Skip to main content

Crate bign_genk

Crate bign_genk 

Source
Expand description

§RustCrypto: STB 34.101.45 Deterministic Signatures

crate Docs Build Status Apache2/MIT licensed MSRV Project Chat

Pure Rust implementation of bign-genk from STB 34.101.45: Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA).

Algorithm described in STB 34.101.45-2013 § 6.3: https://apmi.bsu.by/assets/files/std/bign-spec295.pdf

Documentation

§Minimum Supported Rust Version

This crate requires Rust 1.85 at a minimum.

We may change the MSRV in the future, but it will be accompanied by a minor version bump.

§License

All crates licensed under either of

at your option.

§Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

§Usage

See also: the documentation for the generate_k function.

use hex_literal::hex;
use bign_genk::consts::U32;
use belt_hash::{Digest, BeltHash};
use belt_block::BeltBlock;

// BIGN P-256 field modulus
const BIGNP256_MODULUS: [u8; 32] =
    hex!("FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF C95E2EAB 40309C49 56129C2E F129D6CC");

// Public key for STB 34.101.45 Bign P256/BeltHash test case
const KEY: [u8; 32] =
    hex!("1F66B5B8 4B733967 4533F032 9C74F218 34281FED 0732429E 0C79235F C273E269");

// Test message for STB 34.101.45 Bign P256/BeltHash test case
const MSG: [u8; 13] =
    hex!("B194BAC8 0A08F53B 366D008E 58");

// Expected K for STB 34.101.45 Bign P256/BeltHash test case
const EXPECTED_K: [u8; 32] =
    hex!("829614D8 411DBBC4 E1F2471A 40045864 40FD8C95 53FAB6A1 A45CE417 AE97111E");

let h = BeltHash::digest(MSG);
let k = bign_genk::generate_k::<BeltHash, BeltBlock, U32>(
    &KEY.into(),
    &BIGNP256_MODULUS.into(),
    &h,
    &[],
);
assert_eq!(k.as_slice(), &EXPECTED_K);

Modules§

consts

Structs§

Array
Array is a newtype for an inner [T; N] array where N is determined by a generic ArraySize parameter, which is a marker trait for a numeric value determined by ZSTs that impl the typenum::Unsigned trait.

Functions§

generate_k
Deterministically generate ephemeral scalar k.
generate_k_mut
Deterministically generate ephemeral scalar k by writing it into the provided output buffer.