#crypto #ecc #nist #prime256v1 #secp256r1

no-std p256

Pure Rust implementation of the NIST P-256 (a.k.a. secp256r1, prime256v1) elliptic curve with support for ECDH, ECDSA signing/verification, and general purpose curve arithmetic

18 releases (8 breaking)

0.9.0 Jun 8, 2021
0.8.0 Apr 29, 2021
0.8.0-pre.1 Mar 22, 2021
0.7.1 Dec 17, 2020
0.0.0 Oct 3, 2018

#222 in Cryptography

Download history 5175/week @ 2021-02-24 6298/week @ 2021-03-03 6119/week @ 2021-03-10 6116/week @ 2021-03-17 8013/week @ 2021-03-24 5799/week @ 2021-03-31 6467/week @ 2021-04-07 9218/week @ 2021-04-14 8612/week @ 2021-04-21 8022/week @ 2021-04-28 7138/week @ 2021-05-05 6938/week @ 2021-05-12 9590/week @ 2021-05-19 6795/week @ 2021-05-26 7379/week @ 2021-06-02 6088/week @ 2021-06-09

31,596 downloads per month
Used in 72 crates (26 directly)

Apache-2.0 OR MIT

145KB
3K SLoC

RustCrypto: NIST P-256 (secp256r1) elliptic curve

crate Docs Apache2/MIT licensed Rust Version Project Chat Build Status

NIST P-256 elliptic curve (a.k.a. prime256v1, secp256r1) types implemented in terms of traits from the elliptic-curve crate.

Optionally includes an arithmetic feature providing scalar and affine/projective point types with support for constant-time scalar multiplication, which can be used to implement protocols such as ECDH.

Documentation

⚠️ Security Warning

The elliptic curve arithmetic contained in this crate has never been independently audited!

This crate has been designed with the goal of ensuring that secret-dependent operations are performed in constant time (using the subtle crate and constant-time formulas). However, it has not been thoroughly assessed to ensure that generated assembly is constant time on common CPU architectures.

USE AT YOUR OWN RISK!

Supported Algorithms

About NIST P-256

NIST P-256 is a Weierstrass curve specified in FIPS 186-4: Digital Signature Standard (DSS):

https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf

Also known as prime256v1 (ANSI X9.62) and secp256r1 (SECG), it's included in the US National Security Agency's "Suite B" and is widely used in protocols like TLS and the associated X.509 PKI.

Minimum Supported Rust Version

Rust 1.47 or higher.

Minimum supported Rust version can be changed in the future, but it will be done with a minor version bump.

SemVer Policy

  • All on-by-default features of this library are covered by SemVer
  • MSRV is considered exempt from SemVer as noted above

License

All crates licensed under either of

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Dependencies

~0.7–1MB
~22K SLoC