fn wrap()

in aws-lc-rs/src/key_wrap.rs [211:253]

• 34 lines of code
• 4 McCabe index (conditional complexity)

    fn wrap<'output>(
        self,
        plaintext: &[u8],
        output: &'output mut [u8],
    ) -> Result<&'output mut [u8], Unspecified> {
        if output.len() < plaintext.len() + 8 {
            return Err(Unspecified);
        }

        let mut aes_key = MaybeUninit::<AES_KEY>::uninit();

        let key_bits: u32 = (self.key.len() * 8).try_into().map_err(|_| Unspecified)?;

        if 0 != unsafe { AES_set_encrypt_key(self.key.as_ptr(), key_bits, aes_key.as_mut_ptr()) } {
            return Err(Unspecified);
        }

        let aes_key = unsafe { aes_key.assume_init() };

        // AWS-LC validates the following:
        // * in_len <= INT_MAX - 8
        // * in_len >= 16
        // * in_len % 8 == 0
        let out_len = indicator_check!(unsafe {
            AES_wrap_key(
                &aes_key,
                null(),
                output.as_mut_ptr(),
                plaintext.as_ptr(),
                plaintext.len(),
            )
        });

        if out_len == -1 {
            return Err(Unspecified);
        }

        let out_len: usize = out_len.try_into().map_err(|_| Unspecified)?;

        debug_assert_eq!(out_len, plaintext.len() + 8);

        Ok(&mut output[..out_len])
    }