From 2ca83cc4a083565475e467df1f642ab047c9bede Mon Sep 17 00:00:00 2001 From: Brian Smith Date: Fri, 5 Apr 2019 15:40:41 -1000 Subject: [PATCH] Remove `untrusted` from `io::Positive` API. --- src/agreement.rs | 2 +- src/ec/suite_b/ecdsa/verification.rs | 4 ++-- src/io/der.rs | 2 +- src/io/der_writer.rs | 2 +- src/io/positive.rs | 9 ++++++++- src/rsa/signing.rs | 18 +++++++++--------- src/rsa/verification.rs | 4 ++-- tests/rsa_tests.rs | 1 - 8 files changed, 24 insertions(+), 18 deletions(-) diff --git a/src/agreement.rs b/src/agreement.rs index 6a15c2283..d5573dc70 100644 --- a/src/agreement.rs +++ b/src/agreement.rs @@ -136,7 +136,7 @@ impl AsRef<[u8]> for PublicKey { derive_debug_self_as_ref_hex_bytes!(PublicKey); -/// An unparsed (possibly invalid) public key for key agreement. +/// An unparsed, possibly malformed, public key for key agreement. pub struct UnparsedPublicKey> { algorithm: &'static Algorithm, bytes: B, diff --git a/src/ec/suite_b/ecdsa/verification.rs b/src/ec/suite_b/ecdsa/verification.rs index 5d0b6936d..b20e6e890 100644 --- a/src/ec/suite_b/ecdsa/verification.rs +++ b/src/ec/suite_b/ecdsa/verification.rs @@ -174,8 +174,8 @@ fn split_rs_asn1<'a>( _ops: &'static ScalarOps, input: &mut untrusted::Reader<'a>, ) -> Result<(untrusted::Input<'a>, untrusted::Input<'a>), error::Unspecified> { der::nested(input, der::Tag::Sequence, error::Unspecified, |input| { - let r = der::positive_integer(input)?.big_endian_without_leading_zero(); - let s = der::positive_integer(input)?.big_endian_without_leading_zero(); + let r = der::positive_integer(input)?.big_endian_without_leading_zero_as_input(); + let s = der::positive_integer(input)?.big_endian_without_leading_zero_as_input(); Ok((r, s)) }) } diff --git a/src/io/der.rs b/src/io/der.rs index 2fd966e33..00f757f86 100644 --- a/src/io/der.rs +++ b/src/io/der.rs @@ -288,7 +288,7 @@ mod tests { with_good_i(test_in, |input| { let test_out = [test_out]; assert_eq!( - positive_integer(input)?.big_endian_without_leading_zero(), + positive_integer(input)?.big_endian_without_leading_zero_as_input(), untrusted::Input::from(&test_out[..]) ); Ok(()) diff --git a/src/io/der_writer.rs b/src/io/der_writer.rs index 066f1d189..10e817a88 100644 --- a/src/io/der_writer.rs +++ b/src/io/der_writer.rs @@ -16,7 +16,7 @@ use super::{der::*, writer::*, *}; pub(crate) fn write_positive_integer(output: &mut Accumulator, value: &Positive) { let first_byte = value.first_byte(); - let value = value.big_endian_without_leading_zero(); + let value = value.big_endian_without_leading_zero_as_input(); write_tlv(output, Tag::Integer, |output| { if (first_byte & 0x80) != 0 { output.write_byte(0); // Disambiguate negative number. diff --git a/src/io/positive.rs b/src/io/positive.rs index d2aca046b..cb782776e 100644 --- a/src/io/positive.rs +++ b/src/io/positive.rs @@ -29,7 +29,14 @@ impl<'a> Positive<'a> { /// Returns the value, ordered from significant byte to least significant /// byte, without any leading zeros. The result is guaranteed to be /// non-empty. - pub fn big_endian_without_leading_zero(&self) -> untrusted::Input<'a> { self.0 } + #[inline] + pub fn big_endian_without_leading_zero(&self) -> &'a [u8] { + self.big_endian_without_leading_zero_as_input() + .as_slice_less_safe() + } + + #[inline] + pub(crate) fn big_endian_without_leading_zero_as_input(&self) -> untrusted::Input<'a> { self.0 } } impl Positive<'_> { diff --git a/src/rsa/signing.rs b/src/rsa/signing.rs index f730e6c37..5c8415d36 100644 --- a/src/rsa/signing.rs +++ b/src/rsa/signing.rs @@ -188,12 +188,12 @@ impl RsaKeyPair { let n = positive_integer(input)?; let e = positive_integer(input)?; - let d = positive_integer(input)?.big_endian_without_leading_zero(); - let p = positive_integer(input)?.big_endian_without_leading_zero(); - let q = positive_integer(input)?.big_endian_without_leading_zero(); - let dP = positive_integer(input)?.big_endian_without_leading_zero(); - let dQ = positive_integer(input)?.big_endian_without_leading_zero(); - let qInv = positive_integer(input)?.big_endian_without_leading_zero(); + let d = positive_integer(input)?.big_endian_without_leading_zero_as_input(); + let p = positive_integer(input)?.big_endian_without_leading_zero_as_input(); + let q = positive_integer(input)?.big_endian_without_leading_zero_as_input(); + let dP = positive_integer(input)?.big_endian_without_leading_zero_as_input(); + let dQ = positive_integer(input)?.big_endian_without_leading_zero_as_input(); + let qInv = positive_integer(input)?.big_endian_without_leading_zero_as_input(); let (p, p_bits) = bigint::Nonnegative::from_be_bytes_with_bit_length(p) .map_err(|error::Unspecified| KeyRejected::invalid_encoding())?; @@ -231,8 +231,8 @@ impl RsaKeyPair { // Step 1.c. We validate e >= 65537. let public_key = verification::Key::from_modulus_and_exponent( - n.big_endian_without_leading_zero(), - e.big_endian_without_leading_zero(), + n.big_endian_without_leading_zero_as_input(), + e.big_endian_without_leading_zero_as_input(), bits::BitLength::from_usize_bits(2048), super::PRIVATE_KEY_PUBLIC_MODULUS_MAX_BITS, 65537, @@ -379,7 +379,7 @@ impl RsaKeyPair { pub fn public_modulus_len(&self) -> usize { self.public_key .modulus() - .big_endian_without_leading_zero() + .big_endian_without_leading_zero_as_input() .as_slice_less_safe() .len() } diff --git a/src/rsa/verification.rs b/src/rsa/verification.rs index 302b41518..fcb8fac0f 100644 --- a/src/rsa/verification.rs +++ b/src/rsa/verification.rs @@ -85,8 +85,8 @@ impl signature::VerificationAlgorithm for RsaParameters { verify_rsa_( self, ( - n.big_endian_without_leading_zero(), - e.big_endian_without_leading_zero(), + n.big_endian_without_leading_zero_as_input(), + e.big_endian_without_leading_zero_as_input(), ), msg, signature, diff --git a/tests/rsa_tests.rs b/tests/rsa_tests.rs index 4a31cfa27..9eb3920a2 100644 --- a/tests/rsa_tests.rs +++ b/tests/rsa_tests.rs @@ -306,7 +306,6 @@ fn rsa_test_public_key_coverage() { .public_key() .exponent() .big_endian_without_leading_zero() - .as_slice_less_safe() ); // Test `Debug`