Skip to content

Housekeeping #135

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
fjarri wants to merge 9 commits into
base: master
Choose a base branch
from
Open

Housekeeping #135

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
9c872cc
Bump MSRV
fjarri Nov 4, 2025
9e0f363
Update `zeroize` and fix clippy warnings
fjarri Nov 3, 2025
a5bbc32
Bump pyo3 to 0.27
fjarri Nov 3, 2025
ce231b6
Add vector tests
fjarri Nov 4, 2025
88b4a02
Use `serde-encoded-bytes`
fjarri Nov 3, 2025
b593874
Use `secrecy`
fjarri Nov 3, 2025
8f8db5c
Bump `wasm-bindgen-derive` to 0.3
fjarri Nov 3, 2025
4d70a64
Pin generic-array to avoid deprecation warnings
fjarri Nov 4, 2025
3acb109
Fix Python stubs
fjarri Nov 4, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions .github/workflows/umbral-pre.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
strategy:
matrix:
rust:
- 1.70.0 # MSRV
- 1.81.0 # MSRV
- stable
target:
- wasm32-unknown-unknown
Expand All @@ -45,7 +45,7 @@ jobs:
strategy:
matrix:
rust:
- 1.70.0 # MSRV
- 1.81.0 # MSRV
- stable
target:
- thumbv7em-none-eabi
Expand All @@ -63,7 +63,7 @@ jobs:
strategy:
matrix:
rust:
- 1.70.0 # MSRV
- 1.81.0 # MSRV
- stable
steps:
- uses: actions/checkout@v2
Expand All @@ -79,7 +79,7 @@ jobs:
matrix:
include:
- target: x86_64-unknown-linux-gnu
rust: 1.70.0 # MSRV
rust: 1.81.0 # MSRV
- target: x86_64-unknown-linux-gnu
rust: stable

Expand Down Expand Up @@ -124,7 +124,7 @@ jobs:
run: pip install mypy ruff

- name: Run mypy.stubtest
run: python -m mypy.stubtest umbral_pre --allowlist stubtest-allowlist.txt
run: python -m mypy.stubtest umbral_pre
working-directory: umbral-pre-python

- name: Run ruff
Expand Down
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

- `SecretKey::try_from_be_bytes()` takes just a slice reference instead of a `SecretBox`. ([#134])
- Bumped MSRV to 1.70. ([#134])
- Bumped MSRV to 1.81. ([#135])


[#134]: https://github.com/nucypher/rust-umbral/pull/134
[#135]: https://github.com/nucypher/rust-umbral/pull/135


## [0.11.0] - 2023-08-01
Expand Down
1 change: 1 addition & 0 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,4 @@ members = [
"umbral-pre-wasm",
"umbral-pre-python",
]
resolver = "2"
2 changes: 1 addition & 1 deletion umbral-pre-python/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,4 +13,4 @@ umbral-pre = { path = "../umbral-pre", features = ["bindings-python"] }
# Unfortunately, we (for the time being?) cannot use a re-exported `pyo3`
# from the main `umbral-pre`, since `pyo3` macros and `pip` build need an explicit dependency.
# This version has to be matched with the one in `umbral-pre`.
pyo3 = "0.18"
pyo3 = "0.27"
2 changes: 1 addition & 1 deletion umbral-pre-python/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ use umbral_pre::bindings_python::*;

/// A Python module implemented in Rust.
#[pymodule]
fn _umbral(py: Python, m: &PyModule) -> PyResult<()> {
fn _umbral(py: Python, m: &Bound<'_, PyModule>) -> PyResult<()> {
m.add_class::<SecretKey>()?;
m.add_class::<SecretKeyFactory>()?;
m.add_class::<PublicKey>()?;
Expand Down
1 change: 0 additions & 1 deletion umbral-pre-python/stubtest-allowlist.txt
View file
Open in desktop

This file was deleted.

8 changes: 4 additions & 4 deletions umbral-pre-python/umbral_pre/__init__.pyi
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ class PublicKey:
@final
class Signer:

def __init__(self, secret_key: SecretKey):
def __new__(cls, secret_key: SecretKey):
...

def sign(self, message: bytes) -> Signature:
Expand Down Expand Up @@ -237,7 +237,7 @@ class CurvePoint:
@final
class Parameters:

def __init__(self) -> None:
def __new__(cls):
...

u: CurvePoint
Expand All @@ -246,8 +246,8 @@ class Parameters:
@final
class ReencryptionEvidence:

def __init__(
self,
def __new__(
cls,
capsule: Capsule,
vcfrag: VerifiedCapsuleFrag,
verifying_pk: PublicKey,
Expand Down
16 changes: 10 additions & 6 deletions umbral-pre/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ description = "Implementation of Umbral proxy reencryption algorithm"
repository = "https://github.com/nucypher/rust-umbral/tree/master/umbral-pre"
readme = "README.md"
categories = ["cryptography", "no-std"]
rust-version = "1.81"

[dependencies]
k256 = { version = "0.13", default-features = false, features = ["ecdsa", "arithmetic", "hash2curve"] }
Expand All @@ -18,24 +19,27 @@ hex = { version = "0.4", default-features = false, features = ["alloc"] }
serde = { version = "1", default-features = false, features = ["derive"], optional = true }
base64 = { version = "0.21", default-features = false, features = ["alloc"] }
rmp-serde = { version = "1", optional = true }
pyo3 = { version = "0.18", optional = true }
pyo3 = { version = "0.27", optional = true }
js-sys = { version = "0.3.63", optional = true }
wasm-bindgen = { version = "0.2.86", optional = true }
derive_more = { version = "0.99", optional = true, default_features = false, features = ["as_ref", "from", "into"] }
wasm-bindgen-derive = { version = "0.2.0", optional = true }
derive_more = { version = "0.99", optional = true, default-features = false, features = ["as_ref", "from", "into"] }
wasm-bindgen-derive = { version = "0.3", optional = true }
serde-encoded-bytes = { version = "0.2", optional = true, features = ["hex", "generic-array-014"] }
secrecy = { version = "0.10", default-features = false }

# These packages are among the dependencies of the packages above.
# Their versions should be updated when the main packages above are updated.
generic-array = { version = "0.14.6", features = ["zeroize"] }
generic-array = { version = "=0.14.7", features = ["zeroize"] }
Copy link

Copilot AI Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using an exact version pin (=0.14.7) for generic-array is very restrictive and may cause dependency conflicts in downstream crates. Consider using a more flexible version constraint like '0.14.7' or '^0.14.7' unless there's a specific reason for the exact pin.

Suggested change
generic-array = { version = "=0.14.7", features = ["zeroize"] }
generic-array = { version = "0.14.7", features = ["zeroize"] }

Copilot uses AI. Check for mistakes.
Copy link
Copy Markdown
Contributor Author

@fjarri fjarri Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unfortunately the author of generic-array screwed everyone by adding deprecation notices to every single API item in 0.14.8 (in an effort to make people switch to 1.x I guess, see fizyk20/generic-array#158). But the RustCrypto stack libraries we depend on still use 0.14, so we can't upgrade.

rand_core = { version = "0.6", default-features = false }
getrandom = { version = "0.2", optional = true, default-features = false }
subtle = { version = "2.4", default-features = false }
zeroize = { version = "1.5", default-features = false, features = ["derive"] }
zeroize = { version = "1.8", default-features = false, features = ["derive"] }

[dev-dependencies]
criterion = { version = "=0.4.0", features = ["html_reports"] } # forcing version to avoid bumping MSRV
serde_json = "1"
rmp-serde = "1"
rand_chacha = "0.3"

[features]
default = ["default-rng"]
Expand All @@ -44,7 +48,7 @@ bindings-python = ["pyo3", "std", "derive_more", "default-serialization"]
bindings-wasm = ["js-sys", "default-serialization", "wasm-bindgen", "derive_more", "wasm-bindgen-derive", "getrandom/js"]
default-rng = ["getrandom", "rand_core/getrandom"]
default-serialization = ["serde", "rmp-serde"]
serde = ["dep:serde"]
serde = ["dep:serde", "serde-encoded-bytes"]
std = []

# What features to use when building documentation on docs.rs
Expand Down
2 changes: 1 addition & 1 deletion umbral-pre/src/bench.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,11 @@
//! Should not be used by regular users.

use rand_core::OsRng;
use secrecy::SecretBox;

use crate::capsule::{Capsule, KeySeed, OpenReencryptedError};
use crate::capsule_frag::CapsuleFrag;
use crate::keys::{PublicKey, SecretKey};
use crate::secret_box::SecretBox;

/// Exported `Capsule::from_public_key()` for benchmark purposes.
pub fn capsule_from_public_key(delegating_pk: &PublicKey) -> (Capsule, SecretBox<KeySeed>) {
Expand Down
Loading
Loading