Add support for P-384 and P-521, prepare new version (#61)

* Bump version numbers * Add support for other two NIST curves * Upate package-lock.json * Update wasm-pack
divviup · Jul 11, 2024 · 2780d91 · 2780d91
1 parent c5954a6
commit 2780d91
Show file tree

Hide file tree

Showing 7 changed files with 130 additions and 57 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "hpke-dispatch"
-version = "0.6.0"
+version = "0.7.0"
 edition = "2021"
 description = "runtime algorithmic selection for hybrid public key encryption"
 license = "MPL-2.0"
@@ -24,8 +24,10 @@ kdf-all = ["kdf-sha256", "kdf-sha384", "kdf-sha512"]
 kdf-sha256 = []
 kdf-sha384 = []
 kdf-sha512 = []
-kem-all = ["kem-dh-p256-hkdf-sha256", "kem-x25519-hkdf-sha256"]
+kem-all = ["kem-dh-p256-hkdf-sha256", "kem-dh-p384-hkdf-sha384", "kem-dh-p521-hkdf-sha512", "kem-x25519-hkdf-sha256"]
 kem-dh-p256-hkdf-sha256 = ["hpke/p256"]
+kem-dh-p384-hkdf-sha384 = ["hpke/p384"]
+kem-dh-p521-hkdf-sha512 = ["hpke/p521"]
 kem-x25519-hkdf-sha256 = ["hpke/x25519"]
 
 [dependencies]

diff --git a/README.md b/README.md
@@ -57,7 +57,8 @@ from rust, even when opting out of `algo-all`.
 * *kdf-all*: Enables `kdf-sha256`, `kdf-sha384`, `kdf-sha512`
   algorithm features. Enabled by default.
 
-* *kem-all*: Enables both `kem-dh-p256-hkdf-sha256` and
+* *kem-all*: Enables `kem-dh-p256-hkdf-sha256`,
+ `kem-dh-p384-hkdf-sha384`, `kem-dh-p521-hkdf-sha512`, and
  `kem-x25519-hkdf-sha256` algorithm features. Enabled by default.
 
 * *serde*: enables derived serde serialization and deserialization for

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "hpke",
   "description": "hybrid public key encryption",
-  "version": "0.5.1",
+  "version": "0.7.0",
   "license": "MPL-2.0",
   "repository": {
     "type": "git",
@@ -35,6 +35,6 @@
     "prettier": "^2.7.1",
     "ts-mocha": "^10.0.0",
     "typescript": "^4.7.4",
-    "wasm-pack": "^0.10.3"
+    "wasm-pack": "^0.13.0"
   }
 }
diff --git a/src/kem.rs b/src/kem.rs
@@ -7,7 +7,7 @@ use wasm_bindgen::prelude::*;
 
 /**
 Kem represents an asymmetric key encapsulation mechanism, as per
-[RFC9180§7.1][section-7.1]. Currently only two of options listed in
+[RFC9180§7.1][section-7.1]. Currently only four of the options listed in
 the hpke draft are available.
 
 [section-7.1]: https://www.rfc-editor.org/rfc/rfc9180.html#section-7.1
@@ -27,6 +27,14 @@ pub enum Kem {
     #[cfg(feature = "kem-dh-p256-hkdf-sha256")]
     DhP256HkdfSha256 = 16,
 
+    /// DHKEM(P-384, HKDF-SHA384) [NISTCurves](https://doi.org/10.6028/nist.fips.186-4)
+    #[cfg(feature = "kem-dh-p384-hkdf-sha384")]
+    DhP384HkdfSha384 = 17,
+
+    /// DHKEM(P-521, HKDF-SHA512) [NISTCurves](https://doi.org/10.6028/nist.fips.186-4)
+    #[cfg(feature = "kem-dh-p521-hkdf-sha512")]
+    DhP521HkdfSha512 = 18,
+
     /// DHKEM(X25519, HKDF-SHA256) [RFC7748](https://www.rfc-editor.org/info/rfc7748)
     #[cfg(feature = "kem-x25519-hkdf-sha256")]
     X25519HkdfSha256 = 32,
@@ -41,6 +49,14 @@ impl FromStr for Kem {
             "p256sha256" | "dhkemp256hkdfsha256" | "p256hkdfsha256" | "dhkem(p256, hkdfsha256)" => {
                 Ok(Self::DhP256HkdfSha256)
             }
+            #[cfg(feature = "kem-dh-p384-hkdf-sha384")]
+            "p384sha384" | "dhkemp384hkdfsha384" | "p384hkdfsha384" | "dhkem(p384, hkdfsha384)" => {
+                Ok(Self::DhP384HkdfSha384)
+            }
+            #[cfg(feature = "kem-dh-p521-hkdf-sha512")]
+            "p521sha512" | "dhkemp521hkdfsha512" | "p521hkdfsha512" | "dhkem(p521, hkdfsha512)" => {
+                Ok(Self::DhP521HkdfSha512)
+            }
             #[cfg(feature = "kem-x25519-hkdf-sha256")]
             "x25519sha256"
             | "dhkemx25519hkdfsha256"
@@ -63,6 +79,10 @@ impl Kem {
 pub const KEM_ALL: &[Kem] = &[
     #[cfg(feature = "kem-dh-p256-hkdf-sha256")]
     Kem::DhP256HkdfSha256,
+    #[cfg(feature = "kem-dh-p384-hkdf-sha384")]
+    Kem::DhP384HkdfSha384,
+    #[cfg(feature = "kem-dh-p521-hkdf-sha512")]
+    Kem::DhP521HkdfSha512,
     #[cfg(feature = "kem-x25519-hkdf-sha256")]
     Kem::X25519HkdfSha256,
 ];
diff --git a/src/keypair.rs b/src/keypair.rs
@@ -40,6 +40,12 @@ pub fn gen_keypair(kem: Kem) -> Keypair {
         #[cfg(feature = "kem-dh-p256-hkdf-sha256")]
         Kem::DhP256HkdfSha256 => gen_kp::<hpke::kem::DhP256HkdfSha256>(),
 
+        #[cfg(feature = "kem-dh-p384-hkdf-sha384")]
+        Kem::DhP384HkdfSha384 => gen_kp::<hpke::kem::DhP384HkdfSha384>(),
+
+        #[cfg(feature = "kem-dh-p521-hkdf-sha512")]
+        Kem::DhP521HkdfSha512 => gen_kp::<hpke::kem::DhP521HkdfSha512>(),
+
         #[cfg(feature = "kem-x25519-hkdf-sha256")]
         Kem::X25519HkdfSha256 => gen_kp::<hpke::kem::X25519HkdfSha256>(),
     }