Merge branch 'release/1.0.0-pre.4'

cbeck88 · Jul 16, 2020 · ae0b48b · ae0b48b
2 parents 3ffa9ff + 5f22d89
commit ae0b48b
Show file tree

Hide file tree

Showing 10 changed files with 320 additions and 215 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "ed25519-dalek"
-version = "1.0.0-pre.3"
+version = "1.0.0-pre.4"
 edition = "2018"
 authors = ["isis lovecruft <isis@patternsinthevoid.net>"]
 readme = "README.md"
@@ -22,19 +22,22 @@ travis-ci = { repository = "dalek-cryptography/ed25519-dalek", branch = "master"
 features = ["nightly", "batch"]
 
 [dependencies]
-clear_on_drop = { version = "0.2" }
 curve25519-dalek = { version = "2", default-features = false }
-merlin = { version = "1", default-features = false, optional = true, git = "https://github.com/isislovecruft/merlin", branch = "develop" }
+ed25519 = { version = "1", default-features = false }
+merlin = { version = "2", default-features = false, optional = true }
 rand = { version = "0.7", default-features = false, optional = true }
 rand_core = { version = "0.5", default-features = false, optional = true }
-serde = { version = "1.0", optional = true }
+serde_crate = { package = "serde", version = "1.0", default-features = false, optional = true }
 sha2 = { version = "0.8", default-features = false }
+zeroize = { version = "1", default-features = false, features = ["zeroize_derive"] }
 
 [dev-dependencies]
 hex = "^0.4"
 bincode = "^0.9"
 criterion = "0.3"
 rand = "0.7"
+serde_crate = { package = "serde", version = "1.0", features = ["derive"] }
+toml = { version = "0.5" }
 
 [[bench]]
 name = "ed25519_benchmarks"
@@ -45,9 +48,10 @@ harness = false
 
 [features]
 default = ["std", "u64_backend"]
-std = ["curve25519-dalek/std", "sha2/std", "rand/std"]
-alloc = ["curve25519-dalek/alloc", "rand/alloc"]
-nightly = ["curve25519-dalek/nightly", "clear_on_drop/nightly", "rand/nightly"]
+std = ["curve25519-dalek/std", "ed25519/std", "serde_crate/std", "sha2/std", "rand/std"]
+alloc = ["curve25519-dalek/alloc", "rand/alloc", "zeroize/alloc"]
+nightly = ["curve25519-dalek/nightly", "rand/nightly"]
+serde = ["serde_crate", "ed25519/serde"]
 batch = ["merlin", "rand"]
 # This feature enables deterministic batch verification.
 batch_deterministic = ["merlin", "rand", "rand_core"]

diff --git a/benches/ed25519_benchmarks.rs b/benches/ed25519_benchmarks.rs
@@ -20,6 +20,7 @@ mod ed25519_benches {
     use ed25519_dalek::Keypair;
     use ed25519_dalek::PublicKey;
     use ed25519_dalek::Signature;
+    use ed25519_dalek::Signer;
     use ed25519_dalek::verify_batch;
     use rand::thread_rng;
     use rand::prelude::ThreadRng;

diff --git a/src/batch.rs b/src/batch.rs
@@ -9,11 +9,14 @@
 
 //! Batch signature verification.
 
+#[cfg(feature = "alloc")]
+extern crate alloc;
 #[cfg(feature = "alloc")]
 use alloc::vec::Vec;
-#[cfg(feature = "std")]
+#[cfg(all(not(feature = "alloc"), feature = "std"))]
 use std::vec::Vec;
 
+use core::convert::TryFrom;
 use core::iter::once;
 
 use curve25519_dalek::constants;
@@ -37,7 +40,7 @@ use sha2::Sha512;
 use crate::errors::InternalError;
 use crate::errors::SignatureError;
 use crate::public::PublicKey;
-use crate::signature::Signature;
+use crate::signature::InternalSignature;
 
 trait BatchTranscript {
     fn append_hrams(&mut self, hrams: &Vec<Scalar>);
@@ -111,7 +114,6 @@ fn zero_rng() -> ZeroRng {
 /// * `messages` is a slice of byte slices, one per signed message.
 /// * `signatures` is a slice of `Signature`s.
 /// * `public_keys` is a slice of `PublicKey`s.
-/// * `csprng` is an implementation of `Rng + CryptoRng`.
 ///
 /// # Returns
 ///
@@ -128,6 +130,7 @@ fn zero_rng() -> ZeroRng {
 /// use ed25519_dalek::verify_batch;
 /// use ed25519_dalek::Keypair;
 /// use ed25519_dalek::PublicKey;
+/// use ed25519_dalek::Signer;
 /// use ed25519_dalek::Signature;
 /// use rand::rngs::OsRng;
 ///
@@ -148,21 +151,27 @@ fn zero_rng() -> ZeroRng {
 #[allow(non_snake_case)]
 pub fn verify_batch(
     messages: &[&[u8]],
-    signatures: &[Signature],
+    signatures: &[ed25519::Signature],
     public_keys: &[PublicKey],
 ) -> Result<(), SignatureError>
 {
     // Return an Error if any of the vectors were not the same size as the others.
     if signatures.len() != messages.len() ||
         signatures.len() != public_keys.len() ||
         public_keys.len() != messages.len() {
-        return Err(SignatureError(InternalError::ArrayLengthError{
+        return Err(InternalError::ArrayLengthError{
             name_a: "signatures", length_a: signatures.len(),
             name_b: "messages", length_b: messages.len(),
             name_c: "public_keys", length_c: public_keys.len(),
-        }));
+        }.into());
     }
 
+    // Convert all signatures to `InternalSignature`
+    let signatures = signatures
+        .iter()
+        .map(InternalSignature::try_from)
+        .collect::<Result<Vec<_>, _>>()?;
+
     // Compute H(R || A || M) for each (signature, public_key, message) triplet
     let hrams: Vec<Scalar> = (0..signatures.len()).map(|i| {
         let mut h: Sha512 = Sha512::default();
@@ -195,7 +204,6 @@ pub fn verify_batch(
         .map(|_| Scalar::from(prng.gen::<u128>()))
         .collect();
 
-
     // Compute the basepoint coefficient, ∑ s[i]z[i] (mod l)
     let B_coefficient: Scalar = signatures
         .iter()
@@ -215,11 +223,11 @@ pub fn verify_batch(
     let id = EdwardsPoint::optional_multiscalar_mul(
         once(-B_coefficient).chain(zs.iter().cloned()).chain(zhrams),
         B.chain(Rs).chain(As),
-    ).ok_or_else(|| SignatureError(InternalError::VerifyError))?;
+    ).ok_or(InternalError::VerifyError)?;
 
     if id.is_identity() {
         Ok(())
     } else {
-        Err(SignatureError(InternalError::VerifyError))
+        Err(InternalError::VerifyError.into())
     }
 }
diff --git a/src/errors.rs b/src/errors.rs
@@ -41,6 +41,8 @@ pub(crate) enum InternalError {
     ArrayLengthError{ name_a: &'static str, length_a: usize,
                       name_b: &'static str, length_b: usize,
                       name_c: &'static str, length_c: usize, },
+    /// An ed25519ph signature can only take up to 255 octets of context.
+    PrehashedContextLengthError,
 }
 
 impl Display for InternalError {
@@ -59,6 +61,8 @@ impl Display for InternalError {
                                              name_c: nc, length_c: lc, }
                 => write!(f, "Arrays must be the same length: {} has length {},
                               {} has length {}, {} has length {}.", na, la, nb, lb, nc, lc),
+            InternalError::PrehashedContextLengthError
+                => write!(f, "An ed25519ph signature can only take up to 255 octets of context"),
         }
     }
 }
@@ -80,18 +84,16 @@ impl Error for InternalError { }
 ///   only be constructed from 255-bit integers.)
 ///
 /// * Failure of a signature to satisfy the verification equation.
-#[derive(Clone, Copy, Eq, PartialEq, Hash, Debug)]
-pub struct SignatureError(pub(crate) InternalError);
+pub type SignatureError = ed25519::signature::Error;
 
-impl Display for SignatureError {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        write!(f, "{}", self.0)
+impl From<InternalError> for SignatureError {
+    #[cfg(not(feature = "std"))]
+    fn from(_err: InternalError) -> SignatureError {
+        SignatureError::new()
     }
-}
 
-#[cfg(feature = "std")]
-impl Error for SignatureError {
-    fn source(&self) -> Option<&(dyn Error + 'static)> {
-        Some(&self.0)
+    #[cfg(feature = "std")]
+    fn from(err: InternalError) -> SignatureError {
+        SignatureError::from_source(err)
     }
 }