From 5c14bbcc3000cca5ab4d276e76d7417a4efe568f Mon Sep 17 00:00:00 2001
From: Konstantin Baltruschat <k.baltruschat@opentalk.eu>
Date: Fri, 17 Jan 2025 18:31:13 +0100
Subject: [PATCH] feat(stun-types): do not fail on encode

---
 crates/stun-types/src/attributes/addr.rs      |   9 +-
 .../stun-types/src/attributes/error_code.rs   |  14 +-
 .../stun-types/src/attributes/fingerprint.rs  |  10 +-
 crates/stun-types/src/attributes/ice.rs       |  19 +--
 crates/stun-types/src/attributes/integrity.rs | 133 +++++++-----------
 crates/stun-types/src/attributes/mod.rs       |  12 +-
 .../src/attributes/password_algs.rs           |  16 +--
 crates/stun-types/src/attributes/turn.rs      |  28 ++--
 crates/stun-types/src/attributes/user_hash.rs |   3 +-
 crates/stun-types/src/builder.rs              |  10 +-
 crates/stun/src/auth.rs                       |  36 +++--
 11 files changed, 114 insertions(+), 176 deletions(-)

diff --git a/crates/stun-types/src/attributes/addr.rs b/crates/stun-types/src/attributes/addr.rs
index c71bb45..1e61368 100644
--- a/crates/stun-types/src/attributes/addr.rs
+++ b/crates/stun-types/src/attributes/addr.rs
@@ -70,9 +70,8 @@ impl Attribute<'_> for MappedAddress {
         decode_addr(attr.get_value(msg.buffer()), 0, 0, 0).map(Self)
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         encode_addr(self.0, builder.buffer(), 0, 0, 0);
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
@@ -95,10 +94,9 @@ impl Attribute<'_> for XorMappedAddress {
         decode_addr(attr.get_value(msg.buffer()), XOR16, COOKIE, xor128).map(Self)
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         let xor128 = builder.id();
         encode_addr(self.0, builder.buffer(), XOR16, COOKIE, xor128);
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
@@ -120,9 +118,8 @@ impl Attribute<'_> for AlternateServer {
         decode_addr(attr.get_value(msg.buffer()), 0, 0, 0).map(Self)
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         encode_addr(self.0, builder.buffer(), 0, 0, 0);
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
diff --git a/crates/stun-types/src/attributes/error_code.rs b/crates/stun-types/src/attributes/error_code.rs
index 7e76474..802b6ad 100644
--- a/crates/stun-types/src/attributes/error_code.rs
+++ b/crates/stun-types/src/attributes/error_code.rs
@@ -46,7 +46,7 @@ impl<'s> Attribute<'s> for ErrorCode<'s> {
         })
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         let class = self.number / 100;
         let number = self.number % 100;
 
@@ -57,8 +57,6 @@ impl<'s> Attribute<'s> for ErrorCode<'s> {
 
         builder.buffer().put_u32(head.0);
         builder.buffer().extend_from_slice(self.reason.as_ref());
-
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
@@ -81,12 +79,10 @@ mod test {
     fn error_code() {
         let mut builder =
             MessageBuilder::new(Class::Error, Method::Binding, TransactionId::new([0; 12]));
-        builder
-            .add_attr(&ErrorCode {
-                number: 400,
-                reason: "Bad Request",
-            })
-            .unwrap();
+        builder.add_attr(ErrorCode {
+            number: 400,
+            reason: "Bad Request",
+        });
 
         let bytes = builder.finish();
 
diff --git a/crates/stun-types/src/attributes/fingerprint.rs b/crates/stun-types/src/attributes/fingerprint.rs
index 661c9cd..277681e 100644
--- a/crates/stun-types/src/attributes/fingerprint.rs
+++ b/crates/stun-types/src/attributes/fingerprint.rs
@@ -85,13 +85,17 @@ impl Attribute<'_> for Fingerprint {
         )
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         // First set the length of the message to the end of the fingerprint attribute
         // 4 bytes containing type and length is already written into the buffer
         let message_length_with_fingerprint_attribute =
             (builder.buffer().len() + 4) - STUN_HEADER_LENGTH;
 
-        builder.set_len(message_length_with_fingerprint_attribute.try_into()?);
+        builder.set_len(
+            message_length_with_fingerprint_attribute
+                .try_into()
+                .expect("stun messages must fit withing 65535 bytes"),
+        );
 
         // Calculate the checksum
         let data = builder.buffer();
@@ -99,8 +103,6 @@ impl Attribute<'_> for Fingerprint {
         let crc = Self::crc32(data) ^ 0x5354554e;
 
         builder.buffer().put_u32(crc);
-
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
diff --git a/crates/stun-types/src/attributes/ice.rs b/crates/stun-types/src/attributes/ice.rs
index 19490b1..1540a6c 100644
--- a/crates/stun-types/src/attributes/ice.rs
+++ b/crates/stun-types/src/attributes/ice.rs
@@ -23,12 +23,9 @@ impl Attribute<'_> for Priority {
         Ok(Self(value.read_u32::<NE>()?))
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         let data = builder.buffer();
-
         data.put_u32(self.0);
-
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
@@ -46,9 +43,7 @@ impl Attribute<'_> for UseCandidate {
         Ok(Self)
     }
 
-    fn encode(&self, _: Self::Context, _builder: &mut MessageBuilder) -> Result<(), Error> {
-        Ok(())
-    }
+    fn encode(&self, _: Self::Context, _builder: &mut MessageBuilder) {}
 
     fn encode_len(&self) -> Result<u16, Error> {
         Ok(0)
@@ -71,12 +66,9 @@ impl Attribute<'_> for IceControlled {
         Ok(Self(value.read_u64::<NE>()?))
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         let data = builder.buffer();
-
         data.put_u64(self.0);
-
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
@@ -100,12 +92,9 @@ impl Attribute<'_> for IceControlling {
         Ok(Self(value.read_u64::<NE>()?))
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         let data = builder.buffer();
-
         data.put_u64(self.0);
-
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
diff --git a/crates/stun-types/src/attributes/integrity.rs b/crates/stun-types/src/attributes/integrity.rs
index 360c6ff..bb49e68 100644
--- a/crates/stun-types/src/attributes/integrity.rs
+++ b/crates/stun-types/src/attributes/integrity.rs
@@ -8,59 +8,39 @@ use hmac::digest::{Digest, Update};
 use hmac::{Mac, SimpleHmac};
 use sha1::Sha1;
 use sha2::Sha256;
-use std::borrow::Cow;
 use std::convert::TryFrom;
-use std::marker::PhantomData;
 
-pub struct MessageIntegrityKey<'s>(Cow<'s, [u8]>);
-
-impl<'s> MessageIntegrityKey<'s> {
-    pub fn new_long_term_md5(username: &str, realm: &str, password: &str) -> Self {
-        let key = md5::compute(format!("{}:{}:{}", username, realm, password))
-            .0
-            .to_vec();
-
-        Self(Cow::Owned(key))
-    }
+pub fn long_term_password_md5(username: &str, realm: &str, password: &str) -> Vec<u8> {
+    md5::compute(format!("{}:{}:{}", username, realm, password).as_bytes()).to_vec()
+}
 
-    pub fn new_long_term_sha256(username: &str, realm: &str, password: &str) -> Self {
-        let key =
-            Sha256::digest(format!("{}:{}:{}", username, realm, password).as_bytes()).to_vec();
+pub fn long_term_password_sha256(username: &str, realm: &str, password: &str) -> Vec<u8> {
+    Sha256::digest(format!("{}:{}:{}", username, realm, password).as_bytes()).to_vec()
+}
 
-        Self(Cow::Owned(key))
-    }
+pub struct MessageIntegrityKey(SimpleHmac<Sha1>);
 
-    pub fn new_short_term(password: &'s str) -> Self {
-        Self(Cow::Borrowed(password.as_bytes()))
-    }
-
-    pub fn new_raw(raw: Cow<'s, [u8]>) -> Self {
-        Self(raw)
+impl MessageIntegrityKey {
+    pub fn new(key: impl AsRef<[u8]>) -> Self {
+        Self(SimpleHmac::new_from_slice(key.as_ref()).expect("any key length is valid"))
     }
 }
 
 /// [RFC8489](https://datatracker.ietf.org/doc/html/rfc8489#section-14.5)
-#[derive(Default)]
-pub struct MessageIntegrity<'k>(PhantomData<&'k ()>);
+pub struct MessageIntegrity;
 
-impl<'k> Attribute<'_> for MessageIntegrity<'k> {
-    type Context = &'k MessageIntegrityKey<'k>;
+impl Attribute<'_> for MessageIntegrity {
+    type Context = MessageIntegrityKey;
     const TYPE: u16 = 0x0008;
 
     fn decode(ctx: Self::Context, msg: &mut Message, attr: AttrSpan) -> Result<Self, Error> {
-        let hmac: SimpleHmac<Sha1> = SimpleHmac::new_from_slice(&ctx.0)
-            .map_err(|_| Error::InvalidData("invalid key length"))?;
-
-        message_integrity_decode(hmac, msg, attr)?;
+        message_integrity_decode(ctx.0, msg, attr)?;
 
-        Ok(Self(PhantomData))
+        Ok(Self)
     }
 
-    fn encode(&self, ctx: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
-        let hmac: SimpleHmac<Sha1> = SimpleHmac::new_from_slice(&ctx.0)
-            .map_err(|_| Error::InvalidData("invalid key length"))?;
-
-        message_integrity_encode(hmac, builder)
+    fn encode(&self, ctx: Self::Context, builder: &mut MessageBuilder) {
+        message_integrity_encode(ctx.0, builder)
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
@@ -68,28 +48,29 @@ impl<'k> Attribute<'_> for MessageIntegrity<'k> {
     }
 }
 
+pub struct MessageIntegritySha256Key(SimpleHmac<Sha256>);
+
+impl MessageIntegritySha256Key {
+    pub fn new(key: impl AsRef<[u8]>) -> Self {
+        Self(SimpleHmac::new_from_slice(key.as_ref()).expect("any key length is valid"))
+    }
+}
+
 /// [RFC8489](https://datatracker.ietf.org/doc/html/rfc8489#section-14.6)
-#[derive(Default)]
-pub struct MessageIntegritySha256<'k>(PhantomData<&'k ()>);
+pub struct MessageIntegritySha256;
 
-impl<'k> Attribute<'_> for MessageIntegritySha256<'k> {
-    type Context = &'k MessageIntegrityKey<'k>;
+impl Attribute<'_> for MessageIntegritySha256 {
+    type Context = MessageIntegritySha256Key;
     const TYPE: u16 = 0x001C;
 
     fn decode(ctx: Self::Context, msg: &mut Message, attr: AttrSpan) -> Result<Self, Error> {
-        let hmac: SimpleHmac<Sha256> = SimpleHmac::new_from_slice(&ctx.0)
-            .map_err(|_| Error::InvalidData("invalid key length"))?;
-
-        message_integrity_decode(hmac, msg, attr)?;
+        message_integrity_decode(ctx.0, msg, attr)?;
 
-        Ok(Self(PhantomData))
+        Ok(Self)
     }
 
-    fn encode(&self, ctx: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
-        let hmac: SimpleHmac<Sha256> = SimpleHmac::new_from_slice(&ctx.0)
-            .map_err(|_| Error::InvalidData("invalid key length"))?;
-
-        message_integrity_encode(hmac, builder)
+    fn encode(&self, ctx: Self::Context, builder: &mut MessageBuilder) {
+        message_integrity_encode(ctx.0, builder)
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
@@ -134,10 +115,7 @@ where
     )
 }
 
-fn message_integrity_encode<D>(
-    mut hmac: SimpleHmac<D>,
-    builder: &mut MessageBuilder,
-) -> Result<(), Error>
+fn message_integrity_encode<D>(mut hmac: SimpleHmac<D>, builder: &mut MessageBuilder)
 where
     D: Digest + BlockSizeUser,
 {
@@ -145,7 +123,11 @@ where
     let message_length_with_integrity_attribute =
         (builder.buffer().len() + <D as Digest>::output_size()) - STUN_HEADER_LENGTH;
 
-    builder.set_len(message_length_with_integrity_attribute.try_into()?);
+    builder.set_len(
+        message_length_with_integrity_attribute
+            .try_into()
+            .expect("stun messages must fit withing 65535 bytes"),
+    );
 
     // Calculate the digest of the message up until the previous attribute
     let data = builder.buffer();
@@ -154,13 +136,13 @@ where
     let digest = hmac.finalize().into_bytes();
 
     builder.buffer().extend_from_slice(&digest);
-
-    Ok(())
 }
 
 #[cfg(test)]
 mod test {
-    use super::{MessageIntegrity, MessageIntegrityKey, MessageIntegritySha256};
+    use super::{
+        MessageIntegrity, MessageIntegrityKey, MessageIntegritySha256, MessageIntegritySha256Key,
+    };
     use crate::attributes::Software;
     use crate::builder::MessageBuilder;
     use crate::header::{Class, Method};
@@ -174,19 +156,15 @@ mod test {
         let mut message =
             MessageBuilder::new(Class::Request, Method::Binding, TransactionId::new([0; 12]));
 
-        message.add_attr(&Software::new("ezk-stun")).unwrap();
-        message
-            .add_attr_with(
-                &MessageIntegrity::default(),
-                &MessageIntegrityKey::new_short_term(password),
-            )
-            .unwrap();
+        message.add_attr(Software::new("ezk-stun"));
+        message.add_attr_with(MessageIntegrity, MessageIntegrityKey::new(password));
+
         let bytes = message.finish();
         let bytes = Vec::from(&bytes[..]);
 
         let mut msg = Message::parse(bytes).unwrap();
 
-        msg.attribute_with::<MessageIntegrity>(&MessageIntegrityKey::new_short_term(password))
+        msg.attribute_with::<MessageIntegrity>(MessageIntegrityKey::new(password))
             .unwrap()
             .unwrap();
     }
@@ -198,22 +176,19 @@ mod test {
         let mut message =
             MessageBuilder::new(Class::Request, Method::Binding, TransactionId::new([0; 12]));
 
-        message.add_attr(&Software::new("ezk-stun")).unwrap();
-        message
-            .add_attr_with(
-                &MessageIntegritySha256::default(),
-                &MessageIntegrityKey::new_short_term(password),
-            )
-            .unwrap();
+        message.add_attr(Software::new("ezk-stun"));
+        message.add_attr_with(
+            MessageIntegritySha256,
+            MessageIntegritySha256Key::new(password),
+        );
+
         let bytes = message.finish();
         let bytes = Vec::from(&bytes[..]);
 
         let mut msg = Message::parse(bytes).unwrap();
 
-        msg.attribute_with::<MessageIntegritySha256>(&MessageIntegrityKey::new_short_term(
-            password,
-        ))
-        .unwrap()
-        .unwrap();
+        msg.attribute_with::<MessageIntegritySha256>(MessageIntegritySha256Key::new(password))
+            .unwrap()
+            .unwrap();
     }
 }
diff --git a/crates/stun-types/src/attributes/mod.rs b/crates/stun-types/src/attributes/mod.rs
index 2cda16f..9ee6654 100644
--- a/crates/stun-types/src/attributes/mod.rs
+++ b/crates/stun-types/src/attributes/mod.rs
@@ -33,7 +33,7 @@ pub trait Attribute<'s> {
     where
         Self: Sized;
 
-    fn encode(&self, ctx: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error>;
+    fn encode(&self, ctx: Self::Context, builder: &mut MessageBuilder);
 
     fn encode_len(&self) -> Result<u16, Error>;
 }
@@ -54,9 +54,8 @@ impl<'s, const TYPE: u16> Attribute<'s> for StringAttribute<'s, TYPE> {
         Ok(Self(from_utf8(attr.get_value(msg.buffer()))?))
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         builder.buffer().extend_from_slice(self.0.as_ref());
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
@@ -80,9 +79,8 @@ impl<'s, const TYPE: u16> Attribute<'s> for BytesAttribute<'s, TYPE> {
         Ok(Self(attr.get_value(msg.buffer())))
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         builder.buffer().extend_from_slice(self.0);
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
@@ -118,12 +116,10 @@ impl Attribute<'_> for UnknownAttributes {
         Ok(Self(attributes))
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         for &attr in &self.0 {
             builder.buffer().put_u16(attr);
         }
-
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
diff --git a/crates/stun-types/src/attributes/password_algs.rs b/crates/stun-types/src/attributes/password_algs.rs
index 30eabf4..69e62ea 100644
--- a/crates/stun-types/src/attributes/password_algs.rs
+++ b/crates/stun-types/src/attributes/password_algs.rs
@@ -39,17 +39,17 @@ impl<'s> Attribute<'s> for PasswordAlgorithms<'s> {
         Ok(Self { algorithms })
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         for (alg, params) in &self.algorithms {
             let padding = padding_usize(params.len());
 
             builder.buffer().put_u16(*alg);
-            builder.buffer().put_u16(u16::try_from(params.len())?);
+            builder.buffer().put_u16(
+                u16::try_from(params.len()).expect("params must be smaller than 65535 bytes"),
+            );
             builder.buffer().extend_from_slice(params);
             builder.buffer().extend((0..padding).map(|_| 0));
         }
-
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
@@ -93,15 +93,15 @@ impl<'s> Attribute<'s> for PasswordAlgorithm<'s> {
         })
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         let padding = padding_usize(self.params.len());
 
         builder.buffer().put_u16(self.algorithm);
-        builder.buffer().put_u16(u16::try_from(self.params.len())?);
+        builder.buffer().put_u16(
+            u16::try_from(self.params.len()).expect("params must be smaller than 65535 bytes"),
+        );
         builder.buffer().extend_from_slice(self.params);
         builder.buffer().extend((0..padding).map(|_| 0));
-
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
diff --git a/crates/stun-types/src/attributes/turn.rs b/crates/stun-types/src/attributes/turn.rs
index b697890..3b8b60e 100644
--- a/crates/stun-types/src/attributes/turn.rs
+++ b/crates/stun-types/src/attributes/turn.rs
@@ -18,11 +18,9 @@ impl Attribute<'_> for ChannelNumber {
         Ok(Self(attr.get_value(msg.buffer()).read_u16::<NE>()?))
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         builder.buffer().put_u16(self.0);
         builder.buffer().put_u16(0);
-
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
@@ -41,10 +39,8 @@ impl Attribute<'_> for Lifetime {
         Ok(Self(attr.get_value(msg.buffer()).read_u32::<NE>()?))
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         builder.buffer().put_u32(self.0);
-
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
@@ -63,7 +59,7 @@ impl Attribute<'_> for XorPeerAddress {
         XorMappedAddress::decode(ctx, msg, attr).map(|xma| Self(xma.0))
     }
 
-    fn encode(&self, ctx: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, ctx: Self::Context, builder: &mut MessageBuilder) {
         XorMappedAddress(self.0).encode(ctx, builder)
     }
 
@@ -86,7 +82,7 @@ impl Attribute<'_> for XorRelayedAddress {
         XorMappedAddress::decode(ctx, msg, attr).map(|xma| Self(xma.0))
     }
 
-    fn encode(&self, ctx: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, ctx: Self::Context, builder: &mut MessageBuilder) {
         XorMappedAddress(self.0).encode(ctx, builder)
     }
 
@@ -106,10 +102,8 @@ impl Attribute<'_> for EvenPort {
         Ok(Self(attr.get_value(msg.buffer()).read_u8()? == 1))
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         builder.buffer().put_u8(if self.0 { 1 } else { 0 });
-
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
@@ -133,12 +127,10 @@ impl Attribute<'_> for RequestedTransport {
         })
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         builder.buffer().put_u8(self.protocol_number);
         builder.buffer().put_u8(0);
         builder.buffer().put_u16(0);
-
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
@@ -157,9 +149,7 @@ impl Attribute<'_> for DontFragment {
         Ok(Self)
     }
 
-    fn encode(&self, _: Self::Context, _: &mut MessageBuilder) -> Result<(), Error> {
-        Ok(())
-    }
+    fn encode(&self, _: Self::Context, _: &mut MessageBuilder) {}
 
     fn encode_len(&self) -> Result<u16, Error> {
         Ok(0)
@@ -179,10 +169,8 @@ impl Attribute<'_> for ReservationToken {
         )?))
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         builder.buffer().extend_from_slice(&self.0[..]);
-
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
diff --git a/crates/stun-types/src/attributes/user_hash.rs b/crates/stun-types/src/attributes/user_hash.rs
index b1a17d8..be96bb6 100644
--- a/crates/stun-types/src/attributes/user_hash.rs
+++ b/crates/stun-types/src/attributes/user_hash.rs
@@ -32,9 +32,8 @@ impl Attribute<'_> for UserHash {
         Ok(Self(<[u8; 32]>::try_from(value).unwrap()))
     }
 
-    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) -> Result<(), Error> {
+    fn encode(&self, _: Self::Context, builder: &mut MessageBuilder) {
         builder.buffer().extend_from_slice(&self.0);
-        Ok(())
     }
 
     fn encode_len(&self) -> Result<u16, Error> {
diff --git a/crates/stun-types/src/builder.rs b/crates/stun-types/src/builder.rs
index 09532a9..b9e9d91 100644
--- a/crates/stun-types/src/builder.rs
+++ b/crates/stun-types/src/builder.rs
@@ -1,6 +1,6 @@
 use crate::attributes::Attribute;
 use crate::header::{Class, MessageHead, Method, STUN_HEADER_LENGTH};
-use crate::{padding_u16, padding_usize, Error, TransactionId, COOKIE};
+use crate::{padding_u16, padding_usize, TransactionId, COOKIE};
 use bytes::BufMut;
 
 /// Builder for a STUN message
@@ -54,7 +54,7 @@ impl MessageBuilder {
     }
 
     /// Serialize the attribute into the builder
-    pub fn add_attr<'a, A>(&mut self, attr: &A) -> Result<(), Error>
+    pub fn add_attr<'a, A>(&mut self, attr: A)
     where
         A: Attribute<'a, Context = ()>,
     {
@@ -62,7 +62,7 @@ impl MessageBuilder {
     }
 
     /// Serialize the attribute into the builder with a given context (e.g. a key to calculate the integrity)
-    pub fn add_attr_with<'a, A>(&mut self, attr: &A, ctx: A::Context) -> Result<(), Error>
+    pub fn add_attr_with<'a, A>(&mut self, attr: A, ctx: A::Context)
     where
         A: Attribute<'a>,
     {
@@ -77,12 +77,10 @@ impl MessageBuilder {
             self.buffer.put_u16(enc_len);
         }
 
-        attr.encode(ctx, self)?;
+        attr.encode(ctx, self);
 
         let padding_bytes = std::iter::repeat(0).take(padding_usize(usize::from(enc_len)));
         self.buffer.extend(padding_bytes);
-
-        Ok(())
     }
 
     pub fn id(&self) -> u128 {
diff --git a/crates/stun/src/auth.rs b/crates/stun/src/auth.rs
index 42ba36e..40ee5b0 100644
--- a/crates/stun/src/auth.rs
+++ b/crates/stun/src/auth.rs
@@ -1,6 +1,7 @@
 use stun_types::attributes::{
-    MessageIntegrity, MessageIntegrityKey, MessageIntegritySha256, Nonce, PasswordAlgorithm, Realm,
-    Username, ALGORITHM_MD5, ALGORITHM_SHA256,
+    long_term_password_md5, long_term_password_sha256, MessageIntegrity, MessageIntegrityKey,
+    MessageIntegritySha256, MessageIntegritySha256Key, Nonce, PasswordAlgorithm, Realm, Username,
+    ALGORITHM_MD5, ALGORITHM_SHA256,
 };
 use stun_types::{Message, MessageBuilder};
 
@@ -34,12 +35,13 @@ impl StunCredential {
     ) -> Result<(), Error> {
         match &*self {
             StunCredential::ShortTerm { username, password } => {
-                msg.add_attr(&Username::new(username))?;
+                msg.add_attr(Username::new(username));
 
-                let key = MessageIntegrityKey::new_short_term(password);
-
-                msg.add_attr_with(&MessageIntegritySha256::default(), &key)?;
-                msg.add_attr_with(&MessageIntegrity::default(), &key)?;
+                msg.add_attr_with(
+                    MessageIntegritySha256,
+                    MessageIntegritySha256Key::new(password),
+                );
+                msg.add_attr_with(MessageIntegrity, MessageIntegrityKey::new(password));
             }
             StunCredential::LongTerm {
                 realm,
@@ -50,26 +52,22 @@ impl StunCredential {
                     let alg = alg?;
 
                     match alg.algorithm {
-                        ALGORITHM_MD5 => {
-                            MessageIntegrityKey::new_long_term_md5(username, realm, password)
-                        }
-                        ALGORITHM_SHA256 => {
-                            MessageIntegrityKey::new_long_term_sha256(username, realm, password)
-                        }
+                        ALGORITHM_MD5 => long_term_password_md5(username, realm, password),
+                        ALGORITHM_SHA256 => long_term_password_sha256(username, realm, password),
                         _ => return Err(Error::UnknownAlgorithm),
                     }
                 } else {
-                    MessageIntegrityKey::new_long_term_md5(username, realm, password)
+                    long_term_password_md5(username, realm, password)
                 };
 
                 let nonce = response.attribute::<Nonce>().ok_or(Error::MissingNonce)??;
 
-                msg.add_attr(&Nonce::new(nonce.0))?;
-                msg.add_attr(&Realm::new(realm))?;
-                msg.add_attr(&Username::new(username))?;
+                msg.add_attr(Nonce::new(nonce.0));
+                msg.add_attr(Realm::new(realm));
+                msg.add_attr(Username::new(username));
 
-                msg.add_attr_with(&MessageIntegritySha256::default(), &key)?;
-                msg.add_attr_with(&MessageIntegrity::default(), &key)?;
+                msg.add_attr_with(MessageIntegritySha256, MessageIntegritySha256Key::new(&key));
+                msg.add_attr_with(MessageIntegrity, MessageIntegrityKey::new(&key));
             }
         }