diff --git a/src/aes128gcm.rs b/src/aes128gcm.rs index a5bd9c2..0795955 100644 --- a/src/aes128gcm.rs +++ b/src/aes128gcm.rs @@ -9,15 +9,17 @@ use error::*; const ECE_AES128GCM_MIN_RS: u32 = 18; const ECE_AES128GCM_HEADER_LENGTH: usize = 21; -//const ECE_AES128GCM_MAX_KEY_ID_LENGTH: usize = 255; +// The max AES128GCM Key ID Length is 255 octets. We use far less of that because we use +// the "key_id" to store the exchanged public key since we don't cache the key_ids. +// Code fails if the key_id is not a public key length field. const ECE_AES128GCM_PAD_SIZE: usize = 1; -const ECE_WEBPUSH_AES128GCM_IKM_INFO_PREFIX: &'static str = "WebPush: info\0"; +const ECE_WEBPUSH_AES128GCM_IKM_INFO_PREFIX: &str = "WebPush: info\0"; const ECE_WEBPUSH_AES128GCM_IKM_INFO_LENGTH: usize = 144; // 14 (prefix len) + 65 (pub key len) * 2; const ECE_WEBPUSH_IKM_LENGTH: usize = 32; -const ECE_AES128GCM_KEY_INFO: &'static str = "Content-Encoding: aes128gcm\0"; -const ECE_AES128GCM_NONCE_INFO: &'static str = "Content-Encoding: nonce\0"; +const ECE_AES128GCM_KEY_INFO: &str = "Content-Encoding: aes128gcm\0"; +const ECE_AES128GCM_NONCE_INFO: &str = "Content-Encoding: nonce\0"; // TODO: When done, remove the aes128gcm prefixes and the EC_ ones. // As for now it makes it easier to Ctrl + F into ecec :) diff --git a/src/aesgcm.rs b/src/aesgcm.rs index 009a60e..dc0c075 100644 --- a/src/aesgcm.rs +++ b/src/aesgcm.rs @@ -21,10 +21,9 @@ use error::{ErrorKind, Result}; const ECE_AESGCM_PAD_SIZE: usize = 2; -const ECE_WEBPUSH_AESGCM_KEYPAIR_LENGTH: usize = 134; // (2 + 65) * 2 -const ECE_WEBPUSH_AESGCM_AUTHINFO: &'static str = "Content-Encoding: auth\0"; +const ECE_WEBPUSH_AESGCM_KEYPAIR_LENGTH: usize = 134; // (2 + Raw Key Length) * 2 +const ECE_WEBPUSH_AESGCM_AUTHINFO: &str = "Content-Encoding: auth\0"; -// const ECE_WEBPUSH_DEFAULT_RS: u32 = 4096; // a DER prefixed key is "\04" + ECE_WEBPUSH_RAW_KEY_LENGTH const ECE_WEBPUSH_RAW_KEY_LENGTH: usize = 65; const ECE_WEBPUSH_IKM_LENGTH: usize = 32; @@ -52,8 +51,8 @@ impl AesGcmEncryptedBlock { ciphertext: Vec, ) -> Result { Ok(AesGcmEncryptedBlock { - dh: dh.clone(), - salt: salt.clone(), + dh: dh.to_owned(), + salt: salt.to_owned(), rs: Self::aesgcm_rs(rs), ciphertext, }) @@ -147,7 +146,7 @@ where plaintext, )?; Ok(AesGcmEncryptedBlock { - salt: salt, + salt, dh: raw_local_pub_key, rs: params.rs, ciphertext, diff --git a/src/common.rs b/src/common.rs index 0366058..0d868d3 100644 --- a/src/common.rs +++ b/src/common.rs @@ -74,7 +74,7 @@ pub trait EceWebPush { if salt.len() != ECE_SALT_LENGTH { return Err(ErrorKind::InvalidSalt.into()); } - if plaintext.len() == 0 { + if plaintext.is_empty() { return Err(ErrorKind::ZeroPlaintext.into()); } let (key, nonce) = Self::derive_key_and_nonce( @@ -169,7 +169,7 @@ pub trait EceWebPush { if salt.len() != ECE_SALT_LENGTH { return Err(ErrorKind::InvalidSalt.into()); } - if ciphertext.len() == 0 { + if ciphertext.is_empty() { return Err(ErrorKind::ZeroCiphertext.into()); } if Self::needs_trailer(rs, ciphertext.len()) { @@ -235,11 +235,11 @@ pub fn ece_min_block_pad_length(pad_len: usize, max_block_len: usize) -> usize { // the padding first. block_pad_len += 1; } - return if block_pad_len > pad_len { + if block_pad_len > pad_len { pad_len } else { block_pad_len - }; + } } /// Generates a 96-bit IV, 48 bits of which are populated. diff --git a/src/lib.rs b/src/lib.rs index 11f4058..66fe773 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -6,7 +6,6 @@ extern crate base64; extern crate byteorder; extern crate ece_crypto; extern crate failure; -// #[macro_use] extern crate failure_derive; mod aes128gcm; @@ -30,6 +29,7 @@ pub type Aes128GcmEceWebPush = aes128gcm::Aes128GcmEceWebPush< ece_crypto_openssl::OpenSSLCrypto, >; +#[cfg(feature = "openssl")] pub type AesGcmEceWebPush = aesgcm::AesGcmEceWebPush< OpenSSLLocalKeyPair, OpenSSLRemotePublicKey,