From c40b100de6567e10dea202b7c208fd0d0cb6eb03 Mon Sep 17 00:00:00 2001 From: Joseph Birr-Pixton Date: Wed, 8 Jun 2016 01:26:15 +0100 Subject: [PATCH] Track upstream movement of Input. --- Cargo.toml | 1 + src/suites.rs | 3 ++- src/verify.rs | 23 +++++++++++------------ 3 files changed, 14 insertions(+), 13 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index d3b044db..22f139a9 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -4,6 +4,7 @@ version = "0.1.0" authors = ["Joseph Birr-Pixton "] [dependencies] +untrusted = { version = "0.1.0", git = "https://github.com/briansmith/untrusted" } ring = { version = "0.1.0", git = "https://github.com/briansmith/ring" } # pointed at my fork for the moment diff --git a/src/suites.rs b/src/suites.rs index 2688986f..99c79bf7 100644 --- a/src/suites.rs +++ b/src/suites.rs @@ -6,6 +6,7 @@ use msgs::base::{Payload, PayloadU8}; use msgs::codec::{Reader, Codec}; extern crate ring; +extern crate untrusted; #[allow(non_camel_case_types)] #[derive(Debug)] @@ -45,7 +46,7 @@ impl KeyExchangeResult { let secret = ring::agreement::agree_ephemeral( ours, alg, - ring::input::Input::new(&ecdh_params.public.body).unwrap(), + untrusted::Input::new(&ecdh_params.public.body).unwrap(), (), |v| { let mut r = Vec::new(); r.extend_from_slice(v); Ok(r) } ); diff --git a/src/verify.rs b/src/verify.rs index 704f4942..1d7c8a67 100644 --- a/src/verify.rs +++ b/src/verify.rs @@ -1,8 +1,7 @@ extern crate webpki; extern crate ring; extern crate time; - -use ring::input::Input; +extern crate untrusted; use msgs::handshake::ASN1Cert; use msgs::handshake::DigitallySignedStruct; @@ -69,7 +68,7 @@ impl RootCertStore { /// Add a single DER-encoded certificate to the store. pub fn add(&mut self, der: &[u8]) -> Result<(), webpki::Error> { let ta = try!( - webpki::trust_anchor_util::cert_der_as_trust_anchor(Input::new(der).unwrap()) + webpki::trust_anchor_util::cert_der_as_trust_anchor(untrusted::Input::new(der).unwrap()) ); let ota = OwnedTrustAnchor::from_trust_anchor(&ta); @@ -121,11 +120,11 @@ pub fn verify_cert(roots: &RootCertStore, } /* EE cert must appear first. */ - let ee = Input::new(&presented_certs[0].body).unwrap(); + let ee = untrusted::Input::new(&presented_certs[0].body).unwrap(); - let chain: Vec = presented_certs.iter() + let chain: Vec = presented_certs.iter() .skip(1) - .map(|cert| Input::new(&cert.body).unwrap()) + .map(|cert| untrusted::Input::new(&cert.body).unwrap()) .collect(); let trustroots: Vec = roots.roots.iter() @@ -138,7 +137,7 @@ pub fn verify_cert(roots: &RootCertStore, ee, time::get_time()) .and_then(|_| webpki::verify_cert_dns_name(ee, - Input::new(dns_name.as_bytes()).unwrap())) + untrusted::Input::new(dns_name.as_bytes()).unwrap())) .map_err(|err| HandshakeError::WebPKIError(err)) } @@ -181,16 +180,16 @@ pub fn verify_kx(message: &[u8], let alg = try!(convert_alg(&dss.alg)); let signed_data = webpki::signed_data::SignedData { - data: Input::new(message).unwrap(), - algorithm: Input::new(alg).unwrap(), - signature: Input::new(&dss.sig.body).unwrap() + data: untrusted::Input::new(message).unwrap(), + algorithm: untrusted::Input::new(alg).unwrap(), + signature: untrusted::Input::new(&dss.sig.body).unwrap() }; - let cert = try!(webpki::trust_anchor_util::cert_der_as_trust_anchor(Input::new(&cert.body).unwrap()) + let cert = try!(webpki::trust_anchor_util::cert_der_as_trust_anchor(untrusted::Input::new(&cert.body).unwrap()) .map_err(|err| HandshakeError::WebPKIError(err))); webpki::signed_data::verify_signed_data(&SUPPORTED_SIG_ALGS, - Input::new(cert.spki).unwrap(), + untrusted::Input::new(cert.spki).unwrap(), &signed_data) .map_err(|err| HandshakeError::WebPKIError(err)) }