Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rfc6979: integrate crypto-bigint #782

Closed
tarcieri opened this issue Jan 17, 2024 · 2 comments
Closed

rfc6979: integrate crypto-bigint #782

tarcieri opened this issue Jan 17, 2024 · 2 comments

Comments

@tarcieri
Copy link
Member

Currently rfc6979 bundles a tiny, slow, byte-oriented bignum library: https://github.com/RustCrypto/signatures/blob/master/rfc6979/src/ct.rs

Several of the interfaces described in RFC6979 describe an "int" type, perhaps most notably the bits2int function (which is partially implemented in the ecdsa crate in the form of bits2field). However all of the APIs in rfc6979 are byte/octet-oriented, which can make things a bit awkward.

With crypto-bigint now supporting a heap-allocated BoxedUint and plans to migrate the dsa crate to that (#779), as well as having traits for abstracting over stack-vs-heap allocated big integers in crypto-bigint like Integer and Monty, it becomes possible to make rfc6979 closer to 1:1 with the APIs described in the RFC while being able to support both the dsa and ecdsa use cases.

@tarcieri
Copy link
Member Author

tarcieri commented Mar 4, 2024

This is a bit tricky because crypto-bigint integers are multiples of 64-bits, and rfc6979 may need to work on smaller integers (e.g. 521-bit for P-521).

@tarcieri
Copy link
Member Author

I'm going to close this for now: it would really require new types in crypto-bigint which could represent integers which are smaller than multiples of the limb size.

The existing implementation works on the byte level, which isn't as efficient but at least works.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant