Commit abfaf8be authored by Dmitry Baryshkov's avatar Dmitry Baryshkov Committed by Niels Möller

ecc: rename source files with curves data

In preparation to adding GOST curves support, rename source files and
use curve name as eccdata parameter.
Signed-off-by: Dmitry Baryshkov's avatarDmitry Eremin-Solenikov <dbaryshkov@gmail.com>
parent aedc4a3c
...@@ -43,13 +43,13 @@ core ...@@ -43,13 +43,13 @@ core
/keymap.h /keymap.h
/parity.h /parity.h
/rotors.h /rotors.h
/ecc-192.h /ecc-curve25519.h
/ecc-224.h /ecc-curve448.h
/ecc-256.h /ecc-secp192r1.h
/ecc-384.h /ecc-secp224r1.h
/ecc-521.h /ecc-secp256r1.h
/ecc-25519.h /ecc-secp384r1.h
/ecc-448.h /ecc-secp521r1.h
/version.h /version.h
/nettle.aux /nettle.aux
/nettle.cp /nettle.cp
......
...@@ -175,8 +175,9 @@ hogweed_SOURCES = sexp.c sexp-format.c \ ...@@ -175,8 +175,9 @@ hogweed_SOURCES = sexp.c sexp-format.c \
gmp-glue.c cnd-copy.c \ gmp-glue.c cnd-copy.c \
ecc-mod.c ecc-mod-inv.c \ ecc-mod.c ecc-mod-inv.c \
ecc-mod-arith.c ecc-pp1-redc.c ecc-pm1-redc.c \ ecc-mod-arith.c ecc-pp1-redc.c ecc-pm1-redc.c \
ecc-192.c ecc-224.c ecc-256.c ecc-384.c ecc-521.c \ ecc-curve25519.c ecc-curve448.c \
ecc-25519.c ecc-448.c \ ecc-secp192r1.c ecc-secp224r1.c ecc-secp256r1.c \
ecc-secp384r1.c ecc-secp521r1.c \
ecc-size.c ecc-j-to-a.c ecc-a-to-j.c \ ecc-size.c ecc-j-to-a.c ecc-a-to-j.c \
ecc-dup-jj.c ecc-add-jja.c ecc-add-jjj.c \ ecc-dup-jj.c ecc-add-jja.c ecc-add-jjj.c \
ecc-eh-to-a.c \ ecc-eh-to-a.c \
...@@ -350,24 +351,24 @@ des.$(OBJEXT): des.c des.h $(des_headers) ...@@ -350,24 +351,24 @@ des.$(OBJEXT): des.c des.h $(des_headers)
# k = 14, c = 7, S = 256, T = 42 ( 28 A + 14 D) 12 KB # k = 14, c = 7, S = 256, T = 42 ( 28 A + 14 D) 12 KB
# k = 11, c = 6, S = 192, T = 44 ( 33 A + 11 D) 9 KB # k = 11, c = 6, S = 192, T = 44 ( 33 A + 11 D) 9 KB
# k = 16, c = 6, S = 128, T = 48 ( 32 A + 16 D) 6 KB # k = 16, c = 6, S = 128, T = 48 ( 32 A + 16 D) 6 KB
ecc-192.h: eccdata.stamp ecc-secp192r1.h: eccdata.stamp
./eccdata$(EXEEXT_FOR_BUILD) 192 8 6 $(NUMB_BITS) > $@T && mv $@T $@ ./eccdata$(EXEEXT_FOR_BUILD) secp192r1 8 6 $(NUMB_BITS) > $@T && mv $@T $@
# Some reasonable choices for 224: # Some reasonable choices for 224:
# k = 16, c = 7, S = 256, T = 48 ( 32 A + 16 D) ~16 KB # k = 16, c = 7, S = 256, T = 48 ( 32 A + 16 D) ~16 KB
# k = 10, c = 6, S = 256, T = 50 ( 40 A + 10 D) ~16 KB # k = 10, c = 6, S = 256, T = 50 ( 40 A + 10 D) ~16 KB
# k = 13, c = 6, S = 192, T = 52 ( 39 A + 13 D) ~12 KB # k = 13, c = 6, S = 192, T = 52 ( 39 A + 13 D) ~12 KB
# k = 9, c = 5, S = 160, T = 54 ( 45 A + 9 D) ~10 KB # k = 9, c = 5, S = 160, T = 54 ( 45 A + 9 D) ~10 KB
ecc-224.h: eccdata.stamp ecc-secp224r1.h: eccdata.stamp
./eccdata$(EXEEXT_FOR_BUILD) 224 16 7 $(NUMB_BITS) > $@T && mv $@T $@ ./eccdata$(EXEEXT_FOR_BUILD) secp224r1 16 7 $(NUMB_BITS) > $@T && mv $@T $@
# Some reasonable choices for 256: # Some reasonable choices for 256:
# k = 9, c = 6, S = 320, T = 54 ( 45 A + 9 D) 20 KB # k = 9, c = 6, S = 320, T = 54 ( 45 A + 9 D) 20 KB
# k = 11, c = 6, S = 256, T = 55 ( 44 A + 11 D) 16 KB # k = 11, c = 6, S = 256, T = 55 ( 44 A + 11 D) 16 KB
# k = 19, c = 7, S = 256, T = 57 ( 38 A + 19 D) 16 KB # k = 19, c = 7, S = 256, T = 57 ( 38 A + 19 D) 16 KB
# k = 15, c = 6, S = 192, T = 60 ( 45 A + 15 D) 12 KB # k = 15, c = 6, S = 192, T = 60 ( 45 A + 15 D) 12 KB
ecc-256.h: eccdata.stamp ecc-secp256r1.h: eccdata.stamp
./eccdata$(EXEEXT_FOR_BUILD) 256 11 6 $(NUMB_BITS) > $@T && mv $@T $@ ./eccdata$(EXEEXT_FOR_BUILD) secp256r1 11 6 $(NUMB_BITS) > $@T && mv $@T $@
# Some reasonable choices for 384: # Some reasonable choices for 384:
# k = 16, c = 6, S = 256, T = 80 ( 64 A + 16 D) 24 KB # k = 16, c = 6, S = 256, T = 80 ( 64 A + 16 D) 24 KB
...@@ -377,35 +378,35 @@ ecc-256.h: eccdata.stamp ...@@ -377,35 +378,35 @@ ecc-256.h: eccdata.stamp
# k = 13, c = 5, S = 192, T = 91 ( 78 A + 13 D) 18 KB # k = 13, c = 5, S = 192, T = 91 ( 78 A + 13 D) 18 KB
# k = 16, c = 5, S = 160, T = 96 ( 80 A + 16 D) 15 KB # k = 16, c = 5, S = 160, T = 96 ( 80 A + 16 D) 15 KB
# k = 32, c = 6, S = 128, T = 96 ( 64 A + 32 D) 12 KB # k = 32, c = 6, S = 128, T = 96 ( 64 A + 32 D) 12 KB
ecc-384.h: eccdata.stamp ecc-secp384r1.h: eccdata.stamp
./eccdata$(EXEEXT_FOR_BUILD) 384 32 6 $(NUMB_BITS) > $@T && mv $@T $@ ./eccdata$(EXEEXT_FOR_BUILD) secp384r1 32 6 $(NUMB_BITS) > $@T && mv $@T $@
# Some reasonable choices for 521: # Some reasonable choices for 521:
# k = 29, c = 6, S = 192, T = 116 ( 87 A + 29 D) ~27 KB # k = 29, c = 6, S = 192, T = 116 ( 87 A + 29 D) ~27 KB
# k = 21, c = 5, S = 160, T = 126 (105 A + 21 D) ~23 KB # k = 21, c = 5, S = 160, T = 126 (105 A + 21 D) ~23 KB
# k = 44, c = 6, S = 128, T = 132 ( 88 A + 44 D) ~18 KB # k = 44, c = 6, S = 128, T = 132 ( 88 A + 44 D) ~18 KB
# k = 35, c = 5, S = 96, T = 140 (105 A + 35 D) ~14 KB # k = 35, c = 5, S = 96, T = 140 (105 A + 35 D) ~14 KB
ecc-521.h: eccdata.stamp ecc-secp521r1.h: eccdata.stamp
./eccdata$(EXEEXT_FOR_BUILD) 521 44 6 $(NUMB_BITS) > $@T && mv $@T $@ ./eccdata$(EXEEXT_FOR_BUILD) secp521r1 44 6 $(NUMB_BITS) > $@T && mv $@T $@
# Parameter choices mostly the same as for ecc-256.h. # Parameter choices mostly the same as for ecc-secp256r1.h.
ecc-25519.h: eccdata.stamp ecc-curve25519.h: eccdata.stamp
./eccdata$(EXEEXT_FOR_BUILD) 255 11 6 $(NUMB_BITS) > $@T && mv $@T $@ ./eccdata$(EXEEXT_FOR_BUILD) curve25519 11 6 $(NUMB_BITS) > $@T && mv $@T $@
ecc-448.h: eccdata.stamp ecc-curve448.h: eccdata.stamp
./eccdata$(EXEEXT_FOR_BUILD) 448 38 6 $(NUMB_BITS) > $@T && mv $@T $@ ./eccdata$(EXEEXT_FOR_BUILD) curve448 38 6 $(NUMB_BITS) > $@T && mv $@T $@
eccdata.stamp: eccdata.c eccdata.stamp: eccdata.c
$(MAKE) eccdata$(EXEEXT_FOR_BUILD) $(MAKE) eccdata$(EXEEXT_FOR_BUILD)
echo stamp > eccdata.stamp echo stamp > eccdata.stamp
ecc-192.$(OBJEXT): ecc-192.h ecc-curve25519.$(OBJEXT): ecc-curve25519.h
ecc-224.$(OBJEXT): ecc-224.h ecc-curve448.$(OBJEXT): ecc-curve448.h
ecc-256.$(OBJEXT): ecc-256.h ecc-secp192r1.$(OBJEXT): ecc-secp192r1.h
ecc-384.$(OBJEXT): ecc-384.h ecc-secp224r1.$(OBJEXT): ecc-secp224r1.h
ecc-521.$(OBJEXT): ecc-521.h ecc-secp256r1.$(OBJEXT): ecc-secp256r1.h
ecc-25519.$(OBJEXT): ecc-25519.h ecc-secp384r1.$(OBJEXT): ecc-secp384r1.h
ecc-448.$(OBJEXT): ecc-448.h ecc-secp521r1.$(OBJEXT): ecc-secp521r1.h
.asm.$(OBJEXT): $(srcdir)/asm.m4 machine.m4 config.m4 .asm.$(OBJEXT): $(srcdir)/asm.m4 machine.m4 config.m4
$(M4) $(srcdir)/asm.m4 machine.m4 config.m4 $< >$*.s $(M4) $(srcdir)/asm.m4 machine.m4 config.m4 $< >$*.s
...@@ -658,8 +659,9 @@ distcheck: dist ...@@ -658,8 +659,9 @@ distcheck: dist
clean-here: clean-here:
-rm -f $(TARGETS) *.$(OBJEXT) *.s *.so *.dll *.a \ -rm -f $(TARGETS) *.$(OBJEXT) *.s *.so *.dll *.a \
ecc-192.h ecc-224.h ecc-256.h ecc-384.h ecc-521.h ecc-25519.h \ ecc-curve25519.h ecc-curve448.h \
ecc-448.h \ ecc-secp192r1.h ecc-secp224r1.h ecc-secp256r1.h \
ecc-secp384r1.h ecc-secp521r1.h \
aesdata$(EXEEXT_FOR_BUILD) \ aesdata$(EXEEXT_FOR_BUILD) \
desdata$(EXEEXT_FOR_BUILD) \ desdata$(EXEEXT_FOR_BUILD) \
twofishdata$(EXEEXT_FOR_BUILD) \ twofishdata$(EXEEXT_FOR_BUILD) \
......
C arm/ecc-192-modp.asm C arm/ecc-secp192r1-modp.asm
ifelse(< ifelse(<
Copyright (C) 2013 Niels Möller Copyright (C) 2013 Niels Möller
...@@ -30,7 +30,7 @@ ifelse(< ...@@ -30,7 +30,7 @@ ifelse(<
not, see http://www.gnu.org/licenses/. not, see http://www.gnu.org/licenses/.
>) >)
.file "ecc-192-modp.asm" .file "ecc-secp192r1-modp.asm"
.arm .arm
define(<HP>, <r0>) C Overlaps unused modulo argument define(<HP>, <r0>) C Overlaps unused modulo argument
......
C arm/ecc-224-modp.asm C arm/ecc-secp224r1-modp.asm
ifelse(< ifelse(<
Copyright (C) 2013 Niels Möller Copyright (C) 2013 Niels Möller
...@@ -30,7 +30,7 @@ ifelse(< ...@@ -30,7 +30,7 @@ ifelse(<
not, see http://www.gnu.org/licenses/. not, see http://www.gnu.org/licenses/.
>) >)
.file "ecc-224-modp.asm" .file "ecc-secp224r1-modp.asm"
.arm .arm
define(<RP>, <r1>) define(<RP>, <r1>)
......
C arm/ecc-256-redc.asm C arm/ecc-secp256r1-redc.asm
ifelse(< ifelse(<
Copyright (C) 2013 Niels Möller Copyright (C) 2013 Niels Möller
...@@ -30,7 +30,7 @@ ifelse(< ...@@ -30,7 +30,7 @@ ifelse(<
not, see http://www.gnu.org/licenses/. not, see http://www.gnu.org/licenses/.
>) >)
.file "ecc-256-redc.asm" .file "ecc-secp256r1-redc.asm"
.arm .arm
define(<RP>, <r1>) define(<RP>, <r1>)
......
C arm/ecc-384-modp.asm C arm/ecc-secp384r1-modp.asm
ifelse(< ifelse(<
Copyright (C) 2013 Niels Möller Copyright (C) 2013 Niels Möller
...@@ -30,7 +30,7 @@ ifelse(< ...@@ -30,7 +30,7 @@ ifelse(<
not, see http://www.gnu.org/licenses/. not, see http://www.gnu.org/licenses/.
>) >)
.file "ecc-384-modp.asm" .file "ecc-secp384r1-modp.asm"
.arm .arm
define(<RP>, <r1>) define(<RP>, <r1>)
......
C arm/ecc-521-modp.asm C arm/ecc-secp521r1-modp.asm
ifelse(< ifelse(<
Copyright (C) 2013 Niels Möller Copyright (C) 2013 Niels Möller
...@@ -30,7 +30,7 @@ ifelse(< ...@@ -30,7 +30,7 @@ ifelse(<
not, see http://www.gnu.org/licenses/. not, see http://www.gnu.org/licenses/.
>) >)
.file "ecc-521-modp.asm" .file "ecc-secp521r1-modp.asm"
.arm .arm
define(<HP>, <r0>) define(<HP>, <r0>)
......
...@@ -475,9 +475,9 @@ asm_nettle_optional_list="gcm-hash8.asm cpuid.asm \ ...@@ -475,9 +475,9 @@ asm_nettle_optional_list="gcm-hash8.asm cpuid.asm \
asm_hogweed_optional_list="" asm_hogweed_optional_list=""
if test "x$enable_public_key" = "xyes" ; then if test "x$enable_public_key" = "xyes" ; then
asm_hogweed_optional_list="ecc-192-modp.asm ecc-224-modp.asm \ asm_hogweed_optional_list="ecc-secp192r1-modp.asm ecc-secp224r1-modp.asm \
ecc-256-redc.asm ecc-384-modp.asm ecc-521-modp.asm \ ecc-secp256r1-redc.asm ecc-secp384r1-modp.asm ecc-secp521r1-modp.asm \
ecc-25519-modp.asm ecc-curve448-modp.asm" ecc-curve25519-modp.asm ecc-curve448-modp.asm"
fi fi
OPT_NETTLE_OBJS="" OPT_NETTLE_OBJS=""
......
/* ecc-25519.c /* ecc-curve25519.c
Arithmetic and tables for curve25519, Arithmetic and tables for curve25519,
...@@ -42,7 +42,7 @@ ...@@ -42,7 +42,7 @@
#define USE_REDC 0 #define USE_REDC 0
#include "ecc-25519.h" #include "ecc-curve25519.h"
#define PHIGH_BITS (GMP_NUMB_BITS * ECC_LIMB_SIZE - 255) #define PHIGH_BITS (GMP_NUMB_BITS * ECC_LIMB_SIZE - 255)
......
/* ecc-448.c /* ecc-curve448.c
Arithmetic and tables for curve448, Arithmetic and tables for curve448,
...@@ -43,7 +43,7 @@ ...@@ -43,7 +43,7 @@
#define USE_REDC 0 #define USE_REDC 0
#include "ecc-448.h" #include "ecc-curve448.h"
#if HAVE_NATIVE_ecc_curve448_modp #if HAVE_NATIVE_ecc_curve448_modp
#define ecc_448_modp nettle_ecc_curve448_modp #define ecc_448_modp nettle_ecc_curve448_modp
......
/* ecc-192.c /* ecc-secp192r1.c
Compile time constant (but machine dependent) tables. Compile time constant (but machine dependent) tables.
...@@ -46,7 +46,7 @@ ...@@ -46,7 +46,7 @@
#define USE_REDC 0 #define USE_REDC 0
#include "ecc-192.h" #include "ecc-secp192r1.h"
#if HAVE_NATIVE_ecc_192_modp #if HAVE_NATIVE_ecc_192_modp
......
/* ecc-224.c /* ecc-secp224r1.c
Compile time constant (but machine dependent) tables. Compile time constant (but machine dependent) tables.
...@@ -52,7 +52,7 @@ ecc_224_modp (const struct ecc_modulo *m, mp_limb_t *rp); ...@@ -52,7 +52,7 @@ ecc_224_modp (const struct ecc_modulo *m, mp_limb_t *rp);
#define ecc_224_modp ecc_mod #define ecc_224_modp ecc_mod
#endif #endif
#include "ecc-224.h" #include "ecc-secp224r1.h"
#if ECC_REDC_SIZE < 0 #if ECC_REDC_SIZE < 0
# define ecc_224_redc ecc_pm1_redc # define ecc_224_redc ecc_pm1_redc
......
/* ecc-256.c /* ecc-secp256r1.c
Compile time constant (but machine dependent) tables. Compile time constant (but machine dependent) tables.
...@@ -48,7 +48,7 @@ ...@@ -48,7 +48,7 @@
# define USE_REDC (ECC_REDC_SIZE != 0) # define USE_REDC (ECC_REDC_SIZE != 0)
#endif #endif
#include "ecc-256.h" #include "ecc-secp256r1.h"
#if HAVE_NATIVE_ecc_256_redc #if HAVE_NATIVE_ecc_256_redc
# define ecc_256_redc nettle_ecc_256_redc # define ecc_256_redc nettle_ecc_256_redc
......
/* ecc-384.c /* ecc-secp384r1.c
Compile time constant (but machine dependent) tables. Compile time constant (but machine dependent) tables.
...@@ -44,7 +44,7 @@ ...@@ -44,7 +44,7 @@
#define USE_REDC 0 #define USE_REDC 0
#include "ecc-384.h" #include "ecc-secp384r1.h"
#if HAVE_NATIVE_ecc_384_modp #if HAVE_NATIVE_ecc_384_modp
#define ecc_384_modp nettle_ecc_384_modp #define ecc_384_modp nettle_ecc_384_modp
......
/* ecc-521.c /* ecc-secp521r1.c
Compile time constant (but machine dependent) tables. Compile time constant (but machine dependent) tables.
...@@ -42,7 +42,7 @@ ...@@ -42,7 +42,7 @@
#define USE_REDC 0 #define USE_REDC 0
#include "ecc-521.h" #include "ecc-secp521r1.h"
#if HAVE_NATIVE_ecc_521_modp #if HAVE_NATIVE_ecc_521_modp
#define ecc_521_modp nettle_ecc_521_modp #define ecc_521_modp nettle_ecc_521_modp
......
...@@ -432,11 +432,10 @@ ecc_curve_init_str (struct ecc_curve *ecc, enum ecc_type type, ...@@ -432,11 +432,10 @@ ecc_curve_init_str (struct ecc_curve *ecc, enum ecc_type type,
} }
static void static void
ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size) ecc_curve_init (struct ecc_curve *ecc, const char *curve)
{ {
switch (bit_size) if (!strcmp (curve, "secp192r1"))
{ {
case 192:
ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS, ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS,
/* p = 2^{192} - 2^{64} - 1 */ /* p = 2^{192} - 2^{64} - 1 */
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE"
...@@ -466,8 +465,9 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size) ...@@ -466,8 +465,9 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size)
"35433907297cc378b0015703374729d7a4fe46647084e4ba", "35433907297cc378b0015703374729d7a4fe46647084e4ba",
"a2649984f2135c301ea3acb0776cd4f125389b311db3be32"); "a2649984f2135c301ea3acb0776cd4f125389b311db3be32");
break; }
case 224: else if (!strcmp (curve, "secp224r1"))
{
ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS, ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS,
/* p = 2^{224} - 2^{96} + 1 */ /* p = 2^{224} - 2^{96} + 1 */
"ffffffffffffffffffffffffffffffff" "ffffffffffffffffffffffffffffffff"
...@@ -498,8 +498,9 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size) ...@@ -498,8 +498,9 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size)
"ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301", "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301",
"482580a0ec5bc47e88bc8c378632cd196cb3fa058a7114eb03054c9"); "482580a0ec5bc47e88bc8c378632cd196cb3fa058a7114eb03054c9");
break; }
case 256: else if (!strcmp (curve, "secp256r1"))
{
ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS, ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS,
/* p = 2^{256} - 2^{224} + 2^{192} + 2^{96} - 1 */ /* p = 2^{256} - 2^{224} + 2^{192} + 2^{96} - 1 */
"FFFFFFFF000000010000000000000000" "FFFFFFFF000000010000000000000000"
...@@ -530,8 +531,9 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size) ...@@ -530,8 +531,9 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size)
"e2534a3532d08fbba02dde659ee62bd0031fe2db785596ef509302446b030852", "e2534a3532d08fbba02dde659ee62bd0031fe2db785596ef509302446b030852",
"e0f1575a4c633cc719dfee5fda862d764efc96c3f30ee0055c42c23f184ed8c6"); "e0f1575a4c633cc719dfee5fda862d764efc96c3f30ee0055c42c23f184ed8c6");
break; }
case 384: else if (!strcmp (curve, "secp384r1"))
{
ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS, ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS,
/* p = 2^{384} - 2^{128} - 2^{96} + 2^{32} - 1 */ /* p = 2^{384} - 2^{128} - 2^{96} + 2^{32} - 1 */
"ffffffffffffffffffffffffffffffff" "ffffffffffffffffffffffffffffffff"
...@@ -567,8 +569,9 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size) ...@@ -567,8 +569,9 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size)
"138251cd52ac9298c1c8aad977321deb97e709bd0b4ca0aca55dc8ad51dcfc9d1589a1597e3a5120e1efd631c63e1835", "138251cd52ac9298c1c8aad977321deb97e709bd0b4ca0aca55dc8ad51dcfc9d1589a1597e3a5120e1efd631c63e1835",
"cacae29869a62e1631e8a28181ab56616dc45d918abc09f3ab0e63cf792aa4dced7387be37bba569549f1c02b270ed67"); "cacae29869a62e1631e8a28181ab56616dc45d918abc09f3ab0e63cf792aa4dced7387be37bba569549f1c02b270ed67");
break; }
case 521: else if (!strcmp (curve, "secp521r1"))
{
ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS, ecc_curve_init_str (ecc, ECC_TYPE_WEIERSTRASS,
"1ff" /* p = 2^{521} - 1 */ "1ff" /* p = 2^{521} - 1 */
"ffffffffffffffffffffffffffffffff" "ffffffffffffffffffffffffffffffff"
...@@ -613,9 +616,15 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size) ...@@ -613,9 +616,15 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size)
"35b5df64ae2ac204c354b483487c9070cdc61c891c5ff39afc06c5d55541d3ceac8659e24afe3d0750e8b88e9f078af066a1d5025b08e5a5e2fbc87412871902f3", "35b5df64ae2ac204c354b483487c9070cdc61c891c5ff39afc06c5d55541d3ceac8659e24afe3d0750e8b88e9f078af066a1d5025b08e5a5e2fbc87412871902f3",
"82096f84261279d2b673e0178eb0b4abb65521aef6e6e32e1b5ae63fe2f19907f279f283e54ba385405224f750a95b85eebb7faef04699d1d9e21f47fc346e4d0d"); "82096f84261279d2b673e0178eb0b4abb65521aef6e6e32e1b5ae63fe2f19907f279f283e54ba385405224f750a95b85eebb7faef04699d1d9e21f47fc346e4d0d");
break; }
case 255: else if (!strcmp (curve, "curve25519"))
/* Edwards curve used for eddsa25519 and curve25519, {
/* curve25519, y^2 = x^3 + 486662 x^2 + x (mod p), with p = 2^{255} - 19.
According to http://cr.yp.to/papers.html#newelliptic, this
is birationally equivalent to the Edwards curve
x^2 + y^2 = 1 + (121665/121666) x^2 y^2 (mod p).
-x^2 + y^2 = 1 - (121665/121666) x^2 y^2, with p = 2^{255} - 19. -x^2 + y^2 = 1 - (121665/121666) x^2 y^2, with p = 2^{255} - 19.
...@@ -664,9 +673,9 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size) ...@@ -664,9 +673,9 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size)
"1a739ec193ce1547493aa657c4c9f870", "1a739ec193ce1547493aa657c4c9f870",
"47d0e827cb1595e1470eb88580d5716c" "47d0e827cb1595e1470eb88580d5716c"
"4cf22832ea2f0ff0df38ab61ca32112f"); "4cf22832ea2f0ff0df38ab61ca32112f");
break; }
else if (!strcmp (curve, "curve448"))
case 448: {
/* curve448, y^2 = x^3 + 156326 x^2 + x (mod p), with p = 2^{448} - 2^{224} - 1. /* curve448, y^2 = x^3 + 156326 x^2 + x (mod p), with p = 2^{448} - 2^{224} - 1.
According to RFC 7748, this is 4-isogenious to the Edwards According to RFC 7748, this is 4-isogenious to the Edwards
...@@ -745,14 +754,13 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size) ...@@ -745,14 +754,13 @@ ecc_curve_init (struct ecc_curve *ecc, unsigned bit_size)
"9cb7c02f0457d845c90dc3227b8a5bc1" "9cb7c02f0457d845c90dc3227b8a5bc1"
"c0d8f97ea1ca9472b5d444285d0d4f5b" "c0d8f97ea1ca9472b5d444285d0d4f5b"
"32e236f86de51839"); "32e236f86de51839");
}
break; else
{
default: fprintf (stderr, "No known curve with name %s\n", curve);
fprintf (stderr, "No known curve for size %d\n", bit_size);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
ecc->bit_size = bit_size; ecc->bit_size = mpz_sizeinbase (ecc->p, 2);
} }
static void static void
...@@ -1312,7 +1320,7 @@ main (int argc, char **argv) ...@@ -1312,7 +1320,7 @@ main (int argc, char **argv)
return EXIT_FAILURE; return EXIT_FAILURE;
} }
ecc_curve_init (&ecc, atoi(argv[1])); ecc_curve_init (&ecc, argv[1]);
ecc_pippenger_precompute (&ecc, atoi(argv[2]), atoi(argv[3])); ecc_pippenger_precompute (&ecc, atoi(argv[2]), atoi(argv[3]));
......
C x86_64/ecc-192-modp.asm C x86_64/ecc-secp192r1-modp.asm
ifelse(< ifelse(<
Copyright (C) 2013 Niels Möller Copyright (C) 2013 Niels Möller
...@@ -30,7 +30,7 @@ ifelse(< ...@@ -30,7 +30,7 @@ ifelse(<
not, see http://www.gnu.org/licenses/. not, see http://www.gnu.org/licenses/.
>) >)
.file "ecc-192-modp.asm" .file "ecc-secp192r1-modp.asm"
define(<RP>, <%rsi>) define(<RP>, <%rsi>)
define(<T0>, <%rdi>) C Overlaps unused modulo input define(<T0>, <%rdi>) C Overlaps unused modulo input
......
C x86_64/ecc-224-modp.asm C x86_64/ecc-secp224r1-modp.asm
ifelse(< ifelse(<
Copyright (C) 2013 Niels Möller Copyright (C) 2013 Niels Möller
...@@ -30,7 +30,7 @@ ifelse(< ...@@ -30,7 +30,7 @@ ifelse(<
not, see http://www.gnu.org/licenses/. not, see http://www.gnu.org/licenses/.
>) >)
.file "ecc-224-modp.asm" .file "ecc-secp224r1-modp.asm"
GMP_NUMB_BITS(64) GMP_NUMB_BITS(64)
......
C x86_64/ecc-256-redc.asm C x86_64/ecc-secp256r1-redc.asm
ifelse(< ifelse(<
Copyright (C) 2013 Niels Möller Copyright (C) 2013 Niels Möller
...@@ -30,7 +30,7 @@ ifelse(< ...@@ -30,7 +30,7 @@ ifelse(<
not, see http://www.gnu.org/licenses/. not, see http://www.gnu.org/licenses/.
>) >)
.file "ecc-256-redc.asm" .file "ecc-secp256r1-redc.asm"