From ee7d6db80f8a94c3dda58a4cfaa447db90e924a4 Mon Sep 17 00:00:00 2001
From: Justin Smith <justsmth@amazon.com>
Date: Wed, 5 Jun 2024 17:33:35 -0400
Subject: [PATCH] Cleanup + PR feedback + rebase

---
 aws-lc-rs/src/cipher/streaming.rs | 16 ++++++++--------
 aws-lc-rs/src/ptr.rs              |  8 ++++++++
 2 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/aws-lc-rs/src/cipher/streaming.rs b/aws-lc-rs/src/cipher/streaming.rs
index 90e5e478604..dbe1dd0a1c4 100644
--- a/aws-lc-rs/src/cipher/streaming.rs
+++ b/aws-lc-rs/src/cipher/streaming.rs
@@ -63,7 +63,7 @@ impl StreamingEncryptingKey {
         context: EncryptionContext,
     ) -> Result<Self, Unspecified> {
         let algorithm = key.algorithm();
-        let cipher_ctx = LcPtr::new(unsafe { EVP_CIPHER_CTX_new() })?;
+        let mut cipher_ctx = LcPtr::new(unsafe { EVP_CIPHER_CTX_new() })?;
         let cipher = mode.evp_cipher(key.algorithm);
         let key_bytes = key.key_bytes.as_ref();
         debug_assert_eq!(
@@ -100,11 +100,11 @@ impl StreamingEncryptingKey {
     /// potentially writing bytes of ciphertext to `output`.
     ///
     /// The number of bytes written to `output` can be up to `input.len()`
-    /// plus the block length of the algorithm (e.g., 16 bytes for AES).
+    /// plus the block length of the algorithm (e.g., [`Algorithm::block_len`]).
     ///
     /// # Errors
     /// * May return an error if the `output` buffer is smaller than the length of
-    ///   the `input` plus the algorithm's block length. Certain cipher modes
+    ///   the `input` plus the algorithm's block length (e.g. [`Algorithm::block_len`]). Certain cipher modes
     ///   (such as CTR) may allow the output buffer to be as small as the size
     ///   of the input in certain circumstances.
     /// * Returns an error if the length of either `input` or `output` is larger
@@ -135,7 +135,7 @@ impl StreamingEncryptingKey {
     /// `output`.
     ///
     /// The number of bytes written to `output` can be up to the block length of
-    /// the algorithm (e.g., 16 bytes for AES).
+    /// [`Algorithm::block_len`].
     ///
     /// # Errors
     /// * May return an error if the `output` buffer is smaller than the algorithm's
@@ -143,7 +143,7 @@ impl StreamingEncryptingKey {
     ///   buffer to only be large enough to fit the remainder of the ciphertext.
     /// * Returns an error if the length of `output` is larger than `i32::MAX`.
     pub fn finish(
-        self,
+        mut self,
         output: &mut [u8],
     ) -> Result<(DecryptionContext, BufferUpdate), Unspecified> {
         let mut outlen: i32 = output.len().try_into()?;
@@ -240,7 +240,7 @@ impl StreamingDecryptingKey {
         mode: OperatingMode,
         context: DecryptionContext,
     ) -> Result<Self, Unspecified> {
-        let cipher_ctx = LcPtr::new(unsafe { EVP_CIPHER_CTX_new() })?;
+        let mut cipher_ctx = LcPtr::new(unsafe { EVP_CIPHER_CTX_new() })?;
         let algorithm = key.algorithm();
         let cipher = mode.evp_cipher(key.algorithm);
         let key_bytes = key.key_bytes.as_ref();
@@ -276,7 +276,7 @@ impl StreamingDecryptingKey {
     /// Updates the internal state of the key with the provided ciphertext `input`,
     /// potentially also writing bytes of plaintext to `output`.
     /// The number of bytes written to `output` can be up to `input.len()`
-    /// plus the block length of the cipher algorithm (e.g., 16 bytes for AES).
+    /// plus the block length of the cipher algorithm (e.g., [`Algorithm::block_len`]).
     ///
     /// # Errors
     /// * May return an error if the `output` buffer is smaller than the length of
@@ -310,7 +310,7 @@ impl StreamingDecryptingKey {
     /// Finishes the decryption operation, writing the remaining plaintext to
     /// `output`.
     /// The number of bytes written to `output` can be up to the block length of
-    /// the cipher algorithm (e.g., 16 bytes for AES).
+    /// the cipher algorithm (e.g., [`Algorithm::block_len`]).
     ///
     /// # Errors
     /// * May return an error if the `output` buffer is smaller than the algorithm's
diff --git a/aws-lc-rs/src/ptr.rs b/aws-lc-rs/src/ptr.rs
index 4be8ce54de9..93b76b62d40 100644
--- a/aws-lc-rs/src/ptr.rs
+++ b/aws-lc-rs/src/ptr.rs
@@ -2,6 +2,7 @@
 // SPDX-License-Identifier: Apache-2.0 OR ISC
 
 use core::ops::Deref;
+use std::ops::DerefMut;
 
 use aws_lc::{
     BN_free, ECDSA_SIG_free, EC_GROUP_free, EC_KEY_free, EC_POINT_free, EVP_AEAD_CTX_free,
@@ -28,6 +29,13 @@ impl<P: Pointer> Deref for ManagedPointer<P> {
     }
 }
 
+impl<P: Pointer> DerefMut for ManagedPointer<P> {
+    #[inline]
+    fn deref_mut(&mut self) -> &mut Self::Target {
+        &mut self.pointer
+    }
+}
+
 impl<P: Pointer> ManagedPointer<P> {
     #[inline]
     pub fn new<T: IntoPointer<P>>(value: T) -> Result<Self, ()> {