diff --git a/ocb3/src/lib.rs b/ocb3/src/lib.rs index ed141f36..7b339fa0 100644 --- a/ocb3/src/lib.rs +++ b/ocb3/src/lib.rs @@ -20,12 +20,8 @@ pub use aead::{ }; use crate::util::{double, inplace_xor, ntz, Block}; -use aead::generic_array::{ - typenum::{GrEq, IsGreaterOrEqual, IsLessOrEqual, LeEq, NonZero}, - ArrayLength, -}; use cipher::{ - consts::{U0, U12, U15, U16, U6}, + consts::{U0, U12, U16}, BlockDecrypt, BlockEncrypt, BlockSizeUser, }; use core::marker::PhantomData; @@ -58,6 +54,32 @@ pub type Nonce = GenericArray; /// OCB3 tag pub type Tag = GenericArray; +mod sealed { + use aead::generic_array::{ + typenum::{GrEq, IsGreaterOrEqual, IsLessOrEqual, LeEq, NonZero, U15, U16, U6}, + ArrayLength, + }; + + pub trait NonceSizes: ArrayLength {} + + impl NonceSizes for T + where + T: ArrayLength + IsGreaterOrEqual + IsLessOrEqual, + GrEq: NonZero, + LeEq: NonZero, + { + } + + pub trait TagSizes: ArrayLength {} + + impl TagSizes for T + where + T: ArrayLength + NonZero + IsLessOrEqual, + LeEq: NonZero, + { + } +} + /// OCB3: generic over a block cipher implementation, nonce size, and tag size. /// /// - `NonceSize`: max of 15-bytes, default and recommended size of 12-bytes (96-bits). @@ -101,11 +123,8 @@ pub type Tag = GenericArray; #[derive(Clone)] pub struct Ocb3 where - NonceSize: ArrayLength + IsGreaterOrEqual + IsLessOrEqual, - TagSize: ArrayLength + NonZero + IsLessOrEqual, - GrEq: NonZero, - LeEq: NonZero, - LeEq: NonZero, + NonceSize: sealed::NonceSizes, + TagSize: sealed::TagSizes, { cipher: Cipher, nonce_size: PhantomData, @@ -124,11 +143,8 @@ type Sum = GenericArray; impl KeySizeUser for Ocb3 where Cipher: KeySizeUser, - NonceSize: ArrayLength + IsGreaterOrEqual + IsLessOrEqual, - TagSize: ArrayLength + NonZero + IsLessOrEqual, - GrEq: NonZero, - LeEq: NonZero, - LeEq: NonZero, + NonceSize: sealed::NonceSizes, + TagSize: sealed::TagSizes, { type KeySize = Cipher::KeySize; } @@ -136,11 +152,8 @@ where impl KeyInit for Ocb3 where Cipher: BlockSizeUser + BlockEncrypt + KeyInit + BlockDecrypt, - NonceSize: ArrayLength + IsGreaterOrEqual + IsLessOrEqual, - TagSize: ArrayLength + NonZero + IsLessOrEqual, - GrEq: NonZero, - LeEq: NonZero, - LeEq: NonZero, + NonceSize: sealed::NonceSizes, + TagSize: sealed::TagSizes, { fn new(key: &aead::Key) -> Self { Cipher::new(key).into() @@ -149,11 +162,8 @@ where impl AeadCore for Ocb3 where - NonceSize: ArrayLength + IsGreaterOrEqual + IsLessOrEqual, - TagSize: ArrayLength + NonZero + IsLessOrEqual, - GrEq: NonZero, - LeEq: NonZero, - LeEq: NonZero, + NonceSize: sealed::NonceSizes, + TagSize: sealed::TagSizes, { type NonceSize = NonceSize; type TagSize = TagSize; @@ -163,11 +173,8 @@ where impl From for Ocb3 where Cipher: BlockSizeUser + BlockEncrypt + BlockDecrypt, - NonceSize: ArrayLength + IsGreaterOrEqual + IsLessOrEqual, - TagSize: ArrayLength + NonZero + IsLessOrEqual, - GrEq: NonZero, - LeEq: NonZero, - LeEq: NonZero, + NonceSize: sealed::NonceSizes, + TagSize: sealed::TagSizes, { fn from(cipher: Cipher) -> Self { let (ll_star, ll_dollar, ll) = key_dependent_variables(&cipher); @@ -206,11 +213,8 @@ fn key_dependent_variables + BlockEncrypt impl AeadInPlace for Ocb3 where Cipher: BlockSizeUser + BlockEncrypt + BlockDecrypt, - NonceSize: ArrayLength + IsGreaterOrEqual + IsLessOrEqual, - TagSize: ArrayLength + NonZero + IsLessOrEqual, - GrEq: NonZero, - LeEq: NonZero, - LeEq: NonZero, + NonceSize: sealed::NonceSizes, + TagSize: sealed::TagSizes, { fn encrypt_in_place_detached( &self, @@ -291,11 +295,8 @@ where impl Ocb3 where Cipher: BlockSizeUser + BlockEncrypt + BlockDecrypt, - NonceSize: ArrayLength + IsGreaterOrEqual + IsLessOrEqual, - TagSize: ArrayLength + NonZero + IsLessOrEqual, - GrEq: NonZero, - LeEq: NonZero, - LeEq: NonZero, + NonceSize: sealed::NonceSizes, + TagSize: sealed::TagSizes, { /// Decrypts in place and returns expected tag. pub(crate) fn decrypt_in_place_return_tag( @@ -444,7 +445,7 @@ where /// in https://www.rfc-editor.org/rfc/rfc7253.html#section-4.2 fn nonce_dependent_variables< Cipher: BlockSizeUser + BlockEncrypt, - NonceSize: ArrayLength + IsGreaterOrEqual + IsLessOrEqual, + NonceSize: sealed::NonceSizes, >( cipher: &Cipher, nn: &Nonce, @@ -483,7 +484,7 @@ fn nonce_dependent_variables< /// in https://www.rfc-editor.org/rfc/rfc7253.html#section-4.2 fn initial_offset< Cipher: BlockSizeUser + BlockEncrypt, - NonceSize: ArrayLength + IsGreaterOrEqual + IsLessOrEqual, + NonceSize: sealed::NonceSizes, >( cipher: &Cipher, nn: &Nonce, @@ -502,11 +503,8 @@ fn initial_offset< impl Ocb3 where Cipher: BlockSizeUser + BlockEncrypt, - NonceSize: ArrayLength + IsGreaterOrEqual + IsLessOrEqual, - TagSize: ArrayLength + NonZero + IsLessOrEqual, - GrEq: NonZero, - LeEq: NonZero, - LeEq: NonZero, + NonceSize: sealed::NonceSizes, + TagSize: sealed::TagSizes, { /// Computes HASH function defined in https://www.rfc-editor.org/rfc/rfc7253.html#section-4.1 fn hash(&self, associated_data: &[u8]) -> Sum {