1 /*
2 * Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #include "cc_pal_types.h"
8 #include "cc_ec_mont_api.h"
9 #include "ec_mont_local.h"
10
11
12 /*!
13 @file
14 @brief The file contains Curve25519 domain parameters and get-function.
15 */
16
17
18 /* EC Montgomery curve domain structure type:
19 Elliptic curve: y^2 = x^3 + Ax^2 + x over prime fild GFp
20 typedef struct {
21
22 // EC prime modulus P
23 uint32_t ecModP[CC_ECMONT_EDW_MODULUS_MAX_SIZE_IN_BYTES];
24 // modulus size in bits
25 uint32 ecModSizeInBits;
26 uint32_t ecModSizeInBits;
27 // EC generator coordinates X, Y
28 uint32_t ecGenX[CC_ECMONT_EDW_MODULUS_MAX_SIZE_IN_BYTES];
29 uint32_t ecGenY[CC_ECMONT_EDW_MODULUS_MAX_SIZE_IN_BYTES];
30 // EC generator order
31 uint32_t ecOrdN[CC_ECMONT_EDW_MODULUS_MAX_SIZE_IN_BYTES];
32 // EC generator order size in bits
33 uint32_t ecOrdSizeInBits;
34 uint32_t ecOrdSizeInWords;
35 // EC generator order's cofactor
36 uint32_t ecOrdCofactor;
37 // EC equation parameter; (A+2)/4 - for Curve25519
38 uint32_t ecParam[CC_ECMONT_EDW_MODULUS_MAX_SIZE_IN_BYTES];
39 // Barrett tags for EC modulus and generator order
40 uint32_t ecModBarrTag[CC_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS];
41 uint32_t ecOrdBarrTag[CC_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS];
42 // parameters for bits setting in scalar multiplication LS/MS words
43 uint32_t scalarLsWordAndValue;
44 uint32_t scalarMsWordAndValue;
45 uint32_t scalarMsWordOrValue;
46 // EC Domain ID - enum
47 CCEcMontDomainId_t domainId;
48 // EC Domain name
49 int8_t name[20];
50
51 } CCEcEdwDomain_t;
52 */
53
54
55 /*!> EC Montgomery curve25519 domain parameters. *
56 * The data is in little endian order of words: LS-Word is most left one */
57 static const CCEcMontDomain_t EcMontDomainCurve25519 = {
58 /* Prime modulus P = (2^255 - 19) = *
59 * 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFED */
60 {0xffffffed,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0x7fffffff},
61 /* modulus size in bits and words */
62 255, 8,
63 /* EC generator G coordinate: X = 0x9 */
64 {0x00000009},
65 /* EC generator G coordinate: Y= *
66 * 0x20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9 */
67 {0x7eced3d9,0x29e9c5a2,0x6d7c61b2,0x923d4d7e,0x7748d14c,0xe01edd2c,0xb8a086b4,0x20ae19a1},
68 /* EC_MONT generator order with cofactor 8: *
69 * 0x1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED */
70 {0x5cf5d3ed,0x5812631a,0xa2f79cd6,0x14def9de,0x00000000,0x00000000,0x00000000,0x10000000},
71 253, 8, /* EC_MONT generator order size in bits and IN words */
72 8, /* EC order cofactor */
73 {0x0001db42}, /* parameter (a+2)/4 = 0x1DB42 */
74
75 /*---------------------------------------------------*/
76 /*Barrett tags for EC modulus and order */
77 #ifdef CC_SUPPORT_PKA_64_16
78 {0x00000000,0x00000000,0x00000080}, /*0x800000000000000000 - for modulus*/
79 {0xFFFFFFFF,0xFFFFFFFF,0x0000003F}, /*0x3FFFFFFFFFFFFFFFFF - for EC order*/
80 #else // CC_SUPPORT_PKA_128_32
81 {0x00000000,0x00000000,0x00000000,0x00000000,0x00000080}, /*0x8000000000000000000000000000000000 - for modulus*/
82 {0x000003FF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFFFF,0xFFFFFAC8}, /*0x3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFAC8 - for EC order*/
83 #endif
84 CC_EC_MONT_DOMAIN_CURVE_25519, /* EC Domain Identifier - enum */
85 "Curve25519", /* EC Domain name */
86 /* scalar bit setting parameters */
87 0xF8, /* SCALAR_LSB_AND_VALUE (248)*/
88 0x7F, /* SCALAR_MSB_AND_VALUE (127)*/
89 0x40 /* SCALAR_MSB_OR_VALUE (64)*/
90 };
91
92 /*!<
93 @brief the function returns the domain pointer if the domain is supported for the product,
94 otherwise return NULL
95 @return return domain pointer or NULL
96
97 */
EcMontGetCurve25519Domain(void)98 const CCEcMontDomain_t *EcMontGetCurve25519Domain(void)
99 {
100 return &EcMontDomainCurve25519;
101 }
102
103
