } - fn grease_gun(&mut self) -> impl Iterator { + fn grease_gun(&mut self) -> impl Iterator + use { // Add 5% grease let mut rng = rng(); (0..2).filter_map(move |_| { @@ -313,7 +313,7 @@ impl Connection { /// Grease is applied automatically. pub struct UnidirSend<'a, R: Read, W: Write>(&'a mut Connection); -impl<'a, R: Read, W: Write> UnidirSend<'a, R, W> { +impl UnidirSend<'_, R, W> { /// Send a command. pub fn send(&mut self, command: &str, metadata: &[&str], data: &[u8]) -> io::Result<()> { for grease in self.0.grease_gun() { @@ -341,7 +341,7 @@ impl<'a, R: Read, W: Write> UnidirSend<'a, R, W> { /// Grease is applied automatically. pub struct BidirSend<'a, R: Read, W: Write>(&'a mut Connection); -impl<'a, R: Read, W: Write> BidirSend<'a, R, W> { +impl BidirSend<'_, R, W> { /// Send a command and receive a response. pub fn send(&mut self, command: &str, metadata: &[&str], data: &[u8]) -> Result { for grease in self.0.grease_gun() { @@ -389,7 +389,7 @@ impl<'a, R: Read, W: Write> BidirSend<'a, R, W> { /// The possible replies to a bidirectional command. pub struct Reply<'a, R: Read, W: Write>(&'a mut Connection); -impl<'a, R: Read, W: Write> Reply<'a, R, W> { +impl Reply<'_, R, W> { /// Reply with `ok` and optional data. pub fn ok(self, data: Option<&[u8]>) -> Response { Response( diff --git a/age-core/src/primitives.rs b/age-core/src/primitives.rs index f0bd3189..f96ff3c6 100644 --- a/age-core/src/primitives.rs +++ b/age-core/src/primitives.rs @@ -1,8 +1,8 @@ //! Primitive cryptographic operations used across various `age` components. use chacha20poly1305::{ - aead::{self, array::typenum::Unsigned, Aead, AeadCore, KeyInit}, ChaCha20Poly1305, + aead::{self, Aead, AeadCore, KeyInit, array::typenum::Unsigned}, }; use hkdf::Hkdf; use sha2::Sha256; diff --git a/age-plugin/examples/age-plugin-unencrypted.rs b/age-plugin/examples/age-plugin-unencrypted.rs index 4152a827..cf717c96 100644 --- a/age-plugin/examples/age-plugin-unencrypted.rs +++ b/age-plugin/examples/age-plugin-unencrypted.rs @@ -3,10 +3,11 @@ use age_core::{ secrecy::ExposeSecret, }; use age_plugin::{ + Callbacks, PluginHandler, identity::{self, IdentityPluginV1}, print_new_identity, recipient::{self, RecipientPluginV1}, - run_state_machine, Callbacks, PluginHandler, + run_state_machine, }; use clap::Parser; diff --git a/age-plugin/src/identity.rs b/age-plugin/src/identity.rs index 6f54878b..a2586a32 100644 --- a/age-plugin/src/identity.rs +++ b/age-plugin/src/identity.rs @@ -5,8 +5,8 @@ use age_core::{ plugin::{self, BidirSend, Connection}, secrecy::{ExposeSecret, SecretString}, }; -use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; -use bech32::{primitives::decode::CheckedHrpstring, Bech32}; +use base64::{Engine, prelude::BASE64_STANDARD_NO_PAD}; +use bech32::{Bech32, primitives::decode::CheckedHrpstring}; use std::collections::HashMap; use std::convert::Infallible; @@ -74,7 +74,7 @@ impl IdentityPluginV1 for Infallible { /// The interface that age plugins can use to interact with an age implementation. struct BidirCallbacks<'a, 'b, R: io::Read, W: io::Write>(&'b mut BidirSend<'a, R, W>); -impl<'a, 'b, R: io::Read, W: io::Write> Callbacks for BidirCallbacks<'a, 'b, R, W> { +impl Callbacks for BidirCallbacks<'_, '_, R, W> { /// Shows a message to the user. /// /// This can be used to prompt the user to take some physical action, such as diff --git a/age-plugin/src/recipient.rs b/age-plugin/src/recipient.rs index bd656bc1..401edc2f 100644 --- a/age-plugin/src/recipient.rs +++ b/age-plugin/src/recipient.rs @@ -1,12 +1,12 @@ //! Recipient plugin helpers. use age_core::{ - format::{is_arbitrary_string, FileKey, Stanza}, + format::{FileKey, Stanza, is_arbitrary_string}, plugin::{self, BidirSend, Connection}, secrecy::SecretString, }; -use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; -use bech32::{primitives::decode::CheckedHrpstring, Bech32}; +use base64::{Engine, prelude::BASE64_STANDARD_NO_PAD}; +use bech32::{Bech32, primitives::decode::CheckedHrpstring}; use std::collections::HashSet; use std::convert::Infallible; @@ -39,7 +39,7 @@ pub trait RecipientPluginV1 { /// /// Returns an error if the recipient is unknown or invalid. fn add_recipient(&mut self, index: usize, plugin_name: &str, bytes: &[u8]) - -> Result<(), Error>; + -> Result<(), Error>; /// Stores an identity that the user would like to encrypt age files to. /// @@ -126,7 +126,7 @@ impl RecipientPluginV1 for Infallible { /// The interface that age plugins can use to interact with an age implementation. struct BidirCallbacks<'a, 'b, R: io::Read, W: io::Write>(&'b mut BidirSend<'a, R, W>); -impl<'a, 'b, R: io::Read, W: io::Write> Callbacks for BidirCallbacks<'a, 'b, R, W> { +impl Callbacks for BidirCallbacks<'_, '_, R, W> { /// Shows a message to the user. /// /// This can be used to prompt the user to take some physical action, such as diff --git a/age/Cargo.toml b/age/Cargo.toml index 2f969c8d..12f5c602 100644 --- a/age/Cargo.toml +++ b/age/Cargo.toml @@ -137,3 +137,6 @@ harness = false [package.metadata.docs.rs] all-features = true rustdoc-args = ["--cfg", "docsrs"] + +[lints.rust] +unexpected_cfgs = { level = "warn", check-cfg = ['cfg(fuzzing)'] } diff --git a/age/benches/parser.rs b/age/benches/parser.rs index cea37c4e..75fadf79 100644 --- a/age/benches/parser.rs +++ b/age/benches/parser.rs @@ -1,5 +1,5 @@ -use age::{x25519, Decryptor, Encryptor}; -use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion, Throughput}; +use age::{Decryptor, Encryptor, x25519}; +use criterion::{BenchmarkId, Criterion, Throughput, criterion_group, criterion_main}; #[cfg(unix)] use pprof::criterion::{Output, PProfProfiler}; diff --git a/age/benches/throughput.rs b/age/benches/throughput.rs index 8c5c349d..f7ac51ab 100644 --- a/age/benches/throughput.rs +++ b/age/benches/throughput.rs @@ -1,5 +1,5 @@ -use age::{x25519, Decryptor, Encryptor}; -use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion, Throughput}; +use age::{Decryptor, Encryptor, x25519}; +use criterion::{BenchmarkId, Criterion, Throughput, criterion_group, criterion_main}; #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] use criterion_cycles_per_byte::CyclesPerByte; diff --git a/age/src/cli_common.rs b/age/src/cli_common.rs index 3c42a1a5..18565e5e 100644 --- a/age/src/cli_common.rs +++ b/age/src/cli_common.rs @@ -211,7 +211,7 @@ pub fn read_or_generate_passphrase() -> pinentry::Result { )?; if res.expose_secret().is_empty() { - Ok(Passphrase::random(&mut rand::rng())) + Ok(Passphrase::random(rand::rng())) } else { Ok(Passphrase::Typed(res)) } diff --git a/age/src/cli_common/error.rs b/age/src/cli_common/error.rs index 2769ad12..e9c7ae60 100644 --- a/age/src/cli_common/error.rs +++ b/age/src/cli_common/error.rs @@ -1,7 +1,7 @@ use std::fmt; use std::io; -use crate::{wfl, DecryptError}; +use crate::{DecryptError, wfl}; #[cfg(feature = "plugin")] use crate::wlnfl; diff --git a/age/src/cli_common/file_io.rs b/age/src/cli_common/file_io.rs index 7275df83..ca4e95f3 100644 --- a/age/src/cli_common/file_io.rs +++ b/age/src/cli_common/file_io.rs @@ -395,10 +395,7 @@ impl OutputWriter { } else if is_tty { if let OutputFormat::Binary = format { // If output == Some("-") then this error is skipped. - return Err(io::Error::new( - io::ErrorKind::Other, - FileError::DenyBinaryOutput, - )); + return Err(io::Error::other(FileError::DenyBinaryOutput)); } } diff --git a/age/src/cli_common/identities.rs b/age/src/cli_common/identities.rs index 64492f15..6f2d7490 100644 --- a/age/src/cli_common/identities.rs +++ b/age/src/cli_common/identities.rs @@ -1,7 +1,7 @@ use std::io::{self, BufReader}; use super::{ReadError, StdinGuard, UiCallbacks}; -use crate::{identity::IdentityFile, Identity}; +use crate::{Identity, identity::IdentityFile}; #[cfg(feature = "armor")] use crate::{armor::ArmoredReader, cli_common::file_io::InputReader}; @@ -125,7 +125,7 @@ pub(super) fn parse_identity_files + From>( #[cfg(feature = "ssh")] match crate::ssh::Identity::from_buffer(&mut reader, Some(filename.clone())) { Ok(crate::ssh::Identity::Unsupported(k)) => { - return Err(ReadError::UnsupportedKey(filename, k).into()) + return Err(ReadError::UnsupportedKey(filename, k).into()); } Ok(identity) => { ssh_identity(ctx, &filename, identity)?; diff --git a/age/src/cli_common/recipients.rs b/age/src/cli_common/recipients.rs index 913a8326..bb94291d 100644 --- a/age/src/cli_common/recipients.rs +++ b/age/src/cli_common/recipients.rs @@ -1,9 +1,9 @@ use std::io::{self, BufReader}; use super::StdinGuard; -use super::{identities::parse_identity_files, ReadError}; +use super::{ReadError, identities::parse_identity_files}; use crate::identity::RecipientsAccumulator; -use crate::{x25519, Recipient}; +use crate::{Recipient, x25519}; #[cfg(feature = "plugin")] use crate::{cli_common::UiCallbacks, plugin}; diff --git a/age/src/encrypted.rs b/age/src/encrypted.rs index cb40a2bd..b05c6055 100644 --- a/age/src/encrypted.rs +++ b/age/src/encrypted.rs @@ -2,7 +2,7 @@ use std::{cell::Cell, io}; -use crate::{fl, scrypt, Callbacks, DecryptError, Decryptor, EncryptError, IdentityFile}; +use crate::{Callbacks, DecryptError, Decryptor, EncryptError, IdentityFile, fl, scrypt}; /// An encrypted age identity file. /// @@ -229,7 +229,7 @@ mod tests { use age_core::secrecy::{ExposeSecret, SecretString}; use super::Identity; - use crate::{x25519, Callbacks, DecryptError, Identity as _, Recipient as _}; + use crate::{Callbacks, DecryptError, Identity as _, Recipient as _, x25519}; #[cfg(feature = "armor")] use crate::armor::ArmoredReader; diff --git a/age/src/format.rs b/age/src/format.rs index a28dbe42..8025d01c 100644 --- a/age/src/format.rs +++ b/age/src/format.rs @@ -2,12 +2,13 @@ use std::io::{self, BufRead, Read, Write}; -use age_core::format::{grease_the_joint, Stanza}; +use age_core::format::{Stanza, grease_the_joint}; use crate::{ + EncryptError, error::DecryptError, primitives::{HmacKey, HmacWriter}, - scrypt, EncryptError, + scrypt, }; #[cfg(feature = "async")] @@ -51,7 +52,7 @@ impl HeaderV1 { } let mut mac = HmacWriter::new(mac_key); - cookie_factory::gen(write::header_v1_minus_mac(&header), &mut mac) + cookie_factory::r#gen(write::header_v1_minus_mac(&header), &mut mac) .expect("can serialize Header into HmacWriter"); header .mac @@ -67,7 +68,7 @@ impl HeaderV1 { mac.write_all(&bytes[..bytes.len() - ENCODED_MAC_LENGTH - 2]) .expect("can serialize Header into HmacWriter"); } else { - cookie_factory::gen(write::header_v1_minus_mac(self), &mut mac) + cookie_factory::r#gen(write::header_v1_minus_mac(self), &mut mac) .expect("can serialize Header into HmacWriter"); } mac.verify(&self.mac) @@ -219,28 +220,18 @@ impl Header { } pub(crate) fn write(&self, mut output: W) -> io::Result<()> { - cookie_factory::gen(write::header(self), &mut output) + cookie_factory::r#gen(write::header(self), &mut output) .map(|_| ()) - .map_err(|e| { - io::Error::new( - io::ErrorKind::Other, - format!("failed to write header: {}", e), - ) - }) + .map_err(|e| io::Error::other(format!("failed to write header: {}", e))) } #[cfg(feature = "async")] #[cfg_attr(docsrs, doc(cfg(feature = "async")))] pub(crate) async fn write_async(&self, mut output: W) -> io::Result<()> { let mut buf = vec![]; - cookie_factory::gen(write::header(self), &mut buf) + cookie_factory::r#gen(write::header(self), &mut buf) .map(|_| ()) - .map_err(|e| { - io::Error::new( - io::ErrorKind::Other, - format!("failed to write header: {}", e), - ) - })?; + .map_err(|e| io::Error::other(format!("failed to write header: {}", e)))?; output.write_all(&buf).await } @@ -255,13 +246,13 @@ pub(crate) enum Header { mod read { use age_core::format::read::{arbitrary_string, legacy_age_stanza}; use nom::{ + IResult, Parser, branch::alt, bytes::streaming::{tag, take}, character::streaming::newline, combinator::{map, map_opt}, multi::many1, sequence::{pair, preceded, terminated}, - IResult, Parser, }; use super::*; @@ -316,10 +307,10 @@ mod read { mod write { use age_core::format::write::age_stanza; use cookie_factory::{ + SerializeFn, WriteContext, combinator::{slice, string}, multi::all, sequence::tuple, - SerializeFn, WriteContext, }; use std::io::Write; diff --git a/age/src/i18n.rs b/age/src/i18n.rs index fb1c9f1a..02e3c179 100644 --- a/age/src/i18n.rs +++ b/age/src/i18n.rs @@ -1,7 +1,7 @@ use i18n_embed::{ - fluent::{fluent_language_loader, FluentLanguageLoader}, - unic_langid::LanguageIdentifier, I18nEmbedError, LanguageLoader, Localizer, + fluent::{FluentLanguageLoader, fluent_language_loader}, + unic_langid::LanguageIdentifier, }; use lazy_static::lazy_static; use rust_embed::RustEmbed; diff --git a/age/src/identity.rs b/age/src/identity.rs index 0c1ced22..ebb94cdb 100644 --- a/age/src/identity.rs +++ b/age/src/identity.rs @@ -1,7 +1,7 @@ use std::fs::File; use std::io; -use crate::{x25519, Callbacks, DecryptError, EncryptError, IdentityFileConvertError, NoCallbacks}; +use crate::{Callbacks, DecryptError, EncryptError, IdentityFileConvertError, NoCallbacks, x25519}; #[cfg(feature = "cli-common")] use crate::cli_common::file_io::InputReader; diff --git a/age/src/plugin.rs b/age/src/plugin.rs index 0d22b680..e9eca4f0 100644 --- a/age/src/plugin.rs +++ b/age/src/plugin.rs @@ -3,10 +3,10 @@ use age_core::{ format::{FileKey, Stanza}, io::{DebugReader, DebugWriter}, - plugin::{Connection, Reply, Response, UnidirSend, IDENTITY_V1, RECIPIENT_V1}, + plugin::{Connection, IDENTITY_V1, RECIPIENT_V1, Reply, Response, UnidirSend}, secrecy::ExposeSecret, }; -use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; +use base64::{Engine, prelude::BASE64_STANDARD_NO_PAD}; use bech32::{Bech32, Hrp}; use std::borrow::Borrow; @@ -21,10 +21,11 @@ use std::thread; use std::time::{Duration, SystemTime}; use crate::{ + Callbacks, error::{DecryptError, EncryptError, PluginError}, fl, util::parse_bech32, - wfl, wlnfl, Callbacks, + wfl, wlnfl, }; // Plugin HRPs are age1[name] and AGE-PLUGIN-[NAME]- @@ -747,8 +748,8 @@ mod tests { use crate::{DecryptError, EncryptError, NoCallbacks}; use super::{ - Identity, IdentityPluginV1, Recipient, RecipientPluginV1, PLUGIN_IDENTITY_PREFIX, - PLUGIN_RECIPIENT_PREFIX, + Identity, IdentityPluginV1, PLUGIN_IDENTITY_PREFIX, PLUGIN_RECIPIENT_PREFIX, Recipient, + RecipientPluginV1, }; const INVALID_PLUGIN_NAME: &str = "foobar/../../../../../../../usr/bin/echo"; diff --git a/age/src/primitives.rs b/age/src/primitives.rs index 67a14a23..bb10cca3 100644 --- a/age/src/primitives.rs +++ b/age/src/primitives.rs @@ -2,10 +2,10 @@ use age_core::secrecy::{ExposeSecret, SecretBox}; use hmac::{ - digest::{CtOutput, KeyInit, MacError}, Hmac, Mac, + digest::{CtOutput, KeyInit, MacError}, }; -use scrypt::{errors::InvalidParams, scrypt as scrypt_inner, Params as ScryptParams}; +use scrypt::{Params as ScryptParams, errors::InvalidParams, scrypt as scrypt_inner}; use sha2::Sha256; use std::io::{self, Write}; diff --git a/age/src/primitives/armor.rs b/age/src/primitives/armor.rs index 0a73ec4b..1adf9239 100644 --- a/age/src/primitives/armor.rs +++ b/age/src/primitives/armor.rs @@ -1,6 +1,6 @@ //! I/O helper structs for the age ASCII armor format. -use base64::{prelude::BASE64_STANDARD, Engine}; +use base64::{Engine, prelude::BASE64_STANDARD}; use pin_project::pin_project; use std::cmp; use std::error; @@ -466,9 +466,11 @@ impl ArmoredWriter { { if let Some(line) = encoded_line { loop { - line.offset += ready!(inner - .as_mut() - .poll_write(cx, &encoded_buf[line.offset..line.end]))?; + line.offset += ready!( + inner + .as_mut() + .poll_write(cx, &encoded_buf[line.offset..line.end]) + )?; if line.offset == line.end { break; } @@ -821,7 +823,7 @@ impl ArmoredReader { return Err(io::Error::new( io::ErrorKind::InvalidData, ArmoredReadError::InvalidBeginMarker, - )) + )); } } } else { @@ -928,7 +930,7 @@ impl BufRead for ArmoredReader { }) } else { Ok(&self.byte_buf[self.byte_start..self.byte_end]) - } + }; } Some(true) => { break if self.found_end { @@ -941,7 +943,7 @@ impl BufRead for ArmoredReader { } } else { Ok(&self.byte_buf[self.byte_start..self.byte_end]) - } + }; } } } @@ -1337,7 +1339,7 @@ impl Seek for ArmoredReader { mod tests { use std::io::{Cursor, Read, Seek, SeekFrom, Write}; - use super::{ArmoredReader, ArmoredWriter, Format, ARMORED_BYTES_PER_LINE}; + use super::{ARMORED_BYTES_PER_LINE, ArmoredReader, ArmoredWriter, Format}; #[cfg(feature = "async")] use futures::{ diff --git a/age/src/primitives/stream.rs b/age/src/primitives/stream.rs index 0856ac58..fc8f433f 100644 --- a/age/src/primitives/stream.rs +++ b/age/src/primitives/stream.rs @@ -2,8 +2,8 @@ use age_core::secrecy::{ExposeSecret, SecretSlice}; use chacha20poly1305::{ - aead::{array::Array, Aead, KeyInit, KeySizeUser}, ChaCha20Poly1305, + aead::{Aead, KeyInit, KeySizeUser, array::Array}, }; use pin_project::pin_project; use std::cmp; @@ -512,10 +512,10 @@ impl AsyncRead for StreamReader { if self.chunk.is_none() { while self.encrypted_pos < ENCRYPTED_CHUNK_SIZE { let this = self.as_mut().project(); - match ready!(this - .inner - .poll_read(cx, &mut this.encrypted_chunk[*this.encrypted_pos..])) - { + match ready!( + this.inner + .poll_read(cx, &mut this.encrypted_chunk[*this.encrypted_pos..]) + ) { Ok(0) => break, Ok(n) => self.encrypted_pos += n, Err(e) => match e.kind() { @@ -560,8 +560,7 @@ impl StreamReader { let ct_len = ct_end - ct_start; // Use ceiling division to determine the number of chunks. - let num_chunks = - (ct_len + (ENCRYPTED_CHUNK_SIZE as u64 - 1)) / ENCRYPTED_CHUNK_SIZE as u64; + let num_chunks = ct_len.div_ceil(ENCRYPTED_CHUNK_SIZE as u64); // Authenticate the ciphertext length by checking that we can successfully // decrypt the last chunk _as_ a last chunk. @@ -677,7 +676,7 @@ mod tests { use age_core::secrecy::ExposeSecret; use std::io::{self, Cursor, Read, Seek, SeekFrom, Write}; - use super::{PayloadKey, Stream, CHUNK_SIZE}; + use super::{CHUNK_SIZE, PayloadKey, Stream}; #[cfg(feature = "async")] use futures::{ diff --git a/age/src/simple.rs b/age/src/simple.rs index dbf3b1b6..95e4f7e4 100644 --- a/age/src/simple.rs +++ b/age/src/simple.rs @@ -2,8 +2,8 @@ use std::io::{Read, Write}; use std::iter; use crate::{ - error::{DecryptError, EncryptError}, Decryptor, Encryptor, Identity, Recipient, + error::{DecryptError, EncryptError}, }; #[cfg(feature = "armor")] diff --git a/age/src/ssh/identity.rs b/age/src/ssh/identity.rs index 3835f07d..7b873ce2 100644 --- a/age/src/ssh/identity.rs +++ b/age/src/ssh/identity.rs @@ -1,18 +1,18 @@ use age_core::{ - format::{FileKey, Stanza, FILE_KEY_BYTES}, + format::{FILE_KEY_BYTES, FileKey, Stanza}, primitives::{aead_decrypt, hkdf}, secrecy::{ExposeSecret, SecretBox}, }; use base64::prelude::BASE64_STANDARD; use nom::{ + IResult, Parser, branch::alt, bytes::streaming::{is_not, tag}, character::streaming::{line_ending, newline}, combinator::{map_opt, opt}, sequence::{pair, preceded, terminated}, - IResult, Parser, }; -use rsa::{pkcs1::DecodeRsaPrivateKey, Oaep}; +use rsa::{Oaep, pkcs1::DecodeRsaPrivateKey}; use sha2::{Digest, Sha256, Sha512}; use std::fmt; use std::io; @@ -20,14 +20,15 @@ use x25519_dalek::{PublicKey as X25519PublicKey, StaticSecret}; use zeroize::Zeroize; use super::{ - read_ssh, ssh_tag, write_ssh, EncryptedKey, SSH_ED25519_RECIPIENT_KEY_LABEL, - SSH_ED25519_RECIPIENT_TAG, SSH_RSA_OAEP_LABEL, SSH_RSA_RECIPIENT_TAG, TAG_LEN_BYTES, + EncryptedKey, SSH_ED25519_RECIPIENT_KEY_LABEL, SSH_ED25519_RECIPIENT_TAG, SSH_RSA_OAEP_LABEL, + SSH_RSA_RECIPIENT_TAG, TAG_LEN_BYTES, read_ssh, ssh_tag, write_ssh, }; use crate::{ + Callbacks, error::DecryptError, fl, util::read::{base64_arg, wrapped_str_while_encoded}, - wfl, wlnfl, Callbacks, + wfl, wlnfl, }; /// An SSH private key for decrypting an age file. @@ -62,7 +63,7 @@ impl UnencryptedKey { pub(crate) fn unwrap_stanza(&self, stanza: &Stanza) -> Option> { match (self, stanza.tag.as_str()) { (UnencryptedKey::SshRsa(ssh_key, sk), SSH_RSA_RECIPIENT_TAG) => { - let tag = base64_arg::<_, TAG_LEN_BYTES, 6>(stanza.args.get(0)?)?; + let tag = base64_arg::<_, TAG_LEN_BYTES, 6>(stanza.args.first()?)?; if ssh_tag(ssh_key) != tag { return None; } @@ -94,7 +95,7 @@ impl UnencryptedKey { ) } (UnencryptedKey::SshEd25519(ssh_key, privkey), SSH_ED25519_RECIPIENT_TAG) => { - let tag = base64_arg::<_, TAG_LEN_BYTES, 6>(stanza.args.get(0)?)?; + let tag = base64_arg::<_, TAG_LEN_BYTES, 6>(stanza.args.first()?)?; if ssh_tag(ssh_key) != tag { return None; } @@ -344,7 +345,7 @@ fn rsa_privkey(input: &str) -> IResult<&str, Identity> { .ok() .map(|privkey| { let mut ssh_key = vec![]; - cookie_factory::gen( + cookie_factory::r#gen( write_ssh::rsa_pubkey(&privkey.to_public_key()), &mut ssh_key, ) @@ -387,11 +388,11 @@ pub(crate) mod tests { use super::{Identity, UnsupportedKey}; use crate::{ + Callbacks, Identity as _, Recipient as _, ssh::recipient::{ - tests::{TEST_SSH_ED25519_PK, TEST_SSH_RSA_PK}, Recipient, + tests::{TEST_SSH_ED25519_PK, TEST_SSH_RSA_PK}, }, - Callbacks, Identity as _, Recipient as _, }; pub(crate) const TEST_SSH_RSA_SK: &str = "-----BEGIN RSA PRIVATE KEY----- diff --git a/age/src/util.rs b/age/src/util.rs index 08948f6b..5f19d4f2 100644 --- a/age/src/util.rs +++ b/age/src/util.rs @@ -1,4 +1,4 @@ -use bech32::{primitives::decode::CheckedHrpstring, Bech32}; +use bech32::{Bech32, primitives::decode::CheckedHrpstring}; #[cfg(all(any(feature = "armor", feature = "cli-common"), windows))] pub(crate) const LINE_ENDING: &str = "\r\n"; @@ -14,15 +14,15 @@ pub(crate) fn parse_bech32(s: &str) -> Option<(String, Vec)> { pub(crate) mod read { use std::str::FromStr; - use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; - use nom::{character::complete::digit1, combinator::verify, ParseTo, Parser}; + use base64::{Engine, prelude::BASE64_STANDARD_NO_PAD}; + use nom::{ParseTo, Parser, character::complete::digit1, combinator::verify}; #[cfg(feature = "ssh")] use nom::{ + IResult, combinator::map_res, - error::{make_error, ErrorKind}, + error::{ErrorKind, make_error}, multi::separated_list1, - IResult, }; #[cfg(feature = "ssh")] @@ -34,7 +34,7 @@ pub(crate) mod read { use nom::bytes::streaming::take; // Unpadded encoded length - let encoded_count = ((4 * count) + 2) / 3; + let encoded_count = (4 * count).div_ceil(3); move |input: &str| { let (i, data) = take(encoded_count)(input)?; @@ -117,8 +117,8 @@ pub(crate) mod read { } pub(crate) mod write { - use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; - use cookie_factory::{combinator::string, SerializeFn}; + use base64::{Engine, prelude::BASE64_STANDARD_NO_PAD}; + use cookie_factory::{SerializeFn, combinator::string}; use std::io::Write; pub(crate) fn encoded_data(data: &[u8]) -> impl SerializeFn { diff --git a/age/tests/testkit.rs b/age/tests/testkit.rs index d169087b..db971c0d 100644 --- a/age/tests/testkit.rs +++ b/age/tests/testkit.rs @@ -5,10 +5,11 @@ use std::{ }; use age::{ + DecryptError, Decryptor, Identity, armor::{ArmoredReadError, ArmoredReader}, scrypt, secrecy::SecretString, - x25519, DecryptError, Decryptor, Identity, + x25519, }; use futures::AsyncReadExt; use sha2::{Digest, Sha256}; @@ -601,7 +602,7 @@ fn get_testkit_passphrase(testfile: &TestFile, comment: &str) -> SecretString { assert_eq!(testfile.identities.len(), 0); match testfile.passphrases.len() { 0 => panic!("Test file is missing passphrase{}", comment), - 1 => testfile.passphrases.get(0).cloned().unwrap().into(), + 1 => testfile.passphrases.first().cloned().unwrap().into(), n => panic!("Too many passphrases ({}){}", n, comment), } } diff --git a/rage/build.rs b/rage/build.rs index 494d9e3f..88f94429 100644 --- a/rage/build.rs +++ b/rage/build.rs @@ -5,12 +5,12 @@ use std::path::Path; use std::path::PathBuf; use clap::{Command, CommandFactory, ValueEnum}; -use clap_complete::{generate_to, Shell}; +use clap_complete::{Shell, generate_to}; use clap_mangen::{ - roff::{Inline, Roff}, Man, + roff::{Inline, Roff}, }; -use flate2::{write::GzEncoder, Compression}; +use flate2::{Compression, write::GzEncoder}; use i18n_embed::unic_langid::LanguageIdentifier; mod i18n { diff --git a/rage/src/bin/rage-keygen/cli.rs b/rage/src/bin/rage-keygen/cli.rs index f54eb317..5771d7c3 100644 --- a/rage/src/bin/rage-keygen/cli.rs +++ b/rage/src/bin/rage-keygen/cli.rs @@ -1,6 +1,6 @@ use clap::{ - builder::{Styles, ValueHint}, ArgAction, Parser, + builder::{Styles, ValueHint}, }; use crate::fl; diff --git a/rage/src/bin/rage-mount/cli.rs b/rage/src/bin/rage-mount/cli.rs index 66e4099a..b4913e8e 100644 --- a/rage/src/bin/rage-mount/cli.rs +++ b/rage/src/bin/rage-mount/cli.rs @@ -1,6 +1,6 @@ use clap::{ - builder::{Styles, ValueHint}, ArgAction, Parser, + builder::{Styles, ValueHint}, }; use crate::fl; diff --git a/rage/src/bin/rage-mount/main.rs b/rage/src/bin/rage-mount/main.rs index 4f581134..ff0b33b7 100644 --- a/rage/src/bin/rage-mount/main.rs +++ b/rage/src/bin/rage-mount/main.rs @@ -2,7 +2,7 @@ use age::{ armor::ArmoredReader, - cli_common::{read_identities, read_secret, StdinGuard}, + cli_common::{StdinGuard, read_identities, read_secret}, scrypt, stream::StreamReader, }; diff --git a/rage/src/bin/rage-mount/tar.rs b/rage/src/bin/rage-mount/tar.rs index 86de1c77..4337cafd 100644 --- a/rage/src/bin/rage-mount/tar.rs +++ b/rage/src/bin/rage-mount/tar.rs @@ -4,7 +4,7 @@ use std::collections::HashMap; use std::fs::File; use std::io::{self, BufReader, Read, Seek, SeekFrom}; use std::path::{Path, PathBuf}; -use std::sync::{mpsc, Mutex}; +use std::sync::{Mutex, mpsc}; use std::time::{Duration, SystemTime}; use tar::{Archive, Entry, EntryType}; @@ -25,8 +25,7 @@ fn tar_to_filetype(entry: &Entry) -> Option { } fn tar_to_fuse(entry: &Entry) -> io::Result { - let kind = tar_to_filetype(entry) - .ok_or_else(|| io::Error::new(io::ErrorKind::Other, "Unsupported filetype"))?; + let kind = tar_to_filetype(entry).ok_or_else(|| io::Error::other("Unsupported filetype"))?; let perm = (entry.header().mode()? & 0o7777) as u16; let mtime = SystemTime::UNIX_EPOCH + Duration::new(entry.header().mtime()?, 0); @@ -226,7 +225,7 @@ impl FilesystemMT for AgeTarFs { files: self.file_map.len() as u64, ffree: 0, bsize: 64 * 1024, - namelen: u32::max_value(), + namelen: u32::MAX, frsize: 64 * 1024, }) } @@ -270,8 +269,7 @@ impl FilesystemMT for AgeTarFs { // Read bytes let to_read = usize::min(size as usize, (file_size - offset) as usize); - let mut buf = vec![]; - buf.resize(to_read, 0); + let mut buf = vec![0; to_read]; match inner.read_exact(&mut buf) { Ok(_) => callback(Ok(&buf)), Err(_) => callback(Err(libc::EIO)), diff --git a/rage/src/bin/rage-mount/zip.rs b/rage/src/bin/rage-mount/zip.rs index 9ffe1b14..44eb100c 100644 --- a/rage/src/bin/rage-mount/zip.rs +++ b/rage/src/bin/rage-mount/zip.rs @@ -4,9 +4,9 @@ use std::collections::HashMap; use std::fs::File; use std::io::{self, BufReader, Read}; use std::path::{Path, PathBuf}; -use std::sync::{mpsc, Mutex}; +use std::sync::{Mutex, mpsc}; use std::time::{Duration, SystemTime}; -use zip::{read::ZipFile, ZipArchive}; +use zip::{ZipArchive, read::ZipFile}; fn zip_path(path: &Path) -> &Path { path.strip_prefix("/").unwrap() @@ -96,16 +96,13 @@ impl AgeZipFs { stream: StreamReader>>, destroy_tx: mpsc::SyncSender<()>, ) -> io::Result { - let mut archive = - ZipArchive::new(stream).map_err(|e| io::Error::new(io::ErrorKind::Other, e))?; + let mut archive = ZipArchive::new(stream).map_err(io::Error::other)?; // Build a directory listing for the archive let mut dir_map: HashMap> = HashMap::new(); dir_map.insert(PathBuf::new(), vec![]); // the root for i in 0..archive.len() { - let zf = archive - .by_index(i) - .map_err(|e| io::Error::new(io::ErrorKind::Other, e))?; + let zf = archive.by_index(i).map_err(io::Error::other)?; if let Some(path) = zf.enclosed_name() { add_dir_to_map(&mut dir_map, &path, zipfile_to_filetype(&zf)); } @@ -192,7 +189,7 @@ impl FilesystemMT for AgeZipFs { files: inner.len() as u64, ffree: 0, bsize: 64 * 1024, - namelen: u32::max_value(), + namelen: u32::MAX, frsize: 64 * 1024, }) } @@ -233,8 +230,7 @@ impl FilesystemMT for AgeZipFs { } // Skip to offset - let mut buf = vec![]; - buf.resize(offset as usize, 0); + let mut buf = vec![0; offset as usize]; if zf.read_exact(&mut buf).is_err() { return callback(Err(libc::EIO)); } diff --git a/rage/src/bin/rage/cli.rs b/rage/src/bin/rage/cli.rs index 1084ce5a..e5e39a7c 100644 --- a/rage/src/bin/rage/cli.rs +++ b/rage/src/bin/rage/cli.rs @@ -1,8 +1,8 @@ use std::path::Path; use clap::{ - builder::{Styles, ValueHint}, ArgAction, Parser, + builder::{Styles, ValueHint}, }; use crate::fl; diff --git a/rage/src/bin/rage/i18n.rs b/rage/src/bin/rage/i18n.rs index acd305a1..4c715603 100644 --- a/rage/src/bin/rage/i18n.rs +++ b/rage/src/bin/rage/i18n.rs @@ -1,5 +1,5 @@ use i18n_embed::{ - fluent::{fluent_language_loader, FluentLanguageLoader}, + fluent::{FluentLanguageLoader, fluent_language_loader}, unic_langid::LanguageIdentifier, }; use lazy_static::lazy_static; diff --git a/rage/src/bin/rage/main.rs b/rage/src/bin/rage/main.rs index a0e5231d..78ae4ce7 100644 --- a/rage/src/bin/rage/main.rs +++ b/rage/src/bin/rage/main.rs @@ -1,14 +1,14 @@ #![forbid(unsafe_code)] use age::{ + Identity, armor::{ArmoredReader, ArmoredWriter, Format}, cli_common::{ - file_io, read_identities, read_or_generate_passphrase, read_recipients, read_secret, - Passphrase, StdinGuard, UiCallbacks, + Passphrase, StdinGuard, UiCallbacks, file_io, read_identities, read_or_generate_passphrase, + read_recipients, read_secret, }, plugin, scrypt, secrecy::ExposeSecret, - Identity, }; use clap::{CommandFactory, Parser}; use i18n_embed::DesktopLanguageRequester; @@ -162,10 +162,7 @@ fn encrypt(opts: AgeOptions) -> Result<(), error::EncryptError> { } Err(pinentry::Error::Gpg(e)) => { // Pretend it is an I/O error - return Err(error::EncryptError::Io(io::Error::new( - io::ErrorKind::Other, - format!("{}", e), - ))); + return Err(error::EncryptError::Io(io::Error::other(format!("{}", e)))); } Err(pinentry::Error::Io(e)) => return Err(error::EncryptError::Io(e)), } @@ -351,10 +348,7 @@ fn decrypt(opts: AgeOptions) -> Result<(), error::DecryptError> { } Err(pinentry::Error::Gpg(e)) => { // Pretend it is an I/O error - Err(error::DecryptError::Io(io::Error::new( - io::ErrorKind::Other, - format!("{}", e), - ))) + Err(error::DecryptError::Io(io::Error::other(format!("{}", e)))) } Err(pinentry::Error::Io(e)) => Err(error::DecryptError::Io(e)), } diff --git a/rust-toolchain.toml b/rust-toolchain.toml index 5299106e..e22c3445 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,3 +1,3 @@ [toolchain] -channel = "1.70.0" +channel = "1.85.0" components = ["clippy", "rustfmt"]