forked from parallaxsecond/rust-cryptoki
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathelliptic_curve.rs
110 lines (103 loc) · 3.95 KB
/
elliptic_curve.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
//! ECDH mechanism types
use crate::types::Ulong;
use cryptoki_sys::*;
use std::convert::TryInto;
use std::marker::PhantomData;
use std::ptr;
/// ECDH derivation parameters.
///
/// The elliptic curve Diffie-Hellman (ECDH) key derivation mechanism
/// is a mechanism for key derivation based on the Diffie-Hellman
/// version of the elliptic curve key agreement scheme, as defined in
/// ANSI X9.63, where each party contributes one key pair all using
/// the same EC domain parameters.
///
/// This structure wraps a `CK_ECDH1_DERIVE_PARAMS` structure.
#[derive(Copy, Debug, Clone)]
#[repr(C)]
pub struct Ecdh1DeriveParams<'a> {
/// Key derivation function
kdf: CK_EC_KDF_TYPE,
/// Length of the optional shared data used by some of the key
/// derivation functions
shared_data_len: Ulong,
/// Address of the optional data or `std::ptr::null()` of there is
/// no shared data
shared_data: *const u8,
/// Length of the other party's public key
public_data_len: Ulong,
/// Pointer to the other party public key
public_data: *const u8,
/// Marker type to ensure we don't outlive shared and public data
_marker: PhantomData<&'a [u8]>,
}
impl<'a> Ecdh1DeriveParams<'a> {
/// Construct ECDH derivation parameters.
///
/// # Arguments
///
/// * `kdf` - The key derivation function to use.
///
/// * `public_data` - The other party's public key. A token MUST be able
/// to accept this value encoded as a raw octet string (as per section
/// A.5.2 of ANSI X9.62). A token MAY, in addition, support accepting
/// this value as a DER-encoded `ECPoint` (as per section E.6 of ANSI
/// X9.62) i.e. the same as a `CKA_EC_POINT` encoding. The calling
/// application is responsible for converting the offered public key to the
/// compressed or uncompressed forms of these encodings if the token does
/// not support the offered form.
pub fn new(kdf: EcKdf<'a>, public_data: &'a [u8]) -> Self {
Self {
kdf: kdf.kdf_type,
shared_data_len: kdf
.shared_data
.map_or(0, <[u8]>::len)
.try_into()
.expect("usize can not fit in CK_ULONG"),
shared_data: kdf.shared_data.map_or(ptr::null(), <[u8]>::as_ptr),
public_data_len: public_data
.len()
.try_into()
.expect("usize can not fit in CK_ULONG"),
public_data: public_data.as_ptr(),
_marker: PhantomData,
}
}
}
/// Key Derivation Function applied to derive keying data from a shared secret.
///
/// The key derivation function will be used by the EC key agreement schemes.
///
/// The lifetime parameter represents the lifetime of the shared data used by
/// the KDF. In the current version of this crate, only the null KDF is
/// supported, which takes no shared data. Therefore `'a` can always be inferred
/// `'static`.
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub struct EcKdf<'a> {
kdf_type: CK_EC_KDF_TYPE,
shared_data: Option<&'a [u8]>,
}
impl<'a> EcKdf<'a> {
/// The null transformation. The derived key value is produced by
/// taking bytes from the left of the agreed value. The new key
/// size is limited to the size of the agreed value.
pub fn null() -> Self {
Self {
kdf_type: CKD_NULL,
shared_data: None,
}
}
/// The sha256 transformation as defined in the x9 standard. The
/// derived key is produced by concatenating hashes of the shared
/// value followed by 00000001, 00000002, etc. until we find
/// enough bytes to fill the `CKA_VALUE_LEN` of the derived key.
pub fn sha256_x9() -> Self {
Self {
kdf_type: CKD_SHA256_KDF,
shared_data: None,
}
}
// The intention here is to be able to support other methods with
// shared data, without it being a breaking change, by just adding
// additional constructors here.
}