entropyxyz · fjarri · Oct 20, 2024 · Oct 19, 2024 · Oct 19, 2024 · Oct 19, 2024
diff --git a/synedrion/Cargo.toml b/synedrion/Cargo.toml
@@ -12,30 +12,24 @@ categories = ["cryptography", "no-std"]
 [dependencies]
 signature = { version = "2", default-features = false, features = ["alloc"] }
 k256 = { version = "0.13", default-features = false, features = ["ecdsa", "arithmetic"] }
-rand_core = { version = "0.6.4", default-features = false, features = ["getrandom"] }
+rand_core = { version = "0.6.4", default-features = false }
 sha2 = { version = "0.10", default-features = false }
 sha3 = { version = "0.10", default-features = false }
 digest = { version = "0.10", default-features = false, features = ["alloc"]}
-hex = { version = "0.4", default-features = false, features = ["alloc"] }
-base64 = { version = "0.22", default-features = false, features = ["alloc"] }
 hashing-serializer = { version = "0.1", default-features = false }
-secrecy = { version = "0.9.0-pre.0", default-features = false, features = ["serde"] }
+secrecy = { version = "0.10", default-features = false, features = ["serde"] }
 zeroize = { version = "1.8", default-features = false, features = ["alloc", "zeroize_derive"] }
 bip32 = { version = "0.5", default-features = false, features = ["alloc", "secp256k1", "k256"] }
 
 # Note: `alloc` is needed for `crytpto-bigint`'s dependency `serdect` to be able
 # to serialize Uints in human-readable formats.
-crypto-bigint = { version = "0.6.0-rc.2", features = ["serde", "alloc", "rand_core", "zeroize"] }
-crypto-primes = "0.6.0-pre.1"
+crypto-bigint = { version = "0.6.0-rc.6", default-features = false, features = ["serde", "alloc", "rand_core", "zeroize"] }
+crypto-primes = { version = "0.6.0-pre.2", default-features = false }
 
 serde = { version = "1", default-features = false, features = ["derive"] }
 serde-encoded-bytes = { version = "0.1", default-features = false, features = ["hex", "base64"] }
 bincode = { version = "2.0.0-rc.3", default-features = false, features = ["serde", "alloc"] }
-displaydoc = { version = "0.2", default-features = false}
-
-# Note: needed for the `rand_core` feature of `crypto-bigint`.
-[target.wasm32-unknown-unknown.dependencies]
-getrandom = { version = "0.2", features = ["js"]}
+displaydoc = { version = "0.2", default-features = false }
 
 [dev-dependencies]
 rand_chacha = "0.3"
@@ -45,6 +39,7 @@ rand = "0.8"
 criterion = "0.5"
 k256 = {version = "0.13", default-features = false, features = ["ecdsa", "arithmetic", "pem", "serde"]}
 impls = "1"
+hex = { version = "0.4", default-features = false, features = ["alloc"] }
 
 [features]
 bench-internals = [] # makes some internal functions public to allow external benchmarks

diff --git a/synedrion/src/paillier/encryption.rs b/synedrion/src/paillier/encryption.rs
@@ -28,7 +28,7 @@ impl<P: PaillierParams> Randomizer<P> {
     }
 }
 
-#[derive(Debug, Clone, PartialEq, Eq, ZeroizeOnDrop, Zeroize)]
+#[derive(Debug, Clone, PartialEq, Eq, ZeroizeOnDrop)]
 pub(crate) struct RandomizerMod<P: PaillierParams>(P::UintMod);
 
 impl<P: PaillierParams> RandomizerMod<P> {

diff --git a/synedrion/src/paillier/keys.rs b/synedrion/src/paillier/keys.rs
@@ -3,20 +3,18 @@
 
 use rand_core::CryptoRngCore;
 use serde::{Deserialize, Serialize};
-use zeroize::{Zeroize, ZeroizeOnDrop};
+use zeroize::Zeroize;
 
 use super::params::PaillierParams;
 use crate::uint::{
     subtle::{Choice, ConditionallySelectable},
     Bounded, CheckedAdd, CheckedSub, HasWide, Integer, Invert, NonZero, PowBoundedExp, RandomMod,
     RandomPrimeWithRng, Retrieve, Signed, ToMontgomery,
 };
-use crypto_bigint::{
-    Bounded as TraitBounded, InvMod, Monty, Odd, ShrVartime, Square, WrappingAdd, WrappingSub,
-};
+use crypto_bigint::{InvMod, Monty, Odd, ShrVartime, Square, WrappingAdd, WrappingSub};
 use secrecy::{ExposeSecret, SecretBox};
 
-#[derive(Deserialize, ZeroizeOnDrop, Zeroize)]
+#[derive(Debug, Deserialize)]
 pub(crate) struct SecretKeyPaillier<P: PaillierParams> {
     p: SecretBox<P::HalfUint>,
     q: SecretBox<P::HalfUint>,
@@ -29,14 +27,6 @@
     }
 }
 
-impl<P: PaillierParams> Debug for SecretKeyPaillier<P> {
-    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> Result<(), core::fmt::Error> {
-        f.write_str("[REDACTED ")?;
-        f.write_str(core::any::type_name::<Self>())?;
-        f.write_str("]")
-    }
-}
-
 impl<P: PaillierParams> Clone for SecretKeyPaillier<P> {
     fn clone(&self) -> Self {
         Self {
@@ -57,16 +47,8 @@
 
 impl<P: PaillierParams> SecretKeyPaillier<P> {
     pub fn random(rng: &mut impl CryptoRngCore) -> Self {
-        let p = P::HalfUint::generate_safe_prime_with_rng(
-            rng,
-            P::PRIME_BITS as u32,
-            <P as PaillierParams>::HalfUint::BITS,
-        );
-        let q = P::HalfUint::generate_safe_prime_with_rng(
-            rng,
-            P::PRIME_BITS as u32,
-            <P as PaillierParams>::HalfUint::BITS,
-        );
+        let p = P::HalfUint::generate_safe_prime_with_rng(rng, P::PRIME_BITS as u32);
+        let q = P::HalfUint::generate_safe_prime_with_rng(rng, P::PRIME_BITS as u32);
 
         Self {
             p: Box::new(p).into(),
@@ -459,7 +441,14 @@
         let sk = SecretKeyPaillier::<PaillierTest>::random(&mut OsRng);
 
         let debug_output = format!("Sikrit {:?}", sk);
-        assert_eq!(debug_output, "Sikrit [REDACTED synedrion::paillier::keys::SecretKeyPaillier<synedrion::paillier::params::PaillierTest>]");
+        assert_eq!(
+            debug_output,
+            concat![
+                "Sikrit SecretKeyPaillier ",
+                "{ p: SecretBox<crypto_bigint::uint::Uint<8>>([REDACTED]), ",
+                "q: SecretBox<crypto_bigint::uint::Uint<8>>([REDACTED]) }"
+            ]
+        );
     }
 
     #[test]
@@ -471,8 +460,20 @@
         let sk_ser = sk.serialize(&serializer).unwrap();
         let expected_tokens = [
             Token::Tuple { len: 2 },
-            Token::Str("d30b226b6f3a29a048826fa4cf85f83a7aa03d097ec89aea7b1f35633f5719e180b93af2508fc289c196078937d9d8a61af6d7768301d231bafdf87c10f28f8a".into()),
-            Token::Str("7f0e0796291488cf87ed167109d9daf34e4ad5cc1399c9d034803b953652598963abf19b9675653a51e619651f1ab15e66256829c250903fae3ab96683b5aff9".into()),
+            Token::Str(
+                concat![
+                    "d30b226b6f3a29a048826fa4cf85f83a7aa03d097ec89aea7b1f35633f5719e1",
+                    "80b93af2508fc289c196078937d9d8a61af6d7768301d231bafdf87c10f28f8a"
+                ]
+                .into(),
+            ),
+            Token::Str(
+                concat![
+                    "7f0e0796291488cf87ed167109d9daf34e4ad5cc1399c9d034803b9536525989",
+                    "63abf19b9675653a51e619651f1ab15e66256829c250903fae3ab96683b5aff9"
+                ]
+                .into(),
+            ),
             Token::TupleEnd,
         ];
         assert_eq!(sk_ser, expected_tokens);