Skip to content

Remove ecdsa dependency, use cryptography only II #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
onvej-sl wants to merge 7 commits into
base: master
Choose a base branch
from
Open

Remove ecdsa dependency, use cryptography only II #4

onvej-sl wants to merge 7 commits into from
+86 −25

Conversation

@onvej-sl
Copy link
Collaborator

@onvej-sl onvej-sl commented Dec 19, 2025

This replaces #2. Unlike that, I've tried to use the cryptography package as much as possible.

onvej-sl
onvej-sl commented Dec 19, 2025
View reviewed changes
andrewkozlik
andrewkozlik reviewed Dec 19, 2025
View reviewed changes
@andrewkozlik andrewkozlik mentioned this pull request Dec 19, 2025
Closed
@onvej-sl onvej-sl force-pushed the remove-ecda-2 branch 2 times, most recently from e0b0f49 to ecd81f3 Compare January 9, 2026 16:11
@onvej-sl onvej-sl force-pushed the remove-ecda-2 branch 10 times, most recently from b05ea8b to a9c7320 Compare January 12, 2026 15:02
@onvej-sl onvej-sl marked this pull request as ready for review January 13, 2026 11:21
andrewkozlik
andrewkozlik reviewed Jan 21, 2026
View reviewed changes
andrewkozlik
andrewkozlik reviewed Jan 21, 2026
View reviewed changes
slip10/utils.py
return 0 < key < self.curve.order
return 0 < key < self.order

def add_points(self, first: bytes, second: bytes) -> bytes:
Copy link
Collaborator

@andrewkozlik andrewkozlik Jan 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How does this function handle if one of the inputs is a point at infinity? Does from_encoded_point() raise an exception? I think the only way to get infinity as an input is if the tweak payload[:32] comes out zero, which is practically impossible to observe. Maybe privkey_to_pubkey() already raises an exception in that case. We should at least have a comment explaining how this function behaves for infinity inputs and why it's OK.

Copy link
Collaborator Author

@onvej-sl onvej-sl Jan 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Besides that, I also realized that privkey_to_pubkey() raises an exception if privkey is greater than the curve's order, which would break this test vector, if we had it included in our tests.

Copy link
Collaborator

@andrewkozlik andrewkozlik Jan 22, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have that test vector included in our tests, but it tests retry in master key generation. We should generate a test vector for retry in child key derivation too and add it to the spec.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andrewkozlik andrewkozlik andrewkozlik left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@onvej-sl @andrewkozlik