bump deps

Author: BrettMayson

Cargo.lock

@@ -58,6 +58,7 @@ paste = "1.0.15"
 peekmore = "1.3.0"
 pest = "2.8.1"
 pest_derive = "2.8.1"
+rand = "0.9.1"
 regex = "1.11.1"
 rustversion = "1.0.21"
 serde = { version = "1.0.219", features = ["derive"] }
@@ -68,10 +69,10 @@ supports-hyperlinks = "3.1.0"
 tabled = "0.20.0"
 terminal-link = "0.1.0"
 thiserror = "2.0.12"
-toml = "0.8.23"
+toml = "0.9.2"
 tower-lsp = "0.20.0"
 tracing = { version = "0.1.41", features = ["attributes"] }
 tracing-test = "0.2.5"
-vfs = "0.12.1"
+vfs = "0.12.2"
 walkdir = "2.5.0"
-zip = "4.2.0"
+zip = "4.3.0"

Cargo.toml

@@ -40,13 +40,13 @@ fs_extra = "1.3.0"
 git2 = { workspace = true }
 glob = "0.3.2"
 image = "0.25.6"
-indicatif = "0.17.11"
+indicatif = "0.18.0"
 interprocess = { workspace = true }
 num_cpus = "1.17.0"
 paste = { workspace = true }
 rayon = "1.10.0"
 regex = { workspace = true }
-reqwest = { version = "0.12.20", features = ["blocking", "json"] }
+reqwest = { version = "0.12.22", features = ["blocking", "json"] }
 rhai = "1.22.2"
 rust-embed = "8.7.2"
 semver = "1.0.26"

bin/Cargo.toml

@@ -21,7 +21,7 @@ regex = { workspace = true }
 ropey = "1.6.1"
 serde = { workspace = true }
 serde_json = { workspace = true }
-tokio = { version = "1.44.1", features = ["full"] }
+tokio = { version = "1.46.1", features = ["full"] }
 tower-lsp = { workspace = true, features = ["proposed"]}
 tracing = { workspace = true }
 tracing-subscriber = { version = "0.3.19", features = ["json"] }

hls/Cargo.toml

@@ -9,11 +9,11 @@ license = "GPL-2.0"
 workspace = true
 
 [dependencies]
-libc = "0.2.172"
+libc = "0.2.174"
 thiserror = { workspace = true }
 
 [dev-dependencies]
-rand = "0.8.5"
+rand = { workspace = true }
 
 [features]
 default = ["compress", "decompress"]

libs/lzo/Cargo.toml

@@ -17,7 +17,8 @@ hemtt-common = { path = "../common" }
 hemtt-pbo = { path = "../pbo" }
 
 byteorder = { workspace = true }
-rand = "0.8.5"
-rsa = "0.9.8"
+crypto-bigint = { version = "0.7.0-pre.6", features = ["alloc"] }
+rand = { workspace = true }
+rsa = "0.10.0-rc.3"
 sha-1 = { workspace = true }
 thiserror = { workspace = true }

libs/signing/Cargo.toml

@@ -9,9 +9,13 @@
 
 use std::io::{Read, Seek, Write};
 
+use crypto_bigint::{
+    Odd, Resize,
+    modular::{BoxedMontyForm, BoxedMontyParams},
+};
 use hemtt_common::BISignVersion;
 use hemtt_pbo::ReadablePbo;
-use rsa::BigUint;
+use rsa::BoxedUint;
 use sha1::{Digest, Sha1};
 
 mod error;
@@ -24,19 +28,19 @@ pub use private::BIPrivateKey;
 pub use public::BIPublicKey;
 pub use signature::BISign;
 
-/// Writes a [`BigUint`] to the given output.
+/// Writes a [`BoxedUint`] to the given output.
 ///
 /// # Errors
 /// If the output fails to write.
-pub fn write_biguint<O: Write>(output: &mut O, bn: &BigUint, size: usize) -> Result<(), Error> {
-    let mut vec: Vec<u8> = bn.to_bytes_le();
+pub fn write_boxeduint<O: Write>(output: &mut O, bn: &BoxedUint, size: usize) -> Result<(), Error> {
+    let mut vec: Vec<u8> = bn.to_le_bytes().to_vec();
     vec.resize(size, 0);
     output.write_all(&vec).map_err(std::convert::Into::into)
 }
 
-fn display_hashes(a: &BigUint, b: &BigUint) -> (String, String) {
-    let hex_a = a.to_str_radix(16).to_lowercase();
-    let hex_b = b.to_str_radix(16).to_lowercase();
+fn display_hashes(a: &BoxedUint, b: &BoxedUint) -> (String, String) {
+    let hex_a = a.to_string_radix_vartime(16).to_lowercase();
+    let hex_b = b.to_string_radix_vartime(16).to_lowercase();
 
     if hex_a.len() != hex_b.len() || hex_a.len() <= 40 {
         return (hex_a, hex_b);
@@ -60,7 +64,7 @@ pub fn generate_hashes<I: Seek + Read>(
     pbo: &mut ReadablePbo<I>,
     version: BISignVersion,
     length: u32,
-) -> Result<(BigUint, BigUint, BigUint), Error> {
+) -> Result<(BoxedUint, BoxedUint, BoxedUint), Error> {
     let mut hasher = Sha1::new();
     let hash1 = pbo.gen_checksum()?;
 
@@ -94,23 +98,40 @@ pub fn generate_hashes<I: Seek + Read>(
 
 #[must_use]
 /// Pad a hash to the given size
-pub fn pad_hash(hash: &[u8], size: usize) -> BigUint {
+pub fn pad_hash(hash: &[u8], size: usize) -> BoxedUint {
     let mut vec: Vec<u8> = vec![0, 1];
     vec.resize(size - 36, 255);
     vec.extend(b"\x00\x30\x21\x30\x09\x06\x05\x2b");
     vec.extend(b"\x0e\x03\x02\x1a\x05\x00\x04\x14");
     vec.extend(hash);
 
-    BigUint::from_bytes_be(&vec)
+    BoxedUint::from_be_slice_vartime(&vec)
+}
+
+#[must_use]
+pub fn modpow(base: &BoxedUint, exponent: &BoxedUint, modulus: &BoxedUint) -> BoxedUint {
+    let n_params = BoxedMontyParams::new(Odd::new(modulus.clone()).unwrap());
+    pow_mod_params(base, exponent, &n_params)
+}
+
+fn pow_mod_params(base: &BoxedUint, exp: &BoxedUint, n_params: &BoxedMontyParams) -> BoxedUint {
+    let base = reduce_vartime(base, n_params);
+    base.pow(exp).retrieve()
+}
+
+fn reduce_vartime(n: &BoxedUint, p: &BoxedMontyParams) -> BoxedMontyForm {
+    let modulus = p.modulus().as_nz_ref().clone();
+    let n_reduced = n.rem_vartime(&modulus).resize_unchecked(p.bits_precision());
+    BoxedMontyForm::new(n_reduced, p.clone())
 }
 
 #[cfg(test)]
 mod tests {
-    use rsa::BigUint;
+    use rsa::BoxedUint;
 
     #[test]
     fn display_hashes() {
-        let bu = &BigUint::from_slice_native(&[
+        let bu = &BoxedUint::from_words([
             3_383_022_893_987_068_657,
             211_522_787_039_626_673,
             12_924_607_435_213_790_771,

libs/signing/src/lib.rs

@@ -4,26 +4,26 @@ use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
 use hemtt_common::io::{ReadExt, WriteExt};
 use hemtt_pbo::{BISignVersion, ReadablePbo};
 use rsa::{
-    BigUint, RsaPrivateKey,
+    BoxedUint, RsaPrivateKey,
     traits::{PrivateKeyParts, PublicKeyParts},
 };
 
-use crate::{error::Error, generate_hashes, public::BIPublicKey, signature::BISign};
+use crate::{error::Error, generate_hashes, modpow, public::BIPublicKey, signature::BISign};
 
 #[allow(clippy::module_name_repetitions)]
 #[derive(Debug, Clone)]
 /// A private key for signing PBOs
 pub struct BIPrivateKey {
     authority: String,
     length: u32,
-    exponent: BigUint,
-    n: BigUint,
-    p: BigUint,
-    q: BigUint,
-    dp: BigUint,
-    dq: BigUint,
-    qinv: BigUint,
-    d: BigUint,
+    exponent: BoxedUint,
+    n: BoxedUint,
+    p: BoxedUint,
+    q: BoxedUint,
+    dp: BoxedUint,
+    dq: BoxedUint,
+    qinv: BoxedUint,
+    d: BoxedUint,
 }
 
 impl BIPrivateKey {
@@ -35,20 +35,18 @@ impl BIPrivateKey {
     /// # Errors
     /// If RSA generation fails.
     pub fn generate(length: u32, authority: &str) -> Result<Self, Error> {
-        let mut rng = rand::thread_rng();
+        let mut rng = rand::rng();
         let mut rsa = RsaPrivateKey::new(&mut rng, length as usize)?;
         rsa.precompute()?;
         let primes = rsa.primes();
-        let Some(qinv) = rsa.qinv().expect(
+        let qinv = rsa.qinv().expect(
             "qinv should be precomputed, if it's not, the precompute failed and we should return",
-        ).to_biguint() else {
-            return Err(Error::Rsa(rsa::errors::Error::Internal));
-        };
+        ).to_montgomery();
         Ok(Self {
             authority: authority.to_string(),
             length,
             exponent: rsa.e().clone(),
-            n: rsa.n().clone(),
+            n: rsa.n().clone().get(),
             p: primes[0].clone(),
             q: primes[1].clone(),
             dp: rsa.dp().expect(
@@ -92,49 +90,49 @@ impl BIPrivateKey {
         let exponent = {
             let mut buffer = vec![0; 4];
             input.read_exact(&mut buffer)?;
-            BigUint::from_bytes_le(&buffer)
+            BoxedUint::from_le_slice_vartime(&buffer)
         };
 
         let n = {
             let mut buffer = vec![0; (length / 8) as usize];
             input.read_exact(&mut buffer)?;
-            BigUint::from_bytes_le(&buffer)
+            BoxedUint::from_le_slice_vartime(&buffer)
         };
 
         let p = {
             let mut buffer = vec![0; (length / 16) as usize];
             input.read_exact(&mut buffer)?;
-            BigUint::from_bytes_le(&buffer)
+            BoxedUint::from_le_slice_vartime(&buffer)
         };
 
         let q = {
             let mut buffer = vec![0; (length / 16) as usize];
             input.read_exact(&mut buffer)?;
-            BigUint::from_bytes_le(&buffer)
+            BoxedUint::from_le_slice_vartime(&buffer)
         };
 
         let dp = {
             let mut buffer = vec![0; (length / 16) as usize];
             input.read_exact(&mut buffer)?;
-            BigUint::from_bytes_le(&buffer)
+            BoxedUint::from_le_slice_vartime(&buffer)
         };
 
         let dq = {
             let mut buffer = vec![0; (length / 16) as usize];
             input.read_exact(&mut buffer)?;
-            BigUint::from_bytes_le(&buffer)
+            BoxedUint::from_le_slice_vartime(&buffer)
         };
 
         let qinv = {
             let mut buffer = vec![0; (length / 16) as usize];
             input.read_exact(&mut buffer)?;
-            BigUint::from_bytes_le(&buffer)
+            BoxedUint::from_le_slice_vartime(&buffer)
         };
 
         let d = {
             let mut buffer = vec![0; (length / 8) as usize];
             input.read_exact(&mut buffer)?;
-            BigUint::from_bytes_le(&buffer)
+            BoxedUint::from_le_slice_vartime(&buffer)
         };
 
         Ok(Self {
@@ -162,9 +160,9 @@ impl BIPrivateKey {
     ) -> Result<BISign, Error> {
         let (hash1, hash2, hash3) = generate_hashes(pbo, version, self.length)?;
 
-        let sig1 = hash1.modpow(&self.d, &self.n);
-        let sig2 = hash2.modpow(&self.d, &self.n);
-        let sig3 = hash3.modpow(&self.d, &self.n);
+        let sig1 = modpow(&hash1, &self.d, &self.n);
+        let sig2 = modpow(&hash2, &self.d, &self.n);
+        let sig3 = modpow(&hash3, &self.d, &self.n);
 
         Ok(BISign {
             version,
@@ -191,21 +189,21 @@ impl BIPrivateKey {
         output.write_all(b"\x07\x02\x00\x00\x00\x24\x00\x00")?;
         output.write_all(b"RSA2")?;
         output.write_u32::<LittleEndian>(self.length)?;
-        super::write_biguint(output, &self.exponent, 4)?;
+        super::write_boxeduint(output, &self.exponent, 4)?;
         // output.write_all(&self.exponent.to_bytes_le())?;
-        super::write_biguint(output, &self.n, (self.length / 8) as usize)?;
+        super::write_boxeduint(output, &self.n, (self.length / 8) as usize)?;
         // output.write_all(&self.n.to_bytes_le())?;
-        super::write_biguint(output, &self.p, (self.length / 16) as usize)?;
+        super::write_boxeduint(output, &self.p, (self.length / 16) as usize)?;
         // output.write_all(&self.p.to_bytes_le())?;
-        super::write_biguint(output, &self.q, (self.length / 16) as usize)?;
+        super::write_boxeduint(output, &self.q, (self.length / 16) as usize)?;
         // output.write_all(&self.q.to_bytes_le())?;
-        super::write_biguint(output, &self.dp, (self.length / 16) as usize)?;
+        super::write_boxeduint(output, &self.dp, (self.length / 16) as usize)?;
         // output.write_all(&self.dp.to_bytes_le())?;
-        super::write_biguint(output, &self.dq, (self.length / 16) as usize)?;
+        super::write_boxeduint(output, &self.dq, (self.length / 16) as usize)?;
         // output.write_all(&self.dq.to_bytes_le())?;
-        super::write_biguint(output, &self.qinv, (self.length / 16) as usize)?;
+        super::write_boxeduint(output, &self.qinv, (self.length / 16) as usize)?;
         // output.write_all(&self.qinv.to_bytes_le())?;
-        super::write_biguint(output, &self.d, (self.length / 8) as usize)?;
+        super::write_boxeduint(output, &self.d, (self.length / 8) as usize)?;
         // output.write_all(&self.d.to_bytes_le())?;
         Ok(())
     }