chore: bump aes-gcm-siv from 0.10.3 to 0.11.1 (#1521)

anza-xyz · May 30, 2024 · 3ea11e0 · 3ea11e0
1 parent da74d4b
commit 3ea11e0
Show file tree

Hide file tree

Showing 5 changed files with 64 additions and 80 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -139,7 +139,7 @@ edition = "2021"
 [workspace.dependencies]
 Inflector = "0.11.4"
 aquamarine = "0.3.3"
-aes-gcm-siv = "0.10.3"
+aes-gcm-siv = "0.11.1"
 ahash = "0.8.10"
 anyhow = "1.0.82"
 arbitrary = "1.3.2"
@@ -482,45 +482,6 @@ crossbeam-epoch = { git = "https://github.com/solana-labs/crossbeam", rev = "fd2
 solana-program = { path = "sdk/program" }
 solana-zk-sdk = { path = "zk-sdk" }
 solana-zk-token-sdk = { path = "zk-token-sdk" }
-#
-# === zeroize versioning issues ===
-#
-# A number of packages used explicit upper bound on the `zeroize` package, such
-# as `>=1, <1.4`.  The problem is that cargo still does not duplicate `zeroize`
-# if a newer version is available and requested by another package and just
-# fails the whole dependency resolution process.
-#
-# This is described in
-#
-# https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html#multiple-requirements
-#
-# So we have to patch `zeroize` dependency specifications in the projects that
-# introduce these constraints.  They have already removed these constraints in
-# newer versions, but we have not updated yet.  As we update, we need to remove
-# these patch requests.
-#
-# When our dependencies are upgraded, we can remove these patches.  Before that
-# we might need to maintain these patches in sync with our full dependency tree.
-
-# Our dependency tree has `aes-gcm-siv` v0.10.3 and the `zeroize` restriction
-# was removed in the next commit just after the release.  So it seems safe to
-# patch to this commit.
-#
-# `aes-gcm-siv` v0.10.3 release:
-#
-# https://github.com/RustCrypto/AEADs/releases/tag/aes-gcm-siv-v0.10.3
-#
-# Corresponds to commit
-#
-# https://github.com/RustCrypto/AEADs/commit/6f16f4577a1fc839a2346cf8c5531c85a44bf5c0
-#
-# Comparison with `6105d7a5591aefa646a95d12b5e8d3f55a9214ef` pinned here:
-#
-# https://github.com/RustCrypto/AEADs/compare/aes-gcm-siv-v0.10.3..6105d7a5591aefa646a95d12b5e8d3f55a9214ef
-#
-[patch.crates-io.aes-gcm-siv]
-git = "https://github.com/RustCrypto/AEADs"
-rev = "6105d7a5591aefa646a95d12b5e8d3f55a9214ef"
 
 # Our dependency tree has `curve25519-dalek` v3.2.1.  They have removed the
 # constraint in the next major release. The commit that removes the `zeroize`

diff --git a/programs/sbf/Cargo.lock b/programs/sbf/Cargo.lock
diff --git a/zk-sdk/src/encryption/auth_encryption.rs b/zk-sdk/src/encryption/auth_encryption.rs
@@ -8,7 +8,7 @@ use {
         errors::AuthenticatedEncryptionError,
     },
     aes_gcm_siv::{
-        aead::{Aead, NewAead},
+        aead::{Aead, KeyInit},
         Aes128GcmSiv,
     },
     base64::{prelude::BASE64_STANDARD, Engine},

diff --git a/zk-token-sdk/src/encryption/auth_encryption.rs b/zk-token-sdk/src/encryption/auth_encryption.rs
@@ -25,7 +25,7 @@ use {
 #[cfg(not(target_os = "solana"))]
 use {
     aes_gcm_siv::{
-        aead::{Aead, NewAead},
+        aead::{Aead, KeyInit},
         Aes128GcmSiv,
     },
     rand::{rngs::OsRng, Rng},