diff --git a/crates/aranya-afc-util/src/ffi.rs b/crates/aranya-afc-util/src/ffi.rs index 16b791d1..1038797c 100644 --- a/crates/aranya-afc-util/src/ffi.rs +++ b/crates/aranya-afc-util/src/ffi.rs @@ -77,7 +77,7 @@ function create_bidi_channel( pub(crate) fn create_bidi_channel( &mut self, _ctx: &CommandContext<'_>, - eng: &mut E, + eng: &E, parent_cmd_id: Id, our_enc_key_id: EncryptionKeyId, our_id: UserId, @@ -130,7 +130,7 @@ function create_uni_channel( pub(crate) fn create_uni_channel( &mut self, _ctx: &CommandContext<'_>, - eng: &mut E, + eng: &E, parent_cmd_id: Id, author_enc_key_id: EncryptionKeyId, their_pk: Vec, diff --git a/crates/aranya-afc-util/src/handler.rs b/crates/aranya-afc-util/src/handler.rs index aa0ab1c7..a1d626cb 100644 --- a/crates/aranya-afc-util/src/handler.rs +++ b/crates/aranya-afc-util/src/handler.rs @@ -41,7 +41,7 @@ impl Handler { /// [`AranyaState`][aranya_fast_channels::AranyaState]. pub fn bidi_channel_created( &mut self, - eng: &mut E, + eng: &E, effect: &BidiChannelCreated<'_>, ) -> Result, Error> where @@ -87,7 +87,7 @@ impl Handler { /// [`AranyaState`][aranya_fast_channels::AranyaState]. pub fn bidi_channel_received( &mut self, - eng: &mut E, + eng: &E, effect: &BidiChannelReceived<'_>, ) -> Result, Error> where @@ -200,7 +200,7 @@ impl Handler { /// [`AranyaState`][aranya_fast_channels::AranyaState]. pub fn uni_channel_created( &mut self, - eng: &mut E, + eng: &E, effect: &UniChannelCreated<'_>, ) -> Result, Error> where @@ -249,7 +249,7 @@ impl Handler { /// [`AranyaState`][aranya_fast_channels::AranyaState]. pub fn uni_channel_received( &mut self, - eng: &mut E, + eng: &E, effect: &UniChannelReceived<'_>, ) -> Result, Error> where diff --git a/crates/aranya-afc-util/src/testing.rs b/crates/aranya-afc-util/src/testing.rs index 660778f4..6e69e408 100644 --- a/crates/aranya-afc-util/src/testing.rs +++ b/crates/aranya-afc-util/src/testing.rs @@ -223,12 +223,12 @@ pub struct User { impl User { /// Creates a new [`User`]. - pub fn new(mut eng: T::Engine, afc: T::Afc, aranya: T::Aranya, mut store: T::Store) -> Self { - let user_id = IdentityKey::<::CS>::new(&mut eng) + pub fn new(eng: T::Engine, afc: T::Afc, aranya: T::Aranya, mut store: T::Store) -> Self { + let user_id = IdentityKey::<::CS>::new(&eng) .id() .expect("user ID should be valid"); - let enc_sk = EncryptionKey::new(&mut eng); + let enc_sk = EncryptionKey::new(&eng); let enc_key_id = enc_sk.id().expect("encryption key ID should be valid"); let enc_pk = encode_enc_pk( &enc_sk @@ -395,7 +395,7 @@ where let mut peer = T::new(); let label = Label::new(42); - let parent_cmd_id = Id::random(&mut Rng); + let parent_cmd_id = Id::random(&Rng); let ctx = CommandContext::Action(ActionContext { name: "CreateBidiChannel", head_id: parent_cmd_id, @@ -406,7 +406,7 @@ where .ffi .create_bidi_channel( &ctx, - &mut author.eng, + &author.eng, parent_cmd_id, author.enc_key_id, author.user_id, @@ -422,7 +422,7 @@ where let keys = author .handler .bidi_channel_created( - &mut author.eng, + &author.eng, &BidiChannelCreated { parent_cmd_id, author_id: author.user_id, @@ -449,7 +449,7 @@ where let keys = peer .handler .bidi_channel_received( - &mut peer.eng, + &peer.eng, &BidiChannelReceived { parent_cmd_id, author_id: author.user_id, @@ -501,7 +501,7 @@ where let mut peer = T::new(); let label = Label::new(42); - let parent_cmd_id = Id::random(&mut Rng); + let parent_cmd_id = Id::random(&Rng); let ctx = CommandContext::Action(ActionContext { name: "CreateSealOnlyChannel", head_id: parent_cmd_id, @@ -512,7 +512,7 @@ where .ffi .create_uni_channel( &ctx, - &mut author.eng, + &author.eng, parent_cmd_id, author.enc_key_id, peer.enc_pk.clone(), @@ -528,7 +528,7 @@ where let keys = author .handler .uni_channel_created( - &mut author.eng, + &author.eng, &UniChannelCreated { parent_cmd_id, author_id: author.user_id, @@ -557,7 +557,7 @@ where let keys = peer .handler .uni_channel_received( - &mut peer.eng, + &peer.eng, &UniChannelReceived { parent_cmd_id, author_id: author.user_id, @@ -609,7 +609,7 @@ where let mut peer = T::new(); // seal only let label = Label::new(42); - let parent_cmd_id = Id::random(&mut Rng); + let parent_cmd_id = Id::random(&Rng); let ctx = CommandContext::Action(ActionContext { name: "CreateUniOnlyChannel", head_id: parent_cmd_id, @@ -620,7 +620,7 @@ where .ffi .create_uni_channel( &ctx, - &mut author.eng, + &author.eng, parent_cmd_id, author.enc_key_id, peer.enc_pk.clone(), @@ -636,7 +636,7 @@ where let keys = author .handler .uni_channel_created( - &mut author.eng, + &author.eng, &UniChannelCreated { parent_cmd_id, author_id: author.user_id, @@ -665,7 +665,7 @@ where let keys = peer .handler .uni_channel_received( - &mut peer.eng, + &peer.eng, &UniChannelReceived { parent_cmd_id, author_id: author.user_id, diff --git a/crates/aranya-capi-core/src/internal/conv/mod.rs b/crates/aranya-capi-core/src/internal/conv/mod.rs index 5f46812e..51b336c8 100644 --- a/crates/aranya-capi-core/src/internal/conv/mod.rs +++ b/crates/aranya-capi-core/src/internal/conv/mod.rs @@ -100,7 +100,7 @@ tuple_impls! { A B C D E F G H I J K L M N O P Q R S T U V W X } tuple_impls! { A B C D E F G H I J K L M N O P Q R S T U V W X Y } tuple_impls! { A B C D E F G H I J K L M N O P Q R S T U V W X Y Z } -impl<'a, T> TryFromFfi for &'a T { +impl TryFromFfi for &T { type Ffi = *const T; type Error = InvalidPtr; unsafe fn try_from_ffi(val: Self::Ffi) -> Result { diff --git a/crates/aranya-crypto-ffi/src/ffi.rs b/crates/aranya-crypto-ffi/src/ffi.rs index d6fa671c..417c83cd 100644 --- a/crates/aranya-crypto-ffi/src/ffi.rs +++ b/crates/aranya-crypto-ffi/src/ffi.rs @@ -112,7 +112,7 @@ function sign( pub(crate) fn sign( &self, ctx: &CommandContext<'_>, - eng: &mut E, + eng: &E, our_sign_sk_id: Id, command_bytes: Vec, ) -> Result { @@ -155,7 +155,7 @@ function verify( pub(crate) fn verify( &self, ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, author_sign_pk: Vec, parent_id: Id, command_bytes: Vec, diff --git a/crates/aranya-crypto-ffi/src/testing.rs b/crates/aranya-crypto-ffi/src/testing.rs index 29261333..56f2299b 100644 --- a/crates/aranya-crypto-ffi/src/testing.rs +++ b/crates/aranya-crypto-ffi/src/testing.rs @@ -80,9 +80,9 @@ where const OPEN_CTX: CommandContext<'static> = CommandContext::Open(OpenContext { name: "dummy" }); /// Test that we can verify valid signatures. - pub fn test_sign_verify(mut eng: E, mut store: S) { + pub fn test_sign_verify(eng: E, mut store: S) { let (sk, pk) = { - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); let pk = postcard::to_allocvec(&sk.public().expect("verifying key should be valid")) .expect("should be able to encode `VerifyingKey`"); let wrapped = eng @@ -98,7 +98,7 @@ where }; let ffi = Ffi::new(store); - let command = postcard::to_allocvec(&Command::random(&mut eng)) + let command = postcard::to_allocvec(&Command::random(&eng)) .expect("should be able to encode `Command`"); let Signed { signature, @@ -106,7 +106,7 @@ where } = ffi .sign( &Self::SEAL_CTX, - &mut eng, + &eng, sk.id().expect("signing key ID should be valid").into_id(), command.clone(), ) @@ -114,7 +114,7 @@ where let got = ffi .verify( &Self::OPEN_CTX, - &mut eng, + &eng, pk, Id::default(), command.clone(), @@ -127,9 +127,9 @@ where /// Test that we reject signatures that have been tampered /// with. - pub fn test_verify_reject_modified_sig(mut eng: E, mut store: S) { + pub fn test_verify_reject_modified_sig(eng: E, mut store: S) { let (sk, pk) = { - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); let pk = postcard::to_allocvec(&sk.public().expect("verifying key should be valid")) .expect("should be able to encode `VerifyingKey`"); let wrapped = eng @@ -145,7 +145,7 @@ where }; let ffi = Ffi::new(store); - let command = postcard::to_allocvec(&Command::random(&mut eng)) + let command = postcard::to_allocvec(&Command::random(&eng)) .expect("should be able to encode `Command`"); let Signed { mut signature, @@ -153,7 +153,7 @@ where } = ffi .sign( &Self::SEAL_CTX, - &mut eng, + &eng, sk.id().expect("signing key ID should be valid").into_id(), command.clone(), ) @@ -168,7 +168,7 @@ where // could be a failure because `sig` is malformed. ffi.verify( &Self::OPEN_CTX, - &mut eng, + &eng, pk, Id::default(), command, @@ -180,9 +180,9 @@ where /// Test that we reject signatures that were not over the /// command (or where the command was modified). - pub fn test_verify_reject_modified_command(mut eng: E, mut store: S) { + pub fn test_verify_reject_modified_command(eng: E, mut store: S) { let (sk, pk) = { - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); let pk = postcard::to_allocvec(&sk.public().expect("verifying key should be valid")) .expect("should be able to encode `VerifyingKey`"); let wrapped = eng @@ -198,7 +198,7 @@ where }; let ffi = Ffi::new(store); - let mut command = postcard::to_allocvec(&Command::random(&mut eng)) + let mut command = postcard::to_allocvec(&Command::random(&eng)) .expect("should be able to encode `Command`"); let Signed { signature, @@ -206,7 +206,7 @@ where } = ffi .sign( &Self::SEAL_CTX, - &mut eng, + &eng, sk.id().expect("signing key ID should be valid").into_id(), command.clone(), ) @@ -219,7 +219,7 @@ where let err = ffi .verify( &Self::OPEN_CTX, - &mut eng, + &eng, pk, Id::default(), command, @@ -236,7 +236,7 @@ where /// Test that we reject signatures created with a different /// command name. - pub fn test_verify_reject_different_cmd_name(mut eng: E, mut store: S) { + pub fn test_verify_reject_different_cmd_name(eng: E, mut store: S) { const SEAL_CTX: CommandContext<'static> = CommandContext::Seal(SealContext { name: "foo", head_id: Id::default(), @@ -245,7 +245,7 @@ where const OPEN_CTX: CommandContext<'static> = CommandContext::Open(OpenContext { name: "bar" }); let (sk, pk) = { - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); let pk = postcard::to_allocvec(&sk.public().expect("verifying key should be valid")) .expect("should be able to encode `VerifyingKey`"); let wrapped = eng @@ -261,7 +261,7 @@ where }; let ffi = Ffi::new(store); - let command = postcard::to_allocvec(&Command::random(&mut eng)) + let command = postcard::to_allocvec(&Command::random(&eng)) .expect("should be able to encode `Command`"); let Signed { signature, @@ -269,7 +269,7 @@ where } = ffi .sign( &SEAL_CTX, - &mut eng, + &eng, sk.id().expect("signing key ID should be valid").into_id(), command.clone(), ) @@ -278,7 +278,7 @@ where let err = ffi .verify( &OPEN_CTX, - &mut eng, + &eng, pk, Id::default(), command, @@ -295,9 +295,9 @@ where /// Test that we reject signatures created with a different /// parent command ID. - pub fn test_verify_reject_different_parent_cmd_id(mut eng: E, mut store: S) { + pub fn test_verify_reject_different_parent_cmd_id(eng: E, mut store: S) { let (sk, pk) = { - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); let pk = postcard::to_allocvec(&sk.public().expect("verifying key should be valid")) .expect("should be able to encode `VerifyingKey`"); let wrapped = eng @@ -313,12 +313,12 @@ where }; let ffi = Ffi::new(store); - let command = postcard::to_allocvec(&Command::random(&mut eng)) + let command = postcard::to_allocvec(&Command::random(&eng)) .expect("should be able to encode `Command`"); let seal_ctx = CommandContext::Seal(SealContext { name: "dummy", - head_id: Id::random(&mut eng), + head_id: Id::random(&eng), }); let Signed { signature, @@ -326,7 +326,7 @@ where } = ffi .sign( &seal_ctx, - &mut eng, + &eng, sk.id().expect("signing key ID should be valid").into_id(), command.clone(), ) @@ -336,7 +336,7 @@ where let err = ffi .verify( &open_ctx, - &mut eng, + &eng, pk, Id::default(), command, @@ -353,12 +353,12 @@ where /// Test that we reject signatures created with a different /// [`SigningKey`]. - pub fn test_verify_reject_different_signing_key(mut eng: E, mut store: S) { + pub fn test_verify_reject_different_signing_key(eng: E, mut store: S) { let (sk, pk) = { - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); let pk = { // NB: different `SigningKey`. - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); postcard::to_allocvec(&sk.public().expect("verifying key should be valid")) .expect("should be able to encode `VerifyingKey`") }; @@ -375,7 +375,7 @@ where }; let ffi = Ffi::new(store); - let command = postcard::to_allocvec(&Command::random(&mut eng)) + let command = postcard::to_allocvec(&Command::random(&eng)) .expect("should be able to encode `Command`"); let Signed { signature, @@ -383,7 +383,7 @@ where } = ffi .sign( &Self::SEAL_CTX, - &mut eng, + &eng, sk.id().expect("signing key ID should be valid").into_id(), command.clone(), ) @@ -391,7 +391,7 @@ where let err = ffi .verify( &Self::OPEN_CTX, - &mut eng, + &eng, pk, Id::default(), command, @@ -408,9 +408,9 @@ where /// Test that `seal` returns an error when called outside /// of a `seal` block. - pub fn test_seal_reject_wrong_context(mut eng: E, mut store: S) { + pub fn test_seal_reject_wrong_context(eng: E, mut store: S) { let sk = { - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); let wrapped = eng .wrap(sk.clone()) .expect("should be able to wrap `SigningKey`"); @@ -424,7 +424,7 @@ where }; let ffi = Ffi::new(store); - let command = postcard::to_allocvec(&Command::random(&mut eng)) + let command = postcard::to_allocvec(&Command::random(&eng)) .expect("should be able to encode `Command`"); for ctx in &[ @@ -449,7 +449,7 @@ where let err = ffi .sign( ctx, - &mut eng, + &eng, sk.id().expect("signing key ID should be valid").into_id(), command.clone(), ) @@ -461,9 +461,9 @@ where /// Test that `verify` returns an error when called outside /// of an `open` block. - pub fn test_verify_reject_wrong_context(mut eng: E, mut store: S) { + pub fn test_verify_reject_wrong_context(eng: E, mut store: S) { let (sk, pk) = { - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); let pk = postcard::to_allocvec(&sk.public().expect("verifying key should be valid")) .expect("should be able to encode `VerifyingKey`"); let wrapped = eng @@ -479,7 +479,7 @@ where }; let ffi = Ffi::new(store); - let command = postcard::to_allocvec(&Command::random(&mut eng)) + let command = postcard::to_allocvec(&Command::random(&eng)) .expect("should be able to encode `Command`"); let Signed { signature, @@ -487,7 +487,7 @@ where } = ffi .sign( &Self::SEAL_CTX, - &mut eng, + &eng, sk.id().expect("signing key ID should be valid").into_id(), command.clone(), ) @@ -518,7 +518,7 @@ where let err = ffi .verify( ctx, - &mut eng, + &eng, pk.clone(), Id::default(), command.clone(), @@ -536,7 +536,7 @@ where struct Command([u8; 32]); impl Random for Command { - fn random(rng: &mut R) -> Self { + fn random(rng: &R) -> Self { Self(Random::random(rng)) } } diff --git a/crates/aranya-crypto/Cargo.toml b/crates/aranya-crypto/Cargo.toml index 5278f99c..707a7915 100644 --- a/crates/aranya-crypto/Cargo.toml +++ b/crates/aranya-crypto/Cargo.toml @@ -35,6 +35,7 @@ alloc = [ # Enable BearSSL. bearssl = [ "dep:aranya-bearssl-sys", + "dep:spin", ] # Enable committing AEAD implementations. diff --git a/crates/aranya-crypto/examples/hsm/hsm.rs b/crates/aranya-crypto/examples/hsm/hsm.rs index e7770981..76a037ff 100644 --- a/crates/aranya-crypto/examples/hsm/hsm.rs +++ b/crates/aranya-crypto/examples/hsm/hsm.rs @@ -61,7 +61,7 @@ impl Hsm { static HSM: OnceLock> = OnceLock::new(); HSM.get_or_init(|| { RwLock::new(Self { - aead: Aes256Gcm::new(&Random::random(&mut Rng)), + aead: Aes256Gcm::new(&Random::random(&Rng)), keys: Default::default(), }) }) @@ -91,7 +91,7 @@ impl Hsm { // A random nonce is fine for this example. In practice, // you would probably want to ensure that you never // repeat nonces. - let nonce = Nonce::<_>::random(&mut Rng); + let nonce = Nonce::<_>::random(&Rng); // Bind the ciphertext to the (alias, context) tuple. let ad = postcard::to_allocvec(&AuthData { alias, context }) @@ -166,7 +166,7 @@ impl Hsm { /// Creates a new `SigningKey`. pub fn new_signing_key(&mut self) -> KeyId { - let sk = SigningKey::new(&mut Rng); + let sk = SigningKey::new(&Rng); let id = Self::signer_key_id(&SigningKey::public(&sk)); self.keys.insert(id, HsmKey::Signing(sk)); id diff --git a/crates/aranya-crypto/examples/hsm/main.rs b/crates/aranya-crypto/examples/hsm/main.rs index c7dc117f..81fdfe96 100644 --- a/crates/aranya-crypto/examples/hsm/main.rs +++ b/crates/aranya-crypto/examples/hsm/main.rs @@ -53,7 +53,7 @@ impl Default for HsmEngine { } impl Csprng for HsmEngine { - fn fill_bytes(&mut self, dst: &mut [u8]) { + fn fill_bytes(&self, dst: &mut [u8]) { Rng.fill_bytes(dst) } } @@ -80,7 +80,7 @@ impl Engine for HsmEngine { impl RawSecretWrap for HsmEngine { fn wrap_secret( - &mut self, + &self, id: &::Id, secret: RawSecret, ) -> Result<::WrappedKey, WrapError> @@ -308,7 +308,7 @@ impl SigningKey for HsmSigningKey { impl SecretKey for HsmSigningKey { type Size = ::Size; - fn new(_rng: &mut R) -> Self { + fn new(_rng: &R) -> Self { let key_id = Hsm::write().new_signing_key(); Self(key_id) } diff --git a/crates/aranya-crypto/src/aead.rs b/crates/aranya-crypto/src/aead.rs index fed8e019..ea57f808 100644 --- a/crates/aranya-crypto/src/aead.rs +++ b/crates/aranya-crypto/src/aead.rs @@ -780,7 +780,7 @@ impl ConstantTimeEq for Nonce { } impl Random for Nonce { - fn random(rng: &mut R) -> Self { + fn random(rng: &R) -> Self { Self(Random::random(rng)) } } diff --git a/crates/aranya-crypto/src/afc/bidi.rs b/crates/aranya-crypto/src/afc/bidi.rs index 9c8d322d..dc1a5b6e 100644 --- a/crates/aranya-crypto/src/afc/bidi.rs +++ b/crates/aranya-crypto/src/afc/bidi.rs @@ -89,16 +89,16 @@ use crate::{ /// } /// /// type E = DefaultEngine; -/// let (mut eng, _) = E::from_entropy(Rng); +/// let (eng, _) = E::from_entropy(Rng); /// -/// let parent_cmd_id = Id::random(&mut eng); +/// let parent_cmd_id = Id::random(&eng); /// let label = 42u32; /// -/// let user1_sk = EncryptionKey::<::CS>::new(&mut eng); -/// let user1_id = IdentityKey::<::CS>::new(&mut eng).id().expect("user1 ID should be valid"); +/// let user1_sk = EncryptionKey::<::CS>::new(&eng); +/// let user1_id = IdentityKey::<::CS>::new(&eng).id().expect("user1 ID should be valid"); /// -/// let user2_sk = EncryptionKey::<::CS>::new(&mut eng); -/// let user2_id = IdentityKey::<::CS>::new(&mut eng).id().expect("user2 ID should be valid"); +/// let user2_sk = EncryptionKey::<::CS>::new(&eng); +/// let user2_id = IdentityKey::<::CS>::new(&eng).id().expect("user2 ID should be valid"); /// /// // user1 creates the channel keys and sends the encapsulation /// // to user2... @@ -110,7 +110,7 @@ use crate::{ /// their_id: user2_id, /// label, /// }; -/// let BidiSecrets { author, peer } = BidiSecrets::new(&mut eng, &user1_ch) +/// let BidiSecrets { author, peer } = BidiSecrets::new(&eng, &user1_ch) /// .expect("unable to create `BidiSecrets`"); /// let mut user1 = Keys::from_author(&user1_ch, author); /// @@ -276,7 +276,7 @@ pub struct BidiSecrets { impl BidiSecrets { /// Creates a new set of encapsulated secrets for the /// bidirectional channel. - pub fn new>(eng: &mut E, ch: &BidiChannel<'_, CS>) -> Result { + pub fn new>(eng: &E, ch: &BidiChannel<'_, CS>) -> Result { // Only the channel author calls this function. let author_id = ch.our_id; let author_sk = ch.our_sk; @@ -439,21 +439,21 @@ mod tests { fn test_info_positive() { type E = DefaultEngine; type CS = DefaultCipherSuite; - let (mut eng, _) = E::from_entropy(Rng); - let parent_cmd_id = Id::random(&mut eng); - let sk1 = EncryptionKey::::new(&mut eng); - let sk2 = EncryptionKey::::new(&mut eng); + let (eng, _) = E::from_entropy(Rng); + let parent_cmd_id = Id::random(&eng); + let sk1 = EncryptionKey::::new(&eng); + let sk2 = EncryptionKey::::new(&eng); let label = 123; let ch1 = BidiChannel { parent_cmd_id, our_sk: &sk1, - our_id: IdentityKey::::new(&mut eng) + our_id: IdentityKey::::new(&eng) .id() .expect("sender ID should be valid"), their_pk: &sk2 .public() .expect("receiver encryption public key should be valid"), - their_id: IdentityKey::::new(&mut eng) + their_id: IdentityKey::::new(&eng) .id() .expect("receiver ID should be valid"), label, @@ -476,15 +476,15 @@ mod tests { fn test_info_negative() { type E = DefaultEngine; type CS = DefaultCipherSuite; - let (mut eng, _) = E::from_entropy(Rng); + let (eng, _) = E::from_entropy(Rng); - let sk1 = EncryptionKey::::new(&mut eng); - let user1_id = IdentityKey::::new(&mut eng) + let sk1 = EncryptionKey::::new(&eng); + let user1_id = IdentityKey::::new(&eng) .id() .expect("user1 ID should be valid"); - let sk2 = EncryptionKey::::new(&mut eng); - let user2_id = IdentityKey::::new(&mut eng) + let sk2 = EncryptionKey::::new(&eng); + let user2_id = IdentityKey::::new(&eng) .id() .expect("user2 Id should be valid"); @@ -494,7 +494,7 @@ mod tests { ( "different parent_cmd_id", BidiChannel { - parent_cmd_id: Id::random(&mut eng), + parent_cmd_id: Id::random(&eng), our_sk: &sk1, our_id: user1_id, their_pk: &sk2 @@ -504,7 +504,7 @@ mod tests { label, }, BidiChannel { - parent_cmd_id: Id::random(&mut eng), + parent_cmd_id: Id::random(&eng), our_sk: &sk2, our_id: user2_id, their_pk: &sk1 @@ -517,7 +517,7 @@ mod tests { ( "different our_id", BidiChannel { - parent_cmd_id: Id::random(&mut eng), + parent_cmd_id: Id::random(&eng), our_sk: &sk1, our_id: user1_id, their_pk: &sk2 @@ -527,9 +527,9 @@ mod tests { label, }, BidiChannel { - parent_cmd_id: Id::random(&mut eng), + parent_cmd_id: Id::random(&eng), our_sk: &sk2, - our_id: IdentityKey::::new(&mut eng) + our_id: IdentityKey::::new(&eng) .id() .expect("sender ID should be valid"), their_pk: &sk1 @@ -542,7 +542,7 @@ mod tests { ( "different their_id", BidiChannel { - parent_cmd_id: Id::random(&mut eng), + parent_cmd_id: Id::random(&eng), our_sk: &sk1, our_id: user1_id, their_pk: &sk2 @@ -552,13 +552,13 @@ mod tests { label, }, BidiChannel { - parent_cmd_id: Id::random(&mut eng), + parent_cmd_id: Id::random(&eng), our_sk: &sk2, our_id: user2_id, their_pk: &sk1 .public() .expect("receiver encryption public key should be valid"), - their_id: IdentityKey::::new(&mut eng) + their_id: IdentityKey::::new(&eng) .id() .expect("receiver ID should be valid"), label, @@ -567,7 +567,7 @@ mod tests { ( "different label", BidiChannel { - parent_cmd_id: Id::random(&mut eng), + parent_cmd_id: Id::random(&eng), our_sk: &sk1, our_id: user1_id, their_pk: &sk2 @@ -577,7 +577,7 @@ mod tests { label: 123, }, BidiChannel { - parent_cmd_id: Id::random(&mut eng), + parent_cmd_id: Id::random(&eng), our_sk: &sk2, our_id: user2_id, their_pk: &sk1 diff --git a/crates/aranya-crypto/src/afc/shared.rs b/crates/aranya-crypto/src/afc/shared.rs index 88bc2eb6..cfe358f9 100644 --- a/crates/aranya-crypto/src/afc/shared.rs +++ b/crates/aranya-crypto/src/afc/shared.rs @@ -40,13 +40,13 @@ impl ConstantTimeEq for RootChannelKey { } impl Random for RootChannelKey { - fn random(rng: &mut R) -> Self { + fn random(rng: &R) -> Self { Self(<::DecapKey as SecretKey>::new(rng)) } } impl SecretKey for RootChannelKey { - fn new(rng: &mut R) -> Self { + fn new(rng: &R) -> Self { Random::random(rng) } @@ -106,7 +106,7 @@ macro_rules! raw_key { } impl $crate::csprng::Random for $name { - fn random(rng: &mut R) -> Self { + fn random(rng: &R) -> Self { Self { key: $crate::csprng::Random::random(rng), base_nonce: $crate::csprng::Random::random(rng), diff --git a/crates/aranya-crypto/src/afc/uni.rs b/crates/aranya-crypto/src/afc/uni.rs index eeee120a..399df0a4 100644 --- a/crates/aranya-crypto/src/afc/uni.rs +++ b/crates/aranya-crypto/src/afc/uni.rs @@ -80,16 +80,16 @@ use crate::{ /// } /// /// type E = DefaultEngine; -/// let (mut eng, _) = E::from_entropy(Rng); +/// let (eng, _) = E::from_entropy(Rng); /// -/// let parent_cmd_id = Id::random(&mut eng); +/// let parent_cmd_id = Id::random(&eng); /// let label = 42u32; /// -/// let user1_sk = EncryptionKey::<::CS>::new(&mut eng); -/// let user1_id = IdentityKey::<::CS>::new(&mut eng).id().expect("user1 ID should be valid"); +/// let user1_sk = EncryptionKey::<::CS>::new(&eng); +/// let user1_id = IdentityKey::<::CS>::new(&eng).id().expect("user1 ID should be valid"); /// -/// let user2_sk = EncryptionKey::<::CS>::new(&mut eng); -/// let user2_id = IdentityKey::<::CS>::new(&mut eng).id().expect("user2 ID should be valid"); +/// let user2_sk = EncryptionKey::<::CS>::new(&eng); +/// let user2_id = IdentityKey::<::CS>::new(&eng).id().expect("user2 ID should be valid"); /// /// // user1 creates the channel keys and sends the encapsulation /// // to user2... @@ -101,7 +101,7 @@ use crate::{ /// open_id: user2_id, /// label, /// }; -/// let UniSecrets { author, peer } = UniSecrets::new(&mut eng, &user1_ch) +/// let UniSecrets { author, peer } = UniSecrets::new(&eng, &user1_ch) /// .expect("unable to create `UniSecrets`"); /// let mut user1 = key_from_author(&user1_ch, author); /// @@ -247,7 +247,7 @@ pub struct UniSecrets { impl UniSecrets { /// Creates a new set of encapsulated secrets for the /// unidirectional channel. - pub fn new>(eng: &mut E, ch: &UniChannel<'_, CS>) -> Result { + pub fn new>(eng: &E, ch: &UniChannel<'_, CS>) -> Result { // Only the channel author calls this function. let author_sk = ch.our_sk; let peer_pk = ch.their_pk; diff --git a/crates/aranya-crypto/src/apq.rs b/crates/aranya-crypto/src/apq.rs index 56af2d8a..4957435c 100644 --- a/crates/aranya-crypto/src/apq.rs +++ b/crates/aranya-crypto/src/apq.rs @@ -155,7 +155,7 @@ impl Clone for TopicKey { impl TopicKey { /// Creates a new, random `TopicKey`. - pub fn new(rng: &mut R, version: Version, topic: &Topic) -> Result { + pub fn new(rng: &R, version: Version, topic: &Topic) -> Result { Self::from_seed(Random::random(rng), version, topic) } @@ -221,19 +221,19 @@ impl TopicKey { /// const MESSAGE: &[u8] = b"hello, world!"; /// /// let ident = Sender { - /// enc_key: &SenderSecretKey::::new(&mut Rng) + /// enc_key: &SenderSecretKey::::new(&Rng) /// .public().expect("sender encryption key should be valid"), - /// sign_key: &SenderSigningKey::::new(&mut Rng) + /// sign_key: &SenderSigningKey::::new(&Rng) /// .public().expect("sender signing key should be valid"), /// }; /// - /// let key = TopicKey::new(&mut Rng, VERSION, &topic) + /// let key = TopicKey::new(&Rng, VERSION, &topic) /// .expect("should not fail"); /// /// let ciphertext = { /// let mut dst = vec![0u8; MESSAGE.len() + key.overhead()]; /// key.seal_message( - /// &mut Rng, + /// &Rng, /// &mut dst, /// MESSAGE, /// VERSION, @@ -258,7 +258,7 @@ impl TopicKey { /// ``` pub fn seal_message( &self, - rng: &mut R, + rng: &R, dst: &mut [u8], plaintext: &[u8], version: Version, @@ -374,7 +374,7 @@ key_misc!(SenderSigningKey, SenderVerifyingKey, SenderSigningKeyId); impl SenderSigningKey { /// Creates a `SenderSigningKey`. - pub fn new(rng: &mut R) -> Self { + pub fn new(rng: &R) -> Self { let sk = ::SigningKey::new(rng); SenderSigningKey(sk) } @@ -399,7 +399,7 @@ impl SenderSigningKey { /// let topic = Topic::new("SomeTopic"); /// const RECORD: &[u8] = b"an encoded record"; /// - /// let sk = SenderSigningKey::::new(&mut Rng); + /// let sk = SenderSigningKey::::new(&Rng); /// /// let sig = sk.sign(VERSION, &topic, RECORD) /// .expect("should not fail"); @@ -502,7 +502,7 @@ key_misc!(SenderSecretKey, SenderPublicKey, SenderKeyId); impl SenderSecretKey { /// Creates a `SenderSecretKey`. - pub fn new(rng: &mut R) -> Self { + pub fn new(rng: &R) -> Self { let sk = ::DecapKey::new(rng); SenderSecretKey(sk) } @@ -529,7 +529,7 @@ key_misc!(ReceiverSecretKey, ReceiverPublicKey, ReceiverKeyId); impl ReceiverSecretKey { /// Creates a `ReceiverSecretKey`. - pub fn new(rng: &mut R) -> Self { + pub fn new(rng: &R) -> Self { let sk = ::DecapKey::new(rng); ReceiverSecretKey(sk) } @@ -623,17 +623,17 @@ impl ReceiverPublicKey { /// const VERSION: Version = Version::new(1); /// let topic = Topic::new("SomeTopic"); /// - /// let send_sk = SenderSecretKey::::new(&mut Rng); + /// let send_sk = SenderSecretKey::::new(&Rng); /// let send_pk = send_sk.public().expect("sender public key should be valid"); - /// let recv_sk = ReceiverSecretKey::::new(&mut Rng); + /// let recv_sk = ReceiverSecretKey::::new(&Rng); /// let recv_pk = recv_sk.public().expect("receiver public key should be valid"); /// - /// let key = TopicKey::new(&mut Rng, VERSION, &topic) + /// let key = TopicKey::new(&Rng, VERSION, &topic) /// .expect("should not fail"); /// /// // The sender encrypts... /// let (enc, mut ciphertext) = recv_pk.seal_topic_key( - /// &mut Rng, + /// &Rng, /// VERSION, /// &topic, /// &send_sk, @@ -670,7 +670,7 @@ impl ReceiverPublicKey { /// ``` pub fn seal_topic_key( &self, - rng: &mut R, + rng: &R, version: Version, topic: &Topic, sk: &SenderSecretKey, diff --git a/crates/aranya-crypto/src/aranya.rs b/crates/aranya-crypto/src/aranya.rs index 9fb459ec..b070b7ad 100644 --- a/crates/aranya-crypto/src/aranya.rs +++ b/crates/aranya-crypto/src/aranya.rs @@ -109,7 +109,7 @@ key_misc!(IdentityKey, IdentityVerifyingKey, UserId); impl IdentityKey { /// Creates an `IdentityKey`. - pub fn new(rng: &mut R) -> Self { + pub fn new(rng: &R) -> Self { let sk = ::SigningKey::new(rng); IdentityKey(sk) } @@ -132,7 +132,7 @@ impl IdentityKey { /// Rng, /// }; /// - /// let sk = IdentityKey::::new(&mut Rng); + /// let sk = IdentityKey::::new(&Rng); /// /// const MESSAGE: &[u8] = b"hello, world!"; /// const CONTEXT: &[u8] = b"doc test"; @@ -212,7 +212,7 @@ key_misc!(SigningKey, VerifyingKey, SigningKeyId); impl SigningKey { /// Creates a `SigningKey`. - pub fn new(rng: &mut R) -> Self { + pub fn new(rng: &R) -> Self { let sk = ::SigningKey::new(rng); SigningKey(sk) } @@ -235,7 +235,7 @@ impl SigningKey { /// SigningKey, /// }; /// - /// let sk = SigningKey::::new(&mut Rng); + /// let sk = SigningKey::::new(&Rng); /// /// const MESSAGE: &[u8] = b"hello, world!"; /// const CONTEXT: &[u8] = b"doc test"; @@ -291,11 +291,11 @@ impl SigningKey { /// SigningKey, /// }; /// - /// let sk = SigningKey::::new(&mut Rng); + /// let sk = SigningKey::::new(&Rng); /// /// let data = b"... some command data ..."; /// let name = "AddUser"; - /// let parent_id = &Id::random(&mut Rng); + /// let parent_id = &Id::random(&Rng); /// /// let good_cmd = Cmd { data, name, parent_id }; /// let (sig, _) = sk.sign_cmd(good_cmd) @@ -314,7 +314,7 @@ impl SigningKey { /// let wrong_id_cmd = Cmd { /// data, /// name, - /// parent_id: &Id::random(&mut Rng), + /// parent_id: &Id::random(&Rng), /// }; /// sk.public().expect("signing key should be valid").verify_cmd(wrong_id_cmd, &sig) /// .expect_err("should fail"); @@ -322,7 +322,7 @@ impl SigningKey { /// let wrong_sig_cmd = Cmd { /// data: b"different", /// name: "signature", - /// parent_id: &Id::random(&mut Rng), + /// parent_id: &Id::random(&Rng), /// }; /// let (wrong_sig, _) = sk.sign_cmd(wrong_sig_cmd) /// .expect("should not fail"); @@ -388,7 +388,7 @@ key_misc!(EncryptionKey, EncryptionPublicKey, EncryptionKeyId); impl EncryptionKey { /// Creates a user's `EncryptionKey`. - pub fn new(rng: &mut R) -> Self { + pub fn new(rng: &R) -> Self { let sk = ::DecapKey::new(rng); EncryptionKey(sk) } @@ -441,7 +441,7 @@ impl EncryptionPublicKey { /// of the [`EncryptionPublicKey`]. pub fn seal_group_key( &self, - rng: &mut R, + rng: &R, key: &GroupKey, group: Id, ) -> Result<(Encap, EncryptedGroupKey), Error> { diff --git a/crates/aranya-crypto/src/bearssl.rs b/crates/aranya-crypto/src/bearssl.rs index 054c8aac..87799577 100644 --- a/crates/aranya-crypto/src/bearssl.rs +++ b/crates/aranya-crypto/src/bearssl.rs @@ -410,7 +410,7 @@ macro_rules! ecdh_impl { } impl SecretKey for $sk { - fn new(rng: &mut R) -> Self { + fn new(rng: &R) -> Self { // We don't know what `rng` is, so construct our // own. let mut rng = RngWrapper::new(rng); @@ -711,7 +711,7 @@ macro_rules! ecdsa_impl { impl SecretKey for $sk { #[inline] - fn new(rng: &mut R) -> Self { + fn new(rng: &R) -> Self { // We don't know what `rng` is, so construct our // own. let mut rng = RngWrapper::new(rng); @@ -1056,7 +1056,7 @@ hmac_impl!(HmacSha384, "HMAC-SHA384", Sha384); hmac_impl!(HmacSha512, "HMAC-SHA512", Sha512); /// A `HMAC_DRBG`-based CSPRNG. -pub struct HmacDrbg(br_hmac_drbg_context); +pub struct HmacDrbg(spin::Mutex); impl HmacDrbg { /// Creates a CSPRNG from a cryptographically secure seed. @@ -1071,11 +1071,11 @@ impl HmacDrbg { seed.len(), ); } - Self(ctx) + Self(spin::Mutex::new(ctx)) } /// Creates a CSPRNG seeded with entropy from `rng`. - pub fn from_rng(rng: &mut R) -> Self { + pub fn from_rng(rng: &R) -> Self { let mut seed = [0u8; 64]; rng.fill_bytes(&mut seed); HmacDrbg::new(seed) @@ -1083,7 +1083,7 @@ impl HmacDrbg { } impl Csprng for HmacDrbg { - fn fill_bytes(&mut self, mut dst: &mut [u8]) { + fn fill_bytes(&self, mut dst: &mut [u8]) { // Max number of bytes that can be requested from // a `HMAC_DRBG` per request. const MAX: usize = 1 << 16; @@ -1091,12 +1091,15 @@ impl Csprng for HmacDrbg { while !dst.is_empty() { let n = cmp::min(dst.len(), MAX); // SAFETY: FFI call, no invariants - unsafe { - br_hmac_drbg_generate( - ptr::addr_of_mut!(self.0), - dst.as_mut_ptr() as *mut c_void, - n, - ); + { + let mut ctx = self.0.lock(); + unsafe { + br_hmac_drbg_generate( + ptr::addr_of_mut!(*ctx), + dst.as_mut_ptr() as *mut c_void, + n, + ); + } } dst = &mut dst[n..]; } @@ -1164,11 +1167,11 @@ struct RngWrapper<'a> { // NB: field order matters! Do not change the ordering. See // the comment in `rng_wrapper_generate`. vtable: *const br_prng_class, - rng: &'a mut dyn Csprng, + rng: &'a dyn Csprng, } impl<'a> RngWrapper<'a> { - fn new(rng: &'a mut dyn Csprng) -> Self { + fn new(rng: &'a dyn Csprng) -> Self { let vtable = ptr::addr_of!(RNG_WRAPPER_VTABLE); RngWrapper { vtable, rng } } diff --git a/crates/aranya-crypto/src/csprng.rs b/crates/aranya-crypto/src/csprng.rs index 566d89f0..47287373 100644 --- a/crates/aranya-crypto/src/csprng.rs +++ b/crates/aranya-crypto/src/csprng.rs @@ -26,7 +26,7 @@ pub trait Csprng { /// /// If the underlying CSPRNG encounters a fatal error, it /// must immediately panic or abort the program. - fn fill_bytes(&mut self, dst: &mut [u8]); + fn fill_bytes(&self, dst: &mut [u8]); /// Returns a fixed-number of cryptographically secure, /// pseudorandom bytes. @@ -35,7 +35,7 @@ pub trait Csprng { /// /// Once (if) `const_generic_exprs` is stabilized, `T` will /// become `const N: usize`. - fn bytes + Default>(&mut self) -> T + fn bytes + Default>(&self) -> T where Self: Sized, { @@ -45,8 +45,8 @@ pub trait Csprng { } } -impl Csprng for &mut R { - fn fill_bytes(&mut self, dst: &mut [u8]) { +impl Csprng for &R { + fn fill_bytes(&self, dst: &mut [u8]) { (**self).fill_bytes(dst) } } @@ -54,24 +54,25 @@ impl Csprng for &mut R { #[cfg(feature = "getrandom")] #[cfg_attr(docsrs, doc(cfg(feature = "getrandom")))] impl Csprng for rand_core::OsRng { - fn fill_bytes(&mut self, dst: &mut [u8]) { - rand_core::RngCore::fill_bytes(self, dst) + fn fill_bytes(&self, dst: &mut [u8]) { + rand_core::RngCore::fill_bytes(&mut { *self }, dst) } } #[cfg(feature = "std")] #[cfg_attr(docsrs, doc(cfg(feature = "std")))] impl Csprng for rand::rngs::ThreadRng { - fn fill_bytes(&mut self, dst: &mut [u8]) { - rand_core::RngCore::fill_bytes(self, dst) + fn fill_bytes(&self, dst: &mut [u8]) { + // NB: Clones an `Rc` + rand_core::RngCore::fill_bytes(&mut self.clone(), dst) } } #[cfg(feature = "rand_compat")] -impl rand_core::CryptoRng for &mut dyn Csprng {} +impl rand_core::CryptoRng for &dyn Csprng {} #[cfg(feature = "rand_compat")] -impl rand_core::RngCore for &mut dyn Csprng { +impl rand_core::RngCore for &dyn Csprng { fn next_u32(&mut self) -> u32 { rand_core::impls::next_u32_via_fill(self) } @@ -93,11 +94,11 @@ impl rand_core::RngCore for &mut dyn Csprng { /// Implemented by types that can generate random instances. pub trait Random { /// Generates a random instance of itself. - fn random(rng: &mut R) -> Self; + fn random(rng: &R) -> Self; } impl Random for GenericArray { - fn random(rng: &mut R) -> Self { + fn random(rng: &R) -> Self { let mut v = Self::default(); rng.fill_bytes(&mut v); v @@ -105,7 +106,7 @@ impl Random for GenericArray { } impl Random for [u8; N] { - fn random(rng: &mut R) -> Self { + fn random(rng: &R) -> Self { let mut v = [0u8; N]; rng.fill_bytes(&mut v); v @@ -116,7 +117,7 @@ macro_rules! rand_int_impl { ($($name:ty)* $(,)?) => { $( impl $crate::Random for $name { - fn random(rng: &mut R) -> Self { + fn random(rng: &R) -> Self { let mut v = [0u8; ::core::mem::size_of::<$name>()]; rng.fill_bytes(&mut v); <$name>::from_le_bytes(v) @@ -172,20 +173,13 @@ pub(crate) mod trng { } impl Csprng for ThreadRng { - fn fill_bytes(&mut self, dst: &mut [u8]) { + fn fill_bytes(&self, dst: &mut [u8]) { let key = self.key.get(); let (mut rng, next) = AesCtrCsprng::new(key); self.key.set(next); rng.fill_bytes(dst) } } - - #[cfg(test)] - impl AsMut for ThreadRng { - fn as_mut(&mut self) -> &mut Self { - self - } - } } // Otherwise, use a single global static with internal @@ -216,17 +210,10 @@ pub(crate) mod trng { pub struct ThreadRng; impl Csprng for ThreadRng { - fn fill_bytes(&mut self, dst: &mut [u8]) { + fn fill_bytes(&self, dst: &mut [u8]) { next_rng().fill_bytes(dst) } } - - #[cfg(test)] - impl AsMut for ThreadRng { - fn as_mut(&mut self) -> &mut Self { - self - } - } } pub(crate) use inner::thread_rng; @@ -390,15 +377,15 @@ pub(crate) mod trng { #[test] fn test_thread_rng() { - fn get_bytes>(mut rng: R) -> [u8; 4096] { + fn get_bytes(rng: &ThreadRng) -> [u8; 4096] { let mut b = [0u8; 4096]; - rng.as_mut().fill_bytes(&mut b); + rng.fill_bytes(&mut b); b } - let mut rng = thread_rng(); - assert_ne!(get_bytes(&mut rng), get_bytes(&mut rng)); - assert_ne!(get_bytes(thread_rng()), get_bytes(thread_rng())); - assert_ne!(get_bytes(thread_rng()), [0u8; 4096]) + let rng = thread_rng(); + assert_ne!(get_bytes(&rng), get_bytes(&rng)); + assert_ne!(get_bytes(&thread_rng()), get_bytes(&thread_rng())); + assert_ne!(get_bytes(&thread_rng()), [0u8; 4096]) } } } diff --git a/crates/aranya-crypto/src/default.rs b/crates/aranya-crypto/src/default.rs index cdb78fe2..a4b58a24 100644 --- a/crates/aranya-crypto/src/default.rs +++ b/crates/aranya-crypto/src/default.rs @@ -42,6 +42,8 @@ use crate::{ /// extern "C" { /// /// Reads `len` cryptographically secure bytes into /// /// `dst`. +/// /// +/// /// Must be re-entrant. /// fn crypto_getrandom(dst: *mut u8, len: usize); /// } /// ``` @@ -53,9 +55,9 @@ use crate::{ /// # use aranya_crypto::csprng::Csprng; /// use aranya_crypto::Rng; /// -/// fn foo(_rng: &mut R) {} +/// fn foo(_rng: &R) {} /// -/// foo(&mut Rng); +/// foo(&Rng); /// ``` #[derive(Copy, Clone, Debug, Default)] pub struct Rng; @@ -72,7 +74,7 @@ impl Rng { } impl Csprng for Rng { - fn fill_bytes(&mut self, dst: &mut [u8]) { + fn fill_bytes(&self, dst: &mut [u8]) { cfg_if! { if #[cfg(feature = "trng")] { crate::csprng::trng::thread_rng().fill_bytes(dst) @@ -176,15 +178,15 @@ impl DefaultEngine { /// Creates an [`Engine`] using entropy from `rng` and /// returns it and the generated key. - pub fn from_entropy(mut rng: R) -> (Self, ::Key) { - let key = ::Key::new(&mut rng); + pub fn from_entropy(rng: R) -> (Self, ::Key) { + let key = ::Key::new(&rng); let eng = Self::new(&key, rng); (eng, key) } } impl Csprng for DefaultEngine { - fn fill_bytes(&mut self, dst: &mut [u8]) { + fn fill_bytes(&self, dst: &mut [u8]) { self.rng.fill_bytes(dst) } } @@ -210,7 +212,7 @@ impl Engine for DefaultEngine { impl RawSecretWrap for DefaultEngine { fn wrap_secret( - &mut self, + &self, id: &::Id, secret: RawSecret, ) -> Result<::WrappedKey, WrapError> @@ -221,7 +223,7 @@ impl RawSecretWrap for DefaultEngine { let mut tag = Tag::::default(); // TODO(eric): we should probably ensure that we do not // repeat nonces. - let nonce = Nonce::<_>::random(&mut self.rng); + let nonce = Nonce::<_>::random(&self.rng); let ad = postcard::to_vec::<_, { AuthData::POSTCARD_MAX_SIZE }>(&AuthData { eng_id: S::ID, alg_id: T::ID, diff --git a/crates/aranya-crypto/src/ed25519.rs b/crates/aranya-crypto/src/ed25519.rs index 40f77a1e..2ff0cc2c 100644 --- a/crates/aranya-crypto/src/ed25519.rs +++ b/crates/aranya-crypto/src/ed25519.rs @@ -75,7 +75,7 @@ impl signer::SigningKey for SigningKey { impl SecretKey for SigningKey { type Size = U32; - fn new(rng: &mut R) -> Self { + fn new(rng: &R) -> Self { let mut sk = dalek::SecretKey::default(); rng.fill_bytes(&mut sk); Self(dalek::SigningKey::from_bytes(&sk)) diff --git a/crates/aranya-crypto/src/engine.rs b/crates/aranya-crypto/src/engine.rs index 31247d6c..7410db72 100644 --- a/crates/aranya-crypto/src/engine.rs +++ b/crates/aranya-crypto/src/engine.rs @@ -40,7 +40,7 @@ pub trait Engine: Csprng + RawSecretWrap + Sized { type WrappedKey: WrappedKey; /// Encrypts and authenticates an unwrapped key. - fn wrap(&mut self, key: T) -> Result + fn wrap(&self, key: T) -> Result where T: UnwrappedKey, { @@ -122,7 +122,7 @@ pub trait RawSecretWrap { /// This method is used by [`Engine::wrap`] and should not be /// called manually. fn wrap_secret( - &mut self, + &self, id: &::Id, secret: RawSecret, ) -> Result diff --git a/crates/aranya-crypto/src/groupkey.rs b/crates/aranya-crypto/src/groupkey.rs index 65d1157d..67056b78 100644 --- a/crates/aranya-crypto/src/groupkey.rs +++ b/crates/aranya-crypto/src/groupkey.rs @@ -48,7 +48,7 @@ impl Clone for GroupKey { impl GroupKey { /// Creates a new, random `GroupKey`. - pub fn new(rng: &mut R) -> GroupKey { + pub fn new(rng: &R) -> GroupKey { Self::from_seed(Random::random(rng)) } @@ -107,13 +107,13 @@ impl GroupKey { /// const MESSAGE: &[u8] = b"hello, world!"; /// const LABEL: &str = "doc test"; /// const PARENT: Id = Id::default(); - /// let author = SigningKey::::new(&mut Rng).public().expect("signing key should be valid"); + /// let author = SigningKey::::new(&Rng).public().expect("signing key should be valid"); /// - /// let key = GroupKey::new(&mut Rng); + /// let key = GroupKey::new(&Rng); /// /// let ciphertext = { /// let mut dst = vec![0u8; MESSAGE.len() + key.overhead()]; - /// key.seal(&mut Rng, &mut dst, MESSAGE, Context{ + /// key.seal(&Rng, &mut dst, MESSAGE, Context{ /// label: LABEL, /// parent: PARENT, /// author_sign_pk: &author, @@ -134,7 +134,7 @@ impl GroupKey { /// ``` pub fn seal( &self, - rng: &mut R, + rng: &R, dst: &mut [u8], plaintext: &[u8], ctx: Context<'_, CS>, diff --git a/crates/aranya-crypto/src/hpke.rs b/crates/aranya-crypto/src/hpke.rs index 32fc330a..4a4c6160 100644 --- a/crates/aranya-crypto/src/hpke.rs +++ b/crates/aranya-crypto/src/hpke.rs @@ -427,7 +427,7 @@ impl Hpke { /// The `info` parameter provides contextual binding. #[allow(clippy::type_complexity)] pub fn setup_send( - rng: &mut R, + rng: &R, mode: Mode<'_, &K::DecapKey>, pkR: &K::EncapKey, info: &[u8], diff --git a/crates/aranya-crypto/src/id.rs b/crates/aranya-crypto/src/id.rs index 63c488a6..79182839 100644 --- a/crates/aranya-crypto/src/id.rs +++ b/crates/aranya-crypto/src/id.rs @@ -60,7 +60,7 @@ impl Id { } /// Creates a random ID. - pub fn random(rng: &mut R) -> Self { + pub fn random(rng: &R) -> Self { let mut b = [0u8; 64]; rng.fill_bytes(&mut b); Self(b) @@ -257,7 +257,7 @@ macro_rules! custom_id { } /// Creates a random ID. - pub fn random(rng: &mut R) -> Self { + pub fn random(rng: &R) -> Self { Self($crate::Id::random(rng)) } diff --git a/crates/aranya-crypto/src/kem.rs b/crates/aranya-crypto/src/kem.rs index 549d6a68..c0daceef 100644 --- a/crates/aranya-crypto/src/kem.rs +++ b/crates/aranya-crypto/src/kem.rs @@ -116,7 +116,7 @@ pub trait Kem { /// key that can be decrypted by the holder of the private /// half of the public key. fn encap( - rng: &mut R, + rng: &R, pkR: &Self::EncapKey, ) -> Result<(Self::Secret, Self::Encap), KemError>; @@ -151,7 +151,7 @@ pub trait Kem { /// it uses `skS` to encode an assurance that the shared /// secret was generated by the holder of `skS`. fn auth_encap( - rng: &mut R, + rng: &R, pkR: &Self::EncapKey, skS: &Self::DecapKey, ) -> Result<(Self::Secret, Self::Encap), KemError>; @@ -351,7 +351,7 @@ impl DhKem { /// See [`Kem::encap`]. pub fn encap( &self, - rng: &mut R, + rng: &R, pkR: &E::PublicKey, ) -> Result<(Prk, PubKeyData), KemError> { let skE = E::PrivateKey::new(rng); @@ -413,7 +413,7 @@ impl DhKem { /// See [`Kem::auth_encap`]. pub fn auth_encap( &self, - rng: &mut R, + rng: &R, pkR: &E::PublicKey, skS: &E::PrivateKey, ) -> Result<(Prk, PubKeyData), KemError> { @@ -582,7 +582,7 @@ macro_rules! dhkem_impl { type Encap = <$pk as $crate::keys::PublicKey>::Data; fn encap( - rng: &mut R, + rng: &R, pkR: &Self::EncapKey, ) -> ::core::result::Result<(Self::Secret, Self::Encap), $crate::kem::KemError> { $crate::kem::DhKem::<$ecdh, $kdf>::new(Self::ID).encap(rng, pkR) @@ -603,7 +603,7 @@ macro_rules! dhkem_impl { } fn auth_encap( - rng: &mut R, + rng: &R, pkR: &Self::EncapKey, skS: &Self::DecapKey, ) -> ::core::result::Result<(Self::Secret, Self::Encap), $crate::kem::KemError> { diff --git a/crates/aranya-crypto/src/keys.rs b/crates/aranya-crypto/src/keys.rs index df92835b..02f15c23 100644 --- a/crates/aranya-crypto/src/keys.rs +++ b/crates/aranya-crypto/src/keys.rs @@ -27,7 +27,7 @@ pub trait SecretKey: Clone + ConstantTimeEq + for<'a> Import<&'a [u8]> + Zeroize /// /// Implementations are free to ignore `rng` and callers must /// not rely on this function reading from `rng`. - fn new(rng: &mut R) -> Self; + fn new(rng: &R) -> Self; /// The size of the key. type Size: ArrayLength + 'static; @@ -98,7 +98,7 @@ impl ConstantTimeEq for SecretKeyBytes { } impl Random for SecretKeyBytes { - fn random(rng: &mut R) -> Self { + fn random(rng: &R) -> Self { Self(Random::random(rng)) } } @@ -204,7 +204,7 @@ macro_rules! raw_key { type Size = N; #[inline] - fn new(rng: &mut R) -> Self { + fn new(rng: &R) -> Self { Self($crate::csprng::Random::random(rng)) } @@ -218,7 +218,7 @@ macro_rules! raw_key { } impl $crate::csprng::Random for $name { - fn random(rng: &mut R) -> Self { + fn random(rng: &R) -> Self { let sk = <$crate::keys::SecretKeyBytes as $crate::csprng::Random>::random(rng); Self(sk) } diff --git a/crates/aranya-crypto/src/keystore/mod.rs b/crates/aranya-crypto/src/keystore/mod.rs index f64b6b10..ee0b049c 100644 --- a/crates/aranya-crypto/src/keystore/mod.rs +++ b/crates/aranya-crypto/src/keystore/mod.rs @@ -126,13 +126,13 @@ pub enum ErrorKind { /// An extension trait. pub trait KeyStoreExt: KeyStore { /// Retrieves and unwraps the key. - fn get_key(&self, eng: &mut E, id: Id) -> Result, Self::Error> + fn get_key(&self, eng: &E, id: Id) -> Result, Self::Error> where E: Engine, K: UnwrappedKey; /// Removes and unwraps the key. - fn remove_key(&mut self, eng: &mut E, id: Id) -> Result, Self::Error> + fn remove_key(&mut self, eng: &E, id: Id) -> Result, Self::Error> where E: Engine, K: UnwrappedKey; @@ -140,7 +140,7 @@ pub trait KeyStoreExt: KeyStore { impl KeyStoreExt for T { /// Retrieves and unwraps the key. - fn get_key(&self, eng: &mut E, id: Id) -> Result, Self::Error> + fn get_key(&self, eng: &E, id: Id) -> Result, Self::Error> where E: Engine, K: UnwrappedKey, @@ -156,7 +156,7 @@ impl KeyStoreExt for T { } /// Removes and unwraps the key. - fn remove_key(&mut self, eng: &mut E, id: Id) -> Result, Self::Error> + fn remove_key(&mut self, eng: &E, id: Id) -> Result, Self::Error> where E: Engine, K: UnwrappedKey, diff --git a/crates/aranya-crypto/src/rust.rs b/crates/aranya-crypto/src/rust.rs index 5c08aa82..1888c76c 100644 --- a/crates/aranya-crypto/src/rust.rs +++ b/crates/aranya-crypto/src/rust.rs @@ -243,7 +243,7 @@ macro_rules! ecdh_impl { type Size = FieldBytesSize<$curve>; #[inline] - fn new(rng: &mut R) -> Self { + fn new(rng: &R) -> Self { let sk = NonZeroScalar::random(&mut RngWrapper(rng)); Self(sk) } @@ -380,7 +380,7 @@ macro_rules! ecdsa_impl { type Size = FieldBytesSize<$curve>; #[inline] - fn new(rng: &mut R) -> Self { + fn new(rng: &R) -> Self { let sk = ecdsa::SigningKey::random(&mut RngWrapper(rng)); Self(sk) } @@ -550,7 +550,7 @@ hmac_impl!(HmacSha384, "HMAC-SHA384", Sha384); hmac_impl!(HmacSha512, "HMAC-SHA512", Sha512); /// Translates [`Csprng`] to [`RngCore`]. -struct RngWrapper<'a, R>(&'a mut R); +struct RngWrapper<'a, R>(&'a R); impl CryptoRng for RngWrapper<'_, R> {} diff --git a/crates/aranya-crypto/src/test_util/aead.rs b/crates/aranya-crypto/src/test_util/aead.rs index 67c34cf1..0da4ebd1 100644 --- a/crates/aranya-crypto/src/test_util/aead.rs +++ b/crates/aranya-crypto/src/test_util/aead.rs @@ -23,7 +23,7 @@ use crate::{ /// # aranya_crypto::__doctest_os_hardware_rand!(); /// macro_rules! run_test { /// ($test:ident) => { -/// aranya_crypto::test_util::aead::$test::(&mut Rng); +/// aranya_crypto::test_util::aead::$test::(&Rng); /// }; /// } /// aranya_crypto::for_each_aead_test!(run_test); @@ -82,7 +82,7 @@ macro_rules! test_aead { ($test:ident) => { #[test] fn $test() { - $crate::test_util::aead::$test::<$aead, _>(&mut $crate::Rng) + $crate::test_util::aead::$test::<$aead, _>(&$crate::Rng) } } } @@ -107,7 +107,7 @@ const GOLDEN: &[u8] = b"hello, world!"; const AD: &[u8] = b"some additional data"; /// A basic positive test. -pub fn test_basic(_rng: &mut R) { +pub fn test_basic(_rng: &R) { // The minimum key size is 128 bits. assert_ge!(A::KEY_SIZE, 16); // Must be at least 2^32-1. @@ -122,14 +122,14 @@ pub fn test_basic(_rng: &mut R) { } /// Tests that `Aead::Key::new` returns unique keys. -pub fn test_new_key(rng: &mut R) { +pub fn test_new_key(rng: &R) { let k1 = A::Key::new(rng); let k2 = A::Key::new(rng); assert_ct_ne!(k1, k2); } /// A round-trip positive test. -pub fn test_round_trip(rng: &mut R) { +pub fn test_round_trip(rng: &R) { let key = A::Key::new(rng); let nonce = Nonce::::default(); assert_all_zero!(nonce); @@ -153,7 +153,7 @@ pub fn test_round_trip(rng: &mut R) { } /// An in-place round-trip positive test. -pub fn test_in_place_round_trip(rng: &mut R) { +pub fn test_in_place_round_trip(rng: &R) { let key = A::Key::new(rng); let nonce = Nonce::::default(); assert_all_zero!(nonce); @@ -180,7 +180,7 @@ pub fn test_in_place_round_trip(rng: &mut R) { } /// Decryption should fail with an incorrect key. -pub fn test_bad_key(rng: &mut R) { +pub fn test_bad_key(rng: &R) { let nonce = Nonce::::default(); assert_all_zero!(nonce); @@ -203,7 +203,7 @@ pub fn test_bad_key(rng: &mut R) { } /// Decryption should fail with an incorrect nonce. -pub fn test_bad_nonce(rng: &mut R) { +pub fn test_bad_nonce(rng: &R) { let key = A::Key::new(rng); let ciphertext = { @@ -230,7 +230,7 @@ pub fn test_bad_nonce(rng: &mut R) { } /// Decryption should fail with a modified AD. -pub fn test_bad_ad(rng: &mut R) { +pub fn test_bad_ad(rng: &R) { let key = A::Key::new(rng); let nonce = Nonce::::default(); assert_all_zero!(nonce); @@ -251,7 +251,7 @@ pub fn test_bad_ad(rng: &mut R) { } /// Decryption should fail with a modified ciphertext. -pub fn test_bad_ciphertext(rng: &mut R) { +pub fn test_bad_ciphertext(rng: &R) { let key = A::Key::new(rng); let nonce = Nonce::::default(); assert_all_zero!(nonce); @@ -275,7 +275,7 @@ pub fn test_bad_ciphertext(rng: &mut R) { /// Decryption should fail with a modified authentication /// tag. -pub fn test_bad_tag(rng: &mut R) { +pub fn test_bad_tag(rng: &R) { let key = A::Key::new(rng); let nonce = Nonce::::default(); assert_all_zero!(nonce); diff --git a/crates/aranya-crypto/src/test_util/engine.rs b/crates/aranya-crypto/src/test_util/engine.rs index f766f2e6..ad574bda 100644 --- a/crates/aranya-crypto/src/test_util/engine.rs +++ b/crates/aranya-crypto/src/test_util/engine.rs @@ -177,7 +177,7 @@ macro_rules! test_engine { pub use test_engine; /// Simple test for [`UserSigningKey`]. -pub fn test_simple_user_signing_key_sign(eng: &mut E) { +pub fn test_simple_user_signing_key_sign(eng: &E) { const MSG: &[u8] = b"hello, world!"; const CONTEXT: &[u8] = b"test_simple_user_signing_key_sign"; @@ -212,7 +212,7 @@ pub fn test_simple_user_signing_key_sign(eng: &mut E) { /// Simple positive test for encrypting/decrypting /// [`GroupKey`]s. -pub fn test_simple_seal_group_key(eng: &mut E) { +pub fn test_simple_seal_group_key(eng: &E) { let enc_key = EncryptionKey::::new(eng); let group = Id::default(); @@ -229,7 +229,7 @@ pub fn test_simple_seal_group_key(eng: &mut E) { } /// Simple positive test for wrapping [`GroupKey`]s. -pub fn test_simple_wrap_group_key(eng: &mut E) { +pub fn test_simple_wrap_group_key(eng: &E) { let want = GroupKey::new(eng); let bytes = postcard::to_allocvec( &eng.wrap(want.clone()) @@ -245,7 +245,7 @@ pub fn test_simple_wrap_group_key(eng: &mut E) { } /// Simple positive test for wrapping [`IdentityKey`]s. -pub fn test_simple_wrap_user_identity_key(eng: &mut E) { +pub fn test_simple_wrap_user_identity_key(eng: &E) { let want = IdentityKey::new(eng); let bytes = postcard::to_allocvec( &eng.wrap(want.clone()) @@ -262,7 +262,7 @@ pub fn test_simple_wrap_user_identity_key(eng: &mut E) { /// Simple positive test for exporting the public half of /// [`IdentityKey`]s. -pub fn test_simple_export_user_identity_key(eng: &mut E) { +pub fn test_simple_export_user_identity_key(eng: &E) { let want = IdentityKey::::new(eng) .public() .expect("identity key should be valid"); @@ -276,7 +276,7 @@ pub fn test_simple_export_user_identity_key(eng: &mut E) { /// Simple test for [`IdentityKey`]. /// Creates a signature over `msg` bound to some `context`. /// `msg` must NOT be pre-hashed. -pub fn test_simple_identity_key_sign(eng: &mut E) { +pub fn test_simple_identity_key_sign(eng: &E) { let sign_key = IdentityKey::::new(eng); const MESSAGE: &[u8] = b"hello, world!"; @@ -310,7 +310,7 @@ pub fn test_simple_identity_key_sign(eng: &mut E) { } /// Simple positive test for wrapping [`UserSigningKey`]s. -pub fn test_simple_wrap_user_signing_key(eng: &mut E) { +pub fn test_simple_wrap_user_signing_key(eng: &E) { let want = UserSigningKey::new(eng); let bytes = postcard::to_allocvec( &eng.wrap(want.clone()) @@ -327,7 +327,7 @@ pub fn test_simple_wrap_user_signing_key(eng: &mut E) { /// Simple positive test for exporting the public half of /// [`UserSigningKey`]s. -pub fn test_simple_export_user_signing_key(eng: &mut E) { +pub fn test_simple_export_user_signing_key(eng: &E) { let want = UserSigningKey::::new(eng) .public() .expect("user signing key should be valid"); @@ -337,7 +337,7 @@ pub fn test_simple_export_user_signing_key(eng: &mut E) { } /// Simple positive test for wrapping [`EncryptionKey`]s. -pub fn test_simple_wrap_user_encryption_key(eng: &mut E) { +pub fn test_simple_wrap_user_encryption_key(eng: &E) { let want = EncryptionKey::new(eng); let bytes = postcard::to_allocvec( &eng.wrap(want.clone()) @@ -354,7 +354,7 @@ pub fn test_simple_wrap_user_encryption_key(eng: &mut E) { /// Simple positive test for exporting the public half of /// [`EncryptionKey`]s. -pub fn test_simple_export_user_encryption_key(eng: &mut E) { +pub fn test_simple_export_user_encryption_key(eng: &E) { let want = EncryptionKey::::new(eng) .public() .expect("encryption public key should be valid"); @@ -366,7 +366,7 @@ pub fn test_simple_export_user_encryption_key(eng: &mut E) { } /// Simple positive test for encryption using a [`GroupKey`]. -pub fn test_group_key_seal(eng: &mut E) { +pub fn test_group_key_seal(eng: &E) { const INPUT: &[u8] = b"hello, world!"; let author_sign_pk = UserSigningKey::::new(eng) @@ -407,7 +407,7 @@ pub fn test_group_key_seal(eng: &mut E) { } /// Negative test for the wrong [`GroupKey`]. -pub fn test_group_key_open_wrong_key(eng: &mut E) { +pub fn test_group_key_open_wrong_key(eng: &E) { const INPUT: &[u8] = b"hello, world!"; let author_sign_pk = UserSigningKey::::new(eng) @@ -448,7 +448,7 @@ pub fn test_group_key_open_wrong_key(eng: &mut E) { } /// Negative test for the wrong [`Context`]. -pub fn test_group_key_open_wrong_context(eng: &mut E) { +pub fn test_group_key_open_wrong_context(eng: &E) { const INPUT: &[u8] = b"hello, world!"; let author_pk1 = UserSigningKey::::new(eng) @@ -511,7 +511,7 @@ pub fn test_group_key_open_wrong_context(eng: &mut E) { } /// Negative test for a modified ciphertext. -pub fn test_group_key_open_bad_ciphertext(eng: &mut E) { +pub fn test_group_key_open_bad_ciphertext(eng: &E) { const INPUT: &[u8] = b"hello, world!"; let author_sign_pk = UserSigningKey::::new(eng) @@ -553,7 +553,7 @@ pub fn test_group_key_open_bad_ciphertext(eng: &mut E) { } /// Test encoding/decoding [`EncryptedGroupKey`]. -pub fn test_encrypted_group_key_encode(eng: &mut E) +pub fn test_encrypted_group_key_encode(eng: &E) where <::Aead as Aead>::Overhead: Add, Sum<<::Aead as Aead>::Overhead, U64>: ArrayLength, @@ -580,7 +580,7 @@ where /// Simple test for [`SenderSigningKey`]. /// Creates a signature over an encoded record. -pub fn test_simple_sender_signing_key_sign(eng: &mut E) +pub fn test_simple_sender_signing_key_sign(eng: &E) where <::Aead as Aead>::Overhead: Add, Sum<<::Aead as Aead>::Overhead, U64>: ArrayLength, @@ -636,7 +636,7 @@ where /// Simple positive test for encrypting/decrypting /// [`TopicKey`]s. -pub fn test_simple_seal_topic_key(eng: &mut E) +pub fn test_simple_seal_topic_key(eng: &E) where <::Aead as Aead>::Overhead: Add, Sum<<::Aead as Aead>::Overhead, U64>: ArrayLength, @@ -665,7 +665,7 @@ where } /// Simple positive test for wrapping [`SenderSecretKey`]s. -pub fn test_simple_wrap_user_sender_secret_key(eng: &mut E) { +pub fn test_simple_wrap_user_sender_secret_key(eng: &E) { let want = SenderSecretKey::new(eng); let bytes = postcard::to_allocvec( &eng.wrap(want.clone()) @@ -681,7 +681,7 @@ pub fn test_simple_wrap_user_sender_secret_key(eng: &mut E) { } /// Simple positive test for wrapping [`SenderSigningKey`]s. -pub fn test_simple_wrap_user_sender_signing_key(eng: &mut E) { +pub fn test_simple_wrap_user_sender_signing_key(eng: &E) { let want = SenderSigningKey::new(eng); let bytes = postcard::to_allocvec( &eng.wrap(want.clone()) @@ -697,7 +697,7 @@ pub fn test_simple_wrap_user_sender_signing_key(eng: &mut E) { } /// Simple positive test for wrapping [`ReceiverSecretKey`]s. -pub fn test_simple_wrap_user_receiver_secret_key(eng: &mut E) { +pub fn test_simple_wrap_user_receiver_secret_key(eng: &E) { let want = ReceiverSecretKey::new(eng); let bytes = postcard::to_allocvec( &eng.wrap(want.clone()) @@ -713,7 +713,7 @@ pub fn test_simple_wrap_user_receiver_secret_key(eng: &mut E) { } /// Simple positive test for encryption using a [`TopicKey`]. -pub fn test_topic_key_seal(eng: &mut E) { +pub fn test_topic_key_seal(eng: &E) { const INPUT: &[u8] = b"hello, world!"; let ident = Sender { @@ -745,7 +745,7 @@ pub fn test_topic_key_seal(eng: &mut E) { } /// Negative test for the wrong [`TopicKey`]. -pub fn test_topic_key_open_wrong_key(eng: &mut E) { +pub fn test_topic_key_open_wrong_key(eng: &E) { const INPUT: &[u8] = b"hello, world!"; let ident = Sender { @@ -777,7 +777,7 @@ pub fn test_topic_key_open_wrong_key(eng: &mut E) { } /// Negative test for the wrong [`Context`]. -pub fn test_topic_key_open_wrong_context(eng: &mut E) { +pub fn test_topic_key_open_wrong_context(eng: &E) { const INPUT: &[u8] = b"hello, world!"; let ident = Sender { @@ -828,7 +828,7 @@ pub fn test_topic_key_open_wrong_context(eng: &mut E) { } /// Negative test for a modified ciphertext. -pub fn test_topic_key_open_bad_ciphertext(eng: &mut E) { +pub fn test_topic_key_open_bad_ciphertext(eng: &E) { const INPUT: &[u8] = b"hello, world!"; let ident = Sender { @@ -892,7 +892,7 @@ fn assert_same_afc_keys(seal: &mut SealKey, open: &OpenKey< /// /// If `seal` is `None` then a random key will be used. fn assert_different_afc_keys( - eng: &mut E, + eng: &E, seal: Option>, open: &OpenKey, ) { @@ -926,7 +926,7 @@ fn assert_different_afc_keys( } /// A simple positive test for [`SealKey`] and [`OpenKey`]. -pub fn test_same_seal_key_open_key(eng: &mut E) { +pub fn test_same_seal_key_open_key(eng: &E) { let raw: RawSealKey = Random::random(eng); let mut seal = SealKey::::from_raw(&raw, Seq::ZERO).expect("should be able to create `SealKey`"); @@ -935,7 +935,7 @@ pub fn test_same_seal_key_open_key(eng: &mut E) { } /// A simple negative test for [`SealKey`] and [`OpenKey`]. -pub fn test_different_seal_key_open_key(eng: &mut E) { +pub fn test_different_seal_key_open_key(eng: &E) { let seal = SealKey::from_raw(&Random::random(eng), Seq::ZERO) .expect("should be able to create `SealKey`"); let open = OpenKey::from_raw(&Random::random(eng)).expect("should be able to create `OpenKey`"); @@ -945,7 +945,7 @@ pub fn test_different_seal_key_open_key(eng: &mut E) { /// Tests that [`SealKey`]'s sequence number monotonically /// advances by one each time. -pub fn test_seal_key_monotonic_seq_number(eng: &mut E) { +pub fn test_seal_key_monotonic_seq_number(eng: &E) { let mut seal = SealKey::::from_raw(&Random::random(eng), Seq::ZERO) .expect("should be able to create `SealKey`"); @@ -967,7 +967,7 @@ pub fn test_seal_key_monotonic_seq_number(eng: &mut E) { /// Tests that [`SealKey`] refuses to encrypt when its /// sequence number has been exhausted. -pub fn test_seal_key_seq_number_exhausted(eng: &mut E) { +pub fn test_seal_key_seq_number_exhausted(eng: &E) { let max = Seq::max::<<::Aead as Aead>::NonceSize>(); // Start at one before the max. let start = Seq::new(max - 1); @@ -997,7 +997,7 @@ pub fn test_seal_key_seq_number_exhausted(eng: &mut E) { /// Tests that [`OpenKey`] refuses to decrypt when the /// sequence number has been exhausted. -pub fn test_open_key_seq_number_exhausted(eng: &mut E) { +pub fn test_open_key_seq_number_exhausted(eng: &E) { let raw: RawSealKey = Random::random(eng); let mut seal = SealKey::::from_raw(&raw, Seq::ZERO).expect("should be able to create `SealKey`"); @@ -1032,7 +1032,7 @@ pub fn test_open_key_seq_number_exhausted(eng: &mut E) { /// Tests that [`OpenKey`]'s fails when the incorrect /// sequence number is provided. -pub fn test_open_key_wrong_seq_number(eng: &mut E) { +pub fn test_open_key_wrong_seq_number(eng: &E) { let raw: RawSealKey = Random::random(eng); let mut seal = SealKey::::from_raw(&raw, Seq::ZERO).expect("should be able to create `SealKey`"); @@ -1065,7 +1065,7 @@ pub fn test_open_key_wrong_seq_number(eng: &mut E) { /// Tests that [`OpenKey`]'s fails when the incorrect /// [`AuthData`] is provided. -pub fn test_open_key_wrong_auth_data(eng: &mut E) { +pub fn test_open_key_wrong_auth_data(eng: &E) { let raw: RawSealKey = Random::random(eng); let mut seal = SealKey::::from_raw(&raw, Seq::ZERO).expect("should be able to create `SealKey`"); @@ -1128,7 +1128,7 @@ fn assert_bidi_keys_match(lhs: BidiKeys, rhs: BidiKeys) } /// Checks that `lhs` and `rhs` do _not_ match. -fn assert_bidi_keys_mismatch(eng: &mut E, lhs: BidiKeys, rhs: BidiKeys) { +fn assert_bidi_keys_mismatch(eng: &E, lhs: BidiKeys, rhs: BidiKeys) { // We should never generate duplicate keys. assert_ct_ne!(lhs.seal_key(), rhs.seal_key(), "duplicate `SealKey`"); assert_ct_ne!(lhs.open_key(), rhs.open_key(), "duplicate `OpenKey`"); @@ -1144,7 +1144,7 @@ fn assert_bidi_keys_mismatch(eng: &mut E, lhs: BidiKeys, rhs: } /// A simple positive test for deriving [`BidiKeys`]. -pub fn test_derive_bidi_keys(eng: &mut E) { +pub fn test_derive_bidi_keys(eng: &E) { let sk1 = EncryptionKey::::new(eng); let sk2 = EncryptionKey::::new(eng); let label = 123; @@ -1186,7 +1186,7 @@ pub fn test_derive_bidi_keys(eng: &mut E) { } /// Different labels should create different [`BidiKeys`]. -pub fn test_derive_bidi_keys_different_labels(eng: &mut E) { +pub fn test_derive_bidi_keys_different_labels(eng: &E) { let sk1 = EncryptionKey::::new(eng); let sk2 = EncryptionKey::::new(eng); let ch1 = BidiChannel { @@ -1228,7 +1228,7 @@ pub fn test_derive_bidi_keys_different_labels(eng: &mut E) { /// [`BidiKeys`]. /// /// E.g., derive(label, u1, u2, c1) != derive(label, u2, u3, c1). -pub fn test_derive_bidi_keys_different_user_ids(eng: &mut E) { +pub fn test_derive_bidi_keys_different_user_ids(eng: &E) { let label = 123; let sk1 = EncryptionKey::::new(eng); let sk2 = EncryptionKey::::new(eng); @@ -1272,7 +1272,7 @@ pub fn test_derive_bidi_keys_different_user_ids(eng: &mut E) { /// [`BidiKeys`]. /// /// E.g., derive(label, u1, u2, c1) != derive(label, u2, u1, c2). -pub fn test_derive_bidi_keys_different_cmd_ids(eng: &mut E) { +pub fn test_derive_bidi_keys_different_cmd_ids(eng: &E) { let label = 123; let sk1 = EncryptionKey::::new(eng); let sk2 = EncryptionKey::::new(eng); @@ -1316,7 +1316,7 @@ pub fn test_derive_bidi_keys_different_cmd_ids(eng: &mut E) { /// [`BidiKeys`]. /// /// E.g., derive(label, u1, u2, c1) != derive(label, u2, u1, c2). -pub fn test_derive_bidi_keys_different_keys(eng: &mut E) { +pub fn test_derive_bidi_keys_different_keys(eng: &E) { let label = 123; let sk1 = EncryptionKey::::new(eng); let sk2 = EncryptionKey::::new(eng); @@ -1361,7 +1361,7 @@ pub fn test_derive_bidi_keys_different_keys(eng: &mut E) { /// It is an error to use the same `UserId` when deriving /// [`BidiKeys`]. -pub fn test_derive_bidi_keys_same_user_id(eng: &mut E) { +pub fn test_derive_bidi_keys_same_user_id(eng: &E) { let label = 123; let sk1 = EncryptionKey::::new(eng); let sk2 = EncryptionKey::::new(eng); @@ -1411,7 +1411,7 @@ pub fn test_derive_bidi_keys_same_user_id(eng: &mut E) { } /// Simple positive test for wrapping [`BidiAuthorSecret`]s. -pub fn test_wrap_bidi_author_secret(eng: &mut E) { +pub fn test_wrap_bidi_author_secret(eng: &E) { let sk1 = EncryptionKey::new(eng); let sk2 = EncryptionKey::new(eng); let ch = BidiChannel { @@ -1461,11 +1461,7 @@ fn assert_same_uni_key(seal: UniSealKey, open: UniOpenKey( - eng: &mut E, - seal: UniSealKey, - open: UniOpenKey, -) { +fn assert_different_uni_key(eng: &E, seal: UniSealKey, open: UniOpenKey) { // Simple test: they should not have the same bytes. { let seal = seal.as_raw_key(); @@ -1488,7 +1484,7 @@ fn assert_different_uni_key( /// A simple positive test for deriving [`UniSealKey`] and /// [`UniOpenKey`]. -pub fn test_derive_uni_key(eng: &mut E) { +pub fn test_derive_uni_key(eng: &E) { let sk1 = EncryptionKey::::new(eng); let sk2 = EncryptionKey::::new(eng); let label = 123; @@ -1529,7 +1525,7 @@ pub fn test_derive_uni_key(eng: &mut E) { /// Different labels should create different [`UniSealKey`] /// and [`UniOpenKey`]s. -pub fn test_derive_uni_key_different_labels(eng: &mut E) { +pub fn test_derive_uni_key_different_labels(eng: &E) { let sk1 = EncryptionKey::::new(eng); let sk2 = EncryptionKey::::new(eng); let ch1 = UniChannel { @@ -1571,7 +1567,7 @@ pub fn test_derive_uni_key_different_labels(eng: &mut E) { /// [`UniSealKey`] and [`UniOpenKey`]s. /// /// E.g., derive(label, u1, u2, c1) != derive(label, u2, u3, c1). -pub fn test_derive_uni_key_different_user_ids(eng: &mut E) { +pub fn test_derive_uni_key_different_user_ids(eng: &E) { let label = 123; let sk1 = EncryptionKey::::new(eng); let sk2 = EncryptionKey::::new(eng); @@ -1614,7 +1610,7 @@ pub fn test_derive_uni_key_different_user_ids(eng: &mut E) { /// [`UniSealKey`] and [`UniOpenKey`]s. /// /// E.g., derive(label, u1, u2, c1) != derive(label, u2, u1, c2). -pub fn test_derive_uni_key_different_cmd_ids(eng: &mut E) { +pub fn test_derive_uni_key_different_cmd_ids(eng: &E) { let label = 123; let sk1 = EncryptionKey::::new(eng); let sk2 = EncryptionKey::::new(eng); @@ -1657,7 +1653,7 @@ pub fn test_derive_uni_key_different_cmd_ids(eng: &mut E) { /// [`UniSealKey`] and [`UniOpenKey`]s. /// /// E.g., derive(label, u1, u2, c1) != derive(label, u2, u1, c2). -pub fn test_derive_uni_key_different_keys(eng: &mut E) { +pub fn test_derive_uni_key_different_keys(eng: &E) { let label = 123; let sk1 = EncryptionKey::::new(eng); let sk2 = EncryptionKey::::new(eng); @@ -1697,7 +1693,7 @@ pub fn test_derive_uni_key_different_keys(eng: &mut E) { /// It is an error to use the same `UserId` when deriving /// [`UniSealKey`]s. -pub fn test_derive_uni_seal_key_same_user_id(eng: &mut E) { +pub fn test_derive_uni_seal_key_same_user_id(eng: &E) { let label = 123; let sk1 = EncryptionKey::::new(eng); let sk2 = EncryptionKey::::new(eng); @@ -1749,7 +1745,7 @@ pub fn test_derive_uni_seal_key_same_user_id(eng: &mut E) { /// It is an error to use the same `UserId` when deriving /// [`UniOpenKey`]s. -pub fn test_derive_uni_open_key_same_user_id(eng: &mut E) { +pub fn test_derive_uni_open_key_same_user_id(eng: &E) { let label = 123; let sk1 = EncryptionKey::::new(eng); let sk2 = EncryptionKey::::new(eng); @@ -1800,7 +1796,7 @@ pub fn test_derive_uni_open_key_same_user_id(eng: &mut E) { } /// Simple positive test for wrapping [`UniAuthorSecret`]s. -pub fn test_wrap_uni_author_secret(eng: &mut E) { +pub fn test_wrap_uni_author_secret(eng: &E) { let sk1 = EncryptionKey::new(eng); let sk2 = EncryptionKey::new(eng); let ch = UniChannel { diff --git a/crates/aranya-crypto/src/test_util/hpke.rs b/crates/aranya-crypto/src/test_util/hpke.rs index a4c824fc..b79afe7d 100644 --- a/crates/aranya-crypto/src/test_util/hpke.rs +++ b/crates/aranya-crypto/src/test_util/hpke.rs @@ -39,7 +39,7 @@ use crate::{ /// HkdfSha256, /// Aes256Gcm, /// _, -/// >(&mut Rng); +/// >(&Rng); /// }; /// } /// aranya_crypto::for_each_hpke_test!(run_test); @@ -108,7 +108,7 @@ macro_rules! test_hpke { #[test] fn $test() { $crate::test_util::hpke::$test::<$kem, $kdf, $aead, _>( - &mut $crate::Rng, + &$crate::Rng, ) } }; @@ -129,7 +129,7 @@ pub use test_hpke; /// Tests the full encryption-decryption cycle. #[allow(non_snake_case)] -pub fn test_round_trip(rng: &mut R) { +pub fn test_round_trip(rng: &R) { const GOLDEN: &[u8] = b"some plaintext"; const AD: &[u8] = b"some additional data"; const INFO: &[u8] = b"some contextual binding"; @@ -161,7 +161,7 @@ pub fn test_round_trip(rng: &mut R /// [`crate::hpke::RecvCtx::export`] is the same as /// [`crate::hpke::RecvCtx::export_into`]. #[allow(non_snake_case)] -pub fn test_export(rng: &mut R) { +pub fn test_export(rng: &R) { const INFO: &[u8] = b"some contextual binding"; let skR = K::DecapKey::new(rng); diff --git a/crates/aranya-crypto/src/test_util/mac.rs b/crates/aranya-crypto/src/test_util/mac.rs index a2cc68c3..d1065b27 100644 --- a/crates/aranya-crypto/src/test_util/mac.rs +++ b/crates/aranya-crypto/src/test_util/mac.rs @@ -13,7 +13,7 @@ use crate::{csprng::Csprng, keys::SecretKey, mac::Mac}; /// # aranya_crypto::__doctest_os_hardware_rand!(); /// macro_rules! run_test { /// ($test:ident) => { -/// aranya_crypto::test_util::mac::$test::(&mut Rng); +/// aranya_crypto::test_util::mac::$test::(&Rng); /// } /// } /// aranya_crypto::for_each_mac_test!(run_test); @@ -67,7 +67,7 @@ macro_rules! test_mac { ($test:ident) => { #[test] fn $test() { - $crate::test_util::mac::$test::<$mac, _>(&mut $crate::Rng) + $crate::test_util::mac::$test::<$mac, _>(&$crate::Rng) } }; } @@ -88,7 +88,7 @@ pub use test_mac; const DATA: &[u8] = b"hello, world!"; /// Basic positive test. -pub fn test_default(rng: &mut R) { +pub fn test_default(rng: &R) { let key = T::Key::new(rng); let tag1 = T::mac(&key, DATA); let tag2 = T::mac(&key, DATA); @@ -96,7 +96,7 @@ pub fn test_default(rng: &mut R) { } /// Tests that [`Mac::update`] is the same as [`Mac::mac`]. -pub fn test_update(rng: &mut R) { +pub fn test_update(rng: &R) { let key = T::Key::new(rng); let tag1 = T::mac(&key, DATA); let tag2 = { @@ -110,7 +110,7 @@ pub fn test_update(rng: &mut R) { } /// Test [`Mac::verify`]. -pub fn test_verify(rng: &mut R) { +pub fn test_verify(rng: &R) { let key = T::Key::new(rng); let tag1 = T::mac(&key, DATA); @@ -122,7 +122,7 @@ pub fn test_verify(rng: &mut R) { } /// Negative tests for different keys. -pub fn test_different_keys(rng: &mut R) { +pub fn test_different_keys(rng: &R) { let key1 = T::Key::new(rng); let key2 = T::Key::new(rng); assert_ct_ne!(key1, key2, "keys should differ"); @@ -133,7 +133,7 @@ pub fn test_different_keys(rng: &mut R) { } /// Negative test for MACs of different data. -pub fn test_different_data(rng: &mut R) { +pub fn test_different_data(rng: &R) { let key = T::Key::new(rng); let tag1 = T::mac(&key, b"hello"); let tag2 = T::mac(&key, b"world"); diff --git a/crates/aranya-crypto/src/test_util/mod.rs b/crates/aranya-crypto/src/test_util/mod.rs index b0449157..483d34a8 100644 --- a/crates/aranya-crypto/src/test_util/mod.rs +++ b/crates/aranya-crypto/src/test_util/mod.rs @@ -246,7 +246,7 @@ impl SigningKey> for SigningKeyWithDef impl SecretKey for SigningKeyWithDefaults { type Size = ::Size; - fn new(rng: &mut R) -> Self { + fn new(rng: &R) -> Self { Self(T::SigningKey::new(rng)) } diff --git a/crates/aranya-crypto/src/test_util/signer.rs b/crates/aranya-crypto/src/test_util/signer.rs index 81ee8606..b690417f 100644 --- a/crates/aranya-crypto/src/test_util/signer.rs +++ b/crates/aranya-crypto/src/test_util/signer.rs @@ -22,7 +22,7 @@ use crate::{ /// # aranya_crypto::__doctest_os_hardware_rand!(); /// macro_rules! run_test { /// ($test:ident) => { -/// aranya_crypto::test_util::signer::$test::(&mut Rng); +/// aranya_crypto::test_util::signer::$test::(&Rng); /// }; /// } /// aranya_crypto::for_each_signer_test!(run_test); @@ -70,7 +70,7 @@ macro_rules! test_signer { ($test:ident) => { #[test] fn $test() { - $crate::test_util::signer::$test::<$signer, _>(&mut $crate::Rng) + $crate::test_util::signer::$test::<$signer, _>(&$crate::Rng) } }; } @@ -122,7 +122,7 @@ macro_rules! test_signer { pub use test_signer; /// The base positive test. -pub fn test_default(rng: &mut R) { +pub fn test_default(rng: &R) { const MSG: &[u8] = b"hello, world!"; let sk = T::SigningKey::new(rng); let sig = sk.sign(MSG).expect("unable to create signature"); @@ -135,7 +135,7 @@ pub fn test_default(rng: &mut R) { /// Test `Signer::SigningKey::ct_eq`. /// /// It also tests `Signer::SigningKey::import`. -pub fn test_sk_ct_eq(rng: &mut R) { +pub fn test_sk_ct_eq(rng: &R) { let sk1 = T::SigningKey::new(rng); let sk2 = T::SigningKey::new(rng); @@ -162,7 +162,7 @@ pub fn test_sk_ct_eq(rng: &mut R) { /// Test `Signer::VerifyingKey::eq`. /// /// It also tests `Signer::VerifyingKey::import`. -pub fn test_pk_eq(rng: &mut R) { +pub fn test_pk_eq(rng: &R) { let pk1 = T::SigningKey::new(rng) .public() .expect("signing key should be valid"); @@ -184,13 +184,13 @@ pub fn test_pk_eq(rng: &mut R) { } /// [`SigningKey::public`] should always return the same key. -pub fn test_public(rng: &mut R) { +pub fn test_public(rng: &R) { let sk = T::SigningKey::new(rng); assert_eq!(sk.public(), sk.public()); } /// Simple positive test for [`Signer::verify_batch`]. -pub fn test_batch_simple_good(rng: &mut R) { +pub fn test_batch_simple_good(rng: &R) { const MSGS: &[&[u8]] = &[ b"hello", b"world", @@ -214,7 +214,7 @@ pub fn test_batch_simple_good(rng: &mut R) { } /// Simple negative test for [`Signer::verify_batch`]. -pub fn test_batch_simple_bad(rng: &mut R) { +pub fn test_batch_simple_bad(rng: &R) { let msgs: &mut [&[u8]] = &mut [ b"hello", b"world", diff --git a/crates/aranya-crypto/tests/lib.rs b/crates/aranya-crypto/tests/lib.rs index 6caa4d54..81a48908 100644 --- a/crates/aranya-crypto/tests/lib.rs +++ b/crates/aranya-crypto/tests/lib.rs @@ -17,7 +17,7 @@ mod custom_id_tests { #[test] fn json_roundtrip() { - let id: MyId = aranya_crypto::Id::random(&mut aranya_crypto::Rng).into(); + let id: MyId = aranya_crypto::Id::random(&aranya_crypto::Rng).into(); let ser = serde_json::to_string(&id).unwrap(); assert_eq!(ser, format!("\"{id}\"")); let got: MyId = serde_json::from_str(&ser).unwrap(); @@ -26,7 +26,7 @@ mod custom_id_tests { #[test] fn postcard_roundtrip() { - let id: MyId = aranya_crypto::Id::random(&mut aranya_crypto::Rng).into(); + let id: MyId = aranya_crypto::Id::random(&aranya_crypto::Rng).into(); let ser = postcard::to_allocvec(&id).unwrap(); assert_eq!(id.as_bytes(), ser); let got: MyId = postcard::from_bytes(&ser).unwrap(); diff --git a/crates/aranya-device-ffi/src/lib.rs b/crates/aranya-device-ffi/src/lib.rs index d3fbcd18..c5a083ee 100644 --- a/crates/aranya-device-ffi/src/lib.rs +++ b/crates/aranya-device-ffi/src/lib.rs @@ -23,7 +23,7 @@ impl FfiDevice { pub(crate) fn current_user_id( &self, _ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, ) -> Result { Ok(self.id) } diff --git a/crates/aranya-device-ffi/src/tests.rs b/crates/aranya-device-ffi/src/tests.rs index 8b231ff2..8ac0b1c7 100644 --- a/crates/aranya-device-ffi/src/tests.rs +++ b/crates/aranya-device-ffi/src/tests.rs @@ -10,8 +10,8 @@ use crate::FfiDevice; #[test] fn test_current_user_id() { - let (mut eng, _) = DefaultEngine::<_>::from_entropy(Rng); - let user_id = UserId::random(&mut Rng); + let (eng, _) = DefaultEngine::<_>::from_entropy(Rng); + let user_id = UserId::random(&Rng); let device = FfiDevice { id: user_id }; let contexts = vec![ @@ -40,7 +40,7 @@ fn test_current_user_id() { for context in contexts { let id = device - .current_user_id(&context, &mut eng) + .current_user_id(&context, &eng) .expect("Should have succeeded"); assert_eq!(id, user_id); } diff --git a/crates/aranya-envelope-ffi/src/ffi.rs b/crates/aranya-envelope-ffi/src/ffi.rs index b5cc0bf7..c3177c2e 100644 --- a/crates/aranya-envelope-ffi/src/ffi.rs +++ b/crates/aranya-envelope-ffi/src/ffi.rs @@ -100,7 +100,7 @@ function parent_id(envelope_input struct Envelope) id pub(crate) fn parent_id( &self, ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, envelope_input: Envelope, ) -> Result { match ctx { @@ -120,7 +120,7 @@ function author_id(envelope_input struct Envelope) id pub(crate) fn author_id( &self, ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, envelope_input: Envelope, ) -> Result { match ctx { @@ -141,7 +141,7 @@ function command_id(envelope_input struct Envelope) id pub(crate) fn command_id( &self, ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, envelope_input: Envelope, ) -> Result { match ctx { @@ -162,7 +162,7 @@ function signature(envelope_input struct Envelope) bytes pub(crate) fn signature( &self, ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, envelope_input: Envelope, ) -> Result, Error> { match ctx { @@ -183,7 +183,7 @@ function payload(envelope_input struct Envelope) bytes pub(crate) fn payload( &self, ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, envelope_input: Envelope, ) -> Result, Error> { match ctx { @@ -211,7 +211,7 @@ function new( pub(crate) fn new_envelope( &self, ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, parent_id: Id, author_id: Id, command_id: Id, diff --git a/crates/aranya-envelope-ffi/src/tests.rs b/crates/aranya-envelope-ffi/src/tests.rs index b45d8393..c4a9ee7f 100644 --- a/crates/aranya-envelope-ffi/src/tests.rs +++ b/crates/aranya-envelope-ffi/src/tests.rs @@ -13,7 +13,7 @@ use crate::{Envelope, Ffi}; type E = DefaultEngine; /// Returns a random number in [0, max). -fn intn(rng: &mut R, max: usize) -> usize { +fn intn(rng: &R, max: usize) -> usize { if max.is_power_of_two() { return usize::random(rng) & (max - 1); } @@ -24,7 +24,7 @@ fn intn(rng: &mut R, max: usize) -> usize { } } } -fn rand_vec(rng: &mut R, max: usize) -> Vec { +fn rand_vec(rng: &R, max: usize) -> Vec { let n = intn(rng, max); let mut data = vec![0u8; n]; rng.fill_bytes(&mut data); @@ -32,7 +32,7 @@ fn rand_vec(rng: &mut R, max: usize) -> Vec { } impl Random for Envelope { - fn random(rng: &mut R) -> Self { + fn random(rng: &R) -> Self { Self { parent_id: Id::random(rng), command_id: Id::random(rng), @@ -66,14 +66,14 @@ const RECALL_CTX: &CommandContext<'static> = &CommandContext::Recall(PolicyConte #[test] fn test_author_id() { - let (mut eng, _) = E::from_entropy(Rng); - let env = Envelope::random(&mut Rng); + let (eng, _) = E::from_entropy(Rng); + let env = Envelope::random(&Rng); let got = [ - Ffi.author_id(OPEN_CTX, &mut eng, env.clone()) + Ffi.author_id(OPEN_CTX, &eng, env.clone()) .expect("should not fail"), - Ffi.author_id(POLICY_CTX, &mut eng, env.clone()) + Ffi.author_id(POLICY_CTX, &eng, env.clone()) .expect("should not fail"), - Ffi.author_id(RECALL_CTX, &mut eng, env.clone()) + Ffi.author_id(RECALL_CTX, &eng, env.clone()) .expect("should not fail"), ]; for (got, want) in got.into_iter().zip(iter::repeat(env.author_id)) { @@ -83,14 +83,14 @@ fn test_author_id() { #[test] fn test_command_id() { - let (mut eng, _) = E::from_entropy(Rng); - let env = Envelope::random(&mut Rng); + let (eng, _) = E::from_entropy(Rng); + let env = Envelope::random(&Rng); let got = [ - Ffi.command_id(OPEN_CTX, &mut eng, env.clone()) + Ffi.command_id(OPEN_CTX, &eng, env.clone()) .expect("should not fail"), - Ffi.command_id(POLICY_CTX, &mut eng, env.clone()) + Ffi.command_id(POLICY_CTX, &eng, env.clone()) .expect("should not fail"), - Ffi.command_id(RECALL_CTX, &mut eng, env.clone()) + Ffi.command_id(RECALL_CTX, &eng, env.clone()) .expect("should not fail"), ]; for (got, want) in got.into_iter().zip(iter::repeat(env.command_id)) { @@ -100,14 +100,14 @@ fn test_command_id() { #[test] fn test_signature() { - let (mut eng, _) = E::from_entropy(Rng); - let env = Envelope::random(&mut Rng); + let (eng, _) = E::from_entropy(Rng); + let env = Envelope::random(&Rng); let got = [ - Ffi.signature(OPEN_CTX, &mut eng, env.clone()) + Ffi.signature(OPEN_CTX, &eng, env.clone()) .expect("should not fail"), - Ffi.signature(POLICY_CTX, &mut eng, env.clone()) + Ffi.signature(POLICY_CTX, &eng, env.clone()) .expect("should not fail"), - Ffi.signature(RECALL_CTX, &mut eng, env.clone()) + Ffi.signature(RECALL_CTX, &eng, env.clone()) .expect("should not fail"), ]; for (got, want) in got.into_iter().zip(iter::repeat(env.signature)) { @@ -117,14 +117,14 @@ fn test_signature() { #[test] fn test_payload() { - let (mut eng, _) = E::from_entropy(Rng); - let env = Envelope::random(&mut Rng); + let (eng, _) = E::from_entropy(Rng); + let env = Envelope::random(&Rng); let got = [ - Ffi.payload(OPEN_CTX, &mut eng, env.clone()) + Ffi.payload(OPEN_CTX, &eng, env.clone()) .expect("should not fail"), - Ffi.payload(POLICY_CTX, &mut eng, env.clone()) + Ffi.payload(POLICY_CTX, &eng, env.clone()) .expect("should not fail"), - Ffi.payload(RECALL_CTX, &mut eng, env.clone()) + Ffi.payload(RECALL_CTX, &eng, env.clone()) .expect("should not fail"), ]; for (got, want) in got.into_iter().zip(iter::repeat(env.payload)) { @@ -134,12 +134,12 @@ fn test_payload() { #[test] fn test_new_envelope() { - let (mut eng, _) = E::from_entropy(Rng); - let env = Envelope::random(&mut Rng); + let (eng, _) = E::from_entropy(Rng); + let env = Envelope::random(&Rng); let got = Ffi .new_envelope( SEAL_CTX, - &mut eng, + &eng, env.parent_id, env.author_id, env.command_id, diff --git a/crates/aranya-fast-channels/benches/lib.rs b/crates/aranya-fast-channels/benches/lib.rs index a7cfe556..1a3d6dbf 100644 --- a/crates/aranya-fast-channels/benches/lib.rs +++ b/crates/aranya-fast-channels/benches/lib.rs @@ -110,7 +110,7 @@ macro_rules! bench_impl { // Use the same key to simplify the decryption // benchmarks. - let seal = RawSealKey::random(&mut Rng); + let seal = RawSealKey::random(&Rng); let open = RawOpenKey { key: seal.key.clone(), base_nonce: seal.base_nonce, diff --git a/crates/aranya-fast-channels/src/lib.rs b/crates/aranya-fast-channels/src/lib.rs index ba71f5c9..6dbc4bb3 100644 --- a/crates/aranya-fast-channels/src/lib.rs +++ b/crates/aranya-fast-channels/src/lib.rs @@ -107,13 +107,13 @@ //! }; //! let user2_node_id = NodeId::new(2); //! -//! let (mut eng, _) = E::from_entropy(Rng); +//! let (eng, _) = E::from_entropy(Rng); //! -//! let user1_id = IdentityKey::::new(&mut eng).id()?; -//! let user1_enc_sk = EncryptionKey::::new(&mut eng); +//! let user1_id = IdentityKey::::new(&eng).id()?; +//! let user1_enc_sk = EncryptionKey::::new(&eng); //! -//! let user2_id = IdentityKey::::new(&mut eng).id()?; -//! let user2_enc_sk = EncryptionKey::::new(&mut eng); +//! let user2_id = IdentityKey::::new(&eng).id()?; +//! let user2_enc_sk = EncryptionKey::::new(&eng); //! //! // The label used for encryption and decryption. //! // @@ -122,7 +122,7 @@ //! const TOP_SECRET: Label = Label::new(12); //! //! let ch1 = BidiChannel { -//! parent_cmd_id: Id::random(&mut eng), +//! parent_cmd_id: Id::random(&eng), //! our_sk: &user1_enc_sk, //! our_id: user1_id, //! their_pk: &user2_enc_sk.public()?, @@ -130,7 +130,7 @@ //! label: TOP_SECRET.to_u32(), //! }; //! let BidiSecrets { author, peer } = -//! BidiSecrets::new(&mut eng, &ch1)?; +//! BidiSecrets::new(&eng, &ch1)?; //! //! // Inform user1 about user2. //! let (seal, open) = BidiKeys::from_author_secret(&ch1, author)? diff --git a/crates/aranya-fast-channels/src/shm/shared.rs b/crates/aranya-fast-channels/src/shm/shared.rs index b2de6c78..1756e898 100644 --- a/crates/aranya-fast-channels/src/shm/shared.rs +++ b/crates/aranya-fast-channels/src/shm/shared.rs @@ -410,7 +410,7 @@ impl ShmChan { ptr: &mut MaybeUninit, id: ChannelId, keys: &Directed, RawOpenKey>, - rng: &mut R, + rng: &R, ) { // As a safety precaution, randomize keys that we don't // use. Leaving them unset (usually all zeros) is diff --git a/crates/aranya-fast-channels/src/shm/tests.rs b/crates/aranya-fast-channels/src/shm/tests.rs index d9d286a9..89474d2e 100644 --- a/crates/aranya-fast-channels/src/shm/tests.rs +++ b/crates/aranya-fast-channels/src/shm/tests.rs @@ -106,7 +106,7 @@ fn test_many_nodes() { // All the channels we've stored in the shared memory. let mut chans = Vec::with_capacity(MAX_CHANS * labels.len()); - let rng = &mut Rng; + let rng = &Rng; // NB: this is O(((n^2 + n)/2) * m) where n=MAX_CHANS // and m=len(labels). @@ -114,7 +114,7 @@ fn test_many_nodes() { for i in 0..MAX_CHANS { let chan = Channel { id: ChannelId::new(NodeId::new(u32::try_from(i).unwrap()), label), - keys: match util::rand_intn(&mut Rng, 3) { + keys: match util::rand_intn(rng, 3) { 0 => Directed::SealOnly { seal: RawSealKey::random(rng), }, diff --git a/crates/aranya-fast-channels/src/shm/write.rs b/crates/aranya-fast-channels/src/shm/write.rs index 9e01e4d2..006bd288 100644 --- a/crates/aranya-fast-channels/src/shm/write.rs +++ b/crates/aranya-fast-channels/src/shm/write.rs @@ -1,4 +1,4 @@ -use core::{cell::Cell, marker::PhantomData, ops::DerefMut, sync::atomic::Ordering}; +use core::{cell::Cell, marker::PhantomData, sync::atomic::Ordering}; use aranya_buggy::BugExt; use aranya_crypto::{ @@ -14,7 +14,6 @@ use super::{ #[allow(unused_imports)] use crate::features::*; use crate::{ - mutex::StdMutex, shm::shared::Op, state::{AranyaState, ChannelId, Directed}, util::debug, @@ -23,7 +22,7 @@ use crate::{ /// The writer's view of the shared memory state. pub struct WriteState { inner: State, - rng: StdMutex, + rng: R, /// Make `State` `!Sync` pending issues/95. _no_sync: PhantomData>, @@ -41,7 +40,7 @@ where { Ok(Self { inner: State::open(path, flag, mode, max_chans)?, - rng: StdMutex::new(rng), + rng, _no_sync: PhantomData, }) } @@ -62,8 +61,6 @@ where id: ChannelId, keys: Directed, ) -> Result<(), Error> { - let mut rng = self.rng.lock().assume("poisoned")?; - let (write_off, idx, grow) = { let off = self.inner.write_off(self.inner.shm())?; // Load state after loading the write offset because @@ -90,7 +87,7 @@ where }; debug!("adding chan {id} at {idx} grow={grow}"); - ShmChan::::init(chan, id, &keys, rng.deref_mut()); + ShmChan::::init(chan, id, &keys, &self.rng); let gen = side.gen.fetch_add(1, Ordering::AcqRel); debug!("write side gen={}", gen + 1); @@ -112,7 +109,7 @@ where let off = self.inner.swap_offsets(self.inner.shm(), write_off)?; let mut side = self.inner.shm().side(off)?.lock().assume("poisoned")?; - ShmChan::::init(side.raw_at(idx)?, id, &keys, rng.deref_mut()); + ShmChan::::init(side.raw_at(idx)?, id, &keys, &self.rng); let gen = side.gen.fetch_add(1, Ordering::AcqRel); debug!("read side gen={}", gen + 1); diff --git a/crates/aranya-fast-channels/src/testing/util.rs b/crates/aranya-fast-channels/src/testing/util.rs index 18ef13fa..319fb280 100644 --- a/crates/aranya-fast-channels/src/testing/util.rs +++ b/crates/aranya-fast-channels/src/testing/util.rs @@ -150,7 +150,7 @@ where T: TestImpl, CS: CipherSuite, { - fn new(rng: &mut R, state: T::Aranya) -> Self { + fn new(rng: &R, state: T::Aranya) -> Self { Self { ident_sk: IdentityKey::new(rng), enc_sk: EncryptionKey::new(rng), @@ -227,7 +227,7 @@ where let States { afc, aranya } = T::new_states::(self.name.as_str(), user_id, self.max_chans); - let user = User::new(&mut self.eng, aranya); + let user = User::new(&self.eng, aranya); let client = Client::>::new(afc); for (label, user_type) in labels { @@ -255,7 +255,7 @@ where let (our_side, peer_side) = { let author = (&user, user_id, user_type); let peer = (peer, *peer_id, *peer_type); - Self::new_channel(&mut self.eng, author, peer, label) + Self::new_channel(&self.eng, author, peer, label) }; // Register the peer. @@ -283,7 +283,7 @@ where } fn new_channel( - eng: &mut E, + eng: &E, author: (&User, NodeId, ChanOp), peer: (&User, NodeId, ChanOp), label: Label, @@ -306,7 +306,7 @@ where } fn new_bidi_channel( - eng: &mut E, + eng: &E, author: (&User, NodeId), peer: (&User, NodeId), label: Label, @@ -359,7 +359,7 @@ where } fn new_uni_channel( - eng: &mut E, + eng: &E, seal: (&User, NodeId), open: (&User, NodeId), label: Label, @@ -714,8 +714,8 @@ where } /// Returns a random `u32` in [0, n). -pub fn rand_intn(rng: &mut R, n: u32) -> u32 { - fn rand_u32(rng: &mut R) -> u32 { +pub fn rand_intn(rng: &R, n: u32) -> u32 { + fn rand_u32(rng: &R) -> u32 { let mut b = [0u8; 4]; rng.fill_bytes(&mut b); u32::from_le_bytes(b) diff --git a/crates/aranya-idam-ffi/src/ffi.rs b/crates/aranya-idam-ffi/src/ffi.rs index d112e671..bb361503 100644 --- a/crates/aranya-idam-ffi/src/ffi.rs +++ b/crates/aranya-idam-ffi/src/ffi.rs @@ -59,7 +59,7 @@ function derive_enc_key_id( pub(crate) fn derive_enc_key_id( &self, _ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, enc_pk: Vec, ) -> Result { let pk: EncryptionPublicKey = postcard::from_bytes(&enc_pk)?; @@ -76,7 +76,7 @@ function derive_sign_key_id( pub(crate) fn derive_sign_key_id( &self, _ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, sign_pk: Vec, ) -> Result { let pk: VerifyingKey = postcard::from_bytes(&sign_pk)?; @@ -93,7 +93,7 @@ function derive_user_id( pub(crate) fn derive_user_id( &self, _ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, ident_pk: Vec, ) -> Result { let pk: IdentityVerifyingKey = postcard::from_bytes(&ident_pk)?; @@ -107,7 +107,7 @@ function generate_group_key() struct StoredGroupKey pub(crate) fn generate_group_key( &self, _ctx: &CommandContext<'_>, - eng: &mut E, + eng: &E, ) -> Result { let group_key = GroupKey::new(eng); let key_id = group_key.id().into(); @@ -129,7 +129,7 @@ function seal_group_key( pub(crate) fn seal_group_key( &self, _ctx: &CommandContext<'_>, - eng: &mut E, + eng: &E, wrapped_group_key: Vec, peer_enc_pk: Vec, group_id: Id, @@ -157,7 +157,7 @@ function open_group_key( pub(crate) fn open_group_key( &self, _ctx: &CommandContext<'_>, - eng: &mut E, + eng: &E, sealed_group_key: SealedGroupKey, our_enc_sk_id: Id, group_id: Id, @@ -201,7 +201,7 @@ function encrypt_message( pub(crate) fn encrypt_message( &self, ctx: &CommandContext<'_>, - eng: &mut E, + eng: &E, plaintext: Vec, wrapped_group_key: Vec, our_sign_sk_id: Id, @@ -253,7 +253,7 @@ function decrypt_message( pub(crate) fn decrypt_message( &self, ctx: &CommandContext<'_>, - eng: &mut E, + eng: &E, parent_id: Id, ciphertext: Vec, wrapped_group_key: Vec, @@ -293,7 +293,7 @@ function compute_change_id( pub(crate) fn compute_change_id( &self, _ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, new_cmd_id: Id, current_change_id: Id, ) -> Result { diff --git a/crates/aranya-idam-ffi/src/testing.rs b/crates/aranya-idam-ffi/src/testing.rs index 03a50615..229907fa 100644 --- a/crates/aranya-idam-ffi/src/testing.rs +++ b/crates/aranya-idam-ffi/src/testing.rs @@ -87,12 +87,12 @@ where }); /// Test that we can unwrap `GroupKey`s. - pub fn test_generate_group_key(mut eng: E, store: S) { + pub fn test_generate_group_key(eng: E, store: S) { let ffi = Ffi::new(store); let ctx = &Self::CTX; let StoredGroupKey { key_id, wrapped } = ffi - .generate_group_key(ctx, &mut eng) + .generate_group_key(ctx, &eng) .expect("should be able to create `GroupKey`"); let wrapped = postcard::from_bytes(&wrapped).expect("should be able to decode wrapped `GroupKey`"); @@ -103,23 +103,23 @@ where } /// Test that we generate unique `GroupKey`s. - pub fn test_generate_unique_group_key(mut eng: E, store: S) { + pub fn test_generate_unique_group_key(eng: E, store: S) { let ffi = Ffi::new(store); let ctx = &Self::CTX; let sk1 = ffi - .generate_group_key(ctx, &mut eng) + .generate_group_key(ctx, &eng) .expect("should be able to create `GroupKey`"); let sk2 = ffi - .generate_group_key(ctx, &mut eng) + .generate_group_key(ctx, &eng) .expect("should be able to create `GroupKey`"); assert_ne!(sk1, sk2); } /// Test that we can encrypt then decrypt data. - pub fn test_encrypt_decrypt_message(mut eng: E, mut store: S) { + pub fn test_encrypt_decrypt_message(eng: E, mut store: S) { let (pk, key_id) = { - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); let id = sk.id().expect("signing key ID should be valid"); let wrapped = eng .wrap(sk.clone()) @@ -141,14 +141,14 @@ where let ctx = &Self::CTX; let StoredGroupKey { wrapped, .. } = ffi - .generate_group_key(ctx, &mut eng) + .generate_group_key(ctx, &eng) .expect("should be able to create `GroupKey`"); const WANT: &[u8] = b"hello, world!"; let ciphertext = ffi .encrypt_message( &action_ctx, - &mut eng, + &eng, WANT.to_vec(), wrapped.clone(), key_id.into(), @@ -156,16 +156,16 @@ where ) .expect("should be able to encrypt message"); let got = ffi - .decrypt_message(ctx, &mut eng, Id::default(), ciphertext, wrapped, pk) + .decrypt_message(ctx, &eng, Id::default(), ciphertext, wrapped, pk) .expect("should be able to decrypt message"); assert_eq!(got, WANT); } /// Test that we reject messages that have been tampered /// with. - pub fn test_decrypt_message_tampered_with(mut eng: E, mut store: S) { + pub fn test_decrypt_message_tampered_with(eng: E, mut store: S) { let (pk, key_id) = { - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); let id = sk.id().expect("signing key ID should be valid"); let wrapped = eng .wrap(sk.clone()) @@ -182,7 +182,7 @@ where let ffi = Ffi::new(store); let ctx = &Self::CTX; let StoredGroupKey { wrapped, .. } = ffi - .generate_group_key(ctx, &mut eng) + .generate_group_key(ctx, &eng) .expect("should be able to create `GroupKey`"); let action_ctx = CommandContext::Action(ActionContext { @@ -193,7 +193,7 @@ where let mut ciphertext = ffi .encrypt_message( &action_ctx, - &mut eng, + &eng, b"hello, world!".to_vec(), wrapped.clone(), key_id.into(), @@ -204,7 +204,7 @@ where ciphertext[0] = ciphertext[0].wrapping_add(1); let err = ffi - .decrypt_message(ctx, &mut eng, Id::default(), ciphertext, wrapped, pk) + .decrypt_message(ctx, &eng, Id::default(), ciphertext, wrapped, pk) .expect_err("should not be able to decrypt tampered with message"); assert_eq!(err.kind(), ErrorKind::Crypto); @@ -216,9 +216,9 @@ where /// Test that we reject messages that are encrypted with /// a different command name. - pub fn test_decrypt_message_different_cmd_name(mut eng: E, mut store: S) { + pub fn test_decrypt_message_different_cmd_name(eng: E, mut store: S) { let (pk, key_id) = { - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); let id = sk.id().expect("signing key ID should be valid"); let wrapped = eng .wrap(sk.clone()) @@ -234,7 +234,7 @@ where let ctx = &Self::CTX; let StoredGroupKey { wrapped, .. } = ffi - .generate_group_key(ctx, &mut eng) + .generate_group_key(ctx, &eng) .expect("should be able to create `GroupKey`"); let action_ctx = CommandContext::Action(ActionContext { @@ -245,7 +245,7 @@ where let ciphertext = ffi .encrypt_message( &action_ctx, - &mut eng, + &eng, b"hello, world!".to_vec(), wrapped.clone(), key_id.into(), @@ -260,7 +260,7 @@ where version: Id::default(), }); let err = ffi - .decrypt_message(&ctx, &mut eng, Id::default(), ciphertext, wrapped, pk) + .decrypt_message(&ctx, &eng, Id::default(), ciphertext, wrapped, pk) .expect_err( "should not be able to decrypt message encrypted with different command name", ); @@ -273,9 +273,9 @@ where /// Test that we reject messages that are encrypted with /// a different parent command ID. - pub fn test_decrypt_message_different_parent_cmd_id(mut eng: E, mut store: S) { + pub fn test_decrypt_message_different_parent_cmd_id(eng: E, mut store: S) { let (pk, key_id) = { - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); let id = sk.id().expect("signing key ID should be valid"); let wrapped = eng .wrap(sk.clone()) @@ -292,18 +292,18 @@ where let ctx = &Self::CTX; let StoredGroupKey { wrapped, .. } = ffi - .generate_group_key(ctx, &mut eng) + .generate_group_key(ctx, &eng) .expect("should be able to create `GroupKey`"); let action_ctx = CommandContext::Action(ActionContext { name: "dummy action", - head_id: Id::random(&mut eng), + head_id: Id::random(&eng), }); let ciphertext = ffi .encrypt_message( &action_ctx, - &mut eng, + &eng, b"hello, world!".to_vec(), wrapped.clone(), key_id.into(), @@ -312,7 +312,7 @@ where .expect("should be able to encrypt message"); let err = ffi - .decrypt_message(ctx, &mut eng, Id::default(), ciphertext, wrapped, pk) + .decrypt_message(ctx, &eng, Id::default(), ciphertext, wrapped, pk) .expect_err( "should not be able to decrypt message encrypted with different parent command ID", ); @@ -325,9 +325,9 @@ where /// Test that we reject messages that are encrypted with /// a different author. - pub fn test_decrypt_message_different_author(mut eng: E, mut store: S) { + pub fn test_decrypt_message_different_author(eng: E, mut store: S) { let key_id = { - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); let id = sk.id().expect("signing key ID should be valid"); let wrapped = eng .wrap(sk.clone()) @@ -341,11 +341,11 @@ where let ffi = Ffi::new(store); let ctx = &Self::CTX; let StoredGroupKey { wrapped, .. } = ffi - .generate_group_key(ctx, &mut eng) + .generate_group_key(ctx, &eng) .expect("should be able to create `GroupKey`"); let pk = { - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); postcard::to_allocvec(&sk.public().expect("verifying key should be valid")) .expect("should be able to encode `VerifyingKey`") }; @@ -358,7 +358,7 @@ where let ciphertext = ffi .encrypt_message( &action_ctx, - &mut eng, + &eng, b"hello, world!".to_vec(), wrapped.clone(), key_id.into(), @@ -367,7 +367,7 @@ where .expect("should be able to encrypt message"); let err = ffi - .decrypt_message(ctx, &mut eng, Id::default(), ciphertext, wrapped, pk) + .decrypt_message(ctx, &eng, Id::default(), ciphertext, wrapped, pk) .expect_err("should not be able to decrypt message encrypted with different author"); assert_eq!(err.kind(), ErrorKind::Crypto); assert_eq!( @@ -377,12 +377,12 @@ where } /// Tests that we can seal and open a `GroupKey`. - pub fn test_seal_open_group_key(mut eng: E, mut store: S) { + pub fn test_seal_open_group_key(eng: E, mut store: S) { // TODO(eric): this test should really use two different // `Ffi`s. let (sk, pk) = { - let sk = EncryptionKey::::new(&mut eng); + let sk = EncryptionKey::::new(&eng); let id = sk .id() .expect("encryption key ID should be valid") @@ -403,18 +403,18 @@ where let ctx = &Self::CTX; let want = ffi - .generate_group_key(ctx, &mut eng) + .generate_group_key(ctx, &eng) .expect("should be able to create `GroupKey`"); - let group_id = Id::random(&mut eng); + let group_id = Id::random(&eng); let sealed = ffi - .seal_group_key(ctx, &mut eng, want.wrapped.clone(), pk, group_id) + .seal_group_key(ctx, &eng, want.wrapped.clone(), pk, group_id) .expect("should be able to encrypt `GroupKey`"); let got = ffi .open_group_key( ctx, - &mut eng, + &eng, sealed, sk.id() .expect("encryption key ID should be valid") @@ -449,12 +449,12 @@ where /// Tests that we reject encrypted `GroupKey`s where the /// ciphertext has been tampered with. - pub fn test_open_group_key_ciphertext_tampered_with(mut eng: E, mut store: S) { + pub fn test_open_group_key_ciphertext_tampered_with(eng: E, mut store: S) { // TODO(eric): this test should really use two different // `Ffi`s. let (sk, pk) = { - let sk = EncryptionKey::::new(&mut eng); + let sk = EncryptionKey::::new(&eng); let id = sk .id() .expect("encryption key ID should be valid") @@ -475,12 +475,12 @@ where let ctx = &Self::CTX; let want = ffi - .generate_group_key(ctx, &mut eng) + .generate_group_key(ctx, &eng) .expect("should be able to create `GroupKey`"); - let group_id = Id::random(&mut eng); + let group_id = Id::random(&eng); let mut sealed = ffi - .seal_group_key(ctx, &mut eng, want.wrapped.clone(), pk, group_id) + .seal_group_key(ctx, &eng, want.wrapped.clone(), pk, group_id) .expect("should be able to encrypt `GroupKey`"); sealed.ciphertext[0] = sealed.ciphertext[0].wrapping_add(1); @@ -488,7 +488,7 @@ where let err = ffi .open_group_key( ctx, - &mut eng, + &eng, sealed, sk.id() .expect("encryption key ID should be valid") @@ -507,12 +507,12 @@ where /// Tests that we reject encrypted `GroupKey`s where the /// encapsulated key has been tampered with. - pub fn test_open_group_key_encap_tampered_with(mut eng: E, mut store: S) { + pub fn test_open_group_key_encap_tampered_with(eng: E, mut store: S) { // TODO(eric): this test should really use two different // `Ffi`s. let (sk, pk) = { - let sk = EncryptionKey::::new(&mut eng); + let sk = EncryptionKey::::new(&eng); let id = sk .id() .expect("encryption key ID should be valid") @@ -533,12 +533,12 @@ where let ctx = &Self::CTX; let want = ffi - .generate_group_key(ctx, &mut eng) + .generate_group_key(ctx, &eng) .expect("should be able to create `GroupKey`"); - let group_id = Id::random(&mut eng); + let group_id = Id::random(&eng); let mut sealed = ffi - .seal_group_key(ctx, &mut eng, want.wrapped.clone(), pk, group_id) + .seal_group_key(ctx, &eng, want.wrapped.clone(), pk, group_id) .expect("should be able to encrypt `GroupKey`"); // We don't know the structure of `v`, so clobber the @@ -549,7 +549,7 @@ where ffi.open_group_key( ctx, - &mut eng, + &eng, sealed, sk.id() .expect("encryption key ID should be valid") @@ -561,12 +561,12 @@ where /// Tests that we reject `GroupKey`s encrypted with the wrong /// group ID. - pub fn test_open_group_key_wrong_group_id(mut eng: E, mut store: S) { + pub fn test_open_group_key_wrong_group_id(eng: E, mut store: S) { // TODO(eric): this test should really use two different // `Ffi`s. let (sk, pk) = { - let sk = EncryptionKey::::new(&mut eng); + let sk = EncryptionKey::::new(&eng); let id = sk .id() .expect("encryption key ID should be valid") @@ -587,19 +587,19 @@ where let ctx = &Self::CTX; let want = ffi - .generate_group_key(ctx, &mut eng) + .generate_group_key(ctx, &eng) .expect("should be able to create `GroupKey`"); - let group_id = Id::random(&mut eng); + let group_id = Id::random(&eng); let sealed = ffi - .seal_group_key(ctx, &mut eng, want.wrapped.clone(), pk, group_id) + .seal_group_key(ctx, &eng, want.wrapped.clone(), pk, group_id) .expect("should be able to encrypt `GroupKey`"); - let wrong_group_id = Id::random(&mut eng); + let wrong_group_id = Id::random(&eng); let err = ffi .open_group_key( ctx, - &mut eng, + &eng, sealed, sk.id() .expect("encryption key ID should be valid") @@ -619,9 +619,9 @@ where } /// Round trip tests `derive_enc_key_id`. - pub fn test_derive_enc_key_id(mut eng: E, store: S) { + pub fn test_derive_enc_key_id(eng: E, store: S) { let ffi = Ffi::new(store); - let sk = EncryptionKey::::new(&mut eng); + let sk = EncryptionKey::::new(&eng); let want = sk .public() .expect("encryption public key should be valid") @@ -632,15 +632,15 @@ where postcard::to_allocvec(&sk.public().expect("public encryption key should be valid")) .expect("should be able to encode `EncryptionPublicKey`"); let got = ffi - .derive_enc_key_id(&Self::CTX, &mut eng, enc_pk) + .derive_enc_key_id(&Self::CTX, &eng, enc_pk) .expect("should be able to derive `EncryptionPublicKey` ID"); assert_eq!(want, got); } /// Round trip tests `derive_sign_key_id`. - pub fn test_derive_sign_key_id(mut eng: E, store: S) { + pub fn test_derive_sign_key_id(eng: E, store: S) { let ffi = Ffi::new(store); - let sk = SigningKey::::new(&mut eng); + let sk = SigningKey::::new(&eng); let want = sk .public() .expect("verifying key should be valid") @@ -650,15 +650,15 @@ where let sign_pk = postcard::to_allocvec(&sk.public().expect("verifying key should be valid")) .expect("should be able to encode `VerifyingKey`"); let got = ffi - .derive_sign_key_id(&Self::CTX, &mut eng, sign_pk) + .derive_sign_key_id(&Self::CTX, &eng, sign_pk) .expect("should be able to derive `VerifyingKey` ID"); assert_eq!(want, got); } /// Round trip tests `derive_user_id`. - pub fn test_derive_user_id(mut eng: E, store: S) { + pub fn test_derive_user_id(eng: E, store: S) { let ffi = Ffi::new(store); - let sk = IdentityKey::::new(&mut eng); + let sk = IdentityKey::::new(&eng); let want = sk .public() .expect("identity verifying key should be valid") @@ -669,7 +669,7 @@ where postcard::to_allocvec(&sk.public().expect("identity verifying key should be valid")) .expect("should be able to encode `IdentityVerifyingKey`"); let got = ffi - .derive_user_id(&Self::CTX, &mut eng, ident_pk) + .derive_user_id(&Self::CTX, &eng, ident_pk) .expect("should be able to derive `VerifyingKey` ID"); assert_eq!(want, got); } diff --git a/crates/aranya-model/src/model.rs b/crates/aranya-model/src/model.rs index 54458686..c5bd0cb9 100644 --- a/crates/aranya-model/src/model.rs +++ b/crates/aranya-model/src/model.rs @@ -492,7 +492,7 @@ where .get(&graph_proxy_id) .ok_or(ModelError::GraphNotFound)?; - let mut request_syncer = SyncRequester::new(*storage_id, &mut Rng::new(), ()); + let mut request_syncer = SyncRequester::new(*storage_id, &Rng::new(), ()); assert!(request_syncer.ready()); let mut request_trx = request_state.transaction(*storage_id); diff --git a/crates/aranya-model/src/tests/keygen.rs b/crates/aranya-model/src/tests/keygen.rs index 54457ea7..86f8911b 100644 --- a/crates/aranya-model/src/tests/keygen.rs +++ b/crates/aranya-model/src/tests/keygen.rs @@ -34,7 +34,7 @@ impl KeyBundle { /// Generates a key bundle. /// /// The wrapped keys are stored inside of `store`. - pub fn generate(eng: &mut E, store: &mut S) -> Result + pub fn generate(eng: &E, store: &mut S) -> Result where E: Engine, S: KeyStore, @@ -63,7 +63,7 @@ impl KeyBundle { } /// Loads the public keys from `store`. - pub fn public_keys(&self, eng: &mut E, store: &S) -> Result> + pub fn public_keys(&self, eng: &E, store: &S) -> Result> where E: Engine, S: KeyStore, @@ -87,7 +87,7 @@ impl MinKeyBundle { /// Generates a minimum key bundle. /// /// The wrapped keys are stored inside of `store`. - pub fn generate(eng: &mut E, store: &mut S) -> Result + pub fn generate(eng: &E, store: &mut S) -> Result where E: Engine, S: KeyStore, diff --git a/crates/aranya-model/src/tests/mod.rs b/crates/aranya-model/src/tests/mod.rs index 574c5c05..b5e4f143 100644 --- a/crates/aranya-model/src/tests/mod.rs +++ b/crates/aranya-model/src/tests/mod.rs @@ -83,7 +83,7 @@ impl ClientFactory for BasicClientFactory { // Configure testing FFIs let ffis: Vec + Send + 'static>> = vec![Box::from(TestFfiEnvelope { - user: UserId::random(&mut Rng), + user: UserId::random(&Rng), })]; let policy = VmPolicy::new(self.machine.clone(), eng, ffis).expect("should create policy"); @@ -145,11 +145,10 @@ impl ClientFactory for FfiClientFactory { }; // Generate key bundle - let (mut eng, _) = DefaultEngine::from_entropy(Rng); - let bundle = - KeyBundle::generate(&mut eng, &mut store).expect("unable to generate `KeyBundle`"); + let (eng, _) = DefaultEngine::from_entropy(Rng); + let bundle = KeyBundle::generate(&eng, &mut store).expect("unable to generate `KeyBundle`"); let public_keys = bundle - .public_keys(&mut eng, &store) + .public_keys(&eng, &store) .expect("unable to generate public keys"); // Configure FFIs @@ -1275,14 +1274,14 @@ fn should_create_clients_with_args() { Store::open(&path).expect("should create keystore") }; - let (mut eng, _) = DefaultEngine::from_entropy(Rng); + let (eng, _) = DefaultEngine::from_entropy(Rng); // Generate key bundle let bundle = - KeyBundle::generate(&mut eng, &mut store).expect("unable to generate `KeyBundle`"); + KeyBundle::generate(&eng, &mut store).expect("unable to generate `KeyBundle`"); // Assign public keys to our variable public_keys = bundle - .public_keys(&mut eng, &store) + .public_keys(&eng, &store) .expect("unable to generate public keys"); // Configure FFIs @@ -1352,10 +1351,10 @@ fn should_create_clients_with_args() { Store::open(&path).expect("should create keystore") }; - let (mut eng, _) = DefaultEngine::from_entropy(Rng); + let (eng, _) = DefaultEngine::from_entropy(Rng); // Generate key bundle - let bundle = MinKeyBundle::generate(&mut eng, &mut store) - .expect("unable to generate `KeyBundle`"); + let bundle = + MinKeyBundle::generate(&eng, &mut store).expect("unable to generate `KeyBundle`"); // Configure FFIs let ffis: Vec + Send + 'static>> = vec![ diff --git a/crates/aranya-perspective-ffi/src/ffi.rs b/crates/aranya-perspective-ffi/src/ffi.rs index 71f6ddc9..cfc819e2 100644 --- a/crates/aranya-perspective-ffi/src/ffi.rs +++ b/crates/aranya-perspective-ffi/src/ffi.rs @@ -24,7 +24,7 @@ impl FfiPerspective { pub(crate) fn head_id( &mut self, ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, ) -> Result { match ctx { CommandContext::Action(actx) => Ok(actx.head_id), diff --git a/crates/aranya-perspective-ffi/src/tests.rs b/crates/aranya-perspective-ffi/src/tests.rs index 17a853e6..272a2e6c 100644 --- a/crates/aranya-perspective-ffi/src/tests.rs +++ b/crates/aranya-perspective-ffi/src/tests.rs @@ -13,7 +13,7 @@ use crate::FfiPerspective; #[test] fn test_head_id() { - let (mut eng, _) = DefaultEngine::<_>::from_entropy(Rng); + let (eng, _) = DefaultEngine::<_>::from_entropy(Rng); let mut perspective = FfiPerspective {}; let head_id = Id::default(); @@ -22,7 +22,7 @@ fn test_head_id() { name: "action", head_id, }); - assert_eq!(perspective.head_id(&context, &mut eng).unwrap(), head_id); + assert_eq!(perspective.head_id(&context, &eng).unwrap(), head_id); } { @@ -30,16 +30,13 @@ fn test_head_id() { name: "seal", head_id, }); - assert_eq!(perspective.head_id(&context, &mut eng).unwrap(), head_id); + assert_eq!(perspective.head_id(&context, &eng).unwrap(), head_id); } { let context = CommandContext::Open(OpenContext { name: "open" }); assert_eq!( - perspective - .head_id(&context, &mut eng) - .unwrap_err() - .err_type, + perspective.head_id(&context, &eng).unwrap_err().err_type, MachineErrorType::Unknown( "head_id is only available in Seal and Action contexts".to_string() ) @@ -54,10 +51,7 @@ fn test_head_id() { version: Id::default(), }); assert_eq!( - perspective - .head_id(&context, &mut eng) - .expect_err("") - .err_type, + perspective.head_id(&context, &eng).expect_err("").err_type, MachineErrorType::Unknown( "head_id is only available in Seal and Action contexts".to_string() ) @@ -72,10 +66,7 @@ fn test_head_id() { version: Id::default(), }); assert_eq!( - perspective - .head_id(&context, &mut eng) - .expect_err("") - .err_type, + perspective.head_id(&context, &eng).expect_err("").err_type, MachineErrorType::Unknown( "head_id is only available in Seal and Action contexts".to_string() ) diff --git a/crates/aranya-policy-derive/src/ffi.rs b/crates/aranya-policy-derive/src/ffi.rs index 7912aa39..502c081c 100644 --- a/crates/aranya-policy-derive/src/ffi.rs +++ b/crates/aranya-policy-derive/src/ffi.rs @@ -283,7 +283,7 @@ pub(crate) fn parse(attr: TokenStream, item: TokenStream) -> syn::Result, - __eng: &mut __E, + __eng: &__E, ) -> ::core::result::Result<(), Self::Error> { #[allow(non_camel_case_types, clippy::enum_variant_names)] enum __Func { @@ -512,12 +512,12 @@ impl Func { .any(|arg| matches!(arg, FnArg::Receiver(_))); // The second and third arguments are `&CommandContext` - // and `&mut E`, which are passed in by `call`, so skip + // and `&E`, which are passed in by `call`, so skip // them. // // TODO(eric): we should issue a diagnostic when the // first non-self argument isn't `&CommandContext` and - // second argument isn't `&mut E`. + // second argument isn't `&E`. let num_skip = if is_method { 3 } else { 2 }; let num_args = match item.sig.inputs.len().checked_sub(num_skip) { Some(n) => n, diff --git a/crates/aranya-policy-vm/src/derive.rs b/crates/aranya-policy-vm/src/derive.rs index c65b85e6..25c59cd7 100644 --- a/crates/aranya-policy-vm/src/derive.rs +++ b/crates/aranya-policy-vm/src/derive.rs @@ -112,7 +112,7 @@ /// #[ffi_export(def = "function add(x int, y int) int")] /// fn add( /// _ctx: &CommandContext<'_>, -/// _eng: &mut E, +/// _eng: &E, /// x: i64, /// y: i64, /// ) -> Result { @@ -124,7 +124,7 @@ /// #[ffi_export(def = "function quo(x int, y int) int")] /// fn quo( /// _ctx: &CommandContext<'_>, -/// _eng: &mut E, +/// _eng: &E, /// x: i64, /// y: i64, /// ) -> Result { @@ -134,7 +134,7 @@ /// #[ffi_export(def = "function custom_def(a int, b bytes) bool")] /// fn custom_def( /// _ctx: &CommandContext<'_>, -/// _eng: &mut E, +/// _eng: &E, /// _a: i64, /// _b: Vec, /// ) -> Result { @@ -144,7 +144,7 @@ /// #[ffi_export(def = "function struct_fn(x struct S0) struct S1")] /// fn struct_fn( /// _ctx: &CommandContext<'_>, -/// _eng: &mut E, +/// _eng: &E, /// x: S0, /// ) -> Result { /// Ok(S1 { x }) diff --git a/crates/aranya-policy-vm/src/ffi.rs b/crates/aranya-policy-vm/src/ffi.rs index 54cec3f9..207eed63 100644 --- a/crates/aranya-policy-vm/src/ffi.rs +++ b/crates/aranya-policy-vm/src/ffi.rs @@ -24,6 +24,6 @@ pub trait FfiModule { procedure: usize, stack: &mut impl Stack, ctx: &CommandContext<'_>, - eng: &mut E, + eng: &E, ) -> Result<(), Self::Error>; } diff --git a/crates/aranya-policy-vm/src/tests/ffi.rs b/crates/aranya-policy-vm/src/tests/ffi.rs index b6fc8bab..3121e083 100644 --- a/crates/aranya-policy-vm/src/tests/ffi.rs +++ b/crates/aranya-policy-vm/src/tests/ffi.rs @@ -28,7 +28,7 @@ impl FfiModule for PrintFfi { procedure: usize, stack: &mut impl Stack, _ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, ) -> Result<(), Self::Error> { match procedure { 0 => { diff --git a/crates/aranya-policy-vm/src/tests/io.rs b/crates/aranya-policy-vm/src/tests/io.rs index c4527b15..0e0f097e 100644 --- a/crates/aranya-policy-vm/src/tests/io.rs +++ b/crates/aranya-policy-vm/src/tests/io.rs @@ -137,7 +137,7 @@ where ctx: &CommandContext<'_>, ) -> Result<(), MachineError> { match module { - 0 => self.print_ffi.call(procedure, stack, ctx, &mut self.engine), + 0 => self.print_ffi.call(procedure, stack, ctx, &self.engine), _ => Err(MachineError::new(MachineErrorType::FfiModuleNotDefined( module, ))), diff --git a/crates/aranya-policy-vm/tests/bits/printffi.rs b/crates/aranya-policy-vm/tests/bits/printffi.rs index a041fec7..d32e1370 100644 --- a/crates/aranya-policy-vm/tests/bits/printffi.rs +++ b/crates/aranya-policy-vm/tests/bits/printffi.rs @@ -27,7 +27,7 @@ impl FfiModule for PrintFfi { procedure: usize, stack: &mut impl Stack, _ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, ) -> Result<(), Self::Error> { match procedure { 0 => { diff --git a/crates/aranya-policy-vm/tests/bits/testio.rs b/crates/aranya-policy-vm/tests/bits/testio.rs index f8876070..80f61c77 100644 --- a/crates/aranya-policy-vm/tests/bits/testio.rs +++ b/crates/aranya-policy-vm/tests/bits/testio.rs @@ -142,7 +142,7 @@ where ctx: &CommandContext<'_>, ) -> Result<(), MachineError> { match module { - 0 => self.print_ffi.call(procedure, stack, ctx, &mut self.engine), + 0 => self.print_ffi.call(procedure, stack, ctx, &self.engine), _ => Err(MachineError::new(MachineErrorType::FfiModuleNotDefined( module, ))), diff --git a/crates/aranya-policy-vm/tests/ffi.rs b/crates/aranya-policy-vm/tests/ffi.rs index baf164e4..86bd5097 100644 --- a/crates/aranya-policy-vm/tests/ffi.rs +++ b/crates/aranya-policy-vm/tests/ffi.rs @@ -53,7 +53,7 @@ impl TestState> { }); let idx = self.procs.get(name).ok_or(TestStateError::UnknownFunc)?; self.module - .call(*idx, &mut self.stack, &ctx, &mut self.engine) + .call(*idx, &mut self.stack, &ctx, &self.engine) .map_err(TestStateError::Module) } @@ -166,7 +166,7 @@ impl TestModule<'_, T, G> { #[ffi_export(def = "function add(x int, y int) int")] fn add( _ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, x: i64, y: i64, ) -> Result { @@ -176,7 +176,7 @@ impl TestModule<'_, T, G> { #[ffi_export(def = "function sub(x int, y int) int")] fn sub( _ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, x: i64, y: i64, ) -> Result { @@ -186,7 +186,7 @@ impl TestModule<'_, T, G> { #[ffi_export(def = "function concat(a string, b string) string")] fn concat( _ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, a: String, b: String, ) -> Result { @@ -197,25 +197,21 @@ impl TestModule<'_, T, G> { fn identity( &self, _ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, id_input: Id, ) -> Result { Ok(id_input) } #[ffi_export(def = "function no_args() int")] - fn no_args( - &self, - _ctx: &CommandContext<'_>, - _eng: &mut E, - ) -> Result { + fn no_args(&self, _ctx: &CommandContext<'_>, _eng: &E) -> Result { Ok(Self::NO_ARGS_RESULT) } #[ffi_export(def = "function custom_type(label int) int")] fn custom_type( _ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, label: Label, ) -> Result { assert_eq!(label, Self::CUSTOM_TYPE_ARG); @@ -225,7 +221,7 @@ impl TestModule<'_, T, G> { #[ffi_export(def = "function custom_type_optional(label optional int) optional int")] fn custom_type_optional( _ctx: &CommandContext<'_>, - _eng: &mut E, + _eng: &E, label: Option