From af1d3c924acba81c083a898789ed6b5fdb330e50 Mon Sep 17 00:00:00 2001
From: Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
Date: Mon, 22 Jun 2020 01:19:24 +0200
Subject: [PATCH] Bump RustCrypto crates

---
 sasl/Cargo.toml          |  8 ++++----
 sasl/src/common/mod.rs   |  4 ++--
 sasl/src/common/scram.rs | 22 +++++++++++-----------
 sasl/src/lib.rs          |  2 +-
 sasl/src/secret.rs       | 18 +++++++-----------
 5 files changed, 25 insertions(+), 29 deletions(-)

diff --git a/sasl/Cargo.toml b/sasl/Cargo.toml
index c94be0c9..e8101790 100644
--- a/sasl/Cargo.toml
+++ b/sasl/Cargo.toml
@@ -21,7 +21,7 @@ scram = ["base64", "getrandom", "sha-1", "sha2", "hmac", "pbkdf2"]
 [dependencies]
 base64 = { version = "0.12", optional = true }
 getrandom = { version = "0.1", optional = true }
-sha-1 = { version = "0.8", optional = true }
-sha2 = { version = "0.8", optional = true }
-hmac = { version = "0.7", optional = true }
-pbkdf2 = { version = "0.3", default-features = false, optional = true }
+sha-1 = { version = "0.9", optional = true }
+sha2 = { version = "0.9", optional = true }
+hmac = { version = "0.8", optional = true }
+pbkdf2 = { version = "0.4", default-features = false, optional = true }
diff --git a/sasl/src/common/mod.rs b/sasl/src/common/mod.rs
index 21444f78..a0922f11 100644
--- a/sasl/src/common/mod.rs
+++ b/sasl/src/common/mod.rs
@@ -83,7 +83,7 @@ impl Secret {
     pub fn password_pbkdf2<S: Into<String>>(
         method: S,
         salt: Vec<u8>,
-        iterations: usize,
+        iterations: u32,
         data: Vec<u8>,
     ) -> Secret {
         Secret::Password(Password::Pbkdf2 {
@@ -104,7 +104,7 @@ pub enum Password {
     Pbkdf2 {
         method: String,
         salt: Vec<u8>,
-        iterations: usize,
+        iterations: u32,
         data: Vec<u8>,
     },
 }
diff --git a/sasl/src/common/scram.rs b/sasl/src/common/scram.rs
index 4060ce46..6ac52f12 100644
--- a/sasl/src/common/scram.rs
+++ b/sasl/src/common/scram.rs
@@ -1,5 +1,5 @@
 use getrandom::{getrandom, Error as RngError};
-use hmac::{crypto_mac::InvalidKeyLength, Hmac, Mac};
+use hmac::{crypto_mac::InvalidKeyLength, Hmac, Mac, NewMac};
 use pbkdf2::pbkdf2;
 use sha1::{Digest, Sha1 as Sha1_hash};
 use sha2::Sha256 as Sha256_hash;
@@ -21,7 +21,7 @@ pub fn generate_nonce() -> Result<String, RngError> {
 pub enum DeriveError {
     IncompatibleHashingMethod(String, String),
     IncorrectSalt,
-    IncompatibleIterationCount(usize, usize),
+    IncompatibleIterationCount(u32, u32),
 }
 
 impl std::fmt::Display for DeriveError {
@@ -55,7 +55,7 @@ pub trait ScramProvider {
     fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength>;
 
     /// A function which does PBKDF2 key derivation using the hash function.
-    fn derive(data: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, DeriveError>;
+    fn derive(data: &Password, salt: &[u8], iterations: u32) -> Result<Vec<u8>, DeriveError>;
 }
 
 /// A `ScramProvider` which provides SCRAM-SHA-1 and SCRAM-SHA-1-PLUS
@@ -78,14 +78,14 @@ impl ScramProvider for Sha1 {
     fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength> {
         type HmacSha1 = Hmac<Sha1_hash>;
         let mut mac = HmacSha1::new_varkey(key)?;
-        mac.input(data);
-        let result = mac.result();
+        mac.update(data);
+        let result = mac.finalize();
         let mut vec = Vec::with_capacity(Sha1_hash::output_size());
-        vec.extend_from_slice(result.code().as_slice());
+        vec.extend_from_slice(result.into_bytes().as_slice());
         Ok(vec)
     }
 
-    fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, DeriveError> {
+    fn derive(password: &Password, salt: &[u8], iterations: u32) -> Result<Vec<u8>, DeriveError> {
         match *password {
             Password::Plain(ref plain) => {
                 let mut result = vec![0; 20];
@@ -138,14 +138,14 @@ impl ScramProvider for Sha256 {
     fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength> {
         type HmacSha256 = Hmac<Sha256_hash>;
         let mut mac = HmacSha256::new_varkey(key)?;
-        mac.input(data);
-        let result = mac.result();
+        mac.update(data);
+        let result = mac.finalize();
         let mut vec = Vec::with_capacity(Sha256_hash::output_size());
-        vec.extend_from_slice(result.code().as_slice());
+        vec.extend_from_slice(result.into_bytes().as_slice());
         Ok(vec)
     }
 
-    fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, DeriveError> {
+    fn derive(password: &Password, salt: &[u8], iterations: u32) -> Result<Vec<u8>, DeriveError> {
         match *password {
             Password::Plain(ref plain) => {
                 let mut result = vec![0; 32];
diff --git a/sasl/src/lib.rs b/sasl/src/lib.rs
index 9684814c..f99d062b 100644
--- a/sasl/src/lib.rs
+++ b/sasl/src/lib.rs
@@ -39,7 +39,7 @@
 //! const USERNAME: &'static str = "user";
 //! const PASSWORD: &'static str = "pencil";
 //! const SALT: [u8; 8] = [35, 71, 92, 105, 212, 219, 114, 93];
-//! const ITERATIONS: usize = 4096;
+//! const ITERATIONS: u32 = 4096;
 //!
 //! struct MyValidator;
 //!
diff --git a/sasl/src/secret.rs b/sasl/src/secret.rs
index 05b5850b..bfd5b4e5 100644
--- a/sasl/src/secret.rs
+++ b/sasl/src/secret.rs
@@ -5,7 +5,7 @@ pub trait Secret {}
 
 pub trait Pbkdf2Secret {
     fn salt(&self) -> &[u8];
-    fn iterations(&self) -> usize;
+    fn iterations(&self) -> u32;
     fn digest(&self) -> &[u8];
 }
 
@@ -17,17 +17,13 @@ impl Secret for Plain {}
 #[derive(Clone, Debug, PartialEq, Eq)]
 pub struct Pbkdf2Sha1 {
     pub salt: Vec<u8>,
-    pub iterations: usize,
+    pub iterations: u32,
     pub digest: Vec<u8>,
 }
 
 impl Pbkdf2Sha1 {
     #[cfg(feature = "scram")]
-    pub fn derive(
-        password: &str,
-        salt: &[u8],
-        iterations: usize,
-    ) -> Result<Pbkdf2Sha1, DeriveError> {
+    pub fn derive(password: &str, salt: &[u8], iterations: u32) -> Result<Pbkdf2Sha1, DeriveError> {
         use crate::common::scram::{ScramProvider, Sha1};
         use crate::common::Password;
         let digest = Sha1::derive(&Password::Plain(password.to_owned()), salt, iterations)?;
@@ -45,7 +41,7 @@ impl Pbkdf2Secret for Pbkdf2Sha1 {
     fn salt(&self) -> &[u8] {
         &self.salt
     }
-    fn iterations(&self) -> usize {
+    fn iterations(&self) -> u32 {
         self.iterations
     }
     fn digest(&self) -> &[u8] {
@@ -56,7 +52,7 @@ impl Pbkdf2Secret for Pbkdf2Sha1 {
 #[derive(Clone, Debug, PartialEq, Eq)]
 pub struct Pbkdf2Sha256 {
     pub salt: Vec<u8>,
-    pub iterations: usize,
+    pub iterations: u32,
     pub digest: Vec<u8>,
 }
 
@@ -65,7 +61,7 @@ impl Pbkdf2Sha256 {
     pub fn derive(
         password: &str,
         salt: &[u8],
-        iterations: usize,
+        iterations: u32,
     ) -> Result<Pbkdf2Sha256, DeriveError> {
         use crate::common::scram::{ScramProvider, Sha256};
         use crate::common::Password;
@@ -84,7 +80,7 @@ impl Pbkdf2Secret for Pbkdf2Sha256 {
     fn salt(&self) -> &[u8] {
         &self.salt
     }
-    fn iterations(&self) -> usize {
+    fn iterations(&self) -> u32 {
         self.iterations
     }
     fn digest(&self) -> &[u8] {