diff --git a/Cargo.lock b/Cargo.lock index 6701526c9..2aa3f4525 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -312,7 +312,7 @@ dependencies = [ [[package]] name = "ecdsa" version = "0.13.4" -source = "git+https://github.com/khonsulabs/signatures?branch=elliptic-curve-digest#e40669d20d045b354f4101ea84324570b24bda3d" +source = "git+https://github.com/khonsulabs/signatures?branch=elliptic-curve-digest#b4d16876c68bcae11e9897ea1b40462601dc82e3" dependencies = [ "der", "elliptic-curve", @@ -328,8 +328,8 @@ checksum = "e78d4f1cc4ae33bbfc157ed5d5a5ef3bc29227303d595861deb238fcec4e9457" [[package]] name = "elliptic-curve" -version = "0.11.8" -source = "git+https://github.com/khonsulabs/traits?branch=digest#0d6db2f38e89aed51c5ed44cba1b90103a955e59" +version = "0.12.0-pre" +source = "git+https://github.com/RustCrypto/traits#f899a15cb2cd293d69d1b6502e7cc537d3da480d" dependencies = [ "base16ct", "base64ct", @@ -830,7 +830,7 @@ dependencies = [ [[package]] name = "rfc6979" version = "0.1.0" -source = "git+https://github.com/khonsulabs/signatures?branch=elliptic-curve-digest#e40669d20d045b354f4101ea84324570b24bda3d" +source = "git+https://github.com/khonsulabs/signatures?branch=elliptic-curve-digest#b4d16876c68bcae11e9897ea1b40462601dc82e3" dependencies = [ "crypto-bigint", "hmac", diff --git a/bp256/Cargo.toml b/bp256/Cargo.toml index 8bb7941ad..d98aed11e 100644 --- a/bp256/Cargo.toml +++ b/bp256/Cargo.toml @@ -13,7 +13,7 @@ edition = "2021" rust-version = "1.56" [dependencies] -elliptic-curve = { git = "https://github.com/khonsulabs/traits", branch = "digest", default-features = false, features = ["hazmat", "sec1"] } +elliptic-curve = { git = "https://github.com/RustCrypto/traits", version = "0.12.0-pre", default-features = false, features = ["hazmat", "sec1"] } sec1 = { version = "0.2", default-features = false } # optional dependencies diff --git a/bp384/Cargo.toml b/bp384/Cargo.toml index 4c228ef7f..253c8d52e 100644 --- a/bp384/Cargo.toml +++ b/bp384/Cargo.toml @@ -13,7 +13,7 @@ edition = "2021" rust-version = "1.56" [dependencies] -elliptic-curve = { git = "https://github.com/khonsulabs/traits", branch = "digest", default-features = false, features = ["hazmat", "sec1"] } +elliptic-curve = { git = "https://github.com/RustCrypto/traits", version = "0.12.0-pre", default-features = false, features = ["hazmat", "sec1"] } sec1 = { version = "0.2", default-features = false } # optional dependencies diff --git a/k256/Cargo.toml b/k256/Cargo.toml index acada8907..4b3cba3e6 100644 --- a/k256/Cargo.toml +++ b/k256/Cargo.toml @@ -19,7 +19,7 @@ rust-version = "1.56" [dependencies] cfg-if = "1.0" -elliptic-curve = { git = "https://github.com/khonsulabs/traits", branch = "digest", default-features = false, features = ["hazmat", "sec1"] } +elliptic-curve = { git = "https://github.com/RustCrypto/traits", version = "0.12.0-pre", default-features = false, features = ["hazmat", "sec1"] } sec1 = { version = "0.2", default-features = false } # optional dependencies diff --git a/k256/src/ecdsa/recoverable.rs b/k256/src/ecdsa/recoverable.rs index 9153baa9c..7c08a26b5 100644 --- a/k256/src/ecdsa/recoverable.rs +++ b/k256/src/ecdsa/recoverable.rs @@ -181,7 +181,7 @@ impl Signature { } let R = ProjectivePoint::from(R.unwrap()); - let r_inv = r.invert().unwrap(); + let r_inv = *r.invert(); let u1 = -(r_inv * z); let u2 = r_inv * *s; let pk = ProjectivePoint::lincomb(&ProjectivePoint::GENERATOR, &u1, &R, &u2).to_affine(); diff --git a/k256/src/ecdsa/sign.rs b/k256/src/ecdsa/sign.rs index 47d7548a5..58a572d3e 100644 --- a/k256/src/ecdsa/sign.rs +++ b/k256/src/ecdsa/sign.rs @@ -23,7 +23,7 @@ use elliptic_curve::{ consts::U32, ops::{Invert, Reduce}, rand_core::{CryptoRng, RngCore}, - subtle::{Choice, ConstantTimeEq}, + subtle::{Choice, ConstantTimeEq, CtOption}, zeroize::Zeroize, IsHigh, }; @@ -198,7 +198,7 @@ impl SignPrimitive for Scalar { z: Scalar, ) -> Result<(Signature, Option), Error> where - K: Borrow + Invert, + K: Borrow + Invert>, { let k_inverse = ephemeral_scalar.invert(); let k = ephemeral_scalar.borrow(); diff --git a/k256/src/ecdsa/verify.rs b/k256/src/ecdsa/verify.rs index 24d5b7398..53099a712 100644 --- a/k256/src/ecdsa/verify.rs +++ b/k256/src/ecdsa/verify.rs @@ -106,7 +106,7 @@ impl VerifyPrimitive for AffinePoint { return Err(Error::new()); } - let s_inv = s.invert().unwrap(); + let s_inv = *s.invert(); let u1 = z * s_inv; let u2 = *r * s_inv; diff --git a/p256/Cargo.toml b/p256/Cargo.toml index 21b85e88d..d8ac27e7f 100644 --- a/p256/Cargo.toml +++ b/p256/Cargo.toml @@ -17,7 +17,7 @@ edition = "2021" rust-version = "1.56" [dependencies] -elliptic-curve = { git = "https://github.com/khonsulabs/traits", branch = "digest", default-features = false, features = ["hazmat", "sec1"] } +elliptic-curve = { git = "https://github.com/RustCrypto/traits", version = "0.12.0-pre", default-features = false, features = ["hazmat", "sec1"] } sec1 = { version = "0.2", default-features = false } # optional dependencies diff --git a/p256/src/arithmetic/affine.rs b/p256/src/arithmetic/affine.rs index 7821f000a..4afecbf2c 100644 --- a/p256/src/arithmetic/affine.rs +++ b/p256/src/arithmetic/affine.rs @@ -260,20 +260,24 @@ impl ToEncodedPoint for AffinePoint { impl ToCompactEncodedPoint for AffinePoint { /// Serialize this value as a SEC1 compact [`EncodedPoint`] - fn to_compact_encoded_point(&self) -> Option { + fn to_compact_encoded_point(&self) -> CtOption { // Convert to canonical form for comparisons let y = self.y.to_canonical(); let (p_y, borrow) = MODULUS.informed_subtract(&y); assert_eq!(borrow, 0); let (_, borrow) = p_y.informed_subtract(&y); - if borrow != 0 { - return None; - } - // Reuse the CompressedPoint type since it's the same size as a compact point - let mut bytes = CompressedPoint::default(); - bytes[0] = sec1::Tag::Compact.into(); - bytes[1..(::UInt::BYTE_SIZE + 1)].copy_from_slice(&self.x.to_bytes()); - Some(EncodedPoint::from_bytes(bytes).expect("compact key")) + + CtOption::new( + { + // Reuse the CompressedPoint type since it's the same size as a compact point + let mut bytes = CompressedPoint::default(); + bytes[0] = sec1::Tag::Compact.into(); + bytes[1..(::UInt::BYTE_SIZE + 1)] + .copy_from_slice(&self.x.to_bytes()); + EncodedPoint::from_bytes(bytes).expect("compact key") + }, + u8::from(borrow == 0).into(), + ) } } diff --git a/p256/src/arithmetic/scalar/blinded.rs b/p256/src/arithmetic/scalar/blinded.rs index 627d08b3b..4aac591df 100644 --- a/p256/src/arithmetic/scalar/blinded.rs +++ b/p256/src/arithmetic/scalar/blinded.rs @@ -44,7 +44,7 @@ impl Borrow for BlindedScalar { } impl Invert for BlindedScalar { - type Output = Scalar; + type Output = CtOption; fn invert(&self) -> CtOption { // prevent side channel analysis of scalar inversion by pre-and-post-multiplying diff --git a/p384/Cargo.toml b/p384/Cargo.toml index d7f8dd127..8d79f35dc 100644 --- a/p384/Cargo.toml +++ b/p384/Cargo.toml @@ -14,7 +14,7 @@ rust-version = "1.56" [dependencies] ecdsa = { git = "https://github.com/khonsulabs/signatures", branch = "elliptic-curve-digest", optional = true, default-features = false, features = ["der"] } -elliptic-curve = { git = "https://github.com/khonsulabs/traits", branch = "digest", default-features = false, features = ["hazmat", "sec1"] } +elliptic-curve = { git = "https://github.com/RustCrypto/traits", version = "0.12.0-pre", default-features = false, features = ["hazmat", "sec1"] } sec1 = { version = "0.2", default-features = false } sha2 = { version = "0.10", optional = true, default-features = false }