progress

Author: aumetra

Cargo.lock

@@ -16,12 +16,16 @@ rust-version = "1.65"
 
 [dependencies]
 digest = "0.10"
-num-bigint = { package = "num-bigint-dig", version = "0.8", default-features = false, features = ["prime", "rand", "zeroize"] }
-num-traits = { version = "0.2", default-features = false }
+crypto-bigint = { version = "0.6.0-pre.7", features = ["alloc", "zeroize"] }
+crypto-primes = "0.6.0-pre.0"
 pkcs8 = { version = "0.10", default-features = false, features = ["alloc"] }
 rfc6979 = { version = "0.4", path = "../rfc6979" }
 sha2 = { version = "0.10", default-features = false }
-signature = { version = "2.0, <2.3", default-features = false, features = ["alloc", "digest", "rand_core"] }
+signature = { version = "2.0, <2.3", default-features = false, features = [
+    "alloc",
+    "digest",
+    "rand_core",
+] }
 zeroize = { version = "1", default-features = false }
 
 [dev-dependencies]

dsa/Cargo.toml

@@ -3,8 +3,7 @@
 //!
 
 use crate::{size::KeySize, two};
-use num_bigint::BigUint;
-use num_traits::Zero;
+use crypto_bigint::{BoxedUint, NonZero};
 use pkcs8::der::{
     self, asn1::UintRef, DecodeValue, Encode, EncodeValue, Header, Length, Reader, Sequence, Tag,
     Writer,
@@ -18,19 +17,23 @@ use signature::rand_core::CryptoRngCore;
 #[must_use]
 pub struct Components {
     /// Prime p
-    p: BigUint,
+    p: NonZero<BoxedUint>,
 
     /// Quotient q
-    q: BigUint,
+    q: NonZero<BoxedUint>,
 
     /// Generator g
-    g: BigUint,
+    g: NonZero<BoxedUint>,
 }
 
 impl Components {
     /// Construct the common components container from its inner values (p, q and g)
-    pub fn from_components(p: BigUint, q: BigUint, g: BigUint) -> signature::Result<Self> {
-        if p < two() || q < two() || g.is_zero() || g > p {
+    pub fn from_components(
+        p: NonZero<BoxedUint>,
+        q: NonZero<BoxedUint>,
+        g: NonZero<BoxedUint>,
+    ) -> signature::Result<Self> {
+        if *p < two() || *q < two() || g > p {
             return Err(signature::Error::new());
         }
 
@@ -45,19 +48,19 @@ impl Components {
 
     /// DSA prime p
     #[must_use]
-    pub const fn p(&self) -> &BigUint {
+    pub const fn p(&self) -> &NonZero<BoxedUint> {
         &self.p
     }
 
     /// DSA quotient q
     #[must_use]
-    pub const fn q(&self) -> &BigUint {
+    pub const fn q(&self) -> &NonZero<BoxedUint> {
         &self.q
     }
 
     /// DSA generator g
     #[must_use]
-    pub const fn g(&self) -> &BigUint {
+    pub const fn g(&self) -> &NonZero<BoxedUint> {
         &self.g
     }
 }
@@ -68,25 +71,29 @@ impl<'a> DecodeValue<'a> for Components {
         let q = reader.decode::<UintRef<'_>>()?;
         let g = reader.decode::<UintRef<'_>>()?;
 
-        let p = BigUint::from_bytes_be(p.as_bytes());
-        let q = BigUint::from_bytes_be(q.as_bytes());
-        let g = BigUint::from_bytes_be(g.as_bytes());
+        let p = BoxedUint::from_be_slice(p.as_bytes(), (p.as_bytes().len() * 8) as u32).unwrap();
+        let q = BoxedUint::from_be_slice(q.as_bytes(), (q.as_bytes().len() * 8) as u32).unwrap();
+        let g = BoxedUint::from_be_slice(g.as_bytes(), (g.as_bytes().len() * 8) as u32).unwrap();
+
+        let p = NonZero::new(p).unwrap();
+        let q = NonZero::new(q).unwrap();
+        let g = NonZero::new(g).unwrap();
 
         Self::from_components(p, q, g).map_err(|_| Tag::Integer.value_error())
     }
 }
 
 impl EncodeValue for Components {
     fn value_len(&self) -> der::Result<Length> {
-        UintRef::new(&self.p.to_bytes_be())?.encoded_len()?
-            + UintRef::new(&self.q.to_bytes_be())?.encoded_len()?
-            + UintRef::new(&self.g.to_bytes_be())?.encoded_len()?
+        UintRef::new(&self.p.to_be_bytes())?.encoded_len()?
+            + UintRef::new(&self.q.to_be_bytes())?.encoded_len()?
+            + UintRef::new(&self.g.to_be_bytes())?.encoded_len()?
     }
 
     fn encode_value(&self, writer: &mut impl Writer) -> der::Result<()> {
-        UintRef::new(&self.p.to_bytes_be())?.encode(writer)?;
-        UintRef::new(&self.q.to_bytes_be())?.encode(writer)?;
-        UintRef::new(&self.g.to_bytes_be())?.encode(writer)?;
+        UintRef::new(&self.p.to_be_bytes())?.encode(writer)?;
+        UintRef::new(&self.q.to_be_bytes())?.encode(writer)?;
+        UintRef::new(&self.g.to_be_bytes())?.encode(writer)?;
         Ok(())
     }
 }

dsa/src/components.rs

@@ -1,6 +1,5 @@
 use crate::two;
-use num_bigint::{BigUint, RandPrime};
-use num_traits::Pow;
+use crypto_bigint::BoxedUint;
 use signature::rand_core::CryptoRngCore;
 
 mod components;
@@ -13,9 +12,9 @@ pub use self::secret_number::{secret_number, secret_number_rfc6979};
 
 /// Calculate the upper and lower bounds for generating values like p or q
 #[inline]
-fn calculate_bounds(size: u32) -> (BigUint, BigUint) {
-    let lower = two().pow(size - 1);
-    let upper = two().pow(size);
+fn calculate_bounds(size: u32) -> (BoxedUint, BoxedUint) {
+    let lower = two().shl(size - 1);
+    let upper = two().shl(size);
 
     (lower, upper)
 }
@@ -24,6 +23,6 @@ fn calculate_bounds(size: u32) -> (BigUint, BigUint) {
 ///
 /// This wrapper function mainly exists to enforce the [`CryptoRng`](rand::CryptoRng) requirement (I might otherwise forget it)
 #[inline]
-fn generate_prime(bit_length: usize, rng: &mut impl CryptoRngCore) -> BigUint {
-    rng.gen_prime(bit_length)
+fn generate_prime(bit_length: u32, rng: &mut impl CryptoRngCore) -> BoxedUint {
+    crypto_primes::generate_prime_with_rng(rng, bit_length, bit_length)
 }