From 0d8206d6c5d07d57e57b96ae1a64583943b4feec Mon Sep 17 00:00:00 2001 From: Tony Arcieri Date: Sat, 19 Apr 2025 09:10:29 -0600 Subject: [PATCH] Upgrade to 2024 edition; MSRV 1.85 Also includes clippy and rustfmt fixes so we're clean on Rust 1.85 --- .github/workflows/ssh-cipher.yml | 4 +- .github/workflows/ssh-derive.yml | 2 +- .github/workflows/ssh-encoding.yml | 4 +- .github/workflows/ssh-key.yml | 4 +- .github/workflows/ssh-protocol.yml | 2 +- .github/workflows/workspace.yml | 2 +- ssh-cipher/Cargo.toml | 4 +- ssh-cipher/src/chacha20poly1305.rs | 2 +- ssh-cipher/src/decryptor.rs | 2 +- ssh-cipher/src/encryptor.rs | 2 +- ssh-cipher/src/lib.rs | 4 +- ssh-derive/Cargo.toml | 4 +- ssh-derive/src/decode.rs | 12 +++--- ssh-derive/src/encode.rs | 4 +- ssh-derive/src/lib.rs | 2 +- ssh-encoding/Cargo.toml | 4 +- ssh-encoding/src/decode.rs | 2 +- ssh-encoding/src/encode.rs | 2 +- ssh-encoding/src/pem/decode.rs | 4 +- ssh-encoding/src/pem/encode.rs | 6 +-- ssh-encoding/src/pem/writer.rs | 4 +- ssh-encoding/src/reader.rs | 2 +- ssh-encoding/tests/decode.rs | 4 +- ssh-key/Cargo.toml | 4 +- ssh-key/src/certificate.rs | 4 +- ssh-key/src/certificate/builder.rs | 2 +- ssh-key/src/certificate/options_map.rs | 26 ++++++------- ssh-key/src/certificate/unix_time.rs | 2 +- ssh-key/src/fingerprint.rs | 6 +-- ssh-key/src/ppk.rs | 8 ++-- ssh-key/src/private.rs | 6 +-- ssh-key/src/private/dsa.rs | 2 +- ssh-key/src/private/ecdsa.rs | 2 +- ssh-key/src/private/ed25519.rs | 2 +- ssh-key/src/private/keypair.rs | 2 +- ssh-key/src/private/opaque.rs | 2 +- ssh-key/src/private/rsa.rs | 4 +- ssh-key/src/private/sk.rs | 2 +- ssh-key/src/public.rs | 2 +- ssh-key/src/public/rsa.rs | 2 +- ssh-key/src/public/sk.rs | 2 +- ssh-key/src/public/ssh_format.rs | 6 ++- ssh-key/src/signature.rs | 54 ++++++++++++++++++-------- ssh-key/src/sshsig.rs | 9 ++--- ssh-key/tests/algorithm_name.rs | 4 +- ssh-key/tests/authorized_keys.rs | 20 ++++++++-- ssh-key/tests/certificate_builder.rs | 20 +++++----- ssh-key/tests/known_hosts.rs | 15 +++++-- ssh-key/tests/public_key.rs | 16 ++++---- ssh-protocol/Cargo.toml | 4 +- ssh-protocol/src/lib.rs | 4 +- 51 files changed, 178 insertions(+), 136 deletions(-) diff --git a/.github/workflows/ssh-cipher.yml b/.github/workflows/ssh-cipher.yml index d8588091..1e1d4765 100644 --- a/.github/workflows/ssh-cipher.yml +++ b/.github/workflows/ssh-cipher.yml @@ -30,7 +30,7 @@ jobs: strategy: matrix: rust: - - 1.81.0 # MSRV + - 1.85.0 # MSRV - stable target: - thumbv7em-none-eabi @@ -49,7 +49,7 @@ jobs: strategy: matrix: rust: - - 1.81.0 # MSRV + - 1.85.0 # MSRV - stable steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/ssh-derive.yml b/.github/workflows/ssh-derive.yml index c95a6182..96050e05 100644 --- a/.github/workflows/ssh-derive.yml +++ b/.github/workflows/ssh-derive.yml @@ -28,7 +28,7 @@ jobs: strategy: matrix: rust: - - 1.61.0 # MSRV + - 1.85.0 # MSRV - stable steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/ssh-encoding.yml b/.github/workflows/ssh-encoding.yml index be1590be..da374740 100644 --- a/.github/workflows/ssh-encoding.yml +++ b/.github/workflows/ssh-encoding.yml @@ -28,7 +28,7 @@ jobs: strategy: matrix: rust: - - 1.81.0 # MSRV + - 1.85.0 # MSRV - stable target: - thumbv7em-none-eabi @@ -47,7 +47,7 @@ jobs: strategy: matrix: rust: - - 1.81.0 # MSRV + - 1.85.0 # MSRV - stable steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/ssh-key.yml b/.github/workflows/ssh-key.yml index 2709d75a..3f1bb7de 100644 --- a/.github/workflows/ssh-key.yml +++ b/.github/workflows/ssh-key.yml @@ -60,7 +60,7 @@ jobs: strategy: matrix: rust: - - 1.81.0 # MSRV + - 1.85.0 # MSRV - stable target: - thumbv7em-none-eabi @@ -80,7 +80,7 @@ jobs: strategy: matrix: rust: - - 1.81.0 # MSRV + - 1.85.0 # MSRV - stable steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/ssh-protocol.yml b/.github/workflows/ssh-protocol.yml index 2ca97942..172ac184 100644 --- a/.github/workflows/ssh-protocol.yml +++ b/.github/workflows/ssh-protocol.yml @@ -25,7 +25,7 @@ jobs: strategy: matrix: rust: - - 1.81.0 # MSRV + - 1.85.0 # MSRV - stable steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/workspace.yml b/.github/workflows/workspace.yml index 9e004cb4..e8a7988e 100644 --- a/.github/workflows/workspace.yml +++ b/.github/workflows/workspace.yml @@ -21,7 +21,7 @@ jobs: - uses: actions/checkout@v4 - uses: dtolnay/rust-toolchain@stable with: - toolchain: 1.81.0 + toolchain: 1.85.0 components: clippy - run: cargo clippy --all-features diff --git a/ssh-cipher/Cargo.toml b/ssh-cipher/Cargo.toml index cf1cdc97..686a28c9 100644 --- a/ssh-cipher/Cargo.toml +++ b/ssh-cipher/Cargo.toml @@ -15,8 +15,8 @@ repository = "https://github.com/RustCrypto/SSH" categories = ["cryptography", "no-std"] keywords = ["crypto", "encryption", "openssh", "ssh"] readme = "README.md" -edition = "2021" -rust-version = "1.81" +edition = "2024" +rust-version = "1.85" [dependencies] cipher = "=0.5.0-pre.6" diff --git a/ssh-cipher/src/chacha20poly1305.rs b/ssh-cipher/src/chacha20poly1305.rs index 62c9d6e8..89d0eac6 100644 --- a/ssh-cipher/src/chacha20poly1305.rs +++ b/ssh-cipher/src/chacha20poly1305.rs @@ -4,8 +4,8 @@ pub use chacha20::ChaCha20Legacy as ChaCha20; use crate::Tag; use aead::{ - array::typenum::{U0, U16, U32, U8}, AeadCore, Error, KeyInit, KeySizeUser, Result, + array::typenum::{U0, U8, U16, U32}, }; use cipher::{KeyIvInit, StreamCipher, StreamCipherSeek}; use poly1305::Poly1305; diff --git a/ssh-cipher/src/decryptor.rs b/ssh-cipher/src/decryptor.rs index 13f495c3..e7b48106 100644 --- a/ssh-cipher/src/decryptor.rs +++ b/ssh-cipher/src/decryptor.rs @@ -4,7 +4,7 @@ use crate::{Cipher, Error, Result}; use cipher::KeyIvInit; #[cfg(feature = "aes-ctr")] -use crate::{encryptor::ctr_encrypt as ctr_decrypt, Ctr128BE}; +use crate::{Ctr128BE, encryptor::ctr_encrypt as ctr_decrypt}; #[cfg(feature = "tdes")] use des::TdesEde3; diff --git a/ssh-cipher/src/encryptor.rs b/ssh-cipher/src/encryptor.rs index f69d8cd2..67c9a2a7 100644 --- a/ssh-cipher/src/encryptor.rs +++ b/ssh-cipher/src/encryptor.rs @@ -6,7 +6,7 @@ use cipher::{Block, BlockCipher, BlockCipherEncrypt, KeyIvInit}; #[cfg(feature = "aes-ctr")] use { crate::Ctr128BE, - cipher::{array::sizes::U16, StreamCipherCore}, + cipher::{StreamCipherCore, array::sizes::U16}, }; #[cfg(feature = "tdes")] diff --git a/ssh-cipher/src/lib.rs b/ssh-cipher/src/lib.rs index d2acdb8e..9412ddf1 100644 --- a/ssh-cipher/src/lib.rs +++ b/ssh-cipher/src/lib.rs @@ -39,13 +39,13 @@ pub use crate::{decryptor::Decryptor, encryptor::Encryptor}; #[cfg(feature = "chacha20poly1305")] pub use crate::chacha20poly1305::{ChaCha20, ChaCha20Poly1305, ChaChaKey, ChaChaNonce}; -use cipher::array::{typenum::U16, Array}; +use cipher::array::{Array, typenum::U16}; use core::{fmt, str}; use encoding::{Label, LabelError}; #[cfg(feature = "aes-gcm")] use { - aead::{array::typenum::U12, AeadInPlace}, + aead::{AeadInPlace, array::typenum::U12}, aes_gcm::{Aes128Gcm, Aes256Gcm}, }; diff --git a/ssh-derive/Cargo.toml b/ssh-derive/Cargo.toml index 0334fccd..1bde75fe 100644 --- a/ssh-derive/Cargo.toml +++ b/ssh-derive/Cargo.toml @@ -9,8 +9,8 @@ repository = "https://github.com/RustCrypto/SSH" categories = ["authentication", "cryptography", "encoding", "no-std", "parser-implementations"] keywords = ["crypto", "certificate", "key", "openssh", "ssh"] readme = "README.md" -edition = "2021" -rust-version = "1.61" +edition = "2024" +rust-version = "1.85" [lib] proc-macro = true diff --git a/ssh-derive/src/decode.rs b/ssh-derive/src/decode.rs index c72153e2..e73b8e98 100644 --- a/ssh-derive/src/decode.rs +++ b/ssh-derive/src/decode.rs @@ -2,7 +2,7 @@ use proc_macro2::TokenStream; use quote::quote; -use syn::{spanned::Spanned, DataEnum, DataStruct, DeriveInput}; +use syn::{DataEnum, DataStruct, DeriveInput, spanned::Spanned}; use crate::attributes::{ContainerAttributes, FieldAttributes}; @@ -222,10 +222,12 @@ mod tests { }); let actual = derive_for_fields(&syn::Fields::Named(fields), quote! { Self }); assert!(actual.is_err()); - assert!(actual - .unwrap_err() - .to_string() - .contains("unknown attribute")); + assert!( + actual + .unwrap_err() + .to_string() + .contains("unknown attribute") + ); } #[test] diff --git a/ssh-derive/src/encode.rs b/ssh-derive/src/encode.rs index a7bd23ab..c3dc5c9d 100644 --- a/ssh-derive/src/encode.rs +++ b/ssh-derive/src/encode.rs @@ -1,8 +1,8 @@ //! Support for deriving the `Encode` trait on structs. use proc_macro2::TokenStream; -use quote::{quote, ToTokens}; -use syn::{spanned::Spanned, DataEnum, DataStruct, DeriveInput}; +use quote::{ToTokens, quote}; +use syn::{DataEnum, DataStruct, DeriveInput, spanned::Spanned}; use crate::attributes::{ContainerAttributes, FieldAttributes}; diff --git a/ssh-derive/src/lib.rs b/ssh-derive/src/lib.rs index 1b8ca3a3..544a289a 100644 --- a/ssh-derive/src/lib.rs +++ b/ssh-derive/src/lib.rs @@ -29,7 +29,7 @@ mod decode; mod encode; use proc_macro::TokenStream; -use syn::{parse_macro_input, DeriveInput}; +use syn::{DeriveInput, parse_macro_input}; /// Derive the [`Decode`][1] trait on a `struct`. /// diff --git a/ssh-encoding/Cargo.toml b/ssh-encoding/Cargo.toml index 4fa53f35..3d748454 100644 --- a/ssh-encoding/Cargo.toml +++ b/ssh-encoding/Cargo.toml @@ -12,8 +12,8 @@ repository = "https://github.com/RustCrypto/SSH" categories = ["authentication", "cryptography", "encoding", "no-std", "parser-implementations"] keywords = ["crypto", "certificate", "key", "openssh", "ssh"] readme = "README.md" -edition = "2021" -rust-version = "1.81" +edition = "2024" +rust-version = "1.85" [dependencies] base64ct = { version = "1.7", optional = true } diff --git a/ssh-encoding/src/decode.rs b/ssh-encoding/src/decode.rs index d2f75fc1..a1b65825 100644 --- a/ssh-encoding/src/decode.rs +++ b/ssh-encoding/src/decode.rs @@ -3,7 +3,7 @@ //! //! [RFC4251 § 5]: https://datatracker.ietf.org/doc/html/rfc4251#section-5 -use crate::{reader::Reader, Error, Result}; +use crate::{Error, Result, reader::Reader}; #[cfg(feature = "alloc")] use alloc::{string::String, vec::Vec}; diff --git a/ssh-encoding/src/encode.rs b/ssh-encoding/src/encode.rs index a43e52fc..e7296f3c 100644 --- a/ssh-encoding/src/encode.rs +++ b/ssh-encoding/src/encode.rs @@ -3,7 +3,7 @@ //! //! [RFC4251 § 5]: https://datatracker.ietf.org/doc/html/rfc4251#section-5 -use crate::{checked::CheckedSum, writer::Writer, Error}; +use crate::{Error, checked::CheckedSum, writer::Writer}; use core::str; #[cfg(feature = "alloc")] diff --git a/ssh-encoding/src/pem/decode.rs b/ssh-encoding/src/pem/decode.rs index ae9ebe1a..7a7dabd7 100644 --- a/ssh-encoding/src/pem/decode.rs +++ b/ssh-encoding/src/pem/decode.rs @@ -1,4 +1,4 @@ -use super::{reader::PemReader, PemLabel}; +use super::{PemLabel, reader::PemReader}; use crate::{Decode, Reader}; /// Decoding trait for PEM documents. @@ -13,7 +13,7 @@ pub trait DecodePem: Decode + PemLabel + Sized { impl DecodePem for T { fn decode_pem(pem: impl AsRef<[u8]>) -> Result { - let mut reader = PemReader::new(pem.as_ref()).map_err(crate::Error::from)?; + let mut reader = PemReader::new(pem.as_ref())?; Self::validate_pem_label(reader.type_label()).map_err(crate::Error::from)?; let ret = Self::decode(&mut reader)?; diff --git a/ssh-encoding/src/pem/encode.rs b/ssh-encoding/src/pem/encode.rs index 031b0f56..152923a4 100644 --- a/ssh-encoding/src/pem/encode.rs +++ b/ssh-encoding/src/pem/encode.rs @@ -1,4 +1,4 @@ -use super::{writer::PemWriter, LineEnding, PemLabel}; +use super::{LineEnding, PemLabel, writer::PemWriter}; use crate::{Encode, Error}; use core::str; @@ -22,10 +22,10 @@ pub trait EncodePem: Encode + PemLabel { impl EncodePem for T { fn encode_pem<'o>(&self, line_ending: LineEnding, out: &'o mut [u8]) -> Result<&'o str, Error> { - let mut writer = PemWriter::new(Self::PEM_LABEL, line_ending, out).map_err(Error::from)?; + let mut writer = PemWriter::new(Self::PEM_LABEL, line_ending, out)?; self.encode(&mut writer)?; - let encoded_len = writer.finish().map_err(Error::from)?; + let encoded_len = writer.finish()?; str::from_utf8(&out[..encoded_len]).map_err(Error::from) } diff --git a/ssh-encoding/src/pem/writer.rs b/ssh-encoding/src/pem/writer.rs index 98161654..1d561919 100644 --- a/ssh-encoding/src/pem/writer.rs +++ b/ssh-encoding/src/pem/writer.rs @@ -1,4 +1,4 @@ -use super::{LineEnding, LINE_WIDTH}; +use super::{LINE_WIDTH, LineEnding}; use crate::{Result, Writer}; /// Inner PEM encoder. @@ -33,7 +33,7 @@ impl<'o> PemWriter<'o> { } } -impl<'o> Writer for PemWriter<'o> { +impl Writer for PemWriter<'_> { fn write(&mut self, bytes: &[u8]) -> Result<()> { Ok(self.inner.encode(bytes)?) } diff --git a/ssh-encoding/src/reader.rs b/ssh-encoding/src/reader.rs index 8f351ce4..35373d67 100644 --- a/ssh-encoding/src/reader.rs +++ b/ssh-encoding/src/reader.rs @@ -1,6 +1,6 @@ //! Reader trait and associated implementations. -use crate::{decode::Decode, Error, Result}; +use crate::{Error, Result, decode::Decode}; use core::str; /// Reader trait which decodes the binary SSH protocol serialization from diff --git a/ssh-encoding/tests/decode.rs b/ssh-encoding/tests/decode.rs index c64bdd77..fa7f3100 100644 --- a/ssh-encoding/tests/decode.rs +++ b/ssh-encoding/tests/decode.rs @@ -14,12 +14,12 @@ fn decode_u8() { fn decode_boolean() { let mut bytes = hex!("01").as_slice(); let ret = bool::decode(&mut bytes).unwrap(); - assert_eq!(ret, true); + assert!(ret); // "All non-zero values MUST be interpreted as TRUE" let mut bytes = hex!("FF").as_slice(); let ret = bool::decode(&mut bytes).unwrap(); - assert_eq!(ret, true); + assert!(ret); } #[test] diff --git a/ssh-key/Cargo.toml b/ssh-key/Cargo.toml index e458730e..eec820d3 100644 --- a/ssh-key/Cargo.toml +++ b/ssh-key/Cargo.toml @@ -14,8 +14,8 @@ repository = "https://github.com/RustCrypto/SSH" categories = ["authentication", "cryptography", "encoding", "no-std", "parser-implementations"] keywords = ["crypto", "certificate", "openssh", "ssh", "sshsig"] readme = "README.md" -edition = "2021" -rust-version = "1.81" +edition = "2024" +rust-version = "1.85" [dependencies] cipher = { package = "ssh-cipher", version = "=0.3.0-pre.2", features = ["zeroize"], path = "../ssh-cipher" } diff --git a/ssh-key/src/certificate.rs b/ssh-key/src/certificate.rs index 1658ec63..50aced3a 100644 --- a/ssh-key/src/certificate.rs +++ b/ssh-key/src/certificate.rs @@ -9,8 +9,8 @@ mod unix_time; pub use self::{builder::Builder, cert_type::CertType, field::Field, options_map::OptionsMap}; use crate::{ - public::{KeyData, SshFormat}, Algorithm, Error, Fingerprint, HashAlg, Result, Signature, + public::{KeyData, SshFormat}, }; use alloc::{ borrow::ToOwned, @@ -22,7 +22,7 @@ use encoding::{Base64Reader, CheckedSum, Decode, Encode, Reader, Writer}; use signature::Verifier; #[cfg(feature = "serde")] -use serde::{de, ser, Deserialize, Serialize}; +use serde::{Deserialize, Serialize, de, ser}; #[cfg(feature = "std")] use { diff --git a/ssh-key/src/certificate/builder.rs b/ssh-key/src/certificate/builder.rs index e67fba98..2a2e12c6 100644 --- a/ssh-key/src/certificate/builder.rs +++ b/ssh-key/src/certificate/builder.rs @@ -1,7 +1,7 @@ //! OpenSSH certificate builder. use super::{CertType, Certificate, Field, OptionsMap}; -use crate::{public, Result, Signature, SigningKey}; +use crate::{Result, Signature, SigningKey, public}; use alloc::{string::String, vec::Vec}; #[cfg(feature = "rand_core")] diff --git a/ssh-key/src/certificate/options_map.rs b/ssh-key/src/certificate/options_map.rs index fbc41305..3f2d2036 100644 --- a/ssh-key/src/certificate/options_map.rs +++ b/ssh-key/src/certificate/options_map.rs @@ -69,20 +69,18 @@ impl Decode for OptionsMap { impl Encode for OptionsMap { fn encoded_len(&self) -> encoding::Result { - self.iter() - .try_fold(4, |acc, (name, data)| { - [ - acc, - name.encoded_len()?, - if data.is_empty() { - 4 - } else { - data.encoded_len_prefixed()? - }, - ] - .checked_sum() - }) - .map_err(Into::into) + self.iter().try_fold(4, |acc, (name, data)| { + [ + acc, + name.encoded_len()?, + if data.is_empty() { + 4 + } else { + data.encoded_len_prefixed()? + }, + ] + .checked_sum() + }) } fn encode(&self, writer: &mut impl Writer) -> encoding::Result<()> { diff --git a/ssh-key/src/certificate/unix_time.rs b/ssh-key/src/certificate/unix_time.rs index 3407e9ac..0d31d2bf 100644 --- a/ssh-key/src/certificate/unix_time.rs +++ b/ssh-key/src/certificate/unix_time.rs @@ -120,7 +120,7 @@ impl fmt::Debug for UnixTime { #[cfg(test)] mod tests { - use super::{UnixTime, MAX_SECS}; + use super::{MAX_SECS, UnixTime}; use crate::Error; #[test] diff --git a/ssh-key/src/fingerprint.rs b/ssh-key/src/fingerprint.rs index 8125b2e6..1fd157ac 100644 --- a/ssh-key/src/fingerprint.rs +++ b/ssh-key/src/fingerprint.rs @@ -3,14 +3,14 @@ mod randomart; use self::randomart::Randomart; -use crate::{public, Error, HashAlg, Result}; +use crate::{Error, HashAlg, Result, public}; use core::{ fmt::{self, Display}, str::{self, FromStr}, }; use encoding::{ - base64::{Base64Unpadded, Encoding}, DigestWriter, Encode, + base64::{Base64Unpadded, Encoding}, }; use sha2::{Digest, Sha256, Sha512}; @@ -21,7 +21,7 @@ const FINGERPRINT_ERR_MSG: &str = "fingerprint encoding error"; use alloc::string::{String, ToString}; #[cfg(all(feature = "alloc", feature = "serde"))] -use serde::{de, ser, Deserialize, Serialize}; +use serde::{Deserialize, Serialize, de, ser}; /// SSH public key fingerprints. /// diff --git a/ssh-key/src/ppk.rs b/ssh-key/src/ppk.rs index 3d974e66..d612d921 100644 --- a/ssh-key/src/ppk.rs +++ b/ssh-key/src/ppk.rs @@ -116,11 +116,11 @@ impl Cipher { hash.update(password.as_bytes()); hash.finalize().to_vec() }; - hashes.extend_from_slice({ + hashes.extend_from_slice(&{ let mut hash = Sha1::default(); hash.update([0, 0, 0, 1]); hash.update(password.as_bytes()); - hash.finalize().as_slice() + hash.finalize() }); #[allow(clippy::unwrap_used)] // known size @@ -472,8 +472,8 @@ fn decode_private_key_as( #[cfg(feature = "rsa")] (Algorithm::Rsa { .. }, KeyData::Rsa(pk)) => { - use crate::private::{RsaKeypair, RsaPrivateKey}; use crate::Mpint; + use crate::private::{RsaKeypair, RsaPrivateKey}; let d = Mpint::decode(reader)?; let p = Mpint::decode(reader)?; @@ -486,8 +486,8 @@ fn decode_private_key_as( #[cfg(feature = "ed25519")] (Algorithm::Ed25519 { .. }, KeyData::Ed25519(pk)) => { // PPK encodes Ed25519 private exponent as an mpint - use crate::private::{Ed25519Keypair, Ed25519PrivateKey}; use crate::Mpint; + use crate::private::{Ed25519Keypair, Ed25519PrivateKey}; use zeroize::Zeroizing; // Copy and pad exponent diff --git a/ssh-key/src/private.rs b/ssh-key/src/private.rs index 0e70d0e5..88a3cfeb 100644 --- a/ssh-key/src/private.rs +++ b/ssh-key/src/private.rs @@ -124,13 +124,13 @@ pub use self::{ #[cfg(feature = "alloc")] pub use crate::{ + SshSig, private::{ dsa::{DsaKeypair, DsaPrivateKey}, opaque::{OpaqueKeypair, OpaqueKeypairBytes, OpaquePrivateKeyBytes}, rsa::{RsaKeypair, RsaPrivateKey}, sk::SkEd25519, }, - SshSig, }; #[cfg(feature = "ecdsa")] @@ -139,12 +139,12 @@ pub use self::ecdsa::{EcdsaKeypair, EcdsaPrivateKey}; #[cfg(all(feature = "alloc", feature = "ecdsa"))] pub use self::sk::SkEcdsaSha2NistP256; -use crate::{public, Algorithm, Cipher, Error, Fingerprint, HashAlg, Kdf, PublicKey, Result}; +use crate::{Algorithm, Cipher, Error, Fingerprint, HashAlg, Kdf, PublicKey, Result, public}; use cipher::Tag; use core::str; use encoding::{ - pem::{LineEnding, PemLabel}, CheckedSum, Decode, DecodePem, Encode, EncodePem, Reader, Writer, + pem::{LineEnding, PemLabel}, }; use subtle::{Choice, ConstantTimeEq}; diff --git a/ssh-key/src/private/dsa.rs b/ssh-key/src/private/dsa.rs index bbd0bbd3..2416d632 100644 --- a/ssh-key/src/private/dsa.rs +++ b/ssh-key/src/private/dsa.rs @@ -1,6 +1,6 @@ //! Digital Signature Algorithm (DSA) private keys. -use crate::{public::DsaPublicKey, Error, Mpint, Result}; +use crate::{Error, Mpint, Result, public::DsaPublicKey}; use core::fmt; use encoding::{CheckedSum, Decode, Encode, Reader, Writer}; use subtle::{Choice, ConstantTimeEq}; diff --git a/ssh-key/src/private/ecdsa.rs b/ssh-key/src/private/ecdsa.rs index 5b64d7ff..275988ee 100644 --- a/ssh-key/src/private/ecdsa.rs +++ b/ssh-key/src/private/ecdsa.rs @@ -1,6 +1,6 @@ //! Elliptic Curve Digital Signature Algorithm (ECDSA) private keys. -use crate::{public::EcdsaPublicKey, Algorithm, EcdsaCurve, Error, Result}; +use crate::{Algorithm, EcdsaCurve, Error, Result, public::EcdsaPublicKey}; use core::fmt; use encoding::{CheckedSum, Decode, Encode, Reader, Writer}; use sec1::consts::{U32, U48, U66}; diff --git a/ssh-key/src/private/ed25519.rs b/ssh-key/src/private/ed25519.rs index 2de6fe12..245bcdd0 100644 --- a/ssh-key/src/private/ed25519.rs +++ b/ssh-key/src/private/ed25519.rs @@ -2,7 +2,7 @@ //! //! Edwards Digital Signature Algorithm (EdDSA) over Curve25519. -use crate::{public::Ed25519PublicKey, Error, Result}; +use crate::{Error, Result, public::Ed25519PublicKey}; use core::fmt; use encoding::{CheckedSum, Decode, Encode, Reader, Writer}; use subtle::{Choice, ConstantTimeEq}; diff --git a/ssh-key/src/private/keypair.rs b/ssh-key/src/private/keypair.rs index ee8d6b1c..ab82e6f4 100644 --- a/ssh-key/src/private/keypair.rs +++ b/ssh-key/src/private/keypair.rs @@ -1,7 +1,7 @@ //! Private key pairs. use super::ed25519::Ed25519Keypair; -use crate::{public, Algorithm, Error, Result}; +use crate::{Algorithm, Error, Result, public}; use encoding::{CheckedSum, Decode, Encode, Reader, Writer}; use subtle::{Choice, ConstantTimeEq}; diff --git a/ssh-key/src/private/opaque.rs b/ssh-key/src/private/opaque.rs index 00cc5698..0afb2009 100644 --- a/ssh-key/src/private/opaque.rs +++ b/ssh-key/src/private/opaque.rs @@ -9,8 +9,8 @@ //! [RFC4251 § 6]: https://www.rfc-editor.org/rfc/rfc4251.html#section-6 use crate::{ - public::{OpaquePublicKey, OpaquePublicKeyBytes}, Algorithm, Error, Result, + public::{OpaquePublicKey, OpaquePublicKeyBytes}, }; use alloc::vec::Vec; use core::fmt; diff --git a/ssh-key/src/private/rsa.rs b/ssh-key/src/private/rsa.rs index e628d9a1..478b9c33 100644 --- a/ssh-key/src/private/rsa.rs +++ b/ssh-key/src/private/rsa.rs @@ -1,6 +1,6 @@ //! Rivest–Shamir–Adleman (RSA) private keys. -use crate::{public::RsaPublicKey, Error, Mpint, Result}; +use crate::{Error, Mpint, Result, public::RsaPublicKey}; use core::fmt; use encoding::{CheckedSum, Decode, Encode, Reader, Writer}; use subtle::{Choice, ConstantTimeEq}; @@ -13,7 +13,7 @@ use { pkcs1v15, traits::{PrivateKeyParts, PublicKeyParts}, }, - sha2::{digest::const_oid::AssociatedOid, Digest}, + sha2::{Digest, digest::const_oid::AssociatedOid}, }; /// RSA private key. diff --git a/ssh-key/src/private/sk.rs b/ssh-key/src/private/sk.rs index 2c272a53..10d96f75 100644 --- a/ssh-key/src/private/sk.rs +++ b/ssh-key/src/private/sk.rs @@ -2,7 +2,7 @@ //! //! [PROTOCOL.u2f]: https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.u2f?annotate=HEAD -use crate::{public, Error, Result}; +use crate::{Error, Result, public}; use alloc::vec::Vec; use encoding::{CheckedSum, Decode, Encode, Reader, Writer}; diff --git a/ssh-key/src/public.rs b/ssh-key/src/public.rs index fc02f9d4..e66df539 100644 --- a/ssh-key/src/public.rs +++ b/ssh-key/src/public.rs @@ -45,7 +45,7 @@ use { }; #[cfg(all(feature = "alloc", feature = "serde"))] -use serde::{de, ser, Deserialize, Serialize}; +use serde::{Deserialize, Serialize, de, ser}; #[cfg(feature = "std")] use std::{fs, path::Path}; diff --git a/ssh-key/src/public/rsa.rs b/ssh-key/src/public/rsa.rs index 35eda536..624d096d 100644 --- a/ssh-key/src/public/rsa.rs +++ b/ssh-key/src/public/rsa.rs @@ -8,7 +8,7 @@ use encoding::{CheckedSum, Decode, Encode, Reader, Writer}; use { crate::private::RsaKeypair, rsa::{pkcs1v15, traits::PublicKeyParts}, - sha2::{digest::const_oid::AssociatedOid, Digest}, + sha2::{Digest, digest::const_oid::AssociatedOid}, }; /// RSA public key. diff --git a/ssh-key/src/public/sk.rs b/ssh-key/src/public/sk.rs index 5f33758d..4220bd14 100644 --- a/ssh-key/src/public/sk.rs +++ b/ssh-key/src/public/sk.rs @@ -10,7 +10,7 @@ use encoding::{CheckedSum, Decode, Encode, Reader, Writer}; use alloc::{borrow::ToOwned, string::String}; #[cfg(feature = "ecdsa")] -use crate::{public::ecdsa::EcdsaNistP256PublicKey, EcdsaCurve}; +use crate::{EcdsaCurve, public::ecdsa::EcdsaNistP256PublicKey}; /// Default FIDO/U2F Security Key application string. const DEFAULT_APPLICATION_STRING: &str = "ssh:"; diff --git a/ssh-key/src/public/ssh_format.rs b/ssh-key/src/public/ssh_format.rs index efc723a9..d72d2f9f 100644 --- a/ssh-key/src/public/ssh_format.rs +++ b/ssh-key/src/public/ssh_format.rs @@ -121,8 +121,10 @@ fn decode_segment<'a>(bytes: &mut &'a [u8]) -> Result<&'a [u8]> { loop { match *bytes { - [b'A'..=b'Z' | b'a'..=b'z' | b'0'..=b'9' | b'+' | b'-' | b'/' | b'=' | b'@' | b'.', rest @ ..] => - { + [ + b'A'..=b'Z' | b'a'..=b'z' | b'0'..=b'9' | b'+' | b'-' | b'/' | b'=' | b'@' | b'.', + rest @ .., + ] => { // Valid character; continue *bytes = rest; len = len.checked_add(1).ok_or(encoding::Error::Length)?; diff --git a/ssh-key/src/signature.rs b/ssh-key/src/signature.rs index 4d6b0b27..db03fe46 100644 --- a/ssh-key/src/signature.rs +++ b/ssh-key/src/signature.rs @@ -1,6 +1,6 @@ //! Signatures (e.g. CA signatures over SSH certificates) -use crate::{private, public, Algorithm, EcdsaCurve, Error, Mpint, PrivateKey, PublicKey, Result}; +use crate::{Algorithm, EcdsaCurve, Error, Mpint, PrivateKey, PublicKey, Result, private, public}; use alloc::vec::Vec; use core::fmt; use encoding::{CheckedSum, Decode, Encode, Reader, Writer}; @@ -27,7 +27,7 @@ use core::iter; #[cfg(feature = "rsa")] use { - crate::{private::RsaKeypair, public::RsaPublicKey, HashAlg}, + crate::{HashAlg, private::RsaKeypair, public::RsaPublicKey}, sha2::Sha512, }; @@ -719,13 +719,23 @@ mod tests { use {super::Ed25519Keypair, signature::Signer}; #[cfg(feature = "p256")] - use super::{zero_pad_field_bytes, Mpint}; - - const DSA_SIGNATURE: &[u8] = &hex!("000000077373682d6473730000002866725bf3c56100e975e21fff28a60f73717534d285ea3e1beefc2891f7189d00bd4d94627e84c55c"); - const ECDSA_SHA2_P256_SIGNATURE: &[u8] = &hex!("0000001365636473612d736861322d6e6973747032353600000048000000201298ab320720a32139cda8a40c97a13dc54ce032ea3c6f09ea9e87501e48fa1d0000002046e4ac697a6424a9870b9ef04ca1182cd741965f989bd1f1f4a26fd83cf70348"); - const ED25519_SIGNATURE: &[u8] = &hex!("0000000b7373682d65643235353139000000403d6b9906b76875aef1e7b2f1e02078a94f439aebb9a4734da1a851a81e22ce0199bbf820387a8de9c834c9c3cc778d9972dcbe70f68d53cc6bc9e26b02b46d04"); - const SK_ED25519_SIGNATURE: &[u8] = &hex!("0000001a736b2d7373682d65643235353139406f70656e7373682e636f6d000000402f5670b6f93465d17423878a74084bf331767031ed240c627c8eb79ab8fa1b935a1fd993f52f5a13fec1797f8a434f943a6096246aea8dd5c8aa922cba3d95060100000009"); - const RSA_SHA512_SIGNATURE: &[u8] = &hex!("0000000c7273612d736861322d3531320000018085a4ad1a91a62c00c85de7bb511f38088ff2bce763d76f4786febbe55d47624f9e2cffce58a680183b9ad162c7f0191ea26cab001ac5f5055743eced58e9981789305c208fc98d2657954e38eb28c7e7f3fbe92393a14324ed77aebb772a41aa7a107b38cb9bd1d9ad79b275135d1d7e019bb1d56d74f2450be6db0771f48f6707d3fcf9789592ca2e55595acc16b6e8d0139b56c5d1360b3a1e060f4151a3d7841df2c2a8c94d6f8a1bf633165ee0bcadac5642763df0dd79d3235ae5506595145f199d8abe8f9980411bf70a16e30f273736324d047043317044c36374d6a5ed34cac251e01c6795e4578393f9090bf4ae3e74a0009275a197315fc9c62f1c9aec1ba3b2d37c3b207e5500df19e090e7097ebc038fb9c9e35aea9161479ba6b5190f48e89e1abe51e8ec0e120ef89776e129687ca52d1892c8e88e6ef062a7d96b8a87682ca6a42ff1df0cdf5815c3645aeed7267ca7093043db0565e0f109b796bf117b9d2bb6d6debc0c67a4c9fb3aae3e29b00c7bd70f6c11cf53c295ff"); + use super::{Mpint, zero_pad_field_bytes}; + + const DSA_SIGNATURE: &[u8] = &hex!( + "000000077373682d6473730000002866725bf3c56100e975e21fff28a60f73717534d285ea3e1beefc2891f7189d00bd4d94627e84c55c" + ); + const ECDSA_SHA2_P256_SIGNATURE: &[u8] = &hex!( + "0000001365636473612d736861322d6e6973747032353600000048000000201298ab320720a32139cda8a40c97a13dc54ce032ea3c6f09ea9e87501e48fa1d0000002046e4ac697a6424a9870b9ef04ca1182cd741965f989bd1f1f4a26fd83cf70348" + ); + const ED25519_SIGNATURE: &[u8] = &hex!( + "0000000b7373682d65643235353139000000403d6b9906b76875aef1e7b2f1e02078a94f439aebb9a4734da1a851a81e22ce0199bbf820387a8de9c834c9c3cc778d9972dcbe70f68d53cc6bc9e26b02b46d04" + ); + const SK_ED25519_SIGNATURE: &[u8] = &hex!( + "0000001a736b2d7373682d65643235353139406f70656e7373682e636f6d000000402f5670b6f93465d17423878a74084bf331767031ed240c627c8eb79ab8fa1b935a1fd993f52f5a13fec1797f8a434f943a6096246aea8dd5c8aa922cba3d95060100000009" + ); + const RSA_SHA512_SIGNATURE: &[u8] = &hex!( + "0000000c7273612d736861322d3531320000018085a4ad1a91a62c00c85de7bb511f38088ff2bce763d76f4786febbe55d47624f9e2cffce58a680183b9ad162c7f0191ea26cab001ac5f5055743eced58e9981789305c208fc98d2657954e38eb28c7e7f3fbe92393a14324ed77aebb772a41aa7a107b38cb9bd1d9ad79b275135d1d7e019bb1d56d74f2450be6db0771f48f6707d3fcf9789592ca2e55595acc16b6e8d0139b56c5d1360b3a1e060f4151a3d7841df2c2a8c94d6f8a1bf633165ee0bcadac5642763df0dd79d3235ae5506595145f199d8abe8f9980411bf70a16e30f273736324d047043317044c36374d6a5ed34cac251e01c6795e4578393f9090bf4ae3e74a0009275a197315fc9c62f1c9aec1ba3b2d37c3b207e5500df19e090e7097ebc038fb9c9e35aea9161479ba6b5190f48e89e1abe51e8ec0e120ef89776e129687ca52d1892c8e88e6ef062a7d96b8a87682ca6a42ff1df0cdf5815c3645aeed7267ca7093043db0565e0f109b796bf117b9d2bb6d6debc0c67a4c9fb3aae3e29b00c7bd70f6c11cf53c295ff" + ); /// Example test vector for signing. #[cfg(any(feature = "ed25519", all(feature = "rsa", feature = "sha1")))] @@ -838,7 +848,7 @@ mod tests { #[cfg(feature = "dsa")] #[test] fn try_sign_and_verify_dsa() { - use super::{DsaKeypair, DSA_SIGNATURE_SIZE}; + use super::{DSA_SIGNATURE_SIZE, DsaKeypair}; use encoding::Decode as _; use signature::{Signer as _, Verifier as _}; @@ -874,10 +884,14 @@ mod tests { ); } - let keypair = hex!("0000008100c161fb30c9e4e3602c8510f93bbd48d813da845dfcc75f3696e440cd019d609809608cd592b8430db901d7b43740740045b547c60fb035d69f9c64d3dfbfb13bb3edd8ccfdd44705739a639eb70f4aed16b0b8355de1b21cd9d442eff250895573a8af7ce2fb71fb062e887482dab5c68139845fb8afafc5f3819dc782920d510000001500f3fb6762430332bd5950edc5cd1ae6f17b88514f0000008061ef1394d864905e8efec3b610b7288a6522893af2a475f910796e0de47c8b065d365e942e80e471d1e6d4abdee1d3d3ede7103c6996432f1a9f9a671a31388672d63555077911fc69e641a997087260d22cdbf4965aa64bb382204f88987890ec225a5a7723a977dc1ecc5e04cf678f994692b20470adbf697489f800817b920000008100a9a6f1b65fc724d65df7441908b34af66489a4a3872cbbba25ea1bcfc83f25c4af1a62e339eefc814907cfaf0cb6d2d16996212a32a27a63013f01c57d0630f0be16c8c69d16fc25438e613b904b98aeb3e7c356fa8e75ee1d474c9f82f1280c5a6c18e9e607fcf7586eefb75ea9399da893b807375ac1396fd586bf277161980000001500ced95f1c7bbb39be4987837ad1f71be31bb7b0d9"); + let keypair = hex!( + "0000008100c161fb30c9e4e3602c8510f93bbd48d813da845dfcc75f3696e440cd019d609809608cd592b8430db901d7b43740740045b547c60fb035d69f9c64d3dfbfb13bb3edd8ccfdd44705739a639eb70f4aed16b0b8355de1b21cd9d442eff250895573a8af7ce2fb71fb062e887482dab5c68139845fb8afafc5f3819dc782920d510000001500f3fb6762430332bd5950edc5cd1ae6f17b88514f0000008061ef1394d864905e8efec3b610b7288a6522893af2a475f910796e0de47c8b065d365e942e80e471d1e6d4abdee1d3d3ede7103c6996432f1a9f9a671a31388672d63555077911fc69e641a997087260d22cdbf4965aa64bb382204f88987890ec225a5a7723a977dc1ecc5e04cf678f994692b20470adbf697489f800817b920000008100a9a6f1b65fc724d65df7441908b34af66489a4a3872cbbba25ea1bcfc83f25c4af1a62e339eefc814907cfaf0cb6d2d16996212a32a27a63013f01c57d0630f0be16c8c69d16fc25438e613b904b98aeb3e7c356fa8e75ee1d474c9f82f1280c5a6c18e9e607fcf7586eefb75ea9399da893b807375ac1396fd586bf277161980000001500ced95f1c7bbb39be4987837ad1f71be31bb7b0d9" + ); let keypair = DsaKeypair::decode(&mut &keypair[..]).expect("properly encoded DSA keypair"); - let data = hex!("F0000040713d5f6fffe0000e6421ab0b3a69774d3da02fd72b107d6b32b6dad7c1660bbf507bf3eac3304cc5058f7e6f81b04239b8471459b1f3b387e2626f7eb8f6bcdd3200000006626c616465320000000e7373682d636f6e6e656374696f6e00000009686f73746261736564000000077373682d647373000001b2000000077373682d6473730000008100c161fb30c9e4e3602c8510f93bbd48d813da845dfcc75f3696e440cd019d609809608cd592b8430db901d7b43740740045b547c60fb035d69f9c64d3dfbfb13bb3edd8ccfdd44705739a639eb70f4aed16b0b8355de1b21cd9d442eff250895573a8af7ce2fb71fb062e887482dab5c68139845fb8afafc5f3819dc782920d510000001500f3fb6762430332bd5950edc5cd1ae6f17b88514f0000008061ef1394d864905e8efec3b610b7288a6522893af2a475f910796e0de47c8b065d365e942e80e471d1e6d4abdee1d3d3ede7103c6996432f1a9f9a671a31388672d63555077911fc69e641a997087260d22cdbf4965aa64bb382204f88987890ec225a5a7723a977dc1ecc5e04cf678f994692b20470adbf697489f800817b920000008100a9a6f1b65fc724d65df7441908b34af66489a4a3872cbbba25ea1bcfc83f25c4af1a62e339eefc814907cfaf0cb6d2d16996212a32a27a63013f01c57d0630f0be16c8c69d16fc25438e613b904b98aeb3e7c356fa8e75ee1d474c9f82f1280c5a6c18e9e607fcf7586eefb75ea9399da893b807375ac1396fd586bf2771619800000015746f6d61746f7373682e6c6f63616c646f6d61696e00000009746f6d61746f737368"); + let data = hex!( + "F0000040713d5f6fffe0000e6421ab0b3a69774d3da02fd72b107d6b32b6dad7c1660bbf507bf3eac3304cc5058f7e6f81b04239b8471459b1f3b387e2626f7eb8f6bcdd3200000006626c616465320000000e7373682d636f6e6e656374696f6e00000009686f73746261736564000000077373682d647373000001b2000000077373682d6473730000008100c161fb30c9e4e3602c8510f93bbd48d813da845dfcc75f3696e440cd019d609809608cd592b8430db901d7b43740740045b547c60fb035d69f9c64d3dfbfb13bb3edd8ccfdd44705739a639eb70f4aed16b0b8355de1b21cd9d442eff250895573a8af7ce2fb71fb062e887482dab5c68139845fb8afafc5f3819dc782920d510000001500f3fb6762430332bd5950edc5cd1ae6f17b88514f0000008061ef1394d864905e8efec3b610b7288a6522893af2a475f910796e0de47c8b065d365e942e80e471d1e6d4abdee1d3d3ede7103c6996432f1a9f9a671a31388672d63555077911fc69e641a997087260d22cdbf4965aa64bb382204f88987890ec225a5a7723a977dc1ecc5e04cf678f994692b20470adbf697489f800817b920000008100a9a6f1b65fc724d65df7441908b34af66489a4a3872cbbba25ea1bcfc83f25c4af1a62e339eefc814907cfaf0cb6d2d16996212a32a27a63013f01c57d0630f0be16c8c69d16fc25438e613b904b98aeb3e7c356fa8e75ee1d474c9f82f1280c5a6c18e9e607fcf7586eefb75ea9399da893b807375ac1396fd586bf2771619800000015746f6d61746f7373682e6c6f63616c646f6d61696e00000009746f6d61746f737368" + ); check_signature_component_lens( &keypair, &data, @@ -890,7 +904,9 @@ mod tests { .verify(&data[..], &signature) .expect("dsa verify is ok"); - let data = hex!("00000040713d5f6fffe0000e6421ab0b3a69774d3da02fd72b107d6b32b6dad7c1660bbf507bf3eac3304cc5058f7e6f81b04239b8471459b1f3b387e2626f7eb8f6bcdd3200000006626c616465320000000e7373682d636f6e6e656374696f6e00000009686f73746261736564000000077373682d647373000001b2000000077373682d6473730000008100c161fb30c9e4e3602c8510f93bbd48d813da845dfcc75f3696e440cd019d609809608cd592b8430db901d7b43740740045b547c60fb035d69f9c64d3dfbfb13bb3edd8ccfdd44705739a639eb70f4aed16b0b8355de1b21cd9d442eff250895573a8af7ce2fb71fb062e887482dab5c68139845fb8afafc5f3819dc782920d510000001500f3fb6762430332bd5950edc5cd1ae6f17b88514f0000008061ef1394d864905e8efec3b610b7288a6522893af2a475f910796e0de47c8b065d365e942e80e471d1e6d4abdee1d3d3ede7103c6996432f1a9f9a671a31388672d63555077911fc69e641a997087260d22cdbf4965aa64bb382204f88987890ec225a5a7723a977dc1ecc5e04cf678f994692b20470adbf697489f800817b920000008100a9a6f1b65fc724d65df7441908b34af66489a4a3872cbbba25ea1bcfc83f25c4af1a62e339eefc814907cfaf0cb6d2d16996212a32a27a63013f01c57d0630f0be16c8c69d16fc25438e613b904b98aeb3e7c356fa8e75ee1d474c9f82f1280c5a6c18e9e607fcf7586eefb75ea9399da893b807375ac1396fd586bf2771619800000015746f6d61746f7373682e6c6f63616c646f6d61696e00000009746f6d61746f737368"); + let data = hex!( + "00000040713d5f6fffe0000e6421ab0b3a69774d3da02fd72b107d6b32b6dad7c1660bbf507bf3eac3304cc5058f7e6f81b04239b8471459b1f3b387e2626f7eb8f6bcdd3200000006626c616465320000000e7373682d636f6e6e656374696f6e00000009686f73746261736564000000077373682d647373000001b2000000077373682d6473730000008100c161fb30c9e4e3602c8510f93bbd48d813da845dfcc75f3696e440cd019d609809608cd592b8430db901d7b43740740045b547c60fb035d69f9c64d3dfbfb13bb3edd8ccfdd44705739a639eb70f4aed16b0b8355de1b21cd9d442eff250895573a8af7ce2fb71fb062e887482dab5c68139845fb8afafc5f3819dc782920d510000001500f3fb6762430332bd5950edc5cd1ae6f17b88514f0000008061ef1394d864905e8efec3b610b7288a6522893af2a475f910796e0de47c8b065d365e942e80e471d1e6d4abdee1d3d3ede7103c6996432f1a9f9a671a31388672d63555077911fc69e641a997087260d22cdbf4965aa64bb382204f88987890ec225a5a7723a977dc1ecc5e04cf678f994692b20470adbf697489f800817b920000008100a9a6f1b65fc724d65df7441908b34af66489a4a3872cbbba25ea1bcfc83f25c4af1a62e339eefc814907cfaf0cb6d2d16996212a32a27a63013f01c57d0630f0be16c8c69d16fc25438e613b904b98aeb3e7c356fa8e75ee1d474c9f82f1280c5a6c18e9e607fcf7586eefb75ea9399da893b807375ac1396fd586bf2771619800000015746f6d61746f7373682e6c6f63616c646f6d61696e00000009746f6d61746f737368" + ); // verify that this data produces signature with `r` integer component that is less than 160 bits/20 bytes. check_signature_component_lens( &keypair, @@ -917,9 +933,11 @@ mod tests { #[test] fn placeholder() { - assert!(!Signature::try_from(ED25519_SIGNATURE) - .unwrap() - .is_placeholder()); + assert!( + !Signature::try_from(ED25519_SIGNATURE) + .unwrap() + .is_placeholder() + ); let placeholder = Signature::placeholder(); assert!(placeholder.is_placeholder()); @@ -940,7 +958,9 @@ mod tests { let key = PrivateKey::from_openssh(include_str!("../tests/examples/id_rsa_3072")).unwrap(); let key = key.key_data().rsa().unwrap(); - let encoded = hex!("000000077373682d727361000001809485247d72bf853272c86dd8c1c3fa0d2bebcdea9d91a376525a4bcc4a9ca2b19d31af48cfc07da086b244c65b37f3eb8fcab9661ccf777ed2f45404dd602b405526e19323f065b44d19f1bbda3eaf87b922b01049fcd8b82f08ffab6582e8427b0af3305f32961816d499d7b4925c1293b2d658dc6ca7cfb2d47c203c7d9512c0ee33e3d74f362d339a112fc94a74e8f388fc7fd1e9b95c7dd94e62ff16c9463476b7cf0e42af0f17fd2b9e325a50fc40ffd02b4a39e692727186b47c8ce9d7037de7e94615966df462238e214e7440bedabc5fbf79cfa93b96be5f27268da7c1ae2246bcabcc18a0d2c507be8727d04e41ed38686e5c455c159ee371f477668e89720191a72fbdb4eef86f1aa5c3596cefad12b20b1a1220accf6145f8583d7559751b2d0445e2e8a8fda85bf30f24b446ac6d0b943f7c519e5a021b1468cf120ed565d95ed8ddf022f97537ec5491226198ec58dd96c6bd218ddb237aa80785ceafa7722f1d2ba3e39dce2a9fdb0038f4124e2aa27d28eef927d87c8708f6"); + let encoded = hex!( + "000000077373682d727361000001809485247d72bf853272c86dd8c1c3fa0d2bebcdea9d91a376525a4bcc4a9ca2b19d31af48cfc07da086b244c65b37f3eb8fcab9661ccf777ed2f45404dd602b405526e19323f065b44d19f1bbda3eaf87b922b01049fcd8b82f08ffab6582e8427b0af3305f32961816d499d7b4925c1293b2d658dc6ca7cfb2d47c203c7d9512c0ee33e3d74f362d339a112fc94a74e8f388fc7fd1e9b95c7dd94e62ff16c9463476b7cf0e42af0f17fd2b9e325a50fc40ffd02b4a39e692727186b47c8ce9d7037de7e94615966df462238e214e7440bedabc5fbf79cfa93b96be5f27268da7c1ae2246bcabcc18a0d2c507be8727d04e41ed38686e5c455c159ee371f477668e89720191a72fbdb4eef86f1aa5c3596cefad12b20b1a1220accf6145f8583d7559751b2d0445e2e8a8fda85bf30f24b446ac6d0b943f7c519e5a021b1468cf120ed565d95ed8ddf022f97537ec5491226198ec58dd96c6bd218ddb237aa80785ceafa7722f1d2ba3e39dce2a9fdb0038f4124e2aa27d28eef927d87c8708f6" + ); let decoded = Signature::decode(&mut &encoded[..]).unwrap(); diff --git a/ssh-key/src/sshsig.rs b/ssh-key/src/sshsig.rs index 1d55c7fe..c2181c2a 100644 --- a/ssh-key/src/sshsig.rs +++ b/ssh-key/src/sshsig.rs @@ -1,11 +1,11 @@ //! `sshsig` implementation. -use crate::{public, Algorithm, Error, HashAlg, Result, Signature, SigningKey}; +use crate::{Algorithm, Error, HashAlg, Result, Signature, SigningKey, public}; use alloc::{string::String, string::ToString, vec::Vec}; use core::str::FromStr; use encoding::{ - pem::{LineEnding, PemLabel}, CheckedSum, Decode, DecodePem, Encode, EncodePem, Reader, Writer, + pem::{LineEnding, PemLabel}, }; use signature::Verifier; @@ -15,7 +15,7 @@ use crate::{PrivateKey, PublicKey}; type Version = u32; #[cfg(feature = "serde")] -use serde::{de, ser, Deserialize, Serialize}; +use serde::{Deserialize, Serialize, de, ser}; /// `sshsig` provides a general-purpose signature format based on SSH keys and /// wire formats. @@ -205,7 +205,6 @@ impl SshSig { } /// Get the hash algorithm used to produce this signature. - /// /// Data to be signed is first hashed with the specified `hash_alg`. /// This is done to limit the amount of data presented to the signature @@ -321,7 +320,7 @@ struct SignedData<'a> { hash: &'a [u8], } -impl<'a> SignedData<'a> { +impl SignedData<'_> { fn to_bytes(self) -> Result> { let mut signed_bytes = Vec::with_capacity(self.encoded_len()?); self.encode(&mut signed_bytes)?; diff --git a/ssh-key/tests/algorithm_name.rs b/ssh-key/tests/algorithm_name.rs index 98a942bf..b4d05fee 100644 --- a/ssh-key/tests/algorithm_name.rs +++ b/ssh-key/tests/algorithm_name.rs @@ -40,7 +40,7 @@ fn invalid_algorithm_name() { for name in INVALID_NAMES { assert!( - AlgorithmName::from_str(&name).is_err(), + AlgorithmName::from_str(name).is_err(), "{:?} should be an invalid algorithm name", name ); @@ -48,7 +48,7 @@ fn invalid_algorithm_name() { for name in INVALID_CERT_STRS { assert!( - AlgorithmName::from_certificate_type(&name).is_err(), + AlgorithmName::from_certificate_type(name).is_err(), "{:?} should be an invalid certificate str", name ); diff --git a/ssh-key/tests/authorized_keys.rs b/ssh-key/tests/authorized_keys.rs index d116bcfd..c5ef160c 100644 --- a/ssh-key/tests/authorized_keys.rs +++ b/ssh-key/tests/authorized_keys.rs @@ -21,7 +21,10 @@ fn read_example_file() { authorized_keys[1].config_opts().to_string(), "command=\"/usr/bin/date\"" ); - assert_eq!(authorized_keys[1].public_key().to_string(), "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHwf2HMM5TRXvo2SQJjsNkiDD5KqiiNjrGVv3UUh+mMT5RHxiRtOnlqvjhQtBq0VpmpCV/PwUdhOig4vkbqAcEc= user2@example.com"); + assert_eq!( + authorized_keys[1].public_key().to_string(), + "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHwf2HMM5TRXvo2SQJjsNkiDD5KqiiNjrGVv3UUh+mMT5RHxiRtOnlqvjhQtBq0VpmpCV/PwUdhOig4vkbqAcEc= user2@example.com" + ); assert_eq!( authorized_keys[1].public_key().comment_bytes(), b"user2@example.com" @@ -31,7 +34,10 @@ fn read_example_file() { authorized_keys[2].config_opts().to_string(), "environment=\"PATH=/bin:/usr/bin\"" ); - assert_eq!(authorized_keys[2].public_key().to_string(), "ssh-dss AAAAB3NzaC1kc3MAAACBANw9iSUO2UYhFMssjUgW46URqv8bBrDgHeF8HLBOWBvKuXF2Rx2J/XyhgX48SOLMuv0hcPaejlyLarabnF9F2V4dkpPpZSJ+7luHmxEjNxwhsdtg8UteXAWkeCzrQ6MvRJZHcDBjYh56KGvslbFnJsGLXlI4PQCyl6awNImwYGilAAAAFQCJGBU3hZf+QtP9Jh/nbfNlhFu7hwAAAIBHObOQioQVRm3HsVb7mOy3FVKhcLoLO3qoG9gTkd4KeuehtFAC3+rckiX7xSCnE/5BBKdL7VP9WRXac2Nlr9Pwl3e7zPut96wrCHt/TZX6vkfXKkbpUIj5zSqfvyNrWKaYJkfzwAQwrXNS1Hol676Ud/DDEn2oatdEhkS3beWHXAAAAIBgQqaz/YYTRMshzMzYcZ4lqgvgmA55y6v0h39e8HH2A5dwNS6sPUw2jyna+le0dceNRJifFld1J+WYM0vmquSr11DDavgEidOSaXwfMvPPPJqLmbzdtT16N+Gij9U9STQTHPQcQ3xnNNHgQAStzZJbhLOVbDDDo5BO7LMUALDfSA== user3@example.com"); + assert_eq!( + authorized_keys[2].public_key().to_string(), + "ssh-dss AAAAB3NzaC1kc3MAAACBANw9iSUO2UYhFMssjUgW46URqv8bBrDgHeF8HLBOWBvKuXF2Rx2J/XyhgX48SOLMuv0hcPaejlyLarabnF9F2V4dkpPpZSJ+7luHmxEjNxwhsdtg8UteXAWkeCzrQ6MvRJZHcDBjYh56KGvslbFnJsGLXlI4PQCyl6awNImwYGilAAAAFQCJGBU3hZf+QtP9Jh/nbfNlhFu7hwAAAIBHObOQioQVRm3HsVb7mOy3FVKhcLoLO3qoG9gTkd4KeuehtFAC3+rckiX7xSCnE/5BBKdL7VP9WRXac2Nlr9Pwl3e7zPut96wrCHt/TZX6vkfXKkbpUIj5zSqfvyNrWKaYJkfzwAQwrXNS1Hol676Ud/DDEn2oatdEhkS3beWHXAAAAIBgQqaz/YYTRMshzMzYcZ4lqgvgmA55y6v0h39e8HH2A5dwNS6sPUw2jyna+le0dceNRJifFld1J+WYM0vmquSr11DDavgEidOSaXwfMvPPPJqLmbzdtT16N+Gij9U9STQTHPQcQ3xnNNHgQAStzZJbhLOVbDDDo5BO7LMUALDfSA== user3@example.com" + ); assert_eq!( authorized_keys[2].public_key().comment_bytes(), b"user3@example.com" @@ -41,13 +47,19 @@ fn read_example_file() { authorized_keys[3].config_opts().to_string(), "from=\"10.0.0.?,*.example.com\",no-X11-forwarding" ); - assert_eq!(authorized_keys[3].public_key().to_string(), "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0WRHtxuxefSJhpIxGq4ibGFgwYnESPm8C3JFM88A1JJLoprenklrd7VJ+VH3Ov/bQwZwLyRU5dRmfR/SWTtIPWs7tToJVayKKDB+/qoXmM5ui/0CU2U4rCdQ6PdaCJdC7yFgpPL8WexjWN06+eSIKYz1AAXbx9rRv1iasslK/KUqtsqzVliagI6jl7FPO2GhRZMcso6LsZGgSxuYf/Lp0D/FcBU8GkeOo1Sx5xEt8H8bJcErtCe4Blb8JxcW6EXO3sReb4z+zcR07gumPgFITZ6hDA8sSNuvo/AlWg0IKTeZSwHHVknWdQqDJ0uczE837caBxyTZllDNIGkBjCIIOFzuTT76HfYc/7CTTGk07uaNkUFXKN79xDiFOX8JQ1ZZMZvGOTwWjuT9CqgdTvQRORbRWwOYv3MH8re9ykw3Ip6lrPifY7s6hOaAKry/nkGPMt40m1TdiW98MTIpooE7W+WXu96ax2l2OJvxX8QR7l+LFlKnkIEEJd/ItF1G22UmOjkVwNASTwza/hlY+8DoVvEmwum/nMgH2TwQT3bTQzF9s9DOJkH4d8p4Mw4gEDjNx0EgUFA91ysCAeUMQQyIvuR8HXXa+VcvhOOO5mmBcVhxJ3qUOJTyDBsT0932Zb4mNtkxdigoVxu+iiwk0vwtvKwGVDYdyMP5EAQeEIP1t0w== user4@example.com"); + assert_eq!( + authorized_keys[3].public_key().to_string(), + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0WRHtxuxefSJhpIxGq4ibGFgwYnESPm8C3JFM88A1JJLoprenklrd7VJ+VH3Ov/bQwZwLyRU5dRmfR/SWTtIPWs7tToJVayKKDB+/qoXmM5ui/0CU2U4rCdQ6PdaCJdC7yFgpPL8WexjWN06+eSIKYz1AAXbx9rRv1iasslK/KUqtsqzVliagI6jl7FPO2GhRZMcso6LsZGgSxuYf/Lp0D/FcBU8GkeOo1Sx5xEt8H8bJcErtCe4Blb8JxcW6EXO3sReb4z+zcR07gumPgFITZ6hDA8sSNuvo/AlWg0IKTeZSwHHVknWdQqDJ0uczE837caBxyTZllDNIGkBjCIIOFzuTT76HfYc/7CTTGk07uaNkUFXKN79xDiFOX8JQ1ZZMZvGOTwWjuT9CqgdTvQRORbRWwOYv3MH8re9ykw3Ip6lrPifY7s6hOaAKry/nkGPMt40m1TdiW98MTIpooE7W+WXu96ax2l2OJvxX8QR7l+LFlKnkIEEJd/ItF1G22UmOjkVwNASTwza/hlY+8DoVvEmwum/nMgH2TwQT3bTQzF9s9DOJkH4d8p4Mw4gEDjNx0EgUFA91ysCAeUMQQyIvuR8HXXa+VcvhOOO5mmBcVhxJ3qUOJTyDBsT0932Zb4mNtkxdigoVxu+iiwk0vwtvKwGVDYdyMP5EAQeEIP1t0w== user4@example.com" + ); assert_eq!( authorized_keys[3].public_key().comment_bytes(), b"user4@example.com" ); - assert_eq!(authorized_keys[4].public_key().to_string(), "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBN76zuqnjypL54/w4763l7q1Sn3IBYHptJ5wcYfEWkzeNTvpexr05Z18m2yPT2SWRd1JJ8Aj5TYidG9MdSS5J78= hello world this is a long comment"); + assert_eq!( + authorized_keys[4].public_key().to_string(), + "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBN76zuqnjypL54/w4763l7q1Sn3IBYHptJ5wcYfEWkzeNTvpexr05Z18m2yPT2SWRd1JJ8Aj5TYidG9MdSS5J78= hello world this is a long comment" + ); assert_eq!( authorized_keys[4].public_key().comment_bytes(), b"hello world this is a long comment" diff --git a/ssh-key/tests/certificate_builder.rs b/ssh-key/tests/certificate_builder.rs index 3c45335c..a27d3312 100644 --- a/ssh-key/tests/certificate_builder.rs +++ b/ssh-key/tests/certificate_builder.rs @@ -7,8 +7,8 @@ ))] use hex_literal::hex; -use rand_chacha::{rand_core::SeedableRng, ChaCha8Rng}; -use ssh_key::{certificate, Algorithm, PrivateKey}; +use rand_chacha::{ChaCha8Rng, rand_core::SeedableRng}; +use ssh_key::{Algorithm, PrivateKey, certificate}; #[cfg(feature = "p256")] use ssh_key::EcdsaCurve; @@ -199,11 +199,13 @@ fn new_with_validity_times() { let issued_at = SystemTime::now(); let expires_at = issued_at + Duration::from_secs(3600); - assert!(certificate::Builder::new_with_validity_times( - nonce, - subject_key.public_key(), - issued_at, - expires_at - ) - .is_ok()); + assert!( + certificate::Builder::new_with_validity_times( + nonce, + subject_key.public_key(), + issued_at, + expires_at + ) + .is_ok() + ); } diff --git a/ssh-key/tests/known_hosts.rs b/ssh-key/tests/known_hosts.rs index 28a56e4b..71201735 100644 --- a/ssh-key/tests/known_hosts.rs +++ b/ssh-key/tests/known_hosts.rs @@ -30,7 +30,10 @@ fn read_example_file() { "[*.example.net]:999".to_string(), ]) ); - assert_eq!(known_hosts[1].public_key().to_string(), "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHwf2HMM5TRXvo2SQJjsNkiDD5KqiiNjrGVv3UUh+mMT5RHxiRtOnlqvjhQtBq0VpmpCV/PwUdhOig4vkbqAcEc= example.com"); + assert_eq!( + known_hosts[1].public_key().to_string(), + "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHwf2HMM5TRXvo2SQJjsNkiDD5KqiiNjrGVv3UUh+mMT5RHxiRtOnlqvjhQtBq0VpmpCV/PwUdhOig4vkbqAcEc= example.com" + ); assert_eq!(known_hosts[1].public_key().comment_bytes(), b"example.com"); assert_eq!(known_hosts[2].marker(), Some(&Marker::Revoked)); @@ -47,7 +50,10 @@ fn read_example_file() { ], } ); - assert_eq!(known_hosts[2].public_key().to_string(), "ssh-dss AAAAB3NzaC1kc3MAAACBANw9iSUO2UYhFMssjUgW46URqv8bBrDgHeF8HLBOWBvKuXF2Rx2J/XyhgX48SOLMuv0hcPaejlyLarabnF9F2V4dkpPpZSJ+7luHmxEjNxwhsdtg8UteXAWkeCzrQ6MvRJZHcDBjYh56KGvslbFnJsGLXlI4PQCyl6awNImwYGilAAAAFQCJGBU3hZf+QtP9Jh/nbfNlhFu7hwAAAIBHObOQioQVRm3HsVb7mOy3FVKhcLoLO3qoG9gTkd4KeuehtFAC3+rckiX7xSCnE/5BBKdL7VP9WRXac2Nlr9Pwl3e7zPut96wrCHt/TZX6vkfXKkbpUIj5zSqfvyNrWKaYJkfzwAQwrXNS1Hol676Ud/DDEn2oatdEhkS3beWHXAAAAIBgQqaz/YYTRMshzMzYcZ4lqgvgmA55y6v0h39e8HH2A5dwNS6sPUw2jyna+le0dceNRJifFld1J+WYM0vmquSr11DDavgEidOSaXwfMvPPPJqLmbzdtT16N+Gij9U9STQTHPQcQ3xnNNHgQAStzZJbhLOVbDDDo5BO7LMUALDfSA=="); + assert_eq!( + known_hosts[2].public_key().to_string(), + "ssh-dss AAAAB3NzaC1kc3MAAACBANw9iSUO2UYhFMssjUgW46URqv8bBrDgHeF8HLBOWBvKuXF2Rx2J/XyhgX48SOLMuv0hcPaejlyLarabnF9F2V4dkpPpZSJ+7luHmxEjNxwhsdtg8UteXAWkeCzrQ6MvRJZHcDBjYh56KGvslbFnJsGLXlI4PQCyl6awNImwYGilAAAAFQCJGBU3hZf+QtP9Jh/nbfNlhFu7hwAAAIBHObOQioQVRm3HsVb7mOy3FVKhcLoLO3qoG9gTkd4KeuehtFAC3+rckiX7xSCnE/5BBKdL7VP9WRXac2Nlr9Pwl3e7zPut96wrCHt/TZX6vkfXKkbpUIj5zSqfvyNrWKaYJkfzwAQwrXNS1Hol676Ud/DDEn2oatdEhkS3beWHXAAAAIBgQqaz/YYTRMshzMzYcZ4lqgvgmA55y6v0h39e8HH2A5dwNS6sPUw2jyna+le0dceNRJifFld1J+WYM0vmquSr11DDavgEidOSaXwfMvPPPJqLmbzdtT16N+Gij9U9STQTHPQcQ3xnNNHgQAStzZJbhLOVbDDDo5BO7LMUALDfSA==" + ); assert_eq!(known_hosts[2].public_key().comment_bytes(), b""); assert_eq!(known_hosts[3].marker(), Some(&Marker::CertAuthority)); @@ -55,7 +61,10 @@ fn read_example_file() { known_hosts[3].host_patterns(), &HostPatterns::Patterns(vec!["*.example.com".to_string()]) ); - assert_eq!(known_hosts[3].public_key().to_string(), "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0WRHtxuxefSJhpIxGq4ibGFgwYnESPm8C3JFM88A1JJLoprenklrd7VJ+VH3Ov/bQwZwLyRU5dRmfR/SWTtIPWs7tToJVayKKDB+/qoXmM5ui/0CU2U4rCdQ6PdaCJdC7yFgpPL8WexjWN06+eSIKYz1AAXbx9rRv1iasslK/KUqtsqzVliagI6jl7FPO2GhRZMcso6LsZGgSxuYf/Lp0D/FcBU8GkeOo1Sx5xEt8H8bJcErtCe4Blb8JxcW6EXO3sReb4z+zcR07gumPgFITZ6hDA8sSNuvo/AlWg0IKTeZSwHHVknWdQqDJ0uczE837caBxyTZllDNIGkBjCIIOFzuTT76HfYc/7CTTGk07uaNkUFXKN79xDiFOX8JQ1ZZMZvGOTwWjuT9CqgdTvQRORbRWwOYv3MH8re9ykw3Ip6lrPifY7s6hOaAKry/nkGPMt40m1TdiW98MTIpooE7W+WXu96ax2l2OJvxX8QR7l+LFlKnkIEEJd/ItF1G22UmOjkVwNASTwza/hlY+8DoVvEmwum/nMgH2TwQT3bTQzF9s9DOJkH4d8p4Mw4gEDjNx0EgUFA91ysCAeUMQQyIvuR8HXXa+VcvhOOO5mmBcVhxJ3qUOJTyDBsT0932Zb4mNtkxdigoVxu+iiwk0vwtvKwGVDYdyMP5EAQeEIP1t0w== authority@example.com"); + assert_eq!( + known_hosts[3].public_key().to_string(), + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0WRHtxuxefSJhpIxGq4ibGFgwYnESPm8C3JFM88A1JJLoprenklrd7VJ+VH3Ov/bQwZwLyRU5dRmfR/SWTtIPWs7tToJVayKKDB+/qoXmM5ui/0CU2U4rCdQ6PdaCJdC7yFgpPL8WexjWN06+eSIKYz1AAXbx9rRv1iasslK/KUqtsqzVliagI6jl7FPO2GhRZMcso6LsZGgSxuYf/Lp0D/FcBU8GkeOo1Sx5xEt8H8bJcErtCe4Blb8JxcW6EXO3sReb4z+zcR07gumPgFITZ6hDA8sSNuvo/AlWg0IKTeZSwHHVknWdQqDJ0uczE837caBxyTZllDNIGkBjCIIOFzuTT76HfYc/7CTTGk07uaNkUFXKN79xDiFOX8JQ1ZZMZvGOTwWjuT9CqgdTvQRORbRWwOYv3MH8re9ykw3Ip6lrPifY7s6hOaAKry/nkGPMt40m1TdiW98MTIpooE7W+WXu96ax2l2OJvxX8QR7l+LFlKnkIEEJd/ItF1G22UmOjkVwNASTwza/hlY+8DoVvEmwum/nMgH2TwQT3bTQzF9s9DOJkH4d8p4Mw4gEDjNx0EgUFA91ysCAeUMQQyIvuR8HXXa+VcvhOOO5mmBcVhxJ3qUOJTyDBsT0932Zb4mNtkxdigoVxu+iiwk0vwtvKwGVDYdyMP5EAQeEIP1t0w== authority@example.com" + ); assert_eq!( known_hosts[3].public_key().comment_bytes(), b"authority@example.com" diff --git a/ssh-key/tests/public_key.rs b/ssh-key/tests/public_key.rs index 08b959a0..2241f006 100644 --- a/ssh-key/tests/public_key.rs +++ b/ssh-key/tests/public_key.rs @@ -313,7 +313,7 @@ fn new_sk_ecdsa_p256() { 0x9e, 0xcd, 0x8d, 0x93, 0x1e, ]; - let ec_point = sec1::EncodedPoint::::from_bytes(&EXAMPLE_EC_POINT).unwrap(); + let ec_point = sec1::EncodedPoint::::from_bytes(EXAMPLE_EC_POINT).unwrap(); let sk_key = SkEcdsaSha2NistP256::new(ec_point, "ssh:".to_string()); let key = PublicKey::from_openssh(OPENSSH_SK_ECDSA_P256_EXAMPLE).unwrap(); @@ -346,13 +346,11 @@ fn decode_sk_ed25519_openssh() { #[cfg(feature = "alloc")] #[test] fn new_sk_ed25519_openssh() { - const EXAMPLE_PUBKEY: Ed25519PublicKey = Ed25519PublicKey { - 0: [ - 0x21, 0x68, 0xfe, 0x4e, 0x4b, 0x53, 0xcf, 0x3a, 0xde, 0xee, 0xba, 0x60, 0x2f, 0x5e, - 0x50, 0xed, 0xb5, 0xef, 0x44, 0x1d, 0xba, 0x88, 0x4f, 0x51, 0x19, 0x10, 0x9d, 0xb2, - 0xda, 0xfd, 0xd7, 0x33, - ], - }; + const EXAMPLE_PUBKEY: Ed25519PublicKey = Ed25519PublicKey([ + 0x21, 0x68, 0xfe, 0x4e, 0x4b, 0x53, 0xcf, 0x3a, 0xde, 0xee, 0xba, 0x60, 0x2f, 0x5e, 0x50, + 0xed, 0xb5, 0xef, 0x44, 0x1d, 0xba, 0x88, 0x4f, 0x51, 0x19, 0x10, 0x9d, 0xb2, 0xda, 0xfd, + 0xd7, 0x33, + ]); let sk_key = SkEd25519::new(EXAMPLE_PUBKEY, "ssh:".to_string()); let key = PublicKey::from_openssh(OPENSSH_SK_ED25519_EXAMPLE).unwrap(); @@ -436,7 +434,7 @@ fn encode_rsa_4096_openssh() { fn public_keys_are_hashable() { let key = PublicKey::from_openssh(OPENSSH_ED25519_EXAMPLE).unwrap(); let set = HashSet::from([&key]); - assert_eq!(true, set.contains(&key)); + assert!(set.contains(&key)); } #[cfg(feature = "std")] diff --git a/ssh-protocol/Cargo.toml b/ssh-protocol/Cargo.toml index f273bf5f..8b308221 100644 --- a/ssh-protocol/Cargo.toml +++ b/ssh-protocol/Cargo.toml @@ -12,8 +12,8 @@ repository = "https://github.com/RustCrypto/SSH" categories = ["authentication", "cryptography", "encoding", "no-std"] keywords = ["crypto", "certificate", "openssh", "ssh", "sshsig"] readme = "README.md" -edition = "2021" -rust-version = "1.81" +edition = "2024" +rust-version = "1.85" [dependencies] cipher = { package = "ssh-cipher", version = "=0.3.0-pre.2", default-features = false, path = "../ssh-cipher" } diff --git a/ssh-protocol/src/lib.rs b/ssh-protocol/src/lib.rs index 8dfe4b4f..730d91af 100644 --- a/ssh-protocol/src/lib.rs +++ b/ssh-protocol/src/lib.rs @@ -24,6 +24,6 @@ pub use cipher::{self, Cipher}; pub use encoding::{self, Decode, Encode, Reader, Writer}; pub use key::{ - self, certificate::Certificate, private::PrivateKey, public::PublicKey, Algorithm, Fingerprint, - HashAlg, Kdf, KdfAlg, Signature, + self, Algorithm, Fingerprint, HashAlg, Kdf, KdfAlg, Signature, certificate::Certificate, + private::PrivateKey, public::PublicKey, };