crypto::ecdh — Hare documentation

crypto::ecdh+x86_64 +linux

The crypto::ecdh module implements elliptic-curve diffie hellman key generation for curves implemented in crypto::ec::.

This is a low-level module which implements cryptographic primitives. Direct use of cryptographic primitives is not recommended for non-experts, as incorrect use of these primitives can easily lead to the introduction of security vulnerabilities. Non-experts are advised to use the high-level operations available in the top-level crypto:: module.

Be advised that Hare's cryptography implementations have not been audited.

Index

Types

// Undocumented types:
type p256key = struct {
	priv: privkey,
	x: [ec::P256_SCALARSZ]u8,
};
type p384key = struct {
	priv: privkey,
	x: [ec::P384_SCALARSZ]u8,
};
type p521key = struct {
	priv: privkey,
	x: [ec::P521_SCALARSZ]u8,
};
type privkey = struct {
	curve: *ec::curve,
	get_x: *fn(priv: *privkey) []u8,
};

Errors

type invalidkey = !void;

Constants

def P256_SHAREDSZ = ec::P256_POINTSZ / 2;
def P384_SHAREDSZ = ec::P384_POINTSZ / 2;
def P521_SHAREDSZ = ec::P521_POINTSZ / 2;

Functions

fn derive(shared: []u8, priv: *privkey, pub: []u8) (size | invalidkey);
fn newkey(priv: *privkey, rand: io::handle) (void | io::error);
fn p256() p256key;
fn p384() p384key;
fn p521() p521key;
fn pubkey(pub: []u8, priv: *privkey) size;

Types

type p256key[link]

Show undocumented member

type p256key = struct {
	priv: privkey,
	x: [ec::P256_SCALARSZ]u8,
};

type p384key[link]

Show undocumented member

type p384key = struct {
	priv: privkey,
	x: [ec::P384_SCALARSZ]u8,
};

type p521key[link]

Show undocumented member

type p521key = struct {
	priv: privkey,
	x: [ec::P521_SCALARSZ]u8,
};

type privkey[link]

Show undocumented member

type privkey = struct {
	curve: *ec::curve,
	get_x: *fn(priv: *privkey) []u8,
};

Errors

type invalidkey[link]

type invalidkey = !void;

Key is either not of expected size or is not a valid point on given curve.

Constants

def P256_SHAREDSZ[link]

def P256_SHAREDSZ = ec::P256_POINTSZ / 2;

Size of the shared secret in bytes when using p256 curves.

def P384_SHAREDSZ[link]

def P384_SHAREDSZ = ec::P384_POINTSZ / 2;

Size of the shared secret in bytes when using p384 curves.

def P521_SHAREDSZ[link]

def P521_SHAREDSZ = ec::P521_POINTSZ / 2;

Size of the shared secret in bytes when using p521 curves.

Functions

fn derive[link]

fn derive(shared: []u8, priv: *privkey, pub: []u8) (size | invalidkey);

Derives a shared secret with the private key 'priv' and the peer's public key 'pub' and stores it in 'shared'.

fn newkey[link]

fn newkey(priv: *privkey, rand: io::handle) (void | io::error);

Generates a key seeding from the 'rand' stream and stores it in 'priv'. 'rand' must be a cryptographic random generator like crypto::random::stream.

fn p256[link]

fn p256() p256key;

Creates an unitialized p256 key. The curve is also known as secp256r1 or prime256. The key must be initialized using newkey.

fn p384[link]

fn p384() p384key;

Creates an unitialized p384 key. The curve is also known as secp384r1. The key must be initialized using newkey.

fn p521[link]

fn p521() p521key;

Creates an unitialized p521 key. The curve is also known as secp521r1. The key must be initialized using newkey.

fn pubkey[link]

fn pubkey(pub: []u8, priv: *privkey) size;

Derives the public key from given 'priv' and stores it into 'pub'. Returns the number of key bytes written to 'pub'.