rust: bump rsa from 0.4.0 to 0.5.0

Bumps [rsa](https://github.com/RustCrypto/RSA) from 0.4.0 to 0.5.0. - [Release notes](https://github.com/RustCrypto/RSA/releases) - [Changelog](https://github.com/RustCrypto/RSA/blob/master/release.toml) - [Commits](RustCrypto/RSA@v0.4.0...v0.5.0) --- updated-dependencies: - dependency-name: rsa dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
oasisprotocol · Jul 27, 2021 · 138662b · 138662b
1 parent 4e0a590
commit 138662b
Show file tree

Hide file tree

Showing 4 changed files with 80 additions and 42 deletions.
diff --git a/.changelog/4147.internal.md b/.changelog/4147.internal.md
@@ -0,0 +1 @@
+rust: bump rsa from 0.4.0 to 0.5.0
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/runtime/Cargo.toml b/runtime/Cargo.toml
@@ -53,7 +53,7 @@ bech32 = "0.8.1"
 impl-trait-for-tuples = "0.2.1"
 x509-parser = "0.9.2"
 oid-registry = "0.1.5"
-rsa = "0.4.0"
+rsa = "0.5.0"
 base64-serde = "0.6.1"
 
 [dev-dependencies]

diff --git a/runtime/src/common/sgx/avr.rs b/runtime/src/common/sgx/avr.rs
@@ -8,7 +8,7 @@ use chrono::prelude::*;
 use lazy_static::lazy_static;
 use oid_registry::{OID_PKCS1_RSAENCRYPTION, OID_PKCS1_SHA256WITHRSA};
 use percent_encoding;
-use rsa::{padding::PaddingScheme, Hash, PublicKey, RSAPublicKey};
+use rsa::{padding::PaddingScheme, pkcs1::FromRsaPublicKey, Hash, PublicKey, RsaPublicKey};
 use serde_json;
 use sgx_isa::{AttributesFlags, Report};
 use sha2::{Digest, Sha256};
@@ -450,19 +450,19 @@ fn validate_avr_signature(
     }
 }
 
-fn extract_certificate_rsa_public_key(cert: &X509Certificate) -> Result<RSAPublicKey> {
+fn extract_certificate_rsa_public_key(cert: &X509Certificate) -> Result<RsaPublicKey> {
     let cert_spki = &cert.tbs_certificate.subject_pki;
     if cert_spki.algorithm.algorithm != OID_PKCS1_RSAENCRYPTION {
         return Err(anyhow!("invalid certificate public key algorithm"));
     }
 
-    match RSAPublicKey::from_pkcs1(cert_spki.subject_public_key.data) {
+    match RsaPublicKey::from_pkcs1_der(cert_spki.subject_public_key.data) {
         Ok(pk) => Ok(pk),
         Err(err) => return Err(anyhow!("invalid certificate public key: {:?}", err)),
     }
 }
 
-fn check_certificate_rsa_signature(cert: &X509Certificate, public_key: &RSAPublicKey) -> bool {
+fn check_certificate_rsa_signature(cert: &X509Certificate, public_key: &RsaPublicKey) -> bool {
     if cert.signature_algorithm.algorithm != OID_PKCS1_SHA256WITHRSA {
         return false;
     }