5f0d41fcec
* ed25519-dalek: remove `ExpandedSecretKey::to_bytes` The reason `ExpandedSecretKey` needs a private `scalar_bytes` field is to retain the canonical scalar bytes as output by SHA-512 during key expansion so they can be serialized by the `to_bytes` method. However, `ExpandedSecretKey`s should not be serialized to the wire. Removing this method allows the private field to be removed, which allows `ExpandedSecretKey` to be constructed entirely from public fields. This provides an alternative to #544 for use cases like Ed25519-BIP32 where the private scalar is derived rather than clamped from bytes. One other change is needed: `to_scalar_bytes` was changed to `to_scalar` as the canonical scalar bytes are no longer retained, however this has no impact on its main use case, X25519 Diffie-Hellman exchanges, where the `Scalar` should NOT be written to the wire anyway. * Added scalar byte comparison back to ed25519-dalek x25519 test --------- Co-authored-by: Michael Rosenberg <michael@mrosenberg.pub>
Dalek elliptic curve cryptography
This repo contains pure-Rust crates for elliptic curve cryptography:
| Crate | Description | Crates.io | Docs | CI |
|---|---|---|---|---|
curve25519-dalek |
A library for arithmetic over the Curve25519 and Ristretto elliptic curves and their associated scalars. |  |
 |
|
ed25519-dalek |
An implementation of the EdDSA digital signature scheme over Curve25519. |  |
 |
 |
x25519-dalek |
An implementation of elliptic curve Diffie-Hellman key exchange over Curve25519. |  |
 |
 |
There is also the curve25519-dalek-derive crate, which is just a helper crate with some macros that make curve25519-dalek easier to write.
Contributing
Please see CONTRIBUTING.md.
Code of Conduct
We follow the Rust Code of Conduct, with the following additional clauses:
- We respect the rights to privacy and anonymity for contributors and people in the community. If someone wishes to contribute under a pseudonym different to their primary identity, that wish is to be respected by all contributors.