Update the rust toolchain to 1.83

ci.sh

@@ -82,13 +82,13 @@ run_verification_tests dpe_profile_p384_sha384 rustcrypto
 
 # Build fuzz target
 ( cd dpe/fuzz
-  rustup toolchain install nightly-2023-11-16
-  cargo +nightly-2023-11-16 install cargo-fuzz cargo-afl --locked
+  rustup toolchain install nightly-2024-12-20
+  cargo +nightly-2024-12-20 install cargo-fuzz cargo-afl --locked
   cargo fmt --check
   cargo clippy --features libfuzzer-sys
   cargo clippy --features afl
-  cargo +nightly-2023-11-16 fuzz build --features libfuzzer-sys
-  cargo +nightly-2023-11-16 afl build --features afl
+  cargo +nightly-2024-12-20 fuzz build --features libfuzzer-sys
+  cargo +nightly-2024-12-20 afl build --features afl
 )
 
 # Fix license headers

crypto/src/openssl.rs

@@ -105,7 +105,10 @@ type OpensslPrivKey = CryptoBuf;
 
 impl Crypto for OpensslCrypto {
     type Cdi = OpensslCdi;
-    type Hasher<'c> = OpensslHasher where Self: 'c;
+    type Hasher<'c>
+        = OpensslHasher
+    where
+        Self: 'c;
     type PrivKey = OpensslPrivKey;
 
     #[cfg(feature = "deterministic_rand")]

crypto/src/rustcrypto.rs

@@ -74,7 +74,10 @@ impl RustCryptoImpl {
 
 impl Crypto for RustCryptoImpl {
     type Cdi = Vec<u8>;
-    type Hasher<'c>  = RustCryptoHasher where Self: 'c;
+    type Hasher<'c>
+        = RustCryptoHasher
+    where
+        Self: 'c;
     type PrivKey = CryptoBuf;
 
     fn hash_initialize(&mut self, algs: AlgLen) -> Result<Self::Hasher<'_>, CryptoError> {

dpe/src/commands/certify_key.rs

@@ -632,7 +632,7 @@ mod tests {
         let econtent = &econtent_info.econtent.as_mut().unwrap().to_der().unwrap()[4..];
 
         // validate csr signature with the alias key
-        let csr_digest = env.crypto.hash(DPE_PROFILE.alg_len(), &econtent).unwrap();
+        let csr_digest = env.crypto.hash(DPE_PROFILE.alg_len(), econtent).unwrap();
         let priv_key = match DPE_PROFILE.alg_len() {
             AlgLen::Bit256 => EcKey::private_key_from_der(include_bytes!(
                 "../../../platform/src/test_data/key_256.der"
@@ -652,7 +652,7 @@ mod tests {
         assert!(csr_sig.verify(csr_digest.bytes(), &alias_key).unwrap());
 
         // validate csr
-        let (_, csr) = X509CertificationRequest::from_der(&econtent).unwrap();
+        let (_, csr) = X509CertificationRequest::from_der(econtent).unwrap();
         let cri = csr.certification_request_info;
         assert_eq!(cri.version.0, 0);
         assert_eq!(
@@ -673,7 +673,7 @@ mod tests {
         let y = BigNum::from_slice(&pub_key_der[DPE_PROFILE.get_ecc_int_size() + 1..]).unwrap();
         let pub_key = EcKey::from_public_key_affine_coordinates(group, &x, &y).unwrap();
 
-        let cri_digest = env.crypto.hash(DPE_PROFILE.alg_len(), &cri.raw).unwrap();
+        let cri_digest = env.crypto.hash(DPE_PROFILE.alg_len(), cri.raw).unwrap();
         assert!(cri_sig.verify(cri_digest.bytes(), &pub_key).unwrap());
 
         // validate subject_name
@@ -693,7 +693,7 @@ mod tests {
         let expected_subject_name = format!(
             "CN={}, serialNumber={}",
             str::from_utf8(subject_name.cn.bytes()).unwrap(),
-            str::from_utf8(&subject_name.serial.bytes()).unwrap()
+            str::from_utf8(subject_name.serial.bytes()).unwrap()
         );
         let actual_subject_name = cri.subject.to_string_with_registry(oid_registry()).unwrap();
         assert_eq!(expected_subject_name, actual_subject_name);

dpe/src/commands/derive_context.rs

@@ -652,7 +652,7 @@ mod tests {
         {
             Ok(Response::RotateCtx(resp)) => resp.handle,
             Ok(_) => panic!("Invalid response type"),
-            Err(e) => Err(e).unwrap(),
+            Err(e) => panic!("{:?}", e),
         };
 
         let parent_handle = match (DeriveContextCmd {
@@ -666,7 +666,7 @@ mod tests {
         {
             Ok(Response::DeriveContext(resp)) => resp.parent_handle,
             Ok(_) => panic!("Invalid response type"),
-            Err(e) => Err(e).unwrap(),
+            Err(e) => panic!("{:?}", e),
         };
 
         let (new_context_handle, sig) = match (SignCmd {
@@ -686,7 +686,7 @@ mod tests {
                 .unwrap(),
             ),
             Ok(_) => panic!("Invalid response type"),
-            Err(e) => Err(e).unwrap(),
+            Err(e) => panic!("{:?}", e),
         };
 
         let parent_handle = match (DeriveContextCmd {
@@ -701,7 +701,7 @@ mod tests {
         {
             Ok(Response::DeriveContext(resp)) => resp.parent_handle,
             Ok(_) => panic!("Invalid response type"),
-            Err(e) => Err(e).unwrap(),
+            Err(e) => panic!("{:?}", e),
         };
 
         let ec_pub_key = {

dpe/src/commands/destroy_context.rs

@@ -302,7 +302,7 @@ mod tests {
         {
             Ok(Response::DeriveContext(resp)) => resp.handle,
             Ok(_) => panic!("Invalid response type"),
-            Err(e) => Err(e).unwrap(),
+            Err(e) => panic!("{:?}", e),
         };
 
         // retire context with handle 1 and create new context
@@ -317,7 +317,7 @@ mod tests {
         {
             Ok(Response::DeriveContext(resp)) => resp.handle,
             Ok(_) => panic!("Invalid response type"),
-            Err(e) => Err(e).unwrap(),
+            Err(e) => panic!("{:?}", e),
         };
 
         // retire context with handle 2 and create new context
@@ -332,7 +332,7 @@ mod tests {
         {
             Ok(Response::DeriveContext(resp)) => resp.handle,
             Ok(_) => panic!("Invalid response type"),
-            Err(e) => Err(e).unwrap(),
+            Err(e) => panic!("{:?}", e),
         };
 
         DestroyCtxCmd { handle: handle_3 }
@@ -371,7 +371,7 @@ mod tests {
         {
             Ok(Response::DeriveContext(resp)) => resp.handle,
             Ok(_) => panic!("Invalid response type"),
-            Err(e) => Err(e).unwrap(),
+            Err(e) => panic!("{:?}", e),
         };
 
         // derive one child from the parent
@@ -386,7 +386,7 @@ mod tests {
         {
             Ok(Response::DeriveContext(resp)) => resp.parent_handle,
             Ok(_) => panic!("Invalid response type"),
-            Err(e) => Err(e).unwrap(),
+            Err(e) => panic!("{:?}", e),
         };
 
         // derive another child while retiring the parent handle
@@ -401,7 +401,7 @@ mod tests {
         {
             Ok(Response::DeriveContext(resp)) => resp.handle,
             Ok(_) => panic!("Invalid response type"),
-            Err(e) => Err(e).unwrap(),
+            Err(e) => panic!("{:?}", e),
         };
 
         DestroyCtxCmd { handle: handle_b }
@@ -424,7 +424,7 @@ mod tests {
         parent_idx: u8,
         handle: &ContextHandle,
         children: &[u8],
-    ) -> () {
+    ) {
         dpe.contexts[idx].state = ContextState::Active;
         dpe.contexts[idx].handle = *handle;
         dpe.contexts[idx].parent_idx = parent_idx;

dpe/src/commands/mod.rs

@@ -81,9 +81,9 @@ impl Command<'_> {
     }
 
     fn parse_command<'a, T: FromBytes + KnownLayout + Immutable + 'a>(
-        build: impl FnOnce(&'a T) -> Command,
+        build: impl FnOnce(&'a T) -> Command<'a>,
         bytes: &'a [u8],
-    ) -> Result<Command, DpeErrorCode> {
+    ) -> Result<Command<'a>, DpeErrorCode> {
         let (prefix, _remaining_bytes) =
             T::ref_from_prefix(bytes).map_err(|_| DpeErrorCode::InvalidArgument)?;
         Ok(build(prefix))

dpe/src/context.rs

@@ -34,6 +34,12 @@ pub struct Context {
     pub reserved: [u8; 1],
 }
 
+impl Default for Context {
+    fn default() -> Self {
+        Self::new()
+    }
+}
+
 impl Context {
     pub const ROOT_INDEX: u8 = 0xff;
 

dpe/src/validation.rs

@@ -59,7 +59,7 @@ pub struct DpeValidator<'a> {
     pub dpe: &'a mut DpeInstance,
 }
 
-impl<'a> DpeValidator<'a> {
+impl DpeValidator<'_> {
     /// Validates that the shape of the DPE instance is well-formed and that
     /// there is no illegal state present within the DPE.
     #[cfg_attr(not(feature = "no-cfi"), cfi_impl_fn)]
@@ -466,7 +466,7 @@ pub mod tests {
             crypto: OpensslCrypto::new(),
             platform: DefaultPlatform,
         };
-        let mut dpe_validator = DpeValidator {
+        let dpe_validator = DpeValidator {
             dpe: &mut DpeInstance::new(&mut env, SUPPORT).unwrap(),
         };
 
@@ -529,7 +529,7 @@ pub mod tests {
             crypto: OpensslCrypto::new(),
             platform: DefaultPlatform,
         };
-        let mut dpe_validator = DpeValidator {
+        let dpe_validator = DpeValidator {
             dpe: &mut DpeInstance::new(&mut env, Support::empty()).unwrap(),
         };
 
@@ -581,7 +581,7 @@ pub mod tests {
             crypto: OpensslCrypto::new(),
             platform: DefaultPlatform,
         };
-        let mut dpe_validator = DpeValidator {
+        let dpe_validator = DpeValidator {
             dpe: &mut DpeInstance::new(&mut env, Support::all().difference(Support::AUTO_INIT))
                 .unwrap(),
         };
@@ -692,7 +692,7 @@ pub mod tests {
             crypto: OpensslCrypto::new(),
             platform: DefaultPlatform,
         };
-        let mut dpe_validator = DpeValidator {
+        let dpe_validator = DpeValidator {
             dpe: &mut DpeInstance::new(&mut env, Support::empty()).unwrap(),
         };
         dpe_validator.dpe.has_initialized = U8Bool::new(true);

dpe/src/x509.rs

@@ -2343,7 +2343,7 @@ pub(crate) mod tests {
         let expected = format!(
             "CN={}, serialNumber={}",
             str::from_utf8(test_name.cn.bytes()).unwrap(),
-            str::from_utf8(&test_name.serial.bytes()).unwrap()
+            str::from_utf8(test_name.serial.bytes()).unwrap()
         );
         let actual = name.to_string_with_registry(oid_registry()).unwrap();
         assert_eq!(expected, actual);
@@ -2536,10 +2536,10 @@ pub(crate) mod tests {
 
     const ECC_INT_SIZE: usize = DPE_PROFILE.get_ecc_int_size();
 
-    const DEFAULT_OTHER_NAME_OID: &'static [u8] = &[0, 0, 0];
+    const DEFAULT_OTHER_NAME_OID: &[u8] = &[0, 0, 0];
     const DEFAULT_OTHER_NAME_VALUE: &str = "default-other-name";
 
-    fn build_test_tbs<'a>(is_ca: bool, cert_buf: &'a mut [u8]) -> (usize, TbsCertificate<'a>) {
+    fn build_test_tbs(is_ca: bool, cert_buf: &mut [u8]) -> (usize, TbsCertificate<'_>) {
         let mut issuer_der = [0u8; 1024];
         let mut issuer_writer = CertWriter::new(&mut issuer_der, true);
         let issuer_len = issuer_writer.encode_rdn(&TEST_ISSUER_NAME).unwrap();
@@ -2595,7 +2595,7 @@ pub(crate) mod tests {
         let mut tbs_writer = CertWriter::new(cert_buf, true);
         let bytes_written = tbs_writer
             .encode_ecdsa_tbs(
-                &TEST_SERIAL,
+                TEST_SERIAL,
                 &issuer_der[..issuer_len],
                 &TEST_SUBJECT_NAME,
                 &test_pub,
@@ -2611,7 +2611,7 @@ pub(crate) mod tests {
         )
     }
 
-    fn build_test_cert<'a>(is_ca: bool, cert_buf: &'a mut [u8]) -> (usize, X509Certificate<'a>) {
+    fn build_test_cert(is_ca: bool, cert_buf: &mut [u8]) -> (usize, X509Certificate<'_>) {
         let mut tbs_buf = [0u8; 1024];
         let (tbs_written, _) = build_test_tbs(is_ca, &mut tbs_buf);
 
@@ -2622,7 +2622,7 @@ pub(crate) mod tests {
 
         let mut w = CertWriter::new(cert_buf, true);
         let bytes_written = w
-            .encode_ecdsa_certificate(&mut tbs_buf[..tbs_written], &test_sig)
+            .encode_ecdsa_certificate(&tbs_buf[..tbs_written], &test_sig)
             .unwrap();
 
         let mut parser = X509CertificateParser::new().with_deep_parse_extensions(true);
@@ -2690,7 +2690,7 @@ pub(crate) mod tests {
                 assert!(!ext.critical);
                 let san = ext.value;
                 assert_eq!(san.general_names.len(), 1);
-                let general_name = san.general_names.get(0).unwrap();
+                let general_name = san.general_names.first().unwrap();
                 match general_name {
                     GeneralName::OtherName(oid, other_name_value) => {
                         assert_eq!(oid.as_bytes(), DEFAULT_OTHER_NAME_OID);
@@ -2701,7 +2701,7 @@ pub(crate) mod tests {
                 };
             }
             Ok(None) => panic!("No SubjectAltName extension found!"),
-            Err(e) => panic!("Error {} parsing SubjectAltName extension", e.to_string()),
+            Err(e) => panic!("Error {} parsing SubjectAltName extension", e),
         }
     }
 

platform/src/printer.rs

@@ -8,7 +8,7 @@ pub struct Printer<'a> {
     pub platform: &'a mut dyn Platform,
 }
 
-impl<'a> uWrite for Printer<'a> {
+impl uWrite for Printer<'_> {
     type Error = PlatformError;
 
     fn write_str(&mut self, str: &str) -> Result<(), Self::Error> {

rust-toolchain.toml

@@ -1,5 +1,5 @@
 # Licensed under the Apache-2.0 license
 
 [toolchain]
-channel = "1.70"
+channel = "1.83"
 components = ["rustfmt", "clippy"]