* Added items to changelog for 2.0 release
* Removed unnecessary uses of std in doctests
* Gated `Context` behind `digest`
* Fixed noncompiling doctest when only `digest` is enabled
* README feature flag list mostly done
* Copied changelog to readme
* Redid the malleability section in README
* Added CONTRIBUTING.md
* Bumped version number to 2.0.0-pre.0; small changes to README
* Updated changelog for #277
* Added pem feature description
Co-authored-by: pinkforest(she/her) <36498018+pinkforest@users.noreply.github.com>
The original v2.0.0 release has been yanked.
This release includes a different infallible parsing API which can be
used to eliminate some usages of `unwrap()`.
* Impl `signature::Digest*` traits for Ed25519ph
Adds the following trait impls:
- impl DigestSigner for SigningKey
- impl DigestVerifier for VerifyingKey
These traits can be used to create and verify Ed25519 signatures,
thunking to `SigningKey::sign_prehashed` and
`VerifyingKey::verify_prehashed` respectively.
* Add rustdoc comments for trait impls
* Add on-by-default `fast` crate feature
Disabling the feature reduces overall code size at the cost of
performance, which is useful for e.g. embedded users.
This feature transitively enables the `basepoint-tables` feature in
`curve25519-dalek` where the basepoint tables are actually defined.
* Consolidated a lot of verification code
* Bump `curve25519-dalek`; use `precomputed-tables` feature
The feature name changed in dalek-cryptography/curve25519-dalek#499
Co-authored-by: Michael Rosenberg <michael@mrosenberg.pub>
digest isn't yet stable but we have use it in the public API.
This makes the digest API optional to use in opt-in basis by
feature gating this via an optional digest feature.
API items now feature-gated:
- `pub use ed25519_dalek::Digest`
- `SigningKey::sign_prehashed(D: prehashed_message, ..)`
- `SigningKey::verify_prehashed(D: prehahed_message, ..)`
- `VerifyingKey::verify_prehashed(D: prehashed_message, ..)`
- `VerifyingKey::verify_prehashed_strict(D: prehashed_message, ..)`
Also no longer re-exporting `sha2::Sha512`
Updates to the latest upstream changes in `curve25519-dalek`, including
using the new `EdwardsPoint::mul_base` API.
To keep the build deterministic, this also checks in Cargo.lock, which
pins `curve25519-dalek` to a particular git commit SHA which can be
updated using `cargo update -p curve25519-dalek`.
We can potentially remove `Cargo.lock` again after a crate release.
* Fixed bench when `batch` feature is not present
* Added bench build regression test to CI
* Fixed batch build more generally
* Simplified batch cfg gates in benches
* Updated criterion
* Made CI batch-nondeterministic test use nostd
* Fix batch_deterministic build
* Removed bad compile error when batch and batch_deterministic are selected
This enables activating the `alloc` and `std` features without
unnecessarily pulling in optional dependencies like `rand` and `serde`.
It also fixes tests for `--no-default-features` (w\ `--lib` only)
Adds optional integration with `ed25519::pkcs8` with support for
decoding/encoding `Keypair` from/to PKCS#8-encoded documents as well as
`PublicKey` from/to SPKI-encoded documents.
Includes test vectors generated for the `ed25519` crate from:
https://github.com/RustCrypto/signatures/tree/master/ed25519/tests/examples
curve25519-dalek:
- Enables `digest` and `rand_core` features
- Removes transitive `nightly`, `simd_backend`, and `std` features
ed25519:
- `AsRef` impl for `Signature` has been removed; uses `to_bytes`
- Uses `try_from` for `InternalSignature` conversion
- Consolidate `test` jobs: this allows reusing intermediate artifacts
between tests which should improve build times, and also make it
easier to test additional features in the future
- Switch to `dtolnay/rust-toolchain` for setting up toolchain
- Bump checkout to `actions/checkout@3`
- Switch to `run` directives for invoking Cargo: it's more
straightforward to just call Cargo than use a DSL from an unmaintained
action, and eliminates the 3rd party dependency
Also bumps these corresponding dependencies which are needed for everything to compile with this update:
* `merlin` v3.0
* `rand` v0.8
* `rand_core` v0.6
* `sha2` v0.10
We use the [serde_bytes](https://github.com/serde-rs/bytes) crate for
serialization implementations, which simplifies codes and fixes issues
for serde_json.
The `signature` crate provides `Signer` and `Verifier` traits generic
over signature types:
https://github.com/RustCrypto/traits/tree/master/signature
There's presently an open call to stabilize the parts of its API needed
by Ed25519 signatures and release a 1.0 version:
https://github.com/RustCrypto/traits/issues/78
The `ed25519` crate, based on the `signature` crate, provides an
`ed25519::Signature` type which can be shared across multiple Ed25519
crates (e.g. it is also used by the `yubihsm` crate):
https://github.com/RustCrypto/signatures/tree/master/ed25519
This commit integrates the `ed25519::Signature` type, and changes the
existing `sign` and `verify` methods (where applicable) to use the
`Signer` and `Verifier` traits from the `signature` crate. Additionally,
it replaces `SignatureError` with the `signature` crate's error type.
This has the drawback of requiring the `Signer` and/or `Verifier` traits
are in scope in order to create and/or verify signatures, but with the
benefit of supporting interoperability with other Ed25519 crates which
also make use of these traits.
It doesn't appear to me that ed25519-dalek crate needs any of the std-related
features of serde. But it turns them on anyways because it doesn't put
`default-features = false`.
This breaks no_std builds. Otherwise I think we could use 1.0.0-pre3 in mobilecoin.
I'm going to test this revision in our build and see if I'm right. I don't think
this is a breaking change from dalek's point of view.
