@@ -98,7 +98,7 @@ pub static AES_256: HPAlgorithm = HPAlgorithm {
9898} ;
9999
100100fn init_hp_aes_cipher ( key : & [ u8 ] ) -> Result < Cipher , Error > {
101- let mut aes_cipher = AesCipher :: default ( ) ;
101+ let mut aes_cipher = AesCipher :: new ( ) ? ;
102102 aes_cipher. set_key ( key) ?;
103103 Ok ( Cipher :: Aes ( aes_cipher) )
104104}
@@ -126,7 +126,7 @@ pub static CHACHA20: HPAlgorithm = HPAlgorithm {
126126} ;
127127
128128fn init_hp_chacha20_cipher ( key : & [ u8 ] ) -> Result < Cipher , Error > {
129- let chacha_cipher = ChaChaCipher :: new ( None ) ;
129+ let chacha_cipher = ChaChaCipher :: new ( None ) ? ;
130130 chacha_cipher. set_key ( key) ?;
131131 Ok ( Cipher :: ChaCha20 ( chacha_cipher) )
132132}
@@ -181,9 +181,9 @@ impl HeaderProtectionKey {
181181
182182 let mask = ( self . algorithm . hp_mask ) ( & self . hp_cipher , sample) ?;
183183
184- // The `unwrap()` will not panic because `new_mask` returns a
185- // non-empty result.
186- let ( first_mask , pn_mask ) = mask . split_first ( ) . unwrap ( ) ;
184+ let ( first_mask , pn_mask ) = mask
185+ . split_first ( )
186+ . ok_or_else ( || Error :: General ( "Function split_first failed" . into ( ) ) ) ? ;
187187
188188 // It is OK for the `mask` to be longer than `packet_number`,
189189 // but a valid `packet_number` will never be longer than `mask`.
@@ -323,7 +323,7 @@ pub static AES_256_GCM: AeadAlgorithm = AeadAlgorithm {
323323} ;
324324
325325fn init_aes_gcm_cipher ( key : & [ u8 ] ) -> Result < Cipher , Error > {
326- let mut aes_cipher = AesCipher :: default ( ) ;
326+ let mut aes_cipher = AesCipher :: new ( ) ? ;
327327 aes_cipher. set_key ( key) ?;
328328 Ok ( Cipher :: Aes ( aes_cipher) )
329329}
@@ -370,7 +370,7 @@ pub static CHACHA20_POLY1305: AeadAlgorithm = AeadAlgorithm {
370370fn init_chacha20_poly1305_cipher ( key : & [ u8 ] ) -> Result < Cipher , Error > {
371371 let key_array = <[ u8 ; 32 ] >:: try_from ( key)
372372 . map_err ( |_| Error :: General ( "Invalid key length for ChaCha20-Poly1305" . into ( ) ) ) ?;
373- let chacha_cipher = ChaChaCipher :: new ( Some ( key_array) ) ;
373+ let chacha_cipher = ChaChaCipher :: new ( Some ( key_array) ) ? ;
374374 Ok ( Cipher :: ChaCha20 ( chacha_cipher) )
375375}
376376
@@ -531,18 +531,12 @@ pub struct AesCipher {
531531 key : Vec < u8 > ,
532532}
533533
534- impl Default for AesCipher {
535- fn default ( ) -> Self {
536- Self :: new ( )
537- }
538- }
539-
540534impl AesCipher {
541- pub fn new ( ) -> Self {
542- Self {
543- aes_object : new_aes_object ( ) . unwrap ( ) ,
535+ pub fn new ( ) -> Result < Self , Error > {
536+ Ok ( Self {
537+ aes_object : new_aes_object ( ) ? ,
544538 key : Vec :: new ( ) ,
545- }
539+ } )
546540 }
547541
548542 /// It initializes an AES cipher with the given key.
@@ -559,7 +553,8 @@ impl AesCipher {
559553 0 ,
560554 )
561555 } ;
562- check_if_zero ( ret) . unwrap ( ) ;
556+ check_if_zero ( ret)
557+ . map_err ( |_| rustls:: Error :: General ( "Function AesSetKey failed" . into ( ) ) ) ?;
563558 self . key = key. to_vec ( ) ;
564559 Ok ( ( ) )
565560 }
@@ -574,7 +569,7 @@ impl AesCipher {
574569 sample. as_ptr ( ) ,
575570 )
576571 } ;
577- check_if_zero ( ret) . unwrap ( ) ;
572+ check_if_zero ( ret) . map_err ( |_| rustls :: Error :: EncryptError ) ? ;
578573
579574 Ok ( out_block)
580575 }
@@ -596,7 +591,8 @@ impl AesCipher {
596591 self . key . len ( ) as word32 ,
597592 )
598593 } ;
599- check_if_zero ( ret) . unwrap ( ) ;
594+ check_if_zero ( ret)
595+ . map_err ( |_| rustls:: Error :: General ( "Function AesGcmSetKey failed" . into ( ) ) ) ?;
600596
601597 // This function encrypts the input message, held in the buffer in,
602598 // and stores the resulting cipher text in the output buffer out.
@@ -618,7 +614,7 @@ impl AesCipher {
618614 aad. len ( ) as word32 ,
619615 )
620616 } ;
621- check_if_zero ( ret) . unwrap ( ) ;
617+ check_if_zero ( ret) . map_err ( |_| rustls :: Error :: EncryptError ) ? ;
622618
623619 Ok ( quic:: Tag :: from ( auth_tag. as_ref ( ) ) )
624620 }
@@ -637,7 +633,8 @@ impl AesCipher {
637633 self . key . len ( ) as word32 ,
638634 )
639635 } ;
640- check_if_zero ( ret) . unwrap ( ) ;
636+ check_if_zero ( ret)
637+ . map_err ( |_| rustls:: Error :: General ( "Function AesGcmSetKey failed" . into ( ) ) ) ?;
641638
642639 // Finally, we have everything to decrypt the message
643640 // from the payload.
@@ -646,7 +643,10 @@ impl AesCipher {
646643 self . aes_object . as_ptr ( ) ,
647644 payload[ ..message_len] . as_mut_ptr ( ) ,
648645 payload[ ..message_len] . as_ptr ( ) ,
649- payload[ ..message_len] . len ( ) . try_into ( ) . unwrap ( ) ,
646+ payload[ ..message_len]
647+ . len ( )
648+ . try_into ( )
649+ . map_err ( |_| rustls:: Error :: General ( "Function try_into() failed" . into ( ) ) ) ?,
650650 nonce. as_ptr ( ) ,
651651 nonce. len ( ) as word32 ,
652652 auth_tag. as_ptr ( ) ,
@@ -667,16 +667,16 @@ pub struct ChaChaCipher {
667667}
668668
669669impl ChaChaCipher {
670- pub fn new ( key : Option < [ u8 ; CHACHA_KEY_LEN ] > ) -> Self {
670+ pub fn new ( key : Option < [ u8 ; CHACHA_KEY_LEN ] > ) -> Result < Self , Error > {
671671 match key {
672- None => Self {
673- chacha_cipher : Some ( new_chacha_object ( ) . unwrap ( ) ) ,
672+ None => Ok ( Self {
673+ chacha_cipher : Some ( new_chacha_object ( ) ? ) ,
674674 key : None ,
675- } ,
676- Some ( key_bytes) => Self {
675+ } ) ,
676+ Some ( key_bytes) => Ok ( Self {
677677 chacha_cipher : None ,
678678 key : Some ( key_bytes) ,
679- } ,
679+ } ) ,
680680 }
681681 }
682682
@@ -685,20 +685,14 @@ impl ChaChaCipher {
685685 return Err ( Error :: General ( "Invalid key length" . into ( ) ) ) ;
686686 }
687687
688- if self . chacha_cipher . is_none ( ) {
689- return Err ( Error :: General (
690- "Cipher is none. Create a cipher object before setting key" . into ( ) ,
691- ) ) ;
692- }
688+ let chacha_cipher = self . chacha_cipher . as_ref ( ) . ok_or_else ( || {
689+ Error :: General ( "Cipher is none. Create a cipher object before setting key" . into ( ) )
690+ } ) ?;
693691 //Set key for ChaCha object
694- let ret = unsafe {
695- wc_Chacha_SetKey (
696- self . chacha_cipher . unwrap ( ) . as_ptr ( ) ,
697- key. as_ptr ( ) ,
698- key. len ( ) as word32 ,
699- )
700- } ;
701- check_if_zero ( ret) . unwrap ( ) ;
692+ let ret =
693+ unsafe { wc_Chacha_SetKey ( chacha_cipher. as_ptr ( ) , key. as_ptr ( ) , key. len ( ) as word32 ) } ;
694+ check_if_zero ( ret)
695+ . map_err ( |_| rustls:: Error :: General ( "Function wc_Chacha_SetKey failed" . into ( ) ) ) ?;
702696 Ok ( ( ) )
703697 }
704698
@@ -707,32 +701,33 @@ impl ChaChaCipher {
707701 }
708702
709703 pub fn encrypt_sample ( & self , sample : & [ u8 ] ) -> Result < Vec < u8 > , Error > {
710- if self . chacha_cipher . is_none ( ) {
711- return Err ( Error :: General (
712- "Cipher is none. Create a cipher object before encryption" . into ( ) ,
713- ) ) ;
714- }
704+ let chacha_cipher = self . chacha_cipher . as_ref ( ) . ok_or_else ( || {
705+ Error :: General ( "Cipher is none. Create a cipher object before encryption" . into ( ) )
706+ } ) ?;
715707
716708 let mut out = vec ! [ 0 ; TAG_LEN ] ;
717709
718710 let ( ctr, nonce) = sample. split_at ( 4 ) ;
719- let ctr = u32:: from_le_bytes ( ctr. try_into ( ) . unwrap ( ) ) ;
711+ let ctr = u32:: from_le_bytes (
712+ ctr. try_into ( )
713+ . map_err ( |_| rustls:: Error :: General ( "Function try_into() failed" . into ( ) ) ) ?,
714+ ) ;
720715
721716 //Set IV for ChaCha object
722- let mut ret =
723- unsafe { wc_Chacha_SetIV ( self . chacha_cipher . unwrap ( ) . as_ptr ( ) , nonce . as_ptr ( ) , ctr ) } ;
724- check_if_zero ( ret ) . unwrap ( ) ;
717+ let mut ret = unsafe { wc_Chacha_SetIV ( chacha_cipher . as_ptr ( ) , nonce . as_ptr ( ) , ctr ) } ;
718+ check_if_zero ( ret )
719+ . map_err ( |_| rustls :: Error :: General ( "Function wc_Chacha_SetIV failed" . into ( ) ) ) ? ;
725720
726721 //Encrypt sample
727722 ret = unsafe {
728723 wc_Chacha_Process (
729- self . chacha_cipher . unwrap ( ) . as_ptr ( ) ,
724+ chacha_cipher. as_ptr ( ) ,
730725 out. as_mut_ptr ( ) ,
731726 [ 0 ; TAG_LEN ] . as_ptr ( ) ,
732727 TAG_LEN as word32 ,
733728 )
734729 } ;
735- check_if_zero ( ret) . unwrap ( ) ;
730+ check_if_zero ( ret) . map_err ( |_| rustls :: Error :: EncryptError ) ? ;
736731
737732 Ok ( out)
738733 }
@@ -742,6 +737,10 @@ impl ChaChaCipher {
742737 aad : & [ u8 ] ,
743738 payload : & mut [ u8 ] ,
744739 ) -> Result < Tag , Error > {
740+ let chacha_key = self . key . as_ref ( ) . ok_or_else ( || {
741+ Error :: General ( "Key is none. Generate a key before encryption" . into ( ) )
742+ } ) ?;
743+
745744 let mut auth_tag: [ u8 ; CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE as usize ] =
746745 unsafe { mem:: zeroed ( ) } ;
747746
@@ -752,7 +751,7 @@ impl ChaChaCipher {
752751
753752 let ret = unsafe {
754753 wc_ChaCha20Poly1305_Encrypt (
755- self . key . as_ref ( ) . unwrap ( ) . as_ptr ( ) ,
754+ chacha_key . as_ptr ( ) ,
756755 nonce. as_ptr ( ) ,
757756 aad. as_ptr ( ) ,
758757 aad. len ( ) as word32 ,
@@ -762,12 +761,15 @@ impl ChaChaCipher {
762761 auth_tag. as_mut_ptr ( ) ,
763762 )
764763 } ;
765- check_if_zero ( ret) . unwrap ( ) ;
764+ check_if_zero ( ret) . map_err ( |_| rustls :: Error :: EncryptError ) ? ;
766765
767766 Ok ( quic:: Tag :: from ( auth_tag. as_ref ( ) ) )
768767 }
769768
770769 pub fn decrypt ( & self , nonce : & [ u8 ] , aad : & [ u8 ] , payload : & mut [ u8 ] ) -> Result < ( ) , Error > {
770+ let chacha_key = self . key . as_ref ( ) . ok_or_else ( || {
771+ Error :: General ( "Key is none. Generate a key before decryption" . into ( ) )
772+ } ) ?;
771773 let mut auth_tag = [ 0u8 ; TAG_LEN ] ;
772774 let message_len = payload. len ( ) - TAG_LEN ;
773775 auth_tag. copy_from_slice ( & payload[ message_len..] ) ;
@@ -780,7 +782,7 @@ impl ChaChaCipher {
780782 // authentication tag, the text is not decrypted.
781783 let ret = unsafe {
782784 wc_ChaCha20Poly1305_Decrypt (
783- self . key . as_ref ( ) . unwrap ( ) . as_ptr ( ) ,
785+ chacha_key . as_ptr ( ) ,
784786 nonce. as_ptr ( ) ,
785787 aad. as_ptr ( ) ,
786788 aad. len ( ) as word32 ,
@@ -804,7 +806,7 @@ fn new_aes_object() -> Result<AesObject, Error> {
804806
805807 // Initialize Aes structure.
806808 let ret = unsafe { wc_AesInit ( aes_object. as_ptr ( ) , ptr:: null_mut ( ) , INVALID_DEVID ) } ;
807- check_if_zero ( ret) . unwrap ( ) ;
809+ check_if_zero ( ret) . map_err ( |_| rustls :: Error :: General ( "Function AesInit failed" . into ( ) ) ) ? ;
808810 Ok ( aes_object)
809811}
810812
@@ -1589,7 +1591,7 @@ mod tests {
15891591 } ,
15901592 ] ;
15911593
1592- let mut aes_cipher = crate :: aead:: quic:: AesCipher :: default ( ) ;
1594+ let mut aes_cipher = crate :: aead:: quic:: AesCipher :: new ( ) . unwrap ( ) ;
15931595 let mut mask = [ 0u8 ; 5 ] ;
15941596
15951597 for v in & vectors {
@@ -1618,7 +1620,7 @@ mod tests {
16181620 mask : hex ! ( "6409a6196d" ) ,
16191621 } ;
16201622
1621- let chacha_cipher = crate :: aead:: quic:: ChaChaCipher :: new ( None ) ;
1623+ let chacha_cipher = crate :: aead:: quic:: ChaChaCipher :: new ( None ) . unwrap ( ) ;
16221624 let mut mask = mask_array ! ( ) ;
16231625
16241626 let _ = chacha_cipher. set_key ( & test_vector. key ) ;
0 commit comments