diff --git a/Cargo.toml b/Cargo.toml index 27cab8d..58619af 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -12,15 +12,15 @@ edition = "2021" [dependencies] base64 = "0.22" chacha20 = "0.9" -constant_time_eq = "0.3" +constant_time_eq = "0.4" hkdf = "0.12" hmac = "0.12" -rand_core = { version = "0.6", features = [ "getrandom" ] } -secp256k1 = { version = "0.29" } +rand_core = { version = "0.9", features = [ "os_rng" ] } +secp256k1 = { version = "0.31" } sha2 = "0.10" -thiserror = "1.0" +thiserror = "2.0" [dev-dependencies] hex = "0.4" -secp256k1 = { version = "0.29", features = [ "global-context" ] } +secp256k1 = { version = "0.31", features = [ "global-context" ] } serde_json = "*" diff --git a/src/error.rs b/src/error.rs index aba1759..a505307 100644 --- a/src/error.rs +++ b/src/error.rs @@ -30,6 +30,10 @@ pub enum Error { #[error("Message is too long")] MessageIsTooLong, + /// Random source failed + #[error("Random source failed")] + RandOsError(rand_core::OsError), + /// Unsupported future version #[error("Encryption format is not yet supported")] UnsupportedFutureVersion, @@ -42,3 +46,9 @@ pub enum Error { #[error("UTF8 Decode: {0}")] Utf8Decode(#[from] std::string::FromUtf8Error), } + +impl From for Error { + fn from(err: rand_core::OsError) -> Self { + Error::RandOsError(err) + } +} diff --git a/src/lib.rs b/src/lib.rs index 483c723..c230e7e 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -3,7 +3,7 @@ use chacha20::cipher::{KeyIvInit, StreamCipher}; use chacha20::ChaCha20; use hkdf::Hkdf; use hmac::{Hmac, Mac}; -use rand_core::{OsRng, RngCore}; +use rand_core::{OsRng, TryRngCore}; use secp256k1::ecdh::shared_secret_point; use secp256k1::{Parity, PublicKey, SecretKey, XOnlyPublicKey}; use sha2::Sha256; @@ -120,7 +120,7 @@ fn encrypt_inner( Some(nonce) => nonce.to_owned(), None => { let mut nonce: [u8; 32] = [0; 32]; - OsRng.fill_bytes(&mut nonce); + OsRng.try_fill_bytes(&mut nonce)?; nonce } }; diff --git a/src/tests.rs b/src/tests.rs index 9e9edd9..4baae17 100644 --- a/src/tests.rs +++ b/src/tests.rs @@ -31,12 +31,12 @@ fn test_valid_get_conversation_key() { let sec1 = { let sec1hex = vector.get("sec1").unwrap().as_str().unwrap(); let sec1bytes = hex::decode(sec1hex).unwrap(); - SecretKey::from_slice(&sec1bytes).unwrap() + SecretKey::from_byte_array(sec1bytes.try_into().unwrap()).unwrap() }; let pub2 = { let pub2hex = vector.get("pub2").unwrap().as_str().unwrap(); let pub2bytes = hex::decode(pub2hex).unwrap(); - XOnlyPublicKey::from_slice(&pub2bytes).unwrap() + XOnlyPublicKey::from_byte_array(pub2bytes.try_into().unwrap()).unwrap() }; let conversation_key: [u8; 32] = { let ckeyhex = vector.get("conversation_key").unwrap().as_str().unwrap(); @@ -107,12 +107,12 @@ fn test_valid_encrypt_decrypt() { let sec1 = { let sec1hex = vector.get("sec1").unwrap().as_str().unwrap(); let sec1bytes = hex::decode(sec1hex).unwrap(); - SecretKey::from_slice(&sec1bytes).unwrap() + SecretKey::from_byte_array(sec1bytes.try_into().unwrap()).unwrap() }; let sec2 = { let sec2hex = vector.get("sec2").unwrap().as_str().unwrap(); let sec2bytes = hex::decode(sec2hex).unwrap(); - SecretKey::from_slice(&sec2bytes).unwrap() + SecretKey::from_byte_array(sec2bytes.try_into().unwrap()).unwrap() }; let conversation_key: [u8; 32] = { let ckeyhex = vector.get("conversation_key").unwrap().as_str().unwrap(); @@ -193,12 +193,12 @@ fn test_invalid_get_conversation_key() { let sec1result = { let sec1hex = vector.get("sec1").unwrap().as_str().unwrap(); let sec1bytes = hex::decode(sec1hex).unwrap(); - SecretKey::from_slice(&sec1bytes) + SecretKey::from_byte_array(sec1bytes.try_into().unwrap()) }; let pub2result = { let pub2hex = vector.get("pub2").unwrap().as_str().unwrap(); let pub2bytes = hex::decode(pub2hex).unwrap(); - XOnlyPublicKey::from_slice(&pub2bytes) + XOnlyPublicKey::from_byte_array(pub2bytes.try_into().unwrap()) }; let note = vector.get("note").unwrap().as_str().unwrap(); @@ -279,10 +279,10 @@ fn bench_encryption_inner() { "3072ab28ed7d5c2e4f5efbdcde5fb11455ab7f976225d1779a1751eb6400411a"; let sec1bytes = hex::decode(SEC1HEX).unwrap(); - let sec1 = SecretKey::from_slice(&sec1bytes).unwrap(); + let sec1 = SecretKey::from_byte_array(sec1bytes.try_into().unwrap()).unwrap(); let sec2bytes = hex::decode(SEC2HEX).unwrap(); - let sec2 = SecretKey::from_slice(&sec2bytes).unwrap(); + let sec2 = SecretKey::from_byte_array(sec2bytes.try_into().unwrap()).unwrap(); let (pub2, _) = sec2.x_only_public_key(&SECP256K1);