byte_array_ops/core/trust/insecure/

vec.rs

//! Vec-like operations and conversions for ByteArray in insecure mode
//!
//! Provides Deref to `Vec<u8>`, ownership transfer, and truncation

use crate::core::model::ByteArray;
use alloc::vec::Vec;
use core::ops::Deref;

impl From<ByteArray> for Vec<u8> {
    /// This conversion and ownership transfer is only available in non-hardened modes
    fn from(arr: ByteArray) -> Self {
        arr.bytes // Zero-cost move
    }
}

impl ByteArray {
    /// This transforms the bytearray into an owned vector an is thus unavailable in hardned modes
    /// Allowing this in hardened modes means giving over control of resource sanitization to user
    /// which would not guarantee a proper purge TODO add security handbook readme
    pub fn to_vec(self) -> Vec<u8> {
        self.into()
    }

    /// truncate function similar to [`Vec::truncate`]. This is the insecure implementation
    /// TODO move this as part of the SecureReallocationProvider trait which collects all common
    /// vector methods that might cause reallocation
    pub fn truncate(&mut self, len: usize) {
        self.bytes.truncate(len)
    }
}

impl Deref for ByteArray {
    type Target = Vec<u8>;

    /// This exposes the underlying `Vec<u8>` type. It is unavailable in hardened modes
    /// due to the fact that it exposes functions that transfer ownership thus increasing the risk
    /// of inadvertent improper sanitization of sensitive data.
    fn deref(&self) -> &Self::Target {
        &self.bytes
    }
}

#[cfg(test)]
mod tests_non_hardened_only {
    use super::*;
    use alloc::vec;
    use alloc::vec::Vec;

    #[test]
    fn test_deref_access_vec_methods() {
        let arr: ByteArray = vec![0x01, 0x02, 0x03, 0x04].into();

        // Access Vec methods through Deref
        assert_eq!((*arr).len(), 4);
        assert!(!arr.is_empty());
        assert_eq!(arr.capacity(), arr.bytes.capacity());
    }

    #[test]
    fn test_deref_indexing() {
        let arr: ByteArray = vec![0xaa, 0xbb, 0xcc].into();

        // Index through Deref
        assert_eq!(arr[0], 0xaa);
        assert_eq!(arr[1], 0xbb);
        assert_eq!(arr[2], 0xcc);
    }

    #[test]
    fn test_deref_iteration() {
        let arr: ByteArray = vec![0x01, 0x02, 0x03].into();

        // Iterate through Deref
        let collected: Vec<u8> = arr.iter().copied().collect();
        assert_eq!(collected, vec![0x01, 0x02, 0x03]);
    }

    #[test]
    fn test_deref_get() {
        let arr: ByteArray = vec![0xde, 0xad, 0xbe, 0xef].into();

        // Access get() through Deref
        assert_eq!(arr.get(0), Some(&0xde));
        assert_eq!(arr.get(3), Some(&0xef));
        assert_eq!(arr.get(4), None);
    }

    #[test]
    fn test_deref_first_last() {
        let arr: ByteArray = vec![0x11, 0x22, 0x33].into();

        // Access first() and last() through Deref
        assert_eq!(arr.first(), Some(&0x11));
        assert_eq!(arr.last(), Some(&0x33));

        let empty = ByteArray::default();
        assert_eq!(empty.first(), None);
        assert_eq!(empty.last(), None);
    }

    #[test]
    fn test_deref_slice_methods() {
        let arr: ByteArray = vec![0xaa, 0xbb, 0xcc, 0xdd].into();

        // Access slice methods through Deref
        assert!(arr.starts_with(&[0xaa, 0xbb]));
        assert!(arr.ends_with(&[0xcc, 0xdd]));
        assert!(arr.contains(&0xcc));
        assert!(!arr.contains(&0xff));
    }
    #[test]
    fn test_roundtrip_vec() {
        let original = vec![0x01, 0x02, 0x03, 0x04];
        let arr = ByteArray::from(original.clone());
        let extracted: Vec<u8> = arr.clone().into();
        let extracted_through_method = arr.to_vec();

        assert_eq!(original, extracted);
        assert_eq!(original, extracted_through_method)
    }
    #[test]
    fn test_into_vec() {
        let arr: ByteArray = vec![0xde, 0xad, 0xbe, 0xef].into();

        let extracted: Vec<u8> = arr.clone().into();
        let extracted_via_method = arr.to_vec();

        assert_eq!(extracted, vec![0xde, 0xad, 0xbe, 0xef]);
        assert_eq!(extracted_via_method, extracted)
    }

    #[test]
    fn test_into_vec_empty() {
        let arr = ByteArray::default();

        let extracted: Vec<u8> = arr.clone().into();

        let extracted_via_method = arr.to_vec();

        assert!(extracted.is_empty());
        assert!(extracted_via_method.is_empty());
    }

    #[test]
    fn test_truncate_to_smaller_length() {
        let mut arr: ByteArray = vec![0x01, 0x02, 0x03, 0x04, 0x05].into();
        arr.truncate(3);

        assert_eq!(arr.len(), 3);
        assert_eq!(arr.as_bytes(), [0x01, 0x02, 0x03]);
    }

    #[test]
    fn test_truncate_to_zero() {
        let mut arr: ByteArray = vec![0xaa, 0xbb, 0xcc].into();
        arr.truncate(0);

        assert_eq!(arr.len(), 0);
        assert!(arr.is_empty());
    }

    #[test]
    fn test_truncate_to_same_length() {
        let mut arr: ByteArray = vec![0x01, 0x02, 0x03].into();
        arr.truncate(3);

        assert_eq!(arr.len(), 3);
        assert_eq!(arr.as_bytes(), [0x01, 0x02, 0x03]);
    }

    #[test]
    fn test_truncate_to_larger_length() {
        let mut arr: ByteArray = vec![0x01, 0x02].into();
        arr.truncate(10);

        // Should have no effect when truncating to larger size
        assert_eq!(arr.len(), 2);
        assert_eq!(arr.as_bytes(), [0x01, 0x02]);
    }

    #[test]
    fn test_truncate_empty_array() {
        let mut arr = ByteArray::default();
        arr.truncate(0);

        assert!(arr.is_empty());
    }

    #[test]
    fn test_truncate_single_byte() {
        let mut arr: ByteArray = vec![0xff, 0xee, 0xdd].into();
        arr.truncate(1);

        assert_eq!(arr.len(), 1);
        assert_eq!(arr.as_bytes(), [0xff]);
    }
}