diff --git a/rosenpass/src/api/boilerplate/byte_slice_ext.rs b/rosenpass/src/api/boilerplate/byte_slice_ext.rs index 2aae68c..9f76415 100644 --- a/rosenpass/src/api/boilerplate/byte_slice_ext.rs +++ b/rosenpass/src/api/boilerplate/byte_slice_ext.rs @@ -1,4 +1,4 @@ -use zerocopy::{ByteSlice, Ref, SplitByteSlice}; +use zerocopy::{Ref, SplitByteSlice}; use rosenpass_util::zerocopy::{RefMaker, ZerocopySliceExt}; diff --git a/rosenpass/src/protocol/protocol.rs b/rosenpass/src/protocol/protocol.rs index c1185ce..e3e281a 100644 --- a/rosenpass/src/protocol/protocol.rs +++ b/rosenpass/src/protocol/protocol.rs @@ -2042,7 +2042,8 @@ impl CryptoServer { let mut expected = [0u8; COOKIE_SIZE]; - let msg_in = Ref::<&[u8], Envelope>::new(rx_buf) + let msg_in = Ref::<&[u8], Envelope>::from_bytes(rx_buf) + .ok() .ok_or(RosenpassError::BufferSizeMismatch)?; expected.copy_from_slice( &hash_domains::cookie(KeyedHash::keyed_shake256())? @@ -2188,7 +2189,7 @@ impl CryptoServer { let peer = match msg_type { Ok(MsgType::InitHello) => { let msg_in: Ref<&[u8], Envelope> = - Ref::new(rx_buf).ok_or(RosenpassError::BufferSizeMismatch)?; + Ref::from_bytes(rx_buf).ok().ok_or(RosenpassError::BufferSizeMismatch)?; // At this point, we do not know the hash functon used by the peer, thus we try both, // with a preference for SHAKE256. @@ -2222,7 +2223,7 @@ impl CryptoServer { } Ok(MsgType::RespHello) => { let msg_in: Ref<&[u8], Envelope> = - Ref::new(rx_buf).ok_or(RosenpassError::BufferSizeMismatch)?; + Ref::from_bytes(rx_buf).ok().ok_or(RosenpassError::BufferSizeMismatch)?; let mut msg_out = truncating_cast_into::>(tx_buf)?; let peer = self.handle_resp_hello(&msg_in.payload, &mut msg_out.payload)?; @@ -2239,7 +2240,7 @@ impl CryptoServer { } Ok(MsgType::InitConf) => { let msg_in: Ref<&[u8], Envelope> = - Ref::new(rx_buf).ok_or(RosenpassError::BufferSizeMismatch)?; + Ref::from_bytes(rx_buf).ok().ok_or(RosenpassError::BufferSizeMismatch)?; let mut msg_out = truncating_cast_into::>(tx_buf)?; @@ -2258,7 +2259,7 @@ impl CryptoServer { .map(|v| v.response.borrow()) // Invalid! Found peer no with cache in index but the cache does not exist .unwrap(); - copy_slice(cached.as_bytes()).to(msg_out.as_bytes_mut()); + copy_slice(cached.as_bytes()).to(msg_out.as_mut_bytes()); peer } @@ -2270,7 +2271,7 @@ impl CryptoServer { &msg_in.payload, &mut msg_out.payload, KeyedHash::keyed_shake256(), - ); + ); let (peer, peer_hash_choice) = match peer_shake256 { Ok(peer) => (peer, KeyedHash::keyed_shake256()), Err(_) => { @@ -2307,13 +2308,13 @@ impl CryptoServer { } Ok(MsgType::EmptyData) => { let msg_in: Ref<&[u8], Envelope> = - Ref::new(rx_buf).ok_or(RosenpassError::BufferSizeMismatch)?; + Ref::from_bytes(rx_buf).ok().ok_or(RosenpassError::BufferSizeMismatch)?; self.handle_resp_conf(&msg_in, seal_broken.to_string())? } Ok(MsgType::CookieReply) => { let msg_in: Ref<&[u8], CookieReply> = - Ref::new(rx_buf).ok_or(RosenpassError::BufferSizeMismatch)?; + Ref::from_bytes(rx_buf).ok().ok_or(RosenpassError::BufferSizeMismatch)?; let peer = self.handle_cookie_reply(&msg_in)?; len = 0; peer @@ -3240,7 +3241,7 @@ impl HandshakeState { /// out the const generics. /// - By adding a value parameter of type `PhantomData`, you can choose /// `TV` at the call site while allowing the compiler to infer `KEM_*` - /// const generics from `ct` and `pk`. + /// const generics from `ct` and `pk`. /// - Call like: `encaps_and_mix_with_test_vector(&StaticKem, &mut ct, pk, /// PhantomData::)?;` pub fn encaps_and_mix_with_test_vector< @@ -3322,7 +3323,7 @@ impl HandshakeState { let test_values: StoreBiscuitTestValues = TV::initialize_values(); let mut biscuit = Secret::::zero(); // pt buffer let mut biscuit: Ref<&mut [u8], Biscuit> = - Ref::new(biscuit.secret_mut().as_mut_slice()).unwrap(); + Ref::from_bytes(biscuit.secret_mut().as_mut_slice()).unwrap(); // calculate pt contents biscuit @@ -3384,9 +3385,9 @@ impl HandshakeState { // Allocate and decrypt the biscuit data let mut biscuit = Secret::::zero(); // pt buf let mut biscuit: Ref<&mut [u8], Biscuit> = - Ref::new(biscuit.secret_mut().as_mut_slice()).unwrap(); + Ref::from_bytes(biscuit.secret_mut().as_mut_slice()).unwrap(); XAead.decrypt_with_nonce_in_ctxt( - biscuit.as_bytes_mut(), + biscuit.as_mut_bytes(), bk.get(srv).value.secret(), &ad, biscuit_ct, diff --git a/rosenpass/src/protocol/test_vector_sets.rs b/rosenpass/src/protocol/test_vector_sets.rs index 89cd9e9..c9f1251 100644 --- a/rosenpass/src/protocol/test_vector_sets.rs +++ b/rosenpass/src/protocol/test_vector_sets.rs @@ -17,7 +17,7 @@ use assert_tv::TestVectorSet; use base64::Engine; use rosenpass_cipher_traits::primitives::{Aead, Kem}; use rosenpass_ciphers::{EphemeralKem, XAead, KEY_LEN}; -use rosenpass_secret_memory::{Public, PublicBox, Secret}; +use rosenpass_secret_memory::{Public, Secret}; use serde_json::Value; #[derive(TestVectorSet)] diff --git a/rosenpass/src/protocol/zerocopy.rs b/rosenpass/src/protocol/zerocopy.rs index 7d8bf66..17a6e2b 100644 --- a/rosenpass/src/protocol/zerocopy.rs +++ b/rosenpass/src/protocol/zerocopy.rs @@ -10,12 +10,12 @@ use crate::RosenpassError; pub fn truncating_cast_into( buf: &mut [u8], ) -> Result, RosenpassError> { - Ref::new(&mut buf[..size_of::()]).ok_or(RosenpassError::BufferSizeMismatch) + Ref::from_bytes(&mut buf[..size_of::()]).ok().ok_or(RosenpassError::BufferSizeMismatch) } /// Used to parse a network message using [zerocopy], mutably pub fn truncating_cast_into_nomut( buf: &[u8], ) -> Result, RosenpassError> { - Ref::new(&buf[..size_of::()]).ok_or(RosenpassError::BufferSizeMismatch) + Ref::from_bytes(&buf[..size_of::()]).ok().ok_or(RosenpassError::BufferSizeMismatch) } diff --git a/util/src/zerocopy/zerocopy_ref_ext.rs b/util/src/zerocopy/zerocopy_ref_ext.rs index 9d883b5..c8de12c 100644 --- a/util/src/zerocopy/zerocopy_ref_ext.rs +++ b/util/src/zerocopy/zerocopy_ref_ext.rs @@ -1,7 +1,7 @@ //! Extension traits for converting `Ref` into references backed by //! standard slices. -use zerocopy::{SplitByteSlice, SplitByteSliceMut, Immutable, KnownLayout, Ref}; +use zerocopy::{Immutable, KnownLayout, Ref, SplitByteSlice, SplitByteSliceMut}; /// A trait for converting a `Ref` into a `Ref<&[u8], T>`. /// @@ -68,7 +68,7 @@ where T: KnownLayout + Immutable, { fn emancipate(&self) -> Ref<&[u8], T> { - Ref::new(zerocopy::Ref::::bytes(&self)).unwrap() + Ref::from_bytes(zerocopy::Ref::bytes(self)).unwrap() } } @@ -78,6 +78,6 @@ where T: KnownLayout + Immutable, { fn emancipate_mut(&mut self) -> Ref<&mut [u8], T> { - Ref::new(zerocopy::Ref::::bytes_mut(self)).unwrap() + Ref::from_bytes(zerocopy::Ref::bytes_mut(self)).unwrap() } } diff --git a/wireguard-broker/src/api/client.rs b/wireguard-broker/src/api/client.rs index a8d68d0..74da2f8 100644 --- a/wireguard-broker/src/api/client.rs +++ b/wireguard-broker/src/api/client.rs @@ -171,8 +171,9 @@ where let typ = res.first().ok_or(invalid_msg_poller())?; let typ = msgs::MsgType::try_from(*typ)?; let msgs::MsgType::SetPsk = typ; // Assert type - - let res = zerocopy::Ref::<&[u8], Envelope>::new(res) + + let res = zerocopy::Ref::<&[u8], Envelope>::from_bytes(res) + .ok() .ok_or(invalid_msg_poller())?; let res: &msgs::SetPskResponse = &res.payload; let res: msgs::SetPskResponseReturnCode = res @@ -202,7 +203,8 @@ where let mut req = [0u8; BUF_SIZE]; // Construct message view - let mut req = zerocopy::Ref::<&mut [u8], Envelope>::new(&mut req) + let mut req = zerocopy::Ref::<&mut [u8], Envelope>::from_bytes(&mut req) + .ok() .ok_or(MsgError)?; // Populate envelope diff --git a/wireguard-broker/src/api/server.rs b/wireguard-broker/src/api/server.rs index 2f0ca0b..6e4c125 100644 --- a/wireguard-broker/src/api/server.rs +++ b/wireguard-broker/src/api/server.rs @@ -80,9 +80,9 @@ where let msgs::MsgType::SetPsk = typ; // Assert type let req = - zerocopy::Ref::<&[u8], Envelope>::new(req).ok_or(InvalidMessage)?; + zerocopy::Ref::<&[u8], Envelope>::from_bytes(req).ok().ok_or(InvalidMessage)?; let mut res = - zerocopy::Ref::<&mut [u8], Envelope>::new(res).ok_or(InvalidMessage)?; + zerocopy::Ref::<&mut [u8], Envelope>::from_bytes(res).ok().ok_or(InvalidMessage)?; res.msg_type = msgs::MsgType::SetPsk as u8; self.handle_set_psk(&req.payload, &mut res.payload)?; @@ -139,7 +139,7 @@ mod tests { use crate::brokers::netlink::SetPskError; use crate::{SerializedBrokerConfig, WireGuardBroker}; use rosenpass_secret_memory::{secret_policy_use_only_malloc_secrets, Secret}; - use zerocopy::AsBytes; + use zerocopy::IntoBytes; #[derive(Debug, Clone)] struct MockWireGuardBroker {