Remove rand feature; bump elliptic-curve and ecdsa

Updates to use the `group` crate. See: RustCrypto/traits#287.

This crate has a hard `rand_core` dependency so this commit gets rid of
the `rand` features across the board and makes them mandatory.

(Even if we don't end up shipping the `group` crate this release, that's
probably for the best to keep the number of features down)

.github/workflows/k256.yml

@@ -41,7 +41,6 @@ jobs:
       - run: cargo build --no-default-features --features ecdsa-core --release --target ${{ matrix.target }}
       # TODO(tarcieri): use new cargo resolver when stable: https://github.com/rust-lang/cargo/issues/7915
       #- run: cargo build --no-default-features --features ecdsa --release --target ${{ matrix.target }}
-      #- run: cargo build --no-default-features --features rand --release --target ${{ matrix.target }}
       - run: cargo build --no-default-features --features sha256 --release --target ${{ matrix.target }}
   test:
     runs-on: ubuntu-latest
@@ -60,6 +59,6 @@ jobs:
     - run: cargo test --no-default-features
     - run: cargo test
     - run: cargo test --all-features
-    - run: cargo test --features field-montgomery,rand
-    - run: cargo test --features force-32-bit,rand
+    - run: cargo test --features field-montgomery
+    - run: cargo test --features force-32-bit
     - run: cargo build --all-features --benches

.github/workflows/p256.yml

@@ -40,7 +40,6 @@ jobs:
       - run: cargo build --no-default-features --features arithmetic --release --target ${{ matrix.target }}
       - run: cargo build --no-default-features --features ecdsa-core --release --target ${{ matrix.target }}
       # TODO(tarcieri): use new cargo resolver when stable: https://github.com/rust-lang/cargo/issues/7915
-      #- run: cargo build --no-default-features --features rand --release --target ${{ matrix.target }}
       #- run: cargo build --no-default-features --features ecdsa --release --target ${{ matrix.target }}
       - run: cargo build --no-default-features --features sha256 --release --target ${{ matrix.target }}
   test:

Cargo.toml

@@ -8,3 +8,4 @@ members = [
 [patch.crates-io]
 ecdsa = { git = "https://github.com/RustCrypto/signatures" }
 elliptic-curve = { git = "https://github.com/RustCrypto/traits" }
+group = { git = "https://github.com/zkcrypto/group.git" }

k256/Cargo.toml

@@ -18,7 +18,7 @@ keywords = ["bitcoin", "crypto", "ecc", "ethereum", "secp256k1"]
 [dependencies]
 cfg-if = "0.1"
 ecdsa-core = { version = "0.7", package = "ecdsa", optional = true, default-features = false }
-elliptic-curve = { version = "0.5", default-features = false, features = ["weierstrass"] }
+elliptic-curve = { version = "0.5", default-features = false }
 sha2 = { version = "0.9", optional = true, default-features = false }
 sha3 = { version = "0.9", optional = true, default-features = false }
 
@@ -36,15 +36,14 @@ rand_core = { version = "0.5", features = ["getrandom"] }
 default = ["arithmetic", "oid", "std"]
 arithmetic = []
 digest = ["elliptic-curve/digest", "ecdsa-core/digest"]
-ecdh = ["elliptic-curve/ecdh", "rand", "zeroize"]
-ecdsa = ["arithmetic", "digest", "ecdsa-core/rand", "ecdsa-core/sign", "ecdsa-core/verify", "rand", "zeroize"]
+ecdh = ["elliptic-curve/ecdh", "zeroize"]
+ecdsa = ["arithmetic", "digest", "ecdsa-core/sign", "ecdsa-core/verify", "zeroize"]
 endomorphism-mul = []
 expose-field = ["arithmetic"]
 field-montgomery = []
 force-32-bit = []
 keccak256 = ["digest", "sha3"]
 oid = ["elliptic-curve/oid"]
-rand = ["elliptic-curve/rand"]
 sha256 = ["digest", "sha2"]
 test-vectors = []
 std = ["elliptic-curve/std"]

k256/src/arithmetic.rs

@@ -44,7 +44,6 @@ mod tests {
         assert_eq!(CURVE_EQUATION_B.to_bytes(), CURVE_EQUATION_B_BYTES.into());
     }
 
-    #[cfg(feature = "rand")]
     #[test]
     fn generate_secret_key() {
         use crate::SecretKey;

k256/src/arithmetic/scalar.rs

@@ -6,12 +6,10 @@ cfg_if! {
     if #[cfg(any(target_pointer_width = "32", feature = "force-32-bit"))] {
         mod scalar_8x32;
         use scalar_8x32::Scalar8x32 as ScalarImpl;
-        #[cfg(feature = "rand")]
         use scalar_8x32::WideScalar16x32 as WideScalarImpl;
     } else if #[cfg(target_pointer_width = "64")] {
         mod scalar_4x64;
         use scalar_4x64::Scalar4x64 as ScalarImpl;
-        #[cfg(feature = "rand")]
         use scalar_4x64::WideScalar8x64 as WideScalarImpl;
     }
 }
@@ -21,19 +19,14 @@ use core::ops::{Add, AddAssign, Mul, MulAssign, Neg, Shr, Sub, SubAssign};
 use elliptic_curve::{
     consts::U32,
     ops::Invert,
+    rand_core::{CryptoRng, RngCore},
     subtle::{Choice, ConditionallySelectable, ConstantTimeEq, CtOption},
-    FromBytes,
+    FromBytes, Generate,
 };
 
 #[cfg(feature = "digest")]
 use elliptic_curve::{Digest, FromDigest};
 
-#[cfg(feature = "rand")]
-use elliptic_curve::{
-    rand_core::{CryptoRng, RngCore},
-    Generate,
-};
-
 #[cfg(feature = "zeroize")]
 use elliptic_curve::zeroize::Zeroize;
 
@@ -197,7 +190,6 @@ impl Scalar {
     }
 
     /// Returns a (nearly) uniformly-random scalar, generated in constant time.
-    #[cfg(feature = "rand")]
     pub fn generate_biased(mut rng: impl CryptoRng + RngCore) -> Self {
         // We reduce a random 512-bit value into a 256-bit field, which results in a
         // negligible bias from the uniform distribution, but the process is constant-time.
@@ -207,7 +199,6 @@ impl Scalar {
     }
 
     /// Returns a uniformly-random scalar, generated using rejection sampling.
-    #[cfg(feature = "rand")]
     pub fn generate_vartime(mut rng: impl CryptoRng + RngCore) -> Self {
         let mut bytes = ElementBytes::default();
 
@@ -399,7 +390,6 @@ impl From<Scalar> for ElementBytes {
     }
 }
 
-#[cfg(feature = "rand")]
 impl Generate for Scalar {
     fn generate(rng: impl CryptoRng + RngCore) -> Self {
         // Uses rejection sampling as the default random generation method,
@@ -511,7 +501,6 @@ mod tests {
         assert_eq!(res, res_ref);
     }
 
-    #[cfg(feature = "rand")]
     #[test]
     fn generate_biased() {
         use elliptic_curve::rand_core::OsRng;
@@ -520,7 +509,6 @@ mod tests {
         assert_eq!((a - &a).is_zero().unwrap_u8(), 1);
     }
 
-    #[cfg(feature = "rand")]
     #[test]
     fn generate_vartime() {
         use elliptic_curve::rand_core::OsRng;

k256/src/arithmetic/scalar/scalar_4x64.rs

@@ -413,7 +413,6 @@ impl ConstantTimeEq for Scalar4x64 {
 pub struct WideScalar8x64([u64; 8]);
 
 impl WideScalar8x64 {
-    #[cfg(feature = "rand")]
     pub fn from_bytes(bytes: &[u8; 64]) -> Self {
         let mut w = [0u64; 8];
         for i in 0..8 {

k256/src/arithmetic/scalar/scalar_8x32.rs

@@ -551,7 +551,6 @@ impl ConstantTimeEq for Scalar8x32 {
 pub struct WideScalar16x32([u32; 16]);
 
 impl WideScalar16x32 {
-    #[cfg(feature = "rand")]
     pub fn from_bytes(bytes: &[u8; 64]) -> Self {
         let mut w = [0u32; 16];
         for i in 0..16 {

p256/Cargo.toml

@@ -17,7 +17,7 @@ keywords = ["crypto", "ecc", "nist", "prime256v1", "secp256r1"]
 
 [dependencies]
 ecdsa-core = { version = "0.7", package = "ecdsa", optional = true, default-features = false }
-elliptic-curve = { version = "0.5", default-features = false, features = ["weierstrass"] }
+elliptic-curve = { version = "0.5", default-features = false }
 sha2 = { version = "0.9", optional = true, default-features = false }
 
 [dev-dependencies]
@@ -31,10 +31,9 @@ rand_core = { version = "0.5", features = ["getrandom"] }
 default = ["arithmetic", "std"]
 arithmetic = []
 digest = ["elliptic-curve/digest", "ecdsa-core/digest"]
-ecdh = ["elliptic-curve/ecdh", "rand", "zeroize"]
-ecdsa = ["arithmetic", "ecdsa-core/rand", "ecdsa-core/sign", "ecdsa-core/verify", "rand", "sha256", "zeroize"]
+ecdh = ["elliptic-curve/ecdh", "zeroize"]
+ecdsa = ["arithmetic", "ecdsa-core/sign", "ecdsa-core/verify", "sha256", "zeroize"]
 oid = ["elliptic-curve/oid"]
-rand = ["elliptic-curve/rand"]
 sha256 = ["digest", "ecdsa-core/hazmat", "sha2"]
 test-vectors = []
 std = ["elliptic-curve/std"]

p256/src/arithmetic.rs

@@ -53,7 +53,6 @@ mod tests {
         );
     }
 
-    #[cfg(feature = "rand")]
     #[test]
     fn generate_secret_key() {
         use crate::SecretKey;

p256/src/arithmetic/field.rs

@@ -4,13 +4,11 @@ use crate::ElementBytes;
 use core::convert::TryInto;
 use core::ops::{Add, AddAssign, Mul, MulAssign, Neg, Sub, SubAssign};
 use elliptic_curve::{
+    rand_core::{CryptoRng, RngCore},
     subtle::{Choice, ConditionallySelectable, ConstantTimeEq, CtOption},
     util::{adc64, mac64, sbb64},
 };
 
-#[cfg(feature = "rand")]
-use elliptic_curve::rand_core::{CryptoRng, RngCore};
-
 #[cfg(feature = "zeroize")]
 use elliptic_curve::zeroize::Zeroize;
 
@@ -92,7 +90,6 @@ impl FieldElement {
     }
 
     /// Returns a uniformly-random element within the field.
-    #[cfg(feature = "rand")]
     pub fn generate(mut rng: impl CryptoRng + RngCore) -> Self {
         // We reduce a random 512-bit value into a 256-bit field, which results in a
         // negligible bias from the uniform distribution.
@@ -101,7 +98,6 @@ impl FieldElement {
         FieldElement::from_bytes_wide(buf)
     }
 
-    #[cfg(feature = "rand")]
     fn from_bytes_wide(bytes: [u8; 64]) -> Self {
         FieldElement::montgomery_reduce(
             u64::from_be_bytes(bytes[0..8].try_into().unwrap()),

p256/src/arithmetic/scalar.rs

@@ -1,6 +1,5 @@
 //! Scalar field arithmetic modulo n = 115792089210356248762697446949407573529996955224135760342422259061068512044369
 
-#[cfg(feature = "rand")]
 pub mod blinding;
 
 use crate::{ElementBytes, NistP256, SecretKey};
@@ -11,20 +10,15 @@ use core::{
 use elliptic_curve::{
     consts::U32,
     ops::Invert,
+    rand_core::{CryptoRng, RngCore},
     subtle::{Choice, ConditionallySelectable, ConstantTimeEq, CtOption},
     util::{adc64, mac64, sbb64},
-    FromBytes,
+    FromBytes, Generate,
 };
 
 #[cfg(feature = "digest")]
 use elliptic_curve::{Digest, FromDigest};
 
-#[cfg(feature = "rand")]
-use elliptic_curve::{
-    rand_core::{CryptoRng, RngCore},
-    Generate,
-};
-
 #[cfg(feature = "zeroize")]
 use elliptic_curve::zeroize::Zeroize;
 
@@ -700,7 +694,6 @@ impl From<Scalar> for ElementBytes {
     }
 }
 
-#[cfg(feature = "rand")]
 impl Generate for Scalar {
     fn generate(mut rng: impl CryptoRng + RngCore) -> Self {
         let mut bytes = ElementBytes::default();

p256/src/arithmetic/scalar/blinding.rs

@@ -20,7 +20,6 @@ use elliptic_curve::zeroize::Zeroize;
 /// This provides a randomly blinded impl of [`Invert`] which is useful for
 /// ECDSA ephemeral (`k`) scalars.
 #[cfg_attr(docsrs, doc(cfg(feature = "arithmetic")))]
-#[cfg_attr(docsrs, doc(cfg(feature = "rand")))]
 pub struct BlindedScalar {
     /// Actual scalar value
     scalar: Scalar,

p256/src/ecdsa.rs

@@ -134,13 +134,11 @@ mod tests {
         use crate::{
             ecdsa::{signature::Signer, SigningKey},
             test_vectors::ecdsa::ECDSA_TEST_VECTORS,
-            NistP256,
+            BlindedScalar, NistP256, Scalar,
         };
+        use elliptic_curve::rand_core::OsRng;
         use hex_literal::hex;
 
-        #[cfg(feature = "rand")]
-        use crate::{elliptic_curve::rand_core::OsRng, BlindedScalar, Scalar};
-
         ecdsa_core::new_signing_test!(NistP256, ECDSA_TEST_VECTORS);
 
         // Test vector from RFC 6979 Appendix 2.5 (NIST P-256 + SHA-256)
@@ -159,7 +157,6 @@ mod tests {
             );
         }
 
-        #[cfg(feature = "rand")]
         #[test]
         fn scalar_blinding() {
             let vector = &ECDSA_TEST_VECTORS[0];

p256/src/lib.rs

@@ -61,12 +61,10 @@ pub use elliptic_curve;
 pub use arithmetic::{
     affine::AffinePoint,
     projective::ProjectivePoint,
+    scalar::blinding::BlindedScalar,
     scalar::{NonZeroScalar, Scalar},
 };
 
-#[cfg(all(feature = "arithmetic", feature = "rand"))]
-pub use arithmetic::scalar::blinding::BlindedScalar;
-
 use elliptic_curve::consts::U32;
 
 #[cfg(feature = "oid")]

p384/Cargo.toml

@@ -13,10 +13,11 @@ keywords = ["crypto", "ecc", "nist", "secp384r1"]
 
 [dependencies]
 ecdsa = { version = "0.7", optional = true, default-features = false }
-elliptic-curve = { version = "0.5", default-features = false, features = ["weierstrass"] }
+elliptic-curve = { version = "0.5", default-features = false }
 sha2 = { version = "0.9", optional = true, default-features = false }
 
 [features]
+default = ["oid", "std"]
 oid = ["elliptic-curve/oid"]
 sha384 = ["ecdsa/digest", "ecdsa/hazmat", "sha2"]
 std = ["elliptic-curve/std"]