From 47f10c70628febe0579e2be92c909213433bced8 Mon Sep 17 00:00:00 2001 From: Roland Rodriguez Date: Tue, 28 May 2024 20:29:48 -0600 Subject: [PATCH 1/3] Update dependencies in v4_public.rs Updated the import statements in v4_public.rs to include 'Signer' and 'Verifier' from ed25519_dalek, and 'V4' from core. This change allows for more robust key handling and version control within the Paseto implementation. --- src/core/paseto.rs | 2 +- src/core/paseto_impl/v2_local.rs | 2 +- src/core/paseto_impl/v4_public.rs | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/core/paseto.rs b/src/core/paseto.rs index 8945d9a..c53b541 100644 --- a/src/core/paseto.rs +++ b/src/core/paseto.rs @@ -125,8 +125,8 @@ impl<'a, Version: VersionTrait, Purpose: PurposeTrait> Paseto<'a, Version, Purpo /// # //now let's try to decrypt it /// # let json = Paseto::::try_decrypt(&token, &key, Footer::from("Supah doopah!"), None)?; /// # assert_eq!(payload, json); - /// # Ok::<(),anyhow::Error>(()) /// } + /// # Ok::<(),anyhow::Error>(()) /// ``` pub fn set_footer(&mut self, footer: Footer<'a>) -> &mut Self { self.footer = Some(footer); diff --git a/src/core/paseto_impl/v2_local.rs b/src/core/paseto_impl/v2_local.rs index c311f24..52b8167 100644 --- a/src/core/paseto_impl/v2_local.rs +++ b/src/core/paseto_impl/v2_local.rs @@ -78,7 +78,7 @@ impl<'a> Paseto<'a, V2, Local> { //create the blake2 context to generate the nonce let mut blake2 = Blake2bMac::new_from_slice(nonce.as_ref())?; - blake2.update(&*self.payload); + blake2.update(&self.payload); let mut context = [0u8; 24]; blake2.finalize_into((&mut context).into()); diff --git a/src/core/paseto_impl/v4_public.rs b/src/core/paseto_impl/v4_public.rs index 9eb42a5..a86943b 100644 --- a/src/core/paseto_impl/v4_public.rs +++ b/src/core/paseto_impl/v4_public.rs @@ -1,6 +1,6 @@ #![cfg(feature = "v4_public")] -use ed25519_dalek::{Signature, SigningKey, VerifyingKey}; -use crate::core::{Footer, Header, ImplicitAssertion, Paseto, PasetoAsymmetricPrivateKey, PasetoAsymmetricPublicKey, PasetoError, Public}; +use ed25519_dalek::{Signature, Signer, SigningKey, Verifier, VerifyingKey}; +use crate::core::{Footer, Header, ImplicitAssertion, Paseto, PasetoAsymmetricPrivateKey, PasetoAsymmetricPublicKey, PasetoError, Public, V4}; use crate::core::common::{PreAuthenticationEncoding, RawPayload}; impl<'a> Paseto<'a, V4, Public> { From c46c8d2b21447b5521fa5e5ee403870271265a33 Mon Sep 17 00:00:00 2001 From: Roland Rodriguez Date: Tue, 28 May 2024 21:50:47 -0600 Subject: [PATCH 2/3] Refactor error handling in v4 test vectors Removed the Error import from anyhow and replaced it with a fully qualified path when used. This change simplifies the import statement and makes the code more readable by explicitly stating where Error is coming from. --- tests/version4_test_vectors.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/version4_test_vectors.rs b/tests/version4_test_vectors.rs index 4fefd41..ae24d06 100644 --- a/tests/version4_test_vectors.rs +++ b/tests/version4_test_vectors.rs @@ -1,6 +1,6 @@ #[cfg(all(test, feature = "v4"))] mod v4_test_vectors { - use anyhow::{Error, Result}; + use anyhow::{Result}; use serde_json::json; use rusty_paseto::core::*; @@ -360,7 +360,7 @@ mod v4_test_vectors { } Err(thiserror) => { eprintln!("here's the error: {}", thiserror); - Err(Error::from(thiserror)) + Err(anyhow::Error::from(thiserror)) } } } From 7e235c4a360e51b98a15a4bbf2bac20c6c03c06b Mon Sep 17 00:00:00 2001 From: Roland Rodriguez Date: Tue, 28 May 2024 21:51:01 -0600 Subject: [PATCH 3/3] Refactor test and clippy workflows for feature matrix The GitHub Actions workflows for testing and linting have been refactored to use a matrix strategy. This allows us to run tests and lints against multiple feature flags in parallel, improving the efficiency of our CI/CD pipeline. The changes include removing individual steps for each feature flag and replacing them with a single step that uses the matrix feature. --- .github/workflows/rust.yml | 57 ++++++++++++++++++-------------------- 1 file changed, 27 insertions(+), 30 deletions(-) diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index f36f92d..15962d9 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -20,6 +20,17 @@ jobs: test: name: Test Suite runs-on: ubuntu-latest + strategy: + matrix: + feature: + - v1_local + - v1_public + - v2_local + - v2_public + - v3_local + - v3_public + - v4_local + - v4_public steps: - uses: actions/checkout@v2 - uses: actions-rs/toolchain@v1 @@ -30,38 +41,22 @@ jobs: - uses: actions-rs/cargo@v1 with: command: test - args: --features v1_local - - uses: actions-rs/cargo@v1 - with: - command: test - args: --features v1_public - - uses: actions-rs/cargo@v1 - with: - command: test - args: --features v2_local - - uses: actions-rs/cargo@v1 - with: - command: test - args: --features v2_public - - uses: actions-rs/cargo@v1 - with: - command: test - args: --features v3_local - - uses: actions-rs/cargo@v1 - with: - command: test - args: --features v3_public - - uses: actions-rs/cargo@v1 - with: - command: test - args: --features v4_local - - uses: actions-rs/cargo@v1 - with: - command: test - args: --features v4_public + args: --no-default-features --features ${{ matrix.feature }} + clippy: name: Clippy runs-on: ubuntu-latest + strategy: + matrix: + feature: + - v1_local + - v1_public + - v2_local + - v2_public + - v3_local + - v3_public + - v4_local + - v4_public steps: - uses: actions/checkout@v3 - uses: actions-rs/toolchain@v1 @@ -73,7 +68,8 @@ jobs: - uses: actions-rs/cargo@v1 with: command: clippy - args: -- -D warnings + args: --no-default-features --features ${{ matrix.feature }} -- -D warnings + audit: name: Security Audit runs-on: ubuntu-latest @@ -88,3 +84,4 @@ jobs: - uses: actions-rs/audit-check@v1.2.0 with: token: ${{ secrets.GITHUB_TOKEN }} + - run: cargo audit