Expand description
§RustCrypto: NIST P-384 (secp384r1) elliptic curve
Pure Rust implementation of the NIST P-384 (a.k.a. secp384r1) elliptic curve
with support for ECDH, ECDSA signing/verification, and general purpose curve
arithmetic support implemented in terms of traits from the elliptic-curve
crate.
§⚠️ Security Warning
The elliptic curve arithmetic contained in this crate has never been independently audited!
This crate has been designed with the goal of ensuring that secret-dependent
operations are performed in constant time (using the subtle crate and
constant-time formulas). However, it has not been thoroughly assessed to ensure
that generated assembly is constant time on common CPU architectures.
USE AT YOUR OWN RISK!
§Supported Algorithms
- Elliptic Curve Diffie-Hellman (ECDH): gated under the
ecdhfeature. - Elliptic Curve Digital Signature Algorithm (ECDSA): gated under the
ecdsafeature.
§About P-384
NIST P-384 is a Weierstrass curve specified in SP 800-186: Recommendations for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters.
Also known as secp384r1 (SECG), it’s included in the US National Security Agency’s “Suite B” and is widely used in protocols like TLS and the associated X.509 PKI.
§License
All crates licensed under either of
at your option.
§Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
§Backends
This crate has support for two different field arithmetic backends which can be selected using
cfg(p384_backend), e.g. to select the formally verified fiat backend:
$ RUSTFLAGS='--cfg p384_backend="fiat"' cargo testOr it can be set through .cargo/config:
[build]
rustflags = ['--cfg', 'p384_backend="fiat"']The available backends are:
bigint(default): backend provided by crypto-bigint, which should provide better performance as well as smaller code size and fewer dependencies, but isn’t formally verified and may contain bugsfiat: formally verified implementation synthesized by fiat-crypto which should be correct for all inputs (though there’s a possibility of bugs in the code which glues to it)
§serde support
When the serde feature of this crate is enabled, Serialize and
Deserialize are impl’d for the following types:
Please see type-specific documentation for more information.
Re-exports§
pub use elliptic_curve;pub use elliptic_curve::pkcs8;
Modules§
- arithmetic 🔒
- Pure Rust implementation of group operations on secp384r1.
- ecdh
- Elliptic Curve Diffie-Hellman (Ephemeral) Support.
- ecdsa
- Elliptic Curve Digital Signature Algorithm (ECDSA)
Structs§
- Nist
P384 - NIST P-384 elliptic curve.
- Odd
- Wrapper type for odd integers.
- Scalar
- Element in the NIST P-384 scalar field modulo
n.
Constants§
- ORDER_
HEX 🔒 - Order of NIST P-384’s elliptic curve group (i.e. scalar modulus) in hexadecimal.
Type Aliases§
- Affine
Point - Elliptic curve point in affine coordinates.
- Compressed
Point - Compressed SEC1-encoded NIST P-384 curve point.
- Field
Bytes - NIST P-384 field element serialized as bytes.
- NonZero
Scalar - Non-zero NIST P-384 scalar field element.
- Projective
Point - Elliptic curve point in projective coordinates.
- Public
Key - NIST P-384 public key.
- Sec1
Point - NIST P-384 SEC1 encoded point.
- Secret
Key - NIST P-384 secret key.
- U48
- U384
- 384-bit unsigned big integer.