RustCrypto · tarcieri · Dec 18, 2021 · Dec 18, 2021
diff --git a/.github/workflows/p384.yml b/.github/workflows/p384.yml
@@ -17,6 +17,7 @@ env:
   RUSTFLAGS: "-Dwarnings"
 
 jobs:
+  # TODO(tarcieri): test arithmetic on 32-bit platforms
   build:
     runs-on: ubuntu-latest
     strategy:

diff --git a/k256/src/arithmetic/scalar.rs b/k256/src/arithmetic/scalar.rs
@@ -60,7 +60,7 @@ const FRAC_MODULUS_2: U256 = ORDER.shr_vartime(1);
 /// - [`PrimeField`](https://docs.rs/ff/latest/ff/trait.PrimeField.html) -
 ///   represents elements of prime fields and provides:
 ///   - `from_repr`/`to_repr` for converting field elements from/to big integers.
-///   - `char_le_bits`, `multiplicative_generator`, `root_of_unity` constants.
+///   - `multiplicative_generator` and `root_of_unity` constants.
 /// - [`PrimeFieldBits`](https://docs.rs/ff/latest/ff/trait.PrimeFieldBits.html) -
 ///   operations over field elements represented as bits (requires `bits` feature)
 ///

diff --git a/p256/src/arithmetic/scalar.rs b/p256/src/arithmetic/scalar.rs
@@ -70,7 +70,7 @@ impl ScalarArithmetic for NistP256 {
 /// - [`PrimeField`](https://docs.rs/ff/0.9.0/ff/trait.PrimeField.html) -
 ///   represents elements of prime fields and provides:
 ///   - `from_repr`/`to_repr` for converting field elements from/to big integers.
-///   - `char_le_bits`, `multiplicative_generator`, `root_of_unity` constants.
+///   - `multiplicative_generator` and `root_of_unity` constants.
 /// - [`PrimeFieldBits`](https://docs.rs/ff/latest/ff/trait.PrimeFieldBits.html) -
 ///   operations over field elements represented as bits (requires `bits` feature)
 ///

diff --git a/p384/Cargo.toml b/p384/Cargo.toml
@@ -19,7 +19,8 @@ sec1 = { version = "0.2", default-features = false }
 sha2 = { version = "0.9", optional = true, default-features = false }
 
 [features]
-default = ["pkcs8", "std"]
+default = ["arithmetic", "pkcs8", "std"]
+arithmetic = ["elliptic-curve/arithmetic"]
 jwk = ["elliptic-curve/jwk"]
 pem = ["elliptic-curve/pem", "pkcs8"]
 pkcs8 = ["elliptic-curve/pkcs8"]

diff --git a/p384/src/lib.rs b/p384/src/lib.rs
@@ -13,12 +13,22 @@
 #[cfg_attr(docsrs, doc(cfg(feature = "ecdsa")))]
 pub mod ecdsa;
 
+#[cfg(feature = "arithmetic")]
+mod scalar;
+
 pub use elliptic_curve;
 
 #[cfg(feature = "pkcs8")]
 pub use elliptic_curve::pkcs8;
 
-use elliptic_curve::bigint::U384;
+#[cfg(feature = "arithmetic")]
+pub use crate::scalar::Scalar;
+
+pub use elliptic_curve::bigint::U384;
+
+/// Curve order.
+pub const ORDER: U384 =
+    U384::from_be_hex("ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973");
 
 /// NIST P-384 elliptic curve.
 ///
@@ -48,8 +58,7 @@ impl elliptic_curve::Curve for NistP384 {
     type UInt = U384;
 
     /// Curve order
-    const ORDER: U384 =
-        U384::from_be_hex("ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973");
+    const ORDER: U384 = ORDER;
 }
 
 impl elliptic_curve::PrimeCurve for NistP384 {}
@@ -77,6 +86,11 @@ pub type FieldBytes = elliptic_curve::FieldBytes<NistP384>;
 /// NIST P-384 SEC1 encoded point.
 pub type EncodedPoint = elliptic_curve::sec1::EncodedPoint<NistP384>;
 
+/// NIST P-384 scalar core type.
+///
+/// This is always available regardless of if the `arithmetic` feature is enabled.
+pub type ScalarCore = elliptic_curve::ScalarCore<NistP384>;
+
 /// NIST P-384 secret key.
 pub type SecretKey = elliptic_curve::SecretKey<NistP384>;