Update to digest::EagerHash (#1077)

daxpedda · web-flow · commit 0e4a32999894 · 2025-09-18T09:25:25.000-06:00
ecdsa: merges `arithmetic` into `algorithm` crate feature
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/dsa/src/generate/secret_number.rs b/dsa/src/generate/secret_number.rs
@@ -6,7 +6,7 @@ use crate::{Components, signing_key::SigningKey};
 use alloc::vec;
 use core::cmp::min;
 use crypto_bigint::{BoxedUint, NonZero, RandomBits, Resize};
-use rfc6979::hmac::EagerHash;
+use digest::block_api::EagerHash;
 use signature::rand_core::TryCryptoRng;
 use zeroize::Zeroizing;
 
diff --git a/dsa/src/signing_key.rs b/dsa/src/signing_key.rs
@@ -13,8 +13,7 @@ use crypto_bigint::{
     BoxedUint, NonZero, Resize,
     modular::{BoxedMontyForm, BoxedMontyParams},
 };
-use digest::Update;
-use rfc6979::hmac::EagerHash;
+use digest::{Update, block_api::EagerHash};
 use signature::{
     DigestSigner, MultipartSigner, RandomizedDigestSigner, Signer,
     hazmat::{PrehashSigner, RandomizedPrehashSigner},
diff --git a/dsa/src/verifying_key.rs b/dsa/src/verifying_key.rs
@@ -8,8 +8,7 @@ use crypto_bigint::{
     BoxedUint, NonZero, Resize,
     modular::{BoxedMontyForm, BoxedMontyParams},
 };
-use digest::Update;
-use rfc6979::hmac::EagerHash;
+use digest::{Update, block_api::EagerHash};
 use signature::{DigestVerifier, MultipartVerifier, Verifier, hazmat::PrehashVerifier};
 
 #[cfg(feature = "pkcs8")]
diff --git a/dsa/tests/deterministic.rs b/dsa/tests/deterministic.rs
@@ -1,8 +1,7 @@
 #![cfg(feature = "hazmat")]
 use crypto_bigint::BoxedUint;
-use digest::Update;
+use digest::{Update, block_api::EagerHash};
 use dsa::{Components, Signature, SigningKey, VerifyingKey};
-use rfc6979::hmac::EagerHash;
 use sha1::Sha1;
 use sha2::{Sha224, Sha256, Sha384, Sha512};
 use signature::DigestSigner;
diff --git a/ecdsa/Cargo.toml b/ecdsa/Cargo.toml
@@ -23,8 +23,7 @@ zeroize = { version = "1.5", default-features = false }
 
 # optional dependencies
 der = { version = "0.8.0-rc.8", optional = true }
-digest = { version = "0.11.0-rc.1", optional = true, default-features = false, features = ["oid"] }
-hmac = { version = "0.13.0-rc.1", default-features = false, optional = true }
+digest = { version = "0.11.0-rc.2", optional = true, default-features = false, features = ["oid"] }
 rfc6979 = { version = "0.5.0-rc.1", optional = true }
 serdect = { version = "0.4", optional = true, default-features = false, features = ["alloc"] }
 sha2 = { version = "0.11.0-rc.2", optional = true, default-features = false, features = ["oid"] }
@@ -40,11 +39,10 @@ default = ["digest"]
 alloc = ["elliptic-curve/alloc", "signature/alloc", "spki/alloc"]
 std = ["alloc", "elliptic-curve/std"]
 
-arithmetic = ["dep:hmac", "dep:rfc6979", "elliptic-curve/arithmetic"]
-algorithm = ["dep:rfc6979", "arithmetic", "digest", "hazmat"]
-dev = ["arithmetic", "digest", "elliptic-curve/dev", "hazmat"]
+algorithm = ["dep:rfc6979", "digest", "elliptic-curve/arithmetic", "hazmat"]
+dev = ["algorithm", "elliptic-curve/dev"]
 der = ["dep:der"]
-digest = ["dep:digest", "dep:hmac", "elliptic-curve/digest", "signature/digest"]
+digest = ["dep:digest", "elliptic-curve/digest", "signature/digest"]
 hazmat = []
 pkcs8 = ["der", "digest", "elliptic-curve/pkcs8"]
 pem = ["elliptic-curve/pem", "pkcs8"]
diff --git a/ecdsa/src/der.rs b/ecdsa/src/der.rs
@@ -393,7 +393,7 @@ fn find_scalar_range(outer: &[u8], inner: &[u8]) -> Result<Range<usize>> {
     Ok(Range { start, end })
 }
 
-#[cfg(all(test, feature = "arithmetic"))]
+#[cfg(all(test, feature = "algorithm"))]
 mod tests {
     use elliptic_curve::dev::MockCurve;
 
diff --git a/ecdsa/src/hazmat.rs b/ecdsa/src/hazmat.rs
@@ -14,9 +14,12 @@ use crate::{EcdsaCurve, Error, Result};
 use core::cmp;
 use elliptic_curve::{FieldBytes, array::typenum::Unsigned};
 
-#[cfg(feature = "arithmetic")]
+#[cfg(feature = "algorithm")]
 use {
-    crate::{RecoveryId, SignatureSize},
+    crate::{
+        RecoveryId, Signature, SignatureSize,
+        elliptic_curve::{FieldBytesEncoding, array::ArraySize},
+    },
     elliptic_curve::{
         CurveArithmetic, NonZeroScalar, ProjectivePoint, Scalar,
         ff::PrimeField,
@@ -27,14 +30,8 @@ use {
     },
 };
 
-#[cfg(feature = "arithmetic")]
-use crate::{
-    Signature,
-    elliptic_curve::{FieldBytesEncoding, array::ArraySize},
-};
-
-#[cfg(any(feature = "arithmetic", feature = "digest"))]
-use hmac::EagerHash;
+#[cfg(feature = "digest")]
+use digest::block_api::EagerHash;
 
 /// Bind a preferred [`Digest`] algorithm to an elliptic curve type.
 ///
@@ -102,7 +99,7 @@ pub fn bits2field<C: EcdsaCurve>(bits: &[u8]) -> Result<FieldBytes<C>> {
 ///
 /// This will return an error if a zero-scalar was generated. It can be tried again with a
 /// different `k`.
-#[cfg(feature = "arithmetic")]
+#[cfg(feature = "algorithm")]
 #[allow(non_snake_case)]
 pub fn sign_prehashed<C>(
     d: &NonZeroScalar<C>,
@@ -159,7 +156,7 @@ where
 /// entropy `ad`.
 ///
 /// [RFC6979]: https://datatracker.ietf.org/doc/html/rfc6979
-#[cfg(feature = "arithmetic")]
+#[cfg(feature = "algorithm")]
 pub fn sign_prehashed_rfc6979<C, D>(
     d: &NonZeroScalar<C>,
     z: &FieldBytes<C>,
@@ -201,7 +198,7 @@ where
 /// # Low-S Normalization
 ///
 /// This is a low-level function that does *NOT* apply the `EcdsaCurve::NORMALIZE_S` checks.
-#[cfg(feature = "arithmetic")]
+#[cfg(feature = "algorithm")]
 pub fn verify_prehashed<C>(
     q: &ProjectivePoint<C>,
     z: &FieldBytes<C>,
diff --git a/ecdsa/src/lib.rs b/ecdsa/src/lib.rs
@@ -93,7 +93,7 @@ use elliptic_curve::{
 #[cfg(feature = "alloc")]
 use alloc::vec::Vec;
 
-#[cfg(feature = "arithmetic")]
+#[cfg(feature = "algorithm")]
 use {
     core::str,
     elliptic_curve::{
@@ -300,7 +300,7 @@ where
     }
 }
 
-#[cfg(feature = "arithmetic")]
+#[cfg(feature = "algorithm")]
 impl<C> Signature<C>
 where
     C: EcdsaCurve + CurveArithmetic,
@@ -423,7 +423,7 @@ where
     }
 }
 
-#[cfg(feature = "arithmetic")]
+#[cfg(feature = "algorithm")]
 impl<C> str::FromStr for Signature<C>
 where
     C: EcdsaCurve + CurveArithmetic,
diff --git a/ecdsa/src/recovery.rs b/ecdsa/src/recovery.rs
@@ -8,6 +8,7 @@ use {
         EcdsaCurve, Signature, SignatureSize, SigningKey, VerifyingKey,
         hazmat::{DigestAlgorithm, bits2field, sign_prehashed_rfc6979, verify_prehashed},
     },
+    digest::{Digest, block_api::EagerHash},
     elliptic_curve::{
         AffinePoint, FieldBytesEncoding, FieldBytesSize, Group, PrimeField, ProjectivePoint,
         bigint::CheckedAdd,
@@ -18,10 +19,8 @@ use {
     elliptic_curve::{
         CurveArithmetic, FieldBytes, Scalar, array::ArraySize, ops::Invert, subtle::CtOption,
     },
-    rfc6979::hmac::EagerHash,
     signature::{
         DigestSigner, MultipartSigner, RandomizedDigestSigner, Signer,
-        digest::Digest,
         hazmat::{PrehashSigner, RandomizedPrehashSigner},
         rand_core::TryCryptoRng,
     },
diff --git a/ecdsa/src/signing.rs b/ecdsa/src/signing.rs
@@ -5,7 +5,7 @@ use crate::{
     hazmat::{DigestAlgorithm, bits2field, sign_prehashed_rfc6979},
 };
 use core::fmt::{self, Debug};
-use digest::{Update, const_oid::AssociatedOid};
+use digest::{Update, block_api::EagerHash, const_oid::AssociatedOid};
 use elliptic_curve::{
     CurveArithmetic, FieldBytes, NonZeroScalar, Scalar, SecretKey,
     array::ArraySize,
@@ -14,7 +14,6 @@ use elliptic_curve::{
     subtle::{Choice, ConstantTimeEq, CtOption},
     zeroize::{Zeroize, ZeroizeOnDrop},
 };
-use rfc6979::hmac::EagerHash;
 use signature::{
     DigestSigner, MultipartSigner, RandomizedDigestSigner, RandomizedMultipartSigner,
     RandomizedSigner, Signer,
diff --git a/ecdsa/src/verifying.rs b/ecdsa/src/verifying.rs
@@ -5,15 +5,14 @@ use crate::{
     hazmat::{self, DigestAlgorithm, bits2field},
 };
 use core::{cmp::Ordering, fmt::Debug};
-use digest::Update;
+use digest::{Update, block_api::EagerHash};
 use elliptic_curve::{
     AffinePoint, CurveArithmetic, FieldBytesSize, ProjectivePoint, PublicKey,
     array::ArraySize,
     point::PointCompression,
     scalar::IsHigh,
     sec1::{self, CompressedPoint, EncodedPoint, FromEncodedPoint, ToEncodedPoint},
 };
-use rfc6979::hmac::EagerHash;
 use signature::{DigestVerifier, MultipartVerifier, Verifier, hazmat::PrehashVerifier};
 
 #[cfg(feature = "alloc")]
diff --git a/rfc6979/src/lib.rs b/rfc6979/src/lib.rs
@@ -43,10 +43,11 @@ pub use hmac;
 pub use hmac::digest::array::typenum::consts;
 
 use hmac::{
-    EagerHash, HmacReset,
+    HmacReset,
     digest::{
         KeyInit, Mac, OutputSizeUser,
         array::{Array, ArraySize},
+        block_api::EagerHash,
     },
 };
 

Original file line number	Diff line number	Diff line change
`@@ -393,7 +393,7 @@ fn find_scalar_range(outer: &[u8], inner: &[u8]) -> Result<Range<usize>> {`
`393`	`393`	`Ok(Range { start, end })`
`394`	`394`	`}`
`395`	`395`
`396`		`-#[cfg(all(test, feature = "arithmetic"))]`
	`396`	`+#[cfg(all(test, feature = "algorithm"))]`
`397`	`397`	`mod tests {`
`398`	`398`	`use elliptic_curve::dev::MockCurve;`
`399`	`399`
Original file line number	Diff line number	Diff line change
`@@ -93,7 +93,7 @@ use elliptic_curve::{`
`93`	`93`	`#[cfg(feature = "alloc")]`
`94`	`94`	`use alloc::vec::Vec;`
`95`	`95`
`96`		`-#[cfg(feature = "arithmetic")]`
	`96`	`+#[cfg(feature = "algorithm")]`
`97`	`97`	`use {`
`98`	`98`	`core::str,`
`99`	`99`	`elliptic_curve::{`
`@@ -300,7 +300,7 @@ where`
`300`	`300`	`}`
`301`	`301`	`}`
`302`	`302`
`303`		`-#[cfg(feature = "arithmetic")]`
	`303`	`+#[cfg(feature = "algorithm")]`
`304`	`304`	`impl<C> Signature<C>`
`305`	`305`	`where`
`306`	`306`	`C: EcdsaCurve + CurveArithmetic,`
`@@ -423,7 +423,7 @@ where`
`423`	`423`	`}`
`424`	`424`	`}`
`425`	`425`
`426`		`-#[cfg(feature = "arithmetic")]`
	`426`	`+#[cfg(feature = "algorithm")]`
`427`	`427`	`impl<C> str::FromStr for Signature<C>`
`428`	`428`	`where`
`429`	`429`	`C: EcdsaCurve + CurveArithmetic,`