Merge pull request #375 from Superhepper/from-slice-removal

Removes from slice conversions for buffer types.

Author: Superhepper

tss-esapi/src/abstraction/nv.rs

@@ -213,8 +213,7 @@ impl std::io::Write for NvReaderWriter<'_> {
         let desired_size = std::cmp::min(buf.len(), self.data_size - self.offset);
         let size = std::cmp::min(self.buffer_size, desired_size) as u16;
 
-        let data = buf[0..size.into()]
-            .try_into()
+        let data = MaxNvBuffer::from_bytes(&buf[0..size.into()])
             .map_err(|e| std::io::Error::new(std::io::ErrorKind::Other, e))?;
         self.context
             .nv_write(self.auth_handle, self.nv_idx, data, self.offset as u16)

tss-esapi/src/abstraction/pcr/data.rs

@@ -125,7 +125,7 @@ impl From<PcrData> for Vec<TPML_DIGEST> {
                     tpml_digest.count += 1;
                     tpml_digest.digests[index].size = digest.len() as u16;
                     tpml_digest.digests[index].buffer[..digest.len()]
-                        .copy_from_slice(digest.value());
+                        .copy_from_slice(digest.as_bytes());
                 }
                 tpml_digest
             })

tss-esapi/src/abstraction/public.rs

@@ -84,13 +84,13 @@ fn public_to_decoded_key(public: &Public) -> Result<DecodedKey, Error> {
             }
             .to_be_bytes();
             Ok(DecodedKey::RsaPublicKey(RsaPublicKey {
-                modulus: IntegerAsn1::from_bytes_be_unsigned(unique.value().to_vec()),
+                modulus: IntegerAsn1::from_bytes_be_unsigned(unique.as_bytes().to_vec()),
                 public_exponent: IntegerAsn1::from_bytes_be_signed(exponent.to_vec()),
             }))
         }
         Public::Ecc { unique, .. } => {
-            let x = unique.x().value().to_vec();
-            let y = unique.y().value().to_vec();
+            let x = unique.x().as_bytes().to_vec();
+            let y = unique.y().as_bytes().to_vec();
             Ok(DecodedKey::EcPoint(OctetStringAsn1(
                 elliptic_curve_point_to_octet_string(x, y),
             )))

tss-esapi/src/abstraction/transient/key_attestation.rs

@@ -53,7 +53,7 @@ impl TransientKeyContext {
     /// the credential
     ///
     /// **Note**: If no `key` is given, the default Endorsement Key
-    /// will be used.  
+    /// will be used.
     pub fn get_make_cred_params(
         &mut self,
         object: ObjectWrapper,
@@ -131,7 +131,7 @@ impl TransientKeyContext {
         self.context.flush_context(key_handle.into())?;
         self.context
             .flush_context(SessionHandle::from(session_2).into())?;
-        Ok(credential.value().to_vec())
+        Ok(credential.as_bytes().to_vec())
     }
 
     // No key was given, use the EK. This requires using a Policy session

tss-esapi/src/abstraction/transient/mod.rs

@@ -149,7 +149,7 @@ impl TransientKeyContext {
         let key_auth = if auth_size > 0 {
             self.set_session_attrs()?;
             let random_bytes = self.context.get_random(auth_size)?;
-            Some(Auth::try_from(random_bytes.value().to_vec())?)
+            Some(Auth::from_bytes(random_bytes.as_bytes())?)
         } else {
             None
         };
@@ -170,7 +170,7 @@ impl TransientKeyContext {
 
         let key_material = KeyMaterial {
             public: out_public.try_into()?,
-            private: out_private.value().to_vec(),
+            private: out_private.as_bytes().to_vec(),
         };
         Ok((key_material, key_auth))
     }
@@ -390,7 +390,7 @@ impl TransientKeyContext {
 
         let key_material = KeyMaterial {
             public: public.try_into()?,
-            private: private.value().to_vec(),
+            private: private.as_bytes().to_vec(),
         };
 
         self.context.flush_context(key_handle.into())?;
@@ -670,7 +670,7 @@ impl TransientKeyContextBuilder {
 
         let root_key_auth = if self.root_key_auth_size > 0 {
             let random = context.get_random(self.root_key_auth_size)?;
-            Some(Auth::try_from(random.value().to_vec())?)
+            Some(Auth::from_bytes(random.as_bytes())?)
         } else {
             None
         };

tss-esapi/src/context/tpm_commands/asymmetric_primitives.rs

@@ -128,7 +128,7 @@ impl Context {
     /// #     .expect("Failed to set attributes on session");
     /// # context.set_sessions((Some(session), None, None));
     /// # let random_digest = context.get_random(16).unwrap();
-    /// # let key_auth = Auth::try_from(random_digest.value().to_vec()).unwrap();
+    /// # let key_auth = Auth::from_bytes(random_digest.as_bytes()).unwrap();
     /// #
     /// // Create a key suitable for ECDH key generation
     /// let ecc_parms = PublicEccParametersBuilder::new()
@@ -263,7 +263,7 @@ impl Context {
     /// #     .expect("Failed to set attributes on session");
     /// # context.set_sessions((Some(session), None, None));
     /// # let random_digest = context.get_random(16).unwrap();
-    /// # let key_auth = Auth::try_from(random_digest.value().to_vec()).unwrap();
+    /// # let key_auth = Auth::from_bytes(random_digest.as_bytes()).unwrap();
     /// #
     /// // Create a key suitable for ECDH key generation
     /// let ecc_parms = PublicEccParametersBuilder::new()
@@ -313,7 +313,7 @@ impl Context {
     /// // Generate ephemeral key pair and a shared secret
     /// let (z_point, pub_point) = context.ecdh_key_gen(key_handle).unwrap();
     /// let z_point_gen = context.ecdh_z_gen(key_handle, pub_point).unwrap();
-    /// assert_eq!(z_point.x().value(), z_point_gen.x().value());
+    /// assert_eq!(z_point.x().as_bytes(), z_point_gen.x().as_bytes());
     /// ```
     pub fn ecdh_z_gen(&mut self, key_handle: KeyHandle, in_point: EccPoint) -> Result<EccPoint> {
         let mut out_point_ptr = null_mut();

tss-esapi/src/context/tpm_commands/context_management.rs

@@ -114,7 +114,7 @@ impl Context {
     /// context.execute_with_session(Some(session), |ctx| {
     ///     let random_digest = ctx.get_random(16)
     ///         .expect("Call to get_random failed");
-    ///     let key_auth = Auth::try_from(random_digest.value().to_vec())
+    ///     let key_auth = Auth::from_bytes(random_digest.as_bytes())
     ///         .expect("Failed to create Auth");
     ///     let key_handle = ctx
     ///         .create_primary(

tss-esapi/src/context/tpm_commands/symmetric_primitives.rs

@@ -60,7 +60,7 @@ impl Context {
     /// #     context
     /// #         .get_random(16)
     /// #         .expect("get_rand call failed")
-    /// #         .value()
+    /// #         .as_bytes()
     /// #         .to_vec(),
     /// # )
     /// # .expect("Failed to create primary key auth");
@@ -107,7 +107,7 @@ impl Context {
     /// #     context
     /// #         .get_random(16)
     /// #         .expect("get_rand call failed")
-    /// #         .value()
+    /// #         .as_bytes()
     /// #         .to_vec(),
     /// # )
     /// # .expect("Failed to create symmetric key auth");

tss-esapi/src/structures/buffers.rs

@@ -23,8 +23,24 @@ macro_rules! named_field_buffer_type {
         impl $native_type {
             pub const MAX_SIZE: usize = $MAX;
 
-            pub fn value(&self) -> &[u8] {
-                &self.0
+            pub fn from_bytes(bytes: &[u8]) -> Result<Self> {
+                Self::ensure_valid_buffer_size(bytes.len(), "bytes(&[u8])")?;
+                Ok($native_type(bytes.to_vec().into()))
+            }
+
+            /// Returns the content of the buffer type as
+            /// a slice of bytes.
+            pub fn as_bytes(&self) -> &[u8] {
+                self.0.as_slice()
+            }
+
+            /// Private function for ensuring that a buffer size is valid.
+            fn ensure_valid_buffer_size(buffer_size: usize, container_name: &str) -> Result<()> {
+                if buffer_size > Self::MAX_SIZE {
+                    error!("Invalid {} size(> {})", container_name, Self::MAX_SIZE);
+                    return Err(Error::local_error(WrapperErrorKind::WrongParamSize));
+                }
+                Ok(())
             }
         }
 
@@ -39,35 +55,17 @@ macro_rules! named_field_buffer_type {
             type Error = Error;
 
             fn try_from(bytes: Vec<u8>) -> Result<Self> {
-                if bytes.len() > Self::MAX_SIZE {
-                    error!("Invalid Vec<u8> size(> {})", Self::MAX_SIZE);
-                    return Err(Error::local_error(WrapperErrorKind::WrongParamSize));
-                }
+                Self::ensure_valid_buffer_size(bytes.len(), "Vec<u8>")?;
                 Ok($native_type(bytes.into()))
             }
         }
 
-        impl TryFrom<&[u8]> for $native_type {
-            type Error = Error;
-
-            fn try_from(bytes: &[u8]) -> Result<Self> {
-                if bytes.len() > Self::MAX_SIZE {
-                    error!("Invalid &[u8] size(> {})", Self::MAX_SIZE);
-                    return Err(Error::local_error(WrapperErrorKind::WrongParamSize));
-                }
-                Ok($native_type(bytes.to_vec().into()))
-            }
-        }
-
         impl TryFrom<$tss_type> for $native_type {
             type Error = Error;
 
             fn try_from(tss: $tss_type) -> Result<Self> {
                 let size = tss.size as usize;
-                if size > Self::MAX_SIZE {
-                    error!("Invalid buffer size(> {})", Self::MAX_SIZE);
-                    return Err(Error::local_error(WrapperErrorKind::WrongParamSize));
-                }
+                Self::ensure_valid_buffer_size(size, "buffer")?;
                 Ok($native_type(tss.$buffer_field_name[..size].to_vec().into()))
             }
         }
@@ -119,7 +117,7 @@ pub mod digest {
 
         fn try_from(value: Digest) -> Result<Self> {
             value
-                .value()
+                .as_bytes()
                 .try_into()
                 .map_err(|_| Error::local_error(WrapperErrorKind::WrongParamSize))
         }
@@ -130,7 +128,7 @@ pub mod digest {
 
         fn try_from(value: Digest) -> Result<Self> {
             value
-                .value()
+                .as_bytes()
                 .try_into()
                 .map_err(|_| Error::local_error(WrapperErrorKind::WrongParamSize))
         }
@@ -141,13 +139,13 @@ pub mod digest {
         type Error = Error;
 
         fn try_from(value: Digest) -> Result<Self> {
-            if value.value().len() != 48 {
+            if value.len() != 48 {
                 return Err(Error::local_error(WrapperErrorKind::WrongParamSize));
             }
 
             let mut result = [0; 48];
 
-            result.copy_from_slice(value.value());
+            result.copy_from_slice(value.as_bytes());
 
             Ok(result)
         }
@@ -157,17 +155,49 @@ pub mod digest {
         type Error = Error;
 
         fn try_from(value: Digest) -> Result<Self> {
-            if value.value().len() != 64 {
+            if value.len() != 64 {
                 return Err(Error::local_error(WrapperErrorKind::WrongParamSize));
             }
 
             let mut result = [0; 64];
 
-            result.copy_from_slice(value.value());
+            result.copy_from_slice(value.as_bytes());
 
             Ok(result)
         }
     }
+
+    impl From<[u8; 20]> for Digest {
+        fn from(mut value: [u8; 20]) -> Self {
+            let value_as_vec = value.to_vec();
+            value.zeroize();
+            Digest(value_as_vec.into())
+        }
+    }
+
+    impl From<[u8; 32]> for Digest {
+        fn from(mut value: [u8; 32]) -> Self {
+            let value_as_vec = value.to_vec();
+            value.zeroize();
+            Digest(value_as_vec.into())
+        }
+    }
+
+    impl From<[u8; 48]> for Digest {
+        fn from(mut value: [u8; 48]) -> Self {
+            let value_as_vec = value.to_vec();
+            value.zeroize();
+            Digest(value_as_vec.into())
+        }
+    }
+
+    impl From<[u8; 64]> for Digest {
+        fn from(mut value: [u8; 64]) -> Self {
+            let value_as_vec = value.to_vec();
+            value.zeroize();
+            Digest(value_as_vec.into())
+        }
+    }
 }
 
 pub mod ecc_parameter {
@@ -268,12 +298,12 @@ pub mod public_key_rsa {
         type Error = Error;
 
         fn try_from(public_key_rsa: PublicKeyRsa) -> Result<Self> {
-            if public_key_rsa.value().len() > 128 {
+            if public_key_rsa.len() > 128 {
                 return Err(Error::local_error(WrapperErrorKind::WrongParamSize));
             }
 
             let mut value = [0u8; 128];
-            value.copy_from_slice(public_key_rsa.value());
+            value.copy_from_slice(public_key_rsa.as_bytes());
             Ok(value)
         }
     }
@@ -282,12 +312,12 @@ pub mod public_key_rsa {
         type Error = Error;
 
         fn try_from(public_key_rsa: PublicKeyRsa) -> Result<Self> {
-            if public_key_rsa.value().len() > 256 {
+            if public_key_rsa.len() > 256 {
                 return Err(Error::local_error(WrapperErrorKind::WrongParamSize));
             }
 
             let mut value = [0u8; 256];
-            value.copy_from_slice(public_key_rsa.value());
+            value.copy_from_slice(public_key_rsa.as_bytes());
             Ok(value)
         }
     }
@@ -296,12 +326,12 @@ pub mod public_key_rsa {
         type Error = Error;
 
         fn try_from(public_key_rsa: PublicKeyRsa) -> Result<Self> {
-            if public_key_rsa.value().len() > 384 {
+            if public_key_rsa.len() > 384 {
                 return Err(Error::local_error(WrapperErrorKind::WrongParamSize));
             }
 
             let mut value = [0u8; 384];
-            value.copy_from_slice(public_key_rsa.value());
+            value.copy_from_slice(public_key_rsa.as_bytes());
             Ok(value)
         }
     }
@@ -310,12 +340,12 @@ pub mod public_key_rsa {
         type Error = Error;
 
         fn try_from(public_key_rsa: PublicKeyRsa) -> Result<Self> {
-            if public_key_rsa.value().len() > 512 {
+            if public_key_rsa.len() > 512 {
                 return Err(Error::local_error(WrapperErrorKind::WrongParamSize));
             }
 
             let mut value = [0u8; 512];
-            value.copy_from_slice(public_key_rsa.value());
+            value.copy_from_slice(public_key_rsa.as_bytes());
             Ok(value)
         }
     }