RustCrypto · tarcieri · Jul 26, 2024 · Jul 26, 2024
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/aead/src/lib.rs b/aead/src/lib.rs
@@ -249,13 +249,15 @@ pub trait AeadMut: AeadCore {
 /// postfix authentication tag will need to define their own implementation.
 macro_rules! impl_decrypt_in_place {
     ($aead:expr, $nonce:expr, $aad:expr, $buffer:expr) => {{
-        if $buffer.len() < Self::TagSize::to_usize() {
-            return Err(Error);
-        }
+        let tag_pos = $buffer
+            .len()
+            .checked_sub(Self::TagSize::to_usize())
+            .ok_or(Error)?;
 
-        let tag_pos = $buffer.len() - Self::TagSize::to_usize();
         let (msg, tag) = $buffer.as_mut().split_at_mut(tag_pos);
-        $aead.decrypt_in_place_detached($nonce, $aad, msg, Tag::<Self>::from_slice(tag))?;
+        let tag = Tag::<Self>::try_from(&*tag).expect("tag length mismatch");
+
+        $aead.decrypt_in_place_detached($nonce, $aad, msg, &tag)?;
         $buffer.truncate(tag_pos);
         Ok(())
     }};

diff --git a/digest/src/core_api/ct_variable.rs b/digest/src/core_api/ct_variable.rs
@@ -221,7 +221,7 @@ where
 
     fn serialize(&self) -> SerializedState<Self> {
         let serialized_inner = self.inner.serialize();
-        let serialized_outsize = Array::<u8, U1>::clone_from_slice(&[OutSize::U8]);
+        let serialized_outsize = Array([OutSize::U8]);
 
         serialized_inner.concat(serialized_outsize)
     }

diff --git a/digest/src/core_api/rt_variable.rs b/digest/src/core_api/rt_variable.rs
@@ -157,10 +157,9 @@ where
 
     fn serialize(&self) -> SerializedState<Self> {
         let serialized_core = self.core.serialize();
-        let serialized_pos =
-            Array::<u8, U1>::clone_from_slice(&[self.buffer.get_pos().try_into().unwrap()]);
+        let serialized_pos = Array([self.buffer.get_pos().try_into().unwrap()]);
         let serialized_data = self.buffer.clone().pad_with_zeros();
-        let serialized_output_size = Array::<u8, U1>::clone_from_slice(&[self.output_size]);
+        let serialized_output_size = Array([self.output_size]);
 
         serialized_core
             .concat(serialized_pos)

diff --git a/digest/src/core_api/wrapper.rs b/digest/src/core_api/wrapper.rs
@@ -197,8 +197,7 @@ where
 
     fn serialize(&self) -> SerializedState<Self> {
         let serialized_core = self.core.serialize();
-        let serialized_pos =
-            Array::<u8, U1>::clone_from_slice(&[self.buffer.get_pos().try_into().unwrap()]);
+        let serialized_pos = Array([self.buffer.get_pos().try_into().unwrap()]);
         let serialized_data = self.buffer.clone().pad_with_zeros();
 
         serialized_core

diff --git a/elliptic-curve/src/public_key.rs b/elliptic-curve/src/public_key.rs
@@ -269,7 +269,11 @@ where
     FieldBytesSize<C>: ModulusSize,
 {
     fn from(public_key: &PublicKey<C>) -> CompressedPoint<C> {
-        CompressedPoint::<C>::clone_from_slice(public_key.to_encoded_point(true).as_bytes())
+        public_key
+            .to_encoded_point(true)
+            .as_bytes()
+            .try_into()
+            .expect("wrong compressed point size")
     }
 }
 

diff --git a/elliptic-curve/src/secret_key.rs b/elliptic-curve/src/secret_key.rs
@@ -163,8 +163,8 @@ where
     /// NOTE: this function is variable-time with respect to the input length. To avoid a timing
     /// sidechannel, always ensure that the input has been pre-padded to `C::FieldBytesSize`.
     pub fn from_slice(slice: &[u8]) -> Result<Self> {
-        if slice.len() == C::FieldBytesSize::USIZE {
-            Self::from_bytes(FieldBytes::<C>::from_slice(slice))
+        if let Ok(field_bytes) = <&FieldBytes<C>>::try_from(slice) {
+            Self::from_bytes(field_bytes)
         } else if (Self::MIN_SIZE..C::FieldBytesSize::USIZE).contains(&slice.len()) {
             let mut bytes = Zeroizing::new(FieldBytes::<C>::default());
             let offset = C::FieldBytesSize::USIZE.saturating_sub(slice.len());

diff --git a/signature/tests/derive.rs b/signature/tests/derive.rs
@@ -35,7 +35,10 @@ impl TryFrom<&[u8]> for DummySignature {
     type Error = Error;
 
     fn try_from(bytes: &[u8]) -> Result<Self, Error> {
-        Ok(DummySignature(Array::clone_from_slice(bytes)))
+        bytes
+            .try_into()
+            .map(DummySignature)
+            .map_err(|_| Error::new())
     }
 }