Move elliptic-curve git dependency to RustCrypto's repo

bp256/Cargo.toml

@@ -13,7 +13,7 @@ edition = "2021"
 rust-version = "1.56"
 
 [dependencies]
-elliptic-curve = { git = "https://github.com/khonsulabs/traits", branch = "digest", default-features = false, features = ["hazmat", "sec1"] }
+elliptic-curve = { git = "https://github.com/RustCrypto/traits", version = "0.12.0-pre", default-features = false, features = ["hazmat", "sec1"] }
 sec1 = { version = "0.2", default-features = false }
 
 # optional dependencies

bp384/Cargo.toml

@@ -13,7 +13,7 @@ edition = "2021"
 rust-version = "1.56"
 
 [dependencies]
-elliptic-curve = { git = "https://github.com/khonsulabs/traits", branch = "digest", default-features = false, features = ["hazmat", "sec1"] }
+elliptic-curve = { git = "https://github.com/RustCrypto/traits", version = "0.12.0-pre", default-features = false, features = ["hazmat", "sec1"] }
 sec1 = { version = "0.2", default-features = false }
 
 # optional dependencies

k256/Cargo.toml

@@ -19,7 +19,7 @@ rust-version = "1.56"
 
 [dependencies]
 cfg-if = "1.0"
-elliptic-curve = { git = "https://github.com/khonsulabs/traits", branch = "digest", default-features = false, features = ["hazmat", "sec1"] }
+elliptic-curve = { git = "https://github.com/RustCrypto/traits", version = "0.12.0-pre", default-features = false, features = ["hazmat", "sec1"] }
 sec1 = { version = "0.2", default-features = false }
 
 # optional dependencies

k256/src/ecdsa/recoverable.rs

@@ -181,7 +181,7 @@ impl Signature {
         }
 
         let R = ProjectivePoint::from(R.unwrap());
-        let r_inv = r.invert().unwrap();
+        let r_inv = *r.invert();
         let u1 = -(r_inv * z);
         let u2 = r_inv * *s;
         let pk = ProjectivePoint::lincomb(&ProjectivePoint::GENERATOR, &u1, &R, &u2).to_affine();

k256/src/ecdsa/sign.rs

@@ -23,7 +23,7 @@ use elliptic_curve::{
     consts::U32,
     ops::{Invert, Reduce},
     rand_core::{CryptoRng, RngCore},
-    subtle::{Choice, ConstantTimeEq},
+    subtle::{Choice, ConstantTimeEq, CtOption},
     zeroize::Zeroize,
     IsHigh,
 };
@@ -198,7 +198,7 @@ impl SignPrimitive<Secp256k1> for Scalar {
         z: Scalar,
     ) -> Result<(Signature, Option<ecdsa_core::RecoveryId>), Error>
     where
-        K: Borrow<Scalar> + Invert<Output = Scalar>,
+        K: Borrow<Scalar> + Invert<Output = CtOption<Scalar>>,
     {
         let k_inverse = ephemeral_scalar.invert();
         let k = ephemeral_scalar.borrow();

k256/src/ecdsa/verify.rs

@@ -106,7 +106,7 @@ impl VerifyPrimitive<Secp256k1> for AffinePoint {
             return Err(Error::new());
         }
 
-        let s_inv = s.invert().unwrap();
+        let s_inv = *s.invert();
         let u1 = z * s_inv;
         let u2 = *r * s_inv;
 

p256/Cargo.toml

@@ -17,7 +17,7 @@ edition = "2021"
 rust-version = "1.56"
 
 [dependencies]
-elliptic-curve = { git = "https://github.com/khonsulabs/traits", branch = "digest", default-features = false, features = ["hazmat", "sec1"] }
+elliptic-curve = { git = "https://github.com/RustCrypto/traits", version = "0.12.0-pre", default-features = false, features = ["hazmat", "sec1"] }
 sec1 = { version = "0.2", default-features = false }
 
 # optional dependencies

p256/src/arithmetic/affine.rs

@@ -260,20 +260,24 @@ impl ToEncodedPoint<NistP256> for AffinePoint {
 
 impl ToCompactEncodedPoint<NistP256> for AffinePoint {
     /// Serialize this value as a  SEC1 compact [`EncodedPoint`]
-    fn to_compact_encoded_point(&self) -> Option<EncodedPoint> {
+    fn to_compact_encoded_point(&self) -> CtOption<EncodedPoint> {
         // Convert to canonical form for comparisons
         let y = self.y.to_canonical();
         let (p_y, borrow) = MODULUS.informed_subtract(&y);
         assert_eq!(borrow, 0);
         let (_, borrow) = p_y.informed_subtract(&y);
-        if borrow != 0 {
-            return None;
-        }
-        // Reuse the CompressedPoint type since it's the same size as a compact point
-        let mut bytes = CompressedPoint::default();
-        bytes[0] = sec1::Tag::Compact.into();
-        bytes[1..(<NistP256 as Curve>::UInt::BYTE_SIZE + 1)].copy_from_slice(&self.x.to_bytes());
-        Some(EncodedPoint::from_bytes(bytes).expect("compact key"))
+
+        CtOption::new(
+            {
+                // Reuse the CompressedPoint type since it's the same size as a compact point
+                let mut bytes = CompressedPoint::default();
+                bytes[0] = sec1::Tag::Compact.into();
+                bytes[1..(<NistP256 as Curve>::UInt::BYTE_SIZE + 1)]
+                    .copy_from_slice(&self.x.to_bytes());
+                EncodedPoint::from_bytes(bytes).expect("compact key")
+            },
+            u8::from(borrow == 0).into(),
+        )
     }
 }
 

p256/src/arithmetic/scalar/blinded.rs

@@ -44,7 +44,7 @@ impl Borrow<Scalar> for BlindedScalar {
 }
 
 impl Invert for BlindedScalar {
-    type Output = Scalar;
+    type Output = CtOption<Scalar>;
 
     fn invert(&self) -> CtOption<Scalar> {
         // prevent side channel analysis of scalar inversion by pre-and-post-multiplying

p384/Cargo.toml

@@ -14,7 +14,7 @@ rust-version = "1.56"
 
 [dependencies]
 ecdsa = { git = "https://github.com/khonsulabs/signatures", branch = "elliptic-curve-digest", optional = true, default-features = false, features = ["der"] }
-elliptic-curve = { git = "https://github.com/khonsulabs/traits", branch = "digest", default-features = false, features = ["hazmat", "sec1"] }
+elliptic-curve = { git = "https://github.com/RustCrypto/traits", version = "0.12.0-pre", default-features = false, features = ["hazmat", "sec1"] }
 sec1 = { version = "0.2", default-features = false }
 sha2 = { version = "0.10", optional = true, default-features = false }