From f6fe5682897ccce043792d84f7cf920562f7c7c1 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Fri, 13 Dec 2024 16:30:25 +0000 Subject: [PATCH 1/3] zcash_encoding: Only require `alloc` instead of `std` --- Cargo.lock | 11 +++- components/zcash_encoding/CHANGELOG.md | 2 + components/zcash_encoding/Cargo.toml | 8 ++- components/zcash_encoding/src/lib.rs | 74 ++++++++++++++++++-------- supply-chain/config.toml | 4 ++ 5 files changed, 73 insertions(+), 26 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 48c13cf81e..e301911b3b 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -805,6 +805,15 @@ version = "0.8.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "06ea2b9bc92be3c2baa9334a323ebca2d6f074ff852cd1d7b11064035cd3868f" +[[package]] +name = "core2" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "239fa3ae9b63c2dc74bd3fa852d4792b8b305ae64eeede946265b6af62f1fff3" +dependencies = [ + "memchr", +] + [[package]] name = "cpp_demangle" version = "0.4.3" @@ -6268,7 +6277,7 @@ dependencies = [ name = "zcash_encoding" version = "0.2.1" dependencies = [ - "byteorder", + "core2", "nonempty", ] diff --git a/components/zcash_encoding/CHANGELOG.md b/components/zcash_encoding/CHANGELOG.md index f8733c1bd2..ef4e392bd9 100644 --- a/components/zcash_encoding/CHANGELOG.md +++ b/components/zcash_encoding/CHANGELOG.md @@ -6,6 +6,8 @@ and this library adheres to Rust's notion of [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [Unreleased] +### Added +- `no-std` support, via a default-enabled `std` feature flag. ## [0.2.1] - 2024-08-19 ### Added diff --git a/components/zcash_encoding/Cargo.toml b/components/zcash_encoding/Cargo.toml index 02f41a0a4b..1611214bd6 100644 --- a/components/zcash_encoding/Cargo.toml +++ b/components/zcash_encoding/Cargo.toml @@ -16,8 +16,12 @@ categories = ["cryptography::cryptocurrencies", "encoding"] keywords = ["zcash"] [dependencies] -byteorder.workspace = true -nonempty.workspace = true +core2 = { version = "0.3", default-features = false, features = ["alloc"] } +nonempty = { workspace = true, optional = true } + +[features] +default = ["std"] +std = ["core2/std", "dep:nonempty"] [lib] bench = false diff --git a/components/zcash_encoding/src/lib.rs b/components/zcash_encoding/src/lib.rs index 69f1c5c63c..fcc8d3018a 100644 --- a/components/zcash_encoding/src/lib.rs +++ b/components/zcash_encoding/src/lib.rs @@ -3,15 +3,22 @@ //! `zcash_encoding` is a library that provides common encoding and decoding operations //! for stable binary encodings used throughout the Zcash ecosystem. +#![no_std] // Catch documentation errors caused by code changes. #![deny(rustdoc::broken_intra_doc_links)] #![deny(missing_docs)] #![deny(unsafe_code)] -use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt}; +#[cfg_attr(test, macro_use)] +extern crate alloc; + +use alloc::vec::Vec; + +use core::iter::FromIterator; +use core2::io::{self, Read, Write}; + +#[cfg(feature = "std")] use nonempty::NonEmpty; -use std::io::{self, Read, Write}; -use std::iter::FromIterator; /// The maximum allowed value representable as a `[CompactSize]` pub const MAX_COMPACT_SIZE: u32 = 0x02000000; @@ -25,11 +32,16 @@ pub struct CompactSize; impl CompactSize { /// Reads an integer encoded in compact form. pub fn read(mut reader: R) -> io::Result { - let flag = reader.read_u8()?; + let mut flag_bytes = [0; 1]; + reader.read_exact(&mut flag_bytes)?; + let flag = flag_bytes[0]; + let result = if flag < 253 { Ok(flag as u64) } else if flag == 253 { - match reader.read_u16::()? { + let mut bytes = [0; 2]; + reader.read_exact(&mut bytes)?; + match u16::from_le_bytes(bytes) { n if n < 253 => Err(io::Error::new( io::ErrorKind::InvalidInput, "non-canonical CompactSize", @@ -37,7 +49,9 @@ impl CompactSize { n => Ok(n as u64), } } else if flag == 254 { - match reader.read_u32::()? { + let mut bytes = [0; 4]; + reader.read_exact(&mut bytes)?; + match u32::from_le_bytes(bytes) { n if n < 0x10000 => Err(io::Error::new( io::ErrorKind::InvalidInput, "non-canonical CompactSize", @@ -45,7 +59,9 @@ impl CompactSize { n => Ok(n as u64), } } else { - match reader.read_u64::()? { + let mut bytes = [0; 8]; + reader.read_exact(&mut bytes)?; + match u64::from_le_bytes(bytes) { n if n < 0x100000000 => Err(io::Error::new( io::ErrorKind::InvalidInput, "non-canonical CompactSize", @@ -78,18 +94,18 @@ impl CompactSize { /// Writes the provided `usize` value to the provided Writer in compact form. pub fn write(mut writer: W, size: usize) -> io::Result<()> { match size { - s if s < 253 => writer.write_u8(s as u8), + s if s < 253 => writer.write_all(&[s as u8]), s if s <= 0xFFFF => { - writer.write_u8(253)?; - writer.write_u16::(s as u16) + writer.write_all(&[253])?; + writer.write_all(&(s as u16).to_le_bytes()) } s if s <= 0xFFFFFFFF => { - writer.write_u8(254)?; - writer.write_u32::(s as u32) + writer.write_all(&[254])?; + writer.write_all(&(s as u32).to_le_bytes()) } s => { - writer.write_u8(255)?; - writer.write_u64::(s as u64) + writer.write_all(&[255])?; + writer.write_all(&(s as u64).to_le_bytes()) } } } @@ -155,6 +171,7 @@ impl Vector { /// Writes a NonEmpty container of values to the stream using the same encoding as /// `[Vector::write]` + #[cfg(feature = "std")] pub fn write_nonempty( mut writer: W, vec: &NonEmpty, @@ -256,7 +273,9 @@ impl Optional { where F: Fn(R) -> io::Result, { - match reader.read_u8()? { + let mut bytes = [0; 1]; + reader.read_exact(&mut bytes)?; + match bytes[0] { 0 => Ok(None), 1 => Ok(Some(func(reader)?)), _ => Err(io::Error::new( @@ -274,9 +293,9 @@ impl Optional { F: Fn(W, T) -> io::Result<()>, { match val { - None => writer.write_u8(0), + None => writer.write_all(&[0]), Some(e) => { - writer.write_u8(1)?; + writer.write_all(&[1])?; func(writer, e) } } @@ -286,7 +305,7 @@ impl Optional { #[cfg(test)] mod tests { use super::*; - use std::fmt::Debug; + use core::fmt::Debug; #[test] fn compact_size() { @@ -339,11 +358,14 @@ mod tests { macro_rules! eval { ($value:expr, $expected:expr) => { let mut data = vec![]; - Vector::write(&mut data, &$value, |w, e| w.write_u8(*e)).unwrap(); + Vector::write(&mut data, &$value, |w, e| w.write_all(&[*e])).unwrap(); assert_eq!(&data[..], &$expected[..]); let serialized_size = Vector::serialized_size_of_u8_vec(&$value); assert_eq!(serialized_size, $expected.len()); - match Vector::read(&data[..], |r| r.read_u8()) { + match Vector::read(&data[..], |r| { + let mut bytes = [0; 1]; + r.read_exact(&mut bytes).map(|_| bytes[0]) + }) { Ok(v) => assert_eq!(v, $value), Err(e) => panic!("Unexpected error: {:?}", e), } @@ -382,7 +404,10 @@ mod tests { macro_rules! eval_u8 { ($value:expr, $expected:expr) => { - eval!($value, $expected, |w, e| w.write_u8(e), |mut r| r.read_u8()) + eval!($value, $expected, |w, e| w.write_all(&[e]), |mut r| { + let mut bytes = [0; 1]; + r.read_exact(&mut bytes).map(|_| bytes[0]) + }) }; } @@ -391,8 +416,11 @@ mod tests { eval!( $value, $expected, - |w, v| Vector::write(w, &v, |w, e| w.write_u8(*e)), - |r| Vector::read(r, |r| r.read_u8()) + |w, v| Vector::write(w, &v, |w, e| w.write_all(&[*e])), + |r| Vector::read(r, |r| { + let mut bytes = [0; 1]; + r.read_exact(&mut bytes).map(|_| bytes[0]) + }) ) }; } diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 76b2887082..1d49ceb1a4 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -278,6 +278,10 @@ criteria = "safe-to-deploy" version = "0.6.0" criteria = "safe-to-deploy" +[[exemptions.core2]] +version = "0.3.3" +criteria = "safe-to-deploy" + [[exemptions.cpufeatures]] version = "0.2.11" criteria = "safe-to-deploy" From 4d301c33ae58b17c8c76cdf91376472b8fe619e8 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Fri, 13 Dec 2024 16:43:39 +0000 Subject: [PATCH 2/3] zcash_encoding 0.2.2 --- Cargo.lock | 2 +- components/zcash_encoding/CHANGELOG.md | 1 + components/zcash_encoding/Cargo.toml | 2 +- supply-chain/imports.lock | 4 ++++ 4 files changed, 7 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index e301911b3b..b8e051aad1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -6275,7 +6275,7 @@ dependencies = [ [[package]] name = "zcash_encoding" -version = "0.2.1" +version = "0.2.2" dependencies = [ "core2", "nonempty", diff --git a/components/zcash_encoding/CHANGELOG.md b/components/zcash_encoding/CHANGELOG.md index ef4e392bd9..c7253c84c9 100644 --- a/components/zcash_encoding/CHANGELOG.md +++ b/components/zcash_encoding/CHANGELOG.md @@ -6,6 +6,7 @@ and this library adheres to Rust's notion of [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [Unreleased] +## [0.2.2] - 2024-12-13 ### Added - `no-std` support, via a default-enabled `std` feature flag. diff --git a/components/zcash_encoding/Cargo.toml b/components/zcash_encoding/Cargo.toml index 1611214bd6..897a7da382 100644 --- a/components/zcash_encoding/Cargo.toml +++ b/components/zcash_encoding/Cargo.toml @@ -1,7 +1,7 @@ [package] name = "zcash_encoding" description = "Binary encodings used throughout the Zcash ecosystem." -version = "0.2.1" +version = "0.2.2" authors = [ "Jack Grigg ", "Kris Nuttycombe ", diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 534a31822d..e32ae0b111 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -1,6 +1,10 @@ # cargo-vet imports lock +[[unpublished.zcash_encoding]] +version = "0.2.2" +audited_as = "0.2.1" + [[publisher.bumpalo]] version = "3.16.0" when = "2024-04-08" From 79aae51974fe9faac06faf8044535a9e4f6d554c Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Fri, 13 Dec 2024 17:00:09 +0000 Subject: [PATCH 3/3] Update cargo vet after publishing zcash_encoding 0.2.2 --- supply-chain/audits.toml | 6 ++++++ supply-chain/imports.lock | 13 +++++-------- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index 2e8b35a5da..ecf6f3fe3e 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -873,6 +873,12 @@ user-id = 1244 # ebfull start = "2022-10-19" end = "2025-04-22" +[[trusted.zcash_encoding]] +criteria = "safe-to-deploy" +user-id = 6289 # Jack Grigg (str4d) +start = "2021-08-31" +end = "2025-12-13" + [[trusted.zcash_extensions]] criteria = "safe-to-deploy" user-id = 6289 # Jack Grigg (str4d) diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index e32ae0b111..9694d4bf3b 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -1,10 +1,6 @@ # cargo-vet imports lock -[[unpublished.zcash_encoding]] -version = "0.2.2" -audited_as = "0.2.1" - [[publisher.bumpalo]] version = "3.16.0" when = "2024-04-08" @@ -263,10 +259,11 @@ user-login = "nuttycom" user-name = "Kris Nuttycombe" [[publisher.zcash_encoding]] -version = "0.2.0" -when = "2022-10-19" -user-id = 1244 -user-login = "ebfull" +version = "0.2.2" +when = "2024-12-13" +user-id = 6289 +user-login = "str4d" +user-name = "Jack Grigg" [[publisher.zcash_extensions]] version = "0.1.0"