_ Git - dnssec-prover/blob - src/crypto/secp384r1.rs

   1 //! secp384r1 validation for DNSSEC signatures
   2
   3 use super::bigint::*;
   4 use super::ec;
   5
   6 #[derive(Clone, Copy, Debug, PartialEq, Eq)]
   7 struct P();
   8 impl PrimeModulus<U384> for P {
   9         const PRIME: U384 = U384::from_48_be_bytes_panicking(&hex_lit::hex!(
  10                 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff"));
  11         const R_SQUARED_MOD_PRIME: U384 = U384::from_48_be_bytes_panicking(&hex_lit::hex!(
  12                 "000000000000000000000000000000010000000200000000fffffffe000000000000000200000000fffffffe00000001"));
  13         const NEGATIVE_PRIME_INV_MOD_R: U384 = U384::from_48_be_bytes_panicking(&hex_lit::hex!(
  14                 "00000014000000140000000c00000002fffffffcfffffffafffffffbfffffffe00000000000000010000000100000001"));
  15 }
  16 #[derive(Clone, Copy, PartialEq, Eq)]
  17 struct N();
  18 impl PrimeModulus<U384> for N {
  19         const PRIME: U384 = U384::from_48_be_bytes_panicking(&hex_lit::hex!(
  20                 "ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973"));
  21         const R_SQUARED_MOD_PRIME: U384 = U384::from_48_be_bytes_panicking(&hex_lit::hex!(
  22                 "0c84ee012b39bf213fb05b7a28266895d40d49174aab1cc5bc3e483afcb82947ff3d81e5df1aa4192d319b2419b409a9"));
  23         const NEGATIVE_PRIME_INV_MOD_R: U384 = U384::from_48_be_bytes_panicking(&hex_lit::hex!(
  24                 "355ca87de39dbb1fa150206ce4f194ac78d4ba5866d61787ee6c8e3df45624ce54a885995d20bb2b6ed46089e88fdc45"));
  25 }
  26
  27 #[derive(Clone, Copy)]
  28 struct P384();
  29
  30 impl ec::Curve for P384 {
  31         type Int = U384;
  32         type IntModP = U384Mod<P>;
  33         type IntModN = U384Mod<N>;
  34
  35         type P = P;
  36         type N = N;
  37
  38         const A: U384Mod<P> = U384Mod::from_u384_panicking(U384::from_48_be_bytes_panicking(&hex_lit::hex!(
  39                 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc")));
  40         const B: U384Mod<P> = U384Mod::from_u384_panicking(U384::from_48_be_bytes_panicking(&hex_lit::hex!(
  41                 "b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef")));
  42
  43         const G: ec::Point<P384> = ec::Point::from_xy_assuming_on_curve(
  44                 U384Mod::from_u384_panicking(U384::from_48_be_bytes_panicking(&hex_lit::hex!(
  45                         "aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7"))),
  46                 U384Mod::from_u384_panicking(U384::from_48_be_bytes_panicking(&hex_lit::hex!(
  47                         "3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f"))),
  48         );
  49 }
  50
  51 /// Validates the given signature against the given public key and message digest.
  52 pub fn validate_ecdsa(pk: &[u8], sig: &[u8], hash_input: &[u8]) -> Result<(), ()> {
  53         ec::validate_ecdsa::<P384>(pk, sig, hash_input)
  54 }