tuxmain/boring-rustls-provider
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Clippy

Browse source
This commit is contained in:
Jan Rüth 2023-11-24 16:08:52 +01:00 committed by Jan
commit 6f1394e4b4
9 changed files with 34 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

16
boring-additions/src/aead/mod.rs
View file

@ -159,21 +159,21 @@ mod tests {
fn in_out() {
let key = Crypter::new(super::Algorithm::aes_128_gcm(), &[0u8; 16]).unwrap();
let nonce = [0u8; 12];
let associated_data = "this is signed".as_bytes();
let associated_data = b"this is signed";
let mut buffer = Vec::with_capacity(26);
buffer.push('A' as u8);
buffer.push('B' as u8);
buffer.push('C' as u8);
buffer.push('D' as u8);
buffer.push('E' as u8);
buffer.push(b'A');
buffer.push(b'B');
buffer.push(b'C');
buffer.push(b'D');
buffer.push(b'E');
let mut tag = [0u8; 16];
key.seal_in_place(&nonce, &associated_data, buffer.as_mut_slice(), &mut tag)
key.seal_in_place(&nonce, associated_data, buffer.as_mut_slice(), &mut tag)
.unwrap();
println!("Encrypted: {:02X?}, Tag: {:02X?}", buffer, tag);
key.open_in_place(&nonce, &associated_data, buffer.as_mut_slice(), &tag[..])
key.open_in_place(&nonce, associated_data, buffer.as_mut_slice(), &tag[..])
.unwrap();
println!("Plaintext: {}", String::from_utf8(buffer).unwrap());

8
boring-rustls-provider/src/aead.rs
View file

@ -13,7 +13,7 @@ pub(crate) mod chacha20;
pub(crate) trait BoringCipher {
/// Constructs a new instance of this cipher as an AEAD algorithm
fn new() -> Algorithm;
fn new_cipher() -> Algorithm;
/// The key size in bytes
fn key_size() -> usize;
/// The IV's fixed length (Not the full IV length, only the part that doesn't change).
@ -55,7 +55,7 @@ impl<T: BoringAead> BoringAeadCrypter<T> {
_ => false,
});
let cipher = <T as BoringCipher>::new();
let cipher = <T as BoringCipher>::new_cipher();
assert_eq!(
cipher.nonce_len(),
@ -81,7 +81,7 @@ impl<T: BoringAead> aead::AeadInPlace for BoringAeadCrypter<T> {
) -> aead::Result<Tag<Self>> {
let mut tag = Tag::<Self>::default();
self.crypter
.seal_in_place(&nonce, &associated_data, buffer, &mut tag)
.seal_in_place(nonce, associated_data, buffer, &mut tag)
.map_err(|e| error_stack_to_aead_error("seal_in_place", e))?;
Ok(tag)
@ -95,7 +95,7 @@ impl<T: BoringAead> aead::AeadInPlace for BoringAeadCrypter<T> {
tag: &Tag<Self>,
) -> aead::Result<()> {
self.crypter
.open_in_place(&nonce, &associated_data, buffer, tag)
.open_in_place(nonce, associated_data, buffer, tag)
.map_err(|e| error_stack_to_aead_error("open_in_place", e))?;
Ok(())
}

8
boring-rustls-provider/src/aead/aes.rs
View file

@ -10,7 +10,7 @@ unsafe impl Send for Aes128 {}
unsafe impl Sync for Aes128 {}
impl BoringCipher for Aes128 {
fn new() -> Algorithm {
fn new_cipher() -> Algorithm {
Algorithm::aes_128_gcm()
}
@ -44,7 +44,7 @@ unsafe impl Send for Aes256 {}
unsafe impl Sync for Aes256 {}
impl BoringCipher for Aes256 {
fn new() -> Algorithm {
fn new_cipher() -> Algorithm {
Algorithm::aes_256_gcm()
}
@ -82,7 +82,7 @@ mod tests {
#[test]
fn ensure_aes128_aead_core() {
let alg = Aes128::new();
let alg = Aes128::new_cipher();
let nonce = Nonce::<Aes128>::default();
assert_eq!(nonce.len(), alg.nonce_len());
let tag = Tag::<Aes128>::default();
@ -94,7 +94,7 @@ mod tests {
#[test]
fn ensure_aes256_aead_core() {
let alg = Aes256::new();
let alg = Aes256::new_cipher();
let nonce = Nonce::<Aes256>::default();
assert_eq!(nonce.len(), alg.nonce_len());
let tag = Tag::<Aes256>::default();

4
boring-rustls-provider/src/aead/chacha20.rs
View file

@ -13,7 +13,7 @@ unsafe impl Send for ChaCha20Poly1305 {}
unsafe impl Sync for ChaCha20Poly1305 {}
impl BoringCipher for ChaCha20Poly1305 {
fn new() -> Algorithm {
fn new_cipher() -> Algorithm {
Algorithm::chacha20_poly1305()
}
@ -51,7 +51,7 @@ mod tests {
#[test]
fn ensure_aead_core() {
let alg = ChaCha20Poly1305::new();
let alg = ChaCha20Poly1305::new_cipher();
let nonce = Nonce::<ChaCha20Poly1305>::default();
assert_eq!(nonce.len(), alg.nonce_len());
let tag = Tag::<ChaCha20Poly1305>::default();

21
boring-rustls-provider/src/hkdf.rs
View file

@ -1,24 +1,25 @@
use std::marker::PhantomData;
use boring::hash::MessageDigest;
use rustls::crypto::tls13::{self, Hkdf as RustlsHkdf};
use crate::helper::{cvt, cvt_p};
pub trait BoringHash: Send + Sync {
fn new() -> boring::hash::MessageDigest;
fn new_hash() -> MessageDigest;
}
pub struct Sha256();
impl BoringHash for Sha256 {
fn new() -> boring::hash::MessageDigest {
boring::hash::MessageDigest::sha256()
fn new_hash() -> MessageDigest {
MessageDigest::sha256()
}
}
pub struct Sha384();
impl BoringHash for Sha384 {
fn new() -> boring::hash::MessageDigest {
boring::hash::MessageDigest::sha384()
fn new_hash() -> MessageDigest {
MessageDigest::sha384()
}
}
@ -38,7 +39,7 @@ impl<T: BoringHash> RustlsHkdf for Hkdf<T> {
&self,
salt: Option<&[u8]>,
) -> Box<dyn rustls::crypto::tls13::HkdfExpander> {
let hash_size = T::new().size();
let hash_size = T::new_hash().size();
let secret = [0u8; boring_sys::EVP_MAX_MD_SIZE as usize];
let secret_len = hash_size;
@ -54,7 +55,7 @@ impl<T: BoringHash> RustlsHkdf for Hkdf<T> {
salt: Option<&[u8]>,
secret: &[u8],
) -> Box<dyn rustls::crypto::tls13::HkdfExpander> {
let digest = T::new();
let digest = T::new_hash();
let hash_size = digest.size();
let mut prk = [0u8; boring_sys::EVP_MAX_MD_SIZE as usize];
@ -101,7 +102,7 @@ impl<T: BoringHash> RustlsHkdf for Hkdf<T> {
Box::new(HkdfExpander {
prk,
prk_len,
digest: T::new(),
digest: T::new_hash(),
})
}
@ -110,7 +111,7 @@ impl<T: BoringHash> RustlsHkdf for Hkdf<T> {
key: &rustls::crypto::tls13::OkmBlock,
message: &[u8],
) -> rustls::crypto::hmac::Tag {
let digest = T::new();
let digest = T::new_hash();
let mut hash = [0u8; boring_sys::EVP_MAX_MD_SIZE as usize];
let mut hash_len = 0u32;
unsafe {
@ -132,7 +133,7 @@ impl<T: BoringHash> RustlsHkdf for Hkdf<T> {
pub struct HkdfExpander {
prk: [u8; boring_sys::EVP_MAX_MD_SIZE as usize],
prk_len: usize,
digest: boring::hash::MessageDigest,
digest: MessageDigest,
}
impl tls13::HkdfExpander for HkdfExpander {

4
boring-rustls-provider/src/kx/dh.rs
View file

@ -110,8 +110,8 @@ mod tests {
let alice = DhKeyExchange::generate_ffdhe_2048().unwrap();
let bob = DhKeyExchange::generate_ffdhe_2048().unwrap();
let shared_secret1 = alice.diffie_hellman(&bob.pub_key()).unwrap();
let shared_secret2 = bob.diffie_hellman(&alice.pub_key()).unwrap();
let shared_secret1 = alice.diffie_hellman(bob.pub_key()).unwrap();
let shared_secret2 = bob.diffie_hellman(alice.pub_key()).unwrap();
assert_eq!(shared_secret1, shared_secret2)
}

2
boring-rustls-provider/src/sign.rs
View file

@ -58,7 +58,7 @@ fn rsa_signer_from_params(
digest: MessageDigest,
padding: Padding,
) -> Signer {
let mut signer = Signer::new(digest.clone(), key).expect("failed getting signer");
let mut signer = Signer::new(digest, key).expect("failed getting signer");
signer
.set_rsa_padding(padding)
.expect("failed setting padding");

3
boring-rustls-provider/src/verify/ec.rs
View file

@ -75,8 +75,7 @@ fn ec_verifier_from_params(
key: &boring::pkey::PKeyRef<boring::pkey::Public>,
digest: MessageDigest,
) -> boring::sign::Verifier {
let verifier =
boring::sign::Verifier::new(digest.clone(), key).expect("failed getting verifier");
let verifier = boring::sign::Verifier::new(digest, key).expect("failed getting verifier");
verifier
}

3
boring-rustls-provider/src/verify/rsa.rs
View file

@ -87,8 +87,7 @@ fn rsa_verifier_from_params(
digest: MessageDigest,
padding: Padding,
) -> boring::sign::Verifier {
let mut verifier =
boring::sign::Verifier::new(digest.clone(), key).expect("failed getting verifier");
let mut verifier = boring::sign::Verifier::new(digest, key).expect("failed getting verifier");
verifier
.set_rsa_padding(padding)
.expect("failed setting padding");