diff options
Diffstat (limited to 'src/stm32/modexpa7_driver_sample.c')
| -rw-r--r-- | src/stm32/modexpa7_driver_sample.c | 134 |
1 files changed, 127 insertions, 7 deletions
diff --git a/src/stm32/modexpa7_driver_sample.c b/src/stm32/modexpa7_driver_sample.c index 4738026..390c949 100644 --- a/src/stm32/modexpa7_driver_sample.c +++ b/src/stm32/modexpa7_driver_sample.c @@ -89,6 +89,21 @@ static const uint32_t n_512[] = N_512; static const uint32_t d_512[] = D_512;
static const uint32_t s_512[] = S_512;
+static const uint32_t p_192[] = P_192;
+static const uint32_t q_192[] = Q_192;
+static const uint32_t dp_192[] = DP_192;
+static const uint32_t dq_192[] = DQ_192;
+static const uint32_t mp_192[] = MP_192;
+static const uint32_t mq_192[] = MQ_192;
+
+static const uint32_t p_256[] = P_256;
+static const uint32_t q_256[] = Q_256;
+static const uint32_t dp_256[] = DP_256;
+static const uint32_t dq_256[] = DQ_256;
+static const uint32_t mp_256[] = MP_256;
+static const uint32_t mq_256[] = MQ_256;
+
+
/*
* prototypes
@@ -102,6 +117,11 @@ int test_modexpa7( const uint32_t *m, const uint32_t *s,
size_t l);
+int test_modexpa7_crt( const uint32_t *m,
+ const uint32_t *d,
+ const uint32_t *s,
+ size_t l);
+
/*
* test routine
@@ -158,21 +178,49 @@ int main() // fresh start
ok = 1;
- {
+ {
// run precomputation of modulus-dependent factor for the 384-bit modulus
setup_modexpa7(n_384, 384);
-
+
// try signing the message from the 384-bit test vector
ok = ok && test_modexpa7(m_384, d_384, s_384, 384);
}
- {
+ {
// run precomputation of modulus-dependent factor for the 512-bit modulus
setup_modexpa7(n_512, 512);
-
+
// try signing the message from the 512-bit test vector
ok = ok && test_modexpa7(m_512, d_512, s_512, 512);
}
-
+
+ {
+ // run precomputation of modulus-dependent factor for the first 192-bit part of 384-bit modulus
+ setup_modexpa7(p_192, 192);
+
+ // try signing 384-bit base using 192-bit exponent
+ ok = ok && test_modexpa7_crt(m_384, dp_192, mp_192, 192);
+
+ // run precomputation of modulus-dependent factor for the second 192-bit part of 384-bit modulus
+ setup_modexpa7(q_192, 192);
+
+ // try signing 384-bit base using 192-bit exponent
+ ok = ok && test_modexpa7_crt(m_384, dq_192, mq_192, 192);
+ }
+
+ {
+ // run precomputation of modulus-dependent factor for the first 256-bit part of 512-bit modulus
+ setup_modexpa7(p_256, 256);
+
+ // try signing 512-bit base using 256-bit exponent
+ ok = ok && test_modexpa7_crt(m_512, dp_256, mp_256, 256);
+
+ // run precomputation of modulus-dependent factor for the second 256-bit part of 512-bit modulus
+ setup_modexpa7(q_256, 256);
+
+ // try signing 512-bit base using 256-bit exponent
+ ok = ok && test_modexpa7_crt(m_512, dq_256, mq_256, 256);
+ }
+
// turn on the red led to indicate something went wrong
if (!ok)
{ led_off(LED_GREEN);
@@ -241,6 +289,7 @@ int test_modexpa7( const uint32_t *m, uint32_t reg_control, reg_status;
uint32_t m_word, d_word, s_word;
uint32_t dummy_num_cyc;
+ uint32_t mode;
// determine numbers of 32-bit words
num_words = l >> 5;
@@ -249,8 +298,12 @@ int test_modexpa7( const uint32_t *m, num_bits = l;
fmc_write_32(CORE_ADDR_EXPONENT_BITS, &num_bits);
- // fill modulus bank (the least significant word
- // is at the lowest offset)
+ // disable CRT mode
+ mode = 0;
+ fmc_write_32(CORE_ADDR_MODE, &mode);
+
+ // fill message and exponent banks (the least significant
+ // word is at the lowest offset)
for (i=0; i<num_words; i++)
{ m_word = m[i];
d_word = d[i];
@@ -287,6 +340,73 @@ int test_modexpa7( const uint32_t *m, }
+int test_modexpa7_crt( const uint32_t *m,
+ const uint32_t *d,
+ const uint32_t *s,
+ size_t l)
+{
+ size_t i, num_words;
+ uint32_t num_bits;
+ uint32_t reg_control, reg_status;
+ uint32_t m_word, d_word, s_word;
+ uint32_t dummy_num_cyc;
+ uint32_t mode;
+
+ // determine numbers of 32-bit words
+ num_words = l >> 5;
+
+ // set exponent width
+ num_bits = l;
+ fmc_write_32(CORE_ADDR_EXPONENT_BITS, &num_bits);
+
+ // enable CRT mode
+ mode = CORE_MODE_BIT_CRT;
+ fmc_write_32(CORE_ADDR_MODE, &mode);
+
+ // fill exponent bank (the least significant word
+ // is at the lowest offset)
+ for (i=0; i<num_words; i++)
+ { d_word = d[i];
+ fmc_write_32(CORE_ADDR_BANK_EXPONENT + ((num_words - (i + 1)) * sizeof(uint32_t)), &d_word);
+ }
+
+ // fill message bank (the least significant word
+ // is at the lowest offset, message is twice larger
+ // than the modulus in CRT mode!)
+ for (i=0; i<(2 * num_words); i++)
+ { m_word = m[i];
+ fmc_write_32(CORE_ADDR_BANK_MESSAGE + ((2 * num_words - (i + 1)) * sizeof(uint32_t)), &m_word);
+ }
+
+ // clear 'next' control bit, then set 'next' control bit again
+ // to trigger exponentiation (core is edge-triggered)
+ reg_control = 0;
+ fmc_write_32(CORE_ADDR_CONTROL, ®_control);
+ reg_control = CORE_CONTROL_BIT_NEXT;
+ fmc_write_32(CORE_ADDR_CONTROL, ®_control);
+
+ // wait for 'valid' status bit to be set
+ dummy_num_cyc = 0;
+ do
+ { dummy_num_cyc++;
+ fmc_read_32(CORE_ADDR_STATUS, ®_status);
+ }
+ while (!(reg_status & CORE_STATUS_BIT_VALID));
+
+ // read back the result word-by-word, then compare to the reference values
+ for (i=0; i<num_words; i++)
+ {
+ fmc_read_32(CORE_ADDR_BANK_RESULT + (i * sizeof(uint32_t)), &s_word);
+
+ if (s_word != s[num_words - (i + 1)])
+ return 0;
+ }
+
+ // everything went just fine
+ return 1;
+}
+
+
//
// toggle the yellow led to indicate that we're not stuck somewhere
//
|