p256/
arithmetic.rs

1//! Pure Rust implementation of group operations on secp256r1.
2//!
3//! Curve parameters can be found in [NIST SP 800-186] § G.1.2: Curve P-256.
4//!
5//! [NIST SP 800-186]: https://csrc.nist.gov/publications/detail/sp/800-186/final
6
7pub(crate) mod field;
8#[cfg(feature = "hash2curve")]
9mod hash2curve;
10pub(crate) mod scalar;
11pub(crate) mod util;
12
13use self::{field::FieldElement, scalar::Scalar};
14use crate::NistP256;
15use elliptic_curve::{CurveArithmetic, PrimeCurveArithmetic};
16use primeorder::{point_arithmetic, PrimeCurveParams};
17
18/// Elliptic curve point in affine coordinates.
19pub type AffinePoint = primeorder::AffinePoint<NistP256>;
20
21/// Elliptic curve point in projective coordinates.
22pub type ProjectivePoint = primeorder::ProjectivePoint<NistP256>;
23
24impl CurveArithmetic for NistP256 {
25    type AffinePoint = AffinePoint;
26    type ProjectivePoint = ProjectivePoint;
27    type Scalar = Scalar;
28}
29
30impl PrimeCurveArithmetic for NistP256 {
31    type CurveGroup = ProjectivePoint;
32}
33
34/// Adapted from [NIST SP 800-186] § G.1.2: Curve P-256.
35///
36/// [NIST SP 800-186]: https://csrc.nist.gov/publications/detail/sp/800-186/final
37impl PrimeCurveParams for NistP256 {
38    type FieldElement = FieldElement;
39    type PointArithmetic = point_arithmetic::EquationAIsMinusThree;
40
41    /// a = -3
42    const EQUATION_A: FieldElement = FieldElement::from_u64(3).neg();
43
44    const EQUATION_B: FieldElement =
45        FieldElement::from_hex("5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b");
46
47    /// Base point of P-256.
48    ///
49    /// Defined in NIST SP 800-186 § G.1.2:
50    ///
51    /// ```text
52    /// Gₓ = 6b17d1f2 e12c4247 f8bce6e5 63a440f2 77037d81 2deb33a0 f4a13945 d898c296
53    /// Gᵧ = 4fe342e2 fe1a7f9b 8ee7eb4a 7c0f9e16 2bce3357 6b315ece cbb64068 37bf51f5
54    /// ```
55    const GENERATOR: (FieldElement, FieldElement) = (
56        FieldElement::from_hex("6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"),
57        FieldElement::from_hex("4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5"),
58    );
59}