#define ED25519_HEADER_FILE

/ Copyright (c) 2018-2020 Silex Insight sa Copyright (c) 2018-2020 Beerten Engineering scs SPDX-License-Identifier: BSD-3-Clause

#define SX_ED25519_PT_SZ 32

#define SX_ED25519_DGST_SZ (32 2)

@addtogroup SX_PK_ED25519

@{

typedef int (FUNC_SX_ED25519_PTMULT)(struct sx_pk_cnx cnx, const struct sx_ed25519_dgst r, struct sx_ed25519_pt pt);
#define SX_ED25519_PTMULT ((FUNC_SX_ED25519_PTMULT)((uint32_t )(API_TABLE_BASE_ADDRESS + ATO_SX_ED25519_PTMULT)))

Compute R = r G, where r is a scalar which can be up to twice the size of the other operands. G is the generator point for the curve. The point R is encoded in pt.

When computing the public key, the scalar 'r' is the secret scalar based on the clamped hash digest of the private key.

cnx Connection structure obtained through SX_PK_OPEN() at startup

r Secret scalar based on the clamped hash digest of the private key

pt Encoded resulting R point @return ::SX_OK @return ::SX_ERR_INVALID_PARAM @return ::SX_ERR_UNKNOWN_ERROR @return ::SX_ERR_BUSY @return ::SX_ERR_NOT_IMPLEMENTED @return ::SX_ERR_OPERAND_TOO_LARGE @return ::SX_ERR_PLATFORM_ERROR @return ::SX_ERR_EXPIRED @see SX_ASYNC_ED25519_PTMULT_GO() and SX_ASYNC_ED25519_PTMULT_END() for an asynchronous version

typedef struct sx_pk_dreq (FUNC_SX_ASYNC_ED25519_PTMULT_GO)(struct sx_pk_cnx cnx, const struct sx_ed25519_dgst r);
#define SX_ASYNC_ED25519_PTMULT_GO ((FUNC_SX_ASYNC_ED25519_PTMULT_GO)((uint32_t )(API_TABLE_BASE_ADDRESS + ATO_SX_ASYNC_ED25519_PTMULT_GO)))

Start an EDDSA point multiplication on the accelerator and return immediately.

@remark When the operation finishes on the accelerator, call SX_ASYNC_ED25519_PTMULT_END()

cnx Connection structure obtained through SX_PK_OPEN() at startup

r Secret scalar based on the clamped hash digest of the private key @return Acquired acceleration request for this operation @see SX_ASYNC_ED25519_PTMULT_END() and SX_ED25519_PTMULT()

typedef void (FUNC_SX_ASYNC_ED25519_PTMULT_END)(sx_pk_accel req, struct sx_ed25519_pt pt);
#define SX_ASYNC_ED25519_PTMULT_END ((FUNC_SX_ASYNC_ED25519_PTMULT_END)((uint32_t )(API_TABLE_BASE_ADDRESS + ATO_SX_ASYNC_ED25519_PTMULT_END)))

Get the output operands of the EDDSA point multiplication and release the reserved resources.

@pre The operation on the accelerator must be finished before calling this function.

req The previously acquired acceleration request for this operation

pt Encoded resulting R point @see SX_ASYNC_ED25519_PTMULT_GO() and SX_ED25519_PTMULT()

typedef int (FUNC_SX_ED25519_SIGN)(struct sx_pk_cnx cnx, const struct sx_ed25519_dgst k, const struct sx_ed25519_dgst r, const struct sx_ed25519_v s, struct sx_ed25519_v sig_s);
#define SX_ED25519_SIGN ((FUNC_SX_ED25519_SIGN)((uint32_t )(API_TABLE_BASE_ADDRESS + ATO_SX_ED25519_SIGN)))

This represents the second step in computing an EDDSA signature.

This step computes sig_s : sig_s = (r + k s) % l

cnx Connection structure obtained through SX_PK_OPEN() at startup

k Hash of the encoded point R, the public key and the message. It is interpreted as a scalar with a size double of other operands

r Secret nonce already used in the first signature step

s Secret scalar derived from the private key

sig_s Second part of the EDDSA signature @return ::SX_OK @return ::SX_ERR_INVALID_PARAM @return ::SX_ERR_UNKNOWN_ERROR @return ::SX_ERR_BUSY @return ::SX_ERR_NOT_IMPLEMENTED @return ::SX_ERR_OPERAND_TOO_LARGE @return ::SX_ERR_PLATFORM_ERROR @return ::SX_ERR_EXPIRED @see sx_async_ed25519_sign_go() and SX_ASYNC_ED25519_SIGN_END() for an asynchronous version

typedef struct sx_pk_dreq (FUNC_SX_PK_ASYNC_ED25519_SIGN_GO)(struct sx_pk_cnx cnx, const struct sx_ed25519_dgst k, const struct sx_ed25519_dgst r, const struct sx_ed25519_v s);
#define SX_PK_ASYNC_ED25519_SIGN_GO ((FUNC_SX_PK_ASYNC_ED25519_SIGN_GO)((uint32_t )(API_TABLE_BASE_ADDRESS + ATO_SX_PK_ASYNC_ED25519_SIGN_GO)))

Start an ED25519 signature generation on the accelerator and return immediately.

@remark When the operation finishes on the accelerator, call SX_ASYNC_ED25519_SIGN_END()

cnx Connection structure obtained through SX_PK_OPEN() at startup

k Hash of the encoded point R, the public key and the message. It is interpreted as a scalar with a size double of other operands

r Secret nonce already used in the first signature step

s Secret scalar derived from the private key @return Acquired acceleration request for this operation @see SX_ED25519_SIGN() and SX_ASYNC_ED25519_SIGN_END()

typedef void (FUNC_SX_ASYNC_ED25519_SIGN_END)(sx_pk_accel req, struct sx_ed25519_v sig_s);
#define SX_ASYNC_ED25519_SIGN_END ((FUNC_SX_ASYNC_ED25519_SIGN_END)((uint32_t )(API_TABLE_BASE_ADDRESS + ATO_SX_ASYNC_ED25519_SIGN_END)))

Get the output operands of the ED25519 signature generation and release the reserved resources.

@pre The operation on the accelerator must be finished before calling this function.

req The previously acquired acceleration request for this operation

sig_s Second part of the ED25519 signature @see SX_PK_ASYNC_ED25519_SIGN_GO() and SX_ED25519_SIGN()

typedef int (FUNC_SX_ED25519_VERIFY)(struct sx_pk_cnx cnx, const struct sx_ed25519_dgst k, const struct sx_ed25519_pt a, const struct sx_ed25519_v sig_s, const struct sx_ed25519_pt r);
#define SX_ED25519_VERIFY ((FUNC_SX_ED25519_VERIFY)((uint32_t )(API_TABLE_BASE_ADDRESS + ATO_SX_ED25519_VERIFY)))

It checks if sig_s G - k A matches R.

sig_s and the encoded point R form the signature. The points A and R are passed in their encoded form via 'a' and 'r'.

cnx Connection structure obtained through SX_PK_OPEN() at startup

k Hash of the encoded point R, the public key and the message. It is interpreted as a scalar with a size double of other operands

a Encoded public key

sig_s Second part of the signature

r Encoded first part of the signature @return ::SX_OK @return ::SX_ERR_OUT_OF_RANGE @return ::SX_ERR_POINT_NOT_ON_CURVE @return ::SX_ERR_INVALID_SIGNATURE @return ::SX_ERR_INVALID_PARAM @return ::SX_ERR_UNKNOWN_ERROR @return ::SX_ERR_BUSY @return ::SX_ERR_NOT_IMPLEMENTED @return ::SX_ERR_OPERAND_TOO_LARGE @return ::SX_ERR_PLATFORM_ERROR @return ::SX_ERR_EXPIRED @see SX_ASYNC_ED25519_VERIFY_GO() for an asynchronous version

typedef struct sx_pk_dreq (FUNC_SX_ASYNC_ED25519_VERIFY_GO)(struct sx_pk_cnx cnx, const struct sx_ed25519_dgst k, const struct sx_ed25519_pt a, const struct sx_ed25519_v sig_s, const struct sx_ed25519_pt r);
#define SX_ASYNC_ED25519_VERIFY_GO ((FUNC_SX_ASYNC_ED25519_VERIFY_GO)((uint32_t )(API_TABLE_BASE_ADDRESS + ATO_SX_ASYNC_ED25519_VERIFY_GO)))

Start an ED25519 signature generation on the accelerator and return immediately.

@remark When the operation finishes on the accelerator, call SX_PK_RELEASE_REQ()

cnx Connection structure obtained through SX_PK_OPEN() at startup

k Hash of the encoded point R, the public key and the message. It is interpreted as a scalar with a size double of other operands

a Encoded public key

sig_s Second part of the signature

r Encoded first part of the signature @return Acquired acceleration request for this operation @see SX_ED25519_VERIFY()

}