diff --git a/aead/Cargo.toml b/aead/Cargo.toml index b1231625b..9dc4772aa 100644 --- a/aead/Cargo.toml +++ b/aead/Cargo.toml @@ -31,5 +31,8 @@ dev = ["blobby", "alloc"] getrandom = ["common/getrandom"] rand_core = ["common/rand_core"] +[lints] +workspace = true + [package.metadata.docs.rs] all-features = true diff --git a/aead/src/dev.rs b/aead/src/dev.rs index 410f519ae..903c95c61 100644 --- a/aead/src/dev.rs +++ b/aead/src/dev.rs @@ -1,4 +1,9 @@ //! Development-related functionality + +#![allow(clippy::missing_errors_doc, reason = "dev module")] +#![allow(clippy::missing_panics_doc, reason = "dev module")] +#![allow(clippy::unwrap_in_result, reason = "dev module")] + use crate::{ Aead, AeadInOut, Payload, Tag, TagPosition, array::typenum::Unsigned, inout::InOutBuf, }; @@ -21,6 +26,7 @@ pub struct TestVector { } /// Run AEAD test for the provided passing test vector +#[allow(clippy::cast_possible_truncation)] pub fn pass_test( &TestVector { key, diff --git a/aead/src/lib.rs b/aead/src/lib.rs index f12cddc16..628b4e18f 100644 --- a/aead/src/lib.rs +++ b/aead/src/lib.rs @@ -158,6 +158,9 @@ pub trait Aead: AeadCore { /// AES-GCM-SIV, ChaCha20Poly1305). [`Aead`] implementations which do not /// use a postfix tag will need to override this to correctly assemble the /// ciphertext message. + /// + /// # Errors + /// AEAD algorithm implementations may return an error if the plaintext or AAD are too long. fn encrypt<'msg, 'aad>( &self, nonce: &Nonce, @@ -181,6 +184,11 @@ pub trait Aead: AeadCore { /// AES-GCM-SIV, ChaCha20Poly1305). [`Aead`] implementations which do not /// use a postfix tag will need to override this to correctly parse the /// ciphertext message. + /// + /// # Errors + /// - if the `ciphertext` is inauthentic (i.e. tag verification failure) + /// - if the `ciphertext` is too long + /// - if the `aad` is too long fn decrypt<'msg, 'aad>( &self, nonce: &Nonce, @@ -217,6 +225,9 @@ impl Aead for T { /// In-place and inout AEAD trait which handles the authentication tag as a return value/separate parameter. pub trait AeadInOut: AeadCore { /// Encrypt the data in the provided [`InOutBuf`], returning the authentication tag. + /// + /// # Errors + /// AEAD algorithm implementations may return an error if the plaintext or AAD are too long. fn encrypt_inout_detached( &self, nonce: &Nonce, @@ -226,7 +237,12 @@ pub trait AeadInOut: AeadCore { /// Decrypt the data in the provided [`InOutBuf`], returning an error in the event the /// provided authentication tag is invalid for the given ciphertext (i.e. ciphertext - /// is modified/unauthentic) + /// is modified/unauthentic). + /// + /// # Errors + /// - if the `ciphertext` is inauthentic (i.e. tag verification failure) + /// - if the `ciphertext` is too long + /// - if the `aad` is too long fn decrypt_inout_detached( &self, nonce: &Nonce, @@ -242,6 +258,7 @@ pub trait AeadInOut: AeadCore { /// The exact size needed is cipher-dependent, but generally includes /// the size of an authentication tag. /// + /// # Errors /// Returns an error if the buffer has insufficient capacity to store the /// resulting ciphertext message. fn encrypt_in_place( @@ -275,6 +292,9 @@ pub trait AeadInOut: AeadCore { /// /// The buffer will be truncated to the length of the original plaintext /// message upon success. + /// + /// # Errors + /// - if the `ciphertext` is inauthentic (i.e. tag verification failure) fn decrypt_in_place( &self, nonce: &Nonce, @@ -306,6 +326,7 @@ pub trait AeadInOut: AeadCore { /// /// NOTE: deprecated! Please migrate to [`AeadInOut`]. #[deprecated(since = "0.6.0", note = "use `AeadInOut` instead")] +#[allow(clippy::missing_errors_doc)] pub trait AeadInPlace: AeadCore { /// Encrypt the given buffer containing a plaintext message in-place. #[deprecated(since = "0.6.0", note = "use `AeadInOut::encrypt_in_place` instead")] @@ -435,10 +456,13 @@ pub trait Buffer: AsRef<[u8]> + AsMut<[u8]> { self.as_ref().is_empty() } - /// Extend this buffer from the given slice + /// Extend this buffer from the given slice. + /// + /// # Errors + /// If the buffer has insufficient capacity. fn extend_from_slice(&mut self, other: &[u8]) -> Result<()>; - /// Truncate this buffer to the given size + /// Truncate this buffer to the given size. fn truncate(&mut self, len: usize); } diff --git a/aead/tests/dummy.rs b/aead/tests/dummy.rs index a4604d807..11cf14545 100644 --- a/aead/tests/dummy.rs +++ b/aead/tests/dummy.rs @@ -1,16 +1,28 @@ //! This module defines dummy (horribly insecure!) AEAD implementations //! to test implementation of the AEAD traits and helper macros in the `dev` module. + #![cfg(feature = "dev")] +#![allow(missing_docs, reason = "tests")] +#![allow(clippy::trivially_copy_pass_by_ref, reason = "tests")] +#![allow(clippy::unwrap_used, reason = "tests")] + use aead::{ AeadCore, AeadInOut, Error, Key, KeyInit, KeySizeUser, Nonce, Result, Tag, TagPosition, array::Array, consts::U8, }; +use core::fmt; use inout::InOutBuf; struct DummyAead { key: [u8; 8], } +impl fmt::Debug for DummyAead { + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + f.debug_struct("DummyAead").finish_non_exhaustive() + } +} + impl DummyAead { fn process_aad(&self, nonce: &[u8; 8], aad: &[u8]) -> u64 { let mut tag = u64::from_le_bytes(*nonce); @@ -92,6 +104,7 @@ impl DummyAead { } } +#[derive(Debug)] pub struct PrefixDummyAead(DummyAead); impl KeySizeUser for PrefixDummyAead { @@ -131,6 +144,7 @@ impl AeadInOut for PrefixDummyAead { } } +#[derive(Debug)] pub struct PostfixDummyAead(DummyAead); impl KeySizeUser for PostfixDummyAead {