Merge pull request #5 from arcium-hq/arcium_ff

Swapped in Arcium ff fork

.cargo/config.toml

@@ -0,0 +1,3 @@
+[registries.arcium]
+index = "sparse+https://crates.arcium.com/api/v1/crates/"
+credential-provider = ["cargo:token"]

.github/workflows/cross.yml

@@ -9,6 +9,7 @@ on:
 env:
   CARGO_TERM_COLOR: always
   RUSTFLAGS: '-D warnings'
+  CARGO_REGISTRIES_ARCIUM_TOKEN: ${{ secrets.ARCIUM_REGISTRY_READ_TOKEN }}
 
 jobs:
 

.github/workflows/curve25519-dalek.yml

@@ -19,6 +19,8 @@ defaults:
 env:
   CARGO_TERM_COLOR: always
   RUSTFLAGS: '-D warnings'
+  CARGO_REGISTRIES_ARCIUM_TOKEN: ${{ secrets.ARCIUM_REGISTRY_READ_TOKEN }}
+
 
 jobs:
 

.github/workflows/workspace.yml

@@ -9,6 +9,7 @@ on:
 env:
   CARGO_TERM_COLOR: always
   RUSTFLAGS: '-D warnings'
+  CARGO_REGISTRIES_ARCIUM_TOKEN: ${{ secrets.ARCIUM_REGISTRY_READ_TOKEN }}
 
 jobs:
   test-stable:

curve25519-dalek/Cargo.toml

@@ -47,6 +47,7 @@ required-features = ["alloc", "rand_core"]
 
 [dependencies]
 cfg-if = "1"
+arcium-ff = { version = "0.13.2", registry = "arcium", package = "ff" }
 ff = { version = "0.13", default-features = false, optional = true }
 group = { version = "0.13", default-features = false, optional = true }
 rand_core = { version = "0.6.4", default-features = false, optional = true }

curve25519-dalek/src/scalar.rs

@@ -1318,6 +1318,49 @@ impl Field for Scalar {
     }
 }
 
+#[cfg(feature = "group")]
+impl arcium_ff::Field for Scalar {
+    const ZERO: Self = Self::ZERO;
+    const ONE: Self = Self::ONE;
+
+    fn random(mut rng: impl RngCore) -> Self {
+        // NOTE: this is duplicated due to different `rng` bounds
+        let mut scalar_bytes = [0u8; 64];
+        rng.fill_bytes(&mut scalar_bytes);
+        Self::from_bytes_mod_order_wide(&scalar_bytes)
+    }
+
+    fn square(&self) -> Self {
+        self * self
+    }
+
+    fn double(&self) -> Self {
+        self + self
+    }
+
+    fn invert(&self) -> CtOption<Self> {
+        CtOption::new(self.invert(), !<Self as Field>::is_zero(self))
+    }
+
+    fn sqrt_ratio(num: &Self, div: &Self) -> (Choice, Self) {
+        #[allow(unused_qualifications)]
+        group::ff::helpers::sqrt_ratio_generic(num, div)
+    }
+
+    fn sqrt(&self) -> CtOption<Self> {
+        #[allow(unused_qualifications)]
+        group::ff::helpers::sqrt_tonelli_shanks(
+            self,
+            [
+                0xcb02_4c63_4b9e_ba7d,
+                0x029b_df3b_d45e_f39a,
+                0x0000_0000_0000_0000,
+                0x0200_0000_0000_0000,
+            ],
+        )
+    }
+}
+
 #[cfg(feature = "group")]
 use elliptic_curve::consts::U32;
 
@@ -1396,6 +1439,81 @@ impl PrimeField for Scalar {
     };
 }
 
+#[cfg(feature = "group")]
+impl arcium_ff::PrimeField for Scalar {
+    type Repr = Array<u8, U32>;
+
+    fn from_repr(repr: Self::Repr) -> CtOption<Self> {
+        Self::from_canonical_bytes(repr.0)
+    }
+
+    fn from_repr_vartime(repr: Self::Repr) -> Option<Self> {
+        let r: Array<u8, U32> = repr;
+        let t: [u8; 32] = r.0;
+
+        // Check that the high bit is not set
+        if (t[31] >> 7) != 0u8 {
+            return None;
+        }
+
+        let candidate = Scalar { bytes: t };
+
+        if candidate == candidate.reduce() {
+            Some(candidate)
+        } else {
+            None
+        }
+    }
+
+    fn to_repr(&self) -> Self::Repr {
+        Array::from(self.to_bytes())
+    }
+
+    fn is_odd(&self) -> Choice {
+        Choice::from(self.as_bytes()[0] & 1)
+    }
+
+    const MODULUS: &'static str =
+        "0x1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed";
+    const NUM_BITS: u32 = 253;
+    const CAPACITY: u32 = 252;
+
+    const TWO_INV: Self = Self {
+        bytes: [
+            0xf7, 0xe9, 0x7a, 0x2e, 0x8d, 0x31, 0x09, 0x2c, 0x6b, 0xce, 0x7b, 0x51, 0xef, 0x7c,
+            0x6f, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x08,
+        ],
+    };
+    const MULTIPLICATIVE_GENERATOR: Self = Self {
+        bytes: [
+            2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+            0, 0, 0,
+        ],
+    };
+    const S: u32 = 2;
+    const ROOT_OF_UNITY: Self = Self {
+        bytes: [
+            0xd4, 0x07, 0xbe, 0xeb, 0xdf, 0x75, 0x87, 0xbe, 0xfe, 0x83, 0xce, 0x42, 0x53, 0x56,
+            0xf0, 0x0e, 0x7a, 0xc2, 0xc1, 0xab, 0x60, 0x6d, 0x3d, 0x7d, 0xe7, 0x81, 0x79, 0xe0,
+            0x10, 0x73, 0x4a, 0x09,
+        ],
+    };
+    const ROOT_OF_UNITY_INV: Self = Self {
+        bytes: [
+            0x19, 0xcc, 0x37, 0x71, 0x3a, 0xed, 0x8a, 0x99, 0xd7, 0x18, 0x29, 0x60, 0x8b, 0xa3,
+            0xee, 0x05, 0x86, 0x3d, 0x3e, 0x54, 0x9f, 0x92, 0xc2, 0x82, 0x18, 0x7e, 0x86, 0x1f,
+            0xef, 0x8c, 0xb5, 0x06,
+        ],
+    };
+    const DELTA: Self = Self {
+        bytes: [
+            16, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+            0, 0, 0,
+        ],
+    };
+}
+
 #[cfg(feature = "group-bits")]
 impl PrimeFieldBits for Scalar {
     type ReprBits = [u8; 32];