fiat-p256

Primitives for Elliptic Curve Cryptography taken from Fiat
README

fiat-p256 contains primitives for ECDH key exchange algorithm over NIST curve P-256.

It internally uses bindings to C code generated using the correct-by-construction implementations from
fiat-crypto.

Please be aware that cryptographic primitives should not be used in end applications, they are better
used as part of a higher level cryptographic library.

Installation

fiat-p256 is available on opam and can be install as follows:

opam install fiat-p256

Usage

The entry point to this library is the Fiat_p256 module and the main function is dh which let
you perform a key exchange given your private key scalar and the other party's public key point:

let secret = Fiat_p256.dh ~scalar ~point

Note that the point values built or parsed using Fiat_p256's interface are checked
according to NIST's
Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography
section 5.6.2.3.2 so that you shouldn't be able to provide an invalid point or the point at
infinity to the functions exposed in this module.

You can also compute the public P-256 key corresponding to your private key scalar using the public
function:

let public_key = Fiat_p256.public ~scalar

Note that the scalar values parsed using Fiat_p256's interface must be within P-256's generator
subgroup order range so that your public key can't be the point at infinity. Any scalar not in the
range [1 - (n-1)], n being the group order, will be rejected.

Install
Published
03 Nov 2020
Sources
fiat-p256-v0.2.3.tbz
sha256=c20d1b1395f59b111ca6a75c55b4edfb864215daf7484910bc89c2953474b0e0
sha512=9d679c865820294e87f479a2e46aa6278b5e9e1106776067ce0e71e4263850d4d07b38b7da65c49c4a5f4cedd74af92fcb3f3188065b12b58041a4729b296652
Dependencies
yojson
with-test & >= "1.6.0"
stdlib-shims
with-test
rresult
with-test
eqaf
>= "0.5"
cstruct
>= "3.5.0" & < "6.1.0"
benchmark
with-test
alcotest
with-test & < "1.4.0"
dune
>= "2.6"
Reverse Dependencies
tls
>= "0.12.0" & < "0.13.0"
tls-mirage
>= "0.12.0" & < "0.13.0"