Google Git
Sign in
android / platform / external / ms-tpm-20-ref / HEAD / . / TPMCmd / tpm / include / BnValues.h
blob: 8f5f81658d129067bc0fdb64c80a9f8afab63cbf [file] [log] [blame]
/* Microsoft Reference Implementation for TPM 2.0
*
* The copyright in this software is being made available under the BSD License,
* included below. This software may be subject to other third party and
* contributor rights, including patent rights, and no such rights are granted
* under this license.
*
* Copyright (c) Microsoft Corporation
*
* All rights reserved.
*
* BSD License
*
* Redistribution and use in source and binary forms, with or without modification,
* are permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this list
* of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above copyright notice, this
* list of conditions and the following disclaimer in the documentation and/or
* other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS""
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
* ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
//** Introduction
// This file contains the definitions needed for defining the internal BIGNUM
// structure.
// A BIGNUM is a pointer to a structure. The structure has three fields. The
// last field is and array (d) of crypt_uword_t. Each word is in machine format
// (big- or little-endian) with the words in ascending significance (i.e. words
// in little-endian order). This is the order that seems to be used in every
// big number library in the worlds, so...
//
// The first field in the structure (allocated) is the number of words in 'd'.
// This is the upper limit on the size of the number that can be held in the
// structure. This differs from libraries like OpenSSL as this is not intended
// to deal with numbers of arbitrary size; just numbers that are needed to deal
// with the algorithms that are defined in the TPM implementation.
//
// The second field in the structure (size) is the number of significant words
// in 'n'. When this number is zero, the number is zero. The word at used-1 should
// never be zero. All words between d[size] and d[allocated-1] should be zero.
//** Defines
#ifndef _BN_NUMBERS_H
#define _BN_NUMBERS_H
#if RADIX_BITS == 64
# define RADIX_LOG2 6
#elif RADIX_BITS == 32
#define RADIX_LOG2 5
#else
# error "Unsupported radix"
#endif
#define RADIX_MOD(x) ((x) & ((1 << RADIX_LOG2) - 1))
#define RADIX_DIV(x) ((x) >> RADIX_LOG2)
#define RADIX_MASK ((((crypt_uword_t)1) << RADIX_LOG2) - 1)
#define BITS_TO_CRYPT_WORDS(bits) RADIX_DIV((bits) + (RADIX_BITS - 1))
#define BYTES_TO_CRYPT_WORDS(bytes) BITS_TO_CRYPT_WORDS(bytes * 8)
#define SIZE_IN_CRYPT_WORDS(thing) BYTES_TO_CRYPT_WORDS(sizeof(thing))
#if RADIX_BITS == 64
#define SWAP_CRYPT_WORD(x) REVERSE_ENDIAN_64(x)
typedef uint64_t crypt_uword_t;
typedef int64_t crypt_word_t;
# define TO_CRYPT_WORD_64 BIG_ENDIAN_BYTES_TO_UINT64
# define TO_CRYPT_WORD_32(a, b, c, d) TO_CRYPT_WORD_64(0, 0, 0, 0, a, b, c, d)
#elif RADIX_BITS == 32
# define SWAP_CRYPT_WORD(x) REVERSE_ENDIAN_32((x))
typedef uint32_t crypt_uword_t;
typedef int32_t crypt_word_t;
# define TO_CRYPT_WORD_64(a, b, c, d, e, f, g, h) \
BIG_ENDIAN_BYTES_TO_UINT32(e, f, g, h), \
BIG_ENDIAN_BYTES_TO_UINT32(a, b, c, d)
#endif
#define MAX_CRYPT_UWORD (~((crypt_uword_t)0))
#define MAX_CRYPT_WORD ((crypt_word_t)(MAX_CRYPT_UWORD >> 1))
#define MIN_CRYPT_WORD (~MAX_CRYPT_WORD)
#define LARGEST_NUMBER (MAX((ALG_RSA * MAX_RSA_KEY_BYTES), \
MAX((ALG_ECC * MAX_ECC_KEY_BYTES), MAX_DIGEST_SIZE)))
#define LARGEST_NUMBER_BITS (LARGEST_NUMBER * 8)
#define MAX_ECC_PARAMETER_BYTES (MAX_ECC_KEY_BYTES * ALG_ECC)
// These are the basic big number formats. This is convertible to the library-
// specific format without too much difficulty. For the math performed using
// these numbers, the value is always positive.
#define BN_STRUCT_DEF(count) struct { \
crypt_uword_t allocated; \
crypt_uword_t size; \
crypt_uword_t d[count]; \
}
typedef BN_STRUCT_DEF(1) bignum_t;
#ifndef bigNum
typedef bignum_t *bigNum;
typedef const bignum_t *bigConst;
#endif
extern const bignum_t BnConstZero;
// The Functions to access the properties of a big number.
// Get number of allocated words
#define BnGetAllocated(x) (unsigned)((x)->allocated)
// Get number of words used
#define BnGetSize(x) ((x)->size)
// Get a pointer to the data array
#define BnGetArray(x) ((crypt_uword_t *)&((x)->d[0]))
// Get the nth word of a BIGNUM (zero-based)
#define BnGetWord(x, i) (crypt_uword_t)((x)->d[i])
// Some things that are done often.
// Test to see if a bignum_t is equal to zero
#define BnEqualZero(bn) (BnGetSize(bn) == 0)
// Test to see if a bignum_t is equal to a word type
#define BnEqualWord(bn, word) \
((BnGetSize(bn) == 1) && (BnGetWord(bn, 0) == (crypt_uword_t)word))
// Determine if a BIGNUM is even. A zero is even. Although the
// indication that a number is zero is that its size is zero,
// all words of the number are 0 so this test works on zero.
#define BnIsEven(n) ((BnGetWord(n, 0) & 1) == 0)
// The macros below are used to define BIGNUM values of the required
// size. The values are allocated on the stack so they can be
// treated like simple local values.
// This will call the initialization function for a defined bignum_t.
// This sets the allocated and used fields and clears the words of 'n'.
#define BN_INIT(name) \
(bigNum)BnInit((bigNum)&(name), \
BYTES_TO_CRYPT_WORDS(sizeof(name.d)))
// In some cases, a function will need the address of the structure
// associated with a variable. The structure for a BIGNUM variable
// of 'name' is 'name_'. Generally, when the structure is created, it
// is initialized and a parameter is created with a pointer to the
// structure. The pointer has the 'name' and the structure it points
// to is 'name_'
#define BN_ADDRESS(name) (bigNum)&name##_
#define BN_CONST(name, words, initializer) \
typedef const struct name##_type { \
crypt_uword_t allocated; \
crypt_uword_t size; \
crypt_uword_t d[words < 1 ? 1 : words]; \
} name##_type; \
name##_type name = {(words < 1 ? 1 : words), words, {initializer}};
#define BN_STRUCT_ALLOCATION(bits) (BITS_TO_CRYPT_WORDS(bits) + 1)
// Create a structure of the correct size.
#define BN_STRUCT(bits) \
BN_STRUCT_DEF(BN_STRUCT_ALLOCATION(bits))
// Define a BIGNUM type with a specific allocation
#define BN_TYPE(name, bits) \
typedef BN_STRUCT(bits) bn_##name##_t
// This creates a local BIGNUM variable of a specific size and
// initializes it from a TPM2B input parameter.
#define BN_INITIALIZED(name, bits, initializer) \
BN_STRUCT(bits) name##_; \
bigNum name = BnFrom2B(BN_INIT(name##_), \
(const TPM2B *)initializer)
// Create a local variable that can hold a number with 'bits'
#define BN_VAR(name, bits) \
BN_STRUCT(bits) _##name; \
bigNum name = BN_INIT(_##name)
// Create a type that can hold the largest number defined by the
// implementation.
#define BN_MAX(name) BN_VAR(name, LARGEST_NUMBER_BITS)
#define BN_MAX_INITIALIZED(name, initializer) \
BN_INITIALIZED(name, LARGEST_NUMBER_BITS, initializer)
// A word size value is useful
#define BN_WORD(name) BN_VAR(name, RADIX_BITS)
// This is used to create a word-size BIGNUM and initialize it with
// an input parameter to a function.
#define BN_WORD_INITIALIZED(name, initial) \
BN_STRUCT(RADIX_BITS) name##_; \
bigNum name = BnInitializeWord((bigNum)&name##_, \
BN_STRUCT_ALLOCATION(RADIX_BITS), initial)
// ECC-Specific Values
// This is the format for a point. It is always in affine format. The Z value is
// carried as part of the point, primarily to simplify the interface to the support
// library. Rather than have the interface layer have to create space for the
// point each time it is used...
// The x, y, and z values are pointers to bigNum values and not in-line versions of
// the numbers. This is a relic of the days when there was no standard TPM format
// for the numbers
typedef struct _bn_point_t
{
bigNum x;
bigNum y;
bigNum z;
} bn_point_t;
typedef bn_point_t *bigPoint;
typedef const bn_point_t *pointConst;
typedef struct constant_point_t
{
bigConst x;
bigConst y;
bigConst z;
} constant_point_t;
#define ECC_BITS (MAX_ECC_KEY_BYTES * 8)
BN_TYPE(ecc, ECC_BITS);
#define ECC_NUM(name) BN_VAR(name, ECC_BITS)
#define ECC_INITIALIZED(name, initializer) \
BN_INITIALIZED(name, ECC_BITS, initializer)
#define POINT_INSTANCE(name, bits) \
BN_STRUCT (bits) name##_x = \
{BITS_TO_CRYPT_WORDS ( bits ), 0,{0}}; \
BN_STRUCT ( bits ) name##_y = \
{BITS_TO_CRYPT_WORDS ( bits ), 0,{0}}; \
BN_STRUCT ( bits ) name##_z = \
{BITS_TO_CRYPT_WORDS ( bits ), 0,{0}}; \
bn_point_t name##_
#define POINT_INITIALIZER(name) \
BnInitializePoint(&name##_, (bigNum)&name##_x, \
(bigNum)&name##_y, (bigNum)&name##_z)
#define POINT_INITIALIZED(name, initValue) \
POINT_INSTANCE(name, MAX_ECC_KEY_BITS); \
bigPoint name = BnPointFrom2B( \
POINT_INITIALIZER(name), \
initValue)
#define POINT_VAR(name, bits) \
POINT_INSTANCE (name, bits); \
bigPoint name = POINT_INITIALIZER(name)
#define POINT(name) POINT_VAR(name, MAX_ECC_KEY_BITS)
// Structure for the curve parameters. This is an analog to the
// TPMS_ALGORITHM_DETAIL_ECC
typedef struct
{
bigConst prime; // a prime number
bigConst order; // the order of the curve
bigConst h; // cofactor
bigConst a; // linear coefficient
bigConst b; // constant term
constant_point_t base; // base point
} ECC_CURVE_DATA;
// Access macros for the ECC_CURVE structure. The parameter 'C' is a pointer
// to an ECC_CURVE_DATA structure. In some libraries, the curve structure contains
// a pointer to an ECC_CURVE_DATA structure as well as some other bits. For those
// cases, the AccessCurveData macro is used in the code to first get the pointer
// to the ECC_CURVE_DATA for access. In some cases, the macro does nothing.
#define CurveGetPrime(C) ((C)->prime)
#define CurveGetOrder(C) ((C)->order)
#define CurveGetCofactor(C) ((C)->h)
#define CurveGet_a(C) ((C)->a)
#define CurveGet_b(C) ((C)->b)
#define CurveGetG(C) ((pointConst)&((C)->base))
#define CurveGetGx(C) ((C)->base.x)
#define CurveGetGy(C) ((C)->base.y)
// Convert bytes in initializers
// This is used for CryptEccData.c.
#define BIG_ENDIAN_BYTES_TO_UINT32(a, b, c, d) \
( ((UINT32)(a) << 24) \
+ ((UINT32)(b) << 16) \
+ ((UINT32)(c) << 8) \
+ ((UINT32)(d)) \
)
#define BIG_ENDIAN_BYTES_TO_UINT64(a, b, c, d, e, f, g, h) \
( ((UINT64)(a) << 56) \
+ ((UINT64)(b) << 48) \
+ ((UINT64)(c) << 40) \
+ ((UINT64)(d) << 32) \
+ ((UINT64)(e) << 24) \
+ ((UINT64)(f) << 16) \
+ ((UINT64)(g) << 8) \
+ ((UINT64)(h)) \
)
#ifndef RADIX_BYTES
# if RADIX_BITS == 32
# define RADIX_BYTES 4
# elif RADIX_BITS == 64
# define RADIX_BYTES 8
# else
# error "RADIX_BITS must either be 32 or 64"
# endif
#endif
// These macros are used for data initialization of big number ECC constants
// These two macros combine a macro for data definition with a macro for
// structure initilization. The 'a' parameter is a macro that gives numbers to
// each of the bytes of the initializer and defines where each of the numberd
// bytes will show up in the final structure. The 'b' value is a structure that
// contains the requisite number of bytes in big endian order. S, the MJOIN
// and JOIND macros will combine a macro defining a data layout with a macro defining
// the data to be places. Generally, these macros will only need expansion when
// CryptEccData.c gets compiled.
#define JOINED(a,b) a b
#define MJOIN(a,b) a b
#define B4_TO_BN(a, b, c, d) (((((a << 8) + b) << 8) + c) + d)
#if RADIX_BYTES == 64
#define B8_TO_BN(a, b, c, d, e, f, g, h) \
(UINT64)(((((((((((((((a) << 8) | b) << 8) | c) << 8) | d) << 8) \
e) << 8) | f) << 8) | g) << 8) | h)
#define B1_TO_BN(a) B8_TO_BN(0, 0, 0, 0, 0, 0, 0, a)
#define B2_TO_BN(a, b) B8_TO_BN(0, 0, 0, 0, 0, 0, a, b)
#define B3_TO_BN(a, b, c) B8_TO_BN(0, 0, 0, 0, 0, a, b, c)
#define B4_TO_BN(a, b, c, d) B8_TO_BN(0, 0, 0, 0, a, b, c, d)
#define B5_TO_BN(a, b, c, d, e) B8_TO_BN(0, 0, 0, a, b, c, d, e)
#define B6_TO_BN(a, b, c, d, e, f) B8_TO_BN(0, 0, a, b, c, d, e, f)
#define B7_TO_BN(a, b, c, d, e, f, g) B8_TO_BN(0, a, b, c, d, e, f, g)
#else
#define B1_TO_BN(a) B4_TO_BN(0, 0, 0, a)
#define B2_TO_BN(a, b) B4_TO_BN(0, 0, a, b)
#define B3_TO_BN(a, b, c) B4_TO_BN(0, a, b, c)
#define B4_TO_BN(a, b, c, d) (((((a << 8) + b) << 8) + c) + d)
#define B5_TO_BN(a, b, c, d, e) B4_TO_BN(b, c, d, e), B1_TO_BN(a)
#define B6_TO_BN(a, b, c, d, e, f) B4_TO_BN(c, d, e, f), B2_TO_BN(a, b)
#define B7_TO_BN(a, b, c, d, e, f, g) B4_TO_BN(d, e, f, g), B3_TO_BN(a, b, c)
#define B8_TO_BN(a, b, c, d, e, f, g, h) B4_TO_BN(e, f, g, h), B4_TO_BN(a, b, c, d)
#endif
// Add implementation dependent definitions for other ECC Values and for linkages.
#include LIB_INCLUDE(MATH_LIB, Math)
#endif // _BN_NUMBERS_H