Lint improvements (#72)

Expands the number of lints applied to the code, particularly clippy
lints, and fixes any current violations.

Author: tarcieri

src/aead/chacha20.rs

@@ -19,14 +19,16 @@ pub struct Chacha20Poly1305;
 impl Tls13AeadAlgorithm for Chacha20Poly1305 {
     fn encrypter(&self, key: AeadKey, iv: Iv) -> Box<dyn MessageEncrypter> {
         Box::new(Tls13Cipher(
-            chacha20poly1305::ChaCha20Poly1305::new_from_slice(key.as_ref()).unwrap(),
+            chacha20poly1305::ChaCha20Poly1305::new_from_slice(key.as_ref())
+                .expect("key should be valid"),
             iv,
         ))
     }
 
     fn decrypter(&self, key: AeadKey, iv: Iv) -> Box<dyn MessageDecrypter> {
         Box::new(Tls13Cipher(
-            chacha20poly1305::ChaCha20Poly1305::new_from_slice(key.as_ref()).unwrap(),
+            chacha20poly1305::ChaCha20Poly1305::new_from_slice(key.as_ref())
+                .expect("key should be valid"),
             iv,
         ))
     }
@@ -48,14 +50,16 @@ impl Tls13AeadAlgorithm for Chacha20Poly1305 {
 impl Tls12AeadAlgorithm for Chacha20Poly1305 {
     fn encrypter(&self, key: AeadKey, iv: &[u8], _: &[u8]) -> Box<dyn MessageEncrypter> {
         Box::new(Tls12Cipher(
-            chacha20poly1305::ChaCha20Poly1305::new_from_slice(key.as_ref()).unwrap(),
+            chacha20poly1305::ChaCha20Poly1305::new_from_slice(key.as_ref())
+                .expect("key should be valid"),
             Iv::copy(iv),
         ))
     }
 
     fn decrypter(&self, key: AeadKey, iv: &[u8]) -> Box<dyn MessageDecrypter> {
         Box::new(Tls12Cipher(
-            chacha20poly1305::ChaCha20Poly1305::new_from_slice(key.as_ref()).unwrap(),
+            chacha20poly1305::ChaCha20Poly1305::new_from_slice(key.as_ref())
+                .expect("key should be valid"),
             Iv::copy(iv),
         ))
     }
@@ -79,7 +83,7 @@ impl Tls12AeadAlgorithm for Chacha20Poly1305 {
         debug_assert_eq!(NONCE_LEN, iv.len());
         Ok(ConnectionTrafficSecrets::Chacha20Poly1305 {
             key,
-            iv: Iv::new(iv[..].try_into().unwrap()),
+            iv: Iv::new(iv[..].try_into().expect("conversion should succeed")),
         })
     }
 }
@@ -89,7 +93,7 @@ struct Tls13Cipher(chacha20poly1305::ChaCha20Poly1305, Iv);
 impl MessageEncrypter for Tls13Cipher {
     fn encrypt(
         &mut self,
-        m: OutboundPlainMessage,
+        m: OutboundPlainMessage<'_>,
         seq: u64,
     ) -> Result<OutboundOpaqueMessage, rustls::Error> {
         let total_len = self.encrypted_payload_len(m.payload.len());
@@ -143,7 +147,7 @@ struct Tls12Cipher(chacha20poly1305::ChaCha20Poly1305, Iv);
 impl MessageEncrypter for Tls12Cipher {
     fn encrypt(
         &mut self,
-        m: OutboundPlainMessage,
+        m: OutboundPlainMessage<'_>,
         seq: u64,
     ) -> Result<OutboundOpaqueMessage, rustls::Error> {
         let total_len = self.encrypted_payload_len(m.payload.len());

src/aead/gcm.rs

@@ -60,7 +60,7 @@ macro_rules! impl_gcm_tls13 {
             struct [<Tls13Cipher $name>]($aead, cipher::Iv);
 
             impl MessageEncrypter for [<Tls13Cipher $name>] {
-                fn encrypt(&mut self, m: OutboundPlainMessage, seq: u64) -> Result<OutboundOpaqueMessage, rustls::Error> {
+                fn encrypt(&mut self, m: OutboundPlainMessage<'_>, seq: u64) -> Result<OutboundOpaqueMessage, rustls::Error> {
                     let total_len = self.encrypted_payload_len(m.payload.len());
                     let mut payload = PrefixedPayload::with_capacity(total_len);
 
@@ -156,7 +156,7 @@ macro_rules! impl_gcm_tls12 {
 
             #[cfg(feature = "tls12")]
             impl MessageEncrypter for [<Tls12Cipher $name Encrypter>] {
-                fn encrypt(&mut self, m: OutboundPlainMessage, seq: u64) -> Result<OutboundOpaqueMessage, rustls::Error> {
+                fn encrypt(&mut self, m: OutboundPlainMessage<'_>, seq: u64) -> Result<OutboundOpaqueMessage, rustls::Error> {
                     let total_len = self.encrypted_payload_len(m.payload.len());
                     let mut payload = PrefixedPayload::with_capacity(total_len);
 

src/lib.rs

@@ -6,11 +6,25 @@
     html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/meta/master/logo.svg"
 )]
 #![warn(
-    clippy::all,
-    // TODO: clippy::pedantic,
     clippy::alloc_instead_of_core,
+    clippy::cast_lossless,
+    clippy::cast_possible_truncation,
+    clippy::cast_possible_wrap,
+    clippy::cast_precision_loss,
+    clippy::cast_sign_loss,
+    clippy::checked_conversions,
+    clippy::from_iter_instead_of_collect,
+    clippy::missing_errors_doc,
+    clippy::mod_module_files,
+    clippy::implicit_saturating_sub,
+    clippy::panic,
+    clippy::panic_in_result_fn,
     clippy::std_instead_of_alloc,
-    clippy::std_instead_of_core
+    clippy::std_instead_of_core,
+    clippy::unwrap_used,
+    rust_2018_idioms,
+    trivial_numeric_casts,
+    unused_lifetimes
 )]
 
 //! # Usage

src/quic.rs

@@ -59,7 +59,8 @@ impl PacketKey {
         Self {
             iv,
             suite,
-            crypto: chacha20poly1305::ChaCha20Poly1305::new_from_slice(key.as_ref()).unwrap(),
+            crypto: chacha20poly1305::ChaCha20Poly1305::new_from_slice(key.as_ref())
+                .expect("key should be valid"),
         }
     }
 }

src/sign.rs

@@ -67,26 +67,37 @@ where
     }
 }
 
+/// Extract any supported key from the given DER input.
+///
+/// # Errors
+///
+/// Returns an error if the key couldn't be decoded.
 pub fn any_supported_type(der: &PrivateKeyDer<'_>) -> Result<Arc<dyn SigningKey>, rustls::Error> {
-    let rsa = |_| RsaSigningKey::try_from(der).map(|x| Arc::new(x) as _);
-
-    rsa(())
+    RsaSigningKey::try_from(der)
+        .map(|x| Arc::new(x) as _)
         .or_else(|_| any_ecdsa_type(der))
         .or_else(|_| any_eddsa_type(der))
 }
 
+/// Extract any supported ECDSA key from the given DER input.
+///
+/// # Errors
+///
+/// Returns an error if the key couldn't be decoded.
 pub fn any_ecdsa_type(der: &PrivateKeyDer<'_>) -> Result<Arc<dyn SigningKey>, rustls::Error> {
     let p256 = |_| EcdsaSigningKeyP256::try_from(der).map(|x| Arc::new(x) as _);
     let p384 = |_| EcdsaSigningKeyP384::try_from(der).map(|x| Arc::new(x) as _);
     p256(()).or_else(p384)
 }
 
+/// Extract any supported EDDSA key from the given DER input.
+///
+/// # Errors
+///
+/// Returns an error if the key couldn't be decoded.
 pub fn any_eddsa_type(der: &PrivateKeyDer<'_>) -> Result<Arc<dyn SigningKey>, rustls::Error> {
-    let ed25519 = |_| Ed25519SigningKey::try_from(der).map(|x| Arc::new(x) as _);
-
     // TODO: Add support for Ed448
-
-    ed25519(())
+    Ed25519SigningKey::try_from(der).map(|x| Arc::new(x) as _)
 }
 
 pub mod ecdsa;

tests/builder.rs

@@ -40,7 +40,7 @@ fn integrate_client_builder_with_details_fake() {
     let rustls_client_config = dangerous_verifier.with_no_client_auth();
 
     // RustCrypto is not fips
-    assert_eq!(rustls_client_config.fips(), false);
+    assert!(!rustls_client_config.fips());
 }
 
 use rustls::DistinguishedName;
@@ -79,5 +79,5 @@ fn integrate_server_builder_with_details_fake() {
         dangerous_verifier.with_cert_resolver(Arc::new(server_cert_resolver));
 
     // RustCrypto is not fips
-    assert_eq!(rustls_client_config.fips(), false);
+    assert!(!rustls_client_config.fips());
 }