2f833dec77
The prior workflow (now deleted) required manually specifying the packages to check and only checked the package could compile under the stated MSRV. It didn't verify it was actually the _minimum_ supported Rust version. The new version finds the MSRV from scratch to check if the stated MSRV aligns. Updates stated MSRVs accordingly. Also removes many explicit dependencies from secq256k1 for their re-exports via k256. Not directly relevant, just part of tidying up all the `toml`s.
Ciphersuite
Ciphersuites for elliptic curves premised on ff/group.
This library, except for the not recommended Ed448 ciphersuite, was audited by Cypher Stack in March 2023, culminating in commit 669d2dbffc1dafb82a09d9419ea182667115df06. Any subsequent changes have not undergone auditing.
This library is usable under no_std. The alloc and std features enable
reading from the io::Read trait, shimmed by std-shims under alloc.
Secp256k1/P-256
Secp256k1 and P-256 are offered via k256 and p256, two libraries maintained by RustCrypto.
Their hash_to_F is the
IETF's hash to curve,
yet applied to their scalar field.
Please see the ciphersuite-kp256 crate for more info.
Ed25519/Ristretto
Ed25519/Ristretto are offered via dalek-ff-group, an ff/group wrapper around curve25519-dalek.
Their hash_to_F is the wide reduction of SHA2-512, as used in
RFC-8032. This is also compliant with
the draft
RFC-RISTRETTO.
The domain-separation tag is naively prefixed to the message.
Please see the dalek-ff-group crate for more info.
Ed448
Ed448 is offered via minimal-ed448, an explicitly not recommended, unaudited, incomplete Ed448 implementation, limited to its prime-order subgroup.
Its hash_to_F is the wide reduction of SHAKE256, with a 114-byte output, as
used in RFC-8032. The
domain-separation tag is naively prefixed to the message.
Please see the minimal-ed448 crate for more info.