[refactor] hyperledger-iroha#3237: Fix clippy lints

- make the signature implementations not use the &self, they are all stateless anyway
- remove redundant Result returns
- add docs on errors

Signed-off-by: Nikita Strygin <dcnick3@users.noreply.github.com>

client/src/client.rs

@@ -1702,7 +1702,7 @@ mod tests {
             ),
             private_key: Some(iroha_crypto::PrivateKey::from_hex(
             iroha_crypto::Algorithm::Ed25519,
-            "9AC47ABF59B356E0BD7DCBBBB4DEC080E302156A48CA907E47CB6AEA1D32719E7233BFC89DCBD68C19FDE6CE6158225298EC1131B6A130D1AEB454C1AB5183C0".as_ref()
+            "9AC47ABF59B356E0BD7DCBBBB4DEC080E302156A48CA907E47CB6AEA1D32719E7233BFC89DCBD68C19FDE6CE6158225298EC1131B6A130D1AEB454C1AB5183C0"
             ).expect("Private key not hex encoded")),
             account_id: Some(
                 "alice@wonderland"

config/src/genesis.rs

@@ -42,7 +42,7 @@ pub mod tests {
             .expect("Public key not in multihash format");
         let private_key = PrivateKey::from_hex(
             iroha_crypto::Algorithm::Ed25519,
-            "D748E18CE60CB30DEA3E73C9019B7AF45A8D465E3D71BCC9A5EF99A008205E534CFFD0EE429B1BDD36B3910EC570852B8BB63F18750341772FB46BC856C5CAAF".as_ref()
+            "D748E18CE60CB30DEA3E73C9019B7AF45A8D465E3D71BCC9A5EF99A008205E534CFFD0EE429B1BDD36B3910EC570852B8BB63F18750341772FB46BC856C5CAAF"
         ).expect("Private key not hex encoded");
 
         KeyPair::new(public_key, private_key).expect("Key pair mismatch")

config/src/iroha.rs

@@ -183,7 +183,7 @@ mod tests {
     pub fn placeholder_keypair() -> KeyPair {
         let private_key = PrivateKey::from_hex(
             Algorithm::Ed25519,
-            "282ED9F3CF92811C3818DBC4AE594ED59DC1A2F78E4241E31924E101D6B1FB831C61FAF8FE94E253B93114240394F79A607B7FA55F9E5A41EBEC74B88055768B".as_ref()
+            "282ED9F3CF92811C3818DBC4AE594ED59DC1A2F78E4241E31924E101D6B1FB831C61FAF8FE94E253B93114240394F79A607B7FA55F9E5A41EBEC74B88055768B"
         ).expect("Private key not hex encoded");
 
         KeyPair::new(

core/test_network/src/lib.rs

@@ -61,7 +61,7 @@ pub fn get_key_pair() -> KeyPair {
         .expect("Public key not in mulithash format"),
         PrivateKey::from_hex(
             Algorithm::Ed25519,
-            "9AC47ABF59B356E0BD7DCBBBB4DEC080E302156A48CA907E47CB6AEA1D32719E7233BFC89DCBD68C19FDE6CE6158225298EC1131B6A130D1AEB454C1AB5183C0".as_ref()
+            "9AC47ABF59B356E0BD7DCBBBB4DEC080E302156A48CA907E47CB6AEA1D32719E7233BFC89DCBD68C19FDE6CE6158225298EC1131B6A130D1AEB454C1AB5183C0"
         ).expect("Private key not hex encoded")
     ).expect("Key pair mismatch")
 }

crypto/Cargo.toml

@@ -21,6 +21,7 @@ std = [
     "dep:hkdf",
     "dep:amcl",
     "dep:amcl_wrapper",
+    "dep:signature",
     "dep:ed25519-dalek",
     "dep:curve25519-dalek",
     "dep:x25519-dalek",
@@ -64,6 +65,7 @@ hkdf = { version = "0.12.3", optional = true }
 amcl = { version = "0.2.0", optional = true, default-features = false, features = ["secp256k1"] }
 amcl_wrapper = { version = "0.4.0", optional = true }
 
+signature = { version = "2.1.0", optional = true }
 ed25519-dalek = { version = "2.0.0", optional = true, features = ["rand_core"] }
 curve25519-dalek = { version = "4.1.1", optional = true }
 x25519-dalek = { version = "2.0.0", optional = true, features = ["static_secrets"] }

crypto/src/encryption/chacha20poly1305.rs

@@ -9,7 +9,7 @@ use chacha20poly1305::ChaCha20Poly1305 as SysChaCha20Poly1305;
 
 use super::Encryptor;
 
-/// ChaCha20Poly1305 is a symmetric encryption algorithm that uses the ChaCha20 stream cipher
+/// `ChaCha20Poly1305` is a symmetric encryption algorithm that uses the `ChaCha20` stream cipher
 #[derive(Debug, Copy, Clone, Eq, PartialEq)]
 pub struct ChaCha20Poly1305 {
     key: GenericArray<u8, U32>,
@@ -67,68 +67,68 @@ mod tests {
 
     #[test]
     fn encrypt_easy_works() {
-        let aes = ChaCha20Poly1305::new(&ChaCha20Poly1305::key_gen().unwrap());
+        let cipher = ChaCha20Poly1305::new(&ChaCha20Poly1305::key_gen().unwrap());
         let aad = Vec::new();
         let message = b"Hello and Goodbye!".to_vec();
-        let res = aes.encrypt_easy(&aad, &message);
+        let res = cipher.encrypt_easy(&aad, &message);
         assert!(res.is_ok());
         let ciphertext = res.unwrap();
-        let res = aes.decrypt_easy(&aad, &ciphertext);
+        let res = cipher.decrypt_easy(&aad, &ciphertext);
         assert!(res.is_ok());
         assert_eq!(message, res.unwrap());
     }
 
     #[test]
     fn encrypt_works() {
-        let aes = ChaCha20Poly1305::new(&ChaCha20Poly1305::key_gen().unwrap());
+        let cipher = ChaCha20Poly1305::new(&ChaCha20Poly1305::key_gen().unwrap());
         let nonce = ChaCha20Poly1305::nonce_gen().unwrap();
         let aad = b"encrypt test".to_vec();
         let message = b"Hello and Goodbye!".to_vec();
         let payload = Payload {
             msg: message.as_slice(),
             aad: aad.as_slice(),
         };
-        let res = aes.encrypt(&nonce, payload);
+        let res = cipher.encrypt(&nonce, payload);
         assert!(res.is_ok());
         let ciphertext = res.unwrap();
         let payload = Payload {
             msg: ciphertext.as_slice(),
             aad: aad.as_slice(),
         };
-        let res = aes.decrypt(&nonce, payload);
+        let res = cipher.decrypt(&nonce, payload);
         assert!(res.is_ok());
         assert_eq!(message, res.unwrap());
     }
 
     #[test]
     fn decrypt_should_fail() {
-        let aes = ChaCha20Poly1305::new(&ChaCha20Poly1305::key_gen().unwrap());
+        let cipher = ChaCha20Poly1305::new(&ChaCha20Poly1305::key_gen().unwrap());
         let aad = b"decrypt should fail".to_vec();
         let message = b"Hello and Goodbye!".to_vec();
-        let res = aes.encrypt_easy(&aad, &message);
+        let res = cipher.encrypt_easy(&aad, &message);
         assert!(res.is_ok());
         let mut ciphertext = res.unwrap();
 
         let aad = b"decrypt should succeed".to_vec();
-        let res = aes.decrypt_easy(&aad, &ciphertext);
+        let res = cipher.decrypt_easy(&aad, &ciphertext);
         assert!(res.is_err());
 
         let aad = b"decrypt should fail".to_vec();
         ciphertext[0] ^= ciphertext[1];
-        let res = aes.decrypt_easy(&aad, &ciphertext);
+        let res = cipher.decrypt_easy(&aad, &ciphertext);
         assert!(res.is_err());
     }
 
     #[test]
     fn buffer_works() {
-        let aes = ChaCha20Poly1305::new(&ChaCha20Poly1305::key_gen().unwrap());
+        let cipher = ChaCha20Poly1305::new(&ChaCha20Poly1305::key_gen().unwrap());
         let aad = b"buffer works".to_vec();
         let dummytext = b"Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.";
         let mut ciphertext = Vec::new();
-        let res = aes.encrypt_buffer(&aad, &mut Cursor::new(dummytext), &mut ciphertext);
+        let res = cipher.encrypt_buffer(&aad, &mut Cursor::new(dummytext), &mut ciphertext);
         assert!(res.is_ok());
         let mut plaintext = Vec::new();
-        let res = aes.decrypt_buffer(
+        let res = cipher.decrypt_buffer(
             &aad,
             &mut Cursor::new(ciphertext.as_slice()),
             &mut plaintext,

crypto/src/encryption/mod.rs

@@ -31,7 +31,10 @@ use crate::SessionKey;
 // Helpful for generating bytes using the operating system random number generator
 fn random_vec(bytes: usize) -> Result<Vec<u8>, Error> {
     let mut value = vec![0u8; bytes];
-    OsRng.fill_bytes(value.as_mut_slice());
+    OsRng
+        .try_fill_bytes(value.as_mut_slice())
+        // RustCrypto errors don't have any details, can't propagate the error
+        .map_err(|_| Error)?;
     Ok(value)
 }
 
@@ -53,11 +56,11 @@ fn read_buffer<I: Read>(buffer: &mut I) -> Result<Vec<u8>, Error> {
 /// # Usage
 ///
 /// ```
-/// extern crate ursa;
-/// use ursa::encryption::symm::prelude::*;
+/// use iroha_crypto::encryption::{SymmetricEncryptor, ChaCha20Poly1305};
 ///
-/// let encryptor = SymmetricEncryptor::<Aes128Gcm>::default();
-/// let aad = b"Using Aes128Gcm to encrypt data";
+/// let key: Vec<u8> = (0..0x20).collect();
+/// let encryptor = SymmetricEncryptor::<ChaCha20Poly1305>::new_with_key(&key);
+/// let aad = b"Using ChaCha20Poly1305 to encrypt data";
 /// let message = b"Hidden message";
 /// let res = encryptor.encrypt_easy(aad.as_ref(), message.as_ref());
 /// assert!(res.is_ok());
@@ -79,23 +82,31 @@ impl<E: Encryptor> SymmetricEncryptor<E> {
     }
 
     /// Create a new [`SymmetricEncryptor`] from a [`SessionKey`]
-    pub fn new_from_session_key(key: SessionKey) -> Self {
+    pub fn new_from_session_key(key: &SessionKey) -> Self {
         Self::new(<E as KeyInit>::new(GenericArray::from_slice(&key.0)))
     }
     /// Create a new [`SymmetricEncryptor`] from key bytes
-    pub fn new_with_key<A: AsRef<[u8]>>(key: A) -> Result<Self, Error> {
-        Ok(Self {
+    pub fn new_with_key<A: AsRef<[u8]>>(key: A) -> Self {
+        Self {
             encryptor: <E as KeyInit>::new(GenericArray::from_slice(key.as_ref())),
-        })
+        }
     }
 
     /// Encrypt `plaintext` and integrity protect `aad`. The result is the ciphertext.
     /// This method handles safely generating a `nonce` and prepends it to the ciphertext
+    ///
+    /// # Errors
+    ///
+    /// This function will return an error if nonce generation or encryption fails
     pub fn encrypt_easy<A: AsRef<[u8]>>(&self, aad: A, plaintext: A) -> Result<Vec<u8>, Error> {
         self.encryptor.encrypt_easy(aad, plaintext)
     }
 
     /// Encrypt `plaintext` and integrity protect `aad`. The result is the ciphertext.
+    ///
+    /// # Errors
+    ///
+    /// This function will return an error if encryption fails
     pub fn encrypt<A: AsRef<[u8]>>(
         &self,
         nonce: A,
@@ -115,6 +126,10 @@ impl<E: Encryptor> SymmetricEncryptor<E> {
     /// or incorrect key.
     /// `aad` must be the same value used in `encrypt_easy`. Expects the nonce to be prepended to
     /// the `ciphertext`
+    ///
+    /// # Errors
+    ///
+    /// This function will return an error if decryption fails
     pub fn decrypt_easy<A: AsRef<[u8]>>(&self, aad: A, ciphertext: A) -> Result<Vec<u8>, Error> {
         self.encryptor.decrypt_easy(aad, ciphertext)
     }
@@ -123,6 +138,10 @@ impl<E: Encryptor> SymmetricEncryptor<E> {
     /// or an error if the `ciphetext` cannot be decrypted due to tampering, an incorrect `aad` value,
     /// or incorrect key.
     /// `aad` must be the same value used in `encrypt_easy`.
+    ///
+    /// # Errors
+    ///
+    /// This function will return an error if decryption fails
     pub fn decrypt<A: AsRef<[u8]>>(
         &self,
         nonce: A,
@@ -138,6 +157,10 @@ impl<E: Encryptor> SymmetricEncryptor<E> {
     }
 
     /// Similar to `encrypt_easy` but reads from a stream instead of a slice
+    ///
+    /// # Errors
+    ///
+    /// This function will return an error if reading the buffer, nonce generation, encryption or writing the buffer fails
     pub fn encrypt_buffer<A: AsRef<[u8]>, I: Read, O: Write>(
         &self,
         aad: A,
@@ -148,6 +171,10 @@ impl<E: Encryptor> SymmetricEncryptor<E> {
     }
 
     /// Similar to `decrypt_easy` but reads from a stream instead of a slice
+    ///
+    /// # Errors
+    ///
+    /// This function will return an error if reading the buffer, decryption or writing the buffer fails
     pub fn decrypt_buffer<A: AsRef<[u8]>, I: Read, O: Write>(
         &self,
         aad: A,
@@ -174,6 +201,10 @@ pub trait Encryptor: Aead + KeyInit {
     /// A simple API to encrypt a message with authenticated associated data.
     ///
     /// This API handles nonce generation for you and prepends it in front of the ciphertext. Use [`Encryptor::decrypt_easy`] to decrypt the message encrypted this way.
+    ///
+    /// # Errors
+    ///
+    /// This function will return an error if nonce generation or encryption fails
     fn encrypt_easy<M: AsRef<[u8]>>(&self, aad: M, plaintext: M) -> Result<Vec<u8>, Error> {
         let nonce = Self::nonce_gen()?;
         let payload = Payload {
@@ -189,6 +220,10 @@ pub trait Encryptor: Aead + KeyInit {
     /// A simple API to decrypt a message with authenticated associated data.
     ///
     /// This API expects the nonce to be prepended to the ciphertext. Use [`Encryptor::encrypt_easy`] to encrypt the message this way.
+    ///
+    /// # Errors
+    ///
+    /// This function will return an error if decryption fails
     fn decrypt_easy<M: AsRef<[u8]>>(&self, aad: M, ciphertext: M) -> Result<Vec<u8>, Error> {
         let ciphertext = ciphertext.as_ref();
         if ciphertext.len() < Self::MinSize::to_usize() {
@@ -200,11 +235,15 @@ pub trait Encryptor: Aead + KeyInit {
             msg: &ciphertext[Self::NonceSize::to_usize()..],
             aad: aad.as_ref(),
         };
-        let plaintext = self.decrypt(&nonce, payload)?;
+        let plaintext = self.decrypt(nonce, payload)?;
         Ok(plaintext)
     }
 
     /// Same as [`Encryptor::encrypt_easy`] but works with [`std::io`] streams instead of slices
+    ///
+    /// # Errors
+    ///
+    /// This function will return an error if reading the buffer, nonce generation, encryption or writing the buffer fails
     fn encrypt_buffer<M: AsRef<[u8]>, I: Read, O: Write>(
         &self,
         aad: M,
@@ -218,6 +257,10 @@ pub trait Encryptor: Aead + KeyInit {
     }
 
     /// Same as [`Encryptor::decrypt_easy`] but works with [`std::io`] streams instead of slices
+    ///
+    /// # Errors
+    ///
+    /// This function will return an error if reading the buffer, decryption or writing the buffer fails
     fn decrypt_buffer<M: AsRef<[u8]>, I: Read, O: Write>(
         &self,
         aad: M,
@@ -231,11 +274,19 @@ pub trait Encryptor: Aead + KeyInit {
     }
 
     /// Generate a new key for this encryptor
+    ///
+    /// # Errors
+    ///
+    /// This function will return an error if the operating system random number generator fails
     fn key_gen() -> Result<GenericArray<u8, Self::KeySize>, Error> {
         random_bytes()
     }
 
     /// Generate a new nonce for this encryptor
+    ///
+    /// # Errors
+    ///
+    /// This function will return an error if the operating system random number generator fails
     fn nonce_gen() -> Result<GenericArray<u8, Self::NonceSize>, Error> {
         random_bytes()
     }

crypto/src/kex/mod.rs

@@ -16,10 +16,14 @@ pub trait KeyExchangeScheme {
     fn new() -> Self;
     /// Create new keypairs. If
     /// `options` is None, the keys are generated ephemerally from the `OsRng`
-    /// `options` is UseSeed, the keys are generated ephemerally from the sha256 hash of the seed which is
-    ///     then used to seed the ChaChaRng
-    /// `options` is FromPrivateKey, the corresponding public key is returned. This should be used for
+    /// `options` is `UseSeed`, the keys are generated ephemerally from the sha256 hash of the seed which is
+    ///     then used to seed the `ChaChaRng`
+    /// `options` is `FromPrivateKey`, the corresponding public key is returned. This should be used for
     ///     static Diffie-Hellman and loading a long-term key.
+    ///
+    /// # Errors
+    ///
+    /// Returns an error if the key generation fails.
     fn keypair(&self, options: Option<KeyGenOption>) -> Result<(PublicKey, PrivateKey), Error>;
     /// Compute the diffie-hellman shared secret.
     /// `local_private_key` is the key generated from calling `keypair` while
@@ -28,7 +32,7 @@ pub trait KeyExchangeScheme {
         &self,
         local_private_key: &PrivateKey,
         remote_public_key: &PublicKey,
-    ) -> Result<SessionKey, Error>;
+    ) -> SessionKey;
 
     /// Size of the shared secret in bytes.
     const SHARED_SECRET_SIZE: usize;