#### fiat-p256

`fiat-p256`

contains primitives for ECDH key exchange algorithm over NIST curve P-256.

It internally uses bindings to C code generated using the correct-by-construction implementations from

fiat-crypto.

Please be aware that cryptographic primitives should not be used in end applications, they are better

used as part of a higher level cryptographic library.

### Installation

`fiat-p256`

is available on opam and can be install as follows:

```
opam install fiat-p256
```

### Usage

The entry point to this library is the `Fiat_p256`

module and the main function is `dh`

which let

you perform a key exchange given your private key `scalar`

and the other party's public key `point`

:

```
let secret = Fiat_p256.dh ~scalar ~point
```

Note that the `point`

values built or parsed using `Fiat_p256`

's interface are checked

according to NIST's

Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography

section *5.6.2.3.2* so that you shouldn't be able to provide an invalid point or the point at

infinity to the functions exposed in this module.

You can also compute the public P-256 key corresponding to your private key `scalar`

using the `public`

function:

```
let public_key = Fiat_p256.public ~scalar
```

Note that the `scalar`

values parsed using `Fiat_p256`

's interface must be within P-256's generator

subgroup order range so that your public key can't be the point at infinity. Any scalar not in the

range `[1 - (n-1)]`

, `n`

being the group order, will be rejected.

sha256=b2854ca46b2522248521440dcd5b17accfc8d3bfc754ff0f7e907ba40f513a30

sha512=47a1b5583b614069c278e6f6253cb9d873b3f100060708b178cce0d617398ee317cd0aa1c2ac49d748b452f8ab92004256820201729fa391c6c0a33f840d04f5

with-test & >= "1.6.0"

with-test

with-test

>= "1.6.0"

>= "3.5.0" & < "6.1.0"

with-test

with-test

with-test & < "1.4.0"

< "5.0"

>= "0.12.0" & < "0.13.0"