Fix warnings for unused constants

api/src/constants.rs

@@ -0,0 +1,52 @@
+// "\x0c\x04\x01" -- form feed, end of text, start of header
+// "ed25519ph" -- used algorithm
+// "\x00\x00" -- version number in network byte order
+/// Bytes preceeding signatures
+pub(crate) const MAGIC_HEADER: &[u8; 14] = b"\x0c\x04\x01ed25519ph\x00\x00";
+
+/// Total number of bytes in a [`MAGIC_HEADER`] + [`SignatureCountLeInt`]
+pub(crate) const HEADER_SIZE: usize = 16;
+
+/// Integer type to tell the number of signatures in a signed file, stored in little endian
+pub(crate) type SignatureCountLeInt = u16;
+
+#[cfg(any(feature = "sign-tar", feature = "verify-tar"))]
+pub(crate) const EPOCH: u32 = 978_307_200;
+
+/// Prefix of the signature block in a signed .tar.gz file
+///
+/// Followed by base64 encoded signatures string, the current stream position before this block
+/// encoded as zero-padded 16 bytes hexadecimal string, and [`GZIP_END`]
+/// [`GZIP_END`]
+#[cfg(any(feature = "sign-tar", feature = "verify-tar"))]
+pub(crate) const GZIP_START: &[u8; 10] = {
+    let [m1, m2, m3, m4] = EPOCH.to_le_bytes();
+    &[
+        0x1f, 0x8b, // gzip: magic number
+        0x08, // gzip: compression method (deflate)
+        0x10, // gzip: flags (binary, no checksum, no extra fields, no name, has comment)
+        m1, m2, m3, m4,   // gzip: modification time
+        0x00, // gzip: extra flags (unset)
+        0xff, // gzip: Operating system ID: unknown
+    ]
+};
+
+/// Suffix of the signature block in a signed .tar.gz file
+#[cfg(any(feature = "sign-tar", feature = "verify-tar"))]
+pub(crate) const GZIP_END: &[u8; 14] = &[
+    0x00, // deflate: NUL terminator, end of comments
+    0x01, // deflate: block header (final block, uncompressed)
+    0x00, 0x00, // deflate: length
+    0xff, 0xff, // deflate: negated length
+    0, 0, 0, 0, // gzip: crc32 of uncompressed data
+    0, 0, 0, 0, // gzip: total uncompressed size
+];
+
+/// Total overhead the signature block in a signed .tar.gz file excluding signature data
+#[cfg(feature = "sign-tar")]
+pub(crate) const GZIP_EXTRA: usize = GZIP_START.len() + GZIP_END.len() + u64::BITS as usize / 4;
+
+/// Maximum number of bytes the encoded signatures may have
+///
+/// This number equates to 1022 signatures in a `.zip` file, and 767 signatures in `.tar.gz` file.
+pub(crate) const BUF_LIMIT: usize = 1 << 16;

api/src/lib.rs

@@ -20,6 +20,8 @@
 #![warn(unused_results)]
 #![doc = include_str!("../README.md")]
 
+#[cfg(any(feature = "sign", feature = "verify"))]
+mod constants;
 #[cfg(feature = "sign")]
 pub mod sign;
 #[cfg(feature = "verify")]
@@ -33,55 +35,6 @@ pub use ed25519_dalek::{
     PUBLIC_KEY_LENGTH, SIGNATURE_LENGTH,
 };
 
-// "\x0c\x04\x01" -- form feed, end of text, start of header
-// "ed25519ph" -- used algorithm
-// "\x00\x00" -- version number in network byte order
-/// Bytes preceeding signatures
-const MAGIC_HEADER: &[u8; 14] = b"\x0c\x04\x01ed25519ph\x00\x00";
-
-/// Total number of bytes in a [`MAGIC_HEADER`] + [`SignatureCountLeInt`]
-const HEADER_SIZE: usize = 16;
-
-/// Integer type to tell the number of signatures in a signed file, stored in little endian
-type SignatureCountLeInt = u16;
-
-const EPOCH: u32 = 978_307_200; // 2001-01-01 00:00:00 Z
-
-/// Prefix of the signature block in a signed .tar.gz file
-///
-/// Followed by base64 encoded signatures string, the current stream position before this block
-/// encoded as zero-padded 16 bytes hexadecimal string, and [`GZIP_END`]
-/// [`GZIP_END`]
-const GZIP_START: &[u8; 10] = {
-    let [m1, m2, m3, m4] = EPOCH.to_le_bytes();
-    &[
-        0x1f, 0x8b, // gzip: magic number
-        0x08, // gzip: compression method (deflate)
-        0x10, // gzip: flags (binary, no checksum, no extra fields, no name, has comment)
-        m1, m2, m3, m4,   // gzip: modification time
-        0x00, // gzip: extra flags (unset)
-        0xff, // gzip: Operating system ID: unknown
-    ]
-};
-
-/// Suffix of the signature block in a signed .tar.gz file
-const GZIP_END: &[u8; 14] = &[
-    0x00, // deflate: NUL terminator, end of comments
-    0x01, // deflate: block header (final block, uncompressed)
-    0x00, 0x00, // deflate: length
-    0xff, 0xff, // deflate: negated length
-    0, 0, 0, 0, // gzip: crc32 of uncompressed data
-    0, 0, 0, 0, // gzip: total uncompressed size
-];
-
-/// Total overhead the signature block in a signed .tar.gz file excluding signature data
-const GZIP_EXTRA: usize = GZIP_START.len() + GZIP_END.len() + u64::BITS as usize / 4;
-
-/// Maximum number of bytes the encoded signatures may have
-///
-/// This number equates to 1022 signatures in a `.zip` file, and 767 signatures in `.tar.gz` file.
-const BUF_LIMIT: usize = 1 << 16; // 64 kiB
-
 /// Calculate the hash of an input file
 pub fn prehash<I>(input: &mut I) -> std::io::Result<Sha512>
 where

api/src/sign/mod.rs

@@ -13,10 +13,8 @@ use std::io::Read;
 pub use self::tar::{copy_and_sign_tar, SignTarError};
 #[cfg(feature = "sign-zip")]
 pub use self::zip::{copy_and_sign_zip, SignZipError};
-use crate::{
-    Sha512, SignatureCountLeInt, SignatureError, SigningKey, BUF_LIMIT, HEADER_SIZE,
-    KEYPAIR_LENGTH, MAGIC_HEADER, SIGNATURE_LENGTH,
-};
+use crate::constants::{SignatureCountLeInt, BUF_LIMIT, HEADER_SIZE, MAGIC_HEADER};
+use crate::{Sha512, SignatureError, SigningKey, KEYPAIR_LENGTH, SIGNATURE_LENGTH};
 
 /// An error returned by [`read_signing_keys()`]
 #[derive(Debug, thiserror::Error)]

api/src/sign/tar.rs

@@ -7,10 +7,10 @@ use base64::Engine;
 use ed25519_dalek::SIGNATURE_LENGTH;
 
 use super::{gather_signature_data, GatherSignatureDataError};
-use crate::{
-    prehash, SignatureCountLeInt, SigningKey, BUF_LIMIT, GZIP_END, GZIP_EXTRA, GZIP_START,
-    HEADER_SIZE,
+use crate::constants::{
+    SignatureCountLeInt, BUF_LIMIT, GZIP_END, GZIP_EXTRA, GZIP_START, HEADER_SIZE,
 };
+use crate::{prehash, SigningKey};
 
 /// An error returned by [`copy_and_sign_tar()`]
 #[derive(Debug, thiserror::Error)]

api/src/sign/zip.rs

@@ -6,7 +6,8 @@ use zip::result::ZipError;
 use zip::{ZipArchive, ZipWriter};
 
 use super::{gather_signature_data, GatherSignatureDataError};
-use crate::{prehash, SignatureCountLeInt, SigningKey, BUF_LIMIT, HEADER_SIZE, SIGNATURE_LENGTH};
+use crate::constants::{SignatureCountLeInt, BUF_LIMIT, HEADER_SIZE};
+use crate::{prehash, SigningKey, SIGNATURE_LENGTH};
 
 /// An error returned by [`copy_and_sign_zip()`]
 #[derive(Debug, thiserror::Error)]
@@ -52,7 +53,7 @@ pub fn copy_and_sign_zip<I, O>(
 ) -> Result<(), SignZipError>
 where
     I: ?Sized + Read + Seek,
-    O: ?Sized + Read + Write + Seek,
+    O: ?Sized + Read + Seek + Write,
 {
     if keys.len() > SignatureCountLeInt::MAX as usize {
         return Err(SignZipError::TooManyKeys);

api/src/verify/mod.rs

@@ -13,10 +13,8 @@ use std::io::Read;
 pub use self::tar::{verify_tar, VerifyTarError};
 #[cfg(feature = "verify-zip")]
 pub use self::zip::{verify_zip, VerifyZipError};
-use crate::{
-    Sha512, Signature, SignatureCountLeInt, SignatureError, VerifyingKey, BUF_LIMIT, HEADER_SIZE,
-    MAGIC_HEADER, PUBLIC_KEY_LENGTH, SIGNATURE_LENGTH,
-};
+use crate::constants::{SignatureCountLeInt, BUF_LIMIT, HEADER_SIZE, MAGIC_HEADER};
+use crate::{Sha512, Signature, SignatureError, VerifyingKey, PUBLIC_KEY_LENGTH, SIGNATURE_LENGTH};
 
 /// An error returned by [`collect_keys()`]
 #[derive(Debug, thiserror::Error)]

api/src/verify/tar.rs

@@ -7,10 +7,10 @@ use base64::prelude::BASE64_STANDARD;
 use base64::Engine;
 
 use super::{find_match, NoMatch};
-use crate::{
-    prehash, Sha512, Signature, SignatureCountLeInt, SignatureError, VerifyingKey, BUF_LIMIT,
-    GZIP_END, GZIP_START, HEADER_SIZE, MAGIC_HEADER, SIGNATURE_LENGTH,
+use crate::constants::{
+    SignatureCountLeInt, BUF_LIMIT, GZIP_END, GZIP_START, HEADER_SIZE, MAGIC_HEADER,
 };
+use crate::{prehash, Sha512, Signature, SignatureError, VerifyingKey, SIGNATURE_LENGTH};
 
 /// An error returned by [`verify_tar()`]
 #[derive(Debug, thiserror::Error)]