From d7b8b6192bf75fb4d313dc4df52047a1a49be1cd Mon Sep 17 00:00:00 2001 From: Joshua Liebow-Feeser Date: Fri, 29 Sep 2023 21:35:51 +0000 Subject: [PATCH] aead: Add a safety comment --- src/aead/gcm.rs | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/aead/gcm.rs b/src/aead/gcm.rs index ffa6ee4e7c..c7ceedc843 100644 --- a/src/aead/gcm.rs +++ b/src/aead/gcm.rs @@ -125,6 +125,12 @@ impl Context { debug_assert!(input_bytes > 0); let input = input.as_ptr() as *const [u8; BLOCK_LEN]; + // SAFETY: + // - `[[u8; BLOCK_LEN]]` has the same bit validity as `[u8]`. + // - `[[u8; BLOCK_LEN]]` has the same alignment requirement as `[u8]`. + // - `input_bytes / BLOCK_LEN` ensures that the total length in bytes of + // the new `[[u8; BLOCK_LEN]]` will not be longer than the original + // `[u8]`. let input = unsafe { core::slice::from_raw_parts(input, input_bytes / BLOCK_LEN) }; let xi = &mut self.inner.Xi;