a01537_source.html

 /*

  * Copyright (c) 2014, Institute for Pervasive Computing, ETH Zurich.

  * All rights reserved.

  *

  * Author: Andreas Dröscher <contiki@anticat.ch>

  *

  * Redistribution and use in source and binary forms, with or without

  * modification, are permitted provided that the following conditions

  * are met:

  * 1. Redistributions of source code must retain the above copyright

  *    notice, this list of conditions and the following disclaimer.

  * 2. Redistributions in binary form must reproduce the above copyright

  *    notice, this list of conditions and the following disclaimer in the

  *    documentation and/or other materials provided with the distribution.

  * 3. Neither the name of the Institute nor the names of its contributors

  *    may be used to endorse or promote products derived from this software

  *    without specific prior written permission.

  *

  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS "AS IS" AND

  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE

  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  * SUCH DAMAGE.

  */

 /**

  * \addtogroup c2538-ecc-algo

  * @{

  *

  * \file

  * Implementation of the cc2538 ECC Algorithms

  */

 #include "contiki.h"

 #include "sys/process.h"


 #include <limits.h>

 #include <stdio.h>


 #include "dev/ecc-algorithm.h"

 #include "dev/ecc-driver.h"

 #include "dev/pka.h"


 #define CHECK_RESULT(...)                                                  \

   state->result = __VA_ARGS__;                                             \

   if(state->result) {                                                      \

     printf("Line: %u Error: %u\n", __LINE__, (unsigned int)state->result); \

     PT_EXIT(&state->pt);                                                   \

   }


 PT_THREAD(ecc_compare(ecc_compare_state_t *state)) {

   PT_BEGIN(&state->pt);


   CHECK_RESULT(bignum_cmp_start(state->a, state->b, state->size, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   state->result = bignum_cmp_get_result();


   PT_END(&state->pt);

 }


 PT_THREAD(ecc_multiply(ecc_multiply_state_t *state)) {

   PT_BEGIN(&state->pt);


   CHECK_RESULT(ecc_mul_start(state->secret, &state->point_in, state->curve_info, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   CHECK_RESULT(ecc_mul_get_result(&state->point_out, state->rv));


   PT_END(&state->pt);

 }


 PT_THREAD(ecc_dsa_sign(ecc_dsa_sign_state_t *state)) {

   /* Executed Every Time */

   uint8_t size = state->curve_info->size;

   const uint32_t *ord = state->curve_info->n;


   ec_point_t point;

   memcpy(point.x, state->curve_info->x, sizeof(point.x));

   memcpy(point.y, state->curve_info->y, sizeof(point.y));


   PT_BEGIN(&state->pt);


   /* Invert k_e mod n */

   CHECK_RESULT(bignum_inv_mod_start(state->k_e, size, ord, size, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   CHECK_RESULT(bignum_inv_mod_get_result(state->k_e_inv, size, state->rv));


   /* Calculate Point R = K_e * GeneratorPoint */

   CHECK_RESULT(ecc_mul_start(state->k_e, &point, state->curve_info, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   CHECK_RESULT(ecc_mul_get_result(&state->point_r, state->rv));


   /* Calculate signature using big math functions

    * d*r (r is the x coordinate of PointR) */

   CHECK_RESULT(bignum_mul_start(state->secret, size, state->point_r.x, size, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   state->len = 24;

   CHECK_RESULT(bignum_mul_get_result(state->signature_s, &state->len, state->rv));


   /* d*r mod n */

   CHECK_RESULT(bignum_mod_start(state->signature_s, state->len, ord, size, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   CHECK_RESULT(bignum_mod_get_result(state->signature_s, size, state->rv));


   /* hash + d*r */

   CHECK_RESULT(bignum_add_start(state->hash, size, state->signature_s, size, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   state->len = 24;

   CHECK_RESULT(bignum_add_get_result(state->signature_s, &state->len, state->rv));


   /* hash + d*r mod n */

   CHECK_RESULT(bignum_mod_start(state->signature_s, state->len, ord, size, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   CHECK_RESULT(bignum_mod_get_result(state->signature_s, size, state->rv));


   /* k_e_inv * (hash + d*r) */

   CHECK_RESULT(bignum_mul_start(state->k_e_inv, size, state->signature_s, size, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   state->len = 24;

   CHECK_RESULT(bignum_mul_get_result(state->signature_s, &state->len, state->rv));


   /* k_e_inv * (hash + d*r) mod n */

   CHECK_RESULT(bignum_mod_start(state->signature_s, state->len, ord, size, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   CHECK_RESULT(bignum_mod_get_result(state->signature_s, size, state->rv));


   PT_END(&state->pt);

 }


 PT_THREAD(ecc_dsa_verify(ecc_dsa_verify_state_t *state)) {

   /* Executed Every Time */

   uint8_t size = state->curve_info->size;

   const uint32_t *ord = state->curve_info->n;


   ec_point_t point;

   memcpy(point.x, state->curve_info->x, sizeof(point.x));

   memcpy(point.y, state->curve_info->y, sizeof(point.y));


   PT_BEGIN(&state->pt);


   /* Invert s mod n */

   CHECK_RESULT(bignum_inv_mod_start(state->signature_s, size, ord, size, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   CHECK_RESULT(bignum_inv_mod_get_result(state->s_inv, size, state->rv));


   /* Calculate u1 = s_inv * hash */

   CHECK_RESULT(bignum_mul_start(state->s_inv, size, state->hash, size, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   state->len = 24;

   CHECK_RESULT(bignum_mul_get_result(state->u1, &state->len, state->rv));


   /* Calculate u1 = s_inv * hash mod n */

   CHECK_RESULT(bignum_mod_start(state->u1, state->len, ord, size, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   CHECK_RESULT(bignum_mod_get_result(state->u1, size, state->rv));


   /* Calculate u2 = s_inv * r */

   CHECK_RESULT(bignum_mul_start(state->s_inv, size, state->signature_r, size, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   state->len = 24;

   CHECK_RESULT(bignum_mul_get_result(state->u2, &state->len, state->rv));


   /* Calculate u2 = s_inv * r mod n */

   CHECK_RESULT(bignum_mod_start(state->u2, state->len, ord, size, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   CHECK_RESULT(bignum_mod_get_result(state->u2, size, state->rv));


   /* Calculate p1 = u1 * A */

   CHECK_RESULT(ecc_mul_start(state->u1, &point, state->curve_info, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   CHECK_RESULT(ecc_mul_get_result(&state->p1, state->rv));


   /* Calculate p2 = u1 * B */

   CHECK_RESULT(ecc_mul_start(state->u2, &state->public, state->curve_info, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   CHECK_RESULT(ecc_mul_get_result(&state->p2, state->rv));


   /* Calculate P = p1 + p2 */

   CHECK_RESULT(ecc_add_start(&state->p1, &state->p2, state->curve_info, &state->rv, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   CHECK_RESULT(ecc_add_get_result(&state->p1, state->rv));


   /* Verify Result */

   CHECK_RESULT(bignum_cmp_start(state->signature_r, state->p1.x, size, state->process));

   PT_WAIT_UNTIL(&state->pt, pka_check_status());

   state->result = bignum_cmp_get_result();

   if((state->result == PKA_STATUS_A_GR_B) || (state->result == PKA_STATUS_A_LT_B)) {

     state->result = PKA_STATUS_SIGNATURE_INVALID;

   }


   PT_END(&state->pt);

 }


 /**

  * @}

  * @}

  */

ecc_mul_get_result
uint8_t ecc_mul_get_result(ec_point_t *ec_point, uint32_t result_vector)
Gets the result of ECC Multiplication.
Definition: ecc-driver.c:163

PKA_STATUS_A_GR_B
#define PKA_STATUS_A_GR_B
Big number compare return status if the first big num is greater than the second. ...
Definition: pka.h:1301

bignum_add_get_result
uint8_t bignum_add_get_result(uint32_t *buffer, uint32_t *buffer_size, const uint32_t result_vector)
Gets the result of the addition operation on two big number.
Definition: bignum-driver.c:605

PKA_STATUS_A_LT_B
#define PKA_STATUS_A_LT_B
Big number compare return status if the first big num is less than the second.
Definition: pka.h:1306

ecc_add_get_result
uint8_t ecc_add_get_result(ec_point_t *ec_point, uint32_t result_vector)
Gets the result of the ECC Addition.
Definition: ecc-driver.c:503

ecc_mul_start
uint8_t ecc_mul_start(uint32_t *scalar, ec_point_t *ec_point, ecc_curve_info_t *curve, uint32_t *result_vector, struct process *process)
Starts ECC Multiplication.
Definition: ecc-driver.c:50

PT_THREAD
PT_THREAD(ecc_compare(ecc_compare_state_t *state))
Do a compare of two big numbers.
Definition: ecc-algorithm.c:55

ecc-driver.h
Header file for the cc2538 ECC driver.

PT_WAIT_UNTIL
#define PT_WAIT_UNTIL(pt, condition)
Block and wait until condition is true.
Definition: pt.h:147

bignum_mul_get_result
uint8_t bignum_mul_get_result(uint32_t *buffer, uint32_t *buffer_size, const uint32_t result_vector)
Gets the results of the big number multiplication.
Definition: bignum-driver.c:480

bignum_inv_mod_get_result
uint8_t bignum_inv_mod_get_result(uint32_t *buffer, const uint8_t buffer_size, const uint32_t result_vector)
Gets the result of the big number inverse modulo operation.
Definition: bignum-driver.c:357

ecc-algorithm.h
Header file for the cc2538 ECC Algorithms.

bignum_mod_start
uint8_t bignum_mod_start(const uint32_t *number, const uint8_t number_size, const uint32_t *modulus, const uint8_t modulus_size, uint32_t *result_vector, struct process *process)
Starts the big number modulus operation.
Definition: bignum-driver.c:64

ecc_compare
int32_t ecc_compare(const uint32_t *a, const uint32_t *b)
Compares the value of a with the value of b.
Definition: ecc.c:112

PT_BEGIN
#define PT_BEGIN(pt)
Declare the start of a protothread inside the C function implementing the protothread.
Definition: pt.h:114

bignum_mod_get_result
uint8_t bignum_mod_get_result(uint32_t *buffer, const uint8_t buffer_size, const uint32_t result_vector)
Gets the result of the big number modulus operation.
Definition: bignum-driver.c:141

process.h
Header file for the Contiki process interface.

pka_check_status
uint8_t pka_check_status(void)
Checks the status of the PKA engine operation.
Definition: pka.c:119

PT_END
#define PT_END(pt)
Declare the end of a protothread.
Definition: pt.h:126

bignum_inv_mod_start
uint8_t bignum_inv_mod_start(const uint32_t *number, const uint8_t number_size, const uint32_t *modulus, const uint8_t modulus_size, uint32_t *result_vector, struct process *process)
Starts the big number inverse modulo operation.
Definition: bignum-driver.c:286

bignum_mul_start
uint8_t bignum_mul_start(const uint32_t *multiplicand, const uint8_t multiplicand_size, const uint32_t *multiplier, const uint8_t multiplier_size, uint32_t *result_vector, struct process *process)
Starts the big number multiplication.
Definition: bignum-driver.c:407

PKA_STATUS_SIGNATURE_INVALID
#define PKA_STATUS_SIGNATURE_INVALID
Signature is invalid.
Definition: pka.h:1313

bignum_add_start
uint8_t bignum_add_start(const uint32_t *number1, const uint8_t number1_size, const uint32_t *number2, const uint8_t number2_size, uint32_t *result_vector, struct process *process)
Starts the addition of two big number.
Definition: bignum-driver.c:534

bignum_cmp_get_result
uint8_t bignum_cmp_get_result(void)
Gets the result of the comparison operation of two big numbers.
Definition: bignum-driver.c:249

ecc_add_start
uint8_t ecc_add_start(ec_point_t *ec_point1, ec_point_t *ec_point2, ecc_curve_info_t *curve, uint32_t *result_vector, struct process *process)
Starts the ECC Addition.
Definition: ecc-driver.c:391

bignum_cmp_start
uint8_t bignum_cmp_start(const uint32_t *number1, const uint32_t *number2, const uint8_t size, struct process *process)
Starts the comparison of two big numbers.
Definition: bignum-driver.c:190

pka.h
Header file for the cc2538 PKA engine driver.