update dependencies

It's been a long time since i've given this
project some love, so this is the price i have
to pay for it.  The ActivityPub stuff is
seriously screwed because it uses an outdated
version of HashBrown and rdf-types seems to have
changed some of its API, too.  That's gonna take
a while to clean up.

Cargo.toml

@@ -6,7 +6,7 @@ edition = "2021"
 [dependencies]
 actix-rt = "2.7"
 actix-web = "4"
-argon2 = "0.4"
+argon2 = "0.5.1"
 async-trait = "0.1.59"
 base64 = "0.21"
 bytes = "1.3"
@@ -21,15 +21,15 @@ locspan = "0.7"
 log = "0.4"
 mime = "0.3"
 openssl = "0.10"
-pretty_env_logger = "0.4"
+pretty_env_logger = "0.5.0"
 rand = "0.8"
 rdf-types = "0.12"
 reqwest = { version = "0.11", features = [ "rustls" ] }
-rsa = { version = "0.8", features = [ "sha2" ] }
+rsa = { version = "0.9.2", features = [ "sha2" ] }
 serde = { version = "1.0", features = [ "derive" ] }
 serde_json = "1.0"
 serde_test = "1.0"
-sqlx = { version = "0.6", features = [ "chrono", "postgres", "runtime-actix-rustls", "uuid" ] }
+sqlx = { version = "0.7.1", features = [ "chrono", "postgres", "runtime-tokio", "tls-rustls", "uuid" ] }
 static-iref = "2"
 tokio = "1.23"
 uuid = { version = "1.2", features = [ "v4" ] }

src/util/crypto.rs

@@ -6,7 +6,7 @@ use rsa::{
     },
     rand_core::OsRng,
     sha2::Sha256,
-    signature::{RandomizedSigner, Verifier},
+    signature::{RandomizedSigner, SignatureEncoding, Verifier},
     RsaPrivateKey, RsaPublicKey,
 };
 use serde::{Deserialize, Deserializer, Serialize, Serializer};
@@ -86,8 +86,9 @@ impl PubKey {
 
     pub async fn verify(&self, data: &[u8], signature: &[u8]) -> Result<()> {
         let pkey = self.get_pkey().await?;
-        let signature = Signature::from(Box::from(signature));
-        let verifying_key: VerifyingKey<Sha256> = VerifyingKey::new_with_prefix(pkey.clone());
+        let signature =
+            Signature::try_from(signature).map_err(|_| crate::core::Error::BadSignature)?;
+        let verifying_key: VerifyingKey<Sha256> = VerifyingKey::new(pkey.clone());
         verifying_key
             .verify(data, &signature)
             .map_err(|_| crate::core::Error::BadSignature)
@@ -110,7 +111,11 @@ impl PrivKey {
     /// Generate a new private key.
     pub fn new() -> Result<PrivKey> {
         let pkey = RsaPrivateKey::new(&mut OsRng, DEFAULT_KEY_SIZE).map_err(Error::from)?;
-        let der = pkey.to_public_key_der().map_err(Error::from)?.into_vec();
+        let der = pkey
+            .to_public_key()
+            .to_public_key_der()
+            .map_err(Error::from)?
+            .into_vec();
         Ok(PrivKey {
             pkey: OnceCell::from(pkey),
             der,
@@ -135,9 +140,9 @@ impl PrivKey {
 
     pub async fn sign(&self, data: &[u8]) -> Result<Vec<u8>> {
         let pkey = self.get_pkey().await?;
-        let signing_key: SigningKey<Sha256> = SigningKey::new_with_prefix(pkey.clone());
+        let signing_key: SigningKey<Sha256> = SigningKey::new(pkey.clone());
         let signature = signing_key.sign_with_rng(&mut OsRng, data);
-        Ok(Vec::from(signature.as_ref()))
+        Ok(Vec::from(signature.to_bytes()))
     }
 
     async fn get_pkey(&self) -> Result<&RsaPrivateKey> {