Skip to main content

tor_bytes/
lib.rs

1#![cfg_attr(docsrs, feature(doc_cfg))]
2#![doc = include_str!("../README.md")]
3// @@ begin lint list maintained by maint/add_warning @@
4#![allow(renamed_and_removed_lints)] // @@REMOVE_WHEN(ci_arti_stable)
5#![allow(unknown_lints)] // @@REMOVE_WHEN(ci_arti_nightly)
6#![warn(missing_docs)]
7#![warn(noop_method_call)]
8#![warn(unreachable_pub)]
9#![warn(clippy::all)]
10#![deny(clippy::await_holding_lock)]
11#![deny(clippy::cargo_common_metadata)]
12#![deny(clippy::cast_lossless)]
13#![deny(clippy::checked_conversions)]
14#![warn(clippy::cognitive_complexity)]
15#![deny(clippy::debug_assert_with_mut_call)]
16#![deny(clippy::exhaustive_enums)]
17#![deny(clippy::exhaustive_structs)]
18#![deny(clippy::expl_impl_clone_on_copy)]
19#![deny(clippy::fallible_impl_from)]
20#![deny(clippy::implicit_clone)]
21#![deny(clippy::large_stack_arrays)]
22#![warn(clippy::manual_ok_or)]
23#![deny(clippy::missing_docs_in_private_items)]
24#![warn(clippy::needless_borrow)]
25#![warn(clippy::needless_pass_by_value)]
26#![warn(clippy::option_option)]
27#![deny(clippy::print_stderr)]
28#![deny(clippy::print_stdout)]
29#![warn(clippy::rc_buffer)]
30#![deny(clippy::ref_option_ref)]
31#![warn(clippy::semicolon_if_nothing_returned)]
32#![warn(clippy::trait_duplication_in_bounds)]
33#![deny(clippy::unchecked_time_subtraction)]
34#![deny(clippy::unnecessary_wraps)]
35#![warn(clippy::unseparated_literal_suffix)]
36#![deny(clippy::unwrap_used)]
37#![deny(clippy::mod_module_files)]
38#![allow(clippy::let_unit_value)] // This can reasonably be done for explicitness
39#![allow(clippy::uninlined_format_args)]
40#![allow(clippy::significant_drop_in_scrutinee)] // arti/-/merge_requests/588/#note_2812945
41#![allow(clippy::result_large_err)] // temporary workaround for arti#587
42#![allow(clippy::needless_raw_string_hashes)] // complained-about code is fine, often best
43#![allow(clippy::needless_lifetimes)] // See arti#1765
44#![allow(mismatched_lifetime_syntaxes)] // temporary workaround for arti#2060
45#![allow(clippy::collapsible_if)] // See arti#2342
46#![deny(clippy::unused_async)]
47#![deny(clippy::string_slice)] // See arti#2571
48//! <!-- @@ end lint list maintained by maint/add_warning @@ -->
49
50mod err;
51mod impls;
52mod reader;
53mod secretbuf;
54mod writer;
55
56pub use err::{EncodeError, Error};
57pub use reader::{Cursor, Reader};
58pub use secretbuf::SecretBuf;
59pub use writer::Writer;
60
61/// Result type returned by this crate for [`Reader`]-related methods.
62pub type Result<T> = std::result::Result<T, Error>;
63/// Result type returned by this crate for [`Writer`]-related methods.
64pub type EncodeResult<T> = std::result::Result<T, EncodeError>;
65
66/// Trait for an object that can be encoded onto a Writer by reference.
67///
68/// Implement this trait in order to make an object writeable.
69///
70/// Most code won't need to call this directly, but will instead use
71/// it implicitly via the Writer::write() method.
72///
73/// # Example
74///
75/// ```
76/// use tor_bytes::{Writeable, Writer, EncodeResult};
77/// #[derive(Debug, Eq, PartialEq)]
78/// struct Message {
79///   flags: u32,
80///   cmd: u8
81/// }
82///
83/// impl Writeable for Message {
84///     fn write_onto<B:Writer+?Sized>(&self, b: &mut B) -> EncodeResult<()> {
85///         // We'll say that a "Message" is encoded as flags, then command.
86///         b.write_u32(self.flags);
87///         b.write_u8(self.cmd);
88///         Ok(())
89///     }
90/// }
91///
92/// let msg = Message { flags: 0x43, cmd: 0x07 };
93/// let mut writer: Vec<u8> = Vec::new();
94/// writer.write(&msg);
95/// assert_eq!(writer, &[0x00, 0x00, 0x00, 0x43, 0x07 ]);
96/// ```
97pub trait Writeable {
98    /// Encode this object into the writer `b`.
99    fn write_onto<B: Writer + ?Sized>(&self, b: &mut B) -> EncodeResult<()>;
100}
101
102/// Trait for an object that can be encoded and consumed by a Writer.
103///
104/// Implement this trait in order to make an object that can be
105/// written more efficiently by absorbing it into the writer.
106///
107/// Most code won't need to call this directly, but will instead use
108/// it implicitly via the Writer::write_and_consume() method.
109pub trait WriteableOnce: Sized {
110    /// Encode this object into the writer `b`, and consume it.
111    fn write_into<B: Writer + ?Sized>(self, b: &mut B) -> EncodeResult<()>;
112}
113
114impl<W: Writeable + Sized> WriteableOnce for W {
115    fn write_into<B: Writer + ?Sized>(self, b: &mut B) -> EncodeResult<()> {
116        self.write_onto(b)
117    }
118}
119
120impl<W: Writeable + ?Sized> Writeable for &W {
121    fn write_onto<B: Writer + ?Sized>(&self, b: &mut B) -> EncodeResult<()> {
122        (*self).write_onto(b)
123    }
124}
125
126// ----------------------------------------------------------------------
127
128/// Trait for an object that can be extracted from a Reader.
129///
130/// Implement this trait in order to make an object that can (maybe)
131/// be decoded from a reader.
132//
133/// Most code won't need to call this directly, but will instead use
134/// it implicitly via the Reader::extract() method.
135///
136/// # Correctness (determinism), and error handling
137///
138/// The `take_from` method should produce consistent and deterministic results.
139///
140/// If `take_from` returns `Ok`, consuming some data,
141/// a future call with a reader which has that consumed data as a prefix,
142/// must consume the same data and succeed with an equivalent value.
143///
144/// If `take_from` returns `Err`, it is allowed to have consumed
145/// none, any, or all, of the `Reader`.
146///
147/// If `take_from` returns `Error::Incomplete`:
148/// then calling `take_from` again on a similar `Reader`
149/// (ie, where the old reader is a prefix of the new, or vice versa)
150/// must do one of the following:
151///  * Succeed, consuming at least as many bytes as
152///    were available in the previous reader plus `deficit`.
153///  * Return `Error::Incomplete` with a consistent value of `deficit`.
154///
155/// If `take_from` fails another way with some reader, it must fail the same way
156/// with all other readers which have that reader as a prefix.
157///
158/// (Here, "prefix" and "length" relate only to the remaining bytes in the `Reader`,
159/// irrespective of the length or value of any bytes which were previously consumed.)
160///
161/// (tor-socksproto relies on these properties.)
162///
163/// Specific implementations may provide stronger guarantees.
164///
165/// # Example
166///
167/// ```
168/// use tor_bytes::{Readable,Reader,Result};
169/// #[derive(Debug, Eq, PartialEq)]
170/// struct Message {
171///   flags: u32,
172///   cmd: u8
173/// }
174///
175/// impl Readable for Message {
176///     fn take_from(r: &mut Reader<'_>) -> Result<Self> {
177///         // A "Message" is encoded as flags, then command.
178///         let flags = r.take_u32()?;
179///         let cmd = r.take_u8()?;
180///         Ok(Message{ flags, cmd })
181///     }
182/// }
183///
184/// let encoded = [0x00, 0x00, 0x00, 0x43, 0x07 ];
185/// let mut reader = Reader::from_slice(&encoded);
186/// let m: Message = reader.extract()?;
187/// assert_eq!(m, Message { flags: 0x43, cmd: 0x07 });
188/// reader.should_be_exhausted()?; // make sure there are no bytes left over
189/// # Result::Ok(())
190/// ```
191pub trait Readable: Sized {
192    /// Try to extract an object of this type from a Reader.
193    ///
194    /// Implementations should generally try to be efficient: this is
195    /// not the right place to check signatures or perform expensive
196    /// operations.  If you have an object that must not be used until
197    /// it is finally validated, consider making this function return
198    /// a wrapped type that can be unwrapped later on once it gets
199    /// checked.
200    fn take_from(b: &mut Reader<'_>) -> Result<Self>;
201}
202
203// ----------------------------------------------------------------------
204
205#[cfg(test)]
206mod test {
207    // @@ begin test lint list maintained by maint/add_warning @@
208    #![allow(clippy::bool_assert_comparison)]
209    #![allow(clippy::clone_on_copy)]
210    #![allow(clippy::dbg_macro)]
211    #![allow(clippy::mixed_attributes_style)]
212    #![allow(clippy::print_stderr)]
213    #![allow(clippy::print_stdout)]
214    #![allow(clippy::single_char_pattern)]
215    #![allow(clippy::unwrap_used)]
216    #![allow(clippy::unchecked_time_subtraction)]
217    #![allow(clippy::useless_vec)]
218    #![allow(clippy::needless_pass_by_value)]
219    #![allow(clippy::string_slice)] // See arti#2571
220    //! <!-- @@ end test lint list maintained by maint/add_warning @@ -->
221    use super::*;
222
223    #[test]
224    fn writer() {
225        let mut v: Vec<u8> = Vec::new();
226        v.write_u8(0x57);
227        v.write_u16(0x6520);
228        v.write_u32(0x68617665);
229        v.write_u64(0x2061206d61636869);
230        v.write_all(b"ne in a plexiglass dome");
231        v.write_zeros(3);
232        assert_eq!(&v[..], &b"We have a machine in a plexiglass dome\0\0\0"[..]);
233    }
234}