1 /* 2 * Copyright (C) 2017 - This file is part of libecc project 3 * 4 * Authors: 5 * Ryad BENADJILA <ryadbenadjila@gmail.com> 6 * Arnaud EBALARD <arnaud.ebalard@ssi.gouv.fr> 7 * Jean-Pierre FLORI <jean-pierre.flori@ssi.gouv.fr> 8 * 9 * Contributors: 10 * Nicolas VIVET <nicolas.vivet@ssi.gouv.fr> 11 * Karim KHALFALLAH <karim.khalfallah@ssi.gouv.fr> 12 * 13 * This software is licensed under a dual BSD and GPL v2 license. 14 * See LICENSE file at the root folder of the project. 15 */ 16 #include <libecc/lib_ecc_config.h> 17 #ifdef WITH_CURVE_SECP256R1 18 19 #ifndef __EC_PARAMS_SECP256R1_H__ 20 #define __EC_PARAMS_SECP256R1_H__ 21 #include "ec_params_external.h" 22 23 static const u8 secp256r1_p[] = { 24 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 25 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 26 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 27 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF 28 }; 29 30 TO_EC_STR_PARAM(secp256r1_p); 31 32 #define CURVE_SECP256R1_P_BITLEN 256 33 static const u8 secp256r1_p_bitlen[] = { 0x01, 0x00 }; 34 35 TO_EC_STR_PARAM(secp256r1_p_bitlen); 36 37 static const u8 secp256r1_r[] = { 38 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xfe, 39 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 40 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 41 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 42 }; 43 44 TO_EC_STR_PARAM(secp256r1_r); 45 46 static const u8 secp256r1_r_square[] = { 47 0x00, 0x00, 0x00, 0x04, 0xff, 0xff, 0xff, 0xfd, 48 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 49 0xff, 0xff, 0xff, 0xfb, 0xff, 0xff, 0xff, 0xff, 50 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03 51 }; 52 53 TO_EC_STR_PARAM(secp256r1_r_square); 54 55 static const u8 secp256r1_mpinv[] = { 0x00, 0x00, 0x00, 0x01 }; 56 57 TO_EC_STR_PARAM(secp256r1_mpinv); 58 59 static const u8 secp256r1_p_shift[] = { 60 0x00 61 }; 62 63 TO_EC_STR_PARAM(secp256r1_p_shift); 64 65 #if (WORD_BYTES == 8) /* 64-bit words */ 66 static const u8 secp256r1_p_reciprocal[] = { 67 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff 68 }; 69 #elif (WORD_BYTES == 4) || (WORD_BYTES == 2) /* 32 and 16-bit words */ 70 static const u8 secp256r1_p_reciprocal[] = { 71 0x00 72 }; 73 #else /* unknown word size */ 74 #error "Unsupported word size" 75 #endif 76 TO_EC_STR_PARAM(secp256r1_p_reciprocal); 77 78 static const u8 secp256r1_a[] = { 79 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 80 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 81 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 82 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC 83 }; 84 85 TO_EC_STR_PARAM(secp256r1_a); 86 87 static const u8 secp256r1_b[] = { 88 0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7, 89 0xB3, 0xEB, 0xBD, 0x55, 0x76, 0x98, 0x86, 0xBC, 90 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6, 91 0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B 92 }; 93 94 TO_EC_STR_PARAM(secp256r1_b); 95 96 #define CURVE_SECP256R1_CURVE_ORDER_BITLEN 256 97 static const u8 secp256r1_curve_order[] = { 98 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 99 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 100 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 101 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51 102 }; 103 104 TO_EC_STR_PARAM(secp256r1_curve_order); 105 106 static const u8 secp256r1_gx[] = { 107 0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 108 0xF8, 0xBC, 0xE6, 0xE5, 0x63, 0xA4, 0x40, 0xF2, 109 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0, 110 0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96 111 }; 112 113 TO_EC_STR_PARAM(secp256r1_gx); 114 115 static const u8 secp256r1_gy[] = { 116 0x4F, 0xE3, 0x42, 0xE2, 0xFE, 0x1A, 0x7F, 0x9B, 117 0x8E, 0xE7, 0xEB, 0x4A, 0x7C, 0x0F, 0x9E, 0x16, 118 0x2B, 0xCE, 0x33, 0x57, 0x6B, 0x31, 0x5E, 0xCE, 119 0xCB, 0xB6, 0x40, 0x68, 0x37, 0xBF, 0x51, 0xF5 120 }; 121 122 TO_EC_STR_PARAM(secp256r1_gy); 123 124 static const u8 secp256r1_gz[] = { 125 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 126 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 127 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 128 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 129 }; 130 131 TO_EC_STR_PARAM(secp256r1_gz); 132 133 static const u8 secp256r1_gen_order[] = { 134 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 135 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 136 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 137 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51 138 }; 139 140 TO_EC_STR_PARAM(secp256r1_gen_order); 141 142 #define CURVE_SECP256R1_Q_BITLEN 256 143 static const u8 secp256r1_gen_order_bitlen[] = { 0x01, 0x00 }; 144 145 TO_EC_STR_PARAM(secp256r1_gen_order_bitlen); 146 147 static const u8 secp256r1_cofactor[] = { 0x01 }; 148 149 TO_EC_STR_PARAM(secp256r1_cofactor); 150 151 static const u8 secp256r1_alpha_montgomery[] = { 152 0x00, 153 }; 154 155 TO_EC_STR_PARAM_FIXED_SIZE(secp256r1_alpha_montgomery, 0); 156 157 static const u8 secp256r1_gamma_montgomery[] = { 158 0x00, 159 }; 160 161 TO_EC_STR_PARAM_FIXED_SIZE(secp256r1_gamma_montgomery, 0); 162 163 static const u8 secp256r1_alpha_edwards[] = { 164 0x00, 165 }; 166 167 TO_EC_STR_PARAM_FIXED_SIZE(secp256r1_alpha_edwards, 0); 168 169 static const u8 secp256r1_oid[] = "1.2.840.10045.3.1.7"; 170 TO_EC_STR_PARAM(secp256r1_oid); 171 172 static const u8 secp256r1_name[] = "SECP256R1"; 173 TO_EC_STR_PARAM(secp256r1_name); 174 175 static const ec_str_params secp256r1_str_params = { 176 .p = &secp256r1_p_str_param, 177 .p_bitlen = &secp256r1_p_bitlen_str_param, 178 .r = &secp256r1_r_str_param, 179 .r_square = &secp256r1_r_square_str_param, 180 .mpinv = &secp256r1_mpinv_str_param, 181 .p_shift = &secp256r1_p_shift_str_param, 182 .p_normalized = &secp256r1_p_str_param, 183 .p_reciprocal = &secp256r1_p_reciprocal_str_param, 184 .a = &secp256r1_a_str_param, 185 .b = &secp256r1_b_str_param, 186 .curve_order = &secp256r1_curve_order_str_param, 187 .gx = &secp256r1_gx_str_param, 188 .gy = &secp256r1_gy_str_param, 189 .gz = &secp256r1_gz_str_param, 190 .gen_order = &secp256r1_gen_order_str_param, 191 .gen_order_bitlen = &secp256r1_gen_order_bitlen_str_param, 192 .cofactor = &secp256r1_cofactor_str_param, 193 .alpha_montgomery = &secp256r1_alpha_montgomery_str_param, 194 .gamma_montgomery = &secp256r1_gamma_montgomery_str_param, 195 .alpha_edwards = &secp256r1_alpha_edwards_str_param, 196 .oid = &secp256r1_oid_str_param, 197 .name = &secp256r1_name_str_param, 198 }; 199 200 /* 201 * Compute max bit length of all curves for p and q 202 */ 203 #ifndef CURVES_MAX_P_BIT_LEN 204 #define CURVES_MAX_P_BIT_LEN 0 205 #endif 206 #if (CURVES_MAX_P_BIT_LEN < CURVE_SECP256R1_P_BITLEN) 207 #undef CURVES_MAX_P_BIT_LEN 208 #define CURVES_MAX_P_BIT_LEN CURVE_SECP256R1_P_BITLEN 209 #endif 210 #ifndef CURVES_MAX_Q_BIT_LEN 211 #define CURVES_MAX_Q_BIT_LEN 0 212 #endif 213 #if (CURVES_MAX_Q_BIT_LEN < CURVE_SECP256R1_Q_BITLEN) 214 #undef CURVES_MAX_Q_BIT_LEN 215 #define CURVES_MAX_Q_BIT_LEN CURVE_SECP256R1_Q_BITLEN 216 #endif 217 #ifndef CURVES_MAX_CURVE_ORDER_BIT_LEN 218 #define CURVES_MAX_CURVE_ORDER_BIT_LEN 0 219 #endif 220 #if (CURVES_MAX_CURVE_ORDER_BIT_LEN < CURVE_SECP256R1_CURVE_ORDER_BITLEN) 221 #undef CURVES_MAX_CURVE_ORDER_BIT_LEN 222 #define CURVES_MAX_CURVE_ORDER_BIT_LEN CURVE_SECP256R1_CURVE_ORDER_BITLEN 223 #endif 224 225 #endif /* __EC_PARAMS_SECP256R1_H__ */ 226 227 #endif /* WITH_CURVE_SECP256R1 */ 228