CC26xx Driver Library
Data Structures | Functions | Variables
[pka.h] Public Key Accelerator
Peripherals

Data Structures

union  PKA_EccParam224
 
union  PKA_EccParam256
 
union  PKA_EccParam384
 
union  PKA_EccParam512
 
union  PKA_EccParam521
 
struct  PKA_EccPoint224_
 
struct  PKA_EccPoint256_
 
struct  PKA_EccPoint384_
 
struct  PKA_EccPoint512_
 
struct  PKA_EccPoint521_
 

Functions

void PKAClearPkaRam (void)
 Zeroizes PKA RAM. More...
 
uint32_t PKAGetOpsStatus (void)
 Gets the PKA operation status. More...
 
bool PKAArrayAllZeros (const uint8_t *array, uint32_t arrayLength)
 Checks whether and array only consists of zeros. More...
 
void PKAZeroOutArray (const uint8_t *array, uint32_t arrayLength)
 Zeros-out an array. More...
 
uint32_t PKABigNumModStart (const uint8_t *bigNum, uint32_t bigNumLength, const uint8_t *modulus, uint32_t modulusLength, uint32_t *resultPKAMemAddr)
 Starts a big number modulus operation. More...
 
uint32_t PKABigNumModGetResult (uint8_t *resultBuf, uint32_t length, uint32_t resultPKAMemAddr)
 Gets the result of the big number modulus operation. More...
 
uint32_t PKABigNumDivideStart (const uint8_t *dividend, uint32_t dividendLength, const uint8_t *divisor, uint32_t divisorLength, uint32_t *resultQuotientMemAddr, uint32_t *resultRemainderMemAddr)
 Starts a big number divide operation. More...
 
uint32_t PKABigNumDivideGetQuotient (uint8_t *resultBuf, uint32_t *length, uint32_t resultQuotientMemAddr)
 Gets the quotient of the big number divide operation. More...
 
uint32_t PKABigNumDivideGetRemainder (uint8_t *resultBuf, uint32_t *length, uint32_t resultRemainderMemAddr)
 Gets the remainder of the big number divide operation. More...
 
uint32_t PKABigNumCmpStart (const uint8_t *bigNum1, const uint8_t *bigNum2, uint32_t length)
 Starts the comparison of two big numbers. More...
 
uint32_t PKABigNumCmpGetResult (void)
 Gets the result of the comparison operation of two big numbers. More...
 
uint32_t PKABigNumInvModStart (const uint8_t *bigNum, uint32_t bigNumLength, const uint8_t *modulus, uint32_t modulusLength, uint32_t *resultPKAMemAddr)
 Starts a big number inverse modulo operation. More...
 
uint32_t PKABigNumInvModGetResult (uint8_t *resultBuf, uint32_t length, uint32_t resultPKAMemAddr)
 Gets the result of the big number inverse modulo operation. More...
 
uint32_t PKABigNumMultiplyStart (const uint8_t *multiplicand, uint32_t multiplicandLength, const uint8_t *multiplier, uint32_t multiplierLength, uint32_t *resultPKAMemAddr)
 Starts the multiplication of two big numbers. More...
 
uint32_t PKABigNumMultGetResult (uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
 Gets the result of the big number multiplication. More...
 
uint32_t PKABigNumAddStart (const uint8_t *bigNum1, uint32_t bigNum1Length, const uint8_t *bigNum2, uint32_t bigNum2Length, uint32_t *resultPKAMemAddr)
 Starts the addition of two big numbers. More...
 
uint32_t PKABigNumAddGetResult (uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
 Gets the result of the addition operation on two big numbers. More...
 
uint32_t PKABigNumSubStart (const uint8_t *minuend, uint32_t minuendLength, const uint8_t *subtrahend, uint32_t subtrahendLength, uint32_t *resultPKAMemAddr)
 Starts the subtraction of one big number from another. More...
 
uint32_t PKABigNumSubGetResult (uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
 Gets the result of the subtraction operation on two big numbers. More...
 
uint32_t PKAEccMultiplyStart (const uint8_t *scalar, const uint8_t *curvePointX, const uint8_t *curvePointY, const uint8_t *prime, const uint8_t *a, const uint8_t *b, uint32_t length, uint32_t *resultPKAMemAddr)
 Starts ECC multiplication. More...
 
uint32_t PKAEccMontgomeryMultiplyStart (const uint8_t *scalar, const uint8_t *curvePointX, const uint8_t *prime, const uint8_t *a, uint32_t length, uint32_t *resultPKAMemAddr)
 Starts ECC Montgomery multiplication. More...
 
uint32_t PKAEccMultiplyGetResult (uint8_t *curvePointX, uint8_t *curvePointY, uint32_t resultPKAMemAddr, uint32_t length)
 Gets the result of ECC multiplication. More...
 
uint32_t PKAEccAddStart (const uint8_t *curvePoint1X, const uint8_t *curvePoint1Y, const uint8_t *curvePoint2X, const uint8_t *curvePoint2Y, const uint8_t *prime, const uint8_t *a, uint32_t length, uint32_t *resultPKAMemAddr)
 Starts the ECC addition. More...
 
uint32_t PKAEccAddGetResult (uint8_t *curvePointX, uint8_t *curvePointY, uint32_t resultPKAMemAddr, uint32_t length)
 Gets the result of the ECC addition. More...
 
uint32_t PKAEccVerifyPublicKeyWeierstrassStart (const uint8_t *curvePointX, const uint8_t *curvePointY, const uint8_t *prime, const uint8_t *a, const uint8_t *b, const uint8_t *order, uint32_t length)
 Begins the validation of a public key against a Short-Weierstrass curve. More...
 

Variables

const PKA_EccPoint224 NISTP224_generator
 X coordinate of the generator point of the NISTP224 curve. More...
 
const PKA_EccParam224 NISTP224_prime
 Prime of the NISTP224 curve. More...
 
const PKA_EccParam224 NISTP224_a
 a constant of the NISTP224 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam224 NISTP224_b
 b constant of the NISTP224 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam224 NISTP224_order
 Order of the NISTP224 curve. More...
 
const PKA_EccPoint256 NISTP256_generator
 X coordinate of the generator point of the NISTP256 curve. More...
 
const PKA_EccParam256 NISTP256_prime
 Prime of the NISTP256 curve. More...
 
const PKA_EccParam256 NISTP256_a
 a constant of the NISTP256 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam256 NISTP256_b
 b constant of the NISTP256 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam256 NISTP256_order
 Order of the NISTP256 curve. More...
 
const PKA_EccPoint384 NISTP384_generator
 X coordinate of the generator point of the NISTP384 curve. More...
 
const PKA_EccParam384 NISTP384_prime
 Prime of the NISTP384 curve. More...
 
const PKA_EccParam384 NISTP384_a
 a constant of the NISTP384 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam384 NISTP384_b
 b constant of the NISTP384 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam384 NISTP384_order
 Order of the NISTP384 curve. More...
 
const PKA_EccPoint521 NISTP521_generator
 X coordinate of the generator point of the NISTP521 curve. More...
 
const PKA_EccParam521 NISTP521_prime
 Prime of the NISTP521 curve. More...
 
const PKA_EccParam521 NISTP521_a
 a constant of the NISTP521 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam521 NISTP521_b
 b constant of the NISTP521 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam521 NISTP521_order
 Order of the NISTP521 curve. More...
 
const PKA_EccPoint256 BrainpoolP256R1_generator
 X coordinate of the generator point of the BrainpoolP256R1 curve. More...
 
const PKA_EccParam256 BrainpoolP256R1_prime
 Prime of the BrainpoolP256R1 curve. More...
 
const PKA_EccParam256 BrainpoolP256R1_a
 a constant of the BrainpoolP256R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam256 BrainpoolP256R1_b
 b constant of the BrainpoolP256R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam256 BrainpoolP256R1_order
 Order of the BrainpoolP256R1 curve. More...
 
const PKA_EccPoint384 BrainpoolP384R1_generator
 X coordinate of the generator point of the BrainpoolP384R1 curve. More...
 
const PKA_EccParam384 BrainpoolP384R1_prime
 Prime of the BrainpoolP384R1 curve. More...
 
const PKA_EccParam384 BrainpoolP384R1_a
 a constant of the BrainpoolP384R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam384 BrainpoolP384R1_b
 b constant of the BrainpoolP384R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam384 BrainpoolP384R1_order
 Order of the BrainpoolP384R1 curve. More...
 
const PKA_EccPoint512 BrainpoolP512R1_generator
 X coordinate of the generator point of the BrainpoolP512R1 curve. More...
 
const PKA_EccParam512 BrainpoolP512R1_prime
 Prime of the BrainpoolP512R1 curve. More...
 
const PKA_EccParam512 BrainpoolP512R1_a
 a constant of the BrainpoolP512R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam512 BrainpoolP512R1_b
 b constant of the BrainpoolP512R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam512 BrainpoolP512R1_order
 Order of the BrainpoolP512R1 curve. More...
 
const PKA_EccPoint256 Curve25519_generator
 X coordinate of the generator point of the Curve25519 curve. More...
 
const PKA_EccParam256 Curve25519_prime
 Prime of the Curve25519 curve. More...
 
const PKA_EccParam256 Curve25519_a
 a constant of the Curve25519 curve when expressed in Montgomery form (By^2 = x^3 + a*x^2 + x). More...
 
const PKA_EccParam256 Curve25519_b
 b constant of the Curve25519 curve when expressed in Montgomery form (By^2 = x^3 + a*x^2 + x). More...
 
const PKA_EccParam256 Curve25519_order
 Order of the Curve25519 curve. More...
 

Detailed Description

Introduction

The PKA (Public Key Accelerator) API provides access to the Large Number Engine (LNME). The LNME allows for efficient math operations on numbers larger than those that fit within the ALU of the system CPU. It is significantly faster to perform these operations using the LNME than implementing the same functionality in software using regular word-wise math operations. While the LNME runs in the background, the system CPU may perform other operations or be turned off.

The LNME supports both primitive math operations and serialized primitive operations (sequencer operations).

These primitives and sequencer operations can be used to implement various public key encryption schemes. It is possible to implement the following schemes using the operations mentioned above:

The DriverLib PKA functions copy the relevant parameters into the dedicated PKA RAM. The LNME requires these parameters be present and correctly formatted in the PKA RAM and not system RAM. They are copied word-wise as the PKA RAM does not support byte-wise access. The CPU handles the alignment differences during the memory copy operation. Forcing buffer alignment in system RAM results in a significant speedup of the copy operation compared to unaligned buffers.

When the operation completes, the result is copied back into a buffer in system RAM specified by the application. The PKA RAM is then cleared to prevent sensitive keying material from remaining in PKA RAM.

Function Documentation

bool PKAArrayAllZeros ( const uint8_t *  array,
uint32_t  arrayLength 
)

Checks whether and array only consists of zeros.

Parameters
[in]arrayis the array to check.
[in]arrayLengthis the length of the array.
Returns
Returns true if the array contains only zeros and false if one or more bits are set.
927 {
928  uint32_t i;
929  uint8_t arrayBits = 0;
930 
931  // We could speed things up by comparing word-wise rather than byte-wise.
932  // However, this extra overhead is inconsequential compared to running an
933  // actual PKA operation. Especially ECC operations.
934  for (i = 0; i < arrayLength; i++) {
935  arrayBits |= array[i];
936  }
937 
938  if (arrayBits) {
939  return false;
940  }
941  else {
942  return true;
943  }
944 
945 }
uint32_t PKABigNumAddGetResult ( uint8_t *  resultBuf,
uint32_t *  resultLength,
uint32_t  resultPKAMemAddr 
)

Gets the result of the addition operation on two big numbers.

Parameters
[out]resultBufis the pointer to buffer where the result needs to be stored.
[in,out]resultLengthis the address of the variable containing the length of the buffer. After the operation the actual length of the resultant is stored at this address.
[in]resultPKAMemAddris the address of the result location which was provided by the start function PKABigNumAddStart().
Returns
Returns a status code.
See also
PKABigNumAddStart()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

1334 {
1335  return PKAGetBigNumResult(resultBuf, resultLength, resultPKAMemAddr);
1336 }
PKAGetBigNumResult
static uint32_t PKAGetBigNumResult(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Definition: pka.c:685

Here is the call graph for this function:

uint32_t PKABigNumAddStart ( const uint8_t *  bigNum1,
uint32_t  bigNum1Length,
const uint8_t *  bigNum2,
uint32_t  bigNum2Length,
uint32_t *  resultPKAMemAddr 
)

Starts the addition of two big numbers.

Parameters
[in]bigNum1is the pointer to the buffer containing the first big number.
[in]bigNum1Lengthis the size of the first big number in bytes.
[in]bigNum2is the pointer to the buffer containing the second big number.
[in]bigNum2Lengthis the size of the second big number in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKABigNumAddGetResult()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

1253 {
1254  uint32_t offset = 0;
1255 
1256  // Check for arguments.
1257  ASSERT(bigNum1);
1258  ASSERT(bigNum2);
1259  ASSERT(resultPKAMemAddr);
1260 
1261  // Make sure no operation is in progress.
1262  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1263  return PKA_STATUS_OPERATION_BUSY;
1264  }
1265 
1266  offset = PKAWritePkaParam(bigNum1, bigNum1Length, offset, PKA_O_APTR);
1267 
1268  offset = PKAWritePkaParam(bigNum2, bigNum2Length, offset, PKA_O_BPTR);
1269 
1270  // Copy the result vector address location.
1271  *resultPKAMemAddr = PKA_RAM_BASE + offset;
1272 
1273  // Load C pointer with the result location in PKA RAM.
1274  HWREG(PKA_BASE + PKA_O_CPTR) = offset >> 2;
1275 
1276  // Set the function for the add operation and start the operation.
1277  HWREG(PKA_BASE + PKA_O_FUNCTION) = (PKA_FUNCTION_RUN | PKA_FUNCTION_ADD);
1278 
1279  return PKA_STATUS_SUCCESS;
1280 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:604
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
ASSERT
#define ASSERT(expr)
Definition: debug.h:73

Here is the call graph for this function:

uint32_t PKABigNumCmpGetResult ( void  )

Gets the result of the comparison operation of two big numbers.

This function provides the results of the comparison of two big numbers which was started using the PKABigNumCmpStart().

Returns
Returns a status code.
See also
PKABigNumCmpStart()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

1123 {
1124  uint32_t status;
1125 
1126  // verify that the operation is complete.
1127  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1128  return PKA_STATUS_OPERATION_BUSY;
1129  }
1130 
1131  // Check the COMPARE register.
1132  switch(HWREG(PKA_BASE + PKA_O_COMPARE)) {
1133  case PKA_COMPARE_A_EQUALS_B:
1134  status = PKA_STATUS_EQUAL;
1135  break;
1136 
1137  case PKA_COMPARE_A_GREATER_THAN_B:
1138  status = PKA_STATUS_A_GREATER_THAN_B;
1139  break;
1140 
1141  case PKA_COMPARE_A_LESS_THAN_B:
1142  status = PKA_STATUS_A_LESS_THAN_B;
1143  break;
1144 
1145  default:
1146  status = PKA_STATUS_FAILURE;
1147  break;
1148  }
1149 
1150  return status;
1151 }
PKA_STATUS_FAILURE
#define PKA_STATUS_FAILURE
Failure.
Definition: pka.h:122
PKA_STATUS_EQUAL
#define PKA_STATUS_EQUAL
Big number compare return status if the first big number is equal to the second.
Definition: pka.h:128
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_A_LESS_THAN_B
#define PKA_STATUS_A_LESS_THAN_B
Big number compare return status if the first big number is less than the second. ...
Definition: pka.h:127
PKA_STATUS_A_GREATER_THAN_B
#define PKA_STATUS_A_GREATER_THAN_B
Big number compare return status if the first big number is greater than the second.
Definition: pka.h:126
uint32_t PKABigNumCmpStart ( const uint8_t *  bigNum1,
const uint8_t *  bigNum2,
uint32_t  length 
)

Starts the comparison of two big numbers.

This function starts the comparison of two big numbers pointed by bigNum1 and bigNum2.

Note
bigNum1 and bigNum2 must have same size.
Parameters
[in]bigNum1is the pointer to the first big number.
[in]bigNum2is the pointer to the second big number.
[in]lengthis the size of the big numbers in bytes.
Returns
Returns a status code.
See also
PKABigNumCmpGetResult()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

1094 {
1095  uint32_t offset = 0;
1096 
1097  // Check the arguments.
1098  ASSERT(bigNum1);
1099  ASSERT(bigNum2);
1100 
1101  // Make sure no operation is in progress.
1102  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1103  return PKA_STATUS_OPERATION_BUSY;
1104  }
1105 
1106  offset = PKAWritePkaParam(bigNum1, length, offset, PKA_O_APTR);
1107 
1108  offset = PKAWritePkaParam(bigNum2, length, offset, PKA_O_BPTR);
1109 
1110  // Set the PKA Function register for the Compare operation
1111  // and start the operation.
1112  HWREG(PKA_BASE + PKA_O_FUNCTION) = (PKA_FUNCTION_RUN | PKA_FUNCTION_COMPARE);
1113 
1114  return PKA_STATUS_SUCCESS;
1115 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:604
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
ASSERT
#define ASSERT(expr)
Definition: debug.h:73

Here is the call graph for this function:

uint32_t PKABigNumDivideGetQuotient ( uint8_t *  resultBuf,
uint32_t *  length,
uint32_t  resultQuotientMemAddr 
)

Gets the quotient of the big number divide operation.

This function gets the quotient of the big number divide operation which was previously started using the function PKABigNumDivideStart().

Parameters
[out]resultBufis the pointer to buffer where the result needs to be stored.
[in]lengthis the size of the provided buffer in bytes.
[in]resultQuotientMemAddris the address of the result location which was provided by the start function PKABigNumDivideStart().
Returns
Returns a status code.
See also
PKABigNumDivideStart()
1073 {
1074  return PKAGetBigNumResult(resultBuf, length, resultQuotientMemAddr);
1075 }
PKAGetBigNumResult
static uint32_t PKAGetBigNumResult(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Definition: pka.c:685

Here is the call graph for this function:

uint32_t PKABigNumDivideGetRemainder ( uint8_t *  resultBuf,
uint32_t *  length,
uint32_t  resultRemainderMemAddr 
)

Gets the remainder of the big number divide operation.

This function gets the remainder of the big number divide operation which was previously started using the function PKABigNumDivideStart().

Parameters
[out]resultBufis the pointer to buffer where the result needs to be stored.
[in]lengthis the size of the provided buffer in bytes.
[in]resultRemainderMemAddris the address of the result location which was provided by the start function PKABigNumDivideStart().
Returns
Returns a status code.
See also
PKABigNumDivideStart()
1083 {
1084  return PKAGetBigNumResultRemainder(resultBuf, length, resultQuotientMemAddr);
1085 }
PKAGetBigNumResultRemainder
static uint32_t PKAGetBigNumResultRemainder(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Definition: pka.c:759

Here is the call graph for this function:

uint32_t PKABigNumDivideStart ( const uint8_t *  dividend,
uint32_t  dividendLength,
const uint8_t *  divisor,
uint32_t  divisorLength,
uint32_t *  resultQuotientMemAddr,
uint32_t *  resultRemainderMemAddr 
)

Starts a big number divide operation.

This function starts the dive operation on the big number bigNum using the divisor. The PKA RAM location where the result will be available is stored in resultPKAMemAddr.

Parameters
[in]dividendis the pointer to the big number to be divided.
[in]dividendLengthis the size of the big number dividend in bytes.
[in]divisoris the pointer to the divisor.
[in]divisorLengthis the size of the divisor in bytes.
[out]resultQuotientMemAddris the pointer to the quotient vector location which will be set by this function.
[out]resultRemainderMemAddris the pointer to the remainder vector location which will be set by this function.
Returns
Returns a status code.
See also
PKABigNumDivideGetResult()
1026 {
1027  uint32_t offset = 0;
1028 
1029  // Check the arguments.
1030  ASSERT(dividend);
1031  ASSERT(divisor);
1032  ASSERT(resultQuotientMemAddr);
1033  ASSERT(resultRemainderMemAddr);
1034 
1035  // Make sure no operation is in progress.
1036  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1037  return PKA_STATUS_OPERATION_BUSY;
1038  }
1039 
1040  offset = PKAWritePkaParam(dividend, dividendLength, offset, PKA_O_APTR);
1041 
1042  offset = PKAWritePkaParamExtraOffset(divisor, divisorLength, offset, PKA_O_BPTR);
1043 
1044  // Copy the remainder result vector address location.
1045  if (resultRemainderMemAddr) {
1046  *resultRemainderMemAddr = PKA_RAM_BASE + offset;
1047  }
1048 
1049  // The remainder cannot ever be larger than the divisor. It should fit inside
1050  // a buffer of that size.
1051  offset = PKAWritePkaParamExtraOffset(0, divisorLength, offset, PKA_O_CPTR);
1052 
1053  // Copy the remainder result vector address location.
1054  if (resultQuotientMemAddr) {
1055  *resultQuotientMemAddr = PKA_RAM_BASE + offset;
1056  }
1057 
1058  // Load D pointer with the quotient location in PKA RAM
1059  HWREG(PKA_BASE + PKA_O_DPTR) = offset >> 2;
1060 
1061  // Start the PKCP modulo operation by setting the PKA Function register.
1062  HWREG(PKA_BASE + PKA_O_FUNCTION) = (PKA_FUNCTION_RUN | PKA_FUNCTION_DIVIDE);
1063 
1064  return PKA_STATUS_SUCCESS;
1065 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:604
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
PKAWritePkaParamExtraOffset
static uint32_t PKAWritePkaParamExtraOffset(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:674
ASSERT
#define ASSERT(expr)
Definition: debug.h:73

Here is the call graph for this function:

uint32_t PKABigNumInvModGetResult ( uint8_t *  resultBuf,
uint32_t  length,
uint32_t  resultPKAMemAddr 
)

Gets the result of the big number inverse modulo operation.

This function gets the result of the big number inverse modulo operation previously started using the function PKABigNumInvModStart(). The function will zero-out resultBuf prior to copying in the result of the inverse modulo operation.

Parameters
[out]resultBufis the pointer to buffer where the result needs to be stored.
[in]lengthis the size of the provided buffer in bytes.
[in]resultPKAMemAddris the address of the result location which was provided by the start function PKABigNumInvModStart().
Returns
Returns a status code.
See also
PKABigNumInvModStart()
1194 {
1195  // Zero-out array in case modulo result is shorter than length
1196  PKAZeroOutArray(resultBuf, length);
1197 
1198  return PKAGetBigNumResult(resultBuf, &length, resultPKAMemAddr);
1199 }
PKAGetBigNumResult
static uint32_t PKAGetBigNumResult(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Definition: pka.c:685
PKAZeroOutArray
void PKAZeroOutArray(const uint8_t *array, uint32_t arrayLength)
Zeros-out an array.
Definition: pka.c:952

Here is the call graph for this function:

uint32_t PKABigNumInvModStart ( const uint8_t *  bigNum,
uint32_t  bigNumLength,
const uint8_t *  modulus,
uint32_t  modulusLength,
uint32_t *  resultPKAMemAddr 
)

Starts a big number inverse modulo operation.

This function starts the inverse modulo operation on bigNum using the divisor modulus.

Parameters
[in]bigNumis the pointer to the buffer containing the big number (dividend).
[in]bigNumLengthis the size of the bigNum in bytes.
[in]modulusis the pointer to the buffer containing the divisor.
[in]modulusLengthis the size of the divisor in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKABigNumInvModGetResult()
1159 {
1160  uint32_t offset = 0;
1161 
1162  // Check the arguments.
1163  ASSERT(bigNum);
1164  ASSERT(modulus);
1165  ASSERT(resultPKAMemAddr);
1166 
1167  // Make sure no operation is in progress.
1168  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1169  return PKA_STATUS_OPERATION_BUSY;
1170  }
1171 
1172  offset = PKAWritePkaParam(bigNum, bigNumLength, offset, PKA_O_APTR);
1173 
1174  offset = PKAWritePkaParam(modulus, modulusLength, offset, PKA_O_BPTR);
1175 
1176  // Copy the result vector address location.
1177  *resultPKAMemAddr = PKA_RAM_BASE + offset;
1178 
1179  // Load D pointer with the result location in PKA RAM.
1180  HWREG(PKA_BASE + PKA_O_DPTR) = offset >> 2;
1181 
1182  // set the PKA function to InvMod operation and the start the operation.
1183  HWREG(PKA_BASE + PKA_O_FUNCTION) = 0x0000F000;
1184 
1185  return PKA_STATUS_SUCCESS;
1186 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:604
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
ASSERT
#define ASSERT(expr)
Definition: debug.h:73

Here is the call graph for this function:

uint32_t PKABigNumModGetResult ( uint8_t *  resultBuf,
uint32_t  length,
uint32_t  resultPKAMemAddr 
)

Gets the result of the big number modulus operation.

This function gets the result of the big number modulus operation which was previously started using the function PKABigNumModStart(). The function will zero-out resultBuf prior to copying in the result of the modulo operation.

Parameters
[out]resultBufis the pointer to buffer where the result needs to be stored.
[in]lengthis the size of the provided buffer in bytes.
[in]resultPKAMemAddris the address of the result location which was provided by the start function PKABigNumModStart().
Returns
Returns a status code.
See also
PKABigNumModStart()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

1013 {
1014  // Zero-out array in case modulo result is shorter than length
1015  PKAZeroOutArray(resultBuf, length);
1016 
1017  return PKAGetBigNumResultRemainder(resultBuf, &length, resultPKAMemAddr);
1018 }
PKAGetBigNumResultRemainder
static uint32_t PKAGetBigNumResultRemainder(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Definition: pka.c:759
PKAZeroOutArray
void PKAZeroOutArray(const uint8_t *array, uint32_t arrayLength)
Zeros-out an array.
Definition: pka.c:952

Here is the call graph for this function:

uint32_t PKABigNumModStart ( const uint8_t *  bigNum,
uint32_t  bigNumLength,
const uint8_t *  modulus,
uint32_t  modulusLength,
uint32_t *  resultPKAMemAddr 
)

Starts a big number modulus operation.

This function starts the modulo operation on the big number bigNum using the divisor modulus. The PKA RAM location where the result will be available is stored in resultPKAMemAddr.

Parameters
[in]bigNumis the pointer to the big number on which modulo operation needs to be carried out.
[in]bigNumLengthis the size of the big number bigNum in bytes.
[in]modulusis the pointer to the divisor.
[in]modulusLengthis the size of the divisor modulus in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKABigNumModGetResult()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

978 {
979  uint32_t offset = 0;
980 
981  // Check the arguments.
982  ASSERT(bigNum);
983  ASSERT(modulus);
984  ASSERT(resultPKAMemAddr);
985 
986  // Make sure no operation is in progress.
987  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
988  return PKA_STATUS_OPERATION_BUSY;
989  }
990 
991  offset = PKAWritePkaParam(bigNum, bigNumLength, offset, PKA_O_APTR);
992 
993  offset = PKAWritePkaParamExtraOffset(modulus, modulusLength, offset, PKA_O_BPTR);
994 
995  // Copy the result vector address location.
996  *resultPKAMemAddr = PKA_RAM_BASE + offset;
997 
998  // Load C pointer with the result location in PKA RAM
999  HWREG(PKA_BASE + PKA_O_CPTR) = offset >> 2;
1000 
1001  // Start the PKCP modulo operation by setting the PKA Function register.
1002  HWREG(PKA_BASE + PKA_O_FUNCTION) = (PKA_FUNCTION_RUN | PKA_FUNCTION_MODULO);
1003 
1004  return PKA_STATUS_SUCCESS;
1005 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:604
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
PKAWritePkaParamExtraOffset
static uint32_t PKAWritePkaParamExtraOffset(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:674
ASSERT
#define ASSERT(expr)
Definition: debug.h:73

Here is the call graph for this function:

uint32_t PKABigNumMultGetResult ( uint8_t *  resultBuf,
uint32_t *  resultLength,
uint32_t  resultPKAMemAddr 
)

Gets the result of the big number multiplication.

This function gets the result of the multiplication of two big numbers operation previously started using the function PKABigNumMultiplyStart().

Parameters
[out]resultBufis the pointer to buffer where the result needs to be stored.
[in,out]resultLengthis the address of the variable containing the length of the buffer in bytes. After the operation, the actual length of the resultant is stored at this address.
[in]resultPKAMemAddris the address of the result location which was provided by the start function PKABigNumMultiplyStart().
Returns
Returns a status code.
See also
PKABigNumMultiplyStart()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

1243 {
1244  return PKAGetBigNumResult(resultBuf, resultLength, resultPKAMemAddr);
1245 }
PKAGetBigNumResult
static uint32_t PKAGetBigNumResult(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Definition: pka.c:685

Here is the call graph for this function:

uint32_t PKABigNumMultiplyStart ( const uint8_t *  multiplicand,
uint32_t  multiplicandLength,
const uint8_t *  multiplier,
uint32_t  multiplierLength,
uint32_t *  resultPKAMemAddr 
)

Starts the multiplication of two big numbers.

Parameters
[in]multiplicandis the pointer to the buffer containing the big number multiplicand.
[in]multiplicandLengthis the size of the multiplicand in bytes.
[in]multiplieris the pointer to the buffer containing the big number multiplier.
[in]multiplierLengthis the size of the multiplier in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKABigNumMultGetResult()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

1207 {
1208  uint32_t offset = 0;
1209 
1210  // Check for the arguments.
1211  ASSERT(multiplicand);
1212  ASSERT(multiplier);
1213  ASSERT(resultPKAMemAddr);
1214 
1215  // Make sure no operation is in progress.
1216  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1217  return PKA_STATUS_OPERATION_BUSY;
1218  }
1219 
1220  offset = PKAWritePkaParam(multiplicand, multiplicandLength, offset, PKA_O_APTR);
1221 
1222  offset = PKAWritePkaParam(multiplier, multiplierLength, offset, PKA_O_BPTR);
1223 
1224 
1225  // Copy the result vector address location.
1226  *resultPKAMemAddr = PKA_RAM_BASE + offset;
1227 
1228  // Load C pointer with the result location in PKA RAM.
1229  HWREG(PKA_BASE + PKA_O_CPTR) = offset >> 2;
1230 
1231  // Set the PKA function to the multiplication and start it.
1232  HWREG(PKA_BASE + PKA_O_FUNCTION) = (PKA_FUNCTION_RUN | PKA_FUNCTION_MULTIPLY);
1233 
1234  return PKA_STATUS_SUCCESS;
1235 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:604
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
ASSERT
#define ASSERT(expr)
Definition: debug.h:73

Here is the call graph for this function:

uint32_t PKABigNumSubGetResult ( uint8_t *  resultBuf,
uint32_t *  resultLength,
uint32_t  resultPKAMemAddr 
)

Gets the result of the subtraction operation on two big numbers.

Parameters
[out]resultBufis the pointer to buffer where the result needs to be stored.
[in,out]resultLengthis the address of the variable containing the length of the buffer. After the operation the actual length of the resultant is stored at this address.
[in]resultPKAMemAddris the address of the result location which was provided by the start function PKABigNumAddStart().
Returns
Returns a status code.
See also
PKABigNumSubStart()
1288 {
1289  return PKAGetBigNumResult(resultBuf, resultLength, resultPKAMemAddr);
1290 }
PKAGetBigNumResult
static uint32_t PKAGetBigNumResult(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Definition: pka.c:685

Here is the call graph for this function:

uint32_t PKABigNumSubStart ( const uint8_t *  minuend,
uint32_t  minuendLength,
const uint8_t *  subtrahend,
uint32_t  subtrahendLength,
uint32_t *  resultPKAMemAddr 
)

Starts the subtraction of one big number from another.

Parameters
[in]minuendis the pointer to the buffer containing the big number to be subtracted from.
[in]minuendLengthis the size of the minuend in bytes.
[in]subtrahendis the pointer to the buffer containing the big number to subtract from the minuend.
[in]subtrahendLengthis the size of the subtrahend in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKABigNumSubGetResult()
1298 {
1299  uint32_t offset = 0;
1300 
1301  // Check for arguments.
1302  ASSERT(minuend);
1303  ASSERT(subtrahend);
1304  ASSERT(resultPKAMemAddr);
1305 
1306 
1307  // Make sure no operation is in progress.
1308  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1309  return PKA_STATUS_OPERATION_BUSY;
1310  }
1311 
1312  offset = PKAWritePkaParam(minuend, minuendLength, offset, PKA_O_APTR);
1313 
1314  offset = PKAWritePkaParam(subtrahend, subtrahendLength, offset, PKA_O_BPTR);
1315 
1316  // Copy the result vector address location.
1317  *resultPKAMemAddr = PKA_RAM_BASE + offset;
1318 
1319  // Load C pointer with the result location in PKA RAM.
1320  HWREG(PKA_BASE + PKA_O_CPTR) = offset >> 2;
1321 
1322  // Set the function for the add operation and start the operation.
1323  HWREG(PKA_BASE + PKA_O_FUNCTION) = (PKA_FUNCTION_RUN | PKA_FUNCTION_SUBTRACT);
1324 
1325  return PKA_STATUS_SUCCESS;
1326 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:604
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
ASSERT
#define ASSERT(expr)
Definition: debug.h:73

Here is the call graph for this function:

void PKAClearPkaRam ( void  )

Zeroizes PKA RAM.

This function uses the zeroization function in PRCM to clear the PKA RAM.

582  {
583  // Get initial state
584  uint32_t secdmaclkgr = HWREG(PRCM_BASE + PRCM_O_SECDMACLKGR);
585 
586  // OR in zeroize bit
587  secdmaclkgr |= PRCM_SECDMACLKGR_PKA_ZERIOZE_RESET_N;
588 
589  // Start zeroization
590  HWREG(PRCM_BASE + PRCM_O_SECDMACLKGR) = secdmaclkgr;
591 
592  // Wait 256 cycles for PKA RAM to be cleared
593  CPUdelay(256 / 4);
594 
595  // Turn off zeroization
596  HWREG(PRCM_BASE + PRCM_O_SECDMACLKGR) = secdmaclkgr & (~PRCM_SECDMACLKGR_PKA_ZERIOZE_RESET_N);
597 }
CPUdelay
void CPUdelay(uint32_t ui32Count)
Provide a small non-zero delay using a simple loop counter.
Definition: cpu.c:343

Here is the call graph for this function:

uint32_t PKAEccAddGetResult ( uint8_t *  curvePointX,
uint8_t *  curvePointY,
uint32_t  resultPKAMemAddr,
uint32_t  length 
)

Gets the result of the ECC addition.

This function gets the result of ECC point addition operation on the on the two given EC points, previously started using the function PKAEccAddStart().

Parameters
[out]curvePointXis the pointer to the structure where the X coordinate of the resultant EC point will be stored.
[out]curvePointYis the pointer to the structure where the Y coordinate of the resultant EC point will be stored.
[in]resultPKAMemAddris the address of the result location which was provided by the start function PKAEccAddGetResult().
[in]lengthis the length of the curve parameters in bytes.
Returns
Returns a status code.
See also
PKAEccAddStart()
1494 {
1495  return PKAGetECCResult(curvePointX, curvePointY, resultPKAMemAddr, length);
1496 }
PKAGetECCResult
static uint32_t PKAGetECCResult(uint8_t *curvePointX, uint8_t *curvePointY, uint32_t resultPKAMemAddr, uint32_t length)
Definition: pka.c:823

Here is the call graph for this function:

uint32_t PKAEccAddStart ( const uint8_t *  curvePoint1X,
const uint8_t *  curvePoint1Y,
const uint8_t *  curvePoint2X,
const uint8_t *  curvePoint2Y,
const uint8_t *  prime,
const uint8_t *  a,
uint32_t  length,
uint32_t *  resultPKAMemAddr 
)

Starts the ECC addition.

Parameters
[in]curvePoint1Xis the pointer to the buffer containing the X coordinate of the first elliptic curve point to be added. The point must be on the given curve.
[in]curvePoint1Yis the pointer to the buffer containing the Y coordinate of the first elliptic curve point to be added. The point must be on the given curve.
[in]curvePoint2Xis the pointer to the buffer containing the X coordinate of the second elliptic curve point to be added. The point must be on the given curve.
[in]curvePoint2Yis the pointer to the buffer containing the Y coordinate of the second elliptic curve point to be added. The point must be on the given curve.
[in]primeis the prime of the curve.
[in]ais the a constant of the curve when the curve equation is expressed in short Weierstrass form (y^3 = x^2 + a*x + b).
[in]lengthis the length of the curve parameters in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKAEccAddGetResult()
1449 {
1450  uint32_t offset = 0;
1451 
1452  // Check for the arguments.
1453  ASSERT(curvePoint1X);
1454  ASSERT(curvePoint1Y);
1455  ASSERT(curvePoint2X);
1456  ASSERT(curvePoint2Y);
1457  ASSERT(prime);
1458  ASSERT(a);
1459  ASSERT(resultPKAMemAddr);
1460 
1461  // Make sure no operation is in progress.
1462  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1463  return PKA_STATUS_OPERATION_BUSY;
1464  }
1465 
1466  offset = PKAWritePkaParamExtraOffset(curvePoint1X, length, offset, PKA_O_APTR);
1467  offset = PKAWritePkaParamExtraOffset(curvePoint1Y, length, offset, PKA_NO_POINTER_REG);
1468 
1469 
1470  offset = PKAWritePkaParamExtraOffset(prime, length, offset, PKA_O_BPTR);
1471  offset = PKAWritePkaParamExtraOffset(a, length, offset, PKA_NO_POINTER_REG);
1472 
1473  offset = PKAWritePkaParamExtraOffset(curvePoint2X, length, offset, PKA_O_CPTR);
1474  offset = PKAWritePkaParamExtraOffset(curvePoint2Y, length, offset, PKA_NO_POINTER_REG);
1475 
1476  // Copy the result vector location.
1477  *resultPKAMemAddr = PKA_RAM_BASE + offset;
1478 
1479  // Load D pointer with the result location in PKA RAM.
1480  HWREG(PKA_BASE + PKA_O_DPTR) = offset >> 2;
1481 
1482  // Set the PKA Function to ECC-ADD and start the operation.
1483  HWREG(PKA_BASE + PKA_O_FUNCTION ) = PKA_FUNCTION_RUN_M | (0x03 << PKA_FUNCTION_SEQUENCER_OPERATIONS_S);
1484 
1485  return PKA_STATUS_SUCCESS;
1486 }
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
PKAWritePkaParamExtraOffset
static uint32_t PKAWritePkaParamExtraOffset(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:674
ASSERT
#define ASSERT(expr)
Definition: debug.h:73
PKA_NO_POINTER_REG
#define PKA_NO_POINTER_REG
Definition: pka.c:190

Here is the call graph for this function:

uint32_t PKAEccMontgomeryMultiplyStart ( const uint8_t *  scalar,
const uint8_t *  curvePointX,
const uint8_t *  prime,
const uint8_t *  a,
uint32_t  length,
uint32_t *  resultPKAMemAddr 
)

Starts ECC Montgomery multiplication.

Parameters
[in]scalaris pointer to the buffer containing the scalar value to be multiplied.
[in]curvePointXis the pointer to the buffer containing the X coordinate of the elliptic curve point to be multiplied. The point must be on the given curve.
[in]primeis the prime of the curve.
[in]ais the a constant of the curve when the curve equation is expressed in short Weierstrass form (y^3 = x^2 + a*x + b).
[in]lengthis the length of the curve parameters in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKAEccMultiplyGetResult()
1394 {
1395  uint32_t offset = 0;
1396 
1397  // Check for the arguments.
1398  ASSERT(scalar);
1399  ASSERT(curvePointX);
1400  ASSERT(prime);
1401  ASSERT(a);
1402  ASSERT(length <= PKA_MAX_CURVE_SIZE_32_BIT_WORD * sizeof(uint32_t));
1403  ASSERT(resultPKAMemAddr);
1404 
1405  // Make sure no PKA operation is in progress.
1406  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1407  return PKA_STATUS_OPERATION_BUSY;
1408  }
1409 
1410  offset = PKAWritePkaParam(scalar, length, offset, PKA_O_APTR);
1411 
1412  offset = PKAWritePkaParamExtraOffset(prime, length, offset, PKA_O_BPTR);
1413  offset = PKAWritePkaParamExtraOffset(a, length, offset, PKA_NO_POINTER_REG);
1414 
1415  offset = PKAWritePkaParamExtraOffset(curvePointX, length, offset, PKA_O_CPTR);
1416 
1417  // Update the result location.
1418  // The resultPKAMemAddr may be 0 if we only want to check that we generated the point at infinity
1419  if (resultPKAMemAddr) {
1420  *resultPKAMemAddr = PKA_RAM_BASE + offset;
1421  }
1422 
1423  // Load D pointer with the result location in PKA RAM.
1424  HWREG(PKA_BASE + PKA_O_DPTR) = offset >> 2;
1425 
1426  // Set the PKA function to Montgomery ECC-MULT and start the operation.
1427  HWREG(PKA_BASE + PKA_O_FUNCTION) = PKA_FUNCTION_RUN_M | (0x02 << PKA_FUNCTION_SEQUENCER_OPERATIONS_S);
1428 
1429  return PKA_STATUS_SUCCESS;
1430 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:604
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
PKAWritePkaParamExtraOffset
static uint32_t PKAWritePkaParamExtraOffset(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:674
ASSERT
#define ASSERT(expr)
Definition: debug.h:73
PKA_NO_POINTER_REG
#define PKA_NO_POINTER_REG
Definition: pka.c:190
PKA_MAX_CURVE_SIZE_32_BIT_WORD
#define PKA_MAX_CURVE_SIZE_32_BIT_WORD
Definition: pka.c:174

Here is the call graph for this function:

uint32_t PKAEccMultiplyGetResult ( uint8_t *  curvePointX,
uint8_t *  curvePointY,
uint32_t  resultPKAMemAddr,
uint32_t  length 
)

Gets the result of ECC multiplication.

This function gets the result of ECC point multiplication operation on the EC point and the scalar value, previously started using the function PKAEccMultiplyStart().

Parameters
[out]curvePointXis the pointer to the structure where the X coordinate of the resultant EC point will be stored.
[out]curvePointYis the pointer to the structure where the Y coordinate of the resultant EC point will be stored.
[in]resultPKAMemAddris the address of the result location which was provided by the start function PKAEccMultiplyStart().
[in]lengthis the length of the curve parameters in bytes.
Returns
Returns a status code.
See also
PKAEccMultiplyStart()
1439 {
1440  return PKAGetECCResult(curvePointX, curvePointY, resultPKAMemAddr, length);
1441 }
PKAGetECCResult
static uint32_t PKAGetECCResult(uint8_t *curvePointX, uint8_t *curvePointY, uint32_t resultPKAMemAddr, uint32_t length)
Definition: pka.c:823

Here is the call graph for this function:

uint32_t PKAEccMultiplyStart ( const uint8_t *  scalar,
const uint8_t *  curvePointX,
const uint8_t *  curvePointY,
const uint8_t *  prime,
const uint8_t *  a,
const uint8_t *  b,
uint32_t  length,
uint32_t *  resultPKAMemAddr 
)

Starts ECC multiplication.

Parameters
[in]scalaris pointer to the buffer containing the scalar value to be multiplied.
[in]curvePointXis the pointer to the buffer containing the X coordinate of the elliptic curve point to be multiplied. The point must be on the given curve.
[in]curvePointYis the pointer to the buffer containing the Y coordinate of the elliptic curve point to be multiplied. The point must be on the given curve.
[in]primeis the prime of the curve.
[in]ais the a constant of the curve when the curve equation is expressed in short Weierstrass form (y^3 = x^2 + a*x + b).
[in]bis the b constant of the curve when the curve equation is expressed in short Weierstrass form (y^3 = x^2 + a*x + b).
[in]lengthis the length of the curve parameters in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKAEccMultiplyGetResult()
1345 {
1346  uint32_t offset = 0;
1347 
1348  // Check for the arguments.
1349  ASSERT(scalar);
1350  ASSERT(curvePointX);
1351  ASSERT(curvePointY);
1352  ASSERT(prime);
1353  ASSERT(a);
1354  ASSERT(b);
1355  ASSERT(length <= PKA_MAX_CURVE_SIZE_32_BIT_WORD * sizeof(uint32_t));
1356  ASSERT(resultPKAMemAddr);
1357 
1358  // Make sure no PKA operation is in progress.
1359  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1360  return PKA_STATUS_OPERATION_BUSY;
1361  }
1362 
1363  offset = PKAWritePkaParam(scalar, length, offset, PKA_O_APTR);
1364 
1365  offset = PKAWritePkaParamExtraOffset(prime, length, offset, PKA_O_BPTR);
1366  offset = PKAWritePkaParamExtraOffset(a, length, offset, PKA_NO_POINTER_REG);
1367  offset = PKAWritePkaParamExtraOffset(b, length, offset, PKA_NO_POINTER_REG);
1368 
1369  offset = PKAWritePkaParamExtraOffset(curvePointX, length, offset, PKA_O_CPTR);
1370  offset = PKAWritePkaParamExtraOffset(curvePointY, length, offset, PKA_NO_POINTER_REG);
1371 
1372  // Update the result location.
1373  // The resultPKAMemAddr may be 0 if we only want to check that we generated the point at infinity
1374  if (resultPKAMemAddr) {
1375  *resultPKAMemAddr = PKA_RAM_BASE + offset;
1376  }
1377 
1378  // Load D pointer with the result location in PKA RAM.
1379  HWREG(PKA_BASE + PKA_O_DPTR) = offset >> 2;
1380 
1381  // Set the PKA function to ECC-MULT and start the operation.
1382  HWREG(PKA_BASE + PKA_O_FUNCTION) = PKA_FUNCTION_RUN_M | (0x05 << PKA_FUNCTION_SEQUENCER_OPERATIONS_S);
1383 
1384  return PKA_STATUS_SUCCESS;
1385 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:604
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
PKAWritePkaParamExtraOffset
static uint32_t PKAWritePkaParamExtraOffset(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:674
ASSERT
#define ASSERT(expr)
Definition: debug.h:73
PKA_NO_POINTER_REG
#define PKA_NO_POINTER_REG
Definition: pka.c:190
PKA_MAX_CURVE_SIZE_32_BIT_WORD
#define PKA_MAX_CURVE_SIZE_32_BIT_WORD
Definition: pka.c:174

Here is the call graph for this function:

uint32_t PKAEccVerifyPublicKeyWeierstrassStart ( const uint8_t *  curvePointX,
const uint8_t *  curvePointY,
const uint8_t *  prime,
const uint8_t *  a,
const uint8_t *  b,
const uint8_t *  order,
uint32_t  length 
)

Begins the validation of a public key against a Short-Weierstrass curve.

This function validates a public key against a curve. After performing multiple smaller PKA operations in polling mode, it starts an ECC scalar multiplication.

The function verifies that:

  • X and Y are in the range [1, prime - 1]
  • The point is not the point at infinity
  • X and Y satisfy the Short-Weierstrass curve equation Y^2 = X^3 + a*X + b mod P
  • Multiplying the point by the order of the curve yields the point at infinity
Parameters
[in]curvePointXis the pointer to the buffer containing the X coordinate of the elliptic curve point to verify.
[in]curvePointYis the pointer to the buffer containing the Y coordinate of the elliptic curve point to verify.
[in]primeis the prime of the curve.
[in]ais the a constant of the curve when the curve equation is expressed in Short-Weierstrass form (y^3 = x^2 + a*x + b).
[in]bis the b constant of the curve when the curve equation is expressed in Short-Weierstrass form (y^3 = x^2 + a*x + b).
[in]orderis the order of the curve.
[in]lengthis the length of the curve parameters in bytes.
Returns
Returns a status code.
See also
PKAEccVerifyPublicKeyGetResult()
1504 {
1505  uint32_t pkaResult;
1506  uint32_t resultAddress;
1507  uint32_t resultLength;
1508  uint8_t *scratchBuffer = (uint8_t *)(PKA_RAM_BASE + PKA_RAM_TOT_BYTE_SIZE / 2);
1509  uint8_t *scratchBuffer2 = scratchBuffer + 512;
1510 
1511 
1512  // Verify X in range [0, prime - 1]
1513  PKABigNumCmpStart(curvePointX,
1514  prime,
1515  length);
1516 
1517  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1518 
1519  pkaResult = PKABigNumCmpGetResult();
1520 
1521  if (pkaResult != PKA_STATUS_A_LESS_THAN_B) {
1522  return PKA_STATUS_X_LARGER_THAN_PRIME;
1523  }
1524 
1525  // Verify Y in range [0, prime - 1]
1526  PKABigNumCmpStart(curvePointY,
1527  prime,
1528  length);
1529 
1530  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1531 
1532  pkaResult = PKABigNumCmpGetResult();
1533 
1534  if (pkaResult != PKA_STATUS_A_LESS_THAN_B) {
1535  return PKA_STATUS_Y_LARGER_THAN_PRIME;
1536  }
1537 
1538  // Verify point on curve
1539  // Short-Weierstrass equation: Y ^ 2 = X ^3 + a * X + b mod P
1540  // Reduced: Y ^ 2 = X * (X ^ 2 + a) + b
1541 
1542  // tmp = X ^ 2
1543  PKABigNumMultiplyStart(curvePointX, length, curvePointX, length, &resultAddress);
1544 
1545  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1546 
1547  resultLength = 200;
1548  pkaResult = PKABigNumMultGetResult(scratchBuffer, &resultLength, resultAddress);
1549 
1550  if (pkaResult != PKA_STATUS_SUCCESS) {
1551  return PKA_STATUS_FAILURE;
1552  }
1553 
1554  // tmp += a
1555  PKABigNumAddStart(scratchBuffer, resultLength, a, length, &resultAddress);
1556 
1557  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1558 
1559  resultLength = 200;
1560  pkaResult = PKABigNumAddGetResult(scratchBuffer, &resultLength, resultAddress);
1561 
1562  if (pkaResult != PKA_STATUS_SUCCESS) {
1563  return PKA_STATUS_FAILURE;
1564  }
1565 
1566  // tmp *= x
1567  PKABigNumMultiplyStart(scratchBuffer, resultLength, curvePointX, length, &resultAddress);
1568 
1569  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1570 
1571  resultLength = 200;
1572  pkaResult = PKABigNumMultGetResult(scratchBuffer, &resultLength, resultAddress);
1573 
1574  if (pkaResult != PKA_STATUS_SUCCESS) {
1575  return PKA_STATUS_FAILURE;
1576  }
1577 
1578  // tmp += b
1579  PKABigNumAddStart(scratchBuffer, resultLength, b, length, &resultAddress);
1580 
1581  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1582 
1583  resultLength = 200;
1584  pkaResult = PKABigNumAddGetResult(scratchBuffer, &resultLength, resultAddress);
1585 
1586  if (pkaResult != PKA_STATUS_SUCCESS) {
1587  return PKA_STATUS_FAILURE;
1588  }
1589 
1590 
1591  // tmp2 = tmp % prime to ensure we have no fraction in the division.
1592  // The number will only shrink from here on out.
1593  PKABigNumModStart(scratchBuffer, resultLength, prime, length, &resultAddress);
1594 
1595  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1596 
1597  // If the result is not a multiple of the word-length, the PKA HW will round up
1598  // because it deals in words only. That means that using 'length' directly
1599  // would cause and underflow, since length refers to the actual length in bytes of
1600  // the curve parameters while the PKA HW reports that rounded up to the next
1601  // word boundary.
1602  // Use 200 as the resultLength instead since we are copying to the scratch buffer
1603  // anyway.
1604  // Practically, this only happens with curves such as NIST-P521 that are not word
1605  // multiples.
1606  resultLength = 200;
1607  pkaResult = PKABigNumModGetResult(scratchBuffer2, resultLength, resultAddress);
1608 
1609  if (pkaResult != PKA_STATUS_SUCCESS) {
1610  return PKA_STATUS_FAILURE;
1611  }
1612 
1613  // tmp = y^2
1614  PKABigNumMultiplyStart(curvePointY, length, curvePointY, length, &resultAddress);
1615 
1616  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1617 
1618  resultLength = 200;
1619  pkaResult = PKABigNumMultGetResult(scratchBuffer, &resultLength, resultAddress);
1620 
1621  if (pkaResult != PKA_STATUS_SUCCESS) {
1622  return PKA_STATUS_FAILURE;
1623  }
1624 
1625  // tmp %= prime
1626  PKABigNumModStart(scratchBuffer, resultLength, prime, length, &resultAddress);
1627 
1628  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1629 
1630  // If the result is not a multiple of the word-length, the PKA HW will round up
1631  // because it deals in words only. That means that using 'length' directly
1632  // would cause and underflow, since length refers to the actual length in bytes of
1633  // the curve parameters while the PKA HW reports that rounded up to the next
1634  // word boundary.
1635  // Use 200 as the resultLength instead since we are copying to the scratch buffer
1636  // anyway.
1637  // Practically, this only happens with curves such as NIST-P521 that are not word
1638  // multiples.
1639  resultLength = 200;
1640  pkaResult = PKABigNumModGetResult(scratchBuffer, resultLength, resultAddress);
1641 
1642  if (pkaResult != PKA_STATUS_SUCCESS) {
1643  return PKA_STATUS_FAILURE;
1644  }
1645 
1646  // tmp ?= tmp2
1647  PKABigNumCmpStart(scratchBuffer,
1648  scratchBuffer2,
1649  length);
1650 
1651  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1652 
1653  pkaResult = PKABigNumCmpGetResult();
1654 
1655  if (pkaResult != PKA_STATUS_EQUAL) {
1656  return PKA_STATUS_POINT_NOT_ON_CURVE;
1657  }
1658  else {
1659  return PKA_STATUS_SUCCESS;
1660  }
1661 }
PKA_STATUS_POINT_NOT_ON_CURVE
#define PKA_STATUS_POINT_NOT_ON_CURVE
The public key is not on the specified elliptic curve.
Definition: pka.h:136
PKABigNumModGetResult
uint32_t PKABigNumModGetResult(uint8_t *resultBuf, uint32_t length, uint32_t resultPKAMemAddr)
Gets the result of the big number modulus operation.
Definition: pka.c:1012
PKABigNumAddGetResult
uint32_t PKABigNumAddGetResult(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Gets the result of the addition operation on two big numbers.
Definition: pka.c:1333
PKABigNumAddStart
uint32_t PKABigNumAddStart(const uint8_t *bigNum1, uint32_t bigNum1Length, const uint8_t *bigNum2, uint32_t bigNum2Length, uint32_t *resultPKAMemAddr)
Starts the addition of two big numbers.
Definition: pka.c:1252
PKABigNumCmpStart
uint32_t PKABigNumCmpStart(const uint8_t *bigNum1, const uint8_t *bigNum2, uint32_t length)
Starts the comparison of two big numbers.
Definition: pka.c:1093
PKA_STATUS_FAILURE
#define PKA_STATUS_FAILURE
Failure.
Definition: pka.h:122
PKA_STATUS_Y_LARGER_THAN_PRIME
#define PKA_STATUS_Y_LARGER_THAN_PRIME
Y coordinate of public key is larger than the curve prime.
Definition: pka.h:135
PKA_STATUS_EQUAL
#define PKA_STATUS_EQUAL
Big number compare return status if the first big number is equal to the second.
Definition: pka.h:128
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_X_LARGER_THAN_PRIME
#define PKA_STATUS_X_LARGER_THAN_PRIME
X coordinate of public key is larger than the curve prime.
Definition: pka.h:134
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
PKABigNumMultGetResult
uint32_t PKABigNumMultGetResult(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Gets the result of the big number multiplication.
Definition: pka.c:1242
PKABigNumModStart
uint32_t PKABigNumModStart(const uint8_t *bigNum, uint32_t bigNumLength, const uint8_t *modulus, uint32_t modulusLength, uint32_t *resultPKAMemAddr)
Starts a big number modulus operation.
Definition: pka.c:977
PKABigNumMultiplyStart
uint32_t PKABigNumMultiplyStart(const uint8_t *multiplicand, uint32_t multiplicandLength, const uint8_t *multiplier, uint32_t multiplierLength, uint32_t *resultPKAMemAddr)
Starts the multiplication of two big numbers.
Definition: pka.c:1206
PKA_STATUS_A_LESS_THAN_B
#define PKA_STATUS_A_LESS_THAN_B
Big number compare return status if the first big number is less than the second. ...
Definition: pka.h:127
PKAGetOpsStatus
uint32_t PKAGetOpsStatus(void)
Gets the PKA operation status.
Definition: pka.c:911
PKABigNumCmpGetResult
uint32_t PKABigNumCmpGetResult(void)
Gets the result of the comparison operation of two big numbers.
Definition: pka.c:1122

Here is the call graph for this function:

uint32_t PKAGetOpsStatus ( void  )

Gets the PKA operation status.

This function gets information on whether any PKA operation is in progress or not. This function allows to check the PKA operation status before starting any new PKA operation.

Returns
Returns a status code.

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

912 {
913  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN_M) {
914  return PKA_STATUS_OPERATION_BUSY;
915  }
916  else {
917  return PKA_STATUS_OPERATION_RDY;
918  }
919 }
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_OPERATION_RDY
#define PKA_STATUS_OPERATION_RDY
No PKA operation is in progress.
Definition: pka.h:130
void PKAZeroOutArray ( const uint8_t *  array,
uint32_t  arrayLength 
)

Zeros-out an array.

Parameters
[in]arrayis the array to zero-out.
[in]arrayLengthis the length of the array.

Referenced by PKABigNumInvModGetResult(), and PKABigNumModGetResult().

953 {
954  uint32_t i;
955  // Take the floor of paramLength in 32-bit words
956  uint32_t arrayLengthInWords = arrayLength / sizeof(uint32_t);
957 
958  // Zero-out the array word-wise until i >= arrayLength
959  for (i = 0; i < arrayLengthInWords * sizeof(uint32_t); i += 4) {
960  HWREG(array + i) = 0;
961  }
962 
963  // If i != arrayLength, there are some remaining bytes to zero-out
964  if (arrayLength % sizeof(uint32_t)) {
965  // Subtract 4 from i, since i has already overshot the array
966  for (i -= 4; i < arrayLength; i++) {
967  HWREGB(array + i * sizeof(uint32_t));
968  }
969  }
970 }

Macro Definition Documentation

#define BrainpoolP256R1_PARAM_SIZE_BYTES   32
#define BrainpoolP384R1_PARAM_SIZE_BYTES   48
#define BrainpoolP512R1_PARAM_SIZE_BYTES   64
#define Curve25519_PARAM_SIZE_BYTES   32
#define NISTP224_PARAM_SIZE_BYTES   28
#define NISTP256_PARAM_SIZE_BYTES   32
#define NISTP384_PARAM_SIZE_BYTES   48
#define NISTP521_PARAM_SIZE_BYTES   66
#define PKA_STATUS_A_GREATER_THAN_B   5

Big number compare return status if the first big number is greater than the second.

Referenced by PKABigNumCmpGetResult().

#define PKA_STATUS_A_LESS_THAN_B   6

Big number compare return status if the first big number is less than the second.

Referenced by PKABigNumCmpGetResult(), and PKAEccVerifyPublicKeyWeierstrassStart().

#define PKA_STATUS_BUF_UNDERFLOW   3

Buffer underflow.

Referenced by PKAGetBigNumResult(), and PKAGetBigNumResultRemainder().

#define PKA_STATUS_EQUAL   7

Big number compare return status if the first big number is equal to the second.

Referenced by PKABigNumCmpGetResult(), and PKAEccVerifyPublicKeyWeierstrassStart().

#define PKA_STATUS_FAILURE   1

Failure.

Referenced by PKABigNumCmpGetResult(), PKAEccVerifyPublicKeyWeierstrassStart(), and PKAGetECCResult().

#define PKA_STATUS_INVALID_PARAM   2

Invalid parameter.

#define PKA_STATUS_LOCATION_IN_USE   10

Location in PKA RAM is not available.

#define PKA_STATUS_OPERATION_BUSY   8

PKA operation is in progress.

Referenced by PKABigNumAddStart(), PKABigNumCmpGetResult(), PKABigNumCmpStart(), PKABigNumDivideStart(), PKABigNumInvModStart(), PKABigNumModStart(), PKABigNumMultiplyStart(), PKABigNumSubStart(), PKAEccAddStart(), PKAEccMontgomeryMultiplyStart(), PKAEccMultiplyStart(), PKAEccVerifyPublicKeyWeierstrassStart(), PKAGetBigNumResult(), PKAGetBigNumResultRemainder(), PKAGetECCResult(), and PKAGetOpsStatus().

#define PKA_STATUS_OPERATION_RDY   9

No PKA operation is in progress.

Referenced by PKAGetOpsStatus().

#define PKA_STATUS_POINT_AT_INFINITY   17

The ECC operation resulted in the point at infinity.

Referenced by PKAGetECCResult().

#define PKA_STATUS_POINT_NOT_ON_CURVE   15

The public key is not on the specified elliptic curve.

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

#define PKA_STATUS_RESULT_0   4

Result is all zeros.

#define PKA_STATUS_RESULT_ADDRESS_INCORRECT   16

The address of the result passed into one of the PKA*GetResult functions is incorrect.

Referenced by PKAGetBigNumResult().

#define PKA_STATUS_SUCCESS   0

Success.

Referenced by PKABigNumAddStart(), PKABigNumCmpStart(), PKABigNumDivideStart(), PKABigNumInvModStart(), PKABigNumModStart(), PKABigNumMultiplyStart(), PKABigNumSubStart(), PKAEccAddStart(), PKAEccMontgomeryMultiplyStart(), PKAEccMultiplyStart(), PKAEccVerifyPublicKeyWeierstrassStart(), PKAGetBigNumResult(), PKAGetBigNumResultRemainder(), and PKAGetECCResult().

#define PKA_STATUS_X_LARGER_THAN_PRIME   13

X coordinate of public key is larger than the curve prime.

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

#define PKA_STATUS_X_ZERO   11

X coordinate of public key is 0.

#define PKA_STATUS_Y_LARGER_THAN_PRIME   14

Y coordinate of public key is larger than the curve prime.

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

#define PKA_STATUS_Y_ZERO   12

Y coordinate of public key is 0.

Variable Documentation

const PKA_EccParam256 BrainpoolP256R1_a

a constant of the BrainpoolP256R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccParam256 BrainpoolP256R1_b

b constant of the BrainpoolP256R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccPoint256 BrainpoolP256R1_generator

X coordinate of the generator point of the BrainpoolP256R1 curve.

const PKA_EccParam256 BrainpoolP256R1_order

Order of the BrainpoolP256R1 curve.

const PKA_EccParam256 BrainpoolP256R1_prime

Prime of the BrainpoolP256R1 curve.

const PKA_EccParam384 BrainpoolP384R1_a

a constant of the BrainpoolP384R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccParam384 BrainpoolP384R1_b

b constant of the BrainpoolP384R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccPoint384 BrainpoolP384R1_generator

X coordinate of the generator point of the BrainpoolP384R1 curve.

const PKA_EccParam384 BrainpoolP384R1_order

Order of the BrainpoolP384R1 curve.

const PKA_EccParam384 BrainpoolP384R1_prime

Prime of the BrainpoolP384R1 curve.

const PKA_EccParam512 BrainpoolP512R1_a

a constant of the BrainpoolP512R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccParam512 BrainpoolP512R1_b

b constant of the BrainpoolP512R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccPoint512 BrainpoolP512R1_generator

X coordinate of the generator point of the BrainpoolP512R1 curve.

const PKA_EccParam512 BrainpoolP512R1_order

Order of the BrainpoolP512R1 curve.

const PKA_EccParam512 BrainpoolP512R1_prime

Prime of the BrainpoolP512R1 curve.

const PKA_EccParam256 Curve25519_a

a constant of the Curve25519 curve when expressed in Montgomery form (By^2 = x^3 + a*x^2 + x).

const PKA_EccParam256 Curve25519_b

b constant of the Curve25519 curve when expressed in Montgomery form (By^2 = x^3 + a*x^2 + x).

const PKA_EccPoint256 Curve25519_generator

X coordinate of the generator point of the Curve25519 curve.

const PKA_EccParam256 Curve25519_order

Order of the Curve25519 curve.

const PKA_EccParam256 Curve25519_prime

Prime of the Curve25519 curve.

const PKA_EccParam224 NISTP224_a

a constant of the NISTP224 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccParam224 NISTP224_b

b constant of the NISTP224 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccPoint224 NISTP224_generator

X coordinate of the generator point of the NISTP224 curve.

const PKA_EccParam224 NISTP224_order

Order of the NISTP224 curve.

const PKA_EccParam224 NISTP224_prime

Prime of the NISTP224 curve.

const PKA_EccParam256 NISTP256_a

a constant of the NISTP256 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccParam256 NISTP256_b

b constant of the NISTP256 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccPoint256 NISTP256_generator

X coordinate of the generator point of the NISTP256 curve.

const PKA_EccParam256 NISTP256_order

Order of the NISTP256 curve.

const PKA_EccParam256 NISTP256_prime

Prime of the NISTP256 curve.

const PKA_EccParam384 NISTP384_a

a constant of the NISTP384 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccParam384 NISTP384_b

b constant of the NISTP384 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccPoint384 NISTP384_generator

X coordinate of the generator point of the NISTP384 curve.

const PKA_EccParam384 NISTP384_order

Order of the NISTP384 curve.

const PKA_EccParam384 NISTP384_prime

Prime of the NISTP384 curve.

const PKA_EccParam521 NISTP521_a

a constant of the NISTP521 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccParam521 NISTP521_b

b constant of the NISTP521 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccPoint521 NISTP521_generator

X coordinate of the generator point of the NISTP521 curve.

const PKA_EccParam521 NISTP521_order

Order of the NISTP521 curve.

const PKA_EccParam521 NISTP521_prime

Prime of the NISTP521 curve.