1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110

//! Elliptic curve cryptography (ECC) primitives.
//!
//! The elliptic curve is a plane curve over a finite field which consists of
//! the points satisfying the following equation: <sup>[[1][curve]]</sup>
//!
//! y^2 = x^3 + ax + b
//!
//! [curve]: https://en.wikipedia.org/wiki/Elliptic-curve_cryptography#Theory

use winapi::shared::bcrypt::*;

/// Represents a named elliptic curve.
pub trait Curve {
    /// Returns a type-erased [`NamedCurve`] enum (in contrast to a concrete
    /// unit structs, e.g. [`NistP256`]).
    ///
    /// [`NamedCurve`]: enum.NamedCurve.html
    /// [`NistP256`]: struct.NistP256.html
    fn as_curve(&self) -> NamedCurve;
    /// Size of the field in bits that the curve is defined over.
    ///
    /// NOTE: These are **NOT** bits of security.
    fn key_bits(&self) -> u32;
}

/// NIST-P256 (a.k.a `secp256r1` or `prime256v1`).
///
/// Provides 128-bits of security and is defined over a field size of 256.
pub struct NistP256;
impl Curve for NistP256 {
    fn as_curve(&self) -> NamedCurve {
        NamedCurve::NistP256
    }
    fn key_bits(&self) -> u32 {
        256
    }
}

/// NIST-P384 (a.k.a `secp384r1` or `prime384v1`).
///
/// Provides 192-bits of security and is defined over a field size of 256.
pub struct NistP384;
impl Curve for NistP384 {
    fn as_curve(&self) -> NamedCurve {
        NamedCurve::NistP384
    }
    fn key_bits(&self) -> u32 {
        384
    }
}

/// NIST-521 (a.k.a `secp521r1` or `prime521v1`).
///
/// Provides 256-bits of security and is defined over a field size of 521.
pub struct NistP521;
impl Curve for NistP521 {
    fn as_curve(&self) -> NamedCurve {
        NamedCurve::NistP521
    }
    fn key_bits(&self) -> u32 {
        521
    }
}

/// Elliptic curve offering 128 bits of security and designed for use with the
/// elliptic curve Diffie–Hellman (ECDH) key agreement scheme.
pub struct Curve25519;
impl Curve for Curve25519 {
    fn as_curve(&self) -> NamedCurve {
        NamedCurve::Curve25519
    }
    fn key_bits(&self) -> u32 {
        255
    }
}

/// Type-erased named curve enumeration. For concrete types, see unit structs
/// defined in this module.
#[derive(Debug, Copy, Clone, PartialEq, Eq)]
pub enum NamedCurve {
    /// NIST P-256. See [`NistP256`](struct.NistP256.html).
    NistP256,
    /// NIST P-384. See [`NistP384`](struct.NistP384.html).
    NistP384,
    /// NIST P-521. See [`NistP521`](struct.NistP521.html).
    NistP521,
    /// See [`Curve25519`](struct.Curve25519.html).
    Curve25519,
    // TODO: Implement more
}

impl NamedCurve {
    pub fn to_str(self) -> &'static str {
        match self {
            Self::NistP256 => BCRYPT_ECC_CURVE_NISTP256,
            Self::NistP384 => BCRYPT_ECC_CURVE_NISTP384,
            Self::NistP521 => BCRYPT_ECC_CURVE_NISTP521,
            Self::Curve25519 => BCRYPT_ECC_CURVE_25519,
        }
    }

    pub fn key_bits(self) -> u32 {
        match self {
            Self::NistP256 => NistP256.key_bits(),
            Self::NistP384 => NistP384.key_bits(),
            Self::NistP521 => NistP521.key_bits(),
            Self::Curve25519 => Curve25519.key_bits(),
        }
    }
}