Update Dependencies (#390)

Co-authored-by: Norwin Roosen <git@nroo.de> Co-authored-by: Norwin <git@nroo.de> Reviewed-on: https://gitea.com/gitea/tea/pulls/390 Reviewed-by: 6543 <6543@obermui.de> Reviewed-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Norwin <noerw@noreply.gitea.io> Co-committed-by: Norwin <noerw@noreply.gitea.io>
2025-10-31 09:15:26 +01:00 · 2021-08-30 23:18:50 +08:00
parent 4b9907fb54
commit d6df0a53b5
665 changed files with 29466 additions and 24547 deletions
--- a/vendor/github.com/ProtonMail/go-crypto/internal/byteutil/byteutil.go
+++ b/vendor/github.com/ProtonMail/go-crypto/internal/byteutil/byteutil.go
@@ -0,0 +1,92 @@
+// Copyright (C) 2019 ProtonTech AG
+// This file contains necessary tools for the aex and ocb packages.
+//
+// These functions SHOULD NOT be used elsewhere, since they are optimized for
+// specific input nature in the EAX and OCB modes of operation.
+
+package byteutil
+
+// GfnDouble computes 2 * input in the field of 2^n elements.
+// The irreducible polynomial in the finite field for n=128 is
+// x^128 + x^7 + x^2 + x + 1 (equals 0x87)
+// Constant-time execution in order to avoid side-channel attacks
+func GfnDouble(input []byte) []byte {
+	if len(input) != 16 {
+		panic("Doubling in GFn only implemented for n = 128")
+	}
+	// If the first bit is zero, return 2L = L << 1
+	// Else return (L << 1) xor 0^120 10000111
+	shifted := ShiftBytesLeft(input)
+	shifted[15] ^= ((input[0] >> 7) * 0x87)
+	return shifted
+}
+
+// ShiftBytesLeft outputs the byte array corresponding to x << 1 in binary.
+func ShiftBytesLeft(x []byte) []byte {
+	l := len(x)
+	dst := make([]byte, l)
+	for i := 0; i < l-1; i++ {
+		dst[i] = (x[i] << 1) | (x[i+1] >> 7)
+	}
+	dst[l-1] = x[l-1] << 1
+	return dst
+}
+
+// ShiftNBytesLeft puts in dst the byte array corresponding to x << n in binary.
+func ShiftNBytesLeft(dst, x []byte, n int) {
+	// Erase first n / 8 bytes
+	copy(dst, x[n/8:])
+
+	// Shift the remaining n % 8 bits
+	bits := uint(n % 8)
+	l := len(dst)
+	for i := 0; i < l-1; i++ {
+		dst[i] = (dst[i] << bits) | (dst[i+1] >> uint(8 - bits))
+	}
+	dst[l-1] = dst[l-1] << bits
+
+	// Append trailing zeroes
+	dst = append(dst, make([]byte, n/8)...)
+}
+
+// XorBytesMut assumes equal input length, replaces X with X XOR Y
+func XorBytesMut(X, Y []byte) {
+	for i := 0; i < len(X); i++ {
+		X[i] ^= Y[i]
+	}
+}
+
+
+// XorBytes assumes equal input length, puts X XOR Y into Z
+func XorBytes(Z, X, Y []byte) {
+	for i := 0; i < len(X); i++ {
+		Z[i] = X[i] ^ Y[i]
+	}
+}
+
+// RightXor XORs smaller input (assumed Y) at the right of the larger input (assumed X)
+func RightXor(X, Y []byte) []byte {
+	offset := len(X) - len(Y)
+	xored := make([]byte, len(X));
+	copy(xored, X)
+	for i := 0; i < len(Y); i++ {
+		xored[offset + i] ^= Y[i]
+	}
+	return xored
+}
+
+// SliceForAppend takes a slice and a requested number of bytes. It returns a
+// slice with the contents of the given slice followed by that many bytes and a
+// second slice that aliases into it and contains only the extra bytes. If the
+// original slice has sufficient capacity then no allocation is performed.
+func SliceForAppend(in []byte, n int) (head, tail []byte) {
+	if total := len(in) + n; cap(in) >= total {
+		head = in[:total]
+	} else {
+		head = make([]byte, total)
+		copy(head, in)
+	}
+	tail = head[len(in):]
+	return
+}
+