From 5fd83bf52212f877ef21f8161ebd4776e53a810c Mon Sep 17 00:00:00 2001
From: Tony Arcieri <bascule@gmail.com>
Date: Mon, 25 Mar 2024 15:31:26 -0600
Subject: [PATCH] ocb3: use `Ocb3` as the type name (#588)

Renames `AesOcb3` to `Ocb3`.

Unlike AES-GCM, AES-GCM-SIV, and AES-SIV, in which AES is the de facto
cipher for that mode, OCB is defined in a more cipher-agnostic way
similar to CCM or EAX modes (which, as it were, is reflected in our
choice of crate names).

This renames the type to reflect that, and as it were, match the crate
name as well.
---
 Cargo.lock         |  8 ++++++-
 ocb3/README.md     |  4 ++--
 ocb3/src/lib.rs    | 53 ++++++++++++++++++++++------------------------
 ocb3/tests/kats.rs | 20 ++++++++---------
 4 files changed, 44 insertions(+), 41 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 4a9a7d39..173d35a5 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -351,6 +351,12 @@ version = "0.3.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7ebdb29d2ea9ed0083cd8cece49bbd968021bd99b0849edb4a9a7ee0fdf6a4e0"
 
+[[package]]
+name = "hex-literal"
+version = "0.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6fe2267d4ed49bc07b63801559be28c718ea06c4738b7a03c94df7386d2cde46"
+
 [[package]]
 name = "hex-literal-impl"
 version = "0.2.3"
@@ -426,7 +432,7 @@ dependencies = [
  "aes",
  "cipher 0.4.4",
  "ctr",
- "hex-literal 0.3.4",
+ "hex-literal 0.4.1",
  "subtle",
  "zeroize",
 ]
diff --git a/ocb3/README.md b/ocb3/README.md
index 0040aee1..a7c94016 100644
--- a/ocb3/README.md
+++ b/ocb3/README.md
@@ -18,10 +18,10 @@ use aes::Aes128;
 use ocb3::{
     aead::{Aead, AeadCore, KeyInit, OsRng, generic_array::GenericArray},
     consts::U12,
-    AesOcb3,
+    Ocb3,
 };
 
-type Aes128Ocb3 = AesOcb3<Aes128, U12>;
+type Aes128Ocb3 = Ocb3<Aes128, U12>;
 
 let key = Aes128::generate_key(&mut OsRng);
 let cipher = Aes128Ocb3::new(&key);
diff --git a/ocb3/src/lib.rs b/ocb3/src/lib.rs
index c5be97e1..795266d6 100644
--- a/ocb3/src/lib.rs
+++ b/ocb3/src/lib.rs
@@ -80,17 +80,14 @@ mod private {
     impl SealedNonceSize for consts::U12 {}
 }
 
-/// AES-OCB3: generic over an AES implementation, nonce size, and tag size.
-///
-/// WARNING: Unless absolutely necessary, prefer the aliases Aes128Ocb3 and
-/// Aes256Ocb3.
+/// OCB3: generic over a block cipher implementation, nonce size, and tag size.
 #[derive(Clone)]
-pub struct AesOcb3<Aes, NonceSize = U12, TagSize = U16>
+pub struct Ocb3<Cipher, NonceSize = U12, TagSize = U16>
 where
     NonceSize: self::NonceSize,
     TagSize: self::TagSize,
 {
-    cipher: Aes,
+    cipher: Cipher,
     nonce_size: PhantomData<NonceSize>,
     tag_size: PhantomData<TagSize>,
     // precomputed key-dependent variables
@@ -104,27 +101,27 @@ where
 type SumSize = U16;
 type Sum = GenericArray<u8, SumSize>;
 
-impl<Aes, NonceSize, TagSize> KeySizeUser for AesOcb3<Aes, NonceSize, TagSize>
+impl<Cipher, NonceSize, TagSize> KeySizeUser for Ocb3<Cipher, NonceSize, TagSize>
 where
-    Aes: KeySizeUser,
+    Cipher: KeySizeUser,
     TagSize: self::TagSize,
     NonceSize: self::NonceSize,
 {
-    type KeySize = Aes::KeySize;
+    type KeySize = Cipher::KeySize;
 }
 
-impl<Aes, NonceSize, TagSize> KeyInit for AesOcb3<Aes, NonceSize, TagSize>
+impl<Cipher, NonceSize, TagSize> KeyInit for Ocb3<Cipher, NonceSize, TagSize>
 where
-    Aes: BlockSizeUser<BlockSize = U16> + BlockEncrypt + KeyInit + BlockDecrypt,
+    Cipher: BlockSizeUser<BlockSize = U16> + BlockEncrypt + KeyInit + BlockDecrypt,
     TagSize: self::TagSize,
     NonceSize: self::NonceSize,
 {
     fn new(key: &aead::Key<Self>) -> Self {
-        Aes::new(key).into()
+        Cipher::new(key).into()
     }
 }
 
-impl<Aes, NonceSize, TagSize> AeadCore for AesOcb3<Aes, NonceSize, TagSize>
+impl<Cipher, NonceSize, TagSize> AeadCore for Ocb3<Cipher, NonceSize, TagSize>
 where
     NonceSize: self::NonceSize,
     TagSize: self::TagSize,
@@ -134,13 +131,13 @@ where
     type CiphertextOverhead = U0;
 }
 
-impl<Aes, NonceSize, TagSize> From<Aes> for AesOcb3<Aes, NonceSize, TagSize>
+impl<Cipher, NonceSize, TagSize> From<Cipher> for Ocb3<Cipher, NonceSize, TagSize>
 where
-    Aes: BlockSizeUser<BlockSize = U16> + BlockEncrypt + BlockDecrypt,
+    Cipher: BlockSizeUser<BlockSize = U16> + BlockEncrypt + BlockDecrypt,
     TagSize: self::TagSize,
     NonceSize: self::NonceSize,
 {
-    fn from(cipher: Aes) -> Self {
+    fn from(cipher: Cipher) -> Self {
         let (ll_star, ll_dollar, ll) = key_dependent_variables(&cipher);
 
         Self {
@@ -156,8 +153,8 @@ where
 
 /// Computes key-dependent variables defined in
 /// https://www.rfc-editor.org/rfc/rfc7253.html#section-4.1
-fn key_dependent_variables<Aes: BlockSizeUser<BlockSize = U16> + BlockEncrypt>(
-    cipher: &Aes,
+fn key_dependent_variables<Cipher: BlockSizeUser<BlockSize = U16> + BlockEncrypt>(
+    cipher: &Cipher,
 ) -> (Block, Block, [Block; L_TABLE_SIZE]) {
     let mut zeros = [0u8; 16];
     let ll_star = Block::from_mut_slice(&mut zeros);
@@ -174,9 +171,9 @@ fn key_dependent_variables<Aes: BlockSizeUser<BlockSize = U16> + BlockEncrypt>(
     (*ll_star, ll_dollar, ll)
 }
 
-impl<Aes, NonceSize, TagSize> AeadInPlace for AesOcb3<Aes, NonceSize, TagSize>
+impl<Cipher, NonceSize, TagSize> AeadInPlace for Ocb3<Cipher, NonceSize, TagSize>
 where
-    Aes: BlockSizeUser<BlockSize = U16> + BlockEncrypt + BlockDecrypt,
+    Cipher: BlockSizeUser<BlockSize = U16> + BlockEncrypt + BlockDecrypt,
     TagSize: self::TagSize,
     NonceSize: self::NonceSize,
 {
@@ -256,9 +253,9 @@ where
     }
 }
 
-impl<Aes, NonceSize, TagSize> AesOcb3<Aes, NonceSize, TagSize>
+impl<Cipher, NonceSize, TagSize> Ocb3<Cipher, NonceSize, TagSize>
 where
-    Aes: BlockSizeUser<BlockSize = U16> + BlockEncrypt + BlockDecrypt,
+    Cipher: BlockSizeUser<BlockSize = U16> + BlockEncrypt + BlockDecrypt,
     TagSize: self::TagSize,
     NonceSize: self::NonceSize,
 {
@@ -410,10 +407,10 @@ where
 ///
 /// Assumes a 96-bit nonce and 128-bit tag.
 fn nonce_dependent_variables<
-    Aes: BlockSizeUser<BlockSize = U16> + BlockEncrypt,
+    Cipher: BlockSizeUser<BlockSize = U16> + BlockEncrypt,
     NonceSize: self::NonceSize,
 >(
-    cipher: &Aes,
+    cipher: &Cipher,
     nn: &Nonce<NonceSize>,
     tag_len: u32,
 ) -> (usize, [u8; 24]) {
@@ -454,10 +451,10 @@ fn nonce_dependent_variables<
 ///
 /// Assumes a 96-bit nonce and 128-bit tag.
 fn initial_offset<
-    Aes: BlockSizeUser<BlockSize = U16> + BlockEncrypt,
+    Cipher: BlockSizeUser<BlockSize = U16> + BlockEncrypt,
     NonceSize: self::NonceSize,
 >(
-    cipher: &Aes,
+    cipher: &Cipher,
     nn: &Nonce<NonceSize>,
     tag_size: u32,
 ) -> Block {
@@ -471,9 +468,9 @@ fn initial_offset<
     offset.to_be_bytes().into()
 }
 
-impl<Aes, NonceSize, TagSize> AesOcb3<Aes, NonceSize, TagSize>
+impl<Cipher, NonceSize, TagSize> Ocb3<Cipher, NonceSize, TagSize>
 where
-    Aes: BlockSizeUser<BlockSize = U16> + BlockEncrypt,
+    Cipher: BlockSizeUser<BlockSize = U16> + BlockEncrypt,
     TagSize: self::TagSize,
     NonceSize: self::NonceSize,
 {
diff --git a/ocb3/tests/kats.rs b/ocb3/tests/kats.rs
index 21d94fdb..3abedf97 100644
--- a/ocb3/tests/kats.rs
+++ b/ocb3/tests/kats.rs
@@ -6,7 +6,7 @@ use aead::{
 };
 use aes::{Aes128, Aes192, Aes256};
 use hex_literal::hex;
-use ocb3::{AesOcb3, GenericArray};
+use ocb3::{GenericArray, Ocb3};
 
 // Test vectors from https://www.rfc-editor.org/rfc/rfc7253.html#appendix-A
 aead::new_test!(rfc7253_ocb_aes, "rfc7253_ocb_aes", Aes128Ocb3);
@@ -83,15 +83,15 @@ macro_rules! rfc7253_wider_variety {
 }
 
 // More types for testing
-type Aes192Ocb3 = AesOcb3<Aes192, U12>;
-type Aes128Ocb3Tag96 = AesOcb3<Aes128, U12, U12>;
-type Aes192Ocb3Tag96 = AesOcb3<Aes192, U12, U12>;
-type Aes256Ocb3Tag96 = AesOcb3<Aes256, U12, U12>;
-type Aes128Ocb3Tag64 = AesOcb3<Aes128, U12, U8>;
-type Aes192Ocb3Tag64 = AesOcb3<Aes192, U12, U8>;
-type Aes256Ocb3Tag64 = AesOcb3<Aes256, U12, U8>;
-type Aes128Ocb3 = AesOcb3<aes::Aes128, U12>;
-type Aes256Ocb3 = AesOcb3<aes::Aes256, U12>;
+type Aes192Ocb3 = Ocb3<Aes192, U12>;
+type Aes128Ocb3Tag96 = Ocb3<Aes128, U12, U12>;
+type Aes192Ocb3Tag96 = Ocb3<Aes192, U12, U12>;
+type Aes256Ocb3Tag96 = Ocb3<Aes256, U12, U12>;
+type Aes128Ocb3Tag64 = Ocb3<Aes128, U12, U8>;
+type Aes192Ocb3Tag64 = Ocb3<Aes192, U12, U8>;
+type Aes256Ocb3Tag64 = Ocb3<Aes256, U12, U8>;
+type Aes128Ocb3 = Ocb3<aes::Aes128, U12>;
+type Aes256Ocb3 = Ocb3<aes::Aes256, U12>;
 
 /// Test vectors from Page 18 of https://www.rfc-editor.org/rfc/rfc7253.html#appendix-A
 #[test]