diff --git a/src/hazmat/gcd.rs b/src/hazmat/gcd.rs index 5a69624..c51e4a2 100644 --- a/src/hazmat/gcd.rs +++ b/src/hazmat/gcd.rs @@ -18,7 +18,7 @@ pub(crate) fn gcd_vartime(n: &Uint, m: Word) -> Word { // Normalize input: the resulting (a, b) are both small, a >= b, and b != 0. let (mut a, mut b): (Word, Word) = if n.bits() > Word::BITS { // `m` is non-zero, so we can unwrap. - let r = n.rem_limb(NonZero::new(Limb::from(m)).expect("divisor ensured to be non-zero")); + let r = n.rem_limb(NonZero::new(Limb::from(m)).expect("divisor should be non-zero here")); (m, r.0) } else { // In this branch `n` is `Word::BITS` bits or shorter, diff --git a/src/hazmat/jacobi.rs b/src/hazmat/jacobi.rs index 7ec79f2..f45434f 100644 --- a/src/hazmat/jacobi.rs +++ b/src/hazmat/jacobi.rs @@ -110,7 +110,8 @@ pub(crate) fn jacobi_symbol_vartime( let (result, a_long, p) = swap(result, a, p_long.get()); // Can unwrap here, since `p` is swapped with `a`, // and `a` would be odd after `reduce_numerator()`. - let a = a_long.rem_limb(NonZero::new(Limb::from(p)).expect("ensured to be non-zero")); + let a = + a_long.rem_limb(NonZero::new(Limb::from(p)).expect("divisor should be non-zero here")); (result, a.0, p) }; diff --git a/src/hazmat/lucas.rs b/src/hazmat/lucas.rs index a759de2..5fdd962 100644 --- a/src/hazmat/lucas.rs +++ b/src/hazmat/lucas.rs @@ -192,14 +192,14 @@ fn decompose(n: &Odd>) -> (u32, Odd>) { // so we right-shifted at least once. n.as_ref() .overflowing_shr(s) - .expect("shift within range") + .expect("shift should be within range by construction") .checked_add(&Uint::ONE) - .expect("Integer overflow") + .expect("addition should not overflow by construction") } else { Uint::ONE }; - (s, Odd::new(d).expect("ensured to be odd")) + (s, Odd::new(d).expect("`d` should be odd by construction")) } /// The checks to perform in the Lucas test. diff --git a/src/hazmat/miller_rabin.rs b/src/hazmat/miller_rabin.rs index f4de251..faf1156 100644 --- a/src/hazmat/miller_rabin.rs +++ b/src/hazmat/miller_rabin.rs @@ -46,7 +46,7 @@ impl MillerRabin { // Will not overflow because `candidate` is odd and greater than 1. let d = candidate_minus_one .overflowing_shr_vartime(s) - .expect("shift within range"); + .expect("shift should be within range by construction"); (s, d) }; @@ -108,12 +108,13 @@ impl MillerRabin { let range = self.candidate.wrapping_sub(&Uint::::from(4u32)); // Can unwrap here since `candidate` is odd, and `candidate >= 4` (as checked above) - let range_nonzero = NonZero::new(range).expect("ensured to be non-zero"); + let range_nonzero = + NonZero::new(range).expect("the range should be non-zero by construction"); // This should not overflow as long as `random_mod()` behaves according to the contract // (that is, returns a number within the given range). let random = Uint::::random_mod(rng, &range_nonzero) .checked_add(&Uint::::from(3u32)) - .expect("Integer overflow"); + .expect("addition should not overflow by construction"); self.test(&random) } } diff --git a/src/hazmat/precomputed.rs b/src/hazmat/precomputed.rs index de8c0e4..ae395e5 100644 --- a/src/hazmat/precomputed.rs +++ b/src/hazmat/precomputed.rs @@ -152,7 +152,7 @@ const fn create_reciprocals() -> [Reciprocal; SMALL_PRIMES.len()] { arr[i] = Reciprocal::new( Limb(SMALL_PRIMES[i] as Word) .to_nz() - .expect("ensured to be non-zero"), + .expect("divisor should be non-zero"), ); i += 1; } diff --git a/src/hazmat/sieve.rs b/src/hazmat/sieve.rs index 3bf9c25..8b10edd 100644 --- a/src/hazmat/sieve.rs +++ b/src/hazmat/sieve.rs @@ -40,9 +40,9 @@ pub fn random_odd_uint( // Will not overflow since `bit_length` is ensured to be within the size of the integer. random |= Uint::::ONE .overflowing_shl_vartime(bit_length - 1) - .expect("shift within range"); + .expect("shift should be within range by construction"); - Odd::new(random).expect("ensured to be odd") + Odd::new(random).expect("the number should be odd by construction") } // The type we use to calculate incremental residues. @@ -164,7 +164,7 @@ impl Sieve { self.base = self .base .checked_add(&self.incr.into()) - .expect("Integer overflow"); + .expect("addition should not overflow by construction"); self.incr = 0; @@ -190,7 +190,7 @@ impl Sieve { // and `INCR_LIMIT` fits into `Residue`. let incr_limit_small: Residue = incr_limit.as_words()[0] .try_into() - .expect("ensured to fit within `Residue`"); + .expect("the increment limit should fit within `Residue`"); incr_limit_small }; @@ -233,7 +233,7 @@ impl Sieve { let mut num: Uint = self .base .checked_add(&self.incr.into()) - .expect("Integer overflow"); + .expect("addition should not overflow by construction"); if self.safe_primes { num = num.wrapping_shl_vartime(1) | Uint::::ONE; } diff --git a/src/presets.rs b/src/presets.rs index db6c379..0063dac 100644 --- a/src/presets.rs +++ b/src/presets.rs @@ -125,11 +125,12 @@ pub fn is_prime_with_rng(rng: &mut impl CryptoRngCore, num: &Uin if num == &Uint::::from(2u32) { return true; } - if num.is_even().into() { - return false; - } - let odd_num = Odd::new(*num).expect("ensured to be odd"); + let odd_num = match Odd::new(*num).into() { + Some(x) => x, + None => return false, + }; + _is_prime_with_rng(rng, &odd_num) } @@ -148,8 +149,8 @@ pub fn is_safe_prime_with_rng(rng: &mut impl CryptoRngCore, num: } // These are ensured to be odd by the check above. - let odd_num = Odd::new(*num).expect("ensured to be odd"); - let odd_half_num = Odd::new(num.wrapping_shr_vartime(1)).expect("ensured to be odd"); + let odd_num = Odd::new(*num).expect("`num` should be odd here"); + let odd_half_num = Odd::new(num.wrapping_shr_vartime(1)).expect("`num/2` should be odd here"); _is_prime_with_rng(rng, &odd_num) && _is_prime_with_rng(rng, &odd_half_num) }