Add no_std support to transcript, dalek-ff-group, ed448, ciphersuite, multiexp, schnorr, and monero-generators

transcript, dalek-ff-group, ed449, and ciphersuite are all usable with no_std
alone. The rest additionally require alloc.

Part of #279.
This commit is contained in:
Luke Parker 2023-04-22 04:38:47 -04:00
parent ef0c901455
commit 1e448dec21
No known key found for this signature in database
38 changed files with 445 additions and 76 deletions

21
.github/workflows/no-std.yml vendored Normal file
View file

@ -0,0 +1,21 @@
name: Tests
on:
push:
branches:
- develop
pull_request:
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install Build Dependencies
uses: ./.github/actions/build-dependencies
with:
github-token: ${{ inputs.github-token }}
- name: Verify no-std builds
run: cd tests/no-std && cargo build --target wasm32-unknown-unknown

25
Cargo.lock generated
View file

@ -1067,6 +1067,7 @@ dependencies = [
"rand_core 0.6.4", "rand_core 0.6.4",
"sha2 0.10.6", "sha2 0.10.6",
"sha3", "sha3",
"std-shims",
"subtle", "subtle",
"zeroize", "zeroize",
] ]
@ -5099,7 +5100,6 @@ dependencies = [
"generic-array", "generic-array",
"group 0.13.0", "group 0.13.0",
"hex", "hex",
"lazy_static",
"rand_core 0.6.4", "rand_core 0.6.4",
"rustversion", "rustversion",
"subtle", "subtle",
@ -5219,6 +5219,7 @@ dependencies = [
"group 0.13.0", "group 0.13.0",
"lazy_static", "lazy_static",
"sha3", "sha3",
"std-shims",
"subtle", "subtle",
] ]
@ -5335,6 +5336,7 @@ dependencies = [
"k256", "k256",
"rand_core 0.6.4", "rand_core 0.6.4",
"rustversion", "rustversion",
"std-shims",
"zeroize", "zeroize",
] ]
@ -8571,6 +8573,7 @@ dependencies = [
"multiexp", "multiexp",
"rand_core 0.6.4", "rand_core 0.6.4",
"sha2 0.10.6", "sha2 0.10.6",
"std-shims",
"zeroize", "zeroize",
] ]
@ -8798,6 +8801,19 @@ dependencies = [
name = "serai-db" name = "serai-db"
version = "0.1.0" version = "0.1.0"
[[package]]
name = "serai-no-std"
version = "0.1.0"
dependencies = [
"ciphersuite",
"dalek-ff-group",
"flexible-transcript",
"minimal-ed448",
"monero-generators",
"multiexp",
"schnorr-signatures",
]
[[package]] [[package]]
name = "serai-node" name = "serai-node"
version = "0.1.0" version = "0.1.0"
@ -9905,6 +9921,13 @@ dependencies = [
"syn 1.0.109", "syn 1.0.109",
] ]
[[package]]
name = "std-shims"
version = "0.1.0"
dependencies = [
"hashbrown 0.13.2",
]
[[package]] [[package]]
name = "string_cache" name = "string_cache"
version = "0.8.7" version = "0.8.7"

View file

@ -1,5 +1,6 @@
[workspace] [workspace]
members = [ members = [
"common/std-shims",
"common/zalloc", "common/zalloc",
"common/db", "common/db",
@ -43,6 +44,8 @@ members = [
"substrate/runtime", "substrate/runtime",
"substrate/node", "substrate/node",
"tests/no-std",
] ]
# Always compile Monero (and a variety of dependencies) with optimizations due # Always compile Monero (and a variety of dependencies) with optimizations due

View file

@ -12,13 +12,20 @@ all-features = true
rustdoc-args = ["--cfg", "docsrs"] rustdoc-args = ["--cfg", "docsrs"]
[dependencies] [dependencies]
std-shims = { path = "../../../common/std-shims", version = "0.1", default-features = false }
lazy_static = "1" lazy_static = "1"
subtle = "^2.4" subtle = { version = "^2.4", default-features = false }
sha3 = "0.10" sha3 = { version = "0.10", default-features = false }
curve25519-dalek = { version = "3", features = ["std"] } curve25519-dalek = { version = "3", default-features = false }
group = "0.13" group = { version = "0.13", default-features = false }
dalek-ff-group = { path = "../../../crypto/dalek-ff-group", version = "0.3" } dalek-ff-group = { path = "../../../crypto/dalek-ff-group", version = "0.3" }
[features]
alloc = ["lazy_static/spin_no_std"]
std = ["std-shims/std"]
default = ["std"]

View file

@ -3,3 +3,5 @@
Generators used by Monero in both its Pedersen commitments and Bulletproofs(+). Generators used by Monero in both its Pedersen commitments and Bulletproofs(+).
An implementation of Monero's `ge_fromfe_frombytes_vartime`, simply called An implementation of Monero's `ge_fromfe_frombytes_vartime`, simply called
`hash_to_point` here, is included, as needed to generate generators. `hash_to_point` here, is included, as needed to generate generators.
This library is usable under no_std when the `alloc` feature is enabled.

View file

@ -2,16 +2,15 @@
//! An implementation of Monero's `ge_fromfe_frombytes_vartime`, simply called //! An implementation of Monero's `ge_fromfe_frombytes_vartime`, simply called
//! `hash_to_point` here, is included, as needed to generate generators. //! `hash_to_point` here, is included, as needed to generate generators.
#![cfg_attr(not(feature = "std"), no_std)]
use lazy_static::lazy_static; use lazy_static::lazy_static;
use sha3::{Digest, Keccak256}; use sha3::{Digest, Keccak256};
use curve25519_dalek::{ use curve25519_dalek::edwards::{EdwardsPoint as DalekPoint, CompressedEdwardsY};
constants::ED25519_BASEPOINT_POINT,
edwards::{EdwardsPoint as DalekPoint, CompressedEdwardsY},
};
use group::Group; use group::{Group, GroupEncoding};
use dalek_ff_group::EdwardsPoint; use dalek_ff_group::EdwardsPoint;
mod varint; mod varint;
@ -27,7 +26,7 @@ fn hash(data: &[u8]) -> [u8; 32] {
lazy_static! { lazy_static! {
/// Monero alternate generator `H`, used for amounts in Pedersen commitments. /// Monero alternate generator `H`, used for amounts in Pedersen commitments.
pub static ref H: DalekPoint = pub static ref H: DalekPoint =
CompressedEdwardsY(hash(&ED25519_BASEPOINT_POINT.compress().to_bytes())) CompressedEdwardsY(hash(&EdwardsPoint::generator().to_bytes()))
.decompress() .decompress()
.unwrap() .unwrap()
.mul_by_cofactor(); .mul_by_cofactor();

View file

@ -1,4 +1,4 @@
use std::io::{self, Write}; use std_shims::io::{self, Write};
const VARINT_CONTINUATION_MASK: u8 = 0b1000_0000; const VARINT_CONTINUATION_MASK: u8 = 0b1000_0000;
pub(crate) fn write_varint<W: Write>(varint: &u64, w: &mut W) -> io::Result<()> { pub(crate) fn write_varint<W: Write>(varint: &u64, w: &mut W) -> io::Result<()> {

View file

@ -0,0 +1,20 @@
[package]
name = "std-shims"
version = "0.1.0"
description = "A series of std shims to make alloc more feasible"
license = "MIT"
repository = "https://github.com/serai-dex/serai/tree/develop/common/std-shims"
authors = ["Luke Parker <lukeparker5132@gmail.com>"]
keywords = ["nostd", "no_std", "alloc", "io"]
edition = "2021"
[package.metadata.docs.rs]
all-features = true
rustdoc-args = ["--cfg", "docsrs"]
[dependencies]
hashbrown = "0.13"
[features]
std = []
default = ["std"]

21
common/std-shims/LICENSE Normal file
View file

@ -0,0 +1,21 @@
MIT License
Copyright (c) 2023 Luke Parker
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

View file

@ -0,0 +1,6 @@
# std shims
A crate which passes through to std when the default `std` feature is enabled,
yet provides a series of shims when it isn't.
`HashSet` and `HashMap` are provided via `hashbrown`.

View file

@ -0,0 +1,7 @@
#[cfg(feature = "std")]
pub use std::collections::*;
#[cfg(not(feature = "std"))]
pub use alloc::collections::*;
#[cfg(not(feature = "std"))]
pub use hashbrown::{HashSet, HashMap};

View file

@ -0,0 +1,85 @@
#[cfg(feature = "std")]
pub use std::io::*;
#[cfg(not(feature = "std"))]
mod shims {
use core::fmt::{Debug, Formatter};
use alloc::{boxed::Box, vec::Vec};
#[derive(Clone, Copy, PartialEq, Eq, Debug)]
pub enum ErrorKind {
UnexpectedEof,
Other,
}
pub struct Error {
kind: ErrorKind,
error: Box<dyn Send + Sync>,
}
impl Debug for Error {
fn fmt(&self, fmt: &mut Formatter<'_>) -> core::result::Result<(), core::fmt::Error> {
fmt.debug_struct("Error").field("kind", &self.kind).finish_non_exhaustive()
}
}
impl Error {
pub fn new<E: 'static + Send + Sync>(kind: ErrorKind, error: E) -> Error {
Error { kind, error: Box::new(error) }
}
pub fn kind(&self) -> ErrorKind {
self.kind
}
pub fn into_inner(self) -> Option<Box<dyn Send + Sync>> {
Some(self.error)
}
}
pub type Result<T> = core::result::Result<T, Error>;
pub trait Read {
fn read(&mut self, buf: &mut [u8]) -> Result<usize>;
fn read_exact(&mut self, buf: &mut [u8]) -> Result<()> {
let read = self.read(buf)?;
if read != buf.len() {
Err(Error::new(ErrorKind::UnexpectedEof, "reader ran out of bytes"))?;
}
Ok(())
}
}
impl Read for &[u8] {
fn read(&mut self, buf: &mut [u8]) -> Result<usize> {
let mut read = 0;
if self.len() < buf.len() {
read = self.len();
}
buf[.. read].copy_from_slice(&self[.. read]);
*self = &self[read ..];
Ok(read)
}
}
pub trait Write {
fn write(&mut self, buf: &[u8]) -> Result<usize>;
fn write_all(&mut self, buf: &[u8]) -> Result<()> {
if self.write(buf)? != buf.len() {
Err(Error::new(ErrorKind::UnexpectedEof, "writer ran out of bytes"))?;
}
Ok(())
}
}
impl Write for Vec<u8> {
fn write(&mut self, buf: &[u8]) -> Result<usize> {
self.extend(buf);
Ok(buf.len())
}
}
}
#[cfg(not(feature = "std"))]
pub use shims::*;

View file

@ -0,0 +1,24 @@
#![cfg_attr(not(feature = "std"), no_std)]
#[cfg(not(feature = "std"))]
#[allow(unused_imports)]
#[doc(hidden)]
#[macro_use]
pub extern crate alloc;
pub mod collections;
pub mod io;
pub mod str {
#[cfg(not(feature = "std"))]
pub use alloc::str::*;
#[cfg(feature = "std")]
pub use std::str::*;
}
pub mod vec {
#[cfg(not(feature = "std"))]
pub use alloc::vec::*;
#[cfg(feature = "std")]
pub use std::vec::*;
}

View file

@ -13,34 +13,39 @@ all-features = true
rustdoc-args = ["--cfg", "docsrs"] rustdoc-args = ["--cfg", "docsrs"]
[dependencies] [dependencies]
rand_core = "0.6" std-shims = { path = "../../common/std-shims", version = "0.1", default-features = false, optional = true }
zeroize = { version = "^1.5", features = ["zeroize_derive"] } rand_core = { version = "0.6", default-features = false }
subtle = "^2.4"
digest = "0.10" zeroize = { version = "^1.5", default-features = false }
subtle = { version = "^2.4", default-features = false }
digest = { version = "0.10", default-features = false }
transcript = { package = "flexible-transcript", path = "../transcript", version = "0.3" } transcript = { package = "flexible-transcript", path = "../transcript", version = "0.3" }
sha2 = { version = "0.10", optional = true } sha2 = { version = "0.10", default-features = false, optional = true }
sha3 = { version = "0.10", optional = true } sha3 = { version = "0.10", default-features = false, optional = true }
ff = { version = "0.13", features = ["bits"] } ff = { version = "0.13", default-features = false, features = ["bits"] }
group = "0.13" group = { version = "0.13", default-features = false }
dalek-ff-group = { path = "../dalek-ff-group", version = "0.3", optional = true } dalek-ff-group = { path = "../dalek-ff-group", version = "0.3", optional = true }
elliptic-curve = { version = "0.13", features = ["hash2curve"], optional = true } elliptic-curve = { version = "0.13", default-features = false, features = ["hash2curve"], optional = true }
p256 = { version = "^0.13.1", default-features = false, features = ["std", "arithmetic", "bits", "hash2curve"], optional = true } p256 = { version = "^0.13.1", default-features = false, features = ["arithmetic", "bits", "hash2curve"], optional = true }
k256 = { version = "^0.13.1", default-features = false, features = ["std", "arithmetic", "bits", "hash2curve"], optional = true } k256 = { version = "^0.13.1", default-features = false, features = ["arithmetic", "bits", "hash2curve"], optional = true }
minimal-ed448 = { path = "../ed448", version = "0.3", optional = true } minimal-ed448 = { path = "../ed448", version = "0.3", optional = true }
[dev-dependencies] [dev-dependencies]
hex = "0.4" hex = "0.4"
rand_core = { version = "0.6", features = ["std"] }
ff-group-tests = { version = "0.13", path = "../ff-group-tests" } ff-group-tests = { version = "0.13", path = "../ff-group-tests" }
[features] [features]
std = [] alloc = ["std-shims"]
std = ["std-shims/std"]
dalek = ["sha2", "dalek-ff-group"] dalek = ["sha2", "dalek-ff-group"]
ed25519 = ["dalek"] ed25519 = ["dalek"]

View file

@ -8,6 +8,9 @@ culminating in commit
[669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06). [669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06).
Any subsequent changes have not undergone auditing. Any subsequent changes have not undergone auditing.
This library is usable under no_std. The `alloc` and `std` features enable
reading from the `io::Read` trait, shimmed by `std-shims` under `alloc`.
### Secp256k1/P-256 ### Secp256k1/P-256
Secp256k1 and P-256 are offered via [k256](https://crates.io/crates/k256) and Secp256k1 and P-256 are offered via [k256](https://crates.io/crates/k256) and

View file

@ -75,8 +75,7 @@ impl Ciphersuite for Ed448 {
fn test_ed448() { fn test_ed448() {
use ff::PrimeField; use ff::PrimeField;
// TODO: Enable once ed448 passes these tests ff_group_tests::group::test_prime_group_bits::<_, Point>(&mut rand_core::OsRng);
//ff_group_tests::group::test_prime_group_bits::<Point>();
// Ideally, a test vector from RFC-8032 (not FROST) would be here // Ideally, a test vector from RFC-8032 (not FROST) would be here
// Unfortunately, the IETF draft doesn't provide any vectors for the derived challenges // Unfortunately, the IETF draft doesn't provide any vectors for the derived challenges

View file

@ -7,3 +7,6 @@ This library, except for the not recommended Ed448 ciphersuite, was
culminating in commit culminating in commit
[669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06). [669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06).
Any subsequent changes have not undergone auditing. Any subsequent changes have not undergone auditing.
This library is usable under no_std. The `alloc` and `std` features enable
reading from the `io::Read` trait, shimmed by `std-shims` under `alloc`.

View file

@ -1,10 +1,10 @@
#![cfg_attr(docsrs, feature(doc_auto_cfg))] #![cfg_attr(docsrs, feature(doc_auto_cfg))]
#![cfg_attr(not(feature = "std"), no_std)]
#![doc = include_str!("lib.md")] #![doc = include_str!("lib.md")]
#![cfg_attr(not(feature = "std"), no_std)]
use core::fmt::Debug; use core::fmt::Debug;
#[cfg(feature = "std")] #[cfg(any(feature = "alloc", feature = "std"))]
use std::io::{self, Read}; use std_shims::io::{self, Read};
use rand_core::{RngCore, CryptoRng}; use rand_core::{RngCore, CryptoRng};
@ -20,7 +20,7 @@ use group::{
Group, GroupOps, Group, GroupOps,
prime::PrimeGroup, prime::PrimeGroup,
}; };
#[cfg(feature = "std")] #[cfg(any(feature = "alloc", feature = "std"))]
use group::GroupEncoding; use group::GroupEncoding;
#[cfg(feature = "dalek")] #[cfg(feature = "dalek")]
@ -85,7 +85,7 @@ pub trait Ciphersuite:
} }
/// Read a canonical scalar from something implementing std::io::Read. /// Read a canonical scalar from something implementing std::io::Read.
#[cfg(feature = "std")] #[cfg(any(feature = "alloc", feature = "std"))]
#[allow(non_snake_case)] #[allow(non_snake_case)]
fn read_F<R: Read>(reader: &mut R) -> io::Result<Self::F> { fn read_F<R: Read>(reader: &mut R) -> io::Result<Self::F> {
let mut encoding = <Self::F as PrimeField>::Repr::default(); let mut encoding = <Self::F as PrimeField>::Repr::default();
@ -99,7 +99,7 @@ pub trait Ciphersuite:
} }
/// Read a canonical point from something implementing std::io::Read. /// Read a canonical point from something implementing std::io::Read.
#[cfg(feature = "std")] #[cfg(any(feature = "alloc", feature = "std"))]
#[allow(non_snake_case)] #[allow(non_snake_case)]
fn read_G<R: Read>(reader: &mut R) -> io::Result<Self::G> { fn read_G<R: Read>(reader: &mut R) -> io::Result<Self::G> {
let mut encoding = <Self::G as GroupEncoding>::Repr::default(); let mut encoding = <Self::G as GroupEncoding>::Repr::default();

View file

@ -15,20 +15,22 @@ rustdoc-args = ["--cfg", "docsrs"]
[dependencies] [dependencies]
rustversion = "1" rustversion = "1"
zeroize = { version = "^1.5", features = ["zeroize_derive"] } zeroize = { version = "^1.5", default-features = false, features = ["zeroize_derive"] }
subtle = "^2.4" subtle = { version = "^2.4", default-features = false }
rand_core = "0.6" rand_core = { version = "0.6", default-features = false }
digest = "0.10" digest = { version = "0.10", default-features = false }
ff = "0.13" ff = { version = "0.13", default-features = false, features = ["bits"] }
group = "0.13" group = { version = "0.13", default-features = false }
crypto-bigint = "0.5" crypto-bigint = { version = "0.5", default-features = false }
sha2 = "0.9" sha2 = { version = "0.9", default-features = false }
curve25519-dalek = "^3.2" # The default features are ["std", "u64_backend"]
curve25519-dalek = { version = "^3.2", default-features = false, features = ["alloc", "u64_backend"] }
[dev-dependencies] [dev-dependencies]
rand_core = { version = "0.6", features = ["std"] }
ff-group-tests = { path = "../ff-group-tests" } ff-group-tests = { path = "../ff-group-tests" }

View file

@ -8,3 +8,5 @@ This library was
culminating in commit culminating in commit
[669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06). [669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06).
Any subsequent changes have not undergone auditing. Any subsequent changes have not undergone auditing.
This library is usable under no_std.

View file

@ -15,20 +15,20 @@ rustdoc-args = ["--cfg", "docsrs"]
[dependencies] [dependencies]
rustversion = "1" rustversion = "1"
lazy_static = "1" rand_core = { version = "0.6", default-features = false }
rand_core = "0.6" zeroize = { version = "^1.5", default-features = false, features = ["zeroize_derive"] }
subtle = { version = "^2.4", default-features = false }
zeroize = { version = "^1.5", features = ["zeroize_derive"] } ff = { version = "0.13", default-features = false, features = ["bits"] }
subtle = "^2.4" group = { version = "0.13", default-features = false }
ff = "0.13" generic-array = { version = "0.14", default-features = false }
group = "0.13" crypto-bigint = { version = "0.5", default-features = false, features = ["zeroize"] }
generic-array = "0.14"
crypto-bigint = { version = "0.5", features = ["zeroize"] }
[dev-dependencies] [dev-dependencies]
hex = "0.4" hex = "0.4"
rand_core = { version = "0.6", features = ["std"] }
ff-group-tests = { path = "../ff-group-tests" } ff-group-tests = { path = "../ff-group-tests" }

View file

@ -1,6 +1,6 @@
#![cfg_attr(docsrs, feature(doc_auto_cfg))] #![cfg_attr(docsrs, feature(doc_auto_cfg))]
#![no_std]
#![doc = include_str!("../README.md")] #![doc = include_str!("../README.md")]
#![no_std]
#[macro_use] #[macro_use]
mod backend; mod backend;

View file

@ -3,8 +3,6 @@ use core::{
iter::Sum, iter::Sum,
}; };
use lazy_static::lazy_static;
use rand_core::RngCore; use rand_core::RngCore;
use zeroize::Zeroize; use zeroize::Zeroize;
@ -34,6 +32,13 @@ const G_Y: FieldElement = FieldElement(Residue::new(&U512::from_be_hex(concat!(
"05a0c2d73ad3ff1ce67c39c4fdbd132c4ed7c8ad9808795bf230fa14", "05a0c2d73ad3ff1ce67c39c4fdbd132c4ed7c8ad9808795bf230fa14",
)))); ))));
const G_X: FieldElement = FieldElement(Residue::new(&U512::from_be_hex(concat!(
"00000000000000",
"00",
"4f1970c66bed0ded221d15a622bf36da9e146570470f1767ea6de324",
"a3d3a46412ae1af72ab66511433b80e18b00938e2626a82bc70cc05e",
))));
fn recover_x(y: FieldElement) -> CtOption<FieldElement> { fn recover_x(y: FieldElement) -> CtOption<FieldElement> {
let ysq = y.square(); let ysq = y.square();
#[allow(non_snake_case)] #[allow(non_snake_case)]
@ -56,9 +61,7 @@ pub struct Point {
z: FieldElement, z: FieldElement,
} }
lazy_static! { const G: Point = Point { x: G_X, y: G_Y, z: FieldElement::ONE };
static ref G: Point = Point { x: recover_x(G_Y).unwrap(), y: G_Y, z: FieldElement::ONE };
}
impl ConstantTimeEq for Point { impl ConstantTimeEq for Point {
fn ct_eq(&self, other: &Self) -> Choice { fn ct_eq(&self, other: &Self) -> Choice {
@ -184,7 +187,7 @@ impl Group for Point {
Point { x: FieldElement::ZERO, y: FieldElement::ONE, z: FieldElement::ONE } Point { x: FieldElement::ZERO, y: FieldElement::ONE, z: FieldElement::ONE }
} }
fn generator() -> Self { fn generator() -> Self {
*G G
} }
fn is_identity(&self) -> Choice { fn is_identity(&self) -> Choice {
self.ct_eq(&Self::identity()) self.ct_eq(&Self::identity())
@ -321,6 +324,13 @@ fn test_group() {
ff_group_tests::group::test_prime_group_bits::<_, Point>(&mut rand_core::OsRng); ff_group_tests::group::test_prime_group_bits::<_, Point>(&mut rand_core::OsRng);
} }
#[test]
fn generator() {
assert!(G.x == G_X);
assert!(G.y == G_Y);
assert!(recover_x(G.y).unwrap() == G.x);
}
#[test] #[test]
fn torsion() { fn torsion() {
use generic_array::GenericArray; use generic_array::GenericArray;

View file

@ -15,18 +15,24 @@ rustdoc-args = ["--cfg", "docsrs"]
[dependencies] [dependencies]
rustversion = "1" rustversion = "1"
std-shims = { path = "../../common/std-shims", version = "0.1", default-features = false }
zeroize = { version = "^1.5", features = ["zeroize_derive"] } zeroize = { version = "^1.5", features = ["zeroize_derive"] }
ff = "0.13" ff = { version = "0.13", default-features = false, features = ["bits"] }
group = "0.13" group = { version = "0.13", default-features = false }
rand_core = { version = "0.6", optional = true } rand_core = { version = "0.6", default-features = false, optional = true }
[dev-dependencies] [dev-dependencies]
rand_core = "0.6" rand_core = { version = "0.6", features = ["std"] }
k256 = { version = "^0.13.1", default-features = false, features = ["std", "arithmetic", "bits"] } k256 = { version = "^0.13.1", default-features = false, features = ["arithmetic", "bits"] }
dalek-ff-group = { path = "../dalek-ff-group" } dalek-ff-group = { path = "../dalek-ff-group" }
[features] [features]
std = ["std-shims/std"]
batch = ["rand_core"] batch = ["rand_core"]
default = ["std"]

View file

@ -3,10 +3,14 @@
A multiexp implementation for ff/group implementing Straus and Pippenger. A A multiexp implementation for ff/group implementing Straus and Pippenger. A
batch verification API is also available via the "batch" feature, which enables batch verification API is also available via the "batch" feature, which enables
secure multiexponentation batch verification given a series of values which secure multiexponentation batch verification given a series of values which
should sum to 0, identifying which doesn't via binary search if they don't. should sum to the identity, identifying which doesn't via binary search if they
don't.
This library was This library was
[audited by Cypher Stack in March 2023](https://github.com/serai-dex/serai/raw/e1bb2c191b7123fd260d008e31656d090d559d21/audits/Cypher%20Stack%20crypto%20March%202023/Audit.pdf), [audited by Cypher Stack in March 2023](https://github.com/serai-dex/serai/raw/e1bb2c191b7123fd260d008e31656d090d559d21/audits/Cypher%20Stack%20crypto%20March%202023/Audit.pdf),
culminating in commit culminating in commit
[669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06). [669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06).
Any subsequent changes have not undergone auditing. Any subsequent changes have not undergone auditing.
This library is usable under no_std, via alloc, when the default features are
disabled.

View file

@ -1,3 +1,5 @@
use std_shims::vec::Vec;
use rand_core::{RngCore, CryptoRng}; use rand_core::{RngCore, CryptoRng};
use zeroize::{Zeroize, Zeroizing}; use zeroize::{Zeroize, Zeroizing};

View file

@ -1,7 +1,12 @@
#![cfg_attr(docsrs, feature(doc_auto_cfg))] #![cfg_attr(docsrs, feature(doc_auto_cfg))]
#![doc = include_str!("../README.md")] #![doc = include_str!("../README.md")]
#![cfg_attr(not(feature = "std"), no_std)]
use core::ops::DerefMut; use core::ops::DerefMut;
#[cfg(not(feature = "std"))]
#[macro_use]
extern crate alloc;
use std_shims::vec::Vec;
use zeroize::Zeroize; use zeroize::Zeroize;

View file

@ -1,3 +1,5 @@
use std_shims::vec::Vec;
use zeroize::Zeroize; use zeroize::Zeroize;
use ff::PrimeFieldBits; use ff::PrimeFieldBits;

View file

@ -13,17 +13,27 @@ all-features = true
rustdoc-args = ["--cfg", "docsrs"] rustdoc-args = ["--cfg", "docsrs"]
[dependencies] [dependencies]
rand_core = "0.6" std-shims = { path = "../../common/std-shims", version = "0.1", default-features = false }
rand_core = { version = "0.6", default-features = false }
zeroize = { version = "^1.5", features = ["zeroize_derive"] } zeroize = { version = "^1.5", features = ["zeroize_derive"] }
transcript = { package = "flexible-transcript", path = "../transcript", version = "0.3" } transcript = { package = "flexible-transcript", path = "../transcript", version = "0.3", default-features = false }
ciphersuite = { path = "../ciphersuite", version = "0.3" } ciphersuite = { path = "../ciphersuite", version = "0.3", default-features = false, features = ["alloc"] }
multiexp = { path = "../multiexp", version = "0.3", features = ["batch"] } multiexp = { path = "../multiexp", version = "0.3", default-features = false, features = ["batch"] }
[dev-dependencies] [dev-dependencies]
hex = "0.4" hex = "0.4"
rand_core = { version = "0.6", features = ["std"] }
sha2 = "0.10" sha2 = "0.10"
dalek-ff-group = { path = "../dalek-ff-group", version = "0.3" } dalek-ff-group = { path = "../dalek-ff-group", version = "0.3" }
ciphersuite = { path = "../ciphersuite", version = "0.3", features = ["ed25519"] } ciphersuite = { path = "../ciphersuite", version = "0.3", features = ["ed25519"] }
[features]
std = ["std-shims/std", "ciphersuite/std"]
default = ["std"]

View file

@ -14,3 +14,6 @@ This library was
culminating in commit culminating in commit
[669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06). [669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06).
Any subsequent changes have not undergone auditing. Any subsequent changes have not undergone auditing.
This library is usable under no_std, via alloc, when the default features are
disabled.

View file

@ -1,4 +1,7 @@
use std::io::{self, Read, Write}; use std_shims::{
vec::Vec,
io::{self, Read, Write},
};
use zeroize::Zeroize; use zeroize::Zeroize;

View file

@ -1,8 +1,15 @@
#![cfg_attr(docsrs, feature(doc_auto_cfg))] #![cfg_attr(docsrs, feature(doc_auto_cfg))]
#![doc = include_str!("../README.md")] #![doc = include_str!("../README.md")]
#![cfg_attr(not(feature = "std"), no_std)]
use core::ops::Deref; use core::ops::Deref;
use std::io::{self, Read, Write}; #[cfg(not(feature = "std"))]
#[macro_use]
extern crate alloc;
use std_shims::{
vec::Vec,
io::{self, Read, Write},
};
use rand_core::{RngCore, CryptoRng}; use rand_core::{RngCore, CryptoRng};

View file

@ -15,17 +15,17 @@ rustdoc-args = ["--cfg", "docsrs"]
[dependencies] [dependencies]
rustversion = "1" rustversion = "1"
subtle = "^2.4" subtle = { version = "^2.4", default-features = false }
zeroize = "^1.5" zeroize = { version = "^1.5", default-features = false }
digest = "0.10" digest = { version = "0.10", default-features = false, features = ["core-api"] }
blake2 = { version = "0.10", optional = true } blake2 = { version = "0.10", default-features = false, optional = true }
merlin = { version = "3", optional = true } merlin = { version = "3", default-features = false, optional = true }
[dev-dependencies] [dev-dependencies]
sha2 = "0.10" sha2 = { version = "0.10", default-features = false }
blake2 = "0.10" blake2 = { version = "0.10", default-features = false }
[features] [features]
recommended = ["blake2"] recommended = ["blake2"]

View file

@ -31,3 +31,5 @@ This library was
culminating in commit culminating in commit
[669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06). [669d2dbffc1dafb82a09d9419ea182667115df06](https://github.com/serai-dex/serai/tree/669d2dbffc1dafb82a09d9419ea182667115df06).
Any subsequent changes have not undergone auditing. Any subsequent changes have not undergone auditing.
This library is usable under no_std.

33
tests/no-std/Cargo.toml Normal file
View file

@ -0,0 +1,33 @@
[package]
name = "serai-no-std"
version = "0.1.0"
description = "A crate to test no-std builds of Serai crates work"
license = "MIT"
repository = "https://github.com/kayabaNerve/serai/tree/develop/common/std-shims"
authors = ["Luke Parker <lukeparker5132@gmail.com>"]
keywords = ["nostd", "no_std", "alloc", "io"]
edition = "2021"
publish = false
[package.metadata.docs.rs]
all-features = true
rustdoc-args = ["--cfg", "docsrs"]
[dependencies]
flexible-transcript = { path = "../../crypto/transcript", features = ["recommended", "merlin"] }
dalek-ff-group = { path = "../../crypto/dalek-ff-group" }
minimal-ed448 = { path = "../../crypto/ed448" }
ciphersuite = { path = "../../crypto/ciphersuite", default-features = false, features = ["alloc", "secp256k1", "p256", "ed25519", "ristretto", "ed448"] }
multiexp = { path = "../../crypto/multiexp", default-features = false, features = ["batch"] }
# dleq = { path = "../../crypto/dleq" }
schnorr-signatures = { path = "../../crypto/schnorr", default-features = false }
# dkg = { path = "../../crypto/dkg" }
# modular-frost = { path = "../../crypto/frost" }
# frost-schnorrkel = { path = "../../crypto/schnorrkel" }
monero-generators = { path = "../../coins/monero/generators", default-features = false, features = ["alloc"] }

21
tests/no-std/LICENSE Normal file
View file

@ -0,0 +1,21 @@
MIT License
Copyright (c) 2023 Luke Parker
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

3
tests/no-std/README.md Normal file
View file

@ -0,0 +1,3 @@
# no-std tests
A crate usable to test building various Serai crates in a no-std environment.

26
tests/no-std/src/lib.rs Normal file
View file

@ -0,0 +1,26 @@
#![no_std]
pub use flexible_transcript::*;
pub mod dalek {
pub use dalek_ff_group::*;
}
pub mod ed448 {
pub use minimal_ed448::*;
}
pub use ciphersuite::*;
pub use multiexp::*;
// pub use dleq::*;
pub use schnorr_signatures::*;
/*
pub use dkg::*;
pub use modular_frost::*;
pub use frost_schnorrkel::*;
*/
pub use monero_generators::*;
// pub use monero_serai::*;