update curve25519-dalek to 4.0.0-rc.3; bump version to 4.0.1 (#88)

* update curve25519-dalek to 4.0.0-rc.3; bump version to 4.0.1

* Apply suggestions from code review

Co-authored-by: teor <teor@riseup.net>

---------

Co-authored-by: teor <teor@riseup.net>

CHANGELOG.md

@@ -2,6 +2,11 @@
 
 Entries are listed in reverse chronological order.
 
+# 4.0.1
+
+* Fix no-std build with serde activated (#87)
+* Update `curve25519-dalek` to `4.0.0-rc.3`
+
 # 4.0.0
 
 * `Signature` is now an alias for `ed25519::Signature`

Cargo.toml

@@ -2,9 +2,9 @@
 name = "ed25519-zebra"
 # Before publishing:
 # - update CHANGELOG.md
-version = "4.0.0"
+version = "4.0.1"
 rust-version = "1.65.0"
-authors = ["Henry de Valence <hdevalence@hdevalence.ca>"]
+authors = ["Henry de Valence <hdevalence@hdevalence.ca>", "Zcash Foundation <zebra@zfnd.org>"]
 license = "MIT OR Apache-2.0"
 edition = "2018"
 repository = "https://github.com/ZcashFoundation/ed25519-zebra"
@@ -16,7 +16,7 @@ features = ["nightly"]
 
 [dependencies]
 # "digest" is exempt from SemVer, so we should always use a specific version
-curve25519-dalek = { version = "=4.0.0-rc.2", default-features = false, features = ["alloc", "digest", "zeroize", "precomputed-tables"] }
+curve25519-dalek = { version = "=4.0.0-rc.3", default-features = false, features = ["alloc", "digest", "zeroize", "precomputed-tables"] }
 der = { version = "0.7.1", optional = true }
 ed25519 = { version = "2.2.0", default-features = false }
 hashbrown = "0.14.0"

src/signing_key.rs

@@ -112,7 +112,7 @@ impl From<[u8; 32]> for SigningKey {
             scalar_bytes[0] &= 248;
             scalar_bytes[31] &= 127;
             scalar_bytes[31] |= 64;
-            Scalar::from_bits(scalar_bytes)
+            Scalar::from_bytes_mod_order(scalar_bytes)
         };
 
         // Extract and cache the high half.