CC26xx Driver Library
Data Structures | Functions | Variables
[pka.h] Public Key Accelerator
Peripherals

Data Structures

union  PKA_EccParam224
 
union  PKA_EccParam256
 
union  PKA_EccParam384
 
union  PKA_EccParam512
 
union  PKA_EccParam521
 
struct  PKA_EccPoint224_
 
struct  PKA_EccPoint256_
 
struct  PKA_EccPoint384_
 
struct  PKA_EccPoint512_
 
struct  PKA_EccPoint521_
 

Functions

void PKAClearPkaRam (void)
 Zeroizes PKA RAM. More...
 
uint32_t PKAGetOpsStatus (void)
 Gets the PKA operation status. More...
 
bool PKAArrayAllZeros (const uint8_t *array, uint32_t arrayLength)
 Checks whether and array only consists of zeros. More...
 
void PKAZeroOutArray (const uint8_t *array, uint32_t arrayLength)
 Zeros-out an array. More...
 
uint32_t PKABigNumModStart (const uint8_t *bigNum, uint32_t bigNumLength, const uint8_t *modulus, uint32_t modulusLength, uint32_t *resultPKAMemAddr)
 Starts a big number modulus operation. More...
 
uint32_t PKABigNumModGetResult (uint8_t *resultBuf, uint32_t length, uint32_t resultPKAMemAddr)
 Gets the result of the big number modulus operation. More...
 
uint32_t PKABigNumDivideStart (const uint8_t *dividend, uint32_t dividendLength, const uint8_t *divisor, uint32_t divisorLength, uint32_t *resultQuotientMemAddr, uint32_t *resultRemainderMemAddr)
 Starts a big number divide operation. More...
 
uint32_t PKABigNumDivideGetQuotient (uint8_t *resultBuf, uint32_t *length, uint32_t resultQuotientMemAddr)
 Gets the quotient of the big number divide operation. More...
 
uint32_t PKABigNumDivideGetRemainder (uint8_t *resultBuf, uint32_t *length, uint32_t resultRemainderMemAddr)
 Gets the remainder of the big number divide operation. More...
 
uint32_t PKABigNumCmpStart (const uint8_t *bigNum1, const uint8_t *bigNum2, uint32_t length)
 Starts the comparison of two big numbers. More...
 
uint32_t PKABigNumCmpGetResult (void)
 Gets the result of the comparison operation of two big numbers. More...
 
uint32_t PKABigNumInvModStart (const uint8_t *bigNum, uint32_t bigNumLength, const uint8_t *modulus, uint32_t modulusLength, uint32_t *resultPKAMemAddr)
 Starts a big number inverse modulo operation. More...
 
uint32_t PKABigNumInvModGetResult (uint8_t *resultBuf, uint32_t length, uint32_t resultPKAMemAddr)
 Gets the result of the big number inverse modulo operation. More...
 
uint32_t PKABigNumMultiplyStart (const uint8_t *multiplicand, uint32_t multiplicandLength, const uint8_t *multiplier, uint32_t multiplierLength, uint32_t *resultPKAMemAddr)
 Starts the multiplication of two big numbers. More...
 
uint32_t PKABigNumMultGetResult (uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
 Gets the result of the big number multiplication. More...
 
uint32_t PKABigNumAddStart (const uint8_t *bigNum1, uint32_t bigNum1Length, const uint8_t *bigNum2, uint32_t bigNum2Length, uint32_t *resultPKAMemAddr)
 Starts the addition of two big numbers. More...
 
uint32_t PKABigNumAddGetResult (uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
 Gets the result of the addition operation on two big numbers. More...
 
uint32_t PKABigNumSubStart (const uint8_t *minuend, uint32_t minuendLength, const uint8_t *subtrahend, uint32_t subtrahendLength, uint32_t *resultPKAMemAddr)
 Starts the subtraction of one big number from another. More...
 
uint32_t PKABigNumSubGetResult (uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
 Gets the result of the subtraction operation on two big numbers. More...
 
uint32_t PKAEccMultiplyStart (const uint8_t *scalar, const uint8_t *curvePointX, const uint8_t *curvePointY, const uint8_t *prime, const uint8_t *a, const uint8_t *b, uint32_t length, uint32_t *resultPKAMemAddr)
 Starts ECC multiplication. More...
 
uint32_t PKAEccMontgomeryMultiplyStart (const uint8_t *scalar, const uint8_t *curvePointX, const uint8_t *prime, const uint8_t *a, uint32_t length, uint32_t *resultPKAMemAddr)
 Starts ECC Montgomery multiplication. More...
 
uint32_t PKAEccMultiplyGetResult (uint8_t *curvePointX, uint8_t *curvePointY, uint32_t resultPKAMemAddr, uint32_t length)
 Gets the result of ECC multiplication. More...
 
uint32_t PKAEccAddStart (const uint8_t *curvePoint1X, const uint8_t *curvePoint1Y, const uint8_t *curvePoint2X, const uint8_t *curvePoint2Y, const uint8_t *prime, const uint8_t *a, uint32_t length, uint32_t *resultPKAMemAddr)
 Starts the ECC addition. More...
 
uint32_t PKAEccAddGetResult (uint8_t *curvePointX, uint8_t *curvePointY, uint32_t resultPKAMemAddr, uint32_t length)
 Gets the result of the ECC addition. More...
 
uint32_t PKAEccVerifyPublicKeyWeierstrassStart (const uint8_t *curvePointX, const uint8_t *curvePointY, const uint8_t *prime, const uint8_t *a, const uint8_t *b, const uint8_t *order, uint32_t length)
 Begins the validation of a public key against a Short-Weierstrass curve. More...
 

Variables

const PKA_EccPoint224 NISTP224_generator
 X coordinate of the generator point of the NISTP224 curve. More...
 
const PKA_EccParam224 NISTP224_prime
 Prime of the NISTP224 curve. More...
 
const PKA_EccParam224 NISTP224_a
 a constant of the NISTP224 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam224 NISTP224_b
 b constant of the NISTP224 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam224 NISTP224_order
 Order of the NISTP224 curve. More...
 
const PKA_EccPoint256 NISTP256_generator
 X coordinate of the generator point of the NISTP256 curve. More...
 
const PKA_EccParam256 NISTP256_prime
 Prime of the NISTP256 curve. More...
 
const PKA_EccParam256 NISTP256_a
 a constant of the NISTP256 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam256 NISTP256_b
 b constant of the NISTP256 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam256 NISTP256_order
 Order of the NISTP256 curve. More...
 
const PKA_EccPoint384 NISTP384_generator
 X coordinate of the generator point of the NISTP384 curve. More...
 
const PKA_EccParam384 NISTP384_prime
 Prime of the NISTP384 curve. More...
 
const PKA_EccParam384 NISTP384_a
 a constant of the NISTP384 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam384 NISTP384_b
 b constant of the NISTP384 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam384 NISTP384_order
 Order of the NISTP384 curve. More...
 
const PKA_EccPoint521 NISTP521_generator
 X coordinate of the generator point of the NISTP521 curve. More...
 
const PKA_EccParam521 NISTP521_prime
 Prime of the NISTP521 curve. More...
 
const PKA_EccParam521 NISTP521_a
 a constant of the NISTP521 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam521 NISTP521_b
 b constant of the NISTP521 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam521 NISTP521_order
 Order of the NISTP521 curve. More...
 
const PKA_EccPoint256 BrainpoolP256R1_generator
 X coordinate of the generator point of the BrainpoolP256R1 curve. More...
 
const PKA_EccParam256 BrainpoolP256R1_prime
 Prime of the BrainpoolP256R1 curve. More...
 
const PKA_EccParam256 BrainpoolP256R1_a
 a constant of the BrainpoolP256R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam256 BrainpoolP256R1_b
 b constant of the BrainpoolP256R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam256 BrainpoolP256R1_order
 Order of the BrainpoolP256R1 curve. More...
 
const PKA_EccPoint384 BrainpoolP384R1_generator
 X coordinate of the generator point of the BrainpoolP384R1 curve. More...
 
const PKA_EccParam384 BrainpoolP384R1_prime
 Prime of the BrainpoolP384R1 curve. More...
 
const PKA_EccParam384 BrainpoolP384R1_a
 a constant of the BrainpoolP384R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam384 BrainpoolP384R1_b
 b constant of the BrainpoolP384R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam384 BrainpoolP384R1_order
 Order of the BrainpoolP384R1 curve. More...
 
const PKA_EccPoint512 BrainpoolP512R1_generator
 X coordinate of the generator point of the BrainpoolP512R1 curve. More...
 
const PKA_EccParam512 BrainpoolP512R1_prime
 Prime of the BrainpoolP512R1 curve. More...
 
const PKA_EccParam512 BrainpoolP512R1_a
 a constant of the BrainpoolP512R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam512 BrainpoolP512R1_b
 b constant of the BrainpoolP512R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b). More...
 
const PKA_EccParam512 BrainpoolP512R1_order
 Order of the BrainpoolP512R1 curve. More...
 
const PKA_EccPoint256 Curve25519_generator
 X coordinate of the generator point of the Curve25519 curve. More...
 
const PKA_EccParam256 Curve25519_prime
 Prime of the Curve25519 curve. More...
 
const PKA_EccParam256 Curve25519_a
 a constant of the Curve25519 curve when expressed in Montgomery form (By^2 = x^3 + a*x^2 + x). More...
 
const PKA_EccParam256 Curve25519_b
 b constant of the Curve25519 curve when expressed in Montgomery form (By^2 = x^3 + a*x^2 + x). More...
 
const PKA_EccParam256 Curve25519_order
 Order of the Curve25519 curve. More...
 

Detailed Description

Introduction

The PKA (Public Key Accelerator) API provides access to the Large Number Engine (LNME). The LNME allows for efficient math operations on numbers larger than those that fit within the ALU of the system CPU. It is significantly faster to perform these operations using the LNME than implementing the same functionality in software using regular word-wise math operations. While the LNME runs in the background, the system CPU may perform other operations or be turned off.

The LNME supports both primitive math operations and serialized primitive operations (sequencer operations).

These primitives and sequencer operations can be used to implement various public key encryption schemes. It is possible to implement the following schemes using the operations mentioned above:

The DriverLib PKA functions copy the relevant parameters into the dedicated PKA RAM. The LNME requires these parameters be present and correctly formatted in the PKA RAM and not system RAM. They are copied word-wise as the PKA RAM does not support byte-wise access. The CPU handles the alignment differences during the memory copy operation. Forcing buffer alignment in system RAM results in a significant speedup of the copy operation compared to unaligned buffers.

When the operation completes, the result is copied back into a buffer in system RAM specified by the application. The PKA RAM is then cleared to prevent sensitive keying material from remaining in PKA RAM.

Function Documentation

bool PKAArrayAllZeros ( const uint8_t *  array,
uint32_t  arrayLength 
)

Checks whether and array only consists of zeros.

Parameters
[in]arrayis the array to check.
[in]arrayLengthis the length of the array.
Returns
Returns true if the array contains only zeros and false if one or more bits are set.
868 {
869  uint32_t i;
870  uint8_t arrayBits = 0;
871 
872  // We could speed things up by comparing word-wise rather than byte-wise.
873  // However, this extra overhead is inconsequential compared to running an
874  // actual PKA operation. Especially ECC operations.
875  for (i = 0; i < arrayLength; i++) {
876  arrayBits |= array[i];
877  }
878 
879  if (arrayBits) {
880  return false;
881  }
882  else {
883  return true;
884  }
885 
886 }
uint32_t PKABigNumAddGetResult ( uint8_t *  resultBuf,
uint32_t *  resultLength,
uint32_t  resultPKAMemAddr 
)

Gets the result of the addition operation on two big numbers.

Parameters
[out]resultBufis the pointer to buffer where the result needs to be stored.
[in,out]resultLengthis the address of the variable containing the length of the buffer. After the operation the actual length of the resultant is stored at this address.
[in]resultPKAMemAddris the address of the result location which was provided by the start function PKABigNumAddStart().
Returns
Returns a status code.
See also
PKABigNumAddStart()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

1275 {
1276  return PKAGetBigNumResult(resultBuf, resultLength, resultPKAMemAddr);
1277 }
PKAGetBigNumResult
static uint32_t PKAGetBigNumResult(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Definition: pka.c:626

Here is the call graph for this function:

uint32_t PKABigNumAddStart ( const uint8_t *  bigNum1,
uint32_t  bigNum1Length,
const uint8_t *  bigNum2,
uint32_t  bigNum2Length,
uint32_t *  resultPKAMemAddr 
)

Starts the addition of two big numbers.

Parameters
[in]bigNum1is the pointer to the buffer containing the first big number.
[in]bigNum1Lengthis the size of the first big number in bytes.
[in]bigNum2is the pointer to the buffer containing the second big number.
[in]bigNum2Lengthis the size of the second big number in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKABigNumAddGetResult()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

1194 {
1195  uint32_t offset = 0;
1196 
1197  // Check for arguments.
1198  ASSERT(bigNum1);
1199  ASSERT(bigNum2);
1200  ASSERT(resultPKAMemAddr);
1201 
1202  // Make sure no operation is in progress.
1203  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1204  return PKA_STATUS_OPERATION_BUSY;
1205  }
1206 
1207  offset = PKAWritePkaParam(bigNum1, bigNum1Length, offset, PKA_O_APTR);
1208 
1209  offset = PKAWritePkaParam(bigNum2, bigNum2Length, offset, PKA_O_BPTR);
1210 
1211  // Copy the result vector address location.
1212  *resultPKAMemAddr = PKA_RAM_BASE + offset;
1213 
1214  // Load C pointer with the result location in PKA RAM.
1215  HWREG(PKA_BASE + PKA_O_CPTR) = offset >> 2;
1216 
1217  // Set the function for the add operation and start the operation.
1218  HWREG(PKA_BASE + PKA_O_FUNCTION) = (PKA_FUNCTION_RUN | PKA_FUNCTION_ADD);
1219 
1220  return PKA_STATUS_SUCCESS;
1221 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:545
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
ASSERT
#define ASSERT(expr)
Definition: debug.h:73

Here is the call graph for this function:

uint32_t PKABigNumCmpGetResult ( void  )

Gets the result of the comparison operation of two big numbers.

This function provides the results of the comparison of two big numbers which was started using the PKABigNumCmpStart().

Returns
Returns a status code.
See also
PKABigNumCmpStart()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

1064 {
1065  uint32_t status;
1066 
1067  // verify that the operation is complete.
1068  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1069  return PKA_STATUS_OPERATION_BUSY;
1070  }
1071 
1072  // Check the COMPARE register.
1073  switch(HWREG(PKA_BASE + PKA_O_COMPARE)) {
1074  case PKA_COMPARE_A_EQUALS_B:
1075  status = PKA_STATUS_EQUAL;
1076  break;
1077 
1078  case PKA_COMPARE_A_GREATER_THAN_B:
1079  status = PKA_STATUS_A_GREATER_THAN_B;
1080  break;
1081 
1082  case PKA_COMPARE_A_LESS_THAN_B:
1083  status = PKA_STATUS_A_LESS_THAN_B;
1084  break;
1085 
1086  default:
1087  status = PKA_STATUS_FAILURE;
1088  break;
1089  }
1090 
1091  return status;
1092 }
PKA_STATUS_FAILURE
#define PKA_STATUS_FAILURE
Failure.
Definition: pka.h:122
PKA_STATUS_EQUAL
#define PKA_STATUS_EQUAL
Big number compare return status if the first big number is equal to the second.
Definition: pka.h:128
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_A_LESS_THAN_B
#define PKA_STATUS_A_LESS_THAN_B
Big number compare return status if the first big number is less than the second. ...
Definition: pka.h:127
PKA_STATUS_A_GREATER_THAN_B
#define PKA_STATUS_A_GREATER_THAN_B
Big number compare return status if the first big number is greater than the second.
Definition: pka.h:126
uint32_t PKABigNumCmpStart ( const uint8_t *  bigNum1,
const uint8_t *  bigNum2,
uint32_t  length 
)

Starts the comparison of two big numbers.

This function starts the comparison of two big numbers pointed by bigNum1 and bigNum2.

Note
bigNum1 and bigNum2 must have same size.
Parameters
[in]bigNum1is the pointer to the first big number.
[in]bigNum2is the pointer to the second big number.
[in]lengthis the size of the big numbers in bytes.
Returns
Returns a status code.
See also
PKABigNumCmpGetResult()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

1035 {
1036  uint32_t offset = 0;
1037 
1038  // Check the arguments.
1039  ASSERT(bigNum1);
1040  ASSERT(bigNum2);
1041 
1042  // Make sure no operation is in progress.
1043  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1044  return PKA_STATUS_OPERATION_BUSY;
1045  }
1046 
1047  offset = PKAWritePkaParam(bigNum1, length, offset, PKA_O_APTR);
1048 
1049  offset = PKAWritePkaParam(bigNum2, length, offset, PKA_O_BPTR);
1050 
1051  // Set the PKA Function register for the Compare operation
1052  // and start the operation.
1053  HWREG(PKA_BASE + PKA_O_FUNCTION) = (PKA_FUNCTION_RUN | PKA_FUNCTION_COMPARE);
1054 
1055  return PKA_STATUS_SUCCESS;
1056 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:545
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
ASSERT
#define ASSERT(expr)
Definition: debug.h:73

Here is the call graph for this function:

uint32_t PKABigNumDivideGetQuotient ( uint8_t *  resultBuf,
uint32_t *  length,
uint32_t  resultQuotientMemAddr 
)

Gets the quotient of the big number divide operation.

This function gets the quotient of the big number divide operation which was previously started using the function PKABigNumDivideStart().

Parameters
[out]resultBufis the pointer to buffer where the result needs to be stored.
[in]lengthis the size of the provided buffer in bytes.
[in]resultQuotientMemAddris the address of the result location which was provided by the start function PKABigNumDivideStart().
Returns
Returns a status code.
See also
PKABigNumDivideStart()
1014 {
1015  return PKAGetBigNumResult(resultBuf, length, resultQuotientMemAddr);
1016 }
PKAGetBigNumResult
static uint32_t PKAGetBigNumResult(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Definition: pka.c:626

Here is the call graph for this function:

uint32_t PKABigNumDivideGetRemainder ( uint8_t *  resultBuf,
uint32_t *  length,
uint32_t  resultRemainderMemAddr 
)

Gets the remainder of the big number divide operation.

This function gets the remainder of the big number divide operation which was previously started using the function PKABigNumDivideStart().

Parameters
[out]resultBufis the pointer to buffer where the result needs to be stored.
[in]lengthis the size of the provided buffer in bytes.
[in]resultRemainderMemAddris the address of the result location which was provided by the start function PKABigNumDivideStart().
Returns
Returns a status code.
See also
PKABigNumDivideStart()
1024 {
1025  return PKAGetBigNumResultRemainder(resultBuf, length, resultQuotientMemAddr);
1026 }
PKAGetBigNumResultRemainder
static uint32_t PKAGetBigNumResultRemainder(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Definition: pka.c:700

Here is the call graph for this function:

uint32_t PKABigNumDivideStart ( const uint8_t *  dividend,
uint32_t  dividendLength,
const uint8_t *  divisor,
uint32_t  divisorLength,
uint32_t *  resultQuotientMemAddr,
uint32_t *  resultRemainderMemAddr 
)

Starts a big number divide operation.

This function starts the dive operation on the big number bigNum using the divisor. The PKA RAM location where the result will be available is stored in resultPKAMemAddr.

Parameters
[in]dividendis the pointer to the big number to be divided.
[in]dividendLengthis the size of the big number dividend in bytes.
[in]divisoris the pointer to the divisor.
[in]divisorLengthis the size of the divisor in bytes.
[out]resultQuotientMemAddris the pointer to the quotient vector location which will be set by this function.
[out]resultRemainderMemAddris the pointer to the remainder vector location which will be set by this function.
Returns
Returns a status code.
See also
PKABigNumDivideGetResult()
967 {
968  uint32_t offset = 0;
969 
970  // Check the arguments.
971  ASSERT(dividend);
972  ASSERT(divisor);
973  ASSERT(resultQuotientMemAddr);
974  ASSERT(resultRemainderMemAddr);
975 
976  // Make sure no operation is in progress.
977  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
978  return PKA_STATUS_OPERATION_BUSY;
979  }
980 
981  offset = PKAWritePkaParam(dividend, dividendLength, offset, PKA_O_APTR);
982 
983  offset = PKAWritePkaParamExtraOffset(divisor, divisorLength, offset, PKA_O_BPTR);
984 
985  // Copy the remainder result vector address location.
986  if (resultRemainderMemAddr) {
987  *resultRemainderMemAddr = PKA_RAM_BASE + offset;
988  }
989 
990  // The remainder cannot ever be larger than the divisor. It should fit inside
991  // a buffer of that size.
992  offset = PKAWritePkaParamExtraOffset(0, divisorLength, offset, PKA_O_CPTR);
993 
994  // Copy the remainder result vector address location.
995  if (resultQuotientMemAddr) {
996  *resultQuotientMemAddr = PKA_RAM_BASE + offset;
997  }
998 
999  // Load D pointer with the quotient location in PKA RAM
1000  HWREG(PKA_BASE + PKA_O_DPTR) = offset >> 2;
1001 
1002  // Start the PKCP modulo operation by setting the PKA Function register.
1003  HWREG(PKA_BASE + PKA_O_FUNCTION) = (PKA_FUNCTION_RUN | PKA_FUNCTION_DIVIDE);
1004 
1005  return PKA_STATUS_SUCCESS;
1006 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:545
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
PKAWritePkaParamExtraOffset
static uint32_t PKAWritePkaParamExtraOffset(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:615
ASSERT
#define ASSERT(expr)
Definition: debug.h:73

Here is the call graph for this function:

uint32_t PKABigNumInvModGetResult ( uint8_t *  resultBuf,
uint32_t  length,
uint32_t  resultPKAMemAddr 
)

Gets the result of the big number inverse modulo operation.

This function gets the result of the big number inverse modulo operation previously started using the function PKABigNumInvModStart(). The function will zero-out resultBuf prior to copying in the result of the inverse modulo operation.

Parameters
[out]resultBufis the pointer to buffer where the result needs to be stored.
[in]lengthis the size of the provided buffer in bytes.
[in]resultPKAMemAddris the address of the result location which was provided by the start function PKABigNumInvModStart().
Returns
Returns a status code.
See also
PKABigNumInvModStart()
1135 {
1136  // Zero-out array in case modulo result is shorter than length
1137  PKAZeroOutArray(resultBuf, length);
1138 
1139  return PKAGetBigNumResult(resultBuf, &length, resultPKAMemAddr);
1140 }
PKAGetBigNumResult
static uint32_t PKAGetBigNumResult(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Definition: pka.c:626
PKAZeroOutArray
void PKAZeroOutArray(const uint8_t *array, uint32_t arrayLength)
Zeros-out an array.
Definition: pka.c:893

Here is the call graph for this function:

uint32_t PKABigNumInvModStart ( const uint8_t *  bigNum,
uint32_t  bigNumLength,
const uint8_t *  modulus,
uint32_t  modulusLength,
uint32_t *  resultPKAMemAddr 
)

Starts a big number inverse modulo operation.

This function starts the inverse modulo operation on bigNum using the divisor modulus.

Parameters
[in]bigNumis the pointer to the buffer containing the big number (dividend).
[in]bigNumLengthis the size of the bigNum in bytes.
[in]modulusis the pointer to the buffer containing the divisor.
[in]modulusLengthis the size of the divisor in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKABigNumInvModGetResult()
1100 {
1101  uint32_t offset = 0;
1102 
1103  // Check the arguments.
1104  ASSERT(bigNum);
1105  ASSERT(modulus);
1106  ASSERT(resultPKAMemAddr);
1107 
1108  // Make sure no operation is in progress.
1109  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1110  return PKA_STATUS_OPERATION_BUSY;
1111  }
1112 
1113  offset = PKAWritePkaParam(bigNum, bigNumLength, offset, PKA_O_APTR);
1114 
1115  offset = PKAWritePkaParam(modulus, modulusLength, offset, PKA_O_BPTR);
1116 
1117  // Copy the result vector address location.
1118  *resultPKAMemAddr = PKA_RAM_BASE + offset;
1119 
1120  // Load D pointer with the result location in PKA RAM.
1121  HWREG(PKA_BASE + PKA_O_DPTR) = offset >> 2;
1122 
1123  // set the PKA function to InvMod operation and the start the operation.
1124  HWREG(PKA_BASE + PKA_O_FUNCTION) = 0x0000F000;
1125 
1126  return PKA_STATUS_SUCCESS;
1127 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:545
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
ASSERT
#define ASSERT(expr)
Definition: debug.h:73

Here is the call graph for this function:

uint32_t PKABigNumModGetResult ( uint8_t *  resultBuf,
uint32_t  length,
uint32_t  resultPKAMemAddr 
)

Gets the result of the big number modulus operation.

This function gets the result of the big number modulus operation which was previously started using the function PKABigNumModStart(). The function will zero-out resultBuf prior to copying in the result of the modulo operation.

Parameters
[out]resultBufis the pointer to buffer where the result needs to be stored.
[in]lengthis the size of the provided buffer in bytes.
[in]resultPKAMemAddris the address of the result location which was provided by the start function PKABigNumModStart().
Returns
Returns a status code.
See also
PKABigNumModStart()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

954 {
955  // Zero-out array in case modulo result is shorter than length
956  PKAZeroOutArray(resultBuf, length);
957 
958  return PKAGetBigNumResultRemainder(resultBuf, &length, resultPKAMemAddr);
959 }
PKAGetBigNumResultRemainder
static uint32_t PKAGetBigNumResultRemainder(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Definition: pka.c:700
PKAZeroOutArray
void PKAZeroOutArray(const uint8_t *array, uint32_t arrayLength)
Zeros-out an array.
Definition: pka.c:893

Here is the call graph for this function:

uint32_t PKABigNumModStart ( const uint8_t *  bigNum,
uint32_t  bigNumLength,
const uint8_t *  modulus,
uint32_t  modulusLength,
uint32_t *  resultPKAMemAddr 
)

Starts a big number modulus operation.

This function starts the modulo operation on the big number bigNum using the divisor modulus. The PKA RAM location where the result will be available is stored in resultPKAMemAddr.

Parameters
[in]bigNumis the pointer to the big number on which modulo operation needs to be carried out.
[in]bigNumLengthis the size of the big number bigNum in bytes.
[in]modulusis the pointer to the divisor.
[in]modulusLengthis the size of the divisor modulus in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKABigNumModGetResult()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

919 {
920  uint32_t offset = 0;
921 
922  // Check the arguments.
923  ASSERT(bigNum);
924  ASSERT(modulus);
925  ASSERT(resultPKAMemAddr);
926 
927  // Make sure no operation is in progress.
928  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
929  return PKA_STATUS_OPERATION_BUSY;
930  }
931 
932  offset = PKAWritePkaParam(bigNum, bigNumLength, offset, PKA_O_APTR);
933 
934  offset = PKAWritePkaParamExtraOffset(modulus, modulusLength, offset, PKA_O_BPTR);
935 
936  // Copy the result vector address location.
937  *resultPKAMemAddr = PKA_RAM_BASE + offset;
938 
939  // Load C pointer with the result location in PKA RAM
940  HWREG(PKA_BASE + PKA_O_CPTR) = offset >> 2;
941 
942  // Start the PKCP modulo operation by setting the PKA Function register.
943  HWREG(PKA_BASE + PKA_O_FUNCTION) = (PKA_FUNCTION_RUN | PKA_FUNCTION_MODULO);
944 
945  return PKA_STATUS_SUCCESS;
946 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:545
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
PKAWritePkaParamExtraOffset
static uint32_t PKAWritePkaParamExtraOffset(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:615
ASSERT
#define ASSERT(expr)
Definition: debug.h:73

Here is the call graph for this function:

uint32_t PKABigNumMultGetResult ( uint8_t *  resultBuf,
uint32_t *  resultLength,
uint32_t  resultPKAMemAddr 
)

Gets the result of the big number multiplication.

This function gets the result of the multiplication of two big numbers operation previously started using the function PKABigNumMultiplyStart().

Parameters
[out]resultBufis the pointer to buffer where the result needs to be stored.
[in,out]resultLengthis the address of the variable containing the length of the buffer in bytes. After the operation, the actual length of the resultant is stored at this address.
[in]resultPKAMemAddris the address of the result location which was provided by the start function PKABigNumMultiplyStart().
Returns
Returns a status code.
See also
PKABigNumMultiplyStart()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

1184 {
1185  return PKAGetBigNumResult(resultBuf, resultLength, resultPKAMemAddr);
1186 }
PKAGetBigNumResult
static uint32_t PKAGetBigNumResult(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Definition: pka.c:626

Here is the call graph for this function:

uint32_t PKABigNumMultiplyStart ( const uint8_t *  multiplicand,
uint32_t  multiplicandLength,
const uint8_t *  multiplier,
uint32_t  multiplierLength,
uint32_t *  resultPKAMemAddr 
)

Starts the multiplication of two big numbers.

Parameters
[in]multiplicandis the pointer to the buffer containing the big number multiplicand.
[in]multiplicandLengthis the size of the multiplicand in bytes.
[in]multiplieris the pointer to the buffer containing the big number multiplier.
[in]multiplierLengthis the size of the multiplier in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKABigNumMultGetResult()

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

1148 {
1149  uint32_t offset = 0;
1150 
1151  // Check for the arguments.
1152  ASSERT(multiplicand);
1153  ASSERT(multiplier);
1154  ASSERT(resultPKAMemAddr);
1155 
1156  // Make sure no operation is in progress.
1157  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1158  return PKA_STATUS_OPERATION_BUSY;
1159  }
1160 
1161  offset = PKAWritePkaParam(multiplicand, multiplicandLength, offset, PKA_O_APTR);
1162 
1163  offset = PKAWritePkaParam(multiplier, multiplierLength, offset, PKA_O_BPTR);
1164 
1165 
1166  // Copy the result vector address location.
1167  *resultPKAMemAddr = PKA_RAM_BASE + offset;
1168 
1169  // Load C pointer with the result location in PKA RAM.
1170  HWREG(PKA_BASE + PKA_O_CPTR) = offset >> 2;
1171 
1172  // Set the PKA function to the multiplication and start it.
1173  HWREG(PKA_BASE + PKA_O_FUNCTION) = (PKA_FUNCTION_RUN | PKA_FUNCTION_MULTIPLY);
1174 
1175  return PKA_STATUS_SUCCESS;
1176 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:545
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
ASSERT
#define ASSERT(expr)
Definition: debug.h:73

Here is the call graph for this function:

uint32_t PKABigNumSubGetResult ( uint8_t *  resultBuf,
uint32_t *  resultLength,
uint32_t  resultPKAMemAddr 
)

Gets the result of the subtraction operation on two big numbers.

Parameters
[out]resultBufis the pointer to buffer where the result needs to be stored.
[in,out]resultLengthis the address of the variable containing the length of the buffer. After the operation the actual length of the resultant is stored at this address.
[in]resultPKAMemAddris the address of the result location which was provided by the start function PKABigNumAddStart().
Returns
Returns a status code.
See also
PKABigNumSubStart()
1229 {
1230  return PKAGetBigNumResult(resultBuf, resultLength, resultPKAMemAddr);
1231 }
PKAGetBigNumResult
static uint32_t PKAGetBigNumResult(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Definition: pka.c:626

Here is the call graph for this function:

uint32_t PKABigNumSubStart ( const uint8_t *  minuend,
uint32_t  minuendLength,
const uint8_t *  subtrahend,
uint32_t  subtrahendLength,
uint32_t *  resultPKAMemAddr 
)

Starts the subtraction of one big number from another.

Parameters
[in]minuendis the pointer to the buffer containing the big number to be subtracted from.
[in]minuendLengthis the size of the minuend in bytes.
[in]subtrahendis the pointer to the buffer containing the big number to subtract from the minuend.
[in]subtrahendLengthis the size of the subtrahend in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKABigNumSubGetResult()
1239 {
1240  uint32_t offset = 0;
1241 
1242  // Check for arguments.
1243  ASSERT(minuend);
1244  ASSERT(subtrahend);
1245  ASSERT(resultPKAMemAddr);
1246 
1247 
1248  // Make sure no operation is in progress.
1249  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1250  return PKA_STATUS_OPERATION_BUSY;
1251  }
1252 
1253  offset = PKAWritePkaParam(minuend, minuendLength, offset, PKA_O_APTR);
1254 
1255  offset = PKAWritePkaParam(subtrahend, subtrahendLength, offset, PKA_O_BPTR);
1256 
1257  // Copy the result vector address location.
1258  *resultPKAMemAddr = PKA_RAM_BASE + offset;
1259 
1260  // Load C pointer with the result location in PKA RAM.
1261  HWREG(PKA_BASE + PKA_O_CPTR) = offset >> 2;
1262 
1263  // Set the function for the add operation and start the operation.
1264  HWREG(PKA_BASE + PKA_O_FUNCTION) = (PKA_FUNCTION_RUN | PKA_FUNCTION_SUBTRACT);
1265 
1266  return PKA_STATUS_SUCCESS;
1267 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:545
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
ASSERT
#define ASSERT(expr)
Definition: debug.h:73

Here is the call graph for this function:

void PKAClearPkaRam ( void  )

Zeroizes PKA RAM.

This function uses the zeroization function in PRCM to clear the PKA RAM.

523  {
524  // Get initial state
525  uint32_t secdmaclkgr = HWREG(PRCM_BASE + PRCM_O_SECDMACLKGR);
526 
527  // OR in zeroize bit
528  secdmaclkgr |= PRCM_SECDMACLKGR_PKA_ZERIOZE_RESET_N;
529 
530  // Start zeroization
531  HWREG(PRCM_BASE + PRCM_O_SECDMACLKGR) = secdmaclkgr;
532 
533  // Wait 256 cycles for PKA RAM to be cleared
534  CPUdelay(256 / 4);
535 
536  // Turn off zeroization
537  HWREG(PRCM_BASE + PRCM_O_SECDMACLKGR) = secdmaclkgr & (~PRCM_SECDMACLKGR_PKA_ZERIOZE_RESET_N);
538 }
CPUdelay
void CPUdelay(uint32_t ui32Count)
Provide a small non-zero delay using a simple loop counter.
Definition: cpu.c:343

Here is the call graph for this function:

uint32_t PKAEccAddGetResult ( uint8_t *  curvePointX,
uint8_t *  curvePointY,
uint32_t  resultPKAMemAddr,
uint32_t  length 
)

Gets the result of the ECC addition.

This function gets the result of ECC point addition operation on the on the two given EC points, previously started using the function PKAEccAddStart().

Parameters
[out]curvePointXis the pointer to the structure where the X coordinate of the resultant EC point will be stored.
[out]curvePointYis the pointer to the structure where the Y coordinate of the resultant EC point will be stored.
[in]resultPKAMemAddris the address of the result location which was provided by the start function PKAEccAddGetResult().
[in]lengthis the length of the curve parameters in bytes.
Returns
Returns a status code.
See also
PKAEccAddStart()
1435 {
1436  return PKAGetECCResult(curvePointX, curvePointY, resultPKAMemAddr, length);
1437 }
PKAGetECCResult
static uint32_t PKAGetECCResult(uint8_t *curvePointX, uint8_t *curvePointY, uint32_t resultPKAMemAddr, uint32_t length)
Definition: pka.c:764

Here is the call graph for this function:

uint32_t PKAEccAddStart ( const uint8_t *  curvePoint1X,
const uint8_t *  curvePoint1Y,
const uint8_t *  curvePoint2X,
const uint8_t *  curvePoint2Y,
const uint8_t *  prime,
const uint8_t *  a,
uint32_t  length,
uint32_t *  resultPKAMemAddr 
)

Starts the ECC addition.

Parameters
[in]curvePoint1Xis the pointer to the buffer containing the X coordinate of the first elliptic curve point to be added. The point must be on the given curve.
[in]curvePoint1Yis the pointer to the buffer containing the Y coordinate of the first elliptic curve point to be added. The point must be on the given curve.
[in]curvePoint2Xis the pointer to the buffer containing the X coordinate of the second elliptic curve point to be added. The point must be on the given curve.
[in]curvePoint2Yis the pointer to the buffer containing the Y coordinate of the second elliptic curve point to be added. The point must be on the given curve.
[in]primeis the prime of the curve.
[in]ais the a constant of the curve when the curve equation is expressed in short Weierstrass form (y^3 = x^2 + a*x + b).
[in]lengthis the length of the curve parameters in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKAEccAddGetResult()
1390 {
1391  uint32_t offset = 0;
1392 
1393  // Check for the arguments.
1394  ASSERT(curvePoint1X);
1395  ASSERT(curvePoint1Y);
1396  ASSERT(curvePoint2X);
1397  ASSERT(curvePoint2Y);
1398  ASSERT(prime);
1399  ASSERT(a);
1400  ASSERT(resultPKAMemAddr);
1401 
1402  // Make sure no operation is in progress.
1403  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1404  return PKA_STATUS_OPERATION_BUSY;
1405  }
1406 
1407  offset = PKAWritePkaParamExtraOffset(curvePoint1X, length, offset, PKA_O_APTR);
1408  offset = PKAWritePkaParamExtraOffset(curvePoint1Y, length, offset, PKA_NO_POINTER_REG);
1409 
1410 
1411  offset = PKAWritePkaParamExtraOffset(prime, length, offset, PKA_O_BPTR);
1412  offset = PKAWritePkaParamExtraOffset(a, length, offset, PKA_NO_POINTER_REG);
1413 
1414  offset = PKAWritePkaParamExtraOffset(curvePoint2X, length, offset, PKA_O_CPTR);
1415  offset = PKAWritePkaParamExtraOffset(curvePoint2Y, length, offset, PKA_NO_POINTER_REG);
1416 
1417  // Copy the result vector location.
1418  *resultPKAMemAddr = PKA_RAM_BASE + offset;
1419 
1420  // Load D pointer with the result location in PKA RAM.
1421  HWREG(PKA_BASE + PKA_O_DPTR) = offset >> 2;
1422 
1423  // Set the PKA Function to ECC-ADD and start the operation.
1424  HWREG(PKA_BASE + PKA_O_FUNCTION ) = PKA_FUNCTION_RUN_M | (0x03 << PKA_FUNCTION_SEQUENCER_OPERATIONS_S);
1425 
1426  return PKA_STATUS_SUCCESS;
1427 }
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
PKAWritePkaParamExtraOffset
static uint32_t PKAWritePkaParamExtraOffset(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:615
ASSERT
#define ASSERT(expr)
Definition: debug.h:73
PKA_NO_POINTER_REG
#define PKA_NO_POINTER_REG
Definition: pka.c:131

Here is the call graph for this function:

uint32_t PKAEccMontgomeryMultiplyStart ( const uint8_t *  scalar,
const uint8_t *  curvePointX,
const uint8_t *  prime,
const uint8_t *  a,
uint32_t  length,
uint32_t *  resultPKAMemAddr 
)

Starts ECC Montgomery multiplication.

Parameters
[in]scalaris pointer to the buffer containing the scalar value to be multiplied.
[in]curvePointXis the pointer to the buffer containing the X coordinate of the elliptic curve point to be multiplied. The point must be on the given curve.
[in]primeis the prime of the curve.
[in]ais the a constant of the curve when the curve equation is expressed in short Weierstrass form (y^3 = x^2 + a*x + b).
[in]lengthis the length of the curve parameters in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKAEccMultiplyGetResult()
1335 {
1336  uint32_t offset = 0;
1337 
1338  // Check for the arguments.
1339  ASSERT(scalar);
1340  ASSERT(curvePointX);
1341  ASSERT(prime);
1342  ASSERT(a);
1343  ASSERT(length <= PKA_MAX_CURVE_SIZE_32_BIT_WORD * sizeof(uint32_t));
1344  ASSERT(resultPKAMemAddr);
1345 
1346  // Make sure no PKA operation is in progress.
1347  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1348  return PKA_STATUS_OPERATION_BUSY;
1349  }
1350 
1351  offset = PKAWritePkaParam(scalar, length, offset, PKA_O_APTR);
1352 
1353  offset = PKAWritePkaParamExtraOffset(prime, length, offset, PKA_O_BPTR);
1354  offset = PKAWritePkaParamExtraOffset(a, length, offset, PKA_NO_POINTER_REG);
1355 
1356  offset = PKAWritePkaParamExtraOffset(curvePointX, length, offset, PKA_O_CPTR);
1357 
1358  // Update the result location.
1359  // The resultPKAMemAddr may be 0 if we only want to check that we generated the point at infinity
1360  if (resultPKAMemAddr) {
1361  *resultPKAMemAddr = PKA_RAM_BASE + offset;
1362  }
1363 
1364  // Load D pointer with the result location in PKA RAM.
1365  HWREG(PKA_BASE + PKA_O_DPTR) = offset >> 2;
1366 
1367  // Set the PKA function to Montgomery ECC-MULT and start the operation.
1368  HWREG(PKA_BASE + PKA_O_FUNCTION) = PKA_FUNCTION_RUN_M | (0x02 << PKA_FUNCTION_SEQUENCER_OPERATIONS_S);
1369 
1370  return PKA_STATUS_SUCCESS;
1371 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:545
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
PKAWritePkaParamExtraOffset
static uint32_t PKAWritePkaParamExtraOffset(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:615
ASSERT
#define ASSERT(expr)
Definition: debug.h:73
PKA_NO_POINTER_REG
#define PKA_NO_POINTER_REG
Definition: pka.c:131
PKA_MAX_CURVE_SIZE_32_BIT_WORD
#define PKA_MAX_CURVE_SIZE_32_BIT_WORD
Definition: pka.c:115

Here is the call graph for this function:

uint32_t PKAEccMultiplyGetResult ( uint8_t *  curvePointX,
uint8_t *  curvePointY,
uint32_t  resultPKAMemAddr,
uint32_t  length 
)

Gets the result of ECC multiplication.

This function gets the result of ECC point multiplication operation on the EC point and the scalar value, previously started using the function PKAEccMultiplyStart().

Parameters
[out]curvePointXis the pointer to the structure where the X coordinate of the resultant EC point will be stored.
[out]curvePointYis the pointer to the structure where the Y coordinate of the resultant EC point will be stored.
[in]resultPKAMemAddris the address of the result location which was provided by the start function PKAEccMultiplyStart().
[in]lengthis the length of the curve parameters in bytes.
Returns
Returns a status code.
See also
PKAEccMultiplyStart()
1380 {
1381  return PKAGetECCResult(curvePointX, curvePointY, resultPKAMemAddr, length);
1382 }
PKAGetECCResult
static uint32_t PKAGetECCResult(uint8_t *curvePointX, uint8_t *curvePointY, uint32_t resultPKAMemAddr, uint32_t length)
Definition: pka.c:764

Here is the call graph for this function:

uint32_t PKAEccMultiplyStart ( const uint8_t *  scalar,
const uint8_t *  curvePointX,
const uint8_t *  curvePointY,
const uint8_t *  prime,
const uint8_t *  a,
const uint8_t *  b,
uint32_t  length,
uint32_t *  resultPKAMemAddr 
)

Starts ECC multiplication.

Parameters
[in]scalaris pointer to the buffer containing the scalar value to be multiplied.
[in]curvePointXis the pointer to the buffer containing the X coordinate of the elliptic curve point to be multiplied. The point must be on the given curve.
[in]curvePointYis the pointer to the buffer containing the Y coordinate of the elliptic curve point to be multiplied. The point must be on the given curve.
[in]primeis the prime of the curve.
[in]ais the a constant of the curve when the curve equation is expressed in short Weierstrass form (y^3 = x^2 + a*x + b).
[in]bis the b constant of the curve when the curve equation is expressed in short Weierstrass form (y^3 = x^2 + a*x + b).
[in]lengthis the length of the curve parameters in bytes.
[out]resultPKAMemAddris the pointer to the result vector location which will be set by this function.
Returns
Returns a status code.
See also
PKAEccMultiplyGetResult()
1286 {
1287  uint32_t offset = 0;
1288 
1289  // Check for the arguments.
1290  ASSERT(scalar);
1291  ASSERT(curvePointX);
1292  ASSERT(curvePointY);
1293  ASSERT(prime);
1294  ASSERT(a);
1295  ASSERT(b);
1296  ASSERT(length <= PKA_MAX_CURVE_SIZE_32_BIT_WORD * sizeof(uint32_t));
1297  ASSERT(resultPKAMemAddr);
1298 
1299  // Make sure no PKA operation is in progress.
1300  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN) {
1301  return PKA_STATUS_OPERATION_BUSY;
1302  }
1303 
1304  offset = PKAWritePkaParam(scalar, length, offset, PKA_O_APTR);
1305 
1306  offset = PKAWritePkaParamExtraOffset(prime, length, offset, PKA_O_BPTR);
1307  offset = PKAWritePkaParamExtraOffset(a, length, offset, PKA_NO_POINTER_REG);
1308  offset = PKAWritePkaParamExtraOffset(b, length, offset, PKA_NO_POINTER_REG);
1309 
1310  offset = PKAWritePkaParamExtraOffset(curvePointX, length, offset, PKA_O_CPTR);
1311  offset = PKAWritePkaParamExtraOffset(curvePointY, length, offset, PKA_NO_POINTER_REG);
1312 
1313  // Update the result location.
1314  // The resultPKAMemAddr may be 0 if we only want to check that we generated the point at infinity
1315  if (resultPKAMemAddr) {
1316  *resultPKAMemAddr = PKA_RAM_BASE + offset;
1317  }
1318 
1319  // Load D pointer with the result location in PKA RAM.
1320  HWREG(PKA_BASE + PKA_O_DPTR) = offset >> 2;
1321 
1322  // Set the PKA function to ECC-MULT and start the operation.
1323  HWREG(PKA_BASE + PKA_O_FUNCTION) = PKA_FUNCTION_RUN_M | (0x05 << PKA_FUNCTION_SEQUENCER_OPERATIONS_S);
1324 
1325  return PKA_STATUS_SUCCESS;
1326 }
PKAWritePkaParam
static uint32_t PKAWritePkaParam(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:545
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
PKAWritePkaParamExtraOffset
static uint32_t PKAWritePkaParamExtraOffset(const uint8_t *param, uint32_t paramLength, uint32_t paramOffset, uint32_t ptrRegOffset)
Definition: pka.c:615
ASSERT
#define ASSERT(expr)
Definition: debug.h:73
PKA_NO_POINTER_REG
#define PKA_NO_POINTER_REG
Definition: pka.c:131
PKA_MAX_CURVE_SIZE_32_BIT_WORD
#define PKA_MAX_CURVE_SIZE_32_BIT_WORD
Definition: pka.c:115

Here is the call graph for this function:

uint32_t PKAEccVerifyPublicKeyWeierstrassStart ( const uint8_t *  curvePointX,
const uint8_t *  curvePointY,
const uint8_t *  prime,
const uint8_t *  a,
const uint8_t *  b,
const uint8_t *  order,
uint32_t  length 
)

Begins the validation of a public key against a Short-Weierstrass curve.

This function validates a public key against a curve. After performing multiple smaller PKA operations in polling mode, it starts an ECC scalar multiplication.

The function verifies that:

  • X and Y are in the range [1, prime - 1]
  • The point is not the point at infinity
  • X and Y satisfy the Short-Weierstrass curve equation Y^2 = X^3 + a*X + b mod P
  • Multiplying the point by the order of the curve yields the point at infinity
Parameters
[in]curvePointXis the pointer to the buffer containing the X coordinate of the elliptic curve point to verify.
[in]curvePointYis the pointer to the buffer containing the Y coordinate of the elliptic curve point to verify.
[in]primeis the prime of the curve.
[in]ais the a constant of the curve when the curve equation is expressed in Short-Weierstrass form (y^3 = x^2 + a*x + b).
[in]bis the b constant of the curve when the curve equation is expressed in Short-Weierstrass form (y^3 = x^2 + a*x + b).
[in]orderis the order of the curve.
[in]lengthis the length of the curve parameters in bytes.
Returns
Returns a status code.
See also
PKAEccVerifyPublicKeyGetResult()
1445 {
1446  uint32_t pkaResult;
1447  uint32_t resultAddress;
1448  uint32_t resultLength;
1449  uint8_t *scratchBuffer = (uint8_t *)(PKA_RAM_BASE + PKA_RAM_TOT_BYTE_SIZE / 2);
1450  uint8_t *scratchBuffer2 = scratchBuffer + 512;
1451 
1452 
1453  // Verify X in range [0, prime - 1]
1454  PKABigNumCmpStart(curvePointX,
1455  prime,
1456  length);
1457 
1458  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1459 
1460  pkaResult = PKABigNumCmpGetResult();
1461 
1462  if (pkaResult != PKA_STATUS_A_LESS_THAN_B) {
1463  return PKA_STATUS_X_LARGER_THAN_PRIME;
1464  }
1465 
1466  // Verify Y in range [0, prime - 1]
1467  PKABigNumCmpStart(curvePointY,
1468  prime,
1469  length);
1470 
1471  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1472 
1473  pkaResult = PKABigNumCmpGetResult();
1474 
1475  if (pkaResult != PKA_STATUS_A_LESS_THAN_B) {
1476  return PKA_STATUS_Y_LARGER_THAN_PRIME;
1477  }
1478 
1479  // Verify point on curve
1480  // Short-Weierstrass equation: Y ^ 2 = X ^3 + a * X + b mod P
1481  // Reduced: Y ^ 2 = X * (X ^ 2 + a) + b
1482 
1483  // tmp = X ^ 2
1484  PKABigNumMultiplyStart(curvePointX, length, curvePointX, length, &resultAddress);
1485 
1486  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1487 
1488  resultLength = 200;
1489  pkaResult = PKABigNumMultGetResult(scratchBuffer, &resultLength, resultAddress);
1490 
1491  if (pkaResult != PKA_STATUS_SUCCESS) {
1492  return PKA_STATUS_FAILURE;
1493  }
1494 
1495  // tmp += a
1496  PKABigNumAddStart(scratchBuffer, resultLength, a, length, &resultAddress);
1497 
1498  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1499 
1500  resultLength = 200;
1501  pkaResult = PKABigNumAddGetResult(scratchBuffer, &resultLength, resultAddress);
1502 
1503  if (pkaResult != PKA_STATUS_SUCCESS) {
1504  return PKA_STATUS_FAILURE;
1505  }
1506 
1507  // tmp *= x
1508  PKABigNumMultiplyStart(scratchBuffer, resultLength, curvePointX, length, &resultAddress);
1509 
1510  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1511 
1512  resultLength = 200;
1513  pkaResult = PKABigNumMultGetResult(scratchBuffer, &resultLength, resultAddress);
1514 
1515  if (pkaResult != PKA_STATUS_SUCCESS) {
1516  return PKA_STATUS_FAILURE;
1517  }
1518 
1519  // tmp += b
1520  PKABigNumAddStart(scratchBuffer, resultLength, b, length, &resultAddress);
1521 
1522  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1523 
1524  resultLength = 200;
1525  pkaResult = PKABigNumAddGetResult(scratchBuffer, &resultLength, resultAddress);
1526 
1527  if (pkaResult != PKA_STATUS_SUCCESS) {
1528  return PKA_STATUS_FAILURE;
1529  }
1530 
1531 
1532  // tmp2 = tmp % prime to ensure we have no fraction in the division.
1533  // The number will only shrink from here on out.
1534  PKABigNumModStart(scratchBuffer, resultLength, prime, length, &resultAddress);
1535 
1536  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1537 
1538  // If the result is not a multiple of the word-length, the PKA HW will round up
1539  // because it deals in words only. That means that using 'length' directly
1540  // would cause and underflow, since length refers to the actual length in bytes of
1541  // the curve parameters while the PKA HW reports that rounded up to the next
1542  // word boundary.
1543  // Use 200 as the resultLength instead since we are copying to the scratch buffer
1544  // anyway.
1545  // Practically, this only happens with curves such as NIST-P521 that are not word
1546  // multiples.
1547  resultLength = 200;
1548  pkaResult = PKABigNumModGetResult(scratchBuffer2, resultLength, resultAddress);
1549 
1550  if (pkaResult != PKA_STATUS_SUCCESS) {
1551  return PKA_STATUS_FAILURE;
1552  }
1553 
1554  // tmp = y^2
1555  PKABigNumMultiplyStart(curvePointY, length, curvePointY, length, &resultAddress);
1556 
1557  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1558 
1559  resultLength = 200;
1560  pkaResult = PKABigNumMultGetResult(scratchBuffer, &resultLength, resultAddress);
1561 
1562  if (pkaResult != PKA_STATUS_SUCCESS) {
1563  return PKA_STATUS_FAILURE;
1564  }
1565 
1566  // tmp %= prime
1567  PKABigNumModStart(scratchBuffer, resultLength, prime, length, &resultAddress);
1568 
1569  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1570 
1571  // If the result is not a multiple of the word-length, the PKA HW will round up
1572  // because it deals in words only. That means that using 'length' directly
1573  // would cause and underflow, since length refers to the actual length in bytes of
1574  // the curve parameters while the PKA HW reports that rounded up to the next
1575  // word boundary.
1576  // Use 200 as the resultLength instead since we are copying to the scratch buffer
1577  // anyway.
1578  // Practically, this only happens with curves such as NIST-P521 that are not word
1579  // multiples.
1580  resultLength = 200;
1581  pkaResult = PKABigNumModGetResult(scratchBuffer, resultLength, resultAddress);
1582 
1583  if (pkaResult != PKA_STATUS_SUCCESS) {
1584  return PKA_STATUS_FAILURE;
1585  }
1586 
1587  // tmp ?= tmp2
1588  PKABigNumCmpStart(scratchBuffer,
1589  scratchBuffer2,
1590  length);
1591 
1592  while(PKAGetOpsStatus() == PKA_STATUS_OPERATION_BUSY);
1593 
1594  pkaResult = PKABigNumCmpGetResult();
1595 
1596  if (pkaResult != PKA_STATUS_EQUAL) {
1597  return PKA_STATUS_POINT_NOT_ON_CURVE;
1598  }
1599  else {
1600  return PKA_STATUS_SUCCESS;
1601  }
1602 }
PKA_STATUS_POINT_NOT_ON_CURVE
#define PKA_STATUS_POINT_NOT_ON_CURVE
The public key is not on the specified elliptic curve.
Definition: pka.h:136
PKABigNumModGetResult
uint32_t PKABigNumModGetResult(uint8_t *resultBuf, uint32_t length, uint32_t resultPKAMemAddr)
Gets the result of the big number modulus operation.
Definition: pka.c:953
PKABigNumAddGetResult
uint32_t PKABigNumAddGetResult(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Gets the result of the addition operation on two big numbers.
Definition: pka.c:1274
PKABigNumAddStart
uint32_t PKABigNumAddStart(const uint8_t *bigNum1, uint32_t bigNum1Length, const uint8_t *bigNum2, uint32_t bigNum2Length, uint32_t *resultPKAMemAddr)
Starts the addition of two big numbers.
Definition: pka.c:1193
PKABigNumCmpStart
uint32_t PKABigNumCmpStart(const uint8_t *bigNum1, const uint8_t *bigNum2, uint32_t length)
Starts the comparison of two big numbers.
Definition: pka.c:1034
PKA_STATUS_FAILURE
#define PKA_STATUS_FAILURE
Failure.
Definition: pka.h:122
PKA_STATUS_Y_LARGER_THAN_PRIME
#define PKA_STATUS_Y_LARGER_THAN_PRIME
Y coordinate of public key is larger than the curve prime.
Definition: pka.h:135
PKA_STATUS_EQUAL
#define PKA_STATUS_EQUAL
Big number compare return status if the first big number is equal to the second.
Definition: pka.h:128
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_X_LARGER_THAN_PRIME
#define PKA_STATUS_X_LARGER_THAN_PRIME
X coordinate of public key is larger than the curve prime.
Definition: pka.h:134
PKA_STATUS_SUCCESS
#define PKA_STATUS_SUCCESS
Success.
Definition: pka.h:121
PKABigNumMultGetResult
uint32_t PKABigNumMultGetResult(uint8_t *resultBuf, uint32_t *resultLength, uint32_t resultPKAMemAddr)
Gets the result of the big number multiplication.
Definition: pka.c:1183
PKABigNumModStart
uint32_t PKABigNumModStart(const uint8_t *bigNum, uint32_t bigNumLength, const uint8_t *modulus, uint32_t modulusLength, uint32_t *resultPKAMemAddr)
Starts a big number modulus operation.
Definition: pka.c:918
PKABigNumMultiplyStart
uint32_t PKABigNumMultiplyStart(const uint8_t *multiplicand, uint32_t multiplicandLength, const uint8_t *multiplier, uint32_t multiplierLength, uint32_t *resultPKAMemAddr)
Starts the multiplication of two big numbers.
Definition: pka.c:1147
PKA_STATUS_A_LESS_THAN_B
#define PKA_STATUS_A_LESS_THAN_B
Big number compare return status if the first big number is less than the second. ...
Definition: pka.h:127
PKAGetOpsStatus
uint32_t PKAGetOpsStatus(void)
Gets the PKA operation status.
Definition: pka.c:852
PKABigNumCmpGetResult
uint32_t PKABigNumCmpGetResult(void)
Gets the result of the comparison operation of two big numbers.
Definition: pka.c:1063

Here is the call graph for this function:

uint32_t PKAGetOpsStatus ( void  )

Gets the PKA operation status.

This function gets information on whether any PKA operation is in progress or not. This function allows to check the PKA operation status before starting any new PKA operation.

Returns
Returns a status code.

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

853 {
854  if (HWREG(PKA_BASE + PKA_O_FUNCTION) & PKA_FUNCTION_RUN_M) {
855  return PKA_STATUS_OPERATION_BUSY;
856  }
857  else {
858  return PKA_STATUS_OPERATION_RDY;
859  }
860 }
PKA_STATUS_OPERATION_BUSY
#define PKA_STATUS_OPERATION_BUSY
PKA operation is in progress.
Definition: pka.h:129
PKA_STATUS_OPERATION_RDY
#define PKA_STATUS_OPERATION_RDY
No PKA operation is in progress.
Definition: pka.h:130
void PKAZeroOutArray ( const uint8_t *  array,
uint32_t  arrayLength 
)

Zeros-out an array.

Parameters
[in]arrayis the array to zero-out.
[in]arrayLengthis the length of the array.

Referenced by PKABigNumInvModGetResult(), and PKABigNumModGetResult().

894 {
895  uint32_t i;
896  // Take the floor of paramLength in 32-bit words
897  uint32_t arrayLengthInWords = arrayLength / sizeof(uint32_t);
898 
899  // Zero-out the array word-wise until i >= arrayLength
900  for (i = 0; i < arrayLengthInWords * sizeof(uint32_t); i += 4) {
901  HWREG(array + i) = 0;
902  }
903 
904  // If i != arrayLength, there are some remaining bytes to zero-out
905  if (arrayLength % sizeof(uint32_t)) {
906  // Subtract 4 from i, since i has already overshot the array
907  for (i -= 4; i < arrayLength; i++) {
908  HWREGB(array + i * sizeof(uint32_t));
909  }
910  }
911 }

Macro Definition Documentation

#define BrainpoolP256R1_PARAM_SIZE_BYTES   32
#define BrainpoolP384R1_PARAM_SIZE_BYTES   48
#define BrainpoolP512R1_PARAM_SIZE_BYTES   64
#define Curve25519_PARAM_SIZE_BYTES   32
#define NISTP224_PARAM_SIZE_BYTES   28
#define NISTP256_PARAM_SIZE_BYTES   32
#define NISTP384_PARAM_SIZE_BYTES   48
#define NISTP521_PARAM_SIZE_BYTES   66
#define PKA_STATUS_A_GREATER_THAN_B   5

Big number compare return status if the first big number is greater than the second.

Referenced by PKABigNumCmpGetResult().

#define PKA_STATUS_A_LESS_THAN_B   6

Big number compare return status if the first big number is less than the second.

Referenced by PKABigNumCmpGetResult(), and PKAEccVerifyPublicKeyWeierstrassStart().

#define PKA_STATUS_BUF_UNDERFLOW   3

Buffer underflow.

Referenced by PKAGetBigNumResult(), and PKAGetBigNumResultRemainder().

#define PKA_STATUS_EQUAL   7

Big number compare return status if the first big number is equal to the second.

Referenced by PKABigNumCmpGetResult(), and PKAEccVerifyPublicKeyWeierstrassStart().

#define PKA_STATUS_FAILURE   1

Failure.

Referenced by PKABigNumCmpGetResult(), PKAEccVerifyPublicKeyWeierstrassStart(), and PKAGetECCResult().

#define PKA_STATUS_INVALID_PARAM   2

Invalid parameter.

#define PKA_STATUS_LOCATION_IN_USE   10

Location in PKA RAM is not available.

#define PKA_STATUS_OPERATION_BUSY   8

PKA operation is in progress.

Referenced by PKABigNumAddStart(), PKABigNumCmpGetResult(), PKABigNumCmpStart(), PKABigNumDivideStart(), PKABigNumInvModStart(), PKABigNumModStart(), PKABigNumMultiplyStart(), PKABigNumSubStart(), PKAEccAddStart(), PKAEccMontgomeryMultiplyStart(), PKAEccMultiplyStart(), PKAEccVerifyPublicKeyWeierstrassStart(), PKAGetBigNumResult(), PKAGetBigNumResultRemainder(), PKAGetECCResult(), and PKAGetOpsStatus().

#define PKA_STATUS_OPERATION_RDY   9

No PKA operation is in progress.

Referenced by PKAGetOpsStatus().

#define PKA_STATUS_POINT_AT_INFINITY   17

The ECC operation resulted in the point at infinity.

Referenced by PKAGetECCResult().

#define PKA_STATUS_POINT_NOT_ON_CURVE   15

The public key is not on the specified elliptic curve.

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

#define PKA_STATUS_RESULT_0   4

Result is all zeros.

#define PKA_STATUS_RESULT_ADDRESS_INCORRECT   16

The address of the result passed into one of the PKA*GetResult functions is incorrect.

Referenced by PKAGetBigNumResult().

#define PKA_STATUS_SUCCESS   0

Success.

Referenced by PKABigNumAddStart(), PKABigNumCmpStart(), PKABigNumDivideStart(), PKABigNumInvModStart(), PKABigNumModStart(), PKABigNumMultiplyStart(), PKABigNumSubStart(), PKAEccAddStart(), PKAEccMontgomeryMultiplyStart(), PKAEccMultiplyStart(), PKAEccVerifyPublicKeyWeierstrassStart(), PKAGetBigNumResult(), PKAGetBigNumResultRemainder(), and PKAGetECCResult().

#define PKA_STATUS_X_LARGER_THAN_PRIME   13

X coordinate of public key is larger than the curve prime.

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

#define PKA_STATUS_X_ZERO   11

X coordinate of public key is 0.

#define PKA_STATUS_Y_LARGER_THAN_PRIME   14

Y coordinate of public key is larger than the curve prime.

Referenced by PKAEccVerifyPublicKeyWeierstrassStart().

#define PKA_STATUS_Y_ZERO   12

Y coordinate of public key is 0.

Variable Documentation

const PKA_EccParam256 BrainpoolP256R1_a

a constant of the BrainpoolP256R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccParam256 BrainpoolP256R1_b

b constant of the BrainpoolP256R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccPoint256 BrainpoolP256R1_generator

X coordinate of the generator point of the BrainpoolP256R1 curve.

const PKA_EccParam256 BrainpoolP256R1_order

Order of the BrainpoolP256R1 curve.

const PKA_EccParam256 BrainpoolP256R1_prime

Prime of the BrainpoolP256R1 curve.

const PKA_EccParam384 BrainpoolP384R1_a

a constant of the BrainpoolP384R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccParam384 BrainpoolP384R1_b

b constant of the BrainpoolP384R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccPoint384 BrainpoolP384R1_generator

X coordinate of the generator point of the BrainpoolP384R1 curve.

const PKA_EccParam384 BrainpoolP384R1_order

Order of the BrainpoolP384R1 curve.

const PKA_EccParam384 BrainpoolP384R1_prime

Prime of the BrainpoolP384R1 curve.

const PKA_EccParam512 BrainpoolP512R1_a

a constant of the BrainpoolP512R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccParam512 BrainpoolP512R1_b

b constant of the BrainpoolP512R1 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccPoint512 BrainpoolP512R1_generator

X coordinate of the generator point of the BrainpoolP512R1 curve.

const PKA_EccParam512 BrainpoolP512R1_order

Order of the BrainpoolP512R1 curve.

const PKA_EccParam512 BrainpoolP512R1_prime

Prime of the BrainpoolP512R1 curve.

const PKA_EccParam256 Curve25519_a

a constant of the Curve25519 curve when expressed in Montgomery form (By^2 = x^3 + a*x^2 + x).

const PKA_EccParam256 Curve25519_b

b constant of the Curve25519 curve when expressed in Montgomery form (By^2 = x^3 + a*x^2 + x).

const PKA_EccPoint256 Curve25519_generator

X coordinate of the generator point of the Curve25519 curve.

const PKA_EccParam256 Curve25519_order

Order of the Curve25519 curve.

const PKA_EccParam256 Curve25519_prime

Prime of the Curve25519 curve.

const PKA_EccParam224 NISTP224_a

a constant of the NISTP224 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccParam224 NISTP224_b

b constant of the NISTP224 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccPoint224 NISTP224_generator

X coordinate of the generator point of the NISTP224 curve.

const PKA_EccParam224 NISTP224_order

Order of the NISTP224 curve.

const PKA_EccParam224 NISTP224_prime

Prime of the NISTP224 curve.

const PKA_EccParam256 NISTP256_a

a constant of the NISTP256 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccParam256 NISTP256_b

b constant of the NISTP256 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccPoint256 NISTP256_generator

X coordinate of the generator point of the NISTP256 curve.

const PKA_EccParam256 NISTP256_order

Order of the NISTP256 curve.

const PKA_EccParam256 NISTP256_prime

Prime of the NISTP256 curve.

const PKA_EccParam384 NISTP384_a

a constant of the NISTP384 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccParam384 NISTP384_b

b constant of the NISTP384 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccPoint384 NISTP384_generator

X coordinate of the generator point of the NISTP384 curve.

const PKA_EccParam384 NISTP384_order

Order of the NISTP384 curve.

const PKA_EccParam384 NISTP384_prime

Prime of the NISTP384 curve.

const PKA_EccParam521 NISTP521_a

a constant of the NISTP521 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccParam521 NISTP521_b

b constant of the NISTP521 curve when expressed in short Weierstrass form (y^3 = x^2 + a*x + b).

const PKA_EccPoint521 NISTP521_generator

X coordinate of the generator point of the NISTP521 curve.

const PKA_EccParam521 NISTP521_order

Order of the NISTP521 curve.

const PKA_EccParam521 NISTP521_prime

Prime of the NISTP521 curve.