Skip to content

Commit 8f0ced5

Browse files
authored
pbkdf2: apply workspace-level lints (#884)
Adds the workspace-level config from RustCrypto/utils#1411 to this repo and applies it to `pbkdf2`.
1 parent 267d901 commit 8f0ced5

9 files changed

Lines changed: 85 additions & 13 deletions

File tree

.clippy.toml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
allow-unwrap-in-consts = true
2+
allow-unwrap-in-tests = true

Cargo.toml

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,45 @@ exclude = ["benches", "fuzz"]
1616
[profile.dev]
1717
opt-level = 2
1818

19+
[workspace.lints.clippy]
20+
borrow_as_ptr = "warn"
21+
cast_lossless = "warn"
22+
cast_possible_truncation = "warn"
23+
cast_possible_wrap = "warn"
24+
cast_precision_loss = "warn"
25+
cast_sign_loss = "warn"
26+
checked_conversions = "warn"
27+
doc_markdown = "warn"
28+
from_iter_instead_of_collect = "warn"
29+
implicit_saturating_sub = "warn"
30+
manual_assert = "warn"
31+
map_unwrap_or = "warn"
32+
missing_errors_doc = "warn"
33+
missing_panics_doc = "warn"
34+
mod_module_files = "warn"
35+
must_use_candidate = "warn"
36+
needless_range_loop = "allow"
37+
ptr_as_ptr = "warn"
38+
redundant_closure_for_method_calls = "warn"
39+
ref_as_ptr = "warn"
40+
return_self_not_must_use = "warn"
41+
semicolon_if_nothing_returned = "warn"
42+
trivially_copy_pass_by_ref = "warn"
43+
std_instead_of_alloc = "warn"
44+
std_instead_of_core = "warn"
45+
undocumented_unsafe_blocks = "warn"
46+
unnecessary_safety_comment = "warn"
47+
unwrap_used = "warn"
48+
49+
[workspace.lints.rust]
50+
missing_copy_implementations = "warn"
51+
missing_debug_implementations = "warn"
52+
missing_docs = "warn"
53+
trivial_casts = "warn"
54+
trivial_numeric_casts = "warn"
55+
unused_lifetimes = "warn"
56+
unused_qualifications = "warn"
57+
1958
[patch.crates-io]
2059
argon2 = { path = "./argon2" }
2160
pbkdf2 = { path = "./pbkdf2" }

pbkdf2/Cargo.toml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -42,5 +42,8 @@ phc = ["password-hash/phc", "sha2"]
4242
rand_core = ["password-hash/rand_core"]
4343
sha2 = ["hmac", "dep:sha2"]
4444

45+
[lints]
46+
workspace = true
47+
4548
[package.metadata.docs.rs]
4649
all-features = true

pbkdf2/README.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
# RustCrypto: PBKDF2
1+
# [RustCrypto]: PBKDF2
22

33
[![crate][crate-image]][crate-link]
44
[![Docs][docs-image]][docs-link]
@@ -40,7 +40,8 @@ dual licensed as above, without any additional terms or conditions.
4040
[build-image]: https://github.com/RustCrypto/password-hashes/workflows/pbkdf2/badge.svg?branch=master&event=push
4141
[build-link]: https://github.com/RustCrypto/password-hashes/actions?query=workflow%3Apbkdf2
4242

43-
[//]: # (general links)
43+
[//]: # (links)
4444

45+
[RustCrypto]: https://github.com/RustCrypto
4546
[1]: https://en.wikipedia.org/wiki/PBKDF2
4647
[2]: https://datatracker.ietf.org/doc/html/rfc2898

pbkdf2/src/algorithm.rs

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -47,12 +47,16 @@ impl Algorithm {
4747
pub const RECOMMENDED: Self = Self::Pbkdf2Sha256;
4848

4949
/// Parse an [`Algorithm`] from the provided string.
50+
///
51+
/// # Errors
52+
/// If the provided algorithm `id` is not known/supported.
5053
#[cfg(feature = "password-hash")]
5154
pub fn new(id: impl AsRef<str>) -> password_hash::Result<Self> {
5255
id.as_ref().parse()
5356
}
5457

5558
/// Get the Modular Crypt Format algorithm identifier for this algorithm.
59+
#[must_use]
5660
pub const fn to_str(self) -> &'static str {
5761
match self {
5862
#[cfg(feature = "sha2")]

pbkdf2/src/lib.rs

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -155,6 +155,9 @@ where
155155
/// .expect("HMAC can be initialized with any key length");
156156
/// assert_eq!(buf, hex!("669cfe52482116fda1aa2cbe409b2f56c8e45637"));
157157
/// ```
158+
///
159+
/// # Errors
160+
/// Returns `InvalidLength` if the length of `password` is unsupported by `PRF`.
158161
#[inline]
159162
pub fn pbkdf2<PRF>(
160163
password: &[u8],
@@ -169,6 +172,7 @@ where
169172
let prf = PRF::new_from_slice(password)?;
170173

171174
for (i, chunk) in res.chunks_mut(n).enumerate() {
175+
#[allow(clippy::cast_possible_truncation, reason = "TODO")]
172176
pbkdf2_body(i as u32, chunk, &prf, salt, rounds);
173177
}
174178

@@ -186,6 +190,9 @@ where
186190
/// .expect("HMAC can be initialized with any key length");
187191
/// assert_eq!(res, hex!("669cfe52482116fda1aa2cbe409b2f56c8e45637"));
188192
/// ```
193+
///
194+
/// # Errors
195+
/// Returns `InvalidLength` if the length of `password` is unsupported by `PRF`.
189196
#[inline]
190197
pub fn pbkdf2_array<PRF, const N: usize>(
191198
password: &[u8],
@@ -213,6 +220,7 @@ where
213220
/// assert_eq!(buf, hex!("669cfe52482116fda1aa2cbe409b2f56c8e45637"));
214221
/// ```
215222
#[cfg(feature = "hmac")]
223+
#[allow(clippy::missing_panics_doc, reason = "condition should not occur")]
216224
pub fn pbkdf2_hmac<D: EagerHash>(password: &[u8], salt: &[u8], rounds: u32, res: &mut [u8]) {
217225
pbkdf2::<hmac::Hmac<D>>(password, salt, rounds, res)
218226
.expect("HMAC can be initialized with any key length");
@@ -232,6 +240,7 @@ pub fn pbkdf2_hmac<D: EagerHash>(password: &[u8], salt: &[u8], rounds: u32, res:
232240
/// );
233241
/// ```
234242
#[cfg(feature = "hmac")]
243+
#[must_use]
235244
pub fn pbkdf2_hmac_array<D: EagerHash, const N: usize>(
236245
password: &[u8],
237246
salt: &[u8],
@@ -310,6 +319,7 @@ impl Pbkdf2 {
310319
#[cfg(feature = "sha2")]
311320
impl Pbkdf2 {
312321
/// Initialize [`Pbkdf2`] with default parameters.
322+
#[must_use]
313323
pub const fn new(algorithm: Algorithm, params: Params) -> Self {
314324
Self { algorithm, params }
315325
}

pbkdf2/src/mcf.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -124,8 +124,8 @@ impl PasswordVerifier<PasswordHashRef> for Pbkdf2 {
124124
}
125125
}
126126

127-
// TODO(tarcieri): tests for SHA-1
128127
#[cfg(test)]
128+
#[allow(clippy::unwrap_used)]
129129
mod tests {
130130
use crate::Pbkdf2;
131131
use mcf::PasswordHashRef;

pbkdf2/src/params.rs

Lines changed: 17 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -63,6 +63,7 @@ impl Params {
6363
};
6464

6565
/// Recommended PBKDF2 parameters for the selected algorithm.
66+
#[must_use]
6667
pub const fn recommended_for(algorithm: Algorithm) -> Self {
6768
let rounds = match algorithm {
6869
Algorithm::Pbkdf2Sha256 => Self::RECOMMENDED_ROUNDS,
@@ -76,12 +77,20 @@ impl Params {
7677
}
7778

7879
/// Create new params with the given number of rounds.
80+
///
81+
/// # Errors
82+
/// If the number of rounds is less than [`Params::MIN_ROUNDS`].
7983
#[cfg(feature = "password-hash")]
8084
pub const fn new(rounds: u32) -> Result<Self> {
8185
Self::new_with_output_len(rounds, Self::RECOMMENDED_OUTPUT_LENGTH)
8286
}
8387

8488
/// Create new params with a customized output length.
89+
///
90+
/// # Errors
91+
/// - If the number of rounds is less than [`Params::MIN_ROUNDS`].
92+
/// - If `output_len` is shorter than [`Params::MIN_OUTPUT_LENGTH`].
93+
/// - If `output_len` is longer than [`Params::MAX_OUTPUT_LENGTH`].
8594
#[cfg(feature = "password-hash")]
8695
pub const fn new_with_output_len(rounds: u32, output_len: usize) -> Result<Self> {
8796
if rounds < Self::MIN_ROUNDS
@@ -95,11 +104,13 @@ impl Params {
95104
}
96105

97106
/// Get the number of rounds.
107+
#[must_use]
98108
pub const fn rounds(self) -> u32 {
99109
self.rounds
100110
}
101111

102112
/// Get the output length.
113+
#[must_use]
103114
pub const fn output_len(self) -> usize {
104115
self.output_len
105116
}
@@ -141,7 +152,7 @@ impl TryFrom<u32> for Params {
141152
impl TryFrom<&ParamsString> for Params {
142153
type Error = Error;
143154

144-
fn try_from(params_string: &ParamsString) -> password_hash::Result<Self> {
155+
fn try_from(params_string: &ParamsString) -> Result<Self> {
145156
let mut rounds = Params::RECOMMENDED_ROUNDS;
146157
let mut output_len = Params::RECOMMENDED_OUTPUT_LENGTH;
147158

@@ -179,7 +190,7 @@ impl TryFrom<&ParamsString> for Params {
179190
impl TryFrom<&phc::PasswordHash> for Params {
180191
type Error = Error;
181192

182-
fn try_from(hash: &phc::PasswordHash) -> password_hash::Result<Self> {
193+
fn try_from(hash: &phc::PasswordHash) -> Result<Self> {
183194
if hash.version.is_some() {
184195
return Err(Error::Version);
185196
}
@@ -200,7 +211,7 @@ impl TryFrom<&phc::PasswordHash> for Params {
200211
impl TryFrom<Params> for ParamsString {
201212
type Error = Error;
202213

203-
fn try_from(params: Params) -> password_hash::Result<ParamsString> {
214+
fn try_from(params: Params) -> Result<ParamsString> {
204215
Self::try_from(&params)
205216
}
206217
}
@@ -209,10 +220,11 @@ impl TryFrom<Params> for ParamsString {
209220
impl TryFrom<&Params> for ParamsString {
210221
type Error = Error;
211222

212-
fn try_from(input: &Params) -> password_hash::Result<ParamsString> {
223+
fn try_from(input: &Params) -> Result<ParamsString> {
213224
let mut output = ParamsString::new();
225+
let output_len = Decimal::try_from(input.output_len).map_err(|_| Error::OutputSize)?;
214226

215-
for (name, value) in [("i", input.rounds), ("l", input.output_len as Decimal)] {
227+
for (name, value) in [("i", input.rounds), ("l", output_len)] {
216228
output
217229
.add_decimal(name, value)
218230
.map_err(|_| Error::ParamInvalid { name })?;

pbkdf2/tests/pbkdf2.rs

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,7 @@
1+
//! Integration tests.
2+
13
#![cfg(feature = "hmac")]
4+
#![allow(clippy::unwrap_used)]
25

36
use belt_hash::BeltHash;
47
use hex_literal::hex;
@@ -23,8 +26,7 @@ macro_rules! test {
2326
};
2427
}
2528

26-
/// Test vectors from RFC 6070:
27-
/// https://www.rfc-editor.org/rfc/rfc6070
29+
/// Test vectors from RFC 6070: <https://www.rfc-editor.org/rfc/rfc6070>
2830
#[test]
2931
fn pbkdf2_rfc6070() {
3032
test!(
@@ -40,8 +42,7 @@ fn pbkdf2_rfc6070() {
4042
);
4143
}
4244

43-
/// Test vectors from R 50.1.111-2016:
44-
/// https://tc26.ru/standard/rs/Р%2050.1.111-2016.pdf
45+
/// Test vectors from R 50.1.111-2016: <https://tc26.ru/standard/rs/Р%2050.1.111-2016.pdf>
4546
#[test]
4647
fn pbkdf2_streebog() {
4748
test!(
@@ -84,7 +85,7 @@ fn pbkdf2_streebog() {
8485
}
8586

8687
/// Test vector from STB 34.101.45-2013 (page 33):
87-
/// https://apmi.bsu.by/assets/files/std/bign-spec294.pdf
88+
/// <https://apmi.bsu.by/assets/files/std/bign-spec294.pdf>
8889
#[test]
8990
fn pbkdf2_belt() {
9091
test!(

0 commit comments

Comments
 (0)