-
-
Notifications
You must be signed in to change notification settings - Fork 23
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
12 changed files
with
424 additions
and
300 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,13 @@ | ||
[package] | ||
name = "ecies" | ||
version = "0.2.6" | ||
version = "0.2.7" | ||
# docs | ||
authors = ["Weiliang Li <[email protected]>"] | ||
description = "Elliptic Curve Integrated Encryption Scheme for secp256k1 in Rust" | ||
description = "Elliptic Curve Integrated Encryption Scheme for secp256k1/curve25519" | ||
edition = "2021" | ||
keywords = [ | ||
"secp256k1", | ||
"curve25519", | ||
"crypto", | ||
"ecc", | ||
"ecies", | ||
|
@@ -21,11 +22,14 @@ repository = "https://github.com/ecies/rs" | |
|
||
[dependencies] | ||
hkdf = {version = "0.12.3", default-features = false} | ||
libsecp256k1 = {version = "0.7.1", default-features = false, features = ["static-context"]} | ||
sha2 = {version = "0.10.7", default-features = false} | ||
|
||
# elliptic curves | ||
libsecp256k1 = {version = "0.7.1", default-features = false, features = ["static-context"], optional = true} | ||
x25519-dalek = {version = "2.0.0", default-features = false, features = ["static_secrets"], optional = true} | ||
|
||
# openssl aes | ||
openssl = {version = "0.10.56", default-features = false, optional = true} | ||
openssl = {version = "0.10.57", default-features = false, optional = true} | ||
|
||
# pure rust aes | ||
aes-gcm = {version = "0.10.2", default-features = false, optional = true} | ||
|
@@ -45,22 +49,29 @@ parking_lot = "0.12.1" | |
[target.'cfg(all(target_arch = "wasm32", target_os="unknown"))'.dependencies] | ||
# only for js (browser or node). if it's not js, like substrate, it won't build | ||
getrandom = {version = "0.2.10", default-features = false, features = ["js"]} | ||
once_cell = {version = "1.18.0", default-features = false, features = ["std"]} | ||
wasm-bindgen = {version = "0.2.87", default-features = false} | ||
|
||
[target.'cfg(all(target_arch = "wasm32", not(target_os="unknown")))'.dependencies] | ||
# allows wasm32-wasi to build | ||
once_cell = {version = "1.18.0", default-features = false, features = ["std"]} | ||
|
||
[features] | ||
default = ["openssl"] | ||
std = ["hkdf/std", "sha2/std", "once_cell/std"] | ||
|
||
default = ["openssl"] | ||
# curve | ||
secp256k1 = ["libsecp256k1"] | ||
x25519 = ["x25519-dalek"] | ||
|
||
aes-12bytes-nonce = [] # with feature "openssl" or "pure". default: 16 bytes | ||
pure = ["aes-gcm/aes", "typenum"] | ||
xchacha20 = ["chacha20poly1305"] | ||
# cipher | ||
aes-12bytes-nonce = ["secp256k1"] # with feature "openssl" or "pure". default: 16 bytes | ||
openssl = ["dep:openssl", "secp256k1"] | ||
pure = ["aes-gcm/aes", "typenum", "secp256k1"] | ||
xchacha20 = ["chacha20poly1305", "secp256k1"] | ||
|
||
[dev-dependencies] | ||
clap = "=4.3.24" | ||
criterion = {version = "0.5.1", default-features = false} | ||
hex = {version = "0.4.3", default-features = false, features = ["alloc"]} | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
use hkdf::Hkdf; | ||
use sha2::Sha256; | ||
|
||
use crate::compat::Vec; | ||
use crate::consts::{SharedSecret, EMPTY_BYTES}; | ||
|
||
#[cfg(not(feature = "x25519"))] | ||
mod secp256k1; | ||
#[cfg(not(feature = "x25519"))] | ||
pub use secp256k1::{decapsulate, encapsulate, generate_keypair}; | ||
#[cfg(not(feature = "x25519"))] | ||
pub(crate) use secp256k1::{parse_pk, parse_sk, pk_to_vec, Error}; | ||
|
||
#[cfg(feature = "x25519")] | ||
mod x25519; | ||
#[cfg(feature = "x25519")] | ||
pub use x25519::{decapsulate, encapsulate, generate_keypair}; | ||
#[cfg(feature = "x25519")] | ||
pub(crate) use x25519::{parse_pk, parse_sk, pk_to_vec, Error}; | ||
|
||
fn hkdf_derive(sender_point: &[u8], shared_point: &[u8]) -> SharedSecret { | ||
let size = sender_point.len() + shared_point.len(); | ||
let mut master = Vec::with_capacity(size); | ||
master.extend(sender_point); | ||
master.extend(shared_point); | ||
hkdf_sha256(&master) | ||
} | ||
|
||
fn hkdf_sha256(master: &[u8]) -> SharedSecret { | ||
let h = Hkdf::<Sha256>::new(None, master); | ||
let mut out = [0u8; 32]; | ||
// never fails because 32 < 255 * chunk_len, which is 32 on SHA256 | ||
h.expand(&EMPTY_BYTES, &mut out).unwrap(); | ||
out | ||
} | ||
|
||
#[cfg(test)] | ||
mod tests { | ||
use super::hkdf_sha256; | ||
|
||
use crate::utils::tests::decode_hex; | ||
|
||
#[test] | ||
fn test_known_hkdf_vector() { | ||
assert_eq!( | ||
hkdf_sha256(b"secret").to_vec(), | ||
decode_hex("2f34e5ff91ec85d53ca9b543683174d0cf550b60d5f52b24c97b386cfcf6cbbf") | ||
); | ||
} | ||
} |
Oops, something went wrong.