1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15 #include "hitls_build.h"
16 #ifdef HITLS_CRYPTO_BN_PRIME_RFC3526
17
18 #include "crypt_errno.h"
19 #include "bn_basic.h"
20
21 #if defined(HITLS_SIXTY_FOUR_BITS)
22
23 // RFC 3526: 2048-bit MODP GroupUL, this prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
24 static const BN_UINT RFC3526_PRIME_2048[] = {
25 0xFFFFFFFFFFFFFFFFUL, 0x15728E5A8AACAA68UL, 0x15D2261898FA0510UL, 0x3995497CEA956AE5UL,
26 0xDE2BCBF695581718UL, 0xB5C55DF06F4C52C9UL, 0x9B2783A2EC07A28FUL, 0xE39E772C180E8603UL,
27 0x32905E462E36CE3BUL, 0xF1746C08CA18217CUL, 0x1C62F356208552BBUL, 0x83655D23DCA3AD96UL,
28 0x69163FA8FD24CF5FUL, 0x98DA48361C55D39AUL, 0xC2007CB8A163BF05UL, 0x49286651ECE45B3DUL,
29 0xAE9F24117C4B1FE6UL, 0xEE386BFB5A899FA5UL, 0x0BFF5CB6F406B7EDUL, 0xF44C42E9A637ED6BUL,
30 0xE485B576625E7EC6UL, 0x4FE1356D6D51C245UL, 0x302B0A6DF25F1437UL, 0xEF9519B3CD3A431BUL,
31 0x514A08798E3404DDUL, 0x020BBEA63B139B22UL, 0x29024E088A67CC74UL, 0xC4C6628B80DC1CD1UL,
32 0xC90FDAA22168C234UL, 0xFFFFFFFFFFFFFFFFUL
33 };
34
35 // RFC 3526: 3072-bit MODP GroupUL, this prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 }
36 static const BN_UINT RFC3526_PRIME_3072[] = {
37 0xFFFFFFFFFFFFFFFFUL, 0x4B82D120A93AD2CAUL, 0x43DB5BFCE0FD108EUL, 0x08E24FA074E5AB31UL,
38 0x770988C0BAD946E2UL, 0xBBE117577A615D6CUL, 0x521F2B18177B200CUL, 0xD87602733EC86A64UL,
39 0xF12FFA06D98A0864UL, 0xCEE3D2261AD2EE6BUL, 0x1E8C94E04A25619DUL, 0xABF5AE8CDB0933D7UL,
40 0xB3970F85A6E1E4C7UL, 0x8AEA71575D060C7DUL, 0xECFB850458DBEF0AUL, 0xA85521ABDF1CBA64UL,
41 0xAD33170D04507A33UL, 0x15728E5A8AAAC42DUL, 0x15D2261898FA0510UL, 0x3995497CEA956AE5UL,
42 0xDE2BCBF695581718UL, 0xB5C55DF06F4C52C9UL, 0x9B2783A2EC07A28FUL, 0xE39E772C180E8603UL,
43 0x32905E462E36CE3BUL, 0xF1746C08CA18217CUL, 0x670C354E4ABC9804UL, 0x9ED529077096966DUL,
44 0x1C62F356208552BBUL, 0x83655D23DCA3AD96UL, 0x69163FA8FD24CF5FUL, 0x98DA48361C55D39AUL,
45 0xC2007CB8A163BF05UL, 0x49286651ECE45B3DUL, 0xAE9F24117C4B1FE6UL, 0xEE386BFB5A899FA5UL,
46 0x0BFF5CB6F406B7EDUL, 0xF44C42E9A637ED6BUL, 0xE485B576625E7EC6UL, 0x4FE1356D6D51C245UL,
47 0x302B0A6DF25F1437UL, 0xEF9519B3CD3A431BUL, 0x514A08798E3404DDUL, 0x020BBEA63B139B22UL,
48 0x29024E088A67CC74UL, 0xC4C6628B80DC1CD1UL, 0xC90FDAA22168C234UL, 0xFFFFFFFFFFFFFFFFUL
49 };
50
51 // RFC 3526: 4096-bit MODP GroupUL, this prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }
52 static const BN_UINT RFC3526_PRIME_4096[] = {
53 0xFFFFFFFFFFFFFFFFUL, 0x4DF435C934063199UL, 0x86FFB7DC90A6C08FUL, 0x93B4EA988D8FDDC1UL,
54 0xD0069127D5B05AA9UL, 0xB81BDD762170481CUL, 0x1F612970CEE2D7AFUL, 0x233BA186515BE7EDUL,
55 0x99B2964FA090C3A2UL, 0x287C59474E6BC05DUL, 0x2E8EFC141FBECAA6UL, 0xDBBBC2DB04DE8EF9UL,
56 0x2583E9CA2AD44CE8UL, 0x1A946834B6150BDAUL, 0x99C327186AF4E23CUL, 0x88719A10BDBA5B26UL,
57 0x1A723C12A787E6D7UL, 0x4B82D120A9210801UL, 0x43DB5BFCE0FD108EUL, 0x08E24FA074E5AB31UL,
58 0x770988C0BAD946E2UL, 0xBBE117577A615D6CUL, 0x521F2B18177B200CUL, 0xD87602733EC86A64UL,
59 0xF12FFA06D98A0864UL, 0xCEE3D2261AD2EE6BUL, 0x1E8C94E04A25619DUL, 0xABF5AE8CDB0933D7UL,
60 0xB3970F85A6E1E4C7UL, 0x8AEA71575D060C7DUL, 0xECFB850458DBEF0AUL, 0xA85521ABDF1CBA64UL,
61 0xAD33170D04507A33UL, 0x15728E5A8AAAC42DUL, 0x15D2261898FA0510UL, 0x3995497CEA956AE5UL,
62 0xDE2BCBF695581718UL, 0xB5C55DF06F4C52C9UL, 0x9B2783A2EC07A28FUL, 0xE39E772C180E8603UL,
63 0x32905E462E36CE3BUL, 0xF1746C08CA18217CUL, 0x670C354E4ABC9804UL, 0x9ED529077096966DUL,
64 0x1C62F356208552BBUL, 0x83655D23DCA3AD96UL, 0x69163FA8FD24CF5FUL, 0x98DA48361C55D39AUL,
65 0xC2007CB8A163BF05UL, 0x49286651ECE45B3DUL, 0xAE9F24117C4B1FE6UL, 0xEE386BFB5A899FA5UL,
66 0x0BFF5CB6F406B7EDUL, 0xF44C42E9A637ED6BUL, 0xE485B576625E7EC6UL, 0x4FE1356D6D51C245UL,
67 0x302B0A6DF25F1437UL, 0xEF9519B3CD3A431BUL, 0x514A08798E3404DDUL, 0x020BBEA63B139B22UL,
68 0x29024E088A67CC74UL, 0xC4C6628B80DC1CD1UL, 0xC90FDAA22168C234UL, 0xFFFFFFFFFFFFFFFFUL
69 };
70
71 #elif defined(HITLS_THIRTY_TWO_BITS)
72
73 // RFC 3526: 2048-bit MODP Group, this prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
74 static const BN_UINT RFC3526_PRIME_2048[] = {
75 0xFFFFFFFF, 0xFFFFFFFF, 0x8AACAA68, 0x15728E5A, 0x98FA0510, 0x15D22618, 0xEA956AE5, 0x3995497C,
76 0x95581718, 0xDE2BCBF6, 0x6F4C52C9, 0xB5C55DF0, 0xEC07A28F, 0x9B2783A2, 0x180E8603, 0xE39E772C,
77 0x2E36CE3B, 0x32905E46, 0xCA18217C, 0xF1746C08, 0x4ABC9804, 0x670C354E, 0x7096966D, 0x9ED52907,
78 0x208552BB, 0x1C62F356, 0xDCA3AD96, 0x83655D23, 0xFD24CF5F, 0x69163FA8, 0x1C55D39A, 0x98DA4836,
79 0xA163BF05, 0xC2007CB8, 0xECE45B3D, 0x49286651, 0x7C4B1FE6, 0xAE9F2411, 0x5A899FA5, 0xEE386BFB,
80 0xF406B7ED, 0x0BFF5CB6, 0xA637ED6B, 0xF44C42E9, 0x625E7EC6, 0xE485B576, 0x6D51C245, 0x4FE1356D,
81 0xF25F1437, 0x302B0A6D, 0xCD3A431B, 0xEF9519B3, 0x8E3404DD, 0x514A0879, 0x3B139B22, 0x020BBEA6,
82 0x8A67CC74, 0x29024E08, 0x80DC1CD1, 0xC4C6628B, 0x2168C234, 0xC90FDAA2, 0xFFFFFFFF, 0xFFFFFFFF
83 };
84
85 // RFC 3526: 3072-bit MODP Group, this prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 }
86 static const BN_UINT RFC3526_PRIME_3072[] = {
87 0xFFFFFFFF, 0xFFFFFFFF, 0xA93AD2CA, 0x4B82D120, 0xE0FD108E, 0x43DB5BFC, 0x74E5AB31, 0x08E24FA0,
88 0xBAD946E2, 0x770988C0, 0x7A615D6C, 0xBBE11757, 0x177B200C, 0x521F2B18, 0x3EC86A64, 0xD8760273,
89 0xD98A0864, 0xF12FFA06, 0x1AD2EE6B, 0xCEE3D226, 0x4A25619D, 0x1E8C94E0, 0xDB0933D7, 0xABF5AE8C,
90 0xA6E1E4C7, 0xB3970F85, 0x5D060C7D, 0x8AEA7157, 0x58DBEF0A, 0xECFB8504, 0xDF1CBA64, 0xA85521AB,
91 0x04507A33, 0xAD33170D, 0x8AAAC42D, 0x15728E5A, 0x98FA0510, 0x15D22618, 0xEA956AE5, 0x3995497C,
92 0x95581718, 0xDE2BCBF6, 0x6F4C52C9, 0xB5C55DF0, 0xEC07A28F, 0x9B2783A2, 0x180E8603, 0xE39E772C,
93 0x2E36CE3B, 0x32905E46, 0xCA18217C, 0xF1746C08, 0x4ABC9804, 0x670C354E, 0x7096966D, 0x9ED52907,
94 0x208552BB, 0x1C62F356, 0xDCA3AD96, 0x83655D23, 0xFD24CF5F, 0x69163FA8, 0x1C55D39A, 0x98DA4836,
95 0xA163BF05, 0xC2007CB8, 0xECE45B3D, 0x49286651, 0x7C4B1FE6, 0xAE9F2411, 0x5A899FA5, 0xEE386BFB,
96 0xF406B7ED, 0x0BFF5CB6, 0xA637ED6B, 0xF44C42E9, 0x625E7EC6, 0xE485B576, 0x6D51C245, 0x4FE1356D,
97 0xF25F1437, 0x302B0A6D, 0xCD3A431B, 0xEF9519B3, 0x8E3404DD, 0x514A0879, 0x3B139B22, 0x020BBEA6,
98 0x8A67CC74, 0x29024E08, 0x80DC1CD1, 0xC4C6628B, 0x2168C234, 0xC90FDAA2, 0xFFFFFFFF, 0xFFFFFFFF
99 };
100
101 // RFC 3526: 4096-bit MODP Group, this prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }
102 static const BN_UINT RFC3526_PRIME_4096[] = {
103 0xFFFFFFFF, 0xFFFFFFFF, 0x34063199, 0x4DF435C9, 0x90A6C08F, 0x86FFB7DC, 0x8D8FDDC1, 0x93B4EA98,
104 0xD5B05AA9, 0xD0069127, 0x2170481C, 0xB81BDD76, 0xCEE2D7AF, 0x1F612970, 0x515BE7ED, 0x233BA186,
105 0xA090C3A2, 0x99B2964F, 0x4E6BC05D, 0x287C5947, 0x1FBECAA6, 0x2E8EFC14, 0x04DE8EF9, 0xDBBBC2DB,
106 0x2AD44CE8, 0x2583E9CA, 0xB6150BDA, 0x1A946834, 0x6AF4E23C, 0x99C32718, 0xBDBA5B26, 0x88719A10,
107 0xA787E6D7, 0x1A723C12, 0xA9210801, 0x4B82D120, 0xE0FD108E, 0x43DB5BFC, 0x74E5AB31, 0x08E24FA0,
108 0xBAD946E2, 0x770988C0, 0x7A615D6C, 0xBBE11757, 0x177B200C, 0x521F2B18, 0x3EC86A64, 0xD8760273,
109 0xD98A0864, 0xF12FFA06, 0x1AD2EE6B, 0xCEE3D226, 0x4A25619D, 0x1E8C94E0, 0xDB0933D7, 0xABF5AE8C,
110 0xA6E1E4C7, 0xB3970F85, 0x5D060C7D, 0x8AEA7157, 0x58DBEF0A, 0xECFB8504, 0xDF1CBA64, 0xA85521AB,
111 0x04507A33, 0xAD33170D, 0x8AAAC42D, 0x15728E5A, 0x98FA0510, 0x15D22618, 0xEA956AE5, 0x3995497C,
112 0x95581718, 0xDE2BCBF6, 0x6F4C52C9, 0xB5C55DF0, 0xEC07A28F, 0x9B2783A2, 0x180E8603, 0xE39E772C,
113 0x2E36CE3B, 0x32905E46, 0xCA18217C, 0xF1746C08, 0x4ABC9804, 0x670C354E, 0x7096966D, 0x9ED52907,
114 0x208552BB, 0x1C62F356, 0xDCA3AD96, 0x83655D23, 0xFD24CF5F, 0x69163FA8, 0x1C55D39A, 0x98DA4836,
115 0xA163BF05, 0xC2007CB8, 0xECE45B3D, 0x49286651, 0x7C4B1FE6, 0xAE9F2411, 0x5A899FA5, 0xEE386BFB,
116 0xF406B7ED, 0x0BFF5CB6, 0xA637ED6B, 0xF44C42E9, 0x625E7EC6, 0xE485B576, 0x6D51C245, 0x4FE1356D,
117 0xF25F1437, 0x302B0A6D, 0xCD3A431B, 0xEF9519B3, 0x8E3404DD, 0x514A0879, 0x3B139B22, 0x020BBEA6,
118 0x8A67CC74, 0x29024E08, 0x80DC1CD1, 0xC4C6628B, 0x2168C234, 0xC90FDAA2, 0xFFFFFFFF, 0xFFFFFFFF
119 };
120
121 #endif
122
123 static BN_BigNum g_bnRfc3526Prime2048 = {
124 false,
125 (uint32_t)sizeof(RFC3526_PRIME_2048) / sizeof(RFC3526_PRIME_2048[0]),
126 (uint32_t)sizeof(RFC3526_PRIME_2048) / sizeof(RFC3526_PRIME_2048[0]),
127 0,
128 (BN_UINT *)(uintptr_t)RFC3526_PRIME_2048
129 };
130
131 static BN_BigNum g_bnRfc3526Prime3072 = {
132 false,
133 (uint32_t)sizeof(RFC3526_PRIME_3072) / sizeof(RFC3526_PRIME_3072[0]),
134 (uint32_t)sizeof(RFC3526_PRIME_3072) / sizeof(RFC3526_PRIME_3072[0]),
135 0,
136 (BN_UINT *)(uintptr_t)RFC3526_PRIME_3072
137 };
138
139 static BN_BigNum g_bnRfc3526Prime4096 = {
140 false,
141 (uint32_t)sizeof(RFC3526_PRIME_4096) / sizeof(RFC3526_PRIME_4096[0]),
142 (uint32_t)sizeof(RFC3526_PRIME_4096) / sizeof(RFC3526_PRIME_4096[0]),
143 0,
144 (BN_UINT *)(uintptr_t)RFC3526_PRIME_4096
145 };
146
GetBnConst(BN_BigNum * outConst,BN_BigNum * inConst)147 static BN_BigNum *GetBnConst(BN_BigNum *outConst, BN_BigNum *inConst)
148 {
149 if (outConst == NULL) {
150 return BN_Dup(inConst);
151 } else {
152 if (BN_Copy(outConst, inConst) != CRYPT_SUCCESS) {
153 return NULL;
154 }
155 return outConst;
156 }
157 }
158
BN_GetRfc3526Prime(BN_BigNum * r,uint32_t len)159 BN_BigNum *BN_GetRfc3526Prime(BN_BigNum *r, uint32_t len)
160 {
161 switch (len) {
162 case 2048: // return 2048-bit MODP bn
163 return GetBnConst(r, &g_bnRfc3526Prime2048);
164 case 3072: // return 3072-bit MODP bn
165 return GetBnConst(r, &g_bnRfc3526Prime3072);
166 case 4096: // return 4096-bit MODP bn
167 return GetBnConst(r, &g_bnRfc3526Prime4096);
168 default:
169 return NULL;
170 }
171 }
172 #endif /* HITLS_CRYPTO_BN_PRIME_RFC3526 */
173