Remove non-secp256k1 features

payjoin · Aug 10, 2024 · cd56109 · cd56109
1 parent b05ae5e
commit cd56109
Show file tree

Hide file tree

Showing 16 changed files with 40 additions and 2,101 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -37,30 +37,6 @@ jobs:
           RUSTFLAGS: -D warnings -A dead_code -A unused_imports
         run: cargo test --no-default-features --features="secp"
 
-      - name: Run cargo test with just X25519 enabled
-        env:
-          CARGO_INCREMENTAL: 0
-          RUSTFLAGS: -D warnings -A dead_code -A unused_imports
-        run: cargo test --no-default-features --features="x25519"
-
-      - name: Run cargo test with just P256 enabled
-        env:
-          CARGO_INCREMENTAL: 0
-          RUSTFLAGS: -D warnings -A dead_code -A unused_imports
-        run: cargo test --no-default-features --features="p256"
-
-      - name: Run cargo test with just P384 enabled
-        env:
-          CARGO_INCREMENTAL: 0
-          RUSTFLAGS: -D warnings -A dead_code -A unused_imports
-        run: cargo test --no-default-features --features="p384"
-
-      - name: Run cargo test with just P521 enabled
-        env:
-          CARGO_INCREMENTAL: 0
-          RUSTFLAGS: -D warnings -A dead_code -A unused_imports
-        run: cargo test --no-default-features --features="p521"
-
       - name: Run cargo test with all features enabled
         env:
           CARGO_INCREMENTAL: 0

diff --git a/Cargo.toml b/Cargo.toml
@@ -12,15 +12,7 @@ keywords = ["cryptography", "crypto", "key-exchange", "encryption", "aead", "sec
 categories = ["cryptography", "no-std"]
 
 [features]
-# "p256" enables the use of ECDH-NIST-P256 as a KEM
-# "p384" enables the use of ECDH-NIST-P384 as a KEM
-# "x25519" enables the use of the X25519 as a KEM
-default = ["alloc", "p256", "x25519"]
-x25519 = ["dep:x25519-dalek"]
-p384 = ["dep:p384"]
-p256 = ["dep:p256"]
-p521 = ["dep:p521"]
-k256 = ["dep:k256"]
+default = ["alloc", "secp"]
 secp = ["bitcoin", "secp256k1/global-context", "secp256k1/rand-std"]
 # Include allocating methods like open() and seal()
 alloc = []
@@ -32,20 +24,14 @@ aead = "0.5"
 aes-gcm = "0.10"
 bitcoin = { version = "0.32.0", optional = true }
 secp256k1 = { version = "0.29", optional = true }
-# bitcoin = { git = "https://github.com/rust-bitcoin/rust-bitcoin", commit = "0d1cab68eee59f79c3ec76cf393438471b68fe69", optional = true }
 chacha20poly1305 = "0.10"
 generic-array = { version = "0.14", default-features = false }
 digest = "0.10"
 hkdf = "0.12"
 hmac = "0.12"
 rand_core = { version = "0.6", default-features = false }
-k256 = { version = "0.13", default-features = false, features = ["arithmetic", "ecdh"], optional = true}
-p256 = { version = "0.13", default-features = false, features = ["arithmetic", "ecdh"], optional = true}
-p384 = { version = "0.13", default-features = false, features = ["arithmetic", "ecdh"], optional = true}
-p521 = { version = "0.13", default-features = false, features = ["arithmetic", "ecdh"], optional = true}
 sha2 = { version = "0.10", default-features = false }
 subtle = { version = "2.6", default-features = false }
-x25519-dalek = { version = "2", default-features = false, features = ["static_secrets"], optional = true }
 zeroize = { version = "1", default-features = false, features = ["zeroize_derive"] }
 
 [dev-dependencies]
@@ -56,14 +42,6 @@ serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 rand = { version = "0.8", default-features = false, features = ["getrandom", "std_rng"] }
 
-[[example]]
-name = "client_server"
-required-features = ["x25519"]
-
-[[example]]
-name = "agility"
-required-features = ["p256", "p384", "p521", "x25519"]
-
 # Tell docs.rs to build docs with `--all-features` and `--cfg docsrs` (for nightly docs features)
 [package.metadata.docs.rs]
 all-features = true

diff --git a/README.md b/README.md
@@ -1,10 +1,10 @@
-rust-hpke
+bitcoin-hpke
 =========
-[![Version](https://img.shields.io/crates/v/hpke.svg)](https://crates.io/crates/hpke)
-[![Docs](https://docs.rs/hpke/badge.svg)](https://docs.rs/hpke)
-[![CI](https://github.com/rozbb/rust-hpke/workflows/CI/badge.svg)](https://github.com/rozbb/rust-hpke/actions)
+[![Version](https://img.shields.io/crates/v/hpke.svg)](https://crates.io/crates/bitcoin-hpke)
+[![Docs](https://docs.rs/bitcoin-hpke/badge.svg)](https://docs.rs/bitcoin-hpke)
+[![CI](https://github.com/payjoin/bitcoin-hpke/workflows/CI/badge.svg)](https://github.com/payjoin/bitcoin-hpke/actions)
 
-This is an implementation of the [HPKE](https://www.rfc-editor.org/rfc/rfc9180.html) hybrid encryption standard (RFC 9180).
+This is an implementation of the [HPKE](https://www.rfc-editor.org/rfc/rfc9180.html) hybrid encryption standard (RFC 9180) on secp256k1.
 
 Warning
 -------
@@ -26,11 +26,6 @@ This implementation complies with the [HPKE standard](https://www.rfc-editor.org
 Here are all the primitives listed in the spec. The primitives with checked boxes are the ones that are implemented.
 
 * KEMs
-    - [X] DHKEM(Curve25519, HKDF-SHA256)
-    - [ ] DHKEM(Curve448, HKDF-SHA512)
-    - [X] DHKEM(P-256, HKDF-SHA256)
-    - [X] DHKEM(P-384, HKDF-SHA384)
-    - [X] DHKEM(P-521, HKDF-SHA512)
     - [X] DHKEM(secp256k1, HKDF-SHA256)
 * KDFs
     - [X] HKDF-SHA256
@@ -44,15 +39,12 @@ Here are all the primitives listed in the spec. The primitives with checked boxe
 Crate Features
 --------------
 
-Default features flags: `alloc`, `x25519`, `p256`.
+Default features flags: `alloc`, `secp`.
 
 Feature flag list:
 
 * `alloc` - Includes allocating methods like `AeadCtxR::open()` and `AeadCtxS::seal()`
-* `x25519` - Enables X25519-based KEMs
-* `p256` - Enables NIST P-256-based KEMs
-* `p384` - Enables NIST P-384-based KEMs
-* `p521` - Enables NIST P-521-based KEMs
+* `secp` - Enables secp256k1-based KEMs
 * `std` - Includes an implementation of `std::error::Error` for `HpkeError`. Also does what `alloc` does.
 
 For info on how to omit or include feature flags, see the [cargo docs on features](https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html#choosing-features).
@@ -91,8 +83,7 @@ To run all benchmarks, execute `cargo bench --all-features`. If you set your own
 
 Ciphersuites benchmarked:
 
-* NIST Ciphersuite with 128-bit security: AES-GCM-128, HKDF-SHA256, ECDH-P256
-* Non-NIST Ciphersuite with 128-bit security: ChaCha20-Poly1305, HKDF-SHA256, X25519
+* NIST Ciphersuite with 128-bit security: AES-GCM-128, HKDF-SHA256, secp256k1
 
 Functions benchmarked in each ciphersuite:
 
@@ -107,7 +98,7 @@ Agility
 
 A definition: *crypto agility* refers to the ability of a cryptosystem or protocol to vary its underlying primitives. For example, TLS has "crypto agility" in that you can run the protocol with many different ciphersuites.
 
-This crate does not support crypto agility out of the box. This is because the cryptographic primitives are encoded as types satisfying certain constraints, and types need to be determined at compile time (broadly speaking). That said, there is nothing preventing you from implementing agility yourself. There is a [sample implementation](examples/agility.rs) in the examples folder. The sample implementation is messy because agility is messy.
+This crate does not support crypto agility out of the box. This is because the cryptographic primitives are encoded as types satisfying certain constraints, and types need to be determined at compile time (broadly speaking). That said, there is nothing preventing you from implementing agility yourself.
 
 License
 -------

diff --git a/benches/benches.rs b/benches/benches.rs
@@ -210,25 +210,12 @@ where
 pub fn benches() {
     let mut c = Criterion::default().configure_from_args();
 
-    // NIST ciphersuite at the 128-bit security level is AES-GCM-128, HKDF-SHA256, and ECDH-P256
-    #[cfg(feature = "p256")]
-    bench_ciphersuite::<hpke::aead::AesGcm128, hpke::kdf::HkdfSha256, hpke::kem::DhP256HkdfSha256>(
-        "NIST[seclevel=128]",
-        &mut c,
-    );
-
-    // Non-NIST ciphersuite at the 128-bit security level is ChaCha20Poly1305, HKDF-SHA256, and X25519
-    #[cfg(feature = "x25519")]
-    bench_ciphersuite::<
-        hpke::aead::ChaCha20Poly1305,
-        hpke::kdf::HkdfSha256,
-        hpke::kem::X25519HkdfSha256,
-    >("Non-NIST[seclevel=128]", &mut c);
-
     #[cfg(feature = "secp")]
-    bench_ciphersuite::<hpke::aead::AesGcm128, hpke::kdf::HkdfSha256, hpke::kem::SecpK256HkdfSha256>(
-        "secp", &mut c,
-    );
+    bench_ciphersuite::<
+        bitcoin_hpke::aead::AesGcm128,
+        bitcoin_hpke::kdf::HkdfSha256,
+        bitcoin_hpke::kem::SecpK256HkdfSha256,
+    >("secp", &mut c);
 }
 
 criterion_main!(benches);