Skip to main content

Crate p384

Crate p384 

Source
Expand description

§RustCrypto: NIST P-384 (secp384r1) elliptic curve

crate Docs Build Status Apache2/MIT licensed Rust Version Project Chat

Pure Rust implementation of the NIST P-384 (a.k.a. secp384r1) elliptic curve with support for ECDH, ECDSA signing/verification, and general purpose curve arithmetic support implemented in terms of traits from the elliptic-curve crate.

Documentation

§⚠️ Security Warning

The elliptic curve arithmetic contained in this crate has never been independently audited!

This crate has been designed with the goal of ensuring that secret-dependent operations are performed in constant time (using the subtle crate and constant-time formulas). However, it has not been thoroughly assessed to ensure that generated assembly is constant time on common CPU architectures.

USE AT YOUR OWN RISK!

§Supported Algorithms

§About P-384

NIST P-384 is a Weierstrass curve specified in SP 800-186: Recommendations for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters.

Also known as secp384r1 (SECG), it’s included in the US National Security Agency’s “Suite B” and is widely used in protocols like TLS and the associated X.509 PKI.

§License

All crates licensed under either of

at your option.

§Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

§Backends

This crate has support for two different field arithmetic backends which can be selected using cfg(p384_backend), e.g. to select the bignum backend:

$ RUSTFLAGS='--cfg p384_backend="bignum"' cargo test

Or it can be set through .cargo/config:

[build]
rustflags = ['--cfg', 'p384_backend="bignum"']

The available backends are:

  • bignum: experimental backend provided by crypto-bigint. May offer better performance in some cases along with smaller code size, but might also have bugs.
  • fiat (default): formally verified implementation synthesized by fiat-crypto which should be correct for all inputs (though there’s a possibility of bugs in the code which glues to it)

§serde support

When the serde feature of this crate is enabled, Serialize and Deserialize are impl’d for the following types:

Please see type-specific documentation for more information.

Re-exports§

pub use elliptic_curve;
pub use hash2curve;hash2curve
pub use elliptic_curve::pkcs8;pkcs8

Modules§

ecdhecdh
Elliptic Curve Diffie-Hellman (Ephemeral) Support.
ecdsaecdsa-core
Elliptic Curve Digital Signature Algorithm (ECDSA)
test_vectorstest-vectors
secp384r1 test vectors.

Structs§

FieldElementarithmetic and expose-field
Element in the finite field modulo p = 2^{384} − 2^{128} − 2^{96} + 2^{32} − 1.
NistP384
NIST P-384 elliptic curve.
Odd
Wrapper type for odd integers.
Scalararithmetic
Element in the NIST P-384 scalar field modulo n.

Type Aliases§

AffinePointarithmetic
Elliptic curve point in affine coordinates.
CompressedPoint
Compressed SEC1-encoded NIST P-384 curve point.
FieldBytes
NIST P-384 field element serialized as bytes.
NonZeroScalararithmetic
Non-zero NIST P-384 scalar field element.
ProjectivePointarithmetic
Elliptic curve point in projective coordinates.
PublicKeyarithmetic
NIST P-384 public key.
Sec1Point
NIST P-384 SEC1 encoded point.
SecretKey
NIST P-384 secret key.
U48
U384
384-bit unsigned big integer.