Back to home page

OSCL-LXR
 
 

     

0001 /* SPDX-License-Identifier: GPL-2.0+ */
0002 /*
0003  * Definitions of EC-RDSA Curve Parameters
0004  *
0005  * Copyright (c) 2019 Vitaly Chikunov <vt@altlinux.org>
0006  *
0007  * This program is free software; you can redistribute it and/or modify it
0008  * under the terms of the GNU General Public License as published by the Free
0009  * Software Foundation; either version 2 of the License, or (at your option)
0010  * any later version.
0011  */
0012 
0013 #ifndef _CRYTO_ECRDSA_DEFS_H
0014 #define _CRYTO_ECRDSA_DEFS_H
0015 
0016 #include <crypto/internal/ecc.h>
0017 
0018 #define ECRDSA_MAX_SIG_SIZE (2 * 512 / 8)
0019 #define ECRDSA_MAX_DIGITS (512 / 64)
0020 
0021 /*
0022  * EC-RDSA uses its own set of curves.
0023  *
0024  * cp256{a,b,c} curves first defined for GOST R 34.10-2001 in RFC 4357 (as
0025  * 256-bit {A,B,C}-ParamSet), but inherited for GOST R 34.10-2012 and
0026  * proposed for use in R 50.1.114-2016 and RFC 7836 as the 256-bit curves.
0027  */
0028 /* OID_gostCPSignA 1.2.643.2.2.35.1 */
0029 static u64 cp256a_g_x[] = {
0030     0x0000000000000001ull, 0x0000000000000000ull,
0031     0x0000000000000000ull, 0x0000000000000000ull, };
0032 static u64 cp256a_g_y[] = {
0033     0x22ACC99C9E9F1E14ull, 0x35294F2DDF23E3B1ull,
0034     0x27DF505A453F2B76ull, 0x8D91E471E0989CDAull, };
0035 static u64 cp256a_p[] = { /* p = 2^256 - 617 */
0036     0xFFFFFFFFFFFFFD97ull, 0xFFFFFFFFFFFFFFFFull,
0037     0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull };
0038 static u64 cp256a_n[] = {
0039     0x45841B09B761B893ull, 0x6C611070995AD100ull,
0040     0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull };
0041 static u64 cp256a_a[] = { /* a = p - 3 */
0042     0xFFFFFFFFFFFFFD94ull, 0xFFFFFFFFFFFFFFFFull,
0043     0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull };
0044 static u64 cp256a_b[] = {
0045     0x00000000000000a6ull, 0x0000000000000000ull,
0046     0x0000000000000000ull, 0x0000000000000000ull };
0047 
0048 static struct ecc_curve gost_cp256a = {
0049     .name = "cp256a",
0050     .g = {
0051         .x = cp256a_g_x,
0052         .y = cp256a_g_y,
0053         .ndigits = 256 / 64,
0054     },
0055     .p = cp256a_p,
0056     .n = cp256a_n,
0057     .a = cp256a_a,
0058     .b = cp256a_b
0059 };
0060 
0061 /* OID_gostCPSignB 1.2.643.2.2.35.2 */
0062 static u64 cp256b_g_x[] = {
0063     0x0000000000000001ull, 0x0000000000000000ull,
0064     0x0000000000000000ull, 0x0000000000000000ull, };
0065 static u64 cp256b_g_y[] = {
0066     0x744BF8D717717EFCull, 0xC545C9858D03ECFBull,
0067     0xB83D1C3EB2C070E5ull, 0x3FA8124359F96680ull, };
0068 static u64 cp256b_p[] = { /* p = 2^255 + 3225 */
0069     0x0000000000000C99ull, 0x0000000000000000ull,
0070     0x0000000000000000ull, 0x8000000000000000ull, };
0071 static u64 cp256b_n[] = {
0072     0xE497161BCC8A198Full, 0x5F700CFFF1A624E5ull,
0073     0x0000000000000001ull, 0x8000000000000000ull, };
0074 static u64 cp256b_a[] = { /* a = p - 3 */
0075     0x0000000000000C96ull, 0x0000000000000000ull,
0076     0x0000000000000000ull, 0x8000000000000000ull, };
0077 static u64 cp256b_b[] = {
0078     0x2F49D4CE7E1BBC8Bull, 0xE979259373FF2B18ull,
0079     0x66A7D3C25C3DF80Aull, 0x3E1AF419A269A5F8ull, };
0080 
0081 static struct ecc_curve gost_cp256b = {
0082     .name = "cp256b",
0083     .g = {
0084         .x = cp256b_g_x,
0085         .y = cp256b_g_y,
0086         .ndigits = 256 / 64,
0087     },
0088     .p = cp256b_p,
0089     .n = cp256b_n,
0090     .a = cp256b_a,
0091     .b = cp256b_b
0092 };
0093 
0094 /* OID_gostCPSignC 1.2.643.2.2.35.3 */
0095 static u64 cp256c_g_x[] = {
0096     0x0000000000000000ull, 0x0000000000000000ull,
0097     0x0000000000000000ull, 0x0000000000000000ull, };
0098 static u64 cp256c_g_y[] = {
0099     0x366E550DFDB3BB67ull, 0x4D4DC440D4641A8Full,
0100     0x3CBF3783CD08C0EEull, 0x41ECE55743711A8Cull, };
0101 static u64 cp256c_p[] = {
0102     0x7998F7B9022D759Bull, 0xCF846E86789051D3ull,
0103     0xAB1EC85E6B41C8AAull, 0x9B9F605F5A858107ull,
0104     /* pre-computed value for Barrett's reduction */
0105     0xedc283cdd217b5a2ull, 0xbac48fc06398ae59ull,
0106     0x405384d55f9f3b73ull, 0xa51f176161f1d734ull,
0107     0x0000000000000001ull, };
0108 static u64 cp256c_n[] = {
0109     0xF02F3A6598980BB9ull, 0x582CA3511EDDFB74ull,
0110     0xAB1EC85E6B41C8AAull, 0x9B9F605F5A858107ull, };
0111 static u64 cp256c_a[] = { /* a = p - 3 */
0112     0x7998F7B9022D7598ull, 0xCF846E86789051D3ull,
0113     0xAB1EC85E6B41C8AAull, 0x9B9F605F5A858107ull, };
0114 static u64 cp256c_b[] = {
0115     0x000000000000805aull, 0x0000000000000000ull,
0116     0x0000000000000000ull, 0x0000000000000000ull, };
0117 
0118 static struct ecc_curve gost_cp256c = {
0119     .name = "cp256c",
0120     .g = {
0121         .x = cp256c_g_x,
0122         .y = cp256c_g_y,
0123         .ndigits = 256 / 64,
0124     },
0125     .p = cp256c_p,
0126     .n = cp256c_n,
0127     .a = cp256c_a,
0128     .b = cp256c_b
0129 };
0130 
0131 /* tc512{a,b} curves first recommended in 2013 and then standardized in
0132  * R 50.1.114-2016 and RFC 7836 for use with GOST R 34.10-2012 (as TC26
0133  * 512-bit ParamSet{A,B}).
0134  */
0135 /* OID_gostTC26Sign512A 1.2.643.7.1.2.1.2.1 */
0136 static u64 tc512a_g_x[] = {
0137     0x0000000000000003ull, 0x0000000000000000ull,
0138     0x0000000000000000ull, 0x0000000000000000ull,
0139     0x0000000000000000ull, 0x0000000000000000ull,
0140     0x0000000000000000ull, 0x0000000000000000ull, };
0141 static u64 tc512a_g_y[] = {
0142     0x89A589CB5215F2A4ull, 0x8028FE5FC235F5B8ull,
0143     0x3D75E6A50E3A41E9ull, 0xDF1626BE4FD036E9ull,
0144     0x778064FDCBEFA921ull, 0xCE5E1C93ACF1ABC1ull,
0145     0xA61B8816E25450E6ull, 0x7503CFE87A836AE3ull, };
0146 static u64 tc512a_p[] = { /* p = 2^512 - 569 */
0147     0xFFFFFFFFFFFFFDC7ull, 0xFFFFFFFFFFFFFFFFull,
0148     0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
0149     0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
0150     0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull, };
0151 static u64 tc512a_n[] = {
0152     0xCACDB1411F10B275ull, 0x9B4B38ABFAD2B85Dull,
0153     0x6FF22B8D4E056060ull, 0x27E69532F48D8911ull,
0154     0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
0155     0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull, };
0156 static u64 tc512a_a[] = { /* a = p - 3 */
0157     0xFFFFFFFFFFFFFDC4ull, 0xFFFFFFFFFFFFFFFFull,
0158     0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
0159     0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
0160     0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull, };
0161 static u64 tc512a_b[] = {
0162     0x503190785A71C760ull, 0x862EF9D4EBEE4761ull,
0163     0x4CB4574010DA90DDull, 0xEE3CB090F30D2761ull,
0164     0x79BD081CFD0B6265ull, 0x34B82574761CB0E8ull,
0165     0xC1BD0B2B6667F1DAull, 0xE8C2505DEDFC86DDull, };
0166 
0167 static struct ecc_curve gost_tc512a = {
0168     .name = "tc512a",
0169     .g = {
0170         .x = tc512a_g_x,
0171         .y = tc512a_g_y,
0172         .ndigits = 512 / 64,
0173     },
0174     .p = tc512a_p,
0175     .n = tc512a_n,
0176     .a = tc512a_a,
0177     .b = tc512a_b
0178 };
0179 
0180 /* OID_gostTC26Sign512B 1.2.643.7.1.2.1.2.2 */
0181 static u64 tc512b_g_x[] = {
0182     0x0000000000000002ull, 0x0000000000000000ull,
0183     0x0000000000000000ull, 0x0000000000000000ull,
0184     0x0000000000000000ull, 0x0000000000000000ull,
0185     0x0000000000000000ull, 0x0000000000000000ull, };
0186 static u64 tc512b_g_y[] = {
0187     0x7E21340780FE41BDull, 0x28041055F94CEEECull,
0188     0x152CBCAAF8C03988ull, 0xDCB228FD1EDF4A39ull,
0189     0xBE6DD9E6C8EC7335ull, 0x3C123B697578C213ull,
0190     0x2C071E3647A8940Full, 0x1A8F7EDA389B094Cull, };
0191 static u64 tc512b_p[] = { /* p = 2^511 + 111 */
0192     0x000000000000006Full, 0x0000000000000000ull,
0193     0x0000000000000000ull, 0x0000000000000000ull,
0194     0x0000000000000000ull, 0x0000000000000000ull,
0195     0x0000000000000000ull, 0x8000000000000000ull, };
0196 static u64 tc512b_n[] = {
0197     0xC6346C54374F25BDull, 0x8B996712101BEA0Eull,
0198     0xACFDB77BD9D40CFAull, 0x49A1EC142565A545ull,
0199     0x0000000000000001ull, 0x0000000000000000ull,
0200     0x0000000000000000ull, 0x8000000000000000ull, };
0201 static u64 tc512b_a[] = { /* a = p - 3 */
0202     0x000000000000006Cull, 0x0000000000000000ull,
0203     0x0000000000000000ull, 0x0000000000000000ull,
0204     0x0000000000000000ull, 0x0000000000000000ull,
0205     0x0000000000000000ull, 0x8000000000000000ull, };
0206 static u64 tc512b_b[] = {
0207     0xFB8CCBC7C5140116ull, 0x50F78BEE1FA3106Eull,
0208     0x7F8B276FAD1AB69Cull, 0x3E965D2DB1416D21ull,
0209     0xBF85DC806C4B289Full, 0xB97C7D614AF138BCull,
0210     0x7E3E06CF6F5E2517ull, 0x687D1B459DC84145ull, };
0211 
0212 static struct ecc_curve gost_tc512b = {
0213     .name = "tc512b",
0214     .g = {
0215         .x = tc512b_g_x,
0216         .y = tc512b_g_y,
0217         .ndigits = 512 / 64,
0218     },
0219     .p = tc512b_p,
0220     .n = tc512b_n,
0221     .a = tc512b_a,
0222     .b = tc512b_b
0223 };
0224 
0225 #endif
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!