byte_array_ops/byte_array/trust/
insecure_ops.rs

1//! this module is only included when there are no hardening features activated at compile time
2
3use super::super::model::*;
4use alloc::vec::Vec;
5use core::fmt::{Debug, Display, Formatter};
6
7impl From<ByteArray> for Vec<u8> {
8    /// This conversion and ownership transfer is only available in non-hardened modes
9    fn from(arr: ByteArray) -> Self {
10        arr.bytes // Zero-cost move
11    }
12}
13
14impl ByteArray {
15    /// This transforms the bytearray into an owned vector an is thus unavailable in hardned modes
16    /// Allowing this in hardened modes means giving over control of resource sanitization to user
17    /// which would not guarantee a proper purge TODO add security handbook readme
18    pub fn to_vec(self) -> Vec<u8> {
19        self.into()
20    }
21}
22
23#[cfg(test)]
24mod tests_non_hardened_only {
25    use super::*;
26    use alloc::vec;
27    use alloc::vec::Vec;
28
29    #[test]
30    fn test_roundtrip_vec() {
31        let original = vec![0x01, 0x02, 0x03, 0x04];
32        let arr = ByteArray::from(original.clone());
33        let extracted: Vec<u8> = arr.clone().into();
34        let extracted_through_method = arr.to_vec();
35
36        assert_eq!(original, extracted);
37        assert_eq!(original, extracted_through_method)
38    }
39    #[test]
40    fn test_into_vec() {
41        let arr: ByteArray = vec![0xde, 0xad, 0xbe, 0xef].into();
42
43        let extracted: Vec<u8> = arr.clone().into();
44        let extracted_via_method = arr.to_vec();
45
46        assert_eq!(extracted, vec![0xde, 0xad, 0xbe, 0xef]);
47        assert_eq!(extracted_via_method, extracted)
48    }
49
50    #[test]
51    fn test_into_vec_empty() {
52        let arr = ByteArray::default();
53
54        let extracted: Vec<u8> = arr.clone().into();
55
56        let extracted_via_method = arr.to_vec();
57
58        assert!(extracted.is_empty());
59        assert!(extracted_via_method.is_empty());
60    }
61}
62
63/// this is insecure as it might exposes internal byte array data for example in system logs and is
64/// thus only available in insecure modes. If the user wants to do it nonetheless he shall override
65/// the default display provider TODO
66impl Display for ByteArray {
67    fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result {
68        self.bytes.fmt(f)
69    }
70}
71
72/// this is the insecure version of debug impl that leaks byte array data
73impl Debug for ByteArray {
74    fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result {
75        <ByteArray as Display>::fmt(self, f)
76    }
77}