Skip to content

Commit 44f0791

Browse files
author
Juliette Pretot
committed
Use the vendored version of ring
Requires updating our code to accomodate API changes since the vendored version is newer
1 parent f9375be commit 44f0791

File tree

3 files changed

+41
-15
lines changed

3 files changed

+41
-15
lines changed

Cargo.lock

Lines changed: 28 additions & 10 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

remote_attestation/rust/Cargo.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ anyhow = { version = "*", default-features = false }
1414
bytes = { version = "*", default-features = false }
1515
log = "*"
1616
prost = { version = "*", default-features = false, features = ["prost-derive"] }
17-
ring = "*"
17+
ring = { path = "../../third_party/ring" }
1818

1919
[build-dependencies]
2020
prost-build = "*"

remote_attestation/rust/src/crypto.rs

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -237,8 +237,13 @@ impl KeyNegotiator {
237237
let (encryption_key, decryption_key) = agreement::agree_ephemeral(
238238
self.private_key,
239239
&agreement::UnparsedPublicKey::new(KEY_AGREEMENT_ALGORITHM, peer_public_key),
240-
anyhow!("Couldn't derive session keys"),
241-
|key_material| {
240+
|key_material| -> Result<
241+
(
242+
Result<[u8; KEY_AGREEMENT_ALGORITHM_KEY_LENGTH], anyhow::Error>,
243+
Result<[u8; KEY_AGREEMENT_ALGORITHM_KEY_LENGTH], anyhow::Error>,
244+
),
245+
anyhow::Error,
246+
> {
242247
let key_material = key_material
243248
.try_into()
244249
.map_err(anyhow::Error::msg)
@@ -284,6 +289,8 @@ impl KeyNegotiator {
284289
}
285290
},
286291
)
292+
.map_err(anyhow::Error::msg)
293+
.context("Couldn't derive session keys")?
287294
.context("Couldn't agree on session keys")?;
288295
Ok((
289296
EncryptionKey(encryption_key.context("Couldn't derive encryption key")?),
@@ -351,8 +358,9 @@ impl Signer {
351358
let rng = ring::rand::SystemRandom::new();
352359
let key_pair_pkcs8 = EcdsaKeyPair::generate_pkcs8(SIGNING_ALGORITHM, &rng)
353360
.map_err(|error| anyhow!("Couldn't generate PKCS#8 key pair: {:?}", error))?;
354-
let key_pair = EcdsaKeyPair::from_pkcs8(SIGNING_ALGORITHM, key_pair_pkcs8.as_ref())
355-
.map_err(|error| anyhow!("Couldn't parse generated key pair: {:?}", error))?;
361+
let key_pair =
362+
EcdsaKeyPair::from_pkcs8(SIGNING_ALGORITHM, key_pair_pkcs8.as_ref(), &rng)
363+
.map_err(|error| anyhow!("Couldn't parse generated key pair: {:?}", error))?;
356364

357365
Ok(Self { key_pair })
358366
}

0 commit comments

Comments
 (0)