feat: relax lifetime on protocol domains

codahale · Oct 24, 2023 · 08b088e · 08b088e
1 parent 1c6544d
commit 08b088e
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 48 deletions.
diff --git a/src/lib.rs b/src/lib.rs
@@ -45,7 +45,7 @@ pub struct Protocol {
 impl Protocol {
     /// Create a new protocol with the given domain.
     #[inline]
-    pub fn new(domain: &'static str) -> Protocol {
+    pub fn new(domain: &str) -> Protocol {
         // Create a protocol with a fresh SHA-256 instance.
         let mut protocol = Protocol { state: Sha256::new() };
 

diff --git a/tests/constructions_test.rs b/tests/constructions_test.rs
@@ -2,20 +2,20 @@ use lockstitch::{Protocol, TAG_LEN};
 use proptest::collection::vec;
 use proptest::prelude::*;
 
-fn md(domain: &'static str, m: &[u8]) -> [u8; 32] {
+fn md(domain: &str, m: &[u8]) -> [u8; 32] {
     let mut md = Protocol::new(domain);
     md.mix(m);
     md.derive_array()
 }
 
-fn mac(domain: &'static str, k: &[u8], m: &[u8]) -> [u8; TAG_LEN] {
+fn mac(domain: &str, k: &[u8], m: &[u8]) -> [u8; TAG_LEN] {
     let mut mac = Protocol::new(domain);
     mac.mix(k);
     mac.mix(m);
     mac.derive_array::<TAG_LEN>()
 }
 
-fn enc(domain: &'static str, k: &[u8], n: &[u8], p: &[u8]) -> Vec<u8> {
+fn enc(domain: &str, k: &[u8], n: &[u8], p: &[u8]) -> Vec<u8> {
     let mut stream = Protocol::new(domain);
     stream.mix(k);
     stream.mix(n);
@@ -25,7 +25,7 @@ fn enc(domain: &'static str, k: &[u8], n: &[u8], p: &[u8]) -> Vec<u8> {
     c
 }
 
-fn dec(domain: &'static str, k: &[u8], n: &[u8], c: &[u8]) -> Vec<u8> {
+fn dec(domain: &str, k: &[u8], n: &[u8], c: &[u8]) -> Vec<u8> {
     let mut stream = Protocol::new(domain);
     stream.mix(k);
     stream.mix(n);
@@ -35,7 +35,7 @@ fn dec(domain: &'static str, k: &[u8], n: &[u8], c: &[u8]) -> Vec<u8> {
     p
 }
 
-fn ae_enc(domain: &'static str, k: &[u8], n: &[u8], d: &[u8], p: &[u8]) -> Vec<u8> {
+fn ae_enc(domain: &str, k: &[u8], n: &[u8], d: &[u8], p: &[u8]) -> Vec<u8> {
     let mut aead = Protocol::new(domain);
     aead.mix(k);
     aead.mix(n);
@@ -48,7 +48,7 @@ fn ae_enc(domain: &'static str, k: &[u8], n: &[u8], d: &[u8], p: &[u8]) -> Vec<u
     out
 }
 
-fn ae_dec(domain: &'static str, k: &[u8], n: &[u8], d: &[u8], c: &[u8]) -> Option<Vec<u8>> {
+fn ae_dec(domain: &str, k: &[u8], n: &[u8], d: &[u8], c: &[u8]) -> Option<Vec<u8>> {
     let mut aead = Protocol::new(domain);
     aead.mix(k);
     aead.mix(n);
@@ -58,7 +58,7 @@ fn ae_dec(domain: &'static str, k: &[u8], n: &[u8], d: &[u8], c: &[u8]) -> Optio
     aead.open(&mut p).map(|p| p.to_vec())
 }
 
-fn tuple_hash(domain: &'static str, data: &[Vec<u8>]) -> [u8; 32] {
+fn tuple_hash(domain: &str, data: &[Vec<u8>]) -> [u8; 32] {
     let mut tuple_hash = Protocol::new(domain);
     for d in data {
         tuple_hash.mix(d);
@@ -74,12 +74,8 @@ proptest! {
     ) {
         prop_assume!(!(d1 == d2 && m1 == m2), "inputs must be different");
 
-        // Leak the domains so we can pretend we've statically allocated it in this test.
-        let d1: &'static str = Box::leak(Box::new(d1).into_boxed_str());
-        let d2: &'static str = Box::leak(Box::new(d2).into_boxed_str());
-
-        let md1 = md(d1, &m1);
-        let md2 = md(d2, &m2);
+        let md1 = md(&d1, &m1);
+        let md2 = md(&d2, &m2);
 
         prop_assert_ne!(md1, md2, "different inputs produced the same outputs");
     }
@@ -91,12 +87,8 @@ proptest! {
     ) {
         prop_assume!(!(d1 == d2 && k1 == k2 && m1 == m2), "inputs must be different");
 
-        // Leak the domains so we can pretend we've statically allocated it in this test.
-        let d1: &'static str = Box::leak(Box::new(d1).into_boxed_str());
-        let d2: &'static str = Box::leak(Box::new(d2).into_boxed_str());
-
-        let mac1 = mac(d1, &k1, &m1);
-        let mac2 = mac(d2, &k2, &m2);
+        let mac1 = mac(&d1, &k1, &m1);
+        let mac2 = mac(&d2, &k2, &m2);
 
         prop_assert_ne!(mac1, mac2, "different inputs produced the same outputs");
     }
@@ -109,12 +101,8 @@ proptest! {
     ) {
         prop_assume!(!(d1 == d2 && k1 == k2 && n1 == n2), "inputs must be different");
 
-        // Leak the domains so we can pretend we've statically allocated it in this test.
-        let d1: &'static str = Box::leak(Box::new(d1).into_boxed_str());
-        let d2: &'static str = Box::leak(Box::new(d2).into_boxed_str());
-
-        let c = enc(d1, &k1, &n1, &m);
-        let p = dec(d2, &k2, &n2, &c);
+        let c = enc(&d1, &k1, &n1, &m);
+        let p = dec(&d2, &k2, &n2, &c);
 
         prop_assert_ne!(p, m, "different inputs produced the same outputs");
     }
@@ -127,12 +115,8 @@ proptest! {
     ) {
         prop_assume!(!(d1 == d2 && k1 == k2 && n1 == n2 && ad1 == ad2), "inputs must be different");
 
-        // Leak the domains so we can pretend we've statically allocated it in this test.
-        let d1: &'static str = Box::leak(Box::new(d1).into_boxed_str());
-        let d2: &'static str = Box::leak(Box::new(d2).into_boxed_str());
-
-        let c = ae_enc(d1, &k1, &n1, &ad1, &m);
-        let p = ae_dec(d2, &k2, &n2, &ad2, &c);
+        let c = ae_enc(&d1, &k1, &n1, &ad1, &m);
+        let p = ae_dec(&d2, &k2, &n2, &ad2, &c);
 
         prop_assert_eq!(p, None, "different inputs produced the same outputs");
     }
@@ -145,10 +129,7 @@ proptest! {
         ad in vec(any::<u8>(), 0..200),
         c in vec(any::<u8>(), TAG_LEN..200),
     ) {
-        // Leak the domain so we can pretend we've statically allocated it in this test.
-        let d: &'static str = Box::leak(Box::new(d).into_boxed_str());
-
-        let p = ae_dec(d, &k, &n, &ad, &c);
+        let p = ae_dec(&d, &k, &n, &ad, &c);
 
         prop_assert_eq!(p, None, "decrypted bad ciphertext");
     }
@@ -160,12 +141,8 @@ proptest! {
     ) {
         prop_assume!(!(d1 == d2 && dd1 == dd2), "inputs must be different");
 
-        // Leak the domains so we can pretend we've statically allocated it in this test.
-        let d1: &'static str = Box::leak(Box::new(d1).into_boxed_str());
-        let d2: &'static str = Box::leak(Box::new(d2).into_boxed_str());
-
-        let h1 = tuple_hash(d1, &dd1);
-        let h2 = tuple_hash(d2, &dd2);
+        let h1 = tuple_hash(&d1, &dd1);
+        let h2 = tuple_hash(&d2, &dd2);
 
         prop_assert_ne!(h1, h2, "different inputs produced the same outputs");
     }

diff --git a/tests/transcripts_test.rs b/tests/transcripts_test.rs
@@ -29,9 +29,7 @@ struct Transcript {
 }
 
 fn apply_transcript(t: &Transcript) -> Vec<Output> {
-    // Leak the domain so we can pretend we've statically allocated it in this test.
-    let domain: &'static str = Box::leak(Box::new(t.domain.clone()).into_boxed_str());
-    let mut protocol = Protocol::new(domain);
+    let mut protocol = Protocol::new(&t.domain);
     t.inputs
         .iter()
         .cloned()
@@ -72,9 +70,7 @@ fn apply_transcript(t: &Transcript) -> Vec<Output> {
 }
 
 fn invert_transcript(t: &Transcript) -> (Transcript, Vec<Vec<u8>>) {
-    // Leak the domain so we can pretend we've statically allocated it in this test.
-    let domain: &'static str = Box::leak(Box::new(t.domain.clone()).into_boxed_str());
-    let mut protocol = Protocol::new(domain);
+    let mut protocol = Protocol::new(&t.domain);
     let mut derived = Vec::new();
     let inputs = t
         .inputs