diff --git a/Cargo.toml b/Cargo.toml index 35d4ddc..9edfe8c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -17,25 +17,25 @@ keywords = [ categories = ["cryptography", "privacy"] [dependencies] -async-trait = "0.1.56" -base64 = "0.22.0" -generic-array = "0.14.5" +async-trait = "0.1.89" +base64 = "0.22" +generic-array = "1.3.5" rand = "0.8" serde = "1" -sha2 = "0.10.2" +sha2 = "0.10.9" thiserror = "2" tls_codec = { version = "0.4.2" } tls_codec_derive = "0.4.2" -voprf = { git = "https://github.com/facebook/voprf", features = ["serde"] } +voprf = { version = "0.6.0-pre.0", features = ["serde"] } p384 = { version = "0.13.0", default-features = false, features = [ "hash2curve", "voprf", ] } blind-rsa-signatures = "0.15.0" http = "1" -typenum = "1.15.0" +typenum = "1" nom = "8" -tokio = { version = "1.20.0", features = ["full"], optional = true } +tokio = { version = "1", features = ["full"], optional = true } trait-variant = "0.1.2" [features] @@ -46,7 +46,7 @@ test-utils = ["tokio"] [dev-dependencies] privacypass = { path = ".", features = ["kat", "test-utils"] } futures = "0.3" -criterion = { version = "0.5.0", features = ["async_futures", "async_tokio"] } +criterion = { version = "0.8.0", features = ["async_futures", "async_tokio"] } hex = { version = "0.4.3", features = ["serde"] } serde_json = "1.0" diff --git a/benches/private.rs b/benches/private.rs index 875509c..550bde7 100644 --- a/benches/private.rs +++ b/benches/private.rs @@ -29,7 +29,7 @@ async fn issue_private_token_response( .unwrap() } -async fn redeem_private_token, CS: PrivateCipherSuite>( +async fn redeem_private_token( key_store: MemoryKeyStoreVoprf, nonce_store: MemoryNonceStore, token: Token, diff --git a/benches/public.rs b/benches/public.rs index 1116ec0..b464277 100644 --- a/benches/public.rs +++ b/benches/public.rs @@ -35,7 +35,7 @@ async fn issue_public_token_response( .unwrap() } -async fn redeem_public_token>( +async fn redeem_public_token( origin_key_store: public_memory_store::OriginMemoryKeyStore, nonce_store: MemoryNonceStore, token: privacypass::auth::authorize::Token, diff --git a/src/amortized_tokens/response.rs b/src/amortized_tokens/response.rs index 859049f..9e046de 100644 --- a/src/amortized_tokens/response.rs +++ b/src/amortized_tokens/response.rs @@ -1,5 +1,6 @@ //! Response implementation of the Amortized Tokens protocol. +use generic_array::GenericArray; use tls_codec::{Deserialize, Serialize, Size}; use typenum::Unsigned; use voprf::{EvaluationElement, Group, Proof, Result, VoprfClient}; @@ -94,12 +95,14 @@ impl AmortizedBatchTokenResponse { .iter() .zip(token_state.token_inputs.iter()) { + let authenticator = + GenericArray::from_slice(authenticator.as_ref()).clone(); let token = Token::new( token_input.token_type, token_input.nonce, token_state.challenge_digest, token_input.token_key_id, - authenticator.to_owned(), + authenticator, ); tokens.push(token); } diff --git a/src/auth/authorize.rs b/src/auth/authorize.rs index e33616c..bc25ace 100644 --- a/src/auth/authorize.rs +++ b/src/auth/authorize.rs @@ -30,7 +30,7 @@ use super::{base64_char, key_name, opt_spaces, space}; /// ``` #[derive(Clone, Debug)] -pub struct Token> { +pub struct Token { token_type: TokenType, nonce: Nonce, challenge_digest: ChallengeDigest, @@ -38,7 +38,7 @@ pub struct Token> { authenticator: GenericArray, } -impl> Size for Token { +impl Size for Token { fn tls_serialized_len(&self) -> usize { self.token_type.tls_serialized_len() + self.nonce.tls_serialized_len() @@ -48,7 +48,7 @@ impl> Size for Token { } } -impl> Serialize for Token { +impl Serialize for Token { fn tls_serialize(&self, writer: &mut W) -> Result { Ok(self.token_type.tls_serialize(writer)? + self.nonce.tls_serialize(writer)? @@ -58,7 +58,7 @@ impl> Serialize for Token { } } -impl> Deserialize for Token { +impl Deserialize for Token { fn tls_deserialize(bytes: &mut R) -> Result where Self: Sized, @@ -77,12 +77,12 @@ impl> Deserialize for Token { nonce, challenge_digest, token_key_id, - authenticator: GenericArray::clone_from_slice(&authenticator), + authenticator: GenericArray::from_slice(&authenticator).clone(), }) } } -impl> Token { +impl Token { /// Creates a new Token. pub const fn new( token_type: TokenType, @@ -132,7 +132,7 @@ impl> Token { /// /// # Errors /// Returns an error if the token is not valid. -pub fn build_authorization_header>( +pub fn build_authorization_header( token: &Token, ) -> Result<(HeaderName, HeaderValue), BuildError> { let value = format!( @@ -162,7 +162,7 @@ pub enum BuildError { /// /// # Errors /// Returns an error if the header value is not valid. -pub fn parse_authorization_header>( +pub fn parse_authorization_header( value: &HeaderValue, ) -> Result, ParseError> { let s = value.to_str().map_err(|_| ParseError::InvalidInput)?; @@ -229,7 +229,7 @@ fn parse_private_tokens(input: &str) -> IResult<&str, Vec<&str>> { separated_list1(tag(","), parse_private_token).parse(input) } -fn parse_header_value>(input: &str) -> Result>, ParseError> { +fn parse_header_value(input: &str) -> Result>, ParseError> { let (output, tokens) = parse_private_tokens(input).map_err(|_| ParseError::InvalidInput)?; if !output.is_empty() { return Err(ParseError::InvalidInput); @@ -262,7 +262,7 @@ fn builder_parser_test() { nonce, challenge_digest, token_key_id, - GenericArray::clone_from_slice(&authenticator), + *GenericArray::from_slice(&authenticator), ); let (header_name, header_value) = build_authorization_header(&token).unwrap(); diff --git a/src/private_tokens/response.rs b/src/private_tokens/response.rs index 617f3d7..a425e6d 100644 --- a/src/private_tokens/response.rs +++ b/src/private_tokens/response.rs @@ -1,5 +1,6 @@ //! Response implementation of the Privately Verifiable Token protocol. +use generic_array::GenericArray; use tls_codec::{Deserialize, Serialize, Size}; use typenum::Unsigned; use voprf::*; @@ -109,6 +110,7 @@ impl TokenResponse { token_state.public_key, ) .map_err(|_| IssueTokenError::InvalidTokenResponse)?; + let authenticator = GenericArray::from_slice(authenticator.as_ref()).clone(); Ok(Token::new( CS::token_type(), diff --git a/src/private_tokens/server.rs b/src/private_tokens/server.rs index 7790a72..409c139 100644 --- a/src/private_tokens/server.rs +++ b/src/private_tokens/server.rs @@ -107,7 +107,7 @@ impl Server { /// /// # Errors /// Returns an error if the token is invalid. - pub async fn redeem_token>( + pub async fn redeem_token( &self, key_store: &PKS, nonce_store: &NS, diff --git a/src/public_tokens/response.rs b/src/public_tokens/response.rs index 2121e96..1d1ab4e 100644 --- a/src/public_tokens/response.rs +++ b/src/public_tokens/response.rs @@ -40,8 +40,7 @@ impl TokenResponse { &options, ) .map_err(|_| IssueTokenError::InvalidTokenResponse)?; - let authenticator: GenericArray = - GenericArray::clone_from_slice(&signature[0..256]); + let authenticator: GenericArray = *GenericArray::from_slice(&signature[0..256]); Ok(Token::new( TokenType::Public, token_state.token_input.nonce, diff --git a/src/public_tokens/server.rs b/src/public_tokens/server.rs index ca0d2ad..d426d47 100644 --- a/src/public_tokens/server.rs +++ b/src/public_tokens/server.rs @@ -130,7 +130,7 @@ impl OriginServer { /// /// # Errors /// Returns an error if the token is invalid. - pub async fn redeem_token>( + pub async fn redeem_token( &self, key_store: &OKS, nonce_store: &NS,