diff --git a/src/aead.rs b/src/aead.rs index d9a378e..7217800 100644 --- a/src/aead.rs +++ b/src/aead.rs @@ -22,7 +22,7 @@ const CHACHA20_COUNTER_OVERFLOW: u64 = ((1 << 32) - 1) * 64; /// # Example /// /// ``` -/// use chacha20_poly1305_aead::encrypt; +/// use chacha20_poly1305_stream::encrypt; /// /// let key = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, /// 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31]; @@ -99,9 +99,9 @@ pub fn encrypt_read(key: &[u8], nonce: &[u8], /// # Example /// /// ``` -/// # use chacha20_poly1305_aead::DecryptError; +/// # use chacha20_poly1305_stream::DecryptError; /// # fn example() -> Result<(), DecryptError> { -/// use chacha20_poly1305_aead::decrypt; +/// use chacha20_poly1305_stream::decrypt; /// /// let key = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, /// 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31]; @@ -116,7 +116,7 @@ pub fn encrypt_read(key: &[u8], nonce: &[u8], /// // Vec implements the Write trait /// let mut plaintext = Vec::with_capacity(ciphertext.len()); /// -/// try!(decrypt(&key, &nonce, &aad, &ciphertext, &tag, &mut plaintext)); +/// decrypt(&key, &nonce, &aad, &ciphertext, &tag, &mut plaintext)?; /// /// assert_eq!(plaintext, b"hello, world"); /// # Ok(()) diff --git a/src/as_bytes.rs b/src/as_bytes.rs index bb61cdf..576a506 100644 --- a/src/as_bytes.rs +++ b/src/as_bytes.rs @@ -34,10 +34,17 @@ impl AsBytes for [T] { } unsafe impl Safe for u8 {} + unsafe impl Safe for u16 {} + unsafe impl Safe for u32 {} + unsafe impl Safe for u64 {} + unsafe impl Safe for i8 {} + unsafe impl Safe for i16 {} + unsafe impl Safe for i32 {} + unsafe impl Safe for i64 {} diff --git a/src/chacha20.rs b/src/chacha20.rs index 08d9bf7..9c3b1fa 100644 --- a/src/chacha20.rs +++ b/src/chacha20.rs @@ -10,7 +10,7 @@ use crate::simd::{Vector4, u32x4}; #[derive(Clone, Debug)] pub struct ChaCha20 { - state: [u32x4; 3] + state: [u32x4; 3], } #[cfg_attr(feature = "clippy", allow(should_implement_trait))] @@ -105,20 +105,20 @@ impl ChaCha20 { #[cold] pub fn selftest() { let key = [0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, - 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f]; + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f]; let nonce = [0x00, 0x00, 0x00, 0x09, - 0x00, 0x00, 0x00, 0x4a, - 0x00, 0x00, 0x00, 0x00]; + 0x00, 0x00, 0x00, 0x4a, + 0x00, 0x00, 0x00, 0x00]; let expected = [0x10, 0xf1, 0xe7, 0xe4, 0xd1, 0x3b, 0x59, 0x15, - 0x50, 0x0f, 0xdd, 0x1f, 0xa3, 0x20, 0x71, 0xc4, - 0xc7, 0xd1, 0xf4, 0xc7, 0x33, 0xc0, 0x68, 0x03, - 0x04, 0x22, 0xaa, 0x9a, 0xc3, 0xd4, 0x6c, 0x4e, - 0xd2, 0x82, 0x64, 0x46, 0x07, 0x9f, 0xaa, 0x09, - 0x14, 0xc2, 0xd7, 0x05, 0xd9, 0x8b, 0x02, 0xa2, - 0xb5, 0x12, 0x9c, 0xd1, 0xde, 0x16, 0x4e, 0xb9, - 0xcb, 0xd0, 0x83, 0xe8, 0xa2, 0x50, 0x3c, 0x4e]; + 0x50, 0x0f, 0xdd, 0x1f, 0xa3, 0x20, 0x71, 0xc4, + 0xc7, 0xd1, 0xf4, 0xc7, 0x33, 0xc0, 0x68, 0x03, + 0x04, 0x22, 0xaa, 0x9a, 0xc3, 0xd4, 0x6c, 0x4e, + 0xd2, 0x82, 0x64, 0x46, 0x07, 0x9f, 0xaa, 0x09, + 0x14, 0xc2, 0xd7, 0x05, 0xd9, 0x8b, 0x02, 0xa2, + 0xb5, 0x12, 0x9c, 0xd1, 0xde, 0x16, 0x4e, 0xb9, + 0xcb, 0xd0, 0x83, 0xe8, 0xa2, 0x50, 0x3c, 0x4e]; let mut state = ChaCha20::with_counter(&key, &nonce, 1); let block = state.next(); @@ -127,7 +127,7 @@ pub fn selftest() { #[cfg(test)] mod tests { - use as_bytes::AsBytes; + use crate::as_bytes::AsBytes; use super::ChaCha20; #[test] @@ -141,82 +141,82 @@ mod tests { assert_eq!(state.next().as_bytes(), &[0x76, 0xb8, 0xe0, 0xad, 0xa0, 0xf1, 0x3d, 0x90, - 0x40, 0x5d, 0x6a, 0xe5, 0x53, 0x86, 0xbd, 0x28, - 0xbd, 0xd2, 0x19, 0xb8, 0xa0, 0x8d, 0xed, 0x1a, - 0xa8, 0x36, 0xef, 0xcc, 0x8b, 0x77, 0x0d, 0xc7, - 0xda, 0x41, 0x59, 0x7c, 0x51, 0x57, 0x48, 0x8d, - 0x77, 0x24, 0xe0, 0x3f, 0xb8, 0xd8, 0x4a, 0x37, - 0x6a, 0x43, 0xb8, 0xf4, 0x15, 0x18, 0xa1, 0x1c, - 0xc3, 0x87, 0xb6, 0x69, 0xb2, 0xee, 0x65, 0x86][..]); + 0x40, 0x5d, 0x6a, 0xe5, 0x53, 0x86, 0xbd, 0x28, + 0xbd, 0xd2, 0x19, 0xb8, 0xa0, 0x8d, 0xed, 0x1a, + 0xa8, 0x36, 0xef, 0xcc, 0x8b, 0x77, 0x0d, 0xc7, + 0xda, 0x41, 0x59, 0x7c, 0x51, 0x57, 0x48, 0x8d, + 0x77, 0x24, 0xe0, 0x3f, 0xb8, 0xd8, 0x4a, 0x37, + 0x6a, 0x43, 0xb8, 0xf4, 0x15, 0x18, 0xa1, 0x1c, + 0xc3, 0x87, 0xb6, 0x69, 0xb2, 0xee, 0x65, 0x86][..]); assert_eq!(state.next().as_bytes(), &[0x9f, 0x07, 0xe7, 0xbe, 0x55, 0x51, 0x38, 0x7a, - 0x98, 0xba, 0x97, 0x7c, 0x73, 0x2d, 0x08, 0x0d, - 0xcb, 0x0f, 0x29, 0xa0, 0x48, 0xe3, 0x65, 0x69, - 0x12, 0xc6, 0x53, 0x3e, 0x32, 0xee, 0x7a, 0xed, - 0x29, 0xb7, 0x21, 0x76, 0x9c, 0xe6, 0x4e, 0x43, - 0xd5, 0x71, 0x33, 0xb0, 0x74, 0xd8, 0x39, 0xd5, - 0x31, 0xed, 0x1f, 0x28, 0x51, 0x0a, 0xfb, 0x45, - 0xac, 0xe1, 0x0a, 0x1f, 0x4b, 0x79, 0x4d, 0x6f][..]); + 0x98, 0xba, 0x97, 0x7c, 0x73, 0x2d, 0x08, 0x0d, + 0xcb, 0x0f, 0x29, 0xa0, 0x48, 0xe3, 0x65, 0x69, + 0x12, 0xc6, 0x53, 0x3e, 0x32, 0xee, 0x7a, 0xed, + 0x29, 0xb7, 0x21, 0x76, 0x9c, 0xe6, 0x4e, 0x43, + 0xd5, 0x71, 0x33, 0xb0, 0x74, 0xd8, 0x39, 0xd5, + 0x31, 0xed, 0x1f, 0x28, 0x51, 0x0a, 0xfb, 0x45, + 0xac, 0xe1, 0x0a, 0x1f, 0x4b, 0x79, 0x4d, 0x6f][..]); } #[test] fn test_vector_3() { let key = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01]; + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01]; let mut state = ChaCha20::with_counter(&key, &[0; 12], 1); assert_eq!(state.next().as_bytes(), &[0x3a, 0xeb, 0x52, 0x24, 0xec, 0xf8, 0x49, 0x92, - 0x9b, 0x9d, 0x82, 0x8d, 0xb1, 0xce, 0xd4, 0xdd, - 0x83, 0x20, 0x25, 0xe8, 0x01, 0x8b, 0x81, 0x60, - 0xb8, 0x22, 0x84, 0xf3, 0xc9, 0x49, 0xaa, 0x5a, - 0x8e, 0xca, 0x00, 0xbb, 0xb4, 0xa7, 0x3b, 0xda, - 0xd1, 0x92, 0xb5, 0xc4, 0x2f, 0x73, 0xf2, 0xfd, - 0x4e, 0x27, 0x36, 0x44, 0xc8, 0xb3, 0x61, 0x25, - 0xa6, 0x4a, 0xdd, 0xeb, 0x00, 0x6c, 0x13, 0xa0][..]); + 0x9b, 0x9d, 0x82, 0x8d, 0xb1, 0xce, 0xd4, 0xdd, + 0x83, 0x20, 0x25, 0xe8, 0x01, 0x8b, 0x81, 0x60, + 0xb8, 0x22, 0x84, 0xf3, 0xc9, 0x49, 0xaa, 0x5a, + 0x8e, 0xca, 0x00, 0xbb, 0xb4, 0xa7, 0x3b, 0xda, + 0xd1, 0x92, 0xb5, 0xc4, 0x2f, 0x73, 0xf2, 0xfd, + 0x4e, 0x27, 0x36, 0x44, 0xc8, 0xb3, 0x61, 0x25, + 0xa6, 0x4a, 0xdd, 0xeb, 0x00, 0x6c, 0x13, 0xa0][..]); } #[test] fn test_vector_4() { let key = [0x00, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; let mut state = ChaCha20::with_counter(&key, &[0; 12], 2); assert_eq!(state.next().as_bytes(), &[0x72, 0xd5, 0x4d, 0xfb, 0xf1, 0x2e, 0xc4, 0x4b, - 0x36, 0x26, 0x92, 0xdf, 0x94, 0x13, 0x7f, 0x32, - 0x8f, 0xea, 0x8d, 0xa7, 0x39, 0x90, 0x26, 0x5e, - 0xc1, 0xbb, 0xbe, 0xa1, 0xae, 0x9a, 0xf0, 0xca, - 0x13, 0xb2, 0x5a, 0xa2, 0x6c, 0xb4, 0xa6, 0x48, - 0xcb, 0x9b, 0x9d, 0x1b, 0xe6, 0x5b, 0x2c, 0x09, - 0x24, 0xa6, 0x6c, 0x54, 0xd5, 0x45, 0xec, 0x1b, - 0x73, 0x74, 0xf4, 0x87, 0x2e, 0x99, 0xf0, 0x96][..]); + 0x36, 0x26, 0x92, 0xdf, 0x94, 0x13, 0x7f, 0x32, + 0x8f, 0xea, 0x8d, 0xa7, 0x39, 0x90, 0x26, 0x5e, + 0xc1, 0xbb, 0xbe, 0xa1, 0xae, 0x9a, 0xf0, 0xca, + 0x13, 0xb2, 0x5a, 0xa2, 0x6c, 0xb4, 0xa6, 0x48, + 0xcb, 0x9b, 0x9d, 0x1b, 0xe6, 0x5b, 0x2c, 0x09, + 0x24, 0xa6, 0x6c, 0x54, 0xd5, 0x45, 0xec, 0x1b, + 0x73, 0x74, 0xf4, 0x87, 0x2e, 0x99, 0xf0, 0x96][..]); } #[test] fn test_vector_5() { let nonce = [0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x02]; + 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x02]; let mut state = ChaCha20::with_counter(&[0; 32], &nonce, 0); assert_eq!(state.next().as_bytes(), &[0xc2, 0xc6, 0x4d, 0x37, 0x8c, 0xd5, 0x36, 0x37, - 0x4a, 0xe2, 0x04, 0xb9, 0xef, 0x93, 0x3f, 0xcd, - 0x1a, 0x8b, 0x22, 0x88, 0xb3, 0xdf, 0xa4, 0x96, - 0x72, 0xab, 0x76, 0x5b, 0x54, 0xee, 0x27, 0xc7, - 0x8a, 0x97, 0x0e, 0x0e, 0x95, 0x5c, 0x14, 0xf3, - 0xa8, 0x8e, 0x74, 0x1b, 0x97, 0xc2, 0x86, 0xf7, - 0x5f, 0x8f, 0xc2, 0x99, 0xe8, 0x14, 0x83, 0x62, - 0xfa, 0x19, 0x8a, 0x39, 0x53, 0x1b, 0xed, 0x6d][..]); + 0x4a, 0xe2, 0x04, 0xb9, 0xef, 0x93, 0x3f, 0xcd, + 0x1a, 0x8b, 0x22, 0x88, 0xb3, 0xdf, 0xa4, 0x96, + 0x72, 0xab, 0x76, 0x5b, 0x54, 0xee, 0x27, 0xc7, + 0x8a, 0x97, 0x0e, 0x0e, 0x95, 0x5c, 0x14, 0xf3, + 0xa8, 0x8e, 0x74, 0x1b, 0x97, 0xc2, 0x86, 0xf7, + 0x5f, 0x8f, 0xc2, 0x99, 0xe8, 0x14, 0x83, 0x62, + 0xfa, 0x19, 0x8a, 0x39, 0x53, 0x1b, 0xed, 0x6d][..]); } } diff --git a/src/poly1305.rs b/src/poly1305.rs index dfb2dce..9cdb09b 100644 --- a/src/poly1305.rs +++ b/src/poly1305.rs @@ -39,10 +39,10 @@ impl Poly1305 { a: [0; 5], // r &= 0x0ffffffc_0ffffffc_0ffffffc_0fffffff; - r: [u32_from_le(&key[ 0.. 4]) & 0x03ffffff, - u32_from_le(&key[ 3.. 7]) >> 2 & 0x03ffff03, - u32_from_le(&key[ 6..10]) >> 4 & 0x03ffc0ff, - u32_from_le(&key[ 9..13]) >> 6 & 0x03f03fff, + r: [u32_from_le(&key[0..4]) & 0x03ffffff, + u32_from_le(&key[3..7]) >> 2 & 0x03ffff03, + u32_from_le(&key[6..10]) >> 4 & 0x03ffc0ff, + u32_from_le(&key[9..13]) >> 6 & 0x03f03fff, u32_from_le(&key[12..16]) >> 8 & 0x000fffff], s: [u32_from_le(&key[16..20]), @@ -54,11 +54,11 @@ impl Poly1305 { pub fn block(&mut self, msg: &[u8]) { assert!(msg.len() == 16); - self.accumulate(u32_from_le(&msg[ 0.. 4]) & 0x03ffffff, - u32_from_le(&msg[ 3.. 7]) >> 2 & 0x03ffffff, - u32_from_le(&msg[ 6..10]) >> 4 & 0x03ffffff, - u32_from_le(&msg[ 9..13]) >> 6 & 0x03ffffff, - u32_from_le(&msg[12..16]) >> 8 | (1 << 24)); + self.accumulate(u32_from_le(&msg[0..4]) & 0x03ffffff, + u32_from_le(&msg[3..7]) >> 2 & 0x03ffffff, + u32_from_le(&msg[6..10]) >> 4 & 0x03ffffff, + u32_from_le(&msg[9..13]) >> 6 & 0x03ffffff, + u32_from_le(&msg[12..16]) >> 8 | (1 << 24)); } pub fn last_block(mut self, msg: &[u8]) -> [u32; 4] { @@ -69,10 +69,10 @@ impl Poly1305 { buf[..msg.len()].clone_from_slice(msg); buf[msg.len()] = 1; - self.accumulate(u32_from_le(&buf[ 0.. 4]) & 0x03ffffff, - u32_from_le(&buf[ 3.. 7]) >> 2 & 0x03ffffff, - u32_from_le(&buf[ 6..10]) >> 4 & 0x03ffffff, - u32_from_le(&buf[ 9..13]) >> 6 & 0x03ffffff, + self.accumulate(u32_from_le(&buf[0..4]) & 0x03ffffff, + u32_from_le(&buf[3..7]) >> 2 & 0x03ffffff, + u32_from_le(&buf[6..10]) >> 4 & 0x03ffffff, + u32_from_le(&buf[9..13]) >> 6 & 0x03ffffff, u32_from_le(&buf[13..17])); } @@ -110,35 +110,35 @@ impl Poly1305 { // t = r * a; high limbs multiplied by 5 and added to low limbs let mut t = [0; 5]; - t[0] += self.r[0] as u64 * self.a[0] as u64; - t[1] += self.r[0] as u64 * self.a[1] as u64; - t[2] += self.r[0] as u64 * self.a[2] as u64; - t[3] += self.r[0] as u64 * self.a[3] as u64; - t[4] += self.r[0] as u64 * self.a[4] as u64; + t[0] += self.r[0] as u64 * self.a[0] as u64; + t[1] += self.r[0] as u64 * self.a[1] as u64; + t[2] += self.r[0] as u64 * self.a[2] as u64; + t[3] += self.r[0] as u64 * self.a[3] as u64; + t[4] += self.r[0] as u64 * self.a[4] as u64; t[0] += (5 * self.r[1]) as u64 * self.a[4] as u64; - t[1] += self.r[1] as u64 * self.a[0] as u64; - t[2] += self.r[1] as u64 * self.a[1] as u64; - t[3] += self.r[1] as u64 * self.a[2] as u64; - t[4] += self.r[1] as u64 * self.a[3] as u64; + t[1] += self.r[1] as u64 * self.a[0] as u64; + t[2] += self.r[1] as u64 * self.a[1] as u64; + t[3] += self.r[1] as u64 * self.a[2] as u64; + t[4] += self.r[1] as u64 * self.a[3] as u64; t[0] += (5 * self.r[2]) as u64 * self.a[3] as u64; t[1] += (5 * self.r[2]) as u64 * self.a[4] as u64; - t[2] += self.r[2] as u64 * self.a[0] as u64; - t[3] += self.r[2] as u64 * self.a[1] as u64; - t[4] += self.r[2] as u64 * self.a[2] as u64; + t[2] += self.r[2] as u64 * self.a[0] as u64; + t[3] += self.r[2] as u64 * self.a[1] as u64; + t[4] += self.r[2] as u64 * self.a[2] as u64; t[0] += (5 * self.r[3]) as u64 * self.a[2] as u64; t[1] += (5 * self.r[3]) as u64 * self.a[3] as u64; t[2] += (5 * self.r[3]) as u64 * self.a[4] as u64; - t[3] += self.r[3] as u64 * self.a[0] as u64; - t[4] += self.r[3] as u64 * self.a[1] as u64; + t[3] += self.r[3] as u64 * self.a[0] as u64; + t[4] += self.r[3] as u64 * self.a[1] as u64; t[0] += (5 * self.r[4]) as u64 * self.a[1] as u64; t[1] += (5 * self.r[4]) as u64 * self.a[2] as u64; t[2] += (5 * self.r[4]) as u64 * self.a[3] as u64; t[3] += (5 * self.r[4]) as u64 * self.a[4] as u64; - t[4] += self.r[4] as u64 * self.a[0] as u64; + t[4] += self.r[4] as u64 * self.a[0] as u64; // propagate carries t[1] += t[0] >> 26; @@ -165,11 +165,11 @@ impl Poly1305 { fn propagate_carries(&mut self) { // propagate carries - self.a[2] += self.a[1] >> 26; - self.a[3] += self.a[2] >> 26; - self.a[4] += self.a[3] >> 26; + self.a[2] += self.a[1] >> 26; + self.a[3] += self.a[2] >> 26; + self.a[4] += self.a[3] >> 26; self.a[0] += (self.a[4] >> 26) * 5; - self.a[1] += self.a[0] >> 26; + self.a[1] += self.a[0] >> 26; // mask out carries self.a[0] &= 0x03ffffff; @@ -186,13 +186,13 @@ impl Poly1305 { // t = a - p t[0] += 5; - t[4] = t[4].wrapping_sub(1 << 26); + t[4] = t[4].wrapping_sub(1 << 26); // propagate carries - t[1] += t[0] >> 26; - t[2] += t[1] >> 26; - t[3] += t[2] >> 26; - t[4] = t[4].wrapping_add(t[3] >> 26); + t[1] += t[0] >> 26; + t[2] += t[1] >> 26; + t[3] += t[2] >> 26; + t[4] = t[4].wrapping_add(t[3] >> 26); // mask out carries t[0] &= 0x03ffffff; @@ -214,16 +214,16 @@ impl Poly1305 { self.reduce_mod_p(); // convert from 5x26-bit to 4x32-bit - let a = [self.a[0] | self.a[1] << 26, - self.a[1] >> 6 | self.a[2] << 20, - self.a[2] >> 12 | self.a[3] << 14, - self.a[3] >> 18 | self.a[4] << 8]; + let a = [self.a[0] | self.a[1] << 26, + self.a[1] >> 6 | self.a[2] << 20, + self.a[2] >> 12 | self.a[3] << 14, + self.a[3] >> 18 | self.a[4] << 8]; // t = a + s let mut t = [a[0] as u64 + self.s[0] as u64, - a[1] as u64 + self.s[1] as u64, - a[2] as u64 + self.s[2] as u64, - a[3] as u64 + self.s[3] as u64]; + a[1] as u64 + self.s[1] as u64, + a[2] as u64 + self.s[2] as u64, + a[3] as u64 + self.s[3] as u64]; // propagate carries t[1] += t[0] >> 32; @@ -232,9 +232,9 @@ impl Poly1305 { // mask out carries [(t[0] as u32).to_le(), - (t[1] as u32).to_le(), - (t[2] as u32).to_le(), - (t[3] as u32).to_le()] + (t[1] as u32).to_le(), + (t[2] as u32).to_le(), + (t[3] as u32).to_le()] } } @@ -259,15 +259,15 @@ pub fn selftest() { use crate::as_bytes::AsBytes; let key = [0x85, 0xd6, 0xbe, 0x78, 0x57, 0x55, 0x6d, 0x33, - 0x7f, 0x44, 0x52, 0xfe, 0x42, 0xd5, 0x06, 0xa8, - 0x01, 0x03, 0x80, 0x8a, 0xfb, 0x0d, 0xb2, 0xfd, - 0x4a, 0xbf, 0xf6, 0xaf, 0x41, 0x49, 0xf5, 0x1b]; + 0x7f, 0x44, 0x52, 0xfe, 0x42, 0xd5, 0x06, 0xa8, + 0x01, 0x03, 0x80, 0x8a, 0xfb, 0x0d, 0xb2, 0xfd, + 0x4a, 0xbf, 0xf6, 0xaf, 0x41, 0x49, 0xf5, 0x1b]; let msg = b"Cryptographic Forum Research Group"; let expected = [0xa8, 0x06, 0x1d, 0xc1, 0x30, 0x51, 0x36, 0xc6, - 0xc2, 0x2b, 0x8b, 0xaf, 0x0c, 0x01, 0x27, 0xa9]; + 0xc2, 0x2b, 0x8b, 0xaf, 0x0c, 0x01, 0x27, 0xa9]; let mut state = Poly1305::new(&key); - state.block(&msg[ 0..16]); + state.block(&msg[0..16]); state.block(&msg[16..32]); let tag = state.last_block(&msg[32..]); @@ -276,7 +276,7 @@ pub fn selftest() { #[cfg(test)] mod tests { - use as_bytes::AsBytes; + use crate::as_bytes::AsBytes; use super::Poly1305; #[test] @@ -305,9 +305,9 @@ mod tests { #[test] fn test_vector_2() { let key = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x36, 0xe5, 0xf6, 0xb5, 0xc5, 0xe0, 0x60, 0x70, - 0xf0, 0xef, 0xca, 0x96, 0x22, 0x7a, 0x86, 0x3e]; + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x36, 0xe5, 0xf6, 0xb5, 0xc5, 0xe0, 0x60, 0x70, + 0xf0, 0xef, 0xca, 0x96, 0x22, 0x7a, 0x86, 0x3e]; let mut msg = TEXT; let mut state = Poly1305::new(&key); @@ -319,15 +319,15 @@ mod tests { assert_eq!(tag.as_bytes(), &[0x36, 0xe5, 0xf6, 0xb5, 0xc5, 0xe0, 0x60, 0x70, - 0xf0, 0xef, 0xca, 0x96, 0x22, 0x7a, 0x86, 0x3e]); + 0xf0, 0xef, 0xca, 0x96, 0x22, 0x7a, 0x86, 0x3e]); } #[test] fn test_vector_3() { let key = [0x36, 0xe5, 0xf6, 0xb5, 0xc5, 0xe0, 0x60, 0x70, - 0xf0, 0xef, 0xca, 0x96, 0x22, 0x7a, 0x86, 0x3e, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; + 0xf0, 0xef, 0xca, 0x96, 0x22, 0x7a, 0x86, 0x3e, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; let mut msg = TEXT; let mut state = Poly1305::new(&key); @@ -339,15 +339,15 @@ mod tests { assert_eq!(tag.as_bytes(), &[0xf3, 0x47, 0x7e, 0x7c, 0xd9, 0x54, 0x17, 0xaf, - 0x89, 0xa6, 0xb8, 0x79, 0x4c, 0x31, 0x0c, 0xf0]); + 0x89, 0xa6, 0xb8, 0x79, 0x4c, 0x31, 0x0c, 0xf0]); } #[test] fn test_vector_4() { let key = [0x1c, 0x92, 0x40, 0xa5, 0xeb, 0x55, 0xd3, 0x8a, - 0xf3, 0x33, 0x88, 0x86, 0x04, 0xf6, 0xb5, 0xf0, - 0x47, 0x39, 0x17, 0xc1, 0x40, 0x2b, 0x80, 0x09, - 0x9d, 0xca, 0x5c, 0xbc, 0x20, 0x70, 0x75, 0xc0]; + 0xf3, 0x33, 0x88, 0x86, 0x04, 0xf6, 0xb5, 0xf0, + 0x47, 0x39, 0x17, 0xc1, 0x40, 0x2b, 0x80, 0x09, + 0x9d, 0xca, 0x5c, 0xbc, 0x20, 0x70, 0x75, 0xc0]; let mut msg: &[u8] = b"\ 'Twas brillig, and the slithy toves\nDid gyre and gimble in the w\ abe:\nAll mimsy were the borogoves,\nAnd the mome raths outgrabe."; @@ -361,70 +361,70 @@ mod tests { assert_eq!(tag.as_bytes(), &[0x45, 0x41, 0x66, 0x9a, 0x7e, 0xaa, 0xee, 0x61, - 0xe7, 0x08, 0xdc, 0x7c, 0xbc, 0xc5, 0xeb, 0x62]); + 0xe7, 0x08, 0xdc, 0x7c, 0xbc, 0xc5, 0xeb, 0x62]); } #[test] fn test_vector_5() { let key = [0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; let mut state = Poly1305::new(&key); state.block(&[0xff; 16]); assert_eq!(state.tag().as_bytes(), &[0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); } #[test] fn test_vector_6() { let key = [0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff]; + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff]; let mut state = Poly1305::new(&key); state.block(&[0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); assert_eq!(state.tag().as_bytes(), &[0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); } #[test] fn test_vector_7() { let key = [0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; let mut state = Poly1305::new(&key); state.block(&[0xff; 16]); state.block(&[0xf0, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff]); + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff]); state.block(&[0x11, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); assert_eq!(state.tag().as_bytes(), &[0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); } #[test] fn test_vector_8() { let key = [0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; let mut state = Poly1305::new(&key); state.block(&[0xff; 16]); state.block(&[0xfb, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, - 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe]); + 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe]); state.block(&[0x01; 16]); assert_eq!(state.tag().as_bytes(), &[0; 16]); @@ -433,57 +433,57 @@ mod tests { #[test] fn test_vector_9() { let key = [0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; let mut state = Poly1305::new(&key); state.block(&[0xfd, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff]); + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff]); assert_eq!(state.tag().as_bytes(), &[0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff]); + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff]); } #[test] fn test_vector_10() { let key = [0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; + 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; let mut state = Poly1305::new(&key); state.block(&[0xe3, 0x35, 0x94, 0xd7, 0x50, 0x5e, 0x43, 0xb9, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); state.block(&[0x33, 0x94, 0xd7, 0x50, 0x5e, 0x43, 0x79, 0xcd, - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); + 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); state.block(&[0; 16]); state.block(&[0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); assert_eq!(state.tag().as_bytes(), &[0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x55, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); + 0x55, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); } #[test] fn test_vector_11() { let key = [0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; + 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; let mut state = Poly1305::new(&key); state.block(&[0xe3, 0x35, 0x94, 0xd7, 0x50, 0x5e, 0x43, 0xb9, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); state.block(&[0x33, 0x94, 0xd7, 0x50, 0x5e, 0x43, 0x79, 0xcd, - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); + 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); state.block(&[0; 16]); assert_eq!(state.tag().as_bytes(), &[0x13, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]); } } diff --git a/src/simd.rs b/src/simd.rs index 2771902..f3a4fda 100644 --- a/src/simd.rs +++ b/src/simd.rs @@ -23,9 +23,12 @@ pub trait Vector4: Copy { fn shuffle_left_2(self) -> Self; fn shuffle_left_3(self) -> Self; - #[inline(always)] fn shuffle_right_1(self) -> Self { self.shuffle_left_3() } - #[inline(always)] fn shuffle_right_2(self) -> Self { self.shuffle_left_2() } - #[inline(always)] fn shuffle_right_3(self) -> Self { self.shuffle_left_1() } + #[inline(always)] + fn shuffle_right_1(self) -> Self { self.shuffle_left_3() } + #[inline(always)] + fn shuffle_right_2(self) -> Self { self.shuffle_left_2() } + #[inline(always)] + fn shuffle_right_3(self) -> Self { self.shuffle_left_1() } } macro_rules! impl_vector4 { diff --git a/src/simdop.rs b/src/simdop.rs index fd99945..f7b8477 100644 --- a/src/simdop.rs +++ b/src/simdop.rs @@ -6,7 +6,8 @@ // copied, modified, or distributed except according to those terms. use crate::simdty::u32x4; -#[cfg(feature = "simd")] use crate::simdint; +#[cfg(feature = "simd")] +use crate::simdint; use std::ops::{Add, BitXor, Shl, Shr}; diff --git a/src/simdty.rs b/src/simdty.rs index 49ddd9b..653edab 100644 --- a/src/simdty.rs +++ b/src/simdty.rs @@ -55,5 +55,7 @@ impl Simd4 { } unsafe impl Safe for Simd4 {} + unsafe impl Safe for Simd8 {} + unsafe impl Safe for Simd16 {}