EcdsaP256

dcrypt_sign::ecdsa::p256

Struct EcdsaP256 

Source 
pub struct EcdsaP256;
Expand description

ECDSA signature scheme using NIST P-256 curve (secp256r1)

Implements ECDSA as specified in FIPS 186-4, Section 6

Trait Implementations§

Source§

impl Signature for EcdsaP256

Source§

fn keypair<R: CryptoRng + RngCore>(rng: &mut R) -> ApiResult<Self::KeyPair>

Generate an ECDSA key pair

Generates a random private key d ∈ [1, n-1] and computes the corresponding public key Q = d·G where G is the base point.

Reference: FIPS 186-4, Appendix B.4.1

Source§

fn sign( message: &[u8], secret_key: &Self::SecretKey, ) -> ApiResult<Self::SignatureData>

Sign a message using ECDSA

Implements the ECDSA signature generation algorithm as specified in FIPS 186-4, Section 6.3, with deterministic nonce generation per RFC 6979 hedged with additional entropy (FIPS 186-5, Section 6.4).

Algorithm:

  1. e = HASH(M), where HASH is SHA-256
  2. z = the leftmost min(N, bitlen(e)) bits of e, where N = 256
  3. Generate k deterministically per RFC 6979 with extra entropy
  4. (x₁, y₁) = k·G
  5. r = x₁ mod n; if r = 0, go back to step 3
  6. s = k⁻¹(z + rd) mod n; if s = 0, go back to step 3
  7. Return signature (r, s)
Source§

fn verify( message: &[u8], signature: &Self::SignatureData, public_key: &Self::PublicKey, ) -> ApiResult<()>

Verify an ECDSA signature

Implements the ECDSA signature verification algorithm as specified in FIPS 186-4, Section 6.4.

Algorithm:

  1. Verify that r and s are integers in [1, n-1]
  2. e = HASH(M), where HASH is SHA-256
  3. z = the leftmost min(N, bitlen(e)) bits of e, where N = 256
  4. w = s⁻¹ mod n
  5. u₁ = zw mod n and u₂ = rw mod n
  6. (x₁, y₁) = u₁·G + u₂·Q
  7. If (x₁, y₁) = O, reject the signature
  8. v = x₁ mod n
  9. Accept the signature if and only if v = r
Source§

type PublicKey = EcdsaP256PublicKey

Public key type for this algorithm
Source§

type SecretKey = EcdsaP256SecretKey

Secret key type - must be zeroizable but not byte-accessible Read more
Source§

type SignatureData = EcdsaP256Signature

Signature data type
Source§

type KeyPair = (<EcdsaP256 as Signature>::PublicKey, <EcdsaP256 as Signature>::SecretKey)

Key pair type (typically a tuple of public and secret keys)
Source§

fn name() -> &'static str

Returns the name of this signature algorithm
Source§

fn public_key(keypair: &Self::KeyPair) -> Self::PublicKey

Extract the public key from a key pair
Source§

fn secret_key(keypair: &Self::KeyPair) -> Self::SecretKey

Extract the secret key from a key pair

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V