rsa: Use NonZero::new instead of new_unchecked

briansmith · Sep 30, 2023 · e3e27e5 · e3e27e5
1 parent 8406e2c
commit e3e27e5
Showing 1 changed file with 12 additions and 3 deletions.
diff --git a/src/rsa/public_exponent.rs b/src/rsa/public_exponent.rs
@@ -12,8 +12,14 @@ impl PublicExponent {
 
     // TODO: Use `NonZeroU64::new(...).unwrap()` when `feature(const_panic)` is
     // stable.
-    pub(super) const _3: Self = Self(unsafe { NonZeroU64::new_unchecked(3) });
-    pub(super) const _65537: Self = Self(unsafe { NonZeroU64::new_unchecked(65537) });
+    pub(super) const _3: Self = Self(match NonZeroU64::new(3) {
+        Some(nz) => nz,
+        None => unreachable!(),
+    });
+    pub(super) const _65537: Self = Self(match NonZeroU64::new(65537) {
+        Some(nz) => nz,
+        None => unreachable!(),
+    });
 
     // This limit was chosen to bound the performance of the simple
     // exponentiation-by-squaring implementation in `elem_exp_vartime`. In
@@ -29,7 +35,10 @@ impl PublicExponent {
     //
     // TODO: Use `NonZeroU64::new(...).unwrap()` when `feature(const_panic)` is
     // stable.
-    const MAX: Self = Self(unsafe { NonZeroU64::new_unchecked((1u64 << 33) - 1) });
+    const MAX: Self = Self(match NonZeroU64::new((1u64 << 33) - 1) {
+        Some(nz) => nz,
+        None => unreachable!(),
+    });
 
     pub(super) fn from_be_bytes(
         input: untrusted::Input,