Merge branch 'upgrade-x25519-dalek'

author: Linus Färnstrand <faern@faern.net> 2023-07-03 19:16:24 +0200
committer: Linus Färnstrand <faern@faern.net> 2023-07-03 19:16:24 +0200
commit: d0fe9fbba976d6e63a02f84efb9ff16ddbdc4b4f (patch)
tree: 9df272c4e5622ed95599a3733ff5a113bf2396a8
parent: 07c545e08ae67de557fe765764d5932f0c897f6c (diff)
parent: 89f356eeb69697c9f98d565efd152dd2a616ed30 (diff)
download: mullvadvpn-d0fe9fbba976d6e63a02f84efb9ff16ddbdc4b4f.tar.xz
mullvadvpn-d0fe9fbba976d6e63a02f84efb9ff16ddbdc4b4f.zip
4 files changed, 56 insertions, 28 deletions
diff --git a/Cargo.lock b/Cargo.lock
index 7b64c6add3..c2fda1dcb3 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -603,9 +603,9 @@ checksum = "e496a50fda8aacccc86d7529e2c1e0892dbd0f898a6b5645b5561b89c3210efa"
 
 [[package]]
 name = "cpufeatures"
-version = "0.2.5"
+version = "0.2.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "28d997bd5e24a5928dd43e46dc529867e207907fe0b239c3477d924f7f2ca320"
+checksum = "03e69e28e9f7f77debdedbaafa2866e1de9ba56df55a8bd7cfc724c25a09987c"
 dependencies = [
  "libc",
 ]
@@ -673,18 +673,32 @@ dependencies = [
 
 [[package]]
 name = "curve25519-dalek"
-version = "3.2.0"
+version = "4.0.0-rc.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0b9fdf9972b2bd6af2d913799d9ebc165ea4d2e65878e329d9c6b372c4491b61"
+checksum = "436ace70fc06e06f7f689d2624dc4e2f0ea666efb5aa704215f7249ae6e047a7"
 dependencies = [
- "byteorder",
- "digest 0.9.0",
- "rand_core 0.5.1",
+ "cfg-if",
+ "cpufeatures",
+ "curve25519-dalek-derive",
+ "fiat-crypto",
+ "platforms",
+ "rustc_version 0.4.0",
  "subtle",
  "zeroize",
 ]
 
 [[package]]
+name = "curve25519-dalek-derive"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "83fdaf97f4804dcebfa5862639bc9ce4121e82140bec2a987ac5140294865b5b"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.15",
+]
+
+[[package]]
 name = "cxx"
 version = "1.0.94"
 source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -846,7 +860,7 @@ dependencies = [
  "convert_case",
  "proc-macro2",
  "quote",
- "rustc_version",
+ "rustc_version 0.3.3",
  "syn 1.0.100",
 ]
 
@@ -861,15 +875,6 @@ dependencies = [
 
 [[package]]
 name = "digest"
-version = "0.9.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066"
-dependencies = [
- "generic-array 0.14.4",
-]
-
-[[package]]
-name = "digest"
 version = "0.10.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f2fb860ca6fafa5552fb6d0e816a69c8e49f0908bf524e30a90d97c85892d506"
@@ -1084,6 +1089,12 @@ dependencies = [
 ]
 
 [[package]]
+name = "fiat-crypto"
+version = "0.1.20"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e825f6987101665dea6ec934c09ec6d721de7bc1bf92248e1d5810c8cd636b77"
+
+[[package]]
 name = "filetime"
 version = "0.2.21"
 source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -2722,6 +2733,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7c9b1041b4387893b91ee6746cddfc28516aff326a3519fb2adf820932c5e6cb"
 
 [[package]]
+name = "platforms"
+version = "3.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e3d7ddaed09e0eb771a79ab0fd64609ba0afb0a8366421957936ad14cbd13630"
+
+[[package]]
 name = "poly1305"
 version = "0.8.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -3095,7 +3112,16 @@ version = "0.3.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f0dfe2087c51c460008730de8b57e6a320782fbfb312e1f4d520e6c6fae155ee"
 dependencies = [
- "semver",
+ "semver 0.11.0",
+]
+
+[[package]]
+name = "rustc_version"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366"
+dependencies = [
+ "semver 1.0.17",
 ]
 
 [[package]]
@@ -3213,6 +3239,12 @@ dependencies = [
 ]
 
 [[package]]
+name = "semver"
+version = "1.0.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bebd363326d05ec3e2f532ab7660680f3b02130d780c299bca73469d521bc0ed"
+
+[[package]]
 name = "semver-parser"
 version = "0.10.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -3683,7 +3715,6 @@ version = "0.0.0"
 dependencies = [
  "async-trait",
  "bitflags",
- "byteorder",
  "cfg-if",
  "duct",
  "err-derive",
@@ -3821,7 +3852,6 @@ dependencies = [
  "err-derive",
  "ipnetwork",
  "jnix",
- "rand 0.8.5",
  "serde",
  "x25519-dalek",
  "zeroize",
@@ -4837,12 +4867,13 @@ dependencies = [
 
 [[package]]
 name = "x25519-dalek"
-version = "2.0.0-pre.1"
+version = "2.0.0-rc.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e5da623d8af10a62342bcbbb230e33e58a63255a58012f8653c578e54bab48df"
+checksum = "ec7fae07da688e17059d5886712c933bb0520f15eff2e09cfa18e30968f4e63a"
 dependencies = [
  "curve25519-dalek",
  "rand_core 0.6.4",
+ "serde",
  "zeroize",
 ]
 
diff --git a/talpid-openvpn/Cargo.toml b/talpid-openvpn/Cargo.toml
index 3fb3e847b1..dcab157677 100644
--- a/talpid-openvpn/Cargo.toml
+++ b/talpid-openvpn/Cargo.toml
@@ -29,7 +29,6 @@ tokio = { version = "1.8", features = ["process", "rt-multi-thread", "fs"] }
 shadowsocks-service = { git = "https://github.com/mullvad/shadowsocks-rust", rev = "c45980bb22d0d50ac888813c59a1edf0cff14a36",  features = [ "local", "stream-cipher" ] }
 
 [target.'cfg(not(target_os="android"))'.dependencies]
-byteorder = "1"
 socket2 = { version = "0.4.2", features = ["all"] }
 parity-tokio-ipc = "0.9"
 triggered = "0.1.1"
diff --git a/talpid-types/Cargo.toml b/talpid-types/Cargo.toml
index 20980ce344..99c6d73f86 100644
--- a/talpid-types/Cargo.toml
+++ b/talpid-types/Cargo.toml
@@ -11,8 +11,7 @@ publish = false
 serde = { version = "1.0", features = ["derive"] }
 ipnetwork = "0.16"
 base64 = "0.13"
-x25519-dalek = { version = "2.0.0-pre.1" }
-rand = "0.8.5"
+x25519-dalek = { version = "2.0.0-rc.3", features = ["static_secrets", "zeroize", "getrandom"] }
 err-derive = "0.3.1"
 zeroize = "1.5.7"
 
diff --git a/talpid-types/src/net/wireguard.rs b/talpid-types/src/net/wireguard.rs
index efa35e9eef..4de5ceb9c1 100644
--- a/talpid-types/src/net/wireguard.rs
+++ b/talpid-types/src/net/wireguard.rs
@@ -1,6 +1,5 @@
 use crate::net::{Endpoint, GenericTunnelOptions, TransportProtocol};
 use ipnetwork::IpNetwork;
-use rand::rngs::OsRng;
 use serde::{Deserialize, Deserializer, Serialize, Serializer};
 use std::{
     cmp, fmt,
@@ -83,7 +82,7 @@ pub struct TunnelOptions {
 }
 
 /// Wireguard x25519 private key
-#[derive(Clone)]
+#[derive(Clone, Zeroize, ZeroizeOnDrop)]
 pub struct PrivateKey(x25519_dalek::StaticSecret);
 
 impl PrivateKey {
@@ -93,7 +92,7 @@ impl PrivateKey {
     }
 
     pub fn new_from_random() -> Self {
-        PrivateKey(x25519_dalek::StaticSecret::new(OsRng))
+        PrivateKey(x25519_dalek::StaticSecret::random())
     }
 
     /// Generate public key from private key
author	Linus Färnstrand <faern@faern.net>	2023-07-03 19:16:24 +0200
committer	Linus Färnstrand <faern@faern.net>	2023-07-03 19:16:24 +0200
commit	d0fe9fbba976d6e63a02f84efb9ff16ddbdc4b4f (patch)
tree	9df272c4e5622ed95599a3733ff5a113bf2396a8
parent	07c545e08ae67de557fe765764d5932f0c897f6c (diff)
parent	89f356eeb69697c9f98d565efd152dd2a616ed30 (diff)
download	mullvadvpn-d0fe9fbba976d6e63a02f84efb9ff16ddbdc4b4f.tar.xz mullvadvpn-d0fe9fbba976d6e63a02f84efb9ff16ddbdc4b4f.zip