feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #4472 from utzig/ksdk-port-koblitz

Browse Source 
nxp: ksdk: add support for Koblitz curves
This commit is contained in:
David Garske
2021-10-19 21:14:38 -07:00
committed by GitHub
parent a145f3107d d297a06c25
commit 892685ac59
2 changed files with 179 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

230
wolfcrypt/src/port/nxp/ksdk_port.c
View File

@@ -778,121 +778,233 @@ static int ltc_get_from_mp_int(uint8_t *dst, mp_int *a, int sz)
#define ECC384
#endif
/* P-256 */
#ifdef ECC256
static const uint8_t ltc_ecc256_modulus[32] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF};
static const uint8_t ltc_ecc256_r2modn[32] = { /* R^2 mod N */
0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF,
0xFF, 0xFB, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0x04, 0x00, 0x00, 0x00};
static const uint8_t ltc_ecc256_aCurveParam[32] = {
0xFC, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF};
static const uint8_t ltc_ecc256_bCurveParam[32] = {
0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B, 0xF6, 0xB0, 0x53,
0xCC, 0xB0, 0x06, 0x1D, 0x65, 0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD,
0xEB, 0xB3, 0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A};
#endif
#ifdef ECC192
static const uint8_t ltc_ecc192_modulus[24] = {
#ifndef NO_ECC_SECP
static const uint8_t ltc_secp192r1_modulus[24] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
static const uint8_t ltc_ecc192_r2modn[24] = {
static const uint8_t ltc_secp192r1_r2modn[24] = {
0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
static const uint8_t ltc_ecc192_aCurveParam[24] = {
static const uint8_t ltc_secp192r1_aCurveParam[24] = {
0xFC, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
static const uint8_t ltc_ecc192_bCurveParam[24] = {
static const uint8_t ltc_secp192r1_bCurveParam[24] = {
0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE, 0x49, 0x30, 0x24, 0x72,
0xAB, 0xE9, 0xA7, 0x0F, 0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64};
#endif
#ifdef HAVE_ECC_KOBLITZ
static const uint8_t ltc_secp192k1_modulus[24] = {
0x37, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
static const uint8_t ltc_secp192k1_r2modn[24] = {
0xD1, 0x4F, 0x3C, 0x01, 0x92, 0x23, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
static const uint8_t ltc_secp192k1_aCurveParam[24] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
static const uint8_t ltc_secp192k1_bCurveParam[24] = {
0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
#endif
#endif /* ECC192 */
#ifdef ECC224
static const uint8_t ltc_ecc224_modulus[28] = {
#ifndef NO_ECC_SECP
static const uint8_t ltc_secp224r1_modulus[28] = {
0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
static const uint8_t ltc_ecc224_r2modn[28] = {
static const uint8_t ltc_secp224r1_r2modn[28] = {
0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00};
static const uint8_t ltc_ecc224_aCurveParam[28] = {
static const uint8_t ltc_secp224r1_aCurveParam[28] = {
0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
static const uint8_t ltc_ecc224_bCurveParam[28] = {
static const uint8_t ltc_secp224r1_bCurveParam[28] = {
0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27, 0xBA, 0xD8,
0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50, 0x56, 0x32, 0x41, 0xF5,
0xAB, 0xB3, 0x04, 0x0C, 0x85, 0x0A, 0x05, 0xB4};
#endif
#ifdef HAVE_ECC_KOBLITZ
static const uint8_t ltc_secp224k1_modulus[28] = {
0x6D, 0xE5, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
static const uint8_t ltc_secp224k1_r2modn[28] = {
0x69, 0x30, 0xC2, 0x02, 0x26, 0x35, 0x00, 0x00, 0x01, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
static const uint8_t ltc_secp224k1_aCurveParam[28] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
static const uint8_t ltc_secp224k1_bCurveParam[28] = {
0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
#endif
#endif /* ECC224 */
#ifdef ECC256
#ifndef NO_ECC_SECP
static const uint8_t ltc_secp256r1_modulus[32] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF};
static const uint8_t ltc_secp256r1_r2modn[32] = { /* R^2 mod N */
0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF,
0xFF, 0xFB, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0x04, 0x00, 0x00, 0x00};
static const uint8_t ltc_secp256r1_aCurveParam[32] = {
0xFC, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF};
static const uint8_t ltc_secp256r1_bCurveParam[32] = {
0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B, 0xF6, 0xB0, 0x53,
0xCC, 0xB0, 0x06, 0x1D, 0x65, 0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD,
0xEB, 0xB3, 0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A};
#endif
#ifdef HAVE_ECC_KOBLITZ
static const uint8_t ltc_secp256k1_modulus[32] = {
0x2F, 0xFC, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
static const uint8_t ltc_secp256k1_r2modn[32] = { /* R^2 mod N */
0xA1, 0x90, 0x0E, 0x00, 0xA2, 0x07, 0x00, 0x00, 0x01, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
static const uint8_t ltc_secp256k1_aCurveParam[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
static const uint8_t ltc_secp256k1_bCurveParam[32] = {
0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
#endif
#endif /* ECC256 */
#ifdef ECC384
static const uint8_t ltc_ecc384_modulus[48] = {
#ifndef NO_ECC_SECP
static const uint8_t ltc_secp384r1_modulus[48] = {
0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
static const uint8_t ltc_ecc384_r2modn[48] = {
static const uint8_t ltc_secp384r1_r2modn[48] = {
0x01, 0x00, 0x00, 0x00, 0xfe, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfe, 0xff, 0xff, 0xff,
0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
static const uint8_t ltc_ecc384_aCurveParam[48] = {
static const uint8_t ltc_secp384r1_aCurveParam[48] = {
0xfc, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
static const uint8_t ltc_ecc384_bCurveParam[48] = {
static const uint8_t ltc_secp384r1_bCurveParam[48] = {
0xef, 0x2a, 0xec, 0xd3, 0xed, 0xc8, 0x85, 0x2a, 0x9d, 0xd1, 0x2e, 0x8a,
0x8d, 0x39, 0x56, 0xc6, 0x5a, 0x87, 0x13, 0x50, 0x8f, 0x08, 0x14, 0x03,
0x12, 0x41, 0x81, 0xfe, 0x6e, 0x9c, 0x1d, 0x18, 0x19, 0x2d, 0xf8, 0xe3,
0x6b, 0x05, 0x8e, 0x98, 0xe4, 0xe7, 0x3e, 0xe2, 0xa7, 0x2f, 0x31, 0xb3};
#endif
#endif /* ECC384 */
static int ltc_get_ecc_specs(const uint8_t **modulus, const uint8_t **r2modn,
const uint8_t **aCurveParam, const uint8_t **bCurveParam, int size)
const uint8_t **aCurveParam, const uint8_t **bCurveParam, const uint8_t *prime,
int size)
{
switch(size) {
switch (size) {
#ifdef ECC256
case 32:
*modulus = ltc_ecc256_modulus;
*r2modn = ltc_ecc256_r2modn;
*aCurveParam = ltc_ecc256_aCurveParam;
*bCurveParam = ltc_ecc256_bCurveParam;
#ifndef NO_ECC_SECP
if (XMEMCMP(prime, ltc_secp256r1_modulus, size) == 0) {
*modulus = ltc_secp256r1_modulus;
*r2modn = ltc_secp256r1_r2modn;
*aCurveParam = ltc_secp256r1_aCurveParam;
*bCurveParam = ltc_secp256r1_bCurveParam;
return 0;
}
#endif
#ifdef HAVE_ECC_KOBLITZ
if (XMEMCMP(prime, ltc_secp256k1_modulus, size) == 0) {
*modulus = ltc_secp256k1_modulus;
*r2modn = ltc_secp256k1_r2modn;
*aCurveParam = ltc_secp256k1_aCurveParam;
*bCurveParam = ltc_secp256k1_bCurveParam;
return 0;
}
#endif
break;
#endif /* ECC256 */
#ifdef ECC224
case 28:
*modulus = ltc_ecc224_modulus;
*r2modn = ltc_ecc224_r2modn;
*aCurveParam = ltc_ecc224_aCurveParam;
*bCurveParam = ltc_ecc224_bCurveParam;
break;
#ifndef NO_ECC_SECP
if (XMEMCMP(prime, ltc_secp224r1_modulus, size) == 0) {
*modulus = ltc_secp224r1_modulus;
*r2modn = ltc_secp224r1_r2modn;
*aCurveParam = ltc_secp224r1_aCurveParam;
*bCurveParam = ltc_secp224r1_bCurveParam;
return 0;
}
#endif
#ifdef HAVE_ECC_KOBLITZ
if (XMEMCMP(prime, ltc_secp224k1_modulus, size) == 0) {
*modulus = ltc_secp224k1_modulus;
*r2modn = ltc_secp224k1_r2modn;
*aCurveParam = ltc_secp224k1_aCurveParam;
*bCurveParam = ltc_secp224k1_bCurveParam;
return 0;
}
#endif
break;
#endif /* ECC224 */
#ifdef ECC192
case 24:
*modulus = ltc_ecc192_modulus;
*r2modn = ltc_ecc192_r2modn;
*aCurveParam = ltc_ecc192_aCurveParam;
*bCurveParam = ltc_ecc192_bCurveParam;
break;
#ifndef NO_ECC_SECP
if (XMEMCMP(prime, ltc_secp192r1_modulus, size) == 0) {
*modulus = ltc_secp192r1_modulus;
*r2modn = ltc_secp192r1_r2modn;
*aCurveParam = ltc_secp192r1_aCurveParam;
*bCurveParam = ltc_secp192r1_bCurveParam;
return 0;
}
#endif
#ifdef HAVE_ECC384
#ifdef HAVE_ECC_KOBLITZ
if (XMEMCMP(prime, ltc_secp192k1_modulus, size) == 0) {
*modulus = ltc_secp192k1_modulus;
*r2modn = ltc_secp192k1_r2modn;
*aCurveParam = ltc_secp192k1_aCurveParam;
*bCurveParam = ltc_secp192k1_bCurveParam;
return 0;
}
#endif
break;
#endif /* ECC192 */
#ifdef ECC384
case 48:
*modulus = ltc_ecc384_modulus;
*r2modn = ltc_ecc384_r2modn;
*aCurveParam = ltc_ecc384_aCurveParam;
*bCurveParam = ltc_ecc384_bCurveParam;
break;
#ifndef NO_ECC_SECP
if (XMEMCMP(prime, ltc_secp384r1_modulus, size) == 0) {
*modulus = ltc_secp384r1_modulus;
*r2modn = ltc_secp384r1_r2modn;
*aCurveParam = ltc_secp384r1_aCurveParam;
*bCurveParam = ltc_secp384r1_bCurveParam;
return 0;
}
#endif
break;
#endif /* ECC384 */
default:
return -1;
break;
}
return 0;
return -1;
}
/**
@@ -951,8 +1063,8 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
size = szModulus;
/* find LTC friendly parameters for the selected curve */
if (ltc_get_ecc_specs(&modbin, &r2modn, &aCurveParam, &bCurveParam,
size) != 0) {
if (ltc_get_ecc_specs(&modbin, &r2modn, &aCurveParam, &bCurveParam,
(const uint8_t *)modulus->dp, size) != 0) {
return ECC_BAD_ARG_E;
}
@@ -1024,7 +1136,7 @@ int wc_ecc_point_add(ecc_point *mG, ecc_point *mQ, ecc_point *mR, mp_int *m)
/* find LTC friendly parameters for the selected curve */
if (ltc_get_ecc_specs(&modbin, &r2modn, &aCurveParam, &bCurveParam,
size) != 0) {
(const uint8_t *)m->dp, size) != 0) {
res = ECC_BAD_ARG_E;
}
else {

10
wolfcrypt/test/test.c
View File

@@ -22876,6 +22876,7 @@ static int ecc_test_custom_curves(WC_RNG* rng)
#endif
/* test use of custom curve - using BRAINPOOLP256R1 for test */
#ifdef HAVE_ECC_BRAINPOOL
#ifndef WOLFSSL_ECC_CURVE_STATIC
WOLFSSL_SMALL_STACK_STATIC const ecc_oid_t ecc_oid_brainpoolp256r1[] = {
0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x07
@@ -22905,6 +22906,7 @@ static int ecc_test_custom_curves(WC_RNG* rng)
ecc_oid_brainpoolp256r1_sum, /* oid sum */
1, /* cofactor */
};
#endif /* HAVE_ECC_BRAINPOOL */
#ifdef WOLFSSL_SMALL_STACK
if (! key) {
@@ -22915,14 +22917,16 @@ static int ecc_test_custom_curves(WC_RNG* rng)
XMEMSET(key, 0, sizeof *key);
#ifdef HAVE_ECC_BRAINPOOL
ret = ecc_test_curve_size(rng, 0, ECC_TEST_VERIFY_COUNT, ECC_CURVE_DEF,
&ecc_dp_brainpool256r1);
if (ret != 0) {
printf("ECC test for custom curve failed! %d\n", ret);
goto done;
}
#endif
#if defined(HAVE_ECC_BRAINPOOL) || defined(HAVE_ECC_KOBLITZ)
#if defined(HAVE_ECC_BRAINPOOL) || defined(HAVE_ECC_KOBLITZ)
{
int curve_id;
#ifdef HAVE_ECC_BRAINPOOL
@@ -22937,7 +22941,7 @@ static int ecc_test_custom_curves(WC_RNG* rng)
goto done;
}
}
#endif
#endif
ret = wc_ecc_init_ex(key, HEAP_HINT, devId);
if (ret != 0) {
@@ -22962,6 +22966,8 @@ static int ecc_test_custom_curves(WC_RNG* rng)
wc_ecc_free(key);
#endif
(void)rng;
return ret;
}
#endif /* WOLFSSL_CUSTOM_CURVES */