Removes use of elliptic Marshal and Unmarshal functions.

Author: armfazh

.golangci.yaml

@@ -61,10 +61,6 @@ linters-settings:
     enable-all: true
     disable:
       - fieldalignment
-  staticcheck:
-    # TODO: replace deprecated elliptic.Marshal, elliptic.GenerateKey,
-    # elliptic.Unmarshal, params.ScalarBaseMult before re-enabling SA1019.
-    checks: ["*", "-SA1019"]
   gosec:
     excludes:
       - G115

group/short.go

@@ -2,6 +2,8 @@ package group
 
 import (
 	"crypto"
+	"crypto/ecdh"
+	"crypto/ecdsa"
 	"crypto/elliptic"
 	_ "crypto/sha256"
 	_ "crypto/sha512"
@@ -226,9 +228,20 @@ func (e *wElt) MarshalBinary() ([]byte, error) {
 	if e.IsIdentity() {
 		return []byte{0x0}, nil
 	}
+
+	ec := e.wG.c
+	if e.wG == P384 {
+		ec = elliptic.P384()
+	}
+
 	e.x.Mod(e.x, e.c.Params().P)
 	e.y.Mod(e.y, e.c.Params().P)
-	return elliptic.Marshal(e.wG.c, e.x, e.y), nil
+	pk, err := (&ecdsa.PublicKey{Curve: ec, X: e.x, Y: e.y}).ECDH()
+	if err != nil {
+		return nil, err
+	}
+
+	return pk.Bytes(), nil
 }
 
 func (e *wElt) MarshalBinaryCompress() ([]byte, error) {
@@ -241,7 +254,8 @@ func (e *wElt) MarshalBinaryCompress() ([]byte, error) {
 }
 
 func (e *wElt) UnmarshalBinary(b []byte) error {
-	byteLen := (e.c.Params().BitSize + 7) / 8
+	bitSize := e.c.Params().BitSize
+	byteLen := (bitSize + 7) / 8
 	l := len(b)
 	switch {
 	case l == 1 && b[0] == 0x00: // point at infinity
@@ -254,11 +268,22 @@ func (e *wElt) UnmarshalBinary(b []byte) error {
 		}
 		e.x, e.y = x, y
 	case l == 1+2*byteLen && b[0] == 0x04: // uncompressed
-		x, y := elliptic.Unmarshal(e.wG.c, b)
-		if x == nil {
+		var err error
+		switch bitSize {
+		case 256:
+			_, err = ecdh.P256().NewPublicKey(b)
+		case 384:
+			_, err = ecdh.P384().NewPublicKey(b)
+		case 521:
+			_, err = ecdh.P521().NewPublicKey(b)
+		}
+
+		if err != nil {
 			return ErrUnmarshal
 		}
-		e.x, e.y = x, y
+
+		e.x.SetBytes(b[1 : 1+byteLen])
+		e.y.SetBytes(b[1+byteLen : 1+2*byteLen])
 	default:
 		return ErrUnmarshal
 	}