contentauth · scouten-adobe · Sep 25, 2024 · Sep 24, 2024 · Sep 24, 2024 · Sep 24, 2024
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -16,7 +16,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [windows-latest, macos-latest, ubuntu-latest]
-        rust_version: [stable, 1.74.0]
+        rust_version: [stable, 1.76.0]
 
     steps:
       - name: Checkout repository
@@ -41,7 +41,7 @@ jobs:
       fail-fast: false
       matrix:
         target: [aarch64-unknown-linux-gnu]
-        rust_version: [stable, 1.74.0]
+        rust_version: [stable, 1.76.0]
 
     steps:
       - name: Checkout repository

diff --git a/README.md b/README.md
@@ -44,7 +44,7 @@ We welcome contributions to this project.  For information on contributing, prov
 
 ## Requirements
 
-The library requires **Rust version 1.74.0** or newer.
+The library requires **Rust version 1.76.0** or newer.
 
 ### Supported platforms
 

diff --git a/export_schema/Cargo.toml b/export_schema/Cargo.toml
@@ -4,7 +4,7 @@ version = "0.36.0"
 authors = ["Dave Kozma <dkozma@adobe.com>"]
 license = "MIT OR Apache-2.0"
 edition = "2018"
-rust-version = "1.74.0"
+rust-version = "1.76.0"
 
 [dependencies]
 anyhow = "1.0.40"

diff --git a/make_test_images/Cargo.toml b/make_test_images/Cargo.toml
@@ -4,7 +4,7 @@ version = "0.36.0"
 authors = ["Gavin Peacock <gpeacock@adobe.com>"]
 license = "MIT OR Apache-2.0"
 edition = "2021"
-rust-version = "1.74.0"
+rust-version = "1.76.0"
 
 [dependencies]
 anyhow = "1.0.40"

diff --git a/sdk/Cargo.toml b/sdk/Cargo.toml
@@ -18,7 +18,7 @@ readme = "../README.md"
 keywords = ["xmp", "metadata"]
 categories = ["api-bindings"]
 edition = "2021"
-rust-version = "1.74.0"
+rust-version = "1.76.0"
 exclude = ["tests/fixtures"]
 
 [package.metadata.docs.rs]
@@ -72,10 +72,10 @@ async-trait = { version = "0.1.77" }
 atree = "0.5.2"
 base64 = "0.22.1"
 bcder = "0.7.3"
-bytes = "1.4.0"
+bytes = "1.7.2"
 byteorder = { version = "1.4.3", default-features = false }
 byteordered = "0.6.0"
-chrono = { version = "0.4.28", default-features = false, features = [
+chrono = { version = "0.4.38", default-features = false, features = [
     "serde",
     "wasmbind",
 ] }
@@ -94,24 +94,22 @@ ed25519-dalek = "2.1.1"
 fast-xml = "0.23.1"
 hex = "0.4.3"
 # Version 1.13.0 doesn't compile under Rust < 1.75, pinning to 1.12.0
-id3 = "=1.12.0"
+id3 = "=1.14.0"
 img-parts = "0.3.0"
 jfifdump = "0.5.1"
 log = "0.4.8"
 lopdf = { version = "0.31.0", optional = true }
 lazy_static = "1.4.0"
 memchr = "2.7.1"
-multibase = "0.9.0"
-multihash = "0.11.4"
 mp4 = "0.13.0"
 pem = "3.0.2"
 png_pong = "0.9.1"
 rand = "0.8.5"
 rand_chacha = "0.3.1"
 range-set = "0.0.11"
-rasn-ocsp = "0.12.5"
-rasn-pkix = "0.12.5"
-rasn = "0.12.5"
+rasn-ocsp = "0.18.0"
+rasn-pkix = "0.18.0"
+rasn = "0.18.0"
 riff = "2.0.0"
 schemars = { version = "0.8.21", optional = true }
 serde = { version = "1.0.197", features = ["derive"] }
@@ -121,13 +119,14 @@ serde_derive = "1.0.197"
 serde_json = { version = "1.0.117", features = ["preserve_order"] }
 serde_with = "3.4.0"
 serde-transcode = "1.1.1"
+sha1 = "0.10.6"
 sha2 = "0.10.6"
 tempfile = "3.10.1"
 thiserror = "1.0.61"
 treeline = "0.1.0"
 url = "2.5.2"
-uuid = { version = "1.7.0", features = ["serde", "v4", "js"] }
-x509-parser = "0.15.1"
+uuid = { version = "1.10.0", features = ["serde", "v4", "js"] }
+x509-parser = "0.16.0"
 x509-certificate = "0.21.0"
 zip = { version = "0.6.6", default-features = false }
 
@@ -151,7 +150,7 @@ js-sys = "0.3.58"
 rand_core = "0.9.0-alpha.2"
 rsa = { version = "0.9.6", features = ["sha2"] }
 serde-wasm-bindgen = "0.5.0"
-spki = "0.6.0"
+spki = "0.7.3"
 wasm-bindgen = "0.2.83"
 wasm-bindgen-futures = "0.4.31"
 web-sys = { version = "0.3.58", features = [

diff --git a/sdk/src/asset_handlers/mp3_io.rs b/sdk/src/asset_handlers/mp3_io.rs
@@ -100,7 +100,7 @@ fn get_manifest_pos(input_stream: &mut dyn CAIRead) -> Option<(u64, u32)> {
         reader: input_stream,
     };
 
-    if let Ok(tag) = Tag::read_from(reader) {
+    if let Ok(tag) = Tag::read_from2(reader) {
         let mut manifests = Vec::new();
 
         for eo in tag.encapsulated_objects() {
@@ -133,7 +133,7 @@ impl CAIReader for Mp3IO {
 
         let mut manifest: Option<Vec<u8>> = None;
 
-        if let Ok(tag) = Tag::read_from(input_stream) {
+        if let Ok(tag) = Tag::read_from2(input_stream) {
             for eo in tag.encapsulated_objects() {
                 if eo.mime_type == GEOB_FRAME_MIME_TYPE {
                     match manifest {
@@ -152,7 +152,7 @@ impl CAIReader for Mp3IO {
     fn read_xmp(&self, input_stream: &mut dyn CAIRead) -> Option<String> {
         input_stream.rewind().ok()?;
 
-        if let Ok(tag) = Tag::read_from(input_stream) {
+        if let Ok(tag) = Tag::read_from2(input_stream) {
             for frame in tag.frames() {
                 if let Content::Private(private) = frame.content() {
                     if &private.owner_identifier == "XMP" {
@@ -198,7 +198,7 @@ impl RemoteRefEmbed for Mp3IO {
                 let reader = CAIReadWrapper {
                     reader: source_stream,
                 };
-                if let Ok(tag) = Tag::read_from(reader) {
+                if let Ok(tag) = Tag::read_from2(reader) {
                     for f in tag.frames() {
                         match f.content() {
                             Content::Private(private) => {
@@ -222,8 +222,7 @@ impl RemoteRefEmbed for Mp3IO {
                 let frame = Frame::with_content(
                     "PRIV",
                     Content::Private(Private {
-                        // Null-terminated
-                        owner_identifier: "XMP\0".to_owned(),
+                        owner_identifier: "XMP".to_owned(),
                         private_data: xmp.into_bytes(),
                     }),
                 );
@@ -358,7 +357,7 @@ impl CAIWriter for Mp3IO {
             reader: input_stream,
         };
 
-        if let Ok(tag) = Tag::read_from(reader) {
+        if let Ok(tag) = Tag::read_from2(reader) {
             for f in tag.frames() {
                 match f.content() {
                     // remove existing manifest keeping existing frames

diff --git a/sdk/src/cose_validator.rs b/sdk/src/cose_validator.rs
@@ -212,15 +212,15 @@ pub(crate) fn check_cert(
 
             let (_i, (ha_alg, mgf_ai)) = seq
                 .parse(|i| {
-                    let (i, h) = Header::from_der(i)?;
+                    let (i, h) = <Header as asn1_rs::FromDer>::from_der(i)?;
                     if h.class() != Class::ContextSpecific || h.tag() != Tag(0) {
                         return Err(nom::Err::Error(asn1_rs::Error::BerValueError));
                     }
 
                     let (i, ha_alg) = AlgorithmIdentifier::from_der(i)
                         .map_err(|_| nom::Err::Error(asn1_rs::Error::BerValueError))?;
 
-                    let (i, h) = Header::from_der(i)?;
+                    let (i, h) = <Header as asn1_rs::FromDer>::from_der(i)?;
                     if h.class() != Class::ContextSpecific || h.tag() != Tag(1) {
                         return Err(nom::Err::Error(asn1_rs::Error::BerValueError));
                     }
@@ -240,14 +240,15 @@ pub(crate) fn check_cert(
                 .map_err(|_| Error::CoseInvalidCert)?;
 
             let (_i, mgf_ai_params_algorithm) =
-                Any::from_der(&mgf_ai_parameters.content).map_err(|_| Error::CoseInvalidCert)?;
+                <Any as asn1_rs::FromDer>::from_der(&mgf_ai_parameters.content)
+                    .map_err(|_| Error::CoseInvalidCert)?;
 
             let mgf_ai_params_algorithm = mgf_ai_params_algorithm
                 .as_oid()
                 .map_err(|_| Error::CoseInvalidCert)?;
 
             // must be the same
-            if ha_alg.algorithm != mgf_ai_params_algorithm {
+            if ha_alg.algorithm.to_id_string() != mgf_ai_params_algorithm.to_id_string() {
                 let log_item = log_item!(
                     "Cose_Sign1",
                     "certificate algorithm error",

diff --git a/sdk/src/ingredient.rs b/sdk/src/ingredient.rs
@@ -751,13 +751,12 @@ impl Ingredient {
                                 .verify_from_path(path, &mut validation_log)
                                 .map(|_| store)
                         })
-                        .map_err(|e| {
+                        .inspect_err(|e| {
                             // add a log entry for the error so we act like verify
                             validation_log.log_silent(
                                 log_item!("asset", "error loading file", "Ingredient::from_file")
-                                    .set_error(&e),
+                                    .set_error(e),
                             );
-                            e
                         }),
                     Some(manifest_bytes),
                 )
@@ -884,13 +883,12 @@ impl Ingredient {
             };
 
             (
-                result.map_err(|e| {
+                result.inspect_err(|e| {
                     // add a log entry for the error so we act like verify
                     validation_log.log_silent(
                         log_item!("asset", "error loading file", "Ingredient::from_file")
-                            .set_error(&e),
+                            .set_error(e),
                     );
-                    e
                 }),
                 Some(manifest_bytes),
             )

diff --git a/sdk/src/ocsp_utils.rs b/sdk/src/ocsp_utils.rs
@@ -142,7 +142,7 @@ pub(crate) fn fetch_ocsp_response(certs: &[Vec<u8>]) -> Option<Vec<u8>> {
             let request_list = vec![ocsp_req];
 
             let tbs_request = rasn_ocsp::TbsRequest {
-                version: rasn_ocsp::Version::parse_bytes(b"0", 16)?,
+                version: rasn_ocsp::Version::from(0u8),
                 requestor_name: None,
                 request_list,
                 request_extensions: None,

diff --git a/sdk/src/store.rs b/sdk/src/store.rs
@@ -3283,11 +3283,10 @@ impl Store {
 
                 Ok(store)
             })
-            .map_err(|e| {
+            .inspect_err(|e| {
                 validation_log.log_silent(
-                    log_item!("asset", "error loading file", "load_from_asset").set_error(&e),
+                    log_item!("asset", "error loading file", "load_from_asset").set_error(e),
                 );
-                e
             })
     }
 
@@ -3297,11 +3296,10 @@ impl Store {
         validation_log: &mut impl StatusTracker,
     ) -> Result<Store> {
         // load jumbf if available
-        Self::load_cai_from_memory(asset_type, data, validation_log).map_err(|e| {
+        Self::load_cai_from_memory(asset_type, data, validation_log).inspect_err(|e| {
             validation_log.log_silent(
-                log_item!("asset", "error loading asset", "get_store_from_memory").set_error(&e),
+                log_item!("asset", "error loading asset", "get_store_from_memory").set_error(e),
             );
-            e
         })
     }
 

diff --git a/sdk/src/trust_handler.rs b/sdk/src/trust_handler.rs
@@ -30,7 +30,7 @@ pub(crate) static DOCUMENT_SIGNING_OID: Oid<'static> = oid!(1.3.6 .1 .5 .5 .7 .3
 // Trait for supply configuration and handling of trust lists and EKU configuration store
 //
 // `RefUnwindSafe` + `UnwindSafe` were added to ensure `Store` is unwind safe and to preserve
-// backwards compatbility.
+// backwards compatibility.
 pub(crate) trait TrustHandlerConfig: RefUnwindSafe + UnwindSafe + Sync + Send {
     fn new() -> Self
     where
@@ -88,7 +88,7 @@ pub(crate) fn has_allowed_oid<'a>(
     let mut last_oid = None;
     if eku.other.iter().any(|v| {
         allowed_ekus.iter().any(|oid| {
-            if oid == v {
+            if oid.to_id_string() == v.to_id_string() {
                 last_oid = Some(oid);
                 true
             } else {