chachacha 0.4.2

SIMD optimized implementations of the Chacha stream cipher
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105

/*!
Module containing useful constants/structs and the core [`Machine`] trait.
*/

use crate::variations::*;
use core::ops::Add;

/// Size (in 8-bit integers) of a single ChaCha computation.
pub const BUF_LEN_U8: usize = MATRIX_SIZE_U8 * DEPTH;
/// Size (in 64-bit integers) of a single ChaCha computation.
pub const BUF_LEN_U64: usize = BUF_LEN_U8 / size_of::<u64>();
/// Columns present in a standard ChaCha matrix.
pub const COLUMNS: usize = 4;
/// Rows present in a standard ChaCha matrix.
pub const ROWS: usize = 4;
/// Size (in 8-bit integers) of the raw seed for a ChaCha instance.
pub const SEED_LEN_U8: usize = (ROWS - 1) * size_of::<Row>();
/// Size (in 32-bit integers) of the raw seed for a ChaCha instance.
pub const SEED_LEN_U32: usize = SEED_LEN_U8 / size_of::<u32>();
/// Size (in 64-bit integers) of the raw seed for a ChaCha instance.
pub const SEED_LEN_U64: usize = SEED_LEN_U8 / size_of::<u64>();
/// Size (in 8-bit integers) of a reference ChaCha matrix.
pub const MATRIX_SIZE_U8: usize = MATRIX_SIZE_U32 * size_of::<u32>();
/// Size (in 32-bit integers) of a reference ChaCha matrix.
pub const MATRIX_SIZE_U32: usize = COLUMNS * ROWS;

/// The amount of distinct ChaCha blocks we process in parallel.
pub const DEPTH: usize = 4;
/// Standard constant used in all ChaCha implementations.
pub const ROW_A: Row = Row {
    u8x16: *b"expand 32-byte k",
};

/// Wrapper for the raw data of a ChaCha row. In a reference
/// implementation this would just be the `u32x4` field, but having
/// `u64x2` is useful for working with a 64-bit counter and `u8x16`
/// is useful for some tests. `u16x8` is included for completeness.
#[derive(Clone, Copy)]
#[repr(C, align(16))]
pub union Row {
    pub u8x16: [u8; 16],
    pub u16x8: [u16; 8],
    pub u32x4: [u32; 4],
    pub u64x2: [u64; 2],
}

/// `ChaChaCore` without the `PhantomData` types.
///
/// Makes concrete implementations of `Machine` less verbose.
#[repr(C)]
pub struct ChaChaNaked {
    pub row_b: Row,
    pub row_c: Row,
    pub row_d: Row,
}

/// Core trait which must be implemented for all supported architectures.
pub trait Machine: Add<Output = Self> + Clone {
    /// Creates a new `Machine` by broadcasting the provided `ChaChaNaked`
    /// to `DEPTH` instances and incrementing the counters accordingly.
    #[inline]
    fn new<V: Variant>(state: &ChaChaNaked) -> Self {
        match V::VAR {
            Variants::Djb => Self::new_djb(state),
            Variants::Ietf => Self::new_ietf(state),
        }
    }

    /// Not to be used directly.
    fn new_djb(state: &ChaChaNaked) -> Self;

    /// Not to be used directly.
    fn new_ietf(state: &ChaChaNaked) -> Self;

    /// Increments the counter of each ChaCha instance in the current `Machine`.
    #[inline]
    fn increment<V: Variant>(&mut self) {
        match V::VAR {
            Variants::Djb => self.increment_djb(),
            Variants::Ietf => self.increment_ietf(),
        }
    }

    /// Not to be used directly.
    fn increment_djb(&mut self);

    /// Not to be used directly.
    fn increment_ietf(&mut self);

    /// Performs the standard ChaCha double round operation.
    fn double_round(&mut self);

    /// Converts the current `Machine` into raw bytes.
    fn fetch_result(self, buf: &mut [u8; BUF_LEN_U8]);

    /// Xors the current `Machine` raw bytes with `buf`.
    #[inline]
    fn xor_result(self, buf: &mut [u8; BUF_LEN_U8]) {
        let mut tmp = [0; BUF_LEN_U8];
        self.fetch_result(&mut tmp);
        for i in 0..BUF_LEN_U8 {
            buf[i] ^= tmp[i];
        }
    }
}