From 5040c6f3ccf695b0d4df20f5adc3852676f3db9a Mon Sep 17 00:00:00 2001
From: Tony Arcieri <bascule@gmail.com>
Date: Wed, 15 Jan 2020 09:09:42 -0800
Subject: [PATCH] chacha20: remove `byteorder` dependency

Uses the `core` endianess conversions instead
---
 .travis.yml               |  4 ++--
 chacha20/Cargo.toml       |  1 -
 chacha20/README.md        |  2 +-
 chacha20/src/cipher.rs    |  9 ++++-----
 chacha20/src/xchacha20.rs | 32 +++++++++-----------------------
 5 files changed, 16 insertions(+), 32 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 8f63d91b..39808151 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -32,8 +32,8 @@ matrix:
       script: cargo test --package chacha20 --release
 
     # no_std build
-    - name: "Rust: 1.32.0 (thumbv7em-none-eabihf)"
-      rust: 1.32.0
+    - name: "Rust: 1.34.0 (thumbv7em-none-eabihf)"
+      rust: 1.34.0
       install: rustup target add thumbv7em-none-eabihf
       script: cargo build --all --target thumbv7em-none-eabihf --release
     - name: "Rust: stable (thumbv7em-none-eabihf)"
diff --git a/chacha20/Cargo.toml b/chacha20/Cargo.toml
index faca7169..a26860d4 100644
--- a/chacha20/Cargo.toml
+++ b/chacha20/Cargo.toml
@@ -17,7 +17,6 @@ edition = "2018"
 travis-ci = { repository = "RustCrypto/stream-ciphers" }
 
 [dependencies]
-byteorder = { version = "1", default-features = false }
 rand_core = { version = "0.5", optional = true }
 salsa20-core = { version = "0.2", path = "../salsa20-core" }
 stream-cipher = "0.3"
diff --git a/chacha20/README.md b/chacha20/README.md
index 5bcd9b89..27a87232 100644
--- a/chacha20/README.md
+++ b/chacha20/README.md
@@ -53,7 +53,7 @@ dual licensed as above, without any additional terms or conditions.
 [docs-image]: https://docs.rs/chacha20/badge.svg
 [docs-link]: https://docs.rs/chacha20/
 [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg
-[rustc-image]: https://img.shields.io/badge/rustc-1.27+-blue.svg
+[rustc-image]: https://img.shields.io/badge/rustc-1.34+-blue.svg
 [build-image]: https://travis-ci.org/RustCrypto/stream-ciphers.svg?branch=master
 [build-link]: https://travis-ci.org/RustCrypto/stream-ciphers
 
diff --git a/chacha20/src/cipher.rs b/chacha20/src/cipher.rs
index 9b5cf62d..9addc9c9 100644
--- a/chacha20/src/cipher.rs
+++ b/chacha20/src/cipher.rs
@@ -1,8 +1,7 @@
 //! ChaCha20 cipher core implementation
 
-use super::MAX_BLOCKS;
-use crate::block::Block;
-use byteorder::{ByteOrder, LE};
+use crate::{block::Block, MAX_BLOCKS};
+use core::convert::TryInto;
 use salsa20_core::{SalsaFamilyCipher, IV_WORDS, KEY_WORDS, STATE_WORDS};
 
 /// ChaCha20 core cipher functionality
@@ -25,12 +24,12 @@ impl Cipher {
     pub fn new(key_bytes: &[u8], iv_bytes: &[u8], counter_offset: u64) -> Self {
         let mut key = [0u32; KEY_WORDS];
         for (i, chunk) in key_bytes.chunks(4).enumerate() {
-            key[i] = LE::read_u32(chunk);
+            key[i] = u32::from_le_bytes(chunk.try_into().unwrap());
         }
 
         let mut iv = [0u32; IV_WORDS];
         for (i, chunk) in iv_bytes.chunks(4).enumerate() {
-            iv[i] = LE::read_u32(chunk);
+            iv[i] = u32::from_le_bytes(chunk.try_into().unwrap());
         }
 
         Cipher {
diff --git a/chacha20/src/xchacha20.rs b/chacha20/src/xchacha20.rs
index cf596649..04b1538b 100644
--- a/chacha20/src/xchacha20.rs
+++ b/chacha20/src/xchacha20.rs
@@ -1,10 +1,7 @@
 //! XChaCha20 is an extended nonce variant of ChaCha20
 
-use super::ChaCha20;
-use crate::block::quarter_round;
-use byteorder::{ByteOrder, LE};
-#[cfg(feature = "zeroize")]
-use salsa20_core::zeroize::Zeroize;
+use crate::{block::quarter_round, ChaCha20};
+use core::convert::TryInto;
 use salsa20_core::CONSTANTS;
 use stream_cipher::generic_array::{
     typenum::{U16, U24, U32},
@@ -41,18 +38,11 @@ impl NewStreamCipher for XChaCha20 {
 
     #[allow(unused_mut, clippy::let_and_return)]
     fn new(key: &GenericArray<u8, Self::KeySize>, iv: &GenericArray<u8, Self::NonceSize>) -> Self {
+        // TODO(tarcieri): zeroize subkey
         let mut subkey = hchacha20(key, iv[..16].as_ref().into());
         let mut padded_iv = GenericArray::default();
         padded_iv[4..].copy_from_slice(&iv[16..]);
-
-        let mut result = XChaCha20(ChaCha20::new(&subkey, &padded_iv));
-
-        #[cfg(feature = "zeroize")]
-        {
-            subkey.as_mut_slice().zeroize();
-        }
-
-        result
+        XChaCha20(ChaCha20::new(&subkey, &padded_iv))
     }
 }
 
@@ -88,18 +78,14 @@ impl SyncStreamCipherSeek for XChaCha20 {
 /// <http://cr.yp.to/snuffle/xsalsa-20110204.pdf>
 fn hchacha20(key: &GenericArray<u8, U32>, input: &GenericArray<u8, U16>) -> GenericArray<u8, U32> {
     let mut state = [0u32; 16];
-
-    state[0] = CONSTANTS[0];
-    state[1] = CONSTANTS[1];
-    state[2] = CONSTANTS[2];
-    state[3] = CONSTANTS[3];
+    state[..4].copy_from_slice(&CONSTANTS);
 
     for (i, chunk) in key.chunks(4).take(8).enumerate() {
-        state[4 + i] = LE::read_u32(chunk);
+        state[4 + i] = u32::from_le_bytes(chunk.try_into().unwrap());
     }
 
     for (i, chunk) in input.chunks(4).enumerate() {
-        state[12 + i] = LE::read_u32(chunk);
+        state[12 + i] = u32::from_le_bytes(chunk.try_into().unwrap());
     }
 
     // 20 rounds consisting of 10 column rounds and 10 diagonal rounds
@@ -120,11 +106,11 @@ fn hchacha20(key: &GenericArray<u8, U32>, input: &GenericArray<u8, U16>) -> Gene
     let mut output = GenericArray::default();
 
     for (i, chunk) in output.chunks_mut(4).take(4).enumerate() {
-        LE::write_u32(chunk, state[i]);
+        chunk.copy_from_slice(&state[i].to_le_bytes());
     }
 
     for (i, chunk) in output.chunks_mut(4).skip(4).enumerate() {
-        LE::write_u32(chunk, state[i + 12]);
+        chunk.copy_from_slice(&state[i + 12].to_le_bytes());
     }
 
     output