diff --git a/ccm/Cargo.toml b/ccm/Cargo.toml index b9112600..bd2a8695 100644 --- a/ccm/Cargo.toml +++ b/ccm/Cargo.toml @@ -31,3 +31,9 @@ arrayvec = ["aead/arrayvec"] bytes = ["aead/bytes"] getrandom = ["aead/getrandom"] rand_core = ["aead/rand_core"] + +[lints] +workspace = true + +[package.metadata.docs.rs] +all-features = true diff --git a/ccm/src/lib.rs b/ccm/src/lib.rs index 550f86dd..b3f83619 100644 --- a/ccm/src/lib.rs +++ b/ccm/src/lib.rs @@ -1,11 +1,10 @@ #![no_std] +#![cfg_attr(docsrs, feature(doc_cfg))] #![doc = include_str!("../README.md")] #![doc( html_logo_url = "https://raw.githubusercontent.com/RustCrypto/meta/master/logo.svg", html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/meta/master/logo.svg" )] -#![deny(unsafe_code)] -#![warn(missing_docs, rust_2018_idioms)] //! # Usage //! @@ -102,7 +101,7 @@ use aead::{ use cipher::{ Block, BlockCipherEncrypt, BlockSizeUser, InnerIvInit, StreamCipher, StreamCipherSeek, }; -use core::marker::PhantomData; +use core::{fmt, marker::PhantomData}; use ctr::{Ctr32BE, Ctr64BE, CtrCore}; use subtle::ConstantTimeEq; @@ -174,7 +173,7 @@ where ) -> Result, Error> { let is_ad = !adata.is_empty(); let l = N::get_l(); - let flags = 64 * (is_ad as u8) + 8 * M::get_m_tick() + (l - 1); + let flags = 64 * u8::from(is_ad) + 8 * M::get_m_tick() + (l - 1); if buffer.len() > N::get_max_len() { return Err(Error); @@ -186,8 +185,10 @@ where b0[1..n].copy_from_slice(nonce); let cb = b0.len() - n; + // the max len check makes certain that we discard only // zero bytes from `b` + #[allow(clippy::cast_possible_truncation, reason = "TODO")] if cb > 4 { let b = (buffer.len() as u64).to_be_bytes(); b0[n..].copy_from_slice(&b[b.len() - cb..]); @@ -292,7 +293,7 @@ where ctr.apply_keystream_inout(buffer); } - Ok(Tag::try_from(&full_tag[..M::to_usize()]).expect("tag size mismatch")) + full_tag[..M::to_usize()].try_into().map_err(|_| Error) } fn decrypt_inout_detached( @@ -335,6 +336,17 @@ where } } +impl fmt::Debug for Ccm +where + C: BlockSizeUser + BlockCipherEncrypt, + M: ArraySize + TagSize, + N: ArraySize + NonceSize, +{ + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + f.debug_struct("Ccm").finish_non_exhaustive() + } +} + struct CbcMac<'a, C: BlockCipherEncrypt> { cipher: &'a C, state: Block, @@ -378,6 +390,7 @@ where } } +#[allow(clippy::cast_possible_truncation, reason = "TODO")] fn fill_aad_header(adata_len: usize) -> (usize, Array) { debug_assert_ne!(adata_len, 0); @@ -385,7 +398,7 @@ fn fill_aad_header(adata_len: usize) -> (usize, Array) { let n = if adata_len < 0xFF00 { b[..2].copy_from_slice(&(adata_len as u16).to_be_bytes()); 2 - } else if adata_len <= u32::MAX as usize { + } else if u32::try_from(adata_len).is_ok() { b[0] = 0xFF; b[1] = 0xFE; b[2..6].copy_from_slice(&(adata_len as u32).to_be_bytes()); diff --git a/ccm/src/private.rs b/ccm/src/private.rs index 5826ed74..c053525d 100644 --- a/ccm/src/private.rs +++ b/ccm/src/private.rs @@ -14,7 +14,7 @@ pub trait SealedNonce: Unsigned { fn get_max_len() -> usize { // a somewhat ugly code to prevent overflow. // compiler should be able to completely optimize it out - let l = Self::get_l() as u128; + let l = u128::from(Self::get_l()); let v = (1 << (8 * l)) - 1; core::cmp::min(v, usize::MAX as u128) as usize } diff --git a/ccm/tests/mod.rs b/ccm/tests/ccm.rs similarity index 97% rename from ccm/tests/mod.rs rename to ccm/tests/ccm.rs index 3288f8b8..6367fc45 100644 --- a/ccm/tests/mod.rs +++ b/ccm/tests/ccm.rs @@ -1,3 +1,5 @@ +//! CCM integration tests. + #![cfg(feature = "alloc")] use aead::{Aead, AeadInOut, KeyInit, Payload, array::Array}; @@ -13,7 +15,7 @@ fn test_data_len_check() { let key = hex!("D7828D13B2B0BDC325A76236DF93CC6B"); let nonce = hex!("2F1DBD38CE3EDA7C23F04DD650"); - type Cipher = Ccm; + type Cipher = Ccm; let key = Array(key); let nonce = Array(nonce); let c = Cipher::new(&key); @@ -37,7 +39,7 @@ fn sp800_38c_examples() { nonce: $nonce:expr, adata: $adata:expr, pt: $pt:expr, ct: $ct:expr, ) => { let key = Array($key); - let c = Ccm::::new(&key); + let c = Ccm::::new(&key); let nonce = Array($nonce); let res = c.encrypt(&nonce, Payload { aad: &$adata, msg: &$pt }) .unwrap(); @@ -80,7 +82,9 @@ fn sp800_38c_examples() { "), ); - let adata = (0..524288 / 8).map(|i| i as u8).collect::>(); + #[allow(clippy::cast_possible_truncation, reason = "TODO")] + let adata = (0u32..524288 / 8).map(|i| i as u8).collect::>(); + check!( key, U14, U13, nonce: hex!("10111213 14151617 18191a1b 1c"),