logo

Crate p256

source · []
Expand description

RustCrypto: NIST P-256 (secp256r1) elliptic curve

crate Docs Build Status Apache2/MIT licensed Rust Version Project Chat

Pure Rust implementation of the NIST P-256 (a.k.a. secp256r1, prime256v1) elliptic curve with support for ECDH, ECDSA signing/verification, and general purpose curve arithmetic support implemented in terms of traits from the elliptic-curve crate.

Documentation

⚠️ Security Warning

The elliptic curve arithmetic contained in this crate has never been independently audited!

This crate has been designed with the goal of ensuring that secret-dependent operations are performed in constant time (using the subtle crate and constant-time formulas). However, it has not been thoroughly assessed to ensure that generated assembly is constant time on common CPU architectures.

USE AT YOUR OWN RISK!

Supported Algorithms

About NIST P-256

NIST P-256 is a Weierstrass curve specified in FIPS 186-4: Digital Signature Standard (DSS):

https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf

Also known as prime256v1 (ANSI X9.62) and secp256r1 (SECG), it’s included in the US National Security Agency’s “Suite B” and is widely used in protocols like TLS and the associated X.509 PKI.

Minimum Supported Rust Version

Rust 1.57 or higher.

Minimum supported Rust version can be changed in the future, but it will be done with a minor version bump.

SemVer Policy

  • All on-by-default features of this library are covered by SemVer
  • MSRV is considered exempt from SemVer as noted above

License

All crates licensed under either of

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

serde support

When the serde feature of this crate is enabled, Serialize and Deserialize are impl’d for the following types:

Please see type-specific documentation for more information.

Re-exports

pub use elliptic_curve::pkcs8;

Modules

ecdhecdh

Elliptic Curve Diffie-Hellman (Ephemeral) Support.

ecdsaecdsa-core

Elliptic Curve Digital Signature Algorithm (ECDSA)

test_vectorstest-vectors

secp256r1 test vectors.

Structs

AffinePointarithmetic

NIST P-256 (secp256r1) curve point expressed in affine coordinates.

BlindedScalararithmetic

Scalar blinded with a randomly generated masking value.

An element in the finite field modulo p = 2^{224}(2^{32} − 1) + 2^{192} + 2^{96} − 1.

NIST P-256 elliptic curve.

ProjectivePointarithmetic

A point on the secp256r1 curve in projective coordinates.

Scalararithmetic

Scalars are elements in the finite field modulo n.

Type Definitions

Compressed SEC1-encoded NIST P-256 curve point.

NIST P-256 SEC1 encoded point.

NIST P-256 field element serialized as bytes.

Non-zero NIST P-256 scalar field element.

NIST P-256 public key.

Bit representation of a NIST P-256 scalar field element.

NIST P-256 secret key.

256-bit unsigned big integer