AEAD/Polyfill: Implement ArraySplitMap and construct nonces with it.

This is a step towards eliminating the `unsafe` code in `ChunksFixed`.

chacha nonce

src/aead/aes.rs

@@ -22,7 +22,7 @@ use crate::{
     c, cpu,
     endian::BigEndian,
     error,
-    polyfill::{self, ChunksFixed},
+    polyfill::{self, ArraySplitMap},
 };
 use core::ops::RangeFrom;
 
@@ -327,8 +327,8 @@ pub(super) struct Counter([BigEndian<u32>; 4]);
 
 impl Counter {
     pub fn one(nonce: Nonce) -> Self {
-        let nonce = nonce.as_ref().chunks_fixed();
+        let [n0, n1, n2] = nonce.as_ref().array_split_map(BigEndian::<u32>::from);
-        Self([nonce[0].into(), nonce[1].into(), nonce[2].into(), 1.into()])
+        Self([n0, n1, n2, 1.into()])
     }
 
     pub fn increment(&mut self) -> Iv {

src/aead/chacha.rs

@@ -27,6 +27,7 @@ use crate::{cpu, polyfill::ChunksFixed};
 ))]
 mod fallback;
 
+use crate::polyfill::ArraySplitMap;
 use core::ops::RangeFrom;
 
 #[derive(Clone)]
@@ -159,13 +160,8 @@ impl Counter {
     }
 
     fn from_nonce_and_ctr(nonce: Nonce, ctr: u32) -> Self {
-        let nonce = nonce.as_ref().chunks_fixed();
+        let [n0, n1, n2] = nonce.as_ref().array_split_map(u32::from_le_bytes);
-        Self([
+        Self([ctr, n0, n1, n2])
-            ctr,
-            u32::from_le_bytes(nonce[0]),
-            u32::from_le_bytes(nonce[1]),
-            u32::from_le_bytes(nonce[2]),
-        ])
     }
 
     pub fn increment(&mut self) -> Iv {

src/polyfill.rs

@@ -29,6 +29,7 @@ mod chunks_fixed;
 
 mod array_flat_map;
 mod array_flatten;
+mod array_split_map;
 
 #[cfg(feature = "alloc")]
 mod leading_zeros_skipped;
@@ -39,8 +40,8 @@ mod test;
 mod unwrap_const;
 
 pub use self::{
-    array_flat_map::ArrayFlatMap, array_flatten::ArrayFlatten, chunks_fixed::*,
+    array_flat_map::ArrayFlatMap, array_flatten::ArrayFlatten, array_split_map::ArraySplitMap,
-    unwrap_const::unwrap_const,
+    chunks_fixed::*, unwrap_const::unwrap_const,
 };
 
 #[cfg(feature = "alloc")]

src/polyfill/array_split_map.rs

@@ -0,0 +1,29 @@
+// Copyright 2023 Brian Smith.
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+pub trait ArraySplitMap<I, O, const CN: usize, const ON: usize> {
+    fn array_split_map(self, f: impl Fn([I; CN]) -> O) -> [O; ON];
+}
+
+impl<I, O> ArraySplitMap<I, O, 4, 3> for [I; 12] {
+    #[inline]
+    fn array_split_map(self, f: impl Fn([I; 4]) -> O) -> [O; 3] {
+        let [a0, a1, a2, a3, b0, b1, b2, b3, c0, c1, c2, c3] = self;
+        [
+            f([a0, a1, a2, a3]),
+            f([b0, b1, b2, b3]),
+            f([c0, c1, c2, c3]),
+        ]
+    }
+}

src/polyfill/chunks_fixed.rs

@@ -27,7 +27,6 @@ macro_rules! define_chunks_fixed {
 }
 
 // Sorted by the first value, then the second value.
-define_chunks_fixed!(12, 4);
 define_chunks_fixed!(16, 4);
 define_chunks_fixed!(16, 8);
 define_chunks_fixed!(32, 4);