[DTLS] Add NamedCurve::P384 (#254)

Author: neonphog

dtls/Cargo.toml

@@ -22,9 +22,10 @@ hkdf = "~0.12.1"
 # required because elliptic-curve requires "3", but "3.0.0" does not compile.
 curve25519-dalek = "3.2"
 p256 = { version = "0.11.1", features = ["default", "ecdh", "ecdsa"] }
-#p384 = "0.4.1"
+p384 = "0.11.2"
 rand = "0.8.5"
 hmac = "0.10.1"
+sec1 = { version = "0.3.0", features = [ "std" ] }
 sha-1 = "0.9.1"
 sha2 = "0.9.1"
 aes = "0.6.0"

dtls/src/curve/named_curve.rs

@@ -3,12 +3,13 @@ use rand_core::OsRng; // requires 'getrandom' feature
 use crate::error::*;
 
 // https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8
+#[repr(u16)]
 #[derive(Copy, Clone, PartialEq, Eq, Debug)]
 pub enum NamedCurve {
+    Unsupported = 0x0000,
     P256 = 0x0017,
     P384 = 0x0018,
     X25519 = 0x001d,
-    Unsupported,
 }
 
 impl From<u16> for NamedCurve {
@@ -24,6 +25,7 @@ impl From<u16> for NamedCurve {
 
 pub(crate) enum NamedCurvePrivateKey {
     EphemeralSecretP256(p256::ecdh::EphemeralSecret),
+    EphemeralSecretP384(p384::ecdh::EphemeralSecret),
     StaticSecretX25519(x25519_dalek::StaticSecret),
 }
 
@@ -43,6 +45,14 @@ fn elliptic_curve_keypair(curve: NamedCurve) -> Result<NamedCurveKeypair> {
                 NamedCurvePrivateKey::EphemeralSecretP256(secret_key),
             )
         }
+        NamedCurve::P384 => {
+            let secret_key = p384::ecdh::EphemeralSecret::random(&mut OsRng);
+            let public_key = p384::EncodedPoint::from(secret_key.public_key());
+            (
+                public_key.as_bytes().to_vec(),
+                NamedCurvePrivateKey::EphemeralSecretP384(secret_key),
+            )
+        }
         NamedCurve::X25519 => {
             let secret_key = x25519_dalek::StaticSecret::new(OsRng);
             let public_key = x25519_dalek::PublicKey::from(&secret_key);
@@ -51,7 +61,6 @@ fn elliptic_curve_keypair(curve: NamedCurve) -> Result<NamedCurveKeypair> {
                 NamedCurvePrivateKey::StaticSecretX25519(secret_key),
             )
         }
-        //TODO: add NamedCurve::p384
         _ => return Err(Error::ErrInvalidNamedCurve),
     };
 
@@ -65,10 +74,9 @@ fn elliptic_curve_keypair(curve: NamedCurve) -> Result<NamedCurveKeypair> {
 impl NamedCurve {
     pub fn generate_keypair(&self) -> Result<NamedCurveKeypair> {
         match *self {
-            //TODO: add P384
             NamedCurve::X25519 => elliptic_curve_keypair(NamedCurve::X25519),
             NamedCurve::P256 => elliptic_curve_keypair(NamedCurve::P256),
-            //NamedCurve::P384 => elliptic_curve_keypair(NamedCurve::P384),
+            NamedCurve::P384 => elliptic_curve_keypair(NamedCurve::P384),
             _ => Err(Error::ErrInvalidNamedCurve),
         }
     }

dtls/src/error.rs

@@ -156,6 +156,8 @@ pub enum Error {
     #[error("utf8: {0}")]
     Utf8(#[from] FromUtf8Error),
     #[error("{0}")]
+    Sec1(#[source] sec1::Error),
+    #[error("{0}")]
     P256(#[source] P256Error),
     #[error("{0}")]
     RcGen(#[from] RcgenError),
@@ -186,6 +188,12 @@ impl From<io::Error> for Error {
     }
 }
 
+impl From<sec1::Error> for Error {
+    fn from(e: sec1::Error) -> Self {
+        Error::Sec1(e)
+    }
+}
+
 #[derive(Debug, Error)]
 #[error("{0}")]
 pub struct P256Error(#[source] p256::elliptic_curve::Error);

dtls/src/prf/mod.rs

@@ -76,6 +76,7 @@ pub(crate) fn prf_pre_master_secret(
 ) -> Result<Vec<u8>> {
     match curve {
         NamedCurve::P256 => elliptic_curve_pre_master_secret(public_key, private_key, curve),
+        NamedCurve::P384 => elliptic_curve_pre_master_secret(public_key, private_key, curve),
         NamedCurve::X25519 => elliptic_curve_pre_master_secret(public_key, private_key, curve),
         _ => Err(Error::ErrInvalidNamedCurve),
     }
@@ -88,13 +89,19 @@ fn elliptic_curve_pre_master_secret(
 ) -> Result<Vec<u8>> {
     match curve {
         NamedCurve::P256 => {
-            let pub_key =
-                p256::EncodedPoint::from_bytes(public_key).map_err(elliptic_curve::Error::from)?;
+            let pub_key = p256::EncodedPoint::from_bytes(public_key)?;
             let public = p256::PublicKey::from_sec1_bytes(pub_key.as_ref())?;
             if let NamedCurvePrivateKey::EphemeralSecretP256(secret) = private_key {
                 return Ok(secret.diffie_hellman(&public).raw_secret_bytes().to_vec());
             }
         }
+        NamedCurve::P384 => {
+            let pub_key = p384::EncodedPoint::from_bytes(public_key)?;
+            let public = p384::PublicKey::from_sec1_bytes(pub_key.as_ref())?;
+            if let NamedCurvePrivateKey::EphemeralSecretP384(secret) = private_key {
+                return Ok(secret.diffie_hellman(&public).raw_secret_bytes().to_vec());
+            }
+        }
         NamedCurve::X25519 => {
             if public_key.len() != 32 {
                 return Err(Error::Other("Public key is not 32 len".into()));