46 #include "mphell/mphell.h"
47 #if MPHELL_USE_MULTITHREADING == 1
74 #define PRECOMP_WIN_SIZE 9
75 #define PRECOMP_SIZE 256
110 (*sig)->s = (number*)malloc(
sizeof(number));
149 uint16_t pr = 2*PRECOMP_SIZE;
152 for(i = 0; i < pr; i++)
165 for(i = 2; i < pr; i++)
168 ec_point_add(((*precomp)->prec_G)[i], E->
G, ((*precomp)->prec_G)[i-1], E, STACK_1);
169 ec_point_add(((*precomp)->prec_K)[i], *key, ((*precomp)->prec_K)[i-1], E, STACK_1);
182 uint16_t pr = 2*PRECOMP_SIZE;
183 for(i = 0; i < pr; i++)
204 #if MPHELL_USE_MULTITHREADING == 1
205 omp_set_num_threads(2);
245 number *ss = (*sig)->s;
249 uint8_t size = (*curve)->k->size;
261 unsigned char hashvalue[2*b+1];
262 unsigned char hashvaluebis[2*b+1];
263 unsigned char str[b+64+1];
264 uint8_t * message_bin;
265 unsigned char hashbin2[b];
271 number r,s, test, test2;
280 message_bin = (uint8_t *)calloc(strlen(strx)*2,
sizeof(uint8_t));
281 len_bin=
hex2bin(strx, message_bin);
293 sha512(hashbin2, message_bin, len_bin*8);
303 bin2hex(hashbin2, b, hashvalue);
309 str[i]=hashvalue[b+i];
316 message_bin = (uint8_t *)calloc((b+64)*2,
sizeof(uint8_t));
317 len_bin=
hex2bin(str, message_bin);
327 sha512(hashbin2, message_bin, len_bin*8);
330 bin2hex(hashbin2, b, hashvaluebis);
342 field_elt_str(&strx, ((*sig)->R)->x, 16,
false, (*curve)->k, STACK_1);
343 field_elt_str(&stry, ((*sig)->R)->y, 16,
false, (*curve)->k, STACK_1);
344 for(i=0;i<strlen(strx);i++)
348 for(i=strlen(strx);i<b;i++)
352 for(i=0;i<strlen(stry);i++)
356 for(i=strlen(stry);i<b;i++)
409 field_elt_str(&strx, (*pub_key)->x, 16,
false, (*curve)->k, STACK_1);
410 field_elt_str(&stry, (*pub_key)->y, 16,
false, (*curve)->k, STACK_1);
411 for(i=0;i<strlen(strx);i++)
415 for(i=strlen(strx);i<b;i++)
419 for(i=0;i<strlen(stry);i++)
423 for(i=strlen(stry);i<b;i++)
434 message_bin = (uint8_t *)calloc((4*b+64)*2,
sizeof(
unsigned char));
435 len_bin =
hex2bin(strH, message_bin);
445 sha512(hashbin2, message_bin, len_bin*8);
449 bin2hex(hashbin2, b, hashvalue);
503 uint8_t size = (*curve)->k->size;
514 uint8_t hashbin[b+1];
515 uint8_t message_bin[(4*b+64)*2];
516 unsigned char hashvalue[2*b+1];
527 field_elt_str(&strx, ((*sig)->R)->x, 16,
false, (*curve)->k, STACK_1);
528 field_elt_str(&stry, ((*sig)->R)->y, 16,
false, (*curve)->k, STACK_1);
529 for(i=0;i<strlen(strx);i++)
533 for(i=strlen(strx);i<b;i++)
537 for(i=0;i<strlen(stry);i++)
541 for(i=strlen(stry);i<b;i++)
549 field_elt_str(&strx, (*pub_key)->x, 16,
false, (*curve)->k, STACK_1);
550 field_elt_str(&stry, (*pub_key)->y, 16,
false, (*curve)->k, STACK_1);
552 for(i=0;i<strlen(strx);i++)
556 for(i=strlen(strx);i<b;i++)
560 for(i=0;i<strlen(stry);i++)
564 for(i=strlen(stry);i<b;i++)
577 len_bin =
hex2bin(strH, message_bin);
586 sha512(hashbin,message_bin,len_bin*8);
588 bin2hex(hashbin, b, hashvalue);
611 ec_point_mul(y, (*curve)->h, (*sig)->R, *curve, STACK_1);
649 ec_point_mul(x, (*curve)->n, *pub_key, *curve, STACK_1);
661 int main(
int argc,
char **argv)
666 int nb_iteration = 10000;
667 uint8_t message[200];
669 struct timespec start, end;
672 if(argc<2 || (argc>1 && atoi(argv[1])==448))
688 printf(
"Ed25519 \t");
692 uint8_t size = (E)->k->size;;
703 unsigned char hashvalue[2*b2+1];
704 unsigned char hashvaluebis[2*b2+1];
705 uint8_t * message_bin;
709 uint8_t hashbin2[b2];
710 unsigned char hashval[nb_iteration][HASH_SIZE+1];
729 printf(
"\nThe private key has been created its value is:\n");
734 for(i = 0; i < nb_iteration; i++)
736 sprintf((
char *)message,
"This is the %d message to sign and verify on stm32F4", i);
737 len_bin=strlen((
char *)message);
738 message_bin = (uint8_t *)calloc(len_bin,
sizeof(uint8_t));
742 sha256(hashbin, message_bin, len_bin*8);
745 bin2hex(hashbin, HASH_SIZE/2, hashval[i]);
752 message_bin = (uint8_t *)calloc(strlen(str)*2,
sizeof(uint8_t));
753 len_bin =
hex2bin(str, message_bin);
754 printf(
"\nBefore loop: len_bin: %d strlen(str): %d", len_bin, strlen(str));
764 sha512(hashbin2, message_bin, len_bin*8);
769 bin2hex(hashbin2, b2, hashvaluebis);
773 printf(
"\n0: test2 = ");
number_print(test2, 16); printf(
"\n");
775 printf(
"1: test2 = ");
number_print(test2, 16); printf(
"\n");
811 printf(
"\n2: test2 = ");
number_print(test2, 16); printf(
"\n");
815 printf(
"3: test = ");
number_print(test, 16); printf(
"\n");
829 printf(
"\nThe pubkey has been computed:\n");
833 printf(
"\nThe validity of the public key is a:\n");
849 for (i = 0; i < nb_iteration; i++)
860 printf(
"Vector test size %d \n", nb_iteration);
861 printf(
"Curve \t Signature \t\t Verification \n");
862 if(argc<2 || (argc>1 && atoi(argv[1])==448))
864 printf(
"Ed448 \t\t");
868 printf(
"Ed25519 \t\t");
871 clock_gettime(CLOCK_MONOTONIC_RAW, &start);
872 for(i = 0; i < nb_iteration; i++)
874 eddsa_sign((
unsigned char *)hashval[i], &(lib_sig[i]), priv_key, &pub_key, &E);
876 clock_gettime(CLOCK_MONOTONIC_RAW, &end);
877 printf(
" %lu.%03u \t\t\t",
get_s(&start, &end),
get_ns(&start, &end));
882 clock_gettime(CLOCK_MONOTONIC_RAW, &start);
883 for(i = 0; i < nb_iteration; i++)
885 ret = eddsa_verify((
unsigned char *)hashval[i], &(lib_sig[i]), &pub_key, &E, precomp);
891 clock_gettime(CLOCK_MONOTONIC_RAW, &end);
892 printf(
" %lu.%03u \n",
get_s(&start, &end),
get_ns(&start, &end));
896 printf(
"ERROR :%d\n", err);
900 printf(
"SUCCESS \n");
909 for (i = 0; i < nb_iteration; i++)
void ec_point_2mul_with_precomp(ec_point_ptr P3, number_srcptr n1, ec_point *tab_P1, number_srcptr n2, ec_point *tab_P2, int16_t win_size, ec_curve_srcptr E, uint8_t stack)
Set P3 to n1 * P1 + n2 * P2 using 2 precomputated array.
bool ec_point_are_equal(ec_point_srcptr P1, ec_point_srcptr P2, ec_curve_srcptr E, uint8_t stack)
Test if P1 and P2 are equal on E.
void ec_point_print(ec_point_srcptr P, const uint8_t base, const bool lift, field_srcptr k, uint8_t stack)
Print a description of P.
bool ec_belongs(ec_point_srcptr P, ec_curve_srcptr E, uint8_t stack)
Test if P belongs to E.
void ec_point_mul(ec_point_ptr P3, number_srcptr n, ec_point_srcptr P1, ec_curve_srcptr E, uint8_t stack)
Set P3 to n * P1 using Montgomery for Weierstrass elliptic curve, and naive method for other elliptic...
void ec_point_set_neutral(ec_point_ptr dst, ec_curve_srcptr E, uint8_t stack)
Set dst to the neutral element.
void ec_point_add(ec_point_ptr P3, ec_point_srcptr P1, ec_point_srcptr P2, ec_curve_srcptr E, uint8_t stack)
Set P3 to P1 + P2, using dedicated formulae (not protected against SPA, but faster)
void ec_free(ec_curve_ptr E)
Free the elliptic curve E.
void ec_point_copy(ec_point_ptr P3, ec_point_srcptr P, field_srcptr k)
Copy P into P3.
bool ec_point_is_neutral(ec_point_srcptr P, ec_curve_srcptr E, uint8_t stack)
Test if P is the neutral element.
void ec_point_mul_unified(ec_point_ptr P3, number_srcptr n, ec_point_srcptr P1, ec_curve_srcptr E, uint8_t stack)
Set P3 to n * P1 using Montgomery for Weierstrass elliptic curve, and naive method for other elliptic...
void ec_point_init(ec_point_ptr P, field_srcptr k)
Initialise an elliptic curve point.
void ec_point_free(ec_point_ptr P, field_srcptr k)
Free the point P.
void ec_point_norm(ec_point_ptr P, ec_curve_srcptr E, uint8_t stack)
Convert a point in projective or jacobian coordinate to an affine point (x,y)
void ec_point_alloc(ec_point_ptr P, field_srcptr k)
Allocate an elliptic curve point.
void ec_use_curve(ec_curve_ptr E, field_ptr k, const ec_known_curve id_curve, const ec_formula f, uint8_t stack)
Create the elliptic curve (and the associated base field) id_curve, the curve and the field must me a...
void ec_alloc(ec_curve_ptr E, field_srcptr k)
Allocate a curve.
static void ec_point_get_pool_elt(ec_point_ptr P, field_ptr k, uint8_t stack)
Get an initialised point from the pool.
static void ec_point_relax_pool_elt(ec_point_ptr P, field_ptr k, uint8_t stack)
Relax an initialised point from the pool.
bool edwards_belongs(ec_point_srcptr P, ec_curve_srcptr E, uint8_t stack)
Test if P belongs to E.
void field_alloc(field_ptr k, const field_type type, const uint8_t size, field_ptr base)
Allocates space for the different fields of the structure pointed by k.
void field_elt_str(char **str, fe_srcptr src, const uint8_t base, const bool lift, field_srcptr k, uint8_t stack)
Converts src to string format in base specified by base.
void field_free(field_ptr k)
Free the space of the field informations structure.
field_t field[1]
Address of a field structure.
void free_mphell()
Free MPHELL memory, especially the big amount of temporary memory.
void init_mphell(const uint16_t security_strength, const random_type type, const entropy_type entropy)
Initialise MPHELL with security_strength bits of security (for random number only).
void number_random1(number_ptr dst, number_srcptr bound, uint8_t stack)
Set dst to a random number_ptr between 0 and bound, the random process is chosen at the MPHELL initia...
void number_mod(number_ptr dst, number_srcptr src1, number_srcptr src2)
Compute dst such that src1 = q * src2 + dst ; dst < src2.
void number_set_ui(number_ptr dst, const block src)
Set dst to src.
void number_lshift(number_ptr dst, number_srcptr src, const uint16_t shift)
Set dst to src << shift.
void number_free(number *dst)
Free a number_ptr allocated on the RAM memory (malloc)
void number_set_str(number_ptr dst, const char *str, const uint8_t base)
Set dst to str.
bool number_isgreater(number_srcptr src1, number_srcptr src2)
Test if src1 > src2.
void number_sub(number_ptr dst, number_srcptr src1, number_srcptr src2)
Set dst to src1 - src2 if src1 - src2 fit in dst.
void number_str(char **str, number_srcptr src, const uint8_t base)
Converts src to string format in base specified by base.
void number_tmp_free(number *t, const uint8_t size, uint8_t stack)
Free a temporary number.
void number_add(number_ptr dst, number_srcptr src1, number_srcptr src2)
Set dst to src1 + src2 if src1 + src2 fit in dst.
int8_t number_cmp(number_srcptr src1, number_srcptr src2)
Compare src1 and src2.
void number_rshift(number_ptr dst, number_srcptr src, const uint16_t shift)
Set dst to src >> shift.
void number_tmp_alloc(number *t, const uint8_t size, uint8_t stack)
Allocate a temporary number.
void number_print(number_srcptr src, const uint8_t base)
Print src in base "base".
void number_dec(number_ptr dst, number_srcptr src)
Set dst to src - 1 if src - 1 fit in dst.
void number_mul(number_ptr dst, number_srcptr src1, number_srcptr src2)
Set dst to src1 * src2.
void number_inc(number_ptr dst, number_srcptr src)
Set dst to src + 1 if src + 1 fit in dst.
void number_init(number *dst, const uint8_t n)
Allocate a number_ptr on the RAM memory (malloc)
void sha256(uint8_t *hashvalue, const uint8_t *data, const uint64_t data_len)
Compute the Sha256 hash of "data".
void FIPS202_SHAKE256(const unsigned char *input, unsigned int inputByteLen, unsigned char *output, int outputByteLen)
void sha512(uint8_t *hashvalue, const uint8_t *data, const uint64_t data_len)
Compute the Sha512 hash of "data".
uint32_t hex2bin(const char *in, unsigned char *out)
Convert an hexadecimal string into a binary string.
time_t get_s(struct timespec *start, struct timespec *end)
Return the elapsed time in second between "start" and "end".
void string2bin(char *s, uint8_t *output)
Convert a string into a byte array.
void bin2hex(const unsigned char *old, const uint32_t oldlen, unsigned char *result)
Converts a string of ASCII characters to hexadecimal values.
uint8_t bits_to_nblock(const uint16_t nbits)
Return the number of blocks required to store a nbits number.
unsigned int get_ns(struct timespec *start, struct timespec *end)
Return the elapsed time in nano second to add to the result of get_s().
void ecdsa_precal_free(ecdsa_precomp *precomp, ec_curve_ptr E)
Free memory of the ecdsa_precomp structure.
void ecdsa_precal(ecdsa_precomp *precomp, ec_point *key, ec_curve_ptr E)
Compute 1*G, 2*G, 3*G, 4*G, 5*G, 6*G, 7*G and 1*Q, 2*Q, 3*Q, 4*Q, 5*Q, 6*Q, 7*Q where G is the base p...
void ec_point_mul_ecdsa(ec_point dst, number_srcptr u1, ec_point_srcptr G, number_srcptr u2, ec_point_srcptr key, ec_curve_srcptr E)
Compute u1 * G + u2 * key.
void eddsa_sign_free(eddsa_sig *sig, ec_curve_srcptr E)
Free a used signature structure.
int8_t eddsa_pub_key_validation(ec_point *pub_key, ec_curve *curve)
Verify that the public key is valid (id est check taht pub_key belongs to the curve,...
Define an elliptic curve.
Define an elliptic curve point.
Precomputation structure.
ec_point prec_K[2 *PRECOMP_SIZE]
ec_point prec_G[2 *PRECOMP_SIZE]
Define an EdDSA signature.