diff --git a/Cargo.lock b/Cargo.lock index db6f4aa..a797f57 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -186,6 +186,8 @@ dependencies = [ "openssl", "regex", "reqwest", + "rustls 0.21.7", + "rustls-pemfile", "serde", "serde-aux", "serde_json", @@ -852,7 +854,7 @@ dependencies = [ "random-manager", "rcgen", "rsa", - "rustls 0.21.1", + "rustls 0.21.7", "rustls-pemfile", "x509-parser 0.15.0", ] @@ -2387,7 +2389,7 @@ checksum = "0646026eb1b3eea4cd9ba47912ea5ce9cc07713d105b1a14698f4e6433d348b7" dependencies = [ "http", "hyper", - "rustls 0.21.1", + "rustls 0.21.7", "tokio", "tokio-rustls 0.24.0", ] @@ -3008,9 +3010,9 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "openssl-src" -version = "111.27.0+1.1.1v" +version = "111.28.0+1.1.1w" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "06e8f197c82d7511c5b014030c9b1efeda40d7d5f99d23b4ceed3524a5e63f02" +checksum = "3ce95ee1f6f999dfb95b8afd43ebe442758ea2104d1ccb99a94c30db22ae701f" dependencies = [ "cc", ] @@ -3769,7 +3771,7 @@ dependencies = [ "once_cell", "percent-encoding", "pin-project-lite", - "rustls 0.21.1", + "rustls 0.21.7", "rustls-native-certs", "rustls-pemfile", "serde", @@ -4035,13 +4037,13 @@ dependencies = [ [[package]] name = "rustls" -version = "0.21.1" +version = "0.21.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c911ba11bc8433e811ce56fde130ccf32f5127cab0e0194e9c68c5a5b671791e" +checksum = "cd8d6c9f025a446bc4d18ad9632e69aec8f287aa84499ee335599fabd20c3fd8" dependencies = [ "log", "ring", - "rustls-webpki", + "rustls-webpki 0.101.5", "sct", ] @@ -4059,9 +4061,9 @@ dependencies = [ [[package]] name = "rustls-pemfile" -version = "1.0.2" +version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d194b56d58803a43635bdc398cd17e383d6f71f9182b9a192c127ca42494a59b" +checksum = "2d3987094b1d07b653b7dfdc3f70ce9a1da9c51ac18c1b06b662e4f9a0e9f4b2" dependencies = [ "base64 0.21.2", ] @@ -4076,6 +4078,16 @@ dependencies = [ "untrusted", ] +[[package]] +name = "rustls-webpki" +version = "0.101.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "45a27e3b59326c16e23d30aeb7a36a24cc0d29e71d68ff611cdfb4a01d013bed" +dependencies = [ + "ring", + "untrusted", +] + [[package]] name = "rustversion" version = "1.0.12" @@ -4820,7 +4832,7 @@ version = "0.24.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e0d409377ff5b1e3ca6437aa86c1eb7d40c134bfec254e44c830defa92669db5" dependencies = [ - "rustls 0.21.1", + "rustls 0.21.7", "tokio", ] @@ -4848,7 +4860,7 @@ checksum = "ec509ac96e9a0c43427c74f003127d953a265737636129424288d27cb5c4b12c" dependencies = [ "futures-util", "log", - "rustls 0.21.1", + "rustls 0.21.7", "tokio", "tokio-rustls 0.24.0", "tungstenite 0.19.0", @@ -4996,7 +5008,7 @@ dependencies = [ "httparse", "log", "rand", - "rustls 0.21.1", + "rustls 0.21.7", "sha1", "thiserror", "url", @@ -5303,7 +5315,7 @@ version = "0.23.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b03058f88386e5ff5310d9111d53f48b17d732b401aeb83a8d5190f2ac459338" dependencies = [ - "rustls-webpki", + "rustls-webpki 0.100.1", ] [[package]] diff --git a/crates/ash_sdk/Cargo.toml b/crates/ash_sdk/Cargo.toml index 54d5d4a..fbab445 100644 --- a/crates/ash_sdk/Cargo.toml +++ b/crates/ash_sdk/Cargo.toml @@ -37,7 +37,8 @@ enum-display-derive = "0.1.1" serde_json = "1.0.96" strum = { version = "0.24", features = ["derive"] } chrono = { version = "0.4.24", features = ["clock"] } -openssl = "0.10.54" +rustls = "0.21.7" +rustls-pemfile = "1.0.3" [dev-dependencies] serial_test = "2.0.0" diff --git a/crates/ash_sdk/src/avalanche/nodes.rs b/crates/ash_sdk/src/avalanche/nodes.rs index 0c4b354..60984bf 100644 --- a/crates/ash_sdk/src/avalanche/nodes.rs +++ b/crates/ash_sdk/src/avalanche/nodes.rs @@ -8,7 +8,7 @@ use avalanche_types::{ ids::node::Id as NodeId, jsonrpc::info::{GetNodeVersionResult, UptimeResult, VmVersions}, }; -use openssl::x509::X509; +use rustls_pemfile::certs; use serde::{Deserialize, Serialize}; use std::net::{IpAddr, Ipv4Addr}; @@ -201,11 +201,9 @@ pub fn node_id_from_cert_der(cert_bytes: &[u8]) -> Result { /// Compute the node ID from the PEM-encoded X509 certificate string pub fn node_id_from_cert_pem(cert_str: &str) -> Result { - let cert = X509::from_pem(cert_str.as_bytes()) - .map_err(|e| AvalancheNodeError::InvalidCertificate(e.to_string()))?; - let cert_der = cert - .to_der() - .map_err(|e| AvalancheNodeError::InvalidCertificate(e.to_string()))?; + let cert_der = certs(&mut cert_str.as_bytes()) + .map_err(|e| AvalancheNodeError::InvalidCertificate(e.to_string()))? + .remove(0); let node_id = node_id_from_cert_der(&cert_der)?; @@ -280,8 +278,7 @@ mod tests { #[test] fn test_node_id_from_cert_der() { let cert_pem = fs::read_to_string("tests/certs/validator01.crt").unwrap(); - let cert = X509::from_pem(cert_pem.as_bytes()).unwrap(); - let cert_der = cert.to_der().unwrap(); + let cert_der = certs(&mut cert_pem.as_bytes()).unwrap().remove(0); let node_id = node_id_from_cert_der(&cert_der).unwrap();