diff --git a/src-tauri/Cargo.lock b/src-tauri/Cargo.lock index 3be4dfa..8ab4f1c 100644 --- a/src-tauri/Cargo.lock +++ b/src-tauri/Cargo.lock @@ -58,6 +58,15 @@ dependencies = [ "subtle", ] +[[package]] +name = "aes-kw" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "69fa2b352dcefb5f7f3a5fb840e02665d311d878955380515e4fd50095dd3d8c" +dependencies = [ + "aes", +] + [[package]] name = "aho-corasick" version = "1.1.3" @@ -883,7 +892,7 @@ dependencies = [ "cpufeatures", "curve25519-dalek-derive", "digest", - "fiat-crypto", + "fiat-crypto 0.2.9", "rustc_version", "subtle", "zeroize", @@ -1020,6 +1029,27 @@ dependencies = [ "syn 2.0.79", ] +[[package]] +name = "derive_more" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4a9b99b9cbbe49445b21764dc0625032a89b145a2642e67603e1c936f5458d05" +dependencies = [ + "derive_more-impl", +] + +[[package]] +name = "derive_more-impl" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb7330aeadfbe296029522e6c40f315320aba36fc43a5b3632f3795348f3bd22" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.79", + "unicode-xid", +] + [[package]] name = "des" version = "0.8.1" @@ -1065,6 +1095,7 @@ dependencies = [ "futures", "hex", "pgp", + "rand 0.8.5", "serde", "smallvec", "temp-dir", @@ -1242,6 +1273,17 @@ dependencies = [ "zeroize", ] +[[package]] +name = "ed448-goldilocks" +version = "0.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87b5fa9e9e3dd5fe1369f380acd3dcdfa766dbd0a1cd5b048fb40e38a6a78e79" +dependencies = [ + "fiat-crypto 0.1.20", + "hex", + "subtle", +] + [[package]] name = "elliptic-curve" version = "0.13.8" @@ -1382,6 +1424,12 @@ dependencies = [ "subtle", ] +[[package]] +name = "fiat-crypto" +version = "0.1.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e825f6987101665dea6ec934c09ec6d721de7bc1bf92248e1d5810c8cd636b77" + [[package]] name = "fiat-crypto" version = "0.2.9" @@ -2524,7 +2572,7 @@ dependencies = [ "jni-sys", "log", "ndk-sys", - "num_enum", + "num_enum 0.7.3", "raw-window-handle", "thiserror", ] @@ -2632,13 +2680,34 @@ dependencies = [ "libm", ] +[[package]] +name = "num_enum" +version = "0.5.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f646caf906c20226733ed5b1374287eb97e3c2a5c227ce668c1f2ce20ae57c9" +dependencies = [ + "num_enum_derive 0.5.11", +] + [[package]] name = "num_enum" version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4e613fc340b2220f734a8595782c551f1250e969d87d3be1ae0579e8d4065179" dependencies = [ - "num_enum_derive", + "num_enum_derive 0.7.3", +] + +[[package]] +name = "num_enum_derive" +version = "0.5.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dcbff9bc912032c62bf65ef1d5aea88983b420f4f839db1e9b0c281a25c9c799" +dependencies = [ + "proc-macro-crate 1.3.1", + "proc-macro2", + "quote", + "syn 1.0.109", ] [[package]] @@ -2950,14 +3019,15 @@ checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" [[package]] name = "pgp" -version = "0.13.2" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4a6c842436d5fa2b59eac1e9b3d142b50bfff99c1744c816b1f4c2ac55a20754" +checksum = "49bb5f77aaf8ae1ed6fe63387ad513b10cd44716fd053ecc227b9493c096cdb2" dependencies = [ "aes", "aes-gcm", + "aes-kw", "argon2", - "base64 0.22.1", + "base64 0.21.7", "bitfield", "block-padding", "blowfish", @@ -2973,6 +3043,7 @@ dependencies = [ "crc24", "curve25519-dalek", "derive_builder", + "derive_more 1.0.0", "des", "digest", "dsa", @@ -2992,7 +3063,7 @@ dependencies = [ "nom", "num-bigint-dig", "num-traits", - "num_enum", + "num_enum 0.5.11", "ocb3", "p256", "p384", @@ -3009,6 +3080,7 @@ dependencies = [ "thiserror", "twofish", "x25519-dalek", + "x448", "zeroize", ] @@ -3704,7 +3776,7 @@ checksum = "df320f1889ac4ba6bc0cdc9c9af7af4bd64bb927bccdf32d81140dc1f9be12fe" dependencies = [ "bitflags 1.3.2", "cssparser", - "derive_more", + "derive_more 0.99.18", "fxhash", "log", "matches", @@ -4829,6 +4901,12 @@ version = "1.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f6ccf251212114b54433ec949fd6a7841275f9ada20dddd2f29e9ceea4501493" +[[package]] +name = "unicode-xid" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853" + [[package]] name = "universal-hash" version = "0.5.1" @@ -5616,6 +5694,17 @@ dependencies = [ "zeroize", ] +[[package]] +name = "x448" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c4cd07d4fae29e07089dbcacf7077cd52dce7760125ca9a4dd5a35ca603ffebb" +dependencies = [ + "ed448-goldilocks", + "hex", + "rand_core 0.5.1", +] + [[package]] name = "xdg-home" version = "1.3.0" diff --git a/src-tauri/crypto/Cargo.toml b/src-tauri/crypto/Cargo.toml index d51f680..9c1c913 100644 --- a/src-tauri/crypto/Cargo.toml +++ b/src-tauri/crypto/Cargo.toml @@ -12,7 +12,8 @@ async-trait = "0.1.83" chrono = "0.4.38" futures = "0.3.31" hex = "0.4.3" -pgp = "0.13.2" +pgp = "0.14.0" +rand = "0.8.5" serde = { version = "1.0.210", features = ["derive"] } smallvec = "1.13.2" thiserror = "1.0.64" diff --git a/src-tauri/crypto/src/key_pair.rs b/src-tauri/crypto/src/key_pair.rs index ac136e5..eee62f9 100644 --- a/src-tauri/crypto/src/key_pair.rs +++ b/src-tauri/crypto/src/key_pair.rs @@ -3,6 +3,7 @@ use pgp::{ types::{CompressionAlgorithm, SecretKeyTrait as _}, KeyType, SecretKeyParamsBuilder, SignedPublicKey, SignedSecretKey, }; +use rand::thread_rng; use smallvec::smallvec; use crate::Result; @@ -24,7 +25,7 @@ impl KeyPair { ) -> Result { let secret_key = SecretKeyParamsBuilder::default() // Set keygen params. - .key_type(KeyType::EdDSA) + .key_type(KeyType::Ed25519) .primary_user_id(format!("{} <{}>", name, email)) .preferred_symmetric_algorithms(smallvec![ SymmetricKeyAlgorithm::AES256, @@ -47,10 +48,10 @@ impl KeyPair { .can_sign(true) .build() .expect("msg") - .generate()?; - let signed_secret_key = secret_key.sign(passwd_fn.clone())?; + .generate(thread_rng())?; + let signed_secret_key = secret_key.sign(thread_rng(), passwd_fn.clone())?; let public_key = signed_secret_key.public_key(); - let signed_public_key = public_key.sign(&signed_secret_key, passwd_fn)?; + let signed_public_key = public_key.sign(thread_rng(), &signed_secret_key, passwd_fn)?; Ok(KeyPair::from_keys(signed_secret_key, signed_public_key)) } diff --git a/src-tauri/crypto/src/keygen.rs b/src-tauri/crypto/src/keygen.rs index 820dd5a..20d2669 100644 --- a/src-tauri/crypto/src/keygen.rs +++ b/src-tauri/crypto/src/keygen.rs @@ -3,7 +3,7 @@ use std::path::{Path, PathBuf}; use futures::future::try_join; -use pgp::{types::KeyTrait, ArmorOptions}; +use pgp::{types::PublicKeyTrait as _, ArmorOptions}; use serde::Serialize; use tokio::fs::{write, DirBuilder}; use zeroize::Zeroizing; @@ -71,7 +71,7 @@ where #[cfg(test)] mod tests { - use pgp::{types::KeyTrait, ArmorOptions, SignedSecretKey}; + use pgp::{types::PublicKeyTrait as _, ArmorOptions, SignedSecretKey}; use crate::{from_file::FromFile, key_pair::KeyPair, Result}; diff --git a/src-tauri/crypto/src/signing.rs b/src-tauri/crypto/src/signing.rs index 4a1ee65..6471c06 100644 --- a/src-tauri/crypto/src/signing.rs +++ b/src-tauri/crypto/src/signing.rs @@ -7,7 +7,7 @@ use std::{ use chrono::Utc; use pgp::{ - packet::{self, SignatureConfigBuilder, SignatureType, Subpacket, SubpacketData}, + packet::{self, SignatureConfig, SignatureType, Subpacket, SubpacketData}, types::SecretKeyTrait, Signature, SignedPublicKey, SignedSecretKey, }; @@ -22,18 +22,18 @@ fn sign( passwd_fn: impl FnOnce() -> String + Clone, ) -> Result { let now = Utc::now(); - let sig_conf = SignatureConfigBuilder::default() - .pub_alg(secret_key.algorithm()) - .hash_alg(secret_key.hash_alg()) - .typ(SignatureType::Binary) - .issuer(Some(secret_key.key_id())) - .created(Some(now)) - .hashed_subpackets(vec![ - Subpacket::regular(SubpacketData::SignatureCreationTime(now)), - Subpacket::regular(SubpacketData::Issuer(secret_key.key_id())), - ]) - .unhashed_subpackets(vec![]) - .build()?; + + let mut sig_conf = SignatureConfig::v4( + SignatureType::Binary, + secret_key.algorithm(), + secret_key.hash_alg(), + ); + + sig_conf.hashed_subpackets = vec![ + Subpacket::regular(SubpacketData::SignatureCreationTime(now)), + Subpacket::regular(SubpacketData::Issuer(secret_key.key_id())), + ]; + Ok(sig_conf.sign(secret_key, passwd_fn, data)?) }