]> git.ipfire.org Git - thirdparty/linux.git/blame - crypto/ecrdsa_defs.h
projects / thirdparty / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge tag 'trace-v6.7' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux...
[thirdparty/linux.git] / crypto / ecrdsa_defs.h
CommitLineData
0d7a7864
VC		 1/* SPDX-License-Identifier: GPL-2.0+ */
2/*
3 * Definitions of EC-RDSA Curve Parameters
4 *
5 * Copyright (c) 2019 Vitaly Chikunov <vt@altlinux.org>
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the Free
9 * Software Foundation; either version 2 of the License, or (at your option)
10 * any later version.
11 */
12
13#ifndef _CRYTO_ECRDSA_DEFS_H
14#define _CRYTO_ECRDSA_DEFS_H
15
a745d3ac 16#include <crypto/internal/ecc.h>
0d7a7864
VC		 17
18#define ECRDSA_MAX_SIG_SIZE (2 * 512 / 8)
19#define ECRDSA_MAX_DIGITS (512 / 64)
20
21/*
22 * EC-RDSA uses its own set of curves.
23 *
24 * cp256{a,b,c} curves first defined for GOST R 34.10-2001 in RFC 4357 (as
25 * 256-bit {A,B,C}-ParamSet), but inherited for GOST R 34.10-2012 and
26 * proposed for use in R 50.1.114-2016 and RFC 7836 as the 256-bit curves.
27 */
28/* OID_gostCPSignA 1.2.643.2.2.35.1 */
29static u64 cp256a_g_x[] = {
30 0x0000000000000001ull, 0x0000000000000000ull,
31 0x0000000000000000ull, 0x0000000000000000ull, };
32static u64 cp256a_g_y[] = {
33 0x22ACC99C9E9F1E14ull, 0x35294F2DDF23E3B1ull,
34 0x27DF505A453F2B76ull, 0x8D91E471E0989CDAull, };
35static u64 cp256a_p[] = { /* p = 2^256 - 617 */
36 0xFFFFFFFFFFFFFD97ull, 0xFFFFFFFFFFFFFFFFull,
37 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull };
38static u64 cp256a_n[] = {
39 0x45841B09B761B893ull, 0x6C611070995AD100ull,
40 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull };
41static u64 cp256a_a[] = { /* a = p - 3 */
42 0xFFFFFFFFFFFFFD94ull, 0xFFFFFFFFFFFFFFFFull,
43 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull };
44static u64 cp256a_b[] = {
45 0x00000000000000a6ull, 0x0000000000000000ull,
46 0x0000000000000000ull, 0x0000000000000000ull };
47
48static struct ecc_curve gost_cp256a = {
49 .name = "cp256a",
50 .g = {
51 .x = cp256a_g_x,
52 .y = cp256a_g_y,
53 .ndigits = 256 / 64,
54 },
55 .p = cp256a_p,
56 .n = cp256a_n,
57 .a = cp256a_a,
58 .b = cp256a_b
59};
60
61/* OID_gostCPSignB 1.2.643.2.2.35.2 */
62static u64 cp256b_g_x[] = {
63 0x0000000000000001ull, 0x0000000000000000ull,
64 0x0000000000000000ull, 0x0000000000000000ull, };
65static u64 cp256b_g_y[] = {
66 0x744BF8D717717EFCull, 0xC545C9858D03ECFBull,
67 0xB83D1C3EB2C070E5ull, 0x3FA8124359F96680ull, };
68static u64 cp256b_p[] = { /* p = 2^255 + 3225 */
69 0x0000000000000C99ull, 0x0000000000000000ull,
70 0x0000000000000000ull, 0x8000000000000000ull, };
71static u64 cp256b_n[] = {
72 0xE497161BCC8A198Full, 0x5F700CFFF1A624E5ull,
73 0x0000000000000001ull, 0x8000000000000000ull, };
74static u64 cp256b_a[] = { /* a = p - 3 */
75 0x0000000000000C96ull, 0x0000000000000000ull,
76 0x0000000000000000ull, 0x8000000000000000ull, };
77static u64 cp256b_b[] = {
78 0x2F49D4CE7E1BBC8Bull, 0xE979259373FF2B18ull,
79 0x66A7D3C25C3DF80Aull, 0x3E1AF419A269A5F8ull, };
80
81static struct ecc_curve gost_cp256b = {
82 .name = "cp256b",
83 .g = {
84 .x = cp256b_g_x,
85 .y = cp256b_g_y,
86 .ndigits = 256 / 64,
87 },
88 .p = cp256b_p,
89 .n = cp256b_n,
90 .a = cp256b_a,
91 .b = cp256b_b
92};
93
94/* OID_gostCPSignC 1.2.643.2.2.35.3 */
95static u64 cp256c_g_x[] = {
96 0x0000000000000000ull, 0x0000000000000000ull,
97 0x0000000000000000ull, 0x0000000000000000ull, };
98static u64 cp256c_g_y[] = {
99 0x366E550DFDB3BB67ull, 0x4D4DC440D4641A8Full,
100 0x3CBF3783CD08C0EEull, 0x41ECE55743711A8Cull, };
101static u64 cp256c_p[] = {
102 0x7998F7B9022D759Bull, 0xCF846E86789051D3ull,
103 0xAB1EC85E6B41C8AAull, 0x9B9F605F5A858107ull,
104 /* pre-computed value for Barrett's reduction */
105 0xedc283cdd217b5a2ull, 0xbac48fc06398ae59ull,
106 0x405384d55f9f3b73ull, 0xa51f176161f1d734ull,
107 0x0000000000000001ull, };
108static u64 cp256c_n[] = {
109 0xF02F3A6598980BB9ull, 0x582CA3511EDDFB74ull,
110 0xAB1EC85E6B41C8AAull, 0x9B9F605F5A858107ull, };
111static u64 cp256c_a[] = { /* a = p - 3 */
112 0x7998F7B9022D7598ull, 0xCF846E86789051D3ull,
113 0xAB1EC85E6B41C8AAull, 0x9B9F605F5A858107ull, };
114static u64 cp256c_b[] = {
115 0x000000000000805aull, 0x0000000000000000ull,
116 0x0000000000000000ull, 0x0000000000000000ull, };
117
118static struct ecc_curve gost_cp256c = {
119 .name = "cp256c",
120 .g = {
121 .x = cp256c_g_x,
122 .y = cp256c_g_y,
123 .ndigits = 256 / 64,
124 },
125 .p = cp256c_p,
126 .n = cp256c_n,
127 .a = cp256c_a,
128 .b = cp256c_b
129};
130
131/* tc512{a,b} curves first recommended in 2013 and then standardized in
132 * R 50.1.114-2016 and RFC 7836 for use with GOST R 34.10-2012 (as TC26
133 * 512-bit ParamSet{A,B}).
134 */
135/* OID_gostTC26Sign512A 1.2.643.7.1.2.1.2.1 */
136static u64 tc512a_g_x[] = {
137 0x0000000000000003ull, 0x0000000000000000ull,
138 0x0000000000000000ull, 0x0000000000000000ull,
139 0x0000000000000000ull, 0x0000000000000000ull,
140 0x0000000000000000ull, 0x0000000000000000ull, };
141static u64 tc512a_g_y[] = {
142 0x89A589CB5215F2A4ull, 0x8028FE5FC235F5B8ull,
143 0x3D75E6A50E3A41E9ull, 0xDF1626BE4FD036E9ull,
144 0x778064FDCBEFA921ull, 0xCE5E1C93ACF1ABC1ull,
145 0xA61B8816E25450E6ull, 0x7503CFE87A836AE3ull, };
146static u64 tc512a_p[] = { /* p = 2^512 - 569 */
147 0xFFFFFFFFFFFFFDC7ull, 0xFFFFFFFFFFFFFFFFull,
148 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
149 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
150 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull, };
151static u64 tc512a_n[] = {
152 0xCACDB1411F10B275ull, 0x9B4B38ABFAD2B85Dull,
153 0x6FF22B8D4E056060ull, 0x27E69532F48D8911ull,
154 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
155 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull, };
156static u64 tc512a_a[] = { /* a = p - 3 */
157 0xFFFFFFFFFFFFFDC4ull, 0xFFFFFFFFFFFFFFFFull,
158 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
159 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull,
160 0xFFFFFFFFFFFFFFFFull, 0xFFFFFFFFFFFFFFFFull, };
161static u64 tc512a_b[] = {
162 0x503190785A71C760ull, 0x862EF9D4EBEE4761ull,
163 0x4CB4574010DA90DDull, 0xEE3CB090F30D2761ull,
164 0x79BD081CFD0B6265ull, 0x34B82574761CB0E8ull,
165 0xC1BD0B2B6667F1DAull, 0xE8C2505DEDFC86DDull, };
166
167static struct ecc_curve gost_tc512a = {
168 .name = "tc512a",
169 .g = {
170 .x = tc512a_g_x,
171 .y = tc512a_g_y,
172 .ndigits = 512 / 64,
173 },
174 .p = tc512a_p,
175 .n = tc512a_n,
176 .a = tc512a_a,
177 .b = tc512a_b
178};
179
180/* OID_gostTC26Sign512B 1.2.643.7.1.2.1.2.2 */
181static u64 tc512b_g_x[] = {
182 0x0000000000000002ull, 0x0000000000000000ull,
183 0x0000000000000000ull, 0x0000000000000000ull,
184 0x0000000000000000ull, 0x0000000000000000ull,
185 0x0000000000000000ull, 0x0000000000000000ull, };
186static u64 tc512b_g_y[] = {
187 0x7E21340780FE41BDull, 0x28041055F94CEEECull,
188 0x152CBCAAF8C03988ull, 0xDCB228FD1EDF4A39ull,
189 0xBE6DD9E6C8EC7335ull, 0x3C123B697578C213ull,
190 0x2C071E3647A8940Full, 0x1A8F7EDA389B094Cull, };
191static u64 tc512b_p[] = { /* p = 2^511 + 111 */
192 0x000000000000006Full, 0x0000000000000000ull,
193 0x0000000000000000ull, 0x0000000000000000ull,
194 0x0000000000000000ull, 0x0000000000000000ull,
195 0x0000000000000000ull, 0x8000000000000000ull, };
196static u64 tc512b_n[] = {
197 0xC6346C54374F25BDull, 0x8B996712101BEA0Eull,
198 0xACFDB77BD9D40CFAull, 0x49A1EC142565A545ull,
199 0x0000000000000001ull, 0x0000000000000000ull,
200 0x0000000000000000ull, 0x8000000000000000ull, };
201static u64 tc512b_a[] = { /* a = p - 3 */
202 0x000000000000006Cull, 0x0000000000000000ull,
203 0x0000000000000000ull, 0x0000000000000000ull,
204 0x0000000000000000ull, 0x0000000000000000ull,
205 0x0000000000000000ull, 0x8000000000000000ull, };
206static u64 tc512b_b[] = {
207 0xFB8CCBC7C5140116ull, 0x50F78BEE1FA3106Eull,
208 0x7F8B276FAD1AB69Cull, 0x3E965D2DB1416D21ull,
209 0xBF85DC806C4B289Full, 0xB97C7D614AF138BCull,
210 0x7E3E06CF6F5E2517ull, 0x687D1B459DC84145ull, };
211
212static struct ecc_curve gost_tc512b = {
213 .name = "tc512b",
214 .g = {
215 .x = tc512b_g_x,
216 .y = tc512b_g_y,
217 .ndigits = 512 / 64,
218 },
219 .p = tc512b_p,
220 .n = tc512b_n,
221 .a = tc512b_a,
222 .b = tc512b_b
223};
224
225#endif
A mirror of Linus' kernel repository