Change all from_slice() constructors to return Option<T>s.

We due this in lieu of implementing `TryFrom` to allow for API consumers to use the `?` operator to convert potential `None`s into their own `Result<T, CustomError>` types for better error handling with less boilerplate. Note that this is a breaking API change.
dalek-cryptography · Oct 28, 2019 · 9ae2e3b · 9ae2e3b
1 parent c212241
commit 9ae2e3b
Show file tree

Hide file tree

Showing 5 changed files with 39 additions and 139 deletions.
diff --git a/src/edwards.rs b/src/edwards.rs
@@ -93,7 +93,6 @@
 #![allow(non_snake_case)]
 
 use core::borrow::Borrow;
-use core::convert::TryFrom;
 use core::fmt::Debug;
 use core::iter::Iterator;
 use core::iter::Sum;
@@ -108,8 +107,6 @@ use subtle::ConstantTimeEq;
 
 use constants;
 
-use errors::{CurveError, InternalError};
-
 use field::FieldElement;
 use scalar::Scalar;
 
@@ -338,33 +335,23 @@ impl Default for CompressedEdwardsY {
     }
 }
 
-impl TryFrom<&[u8]> for CompressedEdwardsY {
-    type Error = CurveError;
-
-    fn try_from(bytes: &[u8]) -> Result<CompressedEdwardsY, CurveError> {
-        if bytes.len() != 32 {
-            return Err(CurveError(
-                InternalError::BytesLengthError{name: "CompressedEdwardsY", length: 32}));
-        }
-
-        Ok(CompressedEdwardsY::from_slice(bytes))
-    }
-}
-
 impl CompressedEdwardsY {
     /// Construct a `CompressedEdwardsY` from a slice of bytes.
     ///
-    /// # Panics
+    /// # Returns
     ///
-    /// If the input `bytes` slice does not have a length of 32.  For
-    /// a panic-safe version of this API, see the implementation of
-    /// `TryFrom<&[u8]>`.
-    pub fn from_slice(bytes: &[u8]) -> CompressedEdwardsY {
+    /// An `Option<CompressedEdwardsY>` which is `None` if the input `bytes`
+    /// slice does not have a length of 32.
+    pub fn from_slice(bytes: &[u8]) -> Option<CompressedEdwardsY> {
+        if bytes.len() != 32 {
+            return None;
+        }
+
         let mut tmp = [0u8; 32];
 
         tmp.copy_from_slice(bytes);
 
-        CompressedEdwardsY(tmp)
+        Some(CompressedEdwardsY(tmp))
     }
 }
 

diff --git a/src/errors.rs b/src/errors.rs
diff --git a/src/lib.rs b/src/lib.rs
@@ -82,9 +82,6 @@ pub mod constants;
 // External (and internal) traits.
 pub mod traits;
 
-// Errors which may occur.
-pub mod errors;
-
 //------------------------------------------------------------------------
 // curve25519-dalek internal modules
 //------------------------------------------------------------------------

diff --git a/src/montgomery.rs b/src/montgomery.rs
@@ -48,12 +48,10 @@
 // affine and projective cakes and eat both of them too.
 #![allow(non_snake_case)]
 
-use core::convert::TryFrom;
 use core::ops::{Mul, MulAssign};
 
 use constants::APLUS2_OVER_FOUR;
 use edwards::{CompressedEdwardsY, EdwardsPoint};
-use errors::{CurveError, InternalError};
 use field::FieldElement;
 use scalar::Scalar;
 
@@ -112,13 +110,27 @@ impl ValidityCheck for MontgomeryPoint {
     }
 }
 
-impl TryFrom<&[u8]> for MontgomeryPoint {
-    type Error = CurveError;
+impl MontgomeryPoint {
+    /// View this `MontgomeryPoint` as an array of bytes.
+    pub fn as_bytes<'a>(&'a self) -> &'a [u8; 32] {
+        &self.0
+    }
 
-    fn try_from(bytes: &[u8]) -> Result<MontgomeryPoint, CurveError> {
+    /// Convert this `MontgomeryPoint` to an array of bytes.
+    pub fn to_bytes(&self) -> [u8; 32] {
+        self.0
+    }
+
+    /// Attempt to create a `MontgomeryPoint` from a slice of bytes.
+    ///
+    /// # Returns
+    ///
+    /// An `Option<MontgomeryPoint>` which is `None` if the length of the slice
+    /// of bytes is not 32, or if the bytes did not represent a canonical
+    /// `FieldElement`.
+    pub fn from_slice(bytes: &[u8]) -> Option<MontgomeryPoint> {
         if bytes.len() != 32 {
-            return Err(CurveError(
-                InternalError::BytesLengthError{name: "MontgomeryPoint", length: 32}));
+            return None;
         }
 
         let mut array = [0u8; 32];
@@ -127,23 +139,9 @@ impl TryFrom<&[u8]> for MontgomeryPoint {
         let P = MontgomeryPoint(array);
 
         if P.is_valid() {
-            return Ok(P);
+            return Some(P);
         }
-
-        Err(CurveError(
-            InternalError::BytesLengthError{name: "MontgomeryPoint", length: 32}))
-    }
-}
-
-impl MontgomeryPoint {
-    /// View this `MontgomeryPoint` as an array of bytes.
-    pub fn as_bytes<'a>(&'a self) -> &'a [u8; 32] {
-        &self.0
-    }
-
-    /// Convert this `MontgomeryPoint` to an array of bytes.
-    pub fn to_bytes(&self) -> [u8; 32] {
-        self.0
+        None
     }
 
     /// Attempt to convert to an `EdwardsPoint`, using the supplied

diff --git a/src/ristretto.rs b/src/ristretto.rs
@@ -158,7 +158,6 @@
 //! https://ristretto.group/
 
 use core::borrow::Borrow;
-use core::convert::TryFrom;
 use core::fmt::Debug;
 use core::iter::Sum;
 use core::ops::{Add, Neg, Sub};
@@ -181,8 +180,6 @@ use subtle::ConstantTimeEq;
 use edwards::EdwardsBasepointTable;
 use edwards::EdwardsPoint;
 
-use errors::{CurveError, InternalError};
-
 #[allow(unused_imports)]
 use prelude::*;
 
@@ -220,19 +217,6 @@ impl ConstantTimeEq for CompressedRistretto {
     }
 }
 
-impl TryFrom<&[u8]> for CompressedRistretto {
-    type Error = CurveError;
-
-    fn try_from(bytes: &[u8]) -> Result<CompressedRistretto, CurveError> {
-        if bytes.len() != 32 {
-            return Err(CurveError(
-                InternalError::BytesLengthError{name: "CompressedRistretto", length: 32}));
-        }
-
-        Ok(CompressedRistretto::from_slice(bytes))
-    }
-}
-
 impl CompressedRistretto {
     /// Copy the bytes of this `CompressedRistretto`.
     pub fn to_bytes(&self) -> [u8; 32] {
@@ -246,17 +230,20 @@ impl CompressedRistretto {
 
     /// Construct a `CompressedRistretto` from a slice of bytes.
     ///
-    /// # Panics
+    /// # Returns
     ///
-    /// If the input `bytes` slice does not have a length of 32.  For a
-    /// panic-safe version of this API, see the implementation of
-    /// `TryFrom<&[u8]>`.
-    pub fn from_slice(bytes: &[u8]) -> CompressedRistretto {
+    /// An `Option<CompressedRistretto>` which is `None` if the input `bytes`
+    /// slice does not have a length of 32.
+    pub fn from_slice(bytes: &[u8]) -> Option<CompressedRistretto> {
+        if bytes.len() != 32 {
+            return None;
+        }
+
         let mut tmp = [0u8; 32];
 
         tmp.copy_from_slice(bytes);
 
-        CompressedRistretto(tmp)
+        Some(CompressedRistretto(tmp))
     }
 
     /// Attempt to decompress to an `RistrettoPoint`.