Change ConditionallySelectable supertrait#137
Open
tarcieri wants to merge 1 commit intodalek-cryptography:developfrom
Open
Change ConditionallySelectable supertrait#137tarcieri wants to merge 1 commit intodalek-cryptography:developfrom
ConditionallySelectable supertrait#137tarcieri wants to merge 1 commit intodalek-cryptography:developfrom
Conversation
To resolve dalek-cryptography#94, removes the `Copy` supertrait bound on `ConditionallySelectable`, replacing it with `Sized` instead. It turns out the bound is only used in the default implementation of `ConditionallySelectable::conditional_swap`, and is easy to replace by slightly changing that default implementation. Removing this supertrait bound is arguably a breaking change since it means types which impl `ConditionallySelectable` can no longer be assumed to be `Copy`, so also bumps the version to `3.0.0-pre`.
This was referenced Aug 3, 2024
AaronFeickert
approved these changes
Aug 6, 2024
Contributor
AaronFeickert
left a comment
AaronFeickert
left a comment
There was a problem hiding this comment.
Not sure if reviews are welcome from folks without merge authority, but LGTM aside from the MSRV-related CI failure.
tarcieri
commented
Aug 6, 2024
| impl<T, const N: usize> ConditionallySelectable for [T; N] | ||
| where | ||
| T: ConditionallySelectable, | ||
| T: ConditionallySelectable + Copy, |
Contributor
Author
There was a problem hiding this comment.
This would be more flexible if it were Clone instead, and that wouldn't impact performance, but I guess there are worries that Clone impls won't run in constant time
There was a problem hiding this comment.
I'm not sure why Copy is necessary here?
fn conditional_select(a: &Self, b: &Self, choice: Choice) -> Self {
core::array::from_fn(|i| T::ct_select(&a[i], &b[i], choice))
}If you want to eliminate the bounds checks (which is sound since a, b, and the return value all statically have length N) you can do
fn conditional_select(a: &Self, b: &Self, choice: Choice) -> Self {
// # SAFETY: a, b, and return value all have length exactly N
// the N annotation isn't necessary here, just being explicit
core::array::from_fn::<_, N, _>(|i| {
T::ct_select(
unsafe { a.get_unchecked(i) },
unsafe { b.get_unchecked(i) },
choice,
)
})
}
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
To resolve #94, removes the
Copysupertrait bound onConditionallySelectable, replacing it withSizedinstead.It turns out the bound is only used in the default implementation of
ConditionallySelectable::conditional_swap, and is easy to replace by slightly changing that default implementation.Removing this supertrait bound is arguably a breaking change since it means types which impl
ConditionallySelectablecan no longer be assumed to beCopy, so also bumps the version to3.0.0-pre.Alternative to #118, #136