@zigc/lib 0.17.0-dev.224 → 0.17.0-dev.242

package/std/crypto/aegis.zig

@@ -55,6 +55,14 @@ pub const Aegis256X2_256 = Aegis256XGeneric(2, 256);
 /// AEGIS-256 with a 256 bit tag
 pub const Aegis256_256 = Aegis256XGeneric(1, 256);
 
+/// `inline` to avoid needless binary bloat from generic instantiations since the arguments are
+/// usually comptime-known and the function is a trivial leaf function.
+inline fn repeat16u8(comptime count: usize, part: [16]u8) [16 * count]u8 {
+    const buf: [count][part.len]u8 = @splat(part);
+    const ptr: *const [16 * count]u8 = @ptrCast(&buf);
+    return ptr.*;
+}
+
 fn State128X(comptime degree: u7) type {
     return struct {
         const AesBlockVec = crypto.core.aes.BlockVec(degree);
@@ -67,10 +75,10 @@ fn State128X(comptime degree: u7) type {
         const alignment = AesBlockVec.native_word_size;
 
         fn init(key: [16]u8, nonce: [16]u8) State {
-            const c1 = AesBlockVec.fromBytes(&[16]u8{ 0xdb, 0x3d, 0x18, 0x55, 0x6d, 0xc2, 0x2f, 0xf1, 0x20, 0x11, 0x31, 0x42, 0x73, 0xb5, 0x28, 0xdd } ** degree);
-            const c2 = AesBlockVec.fromBytes(&[16]u8{ 0x0, 0x1, 0x01, 0x02, 0x03, 0x05, 0x08, 0x0d, 0x15, 0x22, 0x37, 0x59, 0x90, 0xe9, 0x79, 0x62 } ** degree);
-            const key_block = AesBlockVec.fromBytes(&(key ** degree));
-            const nonce_block = AesBlockVec.fromBytes(&(nonce ** degree));
+            const c1 = AesBlockVec.fromBytes(&repeat16u8(degree, .{ 0xdb, 0x3d, 0x18, 0x55, 0x6d, 0xc2, 0x2f, 0xf1, 0x20, 0x11, 0x31, 0x42, 0x73, 0xb5, 0x28, 0xdd }));
+            const c2 = AesBlockVec.fromBytes(&repeat16u8(degree, .{ 0x0, 0x1, 0x01, 0x02, 0x03, 0x05, 0x08, 0x0d, 0x15, 0x22, 0x37, 0x59, 0x90, 0xe9, 0x79, 0x62 }));
+            const key_block = AesBlockVec.fromBytes(&repeat16u8(degree, key));
+            const nonce_block = AesBlockVec.fromBytes(&repeat16u8(degree, nonce));
             const blocks = [8]AesBlockVec{
                 key_block.xorBlocks(nonce_block),
                 c1,
@@ -84,7 +92,7 @@ fn State128X(comptime degree: u7) type {
             var state = State{ .blocks = blocks };
             if (degree > 1) {
                 const context_block = ctx: {
-                    var contexts_bytes = [_]u8{0} ** aes_block_length;
+                    var contexts_bytes: [aes_block_length]u8 = @splat(0);
                     for (0..degree) |i| {
                         contexts_bytes[i * 16] = @intCast(i);
                         contexts_bytes[i * 16 + 1] = @intCast(degree - 1);
@@ -150,7 +158,7 @@ fn State128X(comptime degree: u7) type {
             const blocks = &state.blocks;
             const z0 = blocks[6].xorBlocks(blocks[1]).xorBlocks(blocks[2].andBlocks(blocks[3]));
             const z1 = blocks[2].xorBlocks(blocks[5]).xorBlocks(blocks[6].andBlocks(blocks[7]));
-            var pad = [_]u8{0} ** rate;
+            var pad: [rate]u8 = @splat(0);
             pad[0..aes_block_length].* = z0.toBytes();
             pad[aes_block_length..].* = z1.toBytes();
             for (pad[0..src.len], src) |*p, x| p.* ^= x;
@@ -214,7 +222,7 @@ fn State128X(comptime degree: u7) type {
                 state.update(t, t);
             }
             if (degree > 1) {
-                var v = [_]u8{0} ** rate;
+                var v: [rate]u8 = @splat(0);
                 switch (tag_bits) {
                     128 => {
                         const tags = blocks[0].xorBlocks(blocks[1]).xorBlocks(blocks[2]).xorBlocks(blocks[3]).xorBlocks(blocks[4]).xorBlocks(blocks[5]).xorBlocks(blocks[6]).toBytes();
@@ -362,12 +370,12 @@ fn State256X(comptime degree: u7) type {
         const alignment = AesBlockVec.native_word_size;
 
         fn init(key: [32]u8, nonce: [32]u8) State {
-            const c1 = AesBlockVec.fromBytes(&[16]u8{ 0xdb, 0x3d, 0x18, 0x55, 0x6d, 0xc2, 0x2f, 0xf1, 0x20, 0x11, 0x31, 0x42, 0x73, 0xb5, 0x28, 0xdd } ** degree);
-            const c2 = AesBlockVec.fromBytes(&[16]u8{ 0x0, 0x1, 0x01, 0x02, 0x03, 0x05, 0x08, 0x0d, 0x15, 0x22, 0x37, 0x59, 0x90, 0xe9, 0x79, 0x62 } ** degree);
-            const key_block1 = AesBlockVec.fromBytes(key[0..16] ** degree);
-            const key_block2 = AesBlockVec.fromBytes(key[16..32] ** degree);
-            const nonce_block1 = AesBlockVec.fromBytes(nonce[0..16] ** degree);
-            const nonce_block2 = AesBlockVec.fromBytes(nonce[16..32] ** degree);
+            const c1 = AesBlockVec.fromBytes(&repeat16u8(degree, .{ 0xdb, 0x3d, 0x18, 0x55, 0x6d, 0xc2, 0x2f, 0xf1, 0x20, 0x11, 0x31, 0x42, 0x73, 0xb5, 0x28, 0xdd }));
+            const c2 = AesBlockVec.fromBytes(&repeat16u8(degree, .{ 0x0, 0x1, 0x01, 0x02, 0x03, 0x05, 0x08, 0x0d, 0x15, 0x22, 0x37, 0x59, 0x90, 0xe9, 0x79, 0x62 }));
+            const key_block1 = AesBlockVec.fromBytes(&repeat16u8(degree, key[0..16].*));
+            const key_block2 = AesBlockVec.fromBytes(&repeat16u8(degree, key[16..32].*));
+            const nonce_block1 = AesBlockVec.fromBytes(&repeat16u8(degree, nonce[0..16].*));
+            const nonce_block2 = AesBlockVec.fromBytes(&repeat16u8(degree, nonce[16..32].*));
             const kxn1 = key_block1.xorBlocks(nonce_block1);
             const kxn2 = key_block2.xorBlocks(nonce_block2);
             const blocks = [6]AesBlockVec{
@@ -381,7 +389,7 @@ fn State256X(comptime degree: u7) type {
             var state = State{ .blocks = blocks };
             if (degree > 1) {
                 const context_block = ctx: {
-                    var contexts_bytes = [_]u8{0} ** aes_block_length;
+                    var contexts_bytes: [aes_block_length]u8 = @splat(0);
                     for (0..degree) |i| {
                         contexts_bytes[i * 16] = @intCast(i);
                         contexts_bytes[i * 16 + 1] = @intCast(degree - 1);
@@ -509,7 +517,7 @@ fn State256X(comptime degree: u7) type {
                 state.update(t);
             }
             if (degree > 1) {
-                var v = [_]u8{0} ** rate;
+                var v: [rate]u8 = @splat(0);
                 switch (tag_bits) {
                     128 => {
                         const tags = blocks[0].xorBlocks(blocks[1]).xorBlocks(blocks[2]).xorBlocks(blocks[3]).xorBlocks(blocks[4]).xorBlocks(blocks[5]).toBytes();
@@ -746,9 +754,7 @@ fn AegisMac(comptime T: type) type {
 
         /// Initialize a state for the MAC function, with a default nonce
         pub fn init(key: *const [key_length]u8) Mac {
-            return Mac{
-                .state = T.State.init(key.*, [_]u8{0} ** nonce_length),
-            };
+            return .{ .state = .init(key.*, @splat(0)) };
         }
 
         /// Add data to the state
@@ -781,7 +787,7 @@ fn AegisMac(comptime T: type) type {
         /// Return an authentication tag for the current state
         pub fn final(self: *Mac, out: *[mac_length]u8) void {
             if (self.off > 0) {
-                var pad = [_]u8{0} ** block_length;
+                var pad: [block_length]u8 = @splat(0);
                 @memcpy(pad[0..self.off], self.buf[0..self.off]);
                 self.state.absorb(&pad);
             }
@@ -808,8 +814,8 @@ const htest = @import("test.zig");
 const testing = std.testing;
 
 test "Aegis128L test vector 1" {
-    const key: [Aegis128L.key_length]u8 = [_]u8{ 0x10, 0x01 } ++ [_]u8{0x00} ** 14;
-    const nonce: [Aegis128L.nonce_length]u8 = [_]u8{ 0x10, 0x00, 0x02 } ++ [_]u8{0x00} ** 13;
+    const key: [Aegis128L.key_length]u8 = [_]u8{ 0x10, 0x01 } ++ @as([14]u8, @splat(0x00));
+    const nonce: [Aegis128L.nonce_length]u8 = [_]u8{ 0x10, 0x00, 0x02 } ++ @as([13]u8, @splat(0x00));
     const ad = [8]u8{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
     const m = [32]u8{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f };
     var c: [m.len]u8 = undefined;
@@ -831,10 +837,10 @@ test "Aegis128L test vector 1" {
 }
 
 test "Aegis128L test vector 2" {
-    const key: [Aegis128L.key_length]u8 = [_]u8{0x00} ** 16;
-    const nonce: [Aegis128L.nonce_length]u8 = [_]u8{0x00} ** 16;
-    const ad = [_]u8{};
-    const m = [_]u8{0x00} ** 16;
+    const key: [Aegis128L.key_length]u8 = @splat(0x00);
+    const nonce: [Aegis128L.nonce_length]u8 = @splat(0x00);
+    const ad: [0]u8 = .{};
+    const m: [16]u8 = @splat(0x00);
     var c: [m.len]u8 = undefined;
     var m2: [m.len]u8 = undefined;
     var tag: [Aegis128L.tag_length]u8 = undefined;
@@ -848,8 +854,8 @@ test "Aegis128L test vector 2" {
 }
 
 test "Aegis128L test vector 3" {
-    const key: [Aegis128L.key_length]u8 = [_]u8{0x00} ** 16;
-    const nonce: [Aegis128L.nonce_length]u8 = [_]u8{0x00} ** 16;
+    const key: [Aegis128L.key_length]u8 = @splat(0x00);
+    const nonce: [Aegis128L.nonce_length]u8 = @splat(0x00);
     const ad = [_]u8{};
     const m = [_]u8{};
     var c: [m.len]u8 = undefined;
@@ -881,8 +887,8 @@ test "Aegis128X2 test vector 1" {
 }
 
 test "Aegis256 test vector 1" {
-    const key: [Aegis256.key_length]u8 = [_]u8{ 0x10, 0x01 } ++ [_]u8{0x00} ** 30;
-    const nonce: [Aegis256.nonce_length]u8 = [_]u8{ 0x10, 0x00, 0x02 } ++ [_]u8{0x00} ** 29;
+    const key: [Aegis256.key_length]u8 = [_]u8{ 0x10, 0x01 } ++ @as([30]u8, @splat(0x00));
+    const nonce: [Aegis256.nonce_length]u8 = [_]u8{ 0x10, 0x00, 0x02 } ++ @as([29]u8, @splat(0x00));
     const ad = [8]u8{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
     const m = [32]u8{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f };
     var c: [m.len]u8 = undefined;
@@ -904,10 +910,10 @@ test "Aegis256 test vector 1" {
 }
 
 test "Aegis256 test vector 2" {
-    const key: [Aegis256.key_length]u8 = [_]u8{0x00} ** 32;
-    const nonce: [Aegis256.nonce_length]u8 = [_]u8{0x00} ** 32;
+    const key: [Aegis256.key_length]u8 = @splat(0x00);
+    const nonce: [Aegis256.nonce_length]u8 = @splat(0x00);
     const ad = [_]u8{};
-    const m = [_]u8{0x00} ** 16;
+    const m: [16]u8 = @splat(0x00);
     var c: [m.len]u8 = undefined;
     var m2: [m.len]u8 = undefined;
     var tag: [Aegis256.tag_length]u8 = undefined;
@@ -921,8 +927,8 @@ test "Aegis256 test vector 2" {
 }
 
 test "Aegis256 test vector 3" {
-    const key: [Aegis256.key_length]u8 = [_]u8{0x00} ** 32;
-    const nonce: [Aegis256.nonce_length]u8 = [_]u8{0x00} ** 32;
+    const key: [Aegis256.key_length]u8 = @splat(0x00);
+    const nonce: [Aegis256.nonce_length]u8 = @splat(0x00);
     const ad = [_]u8{};
     const m = [_]u8{};
     var c: [m.len]u8 = undefined;
@@ -954,7 +960,7 @@ test "Aegis256X4 test vector 1" {
 }
 
 test "Aegis MAC" {
-    const key = [_]u8{0x00} ** Aegis128LMac.key_length;
+    const key: [Aegis128LMac.key_length]u8 = @splat(0x00);
     var msg: [64]u8 = undefined;
     for (&msg, 0..) |*m, i| {
         m.* = @as(u8, @truncate(i));
@@ -989,8 +995,8 @@ test "Aegis MAC" {
 }
 
 test "AEGISMAC-128* test vectors" {
-    const key = [_]u8{ 0x10, 0x01 } ++ [_]u8{0x00} ** (16 - 2);
-    const nonce = [_]u8{ 0x10, 0x00, 0x02 } ++ [_]u8{0x00} ** (16 - 3);
+    const key = [_]u8{ 0x10, 0x01 } ++ @as([16 - 2]u8, @splat(0x00));
+    const nonce = [_]u8{ 0x10, 0x00, 0x02 } ++ @as([16 - 3]u8, @splat(0x00));
     var msg: [35]u8 = undefined;
     for (&msg, 0..) |*byte, i| byte.* = @truncate(i);
     var mac128: [16]u8 = undefined;
@@ -1013,8 +1019,8 @@ test "AEGISMAC-128* test vectors" {
 }
 
 test "AEGISMAC-256* test vectors" {
-    const key = [_]u8{ 0x10, 0x01 } ++ [_]u8{0x00} ** (32 - 2);
-    const nonce = [_]u8{ 0x10, 0x00, 0x02 } ++ [_]u8{0x00} ** (32 - 3);
+    const key = [_]u8{ 0x10, 0x01 } ++ @as([32 - 2]u8, @splat(0x00));
+    const nonce = [_]u8{ 0x10, 0x00, 0x02 } ++ @as([32 - 3]u8, @splat(0x00));
     var msg: [35]u8 = undefined;
     for (&msg, 0..) |*byte, i| byte.* = @truncate(i);
     var mac128: [16]u8 = undefined;

package/std/crypto/aes_ccm.zig

@@ -201,7 +201,7 @@ fn AesCcm(comptime BlockCipher: type, comptime tag_len: usize, comptime nonce_le
                 const total_ad_size = ad_len_size + ad.len;
                 const remainder = total_ad_size % block_length;
                 if (remainder > 0) {
-                    const padding = [_]u8{0} ** block_length;
+                    const padding: [block_length]u8 = @splat(0);
                     ctx.update(padding[0 .. block_length - remainder]);
                 }
             }
@@ -264,8 +264,8 @@ const fmt = std.fmt;
 const hexToBytes = fmt.hexToBytes;
 
 test "Aes256Ccm8 - Encrypt decrypt round-trip" {
-    const key: [32]u8 = [_]u8{0x42} ** 32;
-    const nonce: [13]u8 = [_]u8{0x11} ** 13;
+    const key: [32]u8 = @splat(0x42);
+    const nonce: [13]u8 = @splat(0x11);
     const m = "Hello, World! This is a test message.";
     var c: [m.len]u8 = undefined;
     var m2: [m.len]u8 = undefined;
@@ -279,8 +279,8 @@ test "Aes256Ccm8 - Encrypt decrypt round-trip" {
 }
 
 test "Aes256Ccm8 - Associated data" {
-    const key: [32]u8 = [_]u8{0x42} ** 32;
-    const nonce: [13]u8 = [_]u8{0x11} ** 13;
+    const key: [32]u8 = @splat(0x42);
+    const nonce: [13]u8 = @splat(0x11);
     const m = "secret message";
     const ad = "additional authenticated data";
     var c: [m.len]u8 = undefined;
@@ -299,9 +299,9 @@ test "Aes256Ccm8 - Associated data" {
 }
 
 test "Aes256Ccm8 - Wrong key" {
-    const key: [32]u8 = [_]u8{0x42} ** 32;
-    const wrong_key: [32]u8 = [_]u8{0x43} ** 32;
-    const nonce: [13]u8 = [_]u8{0x11} ** 13;
+    const key: [32]u8 = @splat(0x42);
+    const wrong_key: [32]u8 = @splat(0x43);
+    const nonce: [13]u8 = @splat(0x11);
     const m = "secret";
     var c: [m.len]u8 = undefined;
     var m2: [m.len]u8 = undefined;
@@ -314,8 +314,8 @@ test "Aes256Ccm8 - Wrong key" {
 }
 
 test "Aes256Ccm8 - Corrupted ciphertext" {
-    const key: [32]u8 = [_]u8{0x42} ** 32;
-    const nonce: [13]u8 = [_]u8{0x11} ** 13;
+    const key: [32]u8 = @splat(0x42);
+    const nonce: [13]u8 = @splat(0x11);
     const m = "secret message";
     var c: [m.len]u8 = undefined;
     var m2: [m.len]u8 = undefined;
@@ -330,8 +330,8 @@ test "Aes256Ccm8 - Corrupted ciphertext" {
 }
 
 test "Aes256Ccm8 - Empty plaintext" {
-    const key: [32]u8 = [_]u8{0x42} ** 32;
-    const nonce: [13]u8 = [_]u8{0x11} ** 13;
+    const key: [32]u8 = @splat(0x42);
+    const nonce: [13]u8 = @splat(0x11);
     const m = "";
     var c: [m.len]u8 = undefined;
     var m2: [m.len]u8 = undefined;
@@ -345,8 +345,8 @@ test "Aes256Ccm8 - Empty plaintext" {
 }
 
 test "Aes128Ccm8 - Basic functionality" {
-    const key: [16]u8 = [_]u8{0x42} ** 16;
-    const nonce: [13]u8 = [_]u8{0x11} ** 13;
+    const key: [16]u8 = @splat(0x42);
+    const nonce: [13]u8 = @splat(0x11);
     const m = "Test AES-128-CCM";
     var c: [m.len]u8 = undefined;
     var m2: [m.len]u8 = undefined;
@@ -360,8 +360,8 @@ test "Aes128Ccm8 - Basic functionality" {
 }
 
 test "Aes256Ccm16 - 16-byte tag" {
-    const key: [32]u8 = [_]u8{0x42} ** 32;
-    const nonce: [13]u8 = [_]u8{0x11} ** 13;
+    const key: [32]u8 = @splat(0x42);
+    const nonce: [13]u8 = @splat(0x11);
     const m = "Test 16-byte tag";
     var c: [m.len]u8 = undefined;
     var m2: [m.len]u8 = undefined;
@@ -845,8 +845,8 @@ test "Aes128Ccm0 - IEEE 802.15.4 Data Frame (Encryption-only)" {
 }
 
 test "Aes128Ccm0 - Zero-length plaintext with encryption-only" {
-    const key: [16]u8 = [_]u8{0x42} ** 16;
-    const nonce: [13]u8 = [_]u8{0x11} ** 13;
+    const key: [16]u8 = @splat(0x42);
+    const nonce: [13]u8 = @splat(0x11);
     const m = "";
     const ad = "some associated data";
     var c: [m.len]u8 = undefined;
@@ -861,8 +861,8 @@ test "Aes128Ccm0 - Zero-length plaintext with encryption-only" {
 }
 
 test "Aes256Ccm0 - Basic encryption-only round-trip" {
-    const key: [32]u8 = [_]u8{0x42} ** 32;
-    const nonce: [13]u8 = [_]u8{0x11} ** 13;
+    const key: [32]u8 = @splat(0x42);
+    const nonce: [13]u8 = @splat(0x11);
     const m = "Hello, CCM* encryption-only mode!";
     var c: [m.len]u8 = undefined;
     var m2: [m.len]u8 = undefined;

package/std/crypto/aes_gcm.zig

@@ -19,8 +19,6 @@ fn AesGcm(comptime Aes: anytype) type {
         pub const nonce_length = 12;
         pub const key_length = Aes.key_bits / 8;
 
-        const zeros = [_]u8{0} ** 16;
-
         /// `c`: The ciphertext buffer to write the encrypted data to.
         /// `tag`: The authentication tag buffer to write the computed tag to.
         /// `m`: The plaintext message to encrypt.
@@ -33,7 +31,7 @@ fn AesGcm(comptime Aes: anytype) type {
 
             const aes = Aes.initEnc(key);
             var h: [16]u8 = undefined;
-            aes.encrypt(&h, &zeros);
+            aes.encrypt(&h, &@splat(0));
 
             var t: [16]u8 = undefined;
             var j: [16]u8 = undefined;
@@ -75,7 +73,7 @@ fn AesGcm(comptime Aes: anytype) type {
 
             const aes = Aes.initEnc(key);
             var h: [16]u8 = undefined;
-            aes.encrypt(&h, &zeros);
+            aes.encrypt(&h, &@splat(0));
 
             var t: [16]u8 = undefined;
             var j: [16]u8 = undefined;
@@ -118,8 +116,8 @@ const htest = @import("test.zig");
 const testing = std.testing;
 
 test "Aes256Gcm - Empty message and no associated data" {
-    const key: [Aes256Gcm.key_length]u8 = [_]u8{0x69} ** Aes256Gcm.key_length;
-    const nonce: [Aes256Gcm.nonce_length]u8 = [_]u8{0x42} ** Aes256Gcm.nonce_length;
+    const key: [Aes256Gcm.key_length]u8 = @splat(0x69);
+    const nonce: [Aes256Gcm.nonce_length]u8 = @splat(0x42);
     const ad = "";
     const m = "";
     var c: [m.len]u8 = undefined;
@@ -130,8 +128,8 @@ test "Aes256Gcm - Empty message and no associated data" {
 }
 
 test "Aes256Gcm - Associated data only" {
-    const key: [Aes256Gcm.key_length]u8 = [_]u8{0x69} ** Aes256Gcm.key_length;
-    const nonce: [Aes256Gcm.nonce_length]u8 = [_]u8{0x42} ** Aes256Gcm.nonce_length;
+    const key: [Aes256Gcm.key_length]u8 = @splat(0x69);
+    const nonce: [Aes256Gcm.nonce_length]u8 = @splat(0x42);
     const m = "";
     const ad = "Test with associated data";
     var c: [m.len]u8 = undefined;
@@ -142,8 +140,8 @@ test "Aes256Gcm - Associated data only" {
 }
 
 test "Aes256Gcm - Message only" {
-    const key: [Aes256Gcm.key_length]u8 = [_]u8{0x69} ** Aes256Gcm.key_length;
-    const nonce: [Aes256Gcm.nonce_length]u8 = [_]u8{0x42} ** Aes256Gcm.nonce_length;
+    const key: [Aes256Gcm.key_length]u8 = @splat(0x69);
+    const nonce: [Aes256Gcm.nonce_length]u8 = @splat(0x42);
     const m = "Test with message only";
     const ad = "";
     var c: [m.len]u8 = undefined;
@@ -159,8 +157,8 @@ test "Aes256Gcm - Message only" {
 }
 
 test "Aes256Gcm - Message and associated data" {
-    const key: [Aes256Gcm.key_length]u8 = [_]u8{0x69} ** Aes256Gcm.key_length;
-    const nonce: [Aes256Gcm.nonce_length]u8 = [_]u8{0x42} ** Aes256Gcm.nonce_length;
+    const key: [Aes256Gcm.key_length]u8 = @splat(0x69);
+    const nonce: [Aes256Gcm.nonce_length]u8 = @splat(0x42);
     const m = "Test with message";
     const ad = "Test with associated data";
     var c: [m.len]u8 = undefined;

package/std/crypto/aes_ocb.zig

@@ -48,7 +48,7 @@ fn AesOcb(comptime Aes: anytype) type {
             }
 
             fn init(aes_enc_ctx: EncryptCtx) Lx {
-                const zeros = [_]u8{0} ** 16;
+                const zeros: [16]u8 = @splat(0);
                 var star: Block = undefined;
                 aes_enc_ctx.encrypt(&star, &zeros);
                 const dol = double(star);
@@ -62,8 +62,8 @@ fn AesOcb(comptime Aes: anytype) type {
             const full_blocks: usize = a.len / 16;
             const x_max = if (full_blocks > 0) math.log2_int(usize, full_blocks) else 0;
             const lt = lx.precomp(x_max);
-            var sum = [_]u8{0} ** 16;
-            var offset = [_]u8{0} ** 16;
+            var sum: [16]u8 = @splat(0);
+            var offset: [16]u8 = @splat(0);
             var i: usize = 0;
             while (i < full_blocks) : (i += 1) {
                 xorWith(&offset, lt[@ctz(i + 1)]);
@@ -74,7 +74,7 @@ fn AesOcb(comptime Aes: anytype) type {
             const leftover = a.len % 16;
             if (leftover > 0) {
                 xorWith(&offset, lx.star);
-                var padded = [_]u8{0} ** 16;
+                var padded: [16]u8 = @splat(0);
                 @memcpy(padded[0..leftover], a[i * 16 ..][0..leftover]);
                 padded[leftover] = 0x80;
                 var e = xorBlocks(offset, padded);
@@ -85,7 +85,7 @@ fn AesOcb(comptime Aes: anytype) type {
         }
 
         fn getOffset(aes_enc_ctx: EncryptCtx, npub: [nonce_length]u8) Block {
-            var nx = [_]u8{0} ** 16;
+            var nx: [16]u8 = @splat(0);
             nx[0] = @as(u8, @intCast(@as(u7, @truncate(tag_length * 8)) << 1));
             nx[16 - nonce_length - 1] = 1;
             nx[nx.len - nonce_length ..].* = npub;
@@ -121,7 +121,7 @@ fn AesOcb(comptime Aes: anytype) type {
             const lt = lx.precomp(x_max);
 
             var offset = getOffset(aes_enc_ctx, npub);
-            var sum = [_]u8{0} ** 16;
+            var sum: [16]u8 = @splat(0);
             var i: usize = 0;
 
             while (wb > 0 and i + wb <= full_blocks) : (i += wb) {
@@ -155,7 +155,7 @@ fn AesOcb(comptime Aes: anytype) type {
                 xorWith(&offset, lx.star);
                 var pad = offset;
                 aes_enc_ctx.encrypt(&pad, &pad);
-                var e = [_]u8{0} ** 16;
+                var e: [16]u8 = @splat(0);
                 @memcpy(e[0..leftover], m[i * 16 ..][0..leftover]);
                 e[leftover] = 0x80;
                 for (m[i * 16 ..], 0..) |x, j| {
@@ -188,7 +188,7 @@ fn AesOcb(comptime Aes: anytype) type {
             const lt = lx.precomp(x_max);
 
             var offset = getOffset(aes_enc_ctx, npub);
-            var sum = [_]u8{0} ** 16;
+            var sum: [16]u8 = @splat(0);
             var i: usize = 0;
 
             while (wb > 0 and i + wb <= full_blocks) : (i += wb) {
@@ -226,7 +226,7 @@ fn AesOcb(comptime Aes: anytype) type {
                 for (c[i * 16 ..], 0..) |x, j| {
                     m[i * 16 + j] = pad[j] ^ x;
                 }
-                var e = [_]u8{0} ** 16;
+                var e: [16]u8 = @splat(0);
                 @memcpy(e[0..leftover], m[i * 16 ..][0..leftover]);
                 e[leftover] = 0x80;
                 xorWith(&sum, e);

package/std/crypto/argon2.zig

@@ -281,9 +281,9 @@ fn processSegment(
     slice: u32,
     lane: u24,
 ) void {
-    var addresses align(16) = [_]u64{0} ** block_length;
-    var in align(16) = [_]u64{0} ** block_length;
-    const zero align(16) = [_]u64{0} ** block_length;
+    var addresses: [block_length]u64 align(16) = @splat(0);
+    var in: [block_length]u64 align(16) = @splat(0);
+    const zero: [block_length]u64 align(16) = @splat(0);
     if (mode == .argon2i or (mode == .argon2id and n == 0 and slice < sync_points / 2)) {
         in[0] = n;
         in[1] = lane;
@@ -629,10 +629,10 @@ pub fn strVerify(
 test "argon2d" {
     if (true) return error.SkipZigTest; // https://codeberg.org/ziglang/zig/issues/30074
 
-    const password = [_]u8{0x01} ** 32;
-    const salt = [_]u8{0x02} ** 16;
-    const secret = [_]u8{0x03} ** 8;
-    const ad = [_]u8{0x04} ** 12;
+    const password: [32]u8 = @splat(0x01);
+    const salt: [16]u8 = @splat(0x02);
+    const secret: [8]u8 = @splat(0x03);
+    const ad: [12]u8 = @splat(0x04);
 
     var dk: [32]u8 = undefined;
     try kdf(
@@ -655,10 +655,10 @@ test "argon2d" {
 }
 
 test "argon2i" {
-    const password = [_]u8{0x01} ** 32;
-    const salt = [_]u8{0x02} ** 16;
-    const secret = [_]u8{0x03} ** 8;
-    const ad = [_]u8{0x04} ** 12;
+    const password: [32]u8 = @splat(0x01);
+    const salt: [16]u8 = @splat(0x02);
+    const secret: [8]u8 = @splat(0x03);
+    const ad: [12]u8 = @splat(0x04);
 
     var dk: [32]u8 = undefined;
     try kdf(
@@ -681,10 +681,10 @@ test "argon2i" {
 }
 
 test "argon2id" {
-    const password = [_]u8{0x01} ** 32;
-    const salt = [_]u8{0x02} ** 16;
-    const secret = [_]u8{0x03} ** 8;
-    const ad = [_]u8{0x04} ** 12;
+    const password: [32]u8 = @splat(0x01);
+    const salt: [16]u8 = @splat(0x02);
+    const secret: [8]u8 = @splat(0x03);
+    const ad: [12]u8 = @splat(0x04);
 
     var dk: [32]u8 = undefined;
     try kdf(

package/std/crypto/bcrypt.zig

@@ -868,20 +868,25 @@ test "bcrypt crypt format" {
         strVerify(s, "invalid password", verify_options),
     );
 
+    const password_100: []const u8 = password: {
+        const arr: [100][8]u8 = @splat("password".*);
+        break :password @ptrCast(&arr);
+    };
+
     var long_buf: [hash_length]u8 = undefined;
-    var long_s = try strHash("password" ** 100, hash_options, &long_buf, io);
+    var long_s = try strHash(password_100, hash_options, &long_buf, io);
 
     try testing.expect(mem.startsWith(u8, long_s, crypt_format.prefix));
-    try strVerify(long_s, "password" ** 100, verify_options);
+    try strVerify(long_s, password_100, verify_options);
     try testing.expectError(
         error.PasswordVerificationFailed,
-        strVerify(long_s, "password" ** 101, verify_options),
+        strVerify(long_s, password_100 ++ "password", verify_options),
     );
 
     hash_options.params.silently_truncate_password = true;
     verify_options.silently_truncate_password = true;
-    long_s = try strHash("password" ** 100, hash_options, &long_buf, io);
-    try strVerify(long_s, "password" ** 101, verify_options);
+    long_s = try strHash(password_100, hash_options, &long_buf, io);
+    try strVerify(long_s, password_100 ++ "password", verify_options);
 
     try strVerify(
         "$2b$08$WUQKyBCaKpziCwUXHiMVvu40dYVjkTxtWJlftl0PpjY2BxWSvFIEe",
@@ -909,20 +914,25 @@ test "bcrypt phc format" {
         strVerify(s, "invalid password", verify_options),
     );
 
+    const password_100: []const u8 = password: {
+        const arr: [100][8]u8 = @splat("password".*);
+        break :password @ptrCast(&arr);
+    };
+
     var long_buf: [hash_length * 2]u8 = undefined;
-    var long_s = try strHash("password" ** 100, hash_options, &long_buf, io);
+    var long_s = try strHash(password_100, hash_options, &long_buf, io);
 
     try testing.expect(mem.startsWith(u8, long_s, prefix));
-    try strVerify(long_s, "password" ** 100, verify_options);
+    try strVerify(long_s, password_100, verify_options);
     try testing.expectError(
         error.PasswordVerificationFailed,
-        strVerify(long_s, "password" ** 101, verify_options),
+        strVerify(long_s, password_100 ++ "password", verify_options),
     );
 
     hash_options.params.silently_truncate_password = true;
     verify_options.silently_truncate_password = true;
-    long_s = try strHash("password" ** 100, hash_options, &long_buf, io);
-    try strVerify(long_s, "password" ** 101, verify_options);
+    long_s = try strHash(password_100, hash_options, &long_buf, io);
+    try strVerify(long_s, password_100 ++ "password", verify_options);
 
     try strVerify(
         "$bcrypt$r=5$2NopntlgE2lX3cTwr4qz8A$r3T7iKYQNnY4hAhGjk9RmuyvgrYJZwc",

package/std/crypto/benchmark.zig

@@ -173,7 +173,7 @@ const signatures = [_]Crypto{
 };
 
 pub fn benchmarkSignature(comptime Signature: anytype, comptime signatures_count: comptime_int, io: std.Io) !u64 {
-    const msg = [_]u8{0} ** 64;
+    const msg: [64]u8 = @splat(0);
     const key_pair = Signature.KeyPair.generate(io);
 
     const start = benchTime(io);
@@ -200,7 +200,7 @@ const signature_verifications = [_]Crypto{
 };
 
 pub fn benchmarkSignatureVerification(comptime Signature: anytype, comptime signatures_count: comptime_int, io: std.Io) !u64 {
-    const msg = [_]u8{0} ** 64;
+    const msg: [64]u8 = @splat(0);
     const key_pair = Signature.KeyPair.generate(io);
     const sig = try key_pair.sign(&msg, null);
 
@@ -223,7 +223,7 @@ pub fn benchmarkSignatureVerification(comptime Signature: anytype, comptime sign
 const batch_signature_verifications = [_]Crypto{Crypto{ .ty = crypto.sign.Ed25519, .name = "ed25519" }};
 
 pub fn benchmarkBatchSignatureVerification(comptime Signature: anytype, comptime signatures_count: comptime_int, io: std.Io) !u64 {
-    const msg = [_]u8{0} ** 64;
+    const msg: [64]u8 = @splat(0);
     const key_pair = Signature.KeyPair.generate(io);
     const sig = try key_pair.sign(&msg, null);
 
@@ -367,7 +367,7 @@ pub fn benchmarkAes(comptime Aes: anytype, comptime count: comptime_int, io: Io)
     random.bytes(key[0..]);
     const ctx = Aes.initEnc(key);
 
-    var in = [_]u8{0} ** 16;
+    var in: [16]u8 = @splat(0);
 
     const start = benchTime(io);
     {
@@ -395,7 +395,7 @@ pub fn benchmarkAes8(comptime Aes: anytype, comptime count: comptime_int, io: Io
     random.bytes(key[0..]);
     const ctx = Aes.initEnc(key);
 
-    var in = [_]u8{0} ** (8 * 16);
+    var in: [8 * 16]u8 = @splat(0);
 
     const start = benchTime(io);
     {
@@ -444,7 +444,7 @@ fn benchmarkPwhash(
     comptime count: comptime_int,
     io: std.Io,
 ) !f64 {
-    const password = "testpass" ** 2;
+    const password = "testpasstestpass";
     const opts = ty.HashOptions{
         .allocator = allocator,
         .params = @as(*const ty.Params, @ptrCast(@alignCast(params))).*,
@@ -456,7 +456,7 @@ fn benchmarkPwhash(
     const strHashFnInfo = @typeInfo(@TypeOf(strHash)).@"fn";
     const needs_io = strHashFnInfo.params.len == 4 and strHashFnInfo.params[3].type == std.Io;
     const needs_salt = strHashFnInfo.params.len == 4 and strHashFnInfo.params[3].type != std.Io;
-    const salt: [16]u8 = .{0} ** 16;
+    const salt: [16]u8 = @splat(0);
 
     const start = benchTime(io);
     {