aboutsummaryrefslogtreecommitdiff
path: root/stm32_driver/ecdsa384_driver_sample.c
diff options
context:
space:
mode:
authorPavel V. Shatov (Meister) <meisterpaul1@yandex.ru>2018-04-17 14:49:54 +0300
committerPavel V. Shatov (Meister) <meisterpaul1@yandex.ru>2018-04-17 14:49:54 +0300
commit5ee00eeda3508756b41b2ec40e6878242e0cd43b (patch)
tree0e6925eed7237a791bb326d796a583050197c0f0 /stm32_driver/ecdsa384_driver_sample.c
parent0332f99f8b9ef7ec9e520406abfe887a185ec87b (diff)
Same changes as per the P-256 core.fix
Diffstat (limited to 'stm32_driver/ecdsa384_driver_sample.c')
-rw-r--r--stm32_driver/ecdsa384_driver_sample.c61
1 files changed, 51 insertions, 10 deletions
diff --git a/stm32_driver/ecdsa384_driver_sample.c b/stm32_driver/ecdsa384_driver_sample.c
index 6ab62ee..b3ea24f 100644
--- a/stm32_driver/ecdsa384_driver_sample.c
+++ b/stm32_driver/ecdsa384_driver_sample.c
@@ -30,7 +30,8 @@
// curve selection
#define USE_CURVE 2
-#include "ecdsa_model.h"
+
+#include "../../../user/shatov/ecdsa_fpga_model/ecdsa_model.h"
#define BUF_NUM_WORDS (OPERAND_WIDTH / (sizeof(uint32_t) << 3)) // 8
@@ -49,9 +50,16 @@ static const uint32_t p384_i[BUF_NUM_WORDS] = ECDSA_ONE;
static const uint32_t p384_gx[BUF_NUM_WORDS] = ECDSA_G_X;
static const uint32_t p384_gy[BUF_NUM_WORDS] = ECDSA_G_Y;
+static const uint32_t p384_hx[BUF_NUM_WORDS] = ECDSA_H_X;
+static const uint32_t p384_hy[BUF_NUM_WORDS] = ECDSA_H_Y;
+
static const uint32_t p384_z[BUF_NUM_WORDS] = ECDSA_ZERO;
static const uint32_t p384_n[BUF_NUM_WORDS] = ECDSA_N;
+static uint32_t p384_2[BUF_NUM_WORDS]; // 2
+static uint32_t p384_n1[BUF_NUM_WORDS]; // n + 1
+static uint32_t p384_n2[BUF_NUM_WORDS]; // n + 2
+
//
// prototypes
//
@@ -88,17 +96,50 @@ int main()
while (1);
}
+ // prepare more numbers
+ size_t w;
+ for (w=0; w<BUF_NUM_WORDS; w++)
+ { p384_2[w] = p384_z[w]; // p384_2 = p384_z = 0
+ p384_n1[w] = p384_n[w]; // p384_n1 = p384_n = N
+ p384_n2[w] = p384_n[w]; // p384_n2 = p384_n = N
+ }
+
+ p384_2[BUF_NUM_WORDS-1] += 2; // p384_2 = 2
+ p384_n1[BUF_NUM_WORDS-1] += 1; // p384_n1 = N + 1
+ p384_n2[BUF_NUM_WORDS-1] += 2; // p384_n2 = N + 2
// repeat forever
- while (1) {
+ while (1)
+ {
ok = 1;
- ok = ok && test_p384_multiplier(p384_d, p384_qx, p384_qy);
- ok = ok && test_p384_multiplier(p384_k, p384_rx, p384_ry);
- ok = ok && test_p384_multiplier(p384_z, p384_z, p384_z);
- ok = ok && test_p384_multiplier(p384_i, p384_gx, p384_gy);
- ok = ok && test_p384_multiplier(p384_n, p384_z, p384_z);
-
- if (!ok) { led_off(LED_GREEN);
- led_on(LED_RED);
+
+ ok = ok && test_p384_multiplier(p384_d, p384_qx, p384_qy); /* Q = d * G */
+ ok = ok && test_p384_multiplier(p384_k, p384_rx, p384_ry); /* R = k * G */
+
+ ok = ok && test_p384_multiplier(p384_z, p384_z, p384_z); /* O = 0 * G */
+ ok = ok && test_p384_multiplier(p384_i, p384_gx, p384_gy); /* G = 1 * G */
+
+ ok = ok && test_p384_multiplier(p384_n, p384_z, p384_z); /* O = n * G */
+
+ ok = ok && test_p384_multiplier(p384_n1, p384_gx, p384_gy); /* G = (n + 1) * G */
+
+ //
+ // The following two vectors test the virtually never taken path in the curve point
+ // addition routine when both input points are the same. During the first test (2 * G)
+ // the double of the base point is computed at the second doubling step of the multiplication
+ // algorithm, which does not require any special handling. During the second test the
+ // precomputed double of the base point (stored in internal read-only memory) is returned,
+ // because after doubling of G * ((n + 1) / 2) we get G * (n + 1) = G. The adder then has to
+ // compute G + G for which the formulae don't work, and special handling is required. The two
+ // test vectors verify that the hardcoded double of the base point matches the one computed
+ // on the fly. Note that in practice one should never be multiplying by anything larger than (n-1),
+ // because both the secret key and the per-message (random) number must be from [1, n-1].
+ //
+ ok = ok && test_p384_multiplier(p384_2, p384_hx, p384_hy); /* H = 2 * G */
+ ok = ok && test_p384_multiplier(p384_n2, p384_hx, p384_hy); /* H = (n + 2) * G */
+
+ if (!ok) {
+ led_off(LED_GREEN);
+ led_on(LED_RED);
}
toggle_yellow_led();