summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/ec/ec_curve.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/ec/ec_curve.c1015
1 files changed, 1 insertions, 1014 deletions
diff --git a/src/lib/libcrypto/ec/ec_curve.c b/src/lib/libcrypto/ec/ec_curve.c
index cc5ad4d4e6..cbe113e361 100644
--- a/src/lib/libcrypto/ec/ec_curve.c
+++ b/src/lib/libcrypto/ec/ec_curve.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_curve.c,v 1.52 2024/12/06 04:35:03 tb Exp $ */ 1/* $OpenBSD: ec_curve.c,v 1.53 2024/12/24 18:33:24 tb Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -83,56 +83,6 @@
83 83
84#include "ec_local.h" 84#include "ec_local.h"
85 85
86#ifdef ENABLE_SMALL_CURVES
87
88/* the nist prime curves */
89static const struct {
90 uint8_t seed[20];
91 uint8_t p[24];
92 uint8_t a[24];
93 uint8_t b[24];
94 uint8_t x[24];
95 uint8_t y[24];
96 uint8_t order[24];
97} _EC_NIST_PRIME_192 = {
98 .seed = {
99 0x30, 0x45, 0xae, 0x6f, 0xc8, 0x42, 0x2f, 0x64, 0xed, 0x57,
100 0x95, 0x28, 0xd3, 0x81, 0x20, 0xea, 0xe1, 0x21, 0x96, 0xd5,
101 },
102 .p = {
103 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
104 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff,
105 0xff, 0xff, 0xff, 0xff,
106 },
107 .a = {
108 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
109 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff,
110 0xff, 0xff, 0xff, 0xfc,
111 },
112 .b = {
113 0x64, 0x21, 0x05, 0x19, 0xe5, 0x9c, 0x80, 0xe7, 0x0f, 0xa7,
114 0xe9, 0xab, 0x72, 0x24, 0x30, 0x49, 0xfe, 0xb8, 0xde, 0xec,
115 0xc1, 0x46, 0xb9, 0xb1,
116 },
117 .x = {
118 0x18, 0x8d, 0xa8, 0x0e, 0xb0, 0x30, 0x90, 0xf6, 0x7c, 0xbf,
119 0x20, 0xeb, 0x43, 0xa1, 0x88, 0x00, 0xf4, 0xff, 0x0a, 0xfd,
120 0x82, 0xff, 0x10, 0x12,
121 },
122 .y = {
123 0x07, 0x19, 0x2b, 0x95, 0xff, 0xc8, 0xda, 0x78, 0x63, 0x10,
124 0x11, 0xed, 0x6b, 0x24, 0xcd, 0xd5, 0x73, 0xf9, 0x77, 0xa1,
125 0x1e, 0x79, 0x48, 0x11,
126 },
127 .order = {
128 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
129 0xff, 0xff, 0x99, 0xde, 0xf8, 0x36, 0x14, 0x6b, 0xc9, 0xb1,
130 0xb4, 0xd2, 0x28, 0x31,
131 },
132};
133
134#endif /* ENABLE_SMALL_CURVES */
135
136static const struct { 86static const struct {
137 uint8_t seed[20]; 87 uint8_t seed[20];
138 uint8_t p[28]; 88 uint8_t p[28];
@@ -304,101 +254,6 @@ static const struct {
304 }, 254 },
305}; 255};
306 256
307#ifdef ENABLE_SMALL_CURVES
308
309/* the x9.62 prime curves (minus the nist prime curves) */
310static const struct {
311 uint8_t seed[20];
312 uint8_t p[24];
313 uint8_t a[24];
314 uint8_t b[24];
315 uint8_t x[24];
316 uint8_t y[24];
317 uint8_t order[24];
318} _EC_X9_62_PRIME_192V2 = {
319 .seed = {
320 0x31, 0xa9, 0x2e, 0xe2, 0x02, 0x9f, 0xd1, 0x0d, 0x90, 0x1b,
321 0x11, 0x3e, 0x99, 0x07, 0x10, 0xf0, 0xd2, 0x1a, 0xc6, 0xb6,
322 },
323 .p = {
324 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
325 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff,
326 0xff, 0xff, 0xff, 0xff,
327 },
328 .a = {
329 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
330 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff,
331 0xff, 0xff, 0xff, 0xfc,
332 },
333 .b = {
334 0xcc, 0x22, 0xd6, 0xdf, 0xb9, 0x5c, 0x6b, 0x25, 0xe4, 0x9c,
335 0x0d, 0x63, 0x64, 0xa4, 0xe5, 0x98, 0x0c, 0x39, 0x3a, 0xa2,
336 0x16, 0x68, 0xd9, 0x53,
337 },
338 .x = {
339 0xee, 0xa2, 0xba, 0xe7, 0xe1, 0x49, 0x78, 0x42, 0xf2, 0xde,
340 0x77, 0x69, 0xcf, 0xe9, 0xc9, 0x89, 0xc0, 0x72, 0xad, 0x69,
341 0x6f, 0x48, 0x03, 0x4a,
342 },
343 .y = {
344 0x65, 0x74, 0xd1, 0x1d, 0x69, 0xb6, 0xec, 0x7a, 0x67, 0x2b,
345 0xb8, 0x2a, 0x08, 0x3d, 0xf2, 0xf2, 0xb0, 0x84, 0x7d, 0xe9,
346 0x70, 0xb2, 0xde, 0x15,
347 },
348 .order = {
349 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
350 0xff, 0xfe, 0x5f, 0xb1, 0xa7, 0x24, 0xdc, 0x80, 0x41, 0x86,
351 0x48, 0xd8, 0xdd, 0x31,
352 },
353};
354
355static const struct {
356 uint8_t seed[20];
357 uint8_t p[24];
358 uint8_t a[24];
359 uint8_t b[24];
360 uint8_t x[24];
361 uint8_t y[24];
362 uint8_t order[24];
363} _EC_X9_62_PRIME_192V3 = {
364 .seed = {
365 0xc4, 0x69, 0x68, 0x44, 0x35, 0xde, 0xb3, 0x78, 0xc4, 0xb6,
366 0x5c, 0xa9, 0x59, 0x1e, 0x2a, 0x57, 0x63, 0x05, 0x9a, 0x2e,
367 },
368 .p = {
369 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
370 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff,
371 0xff, 0xff, 0xff, 0xff,
372 },
373 .a = {
374 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
375 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff,
376 0xff, 0xff, 0xff, 0xfc,
377 },
378 .b = {
379 0x22, 0x12, 0x3d, 0xc2, 0x39, 0x5a, 0x05, 0xca, 0xa7, 0x42,
380 0x3d, 0xae, 0xcc, 0xc9, 0x47, 0x60, 0xa7, 0xd4, 0x62, 0x25,
381 0x6b, 0xd5, 0x69, 0x16,
382 },
383 .x = {
384 0x7d, 0x29, 0x77, 0x81, 0x00, 0xc6, 0x5a, 0x1d, 0xa1, 0x78,
385 0x37, 0x16, 0x58, 0x8d, 0xce, 0x2b, 0x8b, 0x4a, 0xee, 0x8e,
386 0x22, 0x8f, 0x18, 0x96,
387 },
388 .y = {
389 0x38, 0xa9, 0x0f, 0x22, 0x63, 0x73, 0x37, 0x33, 0x4b, 0x49,
390 0xdc, 0xb6, 0x6a, 0x6d, 0xc8, 0xf9, 0x97, 0x8a, 0xca, 0x76,
391 0x48, 0xa9, 0x43, 0xb0,
392 },
393 .order = {
394 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
395 0xff, 0xff, 0x7a, 0x62, 0xd0, 0x31, 0xc8, 0x3f, 0x42, 0x94,
396 0xf6, 0x40, 0xec, 0x13,
397 },
398};
399
400#endif /* ENABLE_SMALL_CURVES */
401
402static const struct { 257static const struct {
403 uint8_t seed[20]; 258 uint8_t seed[20];
404 uint8_t p[30]; 259 uint8_t p[30];
@@ -585,337 +440,6 @@ static const struct {
585 }, 440 },
586}; 441};
587 442
588#ifdef ENABLE_SMALL_CURVES
589
590/* the secg prime curves (minus the nist and x9.62 prime curves) */
591static const struct {
592 uint8_t seed[20];
593 uint8_t p[14];
594 uint8_t a[14];
595 uint8_t b[14];
596 uint8_t x[14];
597 uint8_t y[14];
598 uint8_t order[14];
599} _EC_SECG_PRIME_112R1 = {
600 .seed = {
601 0x00, 0xf5, 0x0b, 0x02, 0x8e, 0x4d, 0x69, 0x6e, 0x67, 0x68,
602 0x75, 0x61, 0x51, 0x75, 0x29, 0x04, 0x72, 0x78, 0x3f, 0xb1,
603 },
604 .p = {
605 0xdb, 0x7c, 0x2a, 0xbf, 0x62, 0xe3, 0x5e, 0x66, 0x80, 0x76,
606 0xbe, 0xad, 0x20, 0x8b,
607 },
608 .a = {
609 0xdb, 0x7c, 0x2a, 0xbf, 0x62, 0xe3, 0x5e, 0x66, 0x80, 0x76,
610 0xbe, 0xad, 0x20, 0x88,
611 },
612 .b = {
613 0x65, 0x9e, 0xf8, 0xba, 0x04, 0x39, 0x16, 0xee, 0xde, 0x89,
614 0x11, 0x70, 0x2b, 0x22,
615 },
616 .x = {
617 0x09, 0x48, 0x72, 0x39, 0x99, 0x5a, 0x5e, 0xe7, 0x6b, 0x55,
618 0xf9, 0xc2, 0xf0, 0x98,
619 },
620 .y = {
621 0xa8, 0x9c, 0xe5, 0xaf, 0x87, 0x24, 0xc0, 0xa2, 0x3e, 0x0e,
622 0x0f, 0xf7, 0x75, 0x00,
623 },
624 .order = {
625 0xdb, 0x7c, 0x2a, 0xbf, 0x62, 0xe3, 0x5e, 0x76, 0x28, 0xdf,
626 0xac, 0x65, 0x61, 0xc5,
627 },
628};
629
630static const struct {
631 uint8_t seed[20];
632 uint8_t p[14];
633 uint8_t a[14];
634 uint8_t b[14];
635 uint8_t x[14];
636 uint8_t y[14];
637 uint8_t order[14];
638} _EC_SECG_PRIME_112R2 = {
639 .seed = {
640 0x00, 0x27, 0x57, 0xa1, 0x11, 0x4d, 0x69, 0x6e, 0x67, 0x68,
641 0x75, 0x61, 0x51, 0x75, 0x53, 0x16, 0xc0, 0x5e, 0x0b, 0xd4,
642 },
643 .p = {
644 0xdb, 0x7c, 0x2a, 0xbf, 0x62, 0xe3, 0x5e, 0x66, 0x80, 0x76,
645 0xbe, 0xad, 0x20, 0x8b,
646 },
647 .a = {
648 0x61, 0x27, 0xc2, 0x4c, 0x05, 0xf3, 0x8a, 0x0a, 0xaa, 0xf6,
649 0x5c, 0x0e, 0xf0, 0x2c,
650 },
651 .b = {
652 0x51, 0xde, 0xf1, 0x81, 0x5d, 0xb5, 0xed, 0x74, 0xfc, 0xc3,
653 0x4c, 0x85, 0xd7, 0x09,
654 },
655 .x = {
656 0x4b, 0xa3, 0x0a, 0xb5, 0xe8, 0x92, 0xb4, 0xe1, 0x64, 0x9d,
657 0xd0, 0x92, 0x86, 0x43,
658 },
659 .y = {
660 0xad, 0xcd, 0x46, 0xf5, 0x88, 0x2e, 0x37, 0x47, 0xde, 0xf3,
661 0x6e, 0x95, 0x6e, 0x97,
662 },
663 .order = {
664 0x36, 0xdf, 0x0a, 0xaf, 0xd8, 0xb8, 0xd7, 0x59, 0x7c, 0xa1,
665 0x05, 0x20, 0xd0, 0x4b,
666 },
667};
668
669static const struct {
670 uint8_t seed[20];
671 uint8_t p[16];
672 uint8_t a[16];
673 uint8_t b[16];
674 uint8_t x[16];
675 uint8_t y[16];
676 uint8_t order[16];
677} _EC_SECG_PRIME_128R1 = {
678 .seed = {
679 0x00, 0x0e, 0x0d, 0x4d, 0x69, 0x6e, 0x67, 0x68, 0x75, 0x61,
680 0x51, 0x75, 0x0c, 0xc0, 0x3a, 0x44, 0x73, 0xd0, 0x36, 0x79,
681 },
682 .p = {
683 0xff, 0xff, 0xff, 0xfd, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
684 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
685 },
686 .a = {
687 0xff, 0xff, 0xff, 0xfd, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
688 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc,
689 },
690 .b = {
691 0xe8, 0x75, 0x79, 0xc1, 0x10, 0x79, 0xf4, 0x3d, 0xd8, 0x24,
692 0x99, 0x3c, 0x2c, 0xee, 0x5e, 0xd3,
693 },
694 .x = {
695 0x16, 0x1f, 0xf7, 0x52, 0x8b, 0x89, 0x9b, 0x2d, 0x0c, 0x28,
696 0x60, 0x7c, 0xa5, 0x2c, 0x5b, 0x86,
697 },
698 .y = {
699 0xcf, 0x5a, 0xc8, 0x39, 0x5b, 0xaf, 0xeb, 0x13, 0xc0, 0x2d,
700 0xa2, 0x92, 0xdd, 0xed, 0x7a, 0x83,
701 },
702 .order = {
703 0xff, 0xff, 0xff, 0xfe, 0x00, 0x00, 0x00, 0x00, 0x75, 0xa3,
704 0x0d, 0x1b, 0x90, 0x38, 0xa1, 0x15,
705 },
706};
707
708static const struct {
709 uint8_t seed[20];
710 uint8_t p[16];
711 uint8_t a[16];
712 uint8_t b[16];
713 uint8_t x[16];
714 uint8_t y[16];
715 uint8_t order[16];
716} _EC_SECG_PRIME_128R2 = {
717 .seed = {
718 0x00, 0x4d, 0x69, 0x6e, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75,
719 0x12, 0xd8, 0xf0, 0x34, 0x31, 0xfc, 0xe6, 0x3b, 0x88, 0xf4,
720 },
721 .p = {
722 0xff, 0xff, 0xff, 0xfd, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
723 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
724 },
725 .a = {
726 0xd6, 0x03, 0x19, 0x98, 0xd1, 0xb3, 0xbb, 0xfe, 0xbf, 0x59,
727 0xcc, 0x9b, 0xbf, 0xf9, 0xae, 0xe1,
728 },
729 .b = {
730 0x5e, 0xee, 0xfc, 0xa3, 0x80, 0xd0, 0x29, 0x19, 0xdc, 0x2c,
731 0x65, 0x58, 0xbb, 0x6d, 0x8a, 0x5d,
732 },
733 .x = {
734 0x7b, 0x6a, 0xa5, 0xd8, 0x5e, 0x57, 0x29, 0x83, 0xe6, 0xfb,
735 0x32, 0xa7, 0xcd, 0xeb, 0xc1, 0x40,
736 },
737 .y = {
738 0x27, 0xb6, 0x91, 0x6a, 0x89, 0x4d, 0x3a, 0xee, 0x71, 0x06,
739 0xfe, 0x80, 0x5f, 0xc3, 0x4b, 0x44,
740 },
741 .order = {
742 0x3f, 0xff, 0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xbe, 0x00,
743 0x24, 0x72, 0x06, 0x13, 0xb5, 0xa3,
744 },
745};
746
747static const struct {
748 uint8_t p[21];
749 uint8_t a[21];
750 uint8_t b[21];
751 uint8_t x[21];
752 uint8_t y[21];
753 uint8_t order[21];
754} _EC_SECG_PRIME_160K1 = {
755 .p = {
756 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
757 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xac,
758 0x73,
759 },
760 .a = {
761 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
762 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
763 0x00,
764 },
765 .b = {
766 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
767 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
768 0x07,
769 },
770 .x = {
771 0x00, 0x3b, 0x4c, 0x38, 0x2c, 0xe3, 0x7a, 0xa1, 0x92, 0xa4,
772 0x01, 0x9e, 0x76, 0x30, 0x36, 0xf4, 0xf5, 0xdd, 0x4d, 0x7e,
773 0xbb,
774 },
775 .y = {
776 0x00, 0x93, 0x8c, 0xf9, 0x35, 0x31, 0x8f, 0xdc, 0xed, 0x6b,
777 0xc2, 0x82, 0x86, 0x53, 0x17, 0x33, 0xc3, 0xf0, 0x3c, 0x4f,
778 0xee,
779 },
780 .order = {
781 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
782 0x01, 0xb8, 0xfa, 0x16, 0xdf, 0xab, 0x9a, 0xca, 0x16, 0xb6,
783 0xb3,
784 },
785};
786
787static const struct {
788 uint8_t seed[20];
789 uint8_t p[21];
790 uint8_t a[21];
791 uint8_t b[21];
792 uint8_t x[21];
793 uint8_t y[21];
794 uint8_t order[21];
795} _EC_SECG_PRIME_160R1 = {
796 .seed = {
797 0x10, 0x53, 0xcd, 0xe4, 0x2c, 0x14, 0xd6, 0x96, 0xe6, 0x76,
798 0x87, 0x56, 0x15, 0x17, 0x53, 0x3b, 0xf3, 0xf8, 0x33, 0x45,
799 },
800 .p = {
801 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
802 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f, 0xff, 0xff,
803 0xff,
804 },
805 .a = {
806 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
807 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f, 0xff, 0xff,
808 0xfc,
809 },
810 .b = {
811 0x00, 0x1c, 0x97, 0xbe, 0xfc, 0x54, 0xbd, 0x7a, 0x8b, 0x65,
812 0xac, 0xf8, 0x9f, 0x81, 0xd4, 0xd4, 0xad, 0xc5, 0x65, 0xfa,
813 0x45,
814 },
815 .x = {
816 0x00, 0x4a, 0x96, 0xb5, 0x68, 0x8e, 0xf5, 0x73, 0x28, 0x46,
817 0x64, 0x69, 0x89, 0x68, 0xc3, 0x8b, 0xb9, 0x13, 0xcb, 0xfc,
818 0x82,
819 },
820 .y = {
821 0x00, 0x23, 0xa6, 0x28, 0x55, 0x31, 0x68, 0x94, 0x7d, 0x59,
822 0xdc, 0xc9, 0x12, 0x04, 0x23, 0x51, 0x37, 0x7a, 0xc5, 0xfb,
823 0x32,
824 },
825 .order = {
826 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
827 0x01, 0xf4, 0xc8, 0xf9, 0x27, 0xae, 0xd3, 0xca, 0x75, 0x22,
828 0x57,
829 },
830};
831
832static const struct {
833 uint8_t seed[20];
834 uint8_t p[21];
835 uint8_t a[21];
836 uint8_t b[21];
837 uint8_t x[21];
838 uint8_t y[21];
839 uint8_t order[21];
840} _EC_SECG_PRIME_160R2 = {
841 .seed = {
842 0xb9, 0x9b, 0x99, 0xb0, 0x99, 0xb3, 0x23, 0xe0, 0x27, 0x09,
843 0xa4, 0xd6, 0x96, 0xe6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x51,
844 },
845 .p = {
846 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
847 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xac,
848 0x73,
849 },
850 .a = {
851 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
852 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xac,
853 0x70,
854 },
855 .b = {
856 0x00, 0xb4, 0xe1, 0x34, 0xd3, 0xfb, 0x59, 0xeb, 0x8b, 0xab,
857 0x57, 0x27, 0x49, 0x04, 0x66, 0x4d, 0x5a, 0xf5, 0x03, 0x88,
858 0xba,
859 },
860 .x = {
861 0x00, 0x52, 0xdc, 0xb0, 0x34, 0x29, 0x3a, 0x11, 0x7e, 0x1f,
862 0x4f, 0xf1, 0x1b, 0x30, 0xf7, 0x19, 0x9d, 0x31, 0x44, 0xce,
863 0x6d,
864 },
865 .y = {
866 0x00, 0xfe, 0xaf, 0xfe, 0xf2, 0xe3, 0x31, 0xf2, 0x96, 0xe0,
867 0x71, 0xfa, 0x0d, 0xf9, 0x98, 0x2c, 0xfe, 0xa7, 0xd4, 0x3f,
868 0x2e,
869 },
870 .order = {
871 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
872 0x00, 0x35, 0x1e, 0xe7, 0x86, 0xa8, 0x18, 0xf3, 0xa1, 0xa1,
873 0x6b,
874 },
875};
876
877static const struct {
878 uint8_t p[24];
879 uint8_t a[24];
880 uint8_t b[24];
881 uint8_t x[24];
882 uint8_t y[24];
883 uint8_t order[24];
884} _EC_SECG_PRIME_192K1 = {
885 .p = {
886 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
887 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe,
888 0xff, 0xff, 0xee, 0x37,
889 },
890 .a = {
891 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
892 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
893 0x00, 0x00, 0x00, 0x00,
894 },
895 .b = {
896 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
897 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
898 0x00, 0x00, 0x00, 0x03,
899 },
900 .x = {
901 0xdb, 0x4f, 0xf1, 0x0e, 0xc0, 0x57, 0xe9, 0xae, 0x26, 0xb0,
902 0x7d, 0x02, 0x80, 0xb7, 0xf4, 0x34, 0x1d, 0xa5, 0xd1, 0xb1,
903 0xea, 0xe0, 0x6c, 0x7d,
904 },
905 .y = {
906 0x9b, 0x2f, 0x2f, 0x6d, 0x9c, 0x56, 0x28, 0xa7, 0x84, 0x41,
907 0x63, 0xd0, 0x15, 0xbe, 0x86, 0x34, 0x40, 0x82, 0xaa, 0x88,
908 0xd9, 0x5e, 0x2f, 0x9d,
909 },
910 .order = {
911 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
912 0xff, 0xfe, 0x26, 0xf2, 0xfc, 0x17, 0x0f, 0x69, 0x46, 0x6a,
913 0x74, 0xde, 0xfd, 0x8d,
914 },
915};
916
917#endif /* ENABLE_SMALL_CURVES */
918
919static const struct { 443static const struct {
920 uint8_t p[29]; 444 uint8_t p[29];
921 uint8_t a[29]; 445 uint8_t a[29];
@@ -1002,273 +526,6 @@ static const struct {
1002 }, 526 },
1003}; 527};
1004 528
1005#ifdef ENABLE_SMALL_CURVES
1006
1007/* some wap/wtls curves */
1008static const struct {
1009 uint8_t p[15];
1010 uint8_t a[15];
1011 uint8_t b[15];
1012 uint8_t x[15];
1013 uint8_t y[15];
1014 uint8_t order[15];
1015} _EC_WTLS_8 = {
1016 .p = {
1017 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1018 0xff, 0xff, 0xff, 0xfd, 0xe7,
1019 },
1020 .a = {
1021 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1022 0x00, 0x00, 0x00, 0x00, 0x00,
1023 },
1024 .b = {
1025 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1026 0x00, 0x00, 0x00, 0x00, 0x03,
1027 },
1028 .x = {
1029 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1030 0x00, 0x00, 0x00, 0x00, 0x01,
1031 },
1032 .y = {
1033 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1034 0x00, 0x00, 0x00, 0x00, 0x02,
1035 },
1036 .order = {
1037 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xec, 0xea,
1038 0x55, 0x1a, 0xd8, 0x37, 0xe9,
1039 },
1040};
1041
1042static const struct {
1043 uint8_t p[21];
1044 uint8_t a[21];
1045 uint8_t b[21];
1046 uint8_t x[21];
1047 uint8_t y[21];
1048 uint8_t order[21];
1049} _EC_WTLS_9 = {
1050 .p = {
1051 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1052 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc, 0x80,
1053 0x8f,
1054 },
1055 .a = {
1056 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1057 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1058 0x00,
1059 },
1060 .b = {
1061 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1062 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1063 0x03,
1064 },
1065 .x = {
1066 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1067 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1068 0x01,
1069 },
1070 .y = {
1071 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1072 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1073 0x02,
1074 },
1075 .order = {
1076 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1077 0x01, 0xcd, 0xc9, 0x8a, 0xe0, 0xe2, 0xde, 0x57, 0x4a, 0xbf,
1078 0x33,
1079 },
1080};
1081
1082static const struct {
1083 uint8_t p[28];
1084 uint8_t a[28];
1085 uint8_t b[28];
1086 uint8_t x[28];
1087 uint8_t y[28];
1088 uint8_t order[28];
1089} _EC_WTLS_12 = {
1090 .p = {
1091 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1092 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
1093 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1094 },
1095 .a = {
1096 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1097 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff,
1098 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe,
1099 },
1100 .b = {
1101 0xb4, 0x05, 0x0a, 0x85, 0x0c, 0x04, 0xb3, 0xab, 0xf5, 0x41,
1102 0x32, 0x56, 0x50, 0x44, 0xb0, 0xb7, 0xd7, 0xbf, 0xd8, 0xba,
1103 0x27, 0x0b, 0x39, 0x43, 0x23, 0x55, 0xff, 0xb4,
1104 },
1105 .x = {
1106 0xb7, 0x0e, 0x0c, 0xbd, 0x6b, 0xb4, 0xbf, 0x7f, 0x32, 0x13,
1107 0x90, 0xb9, 0x4a, 0x03, 0xc1, 0xd3, 0x56, 0xc2, 0x11, 0x22,
1108 0x34, 0x32, 0x80, 0xd6, 0x11, 0x5c, 0x1d, 0x21,
1109 },
1110 .y = {
1111 0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22,
1112 0xdf, 0xe6, 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64,
1113 0x44, 0xd5, 0x81, 0x99, 0x85, 0x00, 0x7e, 0x34,
1114 },
1115 .order = {
1116 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1117 0xff, 0xff, 0xff, 0xff, 0x16, 0xa2, 0xe0, 0xb8, 0xf0, 0x3e,
1118 0x13, 0xdd, 0x29, 0x45, 0x5c, 0x5c, 0x2a, 0x3d,
1119 },
1120};
1121
1122static const struct {
1123 uint8_t p[20];
1124 uint8_t a[20];
1125 uint8_t b[20];
1126 uint8_t x[20];
1127 uint8_t y[20];
1128 uint8_t order[20];
1129} _EC_brainpoolP160r1 = {
1130 .p = {
1131 0xe9, 0x5e, 0x4a, 0x5f, 0x73, 0x70, 0x59, 0xdc, 0x60, 0xdf,
1132 0xc7, 0xad, 0x95, 0xb3, 0xd8, 0x13, 0x95, 0x15, 0x62, 0x0f,
1133 },
1134 .a = {
1135 0x34, 0x0e, 0x7b, 0xe2, 0xa2, 0x80, 0xeb, 0x74, 0xe2, 0xbe,
1136 0x61, 0xba, 0xda, 0x74, 0x5d, 0x97, 0xe8, 0xf7, 0xc3, 0x00,
1137 },
1138 .b = {
1139 0x1e, 0x58, 0x9a, 0x85, 0x95, 0x42, 0x34, 0x12, 0x13, 0x4f,
1140 0xaa, 0x2d, 0xbd, 0xec, 0x95, 0xc8, 0xd8, 0x67, 0x5e, 0x58,
1141 },
1142 .x = {
1143 0xbe, 0xd5, 0xaf, 0x16, 0xea, 0x3f, 0x6a, 0x4f, 0x62, 0x93,
1144 0x8c, 0x46, 0x31, 0xeb, 0x5a, 0xf7, 0xbd, 0xbc, 0xdb, 0xc3,
1145 },
1146 .y = {
1147 0x16, 0x67, 0xcb, 0x47, 0x7a, 0x1a, 0x8e, 0xc3, 0x38, 0xf9,
1148 0x47, 0x41, 0x66, 0x9c, 0x97, 0x63, 0x16, 0xda, 0x63, 0x21,
1149 },
1150 .order = {
1151 0xe9, 0x5e, 0x4a, 0x5f, 0x73, 0x70, 0x59, 0xdc, 0x60, 0xdf,
1152 0x59, 0x91, 0xd4, 0x50, 0x29, 0x40, 0x9e, 0x60, 0xfc, 0x09,
1153 },
1154};
1155
1156static const struct {
1157 uint8_t p[20];
1158 uint8_t a[20];
1159 uint8_t b[20];
1160 uint8_t x[20];
1161 uint8_t y[20];
1162 uint8_t order[20];
1163} _EC_brainpoolP160t1 = {
1164 .p = {
1165 0xe9, 0x5e, 0x4a, 0x5f, 0x73, 0x70, 0x59, 0xdc, 0x60, 0xdf,
1166 0xc7, 0xad, 0x95, 0xb3, 0xd8, 0x13, 0x95, 0x15, 0x62, 0x0f,
1167 },
1168 .a = {
1169 0xe9, 0x5e, 0x4a, 0x5f, 0x73, 0x70, 0x59, 0xdc, 0x60, 0xdf,
1170 0xc7, 0xad, 0x95, 0xb3, 0xd8, 0x13, 0x95, 0x15, 0x62, 0x0c,
1171 },
1172 .b = {
1173 0x7a, 0x55, 0x6b, 0x6d, 0xae, 0x53, 0x5b, 0x7b, 0x51, 0xed,
1174 0x2c, 0x4d, 0x7d, 0xaa, 0x7a, 0x0b, 0x5c, 0x55, 0xf3, 0x80,
1175 },
1176 .x = {
1177 0xb1, 0x99, 0xb1, 0x3b, 0x9b, 0x34, 0xef, 0xc1, 0x39, 0x7e,
1178 0x64, 0xba, 0xeb, 0x05, 0xac, 0xc2, 0x65, 0xff, 0x23, 0x78,
1179 },
1180 .y = {
1181 0xad, 0xd6, 0x71, 0x8b, 0x7c, 0x7c, 0x19, 0x61, 0xf0, 0x99,
1182 0x1b, 0x84, 0x24, 0x43, 0x77, 0x21, 0x52, 0xc9, 0xe0, 0xad,
1183 },
1184 .order = {
1185 0xe9, 0x5e, 0x4a, 0x5f, 0x73, 0x70, 0x59, 0xdc, 0x60, 0xdf,
1186 0x59, 0x91, 0xd4, 0x50, 0x29, 0x40, 0x9e, 0x60, 0xfc, 0x09,
1187 },
1188};
1189
1190static const struct {
1191 uint8_t p[24];
1192 uint8_t a[24];
1193 uint8_t b[24];
1194 uint8_t x[24];
1195 uint8_t y[24];
1196 uint8_t order[24];
1197} _EC_brainpoolP192r1 = {
1198 .p = {
1199 0xc3, 0x02, 0xf4, 0x1d, 0x93, 0x2a, 0x36, 0xcd, 0xa7, 0xa3,
1200 0x46, 0x30, 0x93, 0xd1, 0x8d, 0xb7, 0x8f, 0xce, 0x47, 0x6d,
1201 0xe1, 0xa8, 0x62, 0x97,
1202 },
1203 .a = {
1204 0x6a, 0x91, 0x17, 0x40, 0x76, 0xb1, 0xe0, 0xe1, 0x9c, 0x39,
1205 0xc0, 0x31, 0xfe, 0x86, 0x85, 0xc1, 0xca, 0xe0, 0x40, 0xe5,
1206 0xc6, 0x9a, 0x28, 0xef,
1207 },
1208 .b = {
1209 0x46, 0x9a, 0x28, 0xef, 0x7c, 0x28, 0xcc, 0xa3, 0xdc, 0x72,
1210 0x1d, 0x04, 0x4f, 0x44, 0x96, 0xbc, 0xca, 0x7e, 0xf4, 0x14,
1211 0x6f, 0xbf, 0x25, 0xc9,
1212 },
1213 .x = {
1214 0xc0, 0xa0, 0x64, 0x7e, 0xaa, 0xb6, 0xa4, 0x87, 0x53, 0xb0,
1215 0x33, 0xc5, 0x6c, 0xb0, 0xf0, 0x90, 0x0a, 0x2f, 0x5c, 0x48,
1216 0x53, 0x37, 0x5f, 0xd6,
1217 },
1218 .y = {
1219 0x14, 0xb6, 0x90, 0x86, 0x6a, 0xbd, 0x5b, 0xb8, 0x8b, 0x5f,
1220 0x48, 0x28, 0xc1, 0x49, 0x00, 0x02, 0xe6, 0x77, 0x3f, 0xa2,
1221 0xfa, 0x29, 0x9b, 0x8f,
1222 },
1223 .order = {
1224 0xc3, 0x02, 0xf4, 0x1d, 0x93, 0x2a, 0x36, 0xcd, 0xa7, 0xa3,
1225 0x46, 0x2f, 0x9e, 0x9e, 0x91, 0x6b, 0x5b, 0xe8, 0xf1, 0x02,
1226 0x9a, 0xc4, 0xac, 0xc1,
1227 },
1228};
1229
1230static const struct {
1231 uint8_t p[24];
1232 uint8_t a[24];
1233 uint8_t b[24];
1234 uint8_t x[24];
1235 uint8_t y[24];
1236 uint8_t order[24];
1237} _EC_brainpoolP192t1 = {
1238 .p = {
1239 0xc3, 0x02, 0xf4, 0x1d, 0x93, 0x2a, 0x36, 0xcd, 0xa7, 0xa3,
1240 0x46, 0x30, 0x93, 0xd1, 0x8d, 0xb7, 0x8f, 0xce, 0x47, 0x6d,
1241 0xe1, 0xa8, 0x62, 0x97,
1242 },
1243 .a = {
1244 0xc3, 0x02, 0xf4, 0x1d, 0x93, 0x2a, 0x36, 0xcd, 0xa7, 0xa3,
1245 0x46, 0x30, 0x93, 0xd1, 0x8d, 0xb7, 0x8f, 0xce, 0x47, 0x6d,
1246 0xe1, 0xa8, 0x62, 0x94,
1247 },
1248 .b = {
1249 0x13, 0xd5, 0x6f, 0xfa, 0xec, 0x78, 0x68, 0x1e, 0x68, 0xf9,
1250 0xde, 0xb4, 0x3b, 0x35, 0xbe, 0xc2, 0xfb, 0x68, 0x54, 0x2e,
1251 0x27, 0x89, 0x7b, 0x79,
1252 },
1253 .x = {
1254 0x3a, 0xe9, 0xe5, 0x8c, 0x82, 0xf6, 0x3c, 0x30, 0x28, 0x2e,
1255 0x1f, 0xe7, 0xbb, 0xf4, 0x3f, 0xa7, 0x2c, 0x44, 0x6a, 0xf6,
1256 0xf4, 0x61, 0x81, 0x29,
1257 },
1258 .y = {
1259 0x09, 0x7e, 0x2c, 0x56, 0x67, 0xc2, 0x22, 0x3a, 0x90, 0x2a,
1260 0xb5, 0xca, 0x44, 0x9d, 0x00, 0x84, 0xb7, 0xe5, 0xb3, 0xde,
1261 0x7c, 0xcc, 0x01, 0xc9,
1262 },
1263 .order = {
1264 0xc3, 0x02, 0xf4, 0x1d, 0x93, 0x2a, 0x36, 0xcd, 0xa7, 0xa3,
1265 0x46, 0x2f, 0x9e, 0x9e, 0x91, 0x6b, 0x5b, 0xe8, 0xf1, 0x02,
1266 0x9a, 0xc4, 0xac, 0xc1,
1267 },
1268};
1269
1270#endif /* ENABLE_SMALL_CURVES */
1271
1272static const struct { 529static const struct {
1273 uint8_t p[28]; 530 uint8_t p[28];
1274 uint8_t a[28]; 531 uint8_t a[28];
@@ -1826,117 +1083,6 @@ static const struct ec_curve {
1826 const uint8_t *order; 1083 const uint8_t *order;
1827} ec_curve_list[] = { 1084} ec_curve_list[] = {
1828 /* secg curves */ 1085 /* secg curves */
1829#ifdef ENABLE_SMALL_CURVES
1830 {
1831 .comment = "SECG/WTLS curve over a 112 bit prime field",
1832 .nid = NID_secp112r1,
1833 .seed_len = sizeof(_EC_SECG_PRIME_112R1.seed),
1834 .param_len = sizeof(_EC_SECG_PRIME_112R1.p),
1835 .seed = _EC_SECG_PRIME_112R1.seed,
1836 .p = _EC_SECG_PRIME_112R1.p,
1837 .a = _EC_SECG_PRIME_112R1.a,
1838 .b = _EC_SECG_PRIME_112R1.b,
1839 .x = _EC_SECG_PRIME_112R1.x,
1840 .y = _EC_SECG_PRIME_112R1.y,
1841 .order = _EC_SECG_PRIME_112R1.order,
1842 .cofactor = 1,
1843 },
1844 {
1845 .comment = "SECG curve over a 112 bit prime field",
1846 .nid = NID_secp112r2,
1847 .seed_len = sizeof(_EC_SECG_PRIME_112R2.seed),
1848 .param_len = sizeof(_EC_SECG_PRIME_112R2.p),
1849 .seed = _EC_SECG_PRIME_112R2.seed,
1850 .p = _EC_SECG_PRIME_112R2.p,
1851 .a = _EC_SECG_PRIME_112R2.a,
1852 .b = _EC_SECG_PRIME_112R2.b,
1853 .x = _EC_SECG_PRIME_112R2.x,
1854 .y = _EC_SECG_PRIME_112R2.y,
1855 .order = _EC_SECG_PRIME_112R2.order,
1856 .cofactor = 4,
1857 },
1858 {
1859 .comment = "SECG curve over a 128 bit prime field",
1860 .nid = NID_secp128r1,
1861 .seed_len = sizeof(_EC_SECG_PRIME_128R1.seed),
1862 .param_len = sizeof(_EC_SECG_PRIME_128R1.p),
1863 .seed = _EC_SECG_PRIME_128R1.seed,
1864 .p = _EC_SECG_PRIME_128R1.p,
1865 .a = _EC_SECG_PRIME_128R1.a,
1866 .b = _EC_SECG_PRIME_128R1.b,
1867 .x = _EC_SECG_PRIME_128R1.x,
1868 .y = _EC_SECG_PRIME_128R1.y,
1869 .order = _EC_SECG_PRIME_128R1.order,
1870 .cofactor = 1,
1871 },
1872 {
1873 .comment = "SECG curve over a 128 bit prime field",
1874 .nid = NID_secp128r2,
1875 .seed_len = sizeof(_EC_SECG_PRIME_128R2.seed),
1876 .param_len = sizeof(_EC_SECG_PRIME_128R2.p),
1877 .seed = _EC_SECG_PRIME_128R2.seed,
1878 .p = _EC_SECG_PRIME_128R2.p,
1879 .a = _EC_SECG_PRIME_128R2.a,
1880 .b = _EC_SECG_PRIME_128R2.b,
1881 .x = _EC_SECG_PRIME_128R2.x,
1882 .y = _EC_SECG_PRIME_128R2.y,
1883 .order = _EC_SECG_PRIME_128R2.order,
1884 .cofactor = 4,
1885 },
1886 {
1887 .comment = "SECG curve over a 160 bit prime field",
1888 .nid = NID_secp160k1,
1889 .param_len = sizeof(_EC_SECG_PRIME_160K1.p),
1890 .p = _EC_SECG_PRIME_160K1.p,
1891 .a = _EC_SECG_PRIME_160K1.a,
1892 .b = _EC_SECG_PRIME_160K1.b,
1893 .x = _EC_SECG_PRIME_160K1.x,
1894 .y = _EC_SECG_PRIME_160K1.y,
1895 .order = _EC_SECG_PRIME_160K1.order,
1896 .cofactor = 1,
1897 },
1898 {
1899 .comment = "SECG curve over a 160 bit prime field",
1900 .nid = NID_secp160r1,
1901 .seed_len = sizeof(_EC_SECG_PRIME_160R1.seed),
1902 .param_len = sizeof(_EC_SECG_PRIME_160R1.p),
1903 .seed = _EC_SECG_PRIME_160R1.seed,
1904 .p = _EC_SECG_PRIME_160R1.p,
1905 .a = _EC_SECG_PRIME_160R1.a,
1906 .b = _EC_SECG_PRIME_160R1.b,
1907 .x = _EC_SECG_PRIME_160R1.x,
1908 .y = _EC_SECG_PRIME_160R1.y,
1909 .order = _EC_SECG_PRIME_160R1.order,
1910 .cofactor = 1,
1911 },
1912 {
1913 .comment = "SECG/WTLS curve over a 160 bit prime field",
1914 .nid = NID_secp160r2,
1915 .seed_len = sizeof(_EC_SECG_PRIME_160R2.seed),
1916 .param_len = sizeof(_EC_SECG_PRIME_160R2.p),
1917 .seed = _EC_SECG_PRIME_160R2.seed,
1918 .p = _EC_SECG_PRIME_160R2.p,
1919 .a = _EC_SECG_PRIME_160R2.a,
1920 .b = _EC_SECG_PRIME_160R2.b,
1921 .x = _EC_SECG_PRIME_160R2.x,
1922 .y = _EC_SECG_PRIME_160R2.y,
1923 .order = _EC_SECG_PRIME_160R2.order,
1924 .cofactor = 1,
1925 },
1926 /* SECG secp192r1 is the same as X9.62 prime192v1 and hence omitted */
1927 {
1928 .comment = "SECG curve over a 192 bit prime field",
1929 .nid = NID_secp192k1,
1930 .param_len = sizeof(_EC_SECG_PRIME_192K1.p),
1931 .p = _EC_SECG_PRIME_192K1.p,
1932 .a = _EC_SECG_PRIME_192K1.a,
1933 .b = _EC_SECG_PRIME_192K1.b,
1934 .x = _EC_SECG_PRIME_192K1.x,
1935 .y = _EC_SECG_PRIME_192K1.y,
1936 .order = _EC_SECG_PRIME_192K1.order,
1937 .cofactor = 1,
1938 },
1939#endif /* ENABLE_SMALL_CURVES */
1940 { 1086 {
1941 .comment = "SECG curve over a 224 bit prime field", 1087 .comment = "SECG curve over a 224 bit prime field",
1942 .nid = NID_secp224k1, 1088 .nid = NID_secp224k1,
@@ -2005,50 +1151,6 @@ static const struct ec_curve {
2005 .cofactor = 1, 1151 .cofactor = 1,
2006 }, 1152 },
2007 /* X9.62 curves */ 1153 /* X9.62 curves */
2008#ifdef ENABLE_SMALL_CURVES
2009 {
2010 .comment = "NIST/X9.62/SECG curve over a 192 bit prime field",
2011 .nid = NID_X9_62_prime192v1,
2012 .seed_len = sizeof(_EC_NIST_PRIME_192.seed),
2013 .param_len = sizeof(_EC_NIST_PRIME_192.p),
2014 .seed = _EC_NIST_PRIME_192.seed,
2015 .p = _EC_NIST_PRIME_192.p,
2016 .a = _EC_NIST_PRIME_192.a,
2017 .b = _EC_NIST_PRIME_192.b,
2018 .x = _EC_NIST_PRIME_192.x,
2019 .y = _EC_NIST_PRIME_192.y,
2020 .order = _EC_NIST_PRIME_192.order,
2021 .cofactor = 1,
2022 },
2023 {
2024 .comment = "X9.62 curve over a 192 bit prime field",
2025 .nid = NID_X9_62_prime192v2,
2026 .seed_len = sizeof(_EC_X9_62_PRIME_192V2.seed),
2027 .param_len = sizeof(_EC_X9_62_PRIME_192V2.p),
2028 .seed = _EC_X9_62_PRIME_192V2.seed,
2029 .p = _EC_X9_62_PRIME_192V2.p,
2030 .a = _EC_X9_62_PRIME_192V2.a,
2031 .b = _EC_X9_62_PRIME_192V2.b,
2032 .x = _EC_X9_62_PRIME_192V2.x,
2033 .y = _EC_X9_62_PRIME_192V2.y,
2034 .order = _EC_X9_62_PRIME_192V2.order,
2035 .cofactor = 1,
2036 },
2037 {
2038 .comment = "X9.62 curve over a 192 bit prime field",
2039 .nid = NID_X9_62_prime192v3,
2040 .seed_len = sizeof(_EC_X9_62_PRIME_192V3.seed),
2041 .param_len = sizeof(_EC_X9_62_PRIME_192V3.p),
2042 .seed = _EC_X9_62_PRIME_192V3.seed,
2043 .p = _EC_X9_62_PRIME_192V3.p,
2044 .a = _EC_X9_62_PRIME_192V3.a,
2045 .b = _EC_X9_62_PRIME_192V3.b,
2046 .x = _EC_X9_62_PRIME_192V3.x,
2047 .y = _EC_X9_62_PRIME_192V3.y,
2048 .order = _EC_X9_62_PRIME_192V3.order,
2049 .cofactor = 1,
2050 },
2051#endif /* ENABLE_SMALL_CURVES */
2052 { 1154 {
2053 .comment = "X9.62 curve over a 239 bit prime field", 1155 .comment = "X9.62 curve over a 239 bit prime field",
2054 .nid = NID_X9_62_prime239v1, 1156 .nid = NID_X9_62_prime239v1,
@@ -2105,123 +1207,8 @@ static const struct ec_curve {
2105 .order = _EC_X9_62_PRIME_256V1.order, 1207 .order = _EC_X9_62_PRIME_256V1.order,
2106 .cofactor = 1, 1208 .cofactor = 1,
2107 }, 1209 },
2108#ifdef ENABLE_SMALL_CURVES
2109 {
2110 .comment = "SECG/WTLS curve over a 112 bit prime field",
2111 .nid = NID_wap_wsg_idm_ecid_wtls6,
2112 .seed_len = sizeof(_EC_SECG_PRIME_112R1.seed),
2113 .param_len = sizeof(_EC_SECG_PRIME_112R1.p),
2114 .seed = _EC_SECG_PRIME_112R1.seed,
2115 .p = _EC_SECG_PRIME_112R1.p,
2116 .a = _EC_SECG_PRIME_112R1.a,
2117 .b = _EC_SECG_PRIME_112R1.b,
2118 .x = _EC_SECG_PRIME_112R1.x,
2119 .y = _EC_SECG_PRIME_112R1.y,
2120 .order = _EC_SECG_PRIME_112R1.order,
2121 .cofactor = 1,
2122 },
2123 {
2124 /* XXX - this one's been wrong all along. Should use 160r1. */
2125 .comment = "SECG/WTLS curve over a 160 bit prime field",
2126 .nid = NID_wap_wsg_idm_ecid_wtls7,
2127 .seed_len = sizeof(_EC_SECG_PRIME_160R2.seed),
2128 .param_len = sizeof(_EC_SECG_PRIME_160R2.p),
2129 .seed = _EC_SECG_PRIME_160R2.seed,
2130 .p = _EC_SECG_PRIME_160R2.p,
2131 .a = _EC_SECG_PRIME_160R2.a,
2132 .b = _EC_SECG_PRIME_160R2.b,
2133 .x = _EC_SECG_PRIME_160R2.x,
2134 .y = _EC_SECG_PRIME_160R2.y,
2135 .order = _EC_SECG_PRIME_160R2.order,
2136 .cofactor = 1,
2137 },
2138 {
2139 .comment = "WTLS curve over a 112 bit prime field",
2140 .nid = NID_wap_wsg_idm_ecid_wtls8,
2141 .param_len = sizeof(_EC_WTLS_8.p),
2142 .p = _EC_WTLS_8.p,
2143 .a = _EC_WTLS_8.a,
2144 .b = _EC_WTLS_8.b,
2145 .x = _EC_WTLS_8.x,
2146 .y = _EC_WTLS_8.y,
2147 .order = _EC_WTLS_8.order,
2148 .cofactor = 1,
2149 },
2150 {
2151 .comment = "WTLS curve over a 160 bit prime field",
2152 .nid = NID_wap_wsg_idm_ecid_wtls9,
2153 .param_len = sizeof(_EC_WTLS_9.p),
2154 .p = _EC_WTLS_9.p,
2155 .a = _EC_WTLS_9.a,
2156 .b = _EC_WTLS_9.b,
2157 .x = _EC_WTLS_9.x,
2158 .y = _EC_WTLS_9.y,
2159 .order = _EC_WTLS_9.order,
2160 .cofactor = 1,
2161 },
2162 {
2163 .comment = "WTLS curve over a 224 bit prime field",
2164 .nid = NID_wap_wsg_idm_ecid_wtls12,
2165 .param_len = sizeof(_EC_WTLS_12.p),
2166 .p = _EC_WTLS_12.p,
2167 .a = _EC_WTLS_12.a,
2168 .b = _EC_WTLS_12.b,
2169 .x = _EC_WTLS_12.x,
2170 .y = _EC_WTLS_12.y,
2171 .order = _EC_WTLS_12.order,
2172 .cofactor = 1,
2173 },
2174 /* RFC 5639 curves */ 1210 /* RFC 5639 curves */
2175 { 1211 {
2176 .comment = "RFC 5639 curve over a 160 bit prime field",
2177 .nid = NID_brainpoolP160r1,
2178 .param_len = sizeof(_EC_brainpoolP160r1.p),
2179 .p = _EC_brainpoolP160r1.p,
2180 .a = _EC_brainpoolP160r1.a,
2181 .b = _EC_brainpoolP160r1.b,
2182 .x = _EC_brainpoolP160r1.x,
2183 .y = _EC_brainpoolP160r1.y,
2184 .order = _EC_brainpoolP160r1.order,
2185 .cofactor = 1,
2186 },
2187 {
2188 .comment = "RFC 5639 curve over a 160 bit prime field",
2189 .nid = NID_brainpoolP160t1,
2190 .param_len = sizeof(_EC_brainpoolP160t1.p),
2191 .p = _EC_brainpoolP160t1.p,
2192 .a = _EC_brainpoolP160t1.a,
2193 .b = _EC_brainpoolP160t1.b,
2194 .x = _EC_brainpoolP160t1.x,
2195 .y = _EC_brainpoolP160t1.y,
2196 .order = _EC_brainpoolP160t1.order,
2197 .cofactor = 1,
2198 },
2199 {
2200 .comment = "RFC 5639 curve over a 192 bit prime field",
2201 .nid = NID_brainpoolP192r1,
2202 .param_len = sizeof(_EC_brainpoolP192r1.p),
2203 .p = _EC_brainpoolP192r1.p,
2204 .a = _EC_brainpoolP192r1.a,
2205 .b = _EC_brainpoolP192r1.b,
2206 .x = _EC_brainpoolP192r1.x,
2207 .y = _EC_brainpoolP192r1.y,
2208 .order = _EC_brainpoolP192r1.order,
2209 .cofactor = 1,
2210 },
2211 {
2212 .comment = "RFC 5639 curve over a 192 bit prime field",
2213 .nid = NID_brainpoolP192t1,
2214 .param_len = sizeof(_EC_brainpoolP192t1.p),
2215 .p = _EC_brainpoolP192t1.p,
2216 .a = _EC_brainpoolP192t1.a,
2217 .b = _EC_brainpoolP192t1.b,
2218 .x = _EC_brainpoolP192t1.x,
2219 .y = _EC_brainpoolP192t1.y,
2220 .order = _EC_brainpoolP192t1.order,
2221 .cofactor = 1,
2222 },
2223#endif /* ENABLE_SMALL_CURVES */
2224 {
2225 .comment = "RFC 5639 curve over a 224 bit prime field", 1212 .comment = "RFC 5639 curve over a 224 bit prime field",
2226 .nid = NID_brainpoolP224r1, 1213 .nid = NID_brainpoolP224r1,
2227 .param_len = sizeof(_EC_brainpoolP224r1.p), 1214 .param_len = sizeof(_EC_brainpoolP224r1.p),
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-22 22:10:29 +0000