std/crypto: API cleanup

lib/std/crypto/blake2.zig

@@ -77,7 +77,7 @@ pub fn Blake2s(comptime out_bits: usize) type {
         buf_len: u8,
 
         pub fn init(options: Options) Self {
-            debug.assert(8 <= out_bits and out_bits <= 256);
+            comptime debug.assert(8 <= out_bits and out_bits <= 256);
 
             var d: Self = undefined;
             mem.copy(u32, d.h[0..], iv[0..]);
@@ -125,7 +125,7 @@ pub fn Blake2s(comptime out_bits: usize) type {
             // Full middle blocks.
             while (off + 64 < b.len) : (off += 64) {
                 d.t += 64;
-                d.round(b[off .. off + 64], false);
+                d.round(b[off..][0..64], false);
             }
 
             // Copy any remainder for next pass.
@@ -145,9 +145,7 @@ pub fn Blake2s(comptime out_bits: usize) type {
             }
         }
 
-        fn round(d: *Self, b: []const u8, last: bool) void {
+        fn round(d: *Self, b: *const [64]u8, last: bool) void {
-            debug.assert(b.len == 64);
-
             var m: [16]u32 = undefined;
             var v: [16]u32 = undefined;
 
@@ -422,7 +420,7 @@ pub fn Blake2b(comptime out_bits: usize) type {
         buf_len: u8,
 
         pub fn init(options: Options) Self {
-            debug.assert(8 <= out_bits and out_bits <= 512);
+            comptime debug.assert(8 <= out_bits and out_bits <= 512);
 
             var d: Self = undefined;
             mem.copy(u64, d.h[0..], iv[0..]);
@@ -470,7 +468,7 @@ pub fn Blake2b(comptime out_bits: usize) type {
             // Full middle blocks.
             while (off + 128 < b.len) : (off += 128) {
                 d.t += 128;
-                d.round(b[off .. off + 128], false);
+                d.round(b[off..][0..128], false);
             }
 
             // Copy any remainder for next pass.
@@ -490,9 +488,7 @@ pub fn Blake2b(comptime out_bits: usize) type {
             }
         }
 
-        fn round(d: *Self, b: []const u8, last: bool) void {
+        fn round(d: *Self, b: *const [128]u8, last: bool) void {
-            debug.assert(b.len == 128);
-
             var m: [16]u64 = undefined;
             var v: [16]u64 = undefined;
 

lib/std/crypto/gimli.zig

@@ -39,13 +39,13 @@ pub const State = struct {
     }
 
     /// TODO follow the span() convention instead of having this and `toSliceConst`
-    pub fn toSlice(self: *Self) []u8 {
+    pub fn toSlice(self: *Self) *[BLOCKBYTES]u8 {
-        return mem.sliceAsBytes(self.data[0..]);
+        return mem.asBytes(&self.data);
     }
 
     /// TODO follow the span() convention instead of having this and `toSlice`
-    pub fn toSliceConst(self: *Self) []const u8 {
+    pub fn toSliceConst(self: *const Self) *const [BLOCKBYTES]u8 {
-        return mem.sliceAsBytes(self.data[0..]);
+        return mem.asBytes(&self.data);
     }
 
     fn permute_unrolled(self: *Self) void {

lib/std/crypto/hmac.zig

@@ -26,41 +26,41 @@ pub fn Hmac(comptime Hash: type) type {
         pub const key_length = 32; // recommended key length
 
         o_key_pad: [Hash.block_length]u8,
-        i_key_pad: [Hash.block_length]u8,
-        scratch: [Hash.block_length]u8,
         hash: Hash,
 
         // HMAC(k, m) = H(o_key_pad || H(i_key_pad || msg)) where || is concatenation
-        pub fn create(out: []u8, msg: []const u8, key: []const u8) void {
+        pub fn create(out: *[mac_length]u8, msg: []const u8, key: []const u8) void {
             var ctx = Self.init(key);
             ctx.update(msg);
-            ctx.final(out[0..]);
+            ctx.final(out);
         }
 
         pub fn init(key: []const u8) Self {
             var ctx: Self = undefined;
+            var scratch: [Hash.block_length]u8 = undefined;
+            var i_key_pad: [Hash.block_length]u8 = undefined;
 
             // Normalize key length to block size of hash
             if (key.len > Hash.block_length) {
-                Hash.hash(key, ctx.scratch[0..mac_length], .{});
+                Hash.hash(key, scratch[0..mac_length], .{});
-                mem.set(u8, ctx.scratch[mac_length..Hash.block_length], 0);
+                mem.set(u8, scratch[mac_length..Hash.block_length], 0);
             } else if (key.len < Hash.block_length) {
-                mem.copy(u8, ctx.scratch[0..key.len], key);
+                mem.copy(u8, scratch[0..key.len], key);
-                mem.set(u8, ctx.scratch[key.len..Hash.block_length], 0);
+                mem.set(u8, scratch[key.len..Hash.block_length], 0);
             } else {
-                mem.copy(u8, ctx.scratch[0..], key);
+                mem.copy(u8, scratch[0..], key);
             }
 
             for (ctx.o_key_pad) |*b, i| {
-                b.* = ctx.scratch[i] ^ 0x5c;
+                b.* = scratch[i] ^ 0x5c;
             }
 
-            for (ctx.i_key_pad) |*b, i| {
+            for (i_key_pad) |*b, i| {
-                b.* = ctx.scratch[i] ^ 0x36;
+                b.* = scratch[i] ^ 0x36;
             }
 
             ctx.hash = Hash.init(.{});
-            ctx.hash.update(ctx.i_key_pad[0..]);
+            ctx.hash.update(&i_key_pad);
             return ctx;
         }
 
@@ -68,14 +68,13 @@ pub fn Hmac(comptime Hash: type) type {
             ctx.hash.update(msg);
         }
 
-        pub fn final(ctx: *Self, out: []u8) void {
+        pub fn final(ctx: *Self, out: *[mac_length]u8) void {
-            debug.assert(Hash.block_length >= out.len and out.len >= mac_length);
+            var scratch: [mac_length]u8 = undefined;
-
+            ctx.hash.final(&scratch);
-            ctx.hash.final(ctx.scratch[0..mac_length]);
             var ohash = Hash.init(.{});
-            ohash.update(ctx.o_key_pad[0..]);
+            ohash.update(&ctx.o_key_pad);
-            ohash.update(ctx.scratch[0..mac_length]);
+            ohash.update(&scratch);
-            ohash.final(out[0..mac_length]);
+            ohash.final(out);
         }
     };
 }