From 72b5e6dfc312532381793302f851af36d0375069 Mon Sep 17 00:00:00 2001
From: Kris Nuttycombe <kris@nutty.land>
Date: Fri, 16 Sep 2022 12:18:50 -0600
Subject: [PATCH 1/2] Upgrade chacha20poly1305 dependency to version 0.10

Also upgrade  the `chacha20`, `cipher`, and `subtle` dependency
versions.
---
 components/zcash_note_encryption/Cargo.toml | 7 ++++---
 components/zcash_note_encryption/src/lib.rs | 8 +++-----
 2 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/components/zcash_note_encryption/Cargo.toml b/components/zcash_note_encryption/Cargo.toml
index 413522fcb..a56478ebb 100644
--- a/components/zcash_note_encryption/Cargo.toml
+++ b/components/zcash_note_encryption/Cargo.toml
@@ -19,11 +19,12 @@ all-features = true
 rustdoc-args = ["--cfg", "docsrs"]
 
 [dependencies]
-chacha20 = { version = "0.8", default-features = false }
-chacha20poly1305 = { version = "0.9", default-features = false }
+cipher = { version = "0.4", default-features = false }
+chacha20 = { version = "0.9", default-features = false }
+chacha20poly1305 = { version = "0.10", default-features = false }
 group = "0.12"
 rand_core = { version = "0.6", default-features = false }
-subtle = { version = "2.2.3", default-features = false }
+subtle = { version = "2.3", default-features = false }
 
 [dev-dependencies]
 ff = { version = "0.12", default-features = false }
diff --git a/components/zcash_note_encryption/src/lib.rs b/components/zcash_note_encryption/src/lib.rs
index b16146bb1..c21947f26 100644
--- a/components/zcash_note_encryption/src/lib.rs
+++ b/components/zcash_note_encryption/src/lib.rs
@@ -25,13 +25,11 @@ extern crate alloc;
 use alloc::vec::Vec;
 
 use chacha20::{
-    cipher::{NewCipher, StreamCipher, StreamCipherSeek},
+    cipher::{StreamCipher, StreamCipherSeek},
     ChaCha20,
 };
-use chacha20poly1305::{
-    aead::{AeadInPlace, NewAead},
-    ChaCha20Poly1305,
-};
+use chacha20poly1305::{aead::AeadInPlace, ChaCha20Poly1305, KeyInit};
+use cipher::KeyIvInit;
 
 use rand_core::RngCore;
 use subtle::{Choice, ConstantTimeEq};

From 29220c716f962062c0fdfef2d8fbaeddc050a6a7 Mon Sep 17 00:00:00 2001
From: Kris Nuttycombe <kris@nutty.land>
Date: Fri, 16 Sep 2022 12:18:50 -0600
Subject: [PATCH 2/2] Remove `zcash_primitives` as a zcash_note_encryption dev
 dependency.

This was only used to provide example code for Sapling usage of
the `NoteEncryption` struct; this example code has been moved
to `sapling::note_encryption`.
---
 components/zcash_note_encryption/Cargo.toml   |  1 -
 components/zcash_note_encryption/src/lib.rs   | 44 -------------------
 .../src/sapling/note_encryption.rs            | 44 +++++++++++++++++++
 3 files changed, 44 insertions(+), 45 deletions(-)

diff --git a/components/zcash_note_encryption/Cargo.toml b/components/zcash_note_encryption/Cargo.toml
index a56478ebb..3518a4a8c 100644
--- a/components/zcash_note_encryption/Cargo.toml
+++ b/components/zcash_note_encryption/Cargo.toml
@@ -28,7 +28,6 @@ subtle = { version = "2.3", default-features = false }
 
 [dev-dependencies]
 ff = { version = "0.12", default-features = false }
-zcash_primitives = { version = "0.7", path = "../../zcash_primitives" }
 jubjub = "0.9"
 
 [features]
diff --git a/components/zcash_note_encryption/src/lib.rs b/components/zcash_note_encryption/src/lib.rs
index c21947f26..ab8f0c220 100644
--- a/components/zcash_note_encryption/src/lib.rs
+++ b/components/zcash_note_encryption/src/lib.rs
@@ -345,50 +345,6 @@ pub trait ShieldedOutput<D: Domain, const CIPHERTEXT_SIZE: usize> {
 ///
 /// Implements section 4.19 of the
 /// [Zcash Protocol Specification](https://zips.z.cash/protocol/nu5.pdf#saplingandorchardinband)
-/// NB: the example code is only covering the post-Canopy case.
-///
-/// # Examples
-///
-/// ```
-/// extern crate ff;
-/// extern crate rand_core;
-/// extern crate zcash_primitives;
-///
-/// use ff::Field;
-/// use rand_core::OsRng;
-/// use zcash_primitives::{
-///     keys::{OutgoingViewingKey, prf_expand},
-///     consensus::{TEST_NETWORK, TestNetwork, NetworkUpgrade, Parameters},
-///     memo::MemoBytes,
-///     sapling::{
-///         note_encryption::sapling_note_encryption,
-///         util::generate_random_rseed,
-///         Diversifier, PaymentAddress, Rseed, ValueCommitment
-///     },
-/// };
-///
-/// let mut rng = OsRng;
-///
-/// let diversifier = Diversifier([0; 11]);
-/// let pk_d = diversifier.g_d().unwrap();
-/// let to = PaymentAddress::from_parts(diversifier, pk_d).unwrap();
-/// let ovk = Some(OutgoingViewingKey([0; 32]));
-///
-/// let value = 1000;
-/// let rcv = jubjub::Fr::random(&mut rng);
-/// let cv = ValueCommitment {
-///     value,
-///     randomness: rcv.clone(),
-/// };
-/// let height = TEST_NETWORK.activation_height(NetworkUpgrade::Canopy).unwrap();
-/// let rseed = generate_random_rseed(&TEST_NETWORK, height, &mut rng);
-/// let note = to.create_note(value, rseed).unwrap();
-/// let cmu = note.cmu();
-///
-/// let mut enc = sapling_note_encryption::<_, TestNetwork>(ovk, note, to, MemoBytes::empty(), &mut rng);
-/// let encCiphertext = enc.encrypt_note_plaintext();
-/// let outCiphertext = enc.encrypt_outgoing_plaintext(&cv.commitment().into(), &cmu, &mut rng);
-/// ```
 pub struct NoteEncryption<D: Domain> {
     epk: D::EphemeralPublicKey,
     esk: D::EphemeralSecretKey,
diff --git a/zcash_primitives/src/sapling/note_encryption.rs b/zcash_primitives/src/sapling/note_encryption.rs
index 27eac5262..bf3817374 100644
--- a/zcash_primitives/src/sapling/note_encryption.rs
+++ b/zcash_primitives/src/sapling/note_encryption.rs
@@ -1,4 +1,7 @@
 //! Implementation of in-band secret distribution for Zcash transactions.
+//!
+//! NB: the example code is only covering the post-Canopy case.
+
 use blake2b_simd::{Hash as Blake2bHash, Params as Blake2bParams};
 use byteorder::{LittleEndian, WriteBytesExt};
 use ff::PrimeField;
@@ -381,6 +384,47 @@ impl<P: consensus::Parameters> BatchDomain for SaplingDomain<P> {
 ///
 /// Setting `ovk` to `None` represents the `ovk = ⊥` case, where the note cannot be
 /// recovered by the sender.
+///
+/// NB: the example code here only covers the post-Canopy case.
+///
+/// # Examples
+///
+/// ```
+/// use ff::Field;
+/// use rand_core::OsRng;
+/// use zcash_primitives::{
+///     keys::{OutgoingViewingKey, prf_expand},
+///     consensus::{TEST_NETWORK, TestNetwork, NetworkUpgrade, Parameters},
+///     memo::MemoBytes,
+///     sapling::{
+///         note_encryption::sapling_note_encryption,
+///         util::generate_random_rseed,
+///         Diversifier, PaymentAddress, Rseed, ValueCommitment
+///     },
+/// };
+///
+/// let mut rng = OsRng;
+///
+/// let diversifier = Diversifier([0; 11]);
+/// let pk_d = diversifier.g_d().unwrap();
+/// let to = PaymentAddress::from_parts(diversifier, pk_d).unwrap();
+/// let ovk = Some(OutgoingViewingKey([0; 32]));
+///
+/// let value = 1000;
+/// let rcv = jubjub::Fr::random(&mut rng);
+/// let cv = ValueCommitment {
+///     value,
+///     randomness: rcv.clone(),
+/// };
+/// let height = TEST_NETWORK.activation_height(NetworkUpgrade::Canopy).unwrap();
+/// let rseed = generate_random_rseed(&TEST_NETWORK, height, &mut rng);
+/// let note = to.create_note(value, rseed).unwrap();
+/// let cmu = note.cmu();
+///
+/// let mut enc = sapling_note_encryption::<_, TestNetwork>(ovk, note, to, MemoBytes::empty(), &mut rng);
+/// let encCiphertext = enc.encrypt_note_plaintext();
+/// let outCiphertext = enc.encrypt_outgoing_plaintext(&cv.commitment().into(), &cmu, &mut rng);
+/// ```
 pub fn sapling_note_encryption<R: RngCore, P: consensus::Parameters>(
     ovk: Option<OutgoingViewingKey>,
     note: Note,