Update elliptic-curve and digest

Cargo.toml

@@ -2,6 +2,5 @@
 resolver = "2"
 members = [
     "ecdsa",
-    "ed25519",
     "rfc6979"
 ]

ecdsa/Cargo.toml

@@ -15,17 +15,17 @@ edition = "2021"
 rust-version = "1.56"
 
 [dependencies]
-elliptic-curve = { version = "0.11.6", default-features = false, features = ["sec1"] }
-signature = { version = ">= 1.3.1, <1.5", default-features = false, features = ["rand-preview"] }
+elliptic-curve = { git = "https://github.com/RustCrypto/traits", version = "0.12.0-pre", default-features = false, features = ["sec1"] }
+signature = { version = "1.5", default-features = false, features = ["rand-preview"] }
 
 # optional dependencies
 der = { version = "0.5", optional = true }
-rfc6979 = { version = "0.1", optional = true, path = "../rfc6979" }
+rfc6979 = { git = "https://github.com/khonsulabs/signatures", branch = "elliptic-curve-digest", optional = true }
 
 [dev-dependencies]
-elliptic-curve = { version = "0.11.6", default-features = false, features = ["dev"] }
+elliptic-curve = { git = "https://github.com/RustCrypto/traits", version = "0.12.0-pre", default-features = false, features = ["dev"] }
 hex-literal = "0.3"
-sha2 = { version = "0.9", default-features = false }
+sha2 = { version = "0.10", default-features = false }
 
 [features]
 default = ["digest"]

ecdsa/src/hazmat.rs

@@ -37,7 +37,12 @@ use crate::{
 #[cfg(all(feature = "sign"))]
 use {
     elliptic_curve::{ff::PrimeField, zeroize::Zeroizing, NonZeroScalar, ScalarCore},
-    signature::digest::{BlockInput, FixedOutput, Reset, Update},
+    signature::digest::{
+        block_buffer::Eager,
+        core_api::{BlockSizeUser, BufferKindUser, CoreProxy, FixedOutputCore},
+        generic_array::typenum::{IsLess, Le, NonZero, U256},
+        HashMarker, OutputSizeUser,
+    },
 };
 
 /// Try to sign the given prehashed message using ECDSA.
@@ -124,7 +129,7 @@ where
     /// - `sig`: signature to be verified against the key and message
     fn verify_prehashed(&self, z: Scalar<C>, sig: &Signature<C>) -> Result<()> {
         let (r, s) = sig.split_scalars();
-        let s_inv = Option::<Scalar<C>>::from(s.invert()).ok_or_else(Error::new)?;
+        let s_inv = *s.invert();
         let u1 = z * s_inv;
         let u2 = *r * s_inv;
         let x = ProjectivePoint::<C>::lincomb(
@@ -187,7 +192,16 @@ pub fn rfc6979_generate_k<C, D>(
 ) -> Zeroizing<NonZeroScalar<C>>
 where
     C: PrimeCurve + ProjectiveArithmetic,
-    D: FixedOutput<OutputSize = FieldSize<C>> + BlockInput + Clone + Default + Reset + Update,
+    D: CoreProxy + OutputSizeUser<OutputSize = FieldSize<C>>,
+    D::Core: BlockSizeUser
+        + BufferKindUser<BufferKind = Eager>
+        + Clone
+        + Default
+        + FixedOutputCore
+        + HashMarker
+        + OutputSizeUser<OutputSize = D::OutputSize>,
+    <D::Core as BlockSizeUser>::BlockSize: IsLess<U256>,
+    Le<<D::Core as BlockSizeUser>::BlockSize, U256>: NonZero,
 {
     // TODO(tarcieri): avoid this conversion
     let x = Zeroizing::new(ScalarCore::<C>::from(x));

ecdsa/src/sign.rs

@@ -16,7 +16,12 @@ use elliptic_curve::{
     FieldBytes, FieldSize, NonZeroScalar, PrimeCurve, ProjectiveArithmetic, Scalar, SecretKey,
 };
 use signature::{
-    digest::{BlockInput, Digest, FixedOutput, Reset, Update},
+    digest::{
+        block_buffer::Eager,
+        core_api::{BlockSizeUser, BufferKindUser, CoreProxy, FixedOutputCore},
+        generic_array::typenum::{IsLess, Le, NonZero, U256},
+        Digest, HashMarker, OutputSizeUser,
+    },
     rand_core::{CryptoRng, RngCore},
     DigestSigner, RandomizedDigestSigner, RandomizedSigner, Signer,
 };
@@ -168,15 +173,24 @@ where
 impl<C, D> DigestSigner<D, Signature<C>> for SigningKey<C>
 where
     C: PrimeCurve + ProjectiveArithmetic,
-    D: FixedOutput<OutputSize = FieldSize<C>> + BlockInput + Clone + Default + Reset + Update,
+    D: CoreProxy + Digest + OutputSizeUser<OutputSize = FieldSize<C>>,
+    D::Core: BlockSizeUser
+        + BufferKindUser<BufferKind = Eager>
+        + Clone
+        + Default
+        + FixedOutputCore
+        + HashMarker
+        + OutputSizeUser<OutputSize = D::OutputSize>,
+    <D::Core as BlockSizeUser>::BlockSize: IsLess<U256>,
+    Le<<D::Core as BlockSizeUser>::BlockSize, U256>: NonZero,
     Scalar<C>: Invert<Output = Scalar<C>> + Reduce<C::UInt> + SignPrimitive<C>,
     SignatureSize<C>: ArrayLength<u8>,
 {
     /// Sign message prehash using a deterministic ephemeral scalar (`k`)
     /// computed using the algorithm described in RFC 6979 (Section 3.2):
     /// <https://tools.ietf.org/html/rfc6979#section-3>
     fn try_sign_digest(&self, msg_digest: D) -> Result<Signature<C>> {
-        let msg_scalar = Scalar::<C>::from_be_bytes_reduced(msg_digest.finalize_fixed());
+        let msg_scalar = Scalar::<C>::from_be_bytes_reduced(msg_digest.finalize());
         let k = rfc6979_generate_k::<C, D>(&self.inner, &msg_scalar, &[]);
         Ok(self.inner.try_sign_prehashed(**k, msg_scalar)?.0)
     }
@@ -190,14 +204,23 @@ where
     SignatureSize<C>: ArrayLength<u8>,
 {
     fn try_sign(&self, msg: &[u8]) -> Result<Signature<C>> {
-        self.try_sign_digest(C::Digest::new().chain(msg))
+        self.try_sign_digest(C::Digest::new().chain_update(msg))
     }
 }
 
 impl<C, D> RandomizedDigestSigner<D, Signature<C>> for SigningKey<C>
 where
     C: PrimeCurve + ProjectiveArithmetic,
-    D: FixedOutput<OutputSize = FieldSize<C>> + BlockInput + Clone + Default + Reset + Update,
+    D: CoreProxy + Digest + OutputSizeUser<OutputSize = FieldSize<C>>,
+    D::Core: BlockSizeUser
+        + BufferKindUser<BufferKind = Eager>
+        + Clone
+        + Default
+        + FixedOutputCore
+        + HashMarker
+        + OutputSizeUser<OutputSize = D::OutputSize>,
+    <D::Core as BlockSizeUser>::BlockSize: IsLess<U256>,
+    Le<<D::Core as BlockSizeUser>::BlockSize, U256>: NonZero,
     Scalar<C>: Invert<Output = Scalar<C>> + Reduce<C::UInt> + SignPrimitive<C>,
     SignatureSize<C>: ArrayLength<u8>,
 {
@@ -212,7 +235,7 @@ where
         let mut entropy = FieldBytes::<C>::default();
         rng.fill_bytes(&mut entropy);
 
-        let msg_scalar = Scalar::<C>::from_be_bytes_reduced(msg_digest.finalize_fixed());
+        let msg_scalar = Scalar::<C>::from_be_bytes_reduced(msg_digest.finalize());
         let k = rfc6979_generate_k::<C, D>(&self.inner, &msg_scalar, &entropy);
         Ok(self.inner.try_sign_prehashed(**k, msg_scalar)?.0)
     }
@@ -226,7 +249,7 @@ where
     SignatureSize<C>: ArrayLength<u8>,
 {
     fn try_sign_with_rng(&self, rng: impl CryptoRng + RngCore, msg: &[u8]) -> Result<Signature<C>> {
-        self.try_sign_digest_with_rng(rng, C::Digest::new().chain(msg))
+        self.try_sign_digest_with_rng(rng, C::Digest::new().chain_update(msg))
     }
 }
 

ecdsa/src/verify.rs

@@ -100,7 +100,7 @@ where
     SignatureSize<C>: ArrayLength<u8>,
 {
     fn verify(&self, msg: &[u8], signature: &Signature<C>) -> Result<()> {
-        self.verify_digest(C::Digest::new().chain(msg), signature)
+        self.verify_digest(C::Digest::new().chain_update(msg), signature)
     }
 }