diff --git a/Cargo.toml b/Cargo.toml index 359c857..30bd4b7 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -10,12 +10,12 @@ repository = "https://github.com/trussed-dev/ctap-types" [dependencies] arbitrary = { version = "1.3.2", features = ["derive"], optional = true } bitflags = "1.3" -cbor-smol = { version = "0.5", features = ["heapless-bytes-v0-3"] } -cosey = "0.3.1" +cbor-smol = { version = "0.5", features = ["heapless-bytes-v0-5"] } +cosey = "0.4.0" delog = "0.1" -heapless = { version = "0.7", default-features = false, features = ["serde"] } -heapless-bytes = "0.3" -iso7816 = "0.1.3" +heapless = { version = "0.9", default-features = false, features = ["serde"] } +heapless-bytes = "0.5" +iso7816 = "0.2.0" serde = { version = "1", default-features = false, features = ["derive"] } serde-indexed = "0.1.1" serde_bytes = { version = "0.11.14", default-features = false } diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml index af04744..8c23838 100644 --- a/fuzz/Cargo.toml +++ b/fuzz/Cargo.toml @@ -8,7 +8,7 @@ edition = "2021" cargo-fuzz = true [dependencies] -iso7816 = "0.1.2" +iso7816 = "0.2.0" libfuzzer-sys = "0.4" [dependencies.ctap-types] diff --git a/src/arbitrary.rs b/src/arbitrary.rs index 8d55dce..70655dd 100644 --- a/src/arbitrary.rs +++ b/src/arbitrary.rs @@ -302,7 +302,7 @@ fn arbitrary_byte_array<'a, const N: usize>(u: &mut Unstructured<'_>) -> Result< fn arbitrary_bytes(u: &mut Unstructured<'_>) -> Result> { let n = usize::arbitrary(u)?.min(N); - Ok(Bytes::from_slice(u.bytes(n)?).unwrap()) + Ok(Bytes::try_from(u.bytes(n)?).unwrap()) } fn arbitrary_vec<'a, T: Arbitrary<'a> + Debug, const N: usize>( diff --git a/src/ctap1.rs b/src/ctap1.rs index 805f023..9ce3e55 100644 --- a/src/ctap1.rs +++ b/src/ctap1.rs @@ -131,25 +131,24 @@ pub enum Response { impl Response { #[allow(clippy::result_unit_err)] #[inline(never)] - pub fn serialize( - &self, - buf: &mut iso7816::Data, - ) -> core::result::Result<(), ()> { + pub fn serialize(&self, buf: &mut heapless::VecView) -> core::result::Result<(), ()> { match self { Response::Register(reg) => { buf.push(reg.header_byte).map_err(drop)?; - buf.extend_from_slice(®.public_key)?; + buf.extend_from_slice(®.public_key).map_err(drop)?; buf.push(reg.key_handle.len() as u8).map_err(drop)?; - buf.extend_from_slice(®.key_handle)?; - buf.extend_from_slice(®.attestation_certificate)?; - buf.extend_from_slice(®.signature) + buf.extend_from_slice(®.key_handle).map_err(drop)?; + buf.extend_from_slice(®.attestation_certificate) + .map_err(drop)?; + buf.extend_from_slice(®.signature).map_err(drop) } Response::Authenticate(auth) => { buf.push(auth.user_presence).map_err(drop)?; - buf.extend_from_slice(&auth.count.to_be_bytes())?; - buf.extend_from_slice(&auth.signature) + buf.extend_from_slice(&auth.count.to_be_bytes()) + .map_err(drop)?; + buf.extend_from_slice(&auth.signature).map_err(drop) } - Response::Version(version) => buf.extend_from_slice(version), + Response::Version(version) => buf.extend_from_slice(version).map_err(drop), } } } @@ -314,15 +313,15 @@ mod tests { fn test_register_response() { let public_key = hex!("b174bc49c7ca254b70d2e5c207cee9cf174820ebd77ea3c65508c26da51b657c1cc6b952f8621697936482da0a6d3d3826a59095daf6cd7c03e2e60385d2f6d9"); let public_key = cosey::EcdhEsHkdf256PublicKey { - x: Bytes::from_slice(&public_key[..32]).unwrap(), - y: Bytes::from_slice(&public_key[32..]).unwrap(), + x: Bytes::try_from(&public_key[..32]).unwrap(), + y: Bytes::try_from(&public_key[32..]).unwrap(), }; let key_handle = hex!("2a552dfdb7477ed65fd84133f86196010b2215b57da75d315b7b9e8fe2e3925a6019551bab61d16591659cbaf00b4950f7abfe6660e2e006f76868b772d70c25"); - let key_handle = Bytes::from_slice(&key_handle).unwrap(); + let key_handle = Bytes::try_from(&key_handle).unwrap(); let signature = hex!("304502201471899bcc3987e62e8202c9b39c33c19033f7340352dba80fcab017db9230e402210082677d673d891933ade6f617e5dbde2e247e70423fd5ad7804a6d3d3961ef871"); - let signature = Bytes::from_slice(&signature).unwrap(); + let signature = Bytes::try_from(&signature).unwrap(); let attestation_certificate = hex!("3082013c3081e4a003020102020a47901280001155957352300a06082a8648ce3d0403023017311530130603550403130c476e756262792050696c6f74301e170d3132303831343138323933325a170d3133303831343138323933325a3031312f302d0603550403132650696c6f74476e756262792d302e342e312d34373930313238303030313135353935373335323059301306072a8648ce3d020106082a8648ce3d030107034200048d617e65c9508e64bcc5673ac82a6799da3c1446682c258c463fffdf58dfd2fa3e6c378b53d795c4a4dffb4199edd7862f23abaf0203b4b8911ba0569994e101300a06082a8648ce3d0403020347003044022060cdb6061e9c22262d1aac1d96d8c70829b2366531dda268832cb836bcd30dfa0220631b1459f09e6330055722c8d89b7f48883b9089b88d60d1d9795902b30410df"); - let attestation_certificate = Bytes::from_slice(&attestation_certificate).unwrap(); + let attestation_certificate = Bytes::try_from(&attestation_certificate).unwrap(); let response = register::Response::new( 0x05, &public_key, @@ -371,7 +370,7 @@ mod tests { #[test] fn test_authenticate_response() { let signature = &hex!("304402204b5f0cd17534cedd8c34ee09570ef542a353df4436030ce43d406de870b847780220267bb998fac9b7266eb60e7cb0b5eabdfd5ba9614f53c7b22272ec10047a923f"); - let signature = Bytes::from_slice(signature).unwrap(); + let signature = Bytes::try_from(signature).unwrap(); let response = authenticate::Response { user_presence: 1, count: 1, diff --git a/src/ctap2.rs b/src/ctap2.rs index 354a5c1..18cc841 100644 --- a/src/ctap2.rs +++ b/src/ctap2.rs @@ -4,9 +4,10 @@ //! [`Response`]. use bitflags::bitflags; use cbor_smol::cbor_deserialize; +use heapless::{Vec, VecView}; use serde::{Deserialize, Serialize}; -use crate::{sizes::*, Bytes, TryFromStrError, Vec}; +use crate::{sizes::*, Bytes, TryFromStrError}; pub use crate::operation::{Operation, VendorOperation}; @@ -148,7 +149,7 @@ pub enum Response { impl Response { #[inline(never)] - pub fn serialize(&self, buffer: &mut Vec) { + pub fn serialize(&self, buffer: &mut VecView) { buffer.resize_default(buffer.capacity()).ok(); let (status, data) = buffer.split_first_mut().unwrap(); use cbor_smol::cbor_serialize; diff --git a/src/ctap2/client_pin.rs b/src/ctap2/client_pin.rs index 50b4dae..36e226d 100644 --- a/src/ctap2/client_pin.rs +++ b/src/ctap2/client_pin.rs @@ -188,8 +188,8 @@ mod tests { #[test] fn test_de_request_set_pin() { let key_agreement = EcdhEsHkdf256PublicKey { - x: Bytes::from_slice(&KEY_AGREEMENT[..32]).unwrap(), - y: Bytes::from_slice(&KEY_AGREEMENT[32..]).unwrap(), + x: Bytes::try_from(&KEY_AGREEMENT[..32]).unwrap(), + y: Bytes::try_from(&KEY_AGREEMENT[32..]).unwrap(), }; let request = Request { pin_protocol: Some(1), @@ -246,8 +246,8 @@ mod tests { #[test] fn test_de_request_change_pin() { let key_agreement = EcdhEsHkdf256PublicKey { - x: Bytes::from_slice(&KEY_AGREEMENT[..32]).unwrap(), - y: Bytes::from_slice(&KEY_AGREEMENT[32..]).unwrap(), + x: Bytes::try_from(&KEY_AGREEMENT[..32]).unwrap(), + y: Bytes::try_from(&KEY_AGREEMENT[32..]).unwrap(), }; let request = Request { pin_protocol: Some(1), @@ -307,8 +307,8 @@ mod tests { #[test] fn test_de_get_pin_token() { let key_agreement = EcdhEsHkdf256PublicKey { - x: Bytes::from_slice(&KEY_AGREEMENT[..32]).unwrap(), - y: Bytes::from_slice(&KEY_AGREEMENT[32..]).unwrap(), + x: Bytes::try_from(&KEY_AGREEMENT[..32]).unwrap(), + y: Bytes::try_from(&KEY_AGREEMENT[32..]).unwrap(), }; let request = Request { pin_protocol: Some(1), @@ -362,8 +362,8 @@ mod tests { #[test] fn test_de_get_pin_token_with_permissions() { let key_agreement = EcdhEsHkdf256PublicKey { - x: Bytes::from_slice(&KEY_AGREEMENT[..32]).unwrap(), - y: Bytes::from_slice(&KEY_AGREEMENT[32..]).unwrap(), + x: Bytes::try_from(&KEY_AGREEMENT[..32]).unwrap(), + y: Bytes::try_from(&KEY_AGREEMENT[32..]).unwrap(), }; let request = Request { pin_protocol: Some(1), @@ -442,8 +442,8 @@ mod tests { #[test] fn test_ser_response_get_key_agreement() { let key_agreement = EcdhEsHkdf256PublicKey { - x: Bytes::from_slice(&KEY_AGREEMENT[..32]).unwrap(), - y: Bytes::from_slice(&KEY_AGREEMENT[32..]).unwrap(), + x: Bytes::try_from(&KEY_AGREEMENT[..32]).unwrap(), + y: Bytes::try_from(&KEY_AGREEMENT[32..]).unwrap(), }; let response = Response { key_agreement: Some(key_agreement), @@ -481,7 +481,7 @@ mod tests { #[test] fn test_ser_response_get_pin_token() { let response = Response { - pin_token: Some(Bytes::from_slice(PIN_TOKEN).unwrap()), + pin_token: Some(Bytes::try_from(PIN_TOKEN).unwrap()), ..Default::default() }; assert_ser_tokens( diff --git a/src/ctap2/get_info.rs b/src/ctap2/get_info.rs index 945f7a3..b5e2ca4 100644 --- a/src/ctap2/get_info.rs +++ b/src/ctap2/get_info.rs @@ -139,7 +139,8 @@ impl Default for Response { fn default() -> Self { let mut zero_aaguid = Vec::::new(); zero_aaguid.resize_default(16).unwrap(); - let aaguid = Bytes::<16>::from(zero_aaguid); + let mut aaguid = Bytes::new(); + aaguid.resize_zero(16).unwrap(); let mut response = ResponseBuilder { aaguid, @@ -483,7 +484,7 @@ mod tests { #[test] fn test_serde_get_info_minimal() { let versions = Vec::from_slice(&[Version::Fido2_0, Version::Fido2_1]).unwrap(); - let aaguid = Bytes::from_slice(&[0xff; 16]).unwrap(); + let aaguid = Bytes::try_from(&[0xff; 16]).unwrap(); let response = ResponseBuilder { versions, aaguid }.build(); assert_tokens( &response, @@ -510,7 +511,7 @@ mod tests { ]; let versions = Vec::from_slice(&[Version::U2fV2, Version::Fido2_0, Version::Fido2_1]).unwrap(); - let aaguid = Bytes::from_slice(AAGUID).unwrap(); + let aaguid = Bytes::try_from(AAGUID).unwrap(); let mut options = CtapOptions::default(); options.rk = true; options.plat = Some(false); diff --git a/src/ctap2/large_blobs.rs b/src/ctap2/large_blobs.rs index 11a68e4..1ef8f62 100644 --- a/src/ctap2/large_blobs.rs +++ b/src/ctap2/large_blobs.rs @@ -105,7 +105,7 @@ mod tests { #[test] fn test_ser_response() { let response = Response { - config: Some(Bytes::from_slice(&[]).unwrap()), + config: Some(Bytes::new()), ..Default::default() }; assert_ser_tokens( diff --git a/src/webauthn.rs b/src/webauthn.rs index 48d4dc6..900b019 100644 --- a/src/webauthn.rs +++ b/src/webauthn.rs @@ -144,7 +144,7 @@ impl From for PublicKeyCredentialParameters fn from(value: KnownPublicKeyCredentialParameters) -> Self { Self { alg: value.alg, - key_type: String::from("public-key"), + key_type: String::try_from("public-key").unwrap(), } } } @@ -243,7 +243,7 @@ impl PublicKeyCredentialParameters { pub fn public_key_with_alg(alg: i32) -> Self { Self { alg, - key_type: String::from("public-key"), + key_type: String::try_from("public-key").unwrap(), } } }