Merge pull request #3 from miscreant/2018-edition

Update to Rust 2018 edition

.travis.yml

@@ -1,34 +1,37 @@
 language: rust
-rust: stable
+cache: cargo
+
+branches:
+  only:
+    - master
+
+rust:
+  - 1.31.0
+  - stable
+
+os:
+  - linux
+  - osx
+  - windows
 
 env:
-- RUSTFLAGS=-Ctarget-feature=+aes
+  - RUSTFLAGS=-Ctarget-feature=+aes
 
 matrix:
   fast_finish: true
   allow_failures:
-  # TODO: fix `no_std` builds
-  - script: cargo build --no-default-features
-  include:
-  - name: audit
-    install: cargo install cargo-audit
-    script: cargo check && cargo audit
-  - name: rustfmt
-    install: rustup component add rustfmt-preview
-    script: cargo fmt -- --check
-  - name: clippy
-    install: rustup component add clippy-preview
-    script: cargo clippy
-  - name: build --no-default-features
-    script: cargo build --no-default-features
-  - name: build --release
-    script: cargo build --release
-  - name: test (rust 1.27)
-    rust: 1.27.0
-    script: cargo test
-  - name: test (rust stable)
-    script: cargo test
+    - os: osx
+    - os: windows
 
-branches:
-  only:
-  - master
+install:
+  - rustup component add rustfmt
+  - rustup component add clippy-preview
+  - command -v cargo-audit >/dev/null 2>&1 || cargo install cargo-audit
+
+script:
+  - cargo fmt --all -- --check
+  - cargo clippy --all
+  - cargo build --no-default-features --release
+  - cargo build --release
+  - cargo test --release
+  - cargo doc --no-deps

Cargo.toml

@@ -1,14 +1,19 @@
 [package]
 name        = "miscreant"
-description = "Misuse resistant symmetric encryption library providing AES-SIV (RFC 5297), AES-PMAC-SIV, and STREAM constructions"
+description = """
+              Symmetric encryption library providing misuse-resistant
+              authenticated encryption (MRAE) including AES-SIV (RFC 5297),
+              AES-PMAC-SIV, and the STREAM segmented encryption construction.
+              """
 version     = "0.4.0-beta2" # Also update html_root_url in lib.rs when bumping this
-license     = "MIT/Apache-2.0"
+license     = "Apache-2.0 or MIT"
 authors     = ["Tony Arcieri <bascule@gmail.com>"]
 homepage    = "https://miscreant.io"
-repository  = "https://github.com/miscreant/miscreant/tree/master/rust"
+repository  = "https://github.com/miscreant/miscreant-rs"
 readme      = "README.md"
 categories  = ["cryptography", "no-std"]
 keywords    = ["aes", "cryptography", "encryption", "security", "streaming"]
+edition     = "2018"
 
 [lib]
 crate-type = ["rlib", "staticlib"]
@@ -18,41 +23,46 @@ aes = "0.1.0"
 crypto-mac = "0.6"
 block-modes = "0.1"
 byteorder = { version = "1.2", default-features = false }
-clear_on_drop = "0.2"
 cmac = "0.1"
 dbl = "0.1"
 pmac = "0.1"
 ring = { version = "0.13", optional = true }
 subtle = { version = "0.3", default-features = false }
+zeroize = { version = "0.4", default-features = false, features = ["linux-backport", "windows"] }
 
 [dev-dependencies]
 data-encoding = "2.0"
 serde_json = "1"
 
 [features]
 aes-soft = ["aes/force_soft"]
+alloc = []
 bench = ["ring"]
 default = ["std"]
-nightly = ["clear_on_drop/nightly"]
+nightly = ["zeroize/nightly"]
 staticlib = []
-std = []
+std = ["alloc"]
+
+[profile.dev]
+panic = "abort"
 
 [profile.release]
-opt-level = 3
+codegen-units = 1
 debug = false
-rpath = false
-lto = false
 debug-assertions = false
-codegen-units = 1
+lto = false
+opt-level = 3
+overflow-checks = true
 panic = "abort"
+rpath = false
 
 [profile.bench]
-opt-level = 3
+codegen-units = 1
 debug = false
-rpath = false
-lto = false
 debug-assertions = false
-codegen-units = 1
+lto = false
+opt-level = 3
+rpath = false
 
 [package.metadata.docs.rs]
 features = ["std"]

README.md

@@ -29,15 +29,10 @@ AES modes where it can facilitate [chosen ciphertext attacks].
 
 ## Requirements
 
-miscreant.rs works on stable rust since `1.27`. By default it is built with aesni
-support which requires an x86 instruction set. You can disable this with the `aes-soft`
-feature flag which enables usage on other architectures.
+**miscreant.rs** requires Rust 1.31+.
 
-The default configuration uses the `core::arch` API for stable access to 
-CPU intrinsics, namely the [Intel AES-NI]  instructions which provide a 
-hardware implementation of AES.
-
-To access these features, you will need to pass the following as RUSTFLAGS:
+To enable hardware accelerated AES support on x86/x86_64 using [Intel AES-NI]
+instructions, you will need to pass the following `RUSTFLAGS`:
 
 ```
 RUSTFLAGS=-Ctarget-feature=+aes
@@ -50,6 +45,9 @@ You can configure your `~/.cargo/config` to always pass these flags:
 rustflags = ["-Ctarget-feature=+aes"]
 ```
 
+To force usage of a software implementation of AES, use the `aes-soft`
+feature flag which enables usage on other CPU architectures.
+
 ## Help and Discussion
 
 Have questions? Want to suggest a feature or change?

src/aead.rs

@@ -2,19 +2,27 @@
 //! Symmetric encryption which ensures message confidentiality, integrity,
 //! and authenticity.
 
-use aes::block_cipher_trait::generic_array::typenum::{U16, U32, U64};
-use aes::block_cipher_trait::generic_array::{ArrayLength, GenericArray};
-use aes::block_cipher_trait::BlockCipher;
-use aes::{Aes128, Aes256};
+#[cfg(feature = "alloc")]
+use crate::{ctr::IV_SIZE, prelude::*};
+use crate::{
+    ctr::{Aes128Ctr, Aes256Ctr, Ctr},
+    error::Error,
+    siv::Siv,
+};
+use aes::{
+    block_cipher_trait::{
+        generic_array::{
+            typenum::{U16, U32, U64},
+            ArrayLength, GenericArray,
+        },
+        BlockCipher,
+    },
+    Aes128, Aes256,
+};
 use cmac::Cmac;
 use core::marker::PhantomData;
 use crypto_mac::Mac;
-#[cfg(feature = "std")]
-use ctr::IV_SIZE;
-use ctr::{Aes128Ctr, Aes256Ctr, Ctr};
-use error::Error;
 use pmac::Pmac;
-use siv::Siv;
 
 /// An AEAD algorithm
 pub trait Algorithm {
@@ -73,7 +81,7 @@ pub trait Algorithm {
     ) -> Result<&'a [u8], Error>;
 
     /// Encrypt the given plaintext, allocating and returning a Vec<u8> for the ciphertext
-    #[cfg(feature = "std")]
+    #[cfg(feature = "alloc")]
     fn seal(&mut self, nonce: &[u8], associated_data: &[u8], plaintext: &[u8]) -> Vec<u8> {
         let mut buffer = vec![0; IV_SIZE + plaintext.len()];
         buffer[IV_SIZE..].copy_from_slice(plaintext);
@@ -82,7 +90,7 @@ pub trait Algorithm {
     }
 
     /// Decrypt the given ciphertext, allocating and returning a Vec<u8> for the plaintext
-    #[cfg(feature = "std")]
+    #[cfg(feature = "alloc")]
     fn open(
         &mut self,
         nonce: &[u8],

src/bench.rs

@@ -116,7 +116,8 @@ fn bench_aes_gcm_128_encrypt_128_bytes(b: &mut Bencher) {
             &b""[..],
             &mut buffer,
             sealing_key.algorithm().tag_len(),
-        ).unwrap();
+        )
+        .unwrap();
     });
 }
 
@@ -136,7 +137,8 @@ fn bench_aes_gcm_128_encrypt_1024_bytes(b: &mut Bencher) {
             &b""[..],
             &mut buffer,
             sealing_key.algorithm().tag_len(),
-        ).unwrap();
+        )
+        .unwrap();
     });
 }
 
@@ -156,6 +158,7 @@ fn bench_aes_gcm_128_encrypt_16384_bytes(b: &mut Bencher) {
             &b""[..],
             &mut buffer,
             sealing_key.algorithm().tag_len(),
-        ).unwrap();
+        )
+        .unwrap();
     });
 }

src/ctr.rs

@@ -4,12 +4,15 @@
 //! AES-CTR implementation. We should really get rid of it and leverage the
 //! `Ctr` types in the `block-modes` crate directly.
 
-use aes::block_cipher_trait::generic_array::typenum::consts::U16;
-use aes::block_cipher_trait::generic_array::{ArrayLength, GenericArray};
-use aes::{Aes128, Aes256, BlockCipher};
-use block_modes::block_padding::ZeroPadding;
-use block_modes::{BlockMode, BlockModeIv, Ctr128};
-use clear_on_drop::clear::Clear;
+use aes::{
+    block_cipher_trait::{
+        generic_array::{typenum::consts::U16, ArrayLength, GenericArray},
+        BlockCipher,
+    },
+    Aes128, Aes256,
+};
+use block_modes::{block_padding::ZeroPadding, BlockMode, BlockModeIv, Ctr128};
+use zeroize::Zeroize;
 
 /// Size of the initial counter value in bytes
 pub const IV_SIZE: usize = 16;
@@ -72,7 +75,7 @@ impl Ctr<Aes128> for Aes128Ctr {
 
 impl Drop for Aes128Ctr {
     fn drop(&mut self) {
-        self.key.clear()
+        self.key.zeroize()
     }
 }
 
@@ -101,7 +104,7 @@ impl Ctr<Aes256> for Aes256Ctr {
 
 impl Drop for Aes256Ctr {
     fn drop(&mut self) {
-        self.key.clear()
+        self.key.zeroize()
     }
 }
 

src/ffi.rs

@@ -1,9 +1,12 @@
 //! `ffi.rs`: Foreign Function Interface providing C ABI
+//!
+//! TODO: replace this with cbindgen?
 
 // This is the only code in Miscreant allowed to be unsafe
-#![allow(unsafe_code, non_upper_case_globals, unknown_lints, too_many_arguments)]
+#![allow(unsafe_code, non_upper_case_globals, unknown_lints)]
+#![allow(clippy::too_many_arguments)]
 
-use aead;
+use crate::aead;
 use aes::block_cipher_trait::generic_array::typenum::Unsigned;
 use core::{ptr, slice};
 
@@ -206,7 +209,7 @@ unsafe fn aead_encrypt<A: aead::Algorithm>(
     }
 
     *ctlen_p = msglen.checked_add(taglen as u64).expect("overflow");
-    ptr::copy(msg, ct.offset(taglen as isize), msglen as usize);
+    ptr::copy(msg, ct.add(taglen), msglen as usize);
 
     let key_slice = slice::from_raw_parts(key, A::KeySize::to_usize());
     let ct_slice = slice::from_raw_parts_mut(ct, *ctlen_p as usize);
@@ -257,7 +260,7 @@ unsafe fn aead_decrypt<A: aead::Algorithm>(
     }
 
     // Move the message to the beginning of the buffer
-    ptr::copy(msg.offset(taglen as isize), msg, *msglen_p as usize);
+    ptr::copy(msg.add(taglen), msg, *msglen_p as usize);
 
     // Zero out the end of the buffer
     for c in msg_slice[*msglen_p as usize..].iter_mut() {

src/lib.rs

@@ -23,28 +23,17 @@
 //! [build]
 //! rustflags = ["-Ctarget-feature=+aes"]
 //! ```
-//!
-#![crate_name = "miscreant"]
-#![crate_type = "lib"]
+
+#![no_std]
 #![deny(warnings, missing_docs, trivial_casts, trivial_numeric_casts)]
 #![deny(unsafe_code, unused_import_braces, unused_qualifications)]
-#![cfg_attr(not(feature = "std"), no_std)]
+#![cfg_attr(all(feature = "nightly", not(feature = "std")), feature(alloc))]
 #![cfg_attr(feature = "bench", feature(test))]
-#![cfg_attr(feature = "staticlib", feature(lang_items))]
 #![doc(html_root_url = "https://docs.rs/miscreant/0.4.0-beta2")]
 
-extern crate aes;
-extern crate block_modes;
-extern crate byteorder;
-extern crate clear_on_drop;
-extern crate cmac;
-extern crate crypto_mac;
-extern crate dbl;
-extern crate pmac;
-extern crate subtle;
-
 #[cfg(feature = "std")]
-extern crate core;
+#[macro_use]
+extern crate std;
 
 #[cfg(all(feature = "bench", test))]
 extern crate test;
@@ -53,17 +42,16 @@ pub mod aead;
 mod ctr;
 pub mod error;
 pub mod ffi;
+mod prelude;
 mod s2v;
 pub mod siv;
 pub mod stream;
 
 #[cfg(feature = "bench")]
 mod bench;
 
-// no_std boilerplate for building a static library
-#[cfg(feature = "staticlib")]
-#[allow(unsafe_code)]
-#[lang = "panic_fmt"]
-extern "C" fn panic_fmt(_args: ::core::fmt::Arguments, _file: &'static str, _line: u32) -> ! {
+#[cfg(not(feature = "std"))]
+#[panic_handler]
+fn panic(_info: &core::panic::PanicInfo) -> ! {
     loop {}
 }

src/prelude.rs

@@ -0,0 +1,7 @@
+//! Use `std` or `alloc` prelude depending on selected cargo features
+
+#[cfg(all(feature = "alloc", not(feature = "std")))]
+pub use alloc::prelude::*;
+
+#[cfg(feature = "std")]
+pub use std::prelude::v1::*;