Downstream the eVRF libraries from FCMP++

Also adds no-std support to secq256k1 and embedwards25519.
2025-12-09 04:39:24 +00:00 · 2025-01-29 22:29:40 -05:00
parent 19422de231
commit 2bc880e372
35 changed files with 456 additions and 340 deletions
--- a/crypto/evrf/embedwards25519/src/lib.rs
+++ b/crypto/evrf/embedwards25519/src/lib.rs
@@ -1,5 +1,9 @@
 #![cfg_attr(docsrs, feature(doc_auto_cfg))]
 #![doc = include_str!("../README.md")]
+#![cfg_attr(not(feature = "std"), no_std)]
+
+#[cfg(any(feature = "alloc", feature = "std"))]
+use std_shims::io::{self, Read};

 use generic_array::typenum::{Sum, Diff, Quot, U, U1, U2};
 use ciphersuite::group::{ff::PrimeField, Group};
@@ -33,10 +37,29 @@ impl ciphersuite::Ciphersuite for Embedwards25519 {
    Point::generator()
  }

+  fn reduce_512(scalar: [u8; 64]) -> Self::F {
+    Scalar::wide_reduce(scalar)
+  }
+
  fn hash_to_F(dst: &[u8], data: &[u8]) -> Self::F {
    use blake2::Digest;
    Scalar::wide_reduce(Self::H::digest([dst, data].concat()).as_slice().try_into().unwrap())
  }
+
+  // We override the provided impl, which compares against the reserialization, because
+  // we already require canonicity
+  #[cfg(any(feature = "alloc", feature = "std"))]
+  #[allow(non_snake_case)]
+  fn read_G<R: Read>(reader: &mut R) -> io::Result<Self::G> {
+    use ciphersuite::group::GroupEncoding;
+
+    let mut encoding = <Self::G as GroupEncoding>::Repr::default();
+    reader.read_exact(encoding.as_mut())?;
+
+    let point = Option::<Self::G>::from(Self::G::from_bytes(&encoding))
+      .ok_or_else(|| io::Error::new(io::ErrorKind::Other, "invalid point"))?;
+    Ok(point)
+  }
 }

 impl generalized_bulletproofs_ec_gadgets::DiscreteLogParameters for Embedwards25519 {