cargo: Bump hmac and sha2 dependencies.
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful

Bump the `hmac` dependency to `0.12`, therefor remove deprecated
`NewMac`. Further, bump the `sha2` dependency to `0.10`.
This commit is contained in:
finga 2023-06-11 15:03:00 +02:00
parent 57d4f10b41
commit faba2949d2
3 changed files with 24 additions and 30 deletions

45
Cargo.lock generated
View file

@ -148,9 +148,9 @@ checksum = "6776fc96284a0bb647b615056fc496d1fe1644a7ab01829818a6d91cae888b84"
[[package]] [[package]]
name = "block-buffer" name = "block-buffer"
version = "0.9.0" version = "0.10.4"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71"
dependencies = [ dependencies = [
"generic-array", "generic-array",
] ]
@ -248,13 +248,13 @@ dependencies = [
] ]
[[package]] [[package]]
name = "crypto-mac" name = "crypto-common"
version = "0.11.1" version = "0.1.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b1d1a86f49236c215f271d40892d5fc950490551400b02ef360692c29815c714" checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
dependencies = [ dependencies = [
"generic-array", "generic-array",
"subtle", "typenum",
] ]
[[package]] [[package]]
@ -292,11 +292,13 @@ dependencies = [
[[package]] [[package]]
name = "digest" name = "digest"
version = "0.9.0" version = "0.10.7"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292"
dependencies = [ dependencies = [
"generic-array", "block-buffer",
"crypto-common",
"subtle",
] ]
[[package]] [[package]]
@ -581,11 +583,10 @@ checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
[[package]] [[package]]
name = "hmac" name = "hmac"
version = "0.11.0" version = "0.12.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2a2a2320eb7ec0ebe8da8f744d7812d9fc4cb4d09344ac01898dbcb6a20ae69b" checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e"
dependencies = [ dependencies = [
"crypto-mac",
"digest", "digest",
] ]
@ -859,12 +860,6 @@ version = "1.18.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d"
[[package]]
name = "opaque-debug"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
[[package]] [[package]]
name = "overload" name = "overload"
version = "0.1.1" version = "0.1.1"
@ -1193,9 +1188,9 @@ dependencies = [
[[package]] [[package]]
name = "rustix" name = "rustix"
version = "0.37.19" version = "0.37.20"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "acf8729d8542766f1b2cf77eb034d52f40d375bb8b615d0b147089946e16613d" checksum = "b96e891d04aa506a6d1f318d2771bcb1c7dfda84e126660ace067c9b474bb2c0"
dependencies = [ dependencies = [
"bitflags 1.3.2", "bitflags 1.3.2",
"errno", "errno",
@ -1324,15 +1319,13 @@ dependencies = [
[[package]] [[package]]
name = "sha2" name = "sha2"
version = "0.9.9" version = "0.10.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800" checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0"
dependencies = [ dependencies = [
"block-buffer",
"cfg-if", "cfg-if",
"cpufeatures", "cpufeatures",
"digest", "digest",
"opaque-debug",
] ]
[[package]] [[package]]
@ -1416,9 +1409,9 @@ checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623"
[[package]] [[package]]
name = "subtle" name = "subtle"
version = "2.4.1" version = "2.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc"
[[package]] [[package]]
name = "syn" name = "syn"

View file

@ -16,7 +16,7 @@ clap = { version = "4.3", features = ["derive"] }
dirs = "4.0" dirs = "4.0"
env_logger = "0.9" env_logger = "0.9"
hex = "0.4" hex = "0.4"
hmac = "0.11" hmac = "0.12"
ipnet = { version = "2.3", features = ["serde"] } ipnet = { version = "2.3", features = ["serde"] }
log = "0.4" log = "0.4"
regex = "1.5" regex = "1.5"
@ -26,7 +26,7 @@ serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0" serde_json = "1.0"
serde_regex = "1.1" serde_regex = "1.1"
serde_yaml = "0.8" serde_yaml = "0.8"
sha2 = "0.9" sha2 = "0.10"
thiserror = "1.0" thiserror = "1.0"
[package.metadata.deb] [package.metadata.deb]

View file

@ -3,7 +3,7 @@ use crate::{
Config, Metrics, WebhookeyError, Config, Metrics, WebhookeyError,
}; };
use anyhow::{anyhow, bail, Result}; use anyhow::{anyhow, bail, Result};
use hmac::{Hmac, Mac, NewMac}; use hmac::{Hmac, Mac};
use log::{debug, error, info, trace, warn}; use log::{debug, error, info, trace, warn};
use rocket::{ use rocket::{
data::{FromData, ToByteUnit}, data::{FromData, ToByteUnit},
@ -44,7 +44,8 @@ fn validate_request(secret: &str, signature: &str, data: &[u8]) -> Result<()> {
.map_err(|e| anyhow!("Could not create hasher with secret: {}", e))?; .map_err(|e| anyhow!("Could not create hasher with secret: {}", e))?;
mac.update(data); mac.update(data);
let raw_signature = hex::decode(signature.as_bytes())?; let raw_signature = hex::decode(signature.as_bytes())?;
mac.verify(&raw_signature).map_err(|e| anyhow!("{}", e)) mac.verify_slice(&raw_signature)
.map_err(|e| anyhow!("{}", e))
} }
#[derive(Debug, Deserialize, Serialize)] #[derive(Debug, Deserialize, Serialize)]