Add no_std support to transcript, dalek-ff-group, ed448, ciphersuite, multiexp, schnorr, and monero-generators

transcript, dalek-ff-group, ed449, and ciphersuite are all usable with no_std alone. The rest additionally require alloc. Part of #279.
2025-12-08 12:19:24 +00:00 · 2023-04-22 04:38:47 -04:00
parent ef0c901455
commit 1e448dec21
38 changed files with 445 additions and 76 deletions
--- a/crypto/ciphersuite/Cargo.toml
+++ b/crypto/ciphersuite/Cargo.toml
@@ -13,34 +13,39 @@ all-features = true
 rustdoc-args = ["--cfg", "docsrs"]

 [dependencies]
-rand_core = "0.6"
+std-shims = { path = "../../common/std-shims", version = "0.1", default-features = false, optional = true }

-zeroize = { version = "^1.5", features = ["zeroize_derive"] }
-subtle = "^2.4"
+rand_core = { version = "0.6", default-features = false }

-digest = "0.10"
+zeroize = { version = "^1.5", default-features = false }
+subtle = { version = "^2.4", default-features = false }
+
+digest = { version = "0.10", default-features = false }
 transcript = { package = "flexible-transcript", path = "../transcript", version = "0.3" }
-sha2 = { version = "0.10", optional = true }
-sha3 = { version = "0.10", optional = true }
+sha2 = { version = "0.10", default-features = false, optional = true }
+sha3 = { version = "0.10", default-features = false, optional = true }

-ff = { version = "0.13", features = ["bits"] }
-group = "0.13"
+ff = { version = "0.13", default-features = false, features = ["bits"] }
+group = { version = "0.13", default-features = false }

 dalek-ff-group = { path = "../dalek-ff-group", version = "0.3", optional = true }

-elliptic-curve = { version = "0.13", features = ["hash2curve"], optional = true }
-p256 = { version = "^0.13.1", default-features = false, features = ["std", "arithmetic", "bits", "hash2curve"], optional = true }
-k256 = { version = "^0.13.1", default-features = false, features = ["std", "arithmetic", "bits", "hash2curve"], optional = true }
+elliptic-curve = { version = "0.13", default-features = false, features = ["hash2curve"], optional = true }
+p256 = { version = "^0.13.1", default-features = false, features = ["arithmetic", "bits", "hash2curve"], optional = true }
+k256 = { version = "^0.13.1", default-features = false, features = ["arithmetic", "bits", "hash2curve"], optional = true }

 minimal-ed448 = { path = "../ed448", version = "0.3", optional = true }

 [dev-dependencies]
 hex = "0.4"

+rand_core = { version = "0.6", features = ["std"] }
+
 ff-group-tests = { version = "0.13", path = "../ff-group-tests" }

 [features]
-std = []
+alloc = ["std-shims"]
+std = ["std-shims/std"]

 dalek = ["sha2", "dalek-ff-group"]
 ed25519 = ["dalek"]
--- a/crypto/ciphersuite/README.md
+++ b/crypto/ciphersuite/README.md
@@ -8,6 +8,9 @@ culminating in commit
 [669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06).
 Any subsequent changes have not undergone auditing.

+This library is usable under no_std. The `alloc` and `std` features enable
+reading from the `io::Read` trait, shimmed by `std-shims` under `alloc`.
+
 ### Secp256k1/P-256

 Secp256k1 and P-256 are offered via [k256](https://crates.io/crates/k256) and
--- a/crypto/ciphersuite/src/ed448.rs
+++ b/crypto/ciphersuite/src/ed448.rs
@@ -75,8 +75,7 @@ impl Ciphersuite for Ed448 {
 fn test_ed448() {
  use ff::PrimeField;

-  // TODO: Enable once ed448 passes these tests
-  //ff_group_tests::group::test_prime_group_bits::<Point>();
+  ff_group_tests::group::test_prime_group_bits::<_, Point>(&mut rand_core::OsRng);

  // Ideally, a test vector from RFC-8032 (not FROST) would be here
  // Unfortunately, the IETF draft doesn't provide any vectors for the derived challenges
--- a/crypto/ciphersuite/src/lib.md
+++ b/crypto/ciphersuite/src/lib.md
@@ -7,3 +7,6 @@ This library, except for the not recommended Ed448 ciphersuite, was
 culminating in commit
 [669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06).
 Any subsequent changes have not undergone auditing.
+
+This library is usable under no_std. The `alloc` and `std` features enable
+reading from the `io::Read` trait, shimmed by `std-shims` under `alloc`.
--- a/crypto/ciphersuite/src/lib.rs
+++ b/crypto/ciphersuite/src/lib.rs
@@ -1,10 +1,10 @@
 #![cfg_attr(docsrs, feature(doc_auto_cfg))]
-#![cfg_attr(not(feature = "std"), no_std)]
 #![doc = include_str!("lib.md")]
+#![cfg_attr(not(feature = "std"), no_std)]

 use core::fmt::Debug;
-#[cfg(feature = "std")]
-use std::io::{self, Read};
+#[cfg(any(feature = "alloc", feature = "std"))]
+use std_shims::io::{self, Read};

 use rand_core::{RngCore, CryptoRng};

@@ -20,7 +20,7 @@ use group::{
  Group, GroupOps,
  prime::PrimeGroup,
 };
-#[cfg(feature = "std")]
+#[cfg(any(feature = "alloc", feature = "std"))]
 use group::GroupEncoding;

 #[cfg(feature = "dalek")]
@@ -85,7 +85,7 @@ pub trait Ciphersuite:
  }

  /// Read a canonical scalar from something implementing std::io::Read.
-  #[cfg(feature = "std")]
+  #[cfg(any(feature = "alloc", feature = "std"))]
  #[allow(non_snake_case)]
  fn read_F<R: Read>(reader: &mut R) -> io::Result<Self::F> {
    let mut encoding = <Self::F as PrimeField>::Repr::default();
@@ -99,7 +99,7 @@ pub trait Ciphersuite:
  }

  /// Read a canonical point from something implementing std::io::Read.
-  #[cfg(feature = "std")]
+  #[cfg(any(feature = "alloc", feature = "std"))]
  #[allow(non_snake_case)]
  fn read_G<R: Read>(reader: &mut R) -> io::Result<Self::G> {
    let mut encoding = <Self::G as GroupEncoding>::Repr::default();