feat: update to latest dependencies

.github/workflows/ci.yml

@@ -312,4 +312,4 @@ jobs:
     - uses: actions-rs/clippy-check@v1
       with:
         token: ${{ secrets.GITHUB_TOKEN }}
-        args: --all-features
+        args: --all-features --all-targets

Cargo.toml

@@ -15,11 +15,11 @@ categories = ["cryptography", "email"]
 exclude = ["tests/tests/*"]
 
 edition = "2021"
-rust-version = "1.57"
+rust-version = "1.65"
 
 [dependencies]
 aes = "^0.8"
-base64 = "^0.20.0"
+base64 = "^0.21.0"
 bitfield = "0.14"
 block-padding = "^0.3.2"
 blowfish = "^0.9"
@@ -33,7 +33,7 @@ crc24 = "^0.1"
 derive_builder = "^0.12.0"
 des = "^0.8"
 digest = "^0.10"
-elliptic-curve = "^0.12"
+elliptic-curve = "^0.13"
 generic-array = "^0.14"
 hex = "^0.4"
 idea = "^0.5"
@@ -42,15 +42,15 @@ md-5 = { version = "^0.10.5", features = ["oid"] }
 nom = "^7.0"
 num-derive = "0.3.0"
 num-traits = "0.2.6"
-p256 = { version = "^0.11", features = ["ecdsa"] }
-p384 = { version = "^0.11", features = ["ecdsa"] }
+p256 = { version = "^0.13", features = ["ecdsa"] }
+p384 = { version = "^0.13", features = ["ecdsa"] }
 rand = "0.8"
 ripemd = { version = "^0.1.3", features = ["oid"] }
-rsa = { version = "^0.7.0", features = ["hazmat"] }
+rsa = { version = "0.9.0-pre.0", features = ["expose-internals"] }
 sha1 = { version = "^0.10.5", features = ["oid"] }
 sha2 = { version = "^0.10.6", features = ["oid"] }
 sha3 = { version = "^0.10.5", features = ["oid"] }
-signature = "1.3.0"
+signature = "2.0.0"
 smallvec = "1.8.0"
 thiserror = "1.0.30"
 twofish = "^0.7"
@@ -62,9 +62,9 @@ version = "0.8.4"
 default-features = false
 
 [dependencies.ed25519-dalek]
-version = "^1.0"
+version = "2.0.0-pre.0"
 default-features = false
-features = ["std", "u64_backend"]
+features = ["std", "zeroize", "fast"]
 
 [dependencies.flate2]
 version = "^1.0"
@@ -81,7 +81,7 @@ features = ["rand", "i128", "u64_digit", "prime", "zeroize"]
 package = "num-bigint-dig"
 
 [dependencies.x25519-dalek]
-version = "^1.0"
+version = "2.0.0-pre.1"
 default-features = false
 features = ["std", "u64_backend"]
 
@@ -98,7 +98,7 @@ serde_json = "^1.0"
 
 [features]
 default = []
-nightly = ["ed25519-dalek/nightly", "rsa/nightly", "rand/nightly", "num-bigint/nightly"]
+nightly = ["rsa/nightly", "rand/nightly", "num-bigint/nightly"]
 profile = ["gperftools"]
 asm = ["sha1/asm", "sha2/asm", "md-5/asm", "nightly"]
 wasm = ["chrono/wasmbind", "getrandom", "getrandom/js"]

README.md

@@ -3,7 +3,7 @@
 [![crates.io][crate-image]][crate-link]
 [![Documentation][doc-image]][doc-link]
 [![Build Status][build-image]][build-link]
-![minimum rustc 1.57][msrv-image]
+![minimum rustc 1.65][msrv-image]
 [![dependency status][deps-image]][deps-link]
 [![License][license-image]][license-link]
 
@@ -70,7 +70,7 @@ Some key differences:
 
 ## Minimum Supported Rust Version (MSRV)
 
-All crates in this repository support Rust 1.57 or higher. In future minimally supported version of Rust can be changed, but it will be done with a minor version bump.
+All crates in this repository support Rust 1.65 or higher. In future minimally supported version of Rust can be changed, but it will be done with a minor version bump.
 
 ## LICENSE
 
@@ -90,6 +90,6 @@ dual licensed as above, without any additional terms or conditions.
 [license-link]: https://github.com/rpgp/rpgp/blob/master/LICENSE.md
 [build-image]: https://github.com/rpgp/rpgp/workflows/CI/badge.svg
 [build-link]: https://github.com/rpgp/rpgp/actions?query=workflow%3ACI+branch%3Amaster
-[msrv-image]: https://img.shields.io/badge/rustc-1.57+-blue.svg
+[msrv-image]: https://img.shields.io/badge/rustc-1.65+-blue.svg
 [deps-image]: https://deps.rs/repo/github/rpgp/rpgp/status.svg
 [deps-link]: https://deps.rs/repo/github/rpgp/rpgp

rust-toolchain

@@ -1 +1 @@
-1.60.0
+1.65.0

src/armor/reader.rs

@@ -3,7 +3,7 @@ use std::hash::Hasher;
 use std::io::prelude::*;
 use std::{fmt, io, str};
 
-use base64::engine::{fast_portable::FastPortable, DEFAULT_ENGINE};
+use base64::engine::{general_purpose::STANDARD, Engine as _};
 use buf_redux::BufReader;
 use byteorder::{BigEndian, ByteOrder};
 
@@ -69,14 +69,14 @@ impl BlockType {
         match self {
             BlockType::PublicKey => "PGP PUBLIC KEY BLOCK".into(),
             BlockType::PrivateKey => "PGP PRIVATE KEY BLOCK".into(),
-            BlockType::MultiPartMessage(x, y) => format!("PGP MESSAGE, PART {}/{}", x, y),
+            BlockType::MultiPartMessage(x, y) => format!("PGP MESSAGE, PART {x}/{y}"),
             BlockType::Message => "PGP MESSAGE".into(),
             BlockType::Signature => "PGP SIGNATURE".into(),
             BlockType::File => "PGP ARMORED FILE".into(),
-            BlockType::PublicKeyPKCS1(typ) => format!("{} PUBLIC KEY", typ),
+            BlockType::PublicKeyPKCS1(typ) => format!("{typ} PUBLIC KEY"),
             BlockType::PublicKeyPKCS8 => "PUBLIC KEY".into(),
             BlockType::PublicKeyOpenssh => "OPENSSH PUBLIC KEY".into(),
-            BlockType::PrivateKeyPKCS1(typ) => format!("{} PRIVATE KEY", typ),
+            BlockType::PrivateKeyPKCS1(typ) => format!("{typ} PRIVATE KEY"),
             BlockType::PrivateKeyPKCS8 => "PRIVATE KEY".into(),
             BlockType::PrivateKeyOpenssh => "OPENSSH PRIVATE KEY".into(),
         }
@@ -244,8 +244,9 @@ fn armor_header(i: &[u8]) -> IResult<&[u8], (BlockType, BTreeMap<String, String>
 
 /// Read the checksum from an base64 encoded buffer.
 fn read_checksum(input: &[u8]) -> ::std::io::Result<u64> {
-    let checksum =
-        base64::decode_engine(input, &DEFAULT_ENGINE).map_err(|_| io::ErrorKind::InvalidData)?;
+    let checksum = STANDARD
+        .decode(input)
+        .map_err(|_| io::ErrorKind::InvalidData)?;
 
     let mut buf = [0; 4];
     let mut i = checksum.len();
@@ -306,7 +307,9 @@ pub struct Dearmor<R> {
     /// the underlying data source, wrapped in a BufferedReader
     inner: Option<BufReader<R>>,
     /// base64 decoder
-    base_decoder: Option<Base64Decoder<FastPortable, Base64Reader<LineReader<BufReader<R>>>>>,
+    base_decoder: Option<
+        Base64Decoder<base64::engine::GeneralPurpose, Base64Reader<LineReader<BufReader<R>>>>,
+    >,
     /// Are we done?
     done: bool,
     crc: crc24::Crc24Hasher,
@@ -363,7 +366,7 @@ impl<R: Read + Seek> Dearmor<R> {
                     self.done = true;
                     return Err(io::Error::new(
                         io::ErrorKind::InvalidData,
-                        format!("invalid ascii armor header: {:?}", err),
+                        format!("invalid ascii armor header: {err:?}"),
                     ));
                 }
             };
@@ -462,7 +465,7 @@ impl<R: Read + Seek> Dearmor<R> {
                     self.done = true;
                     return Err(io::Error::new(
                         io::ErrorKind::InvalidData,
-                        format!("invalid ascii armor footer: {:?}", err),
+                        format!("invalid ascii armor footer: {err:?}"),
                     ));
                 }
             };

src/armor/writer.rs

@@ -2,7 +2,7 @@ use std::collections::BTreeMap;
 use std::hash::Hasher;
 use std::io::Write;
 
-use base64::engine::DEFAULT_ENGINE;
+use base64::engine::{general_purpose, Engine as _};
 use crc24::Crc24Hasher;
 use generic_array::typenum::U64;
 
@@ -39,7 +39,8 @@ pub fn write(
     let mut crc_hasher = Crc24Hasher::init(0x00B7_04CE);
     {
         let mut line_wrapper = LineWriter::<_, U64>::new(writer.by_ref(), LineBreak::Lf);
-        let mut enc = base64::write::EncoderWriter::from(&mut line_wrapper, &DEFAULT_ENGINE);
+        let mut enc =
+            base64::write::EncoderWriter::new(&mut line_wrapper, &general_purpose::STANDARD);
 
         let mut tee = TeeWriter::new(&mut crc_hasher, &mut enc);
         source.to_writer(&mut tee)?;
@@ -56,7 +57,7 @@ pub fn write(
         (crc >> 8) as u8,
         crc as u8,
     ];
-    let crc_enc = base64::encode_engine(crc_buf, &DEFAULT_ENGINE);
+    let crc_enc = general_purpose::STANDARD.encode(crc_buf);
 
     writer.write_all(crc_enc.as_bytes())?;
 

src/base64_decoder.rs

@@ -5,9 +5,10 @@ use std::io::{self, BufRead, Read, Seek};
 
 use base64::{
     alphabet::Alphabet,
-    decode_engine_slice,
-    engine::fast_portable::{FastPortable, PAD},
-    engine::Engine,
+    engine::{
+        general_purpose::{GeneralPurpose, PAD},
+        Engine,
+    },
 };
 use buf_redux::{BufReader, Buffer};
 
@@ -41,15 +42,15 @@ impl<E: Engine, R> fmt::Debug for Base64Decoder<E, R> {
     }
 }
 
-impl<R: Read + Seek> Base64Decoder<FastPortable, R> {
+impl<R: Read + Seek> Base64Decoder<GeneralPurpose, R> {
     /// Creates a new `Base64Decoder`.
     pub fn new(input: R) -> Self {
         Self::new_with_character_set(input, &base64::alphabet::STANDARD)
     }
 
     pub fn new_with_character_set(input: R, cs: &Alphabet) -> Self {
         Base64Decoder {
-            engine: FastPortable::from(cs, PAD),
+            engine: GeneralPurpose::new(cs, PAD),
             inner: BufReader::with_capacity(BUF_SIZE, input),
             out: Buffer::with_capacity(BUF_CAPACITY),
             out_buffer: [0u8; BUF_CAPACITY],
@@ -133,7 +134,7 @@ fn try_decode_engine_slice<E: Engine, T: ?Sized + AsRef<[u8]>>(
     let input_bytes = input.as_ref();
     let mut n = input_bytes.len();
     while n > 0 {
-        match decode_engine_slice(&input_bytes[..n], output, engine) {
+        match engine.decode_slice(&input_bytes[..n], output) {
             Ok(size) => {
                 return (n, size);
             }
@@ -163,7 +164,6 @@ mod tests {
 
     use std::io::Cursor;
 
-    use base64::encode_engine;
     use rand::{Rng, SeedableRng};
     use rand_xorshift::XorShiftRng;
 
@@ -177,7 +177,8 @@ mod tests {
 
         for i in 0..n {
             let data: Vec<u8> = (0..i).map(|_| rng.gen()).collect();
-            let encoded_data = encode_engine(&data, &FastPortable::from(&cs, PAD));
+            let engine = GeneralPurpose::new(&cs, PAD);
+            let encoded_data = engine.encode(&data);
 
             let mut r = Base64Decoder::new_with_character_set(Cursor::new(encoded_data), &cs);
             let mut out = Vec::new();

src/crypto/aead.rs

@@ -1,15 +1,11 @@
 /// Available AEAD algorithms.
 #[derive(Debug, PartialEq, Eq, Copy, Clone, FromPrimitive)]
 #[repr(u8)]
+#[derive(Default)]
 pub enum AeadAlgorithm {
     /// None
+    #[default]
     None = 0,
     Eax = 1,
     Ocb = 2,
 }
-
-impl Default for AeadAlgorithm {
-    fn default() -> Self {
-        AeadAlgorithm::None
-    }
-}

src/crypto/ecdsa.rs

@@ -1,9 +1,6 @@
 use elliptic_curve::sec1::ToEncodedPoint;
 use rand::{CryptoRng, Rng};
-use signature::{
-    hazmat::{PrehashSigner, PrehashVerifier},
-    Signature as SigSignature,
-};
+use signature::hazmat::{PrehashSigner, PrehashVerifier};
 
 use crate::crypto::{ECCCurve, HashAlgorithm};
 use crate::errors::Result;
@@ -23,7 +20,7 @@ pub fn generate_key<R: Rng + CryptoRng>(
                     curve,
                     p: Mpi::from_raw_slice(public.to_encoded_point(false).as_bytes()),
                 },
-                PlainSecretParams::ECDSA(Mpi::from_raw_slice(secret.to_be_bytes().as_slice())),
+                PlainSecretParams::ECDSA(Mpi::from_raw_slice(secret.to_bytes().as_slice())),
             ))
         }
 
@@ -35,7 +32,7 @@ pub fn generate_key<R: Rng + CryptoRng>(
                     curve,
                     p: Mpi::from_raw_slice(public.to_encoded_point(false).as_bytes()),
                 },
-                PlainSecretParams::ECDSA(Mpi::from_raw_slice(secret.to_be_bytes().as_slice())),
+                PlainSecretParams::ECDSA(Mpi::from_raw_slice(secret.to_bytes().as_slice())),
             ))
         }
 
@@ -71,7 +68,7 @@ pub fn verify(
             sig_bytes[(FLEN - r.len())..FLEN].copy_from_slice(r);
             sig_bytes[FLEN + (FLEN - s.len())..].copy_from_slice(s);
 
-            let sig = p256::ecdsa::Signature::from_bytes(&sig_bytes)?;
+            let sig = p256::ecdsa::Signature::try_from(&sig_bytes[..])?;
 
             pk.verify_prehash(hashed, &sig)?;
 
@@ -96,7 +93,7 @@ pub fn verify(
             sig_bytes[(FLEN - r.len())..FLEN].copy_from_slice(r);
             sig_bytes[FLEN + (FLEN - s.len())..].copy_from_slice(s);
 
-            let sig = p384::ecdsa::Signature::from_bytes(&sig_bytes)?;
+            let sig = p384::ecdsa::Signature::try_from(&sig_bytes[..])?;
 
             pk.verify_prehash(hashed, &sig)?;
 
@@ -117,14 +114,14 @@ pub fn sign(
 
     let (r, s) = match curve {
         ECCCurve::P256 => {
-            let secret = p256::ecdsa::SigningKey::from_bytes(&d)?;
-            let signature = secret.sign_prehash(digest)?;
+            let secret = p256::ecdsa::SigningKey::from_slice(&d)?;
+            let signature: p256::ecdsa::Signature = secret.sign_prehash(digest)?;
             let (r, s) = signature.split_bytes();
             (r.to_vec(), s.to_vec())
         }
         ECCCurve::P384 => {
-            let secret = p384::ecdsa::SigningKey::from_bytes(&d)?;
-            let signature = secret.sign_prehash(digest)?;
+            let secret = p384::ecdsa::SigningKey::from_slice(&d)?;
+            let signature: p384::ecdsa::Signature = secret.sign_prehash(digest)?;
             let (r, s) = signature.split_bytes();
             (r.to_vec(), s.to_vec())
         }