| /* |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| */ |
| |
| /* Fixed Data in ROM - Field and Curve parameters */ |
| |
| var ROM={ |
| NLEN: 11, |
| BASEBITS: 24, |
| CHUNK: 32, |
| MODBYTES: 32, |
| MODINV: 0.000000059604644775390625, |
| |
| /* Field Type */ |
| NOT_SPECIAL: 0, |
| PSEUDO_MERSENNE: 1, |
| MONTGOMERY_FRIENDLY: 3, |
| |
| /* Curve Type */ |
| WEIERSTRASS: 0, |
| EDWARDS: 1, |
| MONTGOMERY: 2, |
| |
| USE_GLV: false, |
| USE_GS_G2: false, |
| USE_GS_GT: true, |
| GT_STRONG: false, |
| |
| /* Finite field support - for RSA, DH etc. */ |
| FF_BITS: 2048, /* Finite Field Size in bits - must be 256.2^n */ |
| |
| /*** Enter Some Field details here ***/ |
| /* C25519 */ |
| // MODBITS: 255, /* Number of bits in Modulus */ |
| // MOD8: 5, /* Modulus mod 8 */ |
| |
| /* NIST Curve */ |
| /* Brainpool */ |
| // MODBITS: 256, |
| // MOD8: 7, |
| |
| /* BN */ |
| MODBITS: 254, |
| MOD8: 3, |
| |
| /* MF254 */ |
| // MODBITS: 254, |
| // MOD8: 7, |
| |
| /* MS255 */ |
| //MODBITS: 255, |
| //MOD8: 3, |
| |
| /* MF256 */ |
| // MODBITS: 256, |
| // MOD8: 7, |
| |
| /* MS256 */ |
| //MODBITS: 256, |
| //MOD8: 3, |
| |
| /* ANSSI */ |
| // MODBITS: 256, |
| // MOD8: 3, |
| |
| |
| /* Specify Field here */ |
| |
| /* C25519 */ |
| // MODTYPE: 1, |
| // Modulus: [0xFFFFED,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x7FFF], |
| // MConst: 19, |
| |
| /* BNCX */ |
| MODTYPE:0, |
| Modulus: [0x1B55B3,0x23EF5C,0xE1BE66,0x18093E,0x3FD6EE,0x66D324,0x647A63,0xB0BDDF,0x702A0D,0x8,0x2400], |
| MConst:0x789E85, |
| |
| /* BN Curve */ |
| //MODTYPE:0, |
| //Modulus: [0x13,0x0,0x13A700,0x0,0x210000,0x861,0x800000,0xBA344D,0x1,0x648240,0x2523], |
| //MConst:0x9435E5, |
| |
| /* BNT Curve */ |
| //MODTYPE:0, |
| //Modulus: [0xB4A713,0xBBFEEE,0xBABE9D,0x14F464,0x8A5556,0xD5F06E,0x3696F8,0xFA0BAB,0x17014E,0x20DB65,0x2401], |
| //MConst:0x14C4E5, |
| |
| /* BNT2 */ |
| //MODTYPE:0, |
| //Modulus: [0x60A48B,0xDC2BB4,0x51E8B2,0x28F0D6,0xCF93E4,0xD00081,0xF3B89,0xB74E20,0xF5AAD,0x48241,0x2400], |
| //MConst:0x505CDD, |
| |
| /* NIST Modulus */ |
| // MODTYPE:0, |
| // Modulus: [0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x0,0x0,0x0,0x0,0x1,0xFFFF00,0xFFFF], |
| // MConst:0x1, |
| |
| /* MF254 Modulus */ |
| // MODTYPE:3, |
| // Modulus: [0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x3F80], |
| // MConst:0x3F81, |
| |
| /* MS255 Modulus */ |
| //MODTYPE:1, |
| //Modulus: [0xFFFD03,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x7FFF], |
| //MConst:0x2FD, |
| |
| /* MS256 Modulus */ |
| //MODTYPE:1, |
| //Modulus: [0xFFFF43,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFF], |
| //MConst:0xBD, |
| |
| /* MF256 Modulus */ |
| //MODTYPE:3, |
| //Modulus: [0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFA7], |
| //MConst:0xFFA8, |
| |
| /* Brainpool Modulus */ |
| // MODTYPE:0, |
| // Modulus: [0x6E5377,0x481D1F,0x282013,0xD52620,0x3BF623,0x8D726E,0x909D83,0x3E660A,0xEEA9BC,0x57DBA1,0xA9FB], |
| // MConst:0xFD89B9, |
| |
| /* ANSSI Modulus */ |
| // MODTYPE:0, |
| // Modulus: [0x6E9C03,0xF353D8,0x6DE8FC,0xABC8CA,0x61ADBC,0x435B39,0xE8CE42,0x10126D,0x3AD58F,0x178C0B,0xF1FD], |
| // MConst:0x4E1155, |
| |
| /* Specify Curve here */ |
| |
| /* ED25519 Edwards */ |
| // CURVETYPE: 1, |
| // CURVE_A : -1, |
| // CURVE_B : [0x5978A3,0x4DCA13,0xAB75EB,0x4141D8,0x700A4D,0xE89800,0x797779,0x8CC740,0x6FFE73,0x6CEE2B,0x5203], |
| // CURVE_Order: [0xF5D3ED,0x631A5C,0xD65812,0xA2F79C,0xDEF9DE,0x14,0x0,0x0,0x0,0x0,0x1000], |
| // CURVE_Gx: [0x25D51A,0x2D608F,0xB2C956,0x9525A7,0x2CC760,0xDC5C69,0x31FDD6,0xC0A4E2,0x6E53FE,0x36D3CD,0x2169], |
| // CURVE_Gy: [0x666658,0x666666,0x666666,0x666666,0x666666,0x666666,0x666666,0x666666,0x666666,0x666666,0x6666], |
| |
| /* Curve25519 */ |
| // CURVETYPE: 2, |
| // CURVE_A : 486662, |
| // CURVE_B : [0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| // CURVE_Order: [0xF5D3ED,0x631A5C,0xD65812,0xA2F79C,0xDEF9DE,0x14,0x0,0x0,0x0,0x0,0x1000], |
| // CURVE_Gx: [0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| // CURVE_Gy: [0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| |
| /* NIST Curve */ |
| // CURVETYPE:0, |
| // CURVE_A : -3, |
| // CURVE_B : [0xD2604B,0x3C3E27,0xF63BCE,0xCC53B0,0x1D06B0,0x86BC65,0x557698,0xB3EBBD,0x3A93E7,0x35D8AA,0x5AC6], |
| // CURVE_Order:[0x632551,0xCAC2FC,0x84F3B9,0xA7179E,0xE6FAAD,0xFFFFBC,0xFFFFFF,0xFFFFFF,0x0,0xFFFF00,0xFFFF], |
| // CURVE_Gx :[0x98C296,0x3945D8,0xA0F4A1,0x2DEB33,0x37D81,0x40F277,0xE563A4,0xF8BCE6,0x2C4247,0xD1F2E1,0x6B17], |
| // CURVE_Gy :[0xBF51F5,0x406837,0xCECBB6,0x6B315E,0xCE3357,0x9E162B,0x4A7C0F,0x8EE7EB,0x1A7F9B,0x42E2FE,0x4FE3], |
| |
| /* MF254 Modulus, Weierstrass Curve */ |
| //CURVETYPE:0, |
| //CURVE_A : -3, |
| //CURVE_B : [0xFFD08D,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x3F80], |
| //CURVE_Order:[0x8DF83F,0x19C4AF,0xC06FA4,0xDA375,0x818BEA,0xFFFFEB,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x3F80], |
| //CURVE_Gx :[0x2,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| //CURVE_Gy :[0xD4EBC,0xDF37F9,0x31AD65,0xF85119,0xB738E3,0x8AEBDF,0x75BD77,0x4AE15A,0x2E5601,0x3FD33B,0x140E], |
| |
| /* MF254 Modulus, Edwards Curve */ |
| //CURVETYPE:1, |
| //CURVE_A : -1, |
| //CURVE_B : [0x367B,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| //CURVE_Order:[0x6E98C7,0xD3FEC4,0xB0EAF3,0x8BD62F,0x95306C,0xFFFFEB,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x3FFFFF,0xFE0], |
| //CURVE_Gx :[0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| //CURVE_Gy :[0x2701E5,0xD0FDAF,0x187C52,0xE3212,0x329A84,0x3F4E36,0xD50236,0x951D00,0xA4C335,0xE690D6,0x19F0], |
| |
| |
| /* MF254 Modulus, Montgomery Curve */ |
| // CURVETYPE: 2, |
| // CURVE_A : -55790, |
| // CURVE_B : [0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| // CURVE_Order: [0x6E98C7,0xD3FEC4,0xB0EAF3,0x8BD62F,0x95306C,0xFFFFEB,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x3FFFFF,0xFE0], |
| // CURVE_Gx: [0x3,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| // CURVE_Gy: [0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| |
| /* MS255 Modulus, Weierstrass Curve */ |
| //CURVETYPE:0, |
| //CURVE_A : -3, |
| //CURVE_B : [0xFFAB46,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x7FFF], |
| //CURVE_Order:[0x594AEB,0xAC983C,0xDFAB8F,0x3AD2B3,0x4A3828,0xFFFF86,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x7FFF], |
| //CURVE_Gx :[0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| //CURVE_Gy :[0xCB44BA,0xFF6769,0xD1733,0xDDFDA6,0xB6C78C,0x7D177D,0xF9B2FF,0x921EBF,0xBA7833,0x6AC0ED,0x6F7A], |
| |
| /* MS255 Modulus, Edwards Curve */ |
| //CURVETYPE:1, |
| //CURVE_A : -1, |
| //CURVE_B : [0xEA97,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| //CURVE_Order:[0x36EB75,0xD1ED04,0x2EAC49,0xEDA683,0xF1A785,0xFFFFDC,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x1FFF], |
| //CURVE_Gx :[0x4,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| //CURVE_Gy :[0x8736A0,0x255BD0,0x45BA2A,0xED445A,0x914B8A,0x47E552,0xDD8E0C,0xEC254C,0x7BB545,0x78534A,0x26CB], |
| |
| /* MS255 Modulus, Montgomery Curve */ |
| // CURVETYPE: 2, |
| // CURVE_A : -240222, |
| // CURVE_B : [0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| // CURVE_Order: [0x36EB75,0xD1ED04,0x2EAC49,0xEDA683,0xF1A785,0xFFFFDC,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x1FFF], |
| // CURVE_Gx: [0x4,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| // CURVE_Gy: [0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| |
| /* MS256 Modulus, Weierstrass Curve */ |
| //CURVETYPE:0, |
| //CURVE_A : -3, |
| //CURVE_B : [0x25581,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| //CURVE_Order:[0x51A825,0x202947,0x6020AB,0xEA265C,0x3C8275,0xFFFFE4,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFF], |
| //CURVE_Gx :[0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| //CURVE_Gy :[0xB56C77,0x6306C2,0xC10BF4,0x75894E,0x2C2F93,0xDD6BD0,0x6CCEEE,0xFC82C9,0xE466D7,0x1853C1,0x696F], |
| |
| /* MS256 Modulus, Edwards Curve */ |
| //CURVETYPE:1, |
| //CURVE_A : -1, |
| //CURVE_B : [0x3BEE,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| //CURVE_Order:[0x22B4AD,0x4E6F11,0x64E5B8,0xD0A6BC,0x6AA55A,0xFFFFBE,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x3FFF], |
| //CURVE_Gx :[0xD,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| //CURVE_Gy :[0x1CADBA,0x6FB533,0x3F707F,0x824D30,0x2A6D63,0x46BFBE,0xB39FA0,0xA3D330,0x1276DB,0xB41E2A,0x7D0A], |
| |
| /* MS256 Modulus, Montgomery Curve */ |
| // CURVETYPE: 2, |
| // CURVE_A : -61370, |
| // CURVE_B : [0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| // CURVE_Order:[0x22B4AD,0x4E6F11,0x64E5B8,0xD0A6BC,0x6AA55A,0xFFFFBE,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x3FFF], |
| // CURVE_Gx: [0xb,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| // CURVE_Gy: [0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| |
| /* MF256 Modulus, Weierstrass Curve */ |
| //CURVETYPE:0, |
| //CURVE_A : -3, |
| //CURVE_B : [0x14E6A,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| //CURVE_Order:[0x9857EB,0xC5E1A7,0x4B9D10,0xE6E507,0x517513,0xFFFFFC,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFA7], |
| //CURVE_Gx :[0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| //CURVE_Gy :[0x724D2A,0x954C2B,0x661007,0x8D94DC,0x6947EB,0xAE2895,0x26123D,0x7BABBA,0x1808CE,0x7C87BE,0x2088], |
| |
| /* MF256 Modulus, Edwards Curve */ |
| //CURVETYPE:1, |
| //CURVE_A : -1, |
| //CURVE_B : [0x350A,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| //CURVE_Order:[0xEC7BAB,0x2EDED8,0xC966D9,0xB86733,0x54BBAF,0xFFFFB1,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x3FE9], |
| //CURVE_Gx :[0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| //CURVE_Gy :[0xF3C908,0xA722F2,0x8D7DEA,0x8DFEA6,0xC05E64,0x1AACA0,0xF3DB2C,0xEAEBEE,0xCC4D5A,0xD4F8F8,0xDAD8], |
| |
| /* MF256 Modulus, Montgomery Curve */ |
| // CURVETYPE: 2, |
| // CURVE_A : -54314, |
| // CURVE_B : [0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| // CURVE_Order:[0xEC7BAB,0x2EDED8,0xC966D9,0xB86733,0x54BBAF,0xFFFFB1,0xFFFFFF,0xFFFFFF,0xFFFFFF,0xFFFFFF,0x3FE9], |
| // CURVE_Gx: [0x8,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| // CURVE_Gy: [0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| |
| /* Brainpool */ |
| // CURVETYPE:0, |
| // CURVE_A : -3, |
| // CURVE_B : [0xE92B04,0x8101FE,0x256AE5,0xAF2F49,0x93EBC4,0x76B7BF,0x733D0B,0xFE66A7,0xD84EA4,0x61C430,0x662C], |
| // CURVE_Order:[0x4856A7,0xE8297,0xF7901E,0xB561A6,0x397AA3,0x8D718C,0x909D83,0x3E660A,0xEEA9BC,0x57DBA1,0xA9FB], |
| // CURVE_Gx :[0x1305F4,0x91562E,0x2B79A1,0x7AAFBC,0xA142C4,0x6149AF,0xB23A65,0x732213,0xCFE7B7,0xEB3CC1,0xA3E8], |
| // CURVE_Gy :[0x25C9BE,0xE8F35B,0x1DAB,0x39D027,0xBCB6DE,0x417E69,0xE14644,0x7F7B22,0x39C56D,0x6C8234,0x2D99], |
| |
| /* ANSSI */ |
| // CURVETYPE:0, |
| // CURVE_A : -3, |
| // CURVE_B : [0x7BB73F,0xED967B,0x803075,0xE4B1A1,0xEC0C9A,0xC00FDF,0x754A44,0xD4ABA,0x28A930,0x3FCA54,0xEE35], |
| // CURVE_Order:[0xD655E1,0xD459C6,0x941FFD,0x40D2BF,0xDC67E1,0x435B53,0xE8CE42,0x10126D,0x3AD58F,0x178C0B,0xF1FD], |
| // CURVE_Gx :[0x8F5CFF,0x7A2DD9,0x164C9,0xAF98B7,0x27D2DC,0x23958C,0x4749D4,0x31183D,0xC139EB,0xD4C356,0xB6B3], |
| // CURVE_Gy :[0x62CFB,0x5A1554,0xE18311,0xE8E4C9,0x1C307,0xEF8C27,0xF0F3EC,0x1F9271,0xB20491,0xE0F7C8,0x6142], |
| |
| |
| /* BNCX Curve */ |
| |
| CURVETYPE:0, |
| CURVE_A : 0, |
| CURVE_B : [0x2,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| CURVE_Order:[0xEB1F6D,0xC0A636,0xCEBE11,0xCC906,0x3FD6EE,0x66D2C4,0x647A63,0xB0BDDF,0x702A0D,0x8,0x2400], |
| CURVE_Bnx:[0xC012B1,0x3,0x4000], |
| CURVE_Cru:[0x235C97,0x931794,0x5631E0,0x71EF87,0xBDDF64,0x3F1440,0xCA8,0x480000], |
| CURVE_Fra:[0xC80EA3,0x83355,0x215BD9,0xF173F8,0x677326,0x189868,0x8AACA7,0xAFE18B,0x3A0164,0x82FA6,0x1359], |
| CURVE_Frb:[0x534710,0x1BBC06,0xC0628D,0x269546,0xD863C7,0x4E3ABB,0xD9CDBC,0xDC53,0x3628A9,0xF7D062,0x10A6], |
| CURVE_Pxa:[0xD2EC74,0x1CEEE4,0x26C085,0xA03E27,0x7C85BF,0x4BBB90,0xF5C3,0x358B25,0x53B256,0x2D2C70,0x1968], |
| CURVE_Pxb:[0x29CFE1,0x8E8B2E,0xF47A5,0xC209C3,0x1B97B0,0x9743F8,0x37A8E9,0xA011C9,0x19F64A,0xB9EC3E,0x1466], |
| CURVE_Pya:[0xBE09F,0xFCEBCF,0xB30CFB,0x847EC1,0x61B33D,0xE20963,0x157DAE,0xD81E22,0x332B8D,0xEDD972,0xA79], |
| CURVE_Pyb:[0x98EE9D,0x4B2288,0xEBED90,0x69D2ED,0x864EA5,0x3461C2,0x512D8D,0x35C6E4,0xC4C090,0xC39EC,0x616], |
| CURVE_Gx :[0x1B55B2,0x23EF5C,0xE1BE66,0x18093E,0x3FD6EE,0x66D324,0x647A63,0xB0BDDF,0x702A0D,0x8,0x2400], |
| CURVE_Gy :[0x1], |
| |
| // Arrays must be padded! |
| |
| CURVE_W:[[0x2FEB83,0x634916,0x120054,0xB4038,0x0,0x60,0x0,0x0,0x0,0x0,0x0],[0x802561,0x7,0x8000,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0]], |
| CURVE_SB:[[[0xB010E4,0x63491D,0x128054,0xB4038,0x0,0x60,0x0,0x0,0x0,0x0,0x0], |
| [0x802561,0x7,0x8000,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0]], |
| [[0x802561,0x7,0x8000,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| [0xBB33EA,0x5D5D20,0xBCBDBD,0x188CE,0x3FD6EE,0x66D264,0x647A63,0xB0BDDF,0x702A0D,0x8,0x2400]]], |
| CURVE_WB:[[0x7A84B0,0x211856,0xB0401C,0x3C012,0x0,0x20,0x0,0x0,0x0,0x0,0x0], |
| [0x220475,0xF995BE,0x9A36CD,0xA8CA7F,0x7E94ED,0x2A0DC0,0x870,0x300000,0x0,0x0,0x0], |
| [0xF10B93,0xFCCAE0,0xCD3B66,0xD4653F,0x3F4A76,0x1506E0,0x438,0x180000,0x0,0x0,0x0], |
| [0xFAAA11,0x21185D,0xB0C01C,0x3C012,0x0,0x20,0x0,0x0,0x0,0x0,0x0]], |
| CURVE_BB:[[[0x2B0CBD,0xC0A633,0xCE7E11,0xCC906,0x3FD6EE,0x66D2C4,0x647A63,0xB0BDDF,0x702A0D,0x8,0x2400], |
| [0x2B0CBC,0xC0A633,0xCE7E11,0xCC906,0x3FD6EE,0x66D2C4,0x647A63,0xB0BDDF,0x702A0D,0x8,0x2400], |
| [0x2B0CBC,0xC0A633,0xCE7E11,0xCC906,0x3FD6EE,0x66D2C4,0x647A63,0xB0BDDF,0x702A0D,0x8,0x2400], |
| [0x802562,0x7,0x8000,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0]], |
| [[0x802561,0x7,0x8000,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| [0x2B0CBC,0xC0A633,0xCE7E11,0xCC906,0x3FD6EE,0x66D2C4,0x647A63,0xB0BDDF,0x702A0D,0x8,0x2400], |
| [0x2B0CBD,0xC0A633,0xCE7E11,0xCC906,0x3FD6EE,0x66D2C4,0x647A63,0xB0BDDF,0x702A0D,0x8,0x2400], |
| [0x2B0CBC,0xC0A633,0xCE7E11,0xCC906,0x3FD6EE,0x66D2C4,0x647A63,0xB0BDDF,0x702A0D,0x8,0x2400]], |
| [[0x802562,0x7,0x8000,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| [0x802561,0x7,0x8000,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| [0x802561,0x7,0x8000,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| [0x802561,0x7,0x8000,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0]], |
| [[0xC012B2,0x3,0x4000,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| [0x4AC2,0xF,0x10000,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| [0x6AFA0A,0xC0A62F,0xCE3E11,0xCC906,0x3FD6EE,0x66D2C4,0x647A63,0xB0BDDF,0x702A0D,0x8,0x2400], |
| [0xC012B2,0x3,0x4000,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0]]], |
| |
| /* BNT Curve */ |
| /* |
| CURVETYPE:0, |
| CURVE_A : 0, |
| CURVE_B : [0x2,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| CURVE_Order:[0x30210D,0x777E8D,0x363A75,0x92B2CB,0x88D434,0xD5F00E,0x3696F8,0xFA0BAB,0x17014E,0x20DB65,0x2401], |
| CURVE_Bnx:[0x4081,0x806000,0x4000], |
| CURVE_Cru:[0x4FCD87,0x53D5AB,0x1FADEB,0xF2BAB1,0x4C82A5,0x4C976,0x476515,0x4801B1], |
| CURVE_Fra:[0xC80022,0xD14EAD,0xE359F5,0xD6FACC,0x6C4904,0x3211BE,0xF190A1,0x4F6509,0xBBC439,0xA292C9,0x1328], |
| CURVE_Frb:[0xECA6F1,0xEAB040,0xD764A7,0x3DF997,0x1E0C51,0xA3DEB0,0x450657,0xAAA6A1,0x5B3D15,0x7E489B,0x10D8], |
| CURVE_Pxa:[0x8E65BB,0x87E228,0x13BE89,0x1CAA63,0xCC00AD,0x548B7C,0x325041,0xBCC055,0xC1339E,0x3FCD04,0x1448], |
| CURVE_Pxb:[0xDBE2C0,0x888808,0x853A67,0xF81E34,0x957FE1,0x51B57B,0xA631A,0xDA3FC5,0x4EC302,0x46B338,0x87F], |
| CURVE_Pya:[0x20CA1D,0x2C47E0,0xF36C20,0x7E8399,0x4CB416,0x9F72C9,0xC6E543,0x4A2C69,0x2B0BD7,0xC29C10,0x14E8], |
| CURVE_Pyb:[0x6628F2,0x437C71,0xDC6BD8,0x67BCB7,0xA27E1,0x72681D,0xA82C75,0xEDEC18,0x454BD1,0xE2A462,0x17AF], |
| CURVE_Gx :[0xB4A712,0xBBFEEE,0xBABE9D,0x14F464,0x8A5556,0xD5F06E,0x3696F8,0xFA0BAB,0x17014E,0x20DB65,0x2401], |
| CURVE_Gy :[0x1], |
| CURVE_W:[[0x838403,0x430061,0x838426,0x824199,0x18121,0x60],[0x8101,0xC000,0x8001]], |
| CURVE_SB:[[[0x840504,0x43C061,0x840427,0x824199,0x18121,0x60],[0x8101,0xC000,0x8001]],[[0x8101,0xC000,0x8001],[0xAC9D0A,0x347E2B,0xB2B64F,0x107131,0x875313,0xD5EFAE,0x3696F8,0xFA0BAB,0x17014E,0x20DB65,0x2401]]], |
| CURVE_WB:[[0x80C080,0x406020,0x80C161,0x80C088,0x8060,0x20],[0x8C4A85,0x390408,0x6C36B5,0xA352DC,0xDEAD2F,0x58868E,0xDA4363,0x300120],[0x464583,0xDCB204,0x363B5A,0xD1A96E,0x6F5697,0xAC4347,0x6D21B1,0x180090],[0x814181,0x412020,0x814162,0x80C088,0x8060,0x20]], |
| CURVE_BB:[[[0x2FE08D,0xF71E8D,0x35FA74,0x92B2CB,0x88D434,0xD5F00E,0x3696F8,0xFA0BAB,0x17014E,0x20DB65,0x2401],[0x2FE08C,0xF71E8D,0x35FA74,0x92B2CB,0x88D434,0xD5F00E,0x3696F8,0xFA0BAB,0x17014E,0x20DB65,0x2401],[0x2FE08C,0xF71E8D,0x35FA74,0x92B2CB,0x88D434,0xD5F00E,0x3696F8,0xFA0BAB,0x17014E,0x20DB65,0x2401],[0x8102,0xC000,0x8001]],[[0x8101,0xC000,0x8001],[0x2FE08C,0xF71E8D,0x35FA74,0x92B2CB,0x88D434,0xD5F00E,0x3696F8,0xFA0BAB,0x17014E,0x20DB65,0x2401],[0x2FE08D,0xF71E8D,0x35FA74,0x92B2CB,0x88D434,0xD5F00E,0x3696F8,0xFA0BAB,0x17014E,0x20DB65,0x2401],[0x2FE08C,0xF71E8D,0x35FA74,0x92B2CB,0x88D434,0xD5F00E,0x3696F8,0xFA0BAB,0x17014E,0x20DB65,0x2401]],[[0x8102,0xC000,0x8001],[0x8101,0xC000,0x8001],[0x8101,0xC000,0x8001],[0x8101,0xC000,0x8001]],[[0x4082,0x806000,0x4000],[0x10202,0x18000,0x10002],[0x2FA00A,0x76BE8D,0x35BA74,0x92B2CB,0x88D434,0xD5F00E,0x3696F8,0xFA0BAB,0x17014E,0x20DB65,0x2401],[0x4082,0x806000,0x4000]]], |
| |
| */ |
| |
| /* BNT2 Curve */ |
| /* |
| CURVETYPE:0, |
| CURVE_A : 0, |
| CURVE_B : [0x2,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| CURVE_Order:[0xAA2BF5,0x71A511,0x33D7FB,0x27B738,0xCF8DE1,0xD00021,0xF3B89,0xB74E20,0xF5AAD,0x48241,0x2400], |
| CURVE_Bnx:[0x608205,0x20100,0x4000], |
| CURVE_Cru:[0x66BD33,0x274448,0xEFB50,0x301647,0x755B77,0xECF236,0xC3617B,0x480006], |
| CURVE_Fra:[0xAEF062,0x68C973,0xE492B2,0x33C3BC,0xBCC69B,0x7F195B,0xF67FA3,0xBD0A41,0xE8CAB6,0xB8D29,0x124E], |
| CURVE_Frb:[0xB1B429,0x736240,0x6D5600,0xF52D19,0x12CD48,0x50E726,0x18BBE6,0xFA43DE,0x268FF6,0xF8F517,0x11B1], |
| CURVE_Pxa:[0x40A3C8,0x92399F,0x784ACC,0xE96611,0x35CDA4,0x61706B,0x7B0569,0x8279D7,0x93C631,0x17CF96,0x16FC], |
| CURVE_Pxb:[0x549540,0x7A8AD8,0x61055,0xE6F651,0xDB6F7B,0xA95D17,0x565907,0x9C8188,0x597590,0xB500BD,0x1EB5], |
| CURVE_Pya:[0x220513,0xECC514,0x7B147B,0x860E73,0x844A78,0x35F126,0x51B839,0x9D4DFA,0x1422AA,0xE49876,0x1E8E], |
| CURVE_Pyb:[0x7CE78E,0x328F57,0x781FB9,0xE26FA5,0x7EB746,0x1FB8E2,0xA93DBC,0xA29D76,0xE33BDB,0xF4CDBA,0x23CE], |
| CURVE_Gx :[0x60A48A,0xDC2BB4,0x51E8B2,0x28F0D6,0xCF93E4,0xD00081,0xF3B89,0xB74E20,0xF5AAD,0x48241,0x2400], |
| CURVE_Gy :[0x1], |
| CURVE_W:[[0x347083,0x6282A1,0x1D10B7,0x1399E,0x603,0x60],[0xC10409,0x40200,0x8000]], |
| CURVE_SB:[[[0xF5748C,0x6684A1,0x1D90B7,0x1399E,0x603,0x60],[0xC10409,0x40200,0x8000]],[[0xC10409,0x40200,0x8000],[0x75BB72,0xF2270,0x16C744,0x267D9A,0xCF87DE,0xCFFFC1,0xF3B89,0xB74E20,0xF5AAD,0x48241,0x2400]]], |
| CURVE_WB:[[0x70A224,0x72D48A,0x94592,0x688A,0x201,0x20],[0x30EF19,0x572CF0,0x721D5A,0x763543,0xA39651,0x48A1B9,0x8240FD,0x300004],[0x48B88F,0x2C96F8,0xB92EAD,0xBB1AA1,0xD1CB28,0xA450DC,0x41207E,0x180002],[0x31A62D,0x76D68B,0x9C592,0x688A,0x201,0x20]], |
| CURVE_BB:[[[0x49A9F1,0x6FA411,0x3397FB,0x27B738,0xCF8DE1,0xD00021,0xF3B89,0xB74E20,0xF5AAD,0x48241,0x2400],[0x49A9F0,0x6FA411,0x3397FB,0x27B738,0xCF8DE1,0xD00021,0xF3B89,0xB74E20,0xF5AAD,0x48241,0x2400],[0x49A9F0,0x6FA411,0x3397FB,0x27B738,0xCF8DE1,0xD00021,0xF3B89,0xB74E20,0xF5AAD,0x48241,0x2400],[0xC1040A,0x40200,0x8000]],[[0xC10409,0x40200,0x8000],[0x49A9F0,0x6FA411,0x3397FB,0x27B738,0xCF8DE1,0xD00021,0xF3B89,0xB74E20,0xF5AAD,0x48241,0x2400],[0x49A9F1,0x6FA411,0x3397FB,0x27B738,0xCF8DE1,0xD00021,0xF3B89,0xB74E20,0xF5AAD,0x48241,0x2400],[0x49A9F0,0x6FA411,0x3397FB,0x27B738,0xCF8DE1,0xD00021,0xF3B89,0xB74E20,0xF5AAD,0x48241,0x2400]],[[0xC1040A,0x40200,0x8000],[0xC10409,0x40200,0x8000],[0xC10409,0x40200,0x8000],[0xC10409,0x40200,0x8000]],[[0x608206,0x20100,0x4000],[0x820812,0x80401,0x10000],[0xE927EA,0x6DA310,0x3357FB,0x27B738,0xCF8DE1,0xD00021,0xF3B89,0xB74E20,0xF5AAD,0x48241,0x2400],[0x608206,0x20100,0x4000]]], |
| */ |
| |
| /* BN Curve */ |
| /* |
| CURVETYPE:0, |
| CURVE_A : 0, |
| CURVE_B : [0x2,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0], |
| CURVE_Order:[0xD,0x0,0x10A100,0x0,0x9F8000,0x7FF,0x800000,0xBA344D,0x1,0x648240,0x2523], |
| CURVE_Bnx:[0x1,0x0,0x4080], |
| CURVE_Cru:[0x7,0x0,0x6CD80,0x0,0x90000,0x249,0x400000,0x49B362], |
| CURVE_Fra:[0x2A6DE9,0xE6C06F,0xC2E17D,0x4D3F77,0x97492,0x953F85,0x50A846,0xB6499B,0x2E7C8C,0x761921,0x1B37], |
| CURVE_Frb:[0xD5922A,0x193F90,0x50C582,0xB2C088,0x178B6D,0x6AC8DC,0x2F57B9,0x3EAB2,0xD18375,0xEE691E,0x9EB], |
| CURVE_Pxa:[0xFD0CB4,0x2C7935,0x7C2BAB,0xE4FCC5,0xA5E319,0x763B05,0x24F6DF,0x335FB7,0x5EA7EA,0x4D4F5,0x95B], |
| CURVE_Pxb:[0x962455,0x7D0790,0x5E38A0,0x3D27AA,0x6D86BE,0x47F39D,0x89E057,0x9D42BF,0x8347B4,0xD8A7C0,0x5D4], |
| CURVE_Pya:[0x8A46C,0xCE687A,0x91F9AD,0xE98A41,0x82B30,0xB1F169,0x4C3784,0xA16D1C,0xE5313F,0x2ABF25,0xABF], |
| CURVE_Pyb:[0xF306EC,0x88D405,0xA0E6DF,0x6ADD13,0x48207,0x9D6A5C,0x1E4781,0xB38627,0x79DABD,0x9A87E6,0x1876], |
| CURVE_Gx :[0x12,0x0,0x13A700,0x0,0x210000,0x861,0x800000,0xBA344D,0x1,0x648240,0x2523], |
| CURVE_Gy :[0x1], |
| CURVE_W:[[0x3,0x0,0x20400,0x0,0x818000,0x61],[0x1,0x0,0x8100]], |
| CURVE_SB:[[[0x4,0x0,0x28500,0x0,0x818000,0x61],[0x1,0x0,0x8100]],[[0x1,0x0,0x8100],[0xA,0x0,0xE9D00,0x0,0x1E0000,0x79E,0x800000,0xBA344D,0x1,0x648240,0x2523]]], |
| CURVE_WB:[[0x0,0x0,0x4080,0x0,0x808000,0x20],[0x5,0x0,0x54A80,0x0,0x70000,0x1C7,0x800000,0x312241],[0x3,0x0,0x2C580,0x0,0x838000,0xE3,0xC00000,0x189120],[0x1,0x0,0xC180,0x0,0x808000,0x20]], |
| CURVE_BB:[[[0xD,0x0,0x106080,0x0,0x9F8000,0x7FF,0x800000,0xBA344D,0x1,0x648240,0x2523],[0xC,0x0,0x106080,0x0,0x9F8000,0x7FF,0x800000,0xBA344D,0x1,0x648240,0x2523],[0xC,0x0,0x106080,0x0,0x9F8000,0x7FF,0x800000,0xBA344D,0x1,0x648240,0x2523],[0x2,0x0,0x8100]],[[0x1,0x0,0x8100],[0xC,0x0,0x106080,0x0,0x9F8000,0x7FF,0x800000,0xBA344D,0x1,0x648240,0x2523],[0xD,0x0,0x106080,0x0,0x9F8000,0x7FF,0x800000,0xBA344D,0x1,0x648240,0x2523],[0xC,0x0,0x106080,0x0,0x9F8000,0x7FF,0x800000,0xBA344D,0x1,0x648240,0x2523]],[[0x2,0x0,0x8100],[0x1,0x0,0x8100],[0x1,0x0,0x8100],[0x1,0x0,0x8100]],[[0x2,0x0,0x4080],[0x2,0x0,0x10200],[0xA,0x0,0x102000,0x0,0x9F8000,0x7FF,0x800000,0xBA344D,0x1,0x648240,0x2523],[0x2,0x0,0x4080]]], |
| |
| */ |
| |
| debug: false, |
| |
| // HASH constants |
| |
| H0:0x6A09E667, |
| H1:0xBB67AE85, |
| H2:0x3C6EF372, |
| H3:0xA54FF53A, |
| H4:0x510E527F, |
| H5:0x9B05688C, |
| H6:0x1F83D9AB, |
| H7:0x5BE0CD19, |
| |
| HK:[0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, |
| 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, |
| 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, |
| 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, |
| 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, |
| 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, |
| 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, |
| 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2], |
| |
| // AES constants |
| |
| ECB:0, |
| CBC:1, |
| CFB1:2, |
| CFB2:3, |
| CFB4:5, |
| OFB1:14, |
| OFB2:15, |
| OFB4:17, |
| OFB8:21, |
| OFB16:29, |
| |
| InCo:[0xB,0xD,0x9,0xE], /* Inverse Coefficients */ |
| rco:[1,2,4,8,16,32,64,128,27,54,108,216,171,77,154,47], |
| |
| ptab:[ |
| 1,3,5,15,17,51,85,255,26,46,114,150,161,248,19,53, |
| 95,225,56,72,216,115,149,164,247,2,6,10,30,34,102,170, |
| 229,52,92,228,55,89,235,38,106,190,217,112,144,171,230,49, |
| 83,245,4,12,20,60,68,204,79,209,104,184,211,110,178,205, |
| 76,212,103,169,224,59,77,215,98,166,241,8,24,40,120,136, |
| 131,158,185,208,107,189,220,127,129,152,179,206,73,219,118,154, |
| 181,196,87,249,16,48,80,240,11,29,39,105,187,214,97,163, |
| 254,25,43,125,135,146,173,236,47,113,147,174,233,32,96,160, |
| 251,22,58,78,210,109,183,194,93,231,50,86,250,21,63,65, |
| 195,94,226,61,71,201,64,192,91,237,44,116,156,191,218,117, |
| 159,186,213,100,172,239,42,126,130,157,188,223,122,142,137,128, |
| 155,182,193,88,232,35,101,175,234,37,111,177,200,67,197,84, |
| 252,31,33,99,165,244,7,9,27,45,119,153,176,203,70,202, |
| 69,207,74,222,121,139,134,145,168,227,62,66,198,81,243,14, |
| 18,54,90,238,41,123,141,140,143,138,133,148,167,242,13,23, |
| 57,75,221,124,132,151,162,253,28,36,108,180,199,82,246,1 |
| ], |
| ltab:[ |
| 0,255,25,1,50,2,26,198,75,199,27,104,51,238,223,3, |
| 100,4,224,14,52,141,129,239,76,113,8,200,248,105,28,193, |
| 125,194,29,181,249,185,39,106,77,228,166,114,154,201,9,120, |
| 101,47,138,5,33,15,225,36,18,240,130,69,53,147,218,142, |
| 150,143,219,189,54,208,206,148,19,92,210,241,64,70,131,56, |
| 102,221,253,48,191,6,139,98,179,37,226,152,34,136,145,16, |
| 126,110,72,195,163,182,30,66,58,107,40,84,250,133,61,186, |
| 43,121,10,21,155,159,94,202,78,212,172,229,243,115,167,87, |
| 175,88,168,80,244,234,214,116,79,174,233,213,231,230,173,232, |
| 44,215,117,122,235,22,11,245,89,203,95,176,156,169,81,160, |
| 127,12,246,111,23,196,73,236,216,67,31,45,164,118,123,183, |
| 204,187,62,90,251,96,177,134,59,82,161,108,170,85,41,157, |
| 151,178,135,144,97,190,220,252,188,149,207,205,55,63,91,209, |
| 83,57,132,60,65,162,109,71,20,42,158,93,86,242,211,171, |
| 68,17,146,217,35,32,46,137,180,124,184,38,119,153,227,165, |
| 103,74,237,222,197,49,254,24,13,99,140,128,192,247,112,7 |
| ], |
| fbsub:[ |
| 99,124,119,123,242,107,111,197,48,1,103,43,254,215,171,118, |
| 202,130,201,125,250,89,71,240,173,212,162,175,156,164,114,192, |
| 183,253,147,38,54,63,247,204,52,165,229,241,113,216,49,21, |
| 4,199,35,195,24,150,5,154,7,18,128,226,235,39,178,117, |
| 9,131,44,26,27,110,90,160,82,59,214,179,41,227,47,132, |
| 83,209,0,237,32,252,177,91,106,203,190,57,74,76,88,207, |
| 208,239,170,251,67,77,51,133,69,249,2,127,80,60,159,168, |
| 81,163,64,143,146,157,56,245,188,182,218,33,16,255,243,210, |
| 205,12,19,236,95,151,68,23,196,167,126,61,100,93,25,115, |
| 96,129,79,220,34,42,144,136,70,238,184,20,222,94,11,219, |
| 224,50,58,10,73,6,36,92,194,211,172,98,145,149,228,121, |
| 231,200,55,109,141,213,78,169,108,86,244,234,101,122,174,8, |
| 186,120,37,46,28,166,180,198,232,221,116,31,75,189,139,138, |
| 112,62,181,102,72,3,246,14,97,53,87,185,134,193,29,158, |
| 225,248,152,17,105,217,142,148,155,30,135,233,206,85,40,223, |
| 140,161,137,13,191,230,66,104,65,153,45,15,176,84,187,22 |
| ], |
| rbsub:[ |
| 82,9,106,213,48,54,165,56,191,64,163,158,129,243,215,251, |
| 124,227,57,130,155,47,255,135,52,142,67,68,196,222,233,203, |
| 84,123,148,50,166,194,35,61,238,76,149,11,66,250,195,78, |
| 8,46,161,102,40,217,36,178,118,91,162,73,109,139,209,37, |
| 114,248,246,100,134,104,152,22,212,164,92,204,93,101,182,146, |
| 108,112,72,80,253,237,185,218,94,21,70,87,167,141,157,132, |
| 144,216,171,0,140,188,211,10,247,228,88,5,184,179,69,6, |
| 208,44,30,143,202,63,15,2,193,175,189,3,1,19,138,107, |
| 58,145,17,65,79,103,220,234,151,242,207,206,240,180,230,115, |
| 150,172,116,34,231,173,53,133,226,249,55,232,28,117,223,110, |
| 71,241,26,113,29,41,197,137,111,183,98,14,170,24,190,27, |
| 252,86,62,75,198,210,121,32,154,219,192,254,120,205,90,244, |
| 31,221,168,51,136,7,199,49,177,18,16,89,39,128,236,95, |
| 96,81,127,169,25,181,74,13,45,229,122,159,147,201,156,239, |
| 160,224,59,77,174,42,245,176,200,235,187,60,131,83,153,97, |
| 23,43,4,126,186,119,214,38,225,105,20,99,85,33,12,125 |
| ], |
| ftable:[ |
| 0xa56363c6,0x847c7cf8,0x997777ee,0x8d7b7bf6,0xdf2f2ff,0xbd6b6bd6, |
| 0xb16f6fde,0x54c5c591,0x50303060,0x3010102,0xa96767ce,0x7d2b2b56, |
| 0x19fefee7,0x62d7d7b5,0xe6abab4d,0x9a7676ec,0x45caca8f,0x9d82821f, |
| 0x40c9c989,0x877d7dfa,0x15fafaef,0xeb5959b2,0xc947478e,0xbf0f0fb, |
| 0xecadad41,0x67d4d4b3,0xfda2a25f,0xeaafaf45,0xbf9c9c23,0xf7a4a453, |
| 0x967272e4,0x5bc0c09b,0xc2b7b775,0x1cfdfde1,0xae93933d,0x6a26264c, |
| 0x5a36366c,0x413f3f7e,0x2f7f7f5,0x4fcccc83,0x5c343468,0xf4a5a551, |
| 0x34e5e5d1,0x8f1f1f9,0x937171e2,0x73d8d8ab,0x53313162,0x3f15152a, |
| 0xc040408,0x52c7c795,0x65232346,0x5ec3c39d,0x28181830,0xa1969637, |
| 0xf05050a,0xb59a9a2f,0x907070e,0x36121224,0x9b80801b,0x3de2e2df, |
| 0x26ebebcd,0x6927274e,0xcdb2b27f,0x9f7575ea,0x1b090912,0x9e83831d, |
| 0x742c2c58,0x2e1a1a34,0x2d1b1b36,0xb26e6edc,0xee5a5ab4,0xfba0a05b, |
| 0xf65252a4,0x4d3b3b76,0x61d6d6b7,0xceb3b37d,0x7b292952,0x3ee3e3dd, |
| 0x712f2f5e,0x97848413,0xf55353a6,0x68d1d1b9,0x0,0x2cededc1, |
| 0x60202040,0x1ffcfce3,0xc8b1b179,0xed5b5bb6,0xbe6a6ad4,0x46cbcb8d, |
| 0xd9bebe67,0x4b393972,0xde4a4a94,0xd44c4c98,0xe85858b0,0x4acfcf85, |
| 0x6bd0d0bb,0x2aefefc5,0xe5aaaa4f,0x16fbfbed,0xc5434386,0xd74d4d9a, |
| 0x55333366,0x94858511,0xcf45458a,0x10f9f9e9,0x6020204,0x817f7ffe, |
| 0xf05050a0,0x443c3c78,0xba9f9f25,0xe3a8a84b,0xf35151a2,0xfea3a35d, |
| 0xc0404080,0x8a8f8f05,0xad92923f,0xbc9d9d21,0x48383870,0x4f5f5f1, |
| 0xdfbcbc63,0xc1b6b677,0x75dadaaf,0x63212142,0x30101020,0x1affffe5, |
| 0xef3f3fd,0x6dd2d2bf,0x4ccdcd81,0x140c0c18,0x35131326,0x2fececc3, |
| 0xe15f5fbe,0xa2979735,0xcc444488,0x3917172e,0x57c4c493,0xf2a7a755, |
| 0x827e7efc,0x473d3d7a,0xac6464c8,0xe75d5dba,0x2b191932,0x957373e6, |
| 0xa06060c0,0x98818119,0xd14f4f9e,0x7fdcdca3,0x66222244,0x7e2a2a54, |
| 0xab90903b,0x8388880b,0xca46468c,0x29eeeec7,0xd3b8b86b,0x3c141428, |
| 0x79dedea7,0xe25e5ebc,0x1d0b0b16,0x76dbdbad,0x3be0e0db,0x56323264, |
| 0x4e3a3a74,0x1e0a0a14,0xdb494992,0xa06060c,0x6c242448,0xe45c5cb8, |
| 0x5dc2c29f,0x6ed3d3bd,0xefacac43,0xa66262c4,0xa8919139,0xa4959531, |
| 0x37e4e4d3,0x8b7979f2,0x32e7e7d5,0x43c8c88b,0x5937376e,0xb76d6dda, |
| 0x8c8d8d01,0x64d5d5b1,0xd24e4e9c,0xe0a9a949,0xb46c6cd8,0xfa5656ac, |
| 0x7f4f4f3,0x25eaeacf,0xaf6565ca,0x8e7a7af4,0xe9aeae47,0x18080810, |
| 0xd5baba6f,0x887878f0,0x6f25254a,0x722e2e5c,0x241c1c38,0xf1a6a657, |
| 0xc7b4b473,0x51c6c697,0x23e8e8cb,0x7cdddda1,0x9c7474e8,0x211f1f3e, |
| 0xdd4b4b96,0xdcbdbd61,0x868b8b0d,0x858a8a0f,0x907070e0,0x423e3e7c, |
| 0xc4b5b571,0xaa6666cc,0xd8484890,0x5030306,0x1f6f6f7,0x120e0e1c, |
| 0xa36161c2,0x5f35356a,0xf95757ae,0xd0b9b969,0x91868617,0x58c1c199, |
| 0x271d1d3a,0xb99e9e27,0x38e1e1d9,0x13f8f8eb,0xb398982b,0x33111122, |
| 0xbb6969d2,0x70d9d9a9,0x898e8e07,0xa7949433,0xb69b9b2d,0x221e1e3c, |
| 0x92878715,0x20e9e9c9,0x49cece87,0xff5555aa,0x78282850,0x7adfdfa5, |
| 0x8f8c8c03,0xf8a1a159,0x80898909,0x170d0d1a,0xdabfbf65,0x31e6e6d7, |
| 0xc6424284,0xb86868d0,0xc3414182,0xb0999929,0x772d2d5a,0x110f0f1e, |
| 0xcbb0b07b,0xfc5454a8,0xd6bbbb6d,0x3a16162c |
| ], |
| rtable:[ |
| 0x50a7f451,0x5365417e,0xc3a4171a,0x965e273a,0xcb6bab3b,0xf1459d1f, |
| 0xab58faac,0x9303e34b,0x55fa3020,0xf66d76ad,0x9176cc88,0x254c02f5, |
| 0xfcd7e54f,0xd7cb2ac5,0x80443526,0x8fa362b5,0x495ab1de,0x671bba25, |
| 0x980eea45,0xe1c0fe5d,0x2752fc3,0x12f04c81,0xa397468d,0xc6f9d36b, |
| 0xe75f8f03,0x959c9215,0xeb7a6dbf,0xda595295,0x2d83bed4,0xd3217458, |
| 0x2969e049,0x44c8c98e,0x6a89c275,0x78798ef4,0x6b3e5899,0xdd71b927, |
| 0xb64fe1be,0x17ad88f0,0x66ac20c9,0xb43ace7d,0x184adf63,0x82311ae5, |
| 0x60335197,0x457f5362,0xe07764b1,0x84ae6bbb,0x1ca081fe,0x942b08f9, |
| 0x58684870,0x19fd458f,0x876cde94,0xb7f87b52,0x23d373ab,0xe2024b72, |
| 0x578f1fe3,0x2aab5566,0x728ebb2,0x3c2b52f,0x9a7bc586,0xa50837d3, |
| 0xf2872830,0xb2a5bf23,0xba6a0302,0x5c8216ed,0x2b1ccf8a,0x92b479a7, |
| 0xf0f207f3,0xa1e2694e,0xcdf4da65,0xd5be0506,0x1f6234d1,0x8afea6c4, |
| 0x9d532e34,0xa055f3a2,0x32e18a05,0x75ebf6a4,0x39ec830b,0xaaef6040, |
| 0x69f715e,0x51106ebd,0xf98a213e,0x3d06dd96,0xae053edd,0x46bde64d, |
| 0xb58d5491,0x55dc471,0x6fd40604,0xff155060,0x24fb9819,0x97e9bdd6, |
| 0xcc434089,0x779ed967,0xbd42e8b0,0x888b8907,0x385b19e7,0xdbeec879, |
| 0x470a7ca1,0xe90f427c,0xc91e84f8,0x0,0x83868009,0x48ed2b32, |
| 0xac70111e,0x4e725a6c,0xfbff0efd,0x5638850f,0x1ed5ae3d,0x27392d36, |
| 0x64d90f0a,0x21a65c68,0xd1545b9b,0x3a2e3624,0xb1670a0c,0xfe75793, |
| 0xd296eeb4,0x9e919b1b,0x4fc5c080,0xa220dc61,0x694b775a,0x161a121c, |
| 0xaba93e2,0xe52aa0c0,0x43e0223c,0x1d171b12,0xb0d090e,0xadc78bf2, |
| 0xb9a8b62d,0xc8a91e14,0x8519f157,0x4c0775af,0xbbdd99ee,0xfd607fa3, |
| 0x9f2601f7,0xbcf5725c,0xc53b6644,0x347efb5b,0x7629438b,0xdcc623cb, |
| 0x68fcedb6,0x63f1e4b8,0xcadc31d7,0x10856342,0x40229713,0x2011c684, |
| 0x7d244a85,0xf83dbbd2,0x1132f9ae,0x6da129c7,0x4b2f9e1d,0xf330b2dc, |
| 0xec52860d,0xd0e3c177,0x6c16b32b,0x99b970a9,0xfa489411,0x2264e947, |
| 0xc48cfca8,0x1a3ff0a0,0xd82c7d56,0xef903322,0xc74e4987,0xc1d138d9, |
| 0xfea2ca8c,0x360bd498,0xcf81f5a6,0x28de7aa5,0x268eb7da,0xa4bfad3f, |
| 0xe49d3a2c,0xd927850,0x9bcc5f6a,0x62467e54,0xc2138df6,0xe8b8d890, |
| 0x5ef7392e,0xf5afc382,0xbe805d9f,0x7c93d069,0xa92dd56f,0xb31225cf, |
| 0x3b99acc8,0xa77d1810,0x6e639ce8,0x7bbb3bdb,0x97826cd,0xf418596e, |
| 0x1b79aec,0xa89a4f83,0x656e95e6,0x7ee6ffaa,0x8cfbc21,0xe6e815ef, |
| 0xd99be7ba,0xce366f4a,0xd4099fea,0xd67cb029,0xafb2a431,0x31233f2a, |
| 0x3094a5c6,0xc066a235,0x37bc4e74,0xa6ca82fc,0xb0d090e0,0x15d8a733, |
| 0x4a9804f1,0xf7daec41,0xe50cd7f,0x2ff69117,0x8dd64d76,0x4db0ef43, |
| 0x544daacc,0xdf0496e4,0xe3b5d19e,0x1b886a4c,0xb81f2cc1,0x7f516546, |
| 0x4ea5e9d,0x5d358c01,0x737487fa,0x2e410bfb,0x5a1d67b3,0x52d2db92, |
| 0x335610e9,0x1347d66d,0x8c61d79a,0x7a0ca137,0x8e14f859,0x893c13eb, |
| 0xee27a9ce,0x35c961b7,0xede51ce1,0x3cb1477a,0x59dfd29c,0x3f73f255, |
| 0x79ce1418,0xbf37c773,0xeacdf753,0x5baafd5f,0x146f3ddf,0x86db4478, |
| 0x81f3afca,0x3ec468b9,0x2c342438,0x5f40a3c2,0x72c31d16,0xc25e2bc, |
| 0x8b493c28,0x41950dff,0x7101a839,0xdeb30c08,0x9ce4b4d8,0x90c15664, |
| 0x6184cb7b,0x70b632d5,0x745c6c48,0x4257b8d0 |
| ], |
| |
| // GCM constants |
| |
| GCM_ACCEPTING_HEADER:0, |
| GCM_ACCEPTING_CIPHER:1, |
| GCM_NOT_ACCEPTING_MORE:2, |
| GCM_FINISHED:3, |
| GCM_ENCRYPTING:0, |
| GCM_DECRYPTING:1 |
| |
| }; |
| |
| ROM.DNLEN=2*ROM.NLEN; |
| ROM.MASK=(1<<ROM.BASEBITS)-1; |
| |
| ROM.TBITS=ROM.MODBITS%ROM.BASEBITS; |
| ROM.OMASK=(-1)<<ROM.TBITS; |
| ROM.TMASK=(1<<ROM.TBITS)-1; |
| |
| ROM.NEXCESS=(1<<(ROM.CHUNK-ROM.BASEBITS-1)); // 2^(CHUNK-BASEBITS-1) |
| ROM.FEXCESS=(1<<(ROM.BASEBITS*ROM.NLEN-ROM.MODBITS)); // 2^(BASEBITS*NLEN-MODBITS) |
| |
| ROM.FFLEN=(ROM.FF_BITS/256); |
| ROM.HFLEN=(ROM.FFLEN/2); /* Useful for half-size RSA private key operations */ |
