const-oid: generic backing buffer (#757)

The current buffering approach, with a fixed-sized `ArrayVec`-like
backing buffer, is helpful for being able to use `const fn` to be able
to parse OID strings at compile time and re-encode them in BER form.
This functionality is preserved as a new `Buffer` type, which still
supports all current `const fn` functionality.

`ObjectIdentifier` has been changed to be generic around
`B: AsRef<[u8]>` which allows a `const fn` constructor that accepts a
BER-encoded slice.

This is useful for when there are large numbers of OID constants, as in
the `const_oid::db` module. However, while this module has been updated
so the code compiles, it has not yet been changed to take advantage of
this new approach.

Author: tarcieri

const-oid/src/arcs.rs

@@ -1,8 +1,11 @@
 //! Arcs are integer values which exist within an OID's hierarchy.
 
-use crate::{Error, ObjectIdentifier, Result};
+use crate::{Error, Result};
 use core::mem;
 
+#[cfg(doc)]
+use crate::ObjectIdentifier;
+
 /// Type alias used to represent an "arc" (i.e. integer identifier value).
 ///
 /// X.660 does not define a maximum size of an arc.
@@ -31,17 +34,20 @@ const ARC_MAX_LAST_OCTET: u8 = 0b11110000; // Max bytes of leading 1-bits
 ///
 /// This iterates over all arcs in an OID, including the root.
 pub struct Arcs<'a> {
-    /// OID we're iterating over
-    oid: &'a ObjectIdentifier,
+    /// OID bytes we're iterating over.
+    bytes: &'a [u8],
 
-    /// Current position within the serialized DER bytes of this OID
+    /// Current position within the serialized BER bytes of this OID.
     cursor: Option<usize>,
 }
 
 impl<'a> Arcs<'a> {
-    /// Create a new iterator over the arcs of this OID
-    pub(crate) fn new(oid: &'a ObjectIdentifier) -> Self {
-        Self { oid, cursor: None }
+    /// Create a new iterator over an OID encoded as BER bytes.
+    pub(crate) fn new(bytes: &'a [u8]) -> Self {
+        Self {
+            bytes,
+            cursor: None,
+        }
     }
 
     /// Try to parse the next arc in this OID.
@@ -50,14 +56,14 @@ impl<'a> Arcs<'a> {
     /// that the arcs in the OID are well-formed.
     pub(crate) fn try_next(&mut self) -> Result<Option<Arc>> {
         match self.cursor {
-            // Indicates we're on the root OID
+            // Indicates we're on the root arc
             None => {
-                let root = RootArcs::try_from(self.oid.as_bytes()[0])?;
+                let root = RootArcs::try_from(self.bytes[0])?;
                 self.cursor = Some(0);
                 Ok(Some(root.first_arc()))
             }
             Some(0) => {
-                let root = RootArcs::try_from(self.oid.as_bytes()[0])?;
+                let root = RootArcs::try_from(self.bytes[0])?;
                 self.cursor = Some(1);
                 Ok(Some(root.second_arc()))
             }
@@ -68,7 +74,7 @@ impl<'a> Arcs<'a> {
                 loop {
                     let len = checked_add!(offset, arc_bytes);
 
-                    match self.oid.as_bytes().get(len).cloned() {
+                    match self.bytes.get(len).cloned() {
                         // The arithmetic below includes advance checks
                         // against `ARC_MAX_BYTES` and `ARC_MAX_LAST_OCTET`
                         // which ensure the operations will not overflow.

const-oid/src/buffer.rs

@@ -0,0 +1,52 @@
+//! Array-backed buffer for BER bytes.
+
+/// Array-backed buffer for storing BER computed at compile-time.
+#[derive(Copy, Clone, Eq, Hash, PartialEq, PartialOrd, Ord)]
+pub struct Buffer<const SIZE: usize> {
+    /// Length in bytes
+    pub(crate) length: u8,
+
+    /// Array containing BER/DER-serialized bytes (no header)
+    pub(crate) bytes: [u8; SIZE],
+}
+
+impl<const SIZE: usize> Buffer<SIZE> {
+    /// Borrow the inner byte slice.
+    pub fn as_bytes(&self) -> &[u8] {
+        &self.bytes[..self.length as usize]
+    }
+
+    /// Get the length of the BER message.
+    pub const fn len(&self) -> usize {
+        self.length as usize
+    }
+
+    /// Const comparison of two buffers.
+    pub const fn eq(&self, rhs: &Self) -> bool {
+        if self.length != rhs.length {
+            return false;
+        }
+
+        let mut i = 0usize;
+
+        while i < self.len() {
+            if self.bytes[i] != rhs.bytes[i] {
+                return false;
+            }
+
+            // Won't overflow due to `i < self.len()` check above
+            #[allow(clippy::integer_arithmetic)]
+            {
+                i += 1;
+            }
+        }
+
+        true
+    }
+}
+
+impl<const SIZE: usize> AsRef<[u8]> for Buffer<SIZE> {
+    fn as_ref(&self) -> &[u8] {
+        self.as_bytes()
+    }
+}

const-oid/src/db.rs

@@ -17,24 +17,6 @@ pub use gen::*;
 
 use crate::{Error, ObjectIdentifier};
 
-/// A const implementation of byte equals.
-const fn eq(lhs: &[u8], rhs: &[u8]) -> bool {
-    if lhs.len() != rhs.len() {
-        return false;
-    }
-
-    let mut i = 0usize;
-    while i < lhs.len() {
-        if lhs[i] != rhs[i] {
-            return false;
-        }
-
-        i += 1;
-    }
-
-    true
-}
-
 /// A const implementation of case-insensitive ASCII equals.
 const fn eq_case(lhs: &[u8], rhs: &[u8]) -> bool {
     if lhs.len() != rhs.len() {
@@ -74,7 +56,8 @@ impl<'a> Database<'a> {
 
         while i < self.0.len() {
             let lhs = self.0[i].0;
-            if lhs.length == oid.length && eq(&lhs.bytes, &oid.bytes) {
+
+            if lhs.buffer.eq(&oid.buffer) {
                 return Some(self.0[i].1);
             }
 

const-oid/src/encoder.rs

@@ -2,7 +2,7 @@
 
 use crate::{
     arcs::{ARC_MAX_FIRST, ARC_MAX_SECOND},
-    Arc, Error, ObjectIdentifier, Result,
+    Arc, Buffer, Error, ObjectIdentifier, Result,
 };
 
 /// BER/DER encoder
@@ -45,8 +45,8 @@ impl Encoder {
     pub(crate) const fn extend(oid: ObjectIdentifier) -> Self {
         Self {
             state: State::Body,
-            bytes: oid.bytes,
-            cursor: oid.length as usize,
+            bytes: oid.buffer.bytes,
+            cursor: oid.buffer.length as usize,
         }
     }
 
@@ -101,10 +101,12 @@ impl Encoder {
     /// Finish encoding an OID.
     pub(crate) const fn finish(self) -> Result<ObjectIdentifier> {
         if self.cursor >= 2 {
-            Ok(ObjectIdentifier {
+            let bytes = Buffer {
                 bytes: self.bytes,
                 length: self.cursor as u8,
-            })
+            };
+
+            Ok(ObjectIdentifier { buffer: bytes })
         } else {
             Err(Error::NotEnoughArcs)
         }

const-oid/src/lib.rs

@@ -5,6 +5,7 @@
     html_logo_url = "https://raw.githubusercontent.com/RustCrypto/media/6ee8e381/logo.svg",
     html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/media/6ee8e381/logo.svg"
 )]
+#![allow(clippy::len_without_is_empty)]
 #![forbid(unsafe_code)]
 #![warn(
     clippy::integer_arithmetic,
@@ -24,6 +25,7 @@ extern crate std;
 mod checked;
 
 mod arcs;
+mod buffer;
 mod encoder;
 mod error;
 mod parser;
@@ -34,12 +36,18 @@ pub mod db;
 
 pub use crate::{
     arcs::{Arc, Arcs},
+    buffer::Buffer,
     error::{Error, Result},
 };
 
 use crate::encoder::Encoder;
 use core::{fmt, str::FromStr};
 
+/// Default maximum size.
+///
+/// Makes `ObjectIdentifier` 40-bytes total w\ 1-byte length.
+const MAX_SIZE: usize = 39;
+
 /// A trait which associates an OID with a type.
 pub trait AssociatedOid {
     /// The OID associated with this type.
@@ -78,18 +86,14 @@ impl<T: AssociatedOid> DynAssociatedOid for T {
 /// - The BER/DER encoding of the OID MUST be shorter than
 ///   [`ObjectIdentifier::MAX_SIZE`]
 #[derive(Copy, Clone, Eq, Hash, PartialEq, PartialOrd, Ord)]
-pub struct ObjectIdentifier {
-    /// Length in bytes
-    length: u8,
-
-    /// Array containing BER/DER-serialized bytes (no header)
-    bytes: [u8; Self::MAX_SIZE],
+pub struct ObjectIdentifier<B: AsRef<[u8]> = Buffer<MAX_SIZE>> {
+    /// Buffer containing BER/DER-serialized bytes (sans ASN.1 tag/length)
+    buffer: B,
 }
 
-#[allow(clippy::len_without_is_empty)]
 impl ObjectIdentifier {
     /// Maximum size of a BER/DER-encoded OID in bytes.
-    pub const MAX_SIZE: usize = 39; // makes `ObjectIdentifier` 40-bytes total w\ 1-byte length
+    pub const MAX_SIZE: usize = MAX_SIZE;
 
     /// Parse an [`ObjectIdentifier`] from the dot-delimited string form,
     /// panicking on parse errors.
@@ -145,27 +149,60 @@ impl ObjectIdentifier {
             3..=Self::MAX_SIZE => (),
             _ => return Err(Error::NotEnoughArcs),
         }
+
         let mut bytes = [0u8; Self::MAX_SIZE];
         bytes[..len].copy_from_slice(ber_bytes);
 
-        let oid = Self {
+        let bytes = Buffer {
             bytes,
             length: len as u8,
         };
 
+        let oid = Self { buffer: bytes };
+
         // Ensure arcs are well-formed
         let mut arcs = oid.arcs();
         while arcs.try_next()?.is_some() {}
 
         Ok(oid)
     }
 
+    /// Get the parent OID of this one (if applicable).
+    pub fn parent(&self) -> Option<Self> {
+        let num_arcs = self.len().checked_sub(1)?;
+        Self::from_arcs(self.arcs().take(num_arcs)).ok()
+    }
+
+    /// Push an additional arc onto this OID, returning the child OID.
+    pub const fn push_arc(self, arc: Arc) -> Result<Self> {
+        // TODO(tarcieri): use `?` when stable in `const fn`
+        match Encoder::extend(self).arc(arc) {
+            Ok(encoder) => encoder.finish(),
+            Err(err) => Err(err),
+        }
+    }
+}
+
+impl<'a> ObjectIdentifier<&'a [u8]> {
+    /// Initialize OID from a byte slice without validating that it contains
+    /// a well-formed BER-encoded OID.
+    ///
+    /// Use with care, e.g. to define compact constants.
+    pub const fn from_bytes_unchecked(buffer: &'a [u8]) -> Self {
+        Self { buffer }
+    }
+}
+
+impl<B> ObjectIdentifier<B>
+where
+    B: AsRef<[u8]>,
+{
     /// Get the BER/DER serialization of this OID as bytes.
     ///
     /// Note that this encoding omits the tag/length, and only contains the
     /// value portion of the encoded OID.
     pub fn as_bytes(&self) -> &[u8] {
-        &self.bytes[..self.length as usize]
+        self.buffer.as_ref()
     }
 
     /// Return the arc with the given index, if it exists.
@@ -177,31 +214,19 @@ impl ObjectIdentifier {
     ///
     /// Returns [`Arcs`], an iterator over [`Arc`] values.
     pub fn arcs(&self) -> Arcs<'_> {
-        Arcs::new(self)
+        Arcs::new(self.buffer.as_ref())
     }
 
     /// Get the length of this [`ObjectIdentifier`] in arcs.
     pub fn len(&self) -> usize {
         self.arcs().count()
     }
-
-    /// Get the parent OID of this one (if applicable).
-    pub fn parent(&self) -> Option<Self> {
-        let num_arcs = self.len().checked_sub(1)?;
-        Self::from_arcs(self.arcs().take(num_arcs)).ok()
-    }
-
-    /// Push an additional arc onto this OID, returning the child OID.
-    pub const fn push_arc(self, arc: Arc) -> Result<Self> {
-        // TODO(tarcieri): use `?` when stable in `const fn`
-        match Encoder::extend(self).arc(arc) {
-            Ok(encoder) => encoder.finish(),
-            Err(err) => Err(err),
-        }
-    }
 }
 
-impl AsRef<[u8]> for ObjectIdentifier {
+impl<B> AsRef<[u8]> for ObjectIdentifier<B>
+where
+    B: AsRef<[u8]>,
+{
     fn as_ref(&self) -> &[u8] {
         self.as_bytes()
     }
@@ -223,12 +248,6 @@ impl TryFrom<&[u8]> for ObjectIdentifier {
     }
 }
 
-impl From<&ObjectIdentifier> for ObjectIdentifier {
-    fn from(oid: &ObjectIdentifier) -> ObjectIdentifier {
-        *oid
-    }
-}
-
 impl fmt::Debug for ObjectIdentifier {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         write!(f, "ObjectIdentifier({})", self)