block-buffer: add BlockSizes trait and use it in buffer bounds (#1455)

newpavlov · web-flow · commit 730762fe0476 · 2026-02-24T04:45:45.000+03:00
The trait was previously defined in `crypto-common`, but it will be removed (see RustCrypto/traits#2304) and we previously did not use it because of the circular dependency between repositories.
diff --git a/block-buffer/CHANGELOG.md b/block-buffer/CHANGELOG.md
@@ -4,6 +4,15 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 0.12.0 (2026-02-24)
+### Added
+- `BlockSizes` trait implemented for sizes bigger than `U0` and smaller than `U256` ([#1455])
+
+### Changed
+- Block sizes used by `BlockBuffer` and `ReadBuffer` are now bound by `BlockSizes` ([#1455])
+
+[#1455]: https://github.com/RustCrypto/utils/pull/1455
+
 ## 0.11.0 (2025-11-07)
 ### Added
 - `ReadBuffer` type ([#823])
diff --git a/block-buffer/src/lib.rs b/block-buffer/src/lib.rs
@@ -53,6 +53,11 @@ mod sealed;
 
 pub use read::ReadBuffer;
 
+/// Trait implemented for supported block sizes, i.e. for types from `U1` to `U255`.
+pub trait BlockSizes: ArraySize + sealed::BlockSizes {}
+
+impl<T: ArraySize + sealed::BlockSizes> BlockSizes for T {}
+
 /// Trait for buffer kinds.
 pub trait BufferKind: sealed::Sealed {}
 
@@ -86,32 +91,22 @@ impl fmt::Display for Error {
 }
 
 /// Buffer for block processing of data.
-pub struct BlockBuffer<BS: ArraySize, K: BufferKind> {
+pub struct BlockBuffer<BS: BlockSizes, K: BufferKind> {
     buffer: MaybeUninit<Array<u8, BS>>,
     pos: K::Pos,
 }
 
-impl<BS: ArraySize, K: BufferKind> BlockBuffer<BS, K> {
-    /// This associated constant is used to assert block size correctness at compile time.
-    const BLOCK_SIZE_ASSERT: bool = {
-        assert!(BS::USIZE != 0, "Block size can not be equal to zero!");
-        assert!(BS::USIZE <= 255, "Block size can not be bigger than 255!");
-        true
-    };
-}
-
-impl<BS: ArraySize, K: BufferKind> Default for BlockBuffer<BS, K> {
+impl<BS: BlockSizes, K: BufferKind> Default for BlockBuffer<BS, K> {
     #[inline]
     fn default() -> Self {
-        assert!(Self::BLOCK_SIZE_ASSERT);
         let mut buffer = MaybeUninit::uninit();
         let mut pos = Default::default();
         K::set_pos(&mut buffer, &mut pos, 0);
         Self { buffer, pos }
     }
 }
 
-impl<BS: ArraySize, K: BufferKind> Clone for BlockBuffer<BS, K> {
+impl<BS: BlockSizes, K: BufferKind> Clone for BlockBuffer<BS, K> {
     #[inline]
     fn clone(&self) -> Self {
         // SAFETY: `BlockBuffer` does not implement `Drop` (i.e. it could be a `Copy` type),
@@ -120,7 +115,7 @@ impl<BS: ArraySize, K: BufferKind> Clone for BlockBuffer<BS, K> {
     }
 }
 
-impl<BS: ArraySize, K: BufferKind> fmt::Debug for BlockBuffer<BS, K> {
+impl<BS: BlockSizes, K: BufferKind> fmt::Debug for BlockBuffer<BS, K> {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> Result<(), fmt::Error> {
         f.debug_struct(K::NAME)
             .field("pos", &self.get_pos())
@@ -130,7 +125,7 @@ impl<BS: ArraySize, K: BufferKind> fmt::Debug for BlockBuffer<BS, K> {
     }
 }
 
-impl<BS: ArraySize, K: BufferKind> BlockBuffer<BS, K> {
+impl<BS: BlockSizes, K: BufferKind> BlockBuffer<BS, K> {
     /// Create new buffer from slice.
     ///
     /// # Panics
@@ -148,10 +143,6 @@ impl<BS: ArraySize, K: BufferKind> BlockBuffer<BS, K> {
     /// If slice length is not valid for used buffer kind.
     #[inline(always)]
     pub fn try_new(buf: &[u8]) -> Result<Self, Error> {
-        const {
-            assert!(Self::BLOCK_SIZE_ASSERT);
-        }
-
         if !K::invariant(buf.len(), BS::USIZE) {
             return Err(Error);
         }
@@ -318,7 +309,7 @@ pub type SerializedBufferSize<BS, K> = Sum<BS, <K as sealed::Sealed>::Overhead>;
 /// `BlockBuffer` serialized as a byte array.
 pub type SerializedBuffer<BS, K> = Array<u8, SerializedBufferSize<BS, K>>;
 
-impl<BS: ArraySize, K: BufferKind> BlockBuffer<BS, K>
+impl<BS: BlockSizes, K: BufferKind> BlockBuffer<BS, K>
 where
     BS: core::ops::Add<K::Overhead>,
     Sum<BS, K::Overhead>: ArraySize,
@@ -337,7 +328,7 @@ where
     /// Deserialize buffer from a byte array.
     ///
     /// # Errors
-    /// If algorithm-specific invariant fails to hold
+    /// If `buf` does not represent a valid serialization of `BlockBuffer`.
     pub fn deserialize(buf: &SerializedBuffer<BS, K>) -> Result<Self, Error> {
         let (pos, block) = buf.split_at(1);
         let pos = usize::from(pos[0]);
@@ -358,7 +349,7 @@ where
     }
 }
 
-impl<BS: ArraySize> BlockBuffer<BS, Eager> {
+impl<BS: BlockSizes> BlockBuffer<BS, Eager> {
     /// Compress remaining data after padding it with `delim`, zeros and
     /// the `suffix` bytes. If there is not enough unused space, `compress`
     /// will be called twice.
@@ -413,15 +404,15 @@ impl<BS: ArraySize> BlockBuffer<BS, Eager> {
 }
 
 #[cfg(feature = "zeroize")]
-impl<BS: ArraySize, K: BufferKind> Zeroize for BlockBuffer<BS, K> {
+impl<BS: BlockSizes, K: BufferKind> Zeroize for BlockBuffer<BS, K> {
     #[inline]
     fn zeroize(&mut self) {
         self.buffer.zeroize();
         self.pos.zeroize();
     }
 }
 
-impl<BS: ArraySize, K: BufferKind> Drop for BlockBuffer<BS, K> {
+impl<BS: BlockSizes, K: BufferKind> Drop for BlockBuffer<BS, K> {
     #[inline]
     fn drop(&mut self) {
         #[cfg(feature = "zeroize")]
@@ -430,4 +421,4 @@ impl<BS: ArraySize, K: BufferKind> Drop for BlockBuffer<BS, K> {
 }
 
 #[cfg(feature = "zeroize")]
-impl<BS: ArraySize, K: BufferKind> ZeroizeOnDrop for BlockBuffer<BS, K> {}
+impl<BS: BlockSizes, K: BufferKind> ZeroizeOnDrop for BlockBuffer<BS, K> {}
diff --git a/block-buffer/src/read.rs b/block-buffer/src/read.rs
@@ -1,30 +1,25 @@
-use super::{Array, ArraySize, Error};
+use super::{Array, BlockSizes, Error};
 use core::fmt;
 
 /// Buffer for reading block-generated data.
-pub struct ReadBuffer<BS: ArraySize> {
+pub struct ReadBuffer<BS: BlockSizes> {
     /// The first byte of the block is used as cursor position.
     /// `&buffer[usize::from(buffer[0])..]` is interpreted as unread bytes.
     /// The cursor position is always bigger than zero and smaller than or equal to block size.
     buffer: Array<u8, BS>,
 }
 
-impl<BS: ArraySize> fmt::Debug for ReadBuffer<BS> {
+impl<BS: BlockSizes> fmt::Debug for ReadBuffer<BS> {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         f.debug_struct("ReadBuffer")
             .field("remaining_data", &self.remaining())
             .finish_non_exhaustive()
     }
 }
 
-impl<BS: ArraySize> Default for ReadBuffer<BS> {
+impl<BS: BlockSizes> Default for ReadBuffer<BS> {
     #[inline]
     fn default() -> Self {
-        assert!(
-            BS::USIZE != 0 && BS::USIZE < 256,
-            "buffer block size must be bigger than zero and smaller than 256"
-        );
-
         let buffer = Default::default();
         let mut res = Self { buffer };
         // SAFETY: `BS::USIZE` satisfies the `set_pos_unchecked` safety contract
@@ -33,15 +28,15 @@ impl<BS: ArraySize> Default for ReadBuffer<BS> {
     }
 }
 
-impl<BS: ArraySize> Clone for ReadBuffer<BS> {
+impl<BS: BlockSizes> Clone for ReadBuffer<BS> {
     #[inline]
     fn clone(&self) -> Self {
         let buffer = self.buffer.clone();
         Self { buffer }
     }
 }
 
-impl<BS: ArraySize> ReadBuffer<BS> {
+impl<BS: BlockSizes> ReadBuffer<BS> {
     /// Return current cursor position, i.e. how many bytes were read from the buffer.
     #[inline(always)]
     pub fn get_pos(&self) -> usize {
@@ -176,12 +171,12 @@ impl<BS: ArraySize> ReadBuffer<BS> {
 }
 
 #[cfg(feature = "zeroize")]
-impl<BS: ArraySize> Drop for ReadBuffer<BS> {
+impl<BS: BlockSizes> Drop for ReadBuffer<BS> {
     fn drop(&mut self) {
         use zeroize::Zeroize;
         self.buffer.zeroize();
     }
 }
 
 #[cfg(feature = "zeroize")]
-impl<BS: ArraySize> zeroize::ZeroizeOnDrop for ReadBuffer<BS> {}
+impl<BS: BlockSizes> zeroize::ZeroizeOnDrop for ReadBuffer<BS> {}
diff --git a/block-buffer/src/sealed.rs b/block-buffer/src/sealed.rs
@@ -1,4 +1,7 @@
-use hybrid_array::sizes::{U0, U1};
+use hybrid_array::{
+    sizes::{U0, U1, U256},
+    typenum::{IsLess, NonZero, True, Unsigned},
+};
 
 use super::{Array, ArraySize};
 use core::{mem::MaybeUninit, ptr};
@@ -96,3 +99,8 @@ impl Sealed for super::Lazy {
         }
     }
 }
+
+/// Sealed trait implemented for sizes from `U1` to `U255`.
+pub trait BlockSizes {}
+
+impl<T: Unsigned> BlockSizes for T where Self: IsLess<U256, Output = True> + NonZero {}

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,7 @@`
`1`		`-use hybrid_array::sizes::{U0, U1};`
	`1`	`+use hybrid_array::{`
	`2`	`+ sizes::{U0, U1, U256},`
	`3`	`+ typenum::{IsLess, NonZero, True, Unsigned},`
	`4`	`+};`
`2`	`5`
`3`	`6`	`use super::{Array, ArraySize};`
`4`	`7`	`use core::{mem::MaybeUninit, ptr};`
`@@ -96,3 +99,8 @@ impl Sealed for super::Lazy {`
`96`	`99`	`}`
`97`	`100`	`}`
`98`	`101`	`}`
	`102`	`+`
	`103`	+/// Sealed trait implemented for sizes from `U1` to `U255`.
	`104`	`+pub trait BlockSizes {}`
	`105`	`+`
	`106`	`+impl<T: Unsigned> BlockSizes for T where Self: IsLess<U256, Output = True> + NonZero {}`