Module Fiat_p256
See implementation
for a description on how this is implemented.
type error
=[
|
`Invalid_range
|
`Invalid_format
|
`Invalid_length
|
`Not_on_curve
|
`At_infinity
]
The type for public key parsing errors.
val pp_error : Stdlib.Format.formatter -> error -> unit
Pretty printer for public key parsing errors
type secret
Type for P256 private keys.
In the usual setting, the private key only be generated and used for key exchange. But it can be useful to create values of type
secret
with a known value, for example to check against test vectors. One can use the following pattern to do this:let (secret, _) = gen_key ~rng:(fun _ -> known_data)
val gen_key : rng:(int -> Cstruct.t) -> secret * Cstruct.t
gen_key ~rng
generates a private and a public key for Ephemeral Diffie-Hellman over P256. The returned key pair MUST only be used for a single key exchange.rng
is the function used to repeteadly generate a private key until a valid candidate is obtained.rng
's int parameter is the size of theCstruct.t
to generate. Ifrng
returns an invalid length buffer,Failure _
is raised.The generated private key is checked to be greater than zero and lower than the group order meaning the public key cannot be the point at inifinity.
val key_exchange : secret -> Cstruct.t -> (Cstruct.t, error) Stdlib.result
key_exchange secret received_public_key
performs Diffie-Hellman key exchange using your secret and the data received from the other party. Returns the shared secret or an error if the received data is wrongly encoded, doesn't represent a point on the curve or represent the point at infinity.The shared secret is returned as is i.e. not stripped from leading 0x00 bytes.
- see http://www.secg.org/sec1-v2.pdf
for public key encoding format.