From b5a62ab3a1b53aa1a9cad7afcc2e5891938b1078 Mon Sep 17 00:00:00 2001 From: Bogdan Opanchuk Date: Wed, 27 Nov 2024 17:21:26 -0800 Subject: [PATCH] Use Secret everywhere, remove redundant trait impls --- synedrion/src/cggmp21/sigma/aff_g.rs | 14 +++-- synedrion/src/cggmp21/sigma/fac.rs | 7 ++- synedrion/src/cggmp21/sigma/sch.rs | 4 +- synedrion/src/curve/arithmetic.rs | 11 +--- synedrion/src/paillier/keys.rs | 53 +++++++++--------- synedrion/src/paillier/params.rs | 8 ++- synedrion/src/paillier/ring_pedersen.rs | 15 +++-- synedrion/src/paillier/rsa.rs | 74 ++++++++++++------------- synedrion/src/uint/bounded.rs | 17 +----- synedrion/src/uint/signed.rs | 34 +----------- 10 files changed, 97 insertions(+), 140 deletions(-) diff --git a/synedrion/src/cggmp21/sigma/aff_g.rs b/synedrion/src/cggmp21/sigma/aff_g.rs index 016511d3..832452af 100644 --- a/synedrion/src/cggmp21/sigma/aff_g.rs +++ b/synedrion/src/cggmp21/sigma/aff_g.rs @@ -1,7 +1,7 @@ //! Paillier Affine Operation with Group Commitment in Range ($\Pi^{aff-g}$, Section 6.2, Fig. 15) use rand_core::CryptoRngCore; -use secrecy::{ExposeSecret, SecretBox}; +use secrecy::ExposeSecret; use serde::{Deserialize, Serialize}; use super::super::SchemeParams; @@ -11,7 +11,10 @@ use crate::{ Ciphertext, CiphertextWire, PaillierParams, PublicKeyPaillier, RPCommitmentWire, RPParams, Randomizer, RandomizerWire, }, - tools::hashing::{Chain, Hashable, XofHasher}, + tools::{ + hashing::{Chain, Hashable, XofHasher}, + Secret, + }, uint::Signed, }; @@ -62,7 +65,7 @@ impl AffGProof

{ pub fn new( rng: &mut impl CryptoRngCore, x: &Signed<::Uint>, - y: &SecretBox::Uint>>, + y: &Secret::Uint>>, rho: Randomizer, rho_y: Randomizer, pk0: &PublicKeyPaillier, @@ -263,12 +266,13 @@ impl AffGProof

{ #[cfg(test)] mod tests { use rand_core::OsRng; - use secrecy::{ExposeSecret, SecretBox}; + use secrecy::ExposeSecret; use super::AffGProof; use crate::{ cggmp21::{SchemeParams, TestParams}, paillier::{Ciphertext, RPParams, Randomizer, SecretKeyPaillierWire}, + tools::Secret, uint::Signed, }; @@ -288,7 +292,7 @@ mod tests { let aux: &[u8] = b"abcde"; let x = Signed::random_bounded_bits(&mut OsRng, Params::L_BOUND); - let y = SecretBox::new(Box::new(Signed::random_bounded_bits(&mut OsRng, Params::LP_BOUND))); + let y = Secret::init_with(|| Signed::random_bounded_bits(&mut OsRng, Params::LP_BOUND)); let rho = Randomizer::random(&mut OsRng, pk0); let rho_y = Randomizer::random(&mut OsRng, pk1); diff --git a/synedrion/src/cggmp21/sigma/fac.rs b/synedrion/src/cggmp21/sigma/fac.rs index ca88d625..fe407e6c 100644 --- a/synedrion/src/cggmp21/sigma/fac.rs +++ b/synedrion/src/cggmp21/sigma/fac.rs @@ -7,7 +7,10 @@ use serde::{Deserialize, Serialize}; use super::super::SchemeParams; use crate::{ paillier::{PaillierParams, PublicKeyPaillier, RPCommitmentWire, RPParams, SecretKeyPaillier}, - tools::hashing::{Chain, Hashable, XofHasher}, + tools::{ + hashing::{Chain, Hashable, XofHasher}, + Secret, + }, uint::{Bounded, Integer, Signed}, }; @@ -161,7 +164,7 @@ impl FacProof

{ } // R = s^{N_0} t^\sigma - let cap_r = &setup.commit_xwide(&pk0.modulus_bounded().into(), &self.sigma); + let cap_r = &setup.commit_xwide(&Secret::init_with(|| pk0.modulus_bounded()), &self.sigma); // s^{z_1} t^{\omega_1} == A * P^e \mod \hat{N} let cap_a_mod = self.cap_a.to_precomputed(setup); diff --git a/synedrion/src/cggmp21/sigma/sch.rs b/synedrion/src/cggmp21/sigma/sch.rs index fc067a44..ffc2ac9b 100644 --- a/synedrion/src/cggmp21/sigma/sch.rs +++ b/synedrion/src/cggmp21/sigma/sch.rs @@ -4,7 +4,7 @@ //! where $g$ is a EC generator. use rand_core::CryptoRngCore; -use secrecy::{ExposeSecret, SecretBox}; +use secrecy::ExposeSecret; use serde::{Deserialize, Serialize}; use zeroize::ZeroizeOnDrop; @@ -27,7 +27,7 @@ pub(crate) struct SchSecret( impl SchSecret { pub fn random(rng: &mut impl CryptoRngCore) -> Self { - Self(SecretBox::init_with(|| Scalar::random(rng)).into()) + Self(Secret::init_with(|| Scalar::random(rng))) } } diff --git a/synedrion/src/curve/arithmetic.rs b/synedrion/src/curve/arithmetic.rs index 15c6fc1b..8804db6a 100644 --- a/synedrion/src/curve/arithmetic.rs +++ b/synedrion/src/curve/arithmetic.rs @@ -23,10 +23,9 @@ use k256::{ Secp256k1, }; use rand_core::CryptoRngCore; -use secrecy::{CloneableSecret, SerializableSecret}; use serde::{Deserialize, Deserializer, Serialize, Serializer}; use serde_encoded_bytes::{Hex, SliceLike}; -use zeroize::DefaultIsZeroes; +use zeroize::Zeroize; use crate::tools::{ hashing::{Chain, HashableType}, @@ -57,7 +56,7 @@ impl HashableType for Curve { } } -#[derive(Clone, Copy, Debug, PartialEq, Eq, Default, PartialOrd, Ord)] +#[derive(Clone, Copy, Debug, PartialEq, Eq, Default, PartialOrd, Ord, Zeroize)] pub struct Scalar(BackendScalar); impl Scalar { @@ -173,12 +172,6 @@ impl<'de> Deserialize<'de> for Scalar { } } -impl DefaultIsZeroes for Scalar {} - -impl CloneableSecret for Scalar {} - -impl SerializableSecret for Scalar {} - #[derive(Clone, Copy, Debug, PartialEq, Eq)] pub struct Point(BackendPoint); diff --git a/synedrion/src/paillier/keys.rs b/synedrion/src/paillier/keys.rs index 0723e71e..db4c7d60 100644 --- a/synedrion/src/paillier/keys.rs +++ b/synedrion/src/paillier/keys.rs @@ -5,7 +5,7 @@ use core::{ use crypto_bigint::{InvMod, Monty, Odd, ShrVartime, Square, WrappingAdd}; use rand_core::CryptoRngCore; -use secrecy::{ExposeSecret, ExposeSecretMut, SecretBox}; +use secrecy::{ExposeSecret, ExposeSecretMut}; use serde::{Deserialize, Serialize}; use super::{ @@ -74,10 +74,10 @@ where let primes = secret_key.primes.into_precomputed(); let modulus = primes.modulus_wire().into_precomputed(); - let monty_params_mod_p = P::HalfUintMod::new_params_vartime(*primes.p_half_odd().expose_secret()); - let monty_params_mod_q = P::HalfUintMod::new_params_vartime(*primes.q_half_odd().expose_secret()); + let monty_params_mod_p = P::HalfUintMod::new_params_vartime(primes.p_half_odd().expose_secret().clone()); + let monty_params_mod_q = P::HalfUintMod::new_params_vartime(primes.q_half_odd().expose_secret().clone()); - let inv_totient = SecretBox::init_with(|| { + let inv_totient = Secret::init_with(|| { primes .totient() .expose_secret() @@ -87,10 +87,9 @@ where "The modulus is pq. ϕ(pq) = (p-1)(q-1) is invertible mod pq because ", "neither (p-1) nor (q-1) share factors with pq." ]) - }) - .into(); + }); - let inv_modulus = SecretBox::init_with(|| { + let inv_modulus = Secret::init_with(|| { Bounded::new( (*modulus.modulus()) .inv_mod(primes.totient().expose_secret()) @@ -98,19 +97,19 @@ where P::MODULUS_BITS, ) .expect("We assume `P::MODULUS_BITS` is properly configured") - }) - .into(); + }); - let inv_p_mod_q = Secret::from(SecretBox::init_with(|| { + let inv_p_mod_q = Secret::init_with(|| { primes .p_half() .expose_secret() + .clone() // NOTE: `monty_params_mod_q` is cloned here and can remain on the stack. // See https://github.com/RustCrypto/crypto-bigint/issues/704 .to_montgomery(&monty_params_mod_q) .invert() .expect("All non-zero integers mod a prime have a multiplicative inverse") - })); + }); // Calculate $u$ such that $u = -1 \mod p$ and $u = 1 \mod q$. // Using one step of Garner's algorithm: @@ -118,7 +117,7 @@ where // Calculate $t = 2 p^{-1} - 1 \mod q$ - let one = SecretBox::init_with(|| { + let one = Secret::init_with(|| { // NOTE: `monty_params_mod_q` is cloned here and can remain on the stack. // See https://github.com/RustCrypto/crypto-bigint/issues/704 P::HalfUintMod::one(monty_params_mod_q.clone()) @@ -126,25 +125,25 @@ where let mut t_mod = inv_p_mod_q.clone(); t_mod.expose_secret_mut().add_assign(inv_p_mod_q.expose_secret()); t_mod.expose_secret_mut().sub_assign(one.expose_secret()); - let t = SecretBox::init_with(|| t_mod.expose_secret().retrieve()); + let t = Secret::init_with(|| t_mod.expose_secret().retrieve()); // Calculate $u$ // I am not entirely sure if it can be used to learn something about `p` and `q`, // so just to be on the safe side it lives in the secret key. - let u = SecretBox::init_with(|| t.expose_secret().mul_wide(primes.p_half().expose_secret())); - let u = SecretBox::init_with(|| { + let u = Secret::init_with(|| t.expose_secret().mul_wide(primes.p_half().expose_secret())); + let u = Secret::init_with(|| { u.expose_secret() .checked_add(primes.p().expose_secret()) .expect("does not overflow by construction") }); - let u = SecretBox::init_with(|| { + let u = Secret::init_with(|| { u.expose_secret() .checked_sub(&::one()) .expect("does not overflow by construction") }); let nonsquare_sampling_constant = - SecretBox::init_with(|| P::UintMod::new(*u.expose_secret(), modulus.monty_params_mod_n().clone())).into(); + Secret::init_with(|| P::UintMod::new(*u.expose_secret(), modulus.monty_params_mod_n().clone())); let public_key = PublicKeyPaillier::new(modulus); @@ -166,30 +165,30 @@ where } } - pub fn p_signed(&self) -> SecretBox> { + pub fn p_signed(&self) -> Secret> { self.primes.p_signed() } - pub fn q_signed(&self) -> SecretBox> { + pub fn q_signed(&self) -> Secret> { self.primes.q_signed() } - pub fn p_wide_signed(&self) -> SecretBox> { + pub fn p_wide_signed(&self) -> Secret> { self.primes.p_wide_signed() } - /// Returns Euler's totient function (`φ(n)`) of the modulus, wrapped in a [`SecretBox`]. - pub fn totient_wide_bounded(&self) -> SecretBox> { + /// Returns Euler's totient function (`φ(n)`) of the modulus, wrapped in a [`Secret`]. + pub fn totient_wide_bounded(&self) -> Secret> { self.primes.totient_wide_bounded() } /// Returns $\phi(N)^{-1} \mod N$ - pub fn inv_totient(&self) -> &SecretBox { + pub fn inv_totient(&self) -> &Secret { &self.inv_totient } /// Returns $N^{-1} \mod \phi(N)$ - pub fn inv_modulus(&self) -> &SecretBox> { + pub fn inv_modulus(&self) -> &Secret> { &self.inv_modulus } @@ -213,12 +212,12 @@ where (p_rem_mod, q_rem_mod) } - fn sqrt_part(&self, x: &P::HalfUintMod, modulus: &SecretBox) -> Option { + fn sqrt_part(&self, x: &P::HalfUintMod, modulus: &Secret) -> Option { // Both `p` and `q` are safe primes, so they're 3 mod 4. // This means that if square root exists, it must be of the form `+/- x^((modulus+1)/4)`. // Also it means that `(modulus+1)/4 == modulus/4+1` // (this will help avoid a possible overflow). - let power = SecretBox::init_with(|| { + let power = Secret::init_with(|| { modulus .expose_secret() .wrapping_shr_vartime(2) @@ -252,7 +251,7 @@ where let (a_mod_p, b_mod_q) = rns; let a_half = a_mod_p.retrieve(); - let a_mod_q = a_half.to_montgomery(&self.monty_params_mod_q); + let a_mod_q = a_half.clone().to_montgomery(&self.monty_params_mod_q); let x = ((b_mod_q.clone() - a_mod_q) * self.inv_p_mod_q.expose_secret()).retrieve(); let a = a_half.into_wide(); diff --git a/synedrion/src/paillier/params.rs b/synedrion/src/paillier/params.rs index f04894de..8e3ff204 100644 --- a/synedrion/src/paillier/params.rs +++ b/synedrion/src/paillier/params.rs @@ -5,7 +5,7 @@ use crypto_bigint::{ }; use crypto_primes::RandomPrimeWithRng; use serde::{Deserialize, Serialize}; -use zeroize::{DefaultIsZeroes, Zeroize}; +use zeroize::Zeroize; #[cfg(test)] use crate::uint::{U1024Mod, U2048Mod, U512Mod, U1024, U2048, U4096, U512}; @@ -17,8 +17,10 @@ use crate::{ pub trait PaillierParams: core::fmt::Debug + PartialEq + Eq + Clone + Send + Sync { /// The size of one of the pair of RSA primes. const PRIME_BITS: u32; + /// The size of the RSA modulus (a product of two primes). const MODULUS_BITS: u32 = Self::PRIME_BITS * 2; + /// An integer that fits a single RSA prime. type HalfUint: Integer + Bounded @@ -28,8 +30,7 @@ pub trait PaillierParams: core::fmt::Debug + PartialEq + Eq + Clone + Send + Syn + for<'de> Deserialize<'de> + HasWide + ToMontgomery - + Zeroize - + DefaultIsZeroes; + + Zeroize; /// A modulo-residue counterpart of `HalfUint`. type HalfUintMod: Monty @@ -51,6 +52,7 @@ pub trait PaillierParams: core::fmt::Debug + PartialEq + Eq + Clone + Send + Syn + for<'de> Deserialize<'de> + ToMontgomery + Zeroize; + /// A modulo-residue counterpart of `Uint`. type UintMod: ConditionallySelectable + Exponentiable diff --git a/synedrion/src/paillier/ring_pedersen.rs b/synedrion/src/paillier/ring_pedersen.rs index 8d280e61..01e41692 100644 --- a/synedrion/src/paillier/ring_pedersen.rs +++ b/synedrion/src/paillier/ring_pedersen.rs @@ -3,7 +3,7 @@ use core::ops::Mul; use crypto_bigint::{Monty, NonZero, RandomMod, ShrVartime}; use rand_core::CryptoRngCore; -use secrecy::{ExposeSecret, SecretBox}; +use secrecy::ExposeSecret; use serde::{Deserialize, Serialize}; use super::{ @@ -26,20 +26,19 @@ impl RPSecret

{ pub fn random(rng: &mut impl CryptoRngCore) -> Self { let primes = SecretPrimesWire::

::random_safe(rng).into_precomputed(); - let bound = SecretBox::init_with(|| { + let bound = Secret::init_with(|| { NonZero::new(primes.totient().expose_secret().wrapping_shr_vartime(2)) .expect("totient / 4 is still non-zero because p, q >= 5") }); - let lambda = SecretBox::init_with(|| { + let lambda = Secret::init_with(|| { Bounded::new(P::Uint::random_mod(rng, bound.expose_secret()), P::MODULUS_BITS - 2) .expect("totient < N < 2^MODULUS_BITS, so totient / 4 < 2^(MODULUS_BITS - 2)") - }) - .into(); + }); Self { primes, lambda } } - pub fn lambda(&self) -> &SecretBox> { + pub fn lambda(&self) -> &Secret> { &self.lambda } @@ -47,7 +46,7 @@ impl RPSecret

{ self.primes.random_field_elem(rng) } - pub fn totient_nonzero(&self) -> SecretBox> { + pub fn totient_nonzero(&self) -> Secret> { self.primes.totient_nonzero() } } @@ -112,7 +111,7 @@ impl RPParams

{ pub fn commit_xwide( &self, - secret: &SecretBox>, + secret: &Secret>, randomizer: &Signed, ) -> RPCommitment

{ // $t^\rho * s^m mod N$ where $\rho$ is the randomizer and $m$ is the secret. diff --git a/synedrion/src/paillier/rsa.rs b/synedrion/src/paillier/rsa.rs index 7d5e01a9..b95bca0a 100644 --- a/synedrion/src/paillier/rsa.rs +++ b/synedrion/src/paillier/rsa.rs @@ -1,7 +1,7 @@ use crypto_bigint::{CheckedSub, Integer, Invert, Monty, NonZero, Odd, RandomMod, Square}; use crypto_primes::RandomPrimeWithRng; use rand_core::CryptoRngCore; -use secrecy::{ExposeSecret, SecretBox}; +use secrecy::ExposeSecret; use serde::{Deserialize, Serialize}; use zeroize::Zeroize; @@ -43,16 +43,16 @@ impl SecretPrimesWire

{ /// that is `p` and `q` are regular primes with an additional condition `p, q mod 3 = 4`. pub fn random_paillier_blum(rng: &mut impl CryptoRngCore) -> Self { Self::new( - SecretBox::init_with(|| random_paillier_blum_prime::

(rng)).into(), - SecretBox::init_with(|| random_paillier_blum_prime::

(rng)).into(), + Secret::init_with(|| random_paillier_blum_prime::

(rng)), + Secret::init_with(|| random_paillier_blum_prime::

(rng)), ) } /// Creates a pair of safe primes. pub fn random_safe(rng: &mut impl CryptoRngCore) -> Self { Self::new( - SecretBox::init_with(|| P::HalfUint::generate_safe_prime_with_rng(rng, P::PRIME_BITS)).into(), - SecretBox::init_with(|| P::HalfUint::generate_safe_prime_with_rng(rng, P::PRIME_BITS)).into(), + Secret::init_with(|| P::HalfUint::generate_safe_prime_with_rng(rng, P::PRIME_BITS)), + Secret::init_with(|| P::HalfUint::generate_safe_prime_with_rng(rng, P::PRIME_BITS)), ) } @@ -92,7 +92,7 @@ impl SecretPrimes

{ // Euler's totient function of $N = p q$ - the number of positive integers up to $N$ // that are relatively prime to it. // Since $p$ and $q$ are primes, $\phi(N) = (p - 1) (q - 1)$. - let totient = SecretBox::init_with(|| p_minus_one.mul_wide(&q_minus_one)).into(); + let totient = Secret::init_with(|| p_minus_one.mul_wide(&q_minus_one)); Self { primes, totient } } @@ -105,80 +105,80 @@ impl SecretPrimes

{ PublicModulusWire::new(&self.primes) } - pub fn p_half(&self) -> &SecretBox { + pub fn p_half(&self) -> &Secret { &self.primes.p } - pub fn q_half(&self) -> &SecretBox { + pub fn q_half(&self) -> &Secret { &self.primes.q } - pub fn p_half_odd(&self) -> SecretBox> { - SecretBox::init_with(|| Odd::new(*self.primes.p.expose_secret()).expect("`p` is an odd prime")) + pub fn p_half_odd(&self) -> Secret> { + Secret::init_with(|| Odd::new(self.primes.p.expose_secret().clone()).expect("`p` is an odd prime")) } - pub fn q_half_odd(&self) -> SecretBox> { - SecretBox::init_with(|| Odd::new(*self.primes.q.expose_secret()).expect("`q` is an odd prime")) + pub fn q_half_odd(&self) -> Secret> { + Secret::init_with(|| Odd::new(self.primes.q.expose_secret().clone()).expect("`q` is an odd prime")) } - pub fn p(&self) -> SecretBox { - SecretBox::init_with(|| { - let mut p = *self.primes.p.expose_secret(); - let p_wide = p.into_wide(); + pub fn p(&self) -> Secret { + Secret::init_with(|| { + let mut p = self.primes.p.expose_secret().clone(); + let p_wide = p.clone().into_wide(); p.zeroize(); p_wide }) } - pub fn q(&self) -> SecretBox { - SecretBox::init_with(|| { - let mut q = *self.primes.q.expose_secret(); - let q_wide = q.into_wide(); + pub fn q(&self) -> Secret { + Secret::init_with(|| { + let mut q = self.primes.q.expose_secret().clone(); + let q_wide = q.clone().into_wide(); q.zeroize(); q_wide }) } - pub fn p_signed(&self) -> SecretBox> { - SecretBox::init_with(|| { + pub fn p_signed(&self) -> Secret> { + Secret::init_with(|| { Signed::new_positive(*self.p().expose_secret(), P::PRIME_BITS).expect("`P::PRIME_BITS` is valid") }) } - pub fn q_signed(&self) -> SecretBox> { - SecretBox::init_with(|| { + pub fn q_signed(&self) -> Secret> { + Secret::init_with(|| { Signed::new_positive(*self.q().expose_secret(), P::PRIME_BITS).expect("`P::PRIME_BITS` is valid") }) } - pub fn p_nonzero(&self) -> SecretBox> { - SecretBox::init_with(|| NonZero::new(*self.p().expose_secret()).expect("`p` is non-zero")) + pub fn p_nonzero(&self) -> Secret> { + Secret::init_with(|| NonZero::new(*self.p().expose_secret()).expect("`p` is non-zero")) } - pub fn q_nonzero(&self) -> SecretBox> { - SecretBox::init_with(|| NonZero::new(*self.q().expose_secret()).expect("`q` is non-zero")) + pub fn q_nonzero(&self) -> Secret> { + Secret::init_with(|| NonZero::new(*self.q().expose_secret()).expect("`q` is non-zero")) } - pub fn p_wide_signed(&self) -> SecretBox> { - SecretBox::init_with(|| self.p_signed().expose_secret().into_wide()) + pub fn p_wide_signed(&self) -> Secret> { + Secret::init_with(|| self.p_signed().expose_secret().into_wide()) } - pub fn totient(&self) -> &SecretBox { + pub fn totient(&self) -> &Secret { &self.totient } - pub fn totient_bounded(&self) -> SecretBox> { - SecretBox::init_with(|| { + pub fn totient_bounded(&self) -> Secret> { + Secret::init_with(|| { Bounded::new(*self.totient.expose_secret(), P::MODULUS_BITS).expect("`P::MODULUS_BITS` is valid") }) } - pub fn totient_wide_bounded(&self) -> SecretBox> { - SecretBox::init_with(|| self.totient_bounded().expose_secret().into_wide()) + pub fn totient_wide_bounded(&self) -> Secret> { + Secret::init_with(|| self.totient_bounded().expose_secret().into_wide()) } - pub fn totient_nonzero(&self) -> SecretBox> { - SecretBox::init_with(|| { + pub fn totient_nonzero(&self) -> Secret> { + Secret::init_with(|| { NonZero::new(*self.totient.expose_secret()).expect(concat![ "φ(n) is never zero for n >= 1; n is strictly greater than 1 ", "because it is (p-1)(q-1) and given that both p and q are prime ", diff --git a/synedrion/src/uint/bounded.rs b/synedrion/src/uint/bounded.rs index adeedaa1..e2bec9e2 100644 --- a/synedrion/src/uint/bounded.rs +++ b/synedrion/src/uint/bounded.rs @@ -1,9 +1,8 @@ use alloc::{boxed::Box, format, string::String}; -use secrecy::{CloneableSecret, SecretBox}; use serde::{Deserialize, Serialize}; use serde_encoded_bytes::{Hex, SliceLike}; -use zeroize::DefaultIsZeroes; +use zeroize::Zeroize; use super::{ subtle::{Choice, ConditionallySelectable, ConstantTimeLess, CtOption}, @@ -59,7 +58,7 @@ where } } -#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize, Default)] +#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize, Default, Zeroize)] #[serde( try_from = "PackedBounded", into = "PackedBounded", @@ -180,18 +179,6 @@ where } } -impl DefaultIsZeroes for Bounded where T: Integer + Copy {} -impl CloneableSecret for Bounded where T: Integer + Copy {} - -impl From> for SecretBox> -where - T: Integer + Copy, -{ - fn from(value: Bounded) -> Self { - Box::new(value).into() - } -} - #[cfg(test)] mod tests { use crypto_bigint::{CheckedMul, U1024, U128, U2048}; diff --git a/synedrion/src/uint/signed.rs b/synedrion/src/uint/signed.rs index b67d5f4f..edfd0aa0 100644 --- a/synedrion/src/uint/signed.rs +++ b/synedrion/src/uint/signed.rs @@ -1,9 +1,8 @@ -use alloc::{boxed::Box, string::String}; +use alloc::string::String; use core::ops::{Add, AddAssign, Mul, MulAssign, Neg, Sub}; use digest::XofReader; use rand_core::CryptoRngCore; -use secrecy::SecretBox; use serde::{Deserialize, Serialize}; use zeroize::Zeroize; @@ -54,7 +53,7 @@ where /// A wrapper over unsigned integers that treats two's complement numbers as negative. // In principle, Bounded could be separate from Signed, but we only use it internally, // and pretty much every time we need a bounded value, it's also signed. -#[derive(Debug, Clone, Copy, Serialize, Deserialize, PartialEq)] +#[derive(Debug, Clone, Copy, Serialize, Deserialize, PartialEq, Zeroize)] #[serde( try_from = "PackedSigned", into = "PackedSigned", @@ -290,35 +289,6 @@ impl Default for Signed { } } -impl Zeroize for Signed -where - T: Integer + Zeroize, -{ - fn zeroize(&mut self) { - self.value.zeroize(); - } -} - -impl secrecy::CloneableSecret for Signed where T: Clone + Integer + Zeroize {} - -impl From> for SecretBox> -where - T: Integer + Zeroize, -{ - fn from(value: Signed) -> Self { - Box::new(value).into() - } -} - -impl From<&Signed> for SecretBox> -where - T: Integer + Zeroize, -{ - fn from(value: &Signed) -> Self { - SecretBox::new(Box::new(value.clone())) - } -} - impl ConditionallySelectable for Signed where T: Integer + ConditionallySelectable,