From 6aaae1bea48a4a5782bdf811026e67756ed1cd18 Mon Sep 17 00:00:00 2001
From: umgefahren <55623006+umgefahren@users.noreply.github.com>
Date: Mon, 11 Jul 2022 16:23:42 +0200
Subject: [PATCH] Updated dependencies. Removed useless zeroize.

---
 .gitignore       |  5 +----
 Cargo.toml       | 19 +++++++------------
 src/dh.rs        | 21 +++------------------
 src/kdf_chain.rs |  6 +-----
 src/kdf_root.rs  |  3 ---
 src/lib.rs       |  2 +-
 src/ratchet.rs   | 10 ++++------
 tests/mod.rs     |  4 ++--
 8 files changed, 19 insertions(+), 51 deletions(-)

diff --git a/.gitignore b/.gitignore
index 42117a7..d81f12e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,2 @@
 /target
-Cargo.lock
-/.idea/.gitignore
-/.idea/double-ratchet-2.iml
-/.idea/vcs.xml
+/.idea
diff --git a/Cargo.toml b/Cargo.toml
index bd63791..29603fa 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -17,20 +17,18 @@ maintenance = { status = "actively-developed" }
 
 
 [dependencies]
-p256 = {version = "0.9", features = ["zeroize", "ecdh", "arithmetic", "pem", "jwk"]}
+p256 = {version = "0.10", features = ["ecdh", "arithmetic", "pem", "jwk"]}
 rand_core = {version = "0.6"}
 getrandom = {version = "0.2.3"}
-hkdf = "0.11.0"
-hmac = "0.11.0"
+hkdf = "0.12"
+hmac = "0.12"
 aes-gcm-siv = {version = "0.10.3"}
-ring-compat = {version = "0.4.0", optional = true, features = ["digest"]}
-sha2 = {version = "0.9.5", optional = true}
-serde = {version = "1.0.125", default-features = false, features = ["derive"]}
-serde_bytes = "0.11.5"
-bincode = "1.3.3"
+sha2 = {version = "0.10"}
+serde = {version = "1", default-features = false, features = ["derive"]}
+serde_bytes = "0.11"
+bincode = "1"
 hashbrown = {version = "0.12", features = ["serde"]}
 zeroize = {version = "1.3", features = ["zeroize_derive"]}
-const-oid = "0.7.0"
 
 [dev-dependencies]
 criterion = "0.3.4"
@@ -41,9 +39,6 @@ harness = false
 
 [profile.release]
 lto = true
-opt-level = 3
 
 [features]
-default = ["sha2"]
-ring = ["ring-compat/digest"]
 wasm = ["getrandom/js"]
diff --git a/src/dh.rs b/src/dh.rs
index aaac3f0..aa539d9 100644
--- a/src/dh.rs
+++ b/src/dh.rs
@@ -8,27 +8,12 @@ use alloc::vec::Vec;
 use alloc::string::ToString;
 use p256::elliptic_curve::ecdh::diffie_hellman;
 
-use zeroize::Zeroize;
-
 #[derive(Clone)]
 pub struct DhKeyPair {
     pub private_key: SecretKey,
     pub public_key: PublicKey,
 }
 
-impl Drop for DhKeyPair {
-    fn drop(&mut self) {
-        self.private_key = SecretKey::random(&mut OsRng);
-        self.public_key = self.private_key.public_key();
-    }
-}
-
-impl Zeroize for DhKeyPair {
-    fn zeroize(&mut self) {
-        self.private_key = SecretKey::random(&mut OsRng);
-        self.public_key = self.private_key.public_key();
-    }
-}
 
 impl DhKeyPair {
     fn ex_public_key_bytes(&self) -> Vec<u8> {
@@ -38,7 +23,7 @@ impl DhKeyPair {
 
 impl PartialEq for DhKeyPair {
     fn eq(&self, other: &Self) -> bool {
-        if self.private_key.to_bytes() != other.private_key.to_bytes() {
+        if self.private_key.to_be_bytes() != other.private_key.to_be_bytes() {
             return false
         }
         if self.ex_public_key_bytes() != other.ex_public_key_bytes() {
@@ -51,7 +36,7 @@ impl PartialEq for DhKeyPair {
 impl Debug for DhKeyPair {
     fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
         f.debug_struct("DhKeyPair")
-            .field("private_key", &self.private_key.to_bytes())
+            .field("private_key", &self.private_key.to_be_bytes())
             .field("public_key", &self.ex_public_key_bytes())
             .finish()
     }
@@ -74,7 +59,7 @@ impl DhKeyPair {
     }
 
     pub fn key_agreement(&self, public_key: &PublicKey) -> SharedSecret {
-        diffie_hellman(self.private_key.to_secret_scalar(), public_key.as_affine())
+        diffie_hellman(self.private_key.to_nonzero_scalar(), public_key.as_affine())
     }
 }
 
diff --git a/src/kdf_chain.rs b/src/kdf_chain.rs
index 5b4a10d..d240beb 100644
--- a/src/kdf_chain.rs
+++ b/src/kdf_chain.rs
@@ -1,9 +1,5 @@
-use hmac::{Hmac, Mac, NewMac};
+use hmac::{Hmac, Mac};
 
-#[cfg(feature = "ring")]
-use ring_compat::digest::Sha512;
-
-#[cfg(not(feature = "ring"))]
 use sha2::Sha512;
 
 use core::convert::TryInto;
diff --git a/src/kdf_root.rs b/src/kdf_root.rs
index 70c2ba4..0640959 100644
--- a/src/kdf_root.rs
+++ b/src/kdf_root.rs
@@ -1,10 +1,7 @@
 
 use hkdf::Hkdf;
 
-#[cfg(feature = "ring")]
-use ring_compat::digest::Sha512;
 
-#[cfg(not(feature = "ring"))]
 use sha2::Sha512;
 
 use core::convert::TryInto;
diff --git a/src/lib.rs b/src/lib.rs
index 7d34599..9209fe8 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -119,7 +119,7 @@
 //! # let shared_nhkb = [2; 32];
 //! let (bob_ratchet, public_key) = RatchetEncHeader::init_bob(sk, shared_hka, shared_nhkb);
 //! let ex_ratchet = bob_ratchet.export();
-//! let im_ratchet = RatchetEncHeader::import(&ex_ratchet);
+//! let im_ratchet = RatchetEncHeader::import(&ex_ratchet).unwrap();
 //! assert_eq!(im_ratchet, bob_ratchet)
 //! ```
 //!
diff --git a/src/ratchet.rs b/src/ratchet.rs
index 67435c8..28ff7c5 100644
--- a/src/ratchet.rs
+++ b/src/ratchet.rs
@@ -33,7 +33,6 @@ pub struct Ratchet {
 
 impl Drop for Ratchet {
     fn drop(&mut self) {
-        self.dhs.zeroize();
         if let Some(mut _d) = self.dhr {
             let sk = SecretKey::random(&mut OsRng);
             _d = sk.public_key()
@@ -182,7 +181,6 @@ pub struct RatchetEncHeader {
 
 impl Zeroize for RatchetEncHeader {
     fn zeroize(&mut self) {
-        self.dhs.zeroize();
         self.rk.zeroize();
         self.cks.zeroize();
         self.ckr.zeroize();
@@ -225,7 +223,7 @@ impl From<&RatchetEncHeader> for ExRatchetEncHeader {
     fn from(reh: &RatchetEncHeader) -> Self {
         let private_dhs = reh.dhs.private_key.to_jwk_string();
         let public_dhs = reh.dhs.public_key.to_jwk_string();
-        let dhs = (private_dhs, public_dhs);
+        let dhs = (private_dhs.to_string(), public_dhs);
         let dhr = reh.dhr.map(|e| e.to_jwk_string());
         let rk = reh.rk;
         let cks = reh.cks;
@@ -441,8 +439,8 @@ impl RatchetEncHeader {
     }
 
     /// Import the ratchet from Binary data. Panics when binary data is invalid.
-    pub fn import(inp: &[u8]) -> Self {
-        let ex: ExRatchetEncHeader = bincode::deserialize(inp).unwrap();
-        RatchetEncHeader::from(&ex)
+    pub fn import(inp: &[u8]) -> Option<Self> {
+        let ex: ExRatchetEncHeader = bincode::deserialize(inp).ok()?;
+        Some(RatchetEncHeader::from(&ex))
     }
 }
diff --git a/tests/mod.rs b/tests/mod.rs
index 2b7752c..b9713c8 100644
--- a/tests/mod.rs
+++ b/tests/mod.rs
@@ -189,10 +189,10 @@ fn import_export() {
     let alice_ratchet = RatchetEncHeader::init_alice(sk, public_key, shared_hka, shared_nhkb);
 
     let ex_bob_ratchet = bob_ratchet.export();
-    let in_bob_ratchet = RatchetEncHeader::import(&ex_bob_ratchet);
+    let in_bob_ratchet = RatchetEncHeader::import(&ex_bob_ratchet).unwrap();
     assert_eq!(in_bob_ratchet, bob_ratchet);
 
     let ex_alice_ratchet = alice_ratchet.export();
-    let in_alice_ratchet = RatchetEncHeader::import(&ex_alice_ratchet);
+    let in_alice_ratchet = RatchetEncHeader::import(&ex_alice_ratchet).unwrap();
     assert_eq!(in_alice_ratchet, alice_ratchet);
 }