crypto_ecc.c

00001 /*
00002 MiniTLS - A super trimmed down TLS/SSL Library for embedded devices
00003 Author: Donatien Garnier
00004 Copyright (C) 2013-2014 AppNearMe Ltd
00005 
00006 This program is free software; you can redistribute it and/or
00007 modify it under the terms of the GNU General Public License
00008 as published by the Free Software Foundation; either version 2
00009 of the License, or (at your option) any later version.
00010 
00011 This program is distributed in the hope that it will be useful,
00012 but WITHOUT ANY WARRANTY; without even the implied warranty of
00013 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00014 GNU General Public License for more details.
00015 
00016 You should have received a copy of the GNU General Public License
00017 along with this program; if not, write to the Free Software
00018 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
00019 *//**
00020  * \file crypto_ecc.c
00021  * \copyright Copyright (c) AppNearMe Ltd 2013
00022  * \author Donatien Garnier
00023  */
00024 
00025 #define __DEBUG__ 0//4
00026 #ifndef __MODULE__
00027 #define __MODULE__ "crypto_ecc.c"
00028 #endif
00029 
00030 #include "core/fwk.h"
00031 #include "crypto_ecc.h"
00032 #include "inc/minitls_errors.h"
00033 #include "inc/minitls_config.h"
00034 
00035 #include "crypto_math.h"
00036 #include "ltc/ltc.h"
00037 
00038 static minitls_err_t crypto_ecc_dsa_check_get_asn1_rs(void* r, void* s, const uint8_t* signature, size_t signature_size);
00039 
00040 static const crypto_ecc_curve_t crypto_ecc_curves[];
00041 
00042 minitls_err_t crypto_ecc_curve_get(const crypto_ecc_curve_t** curve, crypto_ecc_curve_type_t type)
00043 {
00044  /*
00045 GNUTLS supports:
00046 SECP192R1 = ECC-192 in libtomcrypt
00047 SECP224R1 = ECC-224 in libtomcrypt
00048 SECP256R1 = ECC-256 in libtomcrypt
00049 SECP384R1 = ECC-384 in libtomcrypt
00050 SECP521R1 = ECC-521 in libtomcrypt
00051 
00052 So let's support the same ones!
00053  */
00054 
00055   int i = 0;
00056   while(true)
00057   {
00058     const crypto_ecc_curve_t* current_curve = &crypto_ecc_curves[i];
00059     if(current_curve->size == 0)
00060     {
00061       return MINITLS_ERR_NOT_IMPLEMENTED;
00062     }
00063     if(current_curve->type == type)
00064     {
00065       *curve = current_curve;
00066       break;
00067     }
00068   }
00069   return MINITLS_OK;
00070 }
00071 
00072 minitls_err_t crypto_ecc_ansi_x963_import(crypto_ecc_public_key_t* key, const crypto_ecc_curve_t* curve, const uint8_t* x963, size_t size)
00073 {
00074   int err;
00075 
00076   /* must be odd */
00077   if ((size & 1) == 0) {
00078      return MINITLS_ERR_PARAMETERS;
00079   }
00080 
00081   /* init key */
00082   if (mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, NULL) != MINITLS_OK) {
00083      return MINITLS_ERR_MEMORY;
00084   }
00085 
00086   /* check for 4, 6 or 7 */
00087   if (x963[0] != 4 && x963[0] != 6 && x963[0] != 7) {
00088      err = MINITLS_ERR_PARAMETERS;
00089      goto error;
00090   }
00091 
00092   /* read data */
00093   mp_read_unsigned_bin(&key->pubkey.x, (unsigned char *)x963+1, (size-1)>>1);
00094 
00095   mp_read_unsigned_bin(&key->pubkey.y, (unsigned char *)x963+1+((size-1)>>1), (size-1)>>1);
00096 
00097   mp_set(&key->pubkey.z, 1);
00098 
00099   if (((size-1)>>1) != (unsigned long) curve->size) {
00100     err = MINITLS_ERR_PARAMETERS;
00101     goto error;
00102   }
00103 
00104   key->curve = curve;
00105 
00106   /* we're done */
00107   return MINITLS_OK;
00108 error:
00109   mp_clear_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, NULL);
00110   return err;
00111 }
00112 
00113 minitls_err_t crypto_ecc_ansi_x963_export(const crypto_ecc_public_key_t* key, uint8_t* x963, size_t max_size, size_t* size)
00114 {
00115 
00116   unsigned char buf[ECC_BUF_SIZE];
00117   unsigned long numlen;
00118 
00119   numlen = crypto_ecc_get_key_size_for_curve(key->curve);
00120 
00121   if (max_size < (1 + 2*numlen)) {
00122      *size = 1 + 2*numlen;
00123      return MINITLS_ERR_BUFFER_TOO_SMALL;
00124   }
00125 
00126   /* store byte 0x04 */
00127   x963[0] = 0x04;
00128 
00129   /* pad and store x */
00130   zeromem(buf, sizeof(buf));
00131   mp_to_unsigned_bin(&key->pubkey.x, buf + (numlen - mp_unsigned_bin_size(&key->pubkey.x)));
00132   memcpy(x963+1, buf, numlen);
00133 
00134   /* pad and store y */
00135   zeromem(buf, sizeof(buf));
00136   mp_to_unsigned_bin(&key->pubkey.y, buf + (numlen - mp_unsigned_bin_size(&key->pubkey.y)));
00137   memcpy(x963+1+numlen, buf, numlen);
00138 
00139   *size = 1 + 2*numlen;
00140   return MINITLS_OK;
00141 }
00142 
00143 minitls_err_t crypto_ecc_generate_key(crypto_ecc_private_key_t* key, const crypto_ecc_curve_t* curve, crypto_prng_t* prng)
00144 {
00145   ecc_point     base;
00146   fp_int        prime, order;
00147   int ret;
00148 
00149   size_t keysize = crypto_ecc_get_key_size_for_curve(curve);
00150 
00151   DBG("Generating key of size %d", keysize);
00152 
00153   uint8_t buf[keysize];
00154 
00155   /* make up random string */
00156   DBG("Getting data from PRNG");
00157   crypto_prng_get(prng, buf, keysize);
00158 #if 0
00159   if( crypto_prng_get(prng, buf, keysize) != MINITLS_OK ) {
00160      ret = MINITLS_ERR_PRNG;
00161      goto errbuf;
00162   }
00163 #endif
00164 
00165   DBG("Initializing numbers");
00166   /* setup the key variables */
00167   if ((ret = mp_init_multi(&key->pub.pubkey.x, &key->pub.pubkey.y, &key->pub.pubkey.z, &key->privkey, &prime, &order, NULL)) != MINITLS_OK) {
00168      goto errbuf;
00169   }
00170   if ((ret = mp_init_multi(&base.x, &base.y, &base.z, NULL)) != MINITLS_OK) {
00171      ret = MINITLS_ERR_MEMORY;
00172      goto errkey;
00173   }
00174 
00175   DBG("Reading the key specs");
00176    /* read in the specs for this key */
00177   if ((ret = mp_read_radix(&prime,   (char *)curve->prime, 16)) != MINITLS_OK)                  { goto errkey; }
00178   if ((ret = mp_read_radix(&order,   (char *)curve->order, 16)) != MINITLS_OK)                  { goto errkey; }
00179   if ((ret = mp_read_radix(&base.x, (char *)curve->Gx, 16)) != MINITLS_OK)                     { goto errkey; }
00180   if ((ret = mp_read_radix(&base.y, (char *)curve->Gy, 16)) != MINITLS_OK)                     { goto errkey; }
00181   /*if ((ret = */mp_set(&base.z, 1); /*) != MINITLS_OK)                                                  { goto errkey; }*/
00182   /*if ((ret =*/ mp_read_unsigned_bin(&key->privkey, (unsigned char *)buf, keysize);/*) != MINITLS_OK)         { goto errkey; }*/
00183 
00184   /* the key should be smaller than the order of base point */
00185   if (mp_cmp(&key->privkey, &order) != MP_LT) {
00186       if((ret = mp_mod(&key->privkey, &order, &key->privkey)) != MINITLS_OK)                                    { goto errkey; }
00187   }
00188 
00189   DBG("Compute public key");
00190   /* make the public key */
00191   if ((ret = ltc_ecc_mulmod(&key->privkey, &base, &key->pub.pubkey, &prime, 1)) != MINITLS_OK)              { goto errkey; }
00192 
00193   //Save curve
00194   key->pub.curve = curve;
00195 
00196   DBG("Done");
00197   /* free up ram */
00198   ret = MINITLS_OK;
00199   goto cleanup;
00200 errkey:
00201    mp_clear_multi(&key->pub.pubkey.x, &key->pub.pubkey.y, &key->pub.pubkey.z, &key->privkey, NULL);
00202 cleanup:
00203    mp_clear_multi(&base.x, &base.y, &base.z, &prime, &order, NULL);
00204 errbuf:
00205 #ifdef MINITLS_CLEAN_STACK
00206    zeromem(buf, &key->pub.curve->size);
00207 #endif
00208 
00209    return ret;
00210 }
00211 
00212 size_t crypto_ecc_get_key_size_for_curve(const crypto_ecc_curve_t* curve)
00213 {
00214   switch(curve->type)
00215    {
00216    case secp192r1:
00217      return 192 / 8;
00218    case secp224r1:
00219      return 224 / 8;
00220    case secp256r1:
00221      return 256 / 8;
00222    case secp384r1:
00223      return 384 / 8;
00224    case secp521r1:
00225      return 512 / 8;
00226    default:
00227      break;
00228    }
00229 
00230   return 0;
00231 }
00232 
00233 const crypto_ecc_public_key_t* crypto_ecc_get_public_key(const crypto_ecc_private_key_t* private_key)
00234 {
00235   return &private_key->pub;
00236 }
00237 
00238 minitls_err_t crypto_ecc_dsa_check(const crypto_ecc_public_key_t* key, const uint8_t* hash, size_t hash_size, const uint8_t* signature, size_t signature_size)
00239 {
00240   crypto_ecc_point_t    mG, mQ;
00241   fp_int          r, s, v, w, u1, u2, e, p, m;
00242   fp_digit        mp;
00243   int           err;
00244 
00245   bool valid = false;
00246 
00247   /* default to invalid signature */
00248   valid = false;
00249 
00250 
00251   /* allocate ints */
00252   if ((err = mp_init_multi(&r, &s, &v, &w, &u1, &u2, &p, &e, &m, NULL)) != MINITLS_OK) {
00253      return MINITLS_ERR_MEMORY;
00254   }
00255 
00256   /* allocate points */
00257   err = mp_init_multi(&mG.x, &mG.y, &mG.z, &mQ.x, &mQ.y, &mQ.z, NULL);
00258   if (err) {
00259      mp_clear_multi(&r, &s, &v, &w, &u1, &u2, &p, &e, &m, NULL);
00260      return MINITLS_ERR_MEMORY;
00261   }
00262 
00263 #if 0
00264   /* parse header */
00265   //TODO
00266   if ((err = der_decode_sequence_multi(signature, signature_size,
00267                                  LTC_ASN1_INTEGER, 1UL, &r,
00268                                  LTC_ASN1_INTEGER, 1UL, &s,
00269                                  LTC_ASN1_EOL, 0UL, NULL)) != MINITLS_OK) {
00270      goto error;
00271   }
00272 #endif
00273 
00274   //Decode ASN.1 sequence: [INTEGER:&r, INTEGER:&s]
00275   if( (err = crypto_ecc_dsa_check_get_asn1_rs(&r, &s, signature, signature_size) ) != MINITLS_OK )
00276   {
00277     goto error;
00278   }
00279 
00280   /* get the order */
00281   if ((err = mp_read_radix(&p, (char *)key->curve->order, 16)) != MINITLS_OK)                                { goto error; }
00282 
00283   /* get the modulus */
00284   if ((err = mp_read_radix(&m, (char *)key->curve->prime, 16)) != MINITLS_OK)                                { goto error; }
00285 
00286   /* check for zero */
00287   if (mp_iszero(&r) || mp_iszero(&s) || mp_cmp(&r, &p) != MP_LT || mp_cmp(&s, &p) != MP_LT) {
00288      err = MINITLS_ERR_PARAMETERS;
00289      goto error;
00290   }
00291 
00292   /* read hash */
00293   /*if ((err =*/ mp_read_unsigned_bin(&e, (unsigned char *)hash, (int)hash_size);/*) != MINITLS_OK)                { goto error; }*/
00294 
00295   /*  &w  = &s^-1 mod n */
00296   if ((err = mp_invmod(&s, &p, &w)) != MINITLS_OK)                                                          { goto error; }
00297 
00298   /* &u1 = ew */
00299   if ((err = mp_mulmod(&e, &w, &p, &u1)) != MINITLS_OK)                                                      { goto error; }
00300 
00301   /* &u2 = rw */
00302   if ((err = mp_mulmod(&r, &w, &p, &u2)) != MINITLS_OK)                                                      { goto error; }
00303 
00304   /* find mG and mQ */
00305   if ((err = mp_read_radix(&mG.x, (char *)key->curve->Gx, 16)) != MINITLS_OK)                               { goto error; }
00306   if ((err = mp_read_radix(&mG.y, (char *)key->curve->Gy, 16)) != MINITLS_OK)                               { goto error; }
00307   /*if ((err = */mp_set(&mG.z, 1);/*) != MINITLS_OK)                                                            { goto error; }*/
00308 
00309   /*if ((err = */mp_copy(&key->pubkey.x, &mQ.x);/*) != MINITLS_OK)                                               { goto error; }*/
00310   /*if ((err = */mp_copy(&key->pubkey.y, &mQ.y);/*) != MINITLS_OK)                                               { goto error; }*/
00311   /*if ((err = */mp_copy(&key->pubkey.z, &mQ.z);/*) != MINITLS_OK)                                               { goto error; }*/
00312 
00313   /* compute &u1*mG + &u2*mQ = mG */
00314 #ifndef LTC_ECC_SHAMIR
00315 //  if (ltc_mp.ecc_mul2add == NULL) {
00316 #endif
00317      if ((err = ltc_ecc_mulmod(&u1, &mG, &mG, &m, 0)) != MINITLS_OK)                                       { goto error; }
00318      if ((err = ltc_ecc_mulmod(&u2, &mQ, &mQ, &m, 0)) != MINITLS_OK)                                       { goto error; }
00319 
00320      /* find the montgomery mp */
00321      if ((err = mp_montgomery_setup(&m, &mp)) != MINITLS_OK)                                              { goto error; }
00322 
00323      /* add them */
00324      if ((err = ltc_ecc_projective_add_point(&mQ, &mG, &mG, &m, &mp)) != MINITLS_OK)                                      { goto error; }
00325 
00326      /* reduce */
00327      if ((err = ltc_ecc_map(&mG, &m, &mp)) != MINITLS_OK)                                                { goto error; }
00328 #ifdef LTC_ECC_SHAMIR
00329      /* use Shamir'&s trick to compute &u1*mG + &u2*mQ using half of the doubles */
00330      if ((err = ltc_ecc_mul2add(&mG, &u1, &mQ, &u2, &mG, &m)) != MINITLS_OK)                                { goto error; }
00331 #endif
00332 
00333   /* &v = X_x1 mod n */
00334   if ((err = mp_mod(&mG.x, &p, &v)) != MINITLS_OK)                                                         { goto error; }
00335 
00336   /* does &v == &r */
00337   if (mp_cmp(&v, &r) == MP_EQ) {
00338     valid = true;
00339   }
00340 
00341 error:
00342   mp_clear_multi(&mG.x, &mG.y, &mG.z, &mQ.x, &mQ.y, &mQ.z, &r, &s, &v, &w, &u1, &u2, &p, &e, &m, NULL);
00343   mp_montgomery_free(&mp);
00344   if(err == MINITLS_OK)
00345   {
00346     if(valid)
00347     {
00348       return MINITLS_OK;
00349     }
00350     else
00351     {
00352       return MINITLS_ERR_WRONG_ECDSA;
00353     }
00354   }
00355   else
00356   {
00357     return err;
00358   }
00359 }
00360 
00361 minitls_err_t crypto_ecc_dh_generate_shared_secret(const crypto_ecc_private_key_t* private_key, const crypto_ecc_public_key_t* public_key, uint8_t* secret, size_t max_secret_size, size_t* secret_size)
00362 {
00363   unsigned long  x;
00364   ecc_point      result;
00365   fp_int         prime;
00366   int            err;
00367 
00368   //Check that keys match the same curve
00369   if (private_key->pub.curve->type != public_key->curve->type) {
00370      return MINITLS_ERR_WRONG_CURVE;
00371   }
00372 
00373   /* make new point */
00374   if (mp_init_multi(&result.x, &result.y, &result.z, NULL) != MINITLS_OK) {
00375      return MINITLS_ERR_MEMORY;
00376   }
00377 
00378   /*if ((err = */mp_init(&prime);/*) != MINITLS_OK) {
00379      mp_clear_multi(&result->x, &result->y, &result->z, NULL);
00380      return err;
00381   }*/
00382 
00383   if ((err = mp_read_radix(&prime, (char *)private_key->pub.curve->prime, 16)) != MINITLS_OK)                               { goto done; }
00384   if ((err = ltc_ecc_mulmod(&private_key->privkey, &public_key->pubkey, &result, &prime, 1)) != MINITLS_OK)                { goto done; }
00385 
00386   x = (unsigned long)mp_unsigned_bin_size(&prime);
00387   if (max_secret_size < x) {
00388      *secret_size = x;
00389      err = MINITLS_ERR_BUFFER_TOO_SMALL;
00390      goto done;
00391   }
00392   zeromem(secret, x);
00393   /*if ((err =*/ mp_to_unsigned_bin(&result.x, secret + (x - mp_unsigned_bin_size(&result.x)));/*)   != MINITLS_OK)           { goto done; }*/
00394 
00395   err     = MINITLS_OK;
00396   *secret_size = x;
00397 done:
00398   mp_clear(&prime);
00399   mp_clear_multi(&result.x, &result.y, &result.z, NULL);
00400   return err;
00401 }
00402 
00403 //Decode (&r,&s) integers from ASN.1 Signature
00404 #define ENSURE_SIZE(actual_size, min_size) do{ if( (actual_size) < (min_size) ) { return MINITLS_ERR_PARAMETERS; } }while(0)
00405 minitls_err_t crypto_ecc_dsa_check_get_asn1_rs(void* r, void* s, const uint8_t* signature, size_t signature_size)
00406 {
00407   const uint8_t* p = signature;
00408   size_t sz = signature_size;
00409 
00410   ENSURE_SIZE(sz, 1);
00411 
00412   if( (p[0] != 0x30) && (p[0] != 0x31) ) //Sequence, SET types
00413   {
00414     return MINITLS_ERR_PARAMETERS;
00415   }
00416 
00417   p++;
00418   sz--;
00419 
00420   ENSURE_SIZE(sz, 1);
00421 
00422   size_t seq_size;
00423   //Get sequence length
00424   if(*p < 0x80)
00425   {
00426     seq_size = p[0];
00427     p++;
00428     sz--;
00429   }
00430   else if(*p == 0x81)
00431   {
00432     ENSURE_SIZE(sz, 2);
00433     seq_size = p[1];
00434     p+=2;
00435     sz-=2;
00436   }
00437   else if(*p == 0x82)
00438   {
00439     ENSURE_SIZE(sz, 3);
00440     seq_size = (p[1] << 8) | p[2];
00441     p+=3;
00442     sz-=3;
00443   }
00444   else if(*p == 0x83)
00445   {
00446     ENSURE_SIZE(sz, 4);
00447     seq_size = (p[1] << 16) | (p[2] << 8) | p[3];
00448     p+=4;
00449     sz-=4;
00450   }
00451   else if(*p == 0x84)
00452   {
00453     ENSURE_SIZE(sz, 5);
00454     seq_size = (p[1] << 24) |(p[2] << 16) | (p[3] << 8) | p[4];
00455     p+=5;
00456     sz-=5;
00457   }
00458   else
00459   {
00460     return MINITLS_ERR_PARAMETERS;
00461   }
00462 
00463   //Check that sequence size == remaining bytes size
00464   if( seq_size != sz )
00465   {
00466     return MINITLS_ERR_PARAMETERS;
00467   }
00468 
00469   //Read integers
00470   for(int i = 0; i < 2; i++)
00471   {
00472     ENSURE_SIZE(sz, 1);
00473 
00474     if( p[0] != 2 ) //Integer type
00475     {
00476       return MINITLS_ERR_PARAMETERS;
00477     }
00478 
00479     p++;
00480     sz--;
00481 
00482     ENSURE_SIZE(sz, 1);
00483 
00484     size_t integer_size;
00485     //Get sequence length
00486     if(*p < 0x80)
00487     {
00488       integer_size = p[0];
00489       p++;
00490       sz--;
00491     }
00492     else if(*p == 0x81)
00493     {
00494       ENSURE_SIZE(sz, 2);
00495       integer_size = p[1];
00496       p+=2;
00497       sz-=2;
00498     }
00499     else if(*p == 0x82)
00500     {
00501       ENSURE_SIZE(sz, 3);
00502       integer_size = (p[1] << 8) | p[2];
00503       p+=3;
00504       sz-=3;
00505     }
00506     else if(*p == 0x83)
00507     {
00508       ENSURE_SIZE(sz, 4);
00509       integer_size = (p[1] << 16) | (p[2] << 8) | p[3];
00510       p+=4;
00511       sz-=4;
00512     }
00513     else if(*p == 0x84)
00514     {
00515       ENSURE_SIZE(sz, 5);
00516       integer_size = (p[1] << 24) |(p[2] << 16) | (p[3] << 8) | p[4];
00517       p+=5;
00518       sz-=5;
00519     }
00520     else
00521     {
00522       return MINITLS_ERR_PARAMETERS;
00523     }
00524 
00525     //Check that we have enough bytes remaining
00526     ENSURE_SIZE(sz, integer_size);
00527 
00528     //Read integer
00529     void* integer = (i==0)?r:s;
00530 
00531     /*int err;*/
00532     /*if ((err = */mp_read_unsigned_bin(integer, (unsigned char *)p, integer_size);/*) != MINITLS_OK) {
00533        return err;
00534     }*/
00535 
00536     p+=integer_size;
00537     sz-=integer_size;
00538   }
00539 
00540   if(sz > 0)
00541   {
00542     //Unread parameters left in sequence
00543     return MINITLS_ERR_PARAMETERS;
00544   }
00545 
00546   return MINITLS_OK;
00547 }
00548 
00549 //List of curves -- storing in strings is not optimal, TODO will have to be addressed at some point
00550 static const crypto_ecc_curve_t crypto_ecc_curves[] = {
00551 #if CRYPTO_ECC160
00552 {
00553         20,
00554         secp160r1,
00555         "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF",
00556         "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45",
00557         "0100000000000000000001F4C8F927AED3CA752257",
00558         "4A96B5688EF573284664698968C38BB913CBFC82",
00559         "23A628553168947D59DCC912042351377AC5FB32",
00560 },
00561 #endif
00562 #if CRYPTO_ECC192
00563 {
00564         24,
00565         secp192r1,
00566         "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
00567         "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1",
00568         "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831",
00569         "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012",
00570         "7192B95FFC8DA78631011ED6B24CDD573F977A11E794811",
00571 },
00572 #endif
00573 #if CRYPTO_ECC224
00574 {
00575         28,
00576         secp224r1,
00577         "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
00578         "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
00579         "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",
00580         "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
00581         "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34",
00582 },
00583 #endif
00584 #if CRYPTO_ECC256
00585 {
00586         32,
00587         secp256r1,
00588         "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
00589         "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
00590         "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",
00591         "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296",
00592         "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5",
00593 },
00594 #endif
00595 #if CRYPTO_ECC384
00596 {
00597         48,
00598         secp384r1,
00599         "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",
00600         "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",
00601         "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973",
00602         "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7",
00603         "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F",
00604 },
00605 #endif
00606 #if CRYPTO_ECC521
00607 {
00608         66,
00609         secp521r1,
00610         "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
00611         "51953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
00612         "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",
00613         "C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",
00614         "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650",
00615 },
00616 #endif
00617 {0,},
00618 };