-
Notifications
You must be signed in to change notification settings - Fork 0
/
lib.rs
122 lines (103 loc) · 3.1 KB
/
lib.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
#![feature(non_exhaustive)]
#[macro_use] extern crate failure;
extern crate rand;
extern crate sha3;
extern crate digest;
extern crate subtle;
extern crate serde;
extern crate serde_derive;
extern crate curve25519_dalek;
#[macro_use] mod common;
pub mod oake;
pub mod soake;
pub mod roake;
use rand::{ RngCore, CryptoRng };
use subtle::ConstantTimeEq;
use serde_derive::{ Serialize, Deserialize };
use curve25519_dalek::constants::RISTRETTO_BASEPOINT_TABLE;
use curve25519_dalek::ristretto::CompressedRistretto;
use curve25519_dalek::scalar::Scalar;
pub const SECRET_LENGTH: usize = 32;
pub const PUBLIC_LENGTH: usize = 32;
pub const MESSAGE_LENGTH: usize = 32;
#[derive(Serialize, Deserialize, Clone)]
pub struct SecretKey(Scalar);
#[derive(Serialize, Deserialize, Clone)]
pub struct PublicKey(CompressedRistretto);
#[derive(Serialize, Deserialize, Clone)]
pub struct EphemeralKey(Scalar);
#[derive(Serialize, Deserialize, Clone)]
pub struct Message(CompressedRistretto);
#[derive(Debug, Fail)]
#[non_exhaustive]
#[must_use]
pub enum Error {
#[fail(display = "EdwardsPoint decompress error")]
Decompress,
#[fail(display = "Not allow zero value")]
Zero,
#[fail(display = "Invalid length")]
Length
}
impl SecretKey {
#[inline]
pub fn generate<R: RngCore + CryptoRng>(rng: &mut R) -> SecretKey {
SecretKey(Scalar::random(rng))
}
#[inline]
pub fn as_bytes(&self) -> &[u8; SECRET_LENGTH] {
self.0.as_bytes()
}
#[inline]
pub fn from_bytes(bytes: &[u8]) -> Result<SecretKey, Error> {
if bytes.len() >= SECRET_LENGTH {
let mut sk = [0; SECRET_LENGTH];
sk.copy_from_slice(check!(&bytes[..SECRET_LENGTH]));
Ok(SecretKey(Scalar::from_bits(sk)))
} else {
Err(Error::Length)
}
}
}
impl PublicKey {
pub fn from_secret(SecretKey(sk): &SecretKey) -> PublicKey {
PublicKey((sk * &RISTRETTO_BASEPOINT_TABLE).compress())
}
#[inline]
pub fn as_bytes(&self) -> &[u8; PUBLIC_LENGTH] {
self.0.as_bytes()
}
pub fn from_bytes(bytes: &[u8]) -> Result<PublicKey, Error> {
if bytes.len() >= PUBLIC_LENGTH {
let mut pk = [0; PUBLIC_LENGTH];
pk.copy_from_slice(check!(&bytes[..PUBLIC_LENGTH]));
Ok(PublicKey(CompressedRistretto(pk)))
} else {
Err(Error::Length)
}
}
}
impl EphemeralKey {
#[inline]
pub fn generate<R: RngCore + CryptoRng>(rng: &mut R) -> EphemeralKey {
EphemeralKey(Scalar::random(rng))
}
}
impl Message {
pub fn from_ephemeral(EphemeralKey(ek): &EphemeralKey) -> Message {
Message((ek * &RISTRETTO_BASEPOINT_TABLE).compress())
}
#[inline]
pub fn as_bytes(&self) -> &[u8; MESSAGE_LENGTH] {
self.0.as_bytes()
}
pub fn from_bytes(bytes: &[u8]) -> Result<Message, Error> {
if bytes.len() >= MESSAGE_LENGTH {
let mut msg = [0; MESSAGE_LENGTH];
msg.copy_from_slice(check!(&bytes[..MESSAGE_LENGTH]));
Ok(Message(CompressedRistretto(msg)))
} else {
Err(Error::Length)
}
}
}