Merge pull request #17 from SatsBridge/deps-bump-sec-audit

pashinov · web-flow · commit 561b60e7a47e · 2024-10-24T15:09:51.000+02:00
Deps bump sec audit
diff --git a/Cargo.toml b/Cargo.toml
@@ -38,13 +38,13 @@ log = "0.4"
 num-bigint = "0.4"
 once_cell = "1.12.0"
 parking_lot = "0.12.0"
-pbkdf2 = { version = "0.9.0", optional = true }
+pbkdf2 = { version = "0.12.2", optional = true }
 quick_cache = "0.4.1"
 rand = { version = "0.8", features = ["getrandom"] , optional = true }
 secstr = { version = "0.5.0", features = ["serde"], optional = true }
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
-sha2 = { version = "0.9.9", optional = true }
+sha2 = { version = "0.10.8", optional = true }
 thiserror = "1.0"
 tiny-jsonrpc = { version = "0.6.0", default-features = false, optional = true }
 tokio = { version = "1", default-features = false, features = ["sync"] }
diff --git a/nekoton-utils/Cargo.toml b/nekoton-utils/Cargo.toml
@@ -16,10 +16,10 @@ chacha20poly1305 = { version = "0.10.1", optional = true }
 hex = "0.4"
 hmac = "0.11.0"
 js-sys = { version = "0.3", optional = true }
-pbkdf2 = { version = "0.9.0", optional = true }
+pbkdf2 = { version = "0.12.2", optional = true }
 secstr = { version = "0.5.0", features = ["serde"], optional = true }
 serde = { version = "1.0", features = ["derive"] }
-sha2 = "0.9.9"
+sha2 = "0.10.8"
 thiserror = "1.0"
 zeroize = { version = "1", optional = true }
 
diff --git a/nekoton-utils/src/encryption.rs b/nekoton-utils/src/encryption.rs
@@ -1,6 +1,6 @@
 use chacha20poly1305::aead::Aead;
 use chacha20poly1305::{ChaCha20Poly1305, Key, Nonce};
-use pbkdf2::pbkdf2;
+use pbkdf2::pbkdf2_hmac;
 use secstr::{SecUtf8, SecVec};
 use zeroize::Zeroize;
 
@@ -56,7 +56,7 @@ pub fn encrypt(
 // Calculates symmetric key from user password, using pbkdf2
 pub fn symmetric_key_from_password(password: &str, salt: &[u8]) -> Key {
     let mut pbkdf2_hash = SecVec::new(vec![0; CREDENTIAL_LEN]);
-    pbkdf2::<hmac::Hmac<sha2::Sha256>>(
+    pbkdf2_hmac::<sha2::Sha256>(
         password.as_bytes(),
         salt,
         N_ITER,
diff --git a/src/crypto/mnemonic/legacy.rs b/src/crypto/mnemonic/legacy.rs
@@ -1,7 +1,9 @@
 use anyhow::Error;
 use ed25519_dalek::Keypair;
-use hmac::{Mac, NewMac};
-use pbkdf2::pbkdf2;
+use pbkdf2::{
+    hmac::{Hmac, Mac},
+    pbkdf2_hmac,
+};
 
 use super::LANGUAGE;
 
@@ -23,14 +25,13 @@ pub fn derive_from_phrase(phrase: &str) -> Result<Keypair, Error> {
         anyhow::bail!("Expected 24 words")
     }
 
-    let password = hmac::Hmac::<sha2::Sha512>::new_from_slice(phrase.as_bytes())
+    let password = Hmac::<sha2::Sha512>::new_from_slice(phrase.as_bytes())
         .unwrap()
         .finalize()
         .into_bytes();
 
     let mut res = [0; 512 / 8];
-    pbkdf2::<hmac::Hmac<sha2::Sha512>>(&password, SALT, PBKDF_ITERATIONS, &mut res);
-
+    pbkdf2_hmac::<sha2::Sha512>(&password, SALT, PBKDF_ITERATIONS, &mut res);
     let secret = ed25519_dalek::SecretKey::from_bytes(&res[0..32])?;
     let public = ed25519_dalek::PublicKey::from(&secret);
     Ok(Keypair { secret, public })
