kmwebnet/OpenSK
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix ctap1 clippy warning (#517)

Browse Source 
And improve clippy workflows.
This commit is contained in:
hcyang
2022-07-22 13:23:29 +08:00
committed by GitHub
parent 168de290de
commit 9bb1a2f7ac
8 changed files with 68 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/cargo_clippy.yml vendored
View File

@@ -26,5 +26,9 @@ jobs:
with:
token: ${{ secrets.GITHUB_TOKEN }}
args: --all-targets --features std
- name: Deny Clippy warnings
- name: Deny Clippy warnings (std)
run: cargo clippy --all-targets --features std -- -A clippy::new_without_default -D warnings
- name: Deny Clippy warnings (all)
run: cargo clippy --all-targets --features std,with_ctap1,ed25519,vendor_hid -- -A clippy::new_without_default -D warnings
- name: Deny Clippy warnings (all, nfc)
run: cargo clippy --all-targets --features std,with_ctap1,with_nfc,ed25519,vendor_hid -- -A clippy::new_without_default -D warnings

4
run_desktop_tests.sh
View File

@@ -38,8 +38,8 @@ cd ..
echo "Running Clippy lints..."
cargo clippy --all-targets --features std -- -A clippy::new_without_default -D warnings
cargo clippy --all-targets --features std,with_nfc -- -A clippy::new_without_default -D warnings
cargo clippy --all-targets --features std,vendor_hid -- -A clippy::new_without_default -D warnings
cargo clippy --all-targets --features std,with_ctap1,ed25519,vendor_hid -- -A clippy::new_without_default -D warnings
cargo clippy --all-targets --features std,with_ctap1,with_nfc,ed25519,vendor_hid -- -A clippy::new_without_default -D warnings
echo "Building sha256sum tool..."
cargo build --manifest-path third_party/tock/tools/sha256sum/Cargo.toml

2
src/ctap/command.rs
View File

@@ -1103,7 +1103,7 @@ mod test {
data: vec![0xFF; 0x100],
hash: vec![0x44; 32],
signature: Some(CoseSignature {
algorithm: SignatureAlgorithm::ES256,
algorithm: SignatureAlgorithm::Es256,
bytes: [0x55; 64],
}),
})

20
src/ctap/credential_id.rs
View File

@@ -288,19 +288,19 @@ mod test {
#[test]
fn test_encrypt_decrypt_ecdsa_credential() {
test_encrypt_decrypt_credential(SignatureAlgorithm::ES256);
test_encrypt_decrypt_credential(SignatureAlgorithm::Es256);
}
#[test]
#[cfg(feature = "ed25519")]
fn test_encrypt_decrypt_ed25519_credential() {
test_encrypt_decrypt_credential(SignatureAlgorithm::EDDSA);
test_encrypt_decrypt_credential(SignatureAlgorithm::Eddsa);
}
#[test]
fn test_encrypt_decrypt_bad_version() {
let mut env = TestEnv::new();
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::ES256);
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let rp_id_hash = [0x55; 32];
let mut encrypted_id =
@@ -337,13 +337,13 @@ mod test {
#[test]
fn test_ecdsa_encrypt_decrypt_bad_hmac() {
test_encrypt_decrypt_bad_hmac(SignatureAlgorithm::ES256);
test_encrypt_decrypt_bad_hmac(SignatureAlgorithm::Es256);
}
#[test]
#[cfg(feature = "ed25519")]
fn test_ed25519_encrypt_decrypt_bad_hmac() {
test_encrypt_decrypt_bad_hmac(SignatureAlgorithm::EDDSA);
test_encrypt_decrypt_bad_hmac(SignatureAlgorithm::Eddsa);
}
fn test_decrypt_credential_missing_blocks(signature_algorithm: SignatureAlgorithm) {
@@ -369,13 +369,13 @@ mod test {
#[test]
fn test_ecdsa_decrypt_credential_missing_blocks() {
test_decrypt_credential_missing_blocks(SignatureAlgorithm::ES256);
test_decrypt_credential_missing_blocks(SignatureAlgorithm::Es256);
}
#[test]
#[cfg(feature = "ed25519")]
fn test_ed25519_decrypt_credential_missing_blocks() {
test_decrypt_credential_missing_blocks(SignatureAlgorithm::EDDSA);
test_decrypt_credential_missing_blocks(SignatureAlgorithm::Eddsa);
}
/// This is a copy of the function that genereated deprecated key handles.
@@ -420,7 +420,7 @@ mod test {
#[test]
fn test_encrypt_credential_size() {
let mut env = TestEnv::new();
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::ES256);
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let rp_id_hash = [0x55; 32];
let encrypted_id =
@@ -431,7 +431,7 @@ mod test {
#[test]
fn test_check_cred_protect_fail() {
let mut env = TestEnv::new();
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::ES256);
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let rp_id_hash = [0x55; 32];
let encrypted_id = encrypt_to_credential_id(
@@ -451,7 +451,7 @@ mod test {
#[test]
fn test_check_cred_protect_success() {
let mut env = TestEnv::new();
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::ES256);
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let rp_id_hash = [0x55; 32];
let encrypted_id = encrypt_to_credential_id(

30
src/ctap/crypto_wrapper.rs
View File

@@ -92,11 +92,11 @@ impl PrivateKey {
/// Panics if the algorithm is [`SignatureAlgorithm::Unknown`].
pub fn new(env: &mut impl Env, alg: SignatureAlgorithm) -> Self {
match alg {
SignatureAlgorithm::ES256 => {
SignatureAlgorithm::Es256 => {
PrivateKey::Ecdsa(env.key_store().generate_ecdsa_seed().unwrap())
}
#[cfg(feature = "ed25519")]
SignatureAlgorithm::EDDSA => {
SignatureAlgorithm::Eddsa => {
let bytes = env.rng().gen_uniform_u8x32();
Self::new_ed25519_from_bytes(&bytes).unwrap()
}
@@ -106,7 +106,7 @@ impl PrivateKey {
/// Creates a new ecdsa private key.
pub fn new_ecdsa(env: &mut impl Env) -> PrivateKey {
Self::new(env, SignatureAlgorithm::ES256)
Self::new(env, SignatureAlgorithm::Es256)
}
/// Helper function that creates a private key of type ECDSA.
@@ -166,9 +166,9 @@ impl PrivateKey {
/// The associated COSE signature algorithm identifier.
pub fn signature_algorithm(&self) -> SignatureAlgorithm {
match self {
PrivateKey::Ecdsa(_) => SignatureAlgorithm::ES256,
PrivateKey::Ecdsa(_) => SignatureAlgorithm::Es256,
#[cfg(feature = "ed25519")]
PrivateKey::Ed25519(_) => SignatureAlgorithm::EDDSA,
PrivateKey::Ed25519(_) => SignatureAlgorithm::Eddsa,
}
}
@@ -209,10 +209,10 @@ impl TryFrom<cbor::Value> for PrivateKey {
}
let key_bytes = extract_byte_string(array.pop().unwrap())?;
match SignatureAlgorithm::try_from(array.pop().unwrap())? {
SignatureAlgorithm::ES256 => PrivateKey::new_ecdsa_from_bytes(&key_bytes)
SignatureAlgorithm::Es256 => PrivateKey::new_ecdsa_from_bytes(&key_bytes)
.ok_or(Ctap2StatusCode::CTAP2_ERR_INVALID_CBOR),
#[cfg(feature = "ed25519")]
SignatureAlgorithm::EDDSA => PrivateKey::new_ed25519_from_bytes(&key_bytes)
SignatureAlgorithm::Eddsa => PrivateKey::new_ed25519_from_bytes(&key_bytes)
.ok_or(Ctap2StatusCode::CTAP2_ERR_INVALID_CBOR),
_ => Err(Ctap2StatusCode::CTAP2_ERR_INVALID_CBOR),
}
@@ -292,7 +292,7 @@ mod test {
#[test]
fn test_new_ecdsa_from_bytes() {
let mut env = TestEnv::new();
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::ES256);
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let key_bytes = private_key.to_bytes();
assert_eq!(
PrivateKey::new_ecdsa_from_bytes(&key_bytes),
@@ -304,7 +304,7 @@ mod test {
#[cfg(feature = "ed25519")]
fn test_new_ed25519_from_bytes() {
let mut env = TestEnv::new();
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::EDDSA);
let private_key = PrivateKey::new(&mut env, SignatureAlgorithm::Eddsa);
let key_bytes = private_key.to_bytes();
assert_eq!(
PrivateKey::new_ed25519_from_bytes(&key_bytes),
@@ -362,13 +362,13 @@ mod test {
#[test]
fn test_ecdsa_private_key_signature_algorithm() {
test_private_key_signature_algorithm(SignatureAlgorithm::ES256);
test_private_key_signature_algorithm(SignatureAlgorithm::Es256);
}
#[test]
#[cfg(feature = "ed25519")]
fn test_ed25519_private_key_signature_algorithm() {
test_private_key_signature_algorithm(SignatureAlgorithm::EDDSA);
test_private_key_signature_algorithm(SignatureAlgorithm::Eddsa);
}
fn test_private_key_from_to_cbor(signature_algorithm: SignatureAlgorithm) {
@@ -380,13 +380,13 @@ mod test {
#[test]
fn test_ecdsa_private_key_from_to_cbor() {
test_private_key_from_to_cbor(SignatureAlgorithm::ES256);
test_private_key_from_to_cbor(SignatureAlgorithm::Es256);
}
#[test]
#[cfg(feature = "ed25519")]
fn test_ed25519_private_key_from_to_cbor() {
test_private_key_from_to_cbor(SignatureAlgorithm::EDDSA);
test_private_key_from_to_cbor(SignatureAlgorithm::Eddsa);
}
fn test_private_key_from_bad_cbor(signature_algorithm: SignatureAlgorithm) {
@@ -404,13 +404,13 @@ mod test {
#[test]
fn test_ecdsa_private_key_from_bad_cbor() {
test_private_key_from_bad_cbor(SignatureAlgorithm::ES256);
test_private_key_from_bad_cbor(SignatureAlgorithm::Es256);
}
#[test]
#[cfg(feature = "ed25519")]
fn test_ed25519_private_key_from_bad_cbor() {
test_private_key_from_bad_cbor(SignatureAlgorithm::EDDSA);
test_private_key_from_bad_cbor(SignatureAlgorithm::Eddsa);
}
#[test]

30
src/ctap/ctap1.rs
View File

@@ -21,7 +21,7 @@ use crate::api::attestation_store::{self, Attestation, AttestationStore};
use crate::env::Env;
use alloc::vec::Vec;
use arrayref::array_ref;
use core::convert::{Into, TryFrom};
use core::convert::TryFrom;
// For now, they're the same thing with apdu.rs containing the authoritative definition
pub type Ctap1StatusCode = ApduStatusCode;
@@ -49,9 +49,9 @@ impl TryFrom<u8> for Ctap1Flags {
}
}
impl Into<u8> for Ctap1Flags {
fn into(self) -> u8 {
self as u8
impl From<Ctap1Flags> for u8 {
fn from(flags: Ctap1Flags) -> u8 {
flags as u8
}
}
@@ -79,9 +79,7 @@ impl TryFrom<&[u8]> for U2fCommand {
fn try_from(message: &[u8]) -> Result<Self, Ctap1StatusCode> {
let apdu: Apdu = match Apdu::try_from(message) {
Ok(apdu) => apdu,
Err(apdu_status_code) => {
return Err(Ctap1StatusCode::try_from(apdu_status_code).unwrap())
}
Err(apdu_status_code) => return Err(apdu_status_code),
};
let lc = apdu.lc as usize;
@@ -373,7 +371,7 @@ mod test {
fn create_authenticate_message(
application: &[u8; 32],
flags: Ctap1Flags,
key_handle: &Vec<u8>,
key_handle: &[u8],
) -> Vec<u8> {
let mut message = vec![
Ctap1Command::CTAP1_CLA,
@@ -496,7 +494,7 @@ mod test {
let mut env = TestEnv::new();
env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256);
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com";
@@ -514,7 +512,7 @@ mod test {
let mut env = TestEnv::new();
env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256);
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com";
@@ -533,7 +531,7 @@ mod test {
let mut env = TestEnv::new();
env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256);
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com";
@@ -571,7 +569,7 @@ mod test {
let mut env = TestEnv::new();
env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256);
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com";
@@ -591,7 +589,7 @@ mod test {
let mut env = TestEnv::new();
env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256);
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com";
@@ -611,7 +609,7 @@ mod test {
let mut env = TestEnv::new();
env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256);
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com";
@@ -639,7 +637,7 @@ mod test {
let mut env = TestEnv::new();
env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256);
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com";
@@ -667,7 +665,7 @@ mod test {
let mut env = TestEnv::new();
env.user_presence()
.set(|| panic!("Unexpected user presence check in CTAP1"));
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::ES256);
let sk = PrivateKey::new(&mut env, SignatureAlgorithm::Es256);
let mut ctap_state = CtapState::new(&mut env, CtapInstant::new(0));
let rp_id = "example.com";

28
src/ctap/data_formats.rs
View File

@@ -507,9 +507,9 @@ impl From<PackedAttestationStatement> for cbor::Value {
#[derive(Clone, Copy, Debug, PartialEq, Eq)]
#[cfg_attr(feature = "fuzz", derive(Arbitrary))]
pub enum SignatureAlgorithm {
ES256 = ES256_ALGORITHM as isize,
Es256 = ES256_ALGORITHM as isize,
#[cfg(feature = "ed25519")]
EDDSA = EDDSA_ALGORITHM as isize,
Eddsa = EDDSA_ALGORITHM as isize,
// This is the default for all numbers not covered above.
// Unknown types should be ignored, instead of returning errors.
Unknown = 0,
@@ -524,9 +524,9 @@ impl From<SignatureAlgorithm> for cbor::Value {
impl From<i64> for SignatureAlgorithm {
fn from(int: i64) -> Self {
match int {
ES256_ALGORITHM => SignatureAlgorithm::ES256,
ES256_ALGORITHM => SignatureAlgorithm::Es256,
#[cfg(feature = "ed25519")]
EDDSA_ALGORITHM => SignatureAlgorithm::EDDSA,
EDDSA_ALGORITHM => SignatureAlgorithm::Eddsa,
_ => SignatureAlgorithm::Unknown,
}
}
@@ -950,10 +950,10 @@ impl TryFrom<CoseSignature> for ecdsa::Signature {
fn try_from(cose_signature: CoseSignature) -> Result<Self, Ctap2StatusCode> {
match cose_signature.algorithm {
SignatureAlgorithm::ES256 => ecdsa::Signature::from_bytes(&cose_signature.bytes)
SignatureAlgorithm::Es256 => ecdsa::Signature::from_bytes(&cose_signature.bytes)
.ok_or(Ctap2StatusCode::CTAP1_ERR_INVALID_PARAMETER),
#[cfg(feature = "ed25519")]
SignatureAlgorithm::EDDSA => Err(Ctap2StatusCode::CTAP2_ERR_UNSUPPORTED_ALGORITHM),
SignatureAlgorithm::Eddsa => Err(Ctap2StatusCode::CTAP2_ERR_UNSUPPORTED_ALGORITHM),
SignatureAlgorithm::Unknown => Err(Ctap2StatusCode::CTAP2_ERR_UNSUPPORTED_ALGORITHM),
}
}
@@ -1611,15 +1611,15 @@ mod test {
#[test]
fn test_from_into_signature_algorithm_int() {
let alg_int = SignatureAlgorithm::ES256 as i64;
let alg_int = SignatureAlgorithm::Es256 as i64;
let signature_algorithm = SignatureAlgorithm::from(alg_int);
assert_eq!(signature_algorithm, SignatureAlgorithm::ES256);
assert_eq!(signature_algorithm, SignatureAlgorithm::Es256);
#[cfg(feature = "ed25519")]
{
let alg_int = SignatureAlgorithm::EDDSA as i64;
let alg_int = SignatureAlgorithm::Eddsa as i64;
let signature_algorithm = SignatureAlgorithm::from(alg_int);
assert_eq!(signature_algorithm, SignatureAlgorithm::EDDSA);
assert_eq!(signature_algorithm, SignatureAlgorithm::Eddsa);
}
let unknown_alg_int = -1;
@@ -1631,7 +1631,7 @@ mod test {
fn test_from_into_signature_algorithm() {
let cbor_signature_algorithm: cbor::Value = cbor_int!(ES256_ALGORITHM);
let signature_algorithm = SignatureAlgorithm::try_from(cbor_signature_algorithm.clone());
let expected_signature_algorithm = SignatureAlgorithm::ES256;
let expected_signature_algorithm = SignatureAlgorithm::Es256;
assert_eq!(signature_algorithm, Ok(expected_signature_algorithm));
let created_cbor: cbor::Value = signature_algorithm.unwrap().into();
assert_eq!(created_cbor, cbor_signature_algorithm);
@@ -1641,7 +1641,7 @@ mod test {
let cbor_signature_algorithm: cbor::Value = cbor_int!(EDDSA_ALGORITHM);
let signature_algorithm =
SignatureAlgorithm::try_from(cbor_signature_algorithm.clone());
let expected_signature_algorithm = SignatureAlgorithm::EDDSA;
let expected_signature_algorithm = SignatureAlgorithm::Eddsa;
assert_eq!(signature_algorithm, Ok(expected_signature_algorithm));
let created_cbor: cbor::Value = signature_algorithm.unwrap().into();
assert_eq!(created_cbor, cbor_signature_algorithm);
@@ -1731,13 +1731,13 @@ mod test {
#[test]
fn test_from_into_ecdsa_public_key_credential_parameter() {
test_from_into_public_key_credential_parameter(ES256_ALGORITHM, SignatureAlgorithm::ES256);
test_from_into_public_key_credential_parameter(ES256_ALGORITHM, SignatureAlgorithm::Es256);
}
#[test]
#[cfg(feature = "ed25519")]
fn test_from_into_ed25519_public_key_credential_parameter() {
test_from_into_public_key_credential_parameter(EDDSA_ALGORITHM, SignatureAlgorithm::EDDSA);
test_from_into_public_key_credential_parameter(EDDSA_ALGORITHM, SignatureAlgorithm::Eddsa);
}
#[test]

14
src/ctap/mod.rs
View File

@@ -119,13 +119,13 @@ pub const FIDO2_1_VERSION_STRING: &str = "FIDO_2_1_PRE";
// This algorithm is requested in MakeCredential and advertized in GetInfo.
pub const ES256_CRED_PARAM: PublicKeyCredentialParameter = PublicKeyCredentialParameter {
cred_type: PublicKeyCredentialType::PublicKey,
alg: SignatureAlgorithm::ES256,
alg: SignatureAlgorithm::Es256,
};
#[cfg(feature = "ed25519")]
pub const EDDSA_CRED_PARAM: PublicKeyCredentialParameter = PublicKeyCredentialParameter {
cred_type: PublicKeyCredentialType::PublicKey,
alg: SignatureAlgorithm::EDDSA,
alg: SignatureAlgorithm::Eddsa,
};
const SUPPORTED_CRED_PARAMS: &[PublicKeyCredentialParameter] = &[
@@ -948,7 +948,7 @@ impl CtapState {
None => (private_key.sign_and_encode(env, &signature_data)?, None),
};
let attestation_statement = PackedAttestationStatement {
alg: SignatureAlgorithm::ES256 as i64,
alg: SignatureAlgorithm::Es256 as i64,
sig: signature,
x5c,
ecdaa_key_id: None,
@@ -1546,7 +1546,7 @@ mod test {
expected_extension_cbor
);
assert!(ep_att.is_none());
assert_eq!(att_stmt.alg, SignatureAlgorithm::ES256 as i64);
assert_eq!(att_stmt.alg, SignatureAlgorithm::Es256 as i64);
assert_eq!(large_blob_key, None);
}
_ => panic!("Invalid response type"),
@@ -3250,7 +3250,7 @@ mod test {
let mut signature_bytes = [0; ecdsa::Signature::BYTES_LENGTH];
signature.to_bytes(&mut signature_bytes);
let cose_signature = CoseSignature {
algorithm: SignatureAlgorithm::ES256,
algorithm: SignatureAlgorithm::Es256,
bytes: signature_bytes,
};
@@ -3286,7 +3286,7 @@ mod test {
);
signature_bytes[0] ^= 0x01;
let cose_signature = CoseSignature {
algorithm: SignatureAlgorithm::ES256,
algorithm: SignatureAlgorithm::Es256,
bytes: signature_bytes,
};
assert_eq!(
@@ -3323,7 +3323,7 @@ mod test {
let mut signature_bytes = [0; ecdsa::Signature::BYTES_LENGTH];
signature.to_bytes(&mut signature_bytes);
let cose_signature = CoseSignature {
algorithm: SignatureAlgorithm::ES256,
algorithm: SignatureAlgorithm::Es256,
bytes: signature_bytes,
};