From 7fe9af9ff4e68afecab8ada0d5b3330d0d10e03e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D1=80=D1=82=D1=91=D0=BC=20=D0=9F=D0=B0=D0=B2=D0=BB?= =?UTF-8?q?=D0=BE=D0=B2=20=5BArtyom=20Pavlov=5D?= Date: Sat, 12 Feb 2022 02:48:55 +0300 Subject: [PATCH] Switch from sha-1 to sha1 --- Cargo.lock | 6 +++--- pkcs5/CHANGELOG.md | 6 ++++++ pkcs5/Cargo.toml | 4 ++-- pkcs5/src/pbes2/encryption.rs | 4 ++-- pkcs5/tests/pbes2_pbkdf2_decrypt.rs | 2 +- 5 files changed, 14 insertions(+), 8 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 5dffe744d..ca9217521 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -581,7 +581,7 @@ dependencies = [ "hmac", "pbkdf2", "scrypt", - "sha-1", + "sha1", "sha2", "spki", ] @@ -943,10 +943,10 @@ dependencies = [ ] [[package]] -name = "sha-1" +name = "sha1" version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "028f48d513f9678cda28f6e4064755b3fbb2af6acd672f2c209b62323f7aea0f" +checksum = "04cc229fb94bcb689ffc39bd4ded842f6ff76885efede7c6d1ffb62582878bea" dependencies = [ "cfg-if", "cpufeatures", diff --git a/pkcs5/CHANGELOG.md b/pkcs5/CHANGELOG.md index cefcf3be3..266448e75 100644 --- a/pkcs5/CHANGELOG.md +++ b/pkcs5/CHANGELOG.md @@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [UNRELEASED] +### Changed +- `sha1` feature is renamed to `sha1-insecure` ([#426]) + +[#426]: https://github.com/RustCrypto/formats/pull/426 + ## 0.4.0 (2021-11-15) ### Changed - Introduce `Error` enum with new error cases ([#26]) diff --git a/pkcs5/Cargo.toml b/pkcs5/Cargo.toml index 4de0e5e60..a85c4697f 100644 --- a/pkcs5/Cargo.toml +++ b/pkcs5/Cargo.toml @@ -25,7 +25,7 @@ des = { version = "0.8", optional = true, default-features = false } hmac = { version = "0.12", optional = true, default-features = false } pbkdf2 = { version = "0.10", optional = true, default-features = false } scrypt = { version = "0.8", optional = true, default-features = false } -sha-1 = { version = "0.10", optional = true, default-features = false } +sha1 = { version = "0.10", optional = true, default-features = false } sha2 = { version = "0.10", optional = true, default-features = false } [dev-dependencies] @@ -36,7 +36,7 @@ alloc = [] 3des = ["pbes2", "des"] des-insecure = ["pbes2", "des"] pbes2 = ["aes", "cbc", "hmac", "pbkdf2", "scrypt", "sha2"] -sha1 = ["pbes2", "sha-1"] +sha1-insecure = ["pbes2", "sha1"] [package.metadata.docs.rs] all-features = true diff --git a/pkcs5/src/pbes2/encryption.rs b/pkcs5/src/pbes2/encryption.rs index 272366081..b534290fb 100644 --- a/pkcs5/src/pbes2/encryption.rs +++ b/pkcs5/src/pbes2/encryption.rs @@ -111,13 +111,13 @@ impl EncryptionKey { match kdf { Kdf::Pbkdf2(pbkdf2_params) => { let key = match pbkdf2_params.prf { - #[cfg(feature = "sha1")] + #[cfg(feature = "sha1-insecure")] Pbkdf2Prf::HmacWithSha1 => EncryptionKey::derive_with_pbkdf2::( password, pbkdf2_params, key_size, ), - #[cfg(not(feature = "sha1"))] + #[cfg(not(feature = "sha1-insecure"))] Pbkdf2Prf::HmacWithSha1 => { return Err(Error::UnsupportedAlgorithm { oid: super::HMAC_WITH_SHA1_OID, diff --git a/pkcs5/tests/pbes2_pbkdf2_decrypt.rs b/pkcs5/tests/pbes2_pbkdf2_decrypt.rs index bcc25b87f..cfc5868c1 100644 --- a/pkcs5/tests/pbes2_pbkdf2_decrypt.rs +++ b/pkcs5/tests/pbes2_pbkdf2_decrypt.rs @@ -35,7 +35,7 @@ fn run_combinations(prfs: &[&str]) { } } -#[cfg(feature = "sha1")] +#[cfg(feature = "sha1-insecure")] #[test] fn all_combinations_with_sha1() { let prfs = vec!["hmacWithSHA1"];