~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/crypto/ecrdsa_defs.h

Version: ~ [ linux-6.11.5 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.58 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.114 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.169 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.228 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.284 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.322 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~ 
  1 /* SPDX-License-Identifier: GPL-2.0+ */
  2 /*
  3  * Definitions of EC-RDSA Curve Parameters
  4  *
  5  * Copyright (c) 2019 Vitaly Chikunov <vt@altlinux.org>
  6  *
  7  * This program is free software; you can redistribute it and/or modify it
  8  * under the terms of the GNU General Public License as published by the Free
  9  * Software Foundation; either version 2 of the License, or (at your option)
 10  * any later version.
 11  */
 12 
 13 #ifndef _CRYTO_ECRDSA_DEFS_H
 14 #define _CRYTO_ECRDSA_DEFS_H
 15 
 16 #include <crypto/internal/ecc.h>
 17 
 18 #define ECRDSA_MAX_SIG_SIZE (2 * 512 / 8)
 19 #define ECRDSA_MAX_DIGITS (512 / 64)
 20 
 21 /*
 22  * EC-RDSA uses its own set of curves.
 23  *
 24  * cp256{a,b,c} curves first defined for GOST R 34.10-2001 in RFC 4357 (as
 25  * 256-bit {A,B,C}-ParamSet), but inherited for GOST R 34.10-2012 and
 26  * proposed for use in R 50.1.114-2016 and RFC 7836 as the 256-bit curves.
 27  */
 28 /* OID_gostCPSignA 1.2.643.2.2.35.1 */
 29 static u64 cp256a_g_x[] = {
 30         0x0000000000000001ull, 0x0000000000000000ull,
 31         0x0000000000000000ull, 0x0000000000000000ull, };
 32 static u64 cp256a_g_y[] = {
 33         0x22ACC99C9E9F1E14ull, 0x35294F2DDF23E3B1ull,
 34         0x27DF505A453F2B76ull, 0x8D91E471E0989CDAull, };
 35 static u64 cp256a_p[] = { /* p = 2^256 - 617 */
 36         0xFFFFFFFFFFFFFD97ull, 0xFFFFFFFFFFFFFFFFull,
 37         0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull };
 38 static u64 cp256a_n[] = {
 39         0x45841B09B761B893ull, 0x6C611070995AD100ull,
 40         0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull };
 41 static u64 cp256a_a[] = { /* a = p - 3 */
 42         0xFFFFFFFFFFFFFD94ull, 0xFFFFFFFFFFFFFFFFull,
 43         0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull };
 44 static u64 cp256a_b[] = {
 45         0x00000000000000a6ull, 0x0000000000000000ull,
 46         0x0000000000000000ull, 0x0000000000000000ull };
 47 
 48 static struct ecc_curve gost_cp256a = {
 49         .name = "cp256a",
 50         .nbits = 256,
 51         .g = {
 52                 .x = cp256a_g_x,
 53                 .y = cp256a_g_y,
 54                 .ndigits = 256 / 64,
 55         },
 56         .p = cp256a_p,
 57         .n = cp256a_n,
 58         .a = cp256a_a,
 59         .b = cp256a_b
 60 };
 61 
 62 /* OID_gostCPSignB 1.2.643.2.2.35.2 */
 63 static u64 cp256b_g_x[] = {
 64         0x0000000000000001ull, 0x0000000000000000ull,
 65         0x0000000000000000ull, 0x0000000000000000ull, };
 66 static u64 cp256b_g_y[] = {
 67         0x744BF8D717717EFCull, 0xC545C9858D03ECFBull,
 68         0xB83D1C3EB2C070E5ull, 0x3FA8124359F96680ull, };
 69 static u64 cp256b_p[] = { /* p = 2^255 + 3225 */
 70         0x0000000000000C99ull, 0x0000000000000000ull,
 71         0x0000000000000000ull, 0x8000000000000000ull, };
 72 static u64 cp256b_n[] = {
 73         0xE497161BCC8A198Full, 0x5F700CFFF1A624E5ull,
 74         0x0000000000000001ull, 0x8000000000000000ull, };
 75 static u64 cp256b_a[] = { /* a = p - 3 */
 76         0x0000000000000C96ull, 0x0000000000000000ull,
 77         0x0000000000000000ull, 0x8000000000000000ull, };
 78 static u64 cp256b_b[] = {
 79         0x2F49D4CE7E1BBC8Bull, 0xE979259373FF2B18ull,
 80         0x66A7D3C25C3DF80Aull, 0x3E1AF419A269A5F8ull, };
 81 
 82 static struct ecc_curve gost_cp256b = {
 83         .name = "cp256b",
 84         .nbits = 256,
 85         .g = {
 86                 .x = cp256b_g_x,
 87                 .y = cp256b_g_y,
 88                 .ndigits = 256 / 64,
 89         },
 90         .p = cp256b_p,
 91         .n = cp256b_n,
 92         .a = cp256b_a,
 93         .b = cp256b_b
 94 };
 95 
 96 /* OID_gostCPSignC 1.2.643.2.2.35.3 */
 97 static u64 cp256c_g_x[] = {
 98         0x0000000000000000ull, 0x0000000000000000ull,
 99         0x0000000000000000ull, 0x0000000000000000ull, };
100 static u64 cp256c_g_y[] = {
101         0x366E550DFDB3BB67ull, 0x4D4DC440D4641A8Full,
102         0x3CBF3783CD08C0EEull, 0x41ECE55743711A8Cull, };
103 static u64 cp256c_p[] = {
104         0x7998F7B9022D759Bull, 0xCF846E86789051D3ull,
105         0xAB1EC85E6B41C8AAull, 0x9B9F605F5A858107ull,
106         /* pre-computed value for Barrett's reduction */
107         0xedc283cdd217b5a2ull, 0xbac48fc06398ae59ull,
108         0x405384d55f9f3b73ull, 0xa51f176161f1d734ull,
109         0x0000000000000001ull, };
110 static u64 cp256c_n[] = {
111         0xF02F3A6598980BB9ull, 0x582CA3511EDDFB74ull,
112         0xAB1EC85E6B41C8AAull, 0x9B9F605F5A858107ull, };
113 static u64 cp256c_a[] = { /* a = p - 3 */
114         0x7998F7B9022D7598ull, 0xCF846E86789051D3ull,
115         0xAB1EC85E6B41C8AAull, 0x9B9F605F5A858107ull, };
116 static u64 cp256c_b[] = {
117         0x000000000000805aull, 0x0000000000000000ull,
118         0x0000000000000000ull, 0x0000000000000000ull, };
119 
120 static struct ecc_curve gost_cp256c = {
121         .name = "cp256c",
122         .nbits = 256,
123         .g = {
124                 .x = cp256c_g_x,
125                 .y = cp256c_g_y,
126                 .ndigits = 256 / 64,
127         },
128         .p = cp256c_p,
129         .n = cp256c_n,
130         .a = cp256c_a,
131         .b = cp256c_b
132 };
133 
134 /* tc512{a,b} curves first recommended in 2013 and then standardized in
135  * R 50.1.114-2016 and RFC 7836 for use with GOST R 34.10-2012 (as TC26
136  * 512-bit ParamSet{A,B}).
137  */
138 /* OID_gostTC26Sign512A 1.2.643.7.1.2.1.2.1 */
139 static u64 tc512a_g_x[] = {
140         0x0000000000000003ull, 0x0000000000000000ull,
141         0x0000000000000000ull, 0x0000000000000000ull,
142         0x0000000000000000ull, 0x0000000000000000ull,
143         0x0000000000000000ull, 0x0000000000000000ull, };
144 static u64 tc512a_g_y[] = {
145         0x89A589CB5215F2A4ull, 0x8028FE5FC235F5B8ull,
146         0x3D75E6A50E3A41E9ull, 0xDF1626BE4FD036E9ull,
147         0x778064FDCBEFA921ull, 0xCE5E1C93ACF1ABC1ull,
148         0xA61B8816E25450E6ull, 0x7503CFE87A836AE3ull, };
149 static u64 tc512a_p[] = { /* p = 2^512 - 569 */
150         0xFFFFFFFFFFFFFDC7ull, 0xFFFFFFFFFFFFFFFFull,
151         0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
152         0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
153         0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull, };
154 static u64 tc512a_n[] = {
155         0xCACDB1411F10B275ull, 0x9B4B38ABFAD2B85Dull,
156         0x6FF22B8D4E056060ull, 0x27E69532F48D8911ull,
157         0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
158         0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull, };
159 static u64 tc512a_a[] = { /* a = p - 3 */
160         0xFFFFFFFFFFFFFDC4ull, 0xFFFFFFFFFFFFFFFFull,
161         0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
162         0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
163         0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull, };
164 static u64 tc512a_b[] = {
165         0x503190785A71C760ull, 0x862EF9D4EBEE4761ull,
166         0x4CB4574010DA90DDull, 0xEE3CB090F30D2761ull,
167         0x79BD081CFD0B6265ull, 0x34B82574761CB0E8ull,
168         0xC1BD0B2B6667F1DAull, 0xE8C2505DEDFC86DDull, };
169 
170 static struct ecc_curve gost_tc512a = {
171         .name = "tc512a",
172         .nbits = 512,
173         .g = {
174                 .x = tc512a_g_x,
175                 .y = tc512a_g_y,
176                 .ndigits = 512 / 64,
177         },
178         .p = tc512a_p,
179         .n = tc512a_n,
180         .a = tc512a_a,
181         .b = tc512a_b
182 };
183 
184 /* OID_gostTC26Sign512B 1.2.643.7.1.2.1.2.2 */
185 static u64 tc512b_g_x[] = {
186         0x0000000000000002ull, 0x0000000000000000ull,
187         0x0000000000000000ull, 0x0000000000000000ull,
188         0x0000000000000000ull, 0x0000000000000000ull,
189         0x0000000000000000ull, 0x0000000000000000ull, };
190 static u64 tc512b_g_y[] = {
191         0x7E21340780FE41BDull, 0x28041055F94CEEECull,
192         0x152CBCAAF8C03988ull, 0xDCB228FD1EDF4A39ull,
193         0xBE6DD9E6C8EC7335ull, 0x3C123B697578C213ull,
194         0x2C071E3647A8940Full, 0x1A8F7EDA389B094Cull, };
195 static u64 tc512b_p[] = { /* p = 2^511 + 111 */
196         0x000000000000006Full, 0x0000000000000000ull,
197         0x0000000000000000ull, 0x0000000000000000ull,
198         0x0000000000000000ull, 0x0000000000000000ull,
199         0x0000000000000000ull, 0x8000000000000000ull, };
200 static u64 tc512b_n[] = {
201         0xC6346C54374F25BDull, 0x8B996712101BEA0Eull,
202         0xACFDB77BD9D40CFAull, 0x49A1EC142565A545ull,
203         0x0000000000000001ull, 0x0000000000000000ull,
204         0x0000000000000000ull, 0x8000000000000000ull, };
205 static u64 tc512b_a[] = { /* a = p - 3 */
206         0x000000000000006Cull, 0x0000000000000000ull,
207         0x0000000000000000ull, 0x0000000000000000ull,
208         0x0000000000000000ull, 0x0000000000000000ull,
209         0x0000000000000000ull, 0x8000000000000000ull, };
210 static u64 tc512b_b[] = {
211         0xFB8CCBC7C5140116ull, 0x50F78BEE1FA3106Eull,
212         0x7F8B276FAD1AB69Cull, 0x3E965D2DB1416D21ull,
213         0xBF85DC806C4B289Full, 0xB97C7D614AF138BCull,
214         0x7E3E06CF6F5E2517ull, 0x687D1B459DC84145ull, };
215 
216 static struct ecc_curve gost_tc512b = {
217         .name = "tc512b",
218         .nbits = 512,
219         .g = {
220                 .x = tc512b_g_x,
221                 .y = tc512b_g_y,
222                 .ndigits = 512 / 64,
223         },
224         .p = tc512b_p,
225         .n = tc512b_n,
226         .a = tc512b_a,
227         .b = tc512b_b
228 };
229 
230 #endif
231
~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~
kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php