Detailed Description

EdDSA driver implementation for the CC26X2 family.

===========================================================================

This file should only be included in the board file to fill the EDDSA_config struct.

Hardware and Implementation Details

The CC26X2 family has a dedicated public key accelerator. It is capable of multiple mathematical operations including dedicated ECC point addition, doubling, and scalar multiplication. Only one operation can be carried out on the accelerator at a time. Mutual exclusion is implemented at the driver level and coordinated between all drivers relying on the accelerator. It is transparent to the application and only noted ensure sensible access timeouts are set.

The large number maths engine (LNME) uses a dedicated 2kB block of RAM (PKA RAM) for its operations. The operands of the maths operations must be copied into and results out of the PKA RAM. This necessitates a significant number of reads and writes for each operation. The bus interface to the RAM only allows for word-aligned reads and writes. The CPU splits the reads and writes from and to general SRAM from unaligned addresses into multiple bus operations while accumulating the data in a register until it is full. The result of this hardware process is that providing buffers such as plaintext CryptoKey keying material to ECC APIs that are word-aligned will significantly speed up the operation and reduce power consumption.

The driver implementation does not perform runtime checks for most input parameters. Only values that are likely to have a stochastic element to them are checked (such as whether a driver is already open). Higher input parameter validation coverage is achieved by turning on assertions when compiling the driver.

Supported Curve Types

The driver implementation supports the following curves for EdDSA:

Curve	Supported
Ed25519	Yes
Ed448	No

Public Key Validation

When performing signature verification, the foreign public key will always be validated by performing a public key decompression followed by verifying that the point is on the Edwards curve.

#include <ti/drivers/EDDSA.h>
#include <ti/drivers/SHA2.h>
#include <ti/drivers/sha2/SHA2CC26X2.h>

Include dependency graph for EDDSACC26X2.h:

Go to the source code of this file.

Data Structures
struct	EDDSACC26X2_HWAttrs
	EDDSACC26X2 Hardware Attributes. More...

struct	EDDSACC26X2_Workspace
	EDDSACC26X2 Workspace. More...

struct	EDDSACC26X2_Object
	EDDSACC26X2 Object. More...

Macros
#define	EDDSACC26X2_STATUS_FSM_RUN_PKA_OP EDDSA_STATUS_RESERVED - 0

#define	EDDSACC26X2_STATUS_FSM_RUN_FSM EDDSA_STATUS_RESERVED - 1

#define	EDDSACC26X2_PKA_OPERATION_STARTED (0xFFFFFFFFUL)

#define	ED25519_LENGTH 32

Typedefs
typedef int_fast16_t(*	EDDSACC26X2_stateMachineFxn) (EDDSA_Handle handle)
	EDDSACC26X2 state machine function prototype. More...

Enumerations
enum	EDDSACC26X2_FsmState { EDDSACC26X2_FSM_ERROR, EDDSACC26X2_FSM_GEN_PUB_KEY_HASH_PRIVATE_KEY, EDDSACC26X2_FSM_GEN_PUB_KEY_MULT_PRIV_KEY_BY_GENER_WEIER, EDDSACC26X2_FSM_GEN_PUB_KEY_MULT_PRIV_KEY_BY_GENER_WEIER_RESULT, EDDSACC26X2_FSM_GEN_PUB_KEY_CONVERT_WEI_TO_ED, EDDSACC26X2_FSM_GEN_PUB_KEY_ENCODE_PUBLIC_KEY, EDDSACC26X2_FSM_SIGN1_HASH_PRIVATE_KEY, EDDSACC26X2_FSM_SIGN1_HASH_UPPER_SECRET_KEY, EDDSACC26X2_FSM_SIGN1_HASH_MESSAGE1, EDDSACC26X2_FSM_SIGN1_HASH_MESSAGE2, EDDSACC26X2_FSM_SIGN1_HASH_FINALIZE, EDDSACC26X2_FSM_SIGN2_MOD_SECRET_HASH, EDDSACC26X2_FSM_SIGN2_MOD_SECRET_HASH_RESULT, EDDSACC26X2_FSM_SIGN2_MULT_SECRET_HASH_BY_GENERATOR_WEIER, EDDSACC26X2_FSM_SIGN2_MULT_SECRET_HASH_BY_GENERATOR_WEIER_RESULT, EDDSACC26X2_FSM_SIGN2_CONVERT_WEI_TO_ED, EDDSACC26X2_FSM_SIGN2_ENCODE_PUBLIC_KEY, EDDSACC26X2_FSM_SIGN3_HASH_SIG_R, EDDSACC26X2_FSM_SIGN3_HASH_PUBLIC_KEY, EDDSACC26X2_FSM_SIGN3_HASH_MESSAGE1, EDDSACC26X2_FSM_SIGN3_HASH_MESSAGE2, EDDSACC26X2_FSM_SIGN3_HASH_FINALIZE, EDDSACC26X2_FSM_SIGN4_MULT_SIG_HASH_BY_SECRET_KEY, EDDSACC26X2_FSM_SIGN4_MULT_SIG_HASH_BY_SECRET_KEY_RESULT, EDDSACC26X2_FSM_SIGN4_ADD_SECRET_HASH_TO_MULT, EDDSACC26X2_FSM_SIGN4_ADD_SECRET_HASH_TO_MULT_RESULT, EDDSACC26X2_FSM_SIGN4_MOD_S, EDDSACC26X2_FSM_SIGN4_MOD_S_RESULT, EDDSACC26X2_FSM_VERIFY1_HASH_SIG_R, EDDSACC26X2_FSM_VERIFY1_HASH_PUBLIC_KEY, EDDSACC26X2_FSM_VERIFY1_HASH_MESSAGE1, EDDSACC26X2_FSM_VERIFY1_HASH_MESSAGE2, EDDSACC26X2_FSM_VERIFY1_HASH_FINALIZE, EDDSACC26X2_FSM_VERIFY1_S_IN_RANGE, EDDSACC26X2_FSM_VERIFY1_A_IS_NOT_POINT_AT_INFINITY, EDDSACC26X2_FSM_VERIFY1_MULT_Y_BY_Y, EDDSACC26X2_FSM_VERIFY1_MULT_Y_BY_Y_RESULT, EDDSACC26X2_FSM_VERIFY1_MOD_Y2, EDDSACC26X2_FSM_VERIFY1_MOD_Y2_RESULT, EDDSACC26X2_FSM_VERIFY1_SUBTRACT_ONE_FROM_Y2, EDDSACC26X2_FSM_VERIFY1_SUBTRACT_ONE_FROM_Y2_RESULT, EDDSACC26X2_FSM_VERIFY1_MULT_D_BY_Y2, EDDSACC26X2_FSM_VERIFY1_MULT_D_BY_Y2_RESULT, EDDSACC26X2_FSM_VERIFY1_MOD_D_Y2, EDDSACC26X2_FSM_VERIFY1_MOD_D_Y2_RESULT, EDDSACC26X2_FSM_VERIFY1_ADD_ONE_TO_D_Y2, EDDSACC26X2_FSM_VERIFY1_ADD_ONE_TO_D_Y2_RESULT, EDDSACC26X2_FSM_VERIFY1_MULT_V_BY_V, EDDSACC26X2_FSM_VERIFY1_MULT_V_BY_V_RESULT, EDDSACC26X2_FSM_VERIFY1_MOD_V2, EDDSACC26X2_FSM_VERIFY1_MOD_V2_RESULT, EDDSACC26X2_FSM_VERIFY1_MULT_V2_BY_V, EDDSACC26X2_FSM_VERIFY1_MULT_V2_BY_V_RESULT, EDDSACC26X2_FSM_VERIFY1_MOD_V3, EDDSACC26X2_FSM_VERIFY1_MOD_V3_RESULT, EDDSACC26X2_FSM_VERIFY1_MULT_V3_BY_U, EDDSACC26X2_FSM_VERIFY1_MULT_V3_BY_U_RESULT, EDDSACC26X2_FSM_VERIFY1_MOD_U_V3, EDDSACC26X2_FSM_VERIFY1_MOD_U_V3_RESULT, EDDSACC26X2_FSM_VERIFY1_MULT_U_V3_BY_V3, EDDSACC26X2_FSM_VERIFY1_MULT_U_V3_BY_V3_RESULT, EDDSACC26X2_FSM_VERIFY1_MOD_U_V6, EDDSACC26X2_FSM_VERIFY1_MOD_U_V6_RESULT, EDDSACC26X2_FSM_VERIFY1_MULT_U_V6_BY_V, EDDSACC26X2_FSM_VERIFY1_MULT_U_V6_BY_V_RESULT, EDDSACC26X2_FSM_VERIFY1_MOD_U_V7, EDDSACC26X2_FSM_VERIFY1_MOD_U_V7_RESULT, EDDSACC26X2_FSM_VERIFY1_EXP_U_V7, EDDSACC26X2_FSM_VERIFY1_EXP_U_V7_RESULT, EDDSACC26X2_FSM_VERIFY1_MULT_U_V3_BY_EXP, EDDSACC26X2_FSM_VERIFY1_MULT_U_V3_BY_EXP_RESULT, EDDSACC26X2_FSM_VERIFY1_MOD_CANDIDATE_X, EDDSACC26X2_FSM_VERIFY1_MOD_CANDIDATE_X_RESULT, EDDSACC26X2_FSM_VERIFY1_MULT_X_BY_X, EDDSACC26X2_FSM_VERIFY1_MULT_X_BY_X_RESULT, EDDSACC26X2_FSM_VERIFY1_MOD_X2, EDDSACC26X2_FSM_VERIFY1_MOD_X2_RESULT, EDDSACC26X2_FSM_VERIFY1_MULT_X2_BY_V, EDDSACC26X2_FSM_VERIFY1_MULT_X2_BY_V_RESULT, EDDSACC26X2_FSM_VERIFY1_MOD_V_X2, EDDSACC26X2_FSM_VERIFY1_MOD_V_X2_RESULT, EDDSACC26X2_FSM_VERIFY1_MOD_U, EDDSACC26X2_FSM_VERIFY1_MOD_U_RESULT, EDDSACC26X2_FSM_VERIFY1_NEGATE_U, EDDSACC26X2_FSM_VERIFY1_NEGATE_U_RESULT, EDDSACC26X2_FSM_VERIFY1_CHECK_SQUARE_ROOT, EDDSACC26X2_FSM_VERIFY2_ADD_ONE_TO_P, EDDSACC26X2_FSM_VERIFY2_ADD_ONE_TO_P_RESULT, EDDSACC26X2_FSM_VERIFY2_SUBTRACT_Y_FROM_P_PLUS_ONE, EDDSACC26X2_FSM_VERIFY2_SUBTRACT_Y_FROM_P_PLUS_ONE_RESULT, EDDSACC26X2_FSM_VERIFY2_MULT_ONE_MINUS_Y_BY_X, EDDSACC26X2_FSM_VERIFY2_MULT_ONE_MINUS_Y_BY_X_RESULT, EDDSACC26X2_FSM_VERIFY2_MOD_ONE_MINUS_Y_X, EDDSACC26X2_FSM_VERIFY2_MOD_ONE_MINUS_Y_X_RESULT, EDDSACC26X2_FSM_VERIFY2_INVERSION, EDDSACC26X2_FSM_VERIFY2_INVERSION_RESULT, EDDSACC26X2_FSM_VERIFY2_MULT_INVERSE_BY_X, EDDSACC26X2_FSM_VERIFY2_MULT_INVERSE_BY_X_RESULT, EDDSACC26X2_FSM_VERIFY2_MOD_ONE_MINUS_Y_INV, EDDSACC26X2_FSM_VERIFY2_MOD_ONE_MINUS_Y_INV_RESULT, EDDSACC26X2_FSM_VERIFY2_MULT_INVERSE_BY_ONE_MINUS_Y, EDDSACC26X2_FSM_VERIFY2_MULT_INVERSE_BY_ONE_MINUS_Y_RESULT, EDDSACC26X2_FSM_VERIFY2_MOD_X_INV, EDDSACC26X2_FSM_VERIFY2_MOD_X_INV_RESULT, EDDSACC26X2_FSM_VERIFY2_ADD_ONE_TO_Y, EDDSACC26X2_FSM_VERIFY2_ADD_ONE_TO_Y_RESULT, EDDSACC26X2_FSM_VERIFY2_MULT_ONE_MINUS_Y_INV_BY_ONE_PLUS_Y, EDDSACC26X2_FSM_VERIFY2_MULT_ONE_MINUS_Y_INV_BY_ONE_PLUS_Y_RESULT, EDDSACC26X2_FSM_VERIFY2_MOD_UM, EDDSACC26X2_FSM_VERIFY2_MOD_UM_RESULT, EDDSACC26X2_FSM_VERIFY2_MULT_UM_BY_X_INV, EDDSACC26X2_FSM_VERIFY2_MULT_UM_BY_X_INV_RESULT, EDDSACC26X2_FSM_VERIFY2_MOD_UM_X_INV, EDDSACC26X2_FSM_VERIFY2_MOD_UM_X_INV_RESULT, EDDSACC26X2_FSM_VERIFY2_ADD_CONST_TO_UM, EDDSACC26X2_FSM_VERIFY2_ADD_CONST_TO_UM_RESULT, EDDSACC26X2_FSM_VERIFY2_MOD_WEIERX, EDDSACC26X2_FSM_VERIFY2_MOD_WEIERX_RESULT, EDDSACC26X2_FSM_VERIFY2_MULT_UM_X_INV_BY_CONST, EDDSACC26X2_FSM_VERIFY2_MULT_UM_X_INV_BY_CONST_RESULT, EDDSACC26X2_FSM_VERIFY2_MOD_WEIERY, EDDSACC26X2_FSM_VERIFY2_MOD_WEIERY_RESULT, EDDSACC26X2_FSM_VERIFY2_MOD_SIG_DIGEST, EDDSACC26X2_FSM_VERIFY2_MOD_SIG_DIGEST_RESULT, EDDSACC26X2_FSM_VERIFY2_NEGATE_SIG_DIGEST, EDDSACC26X2_FSM_VERIFY2_NEGATE_SIG_DIGEST_RESULT, EDDSACC26X2_FSM_VERIFY2_MULT_PUBLIC_KEY_BY_NEG_SIG_DIGEST, EDDSACC26X2_FSM_VERIFY2_MULT_PUBLIC_KEY_BY_NEG_SIG_DIGEST_RESULT, EDDSACC26X2_FSM_VERIFY2_MULT_BASE_POINT_BY_S, EDDSACC26X2_FSM_VERIFY2_MULT_BASE_POINT_BY_S_RESULT, EDDSACC26X2_FSM_VERIFY2_ADD_POINTS, EDDSACC26X2_FSM_VERIFY2_ADD_POINTS_RESULT, EDDSACC26X2_FSM_VERIFY2_CONVERT_WEI_TO_ED, EDDSACC26X2_FSM_VERIFY2_COMPARE_RESULT_R }
	EDDSACC26X2 KeyGen, Sign, and Verify states. More...

enum	EDDSACC26X2_FsmSubState { EDDSACC26X2_SUBFSM_WEI_TO_MONT_ADDITION, EDDSACC26X2_SUBFSM_WEI_TO_MONT_ADDITION_RESULT, EDDSACC26X2_SUBFSM_MONT_TO_ED_ADD_ONE, EDDSACC26X2_SUBFSM_MONT_TO_ED_ADD_ONE_RESULT, EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_V, EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_V_RESULT, EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_MULT_V, EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_MULT_V_RESULT, EDDSACC26X2_SUBFSM_MONT_TO_ED_INVERSION, EDDSACC26X2_SUBFSM_MONT_TO_ED_INVERSION_RESULT, EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_INVERSE1, EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_INVERSE1_RESULT, EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_INVERSE2, EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_INVERSE2_RESULT, EDDSACC26X2_SUBFSM_MONT_TO_ED_SUB_ONE, EDDSACC26X2_SUBFSM_MONT_TO_ED_SUB_ONE_RESULT, EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_SUB, EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_SUB_RESULT, EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_RETRIEVE_Y, EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_RETRIEVE_Y_RESULT, EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_Y, EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_Y_RESULT, EDDSACC26X2_SUBFSM_MONT_TO_ED_U_MULT_ISO_CONST, EDDSACC26X2_SUBFSM_MONT_TO_ED_U_MULT_ISO_CONST_RESULT, EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_V_INVERSE, EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_V_INVERSE_RESULT, EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_X, EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_X_RESULT }
	EDDSACC26X2 Weierstrass to Edwards states. More...

Macro Definition Documentation

§ EDDSACC26X2_STATUS_FSM_RUN_PKA_OP

#define EDDSACC26X2_STATUS_FSM_RUN_PKA_OP EDDSA_STATUS_RESERVED - 0

§ EDDSACC26X2_STATUS_FSM_RUN_FSM

#define EDDSACC26X2_STATUS_FSM_RUN_FSM EDDSA_STATUS_RESERVED - 1

§ EDDSACC26X2_PKA_OPERATION_STARTED

#define EDDSACC26X2_PKA_OPERATION_STARTED (0xFFFFFFFFUL)

§ ED25519_LENGTH

#define ED25519_LENGTH 32

Typedef Documentation

§ EDDSACC26X2_stateMachineFxn

typedef int_fast16_t(* EDDSACC26X2_stateMachineFxn) (EDDSA_Handle handle)

EDDSACC26X2 state machine function prototype.

The FSM controller in the EDDSACC26X2 SWI executes a state machine function containing a switch statement that governs state execution. This function pointer is stored in the object at the beginning of the transaction. This way, unused state machines are removed at link time.

Enumeration Type Documentation

§ EDDSACC26X2_FsmState

enum EDDSACC26X2_FsmState

EDDSACC26X2 KeyGen, Sign, and Verify states.

The public key generation, sign, and verify operations are implemented using multiple individual PKA operations. Since state transitions for these operations are almost always predictable, the state transitions are encoded linearly in this enum. The FSM controller will increment the state counter and iterate through states until it is told to stop or restart.

Enumerator
EDDSACC26X2_FSM_ERROR
EDDSACC26X2_FSM_GEN_PUB_KEY_HASH_PRIVATE_KEY
EDDSACC26X2_FSM_GEN_PUB_KEY_MULT_PRIV_KEY_BY_GENER_WEIER
EDDSACC26X2_FSM_GEN_PUB_KEY_MULT_PRIV_KEY_BY_GENER_WEIER_RESULT
EDDSACC26X2_FSM_GEN_PUB_KEY_CONVERT_WEI_TO_ED
EDDSACC26X2_FSM_GEN_PUB_KEY_ENCODE_PUBLIC_KEY
EDDSACC26X2_FSM_SIGN1_HASH_PRIVATE_KEY
EDDSACC26X2_FSM_SIGN1_HASH_UPPER_SECRET_KEY
EDDSACC26X2_FSM_SIGN1_HASH_MESSAGE1
EDDSACC26X2_FSM_SIGN1_HASH_MESSAGE2
EDDSACC26X2_FSM_SIGN1_HASH_FINALIZE
EDDSACC26X2_FSM_SIGN2_MOD_SECRET_HASH
EDDSACC26X2_FSM_SIGN2_MOD_SECRET_HASH_RESULT
EDDSACC26X2_FSM_SIGN2_MULT_SECRET_HASH_BY_GENERATOR_WEIER
EDDSACC26X2_FSM_SIGN2_MULT_SECRET_HASH_BY_GENERATOR_WEIER_RESULT
EDDSACC26X2_FSM_SIGN2_CONVERT_WEI_TO_ED
EDDSACC26X2_FSM_SIGN2_ENCODE_PUBLIC_KEY
EDDSACC26X2_FSM_SIGN3_HASH_SIG_R
EDDSACC26X2_FSM_SIGN3_HASH_PUBLIC_KEY
EDDSACC26X2_FSM_SIGN3_HASH_MESSAGE1
EDDSACC26X2_FSM_SIGN3_HASH_MESSAGE2
EDDSACC26X2_FSM_SIGN3_HASH_FINALIZE
EDDSACC26X2_FSM_SIGN4_MULT_SIG_HASH_BY_SECRET_KEY
EDDSACC26X2_FSM_SIGN4_MULT_SIG_HASH_BY_SECRET_KEY_RESULT
EDDSACC26X2_FSM_SIGN4_ADD_SECRET_HASH_TO_MULT
EDDSACC26X2_FSM_SIGN4_ADD_SECRET_HASH_TO_MULT_RESULT
EDDSACC26X2_FSM_SIGN4_MOD_S
EDDSACC26X2_FSM_SIGN4_MOD_S_RESULT
EDDSACC26X2_FSM_VERIFY1_HASH_SIG_R
EDDSACC26X2_FSM_VERIFY1_HASH_PUBLIC_KEY
EDDSACC26X2_FSM_VERIFY1_HASH_MESSAGE1
EDDSACC26X2_FSM_VERIFY1_HASH_MESSAGE2
EDDSACC26X2_FSM_VERIFY1_HASH_FINALIZE
EDDSACC26X2_FSM_VERIFY1_S_IN_RANGE
EDDSACC26X2_FSM_VERIFY1_A_IS_NOT_POINT_AT_INFINITY
EDDSACC26X2_FSM_VERIFY1_MULT_Y_BY_Y
EDDSACC26X2_FSM_VERIFY1_MULT_Y_BY_Y_RESULT
EDDSACC26X2_FSM_VERIFY1_MOD_Y2
EDDSACC26X2_FSM_VERIFY1_MOD_Y2_RESULT
EDDSACC26X2_FSM_VERIFY1_SUBTRACT_ONE_FROM_Y2
EDDSACC26X2_FSM_VERIFY1_SUBTRACT_ONE_FROM_Y2_RESULT
EDDSACC26X2_FSM_VERIFY1_MULT_D_BY_Y2
EDDSACC26X2_FSM_VERIFY1_MULT_D_BY_Y2_RESULT
EDDSACC26X2_FSM_VERIFY1_MOD_D_Y2
EDDSACC26X2_FSM_VERIFY1_MOD_D_Y2_RESULT
EDDSACC26X2_FSM_VERIFY1_ADD_ONE_TO_D_Y2
EDDSACC26X2_FSM_VERIFY1_ADD_ONE_TO_D_Y2_RESULT
EDDSACC26X2_FSM_VERIFY1_MULT_V_BY_V
EDDSACC26X2_FSM_VERIFY1_MULT_V_BY_V_RESULT
EDDSACC26X2_FSM_VERIFY1_MOD_V2
EDDSACC26X2_FSM_VERIFY1_MOD_V2_RESULT
EDDSACC26X2_FSM_VERIFY1_MULT_V2_BY_V
EDDSACC26X2_FSM_VERIFY1_MULT_V2_BY_V_RESULT
EDDSACC26X2_FSM_VERIFY1_MOD_V3
EDDSACC26X2_FSM_VERIFY1_MOD_V3_RESULT
EDDSACC26X2_FSM_VERIFY1_MULT_V3_BY_U
EDDSACC26X2_FSM_VERIFY1_MULT_V3_BY_U_RESULT
EDDSACC26X2_FSM_VERIFY1_MOD_U_V3
EDDSACC26X2_FSM_VERIFY1_MOD_U_V3_RESULT
EDDSACC26X2_FSM_VERIFY1_MULT_U_V3_BY_V3
EDDSACC26X2_FSM_VERIFY1_MULT_U_V3_BY_V3_RESULT
EDDSACC26X2_FSM_VERIFY1_MOD_U_V6
EDDSACC26X2_FSM_VERIFY1_MOD_U_V6_RESULT
EDDSACC26X2_FSM_VERIFY1_MULT_U_V6_BY_V
EDDSACC26X2_FSM_VERIFY1_MULT_U_V6_BY_V_RESULT
EDDSACC26X2_FSM_VERIFY1_MOD_U_V7
EDDSACC26X2_FSM_VERIFY1_MOD_U_V7_RESULT
EDDSACC26X2_FSM_VERIFY1_EXP_U_V7
EDDSACC26X2_FSM_VERIFY1_EXP_U_V7_RESULT
EDDSACC26X2_FSM_VERIFY1_MULT_U_V3_BY_EXP
EDDSACC26X2_FSM_VERIFY1_MULT_U_V3_BY_EXP_RESULT
EDDSACC26X2_FSM_VERIFY1_MOD_CANDIDATE_X
EDDSACC26X2_FSM_VERIFY1_MOD_CANDIDATE_X_RESULT
EDDSACC26X2_FSM_VERIFY1_MULT_X_BY_X
EDDSACC26X2_FSM_VERIFY1_MULT_X_BY_X_RESULT
EDDSACC26X2_FSM_VERIFY1_MOD_X2
EDDSACC26X2_FSM_VERIFY1_MOD_X2_RESULT
EDDSACC26X2_FSM_VERIFY1_MULT_X2_BY_V
EDDSACC26X2_FSM_VERIFY1_MULT_X2_BY_V_RESULT
EDDSACC26X2_FSM_VERIFY1_MOD_V_X2
EDDSACC26X2_FSM_VERIFY1_MOD_V_X2_RESULT
EDDSACC26X2_FSM_VERIFY1_MOD_U
EDDSACC26X2_FSM_VERIFY1_MOD_U_RESULT
EDDSACC26X2_FSM_VERIFY1_NEGATE_U
EDDSACC26X2_FSM_VERIFY1_NEGATE_U_RESULT
EDDSACC26X2_FSM_VERIFY1_CHECK_SQUARE_ROOT
EDDSACC26X2_FSM_VERIFY2_ADD_ONE_TO_P
EDDSACC26X2_FSM_VERIFY2_ADD_ONE_TO_P_RESULT
EDDSACC26X2_FSM_VERIFY2_SUBTRACT_Y_FROM_P_PLUS_ONE
EDDSACC26X2_FSM_VERIFY2_SUBTRACT_Y_FROM_P_PLUS_ONE_RESULT
EDDSACC26X2_FSM_VERIFY2_MULT_ONE_MINUS_Y_BY_X
EDDSACC26X2_FSM_VERIFY2_MULT_ONE_MINUS_Y_BY_X_RESULT
EDDSACC26X2_FSM_VERIFY2_MOD_ONE_MINUS_Y_X
EDDSACC26X2_FSM_VERIFY2_MOD_ONE_MINUS_Y_X_RESULT
EDDSACC26X2_FSM_VERIFY2_INVERSION
EDDSACC26X2_FSM_VERIFY2_INVERSION_RESULT
EDDSACC26X2_FSM_VERIFY2_MULT_INVERSE_BY_X
EDDSACC26X2_FSM_VERIFY2_MULT_INVERSE_BY_X_RESULT
EDDSACC26X2_FSM_VERIFY2_MOD_ONE_MINUS_Y_INV
EDDSACC26X2_FSM_VERIFY2_MOD_ONE_MINUS_Y_INV_RESULT
EDDSACC26X2_FSM_VERIFY2_MULT_INVERSE_BY_ONE_MINUS_Y
EDDSACC26X2_FSM_VERIFY2_MULT_INVERSE_BY_ONE_MINUS_Y_RESULT
EDDSACC26X2_FSM_VERIFY2_MOD_X_INV
EDDSACC26X2_FSM_VERIFY2_MOD_X_INV_RESULT
EDDSACC26X2_FSM_VERIFY2_ADD_ONE_TO_Y
EDDSACC26X2_FSM_VERIFY2_ADD_ONE_TO_Y_RESULT
EDDSACC26X2_FSM_VERIFY2_MULT_ONE_MINUS_Y_INV_BY_ONE_PLUS_Y
EDDSACC26X2_FSM_VERIFY2_MULT_ONE_MINUS_Y_INV_BY_ONE_PLUS_Y_RESULT
EDDSACC26X2_FSM_VERIFY2_MOD_UM
EDDSACC26X2_FSM_VERIFY2_MOD_UM_RESULT
EDDSACC26X2_FSM_VERIFY2_MULT_UM_BY_X_INV
EDDSACC26X2_FSM_VERIFY2_MULT_UM_BY_X_INV_RESULT
EDDSACC26X2_FSM_VERIFY2_MOD_UM_X_INV
EDDSACC26X2_FSM_VERIFY2_MOD_UM_X_INV_RESULT
EDDSACC26X2_FSM_VERIFY2_ADD_CONST_TO_UM
EDDSACC26X2_FSM_VERIFY2_ADD_CONST_TO_UM_RESULT
EDDSACC26X2_FSM_VERIFY2_MOD_WEIERX
EDDSACC26X2_FSM_VERIFY2_MOD_WEIERX_RESULT
EDDSACC26X2_FSM_VERIFY2_MULT_UM_X_INV_BY_CONST
EDDSACC26X2_FSM_VERIFY2_MULT_UM_X_INV_BY_CONST_RESULT
EDDSACC26X2_FSM_VERIFY2_MOD_WEIERY
EDDSACC26X2_FSM_VERIFY2_MOD_WEIERY_RESULT
EDDSACC26X2_FSM_VERIFY2_MOD_SIG_DIGEST
EDDSACC26X2_FSM_VERIFY2_MOD_SIG_DIGEST_RESULT
EDDSACC26X2_FSM_VERIFY2_NEGATE_SIG_DIGEST
EDDSACC26X2_FSM_VERIFY2_NEGATE_SIG_DIGEST_RESULT
EDDSACC26X2_FSM_VERIFY2_MULT_PUBLIC_KEY_BY_NEG_SIG_DIGEST
EDDSACC26X2_FSM_VERIFY2_MULT_PUBLIC_KEY_BY_NEG_SIG_DIGEST_RESULT
EDDSACC26X2_FSM_VERIFY2_MULT_BASE_POINT_BY_S
EDDSACC26X2_FSM_VERIFY2_MULT_BASE_POINT_BY_S_RESULT
EDDSACC26X2_FSM_VERIFY2_ADD_POINTS
EDDSACC26X2_FSM_VERIFY2_ADD_POINTS_RESULT
EDDSACC26X2_FSM_VERIFY2_CONVERT_WEI_TO_ED
EDDSACC26X2_FSM_VERIFY2_COMPARE_RESULT_R

§ EDDSACC26X2_FsmSubState

enum EDDSACC26X2_FsmSubState

EDDSACC26X2 Weierstrass to Edwards states.

The public key generation, sign, and verify operations all use a common subroutine that converts an input point on the short Weierstrass curve Wei25519 to an output point on the twisted Edwards curve Ed25519. Since state transitions for these operations are almost always predictable, the state transitions are encoded linearly in this enum. The FSM controller will increment the substate counter and iterate through states until it is told to stop or restart.

Enumerator
EDDSACC26X2_SUBFSM_WEI_TO_MONT_ADDITION
EDDSACC26X2_SUBFSM_WEI_TO_MONT_ADDITION_RESULT
EDDSACC26X2_SUBFSM_MONT_TO_ED_ADD_ONE
EDDSACC26X2_SUBFSM_MONT_TO_ED_ADD_ONE_RESULT
EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_V
EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_V_RESULT
EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_MULT_V
EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_MULT_V_RESULT
EDDSACC26X2_SUBFSM_MONT_TO_ED_INVERSION
EDDSACC26X2_SUBFSM_MONT_TO_ED_INVERSION_RESULT
EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_INVERSE1
EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_INVERSE1_RESULT
EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_INVERSE2
EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_INVERSE2_RESULT
EDDSACC26X2_SUBFSM_MONT_TO_ED_SUB_ONE
EDDSACC26X2_SUBFSM_MONT_TO_ED_SUB_ONE_RESULT
EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_SUB
EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_SUB_RESULT
EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_RETRIEVE_Y
EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_RETRIEVE_Y_RESULT
EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_Y
EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_Y_RESULT
EDDSACC26X2_SUBFSM_MONT_TO_ED_U_MULT_ISO_CONST
EDDSACC26X2_SUBFSM_MONT_TO_ED_U_MULT_ISO_CONST_RESULT
EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_V_INVERSE
EDDSACC26X2_SUBFSM_MONT_TO_ED_MULT_V_INVERSE_RESULT
EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_X
EDDSACC26X2_SUBFSM_MONT_TO_ED_MOD_X_RESULT