Skip to content

Commit f021426

Browse files
author
Juliette Pretot
committed
Use the vendored version of ring
Requires updating our code to accomodate API changes since the vendored version is newer
1 parent 9ff78a6 commit f021426

File tree

3 files changed

+41
-15
lines changed

3 files changed

+41
-15
lines changed

Cargo.lock

Lines changed: 28 additions & 10 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

remote_attestation/rust/Cargo.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ anyhow = { version = "*", default-features = false }
1414
bytes = { version = "*", default-features = false }
1515
log = "*"
1616
prost = { version = "*", default-features = false, features = ["prost-derive"] }
17-
ring = "*"
17+
ring = { path = "../../third_party/ring" }
1818

1919
[build-dependencies]
2020
prost-build = "*"

remote_attestation/rust/src/crypto.rs

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -237,8 +237,13 @@ impl KeyNegotiator {
237237
let (encryption_key, decryption_key) = agreement::agree_ephemeral(
238238
self.private_key,
239239
&agreement::UnparsedPublicKey::new(KEY_AGREEMENT_ALGORITHM, peer_public_key),
240-
anyhow!("Couldn't derive session keys"),
241-
|key_material| {
240+
|key_material| -> Result<
241+
(
242+
Result<[u8; KEY_AGREEMENT_ALGORITHM_KEY_LENGTH], anyhow::Error>,
243+
Result<[u8; KEY_AGREEMENT_ALGORITHM_KEY_LENGTH], anyhow::Error>,
244+
),
245+
anyhow::Error,
246+
> {
242247
let key_material = key_material
243248
.try_into()
244249
.map_err(anyhow::Error::msg)
@@ -284,6 +289,8 @@ impl KeyNegotiator {
284289
}
285290
},
286291
)
292+
.map_err(anyhow::Error::msg)
293+
.context("Couldn't derive session keys")?
287294
.context("Couldn't agree on session keys")?;
288295
Ok((
289296
EncryptionKey(encryption_key.context("Couldn't derive encryption key")?),
@@ -351,8 +358,9 @@ impl Signer {
351358
let rng = ring::rand::SystemRandom::new();
352359
let key_pair_pkcs8 = EcdsaKeyPair::generate_pkcs8(SIGNING_ALGORITHM, &rng)
353360
.map_err(|error| anyhow!("Couldn't generate PKCS#8 key pair: {:?}", error))?;
354-
let key_pair = EcdsaKeyPair::from_pkcs8(SIGNING_ALGORITHM, key_pair_pkcs8.as_ref())
355-
.map_err(|error| anyhow!("Couldn't parse generated key pair: {:?}", error))?;
361+
let key_pair =
362+
EcdsaKeyPair::from_pkcs8(SIGNING_ALGORITHM, key_pair_pkcs8.as_ref(), &rng)
363+
.map_err(|error| anyhow!("Couldn't parse generated key pair: {:?}", error))?;
356364

357365
Ok(Self { key_pair })
358366
}

0 commit comments

Comments
 (0)