Minor code refactoring

Signed-off-by: Anjan Roy <hello@itzmeanjan.in>

Author: itzmeanjan

include/sha3/internals/keccak.hpp

@@ -3,6 +3,7 @@
 #include <bit>
 #include <cstddef>
 #include <cstdint>
+#include <limits>
 
 // Keccak-p[1600, 24] permutation
 namespace keccak {
@@ -13,8 +14,15 @@ static constexpr size_t L = 6;
 // Bit width of each lane of Keccak-p[1600, 24] state
 static constexpr size_t LANE_BW = 1ul << L;
 
+// Bit length of Keccak-p[1600, 24] permutation state
+static constexpr size_t STATE_BIT_LEN = 1600;
+
+// Byte length of Keccak-p[1600, 24] permutation state
+static constexpr size_t STATE_BYTE_LEN =
+  STATE_BIT_LEN / std::numeric_limits<uint8_t>::digits;
+
 // # -of lanes ( each of 64 -bit width ) in Keccak-p[1600, 24] state
-static constexpr size_t LANE_CNT = 1600 / LANE_BW;
+static constexpr size_t LANE_CNT = STATE_BIT_LEN / LANE_BW;
 
 // Keccak-p[b, nr] permutation to be applied `nr` ( = 24 ) rounds
 // s.t. b = 1600, w = b/ 25, l = log2(w), nr = 12 + 2l

include/sha3/internals/sponge.hpp

@@ -5,6 +5,7 @@
 #include <array>
 #include <cstdint>
 #include <cstring>
+#include <limits>
 #include <span>
 
 // Keccak family of sponge functions
@@ -21,7 +22,7 @@ namespace sponge {
 constexpr bool
 check_domain_separator(const size_t dom_sep_bit_len)
 {
-  return (dom_sep_bit_len == 2) | (dom_sep_bit_len == 4);
+  return (dom_sep_bit_len == 2u) | (dom_sep_bit_len == 4u);
 }
 
 // Pad10*1 - generates a padding, while also considering domain separator bits (
@@ -37,17 +38,18 @@ check_domain_separator(const size_t dom_sep_bit_len)
 // This function implementation collects motivation from
 // https://github.com/itzmeanjan/turboshake/blob/e1a6b950/src/sponge.rs#L70-L72
 template<uint8_t domain_separator, size_t ds_bits, size_t rate>
-static inline constexpr std::array<uint8_t, rate / 8>
+static inline constexpr std::array<uint8_t,
+                                   rate / std::numeric_limits<uint8_t>::digits>
 pad10x1(const size_t offset)
   requires(check_domain_separator(ds_bits))
 {
-  std::array<uint8_t, rate / 8> res{};
+  std::array<uint8_t, rate / std::numeric_limits<uint8_t>::digits> res{};
 
-  constexpr uint8_t mask = (1 << ds_bits) - 1;
-  constexpr uint8_t pad_byte = (1 << ds_bits) | (domain_separator & mask);
+  constexpr uint8_t mask = (1u << ds_bits) - 1u;
+  constexpr uint8_t pad_byte = (1u << ds_bits) | (domain_separator & mask);
 
   res[offset] = pad_byte;
-  res[(rate / 8) - 1] ^= 0x80;
+  res[res.size() - 1] ^= 0x80u;
 
   return res;
 }
@@ -67,14 +69,14 @@ absorb(uint64_t state[keccak::LANE_CNT],
        size_t& offset,
        std::span<const uint8_t> msg)
 {
-  constexpr size_t rbytes = rate >> 3;   // # -of bytes
-  constexpr size_t rwords = rbytes >> 3; // # -of 64 -bit words
+  constexpr size_t rbytes = rate >> 3u;   // # -of bytes
+  constexpr size_t rwords = rbytes >> 3u; // # -of 64 -bit words
 
   std::array<uint8_t, rbytes> blk_bytes{};
   std::array<uint64_t, rwords> blk_words{};
 
-  auto _blk_bytes = std::span(blk_bytes);
-  auto _blk_words = std::span(blk_words);
+  auto blk_bytes_span = std::span(blk_bytes);
+  auto blk_words_span = std::span(blk_words);
 
   const size_t mlen = msg.size();
   const size_t blk_cnt = (offset + mlen) / rbytes;
@@ -84,14 +86,14 @@ absorb(uint64_t state[keccak::LANE_CNT],
   for (size_t i = 0; i < blk_cnt; i++) {
     const size_t readable = rbytes - offset;
 
-    auto _msg = msg.subspan(moff, readable);
-    auto _blk = _blk_bytes.subspan(offset, readable);
+    auto msg_span = msg.subspan(moff, readable);
+    auto blk_span = blk_bytes_span.subspan(offset, readable);
 
-    std::copy(_msg.begin(), _msg.end(), _blk.begin());
-    sha3_utils::le_bytes_to_u64_words<rate>(_blk_bytes, _blk_words);
+    std::copy(msg_span.begin(), msg_span.end(), blk_span.begin());
+    sha3_utils::le_bytes_to_u64_words<rate>(blk_bytes_span, blk_words_span);
 
     for (size_t j = 0; j < rwords; j++) {
-      state[j] ^= _blk_words[j];
+      state[j] ^= blk_words_span[j];
     }
 
     keccak::permute(state);
@@ -102,15 +104,15 @@ absorb(uint64_t state[keccak::LANE_CNT],
 
   const size_t rm_bytes = mlen - moff;
 
-  auto _msg = msg.subspan(moff, rm_bytes);
-  auto _blk = _blk_bytes.subspan(offset, rm_bytes);
+  auto msg_span = msg.subspan(moff, rm_bytes);
+  auto blk_span = blk_bytes_span.subspan(offset, rm_bytes);
 
   blk_bytes.fill(0x00);
-  std::copy(_msg.begin(), _msg.end(), _blk.begin());
-  sha3_utils::le_bytes_to_u64_words<rate>(_blk_bytes, _blk_words);
+  std::copy(msg_span.begin(), msg_span.end(), blk_span.begin());
+  sha3_utils::le_bytes_to_u64_words<rate>(blk_bytes_span, blk_words_span);
 
   for (size_t j = 0; j < rwords; j++) {
-    state[j] ^= _blk_words[j];
+    state[j] ^= blk_words_span[j];
   }
 
   offset += rm_bytes;
@@ -132,19 +134,19 @@ static inline constexpr void
 finalize(uint64_t state[keccak::LANE_CNT], size_t& offset)
   requires(check_domain_separator(ds_bits))
 {
-  constexpr size_t rbytes = rate >> 3;   // # -of bytes
-  constexpr size_t rwords = rbytes >> 3; // # -of 64 -bit words
+  constexpr size_t rbytes = rate >> 3u;   // # -of bytes
+  constexpr size_t rwords = rbytes >> 3u; // # -of 64 -bit words
 
   const auto padb = pad10x1<domain_separator, ds_bits, rate>(offset);
   std::array<uint64_t, rwords> padw{};
 
-  auto _padb = std::span(padb);
-  auto _padw = std::span(padw);
+  auto padb_span = std::span(padb);
+  auto padw_span = std::span(padw);
 
-  sha3_utils::le_bytes_to_u64_words<rate>(_padb, _padw);
+  sha3_utils::le_bytes_to_u64_words<rate>(padb_span, padw_span);
 
   for (size_t j = 0; j < rwords; j++) {
-    state[j] ^= _padw[j];
+    state[j] ^= padw_span[j];
   }
 
   keccak::permute(state);
@@ -168,14 +170,14 @@ squeeze(uint64_t state[keccak::LANE_CNT],
         size_t& squeezable,
         std::span<uint8_t> out)
 {
-  constexpr size_t rbytes = rate >> 3;   // # -of bytes
-  constexpr size_t rwords = rbytes >> 3; // # -of 64 -bit words
+  constexpr size_t rbytes = rate >> 3u;   // # -of bytes
+  constexpr size_t rwords = rbytes >> 3u; // # -of 64 -bit words
 
   std::array<uint8_t, rbytes> blk_bytes{};
-  auto _blk_bytes = std::span(blk_bytes);
+  auto blk_bytes_span = std::span(blk_bytes);
 
   auto swords = std::span{ state, keccak::LANE_CNT };
-  auto _swords = swords.template subspan<0, rwords>();
+  auto swords_span = swords.template subspan<0, rwords>();
 
   const size_t olen = out.size();
   size_t off = 0;
@@ -184,12 +186,12 @@ squeeze(uint64_t state[keccak::LANE_CNT],
     const size_t read = std::min(squeezable, olen - off);
     const size_t soff = rbytes - squeezable;
 
-    sha3_utils::u64_words_to_le_bytes<rate>(_swords, _blk_bytes);
+    sha3_utils::u64_words_to_le_bytes<rate>(swords_span, blk_bytes_span);
 
-    auto _blk = _blk_bytes.subspan(soff, read);
-    auto _out = out.subspan(off, read);
+    auto blk_span = blk_bytes_span.subspan(soff, read);
+    auto out_span = out.subspan(off, read);
 
-    std::copy(_blk.begin(), _blk.end(), _out.begin());
+    std::copy(blk_span.begin(), blk_span.end(), out_span.begin());
 
     squeezable -= read;
     off += read;

include/sha3/internals/utils.hpp

@@ -1,8 +1,10 @@
 #pragma once
+#include "sha3/internals/keccak.hpp"
 #include <cassert>
 #include <cstddef>
 #include <cstdint>
 #include <cstring>
+#include <limits>
 #include <span>
 
 // Utility ( or commonly used ) functions for SHA3 implementation
@@ -19,30 +21,30 @@ bswap(const uint64_t a)
 #if defined __GNUG__
   return __builtin_bswap64(a);
 #else
-  return ((a & 0x00000000000000fful) << 56) |
-         ((a & 0x000000000000ff00ul) << 40) |
-         ((a & 0x0000000000ff0000ul) << 24) |
-         ((a & 0x00000000ff000000ul) << 0x8) |
-         ((a & 0x000000ff00000000ul) >> 0x8) |
-         ((a & 0x0000ff0000000000ul) >> 24) |
-         ((a & 0x00ff000000000000ul) >> 40) |
-         ((a & 0xff00000000000000ul) >> 56);
+  return ((a & 0x00000000000000fful) << 56u) |
+         ((a & 0x000000000000ff00ul) << 40u) |
+         ((a & 0x0000000000ff0000ul) << 24u) |
+         ((a & 0x00000000ff000000ul) << 0x8u) |
+         ((a & 0x000000ff00000000ul) >> 0x8u) |
+         ((a & 0x0000ff0000000000ul) >> 24u) |
+         ((a & 0x00ff000000000000ul) >> 40u) |
+         ((a & 0xff00000000000000ul) >> 56u);
 #endif
 }
 
 // Given a byte array of length 8, this routine can be used for interpreting
 // those 8 -bytes in little-endian order, as a 64 -bit unsigned integer.
 static inline constexpr uint64_t
-le_bytes_to_u64(std::span<const uint8_t> bytes)
+le_bytes_to_u64(std::span<const uint8_t, sizeof(uint64_t)> bytes)
 {
-  const uint64_t word = (static_cast<uint64_t>(bytes[7]) << 56) |
-                        (static_cast<uint64_t>(bytes[6]) << 48) |
-                        (static_cast<uint64_t>(bytes[5]) << 40) |
-                        (static_cast<uint64_t>(bytes[4]) << 32) |
-                        (static_cast<uint64_t>(bytes[3]) << 24) |
-                        (static_cast<uint64_t>(bytes[2]) << 16) |
-                        (static_cast<uint64_t>(bytes[1]) << 8) |
-                        (static_cast<uint64_t>(bytes[0]) << 0);
+  const uint64_t word = (static_cast<uint64_t>(bytes[7]) << 56u) |
+                        (static_cast<uint64_t>(bytes[6]) << 48u) |
+                        (static_cast<uint64_t>(bytes[5]) << 40u) |
+                        (static_cast<uint64_t>(bytes[4]) << 32u) |
+                        (static_cast<uint64_t>(bytes[3]) << 24u) |
+                        (static_cast<uint64_t>(bytes[2]) << 16u) |
+                        (static_cast<uint64_t>(bytes[1]) << 8u) |
+                        (static_cast<uint64_t>(bytes[0]) << 0u);
 
   if constexpr (std::endian::native == std::endian::big) {
     return bswap(word);
@@ -56,46 +58,57 @@ le_bytes_to_u64(std::span<const uint8_t> bytes)
 // unsigned interger ) s.t. bytes in a word are placed in little-endian order.
 template<size_t rate>
 static inline constexpr void
-le_bytes_to_u64_words(std::span<const uint8_t, rate / 8> bytes,
-                      std::span<uint64_t, rate / 64> words)
+le_bytes_to_u64_words(
+  std::span<const uint8_t, rate / std::numeric_limits<uint8_t>::digits> bytes,
+  std::span<uint64_t, rate / keccak::LANE_BW> words)
 {
+  using u64_span_t = std::span<const uint8_t, sizeof(uint64_t)>;
+  constexpr size_t step_by_bytes = sizeof(uint64_t);
+
   size_t off = 0;
   while (off < bytes.size()) {
-    words[off / 8] = le_bytes_to_u64(bytes.subspan(off, 8));
-    off += 8;
+    words[off / step_by_bytes] =
+      le_bytes_to_u64(u64_span_t(bytes.subspan(off, step_by_bytes)));
+    off += step_by_bytes;
   }
 }
 
 // Given a 64 -bit unsigned integer as input, this routine can be used for
 // interpreting those 8 -bytes in little-endian byte order.
 static inline constexpr void
-u64_to_le_bytes(uint64_t word, std::span<uint8_t> bytes)
+u64_to_le_bytes(uint64_t word, std::span<uint8_t, sizeof(word)> bytes)
 {
   if constexpr (std::endian::native == std::endian::big) {
     word = bswap(word);
   }
 
-  bytes[0] = static_cast<uint8_t>(word >> 0);
-  bytes[1] = static_cast<uint8_t>(word >> 8);
-  bytes[2] = static_cast<uint8_t>(word >> 16);
-  bytes[3] = static_cast<uint8_t>(word >> 24);
-  bytes[4] = static_cast<uint8_t>(word >> 32);
-  bytes[5] = static_cast<uint8_t>(word >> 40);
-  bytes[6] = static_cast<uint8_t>(word >> 48);
-  bytes[7] = static_cast<uint8_t>(word >> 56);
+  bytes[0] = static_cast<uint8_t>(word >> 0u);
+  bytes[1] = static_cast<uint8_t>(word >> 8u);
+  bytes[2] = static_cast<uint8_t>(word >> 16u);
+  bytes[3] = static_cast<uint8_t>(word >> 24u);
+  bytes[4] = static_cast<uint8_t>(word >> 32u);
+  bytes[5] = static_cast<uint8_t>(word >> 40u);
+  bytes[6] = static_cast<uint8_t>(word >> 48u);
+  bytes[7] = static_cast<uint8_t>(word >> 56u);
 }
 
 // Given an array of rate/64 -many 64 -bit unsigned integer words, this routine
 // can be used for interpreting words in little-endian byte-order, computing
 // rate/8 -many bytes output.
 template<size_t rate>
 static inline constexpr void
-u64_words_to_le_bytes(std::span<const uint64_t, rate / 64> words,
-                      std::span<uint8_t, rate / 8> bytes)
+u64_words_to_le_bytes(
+  std::span<const uint64_t, rate / keccak::LANE_BW> words,
+  std::span<uint8_t, rate / std::numeric_limits<uint8_t>::digits> bytes)
 {
+  using u64_span_t = std::span<uint8_t, sizeof(uint64_t)>;
+  constexpr size_t step_by_bytes = sizeof(uint64_t);
+
   size_t off = 0;
   while (off < words.size()) {
-    u64_to_le_bytes(words[off], bytes.subspan(off * 8, 8));
+    u64_to_le_bytes(
+      words[off],
+      u64_span_t(bytes.subspan(off * step_by_bytes, step_by_bytes)));
     off++;
   }
 }

include/sha3/sha3_224.hpp

@@ -1,26 +1,28 @@
 #pragma once
 #include "sha3/internals/sponge.hpp"
+#include <cstdint>
+#include <limits>
 
 // SHA3-224 Hash Function : Keccak[448](M || 01, 224)
 namespace sha3_224 {
 
 // Bit length of SHA3-224 message digest.
-constexpr size_t DIGEST_BIT_LEN = 224;
+static constexpr size_t DIGEST_BIT_LEN = 224;
 
 // Byte length of SHA3-224 message digest.
-constexpr size_t DIGEST_LEN = DIGEST_BIT_LEN / 8;
+static constexpr size_t DIGEST_LEN = DIGEST_BIT_LEN / 8;
 
 // Width of capacity portion of the sponge, in bits.
-constexpr size_t CAPACITY = 2 * DIGEST_BIT_LEN;
+static constexpr size_t CAPACITY = 2 * DIGEST_BIT_LEN;
 
 // Width of rate portion of the sponge, in bits.
-constexpr size_t RATE = 1600 - CAPACITY;
+static constexpr size_t RATE = 1600 - CAPACITY;
 
 // Domain separator bits, used for finalization.
-constexpr uint8_t DOM_SEP = 0b00000010;
+static constexpr uint8_t DOM_SEP = 0b00000010;
 
 // Bit-width of domain separator, starting from least significant bit.
-constexpr size_t DOM_SEP_BW = 2;
+static constexpr size_t DOM_SEP_BW = 2;
 
 // Given arbitrary many input message bytes, this routine consumes it into
 // keccak[448] sponge state and squeezes out 28 -bytes digest.
@@ -67,7 +69,7 @@ struct sha3_224_t
   inline constexpr void digest(std::span<uint8_t, DIGEST_LEN> md)
   {
     if (finalized && !squeezed) {
-      size_t squeezable = RATE / 8;
+      size_t squeezable = RATE / std::numeric_limits<uint8_t>::digits;
       sponge::squeeze<RATE>(state, squeezable, md);
 
       squeezed = true;