diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2020-11-10 15:26:42 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2020-11-12 10:31:29 +0100 |
commit | c93f7d53ecf9700eed6245b81031b7512f8ec604 (patch) | |
tree | 05cfc4791c3cdda7e88308fb37a6f953b77b08dc /openpgp/src/crypto | |
parent | 476ec660e251f385376f5a166de061749925fd46 (diff) |
openpgp: Make crypto::Hash::digest fallible.
Diffstat (limited to 'openpgp/src/crypto')
-rw-r--r-- | openpgp/src/crypto/backend/cng/hash.rs | 3 | ||||
-rw-r--r-- | openpgp/src/crypto/backend/nettle/hash.rs | 31 | ||||
-rw-r--r-- | openpgp/src/crypto/ecdh.rs | 2 | ||||
-rw-r--r-- | openpgp/src/crypto/hash.rs | 20 | ||||
-rw-r--r-- | openpgp/src/crypto/mem.rs | 2 | ||||
-rw-r--r-- | openpgp/src/crypto/s2k.rs | 2 |
6 files changed, 37 insertions, 23 deletions
diff --git a/openpgp/src/crypto/backend/cng/hash.rs b/openpgp/src/crypto/backend/cng/hash.rs index 33eeaeb9..22d8ae77 100644 --- a/openpgp/src/crypto/backend/cng/hash.rs +++ b/openpgp/src/crypto/backend/cng/hash.rs @@ -15,7 +15,7 @@ impl Digest for cng::Hash { let _ = self.hash(data); } - fn digest(&mut self, digest: &mut [u8]) { + fn digest(&mut self, digest: &mut [u8]) -> Result<()> { // TODO: Replace with CNG reusable hash objects, supported from Windows 8 // This would allow us to not re-create the CNG hash object each time we // want to finish digest calculation @@ -31,6 +31,7 @@ impl Digest for cng::Hash { .expect("CNG to not fail internally"); digest.copy_from_slice(&buffer.as_slice()[..digest.len()]); + Ok(()) } } diff --git a/openpgp/src/crypto/backend/nettle/hash.rs b/openpgp/src/crypto/backend/nettle/hash.rs index bf1d9cb5..acfdf3a8 100644 --- a/openpgp/src/crypto/backend/nettle/hash.rs +++ b/openpgp/src/crypto/backend/nettle/hash.rs @@ -2,20 +2,33 @@ use crate::crypto::hash::Digest; use crate::{Error, Result}; use crate::types::{HashAlgorithm}; -impl<T: nettle::hash::Hash + Clone> Digest for T { - fn digest_size(&self) -> usize { - self.digest_size() - } +macro_rules! impl_digest_for { + ($t: path) => { + impl Digest for $t { + fn digest_size(&self) -> usize { + nettle::hash::Hash::digest_size(self) + } - fn update(&mut self, data: &[u8]) { - self.update(data); - } + fn update(&mut self, data: &[u8]) { + nettle::hash::Hash::update(self, data); + } - fn digest(&mut self, digest: &mut [u8]) { - self.digest(digest); + fn digest(&mut self, digest: &mut [u8]) -> Result<()> { + nettle::hash::Hash::digest(self, digest); + Ok(()) + } + } } } +impl_digest_for!(nettle::hash::Sha224); +impl_digest_for!(nettle::hash::Sha256); +impl_digest_for!(nettle::hash::Sha384); +impl_digest_for!(nettle::hash::Sha512); +impl_digest_for!(nettle::hash::insecure_do_not_use::Sha1); +impl_digest_for!(nettle::hash::insecure_do_not_use::Md5); +impl_digest_for!(nettle::hash::insecure_do_not_use::Ripemd160); + impl HashAlgorithm { /// Whether Sequoia supports this algorithm. pub fn is_supported(self) -> bool { diff --git a/openpgp/src/crypto/ecdh.rs b/openpgp/src/crypto/ecdh.rs index 8649753d..c203e397 100644 --- a/openpgp/src/crypto/ecdh.rs +++ b/openpgp/src/crypto/ecdh.rs @@ -131,7 +131,7 @@ fn kdf(x: &Protected, obits: usize, hash: HashAlgorithm, param: &[u8]) // Providing a smaller buffer will truncate the digest. let mut key: Protected = vec![0; obits].into(); - hash.digest(&mut key); + hash.digest(&mut key)?; Ok(key) } diff --git a/openpgp/src/crypto/hash.rs b/openpgp/src/crypto/hash.rs index c7a8b248..5643a30a 100644 --- a/openpgp/src/crypto/hash.rs +++ b/openpgp/src/crypto/hash.rs @@ -45,7 +45,7 @@ pub(crate) trait Digest: DynClone { /// /// `digest` must be at least `self.digest_size()` bytes large, /// otherwise the digest will be truncated. - fn digest(&mut self, digest: &mut [u8]); + fn digest(&mut self, digest: &mut [u8]) -> Result<()>; } dyn_clone::clone_trait_object!(Digest); @@ -110,8 +110,8 @@ impl Context { /// otherwise the digest will be truncated. /// /// [`self.digest_size()`]: #method.digest_size - pub fn digest<D: AsMut<[u8]>>(&mut self, mut digest: D) { - self.ctx.digest(digest.as_mut()); + pub fn digest<D: AsMut<[u8]>>(&mut self, mut digest: D) -> Result<()> { + self.ctx.digest(digest.as_mut()) } } @@ -206,8 +206,8 @@ impl Digest for HashDumper { self.sink.write_all(data).unwrap(); self.written += data.len(); } - fn digest(&mut self, digest: &mut [u8]) { - self.hasher.digest(digest); + fn digest(&mut self, digest: &mut [u8]) -> Result<()> { + self.hasher.digest(digest) } } @@ -386,7 +386,7 @@ impl Signature { sig.hash(&mut h); let mut digest = vec![0u8; h.digest_size()]; - h.digest(&mut digest); + h.digest(&mut digest)?; Ok(digest) } @@ -411,7 +411,7 @@ impl Signature { sig.hash(&mut h); let mut digest = vec![0u8; h.digest_size()]; - h.digest(&mut digest); + h.digest(&mut digest)?; Ok(digest) } @@ -431,7 +431,7 @@ impl Signature { sig.hash(&mut h); let mut digest = vec![0u8; h.digest_size()]; - h.digest(&mut digest); + h.digest(&mut digest)?; Ok(digest) } @@ -462,7 +462,7 @@ impl Signature { sig.hash(&mut h); let mut digest = vec![0u8; h.digest_size()]; - h.digest(&mut digest); + h.digest(&mut digest)?; Ok(digest) } @@ -482,7 +482,7 @@ impl Signature { sig.hash(&mut h); let mut digest = vec![0u8; h.digest_size()]; - h.digest(&mut digest); + h.digest(&mut digest)?; Ok(digest) } } diff --git a/openpgp/src/crypto/mem.rs b/openpgp/src/crypto/mem.rs index 038d12c6..96f80483 100644 --- a/openpgp/src/crypto/mem.rs +++ b/openpgp/src/crypto/mem.rs @@ -279,7 +279,7 @@ mod has_access_to_prekey { .expect("Mandatory algorithm unsupported"); PREKEY.iter().for_each(|page| ctx.update(page)); let mut sk: SessionKey = vec![0; 256/8].into(); - ctx.digest(&mut sk); + let _ = ctx.digest(&mut sk); sk } diff --git a/openpgp/src/crypto/s2k.rs b/openpgp/src/crypto/s2k.rs index 4eee84d8..ecc6313e 100644 --- a/openpgp/src/crypto/s2k.rs +++ b/openpgp/src/crypto/s2k.rs @@ -228,7 +228,7 @@ impl S2K { unreachable!(), } - hash.digest(data); + let _ = hash.digest(data); zeros.push(0); } |