Export de/encoding during fuzzing only

- make decode and encode modules private by default
- move BitWriter to own public module

Author: uncomputable

.github/workflows/main.yml

@@ -99,9 +99,9 @@ jobs:
           FEATURES: honggfuzz_fuzz
         run: |
           cd fuzz/
-          for f in $FEATURES; do echo "Features: $f" && cargo test --no-default-features --features="$f"; done
-          echo "No default features" && cargo test --no-default-features
-          echo "All features" && cargo test --all-features
+          for f in $FEATURES; do echo "Features: $f" && RUSTFLAGS=--cfg=fuzzing cargo test --no-default-features --features="$f"; done
+          echo "No default features" && RUSTFLAGS=--cfg=fuzzing cargo test --no-default-features
+          echo "All features" && RUSTFLAGS=--cfg=fuzzing cargo test --all-features
       - name: Running fuzz tests
         env:
           FEATURES: honggfuzz_fuzz

fuzz/fuzz_targets/rtt_natural.rs

@@ -15,7 +15,7 @@
 extern crate simplicity;
 
 use simplicity::bititer::BitIter;
-use simplicity::encode::BitWriter;
+use simplicity::bitwriter::BitWriter;
 use simplicity::{decode, encode};
 
 fn do_test(data: &[u8]) {
@@ -85,6 +85,9 @@ mod tests {
 
     #[test]
     fn duplicate_crash() {
+        #[cfg(not(fuzzing))]
+        compile_error!("To build this target or run the unit tests you must set RUSTFLAGS=--cfg=fuzzing");
+
         let mut a = Vec::new();
         extend_vec_from_hex("00", &mut a);
         super::do_test(&a);

src/bitwriter.rs

@@ -0,0 +1,104 @@
+// Rust Simplicity Library
+// Written in 2020 by
+//   Andrew Poelstra <[email protected]>
+//
+// To the extent possible under law, the author(s) have dedicated all
+// copyright and related and neighboring rights to this software to
+// the public domain worldwide. This software is distributed without
+// any warranty.
+//
+// You should have received a copy of the CC0 Public Domain Dedication
+// along with this software.
+// If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
+//
+
+use std::io;
+
+/// Bitwise writer formed by wrapping a bytewise [`io::Write`].
+/// Bits are written in big-endian order.
+/// Bytes are filled with zeroes for padding.
+pub struct BitWriter<W: io::Write> {
+    /// Byte writer
+    w: W,
+    /// Current byte that contains current bits, yet to be written out
+    cache: u8,
+    /// Number of current bits
+    cache_len: usize,
+    /// Total number of written bits
+    total_written: usize,
+}
+
+impl<W: io::Write> From<W> for BitWriter<W> {
+    fn from(w: W) -> Self {
+        BitWriter {
+            w,
+            cache: 0,
+            cache_len: 0,
+            total_written: 0,
+        }
+    }
+}
+
+impl<W: io::Write> io::Write for BitWriter<W> {
+    fn write(&mut self, buf: &[u8]) -> io::Result<usize> {
+        self.w.write(buf)
+    }
+
+    /// Does **not** write out cached bits
+    /// (i.e. bits written since the last byte boundary).
+    /// To do this you must call [`BitWriter::flush_all()`].
+    fn flush(&mut self) -> io::Result<()> {
+        self.w.flush()
+    }
+}
+
+impl<W: io::Write> BitWriter<W> {
+    /// Create a bitwise writer from a bytewise one.
+    /// Equivalent to using [`From`].
+    pub fn new(w: W) -> BitWriter<W> {
+        BitWriter::from(w)
+    }
+
+    /// Write a single bit.
+    pub fn write_bit(&mut self, b: bool) -> io::Result<()> {
+        if self.cache_len < 8 {
+            self.cache_len += 1;
+            self.total_written += 1;
+            if b {
+                self.cache |= 1 << (8 - self.cache_len);
+            }
+            Ok(())
+        } else {
+            self.w.write_all(&[self.cache])?;
+            self.cache_len = 0;
+            self.cache = 0;
+            self.write_bit(b)
+        }
+    }
+
+    /// Write out all cached bits.
+    /// This may write up to two bytes and flushes the underlying [`io::Write`].
+    pub fn flush_all(&mut self) -> io::Result<()> {
+        self.w.write_all(&[self.cache])?;
+        self.cache_len = 0;
+        self.cache = 0;
+
+        io::Write::flush(&mut self.w)
+    }
+
+    /// Return total number of written bits.
+    pub fn n_total_written(&self) -> usize {
+        self.total_written
+    }
+
+    /// Write up to 64 bits in big-endian order.
+    /// The first `len` many _least significant_ bits from `n` are written.
+    ///
+    /// Returns the number of written bits.
+    pub fn write_bits_be(&mut self, n: u64, len: usize) -> io::Result<usize> {
+        for i in 0..len {
+            self.write_bit(n & (1 << (len - i - 1)) != 0)?;
+        }
+        Ok(len)
+    }
+}

src/core/commit.rs

@@ -14,11 +14,10 @@
 //
 
 use crate::bititer::BitIter;
-use crate::core::iter::DagIterable;
+use crate::bitwriter::BitWriter;
+use crate::core::iter::{DagIterable, WitnessIterator};
 use crate::core::node::NodeInner;
 use crate::core::{Node, Value};
-use crate::decode::WitnessIterator;
-use crate::encode::BitWriter;
 use crate::jet::{Application, JetNode};
 use crate::merkle::cmr::Cmr;
 use crate::merkle::{cmr, imr};

src/core/iter.rs

@@ -15,7 +15,10 @@
 //! Iterators over DAGs
 
 use crate::core::node::{NodeInner, RefWrapper};
+use crate::core::types::Type;
+use crate::core::Value;
 use crate::jet::Application;
+use crate::Error;
 use std::collections::HashSet;
 use std::hash::Hash;
 
@@ -157,3 +160,22 @@ where
         }
     })
 }
+
+/// Iterator over witness values that asks for the value type on each iteration.
+pub trait WitnessIterator {
+    /// Return the next witness value of the given type.
+    fn next(&mut self, ty: &Type) -> Result<Value, Error>;
+
+    /// Consume the iterator and check the total witness length.
+    fn finish(self) -> Result<(), Error>;
+}
+
+impl<I: Iterator<Item = Value>> WitnessIterator for I {
+    fn next(&mut self, _ty: &Type) -> Result<Value, Error> {
+        Iterator::next(self).ok_or(Error::EndOfStream)
+    }
+
+    fn finish(self) -> Result<(), Error> {
+        Ok(())
+    }
+}

src/core/node.rs

@@ -13,11 +13,11 @@
 //
 
 use crate::bititer::BitIter;
+use crate::bitwriter::BitWriter;
 use crate::core::iter::DagIterable;
 use crate::core::types::Type;
 use crate::core::{iter, Value};
 use crate::decode::WitnessDecoder;
-use crate::encode::BitWriter;
 use crate::jet::{Application, JetNode};
 use crate::merkle::cmr::Cmr;
 use crate::merkle::imr::Imr;

src/decode.rs

@@ -19,7 +19,7 @@
 
 use crate::bititer::BitIter;
 use crate::core::commit::{CommitNodeInner, RefWrapper};
-use crate::core::iter::DagIterable;
+use crate::core::iter::{DagIterable, WitnessIterator};
 use crate::core::types::{Type, TypeInner};
 use crate::core::{CommitNode, Value};
 use crate::jet::Application;
@@ -31,7 +31,7 @@ use std::rc::Rc;
 /// Decode a Simplicity program from bits where witness data follows.
 ///
 /// The number of decoded witness nodes corresponds exactly to the witness data.
-pub(crate) fn decode_program_exact_witness<I: Iterator<Item = u8>, App: Application>(
+pub fn decode_program_exact_witness<I: Iterator<Item = u8>, App: Application>(
     bits: &mut BitIter<I>,
 ) -> Result<Rc<CommitNode<(), App>>, Error> {
     decode_program(bits, false)
@@ -41,7 +41,7 @@ pub(crate) fn decode_program_exact_witness<I: Iterator<Item = u8>, App: Applicat
 ///
 /// Witness nodes are made fresh, i.e., each witness node has at most one parent.
 /// This increases the number of witness nodes and hence the length of the required witness data.
-pub(crate) fn decode_program_fresh_witness<I: Iterator<Item = u8>, App: Application>(
+pub fn decode_program_fresh_witness<I: Iterator<Item = u8>, App: Application>(
     bits: &mut BitIter<I>,
 ) -> Result<Rc<CommitNode<(), App>>, Error> {
     decode_program(bits, true)
@@ -225,25 +225,6 @@ fn get_child_from_index<App: Application>(
     }
 }
 
-/// Iterator over witness values that asks for the value type on each iteration.
-pub trait WitnessIterator {
-    /// Return the next witness value of the given type.
-    fn next(&mut self, ty: &Type) -> Result<Value, Error>;
-
-    /// Consume the iterator and check the total witness length.
-    fn finish(self) -> Result<(), Error>;
-}
-
-impl<I: Iterator<Item = Value>> WitnessIterator for I {
-    fn next(&mut self, _ty: &Type) -> Result<Value, Error> {
-        Iterator::next(self).ok_or(Error::EndOfStream)
-    }
-
-    fn finish(self) -> Result<(), Error> {
-        Ok(())
-    }
-}
-
 /// Implementation of [`WitnessIterator`] for an underlying [`BitIter`].
 #[derive(Debug)]
 pub struct WitnessDecoder<'a, I: Iterator<Item = u8>> {
@@ -253,7 +234,10 @@ pub struct WitnessDecoder<'a, I: Iterator<Item = u8>> {
 
 impl<'a, I: Iterator<Item = u8>> WitnessDecoder<'a, I> {
     /// Create a new witness decoder for the given bit iterator.
-    /// To work, this method must be used **after** [`decode_program_no_witness()`]!
+    ///
+    /// # Usage
+    ///
+    /// This method must be used **after** the program serialization has been read by the iterator.
     pub fn new(bits: &'a mut BitIter<I>) -> Result<Self, Error> {
         let bit_len = match bits.next() {
             Some(false) => 0,
@@ -302,7 +286,7 @@ pub fn decode_value<I: Iterator<Item = bool>>(ty: &Type, iter: &mut I) -> Result
 }
 
 /// Decode a 256-bit hash from bits.
-fn decode_hash<I: Iterator<Item = u8>>(iter: &mut BitIter<I>) -> Result<[u8; 32], Error> {
+pub fn decode_hash<I: Iterator<Item = u8>>(iter: &mut BitIter<I>) -> Result<[u8; 32], Error> {
     let mut h = [0; 32];
 
     for b in &mut h {
@@ -362,8 +346,8 @@ pub fn decode_natural<I: Iterator<Item = bool>>(
 #[cfg(test)]
 mod tests {
     use super::*;
+    use crate::bitwriter::BitWriter;
     use crate::encode;
-    use crate::encode::BitWriter;
 
     #[test]
     fn decode_fixed() {