Bump elliptic-curve to v0.11.0-pre

Sourced from git.

This includes transitive updates to ff and group v0.11. A major notable
change of these updates is switching several APIs to use
`subtle::Choice` and `subtle::CtOption` instead of `bool`/`Option`.

Fortunately, the crates in this repo are already written with
constant-time implementations internally, so this was an easy change.

Author: tarcieri

.github/workflows/k256.yml

@@ -99,37 +99,38 @@ jobs:
       - run: cargo test --release --target ${{ matrix.target }} --features field-montgomery
       - run: cargo test --release --target ${{ matrix.target }} --all-features
 
-  cross:
-    strategy:
-      matrix:
-        include:
-          # ARM32
-          - target: armv7-unknown-linux-gnueabihf
-            rust: 1.51.0 # MSRV
-          - target: armv7-unknown-linux-gnueabihf
-            rust: stable
-
-          # ARM64
-          - target: aarch64-unknown-linux-gnu
-            rust: 1.51.0 # MSRV
-          - target: aarch64-unknown-linux-gnu
-            rust: stable
-
-          # PPC32
-          - target: powerpc-unknown-linux-gnu
-            rust: 1.51.0 # MSRV
-          - target: powerpc-unknown-linux-gnu
-            rust: stable
-
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - run: ${{ matrix.deps }}
-      - uses: actions-rs/toolchain@v1
-        with:
-          profile: minimal
-          toolchain: ${{ matrix.rust }}
-          target: ${{ matrix.target }}
-          override: true
-      - run: cargo install cross
-      - run: cross test --release --target ${{ matrix.target }} --all-features
+# TODO(tarcieri): re-enable when new `elliptic-curve` and `ecdsa` crates are released
+#  cross:
+#    strategy:
+#      matrix:
+#        include:
+#          # ARM32
+#          - target: armv7-unknown-linux-gnueabihf
+#            rust: 1.51.0 # MSRV
+#          - target: armv7-unknown-linux-gnueabihf
+#            rust: stable
+#
+#          # ARM64
+#          - target: aarch64-unknown-linux-gnu
+#            rust: 1.51.0 # MSRV
+#          - target: aarch64-unknown-linux-gnu
+#            rust: stable
+#
+#          # PPC32
+#          - target: powerpc-unknown-linux-gnu
+#            rust: 1.51.0 # MSRV
+#          - target: powerpc-unknown-linux-gnu
+#            rust: stable
+#
+#    runs-on: ubuntu-latest
+#    steps:
+#      - uses: actions/checkout@v2
+#      - run: ${{ matrix.deps }}
+#      - uses: actions-rs/toolchain@v1
+#        with:
+#          profile: minimal
+#          toolchain: ${{ matrix.rust }}
+#          target: ${{ matrix.target }}
+#          override: true
+#      - run: cargo install cross
+#      - run: cross test --release --target ${{ matrix.target }} --all-features

.github/workflows/p256.yml

@@ -80,37 +80,38 @@ jobs:
       - run: cargo test --release --target ${{ matrix.target }}
       - run: cargo test --release --target ${{ matrix.target }} --all-features
 
-  cross:
-    strategy:
-      matrix:
-        include:
-          # ARM32
-          - target: armv7-unknown-linux-gnueabihf
-            rust: 1.51.0 # MSRV
-          - target: armv7-unknown-linux-gnueabihf
-            rust: stable
-
-          # ARM64
-          - target: aarch64-unknown-linux-gnu
-            rust: 1.51.0 # MSRV
-          - target: aarch64-unknown-linux-gnu
-            rust: stable
-
-          # PPC32
-          - target: powerpc-unknown-linux-gnu
-            rust: 1.51.0 # MSRV
-          - target: powerpc-unknown-linux-gnu
-            rust: stable
-
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - run: ${{ matrix.deps }}
-      - uses: actions-rs/toolchain@v1
-        with:
-          profile: minimal
-          toolchain: ${{ matrix.rust }}
-          target: ${{ matrix.target }}
-          override: true
-      - run: cargo install cross
-      - run: cross test --release --target ${{ matrix.target }} --all-features
+# TODO(tarcieri): re-enable when new `elliptic-curve` and `ecdsa` crates are released
+#  cross:
+#    strategy:
+#      matrix:
+#        include:
+#          # ARM32
+#          - target: armv7-unknown-linux-gnueabihf
+#            rust: 1.51.0 # MSRV
+#          - target: armv7-unknown-linux-gnueabihf
+#            rust: stable
+#
+#          # ARM64
+#          - target: aarch64-unknown-linux-gnu
+#            rust: 1.51.0 # MSRV
+#          - target: aarch64-unknown-linux-gnu
+#            rust: stable
+#
+#          # PPC32
+#          - target: powerpc-unknown-linux-gnu
+#            rust: 1.51.0 # MSRV
+#          - target: powerpc-unknown-linux-gnu
+#            rust: stable
+#
+#    runs-on: ubuntu-latest
+#    steps:
+#      - uses: actions/checkout@v2
+#      - run: ${{ matrix.deps }}
+#      - uses: actions-rs/toolchain@v1
+#        with:
+#          profile: minimal
+#          toolchain: ${{ matrix.rust }}
+#          target: ${{ matrix.target }}
+#          override: true
+#      - run: cargo install cross
+#      - run: cross test --release --target ${{ matrix.target }} --all-features

Cargo.lock

@@ -7,3 +7,7 @@ members = [
     "p256",
     "p384",
 ]
+
+[patch.crates-io]
+ecdsa = { git = "https://github.com/RustCrypto/signatures.git" }
+elliptic-curve = { git = "https://github.com/RustCrypto/traits.git" }

Cargo.toml

@@ -12,10 +12,10 @@ categories = ["cryptography", "no-std"]
 keywords = ["brainpool", "crypto", "ecc"]
 
 [dependencies]
-elliptic-curve = { version = "0.10", default-features = false, features = ["hazmat"] }
+elliptic-curve = { version = "=0.11.0-pre", default-features = false, features = ["hazmat"] }
 
 # optional dependencies
-ecdsa = { version = "0.12", optional = true, default-features = false, features = ["der"] }
+ecdsa = { version = "=0.13.0-pre", optional = true, default-features = false, features = ["der"] }
 sha2 = { version = "0.9", optional = true, default-features = false }
 
 [features]

bp256/Cargo.toml

@@ -12,10 +12,10 @@ categories = ["cryptography", "no-std"]
 keywords = ["brainpool", "crypto", "ecc"]
 
 [dependencies]
-elliptic-curve = { version = "0.10", default-features = false, features = ["hazmat"] }
+elliptic-curve = { version = "=0.11.0-pre", default-features = false, features = ["hazmat"] }
 
 # optional dependencies
-ecdsa = { version = "0.12", optional = true, default-features = false, features = ["der"] }
+ecdsa = { version = "=0.13.0-pre", optional = true, default-features = false, features = ["der"] }
 sha2 = { version = "0.9", optional = true, default-features = false }
 
 [features]

bp384/Cargo.toml

@@ -18,24 +18,18 @@ keywords = ["bitcoin", "crypto", "ecc", "ethereum", "secp256k1"]
 
 [dependencies]
 cfg-if = "1.0"
-elliptic-curve = { version = "0.10.6", default-features = false, features = ["hazmat"] }
+elliptic-curve = { version = "=0.11.0-pre", default-features = false, features = ["hazmat"] }
 
 # optional dependencies
+ecdsa-core = { version = "=0.13.0-pre", package = "ecdsa", optional = true, default-features = false, features = ["der"] }
 hex-literal = { version = "0.3", optional = true }
 sha2 = { version = "0.9", optional = true, default-features = false }
 sha3 = { version = "0.9", optional = true, default-features = false }
 
-[dependencies.ecdsa-core]
-version = "0.12.1"
-package = "ecdsa"
-optional = true
-default-features = false
-features = ["der"]
-
 [dev-dependencies]
 blobby = "0.3"
 criterion = "0.3"
-ecdsa-core = { version = "0.12.1", package = "ecdsa", default-features = false, features = ["dev"] }
+ecdsa-core = { version = "=0.13.0-pre", package = "ecdsa", default-features = false, features = ["dev"] }
 hex-literal = "0.3"
 num-bigint = "0.4"
 num-traits = "0.2"

k256/Cargo.toml

@@ -95,10 +95,6 @@ impl Field for Scalar {
         Scalar::one()
     }
 
-    fn is_zero(&self) -> bool {
-        self.0.is_zero().into()
-    }
-
     #[must_use]
     fn square(&self) -> Self {
         Scalar::square(self)
@@ -493,16 +489,16 @@ impl PrimeField for Scalar {
     ///
     /// Returns None if the byte array does not contain a big-endian integer in the range
     /// [0, p).
-    fn from_repr(bytes: FieldBytes) -> Option<Self> {
-        ScalarImpl::from_bytes(bytes.as_ref()).map(Self).into()
+    fn from_repr(bytes: FieldBytes) -> CtOption<Self> {
+        ScalarImpl::from_bytes(bytes.as_ref()).map(Self)
     }
 
     fn to_repr(&self) -> FieldBytes {
         self.to_bytes()
     }
 
-    fn is_odd(&self) -> bool {
-        self.0.is_odd().into()
+    fn is_odd(&self) -> Choice {
+        self.0.is_odd()
     }
 
     fn multiplicative_generator() -> Self {
@@ -707,7 +703,7 @@ impl Scalar {
         // TODO: pre-generate several scalars to bring the probability of non-constant-timeness down?
         loop {
             rng.fill_bytes(&mut bytes);
-            if let Some(scalar) = Scalar::from_repr(bytes) {
+            if let Some(scalar) = Scalar::from_repr(bytes).into() {
                 return scalar;
             }
         }

k256/src/arithmetic/scalar.rs

@@ -83,11 +83,6 @@ pub use self::{sign::SigningKey, verify::VerifyingKey};
 
 use crate::Secp256k1;
 
-#[cfg(feature = "ecdsa")]
-use crate::NonZeroScalar;
-#[cfg(feature = "ecdsa")]
-use elliptic_curve::generic_array::GenericArray;
-
 /// ECDSA/secp256k1 signature (fixed-size)
 pub type Signature = ecdsa_core::Signature<Secp256k1>;
 
@@ -100,20 +95,6 @@ impl ecdsa_core::hazmat::DigestPrimitive for Secp256k1 {
     type Digest = sha2::Sha256;
 }
 
-/// Validate that the scalars of an ECDSA signature are modulo the order
-#[cfg(feature = "ecdsa")]
-fn check_scalars(signature: &Signature) -> Result<(), Error> {
-    let (r_bytes, s_bytes) = signature.as_ref().split_at(32);
-    let r_valid = NonZeroScalar::from_repr(GenericArray::clone_from_slice(r_bytes)).is_some();
-    let s_valid = NonZeroScalar::from_repr(GenericArray::clone_from_slice(s_bytes)).is_some();
-
-    if r_valid && s_valid {
-        Ok(())
-    } else {
-        Err(Error::new())
-    }
-}
-
 #[cfg(all(test, feature = "ecdsa", feature = "arithmetic"))]
 mod tests {
     mod wycheproof {
@@ -165,7 +146,7 @@ mod tests {
                     Err(_) => return Some("failed to parse signature ASN.1"),
                 };
 
-                sig.normalize_s().unwrap();
+                sig.normalize_s();
 
                 match verifying_key.verify(msg, &sig) {
                     Ok(_) if pass => None,

k256/src/ecdsa.rs

@@ -47,7 +47,7 @@ mod tests {
         ]).unwrap();
 
         let mut sig_normalized = sig_hi;
-        assert!(sig_normalized.normalize_s().unwrap());
+        assert!(sig_normalized.normalize_s());
         assert_eq!(sig_lo, sig_normalized);
     }
 
@@ -62,7 +62,7 @@ mod tests {
         ]).unwrap();
 
         let mut sig_normalized = sig;
-        assert!(!sig_normalized.normalize_s().unwrap());
+        assert!(!sig_normalized.normalize_s());
         assert_eq!(sig, sig_normalized);
     }
 }