[Cryptech-Commits] [user/shatov/ecdsa256] 01/01: Fixed coordinates of the hardcoded double of the base point, added more test vectors to make sure, that the patch actually works. See the corresponding commit message for the ecdsa_fpga_model for more details.

[git at cryptech.is]

This is an automated email from the git hooks/post-receive script.

meisterpaul1 at yandex.ru pushed a commit to branch fix
in repository user/shatov/ecdsa256.

commit d924bdc54ed0400283d9b5a2f6b987f7d9f90db5
Author: Pavel V. Shatov (Meister) <meisterpaul1 at yandex.ru>
AuthorDate: Sun Apr 1 13:33:04 2018 +0300

    Fixed coordinates of the hardcoded double of the base point, added more test
    vectors to make sure, that the patch actually works. See the corresponding
    commit message for the ecdsa_fpga_model for more details.
---
 bench/tb_curve_multiplier_256.v | 30 ++++++++++++++++++++++++++----
 rtl/curve/rom/brom_p256_h_x.v   | 16 ++++++++--------
 rtl/curve/rom/brom_p256_h_y.v   | 20 ++++++++++----------
 3 files changed, 44 insertions(+), 22 deletions(-)

diff --git a/bench/tb_curve_multiplier_256.v b/bench/tb_curve_multiplier_256.v
index bcca034..66c8e94 100644
--- a/bench/tb_curve_multiplier_256.v
+++ b/bench/tb_curve_multiplier_256.v
@@ -45,19 +45,38 @@ module tb_curve_multiplier_256;
 
 		//
 		// Test Vectors
-		//
+		//
+		 
+		/* Q = d * G */
 	localparam	[255:0]	K_1	= 256'h70a12c2db16845ed56ff68cfc21a472b3f04d7d6851bf6349f2d7d5b3452b38a;
 	localparam	[255:0]	PX_1	= 256'h8101ece47464a6ead70cf69a6e2bd3d88691a3262d22cba4f7635eaff26680a8;
 	localparam	[255:0]	PY_1	= 256'hd8a12ba61d599235f67d9cb4d58f1783d3ca43e78f0a5abaa624079936c0c3a9;
 
+		/* R = k * G */
 	localparam	[255:0]	K_2	= 256'h580ec00d856434334cef3f71ecaed4965b12ae37fa47055b1965c7b134ee45d0;
 	localparam	[255:0]	PX_2	= 256'h7214bc9647160bbd39ff2f80533f5dc6ddd70ddf86bb815661e805d5d4e6f27c;
 	localparam	[255:0]	PY_2	= 256'h8b81e3e977597110c7cf2633435b2294b72642987defd3d4007e1cfc5df84541;
 
+		/* O = n * G */
 	localparam	[255:0]	K_3	= 256'hffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551;
 	localparam	[255:0]	PX_3	= 256'h0000000000000000000000000000000000000000000000000000000000000000;
 	localparam	[255:0]	PY_3	= 256'h0000000000000000000000000000000000000000000000000000000000000000;
+
+		/* H = 2 * G */
+	localparam	[255:0]	K_4	= 256'h0000000000000000000000000000000000000000000000000000000000000002;
+	localparam	[255:0]	PX_4	= 256'h7cf27b188d034f7e8a52380304b51ac3c08969e277f21b35a60b48fc47669978;
+	localparam	[255:0]	PY_4	= 256'h07775510db8ed040293d9ac69f7430dbba7dade63ce982299e04b79d227873d1;
 		
+		/* G = (n + 1) * G */
+	localparam	[255:0]	K_5	= 256'hffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551 + 'd1;
+	localparam	[255:0]	PX_5	= 256'h6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296;
+	localparam	[255:0]	PY_5	= 256'h4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5;
+
+		/* H = (n + 2) * G */
+	localparam	[255:0]	K_6	= 256'hffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551 + 'd2;
+	localparam	[255:0]	PX_6	= 256'h7cf27b188d034f7e8a52380304b51ac3c08969e277f21b35a60b48fc47669978;
+	localparam	[255:0]	PY_6	= 256'h07775510db8ed040293d9ac69f7430dbba7dade63ce982299e04b79d227873d1;
+				
 		
 		//
 		// Core Parameters
@@ -171,9 +190,12 @@ module tb_curve_multiplier_256;
 		#100;		
 		
 			/* run tests */
-		test_curve_multiplier(K_1, PX_1, PY_1);
-		test_curve_multiplier(K_2, PX_2, PY_2);
-		test_curve_multiplier(K_3, PX_3, PY_3);
+		//test_curve_multiplier(K_1, PX_1, PY_1);
+		//test_curve_multiplier(K_2, PX_2, PY_2);
+		//test_curve_multiplier(K_3, PX_3, PY_3);
+		//test_curve_multiplier(K_4, PX_4, PY_4);
+		//test_curve_multiplier(K_5, PX_5, PY_5);
+		test_curve_multiplier(K_6, PX_6, PY_6);
 		
 			/* print result */
 		if (ok)	$display("tb_curve_multiplier_256: SUCCESS");
diff --git a/rtl/curve/rom/brom_p256_h_x.v b/rtl/curve/rom/brom_p256_h_x.v
index 0b69f77..1982690 100644
--- a/rtl/curve/rom/brom_p256_h_x.v
+++ b/rtl/curve/rom/brom_p256_h_x.v
@@ -54,14 +54,14 @@ module brom_p256_h_x
 	always @(posedge clk)
 		//
 		case (b_addr)
-			3'b000:	bram_reg_b <= 32'h4ece7ad0;
-			3'b001:	bram_reg_b <= 32'h16bd8d74;
-			3'b010:	bram_reg_b <= 32'ha42998be;
-			3'b011:	bram_reg_b <= 32'h11f904fe;
-			3'b100:	bram_reg_b <= 32'h38b77e1b;
-			3'b101:	bram_reg_b <= 32'h0e863235;
-			3'b110:	bram_reg_b <= 32'h3da77b71;
-			3'b111:	bram_reg_b <= 32'h29d05c19;
+			3'b000:	bram_reg_b <= 32'h47669978;
+			3'b001:	bram_reg_b <= 32'ha60b48fc;
+			3'b010:	bram_reg_b <= 32'h77f21b35;
+			3'b011:	bram_reg_b <= 32'hc08969e2;
+			3'b100:	bram_reg_b <= 32'h04b51ac3;
+			3'b101:	bram_reg_b <= 32'h8a523803;
+			3'b110:	bram_reg_b <= 32'h8d034f7e;
+			3'b111:	bram_reg_b <= 32'h7cf27b18;
 		endcase
 
 
diff --git a/rtl/curve/rom/brom_p256_h_y.v b/rtl/curve/rom/brom_p256_h_y.v
index 362fce6..f718d46 100644
--- a/rtl/curve/rom/brom_p256_h_y.v
+++ b/rtl/curve/rom/brom_p256_h_y.v
@@ -54,15 +54,15 @@ module brom_p256_h_y
 	always @(posedge clk)
 		//
 		case (b_addr)
-			3'b000:	bram_reg_b <= 32'hc840ae07;
-			3'b001:	bram_reg_b <= 32'h3449bf97;
-			3'b010:	bram_reg_b <= 32'h94cea131;
-			3'b011:	bram_reg_b <= 32'hd431cca9;
-			3'b100:	bram_reg_b <= 32'h83f061e9;
-			3'b101:	bram_reg_b <= 32'h711814b5;
-			3'b110:	bram_reg_b <= 32'h01e58065;
-			3'b111:	bram_reg_b <= 32'hb01cbd1c;
-		endcase
-
+			3'b000:	bram_reg_b <= 32'h227873d1;
+			3'b001:	bram_reg_b <= 32'h9e04b79d;
+			3'b010:	bram_reg_b <= 32'h3ce98229;
+			3'b011:	bram_reg_b <= 32'hba7dade6;
+			3'b100:	bram_reg_b <= 32'h9f7430db;
+			3'b101:	bram_reg_b <= 32'h293d9ac6;
+			3'b110:	bram_reg_b <= 32'hdb8ed040;
+			3'b111:	bram_reg_b <= 32'h07775510;
+		endcase
+		
 
 endmodule