1 /* 2 * Copyright (C) 2021 - This file is part of libecc project 3 * 4 * Authors: 5 * Arnaud EBALARD <arnaud.ebalard@ssi.gouv.fr> 6 * Ryad BENADJILA <ryadbenadjila@gmail.com> 7 * 8 * This software is licensed under a dual BSD and GPL v2 license. 9 * See LICENSE file at the root folder of the project. 10 */ 11 #include <libecc/lib_ecc_config.h> 12 #ifdef WITH_CURVE_WEI25519 13 14 #ifndef __EC_PARAMS_WEI25519_H__ 15 #define __EC_PARAMS_WEI25519_H__ 16 #include <libecc/curves/known/ec_params_external.h> 17 static const u8 wei25519_p[] = { 18 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 19 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 20 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 21 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xed, 22 }; 23 24 TO_EC_STR_PARAM(wei25519_p); 25 26 #define CURVE_WEI25519_P_BITLEN 255 27 static const u8 wei25519_p_bitlen[] = { 28 0xff, 29 }; 30 31 TO_EC_STR_PARAM(wei25519_p_bitlen); 32 33 #if (WORD_BYTES == 8) /* 64-bit words */ 34 static const u8 wei25519_r[] = { 35 0x26, 36 }; 37 38 TO_EC_STR_PARAM(wei25519_r); 39 40 static const u8 wei25519_r_square[] = { 41 0x05, 0xa4, 42 }; 43 44 TO_EC_STR_PARAM(wei25519_r_square); 45 46 static const u8 wei25519_mpinv[] = { 47 0x86, 0xbc, 0xa1, 0xaf, 0x28, 0x6b, 0xca, 0x1b, 48 }; 49 50 TO_EC_STR_PARAM(wei25519_mpinv); 51 52 static const u8 wei25519_p_shift[] = { 53 0x01, 54 }; 55 56 TO_EC_STR_PARAM(wei25519_p_shift); 57 58 static const u8 wei25519_p_normalized[] = { 59 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 60 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 61 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 62 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xda, 63 }; 64 65 TO_EC_STR_PARAM(wei25519_p_normalized); 66 67 static const u8 wei25519_p_reciprocal[] = { 68 0x00, 69 }; 70 71 TO_EC_STR_PARAM(wei25519_p_reciprocal); 72 73 #elif (WORD_BYTES == 4) /* 32-bit words */ 74 static const u8 wei25519_r[] = { 75 0x26, 76 }; 77 78 TO_EC_STR_PARAM(wei25519_r); 79 80 static const u8 wei25519_r_square[] = { 81 0x05, 0xa4, 82 }; 83 84 TO_EC_STR_PARAM(wei25519_r_square); 85 86 static const u8 wei25519_mpinv[] = { 87 0x28, 0x6b, 0xca, 0x1b, 88 }; 89 90 TO_EC_STR_PARAM(wei25519_mpinv); 91 92 static const u8 wei25519_p_shift[] = { 93 0x01, 94 }; 95 96 TO_EC_STR_PARAM(wei25519_p_shift); 97 98 static const u8 wei25519_p_normalized[] = { 99 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 100 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 101 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 102 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xda, 103 }; 104 105 TO_EC_STR_PARAM(wei25519_p_normalized); 106 107 static const u8 wei25519_p_reciprocal[] = { 108 0x00, 109 }; 110 111 TO_EC_STR_PARAM(wei25519_p_reciprocal); 112 113 #elif (WORD_BYTES == 2) /* 16-bit words */ 114 static const u8 wei25519_r[] = { 115 0x26, 116 }; 117 118 TO_EC_STR_PARAM(wei25519_r); 119 120 static const u8 wei25519_r_square[] = { 121 0x05, 0xa4, 122 }; 123 124 TO_EC_STR_PARAM(wei25519_r_square); 125 126 static const u8 wei25519_mpinv[] = { 127 0xca, 0x1b, 128 }; 129 130 TO_EC_STR_PARAM(wei25519_mpinv); 131 132 static const u8 wei25519_p_shift[] = { 133 0x01, 134 }; 135 136 TO_EC_STR_PARAM(wei25519_p_shift); 137 138 static const u8 wei25519_p_normalized[] = { 139 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 140 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 141 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 142 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xda, 143 }; 144 145 TO_EC_STR_PARAM(wei25519_p_normalized); 146 147 static const u8 wei25519_p_reciprocal[] = { 148 0x00, 149 }; 150 151 TO_EC_STR_PARAM(wei25519_p_reciprocal); 152 153 #else /* unknown word size */ 154 #error "Unsupported word size" 155 #endif 156 157 static const u8 wei25519_a[] = { 158 0x2a, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 159 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 160 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 161 0xaa, 0xaa, 0xaa, 0x98, 0x49, 0x14, 0xa1, 0x44, 162 }; 163 164 TO_EC_STR_PARAM(wei25519_a); 165 166 static const u8 wei25519_b[] = { 167 0x7b, 0x42, 0x5e, 0xd0, 0x97, 0xb4, 0x25, 0xed, 168 0x09, 0x7b, 0x42, 0x5e, 0xd0, 0x97, 0xb4, 0x25, 169 0xed, 0x09, 0x7b, 0x42, 0x5e, 0xd0, 0x97, 0xb4, 170 0x26, 0x0b, 0x5e, 0x9c, 0x77, 0x10, 0xc8, 0x64, 171 }; 172 173 TO_EC_STR_PARAM(wei25519_b); 174 175 #define CURVE_WEI25519_CURVE_ORDER_BITLEN 256 176 static const u8 wei25519_curve_order[] = { 177 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 178 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 179 0xa6, 0xf7, 0xce, 0xf5, 0x17, 0xbc, 0xe6, 0xb2, 180 0xc0, 0x93, 0x18, 0xd2, 0xe7, 0xae, 0x9f, 0x68, 181 }; 182 183 TO_EC_STR_PARAM(wei25519_curve_order); 184 185 static const u8 wei25519_gx[] = { 186 0x2a, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 187 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 188 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 189 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xad, 0x24, 0x5a, 190 }; 191 192 TO_EC_STR_PARAM(wei25519_gx); 193 194 static const u8 wei25519_gy[] = { 195 0x20, 0xae, 0x19, 0xa1, 0xb8, 0xa0, 0x86, 0xb4, 196 0xe0, 0x1e, 0xdd, 0x2c, 0x77, 0x48, 0xd1, 0x4c, 197 0x92, 0x3d, 0x4d, 0x7e, 0x6d, 0x7c, 0x61, 0xb2, 198 0x29, 0xe9, 0xc5, 0xa2, 0x7e, 0xce, 0xd3, 0xd9, 199 }; 200 201 TO_EC_STR_PARAM(wei25519_gy); 202 203 static const u8 wei25519_gz[] = { 204 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 205 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 206 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 207 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 208 }; 209 210 TO_EC_STR_PARAM(wei25519_gz); 211 212 static const u8 wei25519_gen_order[] = { 213 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 214 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 215 0x14, 0xde, 0xf9, 0xde, 0xa2, 0xf7, 0x9c, 0xd6, 216 0x58, 0x12, 0x63, 0x1a, 0x5c, 0xf5, 0xd3, 0xed, 217 }; 218 219 TO_EC_STR_PARAM(wei25519_gen_order); 220 221 #define CURVE_WEI25519_Q_BITLEN 253 222 static const u8 wei25519_gen_order_bitlen[] = { 223 0xfd, 224 }; 225 226 TO_EC_STR_PARAM(wei25519_gen_order_bitlen); 227 228 static const u8 wei25519_cofactor[] = { 229 0x08, 230 }; 231 232 TO_EC_STR_PARAM(wei25519_cofactor); 233 234 static const u8 wei25519_alpha_montgomery[] = { 235 0x2a, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 236 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 237 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 238 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xad, 0x24, 0x51, 239 }; 240 241 TO_EC_STR_PARAM(wei25519_alpha_montgomery); 242 243 static const u8 wei25519_gamma_montgomery[] = { 244 0x01, 245 }; 246 247 TO_EC_STR_PARAM(wei25519_gamma_montgomery); 248 249 static const u8 wei25519_alpha_edwards[] = { 250 0x70, 0xd9, 0x12, 0x0b, 0x9f, 0x5f, 0xf9, 0x44, 251 0x2d, 0x84, 0xf7, 0x23, 0xfc, 0x03, 0xb0, 0x81, 252 0x3a, 0x5e, 0x2c, 0x2e, 0xb4, 0x82, 0xe5, 0x7d, 253 0x33, 0x91, 0xfb, 0x55, 0x00, 0xba, 0x81, 0xe7 254 }; 255 256 TO_EC_STR_PARAM(wei25519_alpha_edwards); 257 258 static const u8 wei25519_name[] = "WEI25519"; 259 TO_EC_STR_PARAM(wei25519_name); 260 261 static const u8 wei25519_oid[] = ""; 262 TO_EC_STR_PARAM(wei25519_oid); 263 264 static const ec_str_params wei25519_str_params = { 265 .p = &wei25519_p_str_param, 266 .p_bitlen = &wei25519_p_bitlen_str_param, 267 .r = &wei25519_r_str_param, 268 .r_square = &wei25519_r_square_str_param, 269 .mpinv = &wei25519_mpinv_str_param, 270 .p_shift = &wei25519_p_shift_str_param, 271 .p_normalized = &wei25519_p_normalized_str_param, 272 .p_reciprocal = &wei25519_p_reciprocal_str_param, 273 .a = &wei25519_a_str_param, 274 .b = &wei25519_b_str_param, 275 .curve_order = &wei25519_curve_order_str_param, 276 .gx = &wei25519_gx_str_param, 277 .gy = &wei25519_gy_str_param, 278 .gz = &wei25519_gz_str_param, 279 .gen_order = &wei25519_gen_order_str_param, 280 .gen_order_bitlen = &wei25519_gen_order_bitlen_str_param, 281 .cofactor = &wei25519_cofactor_str_param, 282 .alpha_montgomery = &wei25519_alpha_montgomery_str_param, 283 .gamma_montgomery = &wei25519_gamma_montgomery_str_param, 284 .alpha_edwards = &wei25519_alpha_edwards_str_param, 285 .oid = &wei25519_oid_str_param, 286 .name = &wei25519_name_str_param, 287 }; 288 289 /* 290 * Compute max bit length of all curves for p and q 291 */ 292 #ifndef CURVES_MAX_P_BIT_LEN 293 #define CURVES_MAX_P_BIT_LEN 0 294 #endif 295 #if (CURVES_MAX_P_BIT_LEN < CURVE_WEI25519_P_BITLEN) 296 #undef CURVES_MAX_P_BIT_LEN 297 #define CURVES_MAX_P_BIT_LEN CURVE_WEI25519_P_BITLEN 298 #endif 299 #ifndef CURVES_MAX_Q_BIT_LEN 300 #define CURVES_MAX_Q_BIT_LEN 0 301 #endif 302 #if (CURVES_MAX_Q_BIT_LEN < CURVE_WEI25519_Q_BITLEN) 303 #undef CURVES_MAX_Q_BIT_LEN 304 #define CURVES_MAX_Q_BIT_LEN CURVE_WEI25519_Q_BITLEN 305 #endif 306 #ifndef CURVES_MAX_CURVE_ORDER_BIT_LEN 307 #define CURVES_MAX_CURVE_ORDER_BIT_LEN 0 308 #endif 309 #if (CURVES_MAX_CURVE_ORDER_BIT_LEN < CURVE_WEI25519_CURVE_ORDER_BITLEN) 310 #undef CURVES_MAX_CURVE_ORDER_BIT_LEN 311 #define CURVES_MAX_CURVE_ORDER_BIT_LEN CURVE_WEI25519_CURVE_ORDER_BITLEN 312 #endif 313 314 /* 315 * Compute and adapt max name and oid length 316 */ 317 #ifndef MAX_CURVE_OID_LEN 318 #define MAX_CURVE_OID_LEN 0 319 #endif 320 #ifndef MAX_CURVE_NAME_LEN 321 #define MAX_CURVE_NAME_LEN 0 322 #endif 323 #if (MAX_CURVE_OID_LEN < 1) 324 #undef MAX_CURVE_OID_LEN 325 #define MAX_CURVE_OID_LEN 1 326 #endif 327 #if (MAX_CURVE_NAME_LEN < 22) 328 #undef MAX_CURVE_NAME_LEN 329 #define MAX_CURVE_NAME_LEN 22 330 #endif 331 332 #endif /* __EC_PARAMS_WEI25519_H__ */ 333 334 #endif /* WITH_CURVE_WEI25519 */ 335