zecfoundation
/
ed25519-zebra
mirror of https://github.com/ZcashFoundation/ed25519-zebra.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

update curve25519-dalek to 4.0.0-pre.5; sha2 to 0.10

This commit is contained in:
Conrado Gouvea 2023-01-16 15:32:43 -03:00 committed by Deirdre Connolly
parent 612e51af2e
commit c079b0e507
6 changed files with 26 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGELOG.md
View File

@ -2,6 +2,12 @@
Entries are listed in reverse chronological order. Entries are listed in reverse chronological order.
# 3.2.0
* Updates `sha2` version to `0.10` and `curve25519-dalek` version to `4.0.0-pre.5`.
MSRV increased to `1.60.0`.
# 3.1.0 # 3.1.0
* Add no_std support by @pvdrz in https://github.com/ZcashFoundation/ed25519-zebra/pull/57 * Add no_std support by @pvdrz in https://github.com/ZcashFoundation/ed25519-zebra/pull/57

7
Cargo.toml
View File

@ -15,11 +15,12 @@ features = ["nightly"]
[dependencies] [dependencies]
hex = { version = "0.4", default-features = false, features = ["alloc"] } hex = { version = "0.4", default-features = false, features = ["alloc"] }
sha2 = { version = "0.9", default-features = false } sha2 = { version = "0.10", default-features = false }
rand_core = "0.6" rand_core = "0.6"
curve25519-dalek = { version = "3", default-features = false, features = ["alloc", "u64_backend"] } # "digest" is exempt from SemVer, so we should always use a specific version
curve25519-dalek = { version = "=4.0.0-pre.5", default-features = false, features = ["alloc", "digest"] }
serde = { version = "1", optional = true, features = ["derive"] } serde = { version = "1", optional = true, features = ["derive"] }
zeroize = "1.2" zeroize = "1.5"
hashbrown = "0.12.0" hashbrown = "0.12.0"
[dev-dependencies] [dev-dependencies]

10
src/batch.rs
View File

@ -52,13 +52,14 @@ use alloc::vec::Vec;
use core::convert::TryFrom; use core::convert::TryFrom;
use curve25519_dalek::{ use curve25519_dalek::{
digest::Update,
edwards::{CompressedEdwardsY, EdwardsPoint}, edwards::{CompressedEdwardsY, EdwardsPoint},
scalar::Scalar, scalar::Scalar,
traits::{IsIdentity, VartimeMultiscalarMul}, traits::{IsIdentity, VartimeMultiscalarMul},
}; };
use hashbrown::HashMap; use hashbrown::HashMap;
use rand_core::{CryptoRng, RngCore}; use rand_core::{CryptoRng, RngCore};
use sha2::{Digest, Sha512}; use sha2::Sha512;
use crate::{Error, Signature, VerificationKey, VerificationKeyBytes}; use crate::{Error, Signature, VerificationKey, VerificationKeyBytes};
@ -179,20 +180,21 @@ impl Verifier {
let mut As = Vec::with_capacity(m); let mut As = Vec::with_capacity(m);
let mut R_coeffs = Vec::with_capacity(self.batch_size); let mut R_coeffs = Vec::with_capacity(self.batch_size);
let mut Rs = Vec::with_capacity(self.batch_size); let mut Rs = Vec::with_capacity(self.batch_size);
let mut B_coeff = Scalar::zero(); let mut B_coeff = Scalar::ZERO;
for (vk_bytes, sigs) in self.signatures.iter() { for (vk_bytes, sigs) in self.signatures.iter() {
let A = CompressedEdwardsY(vk_bytes.0) let A = CompressedEdwardsY(vk_bytes.0)
.decompress() .decompress()
.ok_or(Error::InvalidSignature)?; .ok_or(Error::InvalidSignature)?;
let mut A_coeff = Scalar::zero(); let mut A_coeff = Scalar::ZERO;
for (k, sig) in sigs.iter() { for (k, sig) in sigs.iter() {
let R = CompressedEdwardsY(sig.R_bytes) let R = CompressedEdwardsY(sig.R_bytes)
.decompress() .decompress()
.ok_or(Error::InvalidSignature)?; .ok_or(Error::InvalidSignature)?;
let s = Scalar::from_canonical_bytes(sig.s_bytes).ok_or(Error::InvalidSignature)?; let s = Option::<Scalar>::from(Scalar::from_canonical_bytes(sig.s_bytes))
.ok_or(Error::InvalidSignature)?;
let z = Scalar::from(gen_u128(&mut rng)); let z = Scalar::from(gen_u128(&mut rng));
B_coeff -= z * s; B_coeff -= z * s;
Rs.push(R); Rs.push(R);

2
src/signing_key.rs
View File

@ -1,6 +1,6 @@
use core::convert::TryFrom; use core::convert::TryFrom;
use curve25519_dalek::{constants, scalar::Scalar}; use curve25519_dalek::{constants, digest::Update, scalar::Scalar};
use rand_core::{CryptoRng, RngCore}; use rand_core::{CryptoRng, RngCore};
use sha2::{Digest, Sha512}; use sha2::{Digest, Sha512};

8
src/verification_key.rs
View File

@ -1,11 +1,12 @@
use core::convert::{TryFrom, TryInto}; use core::convert::{TryFrom, TryInto};
use curve25519_dalek::{ use curve25519_dalek::{
digest::Update,
edwards::{CompressedEdwardsY, EdwardsPoint}, edwards::{CompressedEdwardsY, EdwardsPoint},
scalar::Scalar, scalar::Scalar,
traits::IsIdentity, traits::IsIdentity,
}; };
use sha2::{Digest, Sha512}; use sha2::Sha512;
use crate::{Error, Signature}; use crate::{Error, Signature};
@ -14,7 +15,7 @@ use crate::{Error, Signature};
/// ///
/// This is useful for representing an encoded verification key, while the /// This is useful for representing an encoded verification key, while the
/// [`VerificationKey`] type in this library caches other decoded state used in /// [`VerificationKey`] type in this library caches other decoded state used in
/// signature verification. /// signature verification.
/// ///
/// A `VerificationKeyBytes` can be used to verify a single signature using the /// A `VerificationKeyBytes` can be used to verify a single signature using the
/// following idiom: /// following idiom:
@ -185,7 +186,8 @@ impl VerificationKey {
#[allow(non_snake_case)] #[allow(non_snake_case)]
pub(crate) fn verify_prehashed(&self, signature: &Signature, k: Scalar) -> Result<(), Error> { pub(crate) fn verify_prehashed(&self, signature: &Signature, k: Scalar) -> Result<(), Error> {
// `s_bytes` MUST represent an integer less than the prime `l`. // `s_bytes` MUST represent an integer less than the prime `l`.
let s = Scalar::from_canonical_bytes(signature.s_bytes).ok_or(Error::InvalidSignature)?; let s = Option::<Scalar>::from(Scalar::from_canonical_bytes(signature.s_bytes))
.ok_or(Error::InvalidSignature)?;
// `R_bytes` MUST be an encoding of a point on the twisted Edwards form of Curve25519. // `R_bytes` MUST be an encoding of a point on the twisted Edwards form of Curve25519.
let R = CompressedEdwardsY(signature.R_bytes) let R = CompressedEdwardsY(signature.R_bytes)
.decompress() .decompress()

7
tests/small_order.rs
View File

@ -1,9 +1,10 @@
use color_eyre::Report; use color_eyre::Report;
use curve25519_dalek::{ use curve25519_dalek::{
constants::EIGHT_TORSION, edwards::CompressedEdwardsY, scalar::Scalar, traits::IsIdentity, constants::EIGHT_TORSION, digest::Update, edwards::CompressedEdwardsY, scalar::Scalar,
traits::IsIdentity,
}; };
use once_cell::sync::Lazy; use once_cell::sync::Lazy;
use sha2::{Digest, Sha512}; use sha2::Sha512;
mod util; mod util;
use util::TestCase; use util::TestCase;
@ -11,7 +12,7 @@ use util::TestCase;
#[allow(non_snake_case)] #[allow(non_snake_case)]
pub static SMALL_ORDER_SIGS: Lazy<Vec<TestCase>> = Lazy::new(|| { pub static SMALL_ORDER_SIGS: Lazy<Vec<TestCase>> = Lazy::new(|| {
let mut tests = Vec::new(); let mut tests = Vec::new();
let s = Scalar::zero(); let s = Scalar::ZERO;
// Use all the canonical encodings of the 8-torsion points, // Use all the canonical encodings of the 8-torsion points,
// and the low-order non-canonical encodings. // and the low-order non-canonical encodings.