Fix concerns

libp2p-secio/src/codec/encode.rs

@@ -28,6 +28,7 @@ use futures::StartSend;
 use futures::sink::Sink;
 use futures::stream::Stream;
 use ring::hmac;
+use std::iter;
 
 /// Wraps around a `Sink`. Encodes the buffers passed to it and passes it to the underlying sink.
 ///
@@ -68,7 +69,7 @@ impl<S> Sink for EncoderMiddleware<S>
 		let mut out_buffer = BytesMut::with_capacity(capacity);
 		// Note: Alternatively to `extend`, we could also call `advance_mut()`, which will add
 		//		 uninitialized bytes to the buffer. But that's unsafe.
-		out_buffer.extend((0..item.len()).map(|_| 0));
+		out_buffer.extend(iter::repeat(0).take(item.len()));
 		self.cipher_state.process(&item, &mut out_buffer);
 
 		let signature = hmac::sign(&self.hmac_key, &out_buffer);

libp2p-secio/src/handshake.rs

@@ -444,8 +444,11 @@ fn stretch_key(key: &SigningKey, result: &mut [u8]) {
 #[cfg(test)]
 mod tests {
 	use super::handshake;
+	use super::stretch_key;
 	use futures::Future;
 	use futures::Stream;
+	use ring::digest::SHA256;
+	use ring::hmac::SigningKey;
 	use ring::signature::RSAKeyPair;
 	use std::sync::Arc;
 	use tokio_core::net::TcpListener;
@@ -485,4 +488,265 @@ mod tests {
 
 		core.run(server.join(client)).unwrap();
 	}
+
+	#[test]
+	fn stretch() {
+		let mut output = [0u8; 32];
+
+		let key1 = SigningKey::new(&SHA256, &[]);
+		stretch_key(&key1, &mut output);
+		assert_eq!(
+			&output,
+			&[
+				103,
+				144,
+				60,
+				199,
+				85,
+				145,
+				239,
+				71,
+				79,
+				198,
+				85,
+				164,
+				32,
+				53,
+				143,
+				205,
+				50,
+				48,
+				153,
+				10,
+				37,
+				32,
+				85,
+				1,
+				226,
+				61,
+				193,
+				1,
+				154,
+				120,
+				207,
+				80,
+			]
+		);
+
+		let key2 = SigningKey::new(
+			&SHA256,
+			&[
+				157,
+				166,
+				80,
+				144,
+				77,
+				193,
+				198,
+				6,
+				23,
+				220,
+				87,
+				220,
+				191,
+				72,
+				168,
+				197,
+				54,
+				33,
+				219,
+				225,
+				84,
+				156,
+				165,
+				37,
+				149,
+				224,
+				244,
+				32,
+				170,
+				79,
+				125,
+				35,
+				171,
+				26,
+				178,
+				176,
+				92,
+				168,
+				22,
+				27,
+				205,
+				44,
+				229,
+				61,
+				152,
+				21,
+				222,
+				81,
+				241,
+				81,
+				116,
+				236,
+				74,
+				166,
+				89,
+				145,
+				5,
+				162,
+				108,
+				230,
+				55,
+				54,
+				9,
+				17,
+			],
+		);
+		stretch_key(&key2, &mut output);
+		assert_eq!(
+			&output,
+			&[
+				39,
+				151,
+				182,
+				63,
+				180,
+				175,
+				224,
+				139,
+				42,
+				131,
+				130,
+				116,
+				55,
+				146,
+				62,
+				31,
+				157,
+				95,
+				217,
+				15,
+				73,
+				81,
+				10,
+				83,
+				243,
+				141,
+				64,
+				227,
+				103,
+				144,
+				99,
+				121,
+			]
+		);
+
+		let key3 = SigningKey::new(
+			&SHA256,
+			&[
+				98,
+				219,
+				94,
+				104,
+				97,
+				70,
+				139,
+				13,
+				185,
+				110,
+				56,
+				36,
+				66,
+				3,
+				80,
+				224,
+				32,
+				205,
+				102,
+				170,
+				59,
+				32,
+				140,
+				245,
+				86,
+				102,
+				231,
+				68,
+				85,
+				249,
+				227,
+				243,
+				57,
+				53,
+				171,
+				36,
+				62,
+				225,
+				178,
+				74,
+				89,
+				142,
+				151,
+				94,
+				183,
+				231,
+				208,
+				166,
+				244,
+				130,
+				130,
+				209,
+				248,
+				65,
+				19,
+				48,
+				127,
+				127,
+				55,
+				82,
+				117,
+				154,
+				124,
+				108,
+			],
+		);
+		stretch_key(&key3, &mut output);
+		assert_eq!(
+			&output,
+			&[
+				28,
+				39,
+				158,
+				206,
+				164,
+				16,
+				211,
+				194,
+				99,
+				43,
+				208,
+				36,
+				24,
+				141,
+				90,
+				93,
+				157,
+				236,
+				238,
+				111,
+				170,
+				0,
+				60,
+				11,
+				49,
+				174,
+				177,
+				121,
+				30,
+				12,
+				182,
+				25,
+			]
+		);
+	}
 }