From 88c5a17b91bc27c3eca40cfccfe6e3c8aaf60cb0 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 11 Aug 2023 21:06:38 +0000
Subject: [PATCH 1/7] Update curve25519-dalek requirement from 3 to 4

Updates the requirements on [curve25519-dalek](https://github.com/dalek-cryptography/curve25519-dalek) to permit the latest version.
- [Release notes](https://github.com/dalek-cryptography/curve25519-dalek/releases)
- [Commits](https://github.com/dalek-cryptography/curve25519-dalek/compare/3.0.0...3.2.1)

---
updated-dependencies:
- dependency-name: curve25519-dalek
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 curve25519-parser/Cargo.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/curve25519-parser/Cargo.toml b/curve25519-parser/Cargo.toml
index 0e298544..76ad63a0 100644
--- a/curve25519-parser/Cargo.toml
+++ b/curve25519-parser/Cargo.toml
@@ -14,7 +14,7 @@ readme = "../README.md"
 [dependencies]
 der-parser = { version = "8", default-features = false}
 x25519-dalek = { version = "1", default-features = false}
-curve25519-dalek = { version = "3", default-features = false, features = ["u64_backend"]}
+curve25519-dalek = { version = "4", default-features = false, features = ["u64_backend"]}
 sha2 = { version = "0", default-features = false}
 pem = { version = "3", default-features = false}
 

From 9bd98b3f093e64e76a4003226a5f1b66b25f9aec Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 4 Sep 2023 19:21:20 +0000
Subject: [PATCH 2/7] Update x25519-dalek requirement from 1 to 2

Updates the requirements on [x25519-dalek](https://github.com/dalek-cryptography/x25519-dalek) to permit the latest version.
- [Changelog](https://github.com/dalek-cryptography/x25519-dalek/blob/main/CHANGELOG.md)
- [Commits](https://github.com/dalek-cryptography/x25519-dalek/commits)

---
updated-dependencies:
- dependency-name: x25519-dalek
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 curve25519-parser/Cargo.toml | 2 +-
 mla/Cargo.toml               | 2 +-
 mlar/Cargo.toml              | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/curve25519-parser/Cargo.toml b/curve25519-parser/Cargo.toml
index 76ad63a0..9e7a8171 100644
--- a/curve25519-parser/Cargo.toml
+++ b/curve25519-parser/Cargo.toml
@@ -13,8 +13,8 @@ readme = "../README.md"
 
 [dependencies]
 der-parser = { version = "8", default-features = false}
-x25519-dalek = { version = "1", default-features = false}
 curve25519-dalek = { version = "4", default-features = false, features = ["u64_backend"]}
+x25519-dalek = { version = "2", default-features = false}
 sha2 = { version = "0", default-features = false}
 pem = { version = "3", default-features = false}
 
diff --git a/mla/Cargo.toml b/mla/Cargo.toml
index 5f66c572..338d819a 100644
--- a/mla/Cargo.toml
+++ b/mla/Cargo.toml
@@ -28,7 +28,7 @@ ctr = { version = "0.9", default-features = false}
 subtle = { version = "2", default-features = false}
 digest = { version = "0", default-features = false}
 # ECC
-x25519-dalek = { version = "1", default-features = false}
+x25519-dalek = { version = "2", default-features = false}
 hkdf = { version = "0", default-features = false}
 sha2 = { version = "0", default-features = false}
 zeroize = { version = "1", default-features = false}
diff --git a/mlar/Cargo.toml b/mlar/Cargo.toml
index 07f271b9..aafd5fc9 100644
--- a/mlar/Cargo.toml
+++ b/mlar/Cargo.toml
@@ -18,7 +18,7 @@ glob = "0.3"
 mla = { path = "../mla", version = "1" }
 curve25519-parser = { path = "../curve25519-parser", version = "0.3" }
 rand = "0.8"
-x25519-dalek = "1"
+x25519-dalek = "2"
 humansize = {version = "2", features = ["impl_style"]}
 hex = "0.4"
 sha2 = { version = "0", default-features = false}

From 59b0a8edd094b530dbdea0db61bf8509d45126e8 Mon Sep 17 00:00:00 2001
From: Camille Mougey <camille.mougey@ssi.gouv.fr>
Date: Mon, 4 Sep 2023 22:07:06 +0200
Subject: [PATCH 3/7] bump dependencies: x25519-dalek's backend is now
 autoselect

---
 curve25519-parser/Cargo.toml | 2 +-
 mla/Cargo.toml               | 4 +---
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/curve25519-parser/Cargo.toml b/curve25519-parser/Cargo.toml
index 9e7a8171..9f740927 100644
--- a/curve25519-parser/Cargo.toml
+++ b/curve25519-parser/Cargo.toml
@@ -13,7 +13,7 @@ readme = "../README.md"
 
 [dependencies]
 der-parser = { version = "8", default-features = false}
-curve25519-dalek = { version = "4", default-features = false, features = ["u64_backend"]}
+curve25519-dalek = { version = "4", default-features = false}
 x25519-dalek = { version = "2", default-features = false}
 sha2 = { version = "0", default-features = false}
 pem = { version = "3", default-features = false}
diff --git a/mla/Cargo.toml b/mla/Cargo.toml
index 338d819a..9ea380b0 100644
--- a/mla/Cargo.toml
+++ b/mla/Cargo.toml
@@ -44,9 +44,7 @@ hex = { version = "0.4", default-features = false, features = ["alloc"]}
 static_assertions = { version = "1", default-features = false }
 
 [features]
-# x25519-dalek depends on curve25519-dalek, which requires at least one feature to be enabled
-# -> use default u64_backend (x25519-dalek's default) to have a working default compilation
-default = ["x25519-dalek/u64_backend"]
+default = []
 send = []
 
 [[bench]]

From a0bf0d6b708f7d18af09b421d0b4cb66fe93f7b9 Mon Sep 17 00:00:00 2001
From: Camille Mougey <camille.mougey@ssi.gouv.fr>
Date: Thu, 7 Sep 2023 22:33:31 +0200
Subject: [PATCH 4/7] CompressedEdwardsY now returns a Result

---
 curve25519-parser/src/lib.rs | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/curve25519-parser/src/lib.rs b/curve25519-parser/src/lib.rs
index d53a7c2b..920a51cb 100644
--- a/curve25519-parser/src/lib.rs
+++ b/curve25519-parser/src/lib.rs
@@ -211,8 +211,12 @@ pub fn parse_openssl_25519_pubkey_der(data: &[u8]) -> Result<PublicKey, Curve255
         .map_err(|_| Curve25519ParserError::InvalidData)?;
     let read_oid = ed25519_public.header.tag.as_oid()?;
     if read_oid == &ED_25519_OID {
-        if let Some(edwards_val) = CompressedEdwardsY::from_slice(&data).decompress() {
-            Ok(PublicKey::from(edwards_val.to_montgomery().to_bytes()))
+        if let Ok(compressed_edwards) = CompressedEdwardsY::from_slice(&data) {
+            if let Some(edwards_val) = compressed_edwards.decompress() {
+                Ok(PublicKey::from(edwards_val.to_montgomery().to_bytes()))
+            } else {
+                Err(Curve25519ParserError::InvalidData)
+            }
         } else {
             Err(Curve25519ParserError::InvalidData)
         }

From 5744ba8c7e5172506c0333dba7f190f35e7b3570 Mon Sep 17 00:00:00 2001
From: Camille Mougey <camille.mougey@ssi.gouv.fr>
Date: Thu, 7 Sep 2023 22:34:04 +0200
Subject: [PATCH 5/7] bump dependencies: StaticSecret is now a feature

---
 curve25519-parser/Cargo.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/curve25519-parser/Cargo.toml b/curve25519-parser/Cargo.toml
index 9f740927..5248dc6d 100644
--- a/curve25519-parser/Cargo.toml
+++ b/curve25519-parser/Cargo.toml
@@ -14,7 +14,7 @@ readme = "../README.md"
 [dependencies]
 der-parser = { version = "8", default-features = false}
 curve25519-dalek = { version = "4", default-features = false}
-x25519-dalek = { version = "2", default-features = false}
+x25519-dalek = { version = "2", default-features = false, features=["static_secrets"]}
 sha2 = { version = "0", default-features = false}
 pem = { version = "3", default-features = false}
 

From 050f9fcb42e7c9bc8224a1cac86c1896c0efdc2b Mon Sep 17 00:00:00 2001
From: user <root@localhost>
Date: Fri, 8 Sep 2023 13:51:42 +0200
Subject: [PATCH 6/7] Refactor parse_openssl_25519_pubkey_der

---
 curve25519-parser/src/lib.rs | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/curve25519-parser/src/lib.rs b/curve25519-parser/src/lib.rs
index 920a51cb..0f5cec98 100644
--- a/curve25519-parser/src/lib.rs
+++ b/curve25519-parser/src/lib.rs
@@ -211,15 +211,11 @@ pub fn parse_openssl_25519_pubkey_der(data: &[u8]) -> Result<PublicKey, Curve255
         .map_err(|_| Curve25519ParserError::InvalidData)?;
     let read_oid = ed25519_public.header.tag.as_oid()?;
     if read_oid == &ED_25519_OID {
-        if let Ok(compressed_edwards) = CompressedEdwardsY::from_slice(&data) {
-            if let Some(edwards_val) = compressed_edwards.decompress() {
-                Ok(PublicKey::from(edwards_val.to_montgomery().to_bytes()))
-            } else {
-                Err(Curve25519ParserError::InvalidData)
-            }
-        } else {
-            Err(Curve25519ParserError::InvalidData)
-        }
+        CompressedEdwardsY::from_slice(&data)
+            .ok()
+            .and_then(|c| c.decompress())
+            .map(|v| PublicKey::from(v.to_montgomery().to_bytes()))
+            .ok_or(Curve25519ParserError::InvalidData)
     } else if read_oid == &X_25519_OID {
         Ok(PublicKey::from(MontgomeryPoint(data).to_bytes()))
     } else {

From a444ed5a049584790756bca97af5e0bded6394ff Mon Sep 17 00:00:00 2001
From: user <root@localhost>
Date: Fri, 8 Sep 2023 16:57:41 +0200
Subject: [PATCH 7/7] Fix missing zeroize feature for x25519-dalek in mla lib

---
 mla/Cargo.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mla/Cargo.toml b/mla/Cargo.toml
index 9ea380b0..895c2855 100644
--- a/mla/Cargo.toml
+++ b/mla/Cargo.toml
@@ -28,7 +28,7 @@ ctr = { version = "0.9", default-features = false}
 subtle = { version = "2", default-features = false}
 digest = { version = "0", default-features = false}
 # ECC
-x25519-dalek = { version = "2", default-features = false}
+x25519-dalek = { version = "2", default-features = false, features = ["zeroize"]}
 hkdf = { version = "0", default-features = false}
 sha2 = { version = "0", default-features = false}
 zeroize = { version = "1", default-features = false}