1 /**************************************************************************//**
2 * @file crypto.c
3 * @version V1.10
4 * @brief Cryptographic Accelerator driver source file
5 *
6 * @copyright SPDX-License-Identifier: Apache-2.0
7 * @copyright Copyright (C) 2017-2020 Nuvoton Technology Corp. All rights reserved.
8 *****************************************************************************/
9
10 #include <stdio.h>
11 #include <string.h>
12 #include "M2351.h"
13
14 #define ENABLE_DEBUG 0
15 #define XOM_SUPPORT 0
16
17 #if ENABLE_DEBUG
18 #define CRPT_DBGMSG printf
19 #else
20 #define CRPT_DBGMSG(...) do { } while (0) /* disable debug */
21 #endif
22
23 #if defined(__ICCARM__)
24 # pragma diag_suppress=Pm073, Pm143 /* Misra C rule 14.7 */
25 #endif
26
27
28 /** @addtogroup Standard_Driver Standard Driver
29 @{
30 */
31
32 /** @addtogroup CRYPTO_Driver CRYPTO Driver
33 @{
34 */
35
36
37 /** @addtogroup CRYPTO_EXPORTED_FUNCTIONS CRYPTO Exported Functions
38 @{
39 */
40
41 /* // @cond HIDDEN_SYMBOLS */
42
43 static uint32_t g_AES_CTL[4];
44 static uint32_t g_TDES_CTL[4];
45
46 static char hex_char_tbl[] = "0123456789abcdef";
47
48 static void dump_ecc_reg(char *str, uint32_t volatile regs[], int32_t count);
49 static char get_Nth_nibble_char(uint32_t val32, uint32_t idx);
50 static void Hex2Reg(char input[], uint32_t volatile reg[]);
51 static void Reg2Hex(int32_t count, uint32_t volatile reg[], char output[]);
52 static char ch2hex(char ch);
53 static void Hex2RegEx(char input[], uint32_t volatile reg[], int shift);
54 static int get_nibble_value(char c);
55
56 /* // @endcond HIDDEN_SYMBOLS */
57
58 /**
59 * @brief Open PRNG function
60 * @param[in] crpt The pointer of CRYPTO module
61 * @param[in] u32KeySize it is PRNG key size, including:
62 * - \ref PRNG_KEY_SIZE_64
63 * - \ref PRNG_KEY_SIZE_128
64 * - \ref PRNG_KEY_SIZE_192
65 * - \ref PRNG_KEY_SIZE_256
66 * @param[in] u32SeedReload is PRNG seed reload or not, including:
67 * - \ref PRNG_SEED_CONT
68 * - \ref PRNG_SEED_RELOAD
69 * @param[in] u32Seed The new seed. Only valid when u32SeedReload is PRNG_SEED_RELOAD.
70 * @return None
71 */
PRNG_Open(CRPT_T * crpt,uint32_t u32KeySize,uint32_t u32SeedReload,uint32_t u32Seed)72 void PRNG_Open(CRPT_T *crpt, uint32_t u32KeySize, uint32_t u32SeedReload, uint32_t u32Seed)
73 {
74 if(u32SeedReload)
75 {
76 crpt->PRNG_SEED = u32Seed;
77 }
78
79 crpt->PRNG_CTL = (u32KeySize << CRPT_PRNG_CTL_KEYSZ_Pos) |
80 (u32SeedReload << CRPT_PRNG_CTL_SEEDRLD_Pos);
81 }
82
83 /**
84 * @brief Start to generate one PRNG key.
85 * @param[in] crpt The pointer of CRYPTO module
86 * @return None
87 */
PRNG_Start(CRPT_T * crpt)88 void PRNG_Start(CRPT_T *crpt)
89 {
90 crpt->PRNG_CTL |= CRPT_PRNG_CTL_START_Msk;
91 }
92
93 /**
94 * @brief Read the PRNG key.
95 * @param[in] crpt The pointer of CRYPTO module
96 * @param[out] u32RandKey The key buffer to store newly generated PRNG key.
97 * @return None
98 */
PRNG_Read(CRPT_T * crpt,uint32_t u32RandKey[])99 void PRNG_Read(CRPT_T *crpt, uint32_t u32RandKey[])
100 {
101 uint32_t i, wcnt;
102
103 wcnt = (((crpt->PRNG_CTL & CRPT_PRNG_CTL_KEYSZ_Msk) >> CRPT_PRNG_CTL_KEYSZ_Pos) + 1U) * 2U;
104
105 for(i = 0U; i < wcnt; i++)
106 {
107 u32RandKey[i] = crpt->PRNG_KEY[i];
108 }
109
110 crpt->PRNG_CTL &= ~CRPT_PRNG_CTL_SEEDRLD_Msk;
111 }
112
113
114 /**
115 * @brief Open AES encrypt/decrypt function.
116 * @param[in] crpt The pointer of CRYPTO module
117 * @param[in] u32Channel AES channel. Must be 0~3.
118 * @param[in] u32EncDec 1: AES encode; 0: AES decode
119 * @param[in] u32OpMode AES operation mode, including:
120 * - \ref AES_MODE_ECB
121 * - \ref AES_MODE_CBC
122 * - \ref AES_MODE_CFB
123 * - \ref AES_MODE_OFB
124 * - \ref AES_MODE_CTR
125 * - \ref AES_MODE_CBC_CS1
126 * - \ref AES_MODE_CBC_CS2
127 * - \ref AES_MODE_CBC_CS3
128 * @param[in] u32KeySize is AES key size, including:
129 * - \ref AES_KEY_SIZE_128
130 * - \ref AES_KEY_SIZE_192
131 * - \ref AES_KEY_SIZE_256
132 * @param[in] u32SwapType is AES input/output data swap control, including:
133 * - \ref AES_NO_SWAP
134 * - \ref AES_OUT_SWAP
135 * - \ref AES_IN_SWAP
136 * - \ref AES_IN_OUT_SWAP
137 * @return None
138 */
AES_Open(CRPT_T * crpt,uint32_t u32Channel,uint32_t u32EncDec,uint32_t u32OpMode,uint32_t u32KeySize,uint32_t u32SwapType)139 void AES_Open(CRPT_T *crpt, uint32_t u32Channel, uint32_t u32EncDec,
140 uint32_t u32OpMode, uint32_t u32KeySize, uint32_t u32SwapType)
141 {
142 crpt->AES_CTL = (u32Channel << CRPT_AES_CTL_CHANNEL_Pos) |
143 (u32EncDec << CRPT_AES_CTL_ENCRPT_Pos) |
144 (u32OpMode << CRPT_AES_CTL_OPMODE_Pos) |
145 (u32KeySize << CRPT_AES_CTL_KEYSZ_Pos) |
146 (u32SwapType << CRPT_AES_CTL_OUTSWAP_Pos);
147 g_AES_CTL[u32Channel] = crpt->AES_CTL;
148 }
149
150 /**
151 * @brief Start AES encrypt/decrypt
152 * @param[in] crpt The pointer of CRYPTO module
153 * @param[in] u32Channel AES channel. Must be 0~3.
154 * @param[in] u32DMAMode AES DMA control, including:
155 * - \ref CRYPTO_DMA_ONE_SHOT One shop AES encrypt/decrypt.
156 * - \ref CRYPTO_DMA_CONTINUE Continuous AES encrypt/decrypt.
157 * - \ref CRYPTO_DMA_LAST Last AES encrypt/decrypt of a series of AES_Start.
158 * @return None
159 */
AES_Start(CRPT_T * crpt,int32_t u32Channel,uint32_t u32DMAMode)160 void AES_Start(CRPT_T *crpt, int32_t u32Channel, uint32_t u32DMAMode)
161 {
162 crpt->AES_CTL = g_AES_CTL[u32Channel];
163 crpt->AES_CTL |= CRPT_AES_CTL_START_Msk | (u32DMAMode << CRPT_AES_CTL_DMALAST_Pos);
164 }
165
166 /**
167 * @brief Set AES keys
168 * @param[in] crpt The pointer of CRYPTO module
169 * @param[in] u32Channel AES channel. Must be 0~3.
170 * @param[in] au32Keys An word array contains AES keys.
171 * @param[in] u32KeySize is AES key size, including:
172 * - \ref AES_KEY_SIZE_128
173 * - \ref AES_KEY_SIZE_192
174 * - \ref AES_KEY_SIZE_256
175 * @return None
176 */
AES_SetKey(CRPT_T * crpt,uint32_t u32Channel,uint32_t au32Keys[],uint32_t u32KeySize)177 void AES_SetKey(CRPT_T *crpt, uint32_t u32Channel, uint32_t au32Keys[], uint32_t u32KeySize)
178 {
179 uint32_t i, wcnt, key_reg_addr;
180
181 key_reg_addr = (uint32_t)&crpt->AES0_KEY[0] + (u32Channel * 0x3CUL);
182 wcnt = 4UL + u32KeySize * 2UL;
183
184 for(i = 0U; i < wcnt; i++)
185 {
186 outpw(key_reg_addr, au32Keys[i]);
187 key_reg_addr += 4UL;
188 }
189 }
190
191 /**
192 * @brief Set AES initial vectors
193 * @param[in] crpt The pointer of CRYPTO module
194 * @param[in] u32Channel AES channel. Must be 0~3.
195 * @param[in] au32IV A four entry word array contains AES initial vectors.
196 * @return None
197 */
AES_SetInitVect(CRPT_T * crpt,uint32_t u32Channel,uint32_t au32IV[])198 void AES_SetInitVect(CRPT_T *crpt, uint32_t u32Channel, uint32_t au32IV[])
199 {
200 uint32_t i, key_reg_addr;
201
202 key_reg_addr = (uint32_t)&crpt->AES0_IV[0] + (u32Channel * 0x3CUL);
203
204 for(i = 0U; i < 4U; i++)
205 {
206 outpw(key_reg_addr, au32IV[i]);
207 key_reg_addr += 4UL;
208 }
209 }
210
211 /**
212 * @brief Set AES DMA transfer configuration.
213 * @param[in] crpt The pointer of CRYPTO module
214 * @param[in] u32Channel AES channel. Must be 0~3.
215 * @param[in] u32SrcAddr AES DMA source address
216 * @param[in] u32DstAddr AES DMA destination address
217 * @param[in] u32TransCnt AES DMA transfer byte count
218 * @return None
219 */
AES_SetDMATransfer(CRPT_T * crpt,uint32_t u32Channel,uint32_t u32SrcAddr,uint32_t u32DstAddr,uint32_t u32TransCnt)220 void AES_SetDMATransfer(CRPT_T *crpt, uint32_t u32Channel, uint32_t u32SrcAddr,
221 uint32_t u32DstAddr, uint32_t u32TransCnt)
222 {
223 uint32_t reg_addr;
224
225 reg_addr = (uint32_t)&crpt->AES0_SADDR + (u32Channel * 0x3CUL);
226 outpw(reg_addr, u32SrcAddr);
227
228 reg_addr = (uint32_t)&crpt->AES0_DADDR + (u32Channel * 0x3CUL);
229 outpw(reg_addr, u32DstAddr);
230
231 reg_addr = (uint32_t)&crpt->AES0_CNT + (u32Channel * 0x3CUL);
232 outpw(reg_addr, u32TransCnt);
233 }
234
235 /**
236 * @brief Open TDES encrypt/decrypt function.
237 * @param[in] crpt The pointer of CRYPTO module
238 * @param[in] u32Channel TDES channel. Must be 0~3.
239 * @param[in] u32EncDec 1: TDES encode; 0: TDES decode
240 * @param[in] Is3DES 1: TDES; 0: DES
241 * @param[in] Is3Key 1: TDES 3 key mode; 0: TDES 2 key mode
242 * @param[in] u32OpMode TDES operation mode, including:
243 * - \ref TDES_MODE_ECB
244 * - \ref TDES_MODE_CBC
245 * - \ref TDES_MODE_CFB
246 * - \ref TDES_MODE_OFB
247 * - \ref TDES_MODE_CTR
248 * @param[in] u32SwapType is TDES input/output data swap control and word swap control, including:
249 * - \ref TDES_NO_SWAP
250 * - \ref TDES_WHL_SWAP
251 * - \ref TDES_OUT_SWAP
252 * - \ref TDES_OUT_WHL_SWAP
253 * - \ref TDES_IN_SWAP
254 * - \ref TDES_IN_WHL_SWAP
255 * - \ref TDES_IN_OUT_SWAP
256 * - \ref TDES_IN_OUT_WHL_SWAP
257 * @return None
258 */
TDES_Open(CRPT_T * crpt,uint32_t u32Channel,uint32_t u32EncDec,int32_t Is3DES,int32_t Is3Key,uint32_t u32OpMode,uint32_t u32SwapType)259 void TDES_Open(CRPT_T *crpt, uint32_t u32Channel, uint32_t u32EncDec, int32_t Is3DES, int32_t Is3Key,
260 uint32_t u32OpMode, uint32_t u32SwapType)
261 {
262 (void)crpt;
263 g_TDES_CTL[u32Channel] = (u32Channel << CRPT_TDES_CTL_CHANNEL_Pos) |
264 (u32EncDec << CRPT_TDES_CTL_ENCRPT_Pos) |
265 u32OpMode | (u32SwapType << CRPT_TDES_CTL_BLKSWAP_Pos);
266 if(Is3DES)
267 {
268 g_TDES_CTL[u32Channel] |= CRPT_TDES_CTL_TMODE_Msk;
269 }
270 if(Is3Key)
271 {
272 g_TDES_CTL[u32Channel] |= CRPT_TDES_CTL_3KEYS_Msk;
273 }
274 }
275
276 /**
277 * @brief Start TDES encrypt/decrypt
278 * @param[in] crpt The pointer of CRYPTO module
279 * @param[in] u32Channel TDES channel. Must be 0~3.
280 * @param[in] u32DMAMode TDES DMA control, including:
281 * - \ref CRYPTO_DMA_ONE_SHOT One shop TDES encrypt/decrypt.
282 * - \ref CRYPTO_DMA_CONTINUE Continuous TDES encrypt/decrypt.
283 * - \ref CRYPTO_DMA_LAST Last TDES encrypt/decrypt of a series of TDES_Start.
284 * @return None
285 */
TDES_Start(CRPT_T * crpt,int32_t u32Channel,uint32_t u32DMAMode)286 void TDES_Start(CRPT_T *crpt, int32_t u32Channel, uint32_t u32DMAMode)
287 {
288 g_TDES_CTL[u32Channel] |= CRPT_TDES_CTL_START_Msk | (u32DMAMode << CRPT_TDES_CTL_DMALAST_Pos);
289 crpt->TDES_CTL = g_TDES_CTL[u32Channel];
290 }
291
292 /**
293 * @brief Set TDES keys
294 * @param[in] crpt The pointer of CRYPTO module
295 * @param[in] u32Channel TDES channel. Must be 0~3.
296 * @param[in] au32Keys The TDES keys. au32Keys[0][0] is Key0 high word and au32Keys[0][1] is key0 low word.
297 * @return None
298 */
TDES_SetKey(CRPT_T * crpt,uint32_t u32Channel,uint32_t au32Keys[3][2])299 void TDES_SetKey(CRPT_T *crpt, uint32_t u32Channel, uint32_t au32Keys[3][2])
300 {
301 uint32_t i, reg_addr;
302
303 reg_addr = (uint32_t)&crpt->TDES0_KEY1H + (0x40UL * u32Channel);
304
305 for(i = 0U; i < 3U; i++)
306 {
307 outpw(reg_addr, au32Keys[i][0]); /* TDESn_KEYxH */
308 reg_addr += 4UL;
309 outpw(reg_addr, au32Keys[i][1]); /* TDESn_KEYxL */
310 reg_addr += 4UL;
311 }
312 }
313
314 /**
315 * @brief Set TDES initial vectors
316 * @param[in] crpt The pointer of CRYPTO module
317 * @param[in] u32Channel TDES channel. Must be 0~3.
318 * @param[in] u32IVH TDES initial vector high word.
319 * @param[in] u32IVL TDES initial vector low word.
320 * @return None
321 */
TDES_SetInitVect(CRPT_T * crpt,uint32_t u32Channel,uint32_t u32IVH,uint32_t u32IVL)322 void TDES_SetInitVect(CRPT_T *crpt, uint32_t u32Channel, uint32_t u32IVH, uint32_t u32IVL)
323 {
324 uint32_t reg_addr;
325
326 reg_addr = (uint32_t)&crpt->TDES0_IVH + (u32Channel * 0x40UL);
327 outpw(reg_addr, u32IVH);
328
329 reg_addr = (uint32_t)&crpt->TDES0_IVL + (u32Channel * 0x40UL);
330 outpw(reg_addr, u32IVL);
331 }
332
333 /**
334 * @brief Set TDES DMA transfer configuration.
335 * @param[in] crpt The pointer of CRYPTO module
336 * @param[in] u32Channel TDES channel. Must be 0~3.
337 * @param[in] u32SrcAddr TDES DMA source address
338 * @param[in] u32DstAddr TDES DMA destination address
339 * @param[in] u32TransCnt TDES DMA transfer byte count
340 * @return None
341 */
TDES_SetDMATransfer(CRPT_T * crpt,uint32_t u32Channel,uint32_t u32SrcAddr,uint32_t u32DstAddr,uint32_t u32TransCnt)342 void TDES_SetDMATransfer(CRPT_T *crpt, uint32_t u32Channel, uint32_t u32SrcAddr,
343 uint32_t u32DstAddr, uint32_t u32TransCnt)
344 {
345 uint32_t reg_addr;
346
347 reg_addr = (uint32_t)&crpt->TDES0_SADDR + (u32Channel * 0x40UL);
348 outpw(reg_addr, u32SrcAddr);
349
350 reg_addr = (uint32_t)&crpt->TDES0_DADDR + (u32Channel * 0x40UL);
351 outpw(reg_addr, u32DstAddr);
352
353 reg_addr = (uint32_t)&crpt->TDES0_CNT + (u32Channel * 0x40UL);
354 outpw(reg_addr, u32TransCnt);
355 }
356
357 /**
358 * @brief Open SHA encrypt function.
359 * @param[in] crpt The pointer of CRYPTO module
360 * @param[in] u32OpMode SHA operation mode, including:
361 * - \ref SHA_MODE_SHA1
362 * - \ref SHA_MODE_SHA224
363 * - \ref SHA_MODE_SHA256
364 * @param[in] u32SwapType is SHA input/output data swap control, including:
365 * - \ref SHA_NO_SWAP
366 * - \ref SHA_OUT_SWAP
367 * - \ref SHA_IN_SWAP
368 * - \ref SHA_IN_OUT_SWAP
369 * @param[in] hmac_key_len HMAC key byte count
370 * @return None
371 */
SHA_Open(CRPT_T * crpt,uint32_t u32OpMode,uint32_t u32SwapType,uint32_t hmac_key_len)372 void SHA_Open(CRPT_T *crpt, uint32_t u32OpMode, uint32_t u32SwapType, uint32_t hmac_key_len)
373 {
374 crpt->HMAC_CTL = (u32OpMode << CRPT_HMAC_CTL_OPMODE_Pos) |
375 (u32SwapType << CRPT_HMAC_CTL_OUTSWAP_Pos);
376
377 if(hmac_key_len != 0UL)
378 {
379 crpt->HMAC_KEYCNT = hmac_key_len;
380 }
381 }
382
383 /**
384 * @brief Start SHA encrypt
385 * @param[in] crpt The pointer of CRYPTO module
386 * @param[in] u32DMAMode TDES DMA control, including:
387 * - \ref CRYPTO_DMA_ONE_SHOT One shop SHA encrypt.
388 * - \ref CRYPTO_DMA_CONTINUE Continuous SHA encrypt.
389 * - \ref CRYPTO_DMA_LAST Last SHA encrypt of a series of SHA_Start.
390 * @return None
391 */
SHA_Start(CRPT_T * crpt,uint32_t u32DMAMode)392 void SHA_Start(CRPT_T *crpt, uint32_t u32DMAMode)
393 {
394 crpt->HMAC_CTL &= ~(0x7UL << CRPT_HMAC_CTL_DMALAST_Pos);
395 crpt->HMAC_CTL |= CRPT_HMAC_CTL_START_Msk | (u32DMAMode << CRPT_HMAC_CTL_DMALAST_Pos);
396 }
397
398 /**
399 * @brief Set SHA DMA transfer
400 * @param[in] crpt The pointer of CRYPTO module
401 * @param[in] u32SrcAddr SHA DMA source address
402 * @param[in] u32TransCnt SHA DMA transfer byte count
403 * @return None
404 */
SHA_SetDMATransfer(CRPT_T * crpt,uint32_t u32SrcAddr,uint32_t u32TransCnt)405 void SHA_SetDMATransfer(CRPT_T *crpt, uint32_t u32SrcAddr, uint32_t u32TransCnt)
406 {
407 crpt->HMAC_SADDR = u32SrcAddr;
408 crpt->HMAC_DMACNT = u32TransCnt;
409 }
410
411 /**
412 * @brief Read the SHA digest.
413 * @param[in] crpt The pointer of CRYPTO module
414 * @param[out] u32Digest The SHA encrypt output digest.
415 * @return None
416 */
SHA_Read(CRPT_T * crpt,uint32_t u32Digest[])417 void SHA_Read(CRPT_T *crpt, uint32_t u32Digest[])
418 {
419 uint32_t i, wcnt, reg_addr;
420
421 i = (crpt->HMAC_CTL & CRPT_HMAC_CTL_OPMODE_Msk) >> CRPT_HMAC_CTL_OPMODE_Pos;
422
423 if(i == SHA_MODE_SHA1)
424 {
425 wcnt = 5UL;
426 }
427 else if(i == SHA_MODE_SHA224)
428 {
429 wcnt = 7UL;
430 }
431 else if(i == SHA_MODE_SHA256)
432 {
433 wcnt = 8UL;
434 }
435 else if(i == SHA_MODE_SHA384)
436 {
437 wcnt = 12UL;
438 }
439 else
440 {
441 /* SHA_MODE_SHA512 */
442 wcnt = 16UL;
443 }
444
445 reg_addr = (uint32_t) & (crpt->HMAC_DGST[0]);
446 for(i = 0UL; i < wcnt; i++)
447 {
448 u32Digest[i] = inpw(reg_addr);
449 reg_addr += 4UL;
450 }
451 }
452
453
454 /*-----------------------------------------------------------------------------------------------*/
455 /* */
456 /* ECC */
457 /* */
458 /*-----------------------------------------------------------------------------------------------*/
459
460 #define ECCOP_POINT_MUL (0x0UL << CRPT_ECC_CTL_ECCOP_Pos)
461 #define ECCOP_MODULE (0x1UL << CRPT_ECC_CTL_ECCOP_Pos)
462 #define ECCOP_POINT_ADD (0x2UL << CRPT_ECC_CTL_ECCOP_Pos)
463 #define ECCOP_POINT_DOUBLE (0x0UL << CRPT_ECC_CTL_ECCOP_Pos)
464
465 #define MODOP_DIV (0x0UL << CRPT_ECC_CTL_MODOP_Pos)
466 #define MODOP_MUL (0x1UL << CRPT_ECC_CTL_MODOP_Pos)
467 #define MODOP_ADD (0x2UL << CRPT_ECC_CTL_MODOP_Pos)
468 #define MODOP_SUB (0x3UL << CRPT_ECC_CTL_MODOP_Pos)
469
470 enum
471 {
472 CURVE_GF_P,
473 CURVE_GF_2M,
474 };
475
476 /*-----------------------------------------------------*/
477 /* Define elliptic curve (EC): */
478 /*-----------------------------------------------------*/
479 #if !XOM_SUPPORT // Replace with XOM ready curve table
480 static const ECC_CURVE _Curve[] =
481 {
482 {
483 /* NIST: Curve P-192 : y^2=x^3-ax+b (mod p) */
484 CURVE_P_192,
485 48, /* Echar */
486 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", /* "000000000000000000000000000000000000000000000003" */
487 "64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1",
488 "188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012",
489 "07192b95ffc8da78631011ed6b24cdd573f977a11e794811",
490 58, /* Epl */
491 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", /* "6277101735386680763835789423207666416083908700390324961279" */
492 58, /* Eol */
493 "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831", /* "6277101735386680763835789423176059013767194773182842284081" */
494 192, /* key_len */
495 7,
496 2,
497 1,
498 CURVE_GF_P
499 },
500 {
501 /* NIST: Curve P-224 : y^2=x^3-ax+b (mod p) */
502 CURVE_P_224,
503 56, /* Echar */
504 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", /* "00000000000000000000000000000000000000000000000000000003" */
505 "b4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4",
506 "b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21",
507 "bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34",
508 70, /* Epl */
509 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* "0026959946667150639794667015087019630673557916260026308143510066298881" */
510 70, /* Eol */
511 "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", /* "0026959946667150639794667015087019625940457807714424391721682722368061" */
512 224, /* key_len */
513 9,
514 8,
515 3,
516 CURVE_GF_P
517 },
518 {
519 /* NIST: Curve P-256 : y^2=x^3-ax+b (mod p) */
520 CURVE_P_256,
521 64, /* Echar */
522 "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", /* "0000000000000000000000000000000000000000000000000000000000000003" */
523 "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b",
524 "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
525 "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5",
526 78, /* Epl */
527 "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", /* "115792089210356248762697446949407573530086143415290314195533631308867097853951" */
528 78, /* Eol */
529 "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", /* "115792089210356248762697446949407573529996955224135760342422259061068512044369" */
530 256, /* key_len */
531 10,
532 5,
533 2,
534 CURVE_GF_P
535 },
536 {
537 /* NIST: Curve P-384 : y^2=x^3-ax+b (mod p) */
538 CURVE_P_384,
539 96, /* Echar */
540 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC", /* "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003" */
541 "b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef",
542 "aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7",
543 "3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f",
544 116, /* Epl */
545 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", /* "39402006196394479212279040100143613805079739270465446667948293404245721771496870329047266088258938001861606973112319" */
546 116, /* Eol */
547 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", /* "39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942643" */
548 384, /* key_len */
549 12,
550 3,
551 2,
552 CURVE_GF_P
553 },
554 {
555 /* NIST: Curve P-521 : y^2=x^3-ax+b (mod p)*/
556 CURVE_P_521,
557 131, /* Echar */
558 "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", /* "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003" */
559 "051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00",
560 "0c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66",
561 "11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650",
562 157, /* Epl */
563 "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", /* "6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057151" */
564 157, /* Eol */
565 "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", /* "6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005449" */
566 521, /* key_len */
567 32,
568 32,
569 32,
570 CURVE_GF_P
571 },
572 {
573 /* NIST: Curve B-163 : y^2+xy=x^3+ax^2+b */
574 CURVE_B_163,
575 41, /* Echar */
576 "00000000000000000000000000000000000000001",
577 "20a601907b8c953ca1481eb10512f78744a3205fd",
578 "3f0eba16286a2d57ea0991168d4994637e8343e36",
579 "0d51fbc6c71a0094fa2cdd545b11c5c0c797324f1",
580 68, /* Epl */
581 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* "26959946667150639794667015087019630673557916260026308143510066298881" */
582 49, /* Eol */
583 "40000000000000000000292FE77E70C12A4234C33", /* "5846006549323611672814742442876390689256843201587" */
584 163, /* key_len */
585 7,
586 6,
587 3,
588 CURVE_GF_2M
589 },
590 {
591 /* NIST: Curve B-233 : y^2+xy=x^3+ax^2+b */
592 CURVE_B_233,
593 59, /* Echar 59 */
594 "00000000000000000000000000000000000000000000000000000000001",
595 "066647ede6c332c7f8c0923bb58213b333b20e9ce4281fe115f7d8f90ad",
596 "0fac9dfcbac8313bb2139f1bb755fef65bc391f8b36f8f8eb7371fd558b",
597 "1006a08a41903350678e58528bebf8a0beff867a7ca36716f7e01f81052",
598 68, /* Epl */
599 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* "26959946667150639794667015087019630673557916260026308143510066298881" */
600 70, /* Eol */
601 "1000000000000000000000000000013E974E72F8A6922031D2603CFE0D7", /* "6901746346790563787434755862277025555839812737345013555379383634485463" */
602 233, /* key_len */
603 74,
604 74,
605 74,
606 CURVE_GF_2M
607 },
608 {
609 /* NIST: Curve B-283 : y^2+xy=x^3+ax^2+b */
610 CURVE_B_283,
611 71, /* Echar */
612 "00000000000000000000000000000000000000000000000000000000000000000000001",
613 "27b680ac8b8596da5a4af8a19a0303fca97fd7645309fa2a581485af6263e313b79a2f5",
614 "5f939258db7dd90e1934f8c70b0dfec2eed25b8557eac9c80e2e198f8cdbecd86b12053",
615 "3676854fe24141cb98fe6d4b20d02b4516ff702350eddb0826779c813f0df45be8112f4",
616 68, /* Epl */
617 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* "26959946667150639794667015087019630673557916260026308143510066298881" */
618 85, /* Eol */
619 "3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307", /* "7770675568902916283677847627294075626569625924376904889109196526770044277787378692871" */
620 283, /* key_len */
621 12,
622 7,
623 5,
624 CURVE_GF_2M
625 },
626 {
627 /* NIST: Curve B-409 : y^2+xy=x^3+ax^2+b */
628 CURVE_B_409,
629 103, /* Echar */
630 "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
631 "021a5c2c8ee9feb5c4b9a753b7b476b7fd6422ef1f3dd674761fa99d6ac27c8a9a197b272822f6cd57a55aa4f50ae317b13545f",
632 "15d4860d088ddb3496b0c6064756260441cde4af1771d4db01ffe5b34e59703dc255a868a1180515603aeab60794e54bb7996a7",
633 "061b1cfab6be5f32bbfa78324ed106a7636b9c5a7bd198d0158aa4f5488d08f38514f1fdf4b4f40d2181b3681c364ba0273c706",
634 68, /* Epl */
635 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* "26959946667150639794667015087019630673557916260026308143510066298881" */
636 123, /* Eol */
637 "10000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173", /* "661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526771" */
638 409, /* key_len */
639 87,
640 87,
641 87,
642 CURVE_GF_2M
643 },
644 {
645 /* NIST: Curve B-571 : y^2+xy=x^3+ax^2+b */
646 CURVE_B_571,
647 143, /* Echar */
648 "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
649 "2f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a",
650 "303001d34b856296c16c0d40d3cd7750a93d1d2955fa80aa5f40fc8db7b2abdbde53950f4c0d293cdd711a35b67fb1499ae60038614f1394abfa3b4c850d927e1e7769c8eec2d19",
651 "37bf27342da639b6dccfffeb73d69d78c6c27a6009cbbca1980f8533921e8a684423e43bab08a576291af8f461bb2a8b3531d2f0485c19b16e2f1516e23dd3c1a4827af1b8ac15b",
652 68, /* Epl */
653 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* "26959946667150639794667015087019630673557916260026308143510066298881" */
654 172, /* Eol */
655 "3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47", /* "3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285703" */
656 571, /* key_len */
657 10,
658 5,
659 2,
660 CURVE_GF_2M
661 },
662 {
663 /* NIST: Curve K-163 : y^2+xy=x^3+ax^2+b */
664 CURVE_K_163,
665 41, /* Echar */
666 "00000000000000000000000000000000000000001",
667 "00000000000000000000000000000000000000001",
668 "2fe13c0537bbc11acaa07d793de4e6d5e5c94eee8",
669 "289070fb05d38ff58321f2e800536d538ccdaa3d9",
670 68, /* Epl */
671 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* "26959946667150639794667015087019630673557916260026308143510066298881" */
672 49, /* Eol */
673 "4000000000000000000020108A2E0CC0D99F8A5EF", /* "5846006549323611672814741753598448348329118574063" */
674 163, /* key_len */
675 7,
676 6,
677 3,
678 CURVE_GF_2M
679 },
680 {
681 /* NIST: Curve K-233 : y^2+xy=x^3+ax^2+b */
682 CURVE_K_233,
683 59, /* Echar 59 */
684 "00000000000000000000000000000000000000000000000000000000000",
685 "00000000000000000000000000000000000000000000000000000000001",
686 "17232ba853a7e731af129f22ff4149563a419c26bf50a4c9d6eefad6126",
687 "1db537dece819b7f70f555a67c427a8cd9bf18aeb9b56e0c11056fae6a3",
688 68, /* Epl */
689 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* "26959946667150639794667015087019630673557916260026308143510066298881" */
690 70, /* Eol */
691 "8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF", /* "3450873173395281893717377931138512760570940988862252126328087024741343" */
692 233, /* key_len */
693 74,
694 74,
695 74,
696 CURVE_GF_2M
697 },
698 {
699 /* NIST: Curve K-283 : y^2+xy=x^3+ax^2+b */
700 CURVE_K_283,
701 71, /* Echar */
702 "00000000000000000000000000000000000000000000000000000000000000000000000",
703 "00000000000000000000000000000000000000000000000000000000000000000000001",
704 "503213f78ca44883f1a3b8162f188e553cd265f23c1567a16876913b0c2ac2458492836",
705 "1ccda380f1c9e318d90f95d07e5426fe87e45c0e8184698e45962364e34116177dd2259",
706 68, /* Epl */
707 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* "26959946667150639794667015087019630673557916260026308143510066298881" */
708 85, /* Eol */
709 "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61", /* "3885337784451458141838923813647037813284811733793061324295874997529815829704422603873" */
710 283, /* key_len */
711 12,
712 7,
713 5,
714 CURVE_GF_2M
715 },
716 {
717 /* NIST: Curve K-409 : y^2+xy=x^3+ax^2+b */
718 CURVE_K_409,
719 103, /* Echar */
720 "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
721 "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
722 "060f05f658f49c1ad3ab1890f7184210efd0987e307c84c27accfb8f9f67cc2c460189eb5aaaa62ee222eb1b35540cfe9023746",
723 "1e369050b7c4e42acba1dacbf04299c3460782f918ea427e6325165e9ea10e3da5f6c42e9c55215aa9ca27a5863ec48d8e0286b",
724 68, /* Epl */
725 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* "26959946667150639794667015087019630673557916260026308143510066298881" */
726 123, /* Eol */
727 "7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF", /* "330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358671" */
728 409, /* key_len */
729 87,
730 87,
731 87,
732 CURVE_GF_2M
733 },
734 {
735 /* NIST: Curve K-571 : y^2+xy=x^3+ax^2+b */
736 CURVE_K_571,
737 143, /* Echar */
738 "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
739 "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
740 "26eb7a859923fbc82189631f8103fe4ac9ca2970012d5d46024804801841ca44370958493b205e647da304db4ceb08cbbd1ba39494776fb988b47174dca88c7e2945283a01c8972",
741 "349dc807f4fbf374f4aeade3bca95314dd58cec9f307a54ffc61efc006d8a2c9d4979c0ac44aea74fbebbb9f772aedcb620b01a7ba7af1b320430c8591984f601cd4c143ef1c7a3",
742 68, /* Epl */
743 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* "26959946667150639794667015087019630673557916260026308143510066298881" */
744 172, /* Eol */
745 "20000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001", /* "1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276673" */
746 571, /* key_len */
747 10,
748 5,
749 2,
750 CURVE_GF_2M
751 },
752 };
753 #endif
754
755
756 static ECC_CURVE *pCurve;
757 static ECC_CURVE Curve_Copy;
758
759 static ECC_CURVE * get_curve(E_ECC_CURVE ecc_curve);
760 static int32_t ecc_init_curve(CRPT_T *crpt, E_ECC_CURVE ecc_curve);
761 static void run_ecc_codec(CRPT_T *crpt, uint32_t mode);
762
763 static char temp_hex_str[160];
764
765 static volatile uint32_t g_ECC_done, g_ECCERR_done;
766
ECC_DriverISR(CRPT_T * crpt)767 void ECC_DriverISR(CRPT_T *crpt)
768 {
769 if(crpt->INTSTS & CRPT_INTSTS_ECCIF_Msk)
770 {
771 g_ECC_done = 1UL;
772 crpt->INTSTS = CRPT_INTSTS_ECCIF_Msk;
773 /* printf("ECC done IRQ.\n"); */
774 }
775
776 if(crpt->INTSTS & CRPT_INTSTS_ECCEIF_Msk)
777 {
778 g_ECCERR_done = 1UL;
779 crpt->INTSTS = CRPT_INTSTS_ECCEIF_Msk;
780 /* printf("ECCERRIF is set!!\n"); */
781 }
782 }
783
784
785 #if ENABLE_DEBUG
dump_ecc_reg(char * str,uint32_t volatile regs[],int32_t count)786 static void dump_ecc_reg(char *str, uint32_t volatile regs[], int32_t count)
787 {
788 int32_t i;
789
790 printf("%s => ", str);
791 for(i = 0; i < count; i++)
792 {
793 printf("0x%08x ", regs[i]);
794 }
795 printf("\n");
796 }
797 #else
dump_ecc_reg(char * str,uint32_t volatile regs[],int32_t count)798 static void dump_ecc_reg(char *str, uint32_t volatile regs[], int32_t count) { (void)str; (void)regs; (void)count; }
799 #endif
ch2hex(char ch)800 static char ch2hex(char ch)
801 {
802 if(ch <= '9')
803 {
804 return ch - '0';
805 }
806 else if((ch <= 'z') && (ch >= 'a'))
807 {
808 return ch - 'a' + 10U;
809 }
810 else
811 {
812 return ch - 'A' + 10U;
813 }
814 }
815
Hex2Reg(char input[],uint32_t volatile reg[])816 static void Hex2Reg(char input[], uint32_t volatile reg[])
817 {
818 char hex;
819 int si, ri;
820 uint32_t i, val32;
821
822 si = (int)strlen(input) - 1;
823 ri = 0;
824
825 while(si >= 0)
826 {
827 val32 = 0UL;
828 for(i = 0UL; (i < 8UL) && (si >= 0); i++)
829 {
830 hex = ch2hex(input[si]);
831 val32 |= (uint32_t)hex << (i * 4UL);
832 si--;
833 }
834 reg[ri++] = val32;
835 }
836 }
837
Hex2RegEx(char input[],uint32_t volatile reg[],int shift)838 static void Hex2RegEx(char input[], uint32_t volatile reg[], int shift)
839 {
840 uint32_t hex, carry;
841 int si, ri;
842 uint32_t i, val32;
843
844 si = (int)strlen(input) - 1;
845 ri = 0;
846 carry = 0U;
847 while(si >= 0)
848 {
849 val32 = 0UL;
850 for(i = 0UL; (i < 8UL) && (si >= 0); i++)
851 {
852 hex = (uint32_t)ch2hex(input[si]);
853 hex <<= shift;
854
855 val32 |= (uint32_t)((hex & 0xFU) | carry) << (i * 4UL);
856 carry = (hex >> 4) & 0xFU;
857 si--;
858 }
859 reg[ri++] = val32;
860 }
861 if(carry != 0U)
862 {
863 reg[ri] = carry;
864 }
865 }
866
867 /**
868 * @brief Extract specified nibble from an unsigned word in character format.
869 * For example:
870 * Suppose val32 is 0x786543210, get_Nth_nibble_char(val32, 3) will return a '3'.
871 * @param[in] val32 The input unsigned word
872 * @param[in] idx The Nth nibble to be extracted.
873 * @return The nibble in character format.
874 */
get_Nth_nibble_char(uint32_t val32,uint32_t idx)875 static char get_Nth_nibble_char(uint32_t val32, uint32_t idx)
876 {
877 return hex_char_tbl[(val32 >> (idx * 4U)) & 0xfU ];
878 }
879
880
Reg2Hex(int32_t count,uint32_t volatile reg[],char output[])881 static void Reg2Hex(int32_t count, uint32_t volatile reg[], char output[])
882 {
883 int32_t idx, ri;
884 uint32_t i;
885
886 output[count] = 0U;
887 idx = count - 1;
888
889 for(ri = 0; idx >= 0; ri++)
890 {
891 for(i = 0UL; (i < 8UL) && (idx >= 0); i++)
892 {
893 output[idx] = get_Nth_nibble_char(reg[ri], i);
894 idx--;
895 }
896 }
897 }
898
ecc_init_curve(CRPT_T * crpt,E_ECC_CURVE ecc_curve)899 static int32_t ecc_init_curve(CRPT_T *crpt, E_ECC_CURVE ecc_curve)
900 {
901 int32_t i, ret = 0;
902
903 pCurve = get_curve(ecc_curve);
904 if(pCurve == NULL)
905 {
906 CRPT_DBGMSG("Cannot find curve %d!!\n", ecc_curve);
907 ret = -1;
908 }
909
910 if(ret == 0)
911 {
912 for(i = 0; i < 18; i++)
913 {
914 crpt->ECC_A[i] = 0UL;
915 crpt->ECC_B[i] = 0UL;
916 crpt->ECC_X1[i] = 0UL;
917 crpt->ECC_Y1[i] = 0UL;
918 crpt->ECC_N[i] = 0UL;
919 }
920
921 Hex2Reg(pCurve->Ea, crpt->ECC_A);
922 Hex2Reg(pCurve->Eb, crpt->ECC_B);
923 Hex2Reg(pCurve->Px, crpt->ECC_X1);
924 Hex2Reg(pCurve->Py, crpt->ECC_Y1);
925
926 CRPT_DBGMSG("Key length = %d\n", pCurve->key_len);
927 dump_ecc_reg("CRPT_ECC_CURVE_A", crpt->ECC_A, 10);
928 dump_ecc_reg("CRPT_ECC_CURVE_B", crpt->ECC_B, 10);
929 dump_ecc_reg("CRPT_ECC_POINT_X1", crpt->ECC_X1, 10);
930 dump_ecc_reg("CRPT_ECC_POINT_Y1", crpt->ECC_Y1, 10);
931
932 if(pCurve->GF == (int)CURVE_GF_2M)
933 {
934 crpt->ECC_N[0] = 0x1UL;
935 crpt->ECC_N[(pCurve->key_len) / 32] |= (1UL << ((pCurve->key_len) % 32));
936 crpt->ECC_N[(pCurve->irreducible_k1) / 32] |= (1UL << ((pCurve->irreducible_k1) % 32));
937 crpt->ECC_N[(pCurve->irreducible_k2) / 32] |= (1UL << ((pCurve->irreducible_k2) % 32));
938 crpt->ECC_N[(pCurve->irreducible_k3) / 32] |= (1UL << ((pCurve->irreducible_k3) % 32));
939 }
940 else
941 {
942 Hex2Reg(pCurve->Pp, crpt->ECC_N);
943 }
944 }
945 dump_ecc_reg("CRPT_ECC_CURVE_N", crpt->ECC_N, 10);
946 return ret;
947 }
948
949
get_nibble_value(char c)950 static int get_nibble_value(char c)
951 {
952 char ch;
953
954 if((c >= '0') && (c <= '9'))
955 {
956 ch = '0';
957 return ((int)c - (int)ch);
958 }
959
960 if((c >= 'a') && (c <= 'f'))
961 {
962 ch = 'a';
963 return ((int)c - (int)ch + 10);
964 }
965
966 if((c >= 'A') && (c <= 'F'))
967 {
968 ch = 'A';
969 return ((int)c - (int)ch + 10);
970 }
971 return 0;
972 }
973
974
975 /**
976 * @brief Check if the private key is located in valid range of curve.
977 * @param[in] crpt The pointer of CRYPTO module
978 * @param[in] ecc_curve The pre-defined ECC curve.
979 * @param[in] private_k The input private key.
980 * @return 1 Is valid.
981 * @return 0 Is not valid.
982 * @return -1 Invalid curve.
983 */
ECC_IsPrivateKeyValid(CRPT_T * crpt,E_ECC_CURVE ecc_curve,char private_k[])984 int ECC_IsPrivateKeyValid(CRPT_T *crpt, E_ECC_CURVE ecc_curve, char private_k[])
985 {
986 uint32_t i;
987
988 (void)crpt;
989 pCurve = get_curve(ecc_curve);
990 if(pCurve == NULL)
991 {
992 return -1;
993 }
994
995 if(strlen(private_k) < strlen(pCurve->Eorder))
996 {
997 return 1;
998 }
999
1000 if(strlen(private_k) > strlen(pCurve->Eorder))
1001 {
1002 return 0;
1003 }
1004
1005 for(i = 0U; i < strlen(private_k); i++)
1006 {
1007 if(get_nibble_value(private_k[i]) < get_nibble_value(pCurve->Eorder[i]))
1008 {
1009 return 1;
1010 }
1011
1012 if(get_nibble_value(private_k[i]) > get_nibble_value(pCurve->Eorder[i]))
1013 {
1014 return 0;
1015 }
1016 }
1017 return 0;
1018 }
1019
1020
1021 /**
1022 * @brief Given a private key and curve to generate the public key pair.
1023 * @param[in] crpt The pointer of CRYPTO module
1024 * @param[in] private_k The input private key.
1025 * @param[in] ecc_curve The pre-defined ECC curve.
1026 * @param[out] public_k1 The output publick key 1.
1027 * @param[out] public_k2 The output publick key 2.
1028 * @return 0 Success.
1029 * @return -1 "ecc_curve" value is invalid.
1030 */
ECC_GeneratePublicKey(CRPT_T * crpt,E_ECC_CURVE ecc_curve,char * private_k,char public_k1[],char public_k2[])1031 int32_t ECC_GeneratePublicKey(CRPT_T *crpt, E_ECC_CURVE ecc_curve, char *private_k, char public_k1[], char public_k2[])
1032 {
1033 int32_t ret = 0, i;
1034 uint32_t u32Tmp;
1035
1036 if(ecc_init_curve(crpt, ecc_curve) != 0)
1037 {
1038 ret = -1;
1039 }
1040
1041 if(ret == 0)
1042 {
1043 for(i = 0; i < 18; i++)
1044 {
1045 crpt->ECC_K[i] = 0UL;
1046 }
1047
1048 Hex2Reg(private_k, crpt->ECC_K);
1049
1050 /* set FSEL (Field selection) */
1051 if(pCurve->GF == (int)CURVE_GF_2M)
1052 {
1053 crpt->ECC_CTL = 0UL;
1054 }
1055 else /* CURVE_GF_P */
1056 {
1057 crpt->ECC_CTL = CRPT_ECC_CTL_FSEL_Msk;
1058 }
1059
1060 g_ECC_done = g_ECCERR_done = 0UL;
1061 crpt->ECC_CTL |= ((uint32_t)pCurve->key_len << CRPT_ECC_CTL_CURVEM_Pos) |
1062 ECCOP_POINT_MUL | CRPT_ECC_CTL_START_Msk;
1063
1064 do
1065 {
1066 u32Tmp = g_ECC_done;
1067 u32Tmp |= g_ECCERR_done;
1068 }
1069 while(u32Tmp == 0UL);
1070
1071 Reg2Hex(pCurve->Echar, crpt->ECC_X1, public_k1);
1072 Reg2Hex(pCurve->Echar, crpt->ECC_Y1, public_k2);
1073 }
1074
1075 return ret;
1076 }
1077
1078
1079 /**
1080 * @brief Given a curve parameter, the other party's public key, and one's own private key to generate the secret Z.
1081 * @param[in] crpt The pointer of CRYPTO module
1082 * @param[in] ecc_curve The pre-defined ECC curve.
1083 * @param[in] private_k One's own private key.
1084 * @param[in] public_k1 The other party's publick key 1.
1085 * @param[in] public_k2 The other party's publick key 2.
1086 * @param[out] secret_z The ECC CDH secret Z.
1087 * @return 0 Success.
1088 * @return -1 "ecc_curve" value is invalid.
1089 */
ECC_GenerateSecretZ(CRPT_T * crpt,E_ECC_CURVE ecc_curve,char * private_k,char public_k1[],char public_k2[],char secret_z[])1090 int32_t ECC_GenerateSecretZ(CRPT_T *crpt, E_ECC_CURVE ecc_curve, char *private_k, char public_k1[], char public_k2[], char secret_z[])
1091 {
1092 int32_t i, ret = 0;
1093 uint32_t u32Tmp;
1094
1095 if(ecc_init_curve(crpt, ecc_curve) != 0)
1096 {
1097 ret = -1;
1098 }
1099
1100 if(ret == 0)
1101 {
1102 for(i = 0; i < 18; i++)
1103 {
1104 crpt->ECC_K[i] = 0UL;
1105 crpt->ECC_X1[i] = 0UL;
1106 crpt->ECC_Y1[i] = 0UL;
1107 }
1108
1109 if((ecc_curve == CURVE_B_163) || (ecc_curve == CURVE_B_233) || (ecc_curve == CURVE_B_283) ||
1110 (ecc_curve == CURVE_B_409) || (ecc_curve == CURVE_B_571) || (ecc_curve == CURVE_K_163))
1111 {
1112 Hex2RegEx(private_k, crpt->ECC_K, 1);
1113 }
1114 else if((ecc_curve == CURVE_K_233) || (ecc_curve == CURVE_K_283) ||
1115 (ecc_curve == CURVE_K_409) || (ecc_curve == CURVE_K_571))
1116 {
1117 Hex2RegEx(private_k, crpt->ECC_K, 2);
1118 }
1119 else
1120 {
1121 Hex2Reg(private_k, crpt->ECC_K);
1122 }
1123
1124 Hex2Reg(public_k1, crpt->ECC_X1);
1125 Hex2Reg(public_k2, crpt->ECC_Y1);
1126
1127 /* set FSEL (Field selection) */
1128 if(pCurve->GF == (int)CURVE_GF_2M)
1129 {
1130 crpt->ECC_CTL = 0UL;
1131 }
1132 else /* CURVE_GF_P */
1133 {
1134 crpt->ECC_CTL = CRPT_ECC_CTL_FSEL_Msk;
1135 }
1136 g_ECC_done = g_ECCERR_done = 0UL;
1137 crpt->ECC_CTL |= ((uint32_t)pCurve->key_len << CRPT_ECC_CTL_CURVEM_Pos) |
1138 ECCOP_POINT_MUL | CRPT_ECC_CTL_START_Msk;
1139
1140 do
1141 {
1142 u32Tmp = g_ECC_done;
1143 u32Tmp |= g_ECCERR_done;
1144 }
1145 while(u32Tmp == 0UL);
1146
1147 Reg2Hex(pCurve->Echar, crpt->ECC_X1, secret_z);
1148 }
1149
1150 return ret;
1151 }
1152
run_ecc_codec(CRPT_T * crpt,uint32_t mode)1153 static void run_ecc_codec(CRPT_T *crpt, uint32_t mode)
1154 {
1155 uint32_t u32Tmp;
1156
1157 if((mode & CRPT_ECC_CTL_ECCOP_Msk) == ECCOP_MODULE)
1158 {
1159 crpt->ECC_CTL = CRPT_ECC_CTL_FSEL_Msk;
1160 }
1161 else
1162 {
1163 if(pCurve->GF == (int)CURVE_GF_2M)
1164 {
1165 /* point */
1166 crpt->ECC_CTL = 0UL;
1167 }
1168 else
1169 {
1170 /* CURVE_GF_P */
1171 crpt->ECC_CTL = CRPT_ECC_CTL_FSEL_Msk;
1172 }
1173 }
1174
1175 g_ECC_done = g_ECCERR_done = 0UL;
1176 crpt->ECC_CTL |= ((uint32_t)pCurve->key_len << CRPT_ECC_CTL_CURVEM_Pos) | mode | CRPT_ECC_CTL_START_Msk;
1177
1178 do
1179 {
1180 u32Tmp = g_ECC_done;
1181 u32Tmp |= g_ECCERR_done;
1182 }
1183 while(u32Tmp == 0UL);
1184
1185 while(crpt->ECC_STS & CRPT_ECC_STS_BUSY_Msk) { }
1186 }
1187
1188 /**
1189 * @brief ECDSA digital signature generation.
1190 * @param[in] crpt The pointer of CRYPTO module
1191 * @param[in] ecc_curve The pre-defined ECC curve.
1192 * @param[in] message The hash value of source context.
1193 * @param[in] d The private key.
1194 * @param[in] k The selected random integer.
1195 * @param[out] R R of the (R,S) pair digital signature
1196 * @param[out] S S of the (R,S) pair digital signature
1197 * @return 0 Success.
1198 * @return -1 "ecc_curve" value is invalid.
1199 */
ECC_GenerateSignature(CRPT_T * crpt,E_ECC_CURVE ecc_curve,char * message,char * d,char * k,char * R,char * S)1200 int32_t ECC_GenerateSignature(CRPT_T *crpt, E_ECC_CURVE ecc_curve, char *message,
1201 char *d, char *k, char *R, char *S)
1202 {
1203 uint32_t volatile temp_result1[18], temp_result2[18];
1204 int32_t i, ret = 0;
1205
1206 if(ecc_init_curve(crpt, ecc_curve) != 0)
1207 {
1208 ret = -1;
1209 }
1210
1211 if(ret == 0)
1212 {
1213
1214 /*
1215 * 1. Calculate e = HASH(m), where HASH is a cryptographic hashing algorithm, (i.e. SHA-1)
1216 * (1) Use SHA to calculate e
1217 */
1218
1219 /* 2. Select a random integer k form [1, n-1]
1220 * (1) Notice that n is order, not prime modulus or irreducible polynomial function
1221 */
1222
1223 /*
1224 * 3. Compute r = x1 (mod n), where (x1, y1) = k * G. If r = 0, go to step 2
1225 * (1) Write the curve parameter A, B, and curve length M to corresponding registers
1226 * (2) Write the prime modulus or irreducible polynomial function to N registers according
1227 * (3) Write the point G(x, y) to X1, Y1 registers
1228 * (4) Write the random integer k to K register
1229 * (5) Set ECCOP(CRPT_ECC_CTL[10:9]) to 00
1230 * (6) Set FSEL(CRPT_ECC_CTL[8]) according to used curve of prime field or binary field
1231 * (7) Set START(CRPT_ECC_CTL[0]) to 1
1232 * (8) Wait for BUSY(CRPT_ECC_STS[0]) be cleared
1233 * (9) Write the curve order and curve length to N ,M registers according
1234 * (10) Write 0x0 to Y1 registers
1235 * (11) Set ECCOP(CRPT_ECC_CTL[10:9]) to 01
1236 * (12) Set MOPOP(CRPT_ECC_CTL[12:11]) to 10
1237 * (13) Set START(CRPT_ECC_CTL[0]) to 1 *
1238 * (14) Wait for BUSY(CRPT_ECC_STS[0]) be cleared
1239 * (15) Read X1 registers to get r
1240 */
1241
1242 /* 3-(4) Write the random integer k to K register */
1243 for(i = 0; i < 18; i++)
1244 {
1245 crpt->ECC_K[i] = 0UL;
1246 }
1247 Hex2Reg(k, crpt->ECC_K);
1248
1249 run_ecc_codec(crpt, ECCOP_POINT_MUL);
1250
1251 /* 3-(9) Write the curve order to N registers */
1252 for(i = 0; i < 18; i++)
1253 {
1254 crpt->ECC_N[i] = 0UL;
1255 }
1256 Hex2Reg(pCurve->Eorder, crpt->ECC_N);
1257
1258 /* 3-(10) Write 0x0 to Y1 registers */
1259 for(i = 0; i < 18; i++)
1260 {
1261 crpt->ECC_Y1[i] = 0UL;
1262 }
1263
1264 run_ecc_codec(crpt, ECCOP_MODULE | MODOP_ADD);
1265
1266 /* 3-(15) Read X1 registers to get r */
1267 for(i = 0; i < 18; i++)
1268 {
1269 temp_result1[i] = crpt->ECC_X1[i];
1270 }
1271
1272 Reg2Hex(pCurve->Echar, temp_result1, R);
1273
1274 /*
1275 * 4. Compute s = k ? 1 �� (e + d �� r)(mod n). If s = 0, go to step 2
1276 * (1) Write the curve order to N registers according
1277 * (2) Write 0x1 to Y1 registers
1278 * (3) Write the random integer k to X1 registers according
1279 * (4) Set ECCOP(CRPT_ECC_CTL[10:9]) to 01
1280 * (5) Set MOPOP(CRPT_ECC_CTL[12:11]) to 00
1281 * (6) Set START(CRPT_ECC_CTL[0]) to 1
1282 * (7) Wait for BUSY(CRPT_ECC_STS[0]) be cleared
1283 * (8) Read X1 registers to get k^-1
1284 * (9) Write the curve order and curve length to N ,M registers
1285 * (10) Write r, d to X1, Y1 registers
1286 * (11) Set ECCOP(CRPT_ECC_CTL[10:9]) to 01
1287 * (12) Set MOPOP(CRPT_ECC_CTL[12:11]) to 01
1288 * (13) Set START(CRPT_ECC_CTL[0]) to 1
1289 * (14) Wait for BUSY(CRPT_ECC_STS[0]) be cleared
1290 * (15) Write the curve order to N registers
1291 * (16) Write e to Y1 registers
1292 * (17) Set ECCOP(CRPT_ECC_CTL[10:9]) to 01
1293 * (18) Set MOPOP(CRPT_ECC_CTL[12:11]) to 10
1294 * (19) Set START(CRPT_ECC_CTL[0]) to 1
1295 * (20) Wait for BUSY(CRPT_ECC_STS[0]) be cleared
1296 * (21) Write the curve order and curve length to N ,M registers
1297 * (22) Write k^-1 to Y1 registers
1298 * (23) Set ECCOP(CRPT_ECC_CTL[10:9]) to 01
1299 * (24) Set MOPOP(CRPT_ECC_CTL[12:11]) to 01
1300 * (25) Set START(CRPT_ECC_CTL[0]) to 1
1301 * (26) Wait for BUSY(CRPT_ECC_STS[0]) be cleared
1302 * (27) Read X1 registers to get s
1303 */
1304
1305 /* S/W: GFp_add_mod_order(pCurve->key_len+2, 0, x1, a, R); */
1306
1307 /* 4-(1) Write the curve order to N registers */
1308 for(i = 0; i < 18; i++)
1309 {
1310 crpt->ECC_N[i] = 0UL;
1311 }
1312 Hex2Reg(pCurve->Eorder, crpt->ECC_N);
1313
1314 /* 4-(2) Write 0x1 to Y1 registers */
1315 for(i = 0; i < 18; i++)
1316 {
1317 crpt->ECC_Y1[i] = 0UL;
1318 }
1319 crpt->ECC_Y1[0] = 0x1UL;
1320
1321 /* 4-(3) Write the random integer k to X1 registers */
1322 for(i = 0; i < 18; i++)
1323 {
1324 crpt->ECC_X1[i] = 0UL;
1325 }
1326 Hex2Reg(k, crpt->ECC_X1);
1327
1328 run_ecc_codec(crpt, ECCOP_MODULE | MODOP_DIV);
1329
1330 #if ENABLE_DEBUG
1331 Reg2Hex(pCurve->Echar, crpt->ECC_X1, temp_hex_str);
1332 CRPT_DBGMSG("(7) output = %s\n", temp_hex_str);
1333 #endif
1334
1335 /* 4-(8) Read X1 registers to get k^-1 */
1336
1337 for(i = 0; i < 18; i++)
1338 {
1339 temp_result2[i] = crpt->ECC_X1[i];
1340 }
1341
1342 #if ENABLE_DEBUG
1343 Reg2Hex(pCurve->Echar, temp_result2, temp_hex_str);
1344 CRPT_DBGMSG("k^-1 = %s\n", temp_hex_str);
1345 #endif
1346
1347 /* 4-(9) Write the curve order and curve length to N ,M registers */
1348 for(i = 0; i < 18; i++)
1349 {
1350 crpt->ECC_N[i] = 0UL;
1351 }
1352 Hex2Reg(pCurve->Eorder, crpt->ECC_N);
1353
1354 /* 4-(10) Write r, d to X1, Y1 registers */
1355 for(i = 0; i < 18; i++)
1356 {
1357 crpt->ECC_X1[i] = temp_result1[i];
1358 }
1359
1360 for(i = 0; i < 18; i++)
1361 {
1362 crpt->ECC_Y1[i] = 0UL;
1363 }
1364 Hex2Reg(d, crpt->ECC_Y1);
1365
1366 run_ecc_codec(crpt, ECCOP_MODULE | MODOP_MUL);
1367
1368 #if ENABLE_DEBUG
1369 Reg2Hex(pCurve->Echar, crpt->ECC_X1, temp_hex_str);
1370 CRPT_DBGMSG("(14) output = %s\n", temp_hex_str);
1371 #endif
1372
1373 /* 4-(15) Write the curve order to N registers */
1374 for(i = 0; i < 18; i++)
1375 {
1376 crpt->ECC_N[i] = 0UL;
1377 }
1378 Hex2Reg(pCurve->Eorder, crpt->ECC_N);
1379
1380 /* 4-(16) Write e to Y1 registers */
1381 for(i = 0; i < 18; i++)
1382 {
1383 crpt->ECC_Y1[i] = 0UL;
1384 }
1385
1386 Hex2Reg(message, crpt->ECC_Y1);
1387
1388 run_ecc_codec(crpt, ECCOP_MODULE | MODOP_ADD);
1389
1390 #if ENABLE_DEBUG
1391 Reg2Hex(pCurve->Echar, crpt->ECC_X1, temp_hex_str);
1392 CRPT_DBGMSG("(20) output = %s\n", temp_hex_str);
1393 #endif
1394
1395 /* 4-(21) Write the curve order and curve length to N ,M registers */
1396 for(i = 0; i < 18; i++)
1397 {
1398 crpt->ECC_N[i] = 0UL;
1399 }
1400 Hex2Reg(pCurve->Eorder, crpt->ECC_N);
1401
1402 /* 4-(22) Write k^-1 to Y1 registers */
1403 for(i = 0; i < 18; i++)
1404 {
1405 crpt->ECC_Y1[i] = temp_result2[i];
1406 }
1407
1408 run_ecc_codec(crpt, ECCOP_MODULE | MODOP_MUL);
1409
1410 /* 4-(27) Read X1 registers to get s */
1411 for(i = 0; i < 18; i++)
1412 {
1413 temp_result2[i] = crpt->ECC_X1[i];
1414 }
1415
1416 Reg2Hex(pCurve->Echar, temp_result2, S);
1417
1418 } /* ret == 0 */
1419
1420 return ret;
1421 }
1422
1423 /**
1424 * @brief ECDSA dogotal signature verification.
1425 * @param[in] crpt The pointer of CRYPTO module
1426 * @param[in] ecc_curve The pre-defined ECC curve.
1427 * @param[in] message The hash value of source context.
1428 * @param[in] public_k1 The public key 1.
1429 * @param[in] public_k2 The public key 2.
1430 * @param[in] R R of the (R,S) pair digital signature
1431 * @param[in] S S of the (R,S) pair digital signature
1432 * @return 0 Success.
1433 * @return -1 "ecc_curve" value is invalid.
1434 * @return -2 Verification failed.
1435 */
ECC_VerifySignature(CRPT_T * crpt,E_ECC_CURVE ecc_curve,char * message,char * public_k1,char * public_k2,char * R,char * S)1436 int32_t ECC_VerifySignature(CRPT_T *crpt, E_ECC_CURVE ecc_curve, char *message,
1437 char *public_k1, char *public_k2, char *R, char *S)
1438 {
1439 uint32_t temp_result1[18], temp_result2[18];
1440 uint32_t temp_x[18], temp_y[18];
1441 int32_t i, ret = 0;
1442
1443 /*
1444 * 1. Verify that r and s are integers in the interval [1, n-1]. If not, the signature is invalid
1445 * 2. Compute e = HASH (m), where HASH is the hashing algorithm in signature generation
1446 * (1) Use SHA to calculate e
1447 */
1448
1449 /*
1450 * 3. Compute w = s^-1 (mod n)
1451 * (1) Write the curve order to N registers
1452 * (2) Write 0x1 to Y1 registers
1453 * (3) Write s to X1 registers
1454 * (4) Set ECCOP(CRPT_ECC_CTL[10:9]) to 01
1455 * (5) Set MOPOP(CRPT_ECC_CTL[12:11]) to 00
1456 * (6) Set FSEL(CRPT_ECC_CTL[8]) according to used curve of prime field or binary field
1457 * (7) Set START(CRPT_ECC_CTL[0]) to 1
1458 * (8) Wait for BUSY(CRPT_ECC_STS[0]) be cleared
1459 * (9) Read X1 registers to get w
1460 */
1461
1462 if(ecc_init_curve(crpt, ecc_curve) != 0)
1463 {
1464 ret = -1;
1465 }
1466
1467 if(ret == 0)
1468 {
1469
1470 /* 3-(1) Write the curve order to N registers */
1471 for(i = 0; i < 18; i++)
1472 {
1473 crpt->ECC_N[i] = 0UL;
1474 }
1475 Hex2Reg(pCurve->Eorder, crpt->ECC_N);
1476
1477 /* 3-(2) Write 0x1 to Y1 registers */
1478 for(i = 0; i < 18; i++)
1479 {
1480 crpt->ECC_Y1[i] = 0UL;
1481 }
1482 crpt->ECC_Y1[0] = 0x1UL;
1483
1484 /* 3-(3) Write s to X1 registers */
1485 for(i = 0; i < 18; i++)
1486 {
1487 CRPT->ECC_X1[i] = 0UL;
1488 }
1489 Hex2Reg(S, crpt->ECC_X1);
1490
1491 run_ecc_codec(crpt, ECCOP_MODULE | MODOP_DIV);
1492
1493 /* 3-(9) Read X1 registers to get w */
1494 for(i = 0; i < 18; i++)
1495 {
1496 temp_result2[i] = crpt->ECC_X1[i];
1497 }
1498
1499 #if ENABLE_DEBUG
1500 CRPT_DBGMSG("e = %s\n", message);
1501 Reg2Hex(pCurve->Echar, temp_result2, temp_hex_str);
1502 CRPT_DBGMSG("w = %s\n", temp_hex_str);
1503 CRPT_DBGMSG("o = %s (order)\n", pCurve->Eorder);
1504 #endif
1505
1506 /*
1507 * 4. Compute u1 = e �� w (mod n) and u2 = r �� w (mod n)
1508 * (1) Write the curve order and curve length to N ,M registers
1509 * (2) Write e, w to X1, Y1 registers
1510 * (3) Set ECCOP(CRPT_ECC_CTL[10:9]) to 01
1511 * (4) Set MOPOP(CRPT_ECC_CTL[12:11]) to 01
1512 * (5) Set START(CRPT_ECC_CTL[0]) to 1
1513 * (6) Wait for BUSY(CRPT_ECC_STS[0]) be cleared
1514 * (7) Read X1 registers to get u1
1515 * (8) Write the curve order and curve length to N ,M registers
1516 * (9) Write r, w to X1, Y1 registers
1517 * (10) Set ECCOP(CRPT_ECC_CTL[10:9]) to 01
1518 * (11) Set MOPOP(CRPT_ECC_CTL[12:11]) to 01
1519 * (12) Set START(CRPT_ECC_CTL[0]) to 1
1520 * (13) Wait for BUSY(CRPT_ECC_STS[0]) be cleared
1521 * (14) Read X1 registers to get u2
1522 */
1523
1524 /* 4-(1) Write the curve order and curve length to N ,M registers */
1525 for(i = 0; i < 18; i++)
1526 {
1527 crpt->ECC_N[i] = 0UL;
1528 }
1529 Hex2Reg(pCurve->Eorder, crpt->ECC_N);
1530
1531 /* 4-(2) Write e, w to X1, Y1 registers */
1532 for(i = 0; i < 18; i++)
1533 {
1534 crpt->ECC_X1[i] = 0UL;
1535 }
1536 Hex2Reg(message, crpt->ECC_X1);
1537
1538 for(i = 0; i < 18; i++)
1539 {
1540 crpt->ECC_Y1[i] = temp_result2[i];
1541 }
1542
1543 run_ecc_codec(crpt, ECCOP_MODULE | MODOP_MUL);
1544
1545 /* 4-(7) Read X1 registers to get u1 */
1546 for(i = 0; i < 18; i++)
1547 {
1548 temp_result1[i] = crpt->ECC_X1[i];
1549 }
1550
1551 #if ENABLE_DEBUG
1552 Reg2Hex(pCurve->Echar, temp_result1, temp_hex_str);
1553 CRPT_DBGMSG("u1 = %s\n", temp_hex_str);
1554 #endif
1555
1556 /* 4-(8) Write the curve order and curve length to N ,M registers */
1557 for(i = 0; i < 18; i++)
1558 {
1559 crpt->ECC_N[i] = 0UL;
1560 }
1561 Hex2Reg(pCurve->Eorder, crpt->ECC_N);
1562
1563 /* 4-(9) Write r, w to X1, Y1 registers */
1564 for(i = 0; i < 18; i++)
1565 {
1566 crpt->ECC_X1[i] = 0UL;
1567 }
1568 Hex2Reg(R, crpt->ECC_X1);
1569
1570 for(i = 0; i < 18; i++)
1571 {
1572 crpt->ECC_Y1[i] = temp_result2[i];
1573 }
1574
1575 run_ecc_codec(crpt, ECCOP_MODULE | MODOP_MUL);
1576
1577 /* 4-(14) Read X1 registers to get u2 */
1578 for(i = 0; i < 18; i++)
1579 {
1580 temp_result2[i] = crpt->ECC_X1[i];
1581 }
1582
1583 #if ENABLE_DEBUG
1584 Reg2Hex(pCurve->Echar, temp_result2, temp_hex_str);
1585 CRPT_DBGMSG("u2 = %s\n", temp_hex_str);
1586 #endif
1587
1588 /*
1589 * 5. Compute X�� (x1��, y1��) = u1 * G + u2 * Q
1590 * (1) Write the curve parameter A, B, N, and curve length M to corresponding registers
1591 * (2) Write the point G(x, y) to X1, Y1 registers
1592 * (3) Write u1 to K registers
1593 * (4) Set ECCOP(CRPT_ECC_CTL[10:9]) to 00
1594 * (5) Set START(CRPT_ECC_CTL[0]) to 1
1595 * (6) Wait for BUSY(CRPT_ECC_STS[0]) be cleared
1596 * (7) Read X1, Y1 registers to get u1*G
1597 * (8) Write the curve parameter A, B, N, and curve length M to corresponding registers
1598 * (9) Write the public key Q(x,y) to X1, Y1 registers
1599 * (10) Write u2 to K registers
1600 * (11) Set ECCOP(CRPT_ECC_CTL[10:9]) to 00
1601 * (12) Set START(CRPT_ECC_CTL[0]) to 1
1602 * (13) Wait for BUSY(CRPT_ECC_STS[0]) be cleared
1603 * (14) Write the curve parameter A, B, N, and curve length M to corresponding registers
1604 * (15) Write the result data u1*G to X2, Y2 registers
1605 * (16) Set ECCOP(CRPT_ECC_CTL[10:9]) to 10
1606 * (17) Set START(CRPT_ECC_CTL[0]) to 1
1607 * (18) Wait for BUSY(CRPT_ECC_STS[0]) be cleared
1608 * (19) Read X1, Y1 registers to get X��(x1��, y1��)
1609 * (20) Write the curve order and curve length to N ,M registers
1610 * (21) Write x1�� to X1 registers
1611 * (22) Write 0x0 to Y1 registers
1612 * (23) Set ECCOP(CRPT_ECC_CTL[10:9]) to 01
1613 * (24) Set MOPOP(CRPT_ECC_CTL[12:11]) to 10
1614 * (25) Set START(CRPT_ECC_CTL[0]) to 1
1615 * (26) Wait for BUSY(CRPT_ECC_STS[0]) be cleared
1616 * (27) Read X1 registers to get x1�� (mod n)
1617 *
1618 * 6. The signature is valid if x1�� = r, otherwise it is invalid
1619 */
1620
1621 /*
1622 * (1) Write the curve parameter A, B, N, and curve length M to corresponding registers
1623 * (2) Write the point G(x, y) to X1, Y1 registers
1624 */
1625 ecc_init_curve(crpt, ecc_curve);
1626
1627 /* (3) Write u1 to K registers */
1628 for(i = 0; i < 18; i++)
1629 {
1630 crpt->ECC_K[i] = temp_result1[i];
1631 }
1632
1633 run_ecc_codec(crpt, ECCOP_POINT_MUL);
1634
1635 /* (7) Read X1, Y1 registers to get u1*G */
1636 for(i = 0; i < 18; i++)
1637 {
1638 temp_x[i] = crpt->ECC_X1[i];
1639 temp_y[i] = crpt->ECC_Y1[i];
1640 }
1641
1642 #if ENABLE_DEBUG
1643 Reg2Hex(pCurve->Echar, temp_x, temp_hex_str);
1644 CRPT_DBGMSG("5-(7) u1*G, x = %s\n", temp_hex_str);
1645 Reg2Hex(pCurve->Echar, temp_y, temp_hex_str);
1646 CRPT_DBGMSG("5-(7) u1*G, y = %s\n", temp_hex_str);
1647 #endif
1648
1649 /* (8) Write the curve parameter A, B, N, and curve length M to corresponding registers */
1650 ecc_init_curve(crpt, ecc_curve);
1651
1652 /* (9) Write the public key Q(x,y) to X1, Y1 registers */
1653 for(i = 0; i < 18; i++)
1654 {
1655 crpt->ECC_X1[i] = 0UL;
1656 crpt->ECC_Y1[i] = 0UL;
1657 }
1658
1659 Hex2Reg(public_k1, crpt->ECC_X1);
1660 Hex2Reg(public_k2, crpt->ECC_Y1);
1661
1662 /* (10) Write u2 to K registers */
1663 for(i = 0; i < 18; i++)
1664 {
1665 crpt->ECC_K[i] = temp_result2[i];
1666 }
1667
1668 run_ecc_codec(crpt, ECCOP_POINT_MUL);
1669
1670 for(i = 0; i < 18; i++)
1671 {
1672 temp_result1[i] = crpt->ECC_X1[i];
1673 temp_result2[i] = crpt->ECC_Y1[i];
1674 }
1675
1676 #if ENABLE_DEBUG
1677 Reg2Hex(pCurve->Echar, temp_result1, temp_hex_str);
1678 CRPT_DBGMSG("5-(13) u2*Q, x = %s\n", temp_hex_str);
1679 Reg2Hex(pCurve->Echar, temp_result2, temp_hex_str);
1680 CRPT_DBGMSG("5-(13) u2*Q, y = %s\n", temp_hex_str);
1681 #endif
1682
1683 /* (14) Write the curve parameter A, B, N, and curve length M to corresponding registers */
1684 ecc_init_curve(crpt, ecc_curve);
1685
1686 /* Write the result data u2*Q to X1, Y1 registers */
1687 for(i = 0; i < 18; i++)
1688 {
1689 crpt->ECC_X1[i] = temp_result1[i];
1690 crpt->ECC_Y1[i] = temp_result2[i];
1691 }
1692
1693 /* (15) Write the result data u1*G to X2, Y2 registers */
1694 for(i = 0; i < 18; i++)
1695 {
1696 crpt->ECC_X2[i] = temp_x[i];
1697 crpt->ECC_Y2[i] = temp_y[i];
1698 }
1699
1700 run_ecc_codec(crpt, ECCOP_POINT_ADD);
1701
1702 /* (19) Read X1, Y1 registers to get X��(x1��, y1��) */
1703 for(i = 0; i < 18; i++)
1704 {
1705 temp_x[i] = crpt->ECC_X1[i];
1706 temp_y[i] = crpt->ECC_Y1[i];
1707 }
1708
1709 #if ENABLE_DEBUG
1710 Reg2Hex(pCurve->Echar, temp_x, temp_hex_str);
1711 CRPT_DBGMSG("5-(19) x' = %s\n", temp_hex_str);
1712 Reg2Hex(pCurve->Echar, temp_y, temp_hex_str);
1713 CRPT_DBGMSG("5-(19) y' = %s\n", temp_hex_str);
1714 #endif
1715
1716 /* (20) Write the curve order and curve length to N ,M registers */
1717 for(i = 0; i < 18; i++)
1718 {
1719 crpt->ECC_N[i] = 0UL;
1720 }
1721 Hex2Reg(pCurve->Eorder, crpt->ECC_N);
1722
1723 /*
1724 * (21) Write x1�� to X1 registers
1725 * (22) Write 0x0 to Y1 registers
1726 */
1727 for(i = 0; i < 18; i++)
1728 {
1729 crpt->ECC_X1[i] = temp_x[i];
1730 crpt->ECC_Y1[i] = 0UL;
1731 }
1732
1733 #if ENABLE_DEBUG
1734 Reg2Hex(pCurve->Echar, crpt->ECC_X1, temp_hex_str);
1735 CRPT_DBGMSG("5-(21) x' = %s\n", temp_hex_str);
1736 Reg2Hex(pCurve->Echar, crpt->ECC_Y1, temp_hex_str);
1737 CRPT_DBGMSG("5-(22) y' = %s\n", temp_hex_str);
1738 #endif
1739
1740 run_ecc_codec(crpt, ECCOP_MODULE | MODOP_ADD);
1741
1742 /* (27) Read X1 registers to get x1�� (mod n) */
1743 Reg2Hex(pCurve->Echar, crpt->ECC_X1, temp_hex_str);
1744 CRPT_DBGMSG("5-(27) x1' (mod n) = %s\n", temp_hex_str);
1745
1746 /* 6. The signature is valid if x1�� = r, otherwise it is invalid */
1747
1748 /* Compare with test pattern to check if r is correct or not */
1749 if(strcasecmp(temp_hex_str, R) != 0)
1750 {
1751 CRPT_DBGMSG("x1' (mod n) != R Test filed!!\n");
1752 CRPT_DBGMSG("Signature R [%s] is not matched with expected R [%s]!\n", temp_hex_str, R);
1753 ret = -2;
1754 }
1755 } /* ret == 0 */
1756
1757 return ret;
1758 }
1759
1760 #if XOM_SUPPORT // To support XOM ready curve table
1761
CurveCpy(unsigned int * p32,E_ECC_CURVE id)1762 static int32_t CurveCpy(unsigned int *p32, E_ECC_CURVE id)
1763 {
1764 int32_t i;
1765
1766 switch(id)
1767 {
1768 case CURVE_P_192:
1769 p32[ 0] = 0x00000000;
1770 p32[ 1] = 0x00000030;
1771 for(i = 2; i <= 8; i++)
1772 p32[i] = 0x46464646;
1773
1774 p32[ 9] = 0x45464646;
1775 p32[ 10] = 0x46464646;
1776 p32[ 11] = 0x46464646;
1777 p32[ 12] = 0x46464646;
1778 p32[ 13] = 0x43464646;
1779 for(i = 14; i <= 37; i++)
1780 p32[i] = 0x00000000;
1781
1782 p32[ 38] = 0x31323436;
1783 p32[ 39] = 0x39313530;
1784 p32[ 40] = 0x63393565;
1785 p32[ 41] = 0x37653038;
1786 p32[ 42] = 0x37616630;
1787 p32[ 43] = 0x62613965;
1788 p32[ 44] = 0x34323237;
1789 p32[ 45] = 0x39343033;
1790 p32[ 46] = 0x38626566;
1791 p32[ 47] = 0x63656564;
1792 p32[ 48] = 0x36343163;
1793 p32[ 49] = 0x31623962;
1794 for(i = 50; i <= 73; i++)
1795 p32[i] = 0x00000000;
1796
1797 p32[ 74] = 0x64383831;
1798 p32[ 75] = 0x65303861;
1799 p32[ 76] = 0x30333062;
1800 p32[ 77] = 0x36663039;
1801 p32[ 78] = 0x66626337;
1802 p32[ 79] = 0x62653032;
1803 p32[ 80] = 0x31613334;
1804 p32[ 81] = 0x30303838;
1805 p32[ 82] = 0x66663466;
1806 p32[ 83] = 0x64666130;
1807 p32[ 84] = 0x66663238;
1808 p32[ 85] = 0x32313031;
1809 for(i = 86; i <= 109; i++)
1810 p32[i] = 0x00000000;
1811
1812 p32[110] = 0x39313730;
1813 p32[111] = 0x35396232;
1814 p32[112] = 0x38636666;
1815 p32[113] = 0x38376164;
1816 p32[114] = 0x30313336;
1817 p32[115] = 0x64653131;
1818 p32[116] = 0x34326236;
1819 p32[117] = 0x35646463;
1820 p32[118] = 0x39663337;
1821 p32[119] = 0x31613737;
1822 p32[120] = 0x39376531;
1823 p32[121] = 0x31313834;
1824 for(i = 122; i <= 145; i++)
1825 p32[i] = 0x00000000;
1826
1827 p32[146] = 0x0000003a;
1828 for(i = 147; i <= 153; i++)
1829 p32[i] = 0x46464646;
1830
1831 p32[154] = 0x45464646;
1832 for(i = 155; i <= 158; i++)
1833 p32[i] = 0x46464646;
1834
1835 for(i = 159; i <= 190; i++)
1836 p32[i] = 0x00000000;
1837
1838 p32[191] = 0x0000003a;
1839 for(i = 192; i <= 197; i++)
1840 p32[i] = 0x46464646;
1841
1842 p32[198] = 0x45443939;
1843 p32[199] = 0x36333846;
1844 p32[200] = 0x42363431;
1845 p32[201] = 0x31423943;
1846 p32[202] = 0x32443442;
1847 p32[203] = 0x31333832;
1848 for(i = 204; i <= 235; i++)
1849 p32[i] = 0x00000000;
1850
1851 p32[236] = 0x000000c0;
1852 p32[237] = 0x00000007;
1853 p32[238] = 0x00000002;
1854 p32[239] = 0x00000001;
1855 p32[240] = 0x00000000;
1856 return 0;
1857 case CURVE_P_224:
1858 p32[ 0] = 0x00000001;
1859 p32[ 1] = 0x00000038;
1860 for(i = 2; i <= 8; i++)
1861 p32[i] = 0x46464646;
1862
1863 p32[ 9] = 0x45464646;
1864 for(i = 10; i <= 14; i++)
1865 p32[i] = 0x46464646;
1866
1867 p32[ 15] = 0x45464646;
1868 for(i = 16; i <= 37; i++)
1869 p32[i] = 0x00000000;
1870
1871 p32[ 38] = 0x35303462;
1872 p32[ 39] = 0x35386130;
1873 p32[ 40] = 0x34306330;
1874 p32[ 41] = 0x62613362;
1875 p32[ 42] = 0x31343566;
1876 p32[ 43] = 0x36353233;
1877 p32[ 44] = 0x34343035;
1878 p32[ 45] = 0x37623062;
1879 p32[ 46] = 0x66623764;
1880 p32[ 47] = 0x61623864;
1881 p32[ 48] = 0x62303732;
1882 p32[ 49] = 0x33343933;
1883 p32[ 50] = 0x35353332;
1884 p32[ 51] = 0x34626666;
1885 for(i = 52; i <= 73; i++)
1886 p32[i] = 0x00000000;
1887
1888 p32[ 74] = 0x65303762;
1889 p32[ 75] = 0x64626330;
1890 p32[ 76] = 0x34626236;
1891 p32[ 77] = 0x66376662;
1892 p32[ 78] = 0x33313233;
1893 p32[ 79] = 0x39623039;
1894 p32[ 80] = 0x33306134;
1895 p32[ 81] = 0x33643163;
1896 p32[ 82] = 0x32633635;
1897 p32[ 83] = 0x32323131;
1898 p32[ 84] = 0x32333433;
1899 p32[ 85] = 0x36643038;
1900 p32[ 86] = 0x63353131;
1901 p32[ 87] = 0x31326431;
1902 for(i = 88; i <= 109; i++)
1903 p32[i] = 0x00000000;
1904
1905 p32[110] = 0x37336462;
1906 p32[111] = 0x38383336;
1907 p32[112] = 0x37663562;
1908 p32[113] = 0x62663332;
1909 p32[114] = 0x32326334;
1910 p32[115] = 0x36656664;
1911 p32[116] = 0x33346463;
1912 p32[117] = 0x30613537;
1913 p32[118] = 0x37306135;
1914 p32[119] = 0x34363734;
1915 p32[120] = 0x35643434;
1916 p32[121] = 0x39393138;
1917 p32[122] = 0x30303538;
1918 p32[123] = 0x34336537;
1919 for(i = 124; i <= 145; i++)
1920 p32[i] = 0x00000000;
1921
1922 p32[146] = 0x00000046;
1923 for(i = 147; i <= 154; i++)
1924 p32[i] = 0x46464646;
1925
1926 for(i = 155; i <= 159; i++)
1927 p32[i] = 0x30303030;
1928
1929 p32[160] = 0x31303030;
1930 for(i = 161; i <= 190; i++)
1931 p32[i] = 0x00000000;
1932
1933 p32[191] = 0x00000046;
1934 for(i = 192; i <= 198; i++)
1935 p32[i] = 0x46464646;
1936
1937 p32[199] = 0x32413631;
1938 p32[200] = 0x38423045;
1939 p32[201] = 0x45333046;
1940 p32[202] = 0x44443331;
1941 p32[203] = 0x35343932;
1942 p32[204] = 0x43354335;
1943 p32[205] = 0x44334132;
1944 for(i = 206; i <= 235; i++)
1945 p32[i] = 0x00000000;
1946
1947 p32[236] = 0x000000e0;
1948 p32[237] = 0x00000009;
1949 p32[238] = 0x00000008;
1950 p32[239] = 0x00000003;
1951 p32[240] = 0x00000000;
1952 return 0;
1953 case CURVE_P_256:
1954 p32[ 0] = 0x00000002;
1955 p32[ 1] = 0x00000040;
1956 p32[ 2] = 0x46464646;
1957 p32[ 3] = 0x46464646;
1958 p32[ 4] = 0x30303030;
1959 p32[ 5] = 0x31303030;
1960 for(i = 6; i <= 11; i++)
1961 p32[i] = 0x30303030;
1962
1963 for(i = 12; i <= 16; i++)
1964 p32[i] = 0x46464646;
1965
1966 p32[ 17] = 0x43464646;
1967 for(i = 18; i <= 37; i++)
1968 p32[i] = 0x00000000;
1969
1970 p32[ 38] = 0x36636135;
1971 p32[ 39] = 0x38643533;
1972 p32[ 40] = 0x61336161;
1973 p32[ 41] = 0x37653339;
1974 p32[ 42] = 0x62653362;
1975 p32[ 43] = 0x35356462;
1976 p32[ 44] = 0x38393637;
1977 p32[ 45] = 0x63623638;
1978 p32[ 46] = 0x64313536;
1979 p32[ 47] = 0x30623630;
1980 p32[ 48] = 0x33356363;
1981 p32[ 49] = 0x36663062;
1982 p32[ 50] = 0x65636233;
1983 p32[ 51] = 0x65336333;
1984 p32[ 52] = 0x32643732;
1985 p32[ 53] = 0x62343036;
1986 for(i = 54; i <= 73; i++)
1987 p32[i] = 0x00000000;
1988
1989 p32[ 74] = 0x37316236;
1990 p32[ 75] = 0x32663164;
1991 p32[ 76] = 0x63323165;
1992 p32[ 77] = 0x37343234;
1993 p32[ 78] = 0x63623866;
1994 p32[ 79] = 0x35653665;
1995 p32[ 80] = 0x34613336;
1996 p32[ 81] = 0x32663034;
1997 p32[ 82] = 0x33303737;
1998 p32[ 83] = 0x31386437;
1999 p32[ 84] = 0x62656432;
2000 p32[ 85] = 0x30613333;
2001 p32[ 86] = 0x31613466;
2002 p32[ 87] = 0x35343933;
2003 p32[ 88] = 0x38393864;
2004 p32[ 89] = 0x36393263;
2005 for(i = 90; i <= 109; i++)
2006 p32[i] = 0x00000000;
2007
2008 p32[110] = 0x33656634;
2009 p32[111] = 0x32653234;
2010 p32[112] = 0x61316566;
2011 p32[113] = 0x62396637;
2012 p32[114] = 0x37656538;
2013 p32[115] = 0x61346265;
2014 p32[116] = 0x66306337;
2015 p32[117] = 0x36316539;
2016 p32[118] = 0x65636232;
2017 p32[119] = 0x37353333;
2018 p32[120] = 0x31336236;
2019 p32[121] = 0x65636535;
2020 p32[122] = 0x36626263;
2021 p32[123] = 0x38363034;
2022 p32[124] = 0x66623733;
2023 p32[125] = 0x35663135;
2024 for(i = 126; i <= 145; i++)
2025 p32[i] = 0x00000000;
2026
2027 p32[146] = 0x0000004e;
2028 p32[147] = 0x46464646;
2029 p32[148] = 0x46464646;
2030 p32[149] = 0x30303030;
2031 p32[150] = 0x31303030;
2032 for(i = 151; i <= 156; i++)
2033 p32[i] = 0x30303030;
2034
2035 for(i = 157; i <= 162; i++)
2036 p32[i] = 0x46464646;
2037
2038 for(i = 163; i <= 190; i++)
2039 p32[i] = 0x00000000;
2040
2041 p32[191] = 0x0000004e;
2042 p32[192] = 0x46464646;
2043 p32[193] = 0x46464646;
2044 p32[194] = 0x30303030;
2045 p32[195] = 0x30303030;
2046 for(i = 196; i <= 199; i++)
2047 p32[i] = 0x46464646;
2048
2049 p32[200] = 0x36454342;
2050 p32[201] = 0x44414146;
2051 p32[202] = 0x37313741;
2052 p32[203] = 0x34384539;
2053 p32[204] = 0x39423346;
2054 p32[205] = 0x32434143;
2055 p32[206] = 0x33364346;
2056 p32[207] = 0x31353532;
2057 for(i = 208; i <= 235; i++)
2058 p32[i] = 0x00000000;
2059
2060 p32[236] = 0x00000100;
2061 p32[237] = 0x0000000a;
2062 p32[238] = 0x00000005;
2063 p32[239] = 0x00000002;
2064 p32[240] = 0x00000000;
2065 return 0;
2066 case CURVE_P_384:
2067 p32[ 0] = 0x00000003;
2068 p32[ 1] = 0x00000060;
2069 for(i = 2; i <= 16; i++)
2070 p32[i] = 0x46464646;
2071
2072 p32[ 17] = 0x45464646;
2073 p32[ 18] = 0x46464646;
2074 p32[ 19] = 0x46464646;
2075 for(i = 20; i <= 23; i++)
2076 p32[i] = 0x30303030;
2077
2078 p32[ 24] = 0x46464646;
2079 p32[ 25] = 0x43464646;
2080 for(i = 26; i <= 37; i++)
2081 p32[i] = 0x00000000;
2082
2083 p32[ 38] = 0x31333362;
2084 p32[ 39] = 0x37616632;
2085 p32[ 40] = 0x65333265;
2086 p32[ 41] = 0x34653765;
2087 p32[ 42] = 0x65383839;
2088 p32[ 43] = 0x62363530;
2089 p32[ 44] = 0x38663365;
2090 p32[ 45] = 0x39316432;
2091 p32[ 46] = 0x64313831;
2092 p32[ 47] = 0x65366339;
2093 p32[ 48] = 0x31386566;
2094 p32[ 49] = 0x32313134;
2095 p32[ 50] = 0x34313330;
2096 p32[ 51] = 0x66383830;
2097 p32[ 52] = 0x33313035;
2098 p32[ 53] = 0x61353738;
2099 p32[ 54] = 0x36353663;
2100 p32[ 55] = 0x64383933;
2101 p32[ 56] = 0x65326138;
2102 p32[ 57] = 0x64393164;
2103 p32[ 58] = 0x35386132;
2104 p32[ 59] = 0x64653863;
2105 p32[ 60] = 0x63653364;
2106 p32[ 61] = 0x66656132;
2107 for(i = 62; i <= 73; i++)
2108 p32[i] = 0x00000000;
2109
2110 p32[ 74] = 0x37386161;
2111 p32[ 75] = 0x32326163;
2112 p32[ 76] = 0x62386562;
2113 p32[ 77] = 0x37333530;
2114 p32[ 78] = 0x31626538;
2115 p32[ 79] = 0x65313763;
2116 p32[ 80] = 0x30323366;
2117 p32[ 81] = 0x34376461;
2118 p32[ 82] = 0x64316536;
2119 p32[ 83] = 0x32366233;
2120 p32[ 84] = 0x37616238;
2121 p32[ 85] = 0x38396239;
2122 p32[ 86] = 0x37663935;
2123 p32[ 87] = 0x30653134;
2124 p32[ 88] = 0x34353238;
2125 p32[ 89] = 0x38336132;
2126 p32[ 90] = 0x32303535;
2127 p32[ 91] = 0x64353266;
2128 p32[ 92] = 0x35356662;
2129 p32[ 93] = 0x63363932;
2130 p32[ 94] = 0x34356133;
2131 p32[ 95] = 0x38336535;
2132 p32[ 96] = 0x36373237;
2133 p32[ 97] = 0x37626130;
2134 for(i = 98; i <= 109; i++)
2135 p32[i] = 0x00000000;
2136
2137 p32[110] = 0x37313633;
2138 p32[111] = 0x61346564;
2139 p32[112] = 0x36323639;
2140 p32[113] = 0x66366332;
2141 p32[114] = 0x65396435;
2142 p32[115] = 0x66623839;
2143 p32[116] = 0x32393239;
2144 p32[117] = 0x39326364;
2145 p32[118] = 0x34663866;
2146 p32[119] = 0x64626431;
2147 p32[120] = 0x61393832;
2148 p32[121] = 0x63373431;
2149 p32[122] = 0x61643965;
2150 p32[123] = 0x33313133;
2151 p32[124] = 0x30663562;
2152 p32[125] = 0x30633862;
2153 p32[126] = 0x30366130;
2154 p32[127] = 0x65633162;
2155 p32[128] = 0x65376431;
2156 p32[129] = 0x64393138;
2157 p32[130] = 0x33346137;
2158 p32[131] = 0x63376431;
2159 p32[132] = 0x61653039;
2160 p32[133] = 0x66356530;
2161 for(i = 134; i <= 145; i++)
2162 p32[i] = 0x00000000;
2163
2164 p32[146] = 0x00000074;
2165 for(i = 147; i <= 161; i++)
2166 p32[i] = 0x46464646;
2167
2168 p32[162] = 0x45464646;
2169 p32[163] = 0x46464646;
2170 p32[164] = 0x46464646;
2171 for(i = 165; i <= 168; i++)
2172 p32[i] = 0x30303030;
2173
2174 p32[169] = 0x46464646;
2175 p32[170] = 0x46464646;
2176 for(i = 171; i <= 190; i++)
2177 p32[i] = 0x00000000;
2178
2179 p32[191] = 0x00000074;
2180 for(i = 192; i <= 203; i++)
2181 p32[i] = 0x46464646;
2182
2183 p32[204] = 0x33363743;
2184 p32[205] = 0x31384434;
2185 p32[206] = 0x37333446;
2186 p32[207] = 0x46444432;
2187 p32[208] = 0x41313835;
2188 p32[209] = 0x32424430;
2189 p32[210] = 0x30423834;
2190 p32[211] = 0x41373741;
2191 p32[212] = 0x43454345;
2192 p32[213] = 0x41363931;
2193 p32[214] = 0x35434343;
2194 p32[215] = 0x33373932;
2195 for(i = 216; i <= 235; i++)
2196 p32[i] = 0x00000000;
2197
2198 p32[236] = 0x00000180;
2199 p32[237] = 0x0000000c;
2200 p32[238] = 0x00000003;
2201 p32[239] = 0x00000002;
2202 p32[240] = 0x00000000;
2203 return 0;
2204 case CURVE_P_521:
2205 p32[ 0] = 0x00000004;
2206 p32[ 1] = 0x00000083;
2207 p32[ 2] = 0x46464631;
2208 for(i = 3; i <= 33; i++)
2209 p32[i] = 0x46464646;
2210
2211 p32[ 34] = 0x00434646;
2212 p32[ 35] = 0x00000000;
2213 p32[ 36] = 0x00000000;
2214 p32[ 37] = 0x00000000;
2215 p32[ 38] = 0x39313530;
2216 p32[ 39] = 0x62653335;
2217 p32[ 40] = 0x38313639;
2218 p32[ 41] = 0x39633165;
2219 p32[ 42] = 0x39663161;
2220 p32[ 43] = 0x32613932;
2221 p32[ 44] = 0x62306131;
2222 p32[ 45] = 0x34353836;
2223 p32[ 46] = 0x61656530;
2224 p32[ 47] = 0x37616432;
2225 p32[ 48] = 0x39623532;
2226 p32[ 49] = 0x31336239;
2227 p32[ 50] = 0x62336635;
2228 p32[ 51] = 0x38346238;
2229 p32[ 52] = 0x38313939;
2230 p32[ 53] = 0x30316665;
2231 p32[ 54] = 0x35316539;
2232 p32[ 55] = 0x33393136;
2233 p32[ 56] = 0x65313539;
2234 p32[ 57] = 0x39653763;
2235 p32[ 58] = 0x31623733;
2236 p32[ 59] = 0x63323536;
2237 p32[ 60] = 0x33646230;
2238 p32[ 61] = 0x62316262;
2239 p32[ 62] = 0x33373066;
2240 p32[ 63] = 0x64333735;
2241 p32[ 64] = 0x33383866;
2242 p32[ 65] = 0x33633264;
2243 p32[ 66] = 0x65316634;
2244 p32[ 67] = 0x31353466;
2245 p32[ 68] = 0x36346466;
2246 p32[ 69] = 0x33303562;
2247 p32[ 70] = 0x00303066;
2248 p32[ 71] = 0x00000000;
2249 p32[ 72] = 0x00000000;
2250 p32[ 73] = 0x00000000;
2251 p32[ 74] = 0x38366330;
2252 p32[ 75] = 0x30653835;
2253 p32[ 76] = 0x30376236;
2254 p32[ 77] = 0x65343034;
2255 p32[ 78] = 0x39646339;
2256 p32[ 79] = 0x63653365;
2257 p32[ 80] = 0x32363662;
2258 p32[ 81] = 0x62353933;
2259 p32[ 82] = 0x39323434;
2260 p32[ 83] = 0x38343663;
2261 p32[ 84] = 0x30393331;
2262 p32[ 85] = 0x62663335;
2263 p32[ 86] = 0x66313235;
2264 p32[ 87] = 0x61383238;
2265 p32[ 88] = 0x36303666;
2266 p32[ 89] = 0x33643462;
2267 p32[ 90] = 0x61616264;
2268 p32[ 91] = 0x35623431;
2269 p32[ 92] = 0x65373765;
2270 p32[ 93] = 0x35376566;
2271 p32[ 94] = 0x66383239;
2272 p32[ 95] = 0x63643165;
2273 p32[ 96] = 0x61373231;
2274 p32[ 97] = 0x61666632;
2275 p32[ 98] = 0x33656438;
2276 p32[ 99] = 0x62383433;
2277 p32[100] = 0x38316333;
2278 p32[101] = 0x34613635;
2279 p32[102] = 0x66623932;
2280 p32[103] = 0x37653739;
2281 p32[104] = 0x63313365;
2282 p32[105] = 0x62356532;
2283 p32[106] = 0x00363664;
2284 p32[107] = 0x00000000;
2285 p32[108] = 0x00000000;
2286 p32[109] = 0x00000000;
2287 p32[110] = 0x33383131;
2288 p32[111] = 0x36393239;
2289 p32[112] = 0x39383761;
2290 p32[113] = 0x63623361;
2291 p32[114] = 0x35343030;
2292 p32[115] = 0x35613863;
2293 p32[116] = 0x32346266;
2294 p32[117] = 0x31643763;
2295 p32[118] = 0x39396462;
2296 p32[119] = 0x34356638;
2297 p32[120] = 0x35393434;
2298 p32[121] = 0x34623937;
2299 p32[122] = 0x31383634;
2300 p32[123] = 0x62666137;
2301 p32[124] = 0x32373164;
2302 p32[125] = 0x36653337;
2303 p32[126] = 0x39633236;
2304 p32[127] = 0x37656537;
2305 p32[128] = 0x35393932;
2306 p32[129] = 0x32346665;
2307 p32[130] = 0x63303436;
2308 p32[131] = 0x62303535;
2309 p32[132] = 0x33313039;
2310 p32[133] = 0x30646166;
2311 p32[134] = 0x33313637;
2312 p32[135] = 0x37633335;
2313 p32[136] = 0x61363830;
2314 p32[137] = 0x63323732;
2315 p32[138] = 0x38303432;
2316 p32[139] = 0x39656238;
2317 p32[140] = 0x39363734;
2318 p32[141] = 0x36316466;
2319 p32[142] = 0x00303536;
2320 p32[143] = 0x00000000;
2321 p32[144] = 0x00000000;
2322 p32[145] = 0x00000000;
2323 p32[146] = 0x0000009d;
2324 p32[147] = 0x46464631;
2325 for(i = 148; i <= 178; i++)
2326 p32[i] = 0x46464646;
2327
2328 p32[179] = 0x00464646;
2329 for(i = 180; i <= 190; i++)
2330 p32[i] = 0x00000000;
2331
2332 p32[191] = 0x0000009d;
2333 p32[192] = 0x46464631;
2334 for(i = 193; i <= 207; i++)
2335 p32[i] = 0x46464646;
2336
2337 p32[208] = 0x35414646;
2338 p32[209] = 0x38363831;
2339 p32[210] = 0x42333837;
2340 p32[211] = 0x39463246;
2341 p32[212] = 0x37423636;
2342 p32[213] = 0x30434346;
2343 p32[214] = 0x46383431;
2344 p32[215] = 0x41393037;
2345 p32[216] = 0x33304435;
2346 p32[217] = 0x43354242;
2347 p32[218] = 0x38384239;
2348 p32[219] = 0x34433939;
2349 p32[220] = 0x42454137;
2350 p32[221] = 0x42463642;
2351 p32[222] = 0x39453137;
2352 p32[223] = 0x36383331;
2353 p32[224] = 0x00393034;
2354 for(i = 225; i <= 235; i++)
2355 p32[i] = 0x00000000;
2356
2357 p32[236] = 0x00000209;
2358 p32[237] = 0x00000020;
2359 p32[238] = 0x00000020;
2360 p32[239] = 0x00000020;
2361 p32[240] = 0x00000000;
2362 return 0;
2363 case CURVE_B_163:
2364 p32[ 0] = 0x0000000a;
2365 p32[ 1] = 0x00000029;
2366 for(i = 2; i <= 11; i++)
2367 p32[i] = 0x30303030;
2368
2369 p32[ 12] = 0x00000031;
2370 for(i = 13; i <= 37; i++)
2371 p32[i] = 0x00000000;
2372
2373 p32[ 38] = 0x36613032;
2374 p32[ 39] = 0x30393130;
2375 p32[ 40] = 0x63386237;
2376 p32[ 41] = 0x63333539;
2377 p32[ 42] = 0x38343161;
2378 p32[ 43] = 0x31626531;
2379 p32[ 44] = 0x32313530;
2380 p32[ 45] = 0x37383766;
2381 p32[ 46] = 0x33613434;
2382 p32[ 47] = 0x66353032;
2383 p32[ 48] = 0x00000064;
2384 for(i = 49; i <= 73; i++)
2385 p32[i] = 0x00000000;
2386
2387 p32[ 74] = 0x65306633;
2388 p32[ 75] = 0x36316162;
2389 p32[ 76] = 0x61363832;
2390 p32[ 77] = 0x37356432;
2391 p32[ 78] = 0x39306165;
2392 p32[ 79] = 0x36313139;
2393 p32[ 80] = 0x39346438;
2394 p32[ 81] = 0x33363439;
2395 p32[ 82] = 0x33386537;
2396 p32[ 83] = 0x33653334;
2397 p32[ 84] = 0x00000036;
2398 for(i = 85; i <= 109; i++)
2399 p32[i] = 0x00000000;
2400
2401 p32[110] = 0x31356430;
2402 p32[111] = 0x36636266;
2403 p32[112] = 0x61313763;
2404 p32[113] = 0x34393030;
2405 p32[114] = 0x63326166;
2406 p32[115] = 0x34356464;
2407 p32[116] = 0x31316235;
2408 p32[117] = 0x30633563;
2409 p32[118] = 0x37393763;
2410 p32[119] = 0x66343233;
2411 p32[120] = 0x00000031;
2412 for(i = 121; i <= 145; i++)
2413 p32[i] = 0x00000000;
2414
2415 p32[146] = 0x00000044;
2416 for(i = 147; i <= 154; i++)
2417 p32[i] = 0x46464646;
2418
2419 for(i = 155; i <= 159; i++)
2420 p32[i] = 0x30303030;
2421
2422 p32[160] = 0x31303030;
2423 for(i = 161; i <= 190; i++)
2424 p32[i] = 0x00000000;
2425
2426 p32[191] = 0x00000031;
2427 p32[192] = 0x30303034;
2428 for(i = 193; i <= 196; i++)
2429 p32[i] = 0x30303030;
2430
2431 p32[197] = 0x46323932;
2432 p32[198] = 0x45373745;
2433 p32[199] = 0x31433037;
2434 p32[200] = 0x32344132;
2435 p32[201] = 0x33433433;
2436 p32[202] = 0x00000033;
2437 for(i = 203; i <= 235; i++)
2438 p32[i] = 0x00000000;
2439
2440 p32[236] = 0x000000a3;
2441 p32[237] = 0x00000007;
2442 p32[238] = 0x00000006;
2443 p32[239] = 0x00000003;
2444 p32[240] = 0x00000001;
2445 return 0;
2446 case CURVE_B_233:
2447 p32[ 0] = 0x0000000b;
2448 p32[ 1] = 0x0000003b;
2449 for(i = 2; i <= 15; i++)
2450 p32[i] = 0x30303030;
2451
2452 p32[ 16] = 0x00313030;
2453 for(i = 17; i <= 37; i++)
2454 p32[i] = 0x00000000;
2455
2456 p32[ 38] = 0x36363630;
2457 p32[ 39] = 0x64653734;
2458 p32[ 40] = 0x33633665;
2459 p32[ 41] = 0x37633233;
2460 p32[ 42] = 0x30633866;
2461 p32[ 43] = 0x62333239;
2462 p32[ 44] = 0x32383562;
2463 p32[ 45] = 0x33623331;
2464 p32[ 46] = 0x32623333;
2465 p32[ 47] = 0x63396530;
2466 p32[ 48] = 0x38323465;
2467 p32[ 49] = 0x31656631;
2468 p32[ 50] = 0x37663531;
2469 p32[ 51] = 0x39663864;
2470 p32[ 52] = 0x00646130;
2471 for(i = 53; i <= 73; i++)
2472 p32[i] = 0x00000000;
2473
2474 p32[ 74] = 0x63616630;
2475 p32[ 75] = 0x63666439;
2476 p32[ 76] = 0x38636162;
2477 p32[ 77] = 0x62333133;
2478 p32[ 78] = 0x33313262;
2479 p32[ 79] = 0x62316639;
2480 p32[ 80] = 0x35353762;
2481 p32[ 81] = 0x36666566;
2482 p32[ 82] = 0x33636235;
2483 p32[ 83] = 0x38663139;
2484 p32[ 84] = 0x66363362;
2485 p32[ 85] = 0x65386638;
2486 p32[ 86] = 0x37333762;
2487 p32[ 87] = 0x35646631;
2488 p32[ 88] = 0x00623835;
2489 for(i = 89; i <= 109; i++)
2490 p32[i] = 0x00000000;
2491
2492 p32[110] = 0x36303031;
2493 p32[111] = 0x61383061;
2494 p32[112] = 0x30393134;
2495 p32[113] = 0x30353333;
2496 p32[114] = 0x65383736;
2497 p32[115] = 0x32353835;
2498 p32[116] = 0x62656238;
2499 p32[117] = 0x30613866;
2500 p32[118] = 0x66666562;
2501 p32[119] = 0x61373638;
2502 p32[120] = 0x33616337;
2503 p32[121] = 0x36313736;
2504 p32[122] = 0x30653766;
2505 p32[123] = 0x31386631;
2506 p32[124] = 0x00323530;
2507 for(i = 125; i <= 145; i++)
2508 p32[i] = 0x00000000;
2509
2510 p32[146] = 0x00000044;
2511 for(i = 147; i <= 154; i++)
2512 p32[i] = 0x46464646;
2513
2514 for(i = 155; i <= 159; i++)
2515 p32[i] = 0x30303030;
2516
2517 p32[160] = 0x31303030;
2518 for(i = 161; i <= 190; i++)
2519 p32[i] = 0x00000000;
2520
2521 p32[191] = 0x00000046;
2522 p32[192] = 0x30303031;
2523 for(i = 193; i <= 198; i++)
2524 p32[i] = 0x30303030;
2525
2526 p32[199] = 0x45333130;
2527 p32[200] = 0x45343739;
2528 p32[201] = 0x38463237;
2529 p32[202] = 0x32393641;
2530 p32[203] = 0x31333032;
2531 p32[204] = 0x30363244;
2532 p32[205] = 0x45464333;
2533 p32[206] = 0x00374430;
2534 for(i = 207; i <= 235; i++)
2535 p32[i] = 0x00000000;
2536
2537 p32[236] = 0x000000e9;
2538 p32[237] = 0x0000004a;
2539 p32[238] = 0x0000004a;
2540 p32[239] = 0x0000004a;
2541 p32[240] = 0x00000001;
2542 return 0;
2543 case CURVE_B_283:
2544 p32[ 0] = 0x0000000c;
2545 p32[ 1] = 0x00000047;
2546 for(i = 2; i <= 18; i++)
2547 p32[i] = 0x30303030;
2548
2549 p32[ 19] = 0x00313030;
2550 for(i = 20; i <= 37; i++)
2551 p32[i] = 0x00000000;
2552
2553 p32[ 38] = 0x36623732;
2554 p32[ 39] = 0x63613038;
2555 p32[ 40] = 0x35386238;
2556 p32[ 41] = 0x61643639;
2557 p32[ 42] = 0x61346135;
2558 p32[ 43] = 0x31613866;
2559 p32[ 44] = 0x33306139;
2560 p32[ 45] = 0x63663330;
2561 p32[ 46] = 0x66373961;
2562 p32[ 47] = 0x34363764;
2563 p32[ 48] = 0x39303335;
2564 p32[ 49] = 0x61326166;
2565 p32[ 50] = 0x34313835;
2566 p32[ 51] = 0x66613538;
2567 p32[ 52] = 0x33363236;
2568 p32[ 53] = 0x33313365;
2569 p32[ 54] = 0x61393762;
2570 p32[ 55] = 0x00356632;
2571 for(i = 56; i <= 73; i++)
2572 p32[i] = 0x00000000;
2573
2574 p32[ 74] = 0x33396635;
2575 p32[ 75] = 0x38353239;
2576 p32[ 76] = 0x64376264;
2577 p32[ 77] = 0x65303964;
2578 p32[ 78] = 0x34333931;
2579 p32[ 79] = 0x37633866;
2580 p32[ 80] = 0x64306230;
2581 p32[ 81] = 0x32636566;
2582 p32[ 82] = 0x32646565;
2583 p32[ 83] = 0x35386235;
2584 p32[ 84] = 0x61653735;
2585 p32[ 85] = 0x38633963;
2586 p32[ 86] = 0x65326530;
2587 p32[ 87] = 0x66383931;
2588 p32[ 88] = 0x62646338;
2589 p32[ 89] = 0x38646365;
2590 p32[ 90] = 0x32316236;
2591 p32[ 91] = 0x00333530;
2592 for(i = 92; i <= 109; i++)
2593 p32[i] = 0x00000000;
2594
2595 p32[110] = 0x36373633;
2596 p32[111] = 0x66343538;
2597 p32[112] = 0x31343265;
2598 p32[113] = 0x62633134;
2599 p32[114] = 0x65663839;
2600 p32[115] = 0x62346436;
2601 p32[116] = 0x30643032;
2602 p32[117] = 0x35346232;
2603 p32[118] = 0x66663631;
2604 p32[119] = 0x33323037;
2605 p32[120] = 0x64653035;
2606 p32[121] = 0x38306264;
2607 p32[122] = 0x37373632;
2608 p32[123] = 0x31386339;
2609 p32[124] = 0x64306633;
2610 p32[125] = 0x62353466;
2611 p32[126] = 0x31313865;
2612 p32[127] = 0x00346632;
2613 for(i = 128; i <= 145; i++)
2614 p32[i] = 0x00000000;
2615
2616 p32[146] = 0x00000044;
2617 for(i = 147; i <= 154; i++)
2618 p32[i] = 0x46464646;
2619
2620 for(i = 155; i <= 159; i++)
2621 p32[i] = 0x30303030;
2622
2623 p32[160] = 0x31303030;
2624 for(i = 161; i <= 190; i++)
2625 p32[i] = 0x00000000;
2626
2627 p32[191] = 0x00000055;
2628 p32[192] = 0x46464633;
2629 for(i = 193; i <= 199; i++)
2630 p32[i] = 0x46464646;
2631
2632 p32[200] = 0x45464646;
2633 p32[201] = 0x33303946;
2634 p32[202] = 0x36363939;
2635 p32[203] = 0x39434630;
2636 p32[204] = 0x39413833;
2637 p32[205] = 0x35363130;
2638 p32[206] = 0x32343042;
2639 p32[207] = 0x45433741;
2640 p32[208] = 0x42444146;
2641 p32[209] = 0x00373033;
2642 for(i = 210; i <= 235; i++)
2643 p32[i] = 0x00000000;
2644
2645 p32[236] = 0x0000011b;
2646 p32[237] = 0x0000000c;
2647 p32[238] = 0x00000007;
2648 p32[239] = 0x00000005;
2649 p32[240] = 0x00000001;
2650 return 0;
2651 case CURVE_B_409:
2652 p32[ 0] = 0x0000000d;
2653 p32[ 1] = 0x00000067;
2654 for(i = 2; i <= 26; i++)
2655 p32[i] = 0x30303030;
2656
2657 p32[ 27] = 0x00313030;
2658 for(i = 28; i <= 37; i++)
2659 p32[i] = 0x00000000;
2660
2661 p32[ 38] = 0x61313230;
2662 p32[ 39] = 0x63326335;
2663 p32[ 40] = 0x39656538;
2664 p32[ 41] = 0x35626566;
2665 p32[ 42] = 0x39623463;
2666 p32[ 43] = 0x33353761;
2667 p32[ 44] = 0x34623762;
2668 p32[ 45] = 0x37623637;
2669 p32[ 46] = 0x34366466;
2670 p32[ 47] = 0x66653232;
2671 p32[ 48] = 0x64336631;
2672 p32[ 49] = 0x34373664;
2673 p32[ 50] = 0x66313637;
2674 p32[ 51] = 0x64393961;
2675 p32[ 52] = 0x32636136;
2676 p32[ 53] = 0x61386337;
2677 p32[ 54] = 0x39316139;
2678 p32[ 55] = 0x37326237;
2679 p32[ 56] = 0x32323832;
2680 p32[ 57] = 0x64633666;
2681 p32[ 58] = 0x35613735;
2682 p32[ 59] = 0x34616135;
2683 p32[ 60] = 0x61303566;
2684 p32[ 61] = 0x37313365;
2685 p32[ 62] = 0x35333162;
2686 p32[ 63] = 0x00663534;
2687 for(i = 64; i <= 73; i++)
2688 p32[i] = 0x00000000;
2689
2690 p32[ 74] = 0x34643531;
2691 p32[ 75] = 0x64303638;
2692 p32[ 76] = 0x64383830;
2693 p32[ 77] = 0x34336264;
2694 p32[ 78] = 0x30623639;
2695 p32[ 79] = 0x36303663;
2696 p32[ 80] = 0x36353734;
2697 p32[ 81] = 0x34303632;
2698 p32[ 82] = 0x64633134;
2699 p32[ 83] = 0x66613465;
2700 p32[ 84] = 0x31373731;
2701 p32[ 85] = 0x62643464;
2702 p32[ 86] = 0x66663130;
2703 p32[ 87] = 0x33623565;
2704 p32[ 88] = 0x39356534;
2705 p32[ 89] = 0x64333037;
2706 p32[ 90] = 0x35353263;
2707 p32[ 91] = 0x38363861;
2708 p32[ 92] = 0x38313161;
2709 p32[ 93] = 0x35313530;
2710 p32[ 94] = 0x61333036;
2711 p32[ 95] = 0x36626165;
2712 p32[ 96] = 0x34393730;
2713 p32[ 97] = 0x62343565;
2714 p32[ 98] = 0x39393762;
2715 p32[ 99] = 0x00376136;
2716 for(i = 100; i <= 109; i++)
2717 p32[i] = 0x00000000;
2718
2719 p32[110] = 0x62313630;
2720 p32[111] = 0x61666331;
2721 p32[112] = 0x65623662;
2722 p32[113] = 0x32336635;
2723 p32[114] = 0x61666262;
2724 p32[115] = 0x32333837;
2725 p32[116] = 0x31646534;
2726 p32[117] = 0x37613630;
2727 p32[118] = 0x62363336;
2728 p32[119] = 0x61356339;
2729 p32[120] = 0x31646237;
2730 p32[121] = 0x30643839;
2731 p32[122] = 0x61383531;
2732 p32[123] = 0x35663461;
2733 p32[124] = 0x64383834;
2734 p32[125] = 0x33663830;
2735 p32[126] = 0x34313538;
2736 p32[127] = 0x64663166;
2737 p32[128] = 0x34623466;
2738 p32[129] = 0x64303466;
2739 p32[130] = 0x31383132;
2740 p32[131] = 0x38363362;
2741 p32[132] = 0x36336331;
2742 p32[133] = 0x30616234;
2743 p32[134] = 0x63333732;
2744 p32[135] = 0x00363037;
2745 for(i = 136; i <= 145; i++)
2746 p32[i] = 0x00000000;
2747
2748 p32[146] = 0x00000044;
2749 for(i = 147; i <= 154; i++)
2750 p32[i] = 0x46464646;
2751
2752 for(i = 155; i <= 159; i++)
2753 p32[i] = 0x30303030;
2754
2755 p32[160] = 0x31303030;
2756 for(i = 161; i <= 190; i++)
2757 p32[i] = 0x00000000;
2758
2759 p32[191] = 0x0000007b;
2760 p32[192] = 0x30303031;
2761 for(i = 193; i <= 204; i++)
2762 p32[i] = 0x30303030;
2763
2764 p32[205] = 0x41324531;
2765 p32[206] = 0x41364441;
2766 p32[207] = 0x46323136;
2767 p32[208] = 0x30333333;
2768 p32[209] = 0x35454237;
2769 p32[210] = 0x37344146;
2770 p32[211] = 0x39433343;
2771 p32[212] = 0x32353045;
2772 p32[213] = 0x38333846;
2773 p32[214] = 0x43343631;
2774 p32[215] = 0x44373344;
2775 p32[216] = 0x31324139;
2776 p32[217] = 0x00333731;
2777 for(i = 218; i <= 235; i++)
2778 p32[i] = 0x00000000;
2779
2780 p32[236] = 0x00000199;
2781 p32[237] = 0x00000057;
2782 p32[238] = 0x00000057;
2783 p32[239] = 0x00000057;
2784 p32[240] = 0x00000001;
2785 return 0;
2786 case CURVE_B_571:
2787 p32[ 0] = 0x0000000e;
2788 p32[ 1] = 0x0000008f;
2789 for(i = 2; i <= 36; i++)
2790 p32[i] = 0x30303030;
2791
2792 p32[ 37] = 0x00313030;
2793 p32[ 38] = 0x30346632;
2794 p32[ 39] = 0x32653765;
2795 p32[ 40] = 0x66313232;
2796 p32[ 41] = 0x64353932;
2797 p32[ 42] = 0x37393265;
2798 p32[ 43] = 0x62373131;
2799 p32[ 44] = 0x64336637;
2800 p32[ 45] = 0x35663236;
2801 p32[ 46] = 0x39613663;
2802 p32[ 47] = 0x63666637;
2803 p32[ 48] = 0x65633862;
2804 p32[ 49] = 0x63316666;
2805 p32[ 50] = 0x61623664;
2806 p32[ 51] = 0x34656338;
2807 p32[ 52] = 0x31613961;
2808 p32[ 53] = 0x38646138;
2809 p32[ 54] = 0x61666634;
2810 p32[ 55] = 0x38646262;
2811 p32[ 56] = 0x35616665;
2812 p32[ 57] = 0x32333339;
2813 p32[ 58] = 0x61376562;
2814 p32[ 59] = 0x35373664;
2815 p32[ 60] = 0x36366136;
2816 p32[ 61] = 0x34393265;
2817 p32[ 62] = 0x31646661;
2818 p32[ 63] = 0x37613538;
2819 p32[ 64] = 0x31666638;
2820 p32[ 65] = 0x35616132;
2821 p32[ 66] = 0x34653032;
2822 p32[ 67] = 0x33376564;
2823 p32[ 68] = 0x63616239;
2824 p32[ 69] = 0x37633061;
2825 p32[ 70] = 0x66656666;
2826 p32[ 71] = 0x32663766;
2827 p32[ 72] = 0x37353539;
2828 p32[ 73] = 0x00613732;
2829 p32[ 74] = 0x30333033;
2830 p32[ 75] = 0x33643130;
2831 p32[ 76] = 0x35386234;
2832 p32[ 77] = 0x36393236;
2833 p32[ 78] = 0x63363163;
2834 p32[ 79] = 0x30346430;
2835 p32[ 80] = 0x64633364;
2836 p32[ 81] = 0x30353737;
2837 p32[ 82] = 0x64333961;
2838 p32[ 83] = 0x39326431;
2839 p32[ 84] = 0x61663535;
2840 p32[ 85] = 0x61613038;
2841 p32[ 86] = 0x30346635;
2842 p32[ 87] = 0x64386366;
2843 p32[ 88] = 0x32623762;
2844 p32[ 89] = 0x62646261;
2845 p32[ 90] = 0x33356564;
2846 p32[ 91] = 0x66303539;
2847 p32[ 92] = 0x64306334;
2848 p32[ 93] = 0x63333932;
2849 p32[ 94] = 0x31376464;
2850 p32[ 95] = 0x35336131;
2851 p32[ 96] = 0x66373662;
2852 p32[ 97] = 0x39343162;
2853 p32[ 98] = 0x36656139;
2854 p32[ 99] = 0x38333030;
2855 p32[100] = 0x66343136;
2856 p32[101] = 0x34393331;
2857 p32[102] = 0x61666261;
2858 p32[103] = 0x63346233;
2859 p32[104] = 0x64303538;
2860 p32[105] = 0x65373239;
2861 p32[106] = 0x37376531;
2862 p32[107] = 0x38633936;
2863 p32[108] = 0x32636565;
2864 p32[109] = 0x00393164;
2865 p32[110] = 0x66623733;
2866 p32[111] = 0x34333732;
2867 p32[112] = 0x36616432;
2868 p32[113] = 0x36623933;
2869 p32[114] = 0x66636364;
2870 p32[115] = 0x62656666;
2871 p32[116] = 0x36643337;
2872 p32[117] = 0x38376439;
2873 p32[118] = 0x32633663;
2874 p32[119] = 0x30366137;
2875 p32[120] = 0x62633930;
2876 p32[121] = 0x31616362;
2877 p32[122] = 0x66303839;
2878 p32[123] = 0x33333538;
2879 p32[124] = 0x65313239;
2880 p32[125] = 0x38366138;
2881 p32[126] = 0x33323434;
2882 p32[127] = 0x62333465;
2883 p32[128] = 0x38306261;
2884 p32[129] = 0x36373561;
2885 p32[130] = 0x61313932;
2886 p32[131] = 0x34663866;
2887 p32[132] = 0x62623136;
2888 p32[133] = 0x62386132;
2889 p32[134] = 0x31333533;
2890 p32[135] = 0x30663264;
2891 p32[136] = 0x63353834;
2892 p32[137] = 0x31623931;
2893 p32[138] = 0x66326536;
2894 p32[139] = 0x36313531;
2895 p32[140] = 0x64333265;
2896 p32[141] = 0x31633364;
2897 p32[142] = 0x32383461;
2898 p32[143] = 0x31666137;
2899 p32[144] = 0x63613862;
2900 p32[145] = 0x00623531;
2901 p32[146] = 0x00000044;
2902 for(i = 147; i <= 154; i++)
2903 p32[i] = 0x46464646;
2904
2905 for(i = 155; i <= 159; i++)
2906 p32[i] = 0x30303030;
2907
2908 p32[160] = 0x31303030;
2909 for(i = 161; i <= 190; i++)
2910 p32[i] = 0x00000000;
2911
2912 p32[191] = 0x000000ac;
2913 p32[192] = 0x46464633;
2914 for(i = 193; i <= 208; i++)
2915 p32[i] = 0x46464646;
2916
2917 p32[209] = 0x45464646;
2918 p32[210] = 0x43313636;
2919 p32[211] = 0x46383145;
2920 p32[212] = 0x39353546;
2921 p32[213] = 0x30333738;
2922 p32[214] = 0x39353038;
2923 p32[215] = 0x36383142;
2924 p32[216] = 0x38333238;
2925 p32[217] = 0x43453135;
2926 p32[218] = 0x39444437;
2927 p32[219] = 0x31314143;
2928 p32[220] = 0x45443136;
2929 p32[221] = 0x35443339;
2930 p32[222] = 0x44343731;
2931 p32[223] = 0x38453636;
2932 p32[224] = 0x45323833;
2933 p32[225] = 0x32424239;
2934 p32[226] = 0x34384546;
2935 p32[227] = 0x00373445;
2936 for(i = 228; i <= 235; i++)
2937 p32[i] = 0x00000000;
2938
2939 p32[236] = 0x0000023b;
2940 p32[237] = 0x0000000a;
2941 p32[238] = 0x00000005;
2942 p32[239] = 0x00000002;
2943 p32[240] = 0x00000001;
2944 return 0;
2945 case CURVE_K_163:
2946 p32[ 0] = 0x00000005;
2947 p32[ 1] = 0x00000029;
2948 for(i = 2; i <= 11; i++)
2949 p32[i] = 0x30303030;
2950
2951 p32[ 12] = 0x00000031;
2952 for(i = 13; i <= 37; i++)
2953 p32[i] = 0x00000000;
2954
2955 for(i = 38; i <= 47; i++)
2956 p32[i] = 0x30303030;
2957
2958 p32[ 48] = 0x00000031;
2959 for(i = 49; i <= 73; i++)
2960 p32[i] = 0x00000000;
2961
2962 p32[ 74] = 0x31656632;
2963 p32[ 75] = 0x35306333;
2964 p32[ 76] = 0x62623733;
2965 p32[ 77] = 0x61313163;
2966 p32[ 78] = 0x30616163;
2967 p32[ 79] = 0x39376437;
2968 p32[ 80] = 0x34656433;
2969 p32[ 81] = 0x35643665;
2970 p32[ 82] = 0x39633565;
2971 p32[ 83] = 0x65656534;
2972 p32[ 84] = 0x00000038;
2973 for(i = 85; i <= 109; i++)
2974 p32[i] = 0x00000000;
2975
2976 p32[110] = 0x30393832;
2977 p32[111] = 0x62663037;
2978 p32[112] = 0x33643530;
2979 p32[113] = 0x35666638;
2980 p32[114] = 0x31323338;
2981 p32[115] = 0x38653266;
2982 p32[116] = 0x33353030;
2983 p32[117] = 0x33356436;
2984 p32[118] = 0x64636338;
2985 p32[119] = 0x64336161;
2986 p32[120] = 0x00000039;
2987 for(i = 121; i <= 145; i++)
2988 p32[i] = 0x00000000;
2989
2990 p32[146] = 0x00000044;
2991 for(i = 147; i <= 154; i++)
2992 p32[i] = 0x46464646;
2993
2994 for(i = 155; i <= 159; i++)
2995 p32[i] = 0x30303030;
2996
2997 p32[160] = 0x31303030;
2998 for(i = 161; i <= 190; i++)
2999 p32[i] = 0x00000000;
3000
3001 p32[191] = 0x00000031;
3002 p32[192] = 0x30303034;
3003 for(i = 193; i <= 196; i++)
3004 p32[i] = 0x30303030;
3005
3006 p32[197] = 0x30313032;
3007 p32[198] = 0x45324138;
3008 p32[199] = 0x30434330;
3009 p32[200] = 0x46393944;
3010 p32[201] = 0x45354138;
3011 p32[202] = 0x00000046;
3012 for(i = 203; i <= 235; i++)
3013 p32[i] = 0x00000000;
3014
3015 p32[236] = 0x000000a3;
3016 p32[237] = 0x00000007;
3017 p32[238] = 0x00000006;
3018 p32[239] = 0x00000003;
3019 p32[240] = 0x00000001;
3020 return 0;
3021 case CURVE_K_233:
3022 p32[ 0] = 0x00000006;
3023 p32[ 1] = 0x0000003b;
3024 for(i = 2; i <= 15; i++)
3025 p32[i] = 0x30303030;
3026
3027 p32[ 16] = 0x00303030;
3028 for(i = 17; i <= 37; i++)
3029 p32[i] = 0x00000000;
3030
3031 for(i = 38; i <= 51; i++)
3032 p32[i] = 0x30303030;
3033
3034 p32[ 52] = 0x00313030;
3035 for(i = 53; i <= 73; i++)
3036 p32[i] = 0x00000000;
3037
3038 p32[ 74] = 0x33323731;
3039 p32[ 75] = 0x38616232;
3040 p32[ 76] = 0x37613335;
3041 p32[ 77] = 0x31333765;
3042 p32[ 78] = 0x32316661;
3043 p32[ 79] = 0x32326639;
3044 p32[ 80] = 0x31346666;
3045 p32[ 81] = 0x36353934;
3046 p32[ 82] = 0x31346133;
3047 p32[ 83] = 0x36326339;
3048 p32[ 84] = 0x30356662;
3049 p32[ 85] = 0x39633461;
3050 p32[ 86] = 0x65653664;
3051 p32[ 87] = 0x36646166;
3052 p32[ 88] = 0x00363231;
3053 for(i = 89; i <= 109; i++)
3054 p32[i] = 0x00000000;
3055
3056 p32[110] = 0x35626431;
3057 p32[111] = 0x65643733;
3058 p32[112] = 0x31386563;
3059 p32[113] = 0x66376239;
3060 p32[114] = 0x35663037;
3061 p32[115] = 0x36613535;
3062 p32[116] = 0x32346337;
3063 p32[117] = 0x63386137;
3064 p32[118] = 0x66623964;
3065 p32[119] = 0x65613831;
3066 p32[120] = 0x35623962;
3067 p32[121] = 0x63306536;
3068 p32[122] = 0x35303131;
3069 p32[123] = 0x65616636;
3070 p32[124] = 0x00336136;
3071 for(i = 125; i <= 145; i++)
3072 p32[i] = 0x00000000;
3073
3074 p32[146] = 0x00000044;
3075 for(i = 147; i <= 154; i++)
3076 p32[i] = 0x46464646;
3077
3078 for(i = 155; i <= 159; i++)
3079 p32[i] = 0x30303030;
3080
3081 p32[160] = 0x31303030;
3082 for(i = 161; i <= 190; i++)
3083 p32[i] = 0x00000000;
3084
3085 p32[191] = 0x00000046;
3086 p32[192] = 0x30303038;
3087 for(i = 193; i <= 198; i++)
3088 p32[i] = 0x30303030;
3089
3090 p32[199] = 0x44393630;
3091 p32[200] = 0x39424235;
3092 p32[201] = 0x43423531;
3093 p32[202] = 0x45363444;
3094 p32[203] = 0x41314246;
3095 p32[204] = 0x31463544;
3096 p32[205] = 0x42413337;
3097 p32[206] = 0x00004644;
3098 for(i = 207; i <= 235; i++)
3099 p32[i] = 0x00000000;
3100
3101 p32[236] = 0x000000e9;
3102 p32[237] = 0x0000004a;
3103 p32[238] = 0x0000004a;
3104 p32[239] = 0x0000004a;
3105 p32[240] = 0x00000001;
3106 return 0;
3107 case CURVE_K_283:
3108 p32[ 0] = 0x00000007;
3109 p32[ 1] = 0x00000047;
3110 for(i = 2; i <= 18; i++)
3111 p32[i] = 0x30303030;
3112
3113 p32[ 19] = 0x00303030;
3114 for(i = 20; i <= 37; i++)
3115 p32[i] = 0x00000000;
3116
3117 for(i = 38; i <= 54; i++)
3118 p32[i] = 0x30303030;
3119
3120 p32[ 55] = 0x00313030;
3121 for(i = 56; i <= 73; i++)
3122 p32[i] = 0x00000000;
3123
3124 p32[ 74] = 0x32333035;
3125 p32[ 75] = 0x37663331;
3126 p32[ 76] = 0x34616338;
3127 p32[ 77] = 0x33383834;
3128 p32[ 78] = 0x33613166;
3129 p32[ 79] = 0x36313862;
3130 p32[ 80] = 0x38316632;
3131 p32[ 81] = 0x35356538;
3132 p32[ 82] = 0x32646333;
3133 p32[ 83] = 0x32663536;
3134 p32[ 84] = 0x35316333;
3135 p32[ 85] = 0x31613736;
3136 p32[ 86] = 0x36373836;
3137 p32[ 87] = 0x62333139;
3138 p32[ 88] = 0x61326330;
3139 p32[ 89] = 0x35343263;
3140 p32[ 90] = 0x32393438;
3141 p32[ 91] = 0x00363338;
3142 for(i = 92; i <= 109; i++)
3143 p32[i] = 0x00000000;
3144
3145 p32[110] = 0x64636331;
3146 p32[111] = 0x30383361;
3147 p32[112] = 0x39633166;
3148 p32[113] = 0x38313365;
3149 p32[114] = 0x66303964;
3150 p32[115] = 0x30643539;
3151 p32[116] = 0x34356537;
3152 p32[117] = 0x65663632;
3153 p32[118] = 0x34653738;
3154 p32[119] = 0x65306335;
3155 p32[120] = 0x34383138;
3156 p32[121] = 0x65383936;
3157 p32[122] = 0x36393534;
3158 p32[123] = 0x34363332;
3159 p32[124] = 0x31343365;
3160 p32[125] = 0x37313631;
3161 p32[126] = 0x32646437;
3162 p32[127] = 0x00393532;
3163 for(i = 128; i <= 145; i++)
3164 p32[i] = 0x00000000;
3165
3166 p32[146] = 0x00000044;
3167 for(i = 147; i <= 154; i++)
3168 p32[i] = 0x46464646;
3169
3170 for(i = 155; i <= 159; i++)
3171 p32[i] = 0x30303030;
3172
3173 p32[160] = 0x31303030;
3174 for(i = 161; i <= 190; i++)
3175 p32[i] = 0x00000000;
3176
3177 p32[191] = 0x00000055;
3178 p32[192] = 0x46464631;
3179 for(i = 193; i <= 199; i++)
3180 p32[i] = 0x46464646;
3181
3182 p32[200] = 0x45464646;
3183 p32[201] = 0x32454139;
3184 p32[202] = 0x37304445;
3185 p32[203] = 0x32373735;
3186 p32[204] = 0x46443536;
3187 p32[205] = 0x39463746;
3188 p32[206] = 0x31353434;
3189 p32[207] = 0x31363045;
3190 p32[208] = 0x33363145;
3191 p32[209] = 0x00313643;
3192 for(i = 210; i <= 235; i++)
3193 p32[i] = 0x00000000;
3194
3195 p32[236] = 0x0000011b;
3196 p32[237] = 0x0000000c;
3197 p32[238] = 0x00000007;
3198 p32[239] = 0x00000005;
3199 p32[240] = 0x00000001;
3200 return 0;
3201 case CURVE_K_409:
3202 p32[ 0] = 0x00000008;
3203 p32[ 1] = 0x00000067;
3204 for(i = 2; i <= 26; i++)
3205 p32[i] = 0x30303030;
3206
3207 p32[ 27] = 0x00303030;
3208 for(i = 28; i <= 37; i++)
3209 p32[i] = 0x00000000;
3210
3211 for(i = 38; i <= 62; i++)
3212 p32[i] = 0x30303030;
3213
3214 p32[ 63] = 0x00313030;
3215 for(i = 64; i <= 73; i++)
3216 p32[i] = 0x00000000;
3217
3218 p32[ 74] = 0x66303630;
3219 p32[ 75] = 0x36663530;
3220 p32[ 76] = 0x34663835;
3221 p32[ 77] = 0x61316339;
3222 p32[ 78] = 0x62613364;
3223 p32[ 79] = 0x30393831;
3224 p32[ 80] = 0x38313766;
3225 p32[ 81] = 0x30313234;
3226 p32[ 82] = 0x30646665;
3227 p32[ 83] = 0x65373839;
3228 p32[ 84] = 0x63373033;
3229 p32[ 85] = 0x32633438;
3230 p32[ 86] = 0x63636137;
3231 p32[ 87] = 0x66386266;
3232 p32[ 88] = 0x37366639;
3233 p32[ 89] = 0x63326363;
3234 p32[ 90] = 0x31303634;
3235 p32[ 91] = 0x62653938;
3236 p32[ 92] = 0x61616135;
3237 p32[ 93] = 0x65323661;
3238 p32[ 94] = 0x32323265;
3239 p32[ 95] = 0x62316265;
3240 p32[ 96] = 0x34353533;
3241 p32[ 97] = 0x65666330;
3242 p32[ 98] = 0x33323039;
3243 p32[ 99] = 0x00363437;
3244 for(i = 100; i <= 109; i++)
3245 p32[i] = 0x00000000;
3246
3247 p32[110] = 0x36336531;
3248 p32[111] = 0x30353039;
3249 p32[112] = 0x34633762;
3250 p32[113] = 0x61323465;
3251 p32[114] = 0x31616263;
3252 p32[115] = 0x62636164;
3253 p32[116] = 0x32343066;
3254 p32[117] = 0x33633939;
3255 p32[118] = 0x37303634;
3256 p32[119] = 0x39663238;
3257 p32[120] = 0x61653831;
3258 p32[121] = 0x65373234;
3259 p32[122] = 0x35323336;
3260 p32[123] = 0x65353631;
3261 p32[124] = 0x31616539;
3262 p32[125] = 0x64336530;
3263 p32[126] = 0x36663561;
3264 p32[127] = 0x65323463;
3265 p32[128] = 0x35356339;
3266 p32[129] = 0x61353132;
3267 p32[130] = 0x61633961;
3268 p32[131] = 0x35613732;
3269 p32[132] = 0x65333638;
3270 p32[133] = 0x64383463;
3271 p32[134] = 0x32306538;
3272 p32[135] = 0x00623638;
3273 for(i = 136; i <= 145; i++)
3274 p32[i] = 0x00000000;
3275
3276 p32[146] = 0x00000044;
3277 for(i = 147; i <= 154; i++)
3278 p32[i] = 0x46464646;
3279
3280 for(i = 155; i <= 159; i++)
3281 p32[i] = 0x30303030;
3282
3283 p32[160] = 0x31303030;
3284 for(i = 161; i <= 190; i++)
3285 p32[i] = 0x00000000;
3286
3287 p32[191] = 0x0000007b;
3288 p32[192] = 0x46464637;
3289 for(i = 193; i <= 203; i++)
3290 p32[i] = 0x46464646;
3291
3292 p32[204] = 0x45464646;
3293 p32[205] = 0x33384635;
3294 p32[206] = 0x34443242;
3295 p32[207] = 0x30324145;
3296 p32[208] = 0x45303034;
3297 p32[209] = 0x35353443;
3298 p32[210] = 0x45354437;
3299 p32[211] = 0x33453344;
3300 p32[212] = 0x41433745;
3301 p32[213] = 0x42344235;
3302 p32[214] = 0x33384335;
3303 p32[215] = 0x30453842;
3304 p32[216] = 0x46354531;
3305 p32[217] = 0x00004643;
3306 for(i = 218; i <= 235; i++)
3307 p32[i] = 0x00000000;
3308
3309 p32[236] = 0x00000199;
3310 p32[237] = 0x00000057;
3311 p32[238] = 0x00000057;
3312 p32[239] = 0x00000057;
3313 p32[240] = 0x00000001;
3314 return 0;
3315 case CURVE_K_571:
3316 p32[ 0] = 0x00000009;
3317 p32[ 1] = 0x0000008f;
3318 for(i = 2; i <= 36; i++)
3319 p32[i] = 0x30303030;
3320
3321 p32[ 37] = 0x00303030;
3322 for(i = 38; i <= 72; i++)
3323 p32[i] = 0x30303030;
3324
3325 p32[ 73] = 0x00313030;
3326 p32[ 74] = 0x62653632;
3327 p32[ 75] = 0x35386137;
3328 p32[ 76] = 0x33323939;
3329 p32[ 77] = 0x38636266;
3330 p32[ 78] = 0x39383132;
3331 p32[ 79] = 0x66313336;
3332 p32[ 80] = 0x33303138;
3333 p32[ 81] = 0x61346566;
3334 p32[ 82] = 0x61633963;
3335 p32[ 83] = 0x30373932;
3336 p32[ 84] = 0x64323130;
3337 p32[ 85] = 0x36346435;
3338 p32[ 86] = 0x38343230;
3339 p32[ 87] = 0x30383430;
3340 p32[ 88] = 0x31343831;
3341 p32[ 89] = 0x34346163;
3342 p32[ 90] = 0x39303733;
3343 p32[ 91] = 0x39343835;
3344 p32[ 92] = 0x30326233;
3345 p32[ 93] = 0x34366535;
3346 p32[ 94] = 0x33616437;
3347 p32[ 95] = 0x62643430;
3348 p32[ 96] = 0x62656334;
3349 p32[ 97] = 0x62633830;
3350 p32[ 98] = 0x62316462;
3351 p32[ 99] = 0x34393361;
3352 p32[100] = 0x37373439;
3353 p32[101] = 0x39626636;
3354 p32[102] = 0x34623838;
3355 p32[103] = 0x34373137;
3356 p32[104] = 0x38616364;
3357 p32[105] = 0x65376338;
3358 p32[106] = 0x35343932;
3359 p32[107] = 0x61333832;
3360 p32[108] = 0x38633130;
3361 p32[109] = 0x00323739;
3362 p32[110] = 0x64393433;
3363 p32[111] = 0x37303863;
3364 p32[112] = 0x62663466;
3365 p32[113] = 0x34373366;
3366 p32[114] = 0x65613466;
3367 p32[115] = 0x33656461;
3368 p32[116] = 0x39616362;
3369 p32[117] = 0x34313335;
3370 p32[118] = 0x38356464;
3371 p32[119] = 0x39636563;
3372 p32[120] = 0x37303366;
3373 p32[121] = 0x66343561;
3374 p32[122] = 0x31366366;
3375 p32[123] = 0x30636665;
3376 p32[124] = 0x38643630;
3377 p32[125] = 0x39633261;
3378 p32[126] = 0x37393464;
3379 p32[127] = 0x61306339;
3380 p32[128] = 0x61343463;
3381 p32[129] = 0x34376165;
3382 p32[130] = 0x62656266;
3383 p32[131] = 0x66396262;
3384 p32[132] = 0x61323737;
3385 p32[133] = 0x62636465;
3386 p32[134] = 0x62303236;
3387 p32[135] = 0x37613130;
3388 p32[136] = 0x61376162;
3389 p32[137] = 0x33623166;
3390 p32[138] = 0x33343032;
3391 p32[139] = 0x35386330;
3392 p32[140] = 0x38393139;
3393 p32[141] = 0x30366634;
3394 p32[142] = 0x34646331;
3395 p32[143] = 0x33343163;
3396 p32[144] = 0x63316665;
3397 p32[145] = 0x00336137;
3398 p32[146] = 0x00000044;
3399 for(i = 147; i <= 154; i++)
3400 p32[i] = 0x46464646;
3401
3402 for(i = 155; i <= 159; i++)
3403 p32[i] = 0x30303030;
3404
3405 p32[160] = 0x31303030;
3406 for(i = 161; i <= 190; i++)
3407 p32[i] = 0x00000000;
3408
3409 p32[191] = 0x000000ac;
3410 p32[192] = 0x30303032;
3411 for(i = 193; i <= 208; i++)
3412 p32[i] = 0x30303030;
3413
3414 p32[209] = 0x31303030;
3415 p32[210] = 0x35383133;
3416 p32[211] = 0x46314530;
3417 p32[212] = 0x36413931;
3418 p32[213] = 0x42344533;
3419 p32[214] = 0x41313933;
3420 p32[215] = 0x39424438;
3421 p32[216] = 0x34463731;
3422 p32[217] = 0x42383331;
3423 p32[218] = 0x44303336;
3424 p32[219] = 0x45423438;
3425 p32[220] = 0x33364435;
3426 p32[221] = 0x31383339;
3427 p32[222] = 0x44313945;
3428 p32[223] = 0x35344245;
3429 p32[224] = 0x37454643;
3430 p32[225] = 0x36463837;
3431 p32[226] = 0x31433733;
3432 p32[227] = 0x00313030;
3433 for(i = 228; i <= 235; i++)
3434 p32[i] = 0x00000000;
3435
3436 p32[236] = 0x0000023b;
3437 p32[237] = 0x0000000a;
3438 p32[238] = 0x00000005;
3439 p32[239] = 0x00000002;
3440 p32[240] = 0x00000001;
3441 return 0;
3442 }
3443
3444 return -1;
3445 }
3446
3447
3448
get_curve(E_ECC_CURVE ecc_curve)3449 static ECC_CURVE * get_curve(E_ECC_CURVE ecc_curve)
3450 {
3451 if(CurveCpy((unsigned int *)&Curve_Copy, ecc_curve))
3452 return NULL;
3453 else
3454 return &Curve_Copy;
3455
3456 }
3457
3458
3459 #else
get_curve(E_ECC_CURVE ecc_curve)3460 static ECC_CURVE * get_curve(E_ECC_CURVE ecc_curve)
3461 {
3462 uint32_t i;
3463 ECC_CURVE *ret = NULL;
3464
3465 for(i = 0UL; i < sizeof(_Curve) / sizeof(ECC_CURVE); i++)
3466 {
3467 if(ecc_curve == _Curve[i].curve_id)
3468 {
3469 memcpy((char *)&Curve_Copy, &_Curve[i], sizeof(ECC_CURVE));
3470 ret = &Curve_Copy; /* (ECC_CURVE *)&_Curve[i]; */
3471 }
3472 if(ret != NULL)
3473 {
3474 break;
3475 }
3476 }
3477 return ret;
3478 }
3479 #endif
3480
3481
3482 /*@}*/ /* end of group CRYPTO_EXPORTED_FUNCTIONS */
3483
3484 /*@}*/ /* end of group CRYPTO_Driver */
3485
3486 /*@}*/ /* end of group Standard_Driver */
3487
3488
