k256/
lib.rs

1#![no_std]
2#![cfg_attr(docsrs, feature(doc_auto_cfg))]
3#![doc = include_str!("../README.md")]
4#![doc(
5    html_logo_url = "https://raw.githubusercontent.com/RustCrypto/meta/master/logo.svg",
6    html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/meta/master/logo.svg"
7)]
8#![allow(clippy::needless_range_loop)]
9#![forbid(unsafe_code)]
10#![warn(
11    clippy::mod_module_files,
12    clippy::unwrap_used,
13    missing_docs,
14    rust_2018_idioms,
15    unused_lifetimes,
16    unused_qualifications
17)]
18
19//! ## `serde` support
20//!
21//! When the `serde` feature of this crate is enabled, `Serialize` and
22//! `Deserialize` are impl'd for the following types:
23//!
24//! - [`AffinePoint`]
25//! - [`Scalar`]
26//! - [`ecdsa::VerifyingKey`]
27//!
28//! Please see type-specific documentation for more information.
29
30#[cfg(feature = "alloc")]
31#[allow(unused_imports)]
32#[macro_use]
33extern crate alloc;
34
35#[cfg(feature = "arithmetic")]
36mod arithmetic;
37
38#[cfg(feature = "ecdh")]
39pub mod ecdh;
40
41#[cfg(feature = "ecdsa-core")]
42pub mod ecdsa;
43
44#[cfg(feature = "schnorr")]
45pub mod schnorr;
46
47#[cfg(any(feature = "test-vectors", test))]
48pub mod test_vectors;
49
50pub use elliptic_curve::{self, bigint::U256};
51
52#[cfg(feature = "arithmetic")]
53pub use arithmetic::{affine::AffinePoint, projective::ProjectivePoint, scalar::Scalar};
54
55#[cfg(feature = "expose-field")]
56pub use arithmetic::FieldElement;
57
58#[cfg(feature = "pkcs8")]
59pub use elliptic_curve::pkcs8;
60
61#[cfg(feature = "sha2")]
62pub use sha2;
63
64use elliptic_curve::{
65    bigint::ArrayEncoding,
66    consts::{U32, U33, U64},
67    generic_array::GenericArray,
68    FieldBytesEncoding,
69};
70
71/// Order of the secp256k1 elliptic curve in hexadecimal.
72const ORDER_HEX: &str = "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141";
73
74/// Order of the secp256k1 elliptic curve.
75const ORDER: U256 = U256::from_be_hex(ORDER_HEX);
76
77/// secp256k1 (K-256) elliptic curve.
78///
79/// Specified in Certicom's SECG in "SEC 2: Recommended Elliptic Curve Domain Parameters":
80///
81/// <https://www.secg.org/sec2-v2.pdf>
82///
83/// The curve's equation is `y² = x³ + 7` over a ~256-bit prime field.
84///
85/// It's primarily notable for usage in Bitcoin and other cryptocurrencies,
86/// particularly in conjunction with the Elliptic Curve Digital Signature
87/// Algorithm (ECDSA).
88#[derive(Copy, Clone, Debug, Default, Eq, PartialEq, PartialOrd, Ord)]
89pub struct Secp256k1;
90
91impl elliptic_curve::Curve for Secp256k1 {
92    /// 32-byte serialized field elements.
93    type FieldBytesSize = U32;
94
95    /// 256-bit field modulus.
96    type Uint = U256;
97
98    /// Curve order.
99    const ORDER: U256 = ORDER;
100}
101
102impl elliptic_curve::PrimeCurve for Secp256k1 {}
103
104impl elliptic_curve::point::PointCompression for Secp256k1 {
105    /// secp256k1 points are typically compressed.
106    const COMPRESS_POINTS: bool = true;
107}
108
109#[cfg(feature = "jwk")]
110impl elliptic_curve::JwkParameters for Secp256k1 {
111    const CRV: &'static str = "secp256k1";
112}
113
114#[cfg(feature = "pkcs8")]
115impl pkcs8::AssociatedOid for Secp256k1 {
116    const OID: pkcs8::ObjectIdentifier = pkcs8::ObjectIdentifier::new_unwrap("1.3.132.0.10");
117}
118
119/// Compressed SEC1-encoded secp256k1 (K-256) curve point.
120pub type CompressedPoint = GenericArray<u8, U33>;
121
122/// SEC1-encoded secp256k1 (K-256) curve point.
123pub type EncodedPoint = elliptic_curve::sec1::EncodedPoint<Secp256k1>;
124
125/// secp256k1 (K-256) field element serialized as bytes.
126///
127/// Byte array containing a serialized field element value (base field or scalar).
128pub type FieldBytes = elliptic_curve::FieldBytes<Secp256k1>;
129
130impl FieldBytesEncoding<Secp256k1> for U256 {
131    fn decode_field_bytes(field_bytes: &FieldBytes) -> Self {
132        U256::from_be_byte_array(*field_bytes)
133    }
134
135    fn encode_field_bytes(&self) -> FieldBytes {
136        self.to_be_byte_array()
137    }
138}
139
140/// Bytes used by a wide reduction: twice the width of [`FieldBytes`].
141pub type WideBytes = GenericArray<u8, U64>;
142
143/// Non-zero secp256k1 (K-256) scalar field element.
144#[cfg(feature = "arithmetic")]
145pub type NonZeroScalar = elliptic_curve::NonZeroScalar<Secp256k1>;
146
147/// secp256k1 (K-256) public key.
148#[cfg(feature = "arithmetic")]
149pub type PublicKey = elliptic_curve::PublicKey<Secp256k1>;
150
151/// secp256k1 (K-256) secret key.
152pub type SecretKey = elliptic_curve::SecretKey<Secp256k1>;
153
154#[cfg(not(feature = "arithmetic"))]
155impl elliptic_curve::sec1::ValidatePublicKey for Secp256k1 {}
156
157/// Bit representation of a secp256k1 (K-256) scalar field element.
158#[cfg(feature = "bits")]
159pub type ScalarBits = elliptic_curve::scalar::ScalarBits<Secp256k1>;