ctutils: enforce Bytes* trait usage at compile-time (#1364)

tarcieri · web-flow · commit 2fc06e6fa4df · 2026-01-16T15:51:20.000-07:00
The `Bytes*` traits exist because we don't have specialization[1] and the generic implementation of these traits for `[T]` and `[T; N]` will operate a byte-at-a-time on byte slices and byte arrays, when efficient implementations from the `cmov` crate can instead perform the same operations a word-at-a-time. Adds != 1 const size assertions for `T` in the impls of `CtAssign`, `CtEq` for `[T]` and `[T; N]` as well as the `CtSelect` impl for `[T; N]` which cause a compile-time error if they're requested to be used with 1-byte values: error[E0080]: evaluation panicked: use `BytesCtEq::bytes_ct_eq` when working with byte-sized values --> ctutils/src/traits/ct_eq.rs:81:13 | 81 | / assert!( 82 | | size_of::<T>() != 1, 83 | | "use `BytesCtEq::bytes_ct_eq` when working with byte-sized values" 84 | | ); | |_____________^ evaluation of `<[u8] as traits::ct_eq::CtEq>::ct_eq::{constant#0}` failed here Each of them has been configured with a message that steers the user instead towards the appropriate `BytesCt*` trait to use instead. [1]: https://rust-lang.github.io/rfcs/1210-impl-specialization.html
diff --git a/ctutils/src/traits/ct_assign.rs b/ctutils/src/traits/ct_assign.rs
@@ -70,6 +70,13 @@ where
     #[inline]
     #[track_caller]
     fn ct_assign(&mut self, other: &Self, choice: Choice) {
+        const {
+            assert!(
+                size_of::<T>() != 1,
+                "use `BytesCtAssign::bytes_ct_assign` when working with byte-sized values"
+            );
+        }
+
         assert_eq!(
             self.len(),
             other.len(),
diff --git a/ctutils/src/traits/ct_eq.rs b/ctutils/src/traits/ct_eq.rs
@@ -77,12 +77,31 @@ impl CtEq for cmp::Ordering {
 impl<T: CtEq> CtEq for [T] {
     #[inline]
     fn ct_eq(&self, other: &[T]) -> Choice {
+        const {
+            assert!(
+                size_of::<T>() != 1,
+                "use `BytesCtEq::bytes_ct_eq` when working with byte-sized values"
+            );
+        }
+
         let mut ret = self.len().ct_eq(&other.len());
         for (a, b) in self.iter().zip(other.iter()) {
             ret &= a.ct_eq(b);
         }
         ret
     }
+
+    #[inline]
+    fn ct_ne(&self, other: &[T]) -> Choice {
+        const {
+            assert!(
+                size_of::<T>() != 1,
+                "use `BytesCtEq::bytes_ct_ne` when working with byte-sized values"
+            );
+        }
+
+        !self.ct_eq(other)
+    }
 }
 
 impl<T: CtEq, const N: usize> CtEq for [T; N] {
diff --git a/ctutils/src/traits/ct_select.rs b/ctutils/src/traits/ct_select.rs
@@ -98,6 +98,13 @@ where
 {
     #[inline]
     fn ct_select(&self, other: &Self, choice: Choice) -> Self {
+        const {
+            assert!(
+                size_of::<T>() != 1,
+                "use `BytesCtSelect::bytes_ct_select` when working with byte-sized values"
+            );
+        }
+
         core::array::from_fn(|i| T::ct_select(&self[i], &other[i], choice))
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -98,6 +98,13 @@ where`
`98`	`98`	`{`
`99`	`99`	`#[inline]`
`100`	`100`	`fn ct_select(&self, other: &Self, choice: Choice) -> Self {`
	`101`	`+ const {`
	`102`	`+ assert!(`
	`103`	`+ size_of::<T>() != 1,`
	`104`	+ "use `BytesCtSelect::bytes_ct_select` when working with byte-sized values"
	`105`	`+ );`
	`106`	`+ }`
	`107`	`+`
`101`	`108`	`core::array::from_fn(\|i\| T::ct_select(&self[i], &other[i], choice))`
`102`	`109`	`}`
`103`	`110`	`}`