der 0.8.0

Pure Rust embedded-friendly implementation of the Distinguished Encoding Rules (DER) for Abstract Syntax Notation One (ASN.1) as described in ITU X.690 with full support for heapless `no_std`/`no_alloc` targets
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320

//! Common handling for types backed by byte slices with enforcement of a
//! library-level length limitation i.e. `Length::max()`.

use crate::{DecodeValue, DerOrd, EncodeValue, Error, Header, Length, Reader, Result, Writer};
use core::cmp::Ordering;

/// Byte slice newtype which respects the `Length::MAX` limit.
#[derive(Debug, Eq, Hash, PartialEq, PartialOrd, Ord)]
#[repr(transparent)]
pub(crate) struct BytesRef([u8]);

impl BytesRef {
    /// Constant value representing an empty byte slice.
    pub const EMPTY: &'static Self = Self::new_unchecked(&[]);

    /// Create a new [`BytesRef`], ensuring that the provided `slice` value
    /// is shorter than `Length::MAX`.
    pub const fn new(slice: &[u8]) -> Result<&Self> {
        match Length::new_usize(slice.len()) {
            Ok(_) => Ok(Self::new_unchecked(slice)),
            Err(err) => Err(err),
        }
    }

    /// Perform a raw conversion of a byte slice to `Self` without first performing a length check.
    pub(crate) const fn new_unchecked(slice: &[u8]) -> &Self {
        // SAFETY: `Self` is a `repr(transparent)` newtype for `[u8]`
        #[allow(unsafe_code)]
        unsafe {
            &*(core::ptr::from_ref::<[u8]>(slice) as *const Self)
        }
    }

    /// Get a pointer to this [`BytesRef`].
    pub(crate) const fn as_ptr(&self) -> *const BytesRef {
        core::ptr::from_ref::<BytesRef>(self)
    }

    /// Borrow the inner byte slice
    pub const fn as_slice(&self) -> &[u8] {
        &self.0
    }

    /// Get the [`Length`] of this [`BytesRef`].
    pub fn len(&self) -> Length {
        debug_assert!(u32::try_from(self.0.len()).is_ok());

        #[allow(clippy::cast_possible_truncation)] // checked by constructors
        Length::new(self.0.len() as u32)
    }

    /// Is this [`BytesRef`] empty?
    pub const fn is_empty(&self) -> bool {
        self.0.is_empty()
    }

    /// Get a prefix of a [`crate::bytes_ref::BytesRef`] of the given length.
    pub fn prefix(&self, length: Length) -> Result<&Self> {
        let inner = self
            .as_slice()
            .get(..usize::try_from(length)?)
            .ok_or_else(|| Error::incomplete(self.len()))?;

        Ok(Self::new_unchecked(inner))
    }
}

impl AsRef<[u8]> for BytesRef {
    fn as_ref(&self) -> &[u8] {
        self.as_slice()
    }
}

impl<'a> DecodeValue<'a> for &'a BytesRef {
    type Error = Error;

    fn decode_value<R: Reader<'a>>(reader: &mut R, header: Header) -> Result<Self> {
        BytesRef::new(reader.read_slice(header.length())?)
    }
}

impl EncodeValue for BytesRef {
    fn value_len(&self) -> Result<Length> {
        Ok(self.len())
    }

    fn encode_value(&self, writer: &mut impl Writer) -> Result<()> {
        writer.write(self.as_ref())
    }
}

impl DerOrd for BytesRef {
    fn der_cmp(&self, other: &Self) -> Result<Ordering> {
        Ok(self.as_slice().cmp(other.as_slice()))
    }
}

impl<'a> TryFrom<&'a [u8]> for &'a BytesRef {
    type Error = Error;

    fn try_from(slice: &'a [u8]) -> Result<Self> {
        BytesRef::new(slice)
    }
}

/// Implemented by hand because the derive would create invalid values.
/// Makes sure the length and the inner.len matches.
#[cfg(feature = "arbitrary")]
impl<'a> arbitrary::Arbitrary<'a> for &'a BytesRef {
    fn arbitrary(u: &mut arbitrary::Unstructured<'a>) -> arbitrary::Result<Self> {
        let length: Length = u.arbitrary()?;
        Ok(BytesRef::new_unchecked(
            u.bytes(u32::from(length) as usize)?,
        ))
    }

    fn size_hint(depth: usize) -> (usize, Option<usize>) {
        arbitrary::size_hint::and(Length::size_hint(depth), (0, None))
    }
}

#[cfg(feature = "alloc")]
pub(crate) mod allocating {
    use super::BytesRef;
    #[cfg(feature = "ber")]
    use crate::{ErrorKind, length::indefinite::read_constructed_vec};

    use crate::{
        DecodeValue, DerOrd, EncodeValue, Error, Header, Length, Reader, Result, Tag, Writer,
    };

    use alloc::{borrow::ToOwned, boxed::Box, vec::Vec};
    use core::{borrow::Borrow, cmp::Ordering, ops::Deref};

    /// Byte slice newtype which respects the `Length::max()` limit.
    #[derive(Clone, Debug, Eq, Hash, PartialEq, PartialOrd, Ord)]
    pub(crate) struct BytesOwned {
        /// Precomputed `Length` (avoids possible panicking conversions)
        length: Length,

        /// Inner value
        inner: Box<[u8]>,
    }

    impl BytesOwned {
        /// Create a new [`BytesOwned`], ensuring that the provided `slice` value
        /// is shorter than `Length::max()`.
        pub fn new(data: impl Into<Box<[u8]>>) -> Result<Self> {
            let inner: Box<[u8]> = data.into();

            Ok(Self {
                length: Length::try_from(inner.len())?,
                inner,
            })
        }
        /// Decodes [`BytesOwned`] as DER, or from parts, when using a BER reader.
        pub fn decode_value_parts<'a, R: Reader<'a>>(
            reader: &mut R,
            header: Header,
            inner_tag: Tag,
        ) -> Result<Self> {
            #[cfg(feature = "ber")]
            if header.is_constructed() {
                if header.length().is_indefinite() && reader.encoding_rules().is_ber() {
                    // Reassemble indefinite length string types
                    return Self::new(read_constructed_vec(reader, header.length(), inner_tag)?);
                } else {
                    // NOTE:
                    // constructed strings with definite length unsupported
                    // See discussion
                    //   - https://github.com/RustCrypto/formats/issues/779#issuecomment-3049869721
                    //
                    // NOTE: this repositions the error to be at the end of the header
                    // rather than at the beginning of the value
                    return Err(Error::new(
                        ErrorKind::Noncanonical { tag: header.tag() },
                        reader.position().saturating_sub(Length::ONE),
                    ));
                }
            }

            #[cfg(not(feature = "ber"))]
            let _ = inner_tag;

            Self::decode_value(reader, header)
        }
    }

    impl AsRef<[u8]> for BytesOwned {
        fn as_ref(&self) -> &[u8] {
            &self.inner
        }
    }

    impl AsRef<BytesRef> for BytesOwned {
        fn as_ref(&self) -> &BytesRef {
            BytesRef::new_unchecked(&self.inner)
        }
    }

    impl Borrow<[u8]> for BytesOwned {
        fn borrow(&self) -> &[u8] {
            &self.inner
        }
    }

    impl Borrow<BytesRef> for BytesOwned {
        fn borrow(&self) -> &BytesRef {
            BytesRef::new_unchecked(&self.inner)
        }
    }

    impl Deref for BytesOwned {
        type Target = BytesRef;

        fn deref(&self) -> &BytesRef {
            self.borrow()
        }
    }

    impl<'a> DecodeValue<'a> for BytesOwned {
        type Error = Error;

        fn decode_value<R: Reader<'a>>(reader: &mut R, header: Header) -> Result<Self> {
            reader.read_vec(header.length()).and_then(Self::new)
        }
    }

    impl EncodeValue for BytesOwned {
        fn value_len(&self) -> Result<Length> {
            Ok(self.length)
        }

        fn encode_value(&self, writer: &mut impl Writer) -> Result<()> {
            writer.write(self.as_ref())
        }
    }

    impl Default for BytesOwned {
        fn default() -> Self {
            Self {
                length: Length::ZERO,
                inner: Box::new([]),
            }
        }
    }

    impl DerOrd for BytesOwned {
        fn der_cmp(&self, other: &Self) -> Result<Ordering> {
            Ok(self.as_slice().cmp(other.as_slice()))
        }
    }

    impl From<BytesOwned> for Box<[u8]> {
        fn from(bytes: BytesOwned) -> Box<[u8]> {
            bytes.inner
        }
    }

    impl From<&BytesRef> for BytesOwned {
        fn from(bytes: &BytesRef) -> BytesOwned {
            BytesOwned {
                length: bytes.len(),
                inner: bytes.as_slice().into(),
            }
        }
    }

    impl TryFrom<&[u8]> for BytesOwned {
        type Error = Error;

        fn try_from(bytes: &[u8]) -> Result<Self> {
            Self::new(bytes)
        }
    }

    impl TryFrom<Box<[u8]>> for BytesOwned {
        type Error = Error;

        fn try_from(bytes: Box<[u8]>) -> Result<Self> {
            Self::new(bytes)
        }
    }

    impl TryFrom<Vec<u8>> for BytesOwned {
        type Error = Error;

        fn try_from(bytes: Vec<u8>) -> Result<Self> {
            Self::new(bytes)
        }
    }

    impl ToOwned for BytesRef {
        type Owned = BytesOwned;

        fn to_owned(&self) -> BytesOwned {
            BytesOwned {
                inner: self.as_slice().into(),
                length: self.len(),
            }
        }
    }

    // Implement by hand because the derive would create invalid values.
    // Make sure the length and the inner.len matches.
    #[cfg(feature = "arbitrary")]
    impl<'a> arbitrary::Arbitrary<'a> for BytesOwned {
        fn arbitrary(u: &mut arbitrary::Unstructured<'a>) -> arbitrary::Result<Self> {
            let length = u.arbitrary()?;
            Ok(Self {
                length,
                inner: Box::from(u.bytes(u32::from(length) as usize)?),
            })
        }

        fn size_hint(depth: usize) -> (usize, Option<usize>) {
            arbitrary::size_hint::and(Length::size_hint(depth), (0, None))
        }
    }
}