chore: update dependencies

Cargo.toml

@@ -17,25 +17,25 @@ keywords = [
 categories = ["cryptography", "privacy"]
 
 [dependencies]
-async-trait = "0.1.56"
-base64 = "0.22.0"
-generic-array = "0.14.5"
+async-trait = "0.1.89"
+base64 = "0.22"
+generic-array = "1.3.5"
 rand = "0.8"
 serde = "1"
-sha2 = "0.10.2"
+sha2 = "0.10.9"
 thiserror = "2"
 tls_codec = { version = "0.4.2" }
 tls_codec_derive = "0.4.2"
-voprf = { git = "https://github.com/facebook/voprf", features = ["serde"] }
+voprf = { version = "0.6.0-pre.0", features = ["serde"] }
 p384 = { version = "0.13.0", default-features = false, features = [
   "hash2curve",
   "voprf",
 ] }
 blind-rsa-signatures = "0.15.0"
 http = "1"
-typenum = "1.15.0"
+typenum = "1"
 nom = "8"
-tokio = { version = "1.20.0", features = ["full"], optional = true }
+tokio = { version = "1", features = ["full"], optional = true }
 trait-variant = "0.1.2"
 
 [features]
@@ -46,7 +46,7 @@ test-utils = ["tokio"]
 [dev-dependencies]
 privacypass = { path = ".", features = ["kat", "test-utils"] }
 futures = "0.3"
-criterion = { version = "0.5.0", features = ["async_futures", "async_tokio"] }
+criterion = { version = "0.8.0", features = ["async_futures", "async_tokio"] }
 hex = { version = "0.4.3", features = ["serde"] }
 serde_json = "1.0"
 

benches/private.rs

@@ -29,7 +29,7 @@ async fn issue_private_token_response<CS: PrivateCipherSuite>(
         .unwrap()
 }
 
-async fn redeem_private_token<Nk: ArrayLength<u8>, CS: PrivateCipherSuite>(
+async fn redeem_private_token<Nk: ArrayLength, CS: PrivateCipherSuite>(
     key_store: MemoryKeyStoreVoprf<CS>,
     nonce_store: MemoryNonceStore,
     token: Token<Nk>,

benches/public.rs

@@ -35,7 +35,7 @@ async fn issue_public_token_response(
         .unwrap()
 }
 
-async fn redeem_public_token<Nk: ArrayLength<u8>>(
+async fn redeem_public_token<Nk: ArrayLength>(
     origin_key_store: public_memory_store::OriginMemoryKeyStore,
     nonce_store: MemoryNonceStore,
     token: privacypass::auth::authorize::Token<Nk>,

src/amortized_tokens/response.rs

@@ -1,5 +1,6 @@
 //! Response implementation of the Amortized Tokens protocol.
 
+use generic_array::GenericArray;
 use tls_codec::{Deserialize, Serialize, Size};
 use typenum::Unsigned;
 use voprf::{EvaluationElement, Group, Proof, Result, VoprfClient};
@@ -94,12 +95,14 @@ impl<CS: PrivateCipherSuite> AmortizedBatchTokenResponse<CS> {
             .iter()
             .zip(token_state.token_inputs.iter())
         {
+            let authenticator =
+                GenericArray::from_slice(authenticator.as_ref()).clone();
             let token = Token::new(
                 token_input.token_type,
                 token_input.nonce,
                 token_state.challenge_digest,
                 token_input.token_key_id,
-                authenticator.to_owned(),
+                authenticator,
             );
             tokens.push(token);
         }

src/auth/authorize.rs

@@ -30,15 +30,15 @@ use super::{base64_char, key_name, opt_spaces, space};
 /// ```
 
 #[derive(Clone, Debug)]
-pub struct Token<Nk: ArrayLength<u8>> {
+pub struct Token<Nk: ArrayLength> {
     token_type: TokenType,
     nonce: Nonce,
     challenge_digest: ChallengeDigest,
     token_key_id: TokenKeyId,
     authenticator: GenericArray<u8, Nk>,
 }
 
-impl<Nk: ArrayLength<u8>> Size for Token<Nk> {
+impl<Nk: ArrayLength> Size for Token<Nk> {
     fn tls_serialized_len(&self) -> usize {
         self.token_type.tls_serialized_len()
             + self.nonce.tls_serialized_len()
@@ -48,7 +48,7 @@ impl<Nk: ArrayLength<u8>> Size for Token<Nk> {
     }
 }
 
-impl<Nk: ArrayLength<u8>> Serialize for Token<Nk> {
+impl<Nk: ArrayLength> Serialize for Token<Nk> {
     fn tls_serialize<W: Write>(&self, writer: &mut W) -> Result<usize, Error> {
         Ok(self.token_type.tls_serialize(writer)?
             + self.nonce.tls_serialize(writer)?
@@ -58,7 +58,7 @@ impl<Nk: ArrayLength<u8>> Serialize for Token<Nk> {
     }
 }
 
-impl<Nk: ArrayLength<u8>> Deserialize for Token<Nk> {
+impl<Nk: ArrayLength> Deserialize for Token<Nk> {
     fn tls_deserialize<R: std::io::Read>(bytes: &mut R) -> Result<Self, Error>
     where
         Self: Sized,
@@ -77,12 +77,12 @@ impl<Nk: ArrayLength<u8>> Deserialize for Token<Nk> {
             nonce,
             challenge_digest,
             token_key_id,
-            authenticator: GenericArray::clone_from_slice(&authenticator),
+            authenticator: GenericArray::from_slice(&authenticator).clone(),
         })
     }
 }
 
-impl<Nk: ArrayLength<u8>> Token<Nk> {
+impl<Nk: ArrayLength> Token<Nk> {
     /// Creates a new Token.
     pub const fn new(
         token_type: TokenType,
@@ -132,7 +132,7 @@ impl<Nk: ArrayLength<u8>> Token<Nk> {
 ///
 /// # Errors
 /// Returns an error if the token is not valid.
-pub fn build_authorization_header<Nk: ArrayLength<u8>>(
+pub fn build_authorization_header<Nk: ArrayLength>(
     token: &Token<Nk>,
 ) -> Result<(HeaderName, HeaderValue), BuildError> {
     let value = format!(
@@ -162,7 +162,7 @@ pub enum BuildError {
 ///
 /// # Errors
 /// Returns an error if the header value is not valid.
-pub fn parse_authorization_header<Nk: ArrayLength<u8>>(
+pub fn parse_authorization_header<Nk: ArrayLength>(
     value: &HeaderValue,
 ) -> Result<Token<Nk>, ParseError> {
     let s = value.to_str().map_err(|_| ParseError::InvalidInput)?;
@@ -229,7 +229,7 @@ fn parse_private_tokens(input: &str) -> IResult<&str, Vec<&str>> {
     separated_list1(tag(","), parse_private_token).parse(input)
 }
 
-fn parse_header_value<Nk: ArrayLength<u8>>(input: &str) -> Result<Vec<Token<Nk>>, ParseError> {
+fn parse_header_value<Nk: ArrayLength>(input: &str) -> Result<Vec<Token<Nk>>, ParseError> {
     let (output, tokens) = parse_private_tokens(input).map_err(|_| ParseError::InvalidInput)?;
     if !output.is_empty() {
         return Err(ParseError::InvalidInput);
@@ -262,7 +262,7 @@ fn builder_parser_test() {
         nonce,
         challenge_digest,
         token_key_id,
-        GenericArray::clone_from_slice(&authenticator),
+        *GenericArray::from_slice(&authenticator),
     );
     let (header_name, header_value) = build_authorization_header(&token).unwrap();
 

src/private_tokens/response.rs

@@ -1,5 +1,6 @@
 //! Response implementation of the Privately Verifiable Token protocol.
 
+use generic_array::GenericArray;
 use tls_codec::{Deserialize, Serialize, Size};
 use typenum::Unsigned;
 use voprf::*;
@@ -109,6 +110,7 @@ impl<CS: PrivateCipherSuite> TokenResponse<CS> {
                 token_state.public_key,
             )
             .map_err(|_| IssueTokenError::InvalidTokenResponse)?;
+        let authenticator = GenericArray::from_slice(authenticator.as_ref()).clone();
 
         Ok(Token::new(
             CS::token_type(),

src/private_tokens/server.rs

@@ -107,7 +107,7 @@ impl<CS: PrivateCipherSuite> Server<CS> {
     ///
     /// # Errors
     /// Returns an error if the token is invalid.
-    pub async fn redeem_token<PKS: PrivateKeyStore, NS: NonceStore, Nk: ArrayLength<u8>>(
+    pub async fn redeem_token<PKS: PrivateKeyStore, NS: NonceStore, Nk: ArrayLength>(
         &self,
         key_store: &PKS,
         nonce_store: &NS,

src/public_tokens/response.rs

@@ -40,8 +40,7 @@ impl TokenResponse {
                 &options,
             )
             .map_err(|_| IssueTokenError::InvalidTokenResponse)?;
-        let authenticator: GenericArray<u8, U256> =
-            GenericArray::clone_from_slice(&signature[0..256]);
+        let authenticator: GenericArray<u8, U256> = *GenericArray::from_slice(&signature[0..256]);
         Ok(Token::new(
             TokenType::Public,
             token_state.token_input.nonce,

src/public_tokens/server.rs

@@ -130,7 +130,7 @@ impl OriginServer {
     ///
     /// # Errors
     /// Returns an error if the token is invalid.
-    pub async fn redeem_token<OKS: OriginKeyStore, NS: NonceStore, Nk: ArrayLength<u8>>(
+    pub async fn redeem_token<OKS: OriginKeyStore, NS: NonceStore, Nk: ArrayLength>(
         &self,
         key_store: &OKS,
         nonce_store: &NS,