elliptic-curve: bump ff and group to v0.13 (#1166)

elliptic-curve/Cargo.toml

@@ -27,8 +27,8 @@ zeroize = { version = "1.5", default-features = false }
 # optional dependencies
 base64ct = { version = "1", optional = true, default-features = false }
 digest = { version = "0.10", optional = true }
-ff = { version = "0.12", optional = true, default-features = false }
-group = { version = "0.12", optional = true, default-features = false }
+ff = { version = "0.13", optional = true, default-features = false }
+group = { version = "0.13", optional = true, default-features = false }
 hkdf = { version = "0.12", optional = true, default-features = false }
 hex-literal = { version = "0.3", optional = true }
 pem-rfc7468 = { version = "0.6", optional = true }

elliptic-curve/src/dev.rs

@@ -16,11 +16,10 @@ use crate::{
     ScalarArithmetic,
 };
 use core::{
-    iter::Sum,
+    iter::{Product, Sum},
     ops::{Add, AddAssign, Mul, MulAssign, Neg, Sub, SubAssign},
 };
 use ff::{Field, PrimeField};
-use generic_array::arr;
 use hex_literal::hex;
 use pkcs8::AssociatedOid;
 
@@ -102,6 +101,9 @@ impl JwkParameters for MockCurve {
 pub struct Scalar(ScalarCore);
 
 impl Field for Scalar {
+    const ZERO: Self = Self(ScalarCore::ZERO);
+    const ONE: Self = Self(ScalarCore::ONE);
+
     fn random(mut rng: impl RngCore) -> Self {
         let mut bytes = FieldBytes::default();
 
@@ -113,14 +115,6 @@ impl Field for Scalar {
         }
     }
 
-    fn zero() -> Self {
-        Self(ScalarCore::ZERO)
-    }
-
-    fn one() -> Self {
-        Self(ScalarCore::ONE)
-    }
-
     fn is_zero(&self) -> Choice {
         self.0.is_zero()
     }
@@ -142,14 +136,25 @@ impl Field for Scalar {
     fn sqrt(&self) -> CtOption<Self> {
         unimplemented!();
     }
+
+    fn sqrt_ratio(_num: &Self, _div: &Self) -> (Choice, Self) {
+        unimplemented!();
+    }
 }
 
 impl PrimeField for Scalar {
     type Repr = FieldBytes;
 
+    const MODULUS: &'static str =
+        "0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff";
     const NUM_BITS: u32 = 256;
     const CAPACITY: u32 = 255;
+    const TWO_INV: Self = Self::ZERO; // BOGUS!
+    const MULTIPLICATIVE_GENERATOR: Self = Self::ZERO; // BOGUS! Should be 7
     const S: u32 = 4;
+    const ROOT_OF_UNITY: Self = Self::ZERO; // BOGUS! Should be 0xffc97f062a770992ba807ace842a3dfc1546cad004378daf0592d7fbb41e6602
+    const ROOT_OF_UNITY_INV: Self = Self::ZERO; // BOGUS!
+    const DELTA: Self = Self::ZERO; // BOGUS!
 
     fn from_repr(bytes: FieldBytes) -> CtOption<Self> {
         ScalarCore::from_be_bytes(bytes).map(Self)
@@ -162,19 +167,6 @@ impl PrimeField for Scalar {
     fn is_odd(&self) -> Choice {
         self.0.is_odd()
     }
-
-    fn multiplicative_generator() -> Self {
-        7u64.into()
-    }
-
-    fn root_of_unity() -> Self {
-        Self::from_repr(arr![u8;
-            0xff, 0xc9, 0x7f, 0x06, 0x2a, 0x77, 0x09, 0x92, 0xba, 0x80, 0x7a, 0xce, 0x84, 0x2a,
-            0x3d, 0xfc, 0x15, 0x46, 0xca, 0xd0, 0x04, 0x37, 0x8d, 0xaf, 0x05, 0x92, 0xd7, 0xfb,
-            0xb4, 0x1e, 0x66, 0x02,
-        ])
-        .unwrap()
-    }
 }
 
 #[cfg(feature = "bits")]
@@ -314,6 +306,30 @@ impl Neg for Scalar {
     }
 }
 
+impl Sum for Scalar {
+    fn sum<I: Iterator<Item = Self>>(_iter: I) -> Self {
+        unimplemented!();
+    }
+}
+
+impl<'a> Sum<&'a Scalar> for Scalar {
+    fn sum<I: Iterator<Item = &'a Scalar>>(_iter: I) -> Self {
+        unimplemented!();
+    }
+}
+
+impl Product for Scalar {
+    fn product<I: Iterator<Item = Self>>(_iter: I) -> Self {
+        unimplemented!();
+    }
+}
+
+impl<'a> Product<&'a Scalar> for Scalar {
+    fn product<I: Iterator<Item = &'a Scalar>>(_iter: I) -> Self {
+        unimplemented!();
+    }
+}
+
 impl Reduce<U256> for Scalar {
     fn from_uint_reduced(w: U256) -> Self {
         let (r, underflow) = w.sbb(&MockCurve::ORDER, Limb::ZERO);

elliptic-curve/src/hash2curve/isogeny.rs

@@ -28,7 +28,7 @@ pub trait Isogeny: Field + AddAssign + Mul<Output = Self> {
     /// Map from the isogeny points to the main curve
     fn isogeny(x: Self, y: Self) -> (Self, Self) {
         let mut xs = GenericArray::<Self, Self::Degree>::default();
-        xs[0] = Self::one();
+        xs[0] = Self::ONE;
         xs[1] = x;
         xs[2] = x.square();
         for i in 3..Self::Degree::to_usize() {
@@ -48,7 +48,7 @@ pub trait Isogeny: Field + AddAssign + Mul<Output = Self> {
 
     /// Compute the ISO transform
     fn compute_iso(xxs: &[Self], k: &[Self]) -> Self {
-        let mut xx = Self::zero();
+        let mut xx = Self::ZERO;
         for (xi, ki) in xxs.iter().zip(k.iter()) {
             xx += *xi * ki;
         }

elliptic-curve/src/hash2curve/osswu.rs

@@ -46,7 +46,7 @@ pub trait OsswuMap: Field + Sgn0 {
         let tv3 = Self::PARAMS.z * tv1; // Z * u^2
         let mut tv2 = tv3.square(); // tv3^2
         let mut xd = tv2 + tv3; // tv3^2 + tv3
-        let x1n = Self::PARAMS.map_b * (xd + Self::one()); // B * (xd + 1)
+        let x1n = Self::PARAMS.map_b * (xd + Self::ONE); // B * (xd + 1)
         xd *= -Self::PARAMS.map_a; // -A * xd
 
         let tv = Self::PARAMS.z * Self::PARAMS.map_a;

elliptic-curve/src/scalar/nonzero.rs

@@ -282,7 +282,7 @@ where
 
         // Write a 1 instead of a 0 to ensure this type's non-zero invariant
         // is upheld.
-        self.scalar = Scalar::<C>::one();
+        self.scalar = Scalar::<C>::ONE;
     }
 }
 
@@ -348,6 +348,6 @@ mod tests {
     fn zeroize() {
         let mut scalar = NonZeroScalar::new(Scalar::from(42u64)).unwrap();
         scalar.zeroize();
-        assert_eq!(*scalar, Scalar::one());
+        assert_eq!(*scalar, Scalar::ONE);
     }
 }