Merge pull request #1518 from oasisprotocol/nhynes/bump-crypto-deps

runtime-sdk: bump crypto deps
oasisprotocol · Oct 4, 2023 · 11e1d6f · 11e1d6f
2 parents 7d979b9 + a700acf
commit 11e1d6f
Show file tree

Hide file tree

Showing 15 changed files with 511 additions and 456 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/contract-sdk/crypto/Cargo.toml b/contract-sdk/crypto/Cargo.toml
@@ -13,9 +13,9 @@ oasis-runtime-sdk = { path = "../../runtime-sdk" }
 # Third party.
 k256 = "0.13.1"
 thiserror = "1.0.30"
-x25519-dalek = "1.1.0"
-sha2 = "0.9.8"
-hmac = "0.11.0"
+x25519-dalek = { version = "2.0.0", features = ["static_secrets"] }
+sha2 = "0.10.8"
+hmac = "0.12.1"
 
 [dev-dependencies]
 hex = "0.4.2"
diff --git a/contract-sdk/crypto/src/x25519.rs b/contract-sdk/crypto/src/x25519.rs
@@ -1,5 +1,5 @@
-use hmac::{Hmac, Mac as _, NewMac as _};
-use sha2::Sha512Trunc256;
+use hmac::{Hmac, Mac as _};
+use sha2::Sha512_256;
 use x25519_dalek::{PublicKey, StaticSecret};
 
 pub use oasis_runtime_sdk::core::common::crypto::mrae::deoxysii::KEY_SIZE;
@@ -33,7 +33,7 @@ pub fn derive_symmetric(public_key: &[u8], private_key: &[u8]) -> Result<[u8; KE
     let public = PublicKey::from(public);
     let private = StaticSecret::from(private);
 
-    let mut kdf = Hmac::<Sha512Trunc256>::new_from_slice(b"MRAE_Box_Deoxys-II-256-128")
+    let mut kdf = Hmac::<Sha512_256>::new_from_slice(b"MRAE_Box_Deoxys-II-256-128")
         .map_err(|_| Error::KeyDerivationFunctionFailure)?;
     kdf.update(private.diffie_hellman(&public).as_bytes());