migrate to the latest version of sponge-cursor

Author: newpavlov

Cargo.lock

@@ -14,117 +14,110 @@ pub use digest::{self, Digest};
 mod oids;
 mod variants;
 
-use crate::variants::Rate;
+pub use variants::*;
+
 use bash_f::{STATE_WORDS, bash_f};
 use core::fmt;
 use digest::{
     ExtendableOutput, ExtendableOutputReset, Reset, TryCustomizedInit, Update, XofReader,
-    typenum::{U1, U2, U16, U24, U32},
 };
 use sponge_cursor::SpongeCursor;
-pub use variants::{Capacity, SecurityLevel};
-
-/// Invalid header length error
-#[derive(Debug)]
-pub struct InvalidHeaderLength;
 
 /// Data type codes from Table 3 of STB 34.101.77-2020
 const DATA: u8 = 0b000010;
 /// Data type codes from Table 3 of STB 34.101.77-2020
 const OUT: u8 = 0b000100;
 
-/// `bash-prg-hash` hasher generic over security level and capacity.
+/// `bash-prg-hash` hasher generic over rate and capacity.
 ///
 /// # Generic Parameters
 ///
-/// - `L`: Security level ℓ ∈ {128, 192, 256}. Use `U16`, `U24`, or `U32` from `digest::typenum`.
-/// - `D`: Capacity d ∈ {1, 2}. Use `U1` or `U2` from `digest::typenum`.
+/// Only the following combinations of rate and capacity with
+/// the resulting security level are supported:
 ///
-/// # Examples
+/// | Rate, bytes | Capacity | Security level, bits |
+/// |:-----------:|:--------:|:--------------------:|
+/// |     160     |     1    |          128         |
+/// |     128     |     2    |          128         |
+/// |     144     |     1    |          192         |
+/// |      96     |     2    |          192         |
+/// |     128     |     1    |          256         |
+/// |      64     |     2    |          256         |
 ///
-/// ```
-/// use bash_prg_hash::{BashPrgHash1281, digest::{ExtendableOutput, Update, XofReader}};
+/// Trying to initialize hasher state with a different pair of parameters will
+/// result in a compilation error.
 ///
-/// let mut hasher = BashPrgHash1281::default();
-/// hasher.update(b"hello world");
-/// let mut reader = hasher.finalize_xof();
-/// let mut output = [0u8; 32];
-/// reader.read(&mut output);
-/// ```
+/// Users are recommended to use type aliases (e.g. [`BashPrgHash1281`]) instead of using
+/// this type directly.
+// Note: Ideally, we would use `LEVEL` instead of `RATE` and define the `cursor` field as
+// `SpongeCursor<{192-2*CAPACITY*LEVEL}>`, but it requires stabilized `generic_const_exprs`.
 #[derive(Clone)]
-pub struct BashPrgHash<L: SecurityLevel, D: Capacity>
-where
-    (L, D): Rate,
-{
+pub struct BashPrgHash<const RATE: usize, const CAPACITY: usize> {
     state: [u64; STATE_WORDS],
-    cursor: SpongeCursor<<(L, D) as Rate>::Rate>,
+    cursor: SpongeCursor<RATE>,
 }
 
-impl<L: SecurityLevel, D: Capacity> Default for BashPrgHash<L, D>
-where
-    (L, D): Rate,
-{
+impl<const RATE: usize, const CAPACITY: usize> Default for BashPrgHash<RATE, CAPACITY> {
+    #[inline]
     fn default() -> Self {
-        Self::try_new_customized(&[][..]).expect("Always correct")
+        Self::try_new_customized(&[]).expect("Always correct")
     }
 }
 
-impl<L: SecurityLevel, D: Capacity> TryCustomizedInit for BashPrgHash<L, D>
-where
-    (L, D): Rate,
-{
-    type Error = InvalidHeaderLength;
+impl<const RATE: usize, const CAPACITY: usize> TryCustomizedInit for BashPrgHash<RATE, CAPACITY> {
+    type Error = InvalidHeaderError;
 
+    #[inline]
     fn try_new_customized(header: &[u8]) -> Result<Self, Self::Error> {
         const MAX_HEADER_LEN: usize = 60;
 
         if header.len() > MAX_HEADER_LEN || header.len() % 4 != 0 {
-            return Err(InvalidHeaderLength);
+            return Err(InvalidHeaderError);
         }
 
-        let mut this = Self {
+        let mut s = Self {
             state: [0u64; STATE_WORDS],
             cursor: SpongeCursor::default(),
         };
 
-        this.start(header);
-        this.commit(DATA);
+        s.start(header);
+        s.commit(DATA);
 
-        Ok(this)
+        Ok(s)
     }
 }
 
-impl<L: SecurityLevel, D: Capacity> Update for BashPrgHash<L, D>
-where
-    (L, D): Rate,
-{
+impl<const RATE: usize, const CAPACITY: usize> BashPrgHash<RATE, CAPACITY> {}
+
+impl<const RATE: usize, const CAPACITY: usize> Update for BashPrgHash<RATE, CAPACITY> {
+    #[inline]
     fn update(&mut self, data: &[u8]) {
-        self.absorb(data);
+        // `absorb[ℓ, d](X)` (Section 8.6.2)
+        self.cursor.absorb_u64_le(&mut self.state, bash_f, data);
     }
 }
 
-impl<L: SecurityLevel, D: Capacity> ExtendableOutput for BashPrgHash<L, D>
-where
-    (L, D): Rate,
-{
-    type Reader = BashPrgHashReader<L, D>;
+impl<const RATE: usize, const CAPACITY: usize> ExtendableOutput for BashPrgHash<RATE, CAPACITY> {
+    type Reader = BashPrgHashReader<RATE, CAPACITY>;
 
+    #[inline]
     fn finalize_xof(mut self) -> Self::Reader {
-        self.finalize();
+        // `squeezePrep[ℓ, d]()` / output preparation: `commit(OUT)` (Section 8.7).
+        self.commit(OUT);
         BashPrgHashReader {
             state: self.state,
             cursor: self.cursor.clone(),
         }
     }
 }
 
-impl<L: SecurityLevel, D: Capacity> ExtendableOutputReset for BashPrgHash<L, D>
-where
-    (L, D): Rate,
+impl<const RATE: usize, const CAPACITY: usize> ExtendableOutputReset
+    for BashPrgHash<RATE, CAPACITY>
 {
+    #[inline]
     fn finalize_xof_reset(&mut self) -> Self::Reader {
         let mut hasher_clone = self.clone();
-        hasher_clone.finalize();
+        hasher_clone.commit(OUT);
         self.reset();
         BashPrgHashReader {
             state: hasher_clone.state,
@@ -133,66 +126,47 @@ where
     }
 }
 
-impl<L: SecurityLevel, D: Capacity> Reset for BashPrgHash<L, D>
-where
-    (L, D): Rate,
-{
+impl<const RATE: usize, const CAPACITY: usize> Reset for BashPrgHash<RATE, CAPACITY> {
+    #[inline]
     fn reset(&mut self) {
         *self = Self::default();
     }
 }
 
-impl<L: SecurityLevel, D: Capacity> fmt::Debug for BashPrgHash<L, D>
-where
-    (L, D): Rate,
-{
+impl<const RATE: usize, const CAPACITY: usize> fmt::Debug for BashPrgHash<RATE, CAPACITY> {
+    #[inline]
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         f.write_str("BashPrgHash { ... }")
     }
 }
 
-impl<L: SecurityLevel, D: Capacity> digest::CollisionResistance for BashPrgHash<L, D>
-where
-    (L, D): Rate,
-{
-    type CollisionResistance = L;
-}
-
 #[cfg(feature = "zeroize")]
-impl<L: SecurityLevel, D: Capacity> digest::zeroize::ZeroizeOnDrop for BashPrgHash<L, D> where
-    (L, D): Rate
+impl<const RATE: usize, const CAPACITY: usize> digest::zeroize::ZeroizeOnDrop
+    for BashPrgHash<RATE, CAPACITY>
 {
 }
 
 /// Reader for bash-prg-hash XOF output.
 #[derive(Clone)]
-pub struct BashPrgHashReader<L: SecurityLevel, D: Capacity>
-where
-    (L, D): Rate,
-{
+pub struct BashPrgHashReader<const RATE: usize, const CAPACITY: usize> {
     state: [u64; STATE_WORDS],
-    cursor: SpongeCursor<<(L, D) as Rate>::Rate>,
+    cursor: SpongeCursor<RATE>,
 }
 
-impl<L: SecurityLevel, D: Capacity> XofReader for BashPrgHashReader<L, D>
-where
-    (L, D): Rate,
-{
+impl<const RATE: usize, const CAPACITY: usize> XofReader for BashPrgHashReader<RATE, CAPACITY> {
+    #[inline]
     fn read(&mut self, buffer: &mut [u8]) {
         self.squeeze(buffer);
     }
 }
 
 #[cfg(feature = "zeroize")]
-impl<L: SecurityLevel, D: Capacity> digest::zeroize::ZeroizeOnDrop for BashPrgHashReader<L, D> where
-    (L, D): Rate
+impl<const RATE: usize, const CAPACITY: usize> digest::zeroize::ZeroizeOnDrop
+    for BashPrgHashReader<RATE, CAPACITY>
 {
 }
 
-impl<L: SecurityLevel, D: Capacity> BashPrgHash<L, D>
-where
-    (L, D): Rate,
-{
+impl<const RATE: usize, const CAPACITY: usize> BashPrgHash<RATE, CAPACITY> {
     /// Modify byte at position in state
     fn modify_byte(state: &mut [u64; STATE_WORDS], pos: usize, f: impl FnOnce(&mut u8)) {
         let word_idx = pos / 8;
@@ -218,21 +192,10 @@ where
         self.cursor = SpongeCursor::new(pos).expect("pos within bounds");
 
         // Step 6: S[1472...) <- <ℓ/4 + d>_64
-        self.state[23] = (L::USIZE * 2 + D::USIZE) as u64;
+        let level = (192 - RATE) / (2 * CAPACITY);
+        self.state[23] = (level * 2 + CAPACITY) as u64;
     }
 
-    /// `squeezePrep[ℓ, d]()` / output preparation: `commit(OUT)` (Section 8.7).
-    fn finalize(&mut self) {
-        self.commit(OUT);
-    }
-}
-
-impl<L: SecurityLevel, D: Capacity> BashPrgHash<L, D>
-where
-    (L, D): Rate,
-{
-    const RATE: usize = 192 - 2 * D::USIZE * L::USIZE;
-
     fn get_byte(state: &[u64; STATE_WORDS], pos: usize) -> u8 {
         let word_idx = pos / 8;
         let byte_in_word = pos % 8;
@@ -245,12 +208,6 @@ where
         }
     }
 
-    /// `absorb[ℓ, d](X)` (Section 8.6.2)
-    fn absorb(&mut self, data: &[u8]) {
-        self.cursor
-            .absorb_u64_le::<STATE_WORDS>(&mut self.state, bash_f, data);
-    }
-
     /// `commit[ℓ, d](t)` (Section 8.4.2)
     fn commit(&mut self, t: u8) {
         let pos = self.cursor.pos();
@@ -260,10 +217,8 @@ where
         Self::modify_byte(&mut self.state, pos, |b| *b ^= tag);
 
         // Step 2: S[r] <- S[r] ⊕ 1, where r = 1536 - 2 d ℓ (bit index).
-        let r_bit_in_byte = (Self::RATE * 8) % 8;
-        Self::modify_byte(&mut self.state, Self::RATE, |b| {
-            *b ^= 1u8 << (7 - r_bit_in_byte)
-        });
+        let r_bit_in_byte = (RATE * 8) % 8;
+        Self::modify_byte(&mut self.state, RATE, |b| *b ^= 1u8 << (7 - r_bit_in_byte));
 
         // Step 3: S <- bash-f(S).
         bash_f(&mut self.state);
@@ -272,24 +227,25 @@ where
     }
 }
 
-impl<L: SecurityLevel, D: Capacity> BashPrgHashReader<L, D>
-where
-    (L, D): Rate,
-{
+impl<const RATE: usize, const CAPACITY: usize> BashPrgHashReader<RATE, CAPACITY> {
     /// `squeeze[ℓ, d](Y)` (Section 8.7.2)
     fn squeeze(&mut self, output: &mut [u8]) {
         let mut remaining = output;
 
         while !remaining.is_empty() {
             // Step 1: Split Y into the next chunk Yi with |Yi| <= r - pos.
             let pos = self.cursor.pos();
-            let to_squeeze = remaining.len().min(BashPrgHash::<L, D>::RATE - pos);
+            let to_squeeze = remaining.len().min(RATE - pos);
 
             // Step 2: Yi <- S[pos..pos+|Yi|), pos <- pos + |Yi|.
-            BashPrgHash::<L, D>::extract_bytes(&self.state, pos, &mut remaining[..to_squeeze]);
+            BashPrgHash::<RATE, CAPACITY>::extract_bytes(
+                &self.state,
+                pos,
+                &mut remaining[..to_squeeze],
+            );
             remaining = &mut remaining[to_squeeze..];
 
-            if pos + to_squeeze == BashPrgHash::<L, D>::RATE {
+            if pos + to_squeeze == RATE {
                 // Step 3: If pos = r then S <- bash-f(S), pos <- 0.
                 bash_f(&mut self.state);
                 self.cursor = SpongeCursor::default();
@@ -301,10 +257,8 @@ where
     }
 }
 
-impl<L: SecurityLevel, D: Capacity> Drop for BashPrgHash<L, D>
-where
-    (L, D): Rate,
-{
+impl<const RATE: usize, const CAPACITY: usize> Drop for BashPrgHash<RATE, CAPACITY> {
+    #[inline]
     fn drop(&mut self) {
         #[cfg(feature = "zeroize")]
         {
@@ -314,10 +268,8 @@ where
     }
 }
 
-impl<L: SecurityLevel, D: Capacity> Drop for BashPrgHashReader<L, D>
-where
-    (L, D): Rate,
-{
+impl<const RATE: usize, const CAPACITY: usize> Drop for BashPrgHashReader<RATE, CAPACITY> {
+    #[inline]
     fn drop(&mut self) {
         #[cfg(feature = "zeroize")]
         {
@@ -327,15 +279,17 @@ where
     }
 }
 
-/// bash-prg-hash with ℓ = 128 and d = 1
-pub type BashPrgHash1281 = BashPrgHash<U16, U1>;
-/// bash-prg-hash with ℓ = 128 and d = 2
-pub type BashPrgHash1282 = BashPrgHash<U16, U2>;
-/// bash-prg-hash with ℓ = 192 and d = 1
-pub type BashPrgHash1921 = BashPrgHash<U24, U1>;
-/// bash-prg-hash with ℓ = 192 and d = 2
-pub type BashPrgHash1922 = BashPrgHash<U24, U2>;
-/// bash-prg-hash with ℓ = 256 and d = 1
-pub type BashPrgHash2561 = BashPrgHash<U32, U1>;
-/// bash-prg-hash with ℓ = 256 and d = 2
-pub type BashPrgHash2562 = BashPrgHash<U32, U2>;
+/// Invalid `bash-prg-hash` header error.
+#[derive(Debug)]
+pub struct InvalidHeaderError;
+
+impl fmt::Display for InvalidHeaderError {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        f.write_str(
+            "Invalid `bash-prg-hash` header. \
+            Header length must be a multiple of 4 bytes and not greater than 60 bytes.",
+        )
+    }
+}
+
+impl core::error::Error for InvalidHeaderError {}