Merge pull request #244 from hannesm/ecdh-secret-to-octets

hannesm · web-flow · commit 5c4bdb6d9f43 · 2024-08-20T12:52:53.000+02:00
mirage-crypto-ec: provide Dh.secret_to_octets
diff --git a/ec/mirage_crypto_ec.ml b/ec/mirage_crypto_ec.ml
@@ -38,6 +38,7 @@ module type Dh = sig
   type secret
   val secret_of_octets : ?compress:bool -> string ->
     (secret * string, error) result
+  val secret_to_octets : secret -> string
   val gen_key : ?compress:bool -> ?g:Mirage_crypto_rng.g -> unit ->
     secret * string
   val key_exchange : secret -> string -> (string, error) result
@@ -505,6 +506,9 @@ module Make_dh (Param : Parameters) (P : Point) (S : Scalar) : Dh = struct
     | Ok p -> Ok (p, share ?compress p)
     | Error _ as e -> e
 
+  let secret_to_octets s =
+    S.to_octets s
+
   let rec generate_private_key ?g () =
     let candidate = Mirage_crypto_rng.generate ?g Param.byte_length in
     match S.of_octets candidate with
@@ -953,6 +957,8 @@ module X25519 = struct
     else
       Error `Invalid_length
 
+  let secret_to_octets s = s
+
   let is_zero =
     let zero = String.make key_len '\000' in
     fun buf -> String.equal zero buf
diff --git a/ec/mirage_crypto_ec.mli b/ec/mirage_crypto_ec.mli
@@ -38,6 +38,10 @@ module type Dh = sig
       the shared part will be compressed. May result in an error if the buffer
       had an invalid length or was not in bounds. *)
 
+  val secret_to_octets : secret -> string
+  (** [secret_to_octets secret] encodes the provided secret into a freshly
+      allocated buffer. *)
+
   val gen_key : ?compress:bool -> ?g:Mirage_crypto_rng.g -> unit ->
     secret * string
   (** [gen_key ~compress ~g ()] generates a private and a public key for
