//------------------------------------------------------------------------------ // // ecdsa_fpga_model.h // -------------------------------------------- // Base point scalar multiplier model for ECDSA // // Authors: Pavel Shatov // // Copyright 2015-2016, 2018 NORDUnet A/S // Copyright 2021 The Commons Conservancy Cryptech Project // SPDX-License-Identifier: BSD-3-Clause // // Redistribution and use in source and binary forms, with or without // modification, are permitted provided that the following conditions are met: // // - Redistributions of source code must retain the above copyright notice, // this list of conditions and the following disclaimer. // // - Redistributions in binary form must reproduce the above copyright notice, // this list of conditions and the following disclaimer in the documentation // and/or other materials provided with the distribution. // // - Neither the name of the copyright holder nor the names of its // contributors may be used to endorse or promote products derived from // this software without specific prior written permission. // // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE // ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE // LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR // CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF // SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN // CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE // POSSIBILITY OF SUCH DAMAGE. // //------------------------------------------------------------------------------ //------------------------------------------------------------------------------ // // Curve Selection (don't override if already selected, handy for testing // from the STM32 sample driver) // // USE_CURVE == 1 -> P-256 // USE_CURVE == 2 -> P-384 // //------------------------------------------------------------------------------ #ifndef USE_CURVE #define USE_CURVE 1 #endif //------------------------------------------------------------------------------ #define BAD_CURVE #error USE_CURVE must be either 1 or 2! //------------------------------------------------------------------------------ //------------------------------------------------------------------------------ // Headers //------------------------------------------------------------------------------ #include "ecdsa_fpga_lowlevel.h" #include "ecdsa_fpga_multiword.h" #include "ecdsa_fpga_modular.h" #include "ecdsa_fpga_curve.h" #ifdef USE_MICROCODE #include "ecdsa_fpga_microcode.h" #endif //------------------------------------------------------------------------------ // Test Vectors //------------------------------------------------------------------------------ #include "ecdsa_test_vector_nsa.h" #include "ecdsa_test_vector_randomized.h" //------------------------------------------------------------------------------ // Debugging Output Control //------------------------------------------------------------------------------ /** #define DUMP_CYCLE_STATES // dump R0, R1, S, T after every cycle **/ /** #define DUMP_UOP_OUTPUTS // dump every micro-operation output (lots of text!) **/ //------------------------------------------------------------------------------ // Test Vectors Switch //------------------------------------------------------------------------------ #if USE_CURVE == 1 #define ECDSA_D_NSA_INIT ECDSA_P256_D_NSA_INIT #define ECDSA_QX_NSA_INIT ECDSA_P256_QX_NSA_INIT #define ECDSA_QY_NSA_INIT ECDSA_P256_QY_NSA_INIT #define ECDSA_K_NSA_INIT ECDSA_P256_K_NSA_INIT #define ECDSA_RX_NSA_INIT ECDSA_P256_RX_NSA_INIT #define ECDSA_RY_NSA_INIT ECDSA_P256_RY_NSA_INIT #define ECDSA_D_RANDOM_INIT ECDSA_P256_D_RANDOM_INIT #define ECDSA_QX_RANDOM_INIT ECDSA_P256_QX_RANDOM_INIT #define ECDSA_QY_RANDOM_INIT ECDSA_P256_QY_RANDOM_INIT #elif USE_CURVE == 2 #define ECDSA_D_NSA_INIT ECDSA_P384_D_NSA_INIT #define ECDSA_QX_NSA_INIT ECDSA_P384_QX_NSA_INIT #define ECDSA_QY_NSA_INIT ECDSA_P384_QY_NSA_INIT #define ECDSA_K_NSA_INIT ECDSA_P384_K_NSA_INIT #define ECDSA_RX_NSA_INIT ECDSA_P384_RX_NSA_INIT #define ECDSA_RY_NSA_INIT ECDSA_P384_RY_NSA_INIT #define ECDSA_D_RANDOM_INIT ECDSA_P384_D_RANDOM_INIT #define ECDSA_QX_RANDOM_INIT ECDSA_P384_QX_RANDOM_INIT #define ECDSA_QY_RANDOM_INIT ECDSA_P384_QY_RANDOM_INIT #else BAD_CURVE #endif //------------------------------------------------------------------------------ // Prototypes //------------------------------------------------------------------------------ void print_fpga_buffer (const char *s, const FPGA_BUFFER *v); void print_fpga_buffer_nodelim (const char *s, const FPGA_BUFFER *v); bool compare_fpga_buffers (const FPGA_BUFFER *az, const FPGA_BUFFER *bz); bool compare_fpga_buffers (const FPGA_BUFFER *ax, const FPGA_BUFFER *ay, const FPGA_BUFFER *bx, const FPGA_BUFFER *by); bool compare_fpga_buffers (const FPGA_BUFFER *ax, const FPGA_BUFFER *ay, const FPGA_BUFFER *az, const FPGA_BUFFER *bx, const FPGA_BUFFER *by, const FPGA_BUFFER *bz); void dump_cycle_header (int, int, bool); void dump_cycle_state( const FPGA_BUFFER *, const FPGA_BUFFER *, const FPGA_BUFFER *, const FPGA_BUFFER *, const FPGA_BUFFER *, const FPGA_BUFFER *, const FPGA_BUFFER *, const FPGA_BUFFER *, const FPGA_BUFFER *, const FPGA_BUFFER *, const FPGA_BUFFER *, const FPGA_BUFFER *); void dump_uop_output(const char *, const FPGA_BUFFER *); //------------------------------------------------------------------------------ // End-of-File //------------------------------------------------------------------------------