4 files changed, 32 insertions, 27 deletions

diff --git a/src/api/Cargo.toml b/src/api/Cargo.toml
index c3208b66..bce9946e 100644
--- a/src/api/Cargo.toml
+++ b/src/api/Cargo.toml
@@ -17,17 +17,16 @@ garage_util = { version = "0.1.1", path = "../util" }
 garage_table = { version = "0.1.1", path = "../table" }
 garage_model = { version = "0.1.1", path = "../model" }
 
-err-derive = "0.2.3"
-bytes = "0.4"
-hex = "0.3"
+err-derive = "0.3"
+bytes = "1.0"
+hex = "0.4"
 base64 = "0.13"
 log = "0.4"
 chrono = "0.4"
-md-5 = "0.9.1"
-sha2 = "0.8"
-hmac = "0.7"
-crypto-mac = "0.7"
-rand = "0.7"
+md-5 = "0.9"
+sha2 = "0.9"
+hmac = "0.10"
+crypto-mac = "0.10"
 
 futures = "0.3"
 futures-util = "0.3"
@@ -38,5 +37,5 @@ hyper = "0.14"
 url = "2.1"
 httpdate = "0.3"
 percent-encoding = "2.1.0"
-roxmltree = "0.11"
+roxmltree = "0.14"
 http-range = "0.1"
diff --git a/src/api/error.rs b/src/api/error.rs
index a1681fc3..42a7ab10 100644
--- a/src/api/error.rs
+++ b/src/api/error.rs
@@ -33,7 +33,7 @@ pub enum Error {
 	InvalidBase64(#[error(source)] base64::DecodeError),
 
 	#[error(display = "Invalid XML: {}", _0)]
-	InvalidXML(#[error(source)] roxmltree::Error),
+	InvalidXML(String),
 
 	#[error(display = "Invalid header value: {}", _0)]
 	InvalidHeader(#[error(source)] hyper::header::ToStrError),
@@ -45,6 +45,12 @@ pub enum Error {
 	BadRequest(String),
 }
 
+impl From<roxmltree::Error> for Error {
+	fn from(err: roxmltree::Error) -> Self {
+		Self::InvalidXML(format!("{}", err))
+	}
+}
+
 impl Error {
 	pub fn http_status_code(&self) -> StatusCode {
 		match self {
diff --git a/src/api/s3_put.rs b/src/api/s3_put.rs
index ea3664bd..c4e3b818 100644
--- a/src/api/s3_put.rs
+++ b/src/api/s3_put.rs
@@ -5,7 +5,7 @@ use std::sync::Arc;
 use futures::stream::*;
 use hyper::{Body, Request, Response};
 use md5::{digest::generic_array::*, Digest as Md5Digest, Md5};
-use sha2::{Digest as Sha256Digest, Sha256};
+use sha2::Sha256;
 
 use garage_table::*;
 use garage_util::data::*;
@@ -188,7 +188,7 @@ async fn read_and_put_blocks(
 	let mut md5hasher = Md5::new();
 	let mut sha256hasher = Sha256::new();
 	md5hasher.update(&first_block[..]);
-	sha256hasher.input(&first_block[..]);
+	sha256hasher.update(&first_block[..]);
 
 	let mut next_offset = first_block.len();
 	let mut put_curr_version_block = put_block_meta(
@@ -208,7 +208,7 @@ async fn read_and_put_blocks(
 			futures::try_join!(put_curr_block, put_curr_version_block, chunker.next())?;
 		if let Some(block) = next_block {
 			md5hasher.update(&block[..]);
-			sha256hasher.input(&block[..]);
+			sha256hasher.update(&block[..]);
 			let block_hash = blake2sum(&block[..]);
 			let block_len = block.len();
 			put_curr_version_block = put_block_meta(
@@ -229,7 +229,7 @@ async fn read_and_put_blocks(
 	let total_size = next_offset as u64;
 	let data_md5sum = md5hasher.finalize();
 
-	let data_sha256sum = sha256hasher.result();
+	let data_sha256sum = sha256hasher.finalize();
 	let data_sha256sum = Hash::try_from(&data_sha256sum[..]).unwrap();
 
 	Ok((total_size, data_md5sum, data_sha256sum))
diff --git a/src/api/signature.rs b/src/api/signature.rs
index b3d61ff4..6dc69afa 100644
--- a/src/api/signature.rs
+++ b/src/api/signature.rs
@@ -1,7 +1,7 @@
 use std::collections::HashMap;
 
 use chrono::{DateTime, Duration, NaiveDateTime, Utc};
-use hmac::{Hmac, Mac};
+use hmac::{Hmac, Mac, NewMac};
 use hyper::{Body, Method, Request};
 use sha2::{Digest, Sha256};
 
@@ -91,8 +91,8 @@ pub async fn check_signature(
 		"s3",
 	)
 	.ok_or_internal_error("Unable to build signing HMAC")?;
-	hmac.input(string_to_sign.as_bytes());
-	let signature = hex::encode(hmac.result().code());
+	hmac.update(string_to_sign.as_bytes());
+	let signature = hex::encode(hmac.finalize().into_bytes());
 
 	if authorization.signature != signature {
 		trace!("Canonical request: ``{}``", canonical_request);
@@ -218,12 +218,12 @@ fn parse_credential(cred: &str) -> Result<(String, String), Error> {
 
 fn string_to_sign(datetime: &DateTime<Utc>, scope_string: &str, canonical_req: &str) -> String {
 	let mut hasher = Sha256::default();
-	hasher.input(canonical_req.as_bytes());
+	hasher.update(canonical_req.as_bytes());
 	[
 		"AWS4-HMAC-SHA256",
 		&datetime.format(LONG_DATETIME).to_string(),
 		scope_string,
-		&hex::encode(hasher.result().as_slice()),
+		&hex::encode(hasher.finalize().as_slice()),
 	]
 	.join("\n")
 }
@@ -236,14 +236,14 @@ fn signing_hmac(
 ) -> Result<HmacSha256, crypto_mac::InvalidKeyLength> {
 	let secret = String::from("AWS4") + secret_key;
 	let mut date_hmac = HmacSha256::new_varkey(secret.as_bytes())?;
-	date_hmac.input(datetime.format(SHORT_DATE).to_string().as_bytes());
-	let mut region_hmac = HmacSha256::new_varkey(&date_hmac.result().code())?;
-	region_hmac.input(region.as_bytes());
-	let mut service_hmac = HmacSha256::new_varkey(&region_hmac.result().code())?;
-	service_hmac.input(service.as_bytes());
-	let mut signing_hmac = HmacSha256::new_varkey(&service_hmac.result().code())?;
-	signing_hmac.input(b"aws4_request");
-	let hmac = HmacSha256::new_varkey(&signing_hmac.result().code())?;
+	date_hmac.update(datetime.format(SHORT_DATE).to_string().as_bytes());
+	let mut region_hmac = HmacSha256::new_varkey(&date_hmac.finalize().into_bytes())?;
+	region_hmac.update(region.as_bytes());
+	let mut service_hmac = HmacSha256::new_varkey(&region_hmac.finalize().into_bytes())?;
+	service_hmac.update(service.as_bytes());
+	let mut signing_hmac = HmacSha256::new_varkey(&service_hmac.finalize().into_bytes())?;
+	signing_hmac.update(b"aws4_request");
+	let hmac = HmacSha256::new_varkey(&signing_hmac.finalize().into_bytes())?;
 	Ok(hmac)
 }