xref: /freebsd/crypto/libecc/include/libecc/curves/known/ec_params_brainpoolp512r1.h (revision 05427f4639bcf2703329a9be9d25ec09bb782742)
1 /*
2  *  Copyright (C) 2017 - This file is part of libecc project
3  *
4  *  Authors:
5  *      Ryad BENADJILA <ryadbenadjila@gmail.com>
6  *      Arnaud EBALARD <arnaud.ebalard@ssi.gouv.fr>
7  *      Jean-Pierre FLORI <jean-pierre.flori@ssi.gouv.fr>
8  *
9  *  Contributors:
10  *      Nicolas VIVET <nicolas.vivet@ssi.gouv.fr>
11  *      Karim KHALFALLAH <karim.khalfallah@ssi.gouv.fr>
12  *
13  *  This software is licensed under a dual BSD and GPL v2 license.
14  *  See LICENSE file at the root folder of the project.
15  */
16 #include <libecc/lib_ecc_config.h>
17 #ifdef WITH_CURVE_BRAINPOOLP512R1
18 
19 #ifndef __EC_PARAMS_BRAINPOOLP512R1_H__
20 #define __EC_PARAMS_BRAINPOOLP512R1_H__
21 #include "ec_params_external.h"
22 
23 static const u8 brainpoolp512r1_p[] = {
24 	0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B,
25 	0x3F, 0xD4, 0xE6, 0xAE, 0x33, 0xC9, 0xFC, 0x07,
26 	0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E,
27 	0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x71,
28 	0x7D, 0x4D, 0x9B, 0x00, 0x9B, 0xC6, 0x68, 0x42,
29 	0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6,
30 	0x28, 0x81, 0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85,
31 	0x28, 0xAA, 0x60, 0x56, 0x58, 0x3A, 0x48, 0xF3
32 };
33 
34 TO_EC_STR_PARAM(brainpoolp512r1_p);
35 
36 #define CURVE_BRAINPOOLP512R1_P_BITLEN 512
37 static const u8 brainpoolp512r1_p_bitlen[] = { 0x02, 0x00 };
38 
39 TO_EC_STR_PARAM(brainpoolp512r1_p_bitlen);
40 
41 static const u8 brainpoolp512r1_r[] = {
42 	0x55, 0x22, 0x62, 0x47, 0x24, 0x16, 0x3b, 0x74,
43 	0xc0, 0x2b, 0x19, 0x51, 0xcc, 0x36, 0x03, 0xf8,
44 	0x34, 0xcf, 0x72, 0x4c, 0x4c, 0x36, 0x2d, 0xf1,
45 	0x29, 0x9c, 0x63, 0x35, 0x8f, 0xcc, 0xf7, 0x8e,
46 	0x82, 0xb2, 0x64, 0xff, 0x64, 0x39, 0x97, 0xbd,
47 	0x51, 0x32, 0x5e, 0xd5, 0x19, 0x5c, 0x7f, 0x19,
48 	0xd7, 0x7e, 0x00, 0xd0, 0xd2, 0x7d, 0x39, 0x7a,
49 	0xd7, 0x55, 0x9f, 0xa9, 0xa7, 0xc5, 0xb7, 0x0d
50 };
51 
52 TO_EC_STR_PARAM(brainpoolp512r1_r);
53 
54 static const u8 brainpoolp512r1_r_square[] = {
55 	0x3c, 0x4c, 0x9d, 0x05, 0xa9, 0xff, 0x64, 0x50,
56 	0x20, 0x2e, 0x19, 0x40, 0x20, 0x56, 0xee, 0xcc,
57 	0xa1, 0x6d, 0xaa, 0x5f, 0xd4, 0x2b, 0xff, 0x83,
58 	0x19, 0x48, 0x6f, 0xd8, 0xd5, 0x89, 0x80, 0x57,
59 	0xe0, 0xc1, 0x9a, 0x77, 0x83, 0x51, 0x4a, 0x25,
60 	0x53, 0xb7, 0xf9, 0xbc, 0x90, 0x5a, 0xff, 0xd3,
61 	0x79, 0x3f, 0xb1, 0x30, 0x27, 0x15, 0x79, 0x05,
62 	0x49, 0xad, 0x14, 0x4a, 0x61, 0x58, 0xf2, 0x05
63 };
64 
65 TO_EC_STR_PARAM(brainpoolp512r1_r_square);
66 
67 /*
68  * mpinv is -p^-1 mod 2^(bitsizeof(hword_t)), this means it depends
69  * on word size.
70  */
71 static const u8 brainpoolp512r1_mpinv[] = {
72 	0x83, 0x9b, 0x32, 0x20, 0x7d, 0x89, 0xef, 0xc5
73 };
74 
75 TO_EC_STR_PARAM(brainpoolp512r1_mpinv);
76 
77 static const u8 brainpoolp512r1_p_shift[] = {
78 	0x00
79 };
80 
81 TO_EC_STR_PARAM(brainpoolp512r1_p_shift);
82 
83 #if (WORD_BYTES == 8)		/* 64-bit words */
84 static const u8 brainpoolp512r1_p_reciprocal[] = {
85 	0x7f, 0x8d, 0x7f, 0x4e, 0xd6, 0xda, 0xeb, 0x8a
86 };
87 #elif (WORD_BYTES == 4)		/* 32-bit words */
88 static const u8 brainpoolp512r1_p_reciprocal[] = {
89 	0x7f, 0x8d, 0x7f, 0x4e
90 };
91 #elif (WORD_BYTES == 2)		/* 16-bit words */
92 static const u8 brainpoolp512r1_p_reciprocal[] = {
93 	0x7f, 0x8d
94 };
95 #else /* unknown word size */
96 #error "Unsupported word size"
97 #endif
98 TO_EC_STR_PARAM(brainpoolp512r1_p_reciprocal);
99 
100 static const u8 brainpoolp512r1_a[] = {
101 	0x78, 0x30, 0xA3, 0x31, 0x8B, 0x60, 0x3B, 0x89,
102 	0xE2, 0x32, 0x71, 0x45, 0xAC, 0x23, 0x4C, 0xC5,
103 	0x94, 0xCB, 0xDD, 0x8D, 0x3D, 0xF9, 0x16, 0x10,
104 	0xA8, 0x34, 0x41, 0xCA, 0xEA, 0x98, 0x63, 0xBC,
105 	0x2D, 0xED, 0x5D, 0x5A, 0xA8, 0x25, 0x3A, 0xA1,
106 	0x0A, 0x2E, 0xF1, 0xC9, 0x8B, 0x9A, 0xC8, 0xB5,
107 	0x7F, 0x11, 0x17, 0xA7, 0x2B, 0xF2, 0xC7, 0xB9,
108 	0xE7, 0xC1, 0xAC, 0x4D, 0x77, 0xFC, 0x94, 0xCA
109 };
110 
111 TO_EC_STR_PARAM(brainpoolp512r1_a);
112 
113 static const u8 brainpoolp512r1_b[] = {
114 	0x3D, 0xF9, 0x16, 0x10, 0xA8, 0x34, 0x41, 0xCA,
115 	0xEA, 0x98, 0x63, 0xBC, 0x2D, 0xED, 0x5D, 0x5A,
116 	0xA8, 0x25, 0x3A, 0xA1, 0x0A, 0x2E, 0xF1, 0xC9,
117 	0x8B, 0x9A, 0xC8, 0xB5, 0x7F, 0x11, 0x17, 0xA7,
118 	0x2B, 0xF2, 0xC7, 0xB9, 0xE7, 0xC1, 0xAC, 0x4D,
119 	0x77, 0xFC, 0x94, 0xCA, 0xDC, 0x08, 0x3E, 0x67,
120 	0x98, 0x40, 0x50, 0xB7, 0x5E, 0xBA, 0xE5, 0xDD,
121 	0x28, 0x09, 0xBD, 0x63, 0x80, 0x16, 0xF7, 0x23
122 };
123 
124 TO_EC_STR_PARAM(brainpoolp512r1_b);
125 
126 #define CURVE_BRAINPOOLP512R1_CURVE_ORDER_BITLEN 512
127 static const u8 brainpoolp512r1_curve_order[] = {
128 	0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B,
129 	0x3F, 0xD4, 0xE6, 0xAE, 0x33, 0xC9, 0xFC, 0x07,
130 	0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E,
131 	0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x70,
132 	0x55, 0x3E, 0x5C, 0x41, 0x4C, 0xA9, 0x26, 0x19,
133 	0x41, 0x86, 0x61, 0x19, 0x7F, 0xAC, 0x10, 0x47,
134 	0x1D, 0xB1, 0xD3, 0x81, 0x08, 0x5D, 0xDA, 0xDD,
135 	0xB5, 0x87, 0x96, 0x82, 0x9C, 0xA9, 0x00, 0x69
136 };
137 
138 TO_EC_STR_PARAM(brainpoolp512r1_curve_order);
139 
140 static const u8 brainpoolp512r1_gx[] = {
141 	0x81, 0xAE, 0xE4, 0xBD, 0xD8, 0x2E, 0xD9, 0x64,
142 	0x5A, 0x21, 0x32, 0x2E, 0x9C, 0x4C, 0x6A, 0x93,
143 	0x85, 0xED, 0x9F, 0x70, 0xB5, 0xD9, 0x16, 0xC1,
144 	0xB4, 0x3B, 0x62, 0xEE, 0xF4, 0xD0, 0x09, 0x8E,
145 	0xFF, 0x3B, 0x1F, 0x78, 0xE2, 0xD0, 0xD4, 0x8D,
146 	0x50, 0xD1, 0x68, 0x7B, 0x93, 0xB9, 0x7D, 0x5F,
147 	0x7C, 0x6D, 0x50, 0x47, 0x40, 0x6A, 0x5E, 0x68,
148 	0x8B, 0x35, 0x22, 0x09, 0xBC, 0xB9, 0xF8, 0x22,
149 };
150 
151 TO_EC_STR_PARAM(brainpoolp512r1_gx);
152 
153 static const u8 brainpoolp512r1_gy[] = {
154 	0x7D, 0xDE, 0x38, 0x5D, 0x56, 0x63, 0x32, 0xEC,
155 	0xC0, 0xEA, 0xBF, 0xA9, 0xCF, 0x78, 0x22, 0xFD,
156 	0xF2, 0x09, 0xF7, 0x00, 0x24, 0xA5, 0x7B, 0x1A,
157 	0xA0, 0x00, 0xC5, 0x5B, 0x88, 0x1F, 0x81, 0x11,
158 	0xB2, 0xDC, 0xDE, 0x49, 0x4A, 0x5F, 0x48, 0x5E,
159 	0x5B, 0xCA, 0x4B, 0xD8, 0x8A, 0x27, 0x63, 0xAE,
160 	0xD1, 0xCA, 0x2B, 0x2F, 0xA8, 0xF0, 0x54, 0x06,
161 	0x78, 0xCD, 0x1E, 0x0F, 0x3A, 0xD8, 0x08, 0x92
162 };
163 
164 TO_EC_STR_PARAM(brainpoolp512r1_gy);
165 
166 static const u8 brainpoolp512r1_gz[] = {
167 	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
168 	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
169 	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
170 	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
171 	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
172 	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
173 	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
174 	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
175 };
176 
177 TO_EC_STR_PARAM(brainpoolp512r1_gz);
178 
179 static const u8 brainpoolp512r1_gen_order[] = {
180 	0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B,
181 	0x3F, 0xD4, 0xE6, 0xAE, 0x33, 0xC9, 0xFC, 0x07,
182 	0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E,
183 	0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x70,
184 	0x55, 0x3E, 0x5C, 0x41, 0x4C, 0xA9, 0x26, 0x19,
185 	0x41, 0x86, 0x61, 0x19, 0x7F, 0xAC, 0x10, 0x47,
186 	0x1D, 0xB1, 0xD3, 0x81, 0x08, 0x5D, 0xDA, 0xDD,
187 	0xB5, 0x87, 0x96, 0x82, 0x9C, 0xA9, 0x00, 0x69
188 };
189 
190 TO_EC_STR_PARAM(brainpoolp512r1_gen_order);
191 
192 #define CURVE_BRAINPOOLP512R1_Q_BITLEN 512
193 static const u8 brainpoolp512r1_gen_order_bitlen[] = { 0x02, 0x00 };
194 
195 TO_EC_STR_PARAM(brainpoolp512r1_gen_order_bitlen);
196 
197 static const u8 brainpoolp512r1_cofactor[] = { 0x01 };
198 
199 TO_EC_STR_PARAM(brainpoolp512r1_cofactor);
200 
201 static const u8 brainpoolp512r1_alpha_montgomery[] = {
202 	0x00,
203 };
204 
205 TO_EC_STR_PARAM_FIXED_SIZE(brainpoolp512r1_alpha_montgomery, 0);
206 
207 static const u8 brainpoolp512r1_gamma_montgomery[] = {
208 	0x00,
209 };
210 
211 TO_EC_STR_PARAM_FIXED_SIZE(brainpoolp512r1_gamma_montgomery, 0);
212 
213 static const u8 brainpoolp512r1_alpha_edwards[] = {
214 	0x00,
215 };
216 
217 TO_EC_STR_PARAM_FIXED_SIZE(brainpoolp512r1_alpha_edwards, 0);
218 
219 static const u8 brainpoolp512r1_oid[] = "1.3.36.3.3.2.8.1.1.13";
220 TO_EC_STR_PARAM(brainpoolp512r1_oid);
221 
222 static const u8 brainpoolp512r1_name[] = "BRAINPOOLP512R1";
223 TO_EC_STR_PARAM(brainpoolp512r1_name);
224 
225 static const ec_str_params brainpoolp512r1_str_params = {
226 	.p = &brainpoolp512r1_p_str_param,
227 	.p_bitlen = &brainpoolp512r1_p_bitlen_str_param,
228 	.r = &brainpoolp512r1_r_str_param,
229 	.r_square = &brainpoolp512r1_r_square_str_param,
230 	.mpinv = &brainpoolp512r1_mpinv_str_param,
231 	.p_shift = &brainpoolp512r1_p_shift_str_param,
232 	.p_normalized = &brainpoolp512r1_p_str_param,
233 	.p_reciprocal = &brainpoolp512r1_p_reciprocal_str_param,
234 	.a = &brainpoolp512r1_a_str_param,
235 	.b = &brainpoolp512r1_b_str_param,
236 	.curve_order = &brainpoolp512r1_curve_order_str_param,
237 	.gx = &brainpoolp512r1_gx_str_param,
238 	.gy = &brainpoolp512r1_gy_str_param,
239 	.gz = &brainpoolp512r1_gz_str_param,
240 	.gen_order = &brainpoolp512r1_gen_order_str_param,
241 	.gen_order_bitlen = &brainpoolp512r1_gen_order_bitlen_str_param,
242 	.cofactor = &brainpoolp512r1_cofactor_str_param,
243 	.alpha_montgomery = &brainpoolp512r1_alpha_montgomery_str_param,
244 	.gamma_montgomery = &brainpoolp512r1_gamma_montgomery_str_param,
245 	.alpha_edwards = &brainpoolp512r1_alpha_edwards_str_param,
246 	.oid = &brainpoolp512r1_oid_str_param,
247 	.name = &brainpoolp512r1_name_str_param,
248 };
249 
250 /*
251  * Compute max bit length of all curves for p and q
252  */
253 #ifndef CURVES_MAX_P_BIT_LEN
254 #define CURVES_MAX_P_BIT_LEN    0
255 #endif
256 #if (CURVES_MAX_P_BIT_LEN < CURVE_BRAINPOOLP512R1_P_BITLEN)
257 #undef CURVES_MAX_P_BIT_LEN
258 #define CURVES_MAX_P_BIT_LEN CURVE_BRAINPOOLP512R1_P_BITLEN
259 #endif
260 #ifndef CURVES_MAX_Q_BIT_LEN
261 #define CURVES_MAX_Q_BIT_LEN    0
262 #endif
263 #if (CURVES_MAX_Q_BIT_LEN < CURVE_BRAINPOOLP512R1_Q_BITLEN)
264 #undef CURVES_MAX_Q_BIT_LEN
265 #define CURVES_MAX_Q_BIT_LEN CURVE_BRAINPOOLP512R1_Q_BITLEN
266 #endif
267 #ifndef CURVES_MAX_CURVE_ORDER_BIT_LEN
268 #define CURVES_MAX_CURVE_ORDER_BIT_LEN    0
269 #endif
270 #if (CURVES_MAX_CURVE_ORDER_BIT_LEN < CURVE_BRAINPOOLP512R1_CURVE_ORDER_BITLEN)
271 #undef CURVES_MAX_CURVE_ORDER_BIT_LEN
272 #define CURVES_MAX_CURVE_ORDER_BIT_LEN CURVE_BRAINPOOLP512R1_CURVE_ORDER_BITLEN
273 #endif
274 
275 #endif /* __EC_PARAMS_BRAINPOOLP512R1_H__ */
276 #endif /* WITH_CURVE_BRAINPOOLP512R1 */
277