Round up bits_precision when decoding from bytes

fjarri · fjarri · commit ae9ae5a362fa · 2023-11-29T19:59:01.000-08:00
diff --git a/src/limb/encoding.rs b/src/limb/encoding.rs
@@ -34,16 +34,28 @@ impl Encoding for Limb {
 impl Limb {
     /// Decode limb from a big endian byte slice.
     ///
-    /// Panics if the slice is not the same size as [`Limb::Repr`].
+    /// Panics if the slice is larger than [`Limb::Repr`].
     pub(crate) fn from_be_slice(bytes: &[u8]) -> Self {
-        Self::from_be_bytes(bytes.try_into().expect("slice not limb-sized"))
+        let mut repr = Self::ZERO.to_be_bytes();
+        let repr_len = repr.len();
+        if bytes.len() > repr_len {
+            panic!("The given slice is larger than the limb size");
+        }
+        repr[(repr_len - bytes.len())..].copy_from_slice(bytes);
+        Self::from_be_bytes(repr)
     }
 
     /// Decode limb from a little endian byte slice.
     ///
     /// Panics if the slice is not the same size as [`Limb::Repr`].
     pub(crate) fn from_le_slice(bytes: &[u8]) -> Self {
-        Self::from_le_bytes(bytes.try_into().expect("slice not limb-sized"))
+        let mut repr = Self::ZERO.to_le_bytes();
+        let repr_len = repr.len();
+        if bytes.len() > repr_len {
+            panic!("The given slice is larger than the limb size");
+        }
+        repr[..bytes.len()].copy_from_slice(bytes);
+        Self::from_le_bytes(repr)
     }
 }
 
diff --git a/src/uint/boxed/encoding.rs b/src/uint/boxed/encoding.rs
@@ -7,62 +7,64 @@ use alloc::boxed::Box;
 /// Decoding errors for [`BoxedUint`].
 #[derive(Clone, Copy, Debug, Eq, PartialEq)]
 pub enum DecodeError {
-    /// Input is not a valid size.
+    /// Input size is too small to fit in the given precision.
     InputSize,
 
-    /// Precision is not a multiple of [`Limb::BYTES`].
+    /// The deserialized number is larger than the given precision.
     Precision,
 }
 
 impl BoxedUint {
     /// Create a new [`BoxedUint`] from the provided big endian bytes.
     ///
     /// The `bits_precision` argument represents the precision of the resulting integer, which is
-    /// fixed as this type is not arbitrary-precision. It MUST be a multiple of the limb size, i.e.
-    /// [`Limb::BITS`], or otherwise this function will return [`DecodeError::Precision`].
+    /// fixed as this type is not arbitrary-precision.
+    /// The new [`BoxedUint`] will be created with `bits_precision`
+    /// rounded up to a multiple of [`Limb::BITS`].
     ///
-    /// If the length of `bytes` (when interpreted as bits) is larger than `bits_precision`, this
-    /// function will return [`DecodeError::InputSize`].
+    /// If the length of `bytes` is larger than `bits_precision` (rounded up to a multiple of 8)
+    /// this function will return [`DecodeError::InputSize`].
+    /// If the size of the decoded integer is larger than `bits_precision`,
+    /// this function will return [`DecodeError::Precision`].
     pub fn from_be_slice(bytes: &[u8], bits_precision: usize) -> Result<Self, DecodeError> {
         if bytes.is_empty() && bits_precision == 0 {
             return Ok(Self::zero());
         }
 
-        if bits_precision % Limb::BITS != 0 {
-            return Err(DecodeError::Precision);
-        }
-
-        if bytes.len() % Limb::BYTES != 0 || bytes.len() * 8 > bits_precision {
+        if bytes.len() > (bits_precision + 7) / 8 {
             return Err(DecodeError::InputSize);
         }
 
         let mut ret = Self::zero_with_precision(bits_precision);
 
-        for (chunk, limb) in bytes.chunks(Limb::BYTES).rev().zip(ret.limbs.iter_mut()) {
+        for (chunk, limb) in bytes.rchunks(Limb::BYTES).zip(ret.limbs.iter_mut()) {
             *limb = Limb::from_be_slice(chunk);
         }
 
+        if bits_precision < ret.bits() {
+            return Err(DecodeError::Precision);
+        }
+
         Ok(ret)
     }
 
     /// Create a new [`BoxedUint`] from the provided little endian bytes.
     ///
     /// The `bits_precision` argument represents the precision of the resulting integer, which is
-    /// fixed as this type is not arbitrary-precision. It MUST be a multiple of the limb size, i.e.
-    /// [`Limb::BITS`], or otherwise this function will return [`DecodeError::Precision`].
+    /// fixed as this type is not arbitrary-precision.
+    /// The new [`BoxedUint`] will be created with `bits_precision`
+    /// rounded up to a multiple of [`Limb::BITS`].
     ///
-    /// If the length of `bytes` (when interpreted as bits) is larger than `bits_precision`, this
-    /// function will return [`DecodeError::InputSize`].
+    /// If the length of `bytes` is larger than `bits_precision` (rounded up to a multiple of 8)
+    /// this function will return [`DecodeError::InputSize`].
+    /// If the size of the decoded integer is larger than `bits_precision`,
+    /// this function will return [`DecodeError::Precision`].
     pub fn from_le_slice(bytes: &[u8], bits_precision: usize) -> Result<Self, DecodeError> {
         if bytes.is_empty() && bits_precision == 0 {
             return Ok(Self::zero());
         }
 
-        if bits_precision % Limb::BITS != 0 {
-            return Err(DecodeError::Precision);
-        }
-
-        if bytes.len() % Limb::BYTES != 0 || bytes.len() * 8 > bits_precision {
+        if bytes.len() > (bits_precision + 7) / 8 {
             return Err(DecodeError::InputSize);
         }
 
@@ -72,6 +74,10 @@ impl BoxedUint {
             *limb = Limb::from_le_slice(chunk);
         }
 
+        if bits_precision < ret.bits() {
+            return Err(DecodeError::Precision);
+        }
+
         Ok(ret)
     }
 
@@ -173,19 +179,39 @@ mod tests {
     }
 
     #[test]
+    #[cfg(target_pointer_width = "32")]
     fn from_be_slice_not_word_sized() {
-        let bytes = hex!("00112233445566778899aabbccddee");
+        let bytes = hex!("112233445566778899aabbccddeeff");
+        let n = BoxedUint::from_be_slice(&bytes, 127).unwrap();
         assert_eq!(
-            BoxedUint::from_be_slice(&bytes, 128),
-            Err(DecodeError::InputSize)
+            n.as_limbs(),
+            &[
+                Limb(0xccddeeff),
+                Limb(0x8899aabb),
+                Limb(0x44556677),
+                Limb(0x00112233)
+            ]
         );
+        assert_eq!(n.bits_precision(), 128);
     }
 
     #[test]
-    fn from_be_slice_bad_precision() {
-        let bytes = hex!("00112233445566778899aabbccddeeff");
+    #[cfg(target_pointer_width = "64")]
+    fn from_be_slice_not_word_sized() {
+        let bytes = hex!("112233445566778899aabbccddeeff");
+        let n = BoxedUint::from_be_slice(&bytes, 127).unwrap();
         assert_eq!(
-            BoxedUint::from_be_slice(&bytes, 127),
+            n.as_limbs(),
+            &[Limb(0x8899aabbccddeeff), Limb(0x0011223344556677)]
+        );
+        assert_eq!(n.bits_precision(), 128);
+    }
+
+    #[test]
+    fn from_be_slice_non_multiple_precision() {
+        let bytes = hex!("0f112233445566778899aabbccddeeff");
+        assert_eq!(
+            BoxedUint::from_be_slice(&bytes, 121),
             Err(DecodeError::Precision)
         );
     }
@@ -246,19 +272,39 @@ mod tests {
     }
 
     #[test]
+    #[cfg(target_pointer_width = "32")]
     fn from_le_slice_not_word_sized() {
         let bytes = hex!("ffeeddccbbaa998877665544332211");
+        let n = BoxedUint::from_le_slice(&bytes, 127).unwrap();
         assert_eq!(
-            BoxedUint::from_be_slice(&bytes, 128),
-            Err(DecodeError::InputSize)
+            n.as_limbs(),
+            &[
+                Limb(0xbbccddee),
+                Limb(0x778899aa),
+                Limb(0x33445566),
+                Limb(0x00001122)
+            ]
         );
+        assert_eq!(n.bits_precision(), 128);
     }
 
     #[test]
-    fn from_le_slice_bad_precision() {
-        let bytes = hex!("ffeeddccbbaa99887766554433221100");
+    #[cfg(target_pointer_width = "64")]
+    fn from_le_slice_not_word_sized() {
+        let bytes = hex!("ffeeddccbbaa998877665544332211");
+        let n = BoxedUint::from_le_slice(&bytes, 127).unwrap();
+        assert_eq!(
+            n.as_limbs(),
+            &[Limb(0x8899aabbccddeeff), Limb(0x0011223344556677)]
+        );
+        assert_eq!(n.bits_precision(), 128);
+    }
+
+    #[test]
+    fn from_le_slice_non_multiple_precision() {
+        let bytes = hex!("ffeeddccbbaa998877665544332211f0");
         assert_eq!(
-            BoxedUint::from_le_slice(&bytes, 127),
+            BoxedUint::from_le_slice(&bytes, 121),
             Err(DecodeError::Precision)
         );
     }
