From 810053329e9a0725e6ad858d07e0e21410ed124e Mon Sep 17 00:00:00 2001
From: Benjamin Wasty <benny.wasty@gmail.com>
Date: Fri, 25 Jan 2019 17:21:00 +0100
Subject: [PATCH] Update parity-crypto to ring v0.14 (#99)

---
 parity-crypto/Cargo.toml     | 4 ++--
 parity-crypto/src/aes_gcm.rs | 8 ++++++--
 parity-crypto/src/lib.rs     | 2 +-
 parity-crypto/src/pbkdf2.rs  | 6 ++++--
 4 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/parity-crypto/Cargo.toml b/parity-crypto/Cargo.toml
index af6f35a..3758f0f 100644
--- a/parity-crypto/Cargo.toml
+++ b/parity-crypto/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "parity-crypto"
-version = "0.2.0"
+version = "0.3.0"
 authors = ["Parity Technologies <admin@parity.io>"]
 repository = "https://github.com/paritytech/parity-common"
 description = "Crypto utils used by ethstore and network."
@@ -8,6 +8,6 @@ license = "GPL-3.0"
 
 [dependencies]
 quick-error = "1.2.2"
-ring = "0.13"
+ring = "0.14.3"
 rust-crypto = "0.2.36"
 tiny-keccak = "1.4"
diff --git a/parity-crypto/src/aes_gcm.rs b/parity-crypto/src/aes_gcm.rs
index 819c613..a28622b 100644
--- a/parity-crypto/src/aes_gcm.rs
+++ b/parity-crypto/src/aes_gcm.rs
@@ -73,7 +73,9 @@ impl<'a> Encryptor<'a> {
 			Mode::Aes256Gcm => ring::aead::AES_256_GCM.tag_len(),
 		};
 		data.extend(::std::iter::repeat(0).take(tag_len));
-		let len = ring::aead::seal_in_place(&self.key, nonce, self.ad, &mut data[self.offset ..], tag_len)?;
+		let nonce = ring::aead::Nonce::assume_unique_for_key(*nonce);
+		let aad = ring::aead::Aad::from(self.ad);
+		let len = ring::aead::seal_in_place(&self.key, nonce, aad, &mut data[self.offset ..], tag_len)?;
 		data.truncate(self.offset + len);
 		Ok(data)
 	}
@@ -121,7 +123,9 @@ impl<'a> Decryptor<'a> {
 		if self.offset > data.len() {
 			return Err(SymmError::offset_error(self.offset))
 		}
-		let len = ring::aead::open_in_place(&self.key, nonce, self.ad, 0, &mut data[self.offset ..])?.len();
+		let nonce = ring::aead::Nonce::assume_unique_for_key(*nonce);
+		let aad = ring::aead::Aad::from(self.ad);
+		let len = ring::aead::open_in_place(&self.key, nonce, aad, 0, &mut data[self.offset ..])?.len();
 		data.truncate(self.offset + len);
 		Ok(data)
 	}
diff --git a/parity-crypto/src/lib.rs b/parity-crypto/src/lib.rs
index 2785bc8..b80ba46 100644
--- a/parity-crypto/src/lib.rs
+++ b/parity-crypto/src/lib.rs
@@ -55,7 +55,7 @@ impl<T> Keccak256<[u8; 32]> for T where T: AsRef<[u8]> {
 	}
 }
 
-pub fn derive_key_iterations(password: &[u8], salt: &[u8], c: u32) -> (Vec<u8>, Vec<u8>) {
+pub fn derive_key_iterations(password: &[u8], salt: &[u8], c: std::num::NonZeroU32) -> (Vec<u8>, Vec<u8>) {
 	let mut derived_key = [0u8; KEY_LENGTH];
 	pbkdf2::sha256(c, pbkdf2::Salt(salt), pbkdf2::Secret(password), &mut derived_key);
 	let derived_right_bits = &derived_key[0..KEY_LENGTH_AES];
diff --git a/parity-crypto/src/pbkdf2.rs b/parity-crypto/src/pbkdf2.rs
index d210f6f..c4d5cca 100644
--- a/parity-crypto/src/pbkdf2.rs
+++ b/parity-crypto/src/pbkdf2.rs
@@ -14,15 +14,17 @@
 // You should have received a copy of the GNU General Public License
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.
 
+use std::num::NonZeroU32;
+
 use ring;
 
 pub struct Salt<'a>(pub &'a [u8]);
 pub struct Secret<'a>(pub &'a [u8]);
 
-pub fn sha256(iter: u32, salt: Salt, sec: Secret, out: &mut [u8; 32]) {
+pub fn sha256(iter: NonZeroU32, salt: Salt, sec: Secret, out: &mut [u8; 32]) {
 	ring::pbkdf2::derive(&ring::digest::SHA256, iter, salt.0, sec.0, &mut out[..])
 }
 
-pub fn sha512(iter: u32, salt: Salt, sec: Secret, out: &mut [u8; 64]) {
+pub fn sha512(iter: NonZeroU32, salt: Salt, sec: Secret, out: &mut [u8; 64]) {
 	ring::pbkdf2::derive(&ring::digest::SHA512, iter, salt.0, sec.0, &mut out[..])
 }