diff --git a/crypto/dkg/evrf/Cargo.toml b/crypto/dkg/evrf/Cargo.toml index 1108261d..fd5f94e1 100644 --- a/crypto/dkg/evrf/Cargo.toml +++ b/crypto/dkg/evrf/Cargo.toml @@ -19,9 +19,9 @@ workspace = true [dependencies] thiserror = { version = "2", default-features = false } -rand_core = { version = "0.6", default-features = false } +rand_core = { version = "0.6", default-features = false, features = ["alloc"] } -zeroize = { version = "^1.5", default-features = false, features = ["zeroize_derive"] } +zeroize = { version = "^1.5", default-features = false, features = ["alloc", "zeroize_derive"] } std-shims = { version = "0.1", path = "../../../common/std-shims", default-features = false } @@ -39,11 +39,11 @@ ec-divisors = { git = "https://github.com/monero-oxide/monero-oxide", rev = "a6f generalized-bulletproofs-circuit-abstraction = { git = "https://github.com/monero-oxide/monero-oxide", rev = "a6f8797007e768488568b821435cf5006517a962", default-features = false } generalized-bulletproofs-ec-gadgets = { git = "https://github.com/monero-oxide/monero-oxide", rev = "a6f8797007e768488568b821435cf5006517a962", default-features = false } -dkg = { path = ".." } +dkg = { path = "..", default-features = false } -ciphersuite-kp256 = { path = "../../ciphersuite/kp256", default-features = false, optional = true } -secq256k1 = { path = "../../secq256k1", optional = true } -dalek-ff-group = { path = "../../dalek-ff-group", default-features = false, optional = true } +ciphersuite-kp256 = { path = "../../ciphersuite/kp256", default-features = false, features = ["alloc"], optional = true } +secq256k1 = { path = "../../secq256k1", default-features = false, features = ["alloc"], optional = true } +dalek-ff-group = { path = "../../dalek-ff-group", default-features = false, features = ["alloc"], optional = true } embedwards25519 = { path = "../../embedwards25519", default-features = false, features = ["alloc"], optional = true } [dev-dependencies] diff --git a/crypto/embedwards25519/src/lib.rs b/crypto/embedwards25519/src/lib.rs index 913854d6..70162c38 100644 --- a/crypto/embedwards25519/src/lib.rs +++ b/crypto/embedwards25519/src/lib.rs @@ -2,9 +2,10 @@ #![doc = include_str!("../README.md")] #![cfg_attr(not(feature = "std"), no_std)] +#[cfg(feature = "alloc")] #[allow(unused_imports)] use std_shims::prelude::*; -#[cfg(any(feature = "alloc", feature = "std"))] +#[cfg(feature = "alloc")] use std_shims::io::{self, Read}; use prime_field::{subtle::Choice, zeroize::Zeroize}; diff --git a/crypto/prime-field/src/lib.rs b/crypto/prime-field/src/lib.rs index 5bb5b96e..a87ad71f 100644 --- a/crypto/prime-field/src/lib.rs +++ b/crypto/prime-field/src/lib.rs @@ -11,6 +11,7 @@ pub use ff; #[doc(hidden)] pub mod __prime_field_private { pub use paste; + #[cfg(feature = "std")] pub use ff_group_tests; use crypto_bigint::{Word, Uint, modular::ConstMontyParams}; @@ -38,15 +39,16 @@ pub mod __prime_field_private { let mut i = 0; while i < Uint::::LIMBS { let word: Word = value.as_limbs()[i].0; + let word = word as u64; let bits = i * (Word::BITS as usize); let j = bits / (u64::BITS as usize); - res[j] |= word << (bits % (u64::BITS as usize)); + res[j] |= (word << (bits % (u64::BITS as usize))) as u64; if (j + 1) < WORDS { if let Some(remaining_bits) = ((bits % (u64::BITS as usize)) + (Word::BITS as usize)).checked_sub(u64::BITS as usize) { if remaining_bits != 0 { - res[j + 1] |= word >> ((Word::BITS as usize) - remaining_bits); + res[j + 1] |= (word >> ((Word::BITS as usize) - remaining_bits)) as u64; } } } @@ -126,7 +128,12 @@ macro_rules! odd_prime_field { hex_str_without_prefix($multiplicative_generator_as_be_hex); const MODULUS_BYTES: usize = MODULUS_WITHOUT_PREFIX.len() / 2; - type UnderlyingUint = Uint<{ MODULUS_BYTES.div_ceil(Limb::BYTES) }>; + /* + `crypto-bigint` only implements some methods for some limbs, due to the lack of const + generics. `next_power_of_two` pays a performance penalty yet effectively ensures this + `Uint` type is fully defined. + */ + type UnderlyingUint = Uint<{ MODULUS_BYTES.div_ceil(Limb::BYTES).next_power_of_two() }>; const PADDED_MODULUS_WITHOUT_PREFIX_BYTES: [u8; 2 * UnderlyingUint::BYTES] = { let mut res = [b'0'; 2 * UnderlyingUint::BYTES]; diff --git a/crypto/secq256k1/src/lib.rs b/crypto/secq256k1/src/lib.rs index e365c758..1f62dedb 100644 --- a/crypto/secq256k1/src/lib.rs +++ b/crypto/secq256k1/src/lib.rs @@ -2,16 +2,14 @@ #![doc = include_str!("../README.md")] #![cfg_attr(not(feature = "std"), no_std)] +#[cfg(feature = "alloc")] #[allow(unused_imports)] use std_shims::prelude::*; #[cfg(feature = "alloc")] use std_shims::io::{self, Read}; // Doesn't use the `generic-array 0.14` exported by `k256::elliptic_curve` as we need `1.0` -use generic_array::{ - typenum::{U, U33}, - GenericArray, -}; +use generic_array::{typenum::U33, GenericArray}; use k256::elliptic_curve::{ subtle::{Choice, ConstantTimeEq, ConditionallySelectable}, zeroize::Zeroize, @@ -152,7 +150,7 @@ impl ciphersuite::Ciphersuite for Secq256k1 { #[cfg(feature = "alloc")] impl generalized_bulletproofs_ec_gadgets::DiscreteLogParameter for Secq256k1 { - type ScalarBits = U<{ Scalar::NUM_BITS as usize }>; + type ScalarBits = generic_array::typenum::U<{ Scalar::NUM_BITS as usize }>; } #[test] diff --git a/networks/bitcoin/src/crypto.rs b/networks/bitcoin/src/crypto.rs index a5b316b5..061fd466 100644 --- a/networks/bitcoin/src/crypto.rs +++ b/networks/bitcoin/src/crypto.rs @@ -1,9 +1,7 @@ +#[cfg(feature = "std")] use subtle::{Choice, ConstantTimeEq, ConditionallySelectable}; -use k256::{ - elliptic_curve::sec1::{Tag, ToEncodedPoint}, - ProjectivePoint, -}; +use k256::{elliptic_curve::sec1::ToEncodedPoint, ProjectivePoint}; use bitcoin::key::XOnlyPublicKey; @@ -23,7 +21,9 @@ pub(crate) fn x_only(key: &ProjectivePoint) -> XOnlyPublicKey { } /// Return if a point must be negated to have an even Y coordinate and be eligible for use. +#[cfg(feature = "std")] pub(crate) fn needs_negation(key: &ProjectivePoint) -> Choice { + use k256::elliptic_curve::sec1::Tag; u8::from(key.to_encoded_point(true).tag()).ct_eq(&u8::from(Tag::CompressedOddY)) }