Skip to main content

Alphabet

Trait Alphabet 

Source
pub trait Alphabet {
    const ENCODE: [u8; 64];

    // Required method
    fn decode(byte: u8) -> Option<u8>;

    // Provided method
    fn encode(value: u8) -> u8 { ... }
}
Expand description

A Base64 alphabet.

§Security

The default Alphabet::encode implementation is constant-time-oriented: it scans all 64 alphabet entries instead of using ENCODE[value as usize]. If an implementation overrides encode with a direct table lookup, normal Engine encoding becomes timing-sensitive with respect to the emitted 6-bit value.

The normal strict decode path calls Alphabet::decode and is not a constant-time decoder. The ct module does not call Alphabet::decode; it scans Alphabet::ENCODE directly with its own fixed 64-entry mapper. A custom non-constant-time decode implementation therefore affects normal strict decode diagnostics and timing, but not the ct module’s symbol-mapping loop.

Required Associated Constants§

Source

const ENCODE: [u8; 64]

Encoding table indexed by 6-bit values.

Required Methods§

Source

fn decode(byte: u8) -> Option<u8>

Decode one byte into a 6-bit value.

Implementations that want conservative custom-alphabet timing posture should delegate to decode_alphabet_byte, which scans all 64 entries before returning. The ct module ignores this method and scans Self::ENCODE directly.

Provided Methods§

Source

fn encode(value: u8) -> u8

Encode one 6-bit value into an alphabet byte.

The default implementation scans the alphabet table instead of using a secret-indexed table lookup. Built-in alphabets override this with the branch-minimized ASCII arithmetic mapper. Custom alphabets that keep the default method prioritize timing posture over throughput: every emitted Base64 byte performs a fixed 64-entry scan. For massive payloads with user-defined alphabets, profile this cost and consider an audited custom override only if the alphabet has a structure that can be mapped without secret-indexed table access.

Dyn Compatibility§

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety".

Implementors§