From c93f7d53ecf9700eed6245b81031b7512f8ec604 Mon Sep 17 00:00:00 2001 From: Justus Winter Date: Tue, 10 Nov 2020 15:26:42 +0100 Subject: openpgp: Make crypto::Hash::digest fallible. --- openpgp/src/crypto/backend/cng/hash.rs | 3 ++- openpgp/src/crypto/backend/nettle/hash.rs | 31 ++++++++++++++++++++++--------- openpgp/src/crypto/ecdh.rs | 2 +- openpgp/src/crypto/hash.rs | 20 ++++++++++---------- openpgp/src/crypto/mem.rs | 2 +- openpgp/src/crypto/s2k.rs | 2 +- openpgp/src/packet/container.rs | 4 ++-- openpgp/src/packet/key.rs | 2 +- openpgp/src/packet/mdc.rs | 2 +- openpgp/src/packet/signature.rs | 10 +++++----- openpgp/src/parse.rs | 4 ++-- openpgp/src/parse/hashed_reader.rs | 6 +++--- openpgp/src/parse/mpis.rs | 2 +- openpgp/src/parse/stream.rs | 2 +- openpgp/src/serialize.rs | 2 +- 15 files changed, 54 insertions(+), 40 deletions(-) (limited to 'openpgp/src') diff --git a/openpgp/src/crypto/backend/cng/hash.rs b/openpgp/src/crypto/backend/cng/hash.rs index 33eeaeb9..22d8ae77 100644 --- a/openpgp/src/crypto/backend/cng/hash.rs +++ b/openpgp/src/crypto/backend/cng/hash.rs @@ -15,7 +15,7 @@ impl Digest for cng::Hash { let _ = self.hash(data); } - fn digest(&mut self, digest: &mut [u8]) { + fn digest(&mut self, digest: &mut [u8]) -> Result<()> { // TODO: Replace with CNG reusable hash objects, supported from Windows 8 // This would allow us to not re-create the CNG hash object each time we // want to finish digest calculation @@ -31,6 +31,7 @@ impl Digest for cng::Hash { .expect("CNG to not fail internally"); digest.copy_from_slice(&buffer.as_slice()[..digest.len()]); + Ok(()) } } diff --git a/openpgp/src/crypto/backend/nettle/hash.rs b/openpgp/src/crypto/backend/nettle/hash.rs index bf1d9cb5..acfdf3a8 100644 --- a/openpgp/src/crypto/backend/nettle/hash.rs +++ b/openpgp/src/crypto/backend/nettle/hash.rs @@ -2,20 +2,33 @@ use crate::crypto::hash::Digest; use crate::{Error, Result}; use crate::types::{HashAlgorithm}; -impl Digest for T { - fn digest_size(&self) -> usize { - self.digest_size() - } +macro_rules! impl_digest_for { + ($t: path) => { + impl Digest for $t { + fn digest_size(&self) -> usize { + nettle::hash::Hash::digest_size(self) + } - fn update(&mut self, data: &[u8]) { - self.update(data); - } + fn update(&mut self, data: &[u8]) { + nettle::hash::Hash::update(self, data); + } - fn digest(&mut self, digest: &mut [u8]) { - self.digest(digest); + fn digest(&mut self, digest: &mut [u8]) -> Result<()> { + nettle::hash::Hash::digest(self, digest); + Ok(()) + } + } } } +impl_digest_for!(nettle::hash::Sha224); +impl_digest_for!(nettle::hash::Sha256); +impl_digest_for!(nettle::hash::Sha384); +impl_digest_for!(nettle::hash::Sha512); +impl_digest_for!(nettle::hash::insecure_do_not_use::Sha1); +impl_digest_for!(nettle::hash::insecure_do_not_use::Md5); +impl_digest_for!(nettle::hash::insecure_do_not_use::Ripemd160); + impl HashAlgorithm { /// Whether Sequoia supports this algorithm. pub fn is_supported(self) -> bool { diff --git a/openpgp/src/crypto/ecdh.rs b/openpgp/src/crypto/ecdh.rs index 8649753d..c203e397 100644 --- a/openpgp/src/crypto/ecdh.rs +++ b/openpgp/src/crypto/ecdh.rs @@ -131,7 +131,7 @@ fn kdf(x: &Protected, obits: usize, hash: HashAlgorithm, param: &[u8]) // Providing a smaller buffer will truncate the digest. let mut key: Protected = vec![0; obits].into(); - hash.digest(&mut key); + hash.digest(&mut key)?; Ok(key) } diff --git a/openpgp/src/crypto/hash.rs b/openpgp/src/crypto/hash.rs index c7a8b248..5643a30a 100644 --- a/openpgp/src/crypto/hash.rs +++ b/openpgp/src/crypto/hash.rs @@ -45,7 +45,7 @@ pub(crate) trait Digest: DynClone { /// /// `digest` must be at least `self.digest_size()` bytes large, /// otherwise the digest will be truncated. - fn digest(&mut self, digest: &mut [u8]); + fn digest(&mut self, digest: &mut [u8]) -> Result<()>; } dyn_clone::clone_trait_object!(Digest); @@ -110,8 +110,8 @@ impl Context { /// otherwise the digest will be truncated. /// /// [`self.digest_size()`]: #method.digest_size - pub fn digest>(&mut self, mut digest: D) { - self.ctx.digest(digest.as_mut()); + pub fn digest>(&mut self, mut digest: D) -> Result<()> { + self.ctx.digest(digest.as_mut()) } } @@ -206,8 +206,8 @@ impl Digest for HashDumper { self.sink.write_all(data).unwrap(); self.written += data.len(); } - fn digest(&mut self, digest: &mut [u8]) { - self.hasher.digest(digest); + fn digest(&mut self, digest: &mut [u8]) -> Result<()> { + self.hasher.digest(digest) } } @@ -386,7 +386,7 @@ impl Signature { sig.hash(&mut h); let mut digest = vec![0u8; h.digest_size()]; - h.digest(&mut digest); + h.digest(&mut digest)?; Ok(digest) } @@ -411,7 +411,7 @@ impl Signature { sig.hash(&mut h); let mut digest = vec![0u8; h.digest_size()]; - h.digest(&mut digest); + h.digest(&mut digest)?; Ok(digest) } @@ -431,7 +431,7 @@ impl Signature { sig.hash(&mut h); let mut digest = vec![0u8; h.digest_size()]; - h.digest(&mut digest); + h.digest(&mut digest)?; Ok(digest) } @@ -462,7 +462,7 @@ impl Signature { sig.hash(&mut h); let mut digest = vec![0u8; h.digest_size()]; - h.digest(&mut digest); + h.digest(&mut digest)?; Ok(digest) } @@ -482,7 +482,7 @@ impl Signature { sig.hash(&mut h); let mut digest = vec![0u8; h.digest_size()]; - h.digest(&mut digest); + h.digest(&mut digest)?; Ok(digest) } } diff --git a/openpgp/src/crypto/mem.rs b/openpgp/src/crypto/mem.rs index 038d12c6..96f80483 100644 --- a/openpgp/src/crypto/mem.rs +++ b/openpgp/src/crypto/mem.rs @@ -279,7 +279,7 @@ mod has_access_to_prekey { .expect("Mandatory algorithm unsupported"); PREKEY.iter().for_each(|page| ctx.update(page)); let mut sk: SessionKey = vec![0; 256/8].into(); - ctx.digest(&mut sk); + let _ = ctx.digest(&mut sk); sk } diff --git a/openpgp/src/crypto/s2k.rs b/openpgp/src/crypto/s2k.rs index 4eee84d8..ecc6313e 100644 --- a/openpgp/src/crypto/s2k.rs +++ b/openpgp/src/crypto/s2k.rs @@ -228,7 +228,7 @@ impl S2K { unreachable!(), } - hash.digest(data); + let _ = hash.digest(data); zeros.push(0); } diff --git a/openpgp/src/packet/container.rs b/openpgp/src/packet/container.rs index 29a40d9b..a06d84cc 100644 --- a/openpgp/src/packet/container.rs +++ b/openpgp/src/packet/container.rs @@ -286,7 +286,7 @@ impl Container { static ref DIGEST: Vec = { let mut h = Container::make_body_hash(); let mut d = vec![0; h.digest_size()]; - h.digest(&mut d); + let _ = h.digest(&mut d); d }; } @@ -305,7 +305,7 @@ impl Container { pub(crate) // For parse.rs fn set_body_hash(&mut self, mut h: hash::Context) { self.body_digest.resize(h.digest_size(), 0); - h.digest(&mut self.body_digest); + let _ = h.digest(&mut self.body_digest); } pub(crate) diff --git a/openpgp/src/packet/key.rs b/openpgp/src/packet/key.rs index be71393f..43aba868 100644 --- a/openpgp/src/packet/key.rs +++ b/openpgp/src/packet/key.rs @@ -1038,7 +1038,7 @@ impl Key4 self.hash(&mut h); let mut digest = vec![0u8; h.digest_size()]; - h.digest(&mut digest); + let _ = h.digest(&mut digest); Fingerprint::from_bytes(digest.as_slice()) } diff --git a/openpgp/src/packet/mdc.rs b/openpgp/src/packet/mdc.rs index 68a4e9ae..fdb6513e 100644 --- a/openpgp/src/packet/mdc.rs +++ b/openpgp/src/packet/mdc.rs @@ -91,7 +91,7 @@ impl From<[u8; 20]> for MDC { impl From for MDC { fn from(mut hash: crypto::hash::Context) -> Self { let mut value : [u8; 20] = Default::default(); - hash.digest(&mut value[..]); + let _ = hash.digest(&mut value[..]); value.into() } } diff --git a/openpgp/src/packet/signature.rs b/openpgp/src/packet/signature.rs index 24e79731..d171d074 100644 --- a/openpgp/src/packet/signature.rs +++ b/openpgp/src/packet/signature.rs @@ -1405,7 +1405,7 @@ impl SignatureBuilder { self.hash(&mut hash); let mut digest = vec![0u8; hash.digest_size()]; - hash.digest(&mut digest); + hash.digest(&mut digest)?; self.sign(signer, digest) } @@ -1521,7 +1521,7 @@ impl SignatureBuilder { self.hash(&mut hash); let mut digest = vec![0u8; hash.digest_size()]; - hash.digest(&mut digest); + hash.digest(&mut digest)?; self.sign(signer, digest) } @@ -2289,7 +2289,7 @@ impl Signature { { self.hash(&mut hash); let mut digest = vec![0u8; hash.digest_size()]; - hash.digest(&mut digest); + hash.digest(&mut digest)?; self.verify_digest(key, digest) } @@ -2852,7 +2852,7 @@ impl Signature { hash.update(msg.as_ref()); self.hash(&mut hash); - hash.digest(&mut digest); + hash.digest(&mut digest)?; self.verify_digest(signer, &digest[..]) } @@ -3110,7 +3110,7 @@ mod test { let mut hash = hash_algo.context().unwrap(); sig.hash(&mut hash); let mut digest = vec![0u8; hash.digest_size()]; - hash.digest(&mut digest); + hash.digest(&mut digest).unwrap(); sig.verify_digest(pair.public(), &digest[..]).unwrap(); // Bad signature. diff --git a/openpgp/src/parse.rs b/openpgp/src/parse.rs index f4a3a2ca..e31bb6d4 100644 --- a/openpgp/src/parse.rs +++ b/openpgp/src/parse.rs @@ -1383,7 +1383,7 @@ impl Signature4 { sig.hash(&mut hash); let mut digest = vec![0u8; hash.digest_size()]; - hash.digest(&mut digest); + let _ = hash.digest(&mut digest); sig.set_computed_digest(Some(digest)); sig.set_level(level); @@ -2732,7 +2732,7 @@ impl MDC { } else { None }).unwrap(); - h.digest(&mut computed_digest); + let _ = h.digest(&mut computed_digest); } // If the outer most HashedReader is not the diff --git a/openpgp/src/parse/hashed_reader.rs b/openpgp/src/parse/hashed_reader.rs index e578293f..a6aff9e7 100644 --- a/openpgp/src/parse/hashed_reader.rs +++ b/openpgp/src/parse/hashed_reader.rs @@ -345,7 +345,7 @@ mod test { let hash = mode.as_mut(); let algo = hash.algo(); let mut digest = vec![0u8; hash.digest_size()]; - hash.digest(&mut digest); + let _ = hash.digest(&mut digest); assert_eq!(digest, &crate::fmt::from_hex(test.expected.get(&algo) @@ -367,7 +367,7 @@ mod test { let mut ctx = HashAlgorithm::SHA256.context()?; super::hash_update_text(&mut ctx, text.as_bytes()); let mut digest = vec![0; ctx.digest_size()]; - ctx.digest(&mut digest); + let _ = ctx.digest(&mut digest); assert_eq!( &crate::fmt::hex::encode(&digest), "5536758151607BB81CE8D6F49189B2E84763DA9EA84965AB7327E704DAE415EB"); @@ -403,7 +403,7 @@ mod test { let hash = mode.as_mut(); let algo = hash.algo(); let mut digest = vec![0u8; hash.digest_size()]; - hash.digest(&mut digest); + let _ = hash.digest(&mut digest); assert_eq!(*expected.get(&algo).unwrap(), &crate::fmt::to_hex(&digest[..], false)); diff --git a/openpgp/src/parse/mpis.rs b/openpgp/src/parse/mpis.rs index 129f1c86..b7ca51da 100644 --- a/openpgp/src/parse/mpis.rs +++ b/openpgp/src/parse/mpis.rs @@ -269,7 +269,7 @@ impl mpi::SecretKeyMaterial { let mut hsh = HashAlgorithm::SHA1.context().unwrap(); mpis.serialize(&mut hsh)?; let mut our_chksum = [0u8; 20]; - hsh.digest(&mut our_chksum); + let _ = hsh.digest(&mut our_chksum); our_chksum == their_chksum[..] }, diff --git a/openpgp/src/parse/stream.rs b/openpgp/src/parse/stream.rs index 3fee1267..1a2dd940 100644 --- a/openpgp/src/parse/stream.rs +++ b/openpgp/src/parse/stream.rs @@ -2480,7 +2480,7 @@ impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> { // Attach digest to the signature. let mut digest = vec![0; hash.digest_size()]; - hash.digest(&mut digest); + let _ = hash.digest(&mut digest); sig.set_computed_digest(Some(digest.into())); } } diff --git a/openpgp/src/serialize.rs b/openpgp/src/serialize.rs index 28bc015c..f363c448 100644 --- a/openpgp/src/serialize.rs +++ b/openpgp/src/serialize.rs @@ -1097,7 +1097,7 @@ impl crypto::mpi::SecretKeyMaterial { let mut hash = HashAlgorithm::SHA1.context().unwrap(); self.serialize(&mut hash)?; let mut digest = [0u8; 20]; - hash.digest(&mut digest); + let _ = hash.digest(&mut digest); w.write_all(&digest)?; }, crypto::mpi::SecretKeyChecksum::Sum16 => { -- cgit v1.2.3