1 /*
2  * Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 
8 #ifndef EC_EDW_LOCAL_H_H
9 #define EC_EDW_LOCAL_H_H
10 
11 #include "cc_pal_types.h"
12 #include "cc_pka_defs_hw.h"
13 #include "cc_ec_edw_api.h"
14 
15 #ifdef __cplusplus
16 extern "C" {
17 #endif
18 
19 /*!
20 @file
21 @brief This file contains the  APIs used for EC MONT (Montgomery Curve25519) algorithms.
22 
23 @note  Algorithms of Montgomery and Edwards elliptic curves cryptography are developed by
24        Daniel.J.Bernstein and described in SW library "NaCl" (Networking and
25        Cryptographic Library).
26 */
27 
28 
29 /******************************************************************************/
30 /**          EC Montgomery domain APIs:                                       */
31 /******************************************************************************/
32 
33 /*!< EC Edwards curve domain structure type:
34      Elliptic curve over prime fild GFp: x^2 + y^2 = 1 + d*x^2*y^2 */
35 typedef struct {
36         /*----   Common parameters for Mont-Edw curves ----*/
37         /*!< EC prime modulus P */
38         uint32_t ecModP[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
39         /*!< modulus size in bits */
40         uint32_t ecModSizeInBits;
41         /*!< modulus size in words */
42         uint32_t ecModSizeInWords;
43         /*!< EC generator G aff. coordinate X */
44         uint32_t ecGenX[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
45         /*!< EC generator G aff. coordinate Y */
46         uint32_t ecGenY[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
47         /*!< EC generator order.  */
48         uint32_t ecOrdN[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
49         /*!< EC generator order size in bits */
50         uint32_t ecOrdSizeInBits;
51         /*!< EC generator order size in words */
52         uint32_t ecOrdSizeInWords;
53         /*!< EC generator order's cofactor */
54         uint32_t ecOrdCofactor;
55         /*!< EC equation parameter D */
56         uint32_t ecParamD[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
57 
58         /*!< EC generator G proective coordinates:
59              X=ecGenX, Y=ecGenY, Z = 1, T=X*Y = ecGenT */
60         uint32_t ecGenT[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
61 
62         /*!< Precalculated cordinates (s,d,p,mp) of EC points G,4G,8G,16G */
63         /* used only in special scal.mult */
64         uint32_t sg[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
65         uint32_t dg[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
66         uint32_t pg[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
67         uint32_t mpg[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
68         /* used in both scal.mult */
69         uint32_t sg2[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
70         uint32_t dg2[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
71         uint32_t pg2[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
72         uint32_t mpg2[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
73         uint32_t sg4[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
74         uint32_t dg4[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
75         uint32_t pg4[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
76         uint32_t mpg4[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
77         /* used only in special scal.mult */
78         uint32_t sg8[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
79         uint32_t dg8[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
80         uint32_t pg8[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
81         uint32_t mpg8[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
82         uint32_t sg16[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
83         uint32_t dg16[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
84         uint32_t pg16[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
85         uint32_t mpg16[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
86         /*!< Modified cordinates (X,Y,Z=1,T) of precalculated EC points 2G, 4G, 32G */
87         /* used only in common scal.mult */
88         uint32_t xg2[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
89         uint32_t yg2[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
90         uint32_t tg2[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
91         uint32_t xg4[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
92         uint32_t yg4[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
93         uint32_t tg4[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
94         /* used only in special scal.mult */
95         uint32_t xg32[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
96         uint32_t yg32[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
97         uint32_t tg32[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
98 
99         /*!< EC auxiliary value  d2 = 2*d */
100         uint32_t ecAuxValD2[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
101         /*!< EC auxiliary value  q58 = = (P - 5)/8 */
102         uint32_t ecAuxValQ58[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
103         /*!< EC auxiliary value sqrt_1 = square_root(-1) */
104         uint32_t ecAuxValSqrt_1[CC_EC_MONT_EDW_MODULUS_MAX_SIZE_IN_WORDS];
105         /*!< Barrett tag for EC modulus */
106         uint32_t ecModBarrTag[CC_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS];
107         /*!< Barrett tag for EC generator order */
108         uint32_t ecOrdBarrTag[CC_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS];
109         /*!< masks for bits setting in scalar multiplication LS/MS words */
110         uint32_t scalarLsWordAndValue;
111         uint32_t scalarMsWordAndValue;
112         uint32_t scalarMsWordOrValue;
113 
114 } CCEcEdwDomain_t;
115 
116 
117 /******************************************************************************/
118 /******************************************************************************/
119 
120 const CCEcEdwDomain_t *EcEdwGetDomain25519(void);  /*!< The function returns pointer to EC Edwards domain 25519. */
121 
122 
123 #ifdef __cplusplus
124 }
125 #endif
126 
127 #endif
128 
129 
130 
131