Skip to content

Commit

Permalink
crypto-common: add fallible try_generate_*_with_rng (#1377)
Browse files Browse the repository at this point in the history 
Adds a fallible `try_*` variant to each `generate_*_with_rng` function,
changing usages of `fill_bytes` to `try_fill_bytes`, and returning a
`Result` with `rand_core::Error` in the event an RNG error has occurred.
  • Loading branch information
@tarcieri
tarcieri authored Nov 11, 2023
1 parent 128d4e6 commit 6497790
Showing 1 changed file with 57 additions and 12 deletions.
69 changes: 57 additions & 12 deletions crypto-common/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -170,9 +170,18 @@ pub trait KeyInit: KeySizeUser + Sized {
#[cfg(feature = "rand_core")]
#[inline]
fn generate_key_with_rng(rng: &mut impl CryptoRngCore) -> Key<Self> {
Self::try_generate_key_with_rng(rng).expect("RNG failure")
}

/// Generate random key using the provided [`CryptoRngCore`], returning an error on RNG failure.
#[cfg(feature = "rand_core")]
#[inline]
fn try_generate_key_with_rng(
rng: &mut impl CryptoRngCore,
) -> Result<Key<Self>, rand_core::Error> {
let mut key = Key::<Self>::default();
rng.fill_bytes(&mut key);
key
rng.try_fill_bytes(&mut key)?;
Ok(key)
}
}

Expand Down Expand Up @@ -200,9 +209,18 @@ pub trait KeyIvInit: KeySizeUser + IvSizeUser + Sized {
#[cfg(feature = "rand_core")]
#[inline]
fn generate_key_with_rng(rng: &mut impl CryptoRngCore) -> Key<Self> {
Self::try_generate_key_with_rng(rng).expect("RNG failure")
}

/// Generate random key using the provided [`CryptoRngCore`], returning an error on RNG failure.
#[cfg(feature = "rand_core")]
#[inline]
fn try_generate_key_with_rng(
rng: &mut impl CryptoRngCore,
) -> Result<Key<Self>, rand_core::Error> {
let mut key = Key::<Self>::default();
rng.fill_bytes(&mut key);
key
rng.try_fill_bytes(&mut key)?;
Ok(key)
}

/// Generate random IV using the operating system's secure RNG.
Expand All @@ -216,9 +234,18 @@ pub trait KeyIvInit: KeySizeUser + IvSizeUser + Sized {
#[cfg(feature = "rand_core")]
#[inline]
fn generate_iv_with_rng(rng: &mut impl CryptoRngCore) -> Iv<Self> {
Self::try_generate_iv_with_rng(rng).expect("RNG failure")
}

/// Generate random IV using the provided [`CryptoRngCore`], returning an error on RNG failure.
#[cfg(feature = "rand_core")]
#[inline]
fn try_generate_iv_with_rng(
rng: &mut impl CryptoRngCore,
) -> Result<Iv<Self>, rand_core::Error> {
let mut iv = Iv::<Self>::default();
rng.fill_bytes(&mut iv);
iv
rng.try_fill_bytes(&mut iv)?;
Ok(iv)
}

/// Generate random key and IV using the operating system's secure RNG.
Expand All @@ -232,10 +259,19 @@ pub trait KeyIvInit: KeySizeUser + IvSizeUser + Sized {
#[cfg(feature = "rand_core")]
#[inline]
fn generate_key_iv_with_rng(rng: &mut impl CryptoRngCore) -> (Key<Self>, Iv<Self>) {
(
Self::generate_key_with_rng(rng),
Self::generate_iv_with_rng(rng),
)
Self::try_generate_key_iv_with_rng(rng).expect("RNG failure")
}

/// Generate random key and IV using the provided [`CryptoRngCore`], returning an error on RNG
/// failure.
#[cfg(feature = "rand_core")]
#[inline]
fn try_generate_key_iv_with_rng(
rng: &mut impl CryptoRngCore,
) -> Result<(Key<Self>, Iv<Self>), rand_core::Error> {
let key = Self::try_generate_key_with_rng(rng)?;
let iv = Self::try_generate_iv_with_rng(rng)?;
Ok((key, iv))
}
}

Expand Down Expand Up @@ -273,9 +309,18 @@ pub trait InnerIvInit: InnerUser + IvSizeUser + Sized {
#[cfg(feature = "rand_core")]
#[inline]
fn generate_iv_with_rng(rng: &mut impl CryptoRngCore) -> Iv<Self> {
Self::try_generate_iv_with_rng(rng).expect("RNG failure")
}

/// Generate random IV using the provided [`CryptoRngCore`], returning an error on RNG failure.
#[cfg(feature = "rand_core")]
#[inline]
fn try_generate_iv_with_rng(
rng: &mut impl CryptoRngCore,
) -> Result<Iv<Self>, rand_core::Error> {
let mut iv = Iv::<Self>::default();
rng.fill_bytes(&mut iv);
iv
rng.try_fill_bytes(&mut iv)?;
Ok(iv)
}
}

Expand Down

0 comments on commit 6497790

Please sign in to comment.