1 // Copyright 2015-2017 Brian Smith. 2 // 3 // Permission to use, copy, modify, and/or distribute this software for any 4 // purpose with or without fee is hereby granted, provided that the above 5 // copyright notice and this permission notice appear in all copies. 6 // 7 // THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES 8 // WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 9 // MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY 10 // SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 11 // WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION 12 // OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN 13 // CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 15 use crate::{ec, error, rand}; 16 17 /// A key agreement algorithm. 18 macro_rules! suite_b_curve { 19 ( $NAME:ident, $bits:expr, $private_key_ops:expr, $id:expr, 20 $check_private_key_bytes:ident, $generate_private_key:ident, 21 $public_from_private:ident) => { 22 /// Public keys are encoding in uncompressed form using the 23 /// Octet-String-to-Elliptic-Curve-Point algorithm in 24 /// [SEC 1: Elliptic Curve Cryptography, Version 2.0]. Public keys are 25 /// validated during key agreement according to 26 /// [NIST Special Publication 800-56A, revision 2] and Appendix B.3 of 27 /// the NSA's [Suite B Implementer's Guide to NIST SP 800-56A]. 28 /// 29 /// [SEC 1: Elliptic Curve Cryptography, Version 2.0]: 30 /// http://www.secg.org/sec1-v2.pdf 31 /// [NIST Special Publication 800-56A, revision 2]: 32 /// http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar2.pdf 33 /// [Suite B Implementer's Guide to NIST SP 800-56A]: 34 /// https://github.com/briansmith/ring/blob/main/doc/ecdh.pdf 35 pub static $NAME: ec::Curve = ec::Curve { 36 public_key_len: 1 + (2 * (($bits + 7) / 8)), 37 elem_scalar_seed_len: ($bits + 7) / 8, 38 id: $id, 39 check_private_key_bytes: $check_private_key_bytes, 40 generate_private_key: $generate_private_key, 41 public_from_private: $public_from_private, 42 }; 43 44 fn $check_private_key_bytes(bytes: &[u8]) -> Result<(), error::Unspecified> { 45 debug_assert_eq!(bytes.len(), $bits / 8); 46 ec::suite_b::private_key::check_scalar_big_endian_bytes($private_key_ops, bytes) 47 } 48 49 fn $generate_private_key( 50 rng: &dyn rand::SecureRandom, 51 out: &mut [u8], 52 ) -> Result<(), error::Unspecified> { 53 ec::suite_b::private_key::generate_private_scalar_bytes($private_key_ops, rng, out) 54 } 55 56 fn $public_from_private( 57 public_out: &mut [u8], 58 private_key: &ec::Seed, 59 ) -> Result<(), error::Unspecified> { 60 ec::suite_b::private_key::public_from_private($private_key_ops, public_out, private_key) 61 } 62 }; 63 } 64 65 suite_b_curve!( 66 P256, 67 256, 68 &ec::suite_b::ops::p256::PRIVATE_KEY_OPS, 69 ec::CurveID::P256, 70 p256_check_private_key_bytes, 71 p256_generate_private_key, 72 p256_public_from_private 73 ); 74 75 suite_b_curve!( 76 P384, 77 384, 78 &ec::suite_b::ops::p384::PRIVATE_KEY_OPS, 79 ec::CurveID::P384, 80 p384_check_private_key_bytes, 81 p384_generate_private_key, 82 p384_public_from_private 83 ); 84