bash-f: minor tweaks

README.md

@@ -6,10 +6,11 @@ Collection of [sponge functions] written in pure Rust.
 
 ## Supported Algorithms
 
-| Crate      | Algorithm  | Crates.io | Documentation |
-|------------|------------|-----------|---------------|
-| [`ascon`]  | [Ascon]    | [![crates.io](https://img.shields.io/crates/v/ascon.svg)](https://crates.io/crates/ascon) | [![Documentation](https://docs.rs/ascon/badge.svg)](https://docs.rs/ascon) |
-| [`keccak`] | [Keccak]   | [![crates.io](https://img.shields.io/crates/v/keccak.svg)](https://crates.io/crates/keccak) | [![Documentation](https://docs.rs/keccak/badge.svg)](https://docs.rs/keccak) |
+| Crate      | Algorithm       | Crates.io | Documentation |
+|------------|-----------------|-----------|---------------|
+| [`ascon`]  | [Ascon]         | [![crates.io](https://img.shields.io/crates/v/ascon.svg)](https://crates.io/crates/ascon) | [![Documentation](https://docs.rs/ascon/badge.svg)](https://docs.rs/ascon) |
+| [`bash-f`] | [`bash-f`][STB] | [![crates.io](https://img.shields.io/crates/v/bash-f.svg)](https://crates.io/crates/bash-f) | [![Documentation](https://docs.rs/bash-f/badge.svg)](https://docs.rs/bash-f) |
+| [`keccak`] | [Keccak]        | [![crates.io](https://img.shields.io/crates/v/keccak.svg)](https://crates.io/crates/keccak) | [![Documentation](https://docs.rs/keccak/badge.svg)](https://docs.rs/keccak) |
 
 ## License
 
@@ -35,10 +36,12 @@ Unless you explicitly state otherwise, any contribution intentionally submitted
 [//]: # (crates)
 
 [`ascon`]: ./ascon
+[`bash-f`]: ./bash-f
 [`keccak`]: ./keccak
 
 [//]: # (algorithms)
 
 [sponge functions]: https://en.wikipedia.org/wiki/Sponge_function
 [Ascon]: https://ascon.iaik.tugraz.at/
+[STB]: https://apmi.bsu.by/assets/files/std/bash-spec241.pdf
 [Keccak]: https://keccak.team/keccak.html

bash-f/CHANGELOG.md

@@ -5,7 +5,7 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## 0.1.0 (UNRELEASED)
+## 0.1.0 (2025-10-23)
 - Initial release ([#92])
 
 [#92]: (https://github.com/RustCrypto/sponges/pull/92)

bash-f/Cargo.toml

@@ -1,13 +1,13 @@
 [package]
 name = "bash-f"
-version = "0.1.0-rc.0"
+version = "0.1.0"
 description = "Pure Rust implementation of the bash-f sponge function defined in STB 34.101.77-2020"
 license = "Apache-2.0 OR MIT"
 authors = ["RustCrypto Developers"]
 documentation = "https://docs.rs/bash"
 homepage = "https://github.com/RustCrypto/sponges/tree/master/bash"
 repository = "https://github.com/RustCrypto/sponges"
-keywords = ["bash", "belt", "permutation"]
+keywords = ["bash", "sponge", "belt", "permutation"]
 categories = ["cryptography", "no-std"]
 readme = "README.md"
 edition = "2024"

bash-f/README.md

@@ -2,27 +2,15 @@
 
 [![crate][crate-image]][crate-link]
 [![Docs][docs-image]][docs-link]
+[![Build Status][build-image]][build-link]
 ![Apache2/MIT licensed][license-image]
 ![Rust Version][rustc-image]
 [![Project Chat][chat-image]][chat-link]
-[![Build Status][build-image]][build-link]
-
-# BelHash - [STB 34.101.77-2020] Sponge-Based Cryptographic Algorithms
-
-This module implements the cryptographic algorithms defined in the Belarusian
-state standard STB 34.101.77-2020 "Sponge-based cryptographic algorithms".
-
-## Overview
 
-The standard defines a family of cryptographic algorithms built on a sponge
-construction with the `bash-f` sponge function at its core. The sponge function
-operates on 1536-bit (192-byte) states.
+Pure Rust implementation of the `bash-f` sponge function defined in the Belarusian
+state standard [STB 34.101.77-2020] "Sponge-based cryptographic algorithms".
 
-## Security Notes
-
-No security audits of this crate have ever been performed, and it has not been thoroughly assessed to ensure its operation is constant-time on common CPU architectures.
-
-USE AT YOUR OWN RISK!
+[STB 34.101.77-2020]: https://apmi.bsu.by/assets/files/std/bash-spec241.pdf
 
 ## License
 
@@ -41,18 +29,13 @@ dual licensed as above, without any additional terms or conditions.
 
 [//]: # (badges)
 
-[crate-image]: https://buildstats.info/crate/bash-f
+[crate-image]: https://img.shields.io/crates/v/bash-f.svg
 [crate-link]: https://crates.io/crates/bash-f
 [docs-image]: https://docs.rs/bash-f/badge.svg
 [docs-link]: https://docs.rs/bash-f/
+[build-image]: https://github.com/RustCrypto/sponges/actions/workflows/bash-f.yml/badge.svg
+[build-link]: https://github.com/RustCrypto/sponges/actions/workflows/bash-f.yml
 [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg
 [rustc-image]: https://img.shields.io/badge/rustc-1.85+-blue.svg
 [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg
-[chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260038-AEADs
-[downloads-image]: https://img.shields.io/crates/d/chacha20poly1305.svg
-[build-image]: https://github.com/RustCrypto/AEADs/workflows/bash-f/badge.svg?branch=master&event=push
-[build-link]: https://github.com/RustCrypto/AEADs/actions
-
-[//]: # (general links)
-
-[STB 34.101.77-2020]: https://apmi.bsu.by/assets/files/std/bash-spec241.pdf
+[chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/369879-sponges

bash-f/src/lib.rs

@@ -7,13 +7,10 @@
 #![cfg_attr(docsrs, feature(doc_cfg))]
 #![warn(missing_docs)]
 
-/// Number of 64-bit words in the state
+/// Number of 64-bit words in the [`bash-f`][bash_f] state.
 pub const STATE_WORDS: usize = 24;
 
-/// `bash-s` transformation.
-///
-/// Implements the S-box transformation defined in Section 6.1 of STB 34.101.77-2020.
-/// This is the core non-linear transformation used in the `bash-f` sponge function.
+/// `bash-s` transformation defined in Section 6.1 of STB 34.101.77-2020.
 fn bash_s(
     mut w0: u64,
     mut w1: u64,
@@ -63,14 +60,7 @@ fn bash_s(
     (w0, w1, w2)
 }
 
-/// `bash-f` sponge permutation.
-///
-/// Implements the core sponge function defined in Section 6.2 of STB 34.101.77-2020.
-/// This is a cryptographic permutation that operates on 1536-bit states.
-///
-/// # Parameters
-///
-/// - `state`: Mutable reference to 24 × 64-bit words (1536 bits total)
+/// `bash-f` sponge permutation defined in Section 6.2 of STB 34.101.77-2020.
 pub fn bash_f(state: &mut [u64; STATE_WORDS]) {
     // 1. Split S into words (S0, S1, ..., S23)
 
@@ -120,24 +110,17 @@ pub fn bash_f(state: &mut [u64; STATE_WORDS]) {
     // 4. Return S - state is modified in place
 }
 
-#[cfg(test)]
-mod tests {
-    use super::*;
-
-    /// Test vector from Table A.1 of STB 34.101.77-2020.
-    #[test]
-    fn test_bash_s_table_a1() {
-        // Constants in the spec are given using LE order
-        // For example, in spec when they write B194BAC80A08F53B, they do not mean 0xB194BAC80A08F53B, but 0x3BF5080AC8BA94B1.
-        // https://github.com/RustCrypto/sponges/pull/92#issuecomment-3433315011
-        let w0 = 0xB194BAC80A08F53Bu64.swap_bytes();
-        let w1 = 0xE12BDC1AE28257ECu64.swap_bytes();
-        let w2 = 0xE9DEE72C8F0C0FA6u64.swap_bytes();
-
-        let (w0_out, w1_out, w2_out) = bash_s(w0, w1, w2, 8, 53, 14, 1);
-
-        assert_eq!(w0_out, 0x479E76129979DC5Fu64.swap_bytes());
-        assert_eq!(w1_out, 0x0F2B2C93ED128EDDu64.swap_bytes());
-        assert_eq!(w2_out, 0x41009B1B112DFEF3u64.swap_bytes());
-    }
+/// Test vector from Table A.1 of STB 34.101.77-2020.
+#[test]
+fn test_bash_s() {
+    // Note that constants in the spec are provided using the LE order (see Section 4.2.2).
+    let w0 = 0xB194BAC80A08F53Bu64.swap_bytes();
+    let w1 = 0xE12BDC1AE28257ECu64.swap_bytes();
+    let w2 = 0xE9DEE72C8F0C0FA6u64.swap_bytes();
+
+    let (w0_out, w1_out, w2_out) = bash_s(w0, w1, w2, 8, 53, 14, 1);
+
+    assert_eq!(w0_out, 0x479E76129979DC5Fu64.swap_bytes());
+    assert_eq!(w1_out, 0x0F2B2C93ED128EDDu64.swap_bytes());
+    assert_eq!(w2_out, 0x41009B1B112DFEF3u64.swap_bytes());
 }

bash-f/tests/bash.rs

@@ -1,8 +1,9 @@
-use bash_f::bash_f;
-
 /// Test vector from Table A.2 of STB 34.101.77-2020.
 #[test]
 fn test_bash_f_table_a2() {
+    // Note that constants in the spec are provided using the LE order (see Section 4.2.2).
+    // In other words, B194BAC80A08F53B denotes not 0xB194BAC80A08F53B, but 0x3BF5080AC8BA94B1.
+    // To make comparison easier, we use the constants as-is and apply `swap_bytes` later.
     let input: [u64; 24] = [
         0xB194BAC80A08F53B,
         0x366D008E584A5DE4,
@@ -57,14 +58,10 @@ fn test_bash_f_table_a2() {
         0x7CED8E3F8B6E058E,
     ];
 
-    // Constants in the spec are given using LE order
-    // For example, in spec when they write B194BAC80A08F53B, they do not mean 0xB194BAC80A08F53B, but 0x3BF5080AC8BA94B1.
-    // https://github.com/RustCrypto/sponges/pull/92#issuecomment-3433315011
     let mut state = input.map(|x| x.swap_bytes());
+    let expected = expected.map(|x| x.swap_bytes());
 
-    bash_f(&mut state);
-
-    let output = state.map(|x| x.swap_bytes());
+    bash_f::bash_f(&mut state);
 
-    assert_eq!(output, expected);
+    assert_eq!(state, expected);
 }