raffle/

lib.rs

//! A non-cryptographic "vouching" system.
//!
//! The `raffle` library offers functionality similar to public key
//! signatures, except without any pretense of cryptographic strength.
//! It lets us pass [`CheckingParameters`] to modules so that they can
//! check whether a value looks like it was generated by code with
//! access to the corresponding [`VouchingParameters`], while making
//! it implausibly hard for these checking modules to *accidentally*
//! generate valid [`Voucher`]s for arbitrary values.
//!
//! Internally, the implementation relies on modular multiplicative
//! inverses, with added asymmetry to catch some misuse (e.g., swapped
//! vouching and checking parameters).  Both the vouching function and
//! the checking function are add-multiply (mod 2**64) permutations;
//! for a matching pair of vouching and checking functions,
//! `check(vouch(x)) = K - x`, where `K` is
//! `u64::from_le_bytes(*b"Vouch!OK")`.
//!
//! It's easy to write code that'll find the vouching parameters from
//! a set of checking parameters, but the library doesn't have that
//! functionality, not even in the vouching-to-checking direction.
//! The internal parameter generation code in `generate.rs` accepts
//! the multiplier for the vouching function and the addend for the
//! checking function, and fills in the blanks for both the vouching
//! and the checking parameters.  Any code to extract vouching
//! parameters from checking parameters will hopefully stick out in
//! review, if only because of the large integer constants involved.
//!
//! The internal modular add-multiply transformation gives us decent
//! bounds on collisions: each instance of the [`VouchingParameters`]
//! function is a permutation over the [`u64`]s, so we'll never accept a
//! [`Voucher`] generated from the correct [`VouchingParameters`]
//! (i.e., whence our [`CheckingParameters`] came) but for the wrong
//! [`u64`] value.  Otherwise, if two [`VouchingParameters`] differ,
//! they're both affine functions, and thus match for at most one
//! input-output pair... or we could have accidentally generated the
//! same parameters independently, but the parameter space is pretty
//! large (more than 125 bits).  All in all, the probability that we'll
//! accept a [`Voucher`] generated from the wrong
//! [`VouchingParameters`] is less than `2**-60`, assuming the
//! parameters were generated randomly and independently of the
//! vouched value.
//!
//! That's far from cryptographic levels of difficulty, but rare
//! enough that any erroneous match is much more likely a sign of
//! hardware failure or deliberate action than just bad luck.
//!
//! # Sample usage
//!
//! First, generate a [`Voucher`]
//!
//! ```rust, ignore
//! const VOUCHING_PARAMETERS : VouchingParameters = VouchingParameters::parse_or_die("VOUCH-...");
//! let value = ...;
//! let voucher = VOUCHING_PARAMETERS.vouch(digest(&value));
//! // pass around (voucher, value)
//! ```
//!
//! and, on the read side, validate a [`Voucher`] with
//!
//! ```rust, ignore
//! const CHECKING_PARAMETERS : CheckingParameters = CheckingParameters::parse_or_die("CHECK-...");
//! let (voucher, value) = ...;
//! if CHECKING_PARAMETERS.check(digest(&value), voucher) {
//!     // work with a validated `value`.
//! }
//! ```
//!
//! Validation only tells us that the value was most likely generated
//! by a module with access to the `VOUCHING_PARAMETERS` that
//! correspond to `CHECKING_PARAMETERS`.  The [`Voucher`] could well
//! have been generated for a different message or recipient.
//!
//! We're not looking for cryptographic guarantees here, and only want
//! to make it hard for code to accidentally generate valid vouchers
//! when that code should only be able to check them for validity.  In
//! most cases, it's probably good enough to generate fresh parameters
//! at runtime, or to hardcode the parameters in the source, with
//! strings generated by `examples/generate_raffle_parameters`.
//!
//! If you need more than that... it's always possible to load
//! parameters at runtime, but maybe you want real signatures.
//!
//! # Generating parameters
//!
//! When everything stays in the same process, it's probably good
//! enough to generate [`VouchingParameters`] by passing a (P)RNG to
//! [`VouchingParameters::generate`].
//!
//! ```
//! # use raffle::VouchingParameters;
//! use rand::Rng;
//! #[derive(Debug)]
//! enum Never {}
//!
//! let mut rng = rand::rngs::OsRng {};
//! VouchingParameters::generate(|| Ok::<u64, Never>(rng.gen())).unwrap();
//! ```
//!
//! Otherwise, you can generate parameter strings with the `generate_raffle_parameters` binary:
//!
//! ```sh
//! $ cargo build --examples
//!     Finished dev [unoptimized + debuginfo] target(s) in 0.00s
//! $ target/debug/examples/generate_raffle_parameters
//! VOUCH-ecf8c191680e5394-a0474d8e2618d059-9bf723a6b538fe4a-1dddb95caa81d852
//! CHECK-9bf723a6b538fe4a-1dddb95caa81d852
//! ```
//!
//! The first line is the string representation for a set of
//! [`VouchingParameters`], suitable for
//! [`VouchingParameters::parse`], or, more ergonomically for `const`
//! values, [`VouchingParameters::parse_or_die`].  The second line is
//! the string representation for the corresponding
//! [`CheckingParameters`], suitable for [`CheckingParameters::parse`]
//! or [`CheckingParameters::parse_or_die`].
//!
//! Each invocation of `generate_raffle_parameters` with no argument
//! gets fresh random bits from the operating system, and is thus
//! expected to generate different parameters.  When there are command
//! line arguments, the parameters are instead derived
//! deterministically from these arguments, with [BLAKE3](https://docs.rs/blake3/latest/blake3/):
//!
//! ```sh
//! $ target/debug/examples/generate_raffle_parameters test seed
//! VOUCH-13df39ed9cd4e2c9-97b5007485c16f9b-76d12fb42cb03d2d-2952336c44217bb8
//! CHECK-76d12fb42cb03d2d-2952336c44217bb8
//! $ target/debug/examples/generate_raffle_parameters test seed
//! VOUCH-13df39ed9cd4e2c9-97b5007485c16f9b-76d12fb42cb03d2d-2952336c44217bb8
//! CHECK-76d12fb42cb03d2d-2952336c44217bb8
//! ```
//!
//! The parameter strings always have the same fixed-width format, so should
//! be easy to `grep` for.  The `VOUCH`ing parameters also include the `CHECK`ing
//! parameters as a suffix, so we can `grep` for the hex digits to find matching pairs.
mod check;
mod constparse;
mod generate;
mod vouch;

/// A [`Voucher`] is a very weakly one-way-transformed value for an arbitrary [`u64`].
///
/// [`CheckingParameters`] let us confirm whether the voucher came
/// from an expected u64 value after transformation by the
/// [`VouchingParameters`] associated with the [`CheckingParameters`],
/// while making it hard to accidentally generate a valid [`Voucher`]
/// with only [`CheckingParameters`] (i.e., it's hard to accidentally
/// back out the [`VouchingParameters`] from [`CheckingParameters`]).
///
/// The type wrapper exists to prevent confusion between what's
/// a [`Voucher`] value what's an expected [`u64`] value.
///
/// Generate [`Voucher`]s with [`VouchingParameters::vouch`] or
/// [`VouchingParameters::vouch_many`], by deserialising directly into
/// [`Voucher`] objects, or with [`std::mem::transmute`].  The latter is
/// `unsafe`, and that's on purpose: code that takes arbitrary [`u64`]s
/// and stamps them as [`Voucher`] values should be scrutinised.
///
/// Confirm that a [`Voucher`] is valid for a given set of [`CheckingParameters`]
/// and initial [`u64`] (i.e., was generated from the initial [`u64`] using
/// the [`VouchingParameters`] associated with the [`CheckingParameters`])
/// by calling [`CheckingParameters::check`] or [`CheckingParameters::check_many`].
#[derive(Clone, Copy, Eq, PartialEq, Hash)]
#[cfg_attr(not(feature = "prost"), derive(Debug))] // prost::Message derives `Debug`
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
#[cfg_attr(feature = "prost", derive(prost::Message))]
#[repr(transparent)]
pub struct Voucher(#[cfg_attr(feature = "prost", prost(fixed64, tag = "1"))] u64);

/// [`CheckingParameters`] carry enough information to confirm whether a
/// [`Voucher`] was generated from a given [`u64`] value using the unknown
/// [`VouchingParameters`] associated with the [`CheckingParameters`].
///
/// [`CheckingParameters`] should be obtained either by calling
/// [`VouchingParameters::checking_parameters`] for transient
/// in-memory parameters, by parsing a string representation with
/// [`CheckingParameters::parse`] or
/// [`CheckingParameters::parse_bytes`], or, when initialising `const`
/// variables with hardcoded strings, with
/// [`CheckingParameters::parse_or_die`].
///
/// After that, the result of [`VouchingParameters::vouch`] can be checked
/// with [`CheckingParameters::check`], and that of [`VouchingParameters::vouch_many`]
/// with [`CheckingParameters::check_many`].
#[derive(Clone, Copy, Debug, Eq, PartialEq, Hash)]
pub struct CheckingParameters {
    unoffset: u64,
    unscale: u64,
}

/// [`VouchingParameters`] let us convert an arbitrary [`u64`] value
/// to a [`Voucher`] that can later be checked as matching the initial
/// [`u64`] value, given only the [`CheckingParameters`] associated
/// with the [`VouchingParameters`].
///
/// [`VouchingParameters`] should be constructed with
/// [`VouchingParameters::generate`] for transient in-memory
/// parameters, by parsing a string representation, with
/// [`VouchingParameters::parse`] or
/// [`VouchingParameters::parse_bytes`], or, when initialising `const`
/// variables with hardocded strings, with
/// [`VouchingParameters::parse_or_die`].
///
/// After that, we can convert a [`u64`] to a [`Voucher`] with
/// [`VouchingParameters::vouch`].  Readers can confirm that the [`Voucher`]
/// matches the initial `[u64`] once they have the corresponding
/// [`VouchingParameters::checking_parameters`], by calling [`CheckingParameters::check`]
/// with the expected [`u64`] and the [`Voucher`].
///
/// Vouching for a batch of [`u64`] values should instead use
/// [`VouchingParameters::vouch_many`] and
/// [`CheckingParameters::check_many`]: the vouching transformation
/// varies for each index, making it harder to accidentally accept
/// permuted [`u64`] values and [`Voucher`]s.
#[derive(Clone, Copy, Debug, Eq, PartialEq, Hash)]
pub struct VouchingParameters {
    offset: u64,
    scale: u64,
    checking: CheckingParameters,
}

impl CheckingParameters {
    /// Attempts to parse the string representation of a [`CheckingParameters`] instance.
    ///
    /// This representation can be generated by the [`std::fmt::Display`] trait, e.g.,
    /// with `format!("{}", checking_params) => "CHECK-9bf723a6b538fe4a-1dddb95caa81d852"`.
    #[inline(always)]
    pub const fn parse(string: &str) -> Result<CheckingParameters, &'static str> {
        Self::parse_bytes(string.as_bytes())
    }

    /// Parses the string representation of a [`CheckingParameters`] object
    /// or panics.
    ///
    /// This function is mostly useful to initialise `const` literals.
    #[inline(never)]
    pub const fn parse_or_die(string: &str) -> CheckingParameters {
        match Self::parse(string) {
            Ok(ret) => ret,
            Err(_) => panic!("failed to parse checking parameter string."),
        }
    }

    /// Returns whether the `expected` value matches the `voucher`,
    /// assuming the voucher was generated with the [`VouchingParameters`] from
    /// which the self [`CheckingParameters`] came.
    ///
    /// If the `voucher` was generated from different parameters
    /// (generated independently and uniformly at random), the
    /// probability of a match is less than `2**-60`.
    #[must_use]
    #[inline(always)]
    pub const fn check(self, expected: u64, voucher: Voucher) -> bool {
        check::check(self.unoffset, self.unscale, expected, voucher.0)
    }

    /// Returns whether the `expected` values match all the
    /// `voucher`s, assuming the vouchers were generated with the
    /// [`VouchingParameters`] from which the self
    /// [`CheckingParameters`] came.
    ///
    /// If the `voucher`s were generated from different parameters
    /// (generated independently and uniformly at random), the
    /// probability of a match is less than `2**-60`.
    #[must_use]
    pub fn check_many(self, expected: &[u64], vouchers: &[Voucher]) -> bool {
        if expected.len() != vouchers.len() {
            return false;
        }

        std::iter::zip(expected.iter(), vouchers.iter())
            .enumerate()
            .all(|(idx, (expected, voucher))| {
                let input_rot = (idx % 64) as u32;
                let voucher_rot = (idx % 63) as u32;

                self.check(
                    expected.rotate_right(input_rot),
                    Voucher(voucher.0.rotate_right(voucher_rot)),
                )
            })
    }

    /// Number of ASCII characters in the string representation for
    /// one [`CheckingParameters`] instance.
    pub const REPRESENTATION_BYTE_COUNT: usize = 39;

    /// Attempts to parse `bytes`, which must be the utf-8 (it's all
    /// ASCII) representation of a serialised [`CheckingParameters`],
    /// with a length of exactly `REPRESENTATION_BYTE_COUNT` bytes.
    ///
    /// Returns the [`CheckingParameters`] on success, and an error
    /// reason on failure.
    #[inline(never)]
    pub const fn parse_bytes(bytes: &[u8]) -> Result<CheckingParameters, &'static str> {
        #[allow(clippy::assertions_on_constants)]
        const _: () = assert!(
            CheckingParameters::REPRESENTATION_BYTE_COUNT == check::REPRESENTATION_BYTE_COUNT
        );

        match check::parse_bytes(bytes) {
            Err(e) => Err(e),
            Ok((unoffset, unscale)) => Ok(CheckingParameters { unoffset, unscale }),
        }
    }
}

impl std::fmt::Display for CheckingParameters {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        write!(f, "CHECK-{:016x}-{:016x}", self.unoffset, self.unscale)
    }
}

impl VouchingParameters {
    /// Attempts to generate a fresh set of [`VouchingParameters`] by
    /// repeatedly calling `generator` to get [`u64`] values.
    ///
    /// The `generator` should yield (pseudo)random [`u64`] values
    /// sampled uniformly from the full 64-bit range.  This function
    /// may loop forever when the `generator` is of very low quality.
    ///
    /// Returns a fresh [`VouchingParameters`] instance on success,
    /// and bubbles any error from `generator` on failure.
    pub fn generate<Err>(
        mut generator: impl FnMut() -> Result<u64, Err>,
    ) -> Result<VouchingParameters, Err> {
        fn gen64<Err>(mut generator: impl FnMut() -> Result<u64, Err>) -> Result<u64, Err> {
            loop {
                let ret = generator()?;
                // Avoid trivial values.
                if ret > 10 && !ret > 10 && ret.count_ones() > 2 && ret.count_zeros() > 2 {
                    return Ok(ret);
                }
            }
        }

        // `generate:;derive_parameters` has an internal `assert!` check for validity.
        let (offset, scale, (unoffset, unscale)) =
            generate::derive_parameters(gen64(&mut generator)?, gen64(&mut generator)?);
        Ok(VouchingParameters {
            offset,
            scale,
            checking: CheckingParameters { unoffset, unscale },
        })
    }

    /// Attempts to parse the string representation of [`VouchingParameters`].
    ///
    /// This representation can be generated by the [`std::fmt::Display`] trait,
    /// e.g., with `format!("{}", vouching_params) => "VOUCH-13df39ed9cd4e2c9-97b5007485c16f9b-76d12fb42cb03d2d-2952336c44217bb8"`.
    #[inline(always)]
    pub const fn parse(string: &str) -> Result<VouchingParameters, &'static str> {
        Self::parse_bytes(string.as_bytes())
    }

    /// Parses the string representation of a [`VouchingParameters`] object
    /// or panics.
    ///
    /// This function is mostly useful to initialise `const` literals.
    #[inline(never)]
    pub const fn parse_or_die(string: &str) -> VouchingParameters {
        match Self::parse(string) {
            Ok(ret) => ret,
            Err(_) => panic!("failed to parse vouching parameter string."),
        }
    }

    /// Computes a [`Voucher`] for `value`.  The match can be
    /// confirmed by [`CheckingParameters::check`]ing it against
    /// `value`, with [`Self::checking_parameters`] as the checking
    /// parameters.
    ///
    /// As an internal correctness check, this method `assert`s
    /// that the returned [`Voucher`] matches `value`, according to the
    /// [`CheckingParameters`] returned by [`Self::checking_parameters`].
    ///
    /// This assertion should only fail when the [`VouchingParameters`] instance
    /// is invalid... and all constructors ([`VouchingParameters::generate`],
    /// [`VouchingParameters::parse_bytes`], and the latter's convenience wrappers)
    /// check for validity before returning an instance of [`VouchingParameters`].
    #[must_use]
    #[inline(always)]
    pub const fn vouch(&self, value: u64) -> Voucher {
        Voucher(vouch::vouch(
            self.offset,
            self.scale,
            (self.checking.unoffset, self.checking.unscale),
            value,
        ))
    }

    /// Returns an iterator with a [`Voucher`]s for each [`u64`] value  in the input iterator.
    pub fn vouch_many<'scope>(
        &'scope self,
        values: impl IntoIterator<Item = u64> + 'scope,
    ) -> impl Iterator<Item = Voucher> + 'scope {
        values.into_iter().enumerate().map(|(idx, value)| {
            // Rotate the input and the voucher on different periods:
            // this lets us process 64 * 63 = 4032 values before
            // repeating the same rotation counts.
            let input_rot = (idx % 64) as u32;
            let voucher_rot = (idx % 63) as u32;

            let voucher = self.vouch(value.rotate_right(input_rot));

            Voucher(voucher.0.rotate_left(voucher_rot))
        })
    }

    /// Returns the [`CheckingParameters`] that will accept the
    /// [`Voucher`]s generated with this [`VouchingParameters`].
    #[must_use]
    #[inline(always)]
    pub const fn checking_parameters(&self) -> CheckingParameters {
        self.checking
    }

    /// Number of ASCII characters in the string representation for
    /// one [`VouchingParameters`] instance.
    pub const REPRESENTATION_BYTE_COUNT: usize = 73;

    /// Attempts to parse `bytes`, which must be the utf-8 (it's all
    /// ASCII) representation of a serialised [`VouchingParameters`],
    /// with a length of exactly `REPRESENTATION_BYTE_COUNT` bytes.
    ///
    /// Returns the [`VouchingParameters`] on success, and an error
    /// reason on failure.
    #[inline(never)]
    pub const fn parse_bytes(bytes: &[u8]) -> Result<VouchingParameters, &'static str> {
        #[allow(clippy::assertions_on_constants)]
        const _: () = assert!(
            VouchingParameters::REPRESENTATION_BYTE_COUNT == vouch::REPRESENTATION_BYTE_COUNT
        );

        match vouch::parse_bytes(bytes) {
            Err(e) => Err(e),
            Ok((offset, scale, (unoffset, unscale))) => {
                // `generate:;derive_parameters` has an internal `assert!` check for validity,
                // and we make sure the return value matches the parameters derived from
                // `scale` and `unoffset`.
                let expected = generate::derive_parameters(scale ^ vouch::VOUCHING_TAG, unoffset);
                if (expected.0 == offset)
                    & (expected.1 == scale)
                    & (expected.2 .0 == unoffset)
                    & (expected.2 .1 == unscale)
                {
                    Ok(VouchingParameters {
                        offset,
                        scale,
                        checking: CheckingParameters { unoffset, unscale },
                    })
                } else {
                    Err("Invalid VouchingParameters values")
                }
            }
        }
    }
}

impl std::fmt::Display for VouchingParameters {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        write!(
            f,
            "VOUCH-{:016x}-{:016x}-{:016x}-{:016x}",
            self.offset, self.scale, self.checking.unoffset, self.checking.unscale
        )
    }
}

#[cfg(test)]
fn make_generator(values: &[u64]) -> impl FnMut() -> Result<u64, &'static str> + '_ {
    let mut idx = 0;
    move || {
        if idx < values.len() {
            let ret = values[idx];
            idx += 1;
            Ok(ret)
        } else {
            Err("ran out of indices")
        }
    }
}

#[test]
fn test_round_trip() {
    let params = VouchingParameters::generate(make_generator(&[131, 131])).expect("must succeed");

    let voucher = params.vouch(42);
    assert!(params.checking.check(42, voucher));

    // This should fail even if we circumvent the type system.
    assert!(!params.checking.check(voucher.0, Voucher(42)));

    // Incorrect values should fail.
    assert!(!params.checking.check(43, voucher));
    assert!(!params.checking.check(41, voucher));
    assert!(!params.checking.check(42, Voucher(voucher.0 - 1)));
    assert!(!params.checking.check(42, Voucher(voucher.0 + 1)));
    assert!(!params.checking.check(41, Voucher(voucher.0 - 1)));
    assert!(!params.checking.check(41, Voucher(voucher.0 + 1)));
    assert!(!params.checking.check(43, Voucher(voucher.0 - 1)));
    assert!(!params.checking.check(43, Voucher(voucher.0 + 1)));
}

#[test]
fn test_round_trip_many() {
    let params = VouchingParameters::generate(make_generator(&[131, 131])).expect("must succeed");

    let vouchers: Vec<Voucher> = params.vouch_many([42u64, 101u64]).collect();
    assert!(params.checking.check_many(&[42, 101], &vouchers));

    // Make sure we can call this usefully.
    let arr = [42u64, 101u64];
    let vouchers2: Vec<Voucher> = params.vouch_many(arr.iter().copied()).collect();
    assert_eq!(vouchers, vouchers2);
    let vouchers3: Vec<Voucher> = params
        .vouch_many([41u64, 100u64].iter().map(|x| x + 1))
        .collect();
    assert_eq!(vouchers, vouchers3);

    // The first element is the same as a regular scalar voucher
    assert!(params.checking.check(42, vouchers[0]));
    // But not the second
    assert!(!params.checking.check(101, vouchers[1]));

    // And any difference causes a failure.
    assert!(!params.checking.check_many(&[41, 101], &vouchers));
    assert!(!params.checking.check_many(&[42, 100], &vouchers));
    assert!(!params.checking.check_many(&[42], &vouchers));
    assert!(!params.checking.check_many(&[42, 101, 10], &vouchers));
}

#[test]
fn test_round_trip_many_long() {
    let params = VouchingParameters::generate(make_generator(&[131, 131])).expect("must succeed");
    let values: Vec<u64> = (0..5000u64).collect();

    let vouchers: Vec<Voucher> = params.vouch_many(values.iter().copied()).collect();
    assert!(params.checking_parameters().check_many(&values, &vouchers));
}
#[test]
fn test_parse_check() {
    let params = VouchingParameters::generate(make_generator(&[131, 131]))
        .expect("must succeed")
        .checking_parameters();

    eprintln!("{}", params);
    const SERIAL: &str = "CHECK-0000000000000083-9b791a2755d2d996";
    assert_eq!(format!("{}", params), SERIAL);

    const COPY: CheckingParameters = CheckingParameters::parse_or_die(SERIAL);
    assert_eq!(params, COPY);

    // Check for weirdness in non-consteval context.
    assert_eq!(
        params,
        CheckingParameters::parse(SERIAL).expect("Should succeed")
    );
    assert_eq!(params, CheckingParameters::parse_or_die(SERIAL));
}

#[test]
#[should_panic(expected = "failed to parse checking parameter string.")]
fn test_parse_check_fail() {
    CheckingParameters::parse_or_die("CHECK-0000000000000083-9b791a2755d2d99");
}

#[test]
fn test_generate() {
    VouchingParameters::generate(make_generator(&[131, 131])).expect("must succeed");
}

#[test]
fn test_generate_eventually_accept() {
    let (offset, scale, (unoffset, unscale)) = generate::derive_parameters(13, 142);

    let values = [0u64, 1u64, u64::MAX, 3u64, !17u64, 13, 142];
    assert_eq!(
        VouchingParameters::generate(make_generator(&values)),
        Ok(VouchingParameters {
            offset,
            scale,
            checking: CheckingParameters { unoffset, unscale }
        })
    );
}

#[test]
fn test_generate_fail() {
    let values = [0u64, 1u64, u64::MAX, 3u64, 17, !17u64, 13];

    assert_eq!(
        VouchingParameters::generate(make_generator(&values)),
        Err("ran out of indices")
    );
}

#[test]
fn test_generate_fail_early() {
    assert_eq!(
        VouchingParameters::generate(make_generator(&[13])),
        Err("ran out of indices")
    );
    assert_eq!(
        VouchingParameters::generate(make_generator(&[])),
        Err("ran out of indices")
    );
}

#[test]
fn test_parse_vouch() {
    let params = VouchingParameters::generate(make_generator(&[131, 131])).expect("must succeed");

    eprintln!("{}", params);
    const SERIAL: &str =
        "VOUCH-b4b0de979c8a90a9-676e696863756fd5-0000000000000083-9b791a2755d2d996";
    assert_eq!(format!("{}", params), SERIAL);

    const COPY: VouchingParameters = VouchingParameters::parse_or_die(SERIAL);
    assert_eq!(params, COPY);

    // Double check for weirdness around const eval.
    assert_eq!(params, VouchingParameters::parse(SERIAL).unwrap());
    assert_eq!(params, VouchingParameters::parse_or_die(SERIAL));
}

#[test]
#[should_panic(expected = "failed to parse vouching parameter string.")]
fn test_parse_vouch_fail_params() {
    // Bad parameters
    let bad_serial = "VOUCH-b4b0de979c8a90a9-676e696863756fd5-0000000000000083-9b791a2755d2d995";
    // This should fail validate.
    VouchingParameters::parse_or_die(bad_serial);
}

#[test]
#[should_panic(expected = "failed to parse vouching parameter string.")]
fn test_parse_vouch_fail_early() {
    // Bad format.
    let bad_serial = "VOUCH-b4b0de979c8a90a9-676e696863756fd5-0000000000000083-9b791a2755d2d99";
    // This should fail validate.
    VouchingParameters::parse_or_die(bad_serial);
}