From a8a9721bc37f19ba528a44ec928ebb1be9b5e4f2 Mon Sep 17 00:00:00 2001 From: Arthur Gautier Date: Sat, 15 Mar 2025 23:03:29 -0700 Subject: [PATCH 1/6] use tag as a type --- Cargo.lock | 8 -------- deoxys/src/lib.rs | 2 +- deoxys/src/modes.rs | 32 ++++++++++++++++---------------- 3 files changed, 17 insertions(+), 25 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 43fb66bd..7e7a691a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -38,7 +38,6 @@ name = "aes-gcm" version = "0.11.0-pre.2" dependencies = [ "aead", - "aead-stream", "aes", "cipher", "ctr", @@ -53,7 +52,6 @@ name = "aes-gcm-siv" version = "0.12.0-pre.2" dependencies = [ "aead", - "aead-stream", "aes", "cipher", "ctr", @@ -67,7 +65,6 @@ name = "aes-siv" version = "0.8.0-pre.2" dependencies = [ "aead", - "aead-stream", "aes", "blobby 0.3.1", "cipher", @@ -100,7 +97,6 @@ name = "ascon-aead" version = "0.4.2" dependencies = [ "aead", - "aead-stream", "ascon", "hex-literal", "subtle", @@ -151,7 +147,6 @@ name = "ccm" version = "0.5.0" dependencies = [ "aead", - "aead-stream", "aes", "cipher", "ctr", @@ -181,7 +176,6 @@ name = "chacha20poly1305" version = "0.11.0-pre.2" dependencies = [ "aead", - "aead-stream", "chacha20", "cipher", "poly1305", @@ -249,7 +243,6 @@ name = "deoxys" version = "0.1.0" dependencies = [ "aead", - "aead-stream", "aes", "hex-literal", "subtle", @@ -272,7 +265,6 @@ name = "eax" version = "0.5.0" dependencies = [ "aead", - "aead-stream", "aes", "cipher", "cmac", diff --git a/deoxys/src/lib.rs b/deoxys/src/lib.rs index 2ea45a76..e666a969 100644 --- a/deoxys/src/lib.rs +++ b/deoxys/src/lib.rs @@ -155,7 +155,7 @@ where associated_data: &[u8], buffer: &mut [u8], subkeys: &Array<[u8; 16], B::SubkeysSize>, - ) -> [u8; 16]; + ) -> Tag; /// Decrypts the data in place with the specified parameters /// Returns an error if the tag verification fails diff --git a/deoxys/src/modes.rs b/deoxys/src/modes.rs index 7453bea5..d4dd49c8 100644 --- a/deoxys/src/modes.rs +++ b/deoxys/src/modes.rs @@ -1,7 +1,7 @@ -use super::{DeoxysBcType, DeoxysMode}; +use super::{DeoxysBcType, DeoxysMode, Tag}; use aead::{ array::Array, - consts::{U8, U15, U16}, + consts::{U8, U15}, }; use core::marker::PhantomData; use subtle::ConstantTimeEq; @@ -32,7 +32,7 @@ where associated_data: &[u8], tweak: &mut [u8; 16], subkeys: &Array<[u8; 16], B::SubkeysSize>, - tag: &mut [u8; 16], + tag: &mut Tag, ) { if !associated_data.is_empty() { tweak[0] = TWEAK_AD; @@ -85,8 +85,8 @@ where associated_data: &[u8], buffer: &mut [u8], subkeys: &Array<[u8; 16], B::SubkeysSize>, - ) -> [u8; 16] { - let mut tag = [0u8; 16]; + ) -> Tag { + let mut tag = Tag::default(); let mut checksum = [0u8; 16]; let mut tweak = [0u8; 16]; @@ -182,10 +182,10 @@ where nonce: &Array, associated_data: &[u8], buffer: &mut [u8], - tag: &Array, + tag: &Tag, subkeys: &Array<[u8; 16], B::SubkeysSize>, ) -> Result<(), aead::Error> { - let mut computed_tag = [0u8; 16]; + let mut computed_tag = Tag::default(); let mut checksum = [0u8; 16]; let mut tweak = [0u8; 16]; @@ -289,7 +289,7 @@ where buffer: &[u8], tweak: &mut [u8; 16], subkeys: &Array<[u8; 16], B::SubkeysSize>, - tag: &mut [u8; 16], + tag: &mut Tag, ) { if !buffer.is_empty() { tweak[0] = TWEAK_M; @@ -330,7 +330,7 @@ where buffer: &mut [u8], tweak: &mut [u8; 16], subkeys: &Array<[u8; 16], B::SubkeysSize>, - tag: &Array, + tag: &Tag, nonce: &Array, ) { if !buffer.is_empty() { @@ -374,8 +374,8 @@ where associated_data: &[u8], buffer: &mut [u8], subkeys: &Array<[u8; 16], B::SubkeysSize>, - ) -> [u8; 16] { - let mut tag = [0u8; 16]; + ) -> Tag { + let mut tag = Tag::default(); let mut tweak = [0u8; 16]; // Associated Data @@ -391,10 +391,10 @@ where tweak[0] = TWEAK_TAG; tweak[1..].copy_from_slice(nonce); - B::encrypt_in_place(&mut tag, &tweak, subkeys); + B::encrypt_in_place((&mut tag).into(), &tweak, subkeys); // Message encryption - Self::encrypt_decrypt_message(buffer, &mut tweak, subkeys, &tag.into(), nonce); + Self::encrypt_decrypt_message(buffer, &mut tweak, subkeys, &tag, nonce); tag } @@ -403,10 +403,10 @@ where nonce: &Array, associated_data: &[u8], buffer: &mut [u8], - tag: &Array, + tag: &Tag, subkeys: &Array<[u8; 16], B::SubkeysSize>, ) -> Result<(), aead::Error> { - let mut computed_tag = [0u8; 16]; + let mut computed_tag = Tag::default(); let mut tweak = [0u8; 16]; // Associated Data @@ -427,7 +427,7 @@ where tweak[0] = TWEAK_TAG; tweak[1..].copy_from_slice(nonce); - B::encrypt_in_place(&mut computed_tag, &tweak, subkeys); + B::encrypt_in_place((&mut computed_tag).into(), &tweak, subkeys); if tag.ct_eq(&computed_tag).into() { Ok(()) From e5b9591ef20121d8433a8c77ca418e535356c226 Mon Sep 17 00:00:00 2001 From: Arthur Gautier Date: Sat, 15 Mar 2025 23:07:36 -0700 Subject: [PATCH 2/6] make checksum a type --- deoxys/src/modes.rs | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/deoxys/src/modes.rs b/deoxys/src/modes.rs index d4dd49c8..6378dbb9 100644 --- a/deoxys/src/modes.rs +++ b/deoxys/src/modes.rs @@ -1,7 +1,7 @@ use super::{DeoxysBcType, DeoxysMode, Tag}; use aead::{ array::Array, - consts::{U8, U15}, + consts::{U8, U15, U16}, }; use core::marker::PhantomData; use subtle::ConstantTimeEq; @@ -13,6 +13,8 @@ const TWEAK_TAG: u8 = 0x10; const TWEAK_M_LAST: u8 = 0x40; const TWEAK_CHKSUM: u8 = 0x50; +type Checksum = Array; + /// Implementation of the Deoxys-I mode of operation. pub struct DeoxysI { _ptr: PhantomData, @@ -87,7 +89,7 @@ where subkeys: &Array<[u8; 16], B::SubkeysSize>, ) -> Tag { let mut tag = Tag::default(); - let mut checksum = [0u8; 16]; + let mut checksum = Checksum::default(); let mut tweak = [0u8; 16]; // Associated Data @@ -151,7 +153,7 @@ where tweak[8..].copy_from_slice(&((index + 1) as u64).to_be_bytes()); tweak[8] = (tweak[8] & 0xf) | tmp; - B::encrypt_in_place(&mut checksum, &tweak, subkeys); + B::encrypt_in_place((&mut checksum).into(), &tweak, subkeys); for (t, c) in tag.iter_mut().zip(checksum.iter()) { *t ^= c; @@ -168,7 +170,7 @@ where tweak[8..].copy_from_slice(&((buffer.len() / 16) as u64).to_be_bytes()); tweak[8] = (tweak[8] & 0xf) | tmp; - B::encrypt_in_place(&mut checksum, &tweak, subkeys); + B::encrypt_in_place((&mut checksum).into(), &tweak, subkeys); for (t, c) in tag.iter_mut().zip(checksum.iter()) { *t ^= c; @@ -186,7 +188,7 @@ where subkeys: &Array<[u8; 16], B::SubkeysSize>, ) -> Result<(), aead::Error> { let mut computed_tag = Tag::default(); - let mut checksum = [0u8; 16]; + let mut checksum = Checksum::default(); let mut tweak = [0u8; 16]; // Associated Data @@ -249,7 +251,7 @@ where tweak[8..].copy_from_slice(&((index + 1) as u64).to_be_bytes()); tweak[8] = (tweak[8] & 0xf) | tmp; - B::encrypt_in_place(&mut checksum, &tweak, subkeys); + B::encrypt_in_place((&mut checksum).into(), &tweak, subkeys); for (t, c) in computed_tag.iter_mut().zip(checksum.iter()) { *t ^= c; @@ -266,7 +268,7 @@ where tweak[8..].copy_from_slice(&((buffer.len() / 16) as u64).to_be_bytes()); tweak[8] = (tweak[8] & 0xf) | tmp; - B::encrypt_in_place(&mut checksum, &tweak, subkeys); + B::encrypt_in_place((&mut checksum).into(), &tweak, subkeys); for (t, c) in computed_tag.iter_mut().zip(checksum.iter()) { *t ^= c; From f6e9bcec3839fdfd9af4ce2d9ea8c361dc669865 Mon Sep 17 00:00:00 2001 From: Arthur Gautier Date: Sat, 15 Mar 2025 23:07:58 -0700 Subject: [PATCH 3/6] make Block a type --- deoxys/src/lib.rs | 14 ++++++++------ deoxys/src/modes.rs | 33 +++++++++++++++++---------------- 2 files changed, 25 insertions(+), 22 deletions(-) diff --git a/deoxys/src/lib.rs b/deoxys/src/lib.rs index e666a969..57f788b7 100644 --- a/deoxys/src/lib.rs +++ b/deoxys/src/lib.rs @@ -139,6 +139,8 @@ pub type Nonce = Array; /// Deoxys tags pub type Tag = Array; +type Block = Array; + /// Deoxys encryption modes. /// This type contains the public API for a Deoxys mode, like Deoxys-I and Deoxys-II. pub trait DeoxysMode: modes::DeoxysModeInternal @@ -179,7 +181,7 @@ pub trait DeoxysBcType: deoxys_bc::DeoxysBcInternal { /// Encrypts a block of data in place. fn encrypt_in_place( - block: &mut [u8; 16], + block: &mut Block, tweak: &[u8; 16], subkeys: &Array<[u8; 16], Self::SubkeysSize>, ) { @@ -190,13 +192,13 @@ pub trait DeoxysBcType: deoxys_bc::DeoxysBcInternal { } for k in &keys[1..] { - aes::hazmat::cipher_round(block.into(), k.into()); + aes::hazmat::cipher_round(block, k.into()); } } /// Decrypts a block of data in place. fn decrypt_in_place( - block: &mut [u8; 16], + block: &mut Block, tweak: &[u8; 16], subkeys: &Array<[u8; 16], Self::SubkeysSize>, ) { @@ -208,14 +210,14 @@ pub trait DeoxysBcType: deoxys_bc::DeoxysBcInternal { *b ^= k; } - aes::hazmat::inv_mix_columns(block.into()); + aes::hazmat::inv_mix_columns(block); for k in keys[..r - 1].iter_mut().rev() { aes::hazmat::inv_mix_columns(k.into()); - aes::hazmat::equiv_inv_cipher_round(block.into(), (&*k).into()); + aes::hazmat::equiv_inv_cipher_round(block, (&*k).into()); } - aes::hazmat::mix_columns(block.into()); + aes::hazmat::mix_columns(block); } } diff --git a/deoxys/src/modes.rs b/deoxys/src/modes.rs index 6378dbb9..311a431c 100644 --- a/deoxys/src/modes.rs +++ b/deoxys/src/modes.rs @@ -1,4 +1,4 @@ -use super::{DeoxysBcType, DeoxysMode, Tag}; +use super::{Block, DeoxysBcType, DeoxysMode, Tag}; use aead::{ array::Array, consts::{U8, U15, U16}, @@ -44,7 +44,7 @@ where tweak[8..].copy_from_slice(&(index as u64).to_be_bytes()); if ad.len() == 16 { - let mut block = [0u8; 16]; + let mut block = Block::default(); block.copy_from_slice(ad); B::encrypt_in_place(&mut block, tweak, subkeys); @@ -56,7 +56,7 @@ where // Last block tweak[0] = TWEAK_AD_LAST; - let mut block = [0u8; 16]; + let mut block = Block::default(); block[0..ad.len()].copy_from_slice(ad); block[ad.len()] = 0x80; @@ -123,12 +123,13 @@ where *c ^= d; } - B::encrypt_in_place(<&mut [u8; 16]>::try_from(data).unwrap(), &tweak, subkeys); + let data: &mut Block = data.try_into().unwrap(); + B::encrypt_in_place(data, &tweak, subkeys); } else { // Last block checksum tweak[0] = (tweak[0] & 0xf) | TWEAK_M_LAST; - let mut block = [0u8; 16]; + let mut block = Block::default(); block[0..data.len()].copy_from_slice(data); block[data.len()] = 0x80; @@ -153,7 +154,7 @@ where tweak[8..].copy_from_slice(&((index + 1) as u64).to_be_bytes()); tweak[8] = (tweak[8] & 0xf) | tmp; - B::encrypt_in_place((&mut checksum).into(), &tweak, subkeys); + B::encrypt_in_place(&mut checksum, &tweak, subkeys); for (t, c) in tag.iter_mut().zip(checksum.iter()) { *t ^= c; @@ -170,7 +171,7 @@ where tweak[8..].copy_from_slice(&((buffer.len() / 16) as u64).to_be_bytes()); tweak[8] = (tweak[8] & 0xf) | tmp; - B::encrypt_in_place((&mut checksum).into(), &tweak, subkeys); + B::encrypt_in_place(&mut checksum, &tweak, subkeys); for (t, c) in tag.iter_mut().zip(checksum.iter()) { *t ^= c; @@ -218,7 +219,7 @@ where tweak[8] = (tweak[8] & 0xf) | tmp; if data.len() == 16 { - let data = <&mut [u8; 16]>::try_from(data).unwrap(); + let data: &mut Block = data.try_into().unwrap(); B::decrypt_in_place(data, &tweak, subkeys); for (c, d) in checksum.iter_mut().zip(data.iter()) { @@ -228,7 +229,7 @@ where // Last block checksum tweak[0] = (tweak[0] & 0xf) | TWEAK_M_LAST; - let mut block = [0u8; 16]; + let mut block = Block::default(); B::encrypt_in_place(&mut block, &tweak, subkeys); for (d, b) in data.iter_mut().zip(block.iter()) { @@ -251,7 +252,7 @@ where tweak[8..].copy_from_slice(&((index + 1) as u64).to_be_bytes()); tweak[8] = (tweak[8] & 0xf) | tmp; - B::encrypt_in_place((&mut checksum).into(), &tweak, subkeys); + B::encrypt_in_place(&mut checksum, &tweak, subkeys); for (t, c) in computed_tag.iter_mut().zip(checksum.iter()) { *t ^= c; @@ -268,7 +269,7 @@ where tweak[8..].copy_from_slice(&((buffer.len() / 16) as u64).to_be_bytes()); tweak[8] = (tweak[8] & 0xf) | tmp; - B::encrypt_in_place((&mut checksum).into(), &tweak, subkeys); + B::encrypt_in_place(&mut checksum, &tweak, subkeys); for (t, c) in computed_tag.iter_mut().zip(checksum.iter()) { *t ^= c; @@ -301,7 +302,7 @@ where tweak[8..].copy_from_slice(&(index as u64).to_be_bytes()); if data.len() == 16 { - let mut block = [0u8; 16]; + let mut block = Block::default(); block.copy_from_slice(data); B::encrypt_in_place(&mut block, tweak, subkeys); @@ -313,7 +314,7 @@ where // Last block tweak[0] = TWEAK_M_LAST; - let mut block = [0u8; 16]; + let mut block = Block::default(); block[0..data.len()].copy_from_slice(data); block[data.len()] = 0x80; @@ -347,7 +348,7 @@ where *t ^= i } - let mut block = [0u8; 16]; + let mut block = Block::default(); block[1..].copy_from_slice(nonce); B::encrypt_in_place(&mut block, tweak, subkeys); @@ -393,7 +394,7 @@ where tweak[0] = TWEAK_TAG; tweak[1..].copy_from_slice(nonce); - B::encrypt_in_place((&mut tag).into(), &tweak, subkeys); + B::encrypt_in_place(&mut tag, &tweak, subkeys); // Message encryption Self::encrypt_decrypt_message(buffer, &mut tweak, subkeys, &tag, nonce); @@ -429,7 +430,7 @@ where tweak[0] = TWEAK_TAG; tweak[1..].copy_from_slice(nonce); - B::encrypt_in_place((&mut computed_tag).into(), &tweak, subkeys); + B::encrypt_in_place(&mut computed_tag, &tweak, subkeys); if tag.ct_eq(&computed_tag).into() { Ok(()) From a55f4c86d99736a81f536e540cf2a23cba614150 Mon Sep 17 00:00:00 2001 From: Arthur Gautier Date: Sat, 15 Mar 2025 23:24:10 -0700 Subject: [PATCH 4/6] make tweak a type --- deoxys/src/deoxys_bc.rs | 6 +++--- deoxys/src/lib.rs | 6 ++++-- deoxys/src/modes.rs | 32 ++++++++++++++++---------------- 3 files changed, 23 insertions(+), 21 deletions(-) diff --git a/deoxys/src/deoxys_bc.rs b/deoxys/src/deoxys_bc.rs index 05945024..e6f43ae3 100644 --- a/deoxys/src/deoxys_bc.rs +++ b/deoxys/src/deoxys_bc.rs @@ -3,7 +3,7 @@ use aead::{ consts::{U15, U16, U17, U32, U48}, }; -use crate::DeoxysBcType; +use crate::{DeoxysBcType, Tweak}; const H_PERM: [u8; 16] = [1, 6, 11, 12, 5, 10, 15, 0, 9, 14, 3, 4, 13, 2, 7, 8]; @@ -46,7 +46,7 @@ pub trait DeoxysBcInternal { type TweakKeySize: ArraySize; fn key_schedule( - tweak: &[u8; 16], + tweak: &Tweak, subkeys: &Array<[u8; 16], Self::SubkeysSize>, ) -> Array<[u8; 16], Self::SubkeysSize> { let mut subtweakeys: Array<[u8; 16], Self::SubkeysSize> = Default::default(); @@ -59,7 +59,7 @@ pub trait DeoxysBcInternal { // Other keys for (stk, sk) in subtweakeys[1..].iter_mut().zip(subkeys[1..].iter()) { - h_substitution(&mut tweak); + h_substitution((&mut tweak).into()); for i in 0..16 { stk[i] = sk[i] ^ tweak[i]; diff --git a/deoxys/src/lib.rs b/deoxys/src/lib.rs index 57f788b7..3b04e419 100644 --- a/deoxys/src/lib.rs +++ b/deoxys/src/lib.rs @@ -141,6 +141,8 @@ pub type Tag = Array; type Block = Array; +type Tweak = Array; + /// Deoxys encryption modes. /// This type contains the public API for a Deoxys mode, like Deoxys-I and Deoxys-II. pub trait DeoxysMode: modes::DeoxysModeInternal @@ -182,7 +184,7 @@ pub trait DeoxysBcType: deoxys_bc::DeoxysBcInternal { /// Encrypts a block of data in place. fn encrypt_in_place( block: &mut Block, - tweak: &[u8; 16], + tweak: &Tweak, subkeys: &Array<[u8; 16], Self::SubkeysSize>, ) { let keys = Self::key_schedule(tweak, subkeys); @@ -199,7 +201,7 @@ pub trait DeoxysBcType: deoxys_bc::DeoxysBcInternal { /// Decrypts a block of data in place. fn decrypt_in_place( block: &mut Block, - tweak: &[u8; 16], + tweak: &Tweak, subkeys: &Array<[u8; 16], Self::SubkeysSize>, ) { let mut keys = Self::key_schedule(tweak, subkeys); diff --git a/deoxys/src/modes.rs b/deoxys/src/modes.rs index 311a431c..93ddd677 100644 --- a/deoxys/src/modes.rs +++ b/deoxys/src/modes.rs @@ -1,4 +1,4 @@ -use super::{Block, DeoxysBcType, DeoxysMode, Tag}; +use super::{Block, DeoxysBcType, DeoxysMode, Tag, Tweak}; use aead::{ array::Array, consts::{U8, U15, U16}, @@ -32,7 +32,7 @@ where { fn compute_ad_tag( associated_data: &[u8], - tweak: &mut [u8; 16], + tweak: &mut Tweak, subkeys: &Array<[u8; 16], B::SubkeysSize>, tag: &mut Tag, ) { @@ -90,7 +90,7 @@ where ) -> Tag { let mut tag = Tag::default(); let mut checksum = Checksum::default(); - let mut tweak = [0u8; 16]; + let mut tweak = Tweak::default(); // Associated Data >::compute_ad_tag( @@ -124,7 +124,7 @@ where } let data: &mut Block = data.try_into().unwrap(); - B::encrypt_in_place(data, &tweak, subkeys); + B::encrypt_in_place(data, tweak.as_ref(), subkeys); } else { // Last block checksum tweak[0] = (tweak[0] & 0xf) | TWEAK_M_LAST; @@ -141,7 +141,7 @@ where block.fill(0); // Last block encryption - B::encrypt_in_place(&mut block, &tweak, subkeys); + B::encrypt_in_place(&mut block, tweak.as_ref(), subkeys); for (d, b) in data.iter_mut().zip(block.iter()) { *d ^= b; @@ -154,7 +154,7 @@ where tweak[8..].copy_from_slice(&((index + 1) as u64).to_be_bytes()); tweak[8] = (tweak[8] & 0xf) | tmp; - B::encrypt_in_place(&mut checksum, &tweak, subkeys); + B::encrypt_in_place(&mut checksum, tweak.as_ref(), subkeys); for (t, c) in tag.iter_mut().zip(checksum.iter()) { *t ^= c; @@ -171,7 +171,7 @@ where tweak[8..].copy_from_slice(&((buffer.len() / 16) as u64).to_be_bytes()); tweak[8] = (tweak[8] & 0xf) | tmp; - B::encrypt_in_place(&mut checksum, &tweak, subkeys); + B::encrypt_in_place(&mut checksum, tweak.as_ref(), subkeys); for (t, c) in tag.iter_mut().zip(checksum.iter()) { *t ^= c; @@ -190,7 +190,7 @@ where ) -> Result<(), aead::Error> { let mut computed_tag = Tag::default(); let mut checksum = Checksum::default(); - let mut tweak = [0u8; 16]; + let mut tweak = Tweak::default(); // Associated Data >::compute_ad_tag( @@ -220,7 +220,7 @@ where if data.len() == 16 { let data: &mut Block = data.try_into().unwrap(); - B::decrypt_in_place(data, &tweak, subkeys); + B::decrypt_in_place(data, tweak.as_ref(), subkeys); for (c, d) in checksum.iter_mut().zip(data.iter()) { *c ^= d; @@ -230,7 +230,7 @@ where tweak[0] = (tweak[0] & 0xf) | TWEAK_M_LAST; let mut block = Block::default(); - B::encrypt_in_place(&mut block, &tweak, subkeys); + B::encrypt_in_place(&mut block, tweak.as_ref(), subkeys); for (d, b) in data.iter_mut().zip(block.iter()) { *d ^= b; @@ -252,7 +252,7 @@ where tweak[8..].copy_from_slice(&((index + 1) as u64).to_be_bytes()); tweak[8] = (tweak[8] & 0xf) | tmp; - B::encrypt_in_place(&mut checksum, &tweak, subkeys); + B::encrypt_in_place(&mut checksum, tweak.as_ref(), subkeys); for (t, c) in computed_tag.iter_mut().zip(checksum.iter()) { *t ^= c; @@ -269,7 +269,7 @@ where tweak[8..].copy_from_slice(&((buffer.len() / 16) as u64).to_be_bytes()); tweak[8] = (tweak[8] & 0xf) | tmp; - B::encrypt_in_place(&mut checksum, &tweak, subkeys); + B::encrypt_in_place(&mut checksum, tweak.as_ref(), subkeys); for (t, c) in computed_tag.iter_mut().zip(checksum.iter()) { *t ^= c; @@ -290,7 +290,7 @@ where { fn authenticate_message( buffer: &[u8], - tweak: &mut [u8; 16], + tweak: &mut Tweak, subkeys: &Array<[u8; 16], B::SubkeysSize>, tag: &mut Tag, ) { @@ -331,7 +331,7 @@ where fn encrypt_decrypt_message( buffer: &mut [u8], - tweak: &mut [u8; 16], + tweak: &mut Tweak, subkeys: &Array<[u8; 16], B::SubkeysSize>, tag: &Tag, nonce: &Array, @@ -379,7 +379,7 @@ where subkeys: &Array<[u8; 16], B::SubkeysSize>, ) -> Tag { let mut tag = Tag::default(); - let mut tweak = [0u8; 16]; + let mut tweak = Tweak::default(); // Associated Data >::compute_ad_tag( @@ -410,7 +410,7 @@ where subkeys: &Array<[u8; 16], B::SubkeysSize>, ) -> Result<(), aead::Error> { let mut computed_tag = Tag::default(); - let mut tweak = [0u8; 16]; + let mut tweak = Tweak::default(); // Associated Data >::compute_ad_tag( From a8c063618215267556ac3366b7318be0ae3cdedb Mon Sep 17 00:00:00 2001 From: Arthur Gautier Date: Sat, 15 Mar 2025 23:33:33 -0700 Subject: [PATCH 5/6] make keys a type --- deoxys/src/deoxys_bc.rs | 16 ++++++++-------- deoxys/src/lib.rs | 20 +++++++++++--------- deoxys/src/modes.rs | 16 ++++++++-------- 3 files changed, 27 insertions(+), 25 deletions(-) diff --git a/deoxys/src/deoxys_bc.rs b/deoxys/src/deoxys_bc.rs index e6f43ae3..2bb76462 100644 --- a/deoxys/src/deoxys_bc.rs +++ b/deoxys/src/deoxys_bc.rs @@ -3,7 +3,7 @@ use aead::{ consts::{U15, U16, U17, U32, U48}, }; -use crate::{DeoxysBcType, Tweak}; +use crate::{DeoxysBcType, DeoxysKey, Tweak}; const H_PERM: [u8; 16] = [1, 6, 11, 12, 5, 10, 15, 0, 9, 14, 3, 4, 13, 2, 7, 8]; @@ -47,9 +47,9 @@ pub trait DeoxysBcInternal { fn key_schedule( tweak: &Tweak, - subkeys: &Array<[u8; 16], Self::SubkeysSize>, - ) -> Array<[u8; 16], Self::SubkeysSize> { - let mut subtweakeys: Array<[u8; 16], Self::SubkeysSize> = Default::default(); + subkeys: &Array, + ) -> Array { + let mut subtweakeys: Array = Default::default(); let mut tweak = *tweak; // First key @@ -78,8 +78,8 @@ impl DeoxysBcInternal for DeoxysBc256 { impl DeoxysBcType for DeoxysBc256 { type KeySize = U16; - fn precompute_subkeys(key: &Array) -> Array<[u8; 16], Self::SubkeysSize> { - let mut subkeys: Array<[u8; 16], Self::SubkeysSize> = Default::default(); + fn precompute_subkeys(key: &Array) -> Array { + let mut subkeys: Array = Default::default(); let mut tk2 = [0u8; 16]; @@ -116,8 +116,8 @@ impl DeoxysBcInternal for DeoxysBc384 { impl DeoxysBcType for DeoxysBc384 { type KeySize = U32; - fn precompute_subkeys(key: &Array) -> Array<[u8; 16], Self::SubkeysSize> { - let mut subkeys: Array<[u8; 16], Self::SubkeysSize> = Default::default(); + fn precompute_subkeys(key: &Array) -> Array { + let mut subkeys: Array = Default::default(); let mut tk3 = [0u8; 16]; let mut tk2 = [0u8; 16]; diff --git a/deoxys/src/lib.rs b/deoxys/src/lib.rs index 3b04e419..63df0f7b 100644 --- a/deoxys/src/lib.rs +++ b/deoxys/src/lib.rs @@ -143,6 +143,8 @@ type Block = Array; type Tweak = Array; +type DeoxysKey = Array; + /// Deoxys encryption modes. /// This type contains the public API for a Deoxys mode, like Deoxys-I and Deoxys-II. pub trait DeoxysMode: modes::DeoxysModeInternal @@ -158,7 +160,7 @@ where nonce: &Array, associated_data: &[u8], buffer: &mut [u8], - subkeys: &Array<[u8; 16], B::SubkeysSize>, + subkeys: &Array, ) -> Tag; /// Decrypts the data in place with the specified parameters @@ -168,7 +170,7 @@ where associated_data: &[u8], buffer: &mut [u8], tag: &Tag, - subkeys: &Array<[u8; 16], B::SubkeysSize>, + subkeys: &Array, ) -> Result<(), aead::Error>; } @@ -179,13 +181,13 @@ pub trait DeoxysBcType: deoxys_bc::DeoxysBcInternal { type KeySize: ArraySize; /// Precompute the subkeys - fn precompute_subkeys(key: &Array) -> Array<[u8; 16], Self::SubkeysSize>; + fn precompute_subkeys(key: &Array) -> Array; /// Encrypts a block of data in place. fn encrypt_in_place( block: &mut Block, tweak: &Tweak, - subkeys: &Array<[u8; 16], Self::SubkeysSize>, + subkeys: &Array, ) { let keys = Self::key_schedule(tweak, subkeys); @@ -194,7 +196,7 @@ pub trait DeoxysBcType: deoxys_bc::DeoxysBcInternal { } for k in &keys[1..] { - aes::hazmat::cipher_round(block, k.into()); + aes::hazmat::cipher_round(block, k); } } @@ -202,7 +204,7 @@ pub trait DeoxysBcType: deoxys_bc::DeoxysBcInternal { fn decrypt_in_place( block: &mut Block, tweak: &Tweak, - subkeys: &Array<[u8; 16], Self::SubkeysSize>, + subkeys: &Array, ) { let mut keys = Self::key_schedule(tweak, subkeys); @@ -215,8 +217,8 @@ pub trait DeoxysBcType: deoxys_bc::DeoxysBcInternal { aes::hazmat::inv_mix_columns(block); for k in keys[..r - 1].iter_mut().rev() { - aes::hazmat::inv_mix_columns(k.into()); - aes::hazmat::equiv_inv_cipher_round(block, (&*k).into()); + aes::hazmat::inv_mix_columns(k); + aes::hazmat::equiv_inv_cipher_round(block, k); } aes::hazmat::mix_columns(block); @@ -231,7 +233,7 @@ where M: DeoxysMode, B: DeoxysBcType, { - subkeys: Array<[u8; 16], B::SubkeysSize>, + subkeys: Array, mode: PhantomData, } diff --git a/deoxys/src/modes.rs b/deoxys/src/modes.rs index 93ddd677..d02d586a 100644 --- a/deoxys/src/modes.rs +++ b/deoxys/src/modes.rs @@ -1,4 +1,4 @@ -use super::{Block, DeoxysBcType, DeoxysMode, Tag, Tweak}; +use super::{Block, DeoxysBcType, DeoxysKey, DeoxysMode, Tag, Tweak}; use aead::{ array::Array, consts::{U8, U15, U16}, @@ -33,7 +33,7 @@ where fn compute_ad_tag( associated_data: &[u8], tweak: &mut Tweak, - subkeys: &Array<[u8; 16], B::SubkeysSize>, + subkeys: &Array, tag: &mut Tag, ) { if !associated_data.is_empty() { @@ -86,7 +86,7 @@ where nonce: &Array, associated_data: &[u8], buffer: &mut [u8], - subkeys: &Array<[u8; 16], B::SubkeysSize>, + subkeys: &Array, ) -> Tag { let mut tag = Tag::default(); let mut checksum = Checksum::default(); @@ -186,7 +186,7 @@ where associated_data: &[u8], buffer: &mut [u8], tag: &Tag, - subkeys: &Array<[u8; 16], B::SubkeysSize>, + subkeys: &Array, ) -> Result<(), aead::Error> { let mut computed_tag = Tag::default(); let mut checksum = Checksum::default(); @@ -291,7 +291,7 @@ where fn authenticate_message( buffer: &[u8], tweak: &mut Tweak, - subkeys: &Array<[u8; 16], B::SubkeysSize>, + subkeys: &Array, tag: &mut Tag, ) { if !buffer.is_empty() { @@ -332,7 +332,7 @@ where fn encrypt_decrypt_message( buffer: &mut [u8], tweak: &mut Tweak, - subkeys: &Array<[u8; 16], B::SubkeysSize>, + subkeys: &Array, tag: &Tag, nonce: &Array, ) { @@ -376,7 +376,7 @@ where nonce: &Array, associated_data: &[u8], buffer: &mut [u8], - subkeys: &Array<[u8; 16], B::SubkeysSize>, + subkeys: &Array, ) -> Tag { let mut tag = Tag::default(); let mut tweak = Tweak::default(); @@ -407,7 +407,7 @@ where associated_data: &[u8], buffer: &mut [u8], tag: &Tag, - subkeys: &Array<[u8; 16], B::SubkeysSize>, + subkeys: &Array, ) -> Result<(), aead::Error> { let mut computed_tag = Tag::default(); let mut tweak = Tweak::default(); From dec8a2168b1a52da676b79a2a9f87077bdecc0c6 Mon Sep 17 00:00:00 2001 From: Arthur Gautier Date: Mon, 17 Mar 2025 08:46:07 -0700 Subject: [PATCH 6/6] ci: disable benches temporarily --- .github/workflows/benches.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/benches.yml b/.github/workflows/benches.yml index fe38d985..494c22b8 100644 --- a/.github/workflows/benches.yml +++ b/.github/workflows/benches.yml @@ -19,6 +19,7 @@ env: jobs: build: + if: false # benches are broken until https://github.com/RustCrypto/AEADs/pull/665 merges runs-on: ubuntu-latest strategy: matrix: