update curve25519-dalek to 4.0.0-pre.5; sha2 to 0.10
This commit is contained in:
parent
612e51af2e
commit
c079b0e507
|
@ -2,6 +2,12 @@
|
||||||
|
|
||||||
Entries are listed in reverse chronological order.
|
Entries are listed in reverse chronological order.
|
||||||
|
|
||||||
|
# 3.2.0
|
||||||
|
|
||||||
|
* Updates `sha2` version to `0.10` and `curve25519-dalek` version to `4.0.0-pre.5`.
|
||||||
|
|
||||||
|
MSRV increased to `1.60.0`.
|
||||||
|
|
||||||
# 3.1.0
|
# 3.1.0
|
||||||
|
|
||||||
* Add no_std support by @pvdrz in https://github.com/ZcashFoundation/ed25519-zebra/pull/57
|
* Add no_std support by @pvdrz in https://github.com/ZcashFoundation/ed25519-zebra/pull/57
|
||||||
|
|
|
@ -15,11 +15,12 @@ features = ["nightly"]
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
hex = { version = "0.4", default-features = false, features = ["alloc"] }
|
hex = { version = "0.4", default-features = false, features = ["alloc"] }
|
||||||
sha2 = { version = "0.9", default-features = false }
|
sha2 = { version = "0.10", default-features = false }
|
||||||
rand_core = "0.6"
|
rand_core = "0.6"
|
||||||
curve25519-dalek = { version = "3", default-features = false, features = ["alloc", "u64_backend"] }
|
# "digest" is exempt from SemVer, so we should always use a specific version
|
||||||
|
curve25519-dalek = { version = "=4.0.0-pre.5", default-features = false, features = ["alloc", "digest"] }
|
||||||
serde = { version = "1", optional = true, features = ["derive"] }
|
serde = { version = "1", optional = true, features = ["derive"] }
|
||||||
zeroize = "1.2"
|
zeroize = "1.5"
|
||||||
hashbrown = "0.12.0"
|
hashbrown = "0.12.0"
|
||||||
|
|
||||||
[dev-dependencies]
|
[dev-dependencies]
|
||||||
|
|
10
src/batch.rs
10
src/batch.rs
|
@ -52,13 +52,14 @@ use alloc::vec::Vec;
|
||||||
use core::convert::TryFrom;
|
use core::convert::TryFrom;
|
||||||
|
|
||||||
use curve25519_dalek::{
|
use curve25519_dalek::{
|
||||||
|
digest::Update,
|
||||||
edwards::{CompressedEdwardsY, EdwardsPoint},
|
edwards::{CompressedEdwardsY, EdwardsPoint},
|
||||||
scalar::Scalar,
|
scalar::Scalar,
|
||||||
traits::{IsIdentity, VartimeMultiscalarMul},
|
traits::{IsIdentity, VartimeMultiscalarMul},
|
||||||
};
|
};
|
||||||
use hashbrown::HashMap;
|
use hashbrown::HashMap;
|
||||||
use rand_core::{CryptoRng, RngCore};
|
use rand_core::{CryptoRng, RngCore};
|
||||||
use sha2::{Digest, Sha512};
|
use sha2::Sha512;
|
||||||
|
|
||||||
use crate::{Error, Signature, VerificationKey, VerificationKeyBytes};
|
use crate::{Error, Signature, VerificationKey, VerificationKeyBytes};
|
||||||
|
|
||||||
|
@ -179,20 +180,21 @@ impl Verifier {
|
||||||
let mut As = Vec::with_capacity(m);
|
let mut As = Vec::with_capacity(m);
|
||||||
let mut R_coeffs = Vec::with_capacity(self.batch_size);
|
let mut R_coeffs = Vec::with_capacity(self.batch_size);
|
||||||
let mut Rs = Vec::with_capacity(self.batch_size);
|
let mut Rs = Vec::with_capacity(self.batch_size);
|
||||||
let mut B_coeff = Scalar::zero();
|
let mut B_coeff = Scalar::ZERO;
|
||||||
|
|
||||||
for (vk_bytes, sigs) in self.signatures.iter() {
|
for (vk_bytes, sigs) in self.signatures.iter() {
|
||||||
let A = CompressedEdwardsY(vk_bytes.0)
|
let A = CompressedEdwardsY(vk_bytes.0)
|
||||||
.decompress()
|
.decompress()
|
||||||
.ok_or(Error::InvalidSignature)?;
|
.ok_or(Error::InvalidSignature)?;
|
||||||
|
|
||||||
let mut A_coeff = Scalar::zero();
|
let mut A_coeff = Scalar::ZERO;
|
||||||
|
|
||||||
for (k, sig) in sigs.iter() {
|
for (k, sig) in sigs.iter() {
|
||||||
let R = CompressedEdwardsY(sig.R_bytes)
|
let R = CompressedEdwardsY(sig.R_bytes)
|
||||||
.decompress()
|
.decompress()
|
||||||
.ok_or(Error::InvalidSignature)?;
|
.ok_or(Error::InvalidSignature)?;
|
||||||
let s = Scalar::from_canonical_bytes(sig.s_bytes).ok_or(Error::InvalidSignature)?;
|
let s = Option::<Scalar>::from(Scalar::from_canonical_bytes(sig.s_bytes))
|
||||||
|
.ok_or(Error::InvalidSignature)?;
|
||||||
let z = Scalar::from(gen_u128(&mut rng));
|
let z = Scalar::from(gen_u128(&mut rng));
|
||||||
B_coeff -= z * s;
|
B_coeff -= z * s;
|
||||||
Rs.push(R);
|
Rs.push(R);
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
use core::convert::TryFrom;
|
use core::convert::TryFrom;
|
||||||
|
|
||||||
use curve25519_dalek::{constants, scalar::Scalar};
|
use curve25519_dalek::{constants, digest::Update, scalar::Scalar};
|
||||||
use rand_core::{CryptoRng, RngCore};
|
use rand_core::{CryptoRng, RngCore};
|
||||||
use sha2::{Digest, Sha512};
|
use sha2::{Digest, Sha512};
|
||||||
|
|
||||||
|
|
|
@ -1,11 +1,12 @@
|
||||||
use core::convert::{TryFrom, TryInto};
|
use core::convert::{TryFrom, TryInto};
|
||||||
|
|
||||||
use curve25519_dalek::{
|
use curve25519_dalek::{
|
||||||
|
digest::Update,
|
||||||
edwards::{CompressedEdwardsY, EdwardsPoint},
|
edwards::{CompressedEdwardsY, EdwardsPoint},
|
||||||
scalar::Scalar,
|
scalar::Scalar,
|
||||||
traits::IsIdentity,
|
traits::IsIdentity,
|
||||||
};
|
};
|
||||||
use sha2::{Digest, Sha512};
|
use sha2::Sha512;
|
||||||
|
|
||||||
use crate::{Error, Signature};
|
use crate::{Error, Signature};
|
||||||
|
|
||||||
|
@ -14,7 +15,7 @@ use crate::{Error, Signature};
|
||||||
///
|
///
|
||||||
/// This is useful for representing an encoded verification key, while the
|
/// This is useful for representing an encoded verification key, while the
|
||||||
/// [`VerificationKey`] type in this library caches other decoded state used in
|
/// [`VerificationKey`] type in this library caches other decoded state used in
|
||||||
/// signature verification.
|
/// signature verification.
|
||||||
///
|
///
|
||||||
/// A `VerificationKeyBytes` can be used to verify a single signature using the
|
/// A `VerificationKeyBytes` can be used to verify a single signature using the
|
||||||
/// following idiom:
|
/// following idiom:
|
||||||
|
@ -185,7 +186,8 @@ impl VerificationKey {
|
||||||
#[allow(non_snake_case)]
|
#[allow(non_snake_case)]
|
||||||
pub(crate) fn verify_prehashed(&self, signature: &Signature, k: Scalar) -> Result<(), Error> {
|
pub(crate) fn verify_prehashed(&self, signature: &Signature, k: Scalar) -> Result<(), Error> {
|
||||||
// `s_bytes` MUST represent an integer less than the prime `l`.
|
// `s_bytes` MUST represent an integer less than the prime `l`.
|
||||||
let s = Scalar::from_canonical_bytes(signature.s_bytes).ok_or(Error::InvalidSignature)?;
|
let s = Option::<Scalar>::from(Scalar::from_canonical_bytes(signature.s_bytes))
|
||||||
|
.ok_or(Error::InvalidSignature)?;
|
||||||
// `R_bytes` MUST be an encoding of a point on the twisted Edwards form of Curve25519.
|
// `R_bytes` MUST be an encoding of a point on the twisted Edwards form of Curve25519.
|
||||||
let R = CompressedEdwardsY(signature.R_bytes)
|
let R = CompressedEdwardsY(signature.R_bytes)
|
||||||
.decompress()
|
.decompress()
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
use color_eyre::Report;
|
use color_eyre::Report;
|
||||||
use curve25519_dalek::{
|
use curve25519_dalek::{
|
||||||
constants::EIGHT_TORSION, edwards::CompressedEdwardsY, scalar::Scalar, traits::IsIdentity,
|
constants::EIGHT_TORSION, digest::Update, edwards::CompressedEdwardsY, scalar::Scalar,
|
||||||
|
traits::IsIdentity,
|
||||||
};
|
};
|
||||||
use once_cell::sync::Lazy;
|
use once_cell::sync::Lazy;
|
||||||
use sha2::{Digest, Sha512};
|
use sha2::Sha512;
|
||||||
|
|
||||||
mod util;
|
mod util;
|
||||||
use util::TestCase;
|
use util::TestCase;
|
||||||
|
@ -11,7 +12,7 @@ use util::TestCase;
|
||||||
#[allow(non_snake_case)]
|
#[allow(non_snake_case)]
|
||||||
pub static SMALL_ORDER_SIGS: Lazy<Vec<TestCase>> = Lazy::new(|| {
|
pub static SMALL_ORDER_SIGS: Lazy<Vec<TestCase>> = Lazy::new(|| {
|
||||||
let mut tests = Vec::new();
|
let mut tests = Vec::new();
|
||||||
let s = Scalar::zero();
|
let s = Scalar::ZERO;
|
||||||
|
|
||||||
// Use all the canonical encodings of the 8-torsion points,
|
// Use all the canonical encodings of the 8-torsion points,
|
||||||
// and the low-order non-canonical encodings.
|
// and the low-order non-canonical encodings.
|
||||||
|
|
Loading…
Reference in New Issue