Bump to 4.0.0; update curve25519-dalek (#82)

* upgrade curve25519-dalek to 4.0.0-rc.2 * clippy fixes * activate ed25519/pem only when needed * bump to 4.0.0; bump MSRV to 1.65; fix no_std support; test MSRV and no_std in CI * use rust-toolchain instead of TOML to work with (unmaitained) actions-rs/toolchain
2023-06-08 07:23:21 -03:00 · 2023-06-08 07:23:21 -03:00 · cab0bcd1ab
parent d08ae22108
commit cab0bcd1ab
9 changed files with 66 additions and 27 deletions
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -8,6 +8,20 @@ on:
      - main

 jobs:
+  test_msrv:
+    name: test on MSRV
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3.5.2
+    - uses: actions-rs/toolchain@v1.0.7
+      with:
+        # When toolchain is not specified, it uses rust-toolchain, which is the MSRV
+        override: true
+    - uses: actions-rs/cargo@v1.0.3
+      with:
+        command: test
+        args: --all-features
+
  test_nightly:
    name: test on nightly
    runs-on: ubuntu-latest
@ -23,3 +37,20 @@ jobs:
      with:
        command: test
        args: --all-features
+
+  build_no_std:
+    name: build with no_std
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3.5.2
+    - uses: actions-rs/toolchain@v1.0.7
+      with:
+        toolchain: stable
+        override: true
+        # This does not support std, so we use to test if no_std works
+        target: thumbv6m-none-eabi
+    - uses: actions-rs/cargo@v1.0.3
+      with:
+        command: build
+        # Disables std feature
+        args: --no-default-features --target thumbv6m-none-eabi
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -2,11 +2,16 @@

 Entries are listed in reverse chronological order.

-# 3.2.0
+# 4.0.0

-* Updates `sha2` version to `0.10` and `curve25519-dalek` version to `4.0.0-pre.5`.
+* `Signature` is now an alias for `ed25519::Signature`
+  * `impl From<Signature> for [u8; 64]` no longer exists; use `to_bytes()` instead.
+* `signature::{Signer, Verifier} is now implemented for  `SigningKey` and `VerificationKey`.
+* Updates `sha2` version to `0.10` and `curve25519-dalek` version to `4.0.0-rc.2`.
+* Add DER & PEM support for SigningKeySeed and VerificationKeyBytes (RFC 8410) #46 https://github.com/ZcashFoundation/ed25519-zebra/pull/46
+  * This is under the non-default `pem` and `pkcs8` features

-MSRV increased to `1.60.0`.
+MSRV increased to `1.65.0`.

 # 3.1.0

--- a/Cargo.toml
+++ b/Cargo.toml
@ -2,7 +2,8 @@
 name = "ed25519-zebra"
 # Before publishing:
 # - update CHANGELOG.md
-version = "3.1.0"
+version = "4.0.0"
+rust-version = "1.65.0"
 authors = ["Henry de Valence <hdevalence@hdevalence.ca>"]
 license = "MIT OR Apache-2.0"
 edition = "2018"
@ -15,9 +16,9 @@ features = ["nightly"]

 [dependencies]
 # "digest" is exempt from SemVer, so we should always use a specific version
-curve25519-dalek = { version = "=4.0.0-pre.5", default-features = false, features = ["alloc", "digest"] }
+curve25519-dalek = { version = "=4.0.0-rc.2", default-features = false, features = ["alloc", "digest", "zeroize", "precomputed-tables"] }
 der = { version = "0.7.1", optional = true }
-ed25519 = { version = "2.2.0", features = ["alloc", "pem"] }
+ed25519 = { version = "2.2.0", default-features = false }
 hashbrown = "0.14.0"
 hex = { version = "0.4.3", default-features = false, features = ["alloc"] }
 pkcs8 = { version = "0.10.1", optional = true, features = ["alloc", "pem"] }
@ -37,9 +38,10 @@ once_cell = "1.4"
 [features]
 nightly = []
 default = ["serde", "std"]
-pem = ["der"]
+pem = ["der", "ed25519/pem"]
 pkcs8 = ["dep:pkcs8"]
-std = []
+serde = ["dep:serde", "ed25519/serde"]
+std = ["ed25519/std"]

 [[test]]
 name = "rfc8032"
--- a/1
+++ b/1
@ -0,0 +1 @@
+1.65.0
--- a/src/lib.rs
+++ b/src/lib.rs
@ -13,7 +13,9 @@ mod error;
 mod signing_key;
 mod verification_key;

+// Allows importing traits used by `Signature`.
+pub use ed25519;
+pub use ed25519::Signature;
 pub use error::Error;
 pub use signing_key::SigningKey;
 pub use verification_key::{VerificationKey, VerificationKeyBytes};
-pub use ed25519::Signature;
--- a/src/signing_key.rs
+++ b/src/signing_key.rs
@ -7,7 +7,9 @@ const ALGORITHM_ID: AlgorithmIdentifierRef = AlgorithmIdentifierRef {
 };

 use crate::Error;
-use core::convert::{TryFrom, TryInto};
+use core::convert::TryFrom;
+#[cfg(feature = "pem")]
+use core::convert::TryInto;
 use curve25519_dalek::{constants, digest::Update, scalar::Scalar};
 use rand_core::{CryptoRng, RngCore};
 use sha2::{Digest, Sha512};
@ -15,9 +17,12 @@ use zeroize::Zeroize;

 pub use ed25519::{
    signature::{Signer, Verifier},
-    ComponentBytes, Error as Ed25519Error, KeypairBytes, PublicKeyBytes, Signature,
+    ComponentBytes, Error as Ed25519Error, Signature,
 };

+#[cfg(feature = "pem")]
+pub use ed25519::{KeypairBytes, PublicKeyBytes};
+
 #[cfg(all(feature = "pem", feature = "pkcs8"))]
 use der::pem::LineEnding;
 #[cfg(feature = "pkcs8")]
@ -118,7 +123,7 @@ impl From<[u8; 32]> for SigningKey {
        };

        // Compute the public key as A = [s]B.
-        let A = &s * &constants::ED25519_BASEPOINT_TABLE;
+        let A = &s * constants::ED25519_BASEPOINT_TABLE;

        SigningKey {
            seed,
@ -194,12 +199,14 @@ impl TryFrom<&KeypairBytes> for SigningKey {
    }
 }

+#[cfg(feature = "pem")]
 impl From<SigningKey> for KeypairBytes {
    fn from(signing_key: SigningKey) -> KeypairBytes {
        KeypairBytes::from(&signing_key)
    }
 }

+#[cfg(feature = "pem")]
 impl From<&SigningKey> for KeypairBytes {
    fn from(signing_key: &SigningKey) -> KeypairBytes {
        KeypairBytes {
@ -278,7 +285,7 @@ impl SigningKey {
    pub fn sign(&self, msg: &[u8]) -> Signature {
        let r = Scalar::from_hash(Sha512::default().chain(&self.prefix[..]).chain(msg));

-        let R_bytes = (&r * &constants::ED25519_BASEPOINT_TABLE)
+        let R_bytes = (&r * constants::ED25519_BASEPOINT_TABLE)
            .compress()
            .to_bytes();

--- a/tests/rfc8032.rs
+++ b/tests/rfc8032.rs
@ -4,10 +4,8 @@
 //! so these are basic sanity checks, rather than the more detailed test vectors
 //! in consensus.rs.

-use bincode;
 use ed25519::Signature;
 use ed25519_zebra::*;
-use hex;

 fn rfc8032_test_case(sk_bytes: Vec<u8>, pk_bytes: Vec<u8>, sig_bytes: Vec<u8>, msg: Vec<u8>) {
    let sk: SigningKey = bincode::deserialize(&sk_bytes).expect("sk should deserialize");
--- a/tests/small_order.rs
+++ b/tests/small_order.rs
@ -56,15 +56,10 @@ pub static SMALL_ORDER_SIGS: Lazy<Vec<TestCase>> = Lazy::new(|| {
            );
            let check = R + k * A;
            let non_canonical_R = R.compress().as_bytes() != R_bytes;
-            let valid_legacy = if vk_bytes == [0; 32]
+            let valid_legacy = !(vk_bytes == [0; 32]
                || util::EXCLUDED_POINT_ENCODINGS.contains(R.compress().as_bytes())
                || !check.is_identity()
-                || non_canonical_R
-            {
-                false
-            } else {
-                true
-            };
+                || non_canonical_R);

            tests.push(TestCase {
                vk_bytes,
--- a/tests/util/mod.rs
+++ b/tests/util/mod.rs
@ -181,12 +181,10 @@ pub fn order(point: EdwardsPoint) -> &'static str {
        } else {
            "8"
        }
+    } else if point.is_torsion_free() {
+        "p"
    } else {
-        if point.is_torsion_free() {
-            "p"
-        } else {
-            "8p"
-        }
+        "8p"
    }
 }