Migrate to universal-hash v0.5.0-pre (#155)

Migrate to `universal-hash` v0.5.0-pre

New prerelease with breaking API changes that supports parallel
block processing:

RustCrypto/traits#1051

Co-authored-by: Jack Grigg <[email protected]>

Author: tarcieri

.github/workflows/poly1305.yml

@@ -153,25 +153,16 @@ jobs:
     strategy:
       matrix:
         include:
-          # ARM64
           - target: aarch64-unknown-linux-gnu
-            rust: 1.56.1 # MSRV
-          - target: aarch64-unknown-linux-gnu
-            rust: stable
-
-          # PPC32
           - target: powerpc-unknown-linux-gnu
-            rust: 1.56.1 # MSRV
-          - target: powerpc-unknown-linux-gnu
-            rust: stable
 
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v1
       - run: ${{ matrix.deps }}
       - uses: actions-rs/toolchain@v1
         with:
-          toolchain: ${{ matrix.rust }}
+          toolchain: stable
           target: ${{ matrix.target }}
           profile: minimal
           override: true

.github/workflows/polyval.yml

@@ -154,25 +154,16 @@ jobs:
     strategy:
       matrix:
         include:
-          # ARM64
           - target: aarch64-unknown-linux-gnu
-            rust: 1.56.1 # MSRV
-          - target: aarch64-unknown-linux-gnu
-            rust: stable
-
-          # PPC32
           - target: powerpc-unknown-linux-gnu
-            rust: 1.56.1 # MSRV
-          - target: powerpc-unknown-linux-gnu
-            rust: stable
 
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v1
       - run: ${{ matrix.deps }}
       - uses: actions-rs/toolchain@v1
         with:
-          toolchain: ${{ matrix.rust }}
+          toolchain: stable
           target: ${{ matrix.target }}
           profile: minimal
           override: true

Cargo.lock

@@ -1,6 +1,6 @@
 [package]
 name = "ghash"
-version = "0.4.4" # Also update html_root_url in lib.rs when bumping this
+version = "0.5.0-pre" # Also update html_root_url in lib.rs when bumping this
 authors = ["RustCrypto Developers"]
 license = "Apache-2.0 OR MIT"
 description = """
@@ -17,7 +17,7 @@ edition = "2021"
 
 [dependencies]
 opaque-debug = "0.3"
-polyval = { version = "0.5.1", path = "../polyval" }
+polyval = { version = "=0.6.0-pre", path = "../polyval" }
 
 # optional dependencies
 zeroize = { version = "1", optional = true, default-features = false }

ghash/Cargo.toml

@@ -3,7 +3,7 @@
 extern crate test;
 
 use ghash::{
-    universal_hash::{NewUniversalHash, UniversalHash},
+    universal_hash::{KeyInit, UniversalHash},
     GHash,
 };
 use test::Bencher;

ghash/benches/ghash.rs

@@ -25,15 +25,18 @@
 #![no_std]
 #![doc(
     html_logo_url = "https://raw.githubusercontent.com/RustCrypto/media/8f1a9894/logo.svg",
-    html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/media/8f1a9894/logo.svg",
-    html_root_url = "https://docs.rs/ghash/0.4.3"
+    html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/media/8f1a9894/logo.svg"
 )]
 #![warn(missing_docs, rust_2018_idioms)]
 
 pub use polyval::universal_hash;
 
 use polyval::Polyval;
-use universal_hash::{consts::U16, NewUniversalHash, UniversalHash};
+use universal_hash::{
+    consts::U16,
+    crypto_common::{BlockSizeUser, KeySizeUser, ParBlocksSizeUser},
+    KeyInit, UhfBackend, UhfClosure, UniversalHash,
+};
 
 #[cfg(feature = "zeroize")]
 use zeroize::Zeroize;
@@ -45,7 +48,7 @@ pub type Key = universal_hash::Key<GHash>;
 pub type Block = universal_hash::Block<GHash>;
 
 /// GHASH tags (16-bytes)
-pub type Tag = universal_hash::Output<GHash>;
+pub type Tag = universal_hash::Block<GHash>;
 
 /// **GHASH**: universal hash over GF(2^128) used by AES-GCM.
 ///
@@ -54,9 +57,11 @@ pub type Tag = universal_hash::Output<GHash>;
 #[derive(Clone)]
 pub struct GHash(Polyval);
 
-impl NewUniversalHash for GHash {
+impl KeySizeUser for GHash {
     type KeySize = U16;
+}
 
+impl KeyInit for GHash {
     /// Initialize GHASH with the given `H` field element
     #[inline]
     fn new(h: &Key) -> Self {
@@ -79,29 +84,51 @@ impl NewUniversalHash for GHash {
     }
 }
 
-impl UniversalHash for GHash {
-    type BlockSize = U16;
+struct GHashBackend<'b, B: UhfBackend>(&'b mut B);
 
-    /// Input a field element `X` to be authenticated
-    #[inline]
-    fn update(&mut self, x: &Block) {
-        let mut x = *x;
+impl<'b, B: UhfBackend> BlockSizeUser for GHashBackend<'b, B> {
+    type BlockSize = B::BlockSize;
+}
+
+impl<'b, B: UhfBackend> ParBlocksSizeUser for GHashBackend<'b, B> {
+    type ParBlocksSize = B::ParBlocksSize;
+}
+
+impl<'b, B: UhfBackend> UhfBackend for GHashBackend<'b, B> {
+    fn proc_block(&mut self, x: &universal_hash::Block<B>) {
+        let mut x = x.clone();
         x.reverse();
-        self.0.update(&x);
+        self.0.proc_block(&x);
     }
+}
 
-    /// Reset internal state
-    #[inline]
-    fn reset(&mut self) {
-        self.0.reset();
+impl BlockSizeUser for GHash {
+    type BlockSize = U16;
+}
+
+impl UniversalHash for GHash {
+    fn update_with_backend(&mut self, f: impl UhfClosure<BlockSize = Self::BlockSize>) {
+        struct GHashClosure<C: UhfClosure>(C);
+
+        impl<C: UhfClosure> BlockSizeUser for GHashClosure<C> {
+            type BlockSize = C::BlockSize;
+        }
+
+        impl<C: UhfClosure> UhfClosure for GHashClosure<C> {
+            fn call<B: UhfBackend<BlockSize = Self::BlockSize>>(self, backend: &mut B) {
+                self.0.call(&mut GHashBackend(backend));
+            }
+        }
+
+        self.0.update_with_backend(GHashClosure(f));
     }
 
     /// Get GHASH output
     #[inline]
     fn finalize(self) -> Tag {
-        let mut output = self.0.finalize().into_bytes();
+        let mut output = self.0.finalize();
         output.reverse();
-        Tag::new(output)
+        output
     }
 }
 

ghash/src/lib.rs

@@ -1,5 +1,5 @@
 use ghash::{
-    universal_hash::{NewUniversalHash, UniversalHash},
+    universal_hash::{KeyInit, UniversalHash},
     GHash,
 };
 use hex_literal::hex;
@@ -19,9 +19,8 @@ const GHASH_RESULT: [u8; 16] = hex!("bd9b3997046731fb96251b91f9c99d7a");
 #[test]
 fn ghash_test_vector() {
     let mut ghash = GHash::new(&H.into());
-    ghash.update(&X_1.into());
-    ghash.update(&X_2.into());
+    ghash.update(&[X_1.into(), X_2.into()]);
 
     let result = ghash.finalize();
-    assert_eq!(&GHASH_RESULT[..], result.into_bytes().as_slice());
+    assert_eq!(&GHASH_RESULT[..], result.as_slice());
 }

ghash/tests/lib.rs

@@ -1,6 +1,6 @@
 [package]
 name = "poly1305"
-version = "0.7.2" # Also update html_root_url in lib.rs when bumping this
+version = "0.8.0-pre" # Also update html_root_url in lib.rs when bumping this
 authors = ["RustCrypto Developers"]
 license = "Apache-2.0 OR MIT"
 description = "The Poly1305 universal hash function and message authentication code"
@@ -14,7 +14,7 @@ edition = "2021"
 
 [dependencies]
 opaque-debug = "0.3"
-universal-hash = { version = "0.4", default-features = false }
+universal-hash = { version = "=0.5.0-pre", default-features = false }
 zeroize = { version = "1", optional = true, default-features = false }
 
 [target.'cfg(any(target_arch = "x86_64", target_arch = "x86"))'.dependencies]

poly1305/Cargo.toml

@@ -3,7 +3,7 @@
 extern crate test;
 
 use poly1305::{
-    universal_hash::{NewUniversalHash, UniversalHash},
+    universal_hash::{KeyInit, UniversalHash},
     Poly1305,
 };
 use test::Bencher;

poly1305/benches/poly1305.rs

@@ -1,6 +1,8 @@
 //! Autodetection support for AVX2 CPU intrinsics on x86 CPUs, with fallback
 //! to the "soft" backend when it's unavailable.
 
+use universal_hash::{consts::U16, crypto_common::BlockSizeUser, UniversalHash};
+
 use crate::{backend, Block, Key, Tag};
 use core::mem::ManuallyDrop;
 
@@ -16,6 +18,10 @@ union Inner {
     soft: ManuallyDrop<backend::soft::State>,
 }
 
+impl BlockSizeUser for State {
+    type BlockSize = U16;
+}
+
 impl State {
     /// Initialize Poly1305 [`State`] with the given key
     #[inline]
@@ -35,33 +41,36 @@ impl State {
         Self { inner, token }
     }
 
-    /// Reset internal state
+    /// Compute a Poly1305 block
     #[inline]
-    pub(crate) fn reset(&mut self) {
+    pub(crate) fn compute_block(&mut self, block: &Block, partial: bool) {
         if self.token.get() {
-            unsafe { (*self.inner.avx2).reset() }
+            unsafe { (*self.inner.avx2).compute_block(block, partial) }
         } else {
-            unsafe { (*self.inner.soft).reset() }
+            unsafe { (*self.inner.soft).compute_block(block, partial) }
         }
     }
+}
 
-    /// Compute a Poly1305 block
-    #[inline]
-    pub(crate) fn compute_block(&mut self, block: &Block, partial: bool) {
+impl UniversalHash for State {
+    fn update_with_backend(
+        &mut self,
+        f: impl universal_hash::UhfClosure<BlockSize = Self::BlockSize>,
+    ) {
         if self.token.get() {
-            unsafe { (*self.inner.avx2).compute_block(block, partial) }
+            unsafe { f.call(&mut *self.inner.avx2) }
         } else {
-            unsafe { (*self.inner.soft).compute_block(block, partial) }
+            unsafe { f.call(&mut *self.inner.soft) }
         }
     }
 
     /// Finalize output producing a [`Tag`]
     #[inline]
-    pub(crate) fn finalize(&mut self) -> Tag {
+    fn finalize(mut self) -> Tag {
         if self.token.get() {
             unsafe { (*self.inner.avx2).finalize() }
         } else {
-            unsafe { (*self.inner.soft).finalize() }
+            unsafe { (*self.inner.soft).finalize_mut() }
         }
     }
 }