Update elliptic-curve, digest and ecdsa

RustCrypto · Jan 18, 2022 · e5577c4 · e5577c4
1 parent ed8b48c
commit e5577c4
Show file tree

Hide file tree

Showing 9 changed files with 94 additions and 72 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/bp256/Cargo.toml b/bp256/Cargo.toml
@@ -13,12 +13,12 @@ edition = "2021"
 rust-version = "1.56"
 
 [dependencies]
-elliptic-curve = { version = "0.11", default-features = false, features = ["hazmat", "sec1"] }
+elliptic-curve = { git = "https://github.com/khonsulabs/traits", branch = "digest", default-features = false, features = ["hazmat", "sec1"] }
 sec1 = { version = "0.2", default-features = false }
 
 # optional dependencies
-ecdsa = { version = "0.13", optional = true, default-features = false, features = ["der"] }
-sha2 = { version = "0.9", optional = true, default-features = false }
+ecdsa = { git = "https://github.com/khonsulabs/signatures", branch = "elliptic-curve-digest", optional = true, default-features = false, features = ["der"] }
+sha2 = { version = "0.10", optional = true, default-features = false }
 
 [features]
 default = ["pkcs8", "std"]

diff --git a/bp384/Cargo.toml b/bp384/Cargo.toml
@@ -13,12 +13,12 @@ edition = "2021"
 rust-version = "1.56"
 
 [dependencies]
-elliptic-curve = { version = "0.11", default-features = false, features = ["hazmat", "sec1"] }
+elliptic-curve = { git = "https://github.com/khonsulabs/traits", branch = "digest", default-features = false, features = ["hazmat", "sec1"] }
 sec1 = { version = "0.2", default-features = false }
 
 # optional dependencies
-ecdsa = { version = "0.13", optional = true, default-features = false, features = ["der"] }
-sha2 = { version = "0.9", optional = true, default-features = false }
+ecdsa = { git = "https://github.com/khonsulabs/signatures", branch = "elliptic-curve-digest", optional = true, default-features = false, features = ["der"] }
+sha2 = { version = "0.10", optional = true, default-features = false }
 
 [features]
 default = ["pkcs8", "std"]

diff --git a/k256/Cargo.toml b/k256/Cargo.toml
@@ -19,19 +19,19 @@ rust-version = "1.56"
 
 [dependencies]
 cfg-if = "1.0"
-elliptic-curve = { version = "0.11.7", default-features = false, features = ["hazmat", "sec1"] }
+elliptic-curve = { git = "https://github.com/khonsulabs/traits", branch = "digest", default-features = false, features = ["hazmat", "sec1"] }
 sec1 = { version = "0.2", default-features = false }
 
 # optional dependencies
-ecdsa-core = { version = "0.13", package = "ecdsa", optional = true, default-features = false, features = ["der"] }
+ecdsa-core = { git = "https://github.com/khonsulabs/signatures", branch = "elliptic-curve-digest", package = "ecdsa", optional = true, default-features = false, features = ["der"] }
 hex-literal = { version = "0.3", optional = true }
-sha2 = { version = "0.9", optional = true, default-features = false }
-sha3 = { version = "0.9", optional = true, default-features = false }
+sha2 = { version = "0.10", optional = true, default-features = false }
+sha3 = { version = "0.10", optional = true, default-features = false }
 
 [dev-dependencies]
 blobby = "0.3"
 criterion = "0.3"
-ecdsa-core = { version = "0.13", package = "ecdsa", default-features = false, features = ["dev"] }
+ecdsa-core = { git = "https://github.com/khonsulabs/signatures", branch = "elliptic-curve-digest", package = "ecdsa", default-features = false, features = ["dev"] }
 hex-literal = "0.3"
 num-bigint = "0.4"
 num-traits = "0.2"

diff --git a/k256/src/ecdsa/recoverable.rs b/k256/src/ecdsa/recoverable.rs
@@ -107,7 +107,7 @@ impl Signature {
         msg: &[u8],
         signature: &super::Signature,
     ) -> Result<Self> {
-        Self::from_digest_trial_recovery(public_key, Keccak256::new().chain(msg), signature)
+        Self::from_digest_trial_recovery(public_key, Keccak256::new().chain_update(msg), signature)
     }
 
     /// Given a public key, message digest, and signature, use trial recovery
@@ -148,7 +148,7 @@ impl Signature {
     #[cfg_attr(docsrs, doc(cfg(feature = "ecdsa")))]
     #[cfg_attr(docsrs, doc(cfg(feature = "keccak256")))]
     pub fn recover_verify_key(&self, msg: &[u8]) -> Result<VerifyingKey> {
-        self.recover_verify_key_from_digest(Keccak256::new().chain(msg))
+        self.recover_verify_key_from_digest(Keccak256::new().chain_update(msg))
     }
 
     /// Recover the public key used to create the given signature as a
@@ -362,7 +362,7 @@ mod tests {
     fn public_key_recovery() {
         for vector in VECTORS {
             let sig = Signature::try_from(&vector.sig[..]).unwrap();
-            let prehash = Sha256::new().chain(vector.msg);
+            let prehash = Sha256::new().chain_update(vector.msg);
             let pk = sig.recover_verify_key_from_digest(prehash).unwrap();
             assert_eq!(&vector.pk[..], EncodedPoint::from(&pk).as_bytes());
         }

diff --git a/k256/src/ecdsa/sign.rs b/k256/src/ecdsa/sign.rs
@@ -9,7 +9,12 @@ use core::{
 use ecdsa_core::{
     hazmat::{rfc6979_generate_k, SignPrimitive},
     signature::{
-        digest::{BlockInput, FixedOutput, Reset, Update},
+        digest::{
+            block_buffer::Eager,
+            core_api::{BlockSizeUser, BufferKindUser, CoreProxy, FixedOutputCore},
+            generic_array::typenum::{self, IsLess, Le, NonZero},
+            Digest, HashMarker, OutputSizeUser,
+        },
         DigestSigner, RandomizedDigestSigner,
     },
 };
@@ -24,7 +29,7 @@ use elliptic_curve::{
 };
 
 #[cfg(any(feature = "keccak256", feature = "sha256"))]
-use ecdsa_core::signature::{self, digest::Digest, PrehashSignature, RandomizedSigner};
+use ecdsa_core::signature::{self, PrehashSignature, RandomizedSigner};
 
 #[cfg(feature = "pkcs8")]
 use crate::pkcs8::{self, DecodePrivateKey};
@@ -77,7 +82,7 @@ where
     Self: DigestSigner<S::Digest, S>,
 {
     fn try_sign(&self, msg: &[u8]) -> Result<S, Error> {
-        self.try_sign_digest(Digest::chain(S::Digest::new(), msg))
+        self.try_sign_digest(Digest::chain_update(S::Digest::new(), msg))
     }
 }
 
@@ -88,13 +93,22 @@ where
     Self: RandomizedDigestSigner<S::Digest, S>,
 {
     fn try_sign_with_rng(&self, rng: impl CryptoRng + RngCore, msg: &[u8]) -> Result<S, Error> {
-        self.try_sign_digest_with_rng(rng, S::Digest::new().chain(msg))
+        self.try_sign_digest_with_rng(rng, S::Digest::new().chain_update(msg))
     }
 }
 
 impl<D> DigestSigner<D, Signature> for SigningKey
 where
-    D: BlockInput + FixedOutput<OutputSize = U32> + Clone + Default + Reset + Update,
+    D: CoreProxy + Digest + OutputSizeUser<OutputSize = U32>,
+    D::Core: BlockSizeUser
+        + BufferKindUser<BufferKind = Eager>
+        + Clone
+        + Default
+        + FixedOutputCore
+        + HashMarker
+        + OutputSizeUser<OutputSize = D::OutputSize>,
+    <D::Core as BlockSizeUser>::BlockSize: IsLess<typenum::U256>,
+    Le<<D::Core as BlockSizeUser>::BlockSize, typenum::U256>: NonZero,
 {
     fn try_sign_digest(&self, digest: D) -> Result<Signature, Error> {
         let sig: recoverable::Signature = self.try_sign_digest(digest)?;
@@ -104,10 +118,19 @@ where
 
 impl<D> DigestSigner<D, recoverable::Signature> for SigningKey
 where
-    D: BlockInput + FixedOutput<OutputSize = U32> + Clone + Default + Reset + Update,
+    D: CoreProxy + Digest + OutputSizeUser<OutputSize = U32>,
+    D::Core: BlockSizeUser
+        + BufferKindUser<BufferKind = Eager>
+        + Clone
+        + Default
+        + FixedOutputCore
+        + HashMarker
+        + OutputSizeUser<OutputSize = D::OutputSize>,
+    <D::Core as BlockSizeUser>::BlockSize: IsLess<typenum::U256>,
+    Le<<D::Core as BlockSizeUser>::BlockSize, typenum::U256>: NonZero,
 {
     fn try_sign_digest(&self, msg_digest: D) -> Result<recoverable::Signature, Error> {
-        let z = <Scalar as Reduce<U256>>::from_be_bytes_reduced(msg_digest.finalize_fixed());
+        let z = <Scalar as Reduce<U256>>::from_be_bytes_reduced(msg_digest.finalize());
         let k = rfc6979_generate_k::<_, D>(&self.inner, &z, &[]);
         let (signature, recid) = self.inner.try_sign_prehashed(**k, z)?;
         let recoverable_id = recid.ok_or_else(Error::new)?.try_into()?;
@@ -117,7 +140,16 @@ where
 
 impl<D> RandomizedDigestSigner<D, Signature> for SigningKey
 where
-    D: BlockInput + FixedOutput<OutputSize = U32> + Clone + Default + Reset + Update,
+    D: CoreProxy + OutputSizeUser<OutputSize = U32> + Digest,
+    D::Core: BlockSizeUser
+        + BufferKindUser<BufferKind = Eager>
+        + Clone
+        + Default
+        + FixedOutputCore
+        + HashMarker
+        + OutputSizeUser<OutputSize = D::OutputSize>,
+    <D::Core as BlockSizeUser>::BlockSize: IsLess<typenum::U256>,
+    Le<<D::Core as BlockSizeUser>::BlockSize, typenum::U256>: NonZero,
 {
     fn try_sign_digest_with_rng(
         &self,
@@ -131,7 +163,16 @@ where
 
 impl<D> RandomizedDigestSigner<D, recoverable::Signature> for SigningKey
 where
-    D: BlockInput + FixedOutput<OutputSize = U32> + Clone + Default + Reset + Update,
+    D: CoreProxy + OutputSizeUser<OutputSize = U32> + Digest,
+    D::Core: BlockSizeUser
+        + BufferKindUser<BufferKind = Eager>
+        + Clone
+        + Default
+        + FixedOutputCore
+        + HashMarker
+        + OutputSizeUser<OutputSize = D::OutputSize>,
+    <D::Core as BlockSizeUser>::BlockSize: IsLess<typenum::U256>,
+    Le<<D::Core as BlockSizeUser>::BlockSize, typenum::U256>: NonZero,
 {
     fn try_sign_digest_with_rng(
         &self,
@@ -141,7 +182,7 @@ where
         let mut added_entropy = FieldBytes::default();
         rng.fill_bytes(&mut added_entropy);
 
-        let z = <Scalar as Reduce<U256>>::from_be_bytes_reduced(msg_digest.finalize_fixed());
+        let z = <Scalar as Reduce<U256>>::from_be_bytes_reduced(msg_digest.finalize());
         let k = rfc6979_generate_k::<_, D>(&self.inner, &z, &added_entropy);
         let (signature, recid) = self.inner.try_sign_prehashed(**k, z)?;
         let recoverable_id = recid.ok_or_else(Error::new)?.try_into()?;

diff --git a/k256/src/ecdsa/verify.rs b/k256/src/ecdsa/verify.rs
@@ -73,7 +73,7 @@ where
     Self: DigestVerifier<S::Digest, S>,
 {
     fn verify(&self, msg: &[u8], signature: &S) -> Result<(), Error> {
-        self.verify_digest(S::Digest::new().chain(msg), signature)
+        self.verify_digest(S::Digest::new().chain_update(msg), signature)
     }
 }
 

diff --git a/p256/Cargo.toml b/p256/Cargo.toml
@@ -17,17 +17,17 @@ edition = "2021"
 rust-version = "1.56"
 
 [dependencies]
-elliptic-curve = { version = "0.11.7", default-features = false, features = ["hazmat", "sec1"] }
+elliptic-curve = { git = "https://github.com/khonsulabs/traits", branch = "digest", default-features = false, features = ["hazmat", "sec1"] }
 sec1 = { version = "0.2", default-features = false }
 
 # optional dependencies
-ecdsa-core = { version = "0.13", package = "ecdsa", optional = true, default-features = false, features = ["der"] }
+ecdsa-core = { git = "https://github.com/khonsulabs/signatures", branch = "elliptic-curve-digest", package = "ecdsa", optional = true, default-features = false, features = ["der"] }
 hex-literal = { version = "0.3", optional = true }
-sha2 = { version = "0.9", optional = true, default-features = false }
+sha2 = { version = "0.10", optional = true, default-features = false }
 
 [dev-dependencies]
 blobby = "0.3"
-ecdsa-core = { version = "0.13", package = "ecdsa", default-features = false, features = ["dev"] }
+ecdsa-core = { git = "https://github.com/khonsulabs/signatures", branch = "elliptic-curve-digest", package = "ecdsa", default-features = false, features = ["dev"] }
 hex-literal = "0.3"
 proptest = "1.0"
 rand_core = { version = "0.6", features = ["getrandom"] }