internal/subtle: rename to internal/alias

rsc · gopherbot · commit 04dced17f71c · 2022-08-17T18:37:53.000Z
This avoids an import conflict in code that needs to import crypto/subtle as well. CL 424194 does the same for the main repo. Change-Id: Ic54cb62bbfdcf5c2cb6f15ac47075ee1c41981ad Reviewed-on: https://go-review.googlesource.com/c/crypto/+/424175 Reviewed-by: Cherry Mui <cherryyz@google.com> Run-TryBot: Russ Cox <rsc@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Auto-Submit: Russ Cox <rsc@golang.org>
diff --git a/chacha20/chacha_generic.go b/chacha20/chacha_generic.go
@@ -12,7 +12,7 @@ import (
 	"errors"
 	"math/bits"
 
-	"golang.org/x/crypto/internal/subtle"
+	"golang.org/x/crypto/internal/alias"
 )
 
 const (
@@ -189,7 +189,7 @@ func (s *Cipher) XORKeyStream(dst, src []byte) {
 		panic("chacha20: output smaller than input")
 	}
 	dst = dst[:len(src)]
-	if subtle.InexactOverlap(dst, src) {
+	if alias.InexactOverlap(dst, src) {
 		panic("chacha20: invalid buffer overlap")
 	}
 
diff --git a/chacha20poly1305/chacha20poly1305_amd64.go b/chacha20poly1305/chacha20poly1305_amd64.go
@@ -10,7 +10,7 @@ package chacha20poly1305
 import (
 	"encoding/binary"
 
-	"golang.org/x/crypto/internal/subtle"
+	"golang.org/x/crypto/internal/alias"
 	"golang.org/x/sys/cpu"
 )
 
@@ -56,7 +56,7 @@ func (c *chacha20poly1305) seal(dst, nonce, plaintext, additionalData []byte) []
 	setupState(&state, &c.key, nonce)
 
 	ret, out := sliceForAppend(dst, len(plaintext)+16)
-	if subtle.InexactOverlap(out, plaintext) {
+	if alias.InexactOverlap(out, plaintext) {
 		panic("chacha20poly1305: invalid buffer overlap")
 	}
 	chacha20Poly1305Seal(out[:], state[:], plaintext, additionalData)
@@ -73,7 +73,7 @@ func (c *chacha20poly1305) open(dst, nonce, ciphertext, additionalData []byte) (
 
 	ciphertext = ciphertext[:len(ciphertext)-16]
 	ret, out := sliceForAppend(dst, len(ciphertext))
-	if subtle.InexactOverlap(out, ciphertext) {
+	if alias.InexactOverlap(out, ciphertext) {
 		panic("chacha20poly1305: invalid buffer overlap")
 	}
 	if !chacha20Poly1305Open(out, state[:], ciphertext, additionalData) {
diff --git a/chacha20poly1305/chacha20poly1305_generic.go b/chacha20poly1305/chacha20poly1305_generic.go
@@ -8,8 +8,8 @@ import (
 	"encoding/binary"
 
 	"golang.org/x/crypto/chacha20"
+	"golang.org/x/crypto/internal/alias"
 	"golang.org/x/crypto/internal/poly1305"
-	"golang.org/x/crypto/internal/subtle"
 )
 
 func writeWithPadding(p *poly1305.MAC, b []byte) {
@@ -30,7 +30,7 @@ func writeUint64(p *poly1305.MAC, n int) {
 func (c *chacha20poly1305) sealGeneric(dst, nonce, plaintext, additionalData []byte) []byte {
 	ret, out := sliceForAppend(dst, len(plaintext)+poly1305.TagSize)
 	ciphertext, tag := out[:len(plaintext)], out[len(plaintext):]
-	if subtle.InexactOverlap(out, plaintext) {
+	if alias.InexactOverlap(out, plaintext) {
 		panic("chacha20poly1305: invalid buffer overlap")
 	}
 
@@ -66,7 +66,7 @@ func (c *chacha20poly1305) openGeneric(dst, nonce, ciphertext, additionalData []
 	writeUint64(p, len(ciphertext))
 
 	ret, out := sliceForAppend(dst, len(ciphertext))
-	if subtle.InexactOverlap(out, ciphertext) {
+	if alias.InexactOverlap(out, ciphertext) {
 		panic("chacha20poly1305: invalid buffer overlap")
 	}
 	if !p.Verify(tag) {
diff --git a/internal/alias/alias.go b/internal/alias/alias.go
@@ -5,9 +5,8 @@
 //go:build !purego
 // +build !purego
 
-// Package subtle implements functions that are often useful in cryptographic
-// code but require careful thought to use correctly.
-package subtle // import "golang.org/x/crypto/internal/subtle"
+// Package alias implements memory aliasing tests.
+package alias
 
 import "unsafe"
 
diff --git a/internal/alias/alias_purego.go b/internal/alias/alias_purego.go
@@ -5,9 +5,8 @@
 //go:build purego
 // +build purego
 
-// Package subtle implements functions that are often useful in cryptographic
-// code but require careful thought to use correctly.
-package subtle // import "golang.org/x/crypto/internal/subtle"
+// Package alias implements memory aliasing tests.
+package alias
 
 // This is the Google App Engine standard variant based on reflect
 // because the unsafe package and cgo are disallowed.
diff --git a/internal/alias/alias_test.go b/internal/alias/alias_test.go
@@ -2,13 +2,9 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-package subtle_test
+package alias
 
-import (
-	"testing"
-
-	"golang.org/x/crypto/internal/subtle"
-)
+import "testing"
 
 var a, b [100]byte
 
@@ -32,11 +28,11 @@ var aliasingTests = []struct {
 }
 
 func testAliasing(t *testing.T, i int, x, y []byte, anyOverlap, inexactOverlap bool) {
-	any := subtle.AnyOverlap(x, y)
+	any := AnyOverlap(x, y)
 	if any != anyOverlap {
 		t.Errorf("%d: wrong AnyOverlap result, expected %v, got %v", i, anyOverlap, any)
 	}
-	inexact := subtle.InexactOverlap(x, y)
+	inexact := InexactOverlap(x, y)
 	if inexact != inexactOverlap {
 		t.Errorf("%d: wrong InexactOverlap result, expected %v, got %v", i, inexactOverlap, any)
 	}
diff --git a/nacl/secretbox/secretbox.go b/nacl/secretbox/secretbox.go
@@ -35,8 +35,8 @@ This package is interoperable with NaCl: https://nacl.cr.yp.to/secretbox.html.
 package secretbox // import "golang.org/x/crypto/nacl/secretbox"
 
 import (
+	"golang.org/x/crypto/internal/alias"
 	"golang.org/x/crypto/internal/poly1305"
-	"golang.org/x/crypto/internal/subtle"
 	"golang.org/x/crypto/salsa20/salsa"
 )
 
@@ -88,7 +88,7 @@ func Seal(out, message []byte, nonce *[24]byte, key *[32]byte) []byte {
 	copy(poly1305Key[:], firstBlock[:])
 
 	ret, out := sliceForAppend(out, len(message)+poly1305.TagSize)
-	if subtle.AnyOverlap(out, message) {
+	if alias.AnyOverlap(out, message) {
 		panic("nacl: invalid buffer overlap")
 	}
 
@@ -147,7 +147,7 @@ func Open(out, box []byte, nonce *[24]byte, key *[32]byte) ([]byte, bool) {
 	}
 
 	ret, out := sliceForAppend(out, len(box)-Overhead)
-	if subtle.AnyOverlap(out, box) {
+	if alias.AnyOverlap(out, box) {
 		panic("nacl: invalid buffer overlap")
 	}
 
diff --git a/nacl/sign/sign.go b/nacl/sign/sign.go
@@ -24,7 +24,7 @@ import (
 	"io"
 
 	"golang.org/x/crypto/ed25519"
-	"golang.org/x/crypto/internal/subtle"
+	"golang.org/x/crypto/internal/alias"
 )
 
 // Overhead is the number of bytes of overhead when signing a message.
@@ -48,7 +48,7 @@ func GenerateKey(rand io.Reader) (publicKey *[32]byte, privateKey *[64]byte, err
 func Sign(out, message []byte, privateKey *[64]byte) []byte {
 	sig := ed25519.Sign(ed25519.PrivateKey((*privateKey)[:]), message)
 	ret, out := sliceForAppend(out, Overhead+len(message))
-	if subtle.AnyOverlap(out, message) {
+	if alias.AnyOverlap(out, message) {
 		panic("nacl: invalid buffer overlap")
 	}
 	copy(out, sig)
@@ -67,7 +67,7 @@ func Open(out, signedMessage []byte, publicKey *[32]byte) ([]byte, bool) {
 		return nil, false
 	}
 	ret, out := sliceForAppend(out, len(signedMessage)-Overhead)
-	if subtle.AnyOverlap(out, signedMessage) {
+	if alias.AnyOverlap(out, signedMessage) {
 		panic("nacl: invalid buffer overlap")
 	}
 	copy(out, signedMessage[Overhead:])
diff --git a/salsa20/salsa20.go b/salsa20/salsa20.go
@@ -24,7 +24,7 @@ package salsa20 // import "golang.org/x/crypto/salsa20"
 // TODO(agl): implement XORKeyStream12 and XORKeyStream8 - the reduced round variants of Salsa20.
 
 import (
-	"golang.org/x/crypto/internal/subtle"
+	"golang.org/x/crypto/internal/alias"
 	"golang.org/x/crypto/salsa20/salsa"
 )
 
@@ -35,7 +35,7 @@ func XORKeyStream(out, in []byte, nonce []byte, key *[32]byte) {
 	if len(out) < len(in) {
 		panic("salsa20: output smaller than input")
 	}
-	if subtle.InexactOverlap(out[:len(in)], in) {
+	if alias.InexactOverlap(out[:len(in)], in) {
 		panic("salsa20: invalid buffer overlap")
 	}
 
diff --git a/xts/xts.go b/xts/xts.go
@@ -29,7 +29,7 @@ import (
 	"errors"
 	"sync"
 
-	"golang.org/x/crypto/internal/subtle"
+	"golang.org/x/crypto/internal/alias"
 )
 
 // Cipher contains an expanded key structure. It is safe for concurrent use if
@@ -75,7 +75,7 @@ func (c *Cipher) Encrypt(ciphertext, plaintext []byte, sectorNum uint64) {
 	if len(plaintext)%blockSize != 0 {
 		panic("xts: plaintext is not a multiple of the block size")
 	}
-	if subtle.InexactOverlap(ciphertext[:len(plaintext)], plaintext) {
+	if alias.InexactOverlap(ciphertext[:len(plaintext)], plaintext) {
 		panic("xts: invalid buffer overlap")
 	}
 
@@ -114,7 +114,7 @@ func (c *Cipher) Decrypt(plaintext, ciphertext []byte, sectorNum uint64) {
 	if len(ciphertext)%blockSize != 0 {
 		panic("xts: ciphertext is not a multiple of the block size")
 	}
-	if subtle.InexactOverlap(plaintext[:len(ciphertext)], ciphertext) {
+	if alias.InexactOverlap(plaintext[:len(ciphertext)], ciphertext) {
 		panic("xts: invalid buffer overlap")
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,7 @@ import (`
`12`	`12`	`"errors"`
`13`	`13`	`"math/bits"`
`14`	`14`
`15`		`- "golang.org/x/crypto/internal/subtle"`
	`15`	`+ "golang.org/x/crypto/internal/alias"`
`16`	`16`	`)`
`17`	`17`
`18`	`18`	`const (`
`@@ -189,7 +189,7 @@ func (s *Cipher) XORKeyStream(dst, src []byte) {`
`189`	`189`	`panic("chacha20: output smaller than input")`
`190`	`190`	`}`
`191`	`191`	`dst = dst[:len(src)]`
`192`		`- if subtle.InexactOverlap(dst, src) {`
	`192`	`+ if alias.InexactOverlap(dst, src) {`
`193`	`193`	`panic("chacha20: invalid buffer overlap")`
`194`	`194`	`}`
`195`	`195`
Original file line number	Diff line number	Diff line change
`@@ -35,8 +35,8 @@ This package is interoperable with NaCl: https://nacl.cr.yp.to/secretbox.html.`
`35`	`35`	`package secretbox // import "golang.org/x/crypto/nacl/secretbox"`
`36`	`36`
`37`	`37`	`import (`
	`38`	`+ "golang.org/x/crypto/internal/alias"`
`38`	`39`	`"golang.org/x/crypto/internal/poly1305"`
`39`		`- "golang.org/x/crypto/internal/subtle"`
`40`	`40`	`"golang.org/x/crypto/salsa20/salsa"`
`41`	`41`	`)`
`42`	`42`
`@@ -88,7 +88,7 @@ func Seal(out, message []byte, nonce [24]byte, key [32]byte) []byte {`
`88`	`88`	`copy(poly1305Key[:], firstBlock[:])`
`89`	`89`
`90`	`90`	`ret, out := sliceForAppend(out, len(message)+poly1305.TagSize)`
`91`		`- if subtle.AnyOverlap(out, message) {`
	`91`	`+ if alias.AnyOverlap(out, message) {`
`92`	`92`	`panic("nacl: invalid buffer overlap")`
`93`	`93`	`}`
`94`	`94`
`@@ -147,7 +147,7 @@ func Open(out, box []byte, nonce [24]byte, key [32]byte) ([]byte, bool) {`
`147`	`147`	`}`
`148`	`148`
`149`	`149`	`ret, out := sliceForAppend(out, len(box)-Overhead)`
`150`		`- if subtle.AnyOverlap(out, box) {`
	`150`	`+ if alias.AnyOverlap(out, box) {`
`151`	`151`	`panic("nacl: invalid buffer overlap")`
`152`	`152`	`}`
`153`	`153`
Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ import (`
`24`	`24`	`"io"`
`25`	`25`
`26`	`26`	`"golang.org/x/crypto/ed25519"`
`27`		`- "golang.org/x/crypto/internal/subtle"`
	`27`	`+ "golang.org/x/crypto/internal/alias"`
`28`	`28`	`)`
`29`	`29`
`30`	`30`	`// Overhead is the number of bytes of overhead when signing a message.`
`@@ -48,7 +48,7 @@ func GenerateKey(rand io.Reader) (publicKey [32]byte, privateKey [64]byte, err`
`48`	`48`	`func Sign(out, message []byte, privateKey *[64]byte) []byte {`
`49`	`49`	`sig := ed25519.Sign(ed25519.PrivateKey((*privateKey)[:]), message)`
`50`	`50`	`ret, out := sliceForAppend(out, Overhead+len(message))`
`51`		`- if subtle.AnyOverlap(out, message) {`
	`51`	`+ if alias.AnyOverlap(out, message) {`
`52`	`52`	`panic("nacl: invalid buffer overlap")`
`53`	`53`	`}`
`54`	`54`	`copy(out, sig)`
`@@ -67,7 +67,7 @@ func Open(out, signedMessage []byte, publicKey *[32]byte) ([]byte, bool) {`
`67`	`67`	`return nil, false`
`68`	`68`	`}`
`69`	`69`	`ret, out := sliceForAppend(out, len(signedMessage)-Overhead)`
`70`		`- if subtle.AnyOverlap(out, signedMessage) {`
	`70`	`+ if alias.AnyOverlap(out, signedMessage) {`
`71`	`71`	`panic("nacl: invalid buffer overlap")`
`72`	`72`	`}`
`73`	`73`	`copy(out, signedMessage[Overhead:])`
Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ package salsa20 // import "golang.org/x/crypto/salsa20"`
`24`	`24`	`// TODO(agl): implement XORKeyStream12 and XORKeyStream8 - the reduced round variants of Salsa20.`
`25`	`25`
`26`	`26`	`import (`
`27`		`- "golang.org/x/crypto/internal/subtle"`
	`27`	`+ "golang.org/x/crypto/internal/alias"`
`28`	`28`	`"golang.org/x/crypto/salsa20/salsa"`
`29`	`29`	`)`
`30`	`30`
`@@ -35,7 +35,7 @@ func XORKeyStream(out, in []byte, nonce []byte, key *[32]byte) {`
`35`	`35`	`if len(out) < len(in) {`
`36`	`36`	`panic("salsa20: output smaller than input")`
`37`	`37`	`}`
`38`		`- if subtle.InexactOverlap(out[:len(in)], in) {`
	`38`	`+ if alias.InexactOverlap(out[:len(in)], in) {`
`39`	`39`	`panic("salsa20: invalid buffer overlap")`
`40`	`40`	`}`
`41`	`41`
Original file line number	Diff line number	Diff line change
`@@ -29,7 +29,7 @@ import (`
`29`	`29`	`"errors"`
`30`	`30`	`"sync"`
`31`	`31`
`32`		`- "golang.org/x/crypto/internal/subtle"`
	`32`	`+ "golang.org/x/crypto/internal/alias"`
`33`	`33`	`)`
`34`	`34`
`35`	`35`	`// Cipher contains an expanded key structure. It is safe for concurrent use if`
`@@ -75,7 +75,7 @@ func (c *Cipher) Encrypt(ciphertext, plaintext []byte, sectorNum uint64) {`
`75`	`75`	`if len(plaintext)%blockSize != 0 {`
`76`	`76`	`panic("xts: plaintext is not a multiple of the block size")`
`77`	`77`	`}`
`78`		`- if subtle.InexactOverlap(ciphertext[:len(plaintext)], plaintext) {`
	`78`	`+ if alias.InexactOverlap(ciphertext[:len(plaintext)], plaintext) {`
`79`	`79`	`panic("xts: invalid buffer overlap")`
`80`	`80`	`}`
`81`	`81`
`@@ -114,7 +114,7 @@ func (c *Cipher) Decrypt(plaintext, ciphertext []byte, sectorNum uint64) {`
`114`	`114`	`if len(ciphertext)%blockSize != 0 {`
`115`	`115`	`panic("xts: ciphertext is not a multiple of the block size")`
`116`	`116`	`}`
`117`		`- if subtle.InexactOverlap(plaintext[:len(ciphertext)], ciphertext) {`
	`117`	`+ if alias.InexactOverlap(plaintext[:len(ciphertext)], ciphertext) {`
`118`	`118`	`panic("xts: invalid buffer overlap")`
`119`	`119`	`}`
`120`	`120`