diff --git a/.github/actions-rs/grcov.yml b/.github/actions-rs/grcov.yml index 83eb5ff..4af9e29 100644 --- a/.github/actions-rs/grcov.yml +++ b/.github/actions-rs/grcov.yml @@ -1,4 +1,7 @@ ignore: - "../*" - "/*" + - "*/test_helper.rs" source-dir: . +excl-line: "#\\[derive\\(" +excl-start: "mod tests \\{" diff --git a/src/common/cbor_values/mod.rs b/src/common/cbor_values/mod.rs index 0ef6ba3..ff32524 100644 --- a/src/common/cbor_values/mod.rs +++ b/src/common/cbor_values/mod.rs @@ -29,11 +29,14 @@ use core::fmt::{Debug, Display, Formatter}; use core::ops::Deref; +use coset::{CoseEncrypt0, CoseKey}; +use strum_macros::IntoStaticStr; + #[cfg(not(feature = "std"))] use {alloc::boxed::Box, alloc::format, alloc::vec, alloc::vec::Vec}; -use coset::{CoseEncrypt0, CoseKey}; -use strum_macros::IntoStaticStr; +#[cfg(test)] +mod tests; /// A type intended to be used as a CBOR bytestring, represented as a vector of bytes. pub type ByteString = Vec; @@ -269,7 +272,9 @@ mod conversion { impl TryFrom for CoseKey { type Error = WrongSourceTypeError; - fn try_from(value: ProofOfPossessionKey) -> Result { + fn try_from( + value: ProofOfPossessionKey, + ) -> Result> { if let ProofOfPossessionKey::PlainCoseKey(key) = value { Ok(key) } else { @@ -281,7 +286,9 @@ mod conversion { impl TryFrom for CoseEncrypt0 { type Error = WrongSourceTypeError; - fn try_from(value: ProofOfPossessionKey) -> Result { + fn try_from( + value: ProofOfPossessionKey, + ) -> Result> { if let ProofOfPossessionKey::EncryptedCoseKey(key) = value { Ok(key) } else { @@ -293,7 +300,9 @@ mod conversion { impl TryFrom for KeyId { type Error = WrongSourceTypeError; - fn try_from(value: ProofOfPossessionKey) -> Result { + fn try_from( + value: ProofOfPossessionKey, + ) -> Result> { if let ProofOfPossessionKey::KeyId(kid) = value { Ok(kid) } else { diff --git a/src/common/cbor_values/tests.rs b/src/common/cbor_values/tests.rs new file mode 100644 index 0000000..69e516f --- /dev/null +++ b/src/common/cbor_values/tests.rs @@ -0,0 +1,207 @@ +/* + * Copyright (c) 2022 The NAMIB Project Developers. + * Licensed under the Apache License, Version 2.0 or the MIT license + * , at your + * option. This file may not be copied, modified, or distributed + * except according to those terms. + * + * SPDX-License-Identifier: MIT OR Apache-2.0 + */ + +mod pop { + #[cfg(not(feature = "std"))] + use alloc::{string::String, string::ToString, vec}; + use core::marker::PhantomData; + + use ciborium::value::Value; + use coset::iana::Algorithm; + use coset::{ + iana, CoseEncrypt0, CoseEncrypt0Builder, CoseKey, CoseKeyBuilder, HeaderBuilder, + ProtectedHeader, + }; + + use crate::common::cbor_values::KeyId; + use crate::common::test_helper::expect_ser_de; + use crate::error::WrongSourceTypeError; + use crate::ProofOfPossessionKey::{EncryptedCoseKey, PlainCoseKey}; + use crate::{ByteString, ProofOfPossessionKey, ToCborMap}; + + #[test] + fn test_key_id() -> Result<(), String> { + let pop = ProofOfPossessionKey::KeyId(vec![0xDC, 0xAF]); + assert_eq!(pop.key_id(), &vec![0xDC, 0xAF]); + assert_eq!( + KeyId::try_from(pop.clone()).expect("must be KeyId"), + vec![0xDC, 0xAF].as_slice() + ); + assert_eq!( + CoseKey::try_from(pop.clone()).expect_err("must be error"), + WrongSourceTypeError { + expected_type: "PlainCoseKey", + actual_type: "KeyId", + general_type: PhantomData::default(), + } + ); + expect_ser_de(pop, None, "A10342DCAF")?; + Ok(()) + } + + #[test] + fn test_plain_key() -> Result<(), String> { + let key = CoseKeyBuilder::new_ec2_pub_key( + iana::EllipticCurve::P_256, + vec![ + 0xd7, 0xcc, 0x07, 0x2d, 0xe2, 0x20, 0x5b, 0xdc, 0x15, 0x37, 0xa5, 0x43, 0xd5, 0x3c, + 0x60, 0xa6, 0xac, 0xb6, 0x2e, 0xcc, 0xd8, 0x90, 0xc7, 0xfa, 0x27, 0xc9, 0xe3, 0x54, + 0x08, 0x9b, 0xbe, 0x13, + ], + vec![ + 0xf9, 0x5e, 0x1d, 0x4b, 0x85, 0x1a, 0x2c, 0xc8, 0x0f, 0xff, 0x87, 0xd8, 0xe2, 0x3f, + 0x22, 0xaf, 0xb7, 0x25, 0xd5, 0x35, 0xe5, 0x15, 0xd0, 0x20, 0x73, 0x1e, 0x79, 0xa3, + 0xb4, 0xe4, 0x71, 0x20, + ], + ) + .key_id(vec![0xDC, 0xAF]) + .build(); + let pop = PlainCoseKey(key.clone()); + assert_eq!(pop.key_id(), &vec![0xDC, 0xAF]); + assert_eq!( + CoseKey::try_from(pop.clone()).expect("must be CoseKey"), + key + ); + assert_eq!( + CoseEncrypt0::try_from(pop.clone()).expect_err("must be error"), + WrongSourceTypeError { + expected_type: "EncryptedCoseKey", + actual_type: "PlainCoseKey", + general_type: PhantomData::default(), + } + ); + expect_ser_de(pop, None, "A101A501020242DCAF2001215820D7CC072DE2205BDC1537A543D53C60A6ACB62ECCD890C7FA27C9E354089BBE13225820F95E1D4B851A2CC80FFF87D8E23F22AFB725D535E515D020731E79A3B4E47120")?; + Ok(()) + } + + #[test] + fn test_encrypted_key() -> Result<(), String> { + // Extract relevant part for comparison (i.e. no protected headers' original data, + // which can change after serialization) + fn transform_header(key: ProofOfPossessionKey) -> ProofOfPossessionKey { + if let EncryptedCoseKey(enc) = key { + ProofOfPossessionKey::EncryptedCoseKey(CoseEncrypt0 { + protected: ProtectedHeader { + original_data: None, + ..enc.protected + }, + ..enc + }) + } else { + unreachable!("key must be EncryptedCoseKey") + } + } + + // From section 3.3 of RFC 8747. Should contain the above key. + let encrypted = CoseEncrypt0Builder::new().ciphertext(hex::decode("0573318A3573EB983E55A7C2F06CADD0796C9E584F1D0E3EA8C5B052592A8B2694BE9654F0431F38D5BBC8049FA7F13F") + .expect("invalid hex")) + .unprotected(HeaderBuilder::new().key_id(vec![0xDC, 0xAF]).iv(hex::decode("636898994FF0EC7BFCF6D3F95B").expect("invalid hex")).build()) + .protected(HeaderBuilder::new().algorithm(Algorithm::AES_CCM_16_64_128).build()) + .build(); + let pop = EncryptedCoseKey(encrypted.clone()); + assert_eq!(pop.key_id(), &vec![0xDC, 0xAF]); + assert_eq!( + CoseEncrypt0::try_from(pop.clone()).expect("must be CoseEncrypt0"), + encrypted + ); + assert_eq!( + ByteString::try_from(pop.clone()).expect_err("must be error"), + WrongSourceTypeError { + expected_type: "KeyId", + actual_type: "EncryptedCoseKey", + general_type: PhantomData::default(), + } + ); + expect_ser_de(pop, Some(transform_header), "A1028343A1010AA20442DCAF054D636898994FF0EC7BFCF6D3F95B58300573318A3573EB983E55A7C2F06CADD0796C9E584F1D0E3EA8C5B052592A8B2694BE9654F0431F38D5BBC8049FA7F13F")?; + + let encrypted_protected = CoseEncrypt0Builder::new().ciphertext(hex::decode("0573318A3573EB983E55A7C2F06CADD0796C9E584F1D0E3EA8C5B052592A8B2694BE9654F0431F38D5BBC8049FA7F13F") + .expect("invalid hex")) + .unprotected(HeaderBuilder::new().iv(hex::decode("636898994FF0EC7BFCF6D3F95B").expect("invalid hex")).build()) + .protected(HeaderBuilder::new().key_id(vec![0xDC, 0xAF]).algorithm(Algorithm::AES_CCM_16_64_128).build()) + .build(); + let pop_protected = EncryptedCoseKey(encrypted_protected); + assert_eq!(pop_protected.key_id(), &vec![0xDC, 0xAF]); + Ok(()) + } + + #[test] + fn test_try_from_invalid_cbor_map() { + // This example is alright + assert!(ProofOfPossessionKey::try_from_cbor_map(vec![( + 3_i128, + Value::Bytes(vec![0xDC, 0xAF]) + )]) + .is_ok()); + // Invalid CBOR + assert!(ProofOfPossessionKey::try_from_cbor_map(vec![]).is_err()); + assert!(ProofOfPossessionKey::try_from_cbor_map(vec![ + (3_i128, Value::Bytes(vec![0xDC, 0xAF])), + (3_i128, Value::Bytes(vec![0xDC, 0xAF])) + ]) + .is_err()); + // Invalid CBOR type for the respective key type + assert!(ProofOfPossessionKey::try_from_cbor_map(vec![( + 1_i128, + Value::Bytes(vec![0xDC, 0xAF]) + )]) + .is_err()); + assert!(ProofOfPossessionKey::try_from_cbor_map(vec![( + 2_i128, + Value::Bytes(vec![0xDC, 0xAF]) + )]) + .is_err()); + assert!(ProofOfPossessionKey::try_from_cbor_map(vec![( + 3_i128, + Value::Text("Hello".to_string()) + )]) + .is_err()); + // And an invalid key type + assert!(ProofOfPossessionKey::try_from_cbor_map(vec![( + 4_i128, + Value::Bytes(vec![0xDC, 0xAF]) + )]) + .is_err()); + } +} + +mod other { + use ciborium::value::Integer; + + use crate::common::cbor_map::decode_number; + + #[test] + fn test_decode_integer() { + assert_eq!( + decode_number::(Integer::from(u8::MAX), "number").expect("conversion must work"), + 255_u8 + ); + assert_eq!( + decode_number::(Integer::from(i16::MIN), "number").expect("conversion must work"), + i16::MIN + ); + assert_eq!( + decode_number::(Integer::from(u64::MAX), "number").expect("conversion must work"), + u64::MAX + ); + assert_eq!( + decode_number::(Integer::from(i64::MIN), "number").expect("conversion must work"), + i64::MIN + ); + } + + #[test] + fn test_decode_integer_invalid() { + assert!(decode_number::(Integer::from(u16::MAX), "number").is_err()); + assert!(decode_number::(Integer::from(i32::MIN), "number").is_err()); + assert!(decode_number::(Integer::from(i32::MIN), "number").is_err()); + assert!(decode_number::(Integer::from(u64::MAX), "number").is_err()); + } +} diff --git a/src/common/scope/tests.rs b/src/common/scope/tests.rs index 5759fd1..0b731be 100644 --- a/src/common/scope/tests.rs +++ b/src/common/scope/tests.rs @@ -12,13 +12,15 @@ /// Tests for text encoded scopes. mod text { #[cfg(not(feature = "std"))] - use {alloc::vec, alloc::vec::Vec}; + use alloc::{string::ToString, vec, vec::Vec}; + use core::marker::PhantomData; use ciborium::value::Value; - use crate::common::scope::TextEncodedScope; + use crate::common::cbor_map::decode_scope; + use crate::common::scope::{AifRestMethodSet, TextEncodedScope}; use crate::error::{InvalidTextEncodedScopeError, ScopeFromValueError}; - use crate::Scope; + use crate::{AifEncodedScope, Scope}; #[test] fn test_scope_element_normal() -> Result<(), InvalidTextEncodedScopeError> { @@ -64,7 +66,10 @@ mod text { ]; for input in empty_arrays { - assert!(TextEncodedScope::try_from(input).is_err()); + assert!(!TextEncodedScope::try_from(input) + .expect_err("must be error") + .to_string() + .is_empty()); } } @@ -81,7 +86,10 @@ mod text { " spaces wherever you look ", ]; for input in invalid_inputs { - assert!(TextEncodedScope::try_from(input).is_err()); + assert!(!TextEncodedScope::try_from(input) + .expect_err("must be error") + .to_string() + .is_empty()); } } @@ -98,7 +106,10 @@ mod text { "within\\word", ]; for input in invalid_inputs { - assert!(TextEncodedScope::try_from(input).is_err()); + assert!(!TextEncodedScope::try_from(input) + .expect_err("must be error") + .to_string() + .is_empty()); } let invalid_arrays = vec![ @@ -123,7 +134,10 @@ mod text { vec!["normal", "in\\word"], ]; for input in invalid_arrays { - assert!(TextEncodedScope::try_from(input).is_err()); + assert!(!TextEncodedScope::try_from(input) + .expect_err("must be error") + .to_string() + .is_empty()); } } @@ -136,9 +150,32 @@ mod text { assert_eq!(Scope::try_from(value)?, scope); Ok(()) } + + #[test] + fn test_convert_invalid_value_to_scope() { + assert!(decode_scope(Value::Bool(false)).is_err()); + } + + #[test] + fn test_scope_invalid_try_from() { + let scope = Scope::from(AifEncodedScope::from(vec![( + "empty".to_string(), + AifRestMethodSet::empty(), + )])); + let error = TextEncodedScope::try_from(scope).expect_err("expected error"); + assert_eq!(error.actual_type, "AifEncoded"); + assert_eq!(error.expected_type, "TextEncoded"); + assert_eq!(error.general_type, PhantomData::::default()); + } } mod aif { + use core::marker::PhantomData; + + use ciborium::de::from_reader; + use ciborium::ser::into_writer; + use enumflags2::{make_bitflags, BitFlags}; + #[cfg(not(feature = "std"))] use { alloc::string::{String, ToString}, @@ -146,13 +183,9 @@ mod aif { alloc::vec::Vec, }; - use ciborium::de::from_reader; - use ciborium::ser::into_writer; - use enumflags2::{make_bitflags, BitFlags}; - use crate::common::scope::{AifEncodedScopeElement, AifRestMethod, AifRestMethodSet}; use crate::error::InvalidAifEncodedScopeError; - use crate::{AifEncodedScope, Scope}; + use crate::{AifEncodedScope, LibdcafEncodedScope, Scope}; pub(crate) fn example_elements() -> ( AifEncodedScopeElement, @@ -234,7 +267,12 @@ mod aif { 0xFFFF_FFFF_FFFF_FFFF, // maximum ]; for invalid in invalids { - assert!(AifEncodedScope::try_from(vec![("whatever".to_string(), invalid)]).is_err()); + assert!( + !AifEncodedScope::try_from(vec![("whatever".to_string(), invalid)]) + .expect_err("must be error") + .to_string() + .is_empty() + ); } } @@ -271,15 +309,26 @@ mod aif { ); Ok(()) } + + #[test] + fn test_scope_invalid_try_from() { + let scope = Scope::from(LibdcafEncodedScope::new("empty", AifRestMethodSet::empty())); + let error = AifEncodedScope::try_from(scope).expect_err("expected error"); + assert_eq!(error.actual_type, "LibdcafEncoded"); + assert_eq!(error.expected_type, "AifEncoded"); + assert_eq!(error.general_type, PhantomData::::default()); + } } mod libdcaf { - #[cfg(not(feature = "std"))] - use {alloc::string::ToString, alloc::vec}; + use core::marker::PhantomData; use ciborium::de::from_reader; - use crate::error::InvalidAifEncodedScopeError; + #[cfg(not(feature = "std"))] + use {alloc::string::ToString, alloc::vec}; + + use crate::error::{InvalidAifEncodedScopeError, ScopeFromValueError}; use crate::{LibdcafEncodedScope, Scope}; use super::aif::example_elements; @@ -313,7 +362,12 @@ mod libdcaf { 0xFFFF_FFFF_FFFF_FFFF, // maximum ]; for invalid in invalids { - assert!(LibdcafEncodedScope::try_from_bits("whatever".to_string(), invalid).is_err()); + assert!( + !LibdcafEncodedScope::try_from_bits("whatever".to_string(), invalid) + .expect_err("must be error") + .to_string() + .is_empty() + ); } } @@ -328,14 +382,25 @@ mod libdcaf { .and_then(Result::ok) .is_none()); } + + #[test] + fn test_scope_invalid_try_from() -> Result<(), ScopeFromValueError> { + let scope = Scope::try_from(vec![0xDC, 0xAF].as_slice())?; + let error = LibdcafEncodedScope::try_from(scope).expect_err("expected error"); + assert_eq!(error.actual_type, "BinaryEncoded"); + assert_eq!(error.expected_type, "LibdcafEncoded"); + assert_eq!(error.general_type, PhantomData::::default()); + Ok(()) + } } /// Tests for binary encoded scopes. mod binary { #[cfg(not(feature = "std"))] - use alloc::vec; + use alloc::{boxed::Box, string::ToString, vec}; + use core::marker::PhantomData; - use ciborium::value::Value; + use ciborium::value::{Integer, Value}; use crate::common::scope::BinaryEncodedScope; use crate::error::{InvalidBinaryEncodedScopeError, ScopeFromValueError}; @@ -379,9 +444,11 @@ mod binary { // Assuming 0 is separator let empty_vecs = vec![vec![0], vec![0, 0], vec![0, 0, 0]]; for vec in empty_vecs { - assert!(BinaryEncodedScope::try_from(vec.as_slice())? + assert!(!BinaryEncodedScope::try_from(vec.as_slice())? .elements(Some(0)) - .is_err()); + .expect_err("must be error") + .to_string() + .is_empty()); // If the separator is something else, the result should just contain the vec // as a single element. assert!(BinaryEncodedScope::try_from(vec.as_slice())? @@ -410,9 +477,11 @@ mod binary { vec![0, 0, 0xDC, 0, 0, 0xAF, 0, 0], ]; for vec in invalid { - assert!(BinaryEncodedScope::try_from(vec.as_slice())? + assert!(!BinaryEncodedScope::try_from(vec.as_slice())? .elements(Some(0)) - .is_err()); + .expect_err("must be error") + .to_string() + .is_empty()); // If the separator is something else, the result should just contain the vec // as a single element. assert!(BinaryEncodedScope::try_from(vec.as_slice())? @@ -434,4 +503,29 @@ mod binary { assert_eq!(Scope::try_from(value)?, scope); Ok(()) } + + #[test] + fn test_scope_invalid_try_from() -> Result<(), ScopeFromValueError> { + let scope = Scope::try_from(vec!["first", "second"])?; + let error = BinaryEncodedScope::try_from(scope).expect_err("expected error"); + assert_eq!(error.actual_type, "TextEncoded"); + assert_eq!(error.expected_type, "BinaryEncoded"); + assert_eq!(error.general_type, PhantomData::::default()); + + let invalid_values = vec![ + Value::Bool(true), + Value::Integer(Integer::from(u8::MIN)), + Value::Float(0.5), + Value::Null, + Value::Tag(0, Box::new(Value::Null)), + Value::Map(vec![]), + ]; + for value in invalid_values { + assert!(!Scope::try_from(value) + .expect_err("must be error") + .to_string() + .is_empty()); + } + Ok(()) + } } diff --git a/src/endpoints/token_req/tests.rs b/src/endpoints/token_req/tests.rs index c53bce9..179a1ff 100644 --- a/src/endpoints/token_req/tests.rs +++ b/src/endpoints/token_req/tests.rs @@ -9,9 +9,6 @@ * SPDX-License-Identifier: MIT OR Apache-2.0 */ -#[cfg(not(feature = "std"))] -use {alloc::string::ToString, alloc::vec}; - use coset::cwt::Timestamp; use coset::iana::Algorithm; use coset::{ @@ -20,12 +17,16 @@ use coset::{ }; use enumflags2::{make_bitflags, BitFlags}; +#[cfg(not(feature = "std"))] +use {alloc::string::ToString, alloc::vec}; + use crate::common::scope::{ AifEncodedScopeElement, AifRestMethod, LibdcafEncodedScope, TextEncodedScope, }; use crate::common::test_helper::expect_ser_de; use crate::endpoints::token_req::AceProfile::{CoapDtls, CoapOscore}; -use crate::{AifEncodedScope, BinaryEncodedScope}; +use crate::ProofOfPossessionKey::KeyId; +use crate::{AifEncodedScope, BinaryEncodedScope, ToCborMap}; use super::*; @@ -261,17 +262,6 @@ mod response { expect_ser_de(response, None, "A30142DCAF060A09826A7265737472696374656401") } - #[test] - fn test_access_token_response_fraction_libdcaf() -> Result<(), String> { - let response = AccessTokenResponse::builder() - .access_token(vec![0xDC, 0xAF]) - .scope(LibdcafEncodedScope::new("empty", BitFlags::empty())) - .issued_at(Timestamp::FractionalSeconds(1.5)) - .build() - .map_err(|x| x.to_string())?; - expect_ser_de(response, None, "A30142DCAF06F93E00098265656D70747900") - } - #[test] fn test_access_token_response() -> Result<(), String> { let key = CoseKeyBuilder::new_symmetric_key(vec![ @@ -280,6 +270,7 @@ mod response { ]) .key_id(vec![0x84, 0x9b, 0x57, 0x86, 0x45, 0x7c]) .build(); + let rs_key = KeyId(vec![0xDC, 0xAF]); // We need to specify this here because otherwise it'd be typed as an i32. let expires_in: u32 = 3600; let response = AccessTokenResponseBuilder::default() @@ -287,9 +278,22 @@ mod response { .ace_profile(CoapDtls) .expires_in(expires_in) .cnf(key) + .rs_cnf(rs_key) + .refresh_token(vec![0x3f, 0xc3, 0x90, 0x19, 0xac, 0x8a]) .build() .map_err(|x| x.to_string())?; - expect_ser_de(response, None, "A401474A5015DF68642802190E1008A101A301040246849B5786457C2051849B5786457C1491BE3A76DCEA6C427108182601") + expect_ser_de(response, None, "A601474A5015DF68642802190E1008A101A301040246849B5786457C2051849B5786457C1491BE3A76DCEA6C4271081825463FC39019AC8A1826011829A10342DCAF") + } + + #[test] + fn test_access_token_response_invalid() { + let missing_token = hex::decode( + "A302190E1008A101A301040246849B5786457C2051849B5786457C1491BE3A76DCEA6C427108182601", + ) + .expect("invalid hex"); + assert!(AccessTokenResponse::deserialize_from(missing_token.as_slice()).is_err()); + let _unknown_field = hex::decode("A501474A5015DF68642802190E1008A101A301040246849B5786457C2051849B5786457C1491BE3A76DCEA6C42710818260119029A433F3F3F"); + assert!(AccessTokenResponse::deserialize_from(missing_token.as_slice()).is_err()); } #[test] @@ -338,3 +342,13 @@ mod error { expect_ser_de(error, None, "A3181E1901A2181F7824492063616E27742068656C7020796F752C2049276D206A757374206120746561706F742E18207468747470733A2F2F687474702E6361742F343138") } } + +#[test] +fn test_error_response_invalid() { + let empty = hex::decode("A0").expect("invalid hex"); + assert!(ErrorResponse::deserialize_from(empty.as_slice()).is_err()); + let missing_fields = hex::decode("A2181F7824492063616E27742068656C7020796F752C2049276D206A757374206120746561706F742E18207468747470733A2F2F687474702E6361742F343138").expect("invalid hex"); + assert!(ErrorResponse::deserialize_from(missing_fields.as_slice()).is_err()); + let extra_fields = hex::decode("A4181E1901A2181F7824492063616E27742068656C7020796F752C2049276D206A757374206120746561706F742E18207468747470733A2F2F687474702E6361742F343138182F6477686174").expect("invalid hex"); + assert!(ErrorResponse::deserialize_from(extra_fields.as_slice()).is_err()); +} diff --git a/src/token/tests.rs b/src/token/tests.rs index b0365a3..ea5698c 100644 --- a/src/token/tests.rs +++ b/src/token/tests.rs @@ -9,15 +9,16 @@ * SPDX-License-Identifier: MIT OR Apache-2.0 */ -use crate::common::test_helper::FakeCrypto; -use crate::error::CoseCipherError; +#[cfg(not(feature = "std"))] +use alloc::vec; + use ciborium::value::Value; use coset::cwt::ClaimsSetBuilder; use coset::iana::{Algorithm, CwtClaimName}; use coset::{AsCborValue, CoseKey, CoseKeyBuilder, CoseMac0Builder, HeaderBuilder}; -#[cfg(not(feature = "std"))] -use alloc::vec; +use crate::common::test_helper::FakeCrypto; +use crate::error::CoseCipherError; use super::*; @@ -209,7 +210,6 @@ fn test_encrypt_decrypt_invalid_header( Some(unprotected_invalid), Some(protected_header), ); - assert!(encrypted.is_err()); assert!(encrypted.err().map_or(false, |x| { if let AccessTokenError::CoseCipherError(CoseCipherError::HeaderAlreadySet { existing_header_name,