merge other upstream branches

Author: baloo

.github/workflows/workspace.yml

@@ -20,7 +20,7 @@ jobs:
     - uses: actions/checkout@v4
     - uses: dtolnay/rust-toolchain@master
       with:
-        toolchain: 1.85.0
+        toolchain: 1.88.0
         components: clippy
     - run: cargo clippy --all --all-features -- -D warnings
 

.github/workflows/x448.yml

@@ -0,0 +1,111 @@
+name: x448
+
+on:
+  pull_request:
+    paths:
+      - ".github/workflows/x448.yml"
+      - "ed448-goldilocks/**"
+      - "x448/**"
+      - "Cargo.*"
+  push:
+    branches: master
+
+defaults:
+  run:
+    working-directory: x448
+
+env:
+  CARGO_INCREMENTAL: 0
+  RUSTFLAGS: "-Dwarnings"
+  RUSTDOCFLAGS: "-Dwarnings"
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        rust:
+          - 1.85.0 # MSRV
+          - stable
+        target:
+          - thumbv7em-none-eabi
+          - wasm32-unknown-unknown
+    steps:
+      - uses: actions/checkout@v4
+      - uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ matrix.rust }}
+          targets: ${{ matrix.target }}
+      - run: cargo build --target ${{ matrix.target }} --release
+
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          # 32-bit Linux
+          - target: i686-unknown-linux-gnu
+            rust: 1.85.0 # MSRV
+            deps: sudo apt update && sudo apt install gcc-multilib
+          - target: i686-unknown-linux-gnu
+            rust: stable
+            deps: sudo apt update && sudo apt install gcc-multilib
+
+          # 64-bit Linux
+          - target: x86_64-unknown-linux-gnu
+            rust: 1.85.0 # MSRV
+          - target: x86_64-unknown-linux-gnu
+            rust: stable
+
+    steps:
+      - uses: actions/checkout@v4
+      - uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ matrix.rust }}
+          targets: ${{ matrix.target }}
+      - uses: RustCrypto/actions/cargo-hack-install@master
+      - run: ${{ matrix.deps }}
+      - run: cargo test --release --target ${{ matrix.target }}
+
+  cross:
+    strategy:
+      matrix:
+        include:
+          # ARM32
+          - target: armv7-unknown-linux-gnueabihf
+            rust: 1.85.0 # MSRV (cross)
+          - target: armv7-unknown-linux-gnueabihf
+            rust: stable
+
+          # ARM64
+          - target: aarch64-unknown-linux-gnu
+            rust: 1.85.0 # MSRV (cross)
+          - target: aarch64-unknown-linux-gnu
+            rust: stable
+
+          # PPC32
+          - target: powerpc-unknown-linux-gnu
+            rust: 1.85.0 # MSRV (cross)
+          - target: powerpc-unknown-linux-gnu
+            rust: stable
+
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - run: ${{ matrix.deps }}
+      - uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: ${{ matrix.rust }}
+          targets: ${{ matrix.target }}
+      - uses: RustCrypto/actions/cross-install@master
+      - run: cross test --release --target ${{ matrix.target }}
+
+  doc:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: RustCrypto/actions/cargo-cache@master
+      - uses: dtolnay/rust-toolchain@master
+        with:
+          toolchain: stable
+      - run: cargo doc

Cargo.lock

@@ -14,13 +14,16 @@ members = [
     "p521",
     "primefield",
     "primeorder",
-    "sm2"
+    "sm2",
+    "x448"
 ]
 
 [profile.dev]
 opt-level = 2
 
 [patch.crates-io]
+ed448-goldilocks = { path = "ed448-goldilocks" }
+elliptic-curve = { git = "https://github.com/RustCrypto/traits.git" }
 hash2curve = { path = "hash2curve" }
 primefield = { path = "primefield" }
 primeorder = { path = "primeorder" }

Cargo.toml

@@ -166,7 +166,7 @@ impl Debug for Signature {
         write!(f, "bignp256::dsa::Signature(")?;
 
         for byte in self.to_bytes() {
-            write!(f, "{:02X}", byte)?;
+            write!(f, "{byte:02X}")?;
         }
 
         write!(f, ")")

bign256/src/ecdsa.rs

@@ -11,7 +11,7 @@ THIS CODE HAS NOT BEEN AUDITED OR REVIEWED. USE AT YOUR OWN RISK.
 
 ## About
 
-This crate provides a pure Rust implementation of Curve448, Edwards, Decaf, and Ristretto.
+This crate provides a pure Rust implementation of Curve448, Edwards, and Decaf.
 It is intended to be portable, fast, and safe.
 
 ## Usage

ed448-goldilocks/README.md

@@ -13,12 +13,6 @@ pub const DECAF_BASEPOINT: DecafPoint = DecafPoint(curve::twedwards::extended::E
 /// $$
 pub const EDWARDS_BASEPOINT_ORDER: EdwardsScalar = EdwardsScalar::new(ORDER);
 
-/// `BASEPOINT_ORDER` is the order of the Decaf448 basepoint, i.e.,
-/// $$
-/// \ell = 2^\{446\} + 0x8335dc163bb124b65129c96fde933d8d723a70aadc873d6d54a7bb0d.
-/// $$
-pub const DECAF_BASEPOINT_ORDER: DecafScalar = DecafScalar::new(ORDER);
-
 /// `BASEPOINT_ORDER` is the order of the Curve448 basepoint, i.e.,
 /// $$
 /// \ell = 2^\{446\} + 0x8335dc163bb124b65129c96fde933d8d723a70aadc873d6d54a7bb0d.

ed448-goldilocks/src/constants.rs

@@ -1,6 +1,6 @@
 /// This module will contain the EC arithmetic for the Twisted Edwards form of Goldilocks.
 /// with the following affine equation : -x^2 + y^2 = 1 - 39082x^2y^2
-/// This curve will be used as a backend for the Goldilocks, Ristretto and Decaf through the use of isogenies.
+/// This curve will be used as a backend for the Goldilocks and Decaf through the use of isogenies.
 /// It will not be exposed in the public API.
 pub(crate) mod affine;
 pub(crate) mod extended;

ed448-goldilocks/src/curve/twedwards.rs

@@ -1,4 +1,4 @@
-use crate::constants::{DECAF_BASEPOINT, DECAF_BASEPOINT_ORDER};
+use crate::constants::DECAF_BASEPOINT;
 use crate::curve::twedwards::extended::ExtendedPoint;
 use crate::field::FieldElement;
 use crate::*;
@@ -226,7 +226,7 @@ impl CofactorGroup for DecafPoint {
     }
 
     fn is_torsion_free(&self) -> Choice {
-        (self * DECAF_BASEPOINT_ORDER).ct_eq(&Self::IDENTITY)
+        self.ct_eq(&Self::IDENTITY)
     }
 }
 
@@ -594,7 +594,7 @@ mod test {
     use crate::TWISTED_EDWARDS_BASE_POINT;
 
     #[test]
-    fn test_edwards_ristretto_operations() {
+    fn test_edwards_decaf_operations() {
         // Basic test that if P1 + P2 = P3
         // Then Decaf(P1) + Decaf(P2) = Decaf(P3)
 

ed448-goldilocks/src/decaf/points.rs

@@ -8,7 +8,7 @@
 /// This isogeny strategy does not clear the cofactor on the Goldilocks curve unless the Scalar is a multiple of 4.
 /// or the point is known to be in the q-torsion subgroup.
 /// Hence, one will need to multiply by the cofactor to ensure it is cleared when using the Goldilocks curve.
-/// If this is a problem, one can use a different isogeny strategy (Decaf/Ristretto)
+/// If this is a problem, one can use a different isogeny strategy (Decaf)
 pub(crate) mod affine;
 pub(crate) mod extended;
 mod scalar;