xref: /freebsd/crypto/libecc/include/libecc/curves/known/ec_params_brainpoolp224r1.h (revision f0865ec9906d5a18fa2a3b61381f22ce16e606ad) 
1 /*
2  *  Copyright (C) 2017 - This file is part of libecc project
3  *
4  *  Authors:
5  *      Ryad BENADJILA <ryadbenadjila@gmail.com>
6  *      Arnaud EBALARD <arnaud.ebalard@ssi.gouv.fr>
7  *      Jean-Pierre FLORI <jean-pierre.flori@ssi.gouv.fr>
8  *
9  *  Contributors:
10  *      Nicolas VIVET <nicolas.vivet@ssi.gouv.fr>
11  *      Karim KHALFALLAH <karim.khalfallah@ssi.gouv.fr>
12  *
13  *  This software is licensed under a dual BSD and GPL v2 license.
14  *  See LICENSE file at the root folder of the project.
15  */
16 #include <libecc/lib_ecc_config.h>
17 #ifdef WITH_CURVE_BRAINPOOLP224R1
18 
19 #ifndef __EC_PARAMS_BRAINPOOLP224R1_H__
20 #define __EC_PARAMS_BRAINPOOLP224R1_H__
21 #include "ec_params_external.h"
22 
23 static const u8 brainpoolp224r1_p[] = {
24 	0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86,
25 	0x2A, 0x18, 0x30, 0x25, 0x75, 0xD1, 0xD7, 0x87,
26 	0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5,
27 	0x7E, 0xC8, 0xC0, 0xFF
28 };
29 
30 TO_EC_STR_PARAM(brainpoolp224r1_p);
31 
32 #define CURVE_BRAINPOOLP224R1_P_BITLEN 224
33 static const u8 brainpoolp224r1_p_bitlen[] = { 0xE0 };
34 
35 TO_EC_STR_PARAM(brainpoolp224r1_p_bitlen);
36 
37 #if (WORD_BYTES == 8)		/* 64-bit words */
38 static const u8 brainpoolp224r1_p_normalized[] = {
39 	0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86,
40 	0x2A, 0x18, 0x30, 0x25, 0x75, 0xD1, 0xD7, 0x87,
41 	0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5,
42 	0x7E, 0xC8, 0xC0, 0xFF, 0x00, 0x00, 0x00, 0x00
43 };
44 
45 static const u8 brainpoolp224r1_r[] = {
46 	0x00, 0x00, 0x00, 0x00, 0x79, 0x36, 0x06, 0x11,
47 	0x1c, 0x3f, 0xb2, 0x44, 0x7b, 0x57, 0x6c, 0xf5,
48 	0xa8, 0xe8, 0x42, 0x8f, 0x5c, 0xbf, 0x03, 0x89,
49 	0xd6, 0x82, 0x78, 0x5e, 0x20, 0xb5, 0x62, 0xf7
50 };
51 
52 static const u8 brainpoolp224r1_r_square[] = {
53 	0x00, 0x00, 0x00, 0x00, 0x2b, 0x3d, 0x40, 0xdd,
54 	0x7e, 0xa5, 0x57, 0x7c, 0x77, 0xe3, 0xd7, 0xe4,
55 	0x76, 0xf9, 0xee, 0x46, 0xf6, 0x91, 0xd1, 0x05,
56 	0x3b, 0xfb, 0xc9, 0xbf, 0x6b, 0x3d, 0x58, 0xff
57 };
58 
59 static const u8 brainpoolp224r1_p_shift[] = {
60 	0x20
61 };
62 
63 static const u8 brainpoolp224r1_mpinv[] = {
64 	0xE2, 0x4D, 0x21, 0x6A, 0xE1, 0x49, 0xC1, 0x01
65 };
66 
67 static const u8 brainpoolp224r1_p_reciprocal[] = {
68 	0x2F, 0xC0, 0x99, 0xF7, 0x8F, 0xD2, 0x22, 0x99
69 };
70 #elif (WORD_BYTES == 4)		/* 32-bit words */
71 static const u8 brainpoolp224r1_p_normalized[] = {
72 	0xd7, 0xc1, 0x34, 0xaa, 0x26, 0x43, 0x66, 0x86,
73 	0x2a, 0x18, 0x30, 0x25, 0x75, 0xd1, 0xd7, 0x87,
74 	0xb0, 0x9f, 0x07, 0x57, 0x97, 0xda, 0x89, 0xf5,
75 	0x7e, 0xc8, 0xc0, 0xff
76 };
77 
78 static const u8 brainpoolp224r1_r[] = {
79 	0x28, 0x3e, 0xcb, 0x55, 0xd9, 0xbc, 0x99, 0x79,
80 	0xd5, 0xe7, 0xcf, 0xda, 0x8a, 0x2e, 0x28, 0x78,
81 	0x4f, 0x60, 0xf8, 0xa8, 0x68, 0x25, 0x76, 0x0a,
82 	0x81, 0x37, 0x3f, 0x01
83 };
84 
85 static const u8 brainpoolp224r1_r_square[] = {
86 	0x05, 0x78, 0xfd, 0x59, 0x2e, 0x6a, 0x6c, 0xe4,
87 	0x3f, 0xe8, 0xa2, 0xaa, 0x96, 0xaf, 0x77, 0x4c,
88 	0x43, 0xc2, 0x0e, 0x72, 0x78, 0x67, 0xca, 0x80,
89 	0x64, 0xdc, 0xd0, 0x4f
90 };
91 
92 static const u8 brainpoolp224r1_p_shift[] = {
93 	0x00
94 };
95 
96 static const u8 brainpoolp224r1_mpinv[] = {
97 	0xE1, 0x49, 0xC1, 0x01
98 };
99 
100 static const u8 brainpoolp224r1_p_reciprocal[] = {
101 	0x2F, 0xC0, 0x99, 0xF7
102 };
103 #elif (WORD_BYTES == 2)		/* 16-bit words */
104 static const u8 brainpoolp224r1_p_normalized[] = {
105 	0xd7, 0xc1, 0x34, 0xaa, 0x26, 0x43, 0x66, 0x86,
106 	0x2a, 0x18, 0x30, 0x25, 0x75, 0xd1, 0xd7, 0x87,
107 	0xb0, 0x9f, 0x07, 0x57, 0x97, 0xda, 0x89, 0xf5,
108 	0x7e, 0xc8, 0xc0, 0xff
109 };
110 
111 static const u8 brainpoolp224r1_r[] = {
112 	0x28, 0x3e, 0xcb, 0x55, 0xd9, 0xbc, 0x99, 0x79,
113 	0xd5, 0xe7, 0xcf, 0xda, 0x8a, 0x2e, 0x28, 0x78,
114 	0x4f, 0x60, 0xf8, 0xa8, 0x68, 0x25, 0x76, 0x0a,
115 	0x81, 0x37, 0x3f, 0x01
116 };
117 
118 static const u8 brainpoolp224r1_r_square[] = {
119 	0x05, 0x78, 0xfd, 0x59, 0x2e, 0x6a, 0x6c, 0xe4,
120 	0x3f, 0xe8, 0xa2, 0xaa, 0x96, 0xaf, 0x77, 0x4c,
121 	0x43, 0xc2, 0x0e, 0x72, 0x78, 0x67, 0xca, 0x80,
122 	0x64, 0xdc, 0xd0, 0x4f
123 };
124 
125 static const u8 brainpoolp224r1_p_shift[] = {
126 	0x00
127 };
128 
129 static const u8 brainpoolp224r1_mpinv[] = {
130 	0xC1, 0x01
131 };
132 
133 static const u8 brainpoolp224r1_p_reciprocal[] = {
134 	0x2F, 0xC0
135 };
136 #else /* unknown word size */
137 #error "Unsupported word size"
138 #endif
139 TO_EC_STR_PARAM(brainpoolp224r1_p_normalized);
140 TO_EC_STR_PARAM(brainpoolp224r1_p_shift);
141 TO_EC_STR_PARAM(brainpoolp224r1_r);
142 TO_EC_STR_PARAM(brainpoolp224r1_r_square);
143 TO_EC_STR_PARAM(brainpoolp224r1_mpinv);
144 TO_EC_STR_PARAM(brainpoolp224r1_p_reciprocal);
145 
146 static const u8 brainpoolp224r1_a[] = {
147 	0x68, 0xA5, 0xE6, 0x2C, 0xA9, 0xCE, 0x6C, 0x1C,
148 	0x29, 0x98, 0x03, 0xA6, 0xC1, 0x53, 0x0B, 0x51,
149 	0x4E, 0x18, 0x2A, 0xD8, 0xB0, 0x04, 0x2A, 0x59,
150 	0xCA, 0xD2, 0x9F, 0x43
151 };
152 
153 TO_EC_STR_PARAM(brainpoolp224r1_a);
154 
155 static const u8 brainpoolp224r1_b[] = {
156 	0x25, 0x80, 0xF6, 0x3C, 0xCF, 0xE4, 0x41, 0x38,
157 	0x87, 0x07, 0x13, 0xB1, 0xA9, 0x23, 0x69, 0xE3,
158 	0x3E, 0x21, 0x35, 0xD2, 0x66, 0xDB, 0xB3, 0x72,
159 	0x38, 0x6C, 0x40, 0x0B
160 };
161 
162 TO_EC_STR_PARAM(brainpoolp224r1_b);
163 
164 static const u8 brainpoolp224r1_curve_order[] = {
165 	0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86,
166 	0x2A, 0x18, 0x30, 0x25, 0x75, 0xD0, 0xFB, 0x98,
167 	0xD1, 0x16, 0xBC, 0x4B, 0x6D, 0xDE, 0xBC, 0xA3,
168 	0xA5, 0xA7, 0x93, 0x9F
169 };
170 
171 TO_EC_STR_PARAM(brainpoolp224r1_curve_order);
172 
173 static const u8 brainpoolp224r1_gx[] = {
174 	0x0D, 0x90, 0x29, 0xAD, 0x2C, 0x7E, 0x5C, 0xF4,
175 	0x34, 0x08, 0x23, 0xB2, 0xA8, 0x7D, 0xC6, 0x8C,
176 	0x9E, 0x4C, 0xE3, 0x17, 0x4C, 0x1E, 0x6E, 0xFD,
177 	0xEE, 0x12, 0xC0, 0x7D
178 };
179 
180 TO_EC_STR_PARAM(brainpoolp224r1_gx);
181 
182 static const u8 brainpoolp224r1_gy[] = {
183 	0x58, 0xAA, 0x56, 0xF7, 0x72, 0xC0, 0x72, 0x6F,
184 	0x24, 0xC6, 0xB8, 0x9E, 0x4E, 0xCD, 0xAC, 0x24,
185 	0x35, 0x4B, 0x9E, 0x99, 0xCA, 0xA3, 0xF6, 0xD3,
186 	0x76, 0x14, 0x02, 0xCD
187 };
188 
189 TO_EC_STR_PARAM(brainpoolp224r1_gy);
190 
191 static const u8 brainpoolp224r1_gz[] = {
192 	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
193 	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
194 	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
195 	0x00, 0x00, 0x00, 0x01
196 };
197 
198 TO_EC_STR_PARAM(brainpoolp224r1_gz);
199 
200 #define CURVE_BRAINPOOLP224R1_CURVE_ORDER_BITLEN 224
201 static const u8 brainpoolp224r1_gen_order[] = {
202 	0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86,
203 	0x2A, 0x18, 0x30, 0x25, 0x75, 0xD0, 0xFB, 0x98,
204 	0xD1, 0x16, 0xBC, 0x4B, 0x6D, 0xDE, 0xBC, 0xA3,
205 	0xA5, 0xA7, 0x93, 0x9F
206 };
207 
208 TO_EC_STR_PARAM(brainpoolp224r1_gen_order);
209 
210 #define CURVE_BRAINPOOLP224R1_Q_BITLEN 224
211 static const u8 brainpoolp224r1_gen_order_bitlen[] = { 0xE0 };
212 
213 TO_EC_STR_PARAM(brainpoolp224r1_gen_order_bitlen);
214 
215 static const u8 brainpoolp224r1_cofactor[] = { 0x01 };
216 
217 TO_EC_STR_PARAM(brainpoolp224r1_cofactor);
218 
219 static const u8 brainpoolp224r1_alpha_montgomery[] = {
220 	0x00,
221 };
222 
223 TO_EC_STR_PARAM_FIXED_SIZE(brainpoolp224r1_alpha_montgomery, 0);
224 
225 static const u8 brainpoolp224r1_gamma_montgomery[] = {
226 	0x00,
227 };
228 
229 TO_EC_STR_PARAM_FIXED_SIZE(brainpoolp224r1_gamma_montgomery, 0);
230 
231 static const u8 brainpoolp224r1_alpha_edwards[] = {
232 	0x00,
233 };
234 
235 TO_EC_STR_PARAM_FIXED_SIZE(brainpoolp224r1_alpha_edwards, 0);
236 
237 static const u8 brainpoolp224r1_oid[] = "1.3.36.3.3.2.8.1.1.5";
238 TO_EC_STR_PARAM(brainpoolp224r1_oid);
239 
240 static const u8 brainpoolp224r1_name[] = "BRAINPOOLP224R1";
241 TO_EC_STR_PARAM(brainpoolp224r1_name);
242 
243 static const ec_str_params brainpoolp224r1_str_params = {
244 	.p = &brainpoolp224r1_p_str_param,
245 	.p_bitlen = &brainpoolp224r1_p_bitlen_str_param,
246 	.r = &brainpoolp224r1_r_str_param,
247 	.r_square = &brainpoolp224r1_r_square_str_param,
248 	.mpinv = &brainpoolp224r1_mpinv_str_param,
249 	.p_shift = &brainpoolp224r1_p_shift_str_param,
250 	.p_normalized = &brainpoolp224r1_p_normalized_str_param,
251 	.p_reciprocal = &brainpoolp224r1_p_reciprocal_str_param,
252 	.a = &brainpoolp224r1_a_str_param,
253 	.b = &brainpoolp224r1_b_str_param,
254 	.curve_order = &brainpoolp224r1_curve_order_str_param,
255 	.gx = &brainpoolp224r1_gx_str_param,
256 	.gy = &brainpoolp224r1_gy_str_param,
257 	.gz = &brainpoolp224r1_gz_str_param,
258 	.gen_order = &brainpoolp224r1_gen_order_str_param,
259 	.gen_order_bitlen = &brainpoolp224r1_gen_order_bitlen_str_param,
260 	.cofactor = &brainpoolp224r1_cofactor_str_param,
261 	.alpha_montgomery = &brainpoolp224r1_alpha_montgomery_str_param,
262 	.gamma_montgomery = &brainpoolp224r1_gamma_montgomery_str_param,
263 	.alpha_edwards = &brainpoolp224r1_alpha_edwards_str_param,
264 	.oid = &brainpoolp224r1_oid_str_param,
265 	.name = &brainpoolp224r1_name_str_param,
266 };
267 
268 /*
269  * Compute max bit length of all curves for p and q
270  */
271 #ifndef CURVES_MAX_P_BIT_LEN
272 #define CURVES_MAX_P_BIT_LEN    0
273 #endif
274 #if (CURVES_MAX_P_BIT_LEN < CURVE_BRAINPOOLP224R1_P_BITLEN)
275 #undef CURVES_MAX_P_BIT_LEN
276 #define CURVES_MAX_P_BIT_LEN CURVE_BRAINPOOLP224R1_P_BITLEN
277 #endif
278 #ifndef CURVES_MAX_Q_BIT_LEN
279 #define CURVES_MAX_Q_BIT_LEN    0
280 #endif
281 #if (CURVES_MAX_Q_BIT_LEN < CURVE_BRAINPOOLP224R1_Q_BITLEN)
282 #undef CURVES_MAX_Q_BIT_LEN
283 #define CURVES_MAX_Q_BIT_LEN CURVE_BRAINPOOLP224R1_Q_BITLEN
284 #endif
285 #ifndef CURVES_MAX_CURVE_ORDER_BIT_LEN
286 #define CURVES_MAX_CURVE_ORDER_BIT_LEN    0
287 #endif
288 #if (CURVES_MAX_CURVE_ORDER_BIT_LEN < CURVE_BRAINPOOLP224R1_CURVE_ORDER_BITLEN)
289 #undef CURVES_MAX_CURVE_ORDER_BIT_LEN
290 #define CURVES_MAX_CURVE_ORDER_BIT_LEN CURVE_BRAINPOOLP224R1_CURVE_ORDER_BITLEN
291 #endif
292 
293 #endif /* __EC_PARAMS_BRAINPOOLP224R1_H__ */
294 
295 #endif /* WITH_CURVE_BRAINPOOLP224R1 */
296