update dependencies: digest-0.7, hmac-0.5 #7
Conversation
This involves a few internal API changes. Applications or libraries which use hkdf will almost certainly need to depend on e.g. sha2-0.7 instead of sha2-0.6, so when this change is released, we should bump the hkdf version number (from the current 0.2.1 to something like 0.3.0).
|
@warner this looks good. Something I noticed was that a new release of hmac is coming soon based on commits: https://github.com/RustCrypto/MACs/commits/master and also there is a new version of sha2 (0.8) used in that. |
| digest = "0.6.*" | ||
| hmac = "0.4.*" | ||
| digest = "0.7.*" | ||
| hmac = "0.5.*" |
src/hkdf.rs
Outdated
| D::OutputSize: ArrayLength<u8> | ||
| { | ||
| pub fn new(ikm: &[u8], salt: &[u8]) -> Hkdf<D> { | ||
| let mut hmac = Hmac::<D>::new(salt); | ||
| // Hmac::new() is now defined to return a Result, but as far as I can | ||
| // tell, it can only return Ok. |
There was a problem hiding this comment.
@warner could you update this comment. Maybe Since hmac v0.5.0 'new' returns a Result ? (I think this will change more in the next version of hmac lib)
| D::OutputSize: ArrayLength<u8> | ||
| { | ||
| pub prk: GenericArray<u8, D::OutputSize>, | ||
| } | ||
|
|
||
| impl<D> Hkdf<D> | ||
| where D: Digest + Default, | ||
| where D: Digest, |
There was a problem hiding this comment.
to be honest, I just removed that to see if it'd work, I'm not 100% positive it's unnecessary now
|
Yeah, I couldn't quite tell where they were going with that, and it feels like they incremented Cargo.toml before making a new release (also, I don't think there are git tags on whatever got released, so I'm finding it hard to compare versions). It seems like the MAC trait is growing an error condition, where some MACs require a specific length of key (e.g. CMAC), so the overall MAC trait must return a Result. But HMAC can accept any length of key, so there's no way for it's new() to return an Error, so the unwrap() seems safe. I'll expand on that comment. |
|
Thanks for the r+, I'll merge now. |
|
oops, I can't merge. Could you land this when you get a chance? |
This involves a few internal API changes. Applications or libraries which use
hkdf will almost certainly need to depend on e.g. sha2-0.7 instead of
sha2-0.6, so when this change is released, we should bump the hkdf version
number (from the current 0.2.1 to something like 0.3.0).