Skip to content

Commit 4af7cc2

Browse files
baloobaloo
committed
finish inout migration
1 parent 60c669d commit 4af7cc2

14 files changed

Lines changed: 119 additions & 99 deletions

File tree

aes-gcm-siv/src/lib.rs

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -278,10 +278,10 @@ where
278278
}
279279

280280
self.polyval.update_padded(associated_data);
281-
self.polyval.update_padded(buffer);
281+
self.polyval.update_padded(buffer.get_in());
282282

283283
let tag = self.finish_tag(associated_data.len(), buffer.len());
284-
init_ctr(&self.enc_cipher, &tag).apply_keystream_partial(buffer.into());
284+
init_ctr(&self.enc_cipher, &tag).apply_keystream_partial(buffer);
285285

286286
Ok(tag)
287287
}
@@ -291,7 +291,7 @@ where
291291
pub(crate) fn decrypt_inout_detached(
292292
mut self,
293293
associated_data: &[u8],
294-
buffer: InOutBuf<'_, '_, u8>,
294+
mut buffer: InOutBuf<'_, '_, u8>,
295295
tag: &Tag,
296296
) -> Result<(), Error> {
297297
if buffer.len() as u64 > C_MAX || associated_data.len() as u64 > A_MAX {
@@ -301,8 +301,8 @@ where
301301
self.polyval.update_padded(associated_data);
302302

303303
// TODO(tarcieri): interleave decryption and authentication
304-
init_ctr(&self.enc_cipher, tag).apply_keystream_partial(buffer.into());
305-
self.polyval.update_padded(buffer);
304+
init_ctr(&self.enc_cipher, tag).apply_keystream_partial(buffer.reborrow());
305+
self.polyval.update_padded(buffer.get_in());
306306

307307
let expected_tag = self.finish_tag(associated_data.len(), buffer.len());
308308

@@ -312,7 +312,7 @@ where
312312
} else {
313313
// On MAC verify failure, re-encrypt the plaintext buffer to
314314
// prevent accidental exposure.
315-
init_ctr(&self.enc_cipher, tag).apply_keystream_partial(buffer.into());
315+
init_ctr(&self.enc_cipher, tag).apply_keystream_partial(buffer);
316316
Err(Error)
317317
}
318318
}

aes-gcm/src/lib.rs

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -270,7 +270,7 @@ where
270270
&self,
271271
nonce: &Nonce<NonceSize>,
272272
associated_data: &[u8],
273-
buffer: InOutBuf<'_, '_, u8>,
273+
mut buffer: InOutBuf<'_, '_, u8>,
274274
) -> Result<Tag<TagSize>, Error> {
275275
if buffer.len() as u64 > P_MAX || associated_data.len() as u64 > A_MAX {
276276
return Err(Error);
@@ -280,17 +280,17 @@ where
280280

281281
// TODO(tarcieri): interleave encryption with GHASH
282282
// See: <https://github.com/RustCrypto/AEADs/issues/74>
283-
ctr.apply_keystream_partial(buffer.into());
283+
ctr.apply_keystream_partial(buffer.reborrow());
284284

285-
let full_tag = self.compute_tag(mask, associated_data, buffer);
285+
let full_tag = self.compute_tag(mask, associated_data, buffer.get_in());
286286
Ok(Tag::try_from(&full_tag[..TagSize::to_usize()]).expect("tag size mismatch"))
287287
}
288288

289289
fn decrypt_inout_detached(
290290
&self,
291291
nonce: &Nonce<NonceSize>,
292292
associated_data: &[u8],
293-
buffer: InOutBuf<'_, '_, u8>,
293+
mut buffer: InOutBuf<'_, '_, u8>,
294294
tag: &Tag<TagSize>,
295295
) -> Result<(), Error> {
296296
if buffer.len() as u64 > C_MAX || associated_data.len() as u64 > A_MAX {
@@ -301,7 +301,7 @@ where
301301

302302
// TODO(tarcieri): interleave encryption with GHASH
303303
// See: <https://github.com/RustCrypto/AEADs/issues/74>
304-
let expected_tag = self.compute_tag(mask, associated_data, buffer);
304+
let expected_tag = self.compute_tag(mask, associated_data, buffer.get_out());
305305

306306
use subtle::ConstantTimeEq;
307307
if expected_tag[..TagSize::to_usize()].ct_eq(tag).into() {

aes-gcm/tests/common/mod.rs

Lines changed: 3 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -90,11 +90,9 @@ macro_rules! tests {
9090
tag[0] ^= 0xaa;
9191

9292
let cipher = <$aead>::new(&key);
93-
assert!(
94-
cipher
95-
.decrypt_inout_detached(&nonce, &[], &mut buffer, &tag)
96-
.is_err()
97-
);
93+
assert!(cipher
94+
.decrypt_inout_detached(&nonce, &[], (buffer.as_mut_slice()).into(), &tag)
95+
.is_err());
9896

9997
assert_eq!(vector.ciphertext, buffer);
10098
}

aes-siv/src/siv.rs

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -70,9 +70,9 @@
7070
7171
use crate::Tag;
7272
use aead::{
73-
Buffer, Error,
74-
array::{Array, ArraySize, typenum::U16},
73+
array::{typenum::U16, Array, ArraySize},
7574
inout::InOutBuf,
75+
Buffer, Error,
7676
};
7777
use aes::{Aes128, Aes256};
7878
use cipher::{
@@ -213,7 +213,7 @@ where
213213
// TODO(tarcieri): add offset param to `encrypt_inout_detached`
214214
buffer.as_mut().copy_within(..pt_len, IV_SIZE);
215215

216-
let tag = self.encrypt_inout_detached(headers, &mut buffer.as_mut()[IV_SIZE..])?;
216+
let tag = self.encrypt_inout_detached(headers, (&mut buffer.as_mut()[IV_SIZE..]).into())?;
217217
buffer.as_mut()[..IV_SIZE].copy_from_slice(tag.as_slice());
218218
Ok(())
219219
}
@@ -227,15 +227,15 @@ where
227227
pub fn encrypt_inout_detached<I, T>(
228228
&mut self,
229229
headers: I,
230-
plaintext: InOutBuf<'_, '_, u8>,
230+
mut plaintext: InOutBuf<'_, '_, u8>,
231231
) -> Result<Tag, Error>
232232
where
233233
I: IntoIterator<Item = T>,
234234
T: AsRef<[u8]>,
235235
{
236236
// Compute the synthetic IV for this plaintext
237-
let siv_tag = s2v(&mut self.mac, headers, plaintext)?;
238-
self.xor_with_keystream(siv_tag, plaintext);
237+
let siv_tag = s2v(&mut self.mac, headers, plaintext.get_in())?;
238+
self.xor_with_keystream(siv_tag, plaintext.get_out());
239239
Ok(siv_tag)
240240
}
241241

@@ -271,7 +271,7 @@ where
271271
}
272272

273273
let siv_tag = Tag::try_from(&buffer.as_ref()[..IV_SIZE]).expect("tag size mismatch");
274-
self.decrypt_inout_detached(headers, &mut buffer.as_mut()[IV_SIZE..], &siv_tag)?;
274+
self.decrypt_inout_detached(headers, (&mut buffer.as_mut()[IV_SIZE..]).into(), &siv_tag)?;
275275

276276
let pt_len = buffer.len() - IV_SIZE;
277277

@@ -290,22 +290,22 @@ where
290290
pub fn decrypt_inout_detached<I, T>(
291291
&mut self,
292292
headers: I,
293-
ciphertext: InOutBuf<'_, '_, u8>,
293+
mut ciphertext: InOutBuf<'_, '_, u8>,
294294
siv_tag: &Tag,
295295
) -> Result<(), Error>
296296
where
297297
I: IntoIterator<Item = T>,
298298
T: AsRef<[u8]>,
299299
{
300-
self.xor_with_keystream(*siv_tag, ciphertext);
301-
let computed_siv_tag = s2v(&mut self.mac, headers, ciphertext)?;
300+
self.xor_with_keystream(*siv_tag, ciphertext.get_out());
301+
let computed_siv_tag = s2v(&mut self.mac, headers, ciphertext.get_in())?;
302302

303303
// Note: `CtOutput` provides constant-time equality
304304
if CtOutput::<M>::new(computed_siv_tag) == CtOutput::new(*siv_tag) {
305305
Ok(())
306306
} else {
307307
// Re-encrypt the decrypted plaintext to avoid revealing it
308-
self.xor_with_keystream(*siv_tag, ciphertext);
308+
self.xor_with_keystream(*siv_tag, ciphertext.get_out());
309309
Err(Error)
310310
}
311311
}

aes-siv/tests/aead.rs

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ macro_rules! tests {
4040

4141
let cipher = <$aead>::new(&key);
4242
let tag = cipher
43-
.encrypt_inout_detached(&nonce, vector.aad, &mut buffer)
43+
.encrypt_inout_detached(&nonce, vector.aad, buffer.as_mut_slice().into())
4444
.unwrap();
4545
let (expected_tag, expected_ciphertext) = vector.ciphertext.split_at(16);
4646
assert_eq!(expected_tag, &tag[..]);
@@ -75,7 +75,7 @@ macro_rules! tests {
7575
let mut buffer = vector.ciphertext[16..].to_vec();
7676

7777
<$aead>::new(&key)
78-
.decrypt_inout_detached(&nonce, vector.aad, &mut buffer, &tag)
78+
.decrypt_inout_detached(&nonce, vector.aad, buffer.as_mut_slice().into(), &tag)
7979
.unwrap();
8080

8181
assert_eq!(vector.plaintext, buffer.as_slice());
@@ -107,8 +107,8 @@ macro_rules! tests {
107107

108108
mod aes128cmacsivaead {
109109
use super::TestVector;
110+
use aes_siv::aead::{array::Array, Aead, AeadInOut, KeyInit, Payload};
110111
use aes_siv::Aes128SivAead;
111-
use aes_siv::aead::{Aead, AeadInOut, KeyInit, Payload, array::Array};
112112

113113
/// AES-128-CMAC-SIV test vectors
114114
const TEST_VECTORS: &[TestVector<[u8; 32]>] = &[TestVector {
@@ -131,8 +131,8 @@ mod aes128cmacsivaead {
131131
#[cfg(feature = "pmac")]
132132
mod aes128pmacsivaead {
133133
use super::TestVector;
134+
use aes_siv::aead::{array::Array, Aead, AeadInOut, KeyInit, Payload};
134135
use aes_siv::Aes128PmacSivAead;
135-
use aes_siv::aead::{Aead, AeadInOut, KeyInit, Payload, array::Array};
136136

137137
/// AES-128-PMAC-SIV test vectors
138138
const AES_128_PMAC_SIV_TEST_VECTORS: &[TestVector<[u8; 32]>] = &[TestVector {

ascon-aead/src/asconcore.rs

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -2,11 +2,12 @@
22
// SPDX-License-Identifier: Apache-2.0 OR MIT
33

44
use aead::{
5-
Error,
6-
array::{Array, ArraySize, typenum::Unsigned},
5+
array::{typenum::Unsigned, Array, ArraySize},
76
consts::{U16, U20},
7+
inout::InOutBuf,
8+
Error,
89
};
9-
use ascon::{State, pad};
10+
use ascon::{pad, State};
1011
use subtle::ConstantTimeEq;
1112

1213
/// Clear bytes from a 64 bit word.
@@ -339,28 +340,28 @@ impl<'a, P: Parameters> AsconCore<'a, P> {
339340

340341
pub(crate) fn encrypt_inplace(
341342
&mut self,
342-
message: &mut [u8],
343+
mut message: InOutBuf<'_, '_, u8>,
343344
associated_data: &[u8],
344345
) -> Array<u8, U16> {
345346
self.process_associated_data(associated_data);
346-
self.process_encrypt_inplace(message);
347+
self.process_encrypt_inplace(message.get_out());
347348
Array::from(self.process_final())
348349
}
349350

350351
pub(crate) fn decrypt_inplace(
351352
&mut self,
352-
ciphertext: &mut [u8],
353+
mut ciphertext: InOutBuf<'_, '_, u8>,
353354
associated_data: &[u8],
354355
expected_tag: &Array<u8, U16>,
355356
) -> Result<(), Error> {
356357
self.process_associated_data(associated_data);
357-
self.process_decrypt_inplace(ciphertext);
358+
self.process_decrypt_inplace(ciphertext.get_out());
358359

359360
let tag = self.process_final();
360361
if bool::from(tag.ct_eq(expected_tag)) {
361362
Ok(())
362363
} else {
363-
ciphertext.fill(0);
364+
ciphertext.get_out().fill(0);
364365
Err(Error)
365366
}
366367
}

ccm/src/lib.rs

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -232,9 +232,9 @@ where
232232
&self,
233233
nonce: &Nonce<N>,
234234
adata: &[u8],
235-
buffer: InOutBuf<'_, '_, u8>,
235+
mut buffer: InOutBuf<'_, '_, u8>,
236236
) -> Result<Tag<Self::TagSize>, Error> {
237-
let mut full_tag = self.calc_mac(nonce, adata, buffer)?;
237+
let mut full_tag = self.calc_mac(nonce, adata, buffer.get_in())?;
238238

239239
let ext_nonce = Self::extend_nonce(nonce);
240240
// number of bytes left for counter (max 8)
@@ -243,11 +243,11 @@ where
243243
if cb > 4 {
244244
let mut ctr = Ctr64BE::from_core(CtrCore::inner_iv_init(&self.cipher, &ext_nonce));
245245
ctr.apply_keystream(&mut full_tag);
246-
ctr.apply_keystream(buffer);
246+
ctr.apply_keystream(buffer.get_out());
247247
} else {
248248
let mut ctr = Ctr32BE::from_core(CtrCore::inner_iv_init(&self.cipher, &ext_nonce));
249249
ctr.apply_keystream(&mut full_tag);
250-
ctr.apply_keystream(buffer);
250+
ctr.apply_keystream(buffer.get_out());
251251
}
252252

253253
Ok(Tag::try_from(&full_tag[..M::to_usize()]).expect("tag size mismatch"))
@@ -257,7 +257,7 @@ where
257257
&self,
258258
nonce: &Nonce<N>,
259259
adata: &[u8],
260-
buffer: InOutBuf<'_, '_, u8>,
260+
mut buffer: InOutBuf<'_, '_, u8>,
261261
tag: &Tag<Self::TagSize>,
262262
) -> Result<(), Error> {
263263
let ext_nonce = Self::extend_nonce(nonce);
@@ -267,14 +267,14 @@ where
267267
if cb > 4 {
268268
let mut ctr = Ctr64BE::from_core(CtrCore::inner_iv_init(&self.cipher, &ext_nonce));
269269
ctr.seek(C::BlockSize::USIZE);
270-
ctr.apply_keystream(buffer);
270+
ctr.apply_keystream(buffer.get_out());
271271
} else {
272272
let mut ctr = Ctr32BE::from_core(CtrCore::inner_iv_init(&self.cipher, &ext_nonce));
273273
ctr.seek(C::BlockSize::USIZE);
274-
ctr.apply_keystream(buffer);
274+
ctr.apply_keystream(buffer.get_out());
275275
}
276276

277-
let mut full_tag = self.calc_mac(nonce, adata, buffer)?;
277+
let mut full_tag = self.calc_mac(nonce, adata, buffer.get_in())?;
278278

279279
if cb > 4 {
280280
let mut ctr = Ctr64BE::from_core(CtrCore::inner_iv_init(&self.cipher, &ext_nonce));
@@ -287,7 +287,7 @@ where
287287
if full_tag[..tag.len()].ct_eq(tag).into() {
288288
Ok(())
289289
} else {
290-
buffer.iter_mut().for_each(|v| *v = 0);
290+
buffer.get_out().fill(0);
291291
Err(Error)
292292
}
293293
}

ccm/tests/mod.rs

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
11
#![cfg(feature = "alloc")]
22

3-
use aead::{Aead, AeadInOut, KeyInit, Payload, array::Array};
3+
use aead::{array::Array, Aead, AeadInOut, KeyInit, Payload};
44
use aes::{Aes128, Aes192, Aes256};
55
use ccm::{
6+
consts::{U10, U11, U12, U13, U14, U16, U4, U6, U7, U8, U9},
67
Ccm,
7-
consts::{U4, U6, U7, U8, U9, U10, U11, U12, U13, U14, U16},
88
};
99
use hex_literal::hex;
1010

@@ -19,11 +19,11 @@ fn test_data_len_check() {
1919
let c = Cipher::new(&key);
2020

2121
let mut buf1 = [1; u16::MAX as usize];
22-
let res = c.encrypt_inout_detached(&nonce, &[], &mut buf1);
22+
let res = c.encrypt_inout_detached(&nonce, &[], (&mut buf1[..]).into());
2323
assert!(res.is_ok());
2424

2525
let mut buf2 = [1; u16::MAX as usize + 1];
26-
let res = c.encrypt_inout_detached(&nonce, &[], &mut buf2);
26+
let res = c.encrypt_inout_detached(&nonce, &[], (&mut buf2[..]).into());
2727
assert!(res.is_err());
2828
}
2929

0 commit comments

Comments
 (0)