upgrade rust-crypto to v0.10

AArch64 SIMD intrinsics are available on stable since v1.59
https://blog.rust-lang.org/2022/02/24/Rust-1.59.0.html

aes-gcm v0.10
aes-gcm-siv v0.11
ccm v0.5
chacha20poly1305 v0.10
chacha20 v0.9
aes v0.8
ctr v0.9

NOTE: ring-compat is still working on upgrading digest to v0.10

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "shadowsocks-crypto"
-version = "0.4.1"
+version = "0.5.0"
 authors = ["luozijun <[email protected]>", "ty <[email protected]>"]
 edition = "2021"
 license = "MIT"
@@ -16,31 +16,31 @@ default = [
     "v1-aead",
 ]
 v1 = []
-v1-stream = ["v1", "chacha20", "aes"]
+v1-stream = ["v1", "chacha20", "aes", "ctr"]
 v1-aead = ["v1", "aes-gcm", "chacha20poly1305", "hkdf", "sha1"]
 v1-aead-extra = ["v1-aead", "aes-gcm-siv", "ccm", "aes"]
 v2 = ["aes", "aes-gcm", "blake3", "chacha20poly1305", "bytes"]
 v2-extra = ["v2", "chacha20poly1305/reduced-round"]
 
 ring = ["ring-compat"]
-armv8 = ["aes-gcm/armv8", "aes/armv8", "aes-gcm-siv/armv8"]
-neon = ["chacha20/neon"]
 
 [dependencies]
 cfg-if = "1.0"
 rand = "0.8"
-aes-gcm = { version = "0.9", optional = true }
-aes-gcm-siv = { version = "0.10.3", optional = true }
-ccm = { version = "0.4.4", optional = true }
-chacha20poly1305 = { version = "0.9", optional = true }
-ring-compat = { version = "0.4.1", optional = true }
+aes-gcm = { version = "0.10", optional = true }
+aes-gcm-siv = { version = "0.11", optional = true }
+ccm = { version = "0.5", optional = true }
+chacha20poly1305 = { version = "0.10", optional = true }
+# ring-compat = { version = "0.4.1", optional = true }
+ring-compat = { git = "https://github.com/RustCrypto/ring-compat.git", optional = true }
 md-5 = { version = "0.10" }
 hkdf = { version = "0.12", optional = true }
 sha1 = { version = "0.10", optional = true }
 blake3 = { version = "1.3", optional = true }
-chacha20 = { version = "0.8.1", optional = true }
-aes = { version = "0.7.5", features = ["ctr"], optional = true }
-bytes = { version = "1.1", optional = true }
+chacha20 = { version = "0.9", optional = true }
+aes = { version = "0.8", optional = true }
+ctr = { version = "0.9", optional = true }
+bytes = { version = "1.3", optional = true }
 
 #[target.'cfg(all(unix, any(target_arch = "x86", target_arch = "x86_64")))'.dependencies]
 #md-5 = { version = "0.10", features = ["asm"] }

src/v1/aeadcipher/aes_ccm.rs

@@ -1,6 +1,6 @@
 use aes::{Aes128, Aes256};
 use ccm::{
-    aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, NewAead},
+    aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, KeyInit, KeySizeUser},
     consts::{U12, U16},
     Ccm,
     Nonce,
@@ -15,7 +15,7 @@ impl Aes128Ccm {
     }
 
     pub fn key_size() -> usize {
-        <Ccm<Aes128, U16, U12> as NewAead>::KeySize::to_usize()
+        <Ccm<Aes128, U16, U12> as KeySizeUser>::KeySize::to_usize()
     }
 
     pub fn nonce_size() -> usize {
@@ -54,7 +54,7 @@ impl Aes256Ccm {
     }
 
     pub fn key_size() -> usize {
-        <Ccm<Aes256, U16, U12> as NewAead>::KeySize::to_usize()
+        <Ccm<Aes256, U16, U12> as KeySizeUser>::KeySize::to_usize()
     }
 
     pub fn nonce_size() -> usize {

src/v1/aeadcipher/aes_gcm.rs

@@ -6,11 +6,11 @@ cfg_if! {
 
         pub use ring_compat::aead::{Aes128Gcm as CryptoAes128Gcm, Aes256Gcm as CryptoAes256Gcm};
         use ring_compat::{
-            aead::{AeadCore, AeadInPlace, Buffer, Error as AeadError, NewAead},
+            aead::{AeadCore, AeadInPlace, Buffer, Error as AeadError, KeySizeUser, KeyInit},
             generic_array::{typenum::Unsigned, GenericArray},
         };
 
-        type Key<KeySize> = GenericArray<u8, KeySize>;
+        type Key<B> = GenericArray<u8, <B as KeySizeUser>::KeySize>;
         type Nonce<NonceSize> = GenericArray<u8, NonceSize>;
 
         struct SliceBuffer<'a>(&'a mut [u8]);
@@ -36,7 +36,7 @@ cfg_if! {
         }
     } else {
         use aes_gcm::{
-            aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, NewAead},
+            aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, KeySizeUser, KeyInit},
             Key,
             Nonce,
             Tag,
@@ -49,12 +49,12 @@ pub struct Aes128Gcm(CryptoAes128Gcm);
 
 impl Aes128Gcm {
     pub fn new(key: &[u8]) -> Aes128Gcm {
-        let key = Key::from_slice(key);
+        let key = Key::<CryptoAes128Gcm>::from_slice(key);
         Aes128Gcm(CryptoAes128Gcm::new(key))
     }
 
     pub fn key_size() -> usize {
-        <CryptoAes128Gcm as NewAead>::KeySize::to_usize()
+        <CryptoAes128Gcm as KeySizeUser>::KeySize::to_usize()
     }
 
     pub fn nonce_size() -> usize {
@@ -100,12 +100,12 @@ pub struct Aes256Gcm(CryptoAes256Gcm);
 
 impl Aes256Gcm {
     pub fn new(key: &[u8]) -> Aes256Gcm {
-        let key = Key::from_slice(key);
+        let key = Key::<CryptoAes256Gcm>::from_slice(key);
         Aes256Gcm(CryptoAes256Gcm::new(key))
     }
 
     pub fn key_size() -> usize {
-        <CryptoAes256Gcm as NewAead>::KeySize::to_usize()
+        <CryptoAes256Gcm as KeySizeUser>::KeySize::to_usize()
     }
 
     pub fn nonce_size() -> usize {

src/v1/aeadcipher/aes_gcm_siv.rs

@@ -1,5 +1,5 @@
 use aes_gcm_siv::{
-    aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, NewAead},
+    aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, KeyInit, KeySizeUser},
     Aes128GcmSiv as CryptoAes128GcmSiv,
     Aes256GcmSiv as CryptoAes256GcmSiv,
     Key,
@@ -11,12 +11,12 @@ pub struct Aes128GcmSiv(CryptoAes128GcmSiv);
 
 impl Aes128GcmSiv {
     pub fn new(key: &[u8]) -> Aes128GcmSiv {
-        let key = Key::from_slice(key);
+        let key = Key::<CryptoAes128GcmSiv>::from_slice(key);
         Aes128GcmSiv(CryptoAes128GcmSiv::new(key))
     }
 
     pub fn key_size() -> usize {
-        <CryptoAes128GcmSiv as NewAead>::KeySize::to_usize()
+        <CryptoAes128GcmSiv as KeySizeUser>::KeySize::to_usize()
     }
 
     pub fn nonce_size() -> usize {
@@ -51,12 +51,12 @@ pub struct Aes256GcmSiv(CryptoAes256GcmSiv);
 
 impl Aes256GcmSiv {
     pub fn new(key: &[u8]) -> Aes256GcmSiv {
-        let key = Key::from_slice(key);
+        let key = Key::<CryptoAes256GcmSiv>::from_slice(key);
         Aes256GcmSiv(CryptoAes256GcmSiv::new(key))
     }
 
     pub fn key_size() -> usize {
-        <CryptoAes256GcmSiv as NewAead>::KeySize::to_usize()
+        <CryptoAes256GcmSiv as KeySizeUser>::KeySize::to_usize()
     }
 
     pub fn nonce_size() -> usize {

src/v1/aeadcipher/chacha20_poly1305.rs

@@ -6,7 +6,7 @@ cfg_if! {
 
         pub use ring_compat::aead::{ChaCha20Poly1305 as CryptoChaCha20Poly1305};
         use ring_compat::{
-            aead::{AeadCore, AeadInPlace, Buffer, Error as AeadError, NewAead},
+            aead::{AeadCore, AeadInPlace, Buffer, Error as AeadError, KeySizeUser, KeyInit},
             generic_array::{typenum::Unsigned, GenericArray},
         };
 
@@ -37,7 +37,7 @@ cfg_if! {
     } else {
         pub use chacha20poly1305::ChaCha20Poly1305 as CryptoChaCha20Poly1305;
         use chacha20poly1305::{
-            aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, NewAead},
+            aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, KeySizeUser, KeyInit},
             Key,
             Nonce,
             Tag,
@@ -54,7 +54,7 @@ impl ChaCha20Poly1305 {
     }
 
     pub fn key_size() -> usize {
-        <CryptoChaCha20Poly1305 as NewAead>::KeySize::to_usize()
+        <CryptoChaCha20Poly1305 as KeySizeUser>::KeySize::to_usize()
     }
 
     pub fn nonce_size() -> usize {

src/v1/aeadcipher/xchacha20_poly1305.rs

@@ -1,6 +1,6 @@
 pub use chacha20poly1305::XChaCha20Poly1305 as CryptoXChaCha20Poly1305;
 use chacha20poly1305::{
-    aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, NewAead},
+    aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, KeyInit, KeySizeUser},
     Key,
     Tag,
     XNonce,
@@ -15,7 +15,7 @@ impl XChaCha20Poly1305 {
     }
 
     pub fn key_size() -> usize {
-        <CryptoXChaCha20Poly1305 as NewAead>::KeySize::to_usize()
+        <CryptoXChaCha20Poly1305 as KeySizeUser>::KeySize::to_usize()
     }
 
     pub fn nonce_size() -> usize {

src/v1/streamcipher/chacha20.rs

@@ -1,5 +1,5 @@
 use chacha20::{
-    cipher::{generic_array::typenum::Unsigned, NewCipher, StreamCipher},
+    cipher::{IvSizeUser, KeyIvInit, KeySizeUser, StreamCipher, Unsigned},
     ChaCha20,
     Key,
     Nonce,
@@ -30,10 +30,10 @@ impl Chacha20 {
     }
 
     pub fn key_size() -> usize {
-        <ChaCha20 as NewCipher>::KeySize::to_usize()
+        <ChaCha20 as KeySizeUser>::KeySize::to_usize()
     }
 
     pub fn nonce_size() -> usize {
-        <ChaCha20 as NewCipher>::NonceSize::to_usize()
+        <ChaCha20 as IvSizeUser>::IvSize::to_usize()
     }
 }

src/v1/streamcipher/crypto/aes.rs

@@ -1,19 +1,18 @@
 #![allow(dead_code)]
 
 use aes::{
-    cipher::{BlockDecrypt, BlockEncrypt},
+    cipher::{BlockDecrypt, BlockEncrypt, BlockSizeUser, KeyInit, Unsigned},
     Aes128 as CryptoAes128,
     Aes192 as CryptoAes192,
     Aes256 as CryptoAes256,
     Block,
-    NewBlockCipher,
 };
 
 #[derive(Debug, Clone)]
 pub struct Aes128(CryptoAes128);
 
 impl Aes128 {
-    pub const BLOCK_LEN: usize = aes::BLOCK_SIZE;
+    pub const BLOCK_LEN: usize = <CryptoAes128 as BlockSizeUser>::BlockSize::USIZE;
     pub const KEY_LEN: usize = 16;
 
     pub fn new(key: &[u8]) -> Aes128 {
@@ -35,7 +34,7 @@ impl Aes128 {
 pub struct Aes192(CryptoAes192);
 
 impl Aes192 {
-    pub const BLOCK_LEN: usize = aes::BLOCK_SIZE;
+    pub const BLOCK_LEN: usize = <CryptoAes192 as BlockSizeUser>::BlockSize::USIZE;
     pub const KEY_LEN: usize = 24;
 
     pub fn new(key: &[u8]) -> Aes192 {
@@ -57,7 +56,7 @@ impl Aes192 {
 pub struct Aes256(CryptoAes256);
 
 impl Aes256 {
-    pub const BLOCK_LEN: usize = aes::BLOCK_SIZE;
+    pub const BLOCK_LEN: usize = <CryptoAes256 as BlockSizeUser>::BlockSize::USIZE;
     pub const KEY_LEN: usize = 32;
 
     pub fn new(key: &[u8]) -> Aes256 {

src/v1/streamcipher/ctr.rs

@@ -2,29 +2,32 @@
 // https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf
 
 use aes::{
-    cipher::{generic_array::GenericArray, FromBlockCipher, NewBlockCipher, StreamCipher},
+    cipher::{Iv, IvSizeUser, Key, KeyIvInit, StreamCipher, Unsigned},
     Aes128 as CryptoAes128,
-    Aes128Ctr as CryptoAes128Ctr,
     Aes192 as CryptoAes192,
-    Aes192Ctr as CryptoAes192Ctr,
     Aes256 as CryptoAes256,
-    Aes256Ctr as CryptoAes256Ctr,
 };
+use ctr::Ctr64BE;
 
 use super::crypto::{
     aes::{Aes128, Aes192, Aes256},
     camellia::{Camellia128, Camellia192, Camellia256},
 };
 
+type CryptoAes128Ctr = Ctr64BE<CryptoAes128>;
+type CryptoAes192Ctr = Ctr64BE<CryptoAes192>;
+type CryptoAes256Ctr = Ctr64BE<CryptoAes256>;
+
 pub struct Aes128Ctr(CryptoAes128Ctr);
 
 impl Aes128Ctr {
-    pub const IV_LEN: usize = aes::BLOCK_SIZE;
+    pub const IV_LEN: usize = <CryptoAes128Ctr as IvSizeUser>::IvSize::USIZE;
     pub const KEY_LEN: usize = Aes128::KEY_LEN;
 
     pub fn new(key: &[u8], iv: &[u8]) -> Aes128Ctr {
-        let cipher = CryptoAes128::new_from_slice(key).expect("Aes128");
-        let ctr = CryptoAes128Ctr::from_block_cipher(cipher, GenericArray::from_slice(iv));
+        let key = Key::<CryptoAes128Ctr>::from_slice(key);
+        let iv = Iv::<CryptoAes128Ctr>::from_slice(iv);
+        let ctr = CryptoAes128Ctr::new(key, iv);
         Aes128Ctr(ctr)
     }
 
@@ -40,12 +43,13 @@ impl Aes128Ctr {
 pub struct Aes192Ctr(CryptoAes192Ctr);
 
 impl Aes192Ctr {
-    pub const IV_LEN: usize = aes::BLOCK_SIZE;
+    pub const IV_LEN: usize = <CryptoAes192Ctr as IvSizeUser>::IvSize::USIZE;
     pub const KEY_LEN: usize = Aes192::KEY_LEN;
 
     pub fn new(key: &[u8], iv: &[u8]) -> Aes192Ctr {
-        let cipher = CryptoAes192::new_from_slice(key).expect("Aes192");
-        let ctr = CryptoAes192Ctr::from_block_cipher(cipher, GenericArray::from_slice(iv));
+        let key = Key::<CryptoAes192Ctr>::from_slice(key);
+        let iv = Iv::<CryptoAes192Ctr>::from_slice(iv);
+        let ctr = CryptoAes192Ctr::new(key, iv);
         Aes192Ctr(ctr)
     }
 
@@ -61,12 +65,13 @@ impl Aes192Ctr {
 pub struct Aes256Ctr(CryptoAes256Ctr);
 
 impl Aes256Ctr {
-    pub const IV_LEN: usize = aes::BLOCK_SIZE;
+    pub const IV_LEN: usize = <CryptoAes256Ctr as IvSizeUser>::IvSize::USIZE;
     pub const KEY_LEN: usize = Aes256::KEY_LEN;
 
     pub fn new(key: &[u8], iv: &[u8]) -> Aes256Ctr {
-        let cipher = CryptoAes256::new_from_slice(key).expect("Aes256");
-        let ctr = CryptoAes256Ctr::from_block_cipher(cipher, GenericArray::from_slice(iv));
+        let key = Key::<CryptoAes256Ctr>::from_slice(key);
+        let iv = Iv::<CryptoAes256Ctr>::from_slice(iv);
+        let ctr = CryptoAes256Ctr::new(key, iv);
         Aes256Ctr(ctr)
     }
 

src/v2/crypto/chacha8_poly1305.rs

@@ -1,6 +1,6 @@
 pub use chacha20poly1305::ChaCha8Poly1305 as CryptoChaCha8Poly1305;
 use chacha20poly1305::{
-    aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, NewAead},
+    aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, KeyInit, KeySizeUser},
     Key,
     Nonce,
     Tag,
@@ -15,7 +15,7 @@ impl ChaCha8Poly1305 {
     }
 
     pub fn key_size() -> usize {
-        <CryptoChaCha8Poly1305 as NewAead>::KeySize::to_usize()
+        <CryptoChaCha8Poly1305 as KeySizeUser>::KeySize::to_usize()
     }
 
     pub fn nonce_size() -> usize {

src/v2/crypto/xchacha8_poly1305.rs

@@ -1,6 +1,6 @@
 pub use chacha20poly1305::XChaCha8Poly1305 as CryptoXChaCha8Poly1305;
 use chacha20poly1305::{
-    aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, NewAead},
+    aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, KeyInit, KeySizeUser},
     Key,
     Tag,
     XNonce,
@@ -15,7 +15,7 @@ impl XChaCha8Poly1305 {
     }
 
     pub fn key_size() -> usize {
-        <CryptoXChaCha8Poly1305 as NewAead>::KeySize::to_usize()
+        <CryptoXChaCha8Poly1305 as KeySizeUser>::KeySize::to_usize()
     }
 
     pub fn nonce_size() -> usize {