Merge pull request wolfSSL#9473 from holtrop/rust-cargo-clippy

SparkiDev · web-flow · commit e30e9b7e09c9 · 2025-11-27T09:18:51.000+10:00
Rust wrapper: enable cargo clippy and fix several clippy warnings
diff --git a/wrapper/rust/wolfssl/Makefile b/wrapper/rust/wolfssl/Makefile
@@ -1,6 +1,7 @@
 .PHONY: all
 all:
 	cargo build
+	cargo clippy
 	cargo doc
 
 .PHONY: test
diff --git a/wrapper/rust/wolfssl/build.rs b/wrapper/rust/wolfssl/build.rs
@@ -55,15 +55,12 @@ fn generate_bindings() -> Result<()> {
         .clang_arg(format!("-I{}", wolfssl_base_dir()?))
         .parse_callbacks(Box::new(bindgen::CargoCallbacks::new()))
         .generate()
-        .map_err(|_| io::Error::new(io::ErrorKind::Other, "Failed to generate bindings"))?;
+        .map_err(|_| io::Error::other("Failed to generate bindings"))?;
 
     bindings
         .write_to_file(bindings_path())
         .map_err(|e| {
-            io::Error::new(
-                io::ErrorKind::Other,
-                format!("Couldn't write bindings: {}", e),
-            )
+            io::Error::other(format!("Couldn't write bindings: {}", e))
         })
 }
 
diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/aes.rs b/wrapper/rust/wolfssl/src/wolfcrypt/aes.rs
diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/ecc.rs b/wrapper/rust/wolfssl/src/wolfcrypt/ecc.rs
@@ -1362,6 +1362,7 @@ impl ECC {
     /// }
     /// ```
     #[cfg(ecc_import)]
+    #[allow(clippy::too_many_arguments)]
     pub fn export_ex(&mut self, qx: &mut [u8], qx_len: &mut u32,
             qy: &mut [u8], qy_len: &mut u32, d: &mut [u8], d_len: &mut u32,
             hex: bool) -> Result<(), i32> {
diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/kdf.rs b/wrapper/rust/wolfssl/src/wolfcrypt/kdf.rs
@@ -339,11 +339,9 @@ pub fn tls13_hkdf_extract_ex(typ: i32, salt: Option<&[u8]>, key: Option<&mut [u8
     let mut ikm_buf = [0u8; sys::WC_MAX_DIGEST_SIZE as usize];
     let mut ikm_ptr = ikm_buf.as_mut_ptr();
     let mut ikm_size = 0u32;
-    if let Some(key) = key {
-        if key.len() > 0 {
-            ikm_ptr = key.as_mut_ptr();
-            ikm_size = key.len() as u32;
-        }
+    if let Some(key) = key && !key.is_empty() {
+        ikm_ptr = key.as_mut_ptr();
+        ikm_size = key.len() as u32;
     }
     if out.len() != HMAC::get_hmac_size_by_type(typ)? {
         return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E);
@@ -473,6 +471,7 @@ pub fn tls13_hkdf_expand_label(typ: i32, key: &[u8], protocol: &[u8], label: &[u
 /// }
 /// ```
 #[cfg(kdf_tls13)]
+#[allow(clippy::too_many_arguments)]
 pub fn tls13_hkdf_expand_label_ex(typ: i32, key: &[u8], protocol: &[u8], label: &[u8], info: &[u8], out: &mut [u8], heap: Option<*mut std::os::raw::c_void>, dev_id: Option<i32>) -> Result<(), i32> {
     let key_size = key.len() as u32;
     let protocol_size = protocol.len() as u32;
diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/random.rs b/wrapper/rust/wolfssl/src/wolfcrypt/random.rs
@@ -30,22 +30,20 @@ wolfSSL `WC_RNG` object. It ensures proper initialization and deallocation.
 ```rust
 use wolfssl::wolfcrypt::random::RNG;
 
-fn main() {
-    // Create a RNG instance.
-    let mut rng = RNG::new().expect("Failed to create RNG");
+// Create a RNG instance.
+let mut rng = RNG::new().expect("Failed to create RNG");
 
-    // Generate a single random byte value.
-    let byte = rng.generate_byte().expect("Failed to generate a single byte");
+// Generate a single random byte value.
+let byte = rng.generate_byte().expect("Failed to generate a single byte");
 
-    // Generate a random block.
-    let mut buffer = [0u32; 8];
-    rng.generate_block(&mut buffer).expect("Failed to generate a block");
-}
+// Generate a random block.
+let mut buffer = [0u32; 8];
+rng.generate_block(&mut buffer).expect("Failed to generate a block");
 ```
 */
 
 use crate::sys;
-use std::mem::{size_of, MaybeUninit};
+use std::mem::{size_of_val, MaybeUninit};
 
 /// A cryptographically secure random number generator based on the wolfSSL
 /// library.
@@ -138,7 +136,7 @@ impl RNG {
     /// library return code on failure.
     pub fn new_with_nonce_ex<T>(nonce: &mut [T], heap: Option<*mut std::os::raw::c_void>, dev_id: Option<i32>) -> Result<Self, i32> {
         let ptr = nonce.as_mut_ptr() as *mut u8;
-        let size: u32 = (nonce.len() * size_of::<T>()) as u32;
+        let size: u32 = size_of_val(nonce) as u32;
         let mut rng: MaybeUninit<RNG> = MaybeUninit::uninit();
         let heap = match heap {
             Some(heap) => heap,
@@ -320,7 +318,7 @@ impl RNG {
     /// library return code on failure.
     pub fn generate_block<T>(&mut self, buf: &mut [T]) -> Result<(), i32> {
         let ptr = buf.as_mut_ptr() as *mut u8;
-        let size: u32 = (buf.len() * size_of::<T>()) as u32;
+        let size: u32 = size_of_val(buf) as u32;
         let rc = unsafe { sys::wc_RNG_GenerateBlock(&mut self.wc_rng, ptr, size) };
         if rc == 0 {
             Ok(())
diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/rsa.rs b/wrapper/rust/wolfssl/src/wolfcrypt/rsa.rs
@@ -215,11 +215,10 @@ impl RSA {
             return Err(rc);
         }
         let mut wc_rsakey = unsafe { wc_rsakey.assume_init() };
-        let der_ptr = der.as_ptr() as *const u8;
         let der_size = der.len() as u32;
         let mut idx: u32 = 0;
         let rc = unsafe {
-            sys::wc_RsaPrivateKeyDecode(der_ptr, &mut idx, &mut wc_rsakey, der_size)
+            sys::wc_RsaPrivateKeyDecode(der.as_ptr(), &mut idx, &mut wc_rsakey, der_size)
         };
         if rc != 0 {
             unsafe { sys::wc_FreeRsaKey(&mut wc_rsakey); }
@@ -325,11 +324,10 @@ impl RSA {
             return Err(rc);
         }
         let mut wc_rsakey = unsafe { wc_rsakey.assume_init() };
-        let der_ptr = der.as_ptr() as *const u8;
         let der_size = der.len() as u32;
         let mut idx: u32 = 0;
         let rc = unsafe {
-            sys::wc_RsaPublicKeyDecode(der_ptr, &mut idx, &mut wc_rsakey, der_size)
+            sys::wc_RsaPublicKeyDecode(der.as_ptr(), &mut idx, &mut wc_rsakey, der_size)
         };
         if rc != 0 {
             unsafe { sys::wc_FreeRsaKey(&mut wc_rsakey); }
@@ -496,25 +494,25 @@ impl RSA {
     ///     &mut d, &mut d_size, &mut p, &mut p_size, &mut q, &mut q_size).expect("Error with export_key()");
     /// }
     /// ```
+    #[allow(clippy::too_many_arguments)]
     pub fn export_key(&mut self,
             e: &mut [u8], e_size: &mut u32,
             n: &mut [u8], n_size: &mut u32,
             d: &mut [u8], d_size: &mut u32,
             p: &mut [u8], p_size: &mut u32,
             q: &mut [u8], q_size: &mut u32) -> Result<(), i32> {
-        let e_ptr = e.as_ptr() as *mut u8;
         *e_size = e.len() as u32;
-        let n_ptr = n.as_ptr() as *mut u8;
         *n_size = n.len() as u32;
-        let d_ptr = d.as_ptr() as *mut u8;
         *d_size = d.len() as u32;
-        let p_ptr = p.as_ptr() as *mut u8;
         *p_size = p.len() as u32;
-        let q_ptr = q.as_ptr() as *mut u8;
         *q_size = q.len() as u32;
         let rc = unsafe {
-            sys::wc_RsaExportKey(&mut self.wc_rsakey, e_ptr, e_size,
-                n_ptr, n_size, d_ptr, d_size, p_ptr, p_size, q_ptr, q_size)
+            sys::wc_RsaExportKey(&self.wc_rsakey,
+                e.as_mut_ptr(), e_size,
+                n.as_mut_ptr(), n_size,
+                d.as_mut_ptr(), d_size,
+                p.as_mut_ptr(), p_size,
+                q.as_mut_ptr(), q_size)
         };
         if rc != 0 {
             return Err(rc);
@@ -556,13 +554,11 @@ impl RSA {
     pub fn export_public_key(&mut self,
             e: &mut [u8], e_size: &mut u32,
             n: &mut [u8], n_size: &mut u32) -> Result<(), i32> {
-        let e_ptr = e.as_ptr() as *mut u8;
         *e_size = e.len() as u32;
-        let n_ptr = n.as_ptr() as *mut u8;
         *n_size = n.len() as u32;
         let rc = unsafe {
-            sys::wc_RsaFlattenPublicKey(&mut self.wc_rsakey, e_ptr, e_size,
-                n_ptr, n_size)
+            sys::wc_RsaFlattenPublicKey(&self.wc_rsakey,
+                e.as_mut_ptr(), e_size, n.as_mut_ptr(), n_size)
         };
         if rc != 0 {
             return Err(rc);
@@ -670,13 +666,12 @@ impl RSA {
     /// assert_eq!(plain_out[0..dec_len], *plain);
     /// ```
     pub fn public_encrypt(&mut self, din: &[u8], dout: &mut [u8], rng: &mut RNG) -> Result<usize, i32> {
-        let din_ptr = din.as_ptr() as *const u8;
         let din_size = din.len() as u32;
-        let dout_ptr = dout.as_ptr() as *mut u8;
         let dout_size = dout.len() as u32;
         let rc = unsafe {
-            sys::wc_RsaPublicEncrypt(din_ptr, din_size, dout_ptr, dout_size,
-                &mut self.wc_rsakey, &mut rng.wc_rng)
+            sys::wc_RsaPublicEncrypt(din.as_ptr(), din_size,
+                dout.as_mut_ptr(), dout_size, &mut self.wc_rsakey,
+                &mut rng.wc_rng)
         };
         if rc < 0 {
             return Err(rc);
@@ -725,13 +720,11 @@ impl RSA {
     /// assert_eq!(plain_out[0..dec_len], *plain);
     /// ```
     pub fn private_decrypt(&mut self, din: &[u8], dout: &mut [u8]) -> Result<usize, i32> {
-        let din_ptr = din.as_ptr() as *const u8;
         let din_size = din.len() as u32;
-        let dout_ptr = dout.as_ptr() as *mut u8;
         let dout_size = dout.len() as u32;
         let rc = unsafe {
-            sys::wc_RsaPrivateDecrypt(din_ptr, din_size, dout_ptr, dout_size,
-                &mut self.wc_rsakey)
+            sys::wc_RsaPrivateDecrypt(din.as_ptr(), din_size,
+                dout.as_mut_ptr(), dout_size, &mut self.wc_rsakey)
         };
         if rc < 0 {
             return Err(rc);
@@ -789,12 +782,10 @@ impl RSA {
     /// rsa.pss_verify_check(signature, &mut verify_out, msg, RSA::HASH_TYPE_SHA256, RSA::MGF1SHA256).expect("Error with pss_verify_check()");
     /// ```
     pub fn pss_sign(&mut self, din: &[u8], dout: &mut [u8], hash_algo: u32, mgf: i32, rng: &mut RNG) -> Result<usize, i32> {
-        let din_ptr = din.as_ptr() as *const u8;
         let din_size = din.len() as u32;
-        let dout_ptr = dout.as_ptr() as *mut u8;
         let dout_size = dout.len() as u32;
         let rc = unsafe {
-            sys::wc_RsaPSS_Sign(din_ptr, din_size, dout_ptr, dout_size,
+            sys::wc_RsaPSS_Sign(din.as_ptr(), din_size, dout.as_mut_ptr(), dout_size,
                 hash_algo, mgf, &mut self.wc_rsakey, &mut rng.wc_rng)
         };
         if rc < 0 {
@@ -850,13 +841,11 @@ impl RSA {
     /// rsa.pss_verify_check(signature, &mut verify_out, msg, RSA::HASH_TYPE_SHA256, RSA::MGF1SHA256).expect("Error with pss_verify_check()");
     /// ```
     pub fn pss_check_padding(&mut self, din: &[u8], sig: &[u8], hash_algo: u32) -> Result<(), i32> {
-        let din_ptr = din.as_ptr() as *const u8;
         let din_size = din.len() as u32;
-        let sig_ptr = sig.as_ptr() as *const u8;
         let sig_size = sig.len() as u32;
         let rc = unsafe {
-            sys::wc_RsaPSS_CheckPadding(din_ptr, din_size, sig_ptr, sig_size,
-                hash_algo)
+            sys::wc_RsaPSS_CheckPadding(din.as_ptr(), din_size,
+                sig.as_ptr(), sig_size, hash_algo)
         };
         if rc != 0 {
             return Err(rc);
@@ -914,12 +903,11 @@ impl RSA {
     /// rsa.pss_verify_check(signature, &mut verify_out, msg, RSA::HASH_TYPE_SHA256, RSA::MGF1SHA256).expect("Error with pss_verify_check()");
     /// ```
     pub fn pss_verify(&mut self, din: &[u8], dout: &mut [u8], hash_algo: u32, mgf: i32) -> Result<usize, i32> {
-        let din_ptr = din.as_ptr() as *const u8;
         let din_size = din.len() as u32;
-        let dout_ptr = dout.as_ptr() as *mut u8;
         let dout_size = dout.len() as u32;
         let rc = unsafe {
-            sys::wc_RsaPSS_Verify(din_ptr, din_size, dout_ptr, dout_size,
+            sys::wc_RsaPSS_Verify(din.as_ptr(), din_size,
+                dout.as_mut_ptr(), dout_size,
                 hash_algo, mgf, &mut self.wc_rsakey)
         };
         if rc < 0 {
@@ -982,15 +970,13 @@ impl RSA {
     /// rsa.pss_verify_check(signature, &mut verify_out, msg, RSA::HASH_TYPE_SHA256, RSA::MGF1SHA256).expect("Error with pss_verify_check()");
     /// ```
     pub fn pss_verify_check(&mut self, din: &[u8], dout: &mut [u8], digest: &[u8], hash_algo: u32, mgf: i32) -> Result<usize, i32> {
-        let din_ptr = din.as_ptr() as *const u8;
         let din_size = din.len() as u32;
-        let dout_ptr = dout.as_ptr() as *mut u8;
         let dout_size = dout.len() as u32;
-        let digest_ptr = digest.as_ptr() as *const u8;
         let digest_size = digest.len() as u32;
         let rc = unsafe {
-            sys::wc_RsaPSS_VerifyCheck(din_ptr, din_size, dout_ptr, dout_size,
-                digest_ptr, digest_size, hash_algo, mgf, &mut self.wc_rsakey)
+            sys::wc_RsaPSS_VerifyCheck(din.as_ptr(), din_size,
+                dout.as_mut_ptr(), dout_size, digest.as_ptr(), digest_size,
+                hash_algo, mgf, &mut self.wc_rsakey)
         };
         if rc < 0 {
             return Err(rc);
@@ -1047,12 +1033,11 @@ impl RSA {
     /// ```
     #[cfg(rsa_direct)]
     pub fn rsa_direct(&mut self, din: &[u8], dout: &mut [u8], typ: i32, rng: &mut RNG) -> Result<usize, i32> {
-        let din_ptr = din.as_ptr() as *const u8;
         let din_size = din.len() as u32;
-        let dout_ptr = dout.as_ptr() as *mut u8;
         let mut dout_size = dout.len() as u32;
         let rc = unsafe {
-            sys::wc_RsaDirect(din_ptr, din_size, dout_ptr, &mut dout_size,
+            sys::wc_RsaDirect(din.as_ptr(), din_size,
+                dout.as_mut_ptr(), &mut dout_size,
                 &mut self.wc_rsakey, typ, &mut rng.wc_rng)
         };
         if rc < 0 {
@@ -1093,7 +1078,6 @@ impl RSA {
     /// let mut enc: [u8; 512] = [0; 512];
     /// let enc_len = rsa.public_encrypt(plain, &mut enc, &mut rng).expect("Error with public_encrypt()");
     /// assert!(enc_len > 0 && enc_len <= 512);
-
     /// let key_path = "../../../certs/client-key.der";
     /// let der: Vec<u8> = fs::read(key_path).expect("Error reading key file");
     /// let mut rsa = RSA::new_from_der(&der).expect("Error with new_from_der()");
@@ -1156,12 +1140,11 @@ impl RSA {
     /// assert!(verify_out_size > 0 && verify_out_size <= 512);
     /// ```
     pub fn ssl_sign(&mut self, din: &[u8], dout: &mut [u8], rng: &mut RNG) -> Result<usize, i32> {
-        let din_ptr = din.as_ptr() as *const u8;
         let din_size = din.len() as u32;
-        let dout_ptr = dout.as_ptr() as *mut u8;
         let dout_size = dout.len() as u32;
         let rc = unsafe {
-            sys::wc_RsaSSL_Sign(din_ptr, din_size, dout_ptr, dout_size,
+            sys::wc_RsaSSL_Sign(din.as_ptr(), din_size,
+                dout.as_mut_ptr(), dout_size,
                 &mut self.wc_rsakey, &mut rng.wc_rng)
         };
         if rc < 0 {
@@ -1214,13 +1197,11 @@ impl RSA {
     /// assert!(verify_out_size > 0 && verify_out_size <= 512);
     /// ```
     pub fn ssl_verify(&mut self, din: &[u8], dout: &mut [u8]) -> Result<usize, i32> {
-        let din_ptr = din.as_ptr() as *const u8;
         let din_size = din.len() as u32;
-        let dout_ptr = dout.as_ptr() as *mut u8;
         let dout_size = dout.len() as u32;
         let rc = unsafe {
-            sys::wc_RsaSSL_Verify(din_ptr, din_size, dout_ptr, dout_size,
-                &mut self.wc_rsakey)
+            sys::wc_RsaSSL_Verify(din.as_ptr(), din_size,
+                dout.as_mut_ptr(), dout_size, &mut self.wc_rsakey)
         };
         if rc < 0 {
             return Err(rc);
diff --git a/wrapper/rust/wolfssl/src/wolfcrypt/sha.rs b/wrapper/rust/wolfssl/src/wolfcrypt/sha.rs
@@ -2098,7 +2098,7 @@ impl SHAKE128 {
         if dout_size % (Self::SQUEEZE_BLOCK_SIZE as u32) != 0 {
             return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E);
         }
-        let n_blocks = (dout_size / (Self::SQUEEZE_BLOCK_SIZE as u32)) as u32;
+        let n_blocks = dout_size / (Self::SQUEEZE_BLOCK_SIZE as u32);
         let rc = unsafe {
             sys::wc_Shake128_SqueezeBlocks(&mut self.wc_shake, dout.as_mut_ptr(), n_blocks)
         };
@@ -2368,7 +2368,7 @@ impl SHAKE256 {
         if dout_size % (Self::SQUEEZE_BLOCK_SIZE as u32) != 0 {
             return Err(sys::wolfCrypt_ErrorCodes_BUFFER_E);
         }
-        let n_blocks = (dout_size / (Self::SQUEEZE_BLOCK_SIZE as u32)) as u32;
+        let n_blocks = dout_size / (Self::SQUEEZE_BLOCK_SIZE as u32);
         let rc = unsafe {
             sys::wc_Shake256_SqueezeBlocks(&mut self.wc_shake, dout.as_mut_ptr(), n_blocks)
         };
