http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/examples/testwcc_dta_ZZZ.c.in ---------------------------------------------------------------------- diff --git a/examples/testwcc_dta_ZZZ.c.in b/examples/testwcc_dta_ZZZ.c.in new file mode 100644 index 0000000..22a3af6 --- /dev/null +++ b/examples/testwcc_dta_ZZZ.c.in @@ -0,0 +1,439 @@ +/* +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, +software distributed under the License is distributed on an +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +KIND, either express or implied. See the License for the +specific language governing permissions and limitations +under the License. +*/ + + +/* Demonstrate WCC with two TAs */ + +/* Build executable after installation: + gcc -std=c99 -g testwcc_dta_ZZZ.c -I/opt/amcl/include -L/opt/amcl/lib -lamcl_wcc_ZZZ -lamcl_pairing_ZZZ -lamcl_curve_ZZZ -lamcl_core_ZZZ -o testwcc_dta_ZZZ */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <time.h> +#include "utils.h" +#include "config_curve_ZZZ.h" +#include "randapi.h" +#if CURVE_SECURITY_ZZZ == 128 +#include "wcc_ZZZ.h" +#elif CURVE_SECURITY_ZZZ == 192 +#include "wcc192_ZZZ.h" +#elif CURVE_SECURITY_ZZZ == 256 +#include "wcc256_ZZZ.h" +#endif + +#if CURVE_SECURITY_ZZZ == 128 +#define G2LEN 4*WCC_PFS_ZZZ +#elif CURVE_SECURITY_ZZZ == 192 +#define G2LEN 8*WCC_PFS_ZZZ +#elif CURVE_SECURITY_ZZZ == 256 +#define G2LEN 16*WCC_PFS_ZZZ +#endif + +// #define DEBUG + +int main() +{ + int i,rtn; + + /* Master secret shares */ + char ms1[WCC_PGS_ZZZ], ms2[WCC_PGS_ZZZ]; + octet MS1= {sizeof(ms1),sizeof(ms1),ms1}; + octet MS2= {sizeof(ms2),sizeof(ms2),ms2}; + + // Sender keys + char a1keyG1[2*WCC_PFS_ZZZ+1], a2keyG1[2*WCC_PFS_ZZZ+1]; + octet A1KeyG1= {0,sizeof(a1keyG1), a1keyG1}; + octet A2KeyG1= {0,sizeof(a2keyG1), a2keyG1}; + char akeyG1[2*WCC_PFS_ZZZ+1]; + octet AKeyG1= {0,sizeof(akeyG1), akeyG1}; + + // Receiver keys + char b1keyG2[G2LEN], b2keyG2[G2LEN]; + octet B1KeyG2= {0,sizeof(b1keyG2), b1keyG2}; + octet B2KeyG2= {0,sizeof(b2keyG2), b2keyG2}; + char bkeyG2[G2LEN]; + octet BKeyG2= {0,sizeof(bkeyG2), bkeyG2}; + + // Identities + char alice_id[256],bob_id[256]; + octet IdA= {0,sizeof(alice_id),alice_id}; + octet IdB= {0,sizeof(bob_id),bob_id}; + + // Hash of the identities + char hida[WCC_PFS_ZZZ], hidb[WCC_PFS_ZZZ]; + octet HIdA = {0,sizeof(hida),hida}; + octet HIdB = {0,sizeof(hidb),hidb}; + + char x[WCC_PGS_ZZZ]; + octet X= {0,sizeof(x),x}; + char y[WCC_PGS_ZZZ]; + octet Y= {0,sizeof(y),y}; + char w[WCC_PGS_ZZZ]; + octet W= {0,sizeof(w),w}; + char pia[WCC_PGS_ZZZ]; + octet PIA= {0,sizeof(pia),pia}; + char pib[WCC_PGS_ZZZ]; + octet PIB= {0,sizeof(pib),pib}; + + char pgg1[2*WCC_PFS_ZZZ+1]; + octet PgG1= {0,sizeof(pgg1), pgg1}; + + char pag1[2*WCC_PFS_ZZZ+1]; + octet PaG1= {0,sizeof(pag1), pag1}; + + char pbg2[G2LEN]; + octet PbG2= {0,sizeof(pbg2), pbg2}; + + char seed[32] = {0}; + octet SEED = {0,sizeof(seed),seed}; + csprng RNG; + + char message1[256]; + char message2[256]; + octet MESSAGE1 = {0, sizeof(message1), message1}; + octet MESSAGE2 = {0, sizeof(message2), message2}; + + char t1[PTAG]; // Tag + char t2[PTAG]; // Tag + char k1[AESKEY_ZZZ]; // AES Key + char k2[AESKEY_ZZZ]; // AES Key + char iv[PIV]; // IV - Initialization vector + char c[100]; // Ciphertext + char p[100]; // Recovered Plaintext + octet T1= {sizeof(t1),sizeof(t1),t1}; + octet T2= {sizeof(t2),sizeof(t2),t2}; + octet K1= {0,sizeof(k1),k1}; + octet K2= {0,sizeof(k2),k2}; + octet IV= {0,sizeof(iv),iv}; + octet C= {0,sizeof(c),c}; + octet P= {0,sizeof(p),p}; + + OCT_jstring(&MESSAGE1,"Hello Bob"); + OCT_jstring(&MESSAGE2,"Hello Alice"); + + /* non random seed value */ + SEED.len=32; + for (i=0; i<32; i++) SEED.val[i]=i+1; + + /* initialize random number generator */ + CREATE_CSPRNG(&RNG,&SEED); + + /* Generate Client master secret */ + rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&MS1); + if (rtn != 0) + { + printf("TA WCC_ZZZ_RANDOM_GENERATE Error %d\n", rtn); + return 1; + } + rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&MS2); + if (rtn != 0) + { + printf("TA WCC_ZZZ_RANDOM_GENERATE Error %d\n", rtn); + return 1; + } + printf("TA1 MASTER SECRET: "); + OCT_output(&MS1); + printf("TA2 MASTER SECRET: "); + OCT_output(&MS2); + + // Alice's ID + OCT_jstring(&IdA,"[email protected]"); + + // Hash Alice's Id + HASH_ID(HASH_TYPE_ZZZ,&IdA,&HIdA); + + // TA: Generate Alice's sender key + rtn = WCC_ZZZ_GET_G1_MULTIPLE(&MS1,&HIdA,&A1KeyG1); + if (rtn != 0) + { + printf("TA WCC_ZZZ_GET_G1_MULTIPLE Error %d\n", rtn); + return 1; + } + rtn = WCC_ZZZ_GET_G1_MULTIPLE(&MS2,&HIdA,&A2KeyG1); + if (rtn != 0) + { + printf("TA WCC_ZZZ_GET_G1_MULTIPLE Error %d\n", rtn); + return 1; + } + printf("TA A1KeyG1: "); + OCT_output(&A1KeyG1); + printf("TA A2KeyG1: "); + OCT_output(&A2KeyG1); + + rtn = WCC_ZZZ_RECOMBINE_G1(&A1KeyG1, &A2KeyG1, &AKeyG1); + if (rtn != 0) + { + printf("TA WCC_ZZZ_RECOMBINE_G1 Error %d\n", rtn); + return 1; + } + printf("TA Alice's sender key: "); + OCT_output(&AKeyG1); + + // Bob's ID + OCT_jstring(&IdB,"[email protected]"); + + // Hash Bob's Id + HASH_ID(HASH_TYPE_ZZZ,&IdB,&HIdB); + + // TA: Generate Bob's receiver key + rtn = WCC_ZZZ_GET_G2_MULTIPLE(&MS1,&HIdB,&B1KeyG2); + if (rtn != 0) + { + printf("TA WCC_ZZZ_GET_G2_MULTIPLE Error %d\n", rtn); + return 1; + } + rtn = WCC_ZZZ_GET_G2_MULTIPLE(&MS2,&HIdB,&B2KeyG2); + if (rtn != 0) + { + printf("Bob WCC_ZZZ_GET_G2_MULTIPLE Error %d\n", rtn); + return 1; + } + printf("TA B1KeyG2: "); + OCT_output(&B1KeyG2); + printf("TA B2KeyG2: "); + OCT_output(&B2KeyG2); + + rtn = WCC_ZZZ_RECOMBINE_G2(&B1KeyG2, &B2KeyG2, &BKeyG2); + if (rtn != 0) + { + printf("Bob WCC_ZZZ_RECOMBINE_G2 Error %d\n", rtn); + return 1; + } + printf("TA Bob's receiver key: "); + OCT_output(&BKeyG2); + + printf("Alice\n"); + + rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&X); + if (rtn != 0) + { + printf("Alice WCC_ZZZ_RANDOM_GENERATE Error %d\n", rtn); + return 1; + } +#ifdef DEBUG + printf("Alice X: "); + OCT_output(&X); + printf("\n"); +#endif + + rtn = WCC_ZZZ_GET_G1_MULTIPLE(&X,&HIdA,&PaG1); + if (rtn != 0) + { + printf("Alice WCC_ZZZ_GET_G1_MULTIPLE Error %d\n", rtn); + return 1; + } + + printf("Alice sends IdA and PaG1 to Bob\n\n"); + printf("Alice IdA: "); + OCT_output_string(&IdA); + printf("\n"); + printf("Alice PaG1: "); + OCT_output(&PaG1); + printf("\n"); + + printf("Bob\n"); + + rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&W); + if (rtn != 0) + { + printf("Bob WCC_ZZZ_RANDOM_GENERATE Error %d\n", rtn); + return 1; + } +#ifdef DEBUG + printf("Bob W: "); + OCT_output(&W); + printf("\n"); +#endif + rtn = WCC_ZZZ_GET_G1_MULTIPLE(&W,&HIdA,&PgG1); + if (rtn != 0) + { + printf("Bob WCC_ZZZ_GET_G1_MULTIPLE Error %d\n", rtn); + return 1; + } +#ifdef DEBUG + printf("PgG1: "); + OCT_output(&PgG1); + printf("\n"); +#endif + + rtn = WCC_ZZZ_RANDOM_GENERATE(&RNG,&Y); + if (rtn != 0) + { + printf("Bob WCC_ZZZ_RANDOM_GENERATE Error %d\n", rtn); + return 1; + } +#ifdef DEBUG + printf("Bob Y: "); + OCT_output(&Y); + printf("\n"); +#endif + rtn = WCC_ZZZ_GET_G2_MULTIPLE(&Y,&HIdB,&PbG2); + if (rtn != 0) + { + printf("Bob WCC_ZZZ_GET_G1_MULTIPLE Error %d\n", rtn); + return 1; + } +#ifdef DEBUG + printf("Bob PbG2: "); + OCT_output(&PbG2); + printf("\n"); +#endif + + // pia = Hq(PaG1,PbG2,PgG1,IdB) + WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PaG1,&PbG2,&PgG1,&IdB,&PIA); + + // pib = Hq(PbG2,PaG1,PgG1,IdA) + WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PbG2,&PaG1,&PgG1,&IdA,&PIB); + +#ifdef DEBUG + printf("Bob PIA: "); + OCT_output(&PIA); + printf("\n"); + printf("Bob PIB: "); + OCT_output(&PIB); + printf("\n"); +#endif + + // Bob calculates AES Key + WCC_ZZZ_RECEIVER_KEY(HASH_TYPE_ZZZ,&Y,&W,&PIA,&PIB,&PaG1,&PgG1,&BKeyG2,&IdA,&K2); + if (rtn != 0) + { + printf("Bob WCC_ZZZ_RECEIVER_KEY Error %d\n", rtn); + return 1; + } + printf("Bob AES Key: "); + OCT_output(&K2); + + printf("Bob sends IdB, PbG2 and PgG1 to Alice\n\n"); + printf("Bob IdB: "); + OCT_output_string(&IdB); + printf("\n"); + printf("Bob PbG2: "); + OCT_output(&PbG2); + printf("\n"); + printf("Bob PgG1: "); + OCT_output(&PgG1); + printf("\n"); + + printf("Alice\n"); + + // pia = Hq(PaG1,PbG2,PgG1,IdB) + WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PaG1,&PbG2,&PgG1,&IdB,&PIA); + + // pib = Hq(PbG2,PaG1,PgG1,IdA) + WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PbG2,&PaG1,&PgG1,&IdA,&PIB); + +#ifdef DEBUG + printf("Alice PIA: "); + OCT_output(&PIA); + printf("\n"); + printf("Alice PIB: "); + OCT_output(&PIB); + printf("\n"); +#endif + + // Alice calculates AES Key + rtn = WCC_ZZZ_SENDER_KEY(HASH_TYPE_ZZZ,&X,&PIA,&PIB,&PbG2,&PgG1,&AKeyG1,&IdB,&K1); + if (rtn != 0) + { + printf("Alice WCC_ZZZ_SENDER_KEY Error %d\n", rtn); + return 1; + } + printf("Alice AES Key: "); + OCT_output(&K1); + + // Send message + IV.len=12; + for (i=0; i<IV.len; i++) + IV.val[i]=i+1; + printf("Alice: IV "); + OCT_output(&IV); + + printf("Alice: Message to encrypt for Bob: "); + OCT_output_string(&MESSAGE1); + printf("\n"); + + AES_GCM_ENCRYPT(&K1,&IV,&IdA,&MESSAGE1,&C,&T1); + + printf("Alice: Ciphertext: "); + OCT_output(&C); + + printf("Alice: Encryption Tag: "); + OCT_output(&T1); + printf("\n"); + + AES_GCM_DECRYPT(&K2,&IV,&IdA,&C,&P,&T2); + + printf("Bob: Decrypted message received from Alice: "); + OCT_output_string(&P); + printf("\n"); + + printf("Bob: Decryption Tag: "); + OCT_output(&T2); + printf("\n"); + + if (!OCT_comp(&MESSAGE1,&P)) + { + printf("FAILURE Decryption\n"); + return 1; + } + + if (!OCT_comp(&T1,&T2)) + { + printf("FAILURE TAG mismatch\n"); + return 1; + } + + /* clear memory */ + OCT_clear(&MS1); + OCT_clear(&MS2); + OCT_clear(&A1KeyG1); + OCT_clear(&A2KeyG1); + OCT_clear(&AKeyG1); + OCT_clear(&B1KeyG2); + OCT_clear(&B2KeyG2); + OCT_clear(&BKeyG2); + OCT_clear(&IdA); + OCT_clear(&IdB); + OCT_clear(&HIdA); + OCT_clear(&HIdB); + OCT_clear(&X); + OCT_clear(&Y); + OCT_clear(&W); + OCT_clear(&PIA); + OCT_clear(&PIB); + OCT_clear(&PgG1); + OCT_clear(&PaG1); + OCT_clear(&PbG2); + OCT_clear(&SEED); + OCT_clear(&MESSAGE1); + OCT_clear(&MESSAGE2); + OCT_clear(&T1); + OCT_clear(&T2); + OCT_clear(&K1); + OCT_clear(&K2); + OCT_clear(&IV); + OCT_clear(&C); + OCT_clear(&P); + + KILL_CSPRNG(&RNG); + + return 0; +}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/examples/testx509.c ---------------------------------------------------------------------- diff --git a/examples/testx509.c b/examples/testx509.c new file mode 100644 index 0000000..c92af65 --- /dev/null +++ b/examples/testx509.c @@ -0,0 +1,466 @@ +/* +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, +software distributed under the License is distributed on an +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +KIND, either express or implied. See the License for the +specific language governing permissions and limitations +under the License. +*/ + +/* AMCL X.509 Functions */ + +/* Build executible after installation: + + gcc -std=c99 -g ./testx509.c -I/opt/amcl/include -L/opt/amcl/lib -lamcl_x509 -lamcl_curve -lamcl_core -o testx509 + +*/ + +#include <stdio.h> +#include "ecdh.h" +#include "rsa.h" +#include "x509.h" + +// Supported Encryption Methods +#define ECC 1 +#define RSA 2 + +#define H256 2 +#define H384 3 +#define H512 4 + +// countryName +static char cn[3]= {0x55,0x04,0x06}; +static octet CN= {3,sizeof(cn),cn}; + +// stateName +// static char sn[3]= {0x55,0x04,0x08}; +// static octet SN= {3,sizeof(sn),sn}; + +// localName +// static char ln[3]= {0x55,0x04,0x07}; +// static octet LN= {3,sizeof(ln),ln}; + +// orgName +static char on[3]= {0x55,0x04,0x0A}; +static octet ON= {3,sizeof(on),on}; + +// unitName +// static char un[3]= {0x55,0x04,0x0B}; +// static octet UN= {3,sizeof(un),un}; + +// myName +// static char mn[3]= {0x55,0x04,0x03}; +// static octet MN= {3,sizeof(mn),mn}; + +// emailName +static char en[9]= {0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x09,0x01}; +static octet EN= {9,sizeof(en),en}; + +void print_out(char *des,octet *c,int index,int len) +{ + int i; + printf("%s [",des); + for (i=0; i<len; i++) + printf("%c",c->val[index+i]); + printf("]\n"); +} + +void print_date(char *des,octet *c,int index) +{ + int i=index; + printf("%s [",des); + if (i==0) printf("]\n"); + else printf("20%c%c-%c%c-%c%c %c%c:%c%c:%c%c]\n",c->val[i],c->val[i+1],c->val[i+2],c->val[i+3],c->val[i+4],c->val[i+5],c->val[i+6],c->val[i+7],c->val[i+8],c->val[i+9],c->val[i+10],c->val[i+11]); +} + +/* test driver program */ +// Sample Certs. Uncomment one CA cert and one example cert. Note that AMCL library must be built to support given curve. +// Sample Certs all created using OpenSSL - see http://blog.didierstevens.com/2008/12/30/howto-make-your-own-cert-with-openssl/ +// Note - SSL currently only supports NIST curves. Howevever version 1.1.0 of OpenSSL now supports C25519 + +#if CHOICE==C25519 +// ** CA is RSA 2048-bit based - for use with C25519 build of the library - assumes use of SHA256 in Certs + +char ca_b64[]="MIID6zCCAtOgAwIBAgIJALJxywTGMUA7MA0GCSqGSIb3DQEBCwUAMIGLMQswCQYDVQQGEwJJRTEQMA4GA1UECAwHSXJlbGFuZDEPMA0GA1UEBwwGRHVibGluMQ8wDQYDVQQKDAZNSVJBQ0wxDTALBgNVBAsMBGxhYnMxEzARBgNVBAMMCk1pa2UgU2NvdHQxJDAiBgkqhkiG9w0BCQEWFW1pa2Uuc2NvdHRAbWlyYWNsLmNvbTAeFw0xNjA2MzAxNzQyNDFaFw0yMTA2MzAxNzQyNDFaMIGLMQswCQYDVQQGEwJJRTEQMA4GA1UECAwHSXJlbGFuZDEPMA0GA1UEBwwGRHVibGluMQ8wDQYDVQQKDAZNSVJBQ0wxDTALBgNVBAsMBGxhYnMxEzARBgNVBAMMCk1pa2UgU2NvdHQxJDAiBgkqhkiG9w0BCQEWFW1pa2Uuc2NvdHRAbWlyYWNsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPCTPcPWgiI0ka5Czd0ZzW+gTaMEe9QW7FGu5+9fS6ALrCpdbxdwDX8+OQXZuQJpLYEAIq1pDh3fVQguH/jUM9gQQrS2Lmz3KhXC/J3yv85FRotCGv13ztapMedTy2IxzbtPvoQQc+IAlUPX6DtD8JqBoAstrlQUnkMChKztMGR2OERdjNzXmXm+KMMPlZzk+EvRwCornVA+SB5QAWj7y/3ISFo0y1WG8ewoQEx3HQYrjXbQP1VTdiLW7dHPQP86XKoTMtTBEYWuFhKB9ClCeu4Qqqxqa9UPIVfdro7SoZScCt+OX4KhzLnOCFupoLxE+yTDhDpYcCcmI1yglCv9DpMCAwEAAaNQME4wHQYDVR0OBBYEFFH18YEMoxms7121N/nQ+Wm3b5smMB8GA1UdIwQYMBaAFFH18YEMoxms7121N/nQ+Wm3b5smMAwGA1UdEwQFMAMBAf8wDQYJKo ZIhvcNAQELBQADggEBALCUob0y2O4DSzsqG76yrtCxXWxDdgjSkHKzwFK62BzZK5EuCDJrVgCyoLX0SvYvoT9x0wtS+bxJ7TNEGn7Rkp5/iSQCUSF7sVRoHqzErk70xVKKDy5FS+zre8k08nJrtRg2u1PmY95NO1SE96BtUVLs+8rQuqEX283tqlmqE/SF2+lxOb0WaVrya4oCJfj/XT83pRTcd5w9i7huWltMbKbagkmlQ/5q9Ayp/Jh1lLXmxr+/xEbZ2xEop/y+mgVF0vLxap7R5toBA0Yk7vvirlYv0hZGqGi5lBc9VeUqm1H/7XCi5xRU3AtJ4QRk4Z1xUa4qAPKfiqlPKd1dVe3Ah3w="; + +// an ECC 255-bit CA-signed cert +char cert_b64[]="MIICqjCCAZICCQCk9jKdJYtnjDANBgkqhkiG9w0BAQsFADCBizELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEPMA0GA1UECgwGTUlSQUNMMQ0wCwYDVQQLDARsYWJzMRMwEQYDVQQDDApNaWtlIFNjb3R0MSQwIgYJKoZIhvcNAQkBFhVtaWtlLnNjb3R0QG1pcmFjbC5jb20wHhcNMTYwNjMwMTc0NjQ4WhcNMTYwNzMwMTc0NjQ4WjCBjDELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEPMA0GA1UECgwGTUlSQUNMMQ0wCwYDVQQLDARsYWJzMRgwFgYDVQQDDA9LZWFsYW4gTWNDdXNrZXIxIDAeBgkqhkiG9w0BCQEWEWtlYWxhbkBtaXJhY2wuY29tMDkwFAYHKoZIzj0CAQYJKwYBBAHaRw8BAyEASiRQmhO9PP+SqodOhXYrnSlcyAOog63E6a4KLDFvAzEwDQYJKoZIhvcNAQELBQADggEBALByfCM/EhdqWBrEnDHtH2/U8xr1eSylHdcfnDSDR+X6KXH5rIJ/397lZQMHB6QSsEiVrWzfFDFPPjDN3xEDsZw09ZTT+L8Wi5P3UKR1gtawQCx3ciKEywAU1CU2dV05gvyebqIsbFUyH7jOlj6/1hIx9zaiLcoEex6D55MYQuWo664HF3CNdJFk1k4HF+fclRhyl4iryp0F9p0Wl5vyn96kg0NwaBZG860oCWDHZsjRq1JeSSaRf9CKNXWbQwjByeEcDphpprqmoVcI60cC0TvZZm1x4y7vjCXLD6uCDw3P7fnSp40yce64+IKUr8/cS+QYus58KHdLaLXsojZHL3c="; +#endif + +#if CHOICE==NIST256 + +// ** CA is RSA 2048-bit based - for use with NIST256 build of library - assumes use of SHA256 in Certs +// RSA 2048 Self-Signed CA cert +char ca_b64[]="MIIDuzCCAqOgAwIBAgIJAP44jcM1MOROMA0GCSqGSIb3DQEBCwUAMHQxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEfMB0GCSqGSIb3DQEJARYQbXNjb3R0QGluZGlnby5pZTAeFw0xNTExMjYwOTUwMzlaFw0yMDExMjUwOTUwMzlaMHQxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEfMB0GCSqGSIb3DQEJARYQbXNjb3R0QGluZGlnby5pZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANUs7/nri9J8zw8rW8JVszXP0ZqeLoQJaq2X28ebm8x5VT3okr9rnBjFjpx0YKQCAFQf8iSOOYuNpDvtZ/YpsjPbk2rg5sLY9G0eUMqrTuZ7moPSxnrXS5evizjD9Z9HqaqeNEYD3sPouPg+lhU1oAUQjUTJVFhEr1x0EnSEYbbrWtY9ZDSuZv+d4NIeqqPOYFd1yZc+LYZyQbAAQqwRLNPZH/rnIykLa6I7w7mGT7H6SBz2O09BtgpTHhalL40ecXa4ZOEze0xwzlc+mEFIrnmdadg3vQrJt42RVbo3LN6RfDIqUZOMOtQW/53pUR1lIpCwVWJTiOpmSEIEqhhjFq0CAwEAAaNQME4wHQYDVR0OBBYEFJrz6LHeT6FcjRahpUC3hAMxKRTCMB8GA1UdIwQYMBaAFJrz6LHeT6FcjRahpUC3hAMxKRTCMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADqkqCYVa3X8XO9Ufu6XIUoZafFPRjSeJXvEIWqlbm7ixJ Z2FPOvf2eMc5RCZYigNKhsxru5Ojw0lPcpa8DDmEsdZDf7p0vlmf7T7xH9gtoInh4DzgI8HRHFc8R/z2/jLX7nlLoopKX5yp7F1gRACg0pd4tGpQ6EnBNcYZZghFH9UIRDmx+vDlwDCu8vyRPt35orrEiI4XGq/QkvxxAb5YWxQ4i06064ULfyCI7suu3KoobdM1aAaA8zhpOOBXKbq+Wi9IGFe/wiEMHLmfHdt9CBTjIWb//IHji4RT05kCmTVrx97pb7EHafuL3L10mM5cpTyBWKnb4kMFtx9yw+S2U="; +// an RSA 2048 CA-signed cert +//char cert_b64[]="MIIDcjCCAloCAQEwDQYJKoZIhvcNAQELBQAwdDELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMR8wHQYJKoZIhvcNAQkBFhBtc2NvdHRAaW5kaWdvLmllMB4XDTE1MTEyNjEwMzQzMFoXDTE3MTEyNTEwMzQzMFowgYkxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoMCENlcnRpVm94MQ0wCwYDVQQLDARMYWJzMQ0wCwYDVQQDDARNSUtFMSYwJAYJKoZIhvcNAQkBFhdtaWtlLnNjb3R0QGNlcnRpdm94LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIoxaQHFQzfyNChrw+3i7FjRFMHZ4zspkjkAcJW21LdBCqrxU+sdjyBoSFlrlafQOHshbrEP93AKX1bfaYbuV4fzq7OlRaLxaK+b+xrOJdewMI2WZ5OwEzj3onZATISogIoB6dTdzJ41NuxuMqQ/DqOnVrRA0SoIespbQhB8FGHBLw0hJATBzUk+bqOIt0HmnMp2EbYgtuG4lYINU/lD3Qt16SunUukWRLtxqJkioie+dkhP2zm+bOlSVmeQb4Wp8AI14OKkTfkdYC8qCxb5eabg90Q33rQUhNwRQHhHwopZwD/BgodasoSrPfwUlj0awh6y87eMGcik5Q/mjkCk5MCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAFrd7R/67ClkbLhpiX++6QTOa47siUAB9v+Qil9hZfhPNeeM589ixYkD4zH5pOK2B0ea+CXEKkanQ6lXx9KV86yS7fq6Yww7wO0diecusHd0+P82i46Tq0nm8nlsnAuhYoFRUGa2m2D kB1HSsB0ts8DjzFLySonFjSSLHDU0ox9/uFbJMzipy3ijAA4XM0N4jRrUfrmxpA7DOOsbEbGkvvB7VK9+s9PHE/4dJTwhSteplUnhxVFkkDo/JwaLx4/IEQRlCF3KEQ5s3AwRHnbrIjOY2yONxHBtJEp7QN5aOHruwvMNRNheCBPiQJyLitUsFGr4voANmobkrFgYtu0tRMQ=="; +// an ECC 256 CA-signed cert +char cert_b64[]="MIICojCCAYoCAQMwDQYJKoZIhvcNAQELBQAwdDELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMR8wHQYJKoZIhvcNAQkBFhBtc2NvdHRAaW5kaWdvLmllMB4XDTE1MTEyNjEzNDcyOVoXDTE3MTEyNTEzNDcyOVowgYQxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoMCENlcnRpdm94MQ0wCwYDVQQLDARMYWJzMQ8wDQYDVQQDDAZtc2NvdHQxHzAdBgkqhkiG9w0BCQEWEG1zY290dEBpbmRpZ28uaWUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATO2iZiQZsXxzwBKnufKfZcsctNXZ4PmfJm638PmX9DQ3Xdb+nD5VxiOakNcB9xf5im8CriiOF5Z/7yPGyzUMbdMA0GCSqGSIb3DQEBCwUAA4IBAQAK5fMgGCCiPts8hMUZvYDpu8hd7qtPKPBc10QUccHb7PGrhqf/Ex2Gpj1aaURmx7SGZG0HX97LtkdW8KQpEoyaa60r7cjVA589TznxXKSGg5ggVoFJNpuZUm7VcolLjwIgTxtGbPzrvVMiZ4cl4PwFePXVKTl4f8XkOFX5gLmVSuCf729lEBmpx3IzqGmTjmnBixaApUElOKVeL7hiUKP3TqMUxZN+QNJBq4Mh9K9h4Sks2oneLwBwhMqQvpmcOb/7SucJn5N0IgJoGaMbfX0oCJJID1NSbagUSbFD1XciR2Ng9VtvnRP+htmEQ7jtww8phFdrWt5M5zPGOHUppqDx"; + +// ** CA is ECC 256 based - for use with NIST256 build of library +// ECC 256 Self-Signed CA cert +//char ca_b64[]="MIIB7TCCAZOgAwIBAgIJANp4nGS/VYj2MAoGCCqGSM49BAMCMFMxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xNTExMjYxMzI0MTBaFw0yMDExMjUxMzI0MTBaMFMxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPb6IjYNKyfbEtL1aafzW1jrn6ALn3PnGm7AyX+pcvwG0GKmb3Z/uHzhT4GysNE0/GB1n4Y/mrORQIm2X98rRs6jUDBOMB0GA1UdDgQWBBSfXUNkgJVklIhuXq4DCnVYhsdzwDAfBgNVHSMEGDAWgBSfXUNkgJVklIhuXq4DCnVYhsdzwDAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0gAMEUCIQDrZJ1tshwTl/jabU2i49EOgbWe0ZgE3QZywJclf5IVwwIgVmz79AAf7e098lyrOKYAqbwjHVyMZGfmkNNGIuIhp/Q="; +// an ECC 256 CA-signed cert +//char cert_b64[]="MIIBvjCCAWQCAQEwCgYIKoZIzj0EAwIwUzELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTE1MTEyNjEzMjc1N1oXDTE3MTEyNTEzMjc1N1owgYIxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoMCENlcnRpdm94MQ0wCwYDVQQLDARMYWJzMQ0wCwYDVQQDDARtaWtlMR8wHQYJKoZIhvcNAQkBFhBtc2NvdHRAaW5kaWdvLmllMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEY42H52TfWMLueKB1o2Sq8uKaKErbHJ2GRAxrnJdNxex0hxZF5FUx7664BbPUolKhpvKTnJxDq5/gMqXzpKgR6DAKBggqhkjOPQQDAgNIADBFAiEA0ew08Xg32g7BwheslVKwXo9XRRx4kygYha1+cn0tvaUCIEKCEwnosZlAckjcZt8aHN5zslE9K9Y7XxTErTstthKc"; +// an RSA 2048 CA-signed cert +//char cert_b64[]="MIICiDCCAi4CAQIwCgYIKoZIzj0EAwIwUzELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTE1MTEyNjEzMzcwNVoXDTE3MTEyNTEzMzcwNVowgYExCzAJBgNVBAYTAklFMQ8wDQYDVQQIDAZJZWxhbmQxDzANBgNVBAcMBkR1YmxpbjERMA8GA1UECgwIQ2VydGl2b3gxDTALBgNVBAsMBExhYnMxDTALBgNVBAMMBE1pa2UxHzAdBgkqhkiG9w0BCQEWEG1zY290dEBpbmRpZ28uaWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjPBVwmPg8Gwx0+8xekmomptA0BDwS7NUfBetqDqNMNyji0bSe8LAfpciU7NW/HWfUE1lndCqSDDwnMJmwC5e3GAl/Bus+a+z8ruEhWGbn95xrHXFkOawbRlXuS7UcEQCvPr8KQHhNsg4cyV7Hn527CPUl27n+WN8/pANo01cTN/dQaK87naU0Mid09vktlMKSN0zyJOnc5CsaTLs+vCRKJ9sUL3d4IQIA2y7gvrTe+iY/QI26nqhGpNWYyFkAdy9PdHUEnDI6JsfF7jFh37yG7XEgDDA3asp/oi1T1+ZoASj2boL++opdqCzDndeWwzDWAWuvJ9wULd80ti6x737ZAgMBAAEwCgYIKoZIzj0EAwIDSAAwRQIgCDwgl98+9moBo+etaLt8MvB/z5Ti6i9neRTZkvoFl7YCIQDq//M3OB757fepErRzIQo3aFAFYjOooi6WdSqP3XqGIg=="; + +#endif + +#if CHOICE==NIST384 + +// ** CA is RSA 3072-bit based - for use with NIST384 build of library - assumes use of SHA384 in Certs +// RSA 3072 Self-Signed CA cert +char ca_b64[]="MIIElzCCAv+gAwIBAgIJAJA+8OyEeK4FMA0GCSqGSIb3DQEBDAUAMGIxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDENMAsGA1UEAwwETWlrZTAeFw0xNTExMjYxNDQ0MDBaFw0yMDExMjUxNDQ0MDBaMGIxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDENMAsGA1UEAwwETWlrZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANvNO8ahsanxzqwkp3A3bujwObJoP3xpOiAAxwGbW867wx4EqBjPRZP+Wcm9Du6e4Fx9U7tHrOLocIUUBcRrmxUJ7Z375hX0cV9yuoYPNv0o2klJhB8+i4YXddkOrSmDLV4r46Ytt1/gjImziat6ZJALdd/uIuhaXwjzy1fFqSEBpkzhrFwFP9MG+5CgbRQed+YxZ10l/rjk+h3LKq9UFsxRCMPYhBFgmEKAVTMnbTfNNxawTRCKtK7nxxruGvAEM+k0ge5rvybERQ0NxtizefBSsB3Q6QVZOsRJiyC0HQhE6ZBHn4h3A5nHUZwPeh71KShw3uMPPB3Kp1pb/1Euq8azyXSshEMPivvgcGJSlm2b/xqsyrT1tie82MqB0APYAtbx3i5q8p+rD143NiNO8fzCq/J+EV82rVyvqDxf7AaTdJqDbZmnFRbIcrLcQdigWZdSjc+WxrCeOtebRmRknuUmetsCUPVzGv71PLMUNQ2qEiq8KGWmnMBJYVMl96bPxwIDAQABo1AwTjAdBgNVHQ4EFgQUsSjrHeZ5TNI2tMcQd6wUnFpU8DcwHwYDVR0jBB gwFoAUsSjrHeZ5TNI2tMcQd6wUnFpU8DcwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQwFAAOCAYEADlnC1gYIHpVf4uSuBpYNHMO324hhGajHNraHYQAoYc0bW4OcKi0732ib5CHDrV3LCxjxF4lxZVo61gatg5LnfJYldXc0vP0GQRcaqC6lXlLb8ZJ0O3oPgZkAqpzc+AQxYW1wFxbzX8EJU0stSwAuxkgs9bwg8tTxIhDutrcjQl3osnAqGDyM+7VAG5QLRMzxiZumyD7s/xBUOa+L6OKXf4QRr/SH/rPU8H+ENaNkv4PApSVzCgTBPOFBIzqEuO4hcQI0laUopsp2kK1w6wYB5oY/rR/O6lNNfB2WEtfdIhdbQru4cUE3boKerM8Mjd21RuerAuK4X8cbDudHIFsaopGSNuzZwPo/bu0OsmZkORxvdjahHJ0G3/6jM6nEDoIy6mXUCGOUOMhGQKCa8TYlZdPKz29QIxk6HA1wCA38MxUo/29Z7oYw27Mx3x8Gcr+UA4vc+oBN3IEzRmhRZKAYQ10MhYPx3NmYGZBDqHvT06oG5hysTCtlVzx0Tm+o01JQ"; +// an RSA 3072 CA-signed cert +//char cert_b64[]="MIIEWzCCAsMCAQYwDQYJKoZIhvcNAQEMBQAwYjELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ0wCwYDVQQDDARNaWtlMB4XDTE1MTEyNjE0NDY0MloXDTE3MTEyNTE0NDY0MlowgYQxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoMCENlcnRpdm94MQ0wCwYDVQQLDARMYWJzMQ8wDQYDVQQDDAZtc2NvdHQxHzAdBgkqhkiG9w0BCQEWEG1zY290dEBpbmRpZ28uaWUwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC6SrDiE4BpTEks1YpX209q8iH0dfvhGO8hi1rGYFYnz+eeiOvPdXiCdIPVPbGwxQGMEnZQV1X0KupYJw3LR2EsXhN4LZBxnQZmDvUXsTU+Ft/CKZUxVoXpNMxzwl70RC6XeUpPxvdPXa78AnfLL/DsOKsxCfNaKYZZ6G53L6Y69+HrCbyM7g2KrZ9/K/FXS1veMpRj9EbA6Mcdv1TUDNK2fTDV952AQO3kC3+PqywdVgPvntraAoQomrni+tcFW7UXe2Sk7DRcF/acBSuo2UtP3m9UWNL+8HOXvtRqmhns55Vj4DxKuPln759UBS7WZ11apCvC3BvCHR/k3WRf9PQWnW2cmT73/kEShvTRi8h7F9RWvYTEF1MuwSVy+l51q8O3rJU4XxnLm/YbtIGXZUf5Rqb0985zQkA+6rip/OSc8X5a3OV3kp38U7tXJ5sqBMg9RdIIz42cmiRLG5NYSj0/T6zjYEdwj3SYEBoPN/7UGSmhu8fdxS7JYPNpOsgeiu8CAwEAATANBgkqhkiG9w0BAQwFAAOCAY EAyxxEg0hWLFuN2fiukX6vqzSDx5Ac8w1JI4W/bamRd7iDZfHQYqyPDZi9s07I2PcGbByj2oqoyGiIEBLbsljdIEF4D229h2kisn1gA9O+0IM44EgjhBTUoNDgC+SbfJrXlU2GZ1XI3OWjbK7+1wiv0NaBShbbiPgSdjQBP8S+9W7lyyIrZEM1J7maBdepie1BS//DUDmpQzEi0UlB1J+HmQpyZsnT97J9uIPKsK4t2/+iOiknl6iS4GzAQKMLqj2yIBRf/O44ZZ6UZIKLtI4PCVS/8H5Lrg3AC0kr4ZkPAXzefUiTwyLVkqYSxSSTvtb3BpgOxIbmA6juFid0rvUyjN4fuDQkxl3PZyQwIHjpz33HyKrmo4BZ8Dg4JT8LCsQgd0AaD3r0QOS5FdLhkb+rD8EMSsCoOCEtPI6lqLJCrGOQWj7zbcUdPOEsczWMI9hSfK3u/P9+gOUBUFkb0gBIn3WvNuHifIHpsZ5bzbR+SGtu5Tgc7CCCPyNgz1Beb247"; +// an ECC 384 CA-signed cert +char cert_b64[]="MIIDCDCCAXACAQcwDQYJKoZIhvcNAQEMBQAwYjELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ0wCwYDVQQDDARNaWtlMB4XDTE1MTEyNjE1MzU1M1oXDTE3MTEyNTE1MzU1M1owYDELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEQMA4GA1UECgwHQ2VydGl2bzENMAsGA1UECwwETGFiczENMAsGA1UEAwwEbWlrZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJ1J+FT5mxxYEM4aYKM0CvZHmh8JFXzoBmzibabrvyTz79+1QOrR+6MEEsKtmJIYPJi+GsQ0PmjF2HmJncM1zeQh7DQYJf2Xc8p5Vjd8//6YREBVfN3UIyrl87MSucy+mjANBgkqhkiG9w0BAQwFAAOCAYEAmuwa64+K1qlCELpcnCyWwMhSb+Zsw0Hh6q/BfxalZhsX1UFEwE9nHoVJcokaEEYF4u4AYXU5rdysRHxYBfgMbohguTT7sJwCfve2JqpqvhQOkGDG1DB4Ho4y7NPPYB2+UMd7JMD0TOcHXdgQ8FtAE0ClD8VkW0gAC0lCrbQbynfLoUjIWqg3w2g79hvdZPgRt208nFiHuezynOaEFePoXl8CxHInsxAnMaJn2fEs5/QH67pwD65mPdNFsvlr0zdzYcceqEmEHpRAXFOQAJtffGjWAGGX/CsghLuqlpdCiTGA1B53XoXKJvArr/kHpTNMsU1NnkQIHZ5n4USCo4QgL6n9nwem7U2mYBYjmxPi5Y3JJnTZz4zUnv0bD0vSwoivnFZox9H6qTAkeIX1ojJ2ujxWHNOMvOFb6nU2gqNZj2vYcO38OIrK9gwM9lm4FF20YBuf h+WOzQthrHJv0YuQt3NuDQEMkvz+23YvzZlr+e2XqDlMhyR01Kk0MXeLGGcv"; + +// ** CA is ECC 384 based - - for use with NIST384 build of library - assumes use of SHA384 in Certs +// ECC 384 Self-Signed CA Cert +//char ca_b64[]="MIICSTCCAc6gAwIBAgIJAIwHpOFSZLXnMAoGCCqGSM49BAMDMGIxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDENMAsGA1UEAwwEbWlrZTAeFw0xNTExMjYxNTQ0NTlaFw0yMDExMjUxNTQ0NTlaMGIxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDENMAsGA1UEAwwEbWlrZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABOEPMYBqzIn1hJAMZ0aEVxQ08gBF2aSfWtEJtmKj64014w7VfWdeFQSIMP9SjmhatFbAvxep8xgcwbeAobGTqCgUp+0EdFZR1ktKSND/S+UDU1YSNCFRvlNTJ6YmXUkW36NQME4wHQYDVR0OBBYEFDQxIZoKNniNuW91UMJ1KWEjs045MB8GA1UdIwQYMBaAFDQxIZoKNniNuW91UMJ1KWEjs045MAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwMDaQAwZgIxANbml6sp5A92qQiCM/OtBf+TbXpSpIO83TuNP9V2lsphp0CEX3KwAuqBXB95m9/xWAIxAOXAT2LqieSbUh4fpxcdaeY01RoGtD2AQch1a6BuIugcQqTfqLcXy7D51R70R729sA=="; +// an ECC 384 CA-signed cert +//char cert_b64[]="MIICCjCCAZACAQgwCgYIKoZIzj0EAwMwYjELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ0wCwYDVQQDDARtaWtlMB4XDTE1MTEyNjE1NTIxMFoXDTE3MTEyNTE1NTIxMFowgYIxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoMCENlcnRpdm94MQ0wCwYDVQQLDARMYWJzMQ0wCwYDVQQDDARtaWtlMR8wHQYJKoZIhvcNAQkBFhBtc2NvdHRAaW5kaWdvLmllMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEf2Qm6jH2U+vhAApsMqH9gzGCH8rk+mUwFSD3Uud4NiyPBqrJRC1eetVvr3cYb6ucDTa15km6QKvZZrsRW+Z4ZpryoEE6esmD4XPLrtrOtoxtxFNRhiMmT/M9zcrfMJC5MAoGCCqGSM49BAMDA2gAMGUCMF0x6PAvvnJR3riZdUPC4OWFC2K3eiz3QuLCdFOZVIqX7mkLftdS8BtzusXWMMgFCQIxALJNMKLs39P9wYQHu1C+v9ieltQr20C+WVYxqUvgL/KTdxd9dzc3wseZRDT1CydqOA=="; +// an RSA 3072 CA-signed cert +//char cert_b64[]="MIIDFjCCAp4CAQkwCgYIKoZIzj0EAwMwYjELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ0wCwYDVQQDDARtaWtlMB4XDTE1MTEyNjE2MTYwNloXDTE3MTEyNTE2MTYwNlowYzELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjERMA8GA1UECgwIQ2VydGl2b3gxDTALBgNVBAsMBGxhYnMxDzANBgNVBAMMBmtlYWxhbjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAK5QhVjR+UGt3ZWPSGicpviqaOhxXmmvOepdl5Seqr+Iweb3IuEDgtHGwrw/EEgWlKPfS/2LW9ncptdNbVQh7+2rojj7ZtedrAK5p7I9b22f2U3sSHIqjtTT0BjqzL0qEwy/ATqbf93Tcr3yT0Ygh3yzbvn4zodrWQZK8kkN3PQKkiHBCuIxo+8MlTs8d99dl1hbJ84MYZuPmhrkB4oLEAt8+srtL+a4Yd0wPhuCYrLjBnYkD9TlcWLWWh8/iwXiznrY8gQsXSveQNzQjcmHilZrTlTL2dnyI2v7BAXXHSwo6UeES0n064fnYTr3JB0GArMcty6RD3E7xr64HNzzTE2+8cDxufNvU0tq2Z72oZ9cAReHUL5P6mLfORI+AhtCHrXGJch/F07ZX9h8UFpzok8NK5++Q7lHKuezTYRRPlDL5hDB3BUpBwvILdqujcbNil04cuLRBNT/WgqRXEBRjlHLgZaLChFV2VSJ9Z1Uke2lfm5X2O0XPQLhjMSiuvr4HwIDAQABMAoGCCqGSM49BAMDA2YAMGMCLxHSQAYP2EsuIpR4TzDDSIlsw4BBsD7W0ZfH91v9J0j5UWQJD/ yNjMtyA2Qlkq/0AjB+SJQbLgycNJH5SnR/X5wx26/62ln9s0swUtlCYVtNzyEQ3YRHSZbmTbh16RUT7Ak="; + +#endif + +#if CHOICE==NIST521 + +// ** CA is ECC 521 based - - for use with NIST521 build of library - assumes use of SHA512 in Certs +// ECC 521 Self-Signed CA Cert +char ca_b64[]="MIIC+TCCAlqgAwIBAgIJAKlppiHsRpY8MAoGCCqGSM49BAMEMIGUMQswCQYDVQQGEwJJRTEQMA4GA1UECAwHSXJlbGFuZDEPMA0GA1UEBwwGRHVibGluMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDTALBgNVBAsMBExhYnMxDzANBgNVBAMMBm1zY290dDEfMB0GCSqGSIb3DQEJARYQbXNjb3R0QGluZGlnby5pZTAeFw0xNTEyMDExMzE5MjZaFw0yMDExMzAxMzE5MjZaMIGUMQswCQYDVQQGEwJJRTEQMA4GA1UECAwHSXJlbGFuZDEPMA0GA1UEBwwGRHVibGluMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDTALBgNVBAsMBExhYnMxDzANBgNVBAMMBm1zY290dDEfMB0GCSqGSIb3DQEJARYQbXNjb3R0QGluZGlnby5pZTCBmzAQBgcqhkjOPQIBBgUrgQQAIwOBhgAEAKUj6Qa4Vr1vyango8XHlLIIEzY9IVppdpGUrMlNfo0Spu+AXGhnluwJTZXOYLi8jSIPEAL7vuwS5H6uPPIz1QWXALRETVYAQfK0pIfPHq+edTHVTXMcAUpdNla2d4LwYO7HpkSQFHd7aaDN3yVhSL2J0LBLgy0wGkEHuyK1O2r0xNu6o1AwTjAdBgNVHQ4EFgQU966PLshKffU/NRCivMmNq8RiRkAwHwYDVR0jBBgwFoAU966PLshKffU/NRCivMmNq8RiRkAwDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDBAOBjAAwgYgCQgHkLczeTWXq5BfY0bsTOSNU8bYy39OhiQ8wr5rlXY0zOg0fDyokueL4dhkXp8FjbIyUfQBY5OMxjtcn2p+cXU+6MwJCAci61REgxZvjpf1X8pGeSsOKa7GhfsfVnbQm+LQmjVmhMHbVRk Q4h93CENN4MH/86XNozO9USh+ydTislAcXvCb0"; +// an ECC 521 CA-signed cert +char cert_b64[]="MIICZjCCAccCAQMwCgYIKoZIzj0EAwQwgZQxCzAJBgNVBAYTAklFMRAwDgYDVQQIDAdJcmVsYW5kMQ8wDQYDVQQHDAZEdWJsaW4xITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDENMAsGA1UECwwETGFiczEPMA0GA1UEAwwGbXNjb3R0MR8wHQYJKoZIhvcNAQkBFhBtc2NvdHRAaW5kaWdvLmllMB4XDTE1MTIwMTEzMjkxN1oXDTE3MTEzMDEzMjkxN1owYTELMAkGA1UEBhMCSUUxEDAOBgNVBAgMB0lyZWxhbmQxDzANBgNVBAcMBkR1YmxpbjERMA8GA1UECgwIQ2VydGlWb3gxDTALBgNVBAsMBExhYnMxDTALBgNVBAMMBE1pa2UwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYABAAva/N4kP2LMSGJZ5tvULlfdNx2M/+xYeCrQkuFmY8sG+mdcUAaSx819fztn2jz1nfdTJnuj79AhfUOL8hlTW14BwErp3DnqWa7Y/rpSJP+AsnJ2bZg4yGUDfVy/Q0AQychSzJm2oGRfdliyBIc+2SoQJ/Rf0ZVKVJ5FfRbWUUiKqYUqjAKBggqhkjOPQQDBAOBjAAwgYgCQgFE1Y7d9aBdxpZqROtkdVNG8XBCTSlMX0fISWkSM8ZEiQfYf7YgXzLjk8wHnv04Mv6kmAuV0V1AHs2M0/753CYEfAJCAPZo801McsGe+3jYALrFFw9Wj7KQC/sFEJ7/I+PYyJtrlfTTqmV0IFKdJzjEsk7ic+Gd4Nbs6kIe1GyYbrcyC4wT"; + +#endif + +char io[5000]; +octet IO= {0,sizeof(io),io}; + +#define MAXMODBYTES 72 +#define MAXFFLEN 16 + +char sig[MAXMODBYTES*MAXFFLEN]; +octet SIG= {0,sizeof(sig),sig}; + +char r[MAXMODBYTES]; +octet R= {0,sizeof(r),r}; + +char s[MAXMODBYTES]; +octet S= {0,sizeof(s),s}; + +char cakey[MAXMODBYTES*MAXFFLEN]; +octet CAKEY= {0,sizeof(cakey),cakey}; + +char certkey[MAXMODBYTES*MAXFFLEN]; +octet CERTKEY= {0,sizeof(certkey),certkey}; + +char h[5000]; +octet H= {0,sizeof(h),h}; + +char hh[5000]; +octet HH= {0,sizeof(hh),hh}; + +char hp[RFS]; +octet HP= {0,sizeof(hp),hp}; + +int main() +{ + int res,len,sha; + int c,ic; + rsa_public_key PK; + pktype st,ca,pt; + + printf("First check signature on self-signed cert and extract CA public key\n"); + OCT_frombase64(&IO,ca_b64); + printf("CA Self-Signed Cert= \n"); + OCT_output(&IO); + printf("\n"); + + st=X509_extract_cert_sig(&IO,&SIG); // returns signature type + + if (st.type==0) + { + printf("Unable to extract cert signature\n"); + return 0; + } + + if (st.type==ECC) + { + OCT_chop(&SIG,&S,SIG.len/2); + OCT_copy(&R,&SIG); + printf("ECC SIG= \n"); + OCT_output(&R); + OCT_output(&S); + printf("\n"); + } + + if (st.type==RSA) + { + printf("RSA SIG= \n"); + OCT_output(&SIG); + printf("\n"); + } + + if (st.hash==H256) printf("Hashed with SHA256\n"); + if (st.hash==H384) printf("Hashed with SHA384\n"); + if (st.hash==H512) printf("Hashed with SHA512\n"); + +// Extract Cert from signed Cert + + c=X509_extract_cert(&IO,&H); + + printf("\nCert= \n"); + OCT_output(&H); + printf("\n"); + +// show some details + printf("Issuer Details\n"); + ic=X509_find_issuer(&H); + c=X509_find_entity_property(&H,&ON,ic,&len); + print_out("owner=",&H,c,len); + c=X509_find_entity_property(&H,&CN,ic,&len); + print_out("country=",&H,c,len); + c=X509_find_entity_property(&H,&EN,ic,&len); + print_out("email=",&H,c,len); + printf("\n"); + + ca=X509_extract_public_key(&H,&CAKEY); + + if (ca.type==0) + { + printf("Not supported by library\n"); + return 0; + } + if (ca.type!=st.type) + { + printf("Not self-signed\n"); + } + + if (ca.type==ECC) + { + printf("EXTRACTED ECC PUBLIC KEY= \n"); + OCT_output(&CAKEY); + } + if (ca.type==RSA) + { + printf("EXTRACTED RSA PUBLIC KEY= \n"); + OCT_output(&CAKEY); + } + printf("\n"); + +// Cert is self-signed - so check signature + + printf("Checking Self-Signed Signature\n"); + if (ca.type==ECC) + { + if (ca.curve!=CHOICE) + { + printf("Curve is not supported\n"); + return 0; + } + res=ECP_PUBLIC_KEY_VALIDATE(1,&CAKEY); + if (res!=0) + { + printf("ECP Public Key is invalid!\n"); + return 0; + } + else printf("ECP Public Key is Valid\n"); + + sha=0; + + if (st.hash==H256) sha=SHA256; + if (st.hash==H384) sha=SHA384; + if (st.hash==H512) sha=SHA512; + if (st.hash==0) + { + printf("Hash Function not supported\n"); + return 0; + } + + if (ECPVP_DSA(sha,&CAKEY,&H,&R,&S)!=0) + { + printf("***ECDSA Verification Failed\n"); + return 0; + } + else + printf("ECDSA Signature/Verification succeeded \n"); + } + + if (ca.type==RSA) + { + PK.e=65537; // assuming this! + FF_fromOctet(PK.n,&CAKEY,FFLEN); + + sha=0; + + if (st.hash==H256) sha=SHA256; + if (st.hash==H384) sha=SHA384; + if (st.hash==H512) sha=SHA512; + if (st.hash==0) + { + printf("Hash Function not supported\n"); + return 0; + } + PKCS15(sha,&H,&HP); + + RSA_ENCRYPT(&PK,&SIG,&HH); + + if (OCT_comp(&HP,&HH)) + printf("RSA Signature/Verification succeeded \n"); + else + { + printf("***RSA Verification Failed\n"); + return 0; + } + } + + printf("\nNext check CA signature on cert, and extract public key\n"); + + OCT_frombase64(&IO,cert_b64); + printf("Example Cert= \n"); + OCT_output(&IO); + printf("\n"); + + st=X509_extract_cert_sig(&IO,&SIG); + + if (st.type==0) + { + printf("Unable to check cert signature\n"); + return 0; + } + + if (st.type==ECC) + { + OCT_chop(&SIG,&S,SIG.len/2); + OCT_copy(&R,&SIG); + printf("SIG= \n"); + OCT_output(&R); + + OCT_output(&S); + + printf("\n"); + } + + if (st.type==RSA) + { + printf("SIG= \n"); + OCT_output(&SIG); + printf("\n"); + } + + c=X509_extract_cert(&IO,&H); + + printf("Cert= \n"); + OCT_output(&H); + printf("\n"); + + printf("Subject Details\n"); + ic=X509_find_subject(&H); + c=X509_find_entity_property(&H,&ON,ic,&len); + print_out("owner=",&H,c,len); + c=X509_find_entity_property(&H,&CN,ic,&len); + print_out("country=",&H,c,len); + c=X509_find_entity_property(&H,&EN,ic,&len); + print_out("email=",&H,c,len); + printf("\n"); + + ic=X509_find_validity(&H); + c=X509_find_start_date(&H,ic); + print_date("start date= ",&H,c); + c=X509_find_expiry_date(&H,ic); + print_date("expiry date=",&H,c); + printf("\n"); + + pt=X509_extract_public_key(&H,&CERTKEY); + + if (pt.type==0) + { + printf("Not supported by library\n"); + return 0; + } + + if (pt.type==ECC) + { + printf("EXTRACTED ECC PUBLIC KEY= \n"); + OCT_output(&CERTKEY); + } + if (pt.type==RSA) + { + printf("EXTRACTED RSA PUBLIC KEY= \n"); + OCT_output(&CERTKEY); + } + + printf("\n"); + + /* Check CA signature */ + + if (ca.type==ECC) + { + printf("Checking CA's ECC Signature on Cert\n"); + res=ECP_PUBLIC_KEY_VALIDATE(1,&CAKEY); + if (res!=0) + printf("ECP Public Key is invalid!\n"); + else printf("ECP Public Key is Valid\n"); + + sha=0; + + if (st.hash==H256) sha=SHA256; + if (st.hash==H384) sha=SHA384; + if (st.hash==H512) sha=SHA512; + if (st.hash==0) + { + printf("Hash Function not supported\n"); + return 0; + } + + if (ECPVP_DSA(sha,&CAKEY,&H,&R,&S)!=0) + printf("***ECDSA Verification Failed\n"); + else + printf("ECDSA Signature/Verification succeeded \n"); + } + + if (ca.type==RSA) + { + printf("Checking CA's RSA Signature on Cert\n"); + PK.e=65537; // assuming this! + FF_fromOctet(PK.n,&CAKEY,FFLEN); + + sha=0; + + if (st.hash==H256) sha=SHA256; + if (st.hash==H384) sha=SHA384; + if (st.hash==H512) sha=SHA512; + if (st.hash==0) + { + printf("Hash Function not supported\n"); + return 0; + } + PKCS15(sha,&H,&HP); + + RSA_ENCRYPT(&PK,&SIG,&HH); + + if (OCT_comp(&HP,&HH)) + printf("RSA Signature/Verification succeeded \n"); + else + printf("***RSA Verification Failed\n"); + + } + + return 0; +} + + http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/include/amcl.h.in ---------------------------------------------------------------------- diff --git a/include/amcl.h.in b/include/amcl.h.in new file mode 100644 index 0000000..f17a43a --- /dev/null +++ b/include/amcl.h.in @@ -0,0 +1,590 @@ +/* + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +*/ + + +#ifndef AMCL_H +#define AMCL_H + +#include <stdio.h> +#include <stdlib.h> +#include <stdbool.h> +#include <inttypes.h> +#include "arch.h" + +#ifdef CMAKE +#define AMCL_VERSION_MAJOR @AMCL_VERSION_MAJOR@ /**< Major version of the library */ +#define AMCL_VERSION_MINOR @AMCL_VERSION_MINOR@ /**< Minor version of the library */ +#define AMCL_VERSION_PATCH @AMCL_VERSION_PATCH@ /**< Patch version of the library */ +#define OS "@OS@" /**< Build OS */ +#endif + +/* modulus types */ + +#define NOT_SPECIAL 0 /**< Modulus of no exploitable form */ +#define PSEUDO_MERSENNE 1 /**< Pseudo-mersenne modulus of form $2^n-c$ */ +#define MONTGOMERY_FRIENDLY 3 /**< Montgomery Friendly modulus of form $2^a(2^b-c)-1$ */ +#define GENERALISED_MERSENNE 2 /**< Generalised-mersenne modulus of form $2^n-2^m-1$, GOLDILOCKS only */ + + +/* Curve types */ + +#define WEIERSTRASS 0 /**< Short Weierstrass form curve */ +#define EDWARDS 1 /**< Edwards or Twisted Edwards curve */ +#define MONTGOMERY 2 /**< Montgomery form curve */ + +/* Pairing-Friendly types */ + +#define NOT 0 +#define BN 1 +#define BLS 2 + +#define D_TYPE 0 +#define M_TYPE 1 + +/** + * @brief SHA256 hash function instance */ +typedef struct +{ + unsign32 length[2]; /**< 64-bit input length */ + unsign32 h[8]; /**< Internal state */ + unsign32 w[80]; /**< Internal state */ + int hlen; /**< Hash length in bytes */ +} hash256; + +/** + * @brief SHA384-512 hash function instance */ +typedef struct +{ + unsign64 length[2]; /**< 64-bit input length */ + unsign64 h[8]; /**< Internal state */ + unsign64 w[80]; /**< Internal state */ + int hlen; /**< Hash length in bytes */ +} hash512; + +/** + * @brief SHA384 hash function instance */ +typedef hash512 hash384; + +/** + * @brief SHA3 hash function instance */ +typedef struct +{ + unsign64 length; /**< 64-bit input length */ + unsign64 S[5][5]; /**< Internal state */ + int rate; /**< TODO */ + int len; /**< Hash length in bytes */ +} sha3; + +#define SHA256 32 /**< SHA-256 hashing */ +#define SHA384 48 /**< SHA-384 hashing */ +#define SHA512 64 /**< SHA-512 hashing */ + +#define SHA3_HASH224 28 /**< SHA3 224 bit hash */ +#define SHA3_HASH256 32 /**< SHA3 256 bit hash */ +#define SHA3_HASH384 48 /**< SHA3 384 bit hash */ +#define SHA3_HASH512 64 /**< SHA3 512 bit hash */ + +#define SHAKE128 16 /**< SHAKE128 hash */ +#define SHAKE256 32 /**< SHAKE256 hash */ + + +/* NewHope parameters */ + +//q= 12289 + +#define RLWE_PRIME 0x3001 // q in Hex +#define RLWE_LGN 10 // Degree n=2^LGN +#define RLWE_ND 0xF7002FFF // 1/(R-q) mod R +#define RLWE_ONE 0x2AC8 // R mod q +#define RLWE_R2MODP 0x1620 // R^2 mod q + +/* Symmetric Encryption AES structure */ + +#define ECB 0 /**< Electronic Code Book */ +#define CBC 1 /**< Cipher Block Chaining */ +#define CFB1 2 /**< Cipher Feedback - 1 byte */ +#define CFB2 3 /**< Cipher Feedback - 2 bytes */ +#define CFB4 5 /**< Cipher Feedback - 4 bytes */ +#define OFB1 14 /**< Output Feedback - 1 byte */ +#define OFB2 15 /**< Output Feedback - 2 bytes */ +#define OFB4 17 /**< Output Feedback - 4 bytes */ +#define OFB8 21 /**< Output Feedback - 8 bytes */ +#define OFB16 29 /**< Output Feedback - 16 bytes */ +#define CTR1 30 /**< Counter Mode - 1 byte */ +#define CTR2 31 /**< Counter Mode - 2 bytes */ +#define CTR4 33 /**< Counter Mode - 4 bytes */ +#define CTR8 37 /**< Counter Mode - 8 bytes */ +#define CTR16 45 /**< Counter Mode - 16 bytes */ + +#define uchar unsigned char /**< Unsigned char */ + +/** + @brief AES instance +*/ + + +typedef struct +{ + int Nk; /**< AES Key Length */ + int Nr; /**< AES Number of rounds */ + int mode; /**< AES mode of operation */ + unsign32 fkey[60]; /**< subkeys for encrypton */ + unsign32 rkey[60]; /**< subkeys for decrypton */ + char f[16]; /**< buffer for chaining vector */ +} amcl_aes; + +/* AES-GCM suppport. */ + +#define GCM_ACCEPTING_HEADER 0 /**< GCM status */ +#define GCM_ACCEPTING_CIPHER 1 /**< GCM status */ +#define GCM_NOT_ACCEPTING_MORE 2 /**< GCM status */ +#define GCM_FINISHED 3 /**< GCM status */ +#define GCM_ENCRYPTING 0 /**< GCM mode */ +#define GCM_DECRYPTING 1 /**< GCM mode */ + + +/** + @brief GCM mode instance, using AES internally +*/ + +typedef struct +{ + unsign32 table[128][4]; /**< 2k byte table */ + uchar stateX[16]; /**< GCM Internal State */ + uchar Y_0[16]; /**< GCM Internal State */ + unsign32 lenA[2]; /**< GCM 64-bit length of header */ + unsign32 lenC[2]; /**< GCM 64-bit length of ciphertext */ + int status; /**< GCM Status */ + amcl_aes a; /**< Internal Instance of AMCL_AES cipher */ +} gcm; + +/* Marsaglia & Zaman Random number generator constants */ + +#define NK 21 /**< PRNG constant */ +#define NJ 6 /**< PRNG constant */ +#define NV 8 /**< PRNG constant */ + + +/** + @brief Cryptographically secure pseudo-random number generator instance +*/ + +typedef struct +{ + unsign32 ira[NK]; /**< random number array */ + int rndptr; /**< pointer into array */ + unsign32 borrow; /**< borrow as a result of subtraction */ + int pool_ptr; /**< pointer into random pool */ + char pool[32]; /**< random pool */ +} csprng; + + +/** + @brief Portable representation of a big positive number +*/ + +typedef struct +{ + int len; /**< length in bytes */ + int max; /**< max length allowed - enforce truncation */ + char *val; /**< byte array */ +} octet; + + +/* Octet string handlers */ +/** @brief Formats and outputs an octet to the console in hex + * + @param O Octet to be output + */ +extern void OCT_output(octet *O); +/** @brief Formats and outputs an octet to the console as a character string + * + @param O Octet to be output + */ +extern void OCT_output_string(octet *O); +/** @brief Wipe clean an octet + * + @param O Octet to be cleaned + */ +extern void OCT_clear(octet *O); +/** @brief Compare two octets + * + @param O first Octet to be compared + @param P second Octet to be compared + @return 1 if equal, else 0 + */ +extern int OCT_comp(octet *O,octet *P); +/** @brief Compare first n bytes of two octets + * + @param O first Octet to be compared + @param P second Octet to be compared + @param n number of bytes to compare + @return 1 if equal, else 0 + */ +extern int OCT_ncomp(octet *O,octet *P,int n); +/** @brief Join from a C string to end of an octet + * + Truncates if there is no room + @param O Octet to be written to + @param s zero terminated string to be joined to octet + */ +extern void OCT_jstring(octet *O,char *s); +/** @brief Join bytes to end of an octet + * + Truncates if there is no room + @param O Octet to be written to + @param s bytes to be joined to end of octet + @param n number of bytes to join + */ +extern void OCT_jbytes(octet *O,char *s,int n); +/** @brief Join single byte to end of an octet, repeated n times + * + Truncates if there is no room + @param O Octet to be written to + @param b byte to be joined to end of octet + @param n number of times b is to be joined + */ +extern void OCT_jbyte(octet *O,int b,int n); +/** @brief Join one octet to the end of another + * + Truncates if there is no room + @param O Octet to be written to + @param P Octet to be joined to the end of O + */ +extern void OCT_joctet(octet *O,octet *P); +/** @brief XOR common bytes of a pair of Octets + * + @param O Octet - on exit = O xor P + @param P Octet to be xored into O + */ +extern void OCT_xor(octet *O,octet *P); +/** @brief reset Octet to zero length + * + @param O Octet to be emptied + */ +extern void OCT_empty(octet *O); +/** @brief Pad out an Octet to the given length + * + Padding is done by inserting leading zeros, so abcd becomes 00abcd + @param O Octet to be padded + @param n new length of Octet + */ +extern int OCT_pad(octet *O,int n); +/** @brief Convert an Octet to printable base64 number + * + @param b zero terminated byte array to take base64 conversion + @param O Octet to be converted + */ +extern void OCT_tobase64(char *b,octet *O); +/** @brief Populate an Octet from base64 number + * + @param O Octet to be populated + @param b zero terminated base64 string + + */ +extern void OCT_frombase64(octet *O,char *b); +/** @brief Copy one Octet into another + * + @param O Octet to be copied to + @param P Octet to be copied from + + */ +extern void OCT_copy(octet *O,octet *P); +/** @brief XOR every byte of an octet with input m + * + @param O Octet + @param m byte to be XORed with every byte of O + + */ +extern void OCT_xorbyte(octet *O,int m); +/** @brief Chops Octet into two, leaving first n bytes in O, moving the rest to P + * + @param O Octet to be chopped + @param P new Octet to be created + @param n number of bytes to chop off O + + */ +extern void OCT_chop(octet *O,octet *P,int n); +/** @brief Join n bytes of integer m to end of Octet O (big endian) + * + Typically n is 4 for a 32-bit integer + @param O Octet to be appended to + @param m integer to be appended to O + @param n number of bytes in m + + */ +extern void OCT_jint(octet *O,int m,int n); +/** @brief Create an Octet from bytes taken from a random number generator + * + Truncates if there is no room + @param O Octet to be populated + @param R an instance of a Cryptographically Secure Random Number Generator + @param n number of bytes to extracted from R + + */ +extern void OCT_rand(octet *O,csprng *R,int n); +/** @brief Shifts Octet left by n bytes + * + Leftmost bytes disappear + @param O Octet to be shifted + @param n number of bytes to shift + + */ +extern void OCT_shl(octet *O,int n); +/** @brief Convert a hex number to an Octet + * + @param dst Octet + @param src Hex string to be converted + */ +extern void OCT_fromHex(octet *dst,char *src); +/** @brief Convert an Octet to printable hex number + * + @param dst hex value + @param src Octet to be converted + */ +extern void OCT_toHex(octet *src,char *dst); +/** @brief Convert an Octet to string + * + @param dst string value + @param src Octet to be converted + */ +extern void OCT_toStr(octet *src,char *dst); + + + +/* Hash function */ +/** @brief Initialise an instance of SHA256 + * + @param H an instance SHA256 + */ +extern void HASH256_init(hash256 *H); +/** @brief Add a byte to the hash + * + @param H an instance SHA256 + @param b byte to be included in hash + */ +extern void HASH256_process(hash256 *H,int b); +/** @brief Generate 32-byte hash + * + @param H an instance SHA256 + @param h is the output 32-byte hash + */ +extern void HASH256_hash(hash256 *H,char *h); + + +/** @brief Initialise an instance of SHA384 + * + @param H an instance SHA384 + */ +extern void HASH384_init(hash384 *H); +/** @brief Add a byte to the hash + * + @param H an instance SHA384 + @param b byte to be included in hash + */ +extern void HASH384_process(hash384 *H,int b); +/** @brief Generate 48-byte hash + * + @param H an instance SHA384 + @param h is the output 48-byte hash + */ +extern void HASH384_hash(hash384 *H,char *h); + + +/** @brief Initialise an instance of SHA512 + * + @param H an instance SHA512 + */ +extern void HASH512_init(hash512 *H); +/** @brief Add a byte to the hash + * + @param H an instance SHA512 + @param b byte to be included in hash + */ +extern void HASH512_process(hash512 *H,int b); +/** @brief Generate 64-byte hash + * + @param H an instance SHA512 + @param h is the output 64-byte hash + */ +extern void HASH512_hash(hash512 *H,char *h); + + +/** @brief Initialise an instance of SHA3 + * + @param H an instance SHA3 + @param t the instance type + */ +extern void SHA3_init(sha3 *H,int t); +/** @brief process a byte for SHA3 + * + @param H an instance SHA3 + @param b a byte of date to be processed + */ +extern void SHA3_process(sha3 *H,int b); +/** @brief create fixed length hash output of SHA3 + * + @param H an instance SHA3 + @param h a byte array to take hash + */ +extern void SHA3_hash(sha3 *H,char *h); +/** @brief create variable length hash output of SHA3 + * + @param H an instance SHA3 + @param h a byte array to take hash + @param len is the length of the hash + */ +extern void SHA3_shake(sha3 *H,char *h,int len); +/** @brief generate further hash output of SHA3 + * + @param H an instance SHA3 + @param h a byte array to take hash + @param len is the length of the hash + */ +extern void SHA3_squeeze(sha3 *H,char *h,int len); + + + +/* AES functions */ +/** @brief Reset AES mode or IV + * + @param A an instance of the AMCL_AES + @param m is the new active mode of operation (ECB, CBC, OFB, CFB etc) + @param iv the new Initialization Vector + */ +extern void AES_reset(amcl_aes *A,int m,char *iv); +/** @brief Extract chaining vector from AMCL_AES instance + * + @param A an instance of the AMCL_AES + @param f the extracted chaining vector + */ +extern void AES_getreg(amcl_aes *A,char * f); +/** @brief Initialise an instance of AMCL_AES and its mode of operation + * + @param A an instance AMCL_AES + @param m is the active mode of operation (ECB, CBC, OFB, CFB etc) + @param n is the key length in bytes, 16, 24 or 32 + @param k the AES key as an array of 16 bytes + @param iv the Initialization Vector + @return 0 for invalid n + */ +extern int AES_init(amcl_aes *A,int m,int n,char *k,char *iv); +/** @brief Encrypt a single 16 byte block in ECB mode + * + @param A an instance of the AMCL_AES + @param b is an array of 16 plaintext bytes, on exit becomes ciphertext + */ +extern void AES_ecb_encrypt(amcl_aes *A,uchar * b); +/** @brief Decrypt a single 16 byte block in ECB mode + * + @param A an instance of the AMCL_AES + @param b is an array of 16 cipherext bytes, on exit becomes plaintext + */ +extern void AES_ecb_decrypt(amcl_aes *A,uchar * b); +/** @brief Encrypt a single 16 byte block in active mode + * + @param A an instance of the AMCL_AES + @param b is an array of 16 plaintext bytes, on exit becomes ciphertext + @return 0, or overflow bytes from CFB mode + */ +extern unsign32 AES_encrypt(amcl_aes *A,char *b ); +/** @brief Decrypt a single 16 byte block in active mode + * + @param A an instance of the AMCL_AES + @param b is an array of 16 ciphertext bytes, on exit becomes plaintext + @return 0, or overflow bytes from CFB mode + */ +extern unsign32 AES_decrypt(amcl_aes *A,char *b); +/** @brief Clean up after application of AES + * + @param A an instance of the AMCL_AES + */ +extern void AES_end(amcl_aes *A); + + +/* AES-GCM functions */ +/** @brief Initialise an instance of AES-GCM mode + * + @param G an instance AES-GCM + @param nk is the key length in bytes, 16, 24 or 32 + @param k the AES key as an array of 16 bytes + @param n the number of bytes in the Initialization Vector (IV) + @param iv the IV + */ +extern void GCM_init(gcm *G,int nk,char *k,int n,char *iv); +/** @brief Add header (material to be authenticated but not encrypted) + * + Note that this function can be called any number of times with n a multiple of 16, and then one last time with any value for n + @param G an instance AES-GCM + @param b is the header material to be added + @param n the number of bytes in the header + */ +extern int GCM_add_header(gcm *G,char *b,int n); +/** @brief Add plaintext and extract ciphertext + * + Note that this function can be called any number of times with n a multiple of 16, and then one last time with any value for n + @param G an instance AES-GCM + @param c is the ciphertext generated + @param p is the plaintext material to be added + @param n the number of bytes in the plaintext + */ +extern int GCM_add_plain(gcm *G,char *c,char *p,int n); +/** @brief Add ciphertext and extract plaintext + * + Note that this function can be called any number of times with n a multiple of 16, and then one last time with any value for n + @param G an instance AES-GCM + @param p is the plaintext generated + @param c is the ciphertext material to be added + @param n the number of bytes in the ciphertext + */ +extern int GCM_add_cipher(gcm *G,char *p,char *c,int n); +/** @brief Finish off and extract authentication tag (HMAC) + * + @param G is an active instance AES-GCM + @param t is the output 16 byte authentication tag + */ +extern void GCM_finish(gcm *G,char *t); + + + +/* random numbers */ +/** @brief Seed a random number generator from an array of bytes + * + The provided seed should be truly random + @param R an instance of a Cryptographically Secure Random Number Generator + @param n the number of seed bytes provided + @param b an array of seed bytes + + */ +extern void RAND_seed(csprng *R,int n,char *b); +/** @brief Delete all internal state of a random number generator + * + @param R an instance of a Cryptographically Secure Random Number Generator + */ +extern void RAND_clean(csprng *R); +/** @brief Return a random byte from a random number generator + * + @param R an instance of a Cryptographically Secure Random Number Generator + @return a random byte + */ +extern int RAND_byte(csprng *R); + + + +#endif http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/include/arch.h.in ---------------------------------------------------------------------- diff --git a/include/arch.h.in b/include/arch.h.in new file mode 100644 index 0000000..1e9a317 --- /dev/null +++ b/include/arch.h.in @@ -0,0 +1,126 @@ +/* + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +*/ + +/* Architecture definition header file */ + +/** + * @file arch.h + * @author Mike Scott + * @date 23rd February 2016 + * @brief Architecture Header File + * + * Specify Processor Architecture + * + */ + +/* NOTE: There is only one user configurable section in this header - see below */ + +#ifndef ARCH_H +#define ARCH_H + + + + +/*** START OF USER CONFIGURABLE SECTION - set architecture ***/ + +#ifdef CMAKE +#define CHUNK @AMCL_CHUNK@ /**< size of chunk in bits = wordlength of computer = 16, 32 or 64. Note not all curve options are supported on 16-bit processors - see rom.c */ +#else +#define CHUNK @WL@ /**< size of chunk in bits = wordlength of computer = 16, 32 or 64. Note not all curve options are supported on 16-bit processors - see rom.c */ +#endif + +/*** END OF USER CONFIGURABLE SECTION ***/ + +/* Create Integer types */ +/* Support for C99? Note for GCC need to explicitly include -std=c99 in command line */ + +#if __STDC_VERSION__ >= 199901L +/* C99 code */ +#define C99 +#else +/* Not C99 code */ +#endif + +#ifndef C99 /* You are on your own! These are for Microsoft C */ +#define byte unsigned char /**< 8-bit unsigned integer */ +#define sign32 __int32 /**< 32-bit signed integer */ +#define sign8 signed char /**< 8-bit signed integer */ +#define sign16 short int /**< 16-bit signed integer */ +#define sign64 long long /**< 64-bit signed integer */ +#define unsign32 unsigned __int32 /**< 32-bit unsigned integer */ +#define unsign64 unsigned long long /**< 64-bit unsigned integer */ +#else +#include <stdint.h> +#define byte uint8_t /**< 8-bit unsigned integer */ +#define sign8 int8_t /**< 8-bit signed integer */ +#define sign16 int16_t /**< 16-bit signed integer */ +#define sign32 int32_t /**< 32-bit signed integer */ +#define sign64 int64_t /**< 64-bit signed integer */ +#define unsign32 uint32_t /**< 32-bit unsigned integer */ +#define unsign64 uint64_t /**< 64-bit unsigned integer */ +#endif + +#define uchar unsigned char /**< Unsigned char */ + +/* Don't mess with anything below this line unless you know what you are doing */ +/* This next is probably OK, but may need changing for non-C99-standard environments */ + +/* This next is probably OK, but may need changing for non-C99-standard environments */ + +#if CHUNK==16 +#ifndef C99 +#define chunk __int16 /**< C type corresponding to word length */ +#define dchunk __int32 /**< Always define double length chunk type if available */ +#else +#define chunk int16_t /**< C type corresponding to word length */ +#define dchunk int32_t /**< Always define double length chunk type if available */ +#endif +#endif + +#if CHUNK == 32 +#ifndef C99 +#define chunk __int32 /**< C type corresponding to word length */ +#define dchunk __int64 /**< Always define double length chunk type if available */ +#else +#define chunk int32_t /**< C type corresponding to word length */ +#define dchunk int64_t /**< Always define double length chunk type if available */ +#endif +#endif + +#if CHUNK == 64 + +#ifndef C99 +#define chunk __int64 /**< C type corresponding to word length */ +/**< Note - no 128-bit type available */ +#else +#define chunk int64_t /**< C type corresponding to word length */ + +#if defined(__SIZEOF_INT128__) && __SIZEOF_INT128__ == 16 +#define dchunk __int128 /**< Always define double length chunk type if available (supported by GCC & Clang on 64-bit architectures) */ +#endif + +#endif +#endif + +#ifdef dchunk +#define COMBA /**< Use COMBA method for faster muls, sqrs and reductions */ +#endif + + +#endif http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/include/big.h.in ---------------------------------------------------------------------- diff --git a/include/big.h.in b/include/big.h.in new file mode 100644 index 0000000..ae972c9 --- /dev/null +++ b/include/big.h.in @@ -0,0 +1,589 @@ +/* + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +*/ + +/** + * @file big_XXX.h + * @author Mike Scott + * @brief BIG Header File + * + */ + +#ifndef BIG_XXX_H +#define BIG_XXX_H + +#include <stdio.h> +#include <stdlib.h> +#include <inttypes.h> +#include "arch.h" +#include "amcl.h" +#include "config_big_XXX.h" + +//#define UNWOUND + +#define BIGBITS_XXX (8*MODBYTES_XXX) /**< Length in bits */ +#define NLEN_XXX (1+((8*MODBYTES_XXX-1)/BASEBITS_XXX)) /**< length in bytes */ +#define DNLEN_XXX 2*NLEN_XXX /**< Double length in bytes */ +#define BMASK_XXX (((chunk)1<<BASEBITS_XXX)-1) /**< Mask = 2^BASEBITS-1 */ +#define NEXCESS_XXX (1<<(CHUNK-BASEBITS_XXX-1)) /**< 2^(CHUNK-BASEBITS-1) - digit cannot be multiplied by more than this before normalisation */ + +#define HBITS_XXX (BASEBITS_XXX/2) /**< Number of bits in number base divided by 2 */ +#define HMASK_XXX (((chunk)1<<HBITS_XXX)-1) /**< Mask = 2^HBITS-1 */ + +//#define DEBUG_NORM + +#ifdef DEBUG_NORM /* Add an extra location to track chunk extension */ +#define MPV_XXX NLEN_XXX +#define MNV_XXX (NLEN_XXX+1) +typedef chunk BIG_XXX[NLEN_XXX+2]; /**< Define type BIG as array of chunks */ +#define DMPV_XXX DNLEN_XXX +#define DMNV_XXX (DNLEN_XXX+1) +typedef chunk DBIG_XXX[DNLEN_XXX+2]; /**< Define type DBIG as array of chunks */ +#else +typedef chunk BIG_XXX[NLEN_XXX]; /**< Define type BIG as array of chunks */ +typedef chunk DBIG_XXX[DNLEN_XXX]; /**< Define type DBIG as array of chunks */ +#endif + +/* BIG number prototypes */ + +/** @brief Tests for BIG equal to zero + * + @param x a BIG number + @return 1 if zero, else returns 0 + */ +extern int BIG_XXX_iszilch(BIG_XXX x); +/** @brief Tests for BIG equal to one + * + @param x a BIG number + @return 1 if one, else returns 0 + */ +extern int BIG_XXX_isunity(BIG_XXX x); +/** @brief Tests for DBIG equal to zero + * + @param x a DBIG number + @return 1 if zero, else returns 0 + */ +extern int BIG_XXX_diszilch(DBIG_XXX x); +/** @brief Outputs a BIG number to the console + * + @param x a BIG number + */ +extern void BIG_XXX_output(BIG_XXX x); +/** @brief Outputs a BIG number to the console in raw form (for debugging) + * + @param x a BIG number + */ +extern void BIG_XXX_rawoutput(BIG_XXX x); +/** @brief Conditional constant time swap of two BIG numbers + * + Conditionally swaps parameters in constant time (without branching) + @param x a BIG number + @param y another BIG number + @param s swap takes place if not equal to 0 + */ +extern void BIG_XXX_cswap(BIG_XXX x,BIG_XXX y,int s); +/** @brief Conditional copy of BIG number + * + Conditionally copies second parameter to the first (without branching) + @param x a BIG number + @param y another BIG number + @param s copy takes place if not equal to 0 + */ +extern void BIG_XXX_cmove(BIG_XXX x,BIG_XXX y,int s); +/** @brief Conditional copy of DBIG number + * + Conditionally copies second parameter to the first (without branching) + @param x a DBIG number + @param y another DBIG number + @param s copy takes place if not equal to 0 + */ +extern void BIG_XXX_dcmove(BIG_XXX x,BIG_XXX y,int s); +/** @brief Convert from BIG number to byte array + * + @param a byte array + @param x BIG number + */ +extern void BIG_XXX_toBytes(char *a,BIG_XXX x); +/** @brief Convert to BIG number from byte array + * + @param x BIG number + @param a byte array + */ +extern void BIG_XXX_fromBytes(BIG_XXX x,char *a); +/** @brief Convert to BIG number from byte array of given length + * + @param x BIG number + @param a byte array + @param s byte array length + */ +extern void BIG_XXX_fromBytesLen(BIG_XXX x,char *a,int s); +/**@brief Convert to DBIG number from byte array of given length + * + @param x DBIG number + @param a byte array + @param s byte array length + */ +extern void BIG_XXX_dfromBytesLen(DBIG_XXX x,char *a,int s); +/** @brief Outputs a DBIG number to the console + * + @param x a DBIG number + */ +extern void BIG_XXX_doutput(DBIG_XXX x); + +/** @brief Outputs a DBIG number to the console + * + @param x a DBIG number + */ +extern void BIG_XXX_drawoutput(DBIG_XXX x); + +/** @brief Copy BIG from Read-Only Memory to a BIG + * + @param x BIG number + @param y BIG number in ROM + */ +extern void BIG_XXX_rcopy(BIG_XXX x,const BIG_XXX y); +/** @brief Copy BIG to another BIG + * + @param x BIG number + @param y BIG number to be copied + */ +extern void BIG_XXX_copy(BIG_XXX x,BIG_XXX y); +/** @brief Copy DBIG to another DBIG + * + @param x DBIG number + @param y DBIG number to be copied + */ +extern void BIG_XXX_dcopy(DBIG_XXX x,DBIG_XXX y); +/** @brief Copy BIG to upper half of DBIG + * + @param x DBIG number + @param y BIG number to be copied + */ +extern void BIG_XXX_dsucopy(DBIG_XXX x,BIG_XXX y); +/** @brief Copy BIG to lower half of DBIG + * + @param x DBIG number + @param y BIG number to be copied + */ +extern void BIG_XXX_dscopy(DBIG_XXX x,BIG_XXX y); +/** @brief Copy lower half of DBIG to a BIG + * + @param x BIG number + @param y DBIG number to be copied + */ +extern void BIG_XXX_sdcopy(BIG_XXX x,DBIG_XXX y); +/** @brief Copy upper half of DBIG to a BIG + * + @param x BIG number + @param y DBIG number to be copied + */ +extern void BIG_XXX_sducopy(BIG_XXX x,DBIG_XXX y); +/** @brief Set BIG to zero + * + @param x BIG number to be set to zero + */ +extern void BIG_XXX_zero(BIG_XXX x); +/** @brief Set DBIG to zero + * + @param x DBIG number to be set to zero + */ +extern void BIG_XXX_dzero(DBIG_XXX x); +/** @brief Set BIG to one (unity) + * + @param x BIG number to be set to one. + */ +extern void BIG_XXX_one(BIG_XXX x); +/** @brief Set BIG to inverse mod 2^256 + * + @param x BIG number to be inverted + */ +extern void BIG_XXX_invmod2m(BIG_XXX x); +/** @brief Set BIG to sum of two BIGs - output not normalised + * + @param x BIG number, sum of other two + @param y BIG number + @param z BIG number + */ +extern void BIG_XXX_add(BIG_XXX x,BIG_XXX y,BIG_XXX z); + +/** @brief Set BIG to logical or of two BIGs - output normalised + * + @param x BIG number, or of other two + @param y BIG number + @param z BIG number + */ +extern void BIG_XXX_or(BIG_XXX x,BIG_XXX y,BIG_XXX z); + +/** @brief Increment BIG by a small integer - output not normalised + * + @param x BIG number to be incremented + @param i integer + */ +extern void BIG_XXX_inc(BIG_XXX x,int i); +/** @brief Set BIG to difference of two BIGs + * + @param x BIG number, difference of other two - output not normalised + @param y BIG number + @param z BIG number + */ +extern void BIG_XXX_sub(BIG_XXX x,BIG_XXX y,BIG_XXX z); +/** @brief Decrement BIG by a small integer - output not normalised + * + @param x BIG number to be decremented + @param i integer + */ +extern void BIG_XXX_dec(BIG_XXX x,int i); +/** @brief Set DBIG to sum of two DBIGs + * + @param x DBIG number, sum of other two - output not normalised + @param y DBIG number + @param z DBIG number + */ +extern void BIG_XXX_dadd(DBIG_XXX x,DBIG_XXX y,DBIG_XXX z); +/** @brief Set DBIG to difference of two DBIGs + * + @param x DBIG number, difference of other two - output not normalised + @param y DBIG number + @param z DBIG number + */ +extern void BIG_XXX_dsub(DBIG_XXX x,DBIG_XXX y,DBIG_XXX z); +/** @brief Multiply BIG by a small integer - output not normalised + * + @param x BIG number, product of other two + @param y BIG number + @param i small integer + */ +extern void BIG_XXX_imul(BIG_XXX x,BIG_XXX y,int i); +/** @brief Multiply BIG by not-so-small small integer - output normalised + * + @param x BIG number, product of other two + @param y BIG number + @param i small integer + @return Overflowing bits + */ +extern chunk BIG_XXX_pmul(BIG_XXX x,BIG_XXX y,int i); +/** @brief Divide BIG by 3 - output normalised + * + @param x BIG number + @return Remainder + */ +extern int BIG_XXX_div3(BIG_XXX x); +/** @brief Multiply BIG by even bigger small integer resulting in a DBIG - output normalised + * + @param x DBIG number, product of other two + @param y BIG number + @param i small integer + */ +extern void BIG_XXX_pxmul(DBIG_XXX x,BIG_XXX y,int i); +/** @brief Multiply BIG by another BIG resulting in DBIG - inputs normalised and output normalised + * + @param x DBIG number, product of other two + @param y BIG number + @param z BIG number + */ +extern void BIG_XXX_mul(DBIG_XXX x,BIG_XXX y,BIG_XXX z); +/** @brief Multiply BIG by another BIG resulting in another BIG - inputs normalised and output normalised + * + Note that the product must fit into a BIG, and x must be distinct from y and z + @param x BIG number, product of other two + @param y BIG number + @param z BIG number + */ +extern void BIG_XXX_smul(BIG_XXX x,BIG_XXX y,BIG_XXX z); +/** @brief Square BIG resulting in a DBIG - input normalised and output normalised + * + @param x DBIG number, square of a BIG + @param y BIG number to be squared + */ +extern void BIG_XXX_sqr(DBIG_XXX x,BIG_XXX y); + +/** @brief Montgomery reduction of a DBIG to a BIG - input normalised and output normalised + * + @param a BIG number, reduction of a BIG + @param md BIG number, the modulus + @param MC the Montgomery Constant + @param d DBIG number to be reduced + */ +extern void BIG_XXX_monty(BIG_XXX a,BIG_XXX md,chunk MC,DBIG_XXX d); + +/** @brief Shifts a BIG left by any number of bits - input must be normalised, output normalised + * + @param x BIG number to be shifted + @param s Number of bits to shift + */ +extern void BIG_XXX_shl(BIG_XXX x,int s); +/** @brief Fast shifts a BIG left by a small number of bits - input must be normalised, output will be normalised + * + The number of bits to be shifted must be less than BASEBITS + @param x BIG number to be shifted + @param s Number of bits to shift + @return Overflow bits + */ +extern int BIG_XXX_fshl(BIG_XXX x,int s); +/** @brief Shifts a DBIG left by any number of bits - input must be normalised, output normalised + * + @param x DBIG number to be shifted + @param s Number of bits to shift + */ +extern void BIG_XXX_dshl(DBIG_XXX x,int s); +/** @brief Shifts a BIG right by any number of bits - input must be normalised, output normalised + * + @param x BIG number to be shifted + @param s Number of bits to shift + */ +extern void BIG_XXX_shr(BIG_XXX x,int s); +/** @brief Fast shifts a BIG right by a small number of bits - input must be normalised, output will be normalised + * + The number of bits to be shifted must be less than BASEBITS + @param x BIG number to be shifted + @param s Number of bits to shift + @return Shifted out bits + */ +extern int BIG_XXX_fshr(BIG_XXX x,int s); +/** @brief Shifts a DBIG right by any number of bits - input must be normalised, output normalised + * + @param x DBIG number to be shifted + @param s Number of bits to shift + */ +extern void BIG_XXX_dshr(DBIG_XXX x,int s); +/** @brief Splits a DBIG into two BIGs - input must be normalised, outputs normalised + * + Internal function. The value of s must be approximately in the middle of the DBIG. + Typically used to extract z mod 2^MODBITS and z/2^MODBITS + @param x BIG number, top half of z + @param y BIG number, bottom half of z + @param z DBIG number to be split in two. + @param s Bit position at which to split + @return carry-out from top half + */ +extern chunk BIG_XXX_split(BIG_XXX x,BIG_XXX y,DBIG_XXX z,int s); +/** @brief Normalizes a BIG number - output normalised + * + All digits of the input BIG are reduced mod 2^BASEBITS + @param x BIG number to be normalised + */ +extern chunk BIG_XXX_norm(BIG_XXX x); +/** @brief Normalizes a DBIG number - output normalised + * + All digits of the input DBIG are reduced mod 2^BASEBITS + @param x DBIG number to be normalised + */ +extern void BIG_XXX_dnorm(DBIG_XXX x); +/** @brief Compares two BIG numbers. Inputs must be normalised externally + * + @param x first BIG number to be compared + @param y second BIG number to be compared + @return -1 is x<y, 0 if x=y, 1 if x>y + */ +extern int BIG_XXX_comp(BIG_XXX x,BIG_XXX y); +/** @brief Compares two DBIG numbers. Inputs must be normalised externally + * + @param x first DBIG number to be compared + @param y second DBIG number to be compared + @return -1 is x<y, 0 if x=y, 1 if x>y + */ +extern int BIG_XXX_dcomp(DBIG_XXX x,DBIG_XXX y); +/** @brief Calculate number of bits in a BIG - output normalised + * + @param x BIG number + @return Number of bits in x + */ +extern int BIG_XXX_nbits(BIG_XXX x); +/** @brief Calculate number of bits in a DBIG - output normalised + * + @param x DBIG number + @return Number of bits in x + */ +extern int BIG_XXX_dnbits(DBIG_XXX x); +/** @brief Reduce x mod n - input and output normalised + * + Slow but rarely used + @param x BIG number to be reduced mod n + @param n The modulus + */ +extern void BIG_XXX_mod(BIG_XXX x,BIG_XXX n); +/** @brief Divide x by n - output normalised + * + Slow but rarely used + @param x BIG number to be divided by n + @param n The Divisor + */ +extern void BIG_XXX_sdiv(BIG_XXX x,BIG_XXX n); +/** @brief x=y mod n - output normalised + * + Slow but rarely used. y is destroyed. + @param x BIG number, on exit = y mod n + @param y DBIG number + @param n Modulus + */ +extern void BIG_XXX_dmod(BIG_XXX x,DBIG_XXX y,BIG_XXX n); +/** @brief x=y/n - output normalised + * + Slow but rarely used. y is destroyed. + @param x BIG number, on exit = y/n + @param y DBIG number + @param n Modulus + */ +extern void BIG_XXX_ddiv(BIG_XXX x,DBIG_XXX y,BIG_XXX n); +/** @brief return parity of BIG, that is the least significant bit + * + @param x BIG number + @return 0 or 1 + */ +extern int BIG_XXX_parity(BIG_XXX x); +/** @brief return i-th of BIG + * + @param x BIG number + @param i the bit of x to be returned + @return 0 or 1 + */ +extern int BIG_XXX_bit(BIG_XXX x,int i); +/** @brief return least significant bits of a BIG + * + @param x BIG number + @param n number of bits to return. Assumed to be less than BASEBITS. + @return least significant n bits as an integer + */ +extern int BIG_XXX_lastbits(BIG_XXX x,int n); +/** @brief Create a random BIG from a random number generator + * + Assumes that the random number generator has been suitably initialised + @param x BIG number, on exit a random number + @param r A pointer to a Cryptographically Secure Random Number Generator + */ +extern void BIG_XXX_random(BIG_XXX x,csprng *r); +/** @brief Create an unbiased random BIG from a random number generator, reduced with respect to a modulus + * + Assumes that the random number generator has been suitably initialised + @param x BIG number, on exit a random number + @param n The modulus + @param r A pointer to a Cryptographically Secure Random Number Generator + */ +extern void BIG_XXX_randomnum(BIG_XXX x,BIG_XXX n,csprng *r); +/** @brief Calculate x=y*z mod n + * + Slow method for modular multiplication + @param x BIG number, on exit = y*z mod n + @param y BIG number + @param z BIG number + @param n The BIG Modulus + */ +extern void BIG_XXX_modmul(BIG_XXX x,BIG_XXX y,BIG_XXX z,BIG_XXX n); +/** @brief Calculate x=y/z mod n + * + Slow method for modular division + @param x BIG number, on exit = y/z mod n + @param y BIG number + @param z BIG number + @param n The BIG Modulus + */ +extern void BIG_XXX_moddiv(BIG_XXX x,BIG_XXX y,BIG_XXX z,BIG_XXX n); +/** @brief Calculate x=y^2 mod n + * + Slow method for modular squaring + @param x BIG number, on exit = y^2 mod n + @param y BIG number + @param n The BIG Modulus + */ +extern void BIG_XXX_modsqr(BIG_XXX x,BIG_XXX y,BIG_XXX n); +/** @brief Calculate x=-y mod n + * + Modular negation + @param x BIG number, on exit = -y mod n + @param y BIG number + @param n The BIG Modulus + */ +extern void BIG_XXX_modneg(BIG_XXX x,BIG_XXX y,BIG_XXX n); +/** @brief Calculate jacobi Symbol (x/y) + * + @param x BIG number + @param y BIG number + @return Jacobi symbol, -1,0 or 1 + */ +extern int BIG_XXX_jacobi(BIG_XXX x,BIG_XXX y); +/** @brief Calculate x=1/y mod n + * + Modular Inversion - This is slow. Uses binary method. + @param x BIG number, on exit = 1/y mod n + @param y BIG number + @param n The BIG Modulus + */ +extern void BIG_XXX_invmodp(BIG_XXX x,BIG_XXX y,BIG_XXX n); +/** @brief Calculate x=x mod 2^m + * + Truncation + @param x BIG number, on reduced mod 2^m + @param m new truncated size +*/ +extern void BIG_XXX_mod2m(BIG_XXX x,int m); + +/** @brief Calculates a*b+c+*d + * + Calculate partial product of a.b, add in carry c, and add total to d + @param x multiplier + @param y multiplicand + @param c carry + @param r pointer to accumulated bottom half of result + @return top half of result + */ + +#ifdef dchunk + +/* Method required to calculate x*y+c+r, bottom half in r, top half returned */ +static inline chunk muladd_XXX(chunk x,chunk y,chunk c,chunk *r) +{ + dchunk prod=(dchunk)x*y+c+*r; + *r=(chunk)prod&BMASK_XXX; + return (chunk)(prod>>BASEBITS_XXX); +} + +#else + +/* No integer type available that can store double the wordlength */ +/* accumulate partial products */ + +static inline chunk muladd_XXX(chunk x,chunk y,chunk c,chunk *r) +{ + chunk x0,x1,y0,y1; + chunk bot,top,mid,carry; + x0=x&HMASK_XXX; + x1=(x>>HBITS_XXX); + y0=y&HMASK_XXX; + y1=(y>>HBITS_XXX); + bot=x0*y0; + top=x1*y1; + mid=x0*y1+x1*y0; + x0=mid&HMASK_XXX; + x1=(mid>>HBITS_XXX); + bot+=x0<<HBITS_XXX; + bot+=*r; + bot+=c; + + top+=x1; + carry=bot>>BASEBITS_XXX; + bot&=BMASK_XXX; + top+=carry; + + *r=bot; + return top; +} + +#endif + + +#endif http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/include/config_big.h.in ---------------------------------------------------------------------- diff --git a/include/config_big.h.in b/include/config_big.h.in new file mode 100644 index 0000000..4640b21 --- /dev/null +++ b/include/config_big.h.in @@ -0,0 +1,38 @@ +/* + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +*/ + +/** + * @file config_big_XXX.h + * @author Mike Scott + * @brief Config BIG Header File + * + */ + +#ifndef CONFIG_BIG_XXX_H +#define CONFIG_BIG_XXX_H + +#include"amcl.h" + +// BIG stuff + +#define MODBYTES_XXX @NB@ /**< Number of bytes in Modulus */ +#define BASEBITS_XXX @BASE@ /**< Numbers represented to base 2*BASEBITS */ + + +#endif http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/include/config_curve.h.in ---------------------------------------------------------------------- diff --git a/include/config_curve.h.in b/include/config_curve.h.in new file mode 100644 index 0000000..58208df --- /dev/null +++ b/include/config_curve.h.in @@ -0,0 +1,44 @@ +#ifndef CONFIG_CURVE_ZZZ_H +#define CONFIG_CURVE_ZZZ_H + +#include"amcl.h" +#include"config_field_YYY.h" + +// ECP stuff + +#define CURVETYPE_ZZZ @CT@ +#define PAIRING_FRIENDLY_ZZZ @PF@ +#define CURVE_SECURITY_ZZZ @CS@ + + +#if PAIRING_FRIENDLY_ZZZ != NOT +//#define USE_GLV_ZZZ /**< Note this method is patented (GLV), so maybe you want to comment this out */ +//#define USE_GS_G2_ZZZ /**< Well we didn't patent it :) But may be covered by GLV patent :( */ +#define USE_GS_GT_ZZZ /**< Not patented, so probably safe to always use this */ + +#define POSITIVEX 0 +#define NEGATIVEX 1 + +#define SEXTIC_TWIST_ZZZ @ST@ +#define SIGN_OF_X_ZZZ @SX@ + +#endif + +#if CURVE_SECURITY_ZZZ == 128 +#define AESKEY_ZZZ 16 /**< Symmetric Key size - 128 bits */ +#define HASH_TYPE_ZZZ SHA256 /**< Hash type */ +#endif + +#if CURVE_SECURITY_ZZZ == 192 +#define AESKEY_ZZZ 24 /**< Symmetric Key size - 192 bits */ +#define HASH_TYPE_ZZZ SHA384 /**< Hash type */ +#endif + +#if CURVE_SECURITY_ZZZ == 256 +#define AESKEY_ZZZ 32 /**< Symmetric Key size - 256 bits */ +#define HASH_TYPE_ZZZ SHA512 /**< Hash type */ +#endif + + + +#endif http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/include/config_ff.h.in ---------------------------------------------------------------------- diff --git a/include/config_ff.h.in b/include/config_ff.h.in new file mode 100644 index 0000000..65595da --- /dev/null +++ b/include/config_ff.h.in @@ -0,0 +1,38 @@ +/* + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +*/ + +/** + * @file config_ff_WWW.h + * @author Mike Scott + * @brief COnfig FF Header File + * + */ + +#ifndef CONFIG_RSA_WWW_H +#define CONFIG_RSA_WWW_H + +#include "amcl.h" +#include "config_big_XXX.h" + +// FF stuff + +#define FFLEN_WWW @ML@ /**< 2^n multiplier of BIGBITS to specify supported Finite Field size, e.g 2048=256*2^3 where BIGBITS=256 */ + + +#endif http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/include/config_field.h.in ---------------------------------------------------------------------- diff --git a/include/config_field.h.in b/include/config_field.h.in new file mode 100644 index 0000000..2d727f2 --- /dev/null +++ b/include/config_field.h.in @@ -0,0 +1,34 @@ +/* + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +*/ + +#ifndef CONFIG_FIELD_YYY_H +#define CONFIG_FIELD_YYY_H + +#include"amcl.h" +#include "config_big_XXX.h" + +// FP stuff + +#define MBITS_YYY @NBT@ +#define MOD8_YYY @M8@ +#define MODTYPE_YYY @MT@ +#define MAXXES_YYY @SH@ + + +#endif http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto-c/blob/8d28d2c3/include/config_test.h.in ---------------------------------------------------------------------- diff --git a/include/config_test.h.in b/include/config_test.h.in new file mode 100644 index 0000000..939a6d1 --- /dev/null +++ b/include/config_test.h.in @@ -0,0 +1,33 @@ +/** + * @file config_test.h + * @author Mike Scott + * @author Kealan McCusker + * @date 19th May 2015 + * @brief Test configuration file + * + * LICENSE + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +#ifndef CONFIG_TEST_H +#define CONFIG_TEST_H + +const int nTimePermitTests = @PBC_TIME_PERMIT_TESTS@; /**< MPin Time Permit Tests */ +const int nRandomTests = @PBC_RANDOM_TESTS@; /**< MPin Random Tests */ + +#endif
