1 month ago · 8adfe5b77f
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -125,9 +125,9 @@ checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b"
 
				 
			
 
				 [[package]]
			
 
				 name = "cc"
			
 
				-version = "1.2.30"
			
 
				+version = "1.2.31"
			
 
				 source = "registry+https://github.com/rust-lang/crates.io-index"
			
 
				-checksum = "deec109607ca693028562ed836a5f1c4b8bd77755c4e132fc5ce11b0b6211ae7"
			
 
				+checksum = "c3a42d84bb6b69d3a8b3eaacf0d88f179e1929695e1ad012b6cf64d9caaa5fd2"
			
 
				 dependencies = [
			
 
				  "shlex",
			
 
				 ]
			
@@ -837,9 +837,9 @@ dependencies = [
 
				 
			
 
				 [[package]]
			
 
				 name = "serde_json"
			
 
				-version = "1.0.141"
			
 
				+version = "1.0.142"
			
 
				 source = "registry+https://github.com/rust-lang/crates.io-index"
			
 
				-checksum = "30b9eff21ebe718216c6ec64e1d9ac57087aad11efc64e32002bce4a0d4c03d3"
			
 
				+checksum = "030fedb782600dcbd6f02d479bf0d817ac3bb40d644745b769d6a96bc3afc5a7"
			
 
				 dependencies = [
			
 
				  "itoa",
			
 
				  "memchr",
			
--- a/src/migration_table.rs
+++ b/src/migration_table.rs
@@ -94,7 +94,7 @@ pub fn encrypt_cred(
 
				     let mut K = MigrationKey::using_privkey(migrationkey_priv);
			
 
				     K.lox_id = Some(id);
			
 
				     K.from_bucket = Some(from_bucket);
			
 
				-    let coeff: Scalar = K.compute_MAC_coeff(&migrationkey_priv).unwrap();
			
 
				+    let coeff: Scalar = K.compute_MAC_coeff(migrationkey_priv).unwrap();
			
 
				     K.MAC.Q = Pktable * &WnafScalar::new(&coeff);
			
 
				 
			
 
				     // Compute a MAC (P, Q) on the Migration credential
			
@@ -249,8 +249,8 @@ pub fn decrypt_cred(
 
				     let mut to_bucket_bytes: [u8; 32] = [0; 32];
			
 
				     to_bucket_bytes.copy_from_slice(&plaintextbytes[..32]);
			
 
				     let to_bucket = Scalar::from_bytes_mod_order(to_bucket_bytes);
			
 
				-    let mut rng = rand::rngs::OsRng;
			
 
				-    let r = Scalar::random(&mut rng);
			
 
				+    let rng = &mut rand::thread_rng();
			
 
				+    let r = Scalar::random(rng);
			
 
				     let P = r * CompressedRistretto::from_slice(&plaintextbytes[32..64])
			
 
				         .expect("Unable to extract P from bucket")
			
 
				         .decompress()?;
			
--- a/src/proto/trust_promotion.rs
+++ b/src/proto/trust_promotion.rs
@@ -60,6 +60,7 @@ pub const UNTRUSTED_INTERVAL: u32 = 30;
 
				 muCMZProtocol! { trust_promotion<credential_expiry, eligibility_max_age>,
			
 
				     L: Lox { id: R, bucket: H, trust_level: R, level_since: H, invites_remaining: R, blockages: R },
			
 
				     M: MigrationKey { lox_id: R, from_bucket: H} ,
			
 
				+    M.lox_id = L.id,
			
 
				     M.from_bucket = L.bucket,
			
 
				     (credential_expiry..eligibility_max_age).contains(L.level_since),
			
 
				 }
			
@@ -139,7 +140,6 @@ impl BridgeAuth {
 
				             |L: &mut Lox, M: &mut MigrationKey| {
			
 
				                 L.set_privkey(&self.lox_priv);
			
 
				                 M.set_privkey(&self.migrationkey_priv);
			
 
				-                M.lox_id = L.id;
			
 
				                 let eligibility_max_age = today - UNTRUSTED_INTERVAL;
			
 
				                 Ok(trust_promotion::Params {
			
 
				                     credential_expiry: (eligibility_max_age - 511).into(),
			
@@ -239,8 +239,13 @@ mod tests {
 
				             "Trust promotion response from server should succeed"
			
 
				         );
			
 
				         let (response, enc) = trust_promo_response.unwrap();
			
 
				-        let creds =
			
 
				-            trust_promotion::handle_response(th.ba.migration_pub, tp_client_state, response, enc);
			
 
				+        let creds = trust_promotion::handle_response(
			
 
				+            th.ba.migration_pub.clone(),
			
 
				+            tp_client_state,
			
 
				+            response,
			
 
				+            enc,
			
 
				+        );
			
 
				         assert!(creds.is_ok(), "Handle response should succeed");
			
 
				+        th.verify_migration(&creds.unwrap());
			
 
				     }
			
 
				 }