Upgrade coset to 0.3.4 am: f73fc95e16
Original change: https://android-review.googlesource.com/c/platform/external/rust/crates/coset/+/2438287
Change-Id: Ic263afbe4d9e02cad2c38073d1cd88122a7647ad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/.cargo_vcs_info.json b/.cargo_vcs_info.json
index 505822c..79d70ec 100644
--- a/.cargo_vcs_info.json
+++ b/.cargo_vcs_info.json
@@ -1,6 +1,6 @@
{
"git": {
- "sha1": "1f265f2dd6ef6fa855dedfe185bf3ad19f05d755"
+ "sha1": "8a8552a8b57f004d08d081230659b47578c86b66"
},
"path_in_vcs": ""
}
\ No newline at end of file
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 66d1a3f..14bc1f5 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -28,6 +28,7 @@
components: rustfmt
override: true
- run: cargo build --release --workspace
+ - run: cargo build --release --workspace --features=std
test:
runs-on: ubuntu-latest
@@ -48,6 +49,7 @@
components: rustfmt
override: true
- run: cargo test --workspace -- --nocapture
+ - run: cargo test --workspace --features=std -- --nocapture
examples:
runs-on: ubuntu-latest
@@ -68,6 +70,7 @@
components: rustfmt
override: true
- run: cargo test --examples
+ - run: cargo test --features=std --examples
no_std:
name: Build for a no_std target
@@ -107,6 +110,7 @@
components: rustfmt
override: true
- run: rustc --version
+ - run: cargo build --release --workspace
- run: cargo build --release --workspace --all-features
formatting:
@@ -114,7 +118,7 @@
steps:
- uses: actions/checkout@629c2de402a417ea7690ca6ce3f33229e27606a5 # v2
- uses: actions/setup-go@424fc82d43fa5a37540bae62709ddcc23d9520d4 # v2
- - run: go get github.com/campoy/embedmd
+ - run: go install github.com/campoy/embedmd@97c13d6
- uses: actions/setup-ruby@b007fae6f1ffbe3a51c00a6df6f5ff01184d5340 # v1
- run: gem install mdl
- uses: actions-rs/toolchain@63eb9591781c46a70274cb3ebdf190fce92702e8 # v1
diff --git a/Android.bp b/Android.bp
index be901c0..f45936f 100644
--- a/Android.bp
+++ b/Android.bp
@@ -23,7 +23,7 @@
host_supported: true,
crate_name: "coset",
cargo_env_compat: true,
- cargo_pkg_version: "0.3.3",
+ cargo_pkg_version: "0.3.4",
srcs: ["src/lib.rs"],
test_suites: ["general-tests"],
auto_gen_config: true,
@@ -31,6 +31,7 @@
unit_test: true,
},
edition: "2018",
+ features: ["default"],
rustlibs: [
"libciborium",
"libciborium_io",
@@ -43,9 +44,10 @@
host_supported: true,
crate_name: "coset",
cargo_env_compat: true,
- cargo_pkg_version: "0.3.3",
+ cargo_pkg_version: "0.3.4",
srcs: ["src/lib.rs"],
edition: "2018",
+ features: ["default"],
rustlibs: [
"libciborium",
"libciborium_io",
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 087c02d..df2b2cf 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,11 @@
# Change Log
+## 0.3.4 - 2023-01-25
+
+- Add non-default `std` feature that turns on `impl Error for CoseError`.
+- Add `cwt::ClaimsSetBuilder::private_claim` method.
+- Update documentation for existing encryption methods to make it clear that they only support AEAD encryption.
+
## 0.3.3 - 2022-09-30
- Add `CoseKeyBuilder` methods `kty`, `key_type` and `new_okp_key`.
diff --git a/Cargo.lock b/Cargo.lock
index 2a26bd5..328bb43 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -31,7 +31,7 @@
[[package]]
name = "coset"
-version = "0.3.3"
+version = "0.3.4"
dependencies = [
"ciborium",
"ciborium-io",
diff --git a/Cargo.toml b/Cargo.toml
index 21938e6..5f31443 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -12,7 +12,7 @@
[package]
edition = "2018"
name = "coset"
-version = "0.3.3"
+version = "0.3.4"
authors = [
"David Drysdale <drysdale@google.com>",
"Paul Crowley <paulcrowley@google.com>",
@@ -37,3 +37,7 @@
[dev-dependencies.hex]
version = "^0.4.2"
+
+[features]
+default = []
+std = []
diff --git a/Cargo.toml.orig b/Cargo.toml.orig
index 5544745..e011996 100644
--- a/Cargo.toml.orig
+++ b/Cargo.toml.orig
@@ -1,6 +1,6 @@
[package]
name = "coset"
-version = "0.3.3"
+version = "0.3.4"
authors = ["David Drysdale <drysdale@google.com>", "Paul Crowley <paulcrowley@google.com>"]
edition = "2018"
license = "Apache-2.0"
@@ -9,6 +9,11 @@
keywords = ["cryptography", "cose"]
categories = ["cryptography"]
+[features]
+default = []
+# `std` feature enables an `Error` impl for `CoseError`
+std = []
+
[dependencies]
ciborium = { version = "^0.2.0", default-features = false }
ciborium-io = { version = "^0.2.0", features = ["alloc"] }
diff --git a/METADATA b/METADATA
index 969a18f..16e9249 100644
--- a/METADATA
+++ b/METADATA
@@ -1,3 +1,7 @@
+# This project was upgraded with external_updater.
+# Usage: tools/external_updater/updater.sh update rust/crates/coset
+# For more info, check https://cs.android.com/android/platform/superproject/+/master:tools/external_updater/README.md
+
name: "coset"
description: "Set of types for supporting COSE"
third_party {
@@ -7,13 +11,13 @@
}
url {
type: ARCHIVE
- value: "https://static.crates.io/crates/coset/coset-0.3.3.crate"
+ value: "https://static.crates.io/crates/coset/coset-0.3.4.crate"
}
- version: "0.3.3"
+ version: "0.3.4"
license_type: NOTICE
last_upgrade_date {
- year: 2022
- month: 10
- day: 6
+ year: 2023
+ month: 2
+ day: 15
}
}
diff --git a/examples/cwt.rs b/examples/cwt.rs
index f9f113b..5972cf9 100644
--- a/examples/cwt.rs
+++ b/examples/cwt.rs
@@ -15,7 +15,7 @@
////////////////////////////////////////////////////////////////////////////////
//! Example program demonstrating signed CWT processing.
-use coset::{cwt, iana, CborSerializable, CoseError};
+use coset::{cbor::value::Value, cwt, iana, CborSerializable, CoseError};
#[derive(Copy, Clone)]
struct FakeSigner {}
@@ -49,6 +49,13 @@
.not_before(cwt::Timestamp::WholeSeconds(1443944944))
.issued_at(cwt::Timestamp::WholeSeconds(1443944944))
.cwt_id(vec![0x0b, 0x71])
+ // Add additional standard claim.
+ .claim(
+ iana::CwtClaimName::Scope,
+ Value::Text("email phone".to_string()),
+ )
+ // Add additional private-use claim.
+ .private_claim(-70_000, Value::Integer(42.into()))
.build();
let aad = b"";
diff --git a/scripts/check-format.sh b/scripts/check-format.sh
index 445a564..220022c 100755
--- a/scripts/check-format.sh
+++ b/scripts/check-format.sh
@@ -90,7 +90,7 @@
EMBEDMD="$(go env GOPATH)/bin/embedmd"
if [[ ! -x "$EMBEDMD" ]]; then
- go get github.com/campoy/embedmd
+ go install github.com/campoy/embedmd@97c13d6
fi
for f in "${MD_FILES[@]}"; do
"$EMBEDMD" -d "$f"
diff --git a/src/common/mod.rs b/src/common/mod.rs
index c1f2973..106a3a3 100644
--- a/src/common/mod.rs
+++ b/src/common/mod.rs
@@ -87,6 +87,9 @@
}
}
+#[cfg(feature = "std")]
+impl std::error::Error for CoseError {}
+
impl CoseError {
fn fmt_msg(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
match self {
diff --git a/src/cwt/mod.rs b/src/cwt/mod.rs
index fe5e410..d12531a 100644
--- a/src/cwt/mod.rs
+++ b/src/cwt/mod.rs
@@ -20,7 +20,7 @@
cbor::value::Value,
common::AsCborValue,
iana,
- iana::EnumI64,
+ iana::{EnumI64, WithPrivateRange},
util::{cbor_type_error, ValueTryAs},
CoseError,
};
@@ -183,4 +183,17 @@
self.0.rest.push((ClaimName::Text(name), value));
self
}
+
+ /// Set a claim where the claim key is a numeric value from the private use range.
+ ///
+ /// # Panics
+ ///
+ /// This function will panic if it is used to set a claim with a key value outside of the
+ /// private use range.
+ #[must_use]
+ pub fn private_claim(mut self, id: i64, value: Value) -> Self {
+ assert!(iana::CwtClaimName::is_private(id));
+ self.0.rest.push((ClaimName::PrivateUse(id), value));
+ self
+ }
}
diff --git a/src/cwt/tests.rs b/src/cwt/tests.rs
index 7487d1a..ff59dd6 100644
--- a/src/cwt/tests.rs
+++ b/src/cwt/tests.rs
@@ -41,16 +41,32 @@
.not_before(Timestamp::WholeSeconds(0x200))
.issued_at(Timestamp::WholeSeconds(0x10))
.cwt_id(vec![1, 2, 3, 4])
+ .private_claim(-70_000, Value::Integer(0.into()))
.build(),
concat!(
- "a7", // 7-map
- "01", "63", "616161", // 1 (iss) => 3-tstr
- "02", "62", "6262", // 2 (sub) => 2-tstr
- "03", "61", "63", // 3 (aud) => 1-tstr
- "04", "19", "0100", // 4 (exp) => uint
- "05", "19", "0200", // 5 (nbf) => uint
- "06", "10", // 6 (iat) => uint
- "07", "44", "01020304" // 7 => bstr
+ "a8", // 8-map
+ "01",
+ "63",
+ "616161", // 1 (iss) => 3-tstr
+ "02",
+ "62",
+ "6262", // 2 (sub) => 2-tstr
+ "03",
+ "61",
+ "63", // 3 (aud) => 1-tstr
+ "04",
+ "19",
+ "0100", // 4 (exp) => uint
+ "05",
+ "19",
+ "0200", // 5 (nbf) => uint
+ "06",
+ "10", // 6 (iat) => uint
+ "07",
+ "44",
+ "01020304", // 7 => bstr
+ "3a0001116f",
+ "00" // -70000 => uint
),
),
(
@@ -196,6 +212,15 @@
}
#[test]
+#[should_panic]
+fn test_cwt_claims_builder_non_private_panic() {
+ // Attempting to set a claim outside of private range via `.private_claim()` panics.
+ let _claims = ClaimsSetBuilder::new()
+ .private_claim(100, Value::Null)
+ .build();
+}
+
+#[test]
fn test_cwt_dup_claim() {
// Set a duplicate map key.
let claims = ClaimsSetBuilder::new()
diff --git a/src/encrypt/mod.rs b/src/encrypt/mod.rs
index 22f9777..db38de5 100644
--- a/src/encrypt/mod.rs
+++ b/src/encrypt/mod.rs
@@ -95,8 +95,8 @@
}
impl CoseRecipient {
- /// Decrypt the `ciphertext` value, using `cipher` to decrypt the cipher text and
- /// combined AAD.
+ /// Decrypt the `ciphertext` value with an AEAD, using `cipher` to decrypt the cipher text and
+ /// combined AAD as per RFC 8152 section 5.3.
///
/// # Panics
///
@@ -140,9 +140,9 @@
self
}
- /// Calculate the ciphertext value, using `cipher` to generate the encrypted bytes from the
- /// plaintext and combined AAD (in that order). Any protected header values should be set
- /// before using this method.
+ /// Calculate the ciphertext value with an AEAD, using `cipher` to generate the encrypted bytes
+ /// from the plaintext and combined AAD (in that order) as per RFC 8152 section 5.3. Any
+ /// protected header values should be set before using this method.
///
/// # Panics
///
@@ -162,9 +162,9 @@
self.ciphertext(cipher(plaintext, &aad))
}
- /// Calculate the ciphertext value, using `cipher` to generate the encrypted bytes from the
- /// plaintext and combined AAD (in that order). Any protected header values should be set
- /// before using this method.
+ /// Calculate the ciphertext value with an AEAD, using `cipher` to generate the encrypted bytes
+ /// from the plaintext and combined AAD (in that order) as per RFC 8152 section 5.3. Any
+ /// protected header values should be set before using this method.
///
/// # Panics
///
@@ -183,8 +183,8 @@
Ok(self.ciphertext(cipher(plaintext, &aad)?))
}
- /// Construct the combined AAD data needed for encryption. Any protected header values should be
- /// set before using this method.
+ /// Construct the combined AAD data needed for encryption with an AEAD. Any protected header
+ /// values should be set before using this method.
///
/// # Panics
///
@@ -261,7 +261,7 @@
}
impl CoseEncrypt {
- /// Decrypt the `ciphertext` value, using `cipher` to decrypt the cipher text and
+ /// Decrypt the `ciphertext` value with an AEAD, using `cipher` to decrypt the cipher text and
/// combined AAD.
///
/// # Panics
@@ -291,9 +291,9 @@
builder_set! {unprotected: Header}
builder_set_optional! {ciphertext: Vec<u8>}
- /// Calculate the ciphertext value, using `cipher` to generate the encrypted bytes from the
- /// plaintext and combined AAD (in that order). Any protected header values should be set
- /// before using this method.
+ /// Calculate the ciphertext value with an AEAD, using `cipher` to generate the encrypted bytes
+ /// from the plaintext and combined AAD (in that order) as per RFC 8152 section 5.3. Any
+ /// protected header values should be set before using this method.
#[must_use]
pub fn create_ciphertext<F>(self, plaintext: &[u8], external_aad: &[u8], cipher: F) -> Self
where
@@ -307,9 +307,9 @@
self.ciphertext(cipher(plaintext, &aad))
}
- /// Calculate the ciphertext value, using `cipher` to generate the encrypted bytes from the
- /// plaintext and combined AAD (in that order). Any protected header values should be set
- /// before using this method.
+ /// Calculate the ciphertext value with an AEAD, using `cipher` to generate the encrypted bytes
+ /// from the plaintext and combined AAD (in that order) as per RFC 8152 section 5.3. Any
+ /// protected header values should be set before using this method.
pub fn try_create_ciphertext<F, E>(
self,
plaintext: &[u8],
@@ -389,7 +389,7 @@
}
impl CoseEncrypt0 {
- /// Decrypt the `ciphertext` value, using `cipher` to decrypt the cipher text and
+ /// Decrypt the `ciphertext` value with an AEAD, using `cipher` to decrypt the cipher text and
/// combined AAD.
///
/// # Panics
@@ -419,9 +419,9 @@
builder_set! {unprotected: Header}
builder_set_optional! {ciphertext: Vec<u8>}
- /// Calculate the ciphertext value, using `cipher` to generate the encrypted bytes from the
- /// plaintext and combined AAD (in that order). Any protected header values should be set
- /// before using this method.
+ /// Calculate the ciphertext value with an AEAD, using `cipher` to generate the encrypted bytes
+ /// from the plaintext and combined AAD (in that order) as per RFC 8152 section 5.3. Any
+ /// protected header values should be set before using this method.
#[must_use]
pub fn create_ciphertext<F>(self, plaintext: &[u8], external_aad: &[u8], cipher: F) -> Self
where
@@ -435,9 +435,9 @@
self.ciphertext(cipher(plaintext, &aad))
}
- /// Calculate the ciphertext value, using `cipher` to generate the encrypted bytes from the
- /// plaintext and combined AAD (in that order). Any protected header values should be set
- /// before using this method.
+ /// Calculate the ciphertext value with an AEAD, using `cipher` to generate the encrypted bytes
+ /// from the plaintext and combined AAD (in that order) as per RFC 8152 section 5.3. Any
+ /// protected header values should be set before using this method.
pub fn try_create_ciphertext<F, E>(
self,
plaintext: &[u8],
diff --git a/src/lib.rs b/src/lib.rs
index a800c89..5ee10f3 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -96,7 +96,7 @@
//! [COSE]: https://tools.ietf.org/html/rfc8152
//! [CBOR]: https://tools.ietf.org/html/rfc7049
-#![no_std]
+#![cfg_attr(not(feature = "std"), no_std)]
#![deny(rustdoc::broken_intra_doc_links)]
extern crate alloc;
diff --git a/src/util/mod.rs b/src/util/mod.rs
index 5608a4f..5dde295 100644
--- a/src/util/mod.rs
+++ b/src/util/mod.rs
@@ -164,6 +164,7 @@
result: Result<T, E>,
err_msg: &str,
) {
+ #[cfg(not(feature = "std"))]
use alloc::format;
match result {
Ok(_) => {
