| /* |
| * |
| * Copyright (c) 2016-2017 Nest Labs, Inc. |
| * All rights reserved. |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #include <stdlib.h> |
| #include <stdint.h> |
| #include <string.h> |
| |
| #include "ToolCommon.h" |
| #include <Weave/Core/WeaveConfig.h> |
| |
| #include <nlbyteorder.hpp> |
| |
| // ============================================================ |
| // Domain parameters for Micro ECC Cryptographic primitives testing. |
| // |
| // Parameters and function results are taken from: |
| // |
| // https://www.nsa.gov/ia/_files/nist-routines.pdf |
| // |
| // The following curves are supported: |
| // secp192r1 |
| // secp224r1 |
| // secp256r1 |
| // |
| // Results for the following cryptographic funcitons are given: |
| // Radd = S + T - point addition |
| // Rsub = S - T - point subtration |
| // Rdbl = 2 * S - point double |
| // Rmul = d * S - point scalar multiplication |
| // Rjsm = dS + eT - joint scalar multiply |
| // |
| // ============================================================ |
| |
| #if WEAVE_CONFIG_USE_OPENSSL_ECC |
| |
| #include <openssl/bn.h> |
| |
| #define OPENSSL_Constant(NAME, WORDS) \ |
| BIGNUM *NAME() \ |
| { \ |
| uint32_t val[sizeof(WORDS)/sizeof(uint32_t)]; \ |
| const size_t numWords = (sizeof(WORDS)/sizeof(uint32_t)); \ |
| \ |
| /* Make local copy of words. */ \ |
| memcpy((uint8_t *)val, (const uint8_t *)(WORDS), sizeof(val)); \ |
| \ |
| /* Swap bytes in words to big-endian order. */ \ |
| for (size_t i = 0; i < numWords; i++) \ |
| val[i] = nl::ByteOrder::Swap32HostToBig(val[i]); \ |
| \ |
| /* Swap words in array to big-endian order. */ \ |
| for (size_t i = 0; i < numWords / 2; i++) \ |
| { \ |
| uint32_t tmp = val[numWords - 1 - i]; \ |
| val[numWords - 1 - i] = val[i]; \ |
| val[i] = tmp; \ |
| } \ |
| \ |
| /* Construct BIGNUM. */ \ |
| return BN_bin2bn((uint8_t *)val, sizeof(val), NULL); \ |
| } |
| |
| #define OPENSSL_PointXYConstants(NAME_BASE, POINT) \ |
| OPENSSL_Constant(NAME_BASE##_X, (POINT)[0]) \ |
| OPENSSL_Constant(NAME_BASE##_Y, (POINT)[1]) |
| |
| #else // WEAVE_CONFIG_USE_OPENSSL_ECC |
| |
| #define OPENSSL_Constant(NAME, WORDS) /**/ |
| #define OPENSSL_PointXYConstants(NAME_BASE, POINT) /**/ |
| |
| #endif // WEAVE_CONFIG_USE_OPENSSL_ECC |
| |
| |
| // ============================================================ |
| // NIST-P192 |
| // ============================================================ |
| |
| uint32_t sNIST_P192_ECPointS[2][6] = |
| { |
| { 0x3e97acf8, 0x53a01207, 0xd2467693, 0x0c330266, 0x27ae671b, 0xd458e7d1 }, |
| { 0x5086df3b, 0x5673a164, 0xcf7fb11b, 0x6bddc050, 0x0d851f33, 0x32593050 } |
| }; |
| |
| uint32_t sNIST_P192_ECPointT[2][6] = |
| { |
| { 0x9b9753a4, 0xbe16fb05, 0x87fdbd01, 0x67ddecdd, 0x213e9ebe, 0xf22c4395 }, |
| { 0x691a9c79, 0xa9cecc97, 0xf8dfb41f, 0x7796db48, 0x6af2b359, 0x26442409 } |
| }; |
| |
| uint32_t sNIST_P192_ScalarD[] = |
| { |
| 0xf64c74ee, 0x8255391a, 0xa542463a, 0x5dd41b33, 0x60baec0c, 0xa78a236d |
| }; |
| |
| uint32_t sNIST_P192_ScalarE[] = |
| { |
| 0x85b972bc, 0x9bc393cd, 0xab7cce88, 0x1e4de8ce, 0xec3089e7, 0xc4be3d53 |
| }; |
| |
| uint32_t sNIST_P192_ECPointRadd[2][6] = |
| { |
| { 0xde4d0290, 0x8e843894, 0x77b8abf5, 0xa9d0f1f0, 0x6b9b8e5c, 0x48e1e409 }, |
| { 0xd7b6aa4b, 0x63c94117, 0xa3648d3d, 0xfb16aa48, 0x797cd7db, 0x408fa77c } |
| }; |
| |
| uint32_t sNIST_P192_ECPointRsub[2][6] = |
| { |
| { 0xe9f64a2e, 0xc4688f11, 0xc9f61eab, 0x0cc8cc3b, 0x5abfb4fe, 0xfc9683cc }, |
| { 0x523d816b, 0xd31745d0, 0xa73c23cd, 0x732b1bd2, 0x0fb78269, 0x093e31d0 } |
| }; |
| |
| uint32_t sNIST_P192_ECPointRdbl[2][6] = |
| { |
| { 0x3f6e6962, 0xba42d25a, 0x14dd8a0e, 0x54b373dc, 0x8c7da253, 0x30c5bc6b }, |
| { 0xc9d889cf, 0xbbcb2968, 0xf011e2dd, 0xc407aedb, 0x4249a721, 0x0dde14bc } |
| }; |
| |
| uint32_t sNIST_P192_ECPointRmul[2][6] = |
| { |
| { 0x65bf6d31, 0x62a69529, 0xe3bcec9a, 0x2d0a8f25, 0x5a4f669d, 0x1faee420 }, |
| { 0x8260fb06, 0x9e7a4d7e, 0x7c696f17, 0x89236708, 0x508a2581, 0x5ff2cdfa } |
| }; |
| |
| uint32_t sNIST_P192_ECPointRjsm[2][6] = |
| { |
| { 0x778b5bde, 0x60ecb9e1, 0xc17c9bfa, 0xb7dfea82, 0xd8fa9b72, 0x019f64ee }, |
| { 0x83503644, 0x3c61f35d, 0x800e2a7e, 0x4ced33fb, 0xcd8655fa, 0x16590c5f } |
| }; |
| |
| OPENSSL_PointXYConstants(NIST_P192_ECPointS, sNIST_P192_ECPointS) |
| OPENSSL_PointXYConstants(NIST_P192_ECPointT, sNIST_P192_ECPointT) |
| OPENSSL_Constant(NIST_P192_D, sNIST_P192_ScalarD) |
| OPENSSL_Constant(NIST_P192_E, sNIST_P192_ScalarE) |
| OPENSSL_PointXYConstants(NIST_P192_ECPointRadd, sNIST_P192_ECPointRadd) |
| OPENSSL_PointXYConstants(NIST_P192_ECPointRsub, sNIST_P192_ECPointRsub) |
| OPENSSL_PointXYConstants(NIST_P192_ECPointRdbl, sNIST_P192_ECPointRdbl) |
| OPENSSL_PointXYConstants(NIST_P192_ECPointRmul, sNIST_P192_ECPointRmul) |
| OPENSSL_PointXYConstants(NIST_P192_ECPointRjsm, sNIST_P192_ECPointRjsm) |
| |
| |
| // ============================================================ |
| // NIST-P224 |
| // ============================================================ |
| |
| uint32_t sNIST_P224_ECPointS[2][7] = |
| { |
| { 0x9a10bb5b, 0xc6fdf16e, 0x95518df3, 0xdd6c97da, 0x43dc814e, 0xa59a9308, 0x6eca814b }, |
| { 0x64d7bf22, 0x7e05dc6b, 0xd8099414, 0xf259b89c, 0x6aec0ca0, 0x0963bc8b, 0xef4b497f } |
| }; |
| |
| uint32_t sNIST_P224_ECPointT[2][7] = |
| { |
| { 0x3826bd6d, 0x5d39ac90, 0x8e6ef23c, 0x00296964, 0x88d7e842, 0xa5cb03fb, 0xb72b25ae }, |
| { 0x34f10c34, 0x1a2dc8b4, 0x33ea729c, 0x1af7dceb, 0x71b5b409, 0x34984f0b, 0xc42a8a4d } |
| }; |
| |
| uint32_t sNIST_P224_ScalarD[] = |
| { |
| 0xaaf1d73b, 0x711e6363, 0x06d37f52, 0x6fbb03df, 0x8e36b2dd, 0xeaca0fcc, 0xa78ccc30 |
| }; |
| |
| uint32_t sNIST_P224_ScalarE[] = |
| { |
| 0x6ed35736, 0xa88aa77a, 0x3fc8177f, 0x71e8e070, 0x2519d73e, 0xc08c9659, 0x54d549ff |
| }; |
| |
| uint32_t sNIST_P224_ECPointRadd[2][7] = |
| { |
| { 0xe8d2fd15, 0xa2162afa, 0x6d2bcfca, 0xd478ee0a, 0x776b107b, 0xe84c2f7d, 0x236f26d9 }, |
| { 0xbb0fda70, 0xd536ae25, 0xb7d5cdf8, 0x471297a0, 0x746f6a97, 0x904ce6c3, 0xe53cc0a7 } |
| }; |
| |
| uint32_t sNIST_P224_ECPointRsub[2][7] = |
| { |
| { 0x5210b332, 0x2a793133, 0x61541385, 0xca1054f3, 0x0b36047b, 0xc8f34d4f, 0xdb4112bc }, |
| { 0x55a8d961, 0x520a0ffb, 0xfacf787a, 0x2396f411, 0x78c1540b, 0x4da48138, 0x90c6e830 } |
| }; |
| |
| uint32_t sNIST_P224_ECPointRdbl[2][7] = |
| { |
| { 0xcb5cdfc7, 0x2f165e29, 0xd8ee2685, 0xebb46efa, 0x7ca56850, 0x17dee0f2, 0xa9c96f21 }, |
| { 0x37dfdd7d, 0x49bfbf58, 0x207840bf, 0x417d9579, 0xd76d4930, 0xcf77ced4, 0xadf18c84 } |
| }; |
| |
| uint32_t sNIST_P224_ECPointRmul[2][7] = |
| { |
| { 0x2702bca4, 0xfdaacc39, 0x736a14c6, 0xdb95777e, 0xff1113ab, 0x92a8d72b, 0x96a7625e }, |
| { 0xada3ed10, 0xc70d15db, 0x8b43dfad, 0x80191525, 0x13cd2fd5, 0x942a3c5e, 0x0f8e5702 } |
| }; |
| |
| uint32_t sNIST_P224_ECPointRjsm[2][7] = |
| { |
| { 0xe288c83e, 0xab838d52, 0x18c5b350, 0x3ffd94c9, 0x302a67ea, 0xc7b2cda1, 0xdbfe2958 }, |
| { 0x147bb18b, 0x7acbc5b8, 0x861aacb8, 0xcc7f0c5a, 0xff4895ab, 0xac3b0549, 0x2f521b83 } |
| }; |
| |
| OPENSSL_PointXYConstants(NIST_P224_ECPointS, sNIST_P224_ECPointS) |
| OPENSSL_PointXYConstants(NIST_P224_ECPointT, sNIST_P224_ECPointT) |
| OPENSSL_Constant(NIST_P224_D, sNIST_P224_ScalarD) |
| OPENSSL_Constant(NIST_P224_E, sNIST_P224_ScalarE) |
| OPENSSL_PointXYConstants(NIST_P224_ECPointRadd, sNIST_P224_ECPointRadd) |
| OPENSSL_PointXYConstants(NIST_P224_ECPointRsub, sNIST_P224_ECPointRsub) |
| OPENSSL_PointXYConstants(NIST_P224_ECPointRdbl, sNIST_P224_ECPointRdbl) |
| OPENSSL_PointXYConstants(NIST_P224_ECPointRmul, sNIST_P224_ECPointRmul) |
| OPENSSL_PointXYConstants(NIST_P224_ECPointRjsm, sNIST_P224_ECPointRjsm) |
| |
| |
| // ============================================================ |
| // NIST-P256 |
| // ============================================================ |
| |
| uint32_t sNIST_P256_ECPointS[2][8] = |
| { |
| { 0x89da97c9, 0xb77cab39, 0x221a8fa0, 0x617519b3, 0x0f271508, 0x82edd27e, 0xbc8d36e6, 0xde2444be }, |
| { 0x3042a256, 0xb6350b24, 0x53cec576, 0x702de80f, 0xd1e66659, 0xfc01a5aa, 0xf36e5380, 0xc093ae7f } |
| }; |
| |
| uint32_t sNIST_P256_ECPointT[2][8] = |
| { |
| { 0x35e0986b, 0xbb8cf92e, 0x61c89575, 0x39540dc8, 0x5316212e, 0x62f6b3b2, 0x8da1d44e, 0x55a8b00f }, |
| { 0xc8b24316, 0xb656e9d8, 0x598b9e7a, 0xf61a8a52, 0xc4c3dd90, 0x4835d82a, 0x9c2d6c70, 0x5421c320 } |
| }; |
| |
| uint32_t sNIST_P256_ScalarD[] = |
| { |
| 0x2ffb06fd, 0x6522468b, 0x3072708b, 0xd0c7a893, 0x92f43f8d, 0xb6c6a5b9, 0xafdec1e6, 0xc51e4753 |
| }; |
| |
| uint32_t sNIST_P256_ScalarE[] = |
| { |
| 0xea029db7, 0xa358016a, 0x37acdd83, 0x5ee8332d, 0xfe3f0b35, 0xf0145cbe, 0xce72a462, 0xd37f628e |
| }; |
| |
| uint32_t sNIST_P256_ECPointRadd[2][8] = |
| { |
| { 0x545a067e, 0x553cf35a, 0xac476bd4, 0x70349191, 0x8cc5ba69, 0x745195e9, 0x354b6b81, 0x72b13dd4 }, |
| { 0x744ac264, 0x6d013011, 0x5aa5c9d4, 0xc33b1331, 0x22d7620d, 0x5241a8a1, 0x2e1327d7, 0x8d585cbb } |
| }; |
| |
| uint32_t sNIST_P256_ECPointRsub[2][8] = |
| { |
| { 0xd6be6021, 0x3e7dc64a, 0xf1c73ea1, 0x837419f8, 0x6129deab, 0x2aad1dbf, 0xb251bb1d, 0xc09ce680 }, |
| { 0xb1975ef3, 0xce30675f, 0xfdf6c3f4, 0x3414a022, 0x4edab172, 0x6b2f9bad, 0x00bd8833, 0x1a815bf7 } |
| }; |
| |
| uint32_t sNIST_P256_ECPointRdbl[2][8] = |
| { |
| { 0xdb6127b0, 0x2a860ffc, 0xb17481b8, 0xdf6c22f3, 0xe0024c33, 0xa1a8eef1, 0x1606ee3b, 0x7669e690 }, |
| { 0xdb61d0c7, 0xe10ca2c1, 0xcd03023d, 0x389ef3ee, 0x072f33de, 0xc39f6ee0, 0x187a54f6, 0xfa878162 } |
| }; |
| |
| uint32_t sNIST_P256_ECPointRmul[2][8] = |
| { |
| { 0x4eeca03f, 0xacc89ba3, 0xcfc18bed, 0xe62becc3, 0x83c97d11, 0x2946d88d, 0x2d427888, 0x51d08d5f }, |
| { 0x6a7b41d5, 0x35beca95, 0xa6c0cf30, 0x06f8fcf8, 0x1f6e744e, 0x5b673ab5, 0x8bf626aa, 0x75ee68eb } |
| }; |
| |
| uint32_t sNIST_P256_ECPointRjsm[2][8] = |
| { |
| { 0x8341f6b8, 0xf857b858, 0x3daacbef, 0xefcf5841, 0xb8046245, 0x34939221, 0x92210092, 0xd867b467 }, |
| { 0x0f615275, 0x35d54bd8, 0xec7e50dd, 0x106b6607, 0xad69c745, 0x2d22720d, 0xc03cede1, 0xf2504055 } |
| }; |
| |
| OPENSSL_PointXYConstants(NIST_P256_ECPointS, sNIST_P256_ECPointS) |
| OPENSSL_PointXYConstants(NIST_P256_ECPointT, sNIST_P256_ECPointT) |
| OPENSSL_Constant(NIST_P256_D, sNIST_P256_ScalarD) |
| OPENSSL_Constant(NIST_P256_E, sNIST_P256_ScalarE) |
| OPENSSL_PointXYConstants(NIST_P256_ECPointRadd, sNIST_P256_ECPointRadd) |
| OPENSSL_PointXYConstants(NIST_P256_ECPointRsub, sNIST_P256_ECPointRsub) |
| OPENSSL_PointXYConstants(NIST_P256_ECPointRdbl, sNIST_P256_ECPointRdbl) |
| OPENSSL_PointXYConstants(NIST_P256_ECPointRmul, sNIST_P256_ECPointRmul) |
| OPENSSL_PointXYConstants(NIST_P256_ECPointRjsm, sNIST_P256_ECPointRjsm) |
| |
| |
| // ============================================================ |
| // END |
| // ============================================================ |