1*f0865ec9SKyle Evans /* 2*f0865ec9SKyle Evans * Copyright (C) 2021 - This file is part of libecc project 3*f0865ec9SKyle Evans * 4*f0865ec9SKyle Evans * Authors: 5*f0865ec9SKyle Evans * Ryad BENADJILA <ryadbenadjila@gmail.com> 6*f0865ec9SKyle Evans * Arnaud EBALARD <arnaud.ebalard@ssi.gouv.fr> 7*f0865ec9SKyle Evans * 8*f0865ec9SKyle Evans * This software is licensed under a dual BSD and GPL v2 license. 9*f0865ec9SKyle Evans * See LICENSE file at the root folder of the project. 10*f0865ec9SKyle Evans */ 11*f0865ec9SKyle Evans 12*f0865ec9SKyle Evans #ifdef WITH_CURVE_WEI25519 13*f0865ec9SKyle Evans 14*f0865ec9SKyle Evans /***** Test vectors from RFC7748 ****/ 15*f0865ec9SKyle Evans static const u8 x25519_WEI25519_0_our_priv_key[] = { 16*f0865ec9SKyle Evans 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16, 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87, 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9, 0x2c, 0x2a, 17*f0865ec9SKyle Evans }; 18*f0865ec9SKyle Evans 19*f0865ec9SKyle Evans static const u8 x25519_WEI25519_0_peer_pub_key[] = { 20*f0865ec9SKyle Evans 0xde, 0x9e, 0xdb, 0x7d, 0x7b, 0x7d, 0xc1, 0xb4, 0xd3, 0x5b, 0x61, 0xc2, 0xec, 0xe4, 0x35, 0x37, 0x3f, 0x83, 0x43, 0xc8, 0x5b, 0x78, 0x67, 0x4d, 0xad, 0xfc, 0x7e, 0x14, 0x6f, 0x88, 0x2b, 0x4f, 21*f0865ec9SKyle Evans }; 22*f0865ec9SKyle Evans 23*f0865ec9SKyle Evans static const u8 x25519_WEI25519_0_our_pub_key[] = { 24*f0865ec9SKyle Evans 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b, 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d, 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b, 0x4e, 0x6a, 25*f0865ec9SKyle Evans }; 26*f0865ec9SKyle Evans 27*f0865ec9SKyle Evans static const u8 x25519_WEI25519_0_shared_secret[] = { 28*f0865ec9SKyle Evans 0x4a, 0x5d, 0x9d, 0x5b, 0xa4, 0xce, 0x2d, 0xe1, 0x72, 0x8e, 0x3b, 0xf4, 0x80, 0x35, 0x0f, 0x25, 0xe0, 0x7e, 0x21, 0xc9, 0x47, 0xd1, 0x9e, 0x33, 0x76, 0xf0, 0x9b, 0x3c, 0x1e, 0x16, 0x17, 0x42, 29*f0865ec9SKyle Evans }; 30*f0865ec9SKyle Evans 31*f0865ec9SKyle Evans static const ecdh_test_case x25519_WEI25519_0_test_case = { 32*f0865ec9SKyle Evans .name = "X25519/WEI25519 0", 33*f0865ec9SKyle Evans .ecdh_type = X25519, 34*f0865ec9SKyle Evans .ec_str_p = &wei25519_str_params, 35*f0865ec9SKyle Evans .our_priv_key = x25519_WEI25519_0_our_priv_key, 36*f0865ec9SKyle Evans .our_priv_key_len = sizeof(x25519_WEI25519_0_our_priv_key), 37*f0865ec9SKyle Evans .peer_pub_key = x25519_WEI25519_0_peer_pub_key, 38*f0865ec9SKyle Evans .peer_pub_key_len = sizeof(x25519_WEI25519_0_peer_pub_key), 39*f0865ec9SKyle Evans .exp_our_pub_key = x25519_WEI25519_0_our_pub_key, 40*f0865ec9SKyle Evans .exp_our_pub_key_len = sizeof(x25519_WEI25519_0_our_pub_key), 41*f0865ec9SKyle Evans .exp_shared_secret = x25519_WEI25519_0_shared_secret, 42*f0865ec9SKyle Evans .exp_shared_secret_len = sizeof(x25519_WEI25519_0_shared_secret), 43*f0865ec9SKyle Evans }; 44*f0865ec9SKyle Evans /******************/ 45*f0865ec9SKyle Evans 46*f0865ec9SKyle Evans static const u8 x25519_WEI25519_1_our_priv_key[] = { 47*f0865ec9SKyle Evans 0x5d, 0xab, 0x08, 0x7e, 0x62, 0x4a, 0x8a, 0x4b, 0x79, 0xe1, 0x7f, 0x8b, 0x83, 0x80, 0x0e, 0xe6, 0x6f, 0x3b, 0xb1, 0x29, 0x26, 0x18, 0xb6, 0xfd, 0x1c, 0x2f, 0x8b, 0x27, 0xff, 0x88, 0xe0, 0xeb, 48*f0865ec9SKyle Evans }; 49*f0865ec9SKyle Evans 50*f0865ec9SKyle Evans static const u8 x25519_WEI25519_1_peer_pub_key[] = { 51*f0865ec9SKyle Evans 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b, 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d, 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b, 0x4e, 0x6a, 52*f0865ec9SKyle Evans }; 53*f0865ec9SKyle Evans 54*f0865ec9SKyle Evans static const u8 x25519_WEI25519_1_our_pub_key[] = { 55*f0865ec9SKyle Evans 0xde, 0x9e, 0xdb, 0x7d, 0x7b, 0x7d, 0xc1, 0xb4, 0xd3, 0x5b, 0x61, 0xc2, 0xec, 0xe4, 0x35, 0x37, 0x3f, 0x83, 0x43, 0xc8, 0x5b, 0x78, 0x67, 0x4d, 0xad, 0xfc, 0x7e, 0x14, 0x6f, 0x88, 0x2b, 0x4f, 56*f0865ec9SKyle Evans }; 57*f0865ec9SKyle Evans 58*f0865ec9SKyle Evans static const u8 x25519_WEI25519_1_shared_secret[] = { 59*f0865ec9SKyle Evans 0x4a, 0x5d, 0x9d, 0x5b, 0xa4, 0xce, 0x2d, 0xe1, 0x72, 0x8e, 0x3b, 0xf4, 0x80, 0x35, 0x0f, 0x25, 0xe0, 0x7e, 0x21, 0xc9, 0x47, 0xd1, 0x9e, 0x33, 0x76, 0xf0, 0x9b, 0x3c, 0x1e, 0x16, 0x17, 0x42, 60*f0865ec9SKyle Evans }; 61*f0865ec9SKyle Evans 62*f0865ec9SKyle Evans static const ecdh_test_case x25519_WEI25519_1_test_case = { 63*f0865ec9SKyle Evans .name = "X25519/WEI25519 1", 64*f0865ec9SKyle Evans .ecdh_type = X25519, 65*f0865ec9SKyle Evans .ec_str_p = &wei25519_str_params, 66*f0865ec9SKyle Evans .our_priv_key = x25519_WEI25519_1_our_priv_key, 67*f0865ec9SKyle Evans .our_priv_key_len = sizeof(x25519_WEI25519_1_our_priv_key), 68*f0865ec9SKyle Evans .peer_pub_key = x25519_WEI25519_1_peer_pub_key, 69*f0865ec9SKyle Evans .peer_pub_key_len = sizeof(x25519_WEI25519_1_peer_pub_key), 70*f0865ec9SKyle Evans .exp_our_pub_key = x25519_WEI25519_1_our_pub_key, 71*f0865ec9SKyle Evans .exp_our_pub_key_len = sizeof(x25519_WEI25519_1_our_pub_key), 72*f0865ec9SKyle Evans .exp_shared_secret = x25519_WEI25519_1_shared_secret, 73*f0865ec9SKyle Evans .exp_shared_secret_len = sizeof(x25519_WEI25519_1_shared_secret), 74*f0865ec9SKyle Evans }; 75*f0865ec9SKyle Evans 76*f0865ec9SKyle Evans 77*f0865ec9SKyle Evans /***** Test vectors from https://tools.ietf.org/id/draft-ietf-ipsecme-safecurves-03.xml ****/ 78*f0865ec9SKyle Evans /******************/ 79*f0865ec9SKyle Evans 80*f0865ec9SKyle Evans static const u8 x25519_WEI25519_2_our_priv_key[] = { 81*f0865ec9SKyle Evans 0x75, 0x1f, 0xb4, 0x30, 0x86, 0x55, 0xb4, 0x76, 0xb6, 0x78, 0x9b, 0x73, 0x25, 0xf9, 0xea, 0x8c, 0xdd, 0xd1, 0x6a, 0x58, 0x53, 0x3f, 0xf6, 0xd9, 0xe6, 0x00, 0x09, 0x46, 0x4a, 0x5f, 0x9d, 0x94, 82*f0865ec9SKyle Evans }; 83*f0865ec9SKyle Evans 84*f0865ec9SKyle Evans static const u8 x25519_WEI25519_2_peer_pub_key[] = { 85*f0865ec9SKyle Evans 0x0b, 0xe7, 0xc1, 0xf5, 0xaa, 0xd8, 0x7d, 0x7e, 0x44, 0x86, 0x62, 0x67, 0x32, 0x98, 0xa4, 0x43, 0x47, 0x8b, 0x85, 0x97, 0x45, 0x17, 0x9e, 0xaf, 0x56, 0x4c, 0x79, 0xc0, 0xef, 0x6e, 0xee, 0x25, 86*f0865ec9SKyle Evans }; 87*f0865ec9SKyle Evans 88*f0865ec9SKyle Evans static const u8 x25519_WEI25519_2_our_pub_key[] = { 89*f0865ec9SKyle Evans 0x48, 0xd5, 0xdd, 0xd4, 0x06, 0x12, 0x57, 0xba, 0x16, 0x6f, 0xa3, 0xf9, 0xbb, 0xdb, 0x74, 0xf1, 0xa4, 0xe8, 0x1c, 0x08, 0x93, 0x84, 0xfa, 0x77, 0xf7, 0x90, 0x70, 0x9f, 0x0d, 0xfb, 0xc7, 0x66, 90*f0865ec9SKyle Evans }; 91*f0865ec9SKyle Evans 92*f0865ec9SKyle Evans static const u8 x25519_WEI25519_2_shared_secret[] = { 93*f0865ec9SKyle Evans 0xc7, 0x49, 0x50, 0x60, 0x7a, 0x12, 0x32, 0x7f, 0x32, 0x04, 0xd9, 0x4b, 0x68, 0x25, 0xbf, 0xb0, 0x68, 0xb7, 0xf8, 0x31, 0x9a, 0x9e, 0x37, 0x08, 0xed, 0x3d, 0x43, 0xce, 0x81, 0x30, 0xc9, 0x50, 94*f0865ec9SKyle Evans }; 95*f0865ec9SKyle Evans 96*f0865ec9SKyle Evans static const ecdh_test_case x25519_WEI25519_2_test_case = { 97*f0865ec9SKyle Evans .name = "X25519/WEI25519 2", 98*f0865ec9SKyle Evans .ecdh_type = X25519, 99*f0865ec9SKyle Evans .ec_str_p = &wei25519_str_params, 100*f0865ec9SKyle Evans .our_priv_key = x25519_WEI25519_2_our_priv_key, 101*f0865ec9SKyle Evans .our_priv_key_len = sizeof(x25519_WEI25519_2_our_priv_key), 102*f0865ec9SKyle Evans .peer_pub_key = x25519_WEI25519_2_peer_pub_key, 103*f0865ec9SKyle Evans .peer_pub_key_len = sizeof(x25519_WEI25519_2_peer_pub_key), 104*f0865ec9SKyle Evans .exp_our_pub_key = x25519_WEI25519_2_our_pub_key, 105*f0865ec9SKyle Evans .exp_our_pub_key_len = sizeof(x25519_WEI25519_2_our_pub_key), 106*f0865ec9SKyle Evans .exp_shared_secret = x25519_WEI25519_2_shared_secret, 107*f0865ec9SKyle Evans .exp_shared_secret_len = sizeof(x25519_WEI25519_2_shared_secret), 108*f0865ec9SKyle Evans }; 109*f0865ec9SKyle Evans 110*f0865ec9SKyle Evans /******************/ 111*f0865ec9SKyle Evans 112*f0865ec9SKyle Evans static const u8 x25519_WEI25519_3_our_priv_key[] = { 113*f0865ec9SKyle Evans 0x0a, 0x54, 0x64, 0x52, 0x53, 0x29, 0x0d, 0x60, 0xdd, 0xad, 0xd0, 0xe0, 0x30, 0xba, 0xcd, 0x9e, 0x55, 0x01, 0xef, 0xdc, 0x22, 0x07, 0x55, 0xa1, 0xe9, 0x78, 0xf1, 0xb8, 0x39, 0xa0, 0x56, 0x88, 114*f0865ec9SKyle Evans }; 115*f0865ec9SKyle Evans 116*f0865ec9SKyle Evans static const u8 x25519_WEI25519_3_peer_pub_key[] = { 117*f0865ec9SKyle Evans 0x48, 0xd5, 0xdd, 0xd4, 0x06, 0x12, 0x57, 0xba, 0x16, 0x6f, 0xa3, 0xf9, 0xbb, 0xdb, 0x74, 0xf1, 0xa4, 0xe8, 0x1c, 0x08, 0x93, 0x84, 0xfa, 0x77, 0xf7, 0x90, 0x70, 0x9f, 0x0d, 0xfb, 0xc7, 0x66, 118*f0865ec9SKyle Evans }; 119*f0865ec9SKyle Evans 120*f0865ec9SKyle Evans static const u8 x25519_WEI25519_3_our_pub_key[] = { 121*f0865ec9SKyle Evans 0x0b, 0xe7, 0xc1, 0xf5, 0xaa, 0xd8, 0x7d, 0x7e, 0x44, 0x86, 0x62, 0x67, 0x32, 0x98, 0xa4, 0x43, 0x47, 0x8b, 0x85, 0x97, 0x45, 0x17, 0x9e, 0xaf, 0x56, 0x4c, 0x79, 0xc0, 0xef, 0x6e, 0xee, 0x25, 122*f0865ec9SKyle Evans }; 123*f0865ec9SKyle Evans 124*f0865ec9SKyle Evans static const u8 x25519_WEI25519_3_shared_secret[] = { 125*f0865ec9SKyle Evans 0xc7, 0x49, 0x50, 0x60, 0x7a, 0x12, 0x32, 0x7f, 0x32, 0x04, 0xd9, 0x4b, 0x68, 0x25, 0xbf, 0xb0, 0x68, 0xb7, 0xf8, 0x31, 0x9a, 0x9e, 0x37, 0x08, 0xed, 0x3d, 0x43, 0xce, 0x81, 0x30, 0xc9, 0x50, 126*f0865ec9SKyle Evans }; 127*f0865ec9SKyle Evans 128*f0865ec9SKyle Evans static const ecdh_test_case x25519_WEI25519_3_test_case = { 129*f0865ec9SKyle Evans .name = "X25519/WEI25519 3", 130*f0865ec9SKyle Evans .ecdh_type = X25519, 131*f0865ec9SKyle Evans .ec_str_p = &wei25519_str_params, 132*f0865ec9SKyle Evans .our_priv_key = x25519_WEI25519_3_our_priv_key, 133*f0865ec9SKyle Evans .our_priv_key_len = sizeof(x25519_WEI25519_3_our_priv_key), 134*f0865ec9SKyle Evans .peer_pub_key = x25519_WEI25519_3_peer_pub_key, 135*f0865ec9SKyle Evans .peer_pub_key_len = sizeof(x25519_WEI25519_3_peer_pub_key), 136*f0865ec9SKyle Evans .exp_our_pub_key = x25519_WEI25519_3_our_pub_key, 137*f0865ec9SKyle Evans .exp_our_pub_key_len = sizeof(x25519_WEI25519_3_our_pub_key), 138*f0865ec9SKyle Evans .exp_shared_secret = x25519_WEI25519_3_shared_secret, 139*f0865ec9SKyle Evans .exp_shared_secret_len = sizeof(x25519_WEI25519_3_shared_secret), 140*f0865ec9SKyle Evans }; 141*f0865ec9SKyle Evans 142*f0865ec9SKyle Evans #endif 143