1 #include <libecc/lib_ecc_config.h> 2 #ifdef WITH_CURVE_SECP256K1 3 4 #ifndef __EC_PARAMS_SECP256K1_H__ 5 #define __EC_PARAMS_SECP256K1_H__ 6 #include <libecc/curves/known/ec_params_external.h> 7 static const u8 secp256k1_p[] = { 8 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 9 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 10 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 11 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xfc, 0x2f, 12 }; 13 14 TO_EC_STR_PARAM(secp256k1_p); 15 16 #define CURVE_SECP256K1_P_BITLEN 256 17 static const u8 secp256k1_p_bitlen[] = { 18 0x01, 0x00, 19 }; 20 21 TO_EC_STR_PARAM(secp256k1_p_bitlen); 22 23 #if (WORD_BYTES == 8) /* 64-bit words */ 24 static const u8 secp256k1_r[] = { 25 0x01, 0x00, 0x00, 0x03, 0xd1, 26 }; 27 28 TO_EC_STR_PARAM(secp256k1_r); 29 30 static const u8 secp256k1_r_square[] = { 31 0x01, 0x00, 0x00, 0x07, 0xa2, 0x00, 0x0e, 0x90, 32 0xa1, 33 }; 34 35 TO_EC_STR_PARAM(secp256k1_r_square); 36 37 static const u8 secp256k1_mpinv[] = { 38 0xd8, 0x38, 0x09, 0x1d, 0xd2, 0x25, 0x35, 0x31, 39 }; 40 41 TO_EC_STR_PARAM(secp256k1_mpinv); 42 43 static const u8 secp256k1_p_shift[] = { 44 0x00, 45 }; 46 47 TO_EC_STR_PARAM(secp256k1_p_shift); 48 49 static const u8 secp256k1_p_normalized[] = { 50 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 51 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 52 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 53 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xfc, 0x2f, 54 }; 55 56 TO_EC_STR_PARAM(secp256k1_p_normalized); 57 58 static const u8 secp256k1_p_reciprocal[] = { 59 0x00, 60 }; 61 62 TO_EC_STR_PARAM(secp256k1_p_reciprocal); 63 64 #elif (WORD_BYTES == 4) /* 32-bit words */ 65 static const u8 secp256k1_r[] = { 66 0x01, 0x00, 0x00, 0x03, 0xd1, 67 }; 68 69 TO_EC_STR_PARAM(secp256k1_r); 70 71 static const u8 secp256k1_r_square[] = { 72 0x01, 0x00, 0x00, 0x07, 0xa2, 0x00, 0x0e, 0x90, 73 0xa1, 74 }; 75 76 TO_EC_STR_PARAM(secp256k1_r_square); 77 78 static const u8 secp256k1_mpinv[] = { 79 0xd2, 0x25, 0x35, 0x31, 80 }; 81 82 TO_EC_STR_PARAM(secp256k1_mpinv); 83 84 static const u8 secp256k1_p_shift[] = { 85 0x00, 86 }; 87 88 TO_EC_STR_PARAM(secp256k1_p_shift); 89 90 static const u8 secp256k1_p_normalized[] = { 91 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 92 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 93 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 94 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xfc, 0x2f, 95 }; 96 97 TO_EC_STR_PARAM(secp256k1_p_normalized); 98 99 static const u8 secp256k1_p_reciprocal[] = { 100 0x00, 101 }; 102 103 TO_EC_STR_PARAM(secp256k1_p_reciprocal); 104 105 #elif (WORD_BYTES == 2) /* 16-bit words */ 106 static const u8 secp256k1_r[] = { 107 0x01, 0x00, 0x00, 0x03, 0xd1, 108 }; 109 110 TO_EC_STR_PARAM(secp256k1_r); 111 112 static const u8 secp256k1_r_square[] = { 113 0x01, 0x00, 0x00, 0x07, 0xa2, 0x00, 0x0e, 0x90, 114 0xa1, 115 }; 116 117 TO_EC_STR_PARAM(secp256k1_r_square); 118 119 static const u8 secp256k1_mpinv[] = { 120 0x35, 0x31, 121 }; 122 123 TO_EC_STR_PARAM(secp256k1_mpinv); 124 125 static const u8 secp256k1_p_shift[] = { 126 0x00, 127 }; 128 129 TO_EC_STR_PARAM(secp256k1_p_shift); 130 131 static const u8 secp256k1_p_normalized[] = { 132 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 133 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 134 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 135 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xfc, 0x2f, 136 }; 137 138 TO_EC_STR_PARAM(secp256k1_p_normalized); 139 140 static const u8 secp256k1_p_reciprocal[] = { 141 0x00, 142 }; 143 144 TO_EC_STR_PARAM(secp256k1_p_reciprocal); 145 146 #else /* unknown word size */ 147 #error "Unsupported word size" 148 #endif 149 150 static const u8 secp256k1_a[] = { 151 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 152 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 153 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 154 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 155 }; 156 157 TO_EC_STR_PARAM(secp256k1_a); 158 159 static const u8 secp256k1_b[] = { 160 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 161 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 162 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 163 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 164 }; 165 166 TO_EC_STR_PARAM(secp256k1_b); 167 168 #define CURVE_SECP256K1_CURVE_ORDER_BITLEN 256 169 static const u8 secp256k1_curve_order[] = { 170 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 171 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 172 0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b, 173 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41, 174 }; 175 176 TO_EC_STR_PARAM(secp256k1_curve_order); 177 178 static const u8 secp256k1_gx[] = { 179 0x79, 0xbe, 0x66, 0x7e, 0xf9, 0xdc, 0xbb, 0xac, 180 0x55, 0xa0, 0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 181 0x02, 0x9b, 0xfc, 0xdb, 0x2d, 0xce, 0x28, 0xd9, 182 0x59, 0xf2, 0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98, 183 }; 184 185 TO_EC_STR_PARAM(secp256k1_gx); 186 187 static const u8 secp256k1_gy[] = { 188 0x48, 0x3a, 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 189 0x5d, 0xa4, 0xfb, 0xfc, 0x0e, 0x11, 0x08, 0xa8, 190 0xfd, 0x17, 0xb4, 0x48, 0xa6, 0x85, 0x54, 0x19, 191 0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8, 192 }; 193 194 TO_EC_STR_PARAM(secp256k1_gy); 195 196 static const u8 secp256k1_gz[] = { 197 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 198 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 199 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 200 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 201 }; 202 203 TO_EC_STR_PARAM(secp256k1_gz); 204 205 static const u8 secp256k1_gen_order[] = { 206 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 207 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 208 0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b, 209 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41, 210 }; 211 212 TO_EC_STR_PARAM(secp256k1_gen_order); 213 214 #define CURVE_SECP256K1_Q_BITLEN 256 215 static const u8 secp256k1_gen_order_bitlen[] = { 216 0x01, 0x00, 217 }; 218 219 TO_EC_STR_PARAM(secp256k1_gen_order_bitlen); 220 221 static const u8 secp256k1_cofactor[] = { 222 0x01, 223 }; 224 225 TO_EC_STR_PARAM(secp256k1_cofactor); 226 227 static const u8 secp256k1_alpha_montgomery[] = { 228 0x00, 229 }; 230 TO_EC_STR_PARAM_FIXED_SIZE(secp256k1_alpha_montgomery, 0); 231 232 static const u8 secp256k1_gamma_montgomery[] = { 233 0x00, 234 }; 235 TO_EC_STR_PARAM_FIXED_SIZE(secp256k1_gamma_montgomery, 0); 236 237 static const u8 secp256k1_alpha_edwards[] = { 238 0x00, 239 }; 240 TO_EC_STR_PARAM_FIXED_SIZE(secp256k1_alpha_edwards, 0); 241 242 static const u8 secp256k1_name[] = "SECP256K1"; 243 TO_EC_STR_PARAM(secp256k1_name); 244 245 static const u8 secp256k1_oid[] = "1.3.132.0.10"; 246 TO_EC_STR_PARAM(secp256k1_oid); 247 248 static const ec_str_params secp256k1_str_params = { 249 .p = &secp256k1_p_str_param, 250 .p_bitlen = &secp256k1_p_bitlen_str_param, 251 .r = &secp256k1_r_str_param, 252 .r_square = &secp256k1_r_square_str_param, 253 .mpinv = &secp256k1_mpinv_str_param, 254 .p_shift = &secp256k1_p_shift_str_param, 255 .p_normalized = &secp256k1_p_normalized_str_param, 256 .p_reciprocal = &secp256k1_p_reciprocal_str_param, 257 .a = &secp256k1_a_str_param, 258 .b = &secp256k1_b_str_param, 259 .curve_order = &secp256k1_curve_order_str_param, 260 .gx = &secp256k1_gx_str_param, 261 .gy = &secp256k1_gy_str_param, 262 .gz = &secp256k1_gz_str_param, 263 .gen_order = &secp256k1_gen_order_str_param, 264 .gen_order_bitlen = &secp256k1_gen_order_bitlen_str_param, 265 .cofactor = &secp256k1_cofactor_str_param, 266 .alpha_montgomery = &secp256k1_alpha_montgomery_str_param, 267 .gamma_montgomery = &secp256k1_gamma_montgomery_str_param, 268 .alpha_edwards = &secp256k1_alpha_edwards_str_param, 269 .oid = &secp256k1_oid_str_param, 270 .name = &secp256k1_name_str_param, 271 }; 272 273 /* 274 * Compute max bit length of all curves for p and q 275 */ 276 #ifndef CURVES_MAX_P_BIT_LEN 277 #define CURVES_MAX_P_BIT_LEN 0 278 #endif 279 #if (CURVES_MAX_P_BIT_LEN < CURVE_SECP256K1_P_BITLEN) 280 #undef CURVES_MAX_P_BIT_LEN 281 #define CURVES_MAX_P_BIT_LEN CURVE_SECP256K1_P_BITLEN 282 #endif 283 #ifndef CURVES_MAX_Q_BIT_LEN 284 #define CURVES_MAX_Q_BIT_LEN 0 285 #endif 286 #if (CURVES_MAX_Q_BIT_LEN < CURVE_SECP256K1_Q_BITLEN) 287 #undef CURVES_MAX_Q_BIT_LEN 288 #define CURVES_MAX_Q_BIT_LEN CURVE_SECP256K1_Q_BITLEN 289 #endif 290 #ifndef CURVES_MAX_CURVE_ORDER_BIT_LEN 291 #define CURVES_MAX_CURVE_ORDER_BIT_LEN 0 292 #endif 293 #if (CURVES_MAX_CURVE_ORDER_BIT_LEN < CURVE_SECP256K1_CURVE_ORDER_BITLEN) 294 #undef CURVES_MAX_CURVE_ORDER_BIT_LEN 295 #define CURVES_MAX_CURVE_ORDER_BIT_LEN CURVE_SECP256K1_CURVE_ORDER_BITLEN 296 #endif 297 298 /* 299 * Compute and adapt max name and oid length 300 */ 301 #ifndef MAX_CURVE_OID_LEN 302 #define MAX_CURVE_OID_LEN 0 303 #endif 304 #ifndef MAX_CURVE_NAME_LEN 305 #define MAX_CURVE_NAME_LEN 0 306 #endif 307 #if (MAX_CURVE_OID_LEN < 1) 308 #undef MAX_CURVE_OID_LEN 309 #define MAX_CURVE_OID_LEN 1 310 #endif 311 #if (MAX_CURVE_NAME_LEN < 23) 312 #undef MAX_CURVE_NAME_LEN 313 #define MAX_CURVE_NAME_LEN 23 314 #endif 315 316 #endif /* __EC_PARAMS_SECP256K1_H__ */ 317 318 #endif /* WITH_CURVE_SECP256K1 */ 319