From 3286e493700acbc9c4bf3fed67958200747c2093 Mon Sep 17 00:00:00 2001 From: Katherine Watson Date: Mon, 17 Jun 2024 18:36:04 -0700 Subject: [PATCH] Replace &* incantations with .deref() --- rosenpass/src/cli.rs | 3 ++- rosenpass/src/protocol.rs | 48 ++++++++++++++++++++++----------------- rp/src/key.rs | 3 ++- 3 files changed, 31 insertions(+), 23 deletions(-) diff --git a/rosenpass/src/cli.rs b/rosenpass/src/cli.rs index 75e1d00..d69d404 100644 --- a/rosenpass/src/cli.rs +++ b/rosenpass/src/cli.rs @@ -10,6 +10,7 @@ use rosenpass_util::file::{LoadValue, LoadValueB64, StoreValue}; use rosenpass_wireguard_broker::brokers::native_unix::{ NativeUnixBroker, NativeUnixBrokerConfigBaseBuilder, NativeUnixBrokerConfigBaseBuilderError, }; +use std::ops::DerefMut; use std::path::PathBuf; use crate::app_server::AppServerTest; @@ -370,7 +371,7 @@ impl CliCommand { fn generate_and_save_keypair(secret_key: PathBuf, public_key: PathBuf) -> anyhow::Result<()> { let mut ssk = crate::protocol::SSk::random(); let mut spk = crate::protocol::SPk::random(); - StaticKem::keygen(ssk.secret_mut(), &mut *spk)?; + StaticKem::keygen(ssk.secret_mut(), spk.deref_mut())?; ssk.store_secret(secret_key)?; spk.store(public_key) } diff --git a/rosenpass/src/protocol.rs b/rosenpass/src/protocol.rs index 4877b29..871714c 100644 --- a/rosenpass/src/protocol.rs +++ b/rosenpass/src/protocol.rs @@ -19,6 +19,7 @@ //! [CryptoServer]. //! //! ``` +//! use std::ops::DerefMut; //! use rosenpass_secret_memory::policy::*; //! use rosenpass_cipher_traits::Kem; //! use rosenpass_ciphers::kem::StaticKem; @@ -32,11 +33,11 @@ //! //! // initialize secret and public key for peer a ... //! let (mut peer_a_sk, mut peer_a_pk) = (SSk::zero(), SPk::zero()); -//! StaticKem::keygen(peer_a_sk.secret_mut(), &mut *peer_a_pk)?; +//! StaticKem::keygen(peer_a_sk.secret_mut(), peer_a_pk.deref_mut())?; //! //! // ... and for peer b //! let (mut peer_b_sk, mut peer_b_pk) = (SSk::zero(), SPk::zero()); -//! StaticKem::keygen(peer_b_sk.secret_mut(), &mut *peer_b_pk)?; +//! StaticKem::keygen(peer_b_sk.secret_mut(), peer_b_pk.deref_mut())?; //! //! // initialize server and a pre-shared key //! let psk = SymKey::random(); @@ -71,6 +72,7 @@ use std::convert::Infallible; use std::mem::size_of; +use std::ops::Deref; use std::{ collections::hash_map::{ Entry::{Occupied, Vacant}, @@ -548,7 +550,7 @@ impl CryptoServer { pub fn pidm(&self) -> Result { Ok(Public::new( hash_domains::peerid()? - .mix(&*self.spkm)? + .mix(self.spkm.deref())? .into_value())) } @@ -708,7 +710,7 @@ impl Peer { pub fn pidt(&self) -> Result { Ok(Public::new( hash_domains::peerid()? - .mix(&*self.spkt)? + .mix(self.spkt.deref())? .into_value())) } } @@ -1016,7 +1018,9 @@ impl CryptoServer { ); let cookie_value = active_cookie_value.unwrap(); - let cookie_key = hash_domains::cookie_key()?.mix(&*self.spkm)?.into_value(); + let cookie_key = hash_domains::cookie_key()? + .mix(self.spkm.deref())? + .into_value(); let mut msg_out = truncating_cast_into::(tx_buf)?; @@ -1507,7 +1511,7 @@ where /// Calculate the message authentication code (`mac`) and also append cookie value pub fn seal(&mut self, peer: PeerPtr, srv: &CryptoServer) -> Result<()> { let mac = hash_domains::mac()? - .mix(&*peer.get(srv).spkt)? + .mix(peer.get(srv).spkt.deref())? .mix(&self.as_bytes()[span_of!(Self, msg_type..mac)])?; self.mac.copy_from_slice(mac.into_value()[..16].as_ref()); self.seal_cookie(peer, srv)?; @@ -1534,7 +1538,7 @@ where /// Check the message authentication code pub fn check_seal(&self, srv: &CryptoServer) -> Result { let expected = hash_domains::mac()? - .mix(&*srv.spkm)? + .mix(srv.spkm.deref())? .mix(&self.as_bytes()[span_of!(Self, msg_type..mac)])?; Ok(constant_time::memcmp( &self.mac, @@ -1639,7 +1643,7 @@ impl HandshakeState { // calculate ad contents let ad = hash_domains::biscuit_ad()? - .mix(&*srv.spkm)? + .mix(srv.spkm.deref())? .mix(self.sidi.as_slice())? .mix(self.sidr.as_slice())? .into_value(); @@ -1674,7 +1678,7 @@ impl HandshakeState { // Calculate additional data fields let ad = hash_domains::biscuit_ad()? - .mix(&*srv.spkm)? + .mix(srv.spkm.deref())? .mix(sidi.as_slice())? .mix(sidr.as_slice())? .into_value(); @@ -1761,7 +1765,7 @@ impl CryptoServer { let mut hs = InitiatorHandshake::zero_with_timestamp(self); // IHI1 - hs.core.init(&*peer.get(self).spkt)?; + hs.core.init(peer.get(self).spkt.deref())?; // IHI2 hs.core.sidi.randomize(); @@ -1778,7 +1782,7 @@ impl CryptoServer { hs.core .encaps_and_mix::( ih.sctr.as_mut_slice(), - &*peer.get(self).spkt, + peer.get(self).spkt.deref(), )?; // IHI6 @@ -1786,7 +1790,9 @@ impl CryptoServer { .encrypt_and_mix(ih.pidic.as_mut_slice(), self.pidm()?.as_ref())?; // IHI7 - hs.core.mix(&*self.spkm)?.mix(peer.get(self).psk.secret())?; + hs.core + .mix(self.spkm.deref())? + .mix(peer.get(self).psk.secret())?; // IHI8 hs.core.encrypt_and_mix(ih.auth.as_mut_slice(), &[])?; @@ -1803,7 +1809,7 @@ impl CryptoServer { core.sidi = SessionId::from_slice(&ih.sidi); // IHR1 - core.init(&*self.spkm)?; + core.init(self.spkm.deref())?; // IHR4 core.mix(&ih.sidi)?.mix(&ih.epki)?; @@ -1811,7 +1817,7 @@ impl CryptoServer { // IHR5 core.decaps_and_mix::( self.sskm.secret(), - &*self.spkm, + self.spkm.deref(), &ih.sctr, )?; @@ -1824,7 +1830,7 @@ impl CryptoServer { }; // IHR7 - core.mix(&*peer.get(self).spkt)? + core.mix(peer.get(self).spkt.deref())? .mix(peer.get(self).psk.secret())?; // IHR8 @@ -1844,7 +1850,7 @@ impl CryptoServer { // RHR5 core.encaps_and_mix::( &mut rh.scti, - &*peer.get(self).spkt, + peer.get(self).spkt.deref(), )?; // RHR6 @@ -1905,14 +1911,14 @@ impl CryptoServer { // RHI4 core.decaps_and_mix::( hs!().eski.secret(), - &*hs!().epki, + hs!().epki.deref(), &rh.ecti, )?; // RHI5 core.decaps_and_mix::( self.sskm.secret(), - &*self.spkm, + self.spkm.deref(), &rh.scti, )?; @@ -2109,7 +2115,7 @@ impl CryptoServer { ), }?; - let spkt = &*peer.get(self).spkt; + let spkt = peer.get(self).spkt.deref(); let cookie_key = hash_domains::cookie_key()?.mix(spkt)?.into_value(); let cookie_value = peer.cv().update_mut(self).unwrap(); @@ -2142,7 +2148,7 @@ fn truncating_cast_into_nomut(buf: &[u8]) -> Result, #[cfg(test)] mod test { - use std::{net::SocketAddrV4, thread::sleep, time::Duration}; + use std::{net::SocketAddrV4, ops::DerefMut, thread::sleep, time::Duration}; use super::*; use serial_test::serial; @@ -2251,7 +2257,7 @@ mod test { fn keygen() -> Result<(SSk, SPk)> { // TODO: Copied from the benchmark; deduplicate let (mut sk, mut pk) = (SSk::zero(), SPk::zero()); - StaticKem::keygen(sk.secret_mut(), &mut *pk)?; + StaticKem::keygen(sk.secret_mut(), pk.deref_mut())?; Ok((sk, pk)) } diff --git a/rp/src/key.rs b/rp/src/key.rs index 552d6ce..0ffdd42 100644 --- a/rp/src/key.rs +++ b/rp/src/key.rs @@ -1,5 +1,6 @@ use std::{ fs::{self, DirBuilder}, + ops::DerefMut, os::unix::fs::{DirBuilderExt, PermissionsExt}, path::Path, }; @@ -56,7 +57,7 @@ pub fn genkey(private_keys_dir: &Path) -> Result<()> { if !pqsk_path.exists() && !pqpk_path.exists() { let mut pqsk = SSk::random(); let mut pqpk = SPk::random(); - StaticKem::keygen(pqsk.secret_mut(), &mut *pqpk)?; + StaticKem::keygen(pqsk.secret_mut(), pqpk.deref_mut())?; pqpk.store(pqpk_path)?; pqsk.store_secret(pqsk_path)?; } else {