feat: v1.13.5

src/ecdhutil.rs

@@ -2,8 +2,7 @@
 macro_rules! piv_ecdh {
     ($p_algo: tt, $public_key_pem_opt: expr, $sub_arg_matches: expr, $json: expr, $json_output: expr) => ({
         use $p_algo::elliptic_curve::sec1::{FromEncodedPoint, ToEncodedPoint};
-        use $p_algo::ecdh::EphemeralSecret;
-        use $p_algo::{EncodedPoint, PublicKey};
+        use $p_algo::{EncodedPoint, PublicKey, ecdh::EphemeralSecret};
         let public_key;
         if let Some(public_key_pem) = $public_key_pem_opt {
             public_key = opt_result!(public_key_pem.parse::<PublicKey>(), "Parse public key failed: {}");
@@ -35,4 +34,30 @@ macro_rules! piv_ecdh {
     })
 }
 
+macro_rules! parse_private_and_ecdh {
+    ($algo: tt, $private_key_bytes: tt, $ephemeral_public_key_bytes: tt) => ({
+        use $algo::{SecretKey, PublicKey, ecdh::diffie_hellman, pkcs8::DecodePrivateKey};
+        use spki::DecodePublicKey;
+        let secret_key= SecretKey::from_pkcs8_der($private_key_bytes)?;
+        let public_key = opt_result!(PublicKey::from_public_key_der(
+                $ephemeral_public_key_bytes),"Parse ephemeral public key failed: {}");
+
+        let shared_secret = diffie_hellman(secret_key.to_nonzero_scalar(), public_key.as_affine());
+        Ok(shared_secret.raw_secret_bytes().to_vec())
+    })
+}
+
+pub fn parse_p256_private_and_ecdh(private_key_bytes: &[u8], ephemeral_public_key_bytes: &[u8]) -> XResult<Vec<u8>> {
+    parse_private_and_ecdh!(p256, private_key_bytes, ephemeral_public_key_bytes)
+}
+
+pub fn parse_p384_private_and_ecdh(private_key_bytes: &[u8], ephemeral_public_key_bytes: &[u8]) -> XResult<Vec<u8>> {
+    parse_private_and_ecdh!(p384, private_key_bytes, ephemeral_public_key_bytes)
+}
+
+pub fn parse_p521_private_and_ecdh(private_key_bytes: &[u8], ephemeral_public_key_bytes: &[u8]) -> XResult<Vec<u8>> {
+    parse_private_and_ecdh!(p521, private_key_bytes, ephemeral_public_key_bytes)
+}
+
+use rust_util::XResult;
 pub(crate) use piv_ecdh;