diff --git a/include/tinycrypt/ecc.h b/include/tinycrypt/ecc.h index dccfdf423..70bd5ad4f 100644 --- a/include/tinycrypt/ecc.h +++ b/include/tinycrypt/ecc.h @@ -124,7 +124,6 @@ typedef uint64_t uECC_dword_t; struct uECC_Curve_t; typedef const struct uECC_Curve_t * uECC_Curve; struct uECC_Curve_t { - uECC_word_t G[NUM_ECC_WORDS * 2]; uECC_word_t b[NUM_ECC_WORDS]; }; @@ -155,20 +154,11 @@ void vli_mmod_fast_secp256r1(unsigned int *result, unsigned int *product); extern const uECC_word_t curve_p[NUM_ECC_WORDS]; extern const uECC_word_t curve_n[NUM_ECC_WORDS]; +extern const uECC_word_t curve_G[2 * NUM_ECC_WORDS]; /* definition of curve NIST p-256: */ static const struct uECC_Curve_t curve_secp256r1 = { { - BYTES_TO_WORDS_8(96, C2, 98, D8, 45, 39, A1, F4), - BYTES_TO_WORDS_8(A0, 33, EB, 2D, 81, 7D, 03, 77), - BYTES_TO_WORDS_8(F2, 40, A4, 63, E5, E6, BC, F8), - BYTES_TO_WORDS_8(47, 42, 2C, E1, F2, D1, 17, 6B), - - BYTES_TO_WORDS_8(F5, 51, BF, 37, 68, 40, B6, CB), - BYTES_TO_WORDS_8(CE, 5E, 31, 6B, 57, 33, CE, 2B), - BYTES_TO_WORDS_8(16, 9E, 0F, 7C, 4A, EB, E7, 8E), - BYTES_TO_WORDS_8(9B, 7F, 1A, FE, E2, 42, E3, 4F) - }, { BYTES_TO_WORDS_8(4B, 60, D2, 27, 3E, 3C, CE, 3B), BYTES_TO_WORDS_8(F6, B0, 53, CC, B0, 06, 1D, 65), BYTES_TO_WORDS_8(BC, 86, 98, 76, 55, BD, EB, B3), diff --git a/tinycrypt/ecc.c b/tinycrypt/ecc.c index daa9698a3..9cbed3f95 100644 --- a/tinycrypt/ecc.c +++ b/tinycrypt/ecc.c @@ -81,6 +81,16 @@ const uECC_word_t curve_n[NUM_ECC_WORDS] = { BYTES_TO_WORDS_8(FF, FF, FF, FF, FF, FF, FF, FF), BYTES_TO_WORDS_8(00, 00, 00, 00, FF, FF, FF, FF) }; +const uECC_word_t curve_G[2 * NUM_ECC_WORDS] = { + BYTES_TO_WORDS_8(96, C2, 98, D8, 45, 39, A1, F4), + BYTES_TO_WORDS_8(A0, 33, EB, 2D, 81, 7D, 03, 77), + BYTES_TO_WORDS_8(F2, 40, A4, 63, E5, E6, BC, F8), + BYTES_TO_WORDS_8(47, 42, 2C, E1, F2, D1, 17, 6B), + BYTES_TO_WORDS_8(F5, 51, BF, 37, 68, 40, B6, CB), + BYTES_TO_WORDS_8(CE, 5E, 31, 6B, 57, 33, CE, 2B), + BYTES_TO_WORDS_8(16, 9E, 0F, 7C, 4A, EB, E7, 8E), + BYTES_TO_WORDS_8(9B, 7F, 1A, FE, E2, 42, E3, 4F) +}; /* IMPORTANT: Make sure a cryptographically-secure PRNG is set and the platform * has access to enough entropy in order to feed the PRNG regularly. */ @@ -1006,7 +1016,7 @@ uECC_word_t EccPoint_compute_public_key(uECC_word_t *result, uECC_word_t *private_key, uECC_Curve curve) { - return EccPoint_mult_safer(result, curve->G, private_key, curve); + return EccPoint_mult_safer(result, curve_G, private_key, curve); } /* Converts an integer in uECC native format to big-endian bytes. */ @@ -1097,7 +1107,7 @@ int uECC_valid_public_key(const uint8_t *public_key, uECC_Curve curve) public_key + NUM_ECC_BYTES, NUM_ECC_BYTES); - if (memcmp(_public, curve->G, NUM_ECC_WORDS * 2) == 0) { + if (memcmp(_public, curve_G, NUM_ECC_WORDS * 2) == 0) { return -4; } diff --git a/tinycrypt/ecc_dsa.c b/tinycrypt/ecc_dsa.c index c22ebd032..82e159cf2 100644 --- a/tinycrypt/ecc_dsa.c +++ b/tinycrypt/ecc_dsa.c @@ -128,7 +128,7 @@ int uECC_sign_with_k(const uint8_t *private_key, const uint8_t *message_hash, return 0; } - r = EccPoint_mult_safer(p, curve->G, k, curve); + r = EccPoint_mult_safer(p, curve_G, k, curve); if (r == 0 || uECC_vli_isZero(p)) { return 0; } @@ -258,8 +258,8 @@ int uECC_verify(const uint8_t *public_key, const uint8_t *message_hash, /* Calculate sum = G + Q. */ uECC_vli_set(sum, _public); uECC_vli_set(sum + num_words, _public + num_words); - uECC_vli_set(tx, curve->G); - uECC_vli_set(ty, curve->G + num_words); + uECC_vli_set(tx, curve_G); + uECC_vli_set(ty, curve_G + num_words); uECC_vli_modSub(z, sum, tx, curve_p); /* z = x2 - x1 */ XYcZ_add(tx, ty, sum, sum + num_words, curve); uECC_vli_modInv(z, z, curve_p); /* z = 1/z */ @@ -267,7 +267,7 @@ int uECC_verify(const uint8_t *public_key, const uint8_t *message_hash, /* Use Shamir's trick to calculate u1*G + u2*Q */ points[0] = 0; - points[1] = curve->G; + points[1] = curve_G; points[2] = _public; points[3] = sum; num_bits = smax(uECC_vli_numBits(u1),