1 /****************************************************************************** 2 * 3 * Copyright 2006-2015 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 /****************************************************************************** 20 * 21 * This file contains simple pairing algorithms using Elliptic Curve 22 *Cryptography for private public key 23 * 24 ******************************************************************************/ 25 26 #pragma once 27 28 #include "security/ecc/multprecision.h" 29 30 namespace bluetooth { 31 namespace security { 32 namespace ecc { 33 34 struct Point { 35 uint32_t x[KEY_LENGTH_DWORDS_P256]; 36 uint32_t y[KEY_LENGTH_DWORDS_P256]; 37 uint32_t z[KEY_LENGTH_DWORDS_P256]; 38 }; 39 40 struct elliptic_curve_t { 41 // curve's coefficients 42 uint32_t a[KEY_LENGTH_DWORDS_P256]; 43 uint32_t b[KEY_LENGTH_DWORDS_P256]; 44 45 // prime modulus 46 uint32_t p[KEY_LENGTH_DWORDS_P256]; 47 48 // Omega, p = 2^m -omega 49 uint32_t omega[KEY_LENGTH_DWORDS_P256]; 50 51 // base point, a point on E of order r 52 Point G; 53 }; 54 55 // P-256 elliptic curve, as per BT Spec 5.1 Vol 2, Part H 7.6 56 static constexpr elliptic_curve_t curve_p256{ 57 .a = {0}, 58 .b = {0x27d2604b, 0x3bce3c3e, 0xcc53b0f6, 0x651d06b0, 0x769886bc, 0xb3ebbd55, 0xaa3a93e7, 0x5ac635d8}, 59 .p = {0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x0, 0x0, 0x0, 0x00000001, 0xFFFFFFFF}, 60 .omega = {0}, 61 62 .G = {.x = {0xd898c296, 0xf4a13945, 0x2deb33a0, 0x77037d81, 0x63a440f2, 0xf8bce6e5, 0xe12c4247, 0x6b17d1f2}, 63 .y = {0x37bf51f5, 0xcbb64068, 0x6b315ece, 0x2bce3357, 0x7c0f9e16, 0x8ee7eb4a, 0xfe1a7f9b, 0x4fe342e2}, 64 .z = {0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000}}, 65 }; 66 67 /* This function checks that point is on the elliptic curve*/ 68 bool ECC_ValidatePoint(const Point& point); 69 70 void ECC_PointMult_Bin_NAF(Point* q, const Point* p, uint32_t* n); 71 72 #define ECC_PointMult(q, p, n) ECC_PointMult_Bin_NAF(q, p, n) 73 74 } // namespace ecc 75 } // namespace security 76 } // namespace bluetooth 77