internal/byteorder: new package #275

cipher/ccm.go

@@ -4,12 +4,12 @@ package cipher
 import (
 	goCipher "crypto/cipher"
 	goSubtle "crypto/subtle"
-	"encoding/binary"
 	"math"
 
 	"errors"
 
 	"github.com/emmansun/gmsm/internal/alias"
+	"github.com/emmansun/gmsm/internal/byteorder"
 	"github.com/emmansun/gmsm/internal/subtle"
 )
 
@@ -72,7 +72,6 @@ func NewCCMWithNonceSize(cipher goCipher.Block, size int) (goCipher.AEAD, error)
 // which generates tags with the given length.
 //
 // Tag sizes between 8 and 16 bytes are allowed.
-//
 func NewCCMWithTagSize(cipher goCipher.Block, tagSize int) (goCipher.AEAD, error) {
 	return NewCCMWithNonceAndTagSize(cipher, ccmStandardNonceSize, tagSize)
 }
@@ -133,7 +132,7 @@ func (c *ccm) auth(nonce, plaintext, additionalData []byte, tagMask *[ccmBlockSi
 	}
 	out[0] |= byte(c.tagSize-2) << 2 // M' = ((tagSize - 2) / 2)*8
 	out[0] |= byte(14 - c.nonceSize) // L'
-	binary.BigEndian.PutUint64(out[ccmBlockSize-8:], uint64(len(plaintext)))
+	byteorder.BEPutUint64(out[ccmBlockSize-8:], uint64(len(plaintext)))
 	copy(out[1:], nonce)
 	// B0
 	c.cipher.Encrypt(out[:], out[:])
@@ -143,7 +142,7 @@ func (c *ccm) auth(nonce, plaintext, additionalData []byte, tagMask *[ccmBlockSi
 		// First adata block includes adata length
 		i := 2
 		if n <= 0xfeff { // l(a) < (2^16 - 2^8)
-			binary.BigEndian.PutUint16(block[:i], uint16(n))
+			byteorder.BEPutUint16(block[:i], uint16(n))
 		} else {
 			block[0] = 0xff
 			// If (2^16 - 2^8) <= l(a) < 2^32, then the length field is encoded as
@@ -152,14 +151,14 @@ func (c *ccm) auth(nonce, plaintext, additionalData []byte, tagMask *[ccmBlockSi
 			if n < uint64(1<<32) {
 				block[1] = 0xfe
 				i = 2 + 4
-				binary.BigEndian.PutUint32(block[2:i], uint32(n))
+				byteorder.BEPutUint32(block[2:i], uint32(n))
 			} else {
 				block[1] = 0xff
 				// If 2^32 <= l(a) < 2^64, then the length field is encoded as ten
 				// octets consisting of the octets 0xff, 0xff, and eight octets encoding
 				// l(a) in most-significant-byte-first order.
 				i = 2 + 8
-				binary.BigEndian.PutUint64(block[2:i], uint64(n))
+				byteorder.BEPutUint64(block[2:i], uint64(n))
 			}
 		}
 		i = copy(block[i:], additionalData) // first block start with additional data length

cipher/hctr.go

@@ -2,10 +2,10 @@ package cipher
 
 import (
 	_cipher "crypto/cipher"
-	"encoding/binary"
 	"errors"
 
 	"github.com/emmansun/gmsm/internal/alias"
+	"github.com/emmansun/gmsm/internal/byteorder"
 	"github.com/emmansun/gmsm/internal/subtle"
 )
 
@@ -131,8 +131,8 @@ func NewHCTR(cipher _cipher.Block, tweak, hkey []byte) (LengthPreservingMode, er
 	// would expect, say, 4*key to be in index 4 of the table but due to
 	// this bit ordering it will actually be in index 0010 (base 2) = 2.
 	x := hctrFieldElement{
-		binary.BigEndian.Uint64(hkey[:8]),
-		binary.BigEndian.Uint64(hkey[8:blockSize]),
+		byteorder.BEUint64(hkey[:8]),
+		byteorder.BEUint64(hkey[8:blockSize]),
 	}
 	c.productTable[reverseBits(1)] = x
 
@@ -180,8 +180,8 @@ func (h *hctr) mul(y *hctrFieldElement) {
 }
 
 func (h *hctr) updateBlock(block []byte, y *hctrFieldElement) {
-	y.low ^= binary.BigEndian.Uint64(block)
-	y.high ^= binary.BigEndian.Uint64(block[8:])
+	y.low ^= byteorder.BEUint64(block)
+	y.high ^= byteorder.BEUint64(block[8:])
 	h.mul(y)
 }
 
@@ -214,8 +214,8 @@ func (h *hctr) uhash(m []byte, out *[blockSize]byte) {
 	y.high ^= uint64(len(m)+blockSize) * 8
 	h.mul(&y)
 	// output result
-	binary.BigEndian.PutUint64(out[:], y.low)
-	binary.BigEndian.PutUint64(out[8:], y.high)
+	byteorder.BEPutUint64(out[:], y.low)
+	byteorder.BEPutUint64(out[8:], y.high)
 }
 
 func (h *hctr) EncryptBytes(ciphertext, plaintext []byte) {
@@ -281,7 +281,7 @@ func (h *hctr) ctr(dst, src []byte, baseCtr *[blockSize]byte) {
 			for len(src) >= batchSize {
 				for j := 0; j < concCipher.Concurrency(); j++ {
 					// (i)₂
-					binary.BigEndian.PutUint64(num[blockSize-8:], i)
+					byteorder.BEPutUint64(num[blockSize-8:], i)
 					subtle.XORBytes(ctrs[j*blockSize:], baseCtr[:], num)
 					i++
 				}
@@ -295,7 +295,7 @@ func (h *hctr) ctr(dst, src []byte, baseCtr *[blockSize]byte) {
 
 	for len(src) > 0 {
 		// (i)₂
-		binary.BigEndian.PutUint64(num[blockSize-8:], i)
+		byteorder.BEPutUint64(num[blockSize-8:], i)
 		subtle.XORBytes(ctr, baseCtr[:], num)
 		h.cipher.Encrypt(ctr, ctr)
 		n := subtle.XORBytes(dst, src, ctr)

cipher/xts.go

@@ -2,10 +2,10 @@ package cipher
 
 import (
 	_cipher "crypto/cipher"
-	"encoding/binary"
 	"errors"
 
 	"github.com/emmansun/gmsm/internal/alias"
+	"github.com/emmansun/gmsm/internal/byteorder"
 	"github.com/emmansun/gmsm/internal/subtle"
 )
 
@@ -50,7 +50,7 @@ func NewXTSEncrypter(cipherFunc CipherCreator, key, tweakKey, tweak []byte) (_ci
 // block cipher (which must have a block size of 16 bytes) with sector number.
 func NewXTSEncrypterWithSector(cipherFunc CipherCreator, key, tweakKey []byte, sectorNum uint64) (_cipher.BlockMode, error) {
 	tweak := make([]byte, blockSize)
-	binary.LittleEndian.PutUint64(tweak[:8], sectorNum)
+	byteorder.LEPutUint64(tweak[:8], sectorNum)
 	return NewXTSEncrypter(cipherFunc, key, tweakKey, tweak)
 }
 
@@ -66,7 +66,7 @@ func NewGBXTSEncrypter(cipherFunc CipherCreator, key, tweakKey, tweak []byte) (_
 // It follows GB/T 17964-2021.
 func NewGBXTSEncrypterWithSector(cipherFunc CipherCreator, key, tweakKey []byte, sectorNum uint64) (_cipher.BlockMode, error) {
 	tweak := make([]byte, blockSize)
-	binary.LittleEndian.PutUint64(tweak[:8], sectorNum)
+	byteorder.LEPutUint64(tweak[:8], sectorNum)
 	return NewGBXTSEncrypter(cipherFunc, key, tweakKey, tweak)
 }
 
@@ -122,7 +122,7 @@ func NewXTSDecrypter(cipherFunc CipherCreator, key, tweakKey, tweak []byte) (_ci
 // block cipher (which must have a block size of 16 bytes) with sector number for decryption.
 func NewXTSDecrypterWithSector(cipherFunc CipherCreator, key, tweakKey []byte, sectorNum uint64) (_cipher.BlockMode, error) {
 	tweak := make([]byte, blockSize)
-	binary.LittleEndian.PutUint64(tweak[:8], sectorNum)
+	byteorder.LEPutUint64(tweak[:8], sectorNum)
 	return NewXTSDecrypter(cipherFunc, key, tweakKey, tweak)
 }
 
@@ -138,7 +138,7 @@ func NewGBXTSDecrypter(cipherFunc CipherCreator, key, tweakKey, tweak []byte) (_
 // It follows GB/T 17964-2021.
 func NewGBXTSDecrypterWithSector(cipherFunc CipherCreator, key, tweakKey []byte, sectorNum uint64) (_cipher.BlockMode, error) {
 	tweak := make([]byte, blockSize)
-	binary.LittleEndian.PutUint64(tweak[:8], sectorNum)
+	byteorder.LEPutUint64(tweak[:8], sectorNum)
 	return NewGBXTSDecrypter(cipherFunc, key, tweakKey, tweak)
 }
 
@@ -336,7 +336,7 @@ func mul2Generic(tweak *[blockSize]byte, isGB bool) {
 			tweak[0] ^= GF128_FDBK // 1<<7 | 1<<2 | 1<<1 | 1
 		}
 	} else {
-		// GB/T 17964-2021, 
+		// GB/T 17964-2021,
 		// the coefficient of x⁰ can be obtained by tweak[0] >> 7
 		// the coefficient of x⁷ can be obtained by tweak[0] & 1
 		// the coefficient of x¹²⁰ can be obtained by tweak[15] >> 7

drbg/ctr_drbg.go

@@ -2,10 +2,10 @@ package drbg
 
 import (
 	"crypto/cipher"
-	"encoding/binary"
 	"errors"
 	"time"
 
+	"github.com/emmansun/gmsm/internal/byteorder"
 	"github.com/emmansun/gmsm/internal/subtle"
 	"github.com/emmansun/gmsm/sm4"
 )
@@ -185,8 +185,8 @@ func (cd *CtrDrbg) derive(seedMaterial []byte, returnBytes int) []byte {
 
 	// S = counter || len(seed_material) || len(return_bytes) || seed_material || 0x80
 	// len(S) = ((outlen + 4 + 4 + len(seed_material) + 1 + outlen - 1) / outlen) * outlen
-	binary.BigEndian.PutUint32(S[outlen:], uint32(len(seedMaterial)))
-	binary.BigEndian.PutUint32(S[outlen+4:], uint32(returnBytes))
+	byteorder.BEPutUint32(S[outlen:], uint32(len(seedMaterial)))
+	byteorder.BEPutUint32(S[outlen+4:], uint32(returnBytes))
 	copy(S[outlen+8:], seedMaterial)
 	S[outlen+8+len(seedMaterial)] = 0x80
 
@@ -199,7 +199,7 @@ func (cd *CtrDrbg) derive(seedMaterial []byte, returnBytes int) []byte {
 	block := cd.newBlockCipher(key)
 
 	for i := 0; i < blocks; i++ {
-		binary.BigEndian.PutUint32(S, uint32(i))
+		byteorder.BEPutUint32(S, uint32(i))
 		copy(temp[i*outlen:], cd.bcc(block, S))
 	}
 

drbg/hash_drbg.go

@@ -1,11 +1,11 @@
 package drbg
 
 import (
-	"encoding/binary"
 	"errors"
 	"hash"
 	"time"
 
+	"github.com/emmansun/gmsm/internal/byteorder"
 	"github.com/emmansun/gmsm/sm3"
 )
 
@@ -15,8 +15,8 @@ const HASH_DRBG_MAX_SEED_SIZE = 111
 // HashDrbg hash DRBG structure, its instance is NOT goroutine safe!!!
 type HashDrbg struct {
 	BaseDrbg
-	newHash func() hash.Hash
-	c       []byte
+	newHash  func() hash.Hash
+	c        []byte
 	hashSize int
 }
 
@@ -146,7 +146,7 @@ func (hd *HashDrbg) addH() {
 
 func (hd *HashDrbg) addReseedCounter() {
 	t := make([]byte, hd.seedLength)
-	binary.BigEndian.PutUint64(t[hd.seedLength-8:], hd.reseedCounter)
+	byteorder.BEPutUint64(t[hd.seedLength-8:], hd.reseedCounter)
 	add(t, hd.v, hd.seedLength)
 }
 
@@ -208,7 +208,7 @@ func (hd *HashDrbg) derive(seedMaterial []byte, len int) []byte {
 	md := hd.newHash()
 	limit := uint64(len+hd.hashSize-1) / uint64(hd.hashSize)
 	var requireBytes [4]byte
-	binary.BigEndian.PutUint32(requireBytes[:], uint32(len<<3))
+	byteorder.BEPutUint32(requireBytes[:], uint32(len<<3))
 	var ct byte = 1
 	k := make([]byte, len)
 	for i := 0; i < int(limit); i++ {

internal/bigmod/nat.go

@@ -5,9 +5,10 @@
 package bigmod
 
 import (
-	"encoding/binary"
 	"errors"
 	"math/bits"
+
+	"github.com/emmansun/gmsm/internal/byteorder"
 )
 
 const (
@@ -205,9 +206,9 @@ func (x *Nat) SetOverflowedBytes(b []byte, m *Modulus) *Nat {
 // big-endian encoded uint value.
 func bigEndianUint(buf []byte) uint {
 	if _W == 64 {
-		return uint(binary.BigEndian.Uint64(buf))
+		return uint(byteorder.BEUint64(buf))
 	}
-	return uint(binary.BigEndian.Uint32(buf))
+	return uint(byteorder.BEUint32(buf))
 }
 
 func (x *Nat) setBytes(b []byte) error {