From 76e7c9377fdf549f7980847f551e89dca96e9089 Mon Sep 17 00:00:00 2001
From: Ralph Giles <rgiles@brave.com>
Date: Thu, 9 May 2024 14:43:23 -0700
Subject: [PATCH 1/2] Remove unmaintained rust-crypto dependency

Replace this with calls to the same `sha3` crate used for SHAKE.
Work around conflicts between the digest::Update and digest::Digest
traits with explicit method calls on the type name.

Addresses https://rustsec.org/advisories/RUSTSEC-2016-0005
---
 acl/Cargo.toml                  |  1 -
 acl/src/config.rs               | 15 ++++++---------
 boomerang/Cargo.toml            |  1 -
 pedersen/Cargo.toml             |  1 -
 pedersen/src/pedersen_config.rs | 17 +++++++----------
 5 files changed, 13 insertions(+), 22 deletions(-)

diff --git a/acl/Cargo.toml b/acl/Cargo.toml
index 9158ce8..2099e93 100644
--- a/acl/Cargo.toml
+++ b/acl/Cargo.toml
@@ -15,4 +15,3 @@ merlin = { version = "3.0.0"}
 num-bigint = { version = "0.4", default-features = false }
 sha3 = { version = "0.9.1", default-features = false }
 digest = { version = "0.9.0", default-features = false }
-rust-crypto = "^0.2"
diff --git a/acl/src/config.rs b/acl/src/config.rs
index 35a78bd..563a298 100644
--- a/acl/src/config.rs
+++ b/acl/src/config.rs
@@ -50,17 +50,14 @@ impl<A: ACLConfig> Clone for KeyPair<A> {
 
 impl<A: ACLConfig> KeyPair<A> {
     pub fn affine_from_bytes_tai(bytes: &[u8]) -> sw::Affine<A> {
-        extern crate crypto;
-        use crypto::digest::Digest;
-        use crypto::sha3::Sha3;
+        use sha3::{Digest, Sha3_256};
 
         for i in 0..=u8::max_value() {
-            let mut sha = Sha3::sha3_256();
-            sha.input(bytes);
-            sha.input(&[i]);
-            let mut buf = [0u8; 32];
-            sha.result(&mut buf);
-            let res = sw::Affine::<A>::from_random_bytes(&buf);
+            let mut sha = Sha3_256::new();
+            Digest::update(&mut sha, bytes);
+            Digest::update(&mut sha, &[i]);
+            let hash = sha.finalize();
+            let res = sw::Affine::<A>::from_random_bytes(hash.as_slice());
             if let Some(point) = res {
                 return point;
             }
diff --git a/boomerang/Cargo.toml b/boomerang/Cargo.toml
index 82e0a9b..ae5a954 100644
--- a/boomerang/Cargo.toml
+++ b/boomerang/Cargo.toml
@@ -17,4 +17,3 @@ merlin = { version = "3.0.0"}
 num-bigint = { version = "0.4", default-features = false }
 sha3 = { version = "0.9.1", default-features = false }
 digest = { version = "0.9.0", default-features = false }
-rust-crypto = "^0.2"
diff --git a/pedersen/Cargo.toml b/pedersen/Cargo.toml
index fdb12f8..4c82f11 100644
--- a/pedersen/Cargo.toml
+++ b/pedersen/Cargo.toml
@@ -15,4 +15,3 @@ merlin = { version = "3.0.0"}
 num-bigint = { version = "0.4", default-features = false }
 sha3 = { version = "0.9.1", default-features = false }
 digest = { version = "0.9.0", default-features = false }
-rust-crypto = "^0.2"
diff --git a/pedersen/src/pedersen_config.rs b/pedersen/src/pedersen_config.rs
index 57847ba..35f638d 100644
--- a/pedersen/src/pedersen_config.rs
+++ b/pedersen/src/pedersen_config.rs
@@ -452,17 +452,14 @@ impl<P: PedersenConfig> PedersenComm<P> {
     }
 
     pub fn affine_from_bytes_tai(bytes: &[u8]) -> sw::Affine<P> {
-        extern crate crypto;
-        use crypto::digest::Digest;
-        use crypto::sha3::Sha3;
-
+        use sha3::{Digest, Sha3_256};
+        // Try a deterministic sequence of hashes to find a valid point.
         for i in 0..=u8::max_value() {
-            let mut sha = Sha3::sha3_256();
-            sha.input(bytes);
-            sha.input(&[i]);
-            let mut buf = [0u8; 32];
-            sha.result(&mut buf);
-            let res = sw::Affine::<P>::from_random_bytes(&buf);
+            let mut sha = Sha3_256::new();
+            Digest::update(&mut sha, bytes);
+            Digest::update(&mut sha, &[i]);
+            let hash = sha.finalize();
+            let res = sw::Affine::<P>::from_random_bytes(hash.as_slice());
             if let Some(point) = res {
                 return point;
             }

From d4d3781595b3f7ccd0d2df92c049005f0a469c35 Mon Sep 17 00:00:00 2001
From: Ralph Giles <rgiles@brave.com>
Date: Thu, 9 May 2024 14:59:45 -0700
Subject: [PATCH 2/2] clippy

The `update` method takes an `AsRef<[u8]>` which is implemented
for bare arrays as well as slices.
---
 acl/src/config.rs               | 2 +-
 pedersen/src/pedersen_config.rs | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/acl/src/config.rs b/acl/src/config.rs
index 563a298..c16ad1b 100644
--- a/acl/src/config.rs
+++ b/acl/src/config.rs
@@ -55,7 +55,7 @@ impl<A: ACLConfig> KeyPair<A> {
         for i in 0..=u8::max_value() {
             let mut sha = Sha3_256::new();
             Digest::update(&mut sha, bytes);
-            Digest::update(&mut sha, &[i]);
+            Digest::update(&mut sha, [i]);
             let hash = sha.finalize();
             let res = sw::Affine::<A>::from_random_bytes(hash.as_slice());
             if let Some(point) = res {
diff --git a/pedersen/src/pedersen_config.rs b/pedersen/src/pedersen_config.rs
index 35f638d..7e6df09 100644
--- a/pedersen/src/pedersen_config.rs
+++ b/pedersen/src/pedersen_config.rs
@@ -457,7 +457,7 @@ impl<P: PedersenConfig> PedersenComm<P> {
         for i in 0..=u8::max_value() {
             let mut sha = Sha3_256::new();
             Digest::update(&mut sha, bytes);
-            Digest::update(&mut sha, &[i]);
+            Digest::update(&mut sha, [i]);
             let hash = sha.finalize();
             let res = sw::Affine::<P>::from_random_bytes(hash.as_slice());
             if let Some(point) = res {