Implemented ntru_private_key class
[strongswan.git] / src / libstrongswan / plugins / ntru / ntru_param_set.c
1 /*
2 * Copyright (C) 2014 Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * Copyright (C) 2009-2013 Security Innovation
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 #include "ntru_param_set.h"
19
20 #include <utils/test.h>
21
22 ENUM(ntru_param_set_id_names, NTRU_EES401EP1, NTRU_EES743EP1,
23 "ees401ep1",
24 "ees449ep1",
25 "ees677ep1",
26 "ees1087ep2",
27 "ees541ep1",
28 "ees613ep1",
29 "ees887ep1",
30 "ees1171ep1",
31 "ees659ep1",
32 "ees761ep1",
33 "ees1087ep1",
34 "ees1499ep1",
35 "ees401ep2",
36 "ees439ep1",
37 "ees593ep1",
38 "ees743ep1"
39 );
40
41 /**
42 * NTRU encryption parameter set definitions
43 */
44 static ntru_param_set_t ntru_param_sets[] = {
45
46 /* X9.98/IEEE 1363.1 parameter sets for best bandwidth (smallest size) */
47 {
48 NTRU_EES401EP1, /* parameter-set id */
49 {0x00, 0x02, 0x04}, /* OID */
50 0x22, /* DER id */
51 9, /* no. of bits in N (i.e., in an index) */
52 401, /* N */
53 14, /* security strength in octets */
54 2048, /* q */
55 11, /* no. of bits in q (i.e., in a coeff) */
56 FALSE, /* product form */
57 113, /* df, dr */
58 133, /* dg */
59 60, /* maxMsgLenBytes */
60 113, /* dm0 */
61 11, /* c */
62 1, /* lLen */
63 },
64
65 {
66 NTRU_EES449EP1, /* parameter-set id */
67 {0x00, 0x03, 0x03}, /* OID */
68 0x23, /* DER id */
69 9, /* no. of bits in N (i.e., in an index) */
70 449, /* N */
71 16, /* security strength in octets */
72 2048, /* q */
73 11, /* no. of bits in q (i.e., in a coeff) */
74 FALSE, /* product form */
75 134, /* df, dr */
76 149, /* dg */
77 67, /* maxMsgLenBytes */
78 134, /* dm0 */
79 9, /* c */
80 1, /* lLen */
81 },
82
83 {
84 NTRU_EES677EP1, /* parameter-set id */
85 {0x00, 0x05, 0x03}, /* OID */
86 0x24, /* DER id */
87 10, /* no. of bits in N (i.e., in an index) */
88 677, /* N */
89 24, /* security strength in octets */
90 2048, /* q */
91 11, /* no. of bits in q (i.e., in a coeff) */
92 FALSE, /* product form */
93 157, /* df, dr */
94 225, /* dg */
95 101, /* maxMsgLenBytes */
96 157, /* dm0 */
97 11, /* c */
98 1, /* lLen */
99 },
100
101 {
102 NTRU_EES1087EP2, /* parameter-set id */
103 {0x00, 0x06, 0x03}, /* OID */
104 0x25, /* DER id */
105 11, /* no. of bits in N (i.e., in an index) */
106 1087, /* N */
107 32, /* security strength in octets */
108 2048, /* q */
109 11, /* no. of bits in q (i.e., in a coeff) */
110 FALSE, /* product form */
111 120, /* df, dr */
112 362, /* dg */
113 170, /* maxMsgLenBytes */
114 120, /* dm0 */
115 13, /* c */
116 1, /* lLen */
117 },
118
119 /* X9.98/IEEE 1363.1 parameter sets balancing speed and bandwidth */
120 {
121 NTRU_EES541EP1, /* parameter-set id */
122 {0x00, 0x02, 0x05}, /* OID */
123 0x26, /* DER id */
124 10, /* no. of bits in N (i.e., in an index) */
125 541, /* N */
126 14, /* security strength in octets */
127 2048, /* q */
128 11, /* no. of bits in q (i.e., in a coeff) */
129 FALSE, /* product form */
130 49, /* df, dr */
131 180, /* dg */
132 86, /* maxMsgLenBytes */
133 49, /* dm0 */
134 12, /* c */
135 1, /* lLen */
136 },
137
138 {
139 NTRU_EES613EP1, /* parameter-set id */
140 {0x00, 0x03, 0x04}, /* OID */
141 0x27, /* DER id */
142 10, /* no. of bits in N (i.e., in an index) */
143 613, /* N */
144 16, /* securuity strength in octets */
145 2048, /* q */
146 11, /* no. of bits in q (i.e., in a coeff) */
147 FALSE, /* product form */
148 55, /* df, dr */
149 204, /* dg */
150 97, /* maxMsgLenBytes */
151 55, /* dm0 */
152 11, /* c */
153 1, /* lLen */
154 },
155
156 {
157 NTRU_EES887EP1, /* parameter-set id */
158 {0x00, 0x05, 0x04}, /* OID */
159 0x28, /* DER id */
160 10, /* no. of bits in N (i.e., in an index) */
161 887, /* N */
162 24, /* security strength in octets */
163 2048, /* q */
164 11, /* no. of bits in q (i.e., in a coeff) */
165 FALSE, /* product form */
166 81, /* df, dr */
167 295, /* dg */
168 141, /* maxMsgLenBytes */
169 81, /* dm0 */
170 10, /* c */
171 1, /* lLen */
172 },
173
174 {
175 NTRU_EES1171EP1, /* parameter-set id */
176 {0x00, 0x06, 0x04}, /* OID */
177 0x29, /* DER id */
178 11, /* no. of bits in N (i.e., in an index) */
179 1171, /* N */
180 32, /* security strength in octets */
181 2048, /* q */
182 11, /* no. of bits in q (i.e., in a coeff) */
183 FALSE, /* product form */
184 106, /* df, dr */
185 390, /* dg */
186 186, /* maxMsgLenBytes */
187 106, /* dm0 */
188 12, /* c */
189 1, /* lLen */
190 },
191
192 /* X9.98/IEEE 1363.1 parameter sets for best speed */
193 {
194 NTRU_EES659EP1, /* parameter-set id */
195 {0x00, 0x02, 0x06}, /* OID */
196 0x2a, /* DER id */
197 10, /* no. of bits in N (i.e., in an index) */
198 659, /* N */
199 14, /* security strength in octets */
200 2048, /* q */
201 11, /* no. of bits in q (i.e., in a coeff) */
202 FALSE, /* product form */
203 38, /* df, dr */
204 219, /* dg */
205 108, /* maxMsgLenBytes */
206 38, /* dm0 */
207 11, /* c */
208 1, /* lLen */
209 },
210
211 {
212 NTRU_EES761EP1, /* parameter-set id */
213 {0x00, 0x03, 0x05}, /* OID */
214 0x2b, /* DER id */
215 10, /* no. of bits in N (i.e., in an index) */
216 761, /* N */
217 16, /* security strength in octets */
218 2048, /* q */
219 11, /* no. of bits in q (i.e., in a coeff) */
220 FALSE, /* product form */
221 42, /* df, dr */
222 253, /* dg */
223 125, /* maxMsgLenBytes */
224 42, /* dm0 */
225 12, /* c */
226 1, /* lLen */
227 },
228
229 {
230 NTRU_EES1087EP1, /* parameter-set id */
231 {0x00, 0x05, 0x05}, /* OID */
232 0x2c, /* DER id */
233 11, /* no. of bits in N (i.e., in an index) */
234 1087, /* N */
235 24, /* security strength in octets */
236 2048, /* q */
237 11, /* no. of bits in q (i.e., in a coeff) */
238 FALSE, /* product form */
239 63, /* df, dr */
240 362, /* dg */
241 178, /* maxMsgLenBytes */
242 63, /* dm0 */
243 13, /* c */
244 1, /* lLen */
245 },
246
247 {
248 NTRU_EES1499EP1, /* parameter-set id */
249 {0x00, 0x06, 0x05}, /* OID */
250 0x2d, /* DER id */
251 11, /* no. of bits in N (i.e., in an index) */
252 1499, /* N */
253 32, /* security strength in octets */
254 2048, /* q */
255 11, /* no. of bits in q (i.e., in a coeff) */
256 FALSE, /* product form */
257 79, /* df, dr */
258 499, /* dg */
259 247, /* maxMsgLenBytes */
260 79, /* dm0 */
261 13, /* c */
262 1, /* lLen */
263 },
264
265 /* Best bandwidth and speed, no X9.98 compatibility */
266 {
267 NTRU_EES401EP2, /* parameter-set id */
268 {0x00, 0x02, 0x10}, /* OID */
269 0x2e, /* DER id */
270 9, /* no. of bits in N (i.e., in an index) */
271 401, /* N */
272 14, /* security strength in octets */
273 2048, /* q */
274 11, /* no. of bits in q (i.e., in a coeff) */
275 TRUE, /* product form */
276 8 + (8 << 8) + (6 << 16), /* df, dr */
277 133, /* dg */
278 60, /* maxMsgLenBytes */
279 136, /* m(1)_max */
280 11, /* c */
281 1, /* lLen */
282 },
283
284 {
285 NTRU_EES439EP1, /* parameter-set id */
286 {0x00, 0x03, 0x10}, /* OID */
287 0x2f, /* DER id */
288 9, /* no. of bits in N (i.e., in an index) */
289 439, /* N */
290 16, /* security strength in octets */
291 2048, /* q */
292 11, /* no. of bits in q (i.e., in a coeff) */
293 TRUE, /* product form */
294 9 + (8 << 8) + (5 << 16), /* df, dr */
295 146, /* dg */
296 65, /* maxMsgLenBytes */
297 126, /* m(1)_max */
298 9, /* c */
299 1, /* lLen */
300 },
301
302 {
303 NTRU_EES593EP1, /* parameter-set id */
304 {0x00, 0x05, 0x10}, /* OID */
305 0x30, /* DER id */
306 10, /* no. of bits in N (i.e., in an index) */
307 593, /* N */
308 24, /* security strength in octets */
309 2048, /* q */
310 11, /* no. of bits in q (i.e., in a coeff) */
311 TRUE, /* product form */
312 10 + (10 << 8) + (8 << 16), /* df, dr */
313 197, /* dg */
314 86, /* maxMsgLenBytes */
315 90, /* m(1)_max */
316 11, /* c */
317 1, /* lLen */
318 },
319
320 {
321 NTRU_EES743EP1, /* parameter-set id */
322 {0x00, 0x06, 0x10}, /* OID */
323 0x31, /* DER id */
324 10, /* no. of bits in N (i.e., in an index) */
325 743, /* N */
326 32, /* security strength in octets */
327 2048, /* q */
328 11, /* no. of bits in q (i.e., in a coeff) */
329 TRUE, /* product form */
330 11 + (11 << 8) + (15 << 16), /* df, dr */
331 247, /* dg */
332 106, /* maxMsgLenBytes */
333 60, /* m(1)_max */
334 13, /* c */
335 1, /* lLen */
336 },
337
338 };
339
340 /**
341 * See header.
342 */
343 ntru_param_set_t* ntru_param_set_get_by_id(ntru_param_set_id_t id)
344 {
345 int i;
346
347 for (i = 0; i < countof(ntru_param_sets); i++)
348 {
349 if (ntru_param_sets[i].id == id)
350 {
351 return &ntru_param_sets[i];
352 }
353 }
354 return NULL;
355 }
356
357
358 /**
359 * See header.
360 */
361 ntru_param_set_t* ntru_param_set_get_by_oid(uint8_t const *oid)
362 {
363 int i;
364
365 for (i = 0; i < countof(ntru_param_sets); i++)
366 {
367 if (memeq(ntru_param_sets[i].oid, oid, 3))
368 {
369 return &ntru_param_sets[i];
370 }
371 }
372 return NULL;
373 }
374
375 EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_param_set_get_by_id);