Remove rand feature; bump elliptic-curve and ecdsa

Updates to use the `group` crate. See: RustCrypto/traits#287.

This crate has a hard `rand_core` dependency so this commit gets rid of
the `rand` features across the board and makes them mandatory.

(Even if we don't end up shipping the `group` crate this release, that's
probably for the best to keep the number of features down)

This commit additionally splits out `no_std` build testing into
`tests/*_no_std` Cargo projects. This is a workaround until the Cargo
resolver is fixed upstream:

rust-lang/cargo#7915
rust-lang/cargo#7916

Author: tarcieri

.github/workflows/k256.yml

@@ -3,8 +3,8 @@ name: k256
 on:
   pull_request:
     paths:
-      - "elliptic-curve-crate/**"
       - "k256/**"
+      - "tests/k256_no_std/**"
       - "Cargo.*"
   push:
     branches: master
@@ -28,6 +28,9 @@ jobs:
         target:
           - thumbv7em-none-eabi
           - wasm32-unknown-unknown
+    defaults:
+      run:
+        working-directory: tests/k256_no_std
     steps:
       - uses: actions/checkout@v1
       - uses: actions-rs/toolchain@v1
@@ -36,13 +39,14 @@ jobs:
           toolchain: ${{ matrix.rust }}
           target: ${{ matrix.target }}
           override: true
-      - run: cargo build --no-default-features --release --target ${{ matrix.target }}
-      - run: cargo build --no-default-features --features arithmetic --release --target ${{ matrix.target }}
-      - run: cargo build --no-default-features --features ecdsa-core --release --target ${{ matrix.target }}
-      # TODO(tarcieri): use new cargo resolver when stable: https://github.com/rust-lang/cargo/issues/7915
-      #- run: cargo build --no-default-features --features ecdsa --release --target ${{ matrix.target }}
-      #- run: cargo build --no-default-features --features rand --release --target ${{ matrix.target }}
-      - run: cargo build --no-default-features --features sha256 --release --target ${{ matrix.target }}
+      - run: cargo build --release --target ${{ matrix.target }}
+      - run: cargo build --release --target ${{ matrix.target }} --features arithmetic
+      - run: cargo build --release --target ${{ matrix.target }} --features ecdh
+      - run: cargo build --release --target ${{ matrix.target }} --features ecdsa-core
+      - run: cargo build --release --target ${{ matrix.target }} --features ecdsa
+      - run: cargo build --release --target ${{ matrix.target }} --features keccak256
+      - run: cargo build --release --target ${{ matrix.target }} --features sha256
+      - run: cargo build --release --target ${{ matrix.target }} --all-features
   test:
     runs-on: ubuntu-latest
     strategy:
@@ -60,6 +64,6 @@ jobs:
     - run: cargo test --no-default-features
     - run: cargo test
     - run: cargo test --all-features
-    - run: cargo test --features field-montgomery,rand
-    - run: cargo test --features force-32-bit,rand
+    - run: cargo test --features field-montgomery
+    - run: cargo test --features force-32-bit
     - run: cargo build --all-features --benches

.github/workflows/p256.yml

@@ -3,8 +3,8 @@ name: p256
 on:
   pull_request:
     paths:
-      - "elliptic-curve-crate/**"
       - "p256/**"
+      - "tests/p256_no_std/**"
       - "Cargo.*"
   push:
     branches: master
@@ -28,6 +28,9 @@ jobs:
         target:
           - thumbv7em-none-eabi
           - wasm32-unknown-unknown
+    defaults:
+      run:
+        working-directory: tests/p256_no_std
     steps:
       - uses: actions/checkout@v1
       - uses: actions-rs/toolchain@v1
@@ -36,13 +39,13 @@ jobs:
           toolchain: ${{ matrix.rust }}
           target: ${{ matrix.target }}
           override: true
-      - run: cargo build --no-default-features --release --target ${{ matrix.target }}
-      - run: cargo build --no-default-features --features arithmetic --release --target ${{ matrix.target }}
-      - run: cargo build --no-default-features --features ecdsa-core --release --target ${{ matrix.target }}
-      # TODO(tarcieri): use new cargo resolver when stable: https://github.com/rust-lang/cargo/issues/7915
-      #- run: cargo build --no-default-features --features rand --release --target ${{ matrix.target }}
-      #- run: cargo build --no-default-features --features ecdsa --release --target ${{ matrix.target }}
-      - run: cargo build --no-default-features --features sha256 --release --target ${{ matrix.target }}
+      - run: cargo build --release --target ${{ matrix.target }}
+      - run: cargo build --release --target ${{ matrix.target }} --features arithmetic
+      - run: cargo build --release --target ${{ matrix.target }} --features ecdh
+      - run: cargo build --release --target ${{ matrix.target }} --features ecdsa-core
+      - run: cargo build --release --target ${{ matrix.target }} --features ecdsa
+      - run: cargo build --release --target ${{ matrix.target }} --features sha256
+      - run: cargo build --release --target ${{ matrix.target }} --all-features
   test:
     runs-on: ubuntu-latest
     strategy:

.github/workflows/p384.yml

@@ -3,8 +3,8 @@ name: p384
 on:
   pull_request:
     paths:
-      - "elliptic-curve-crate/**"
       - "p384/**"
+      - "tests/p384_no_std/**"
       - "Cargo.*"
   push:
     branches: master
@@ -28,6 +28,9 @@ jobs:
         target:
           - thumbv7em-none-eabi
           - wasm32-unknown-unknown
+    defaults:
+      run:
+        working-directory: tests/p384_no_std
     steps:
       - uses: actions/checkout@v1
       - uses: actions-rs/toolchain@v1
@@ -36,7 +39,10 @@ jobs:
           toolchain: ${{ matrix.rust }}
           target: ${{ matrix.target }}
           override: true
-      - run: cargo build --no-default-features --release --target ${{ matrix.target }}
+      - run: cargo build --release --target ${{ matrix.target }}
+      - run: cargo build --release --target ${{ matrix.target }} --features ecdsa
+      - run: cargo build --release --target ${{ matrix.target }} --features sha384
+      - run: cargo build --release --target ${{ matrix.target }} --all-features
   test:
     runs-on: ubuntu-latest
     strategy:

.gitignore

@@ -1,2 +1,3 @@
 target
+tests/Cargo.lock
 *.sw*

Cargo.lock

@@ -8,3 +8,4 @@ members = [
 [patch.crates-io]
 ecdsa = { git = "https://github.com/RustCrypto/signatures" }
 elliptic-curve = { git = "https://github.com/RustCrypto/traits" }
+group = { git = "https://github.com/zkcrypto/group.git" }

Cargo.toml

@@ -18,7 +18,7 @@ keywords = ["bitcoin", "crypto", "ecc", "ethereum", "secp256k1"]
 [dependencies]
 cfg-if = "0.1"
 ecdsa-core = { version = "0.7", package = "ecdsa", optional = true, default-features = false }
-elliptic-curve = { version = "0.5", default-features = false, features = ["weierstrass"] }
+elliptic-curve = { version = "0.5", default-features = false }
 sha2 = { version = "0.9", optional = true, default-features = false }
 sha3 = { version = "0.9", optional = true, default-features = false }
 
@@ -36,15 +36,14 @@ rand_core = { version = "0.5", features = ["getrandom"] }
 default = ["arithmetic", "oid", "std"]
 arithmetic = []
 digest = ["elliptic-curve/digest", "ecdsa-core/digest"]
-ecdh = ["elliptic-curve/ecdh", "rand", "zeroize"]
-ecdsa = ["arithmetic", "digest", "ecdsa-core/rand", "ecdsa-core/sign", "ecdsa-core/verify", "rand", "zeroize"]
+ecdh = ["elliptic-curve/ecdh", "zeroize"]
+ecdsa = ["arithmetic", "digest", "ecdsa-core/sign", "ecdsa-core/verify", "zeroize"]
 endomorphism-mul = []
 expose-field = ["arithmetic"]
 field-montgomery = []
 force-32-bit = []
 keccak256 = ["digest", "sha3"]
 oid = ["elliptic-curve/oid"]
-rand = ["elliptic-curve/rand"]
 sha256 = ["digest", "sha2"]
 test-vectors = []
 std = ["elliptic-curve/std"]

k256/Cargo.toml

@@ -44,7 +44,6 @@ mod tests {
         assert_eq!(CURVE_EQUATION_B.to_bytes(), CURVE_EQUATION_B_BYTES.into());
     }
 
-    #[cfg(feature = "rand")]
     #[test]
     fn generate_secret_key() {
         use crate::SecretKey;

k256/src/arithmetic.rs

@@ -6,12 +6,10 @@ cfg_if! {
     if #[cfg(any(target_pointer_width = "32", feature = "force-32-bit"))] {
         mod scalar_8x32;
         use scalar_8x32::Scalar8x32 as ScalarImpl;
-        #[cfg(feature = "rand")]
         use scalar_8x32::WideScalar16x32 as WideScalarImpl;
     } else if #[cfg(target_pointer_width = "64")] {
         mod scalar_4x64;
         use scalar_4x64::Scalar4x64 as ScalarImpl;
-        #[cfg(feature = "rand")]
         use scalar_4x64::WideScalar8x64 as WideScalarImpl;
     }
 }
@@ -21,19 +19,14 @@ use core::ops::{Add, AddAssign, Mul, MulAssign, Neg, Shr, Sub, SubAssign};
 use elliptic_curve::{
     consts::U32,
     ops::Invert,
+    rand_core::{CryptoRng, RngCore},
     subtle::{Choice, ConditionallySelectable, ConstantTimeEq, CtOption},
-    FromBytes,
+    FromBytes, Generate,
 };
 
 #[cfg(feature = "digest")]
 use elliptic_curve::{Digest, FromDigest};
 
-#[cfg(feature = "rand")]
-use elliptic_curve::{
-    rand_core::{CryptoRng, RngCore},
-    Generate,
-};
-
 #[cfg(feature = "zeroize")]
 use elliptic_curve::zeroize::Zeroize;
 
@@ -197,7 +190,6 @@ impl Scalar {
     }
 
     /// Returns a (nearly) uniformly-random scalar, generated in constant time.
-    #[cfg(feature = "rand")]
     pub fn generate_biased(mut rng: impl CryptoRng + RngCore) -> Self {
         // We reduce a random 512-bit value into a 256-bit field, which results in a
         // negligible bias from the uniform distribution, but the process is constant-time.
@@ -207,7 +199,6 @@ impl Scalar {
     }
 
     /// Returns a uniformly-random scalar, generated using rejection sampling.
-    #[cfg(feature = "rand")]
     pub fn generate_vartime(mut rng: impl CryptoRng + RngCore) -> Self {
         let mut bytes = ElementBytes::default();
 
@@ -399,7 +390,6 @@ impl From<Scalar> for ElementBytes {
     }
 }
 
-#[cfg(feature = "rand")]
 impl Generate for Scalar {
     fn generate(rng: impl CryptoRng + RngCore) -> Self {
         // Uses rejection sampling as the default random generation method,
@@ -511,7 +501,6 @@ mod tests {
         assert_eq!(res, res_ref);
     }
 
-    #[cfg(feature = "rand")]
     #[test]
     fn generate_biased() {
         use elliptic_curve::rand_core::OsRng;
@@ -520,7 +509,6 @@ mod tests {
         assert_eq!((a - &a).is_zero().unwrap_u8(), 1);
     }
 
-    #[cfg(feature = "rand")]
     #[test]
     fn generate_vartime() {
         use elliptic_curve::rand_core::OsRng;

k256/src/arithmetic/scalar.rs

@@ -413,7 +413,6 @@ impl ConstantTimeEq for Scalar4x64 {
 pub struct WideScalar8x64([u64; 8]);
 
 impl WideScalar8x64 {
-    #[cfg(feature = "rand")]
     pub fn from_bytes(bytes: &[u8; 64]) -> Self {
         let mut w = [0u64; 8];
         for i in 0..8 {

k256/src/arithmetic/scalar/scalar_4x64.rs

@@ -551,7 +551,6 @@ impl ConstantTimeEq for Scalar8x32 {
 pub struct WideScalar16x32([u32; 16]);
 
 impl WideScalar16x32 {
-    #[cfg(feature = "rand")]
     pub fn from_bytes(bytes: &[u8; 64]) -> Self {
         let mut w = [0u32; 16];
         for i in 0..16 {

k256/src/arithmetic/scalar/scalar_8x32.rs

@@ -47,7 +47,7 @@ use crate::{
     AffinePoint, NonZeroScalar, ProjectivePoint, Scalar,
 };
 
-#[cfg(any(feature = "ecdsa", docsrs))]
+#[cfg(any(all(feature = "ecdsa", feature = "keccak256"), docsrs))]
 use crate::EncodedPoint;
 
 #[cfg(feature = "keccak256")]
@@ -94,8 +94,9 @@ impl Signature {
     /// Given a public key, message, and signature, use trial recovery for both
     /// possible recovery IDs in an attempt to determine if a suitable
     /// recovery ID exists, or return an error otherwise.
-    #[cfg(feature = "ecdsa")]
+    #[cfg(all(feature = "ecdsa", feature = "keccak256"))]
     #[cfg_attr(docsrs, doc(cfg(feature = "ecdsa")))]
+    #[cfg_attr(docsrs, doc(cfg(feature = "keccak256")))]
     pub fn from_trial_recovery(
         public_key: &EncodedPoint,
         msg: &[u8],
@@ -120,7 +121,8 @@ impl Signature {
     /// Recover the public key used to create the given signature as an
     /// [`EncodedPoint`].
     #[cfg(all(feature = "ecdsa", feature = "keccak256"))]
-    #[cfg_attr(docsrs, doc(cfg(feature = "ecdsa")), doc(cfg(feature = "keccak256")))]
+    #[cfg_attr(docsrs, doc(cfg(feature = "ecdsa")))]
+    #[cfg_attr(docsrs, doc(cfg(feature = "keccak256")))]
     pub fn recover_verify_key(&self, msg: &[u8]) -> Result<VerifyKey, Error> {
         self.recover_verify_key_from_digest(Keccak256::new().chain(msg))
     }

k256/src/ecdsa/recoverable.rs

@@ -17,7 +17,7 @@ use elliptic_curve::{
 };
 use signature::PrehashSignature;
 
-#[cfg(any(feature = "sha256", feature = "keccak256"))]
+#[cfg(feature = "digest")]
 use signature::digest::Digest;
 
 /// ECDSA/secp256k1 signing key

k256/src/ecdsa/sign.rs

@@ -17,7 +17,7 @@ keywords = ["crypto", "ecc", "nist", "prime256v1", "secp256r1"]
 
 [dependencies]
 ecdsa-core = { version = "0.7", package = "ecdsa", optional = true, default-features = false }
-elliptic-curve = { version = "0.5", default-features = false, features = ["weierstrass"] }
+elliptic-curve = { version = "0.5", default-features = false }
 sha2 = { version = "0.9", optional = true, default-features = false }
 
 [dev-dependencies]
@@ -31,10 +31,9 @@ rand_core = { version = "0.5", features = ["getrandom"] }
 default = ["arithmetic", "std"]
 arithmetic = []
 digest = ["elliptic-curve/digest", "ecdsa-core/digest"]
-ecdh = ["elliptic-curve/ecdh", "rand", "zeroize"]
-ecdsa = ["arithmetic", "ecdsa-core/rand", "ecdsa-core/sign", "ecdsa-core/verify", "rand", "sha256", "zeroize"]
+ecdh = ["elliptic-curve/ecdh", "zeroize"]
+ecdsa = ["arithmetic", "ecdsa-core/sign", "ecdsa-core/verify", "sha256", "zeroize"]
 oid = ["elliptic-curve/oid"]
-rand = ["elliptic-curve/rand"]
 sha256 = ["digest", "ecdsa-core/hazmat", "sha2"]
 test-vectors = []
 std = ["elliptic-curve/std"]

p256/Cargo.toml

@@ -53,7 +53,6 @@ mod tests {
         );
     }
 
-    #[cfg(feature = "rand")]
     #[test]
     fn generate_secret_key() {
         use crate::SecretKey;