gy 0x037bf27342da639b6dccfffeb73d69d78c6c27a6009cbbca1980f8533921e8a684423e43bab08a576291af8f461bb2a8b3531d2f0485c19b16e2f1516e23dd3c1a4827af1b8ac15b
#----- Curves from ANSI X9.62 -----------------------------------------------
+#
+# The conversion factors for the normal basis representations were generated
+# because none were given in the document.
curve ansi-c2pnb163v1 binpoly
p 0x080000000000000000000000000000000000000107
gx 0x02f9f87b7c574d0bdecf8a22e6524775f98cdebdcb
gy 0x05b935590c155e17ea48eb3ff3718b893df59a05d0
-# ansi-c2pnb176w1 has an unacceptable cofactor; and 176 isn't prime anyway
-
curve ansi-c2tnb191v1 binpoly
p 0x800000000000000000000000000000000000000000000201
a 0x2866537b676752636a68f56554e12640276b649ef7526267
h 4
gx 0x3809b2b7cc1b28cc5a87926aad83fd28789e81e2c9e3bf10
gy 0x17434386626d14f3dbf01760d9213a3e1cf37aec437d668a
-# ansi-c2tnb191v3 has an unacceptable cofactor
-# ansi-c2onb191v{4,5} don't include conversion factors
-
-# ansi-c2pnb208v1 has an unacceptable cofactor; and 208 isn't prime anyway
+curve ansi-c2tnb191v3 binpoly
+ p 0x800000000000000000000000000000000000000000000201
+ a 0x6c01074756099122221056911c77d77e77a777e7e7e77fcb
+ b 0x71fe1af926cf847989efef8db459f66394d90f32ad3f15e8
+ r 0x155555555555555555555555610c0b196812bfb6288a3ea3
+ h 6
+ gx 0x375d4ce24fde434489de8746e71786015009e66e38a926dd
+ gy 0x545a39176196575d985999366e6ad34ce0a77cd7127b06be
+curve ansi-c2onb191v1 binnorm
+ p 0x800000000000000000000000000000000000000000000201
+ beta 0x19c409a7f85383bf0ef72b097a5c7398013a2dba6269292d
+ a 0x65903e04e1e4924253e26a3c9ac28c758bd8184a3fb680e8
+ b 0x54678621b190cfce282ade219d5b3a065e3f4b3ffdebb29b
+ r 0x4000000000000000000000009cf2d6e3901dac4c32eec65d
+ h 2
+ gx 0x5a2c69a32e8638e51ccefaad05350a978457cb5fb6df994a
+ gy 0x0f32fe0fa0e902f19b17d363c269f4f5cfe8087618569954
+curve ansi-c2onb191v2 binnorm
+ p 0x800000000000000000000000000000000000000000000201
+ beta 0x19c409a7f85383bf0ef72b097a5c7398013a2dba6269292d
+ a 0x25f8d06c97c822536d469cd5170cdd7bb9f500bd6db110fb
+ b 0x75ff570e35ca94fb3780c2619d081c17aa59fbd5e591c1c4
+ r 0x0fffffffffffffffffffffffeeb354b7270b2992b7818627
+ h 8
+ gx 0x2a16910e8f6c4b199be24213857abc9c992edfb2471f3c68
+ gy 0x1592dbfebeb81a7c071b744d5e2f9e242ea65b81138a3468
curve ansi-c2tnb239v1 binpoly
p 0x800000000000000000000000000000000000000000000000001000000001
h 4
gx 0x57927098fa932e7c0a96d3fd5b706ef7e5f5c156e16b7e7c86038552e91d
gy 0x61d8ee5077c33fecf6f1a16b268de469c3c7744ea9a971649fc7a9616305
-# ansi-c2tnb239v{2,3} have unacceptable cofactors
-# ansi-c2onb239v{4,5} don't include conversion factors
-
-# ansi-c2pnb272w1 has an unacceptable cofactor; and 272 isn't prime anyway
-
-# ansi-c2pnb304w1 has an unacceptable cofactor; and 304 isn't prime anyway
-
-# ansi-c2tnb359v1 has an unacceptable cofactor
-
-# ansi-c2pnb368w1 has an unacceptable cofactor; and 368 isn't prime anyway
-
-# ansi-c2tnb431v1 has an unacceptable cofactor
+curve ansi-c2tnb239v2 binpoly
+ p 0x800000000000000000000000000000000000000000000000001000000001
+ a 0x4230017757a767fae42398569b746325d45313af0766266479b75654e65f
+ b 0x5037ea654196cff0cd82b2c14a2fcf2e3ff8775285b545722f03eacdb74b
+ r 0x1555555555555555555555555555553c6f2885259c31e3fcdf154624522d
+ h 6
+ gx 0x28f9d04e900069c8dc47a08534fe76d2b900b7d7ef31f5709f200c4ca205
+ gy 0x5667334c45aff3b5a03bad9dd75e2c71a99362567d5453f7fa6e227ec833
+curve ansi-c2tnb239v3 binpoly
+ p 0x800000000000000000000000000000000000000000000000001000000001
+ a 0x01238774666a67766d6676f778e676b66999176666e687666d8766c66a9f
+ b 0x6a941977ba9f6a435199acfc51067ed587f519c5ecb541b8e44111de1d40
+ r 0x0cccccccccccccccccccccccccccccac4912d2d9df903ef9888b8a0e4cff
+ h 10
+ gx 0x70f6e9d04d289c4e89913ce3530bfde903977d42b146d539bf1bde4e9c92
+ gy 0x2e5a0eaf6e5e1305b9004dce5c0ed7fe59a35608f33837c816d80b79f461
+curve ansi-c2onb239v1 binnorm
+ p 0x800000000000000000000000000000000000000000000000001000000001
+ beta 0x3b5ce9846911b248f9347018a7ac8cce3662cee952ba45becd02d4b903ec
+ a 0x182dd45f5d470239b8983fea47b8b292641c57f9bf84baecde8bb3adce30
+ b 0x147a9c1d4c2ce9be5d34ec02797f76667ebad5a3f93fa2a524bfde91ef28
+ r 0x200000000000000000000000000000474f7e69f42fe430931d0b455aae8b
+ h 4
+ gx 0x4912ad657f1d1c6b32edb9942c95e226b06fb012cd40fdea0d72197c8104
+ gy 0x01f1fbc3d21168fd3f66c441c2b5c6cfdcd9ed3e13646b7a4db9a3b0c286
+curve ansi-c2onb239v2 binnorm
+ p 0x800000000000000000000000000000000000000000000000001000000001
+ beta 0x3b5ce9846911b248f9347018a7ac8cce3662cee952ba45becd02d4b903ec
+ a 0x1ecf1b9d28d8017505e17475d3df2982e243ca5cb5e9f94a3f36124a486e
+ b 0x3ee257250d1a2e66cef23aa0f25b12388de8a10ff9554f90afbaa9a08b6d
+ r 0x1555555555555555555555555555558cf77a5d0589d2a9340d963b7ad703
+ h 6
+ gx 0x5f949ccb694f26b96d191e8925205a719929e93c37174cb6c7f659a37b85
+ gy 0x2d788d605ac81069e9964fd6edbae8bbf582a5c409a1078cf487a147ceb2
+ ## The spec seems bogus: the suggested base point G isn't in the
+ ## subgroup! The point above is h G.
+ ##gx 0x193279fc543e9f5f7119189785b9c60b249be4820baf6c24bdfa2813f8b8
+ ##gy 0x5da021e5af77604051fc5c38da8293c1eeeaa00f046eeb93b6c8b774bb9b
+
+curve ansi-c2tnb359v1 binpoly
+ p 0x800000000000000000000000000000000000000000000000000000000000000000000000100000000000000001
+ a 0x5667676a654b20754f356ea92017d946567c46675556f19556a04616b567d223a5e05656fb549016a96656a557
+ b 0x2472e2d0197c49363f1fe7f5b6db075d52b6947d135d8ca445805d39bc345626089687742b6329e70680231988
+ r 0x01af286bca1af286bca1af286bca1af286bca1af286bc9fb8f6b85c556892c20a7eb964fe7719e74f490758d3b
+ h 76
+ gx 0x3c258ef3047767e7ede0f1fdaa79daee3841366a132e163aced4ed2401df9c6bdcde98e8e707c07a2239b1b097
+ gy 0x53d7e08529547048121e9c95f3791dd804963948f34fae7bf44ea82365dc7868fe57e4ae2de211305a407104bd
+
+curve ansi-c2tnb431v1 binpoly
+ p 0x800000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000001
+ a 0x1a827ef00dd6fc0e234caf046c6a5d8a85395b236cc4ad2cf32a0cadbdc9ddf620b0eb9906d0957f6c6feacd615468df104de296cd8f
+ b 0x10d9b4a3d9047d8b154359abfb1b7f5485b04ceb868237ddc9deda982a679a5a919b626d4e50a8dd731b107a9962381fb5d807bf2618
+ r 0x000340340340340340340340340340340340340340340340340340340323c313fab50589703b5ec68d3587fec60d161cc149c1ad4a91
+ h 10080
+ gx 0x120fc05d3c67a99de161d2f4092622feca701be4f50f4758714e8a87bbf2a658ef8c21e7c5efe965361f6c2999c0c247b0dbd70ce6b7
+ gy 0x20d0af8903a96f8d5fa2c255745d3c451b302c9346d9b7e485e7bce41f6b591f3e8f6addcbb0bc4c2f947a7de1a89b625d6a598b3760
+
+# These curves aren't included because their degree isn't prime (so they
+# may be vulnerable to Weil descent)
+# ansi-c2pnb176w1 is bad: 176 isn't prime
+# ansi-c2pnb208v1 is bad: 208 isn't prime
+# ansi-c2pnb272w1 is bad: 272 isn't prime
+# ansi-c2pnb304w1 is bad: 304 isn't prime
+# ansi-c2pnb368w1 is bad: 368 isn't prime
alias ansi-prime192v1 secp192r1
curve ansi-prime192v2 niceprime
#----- Curves from RFC2414 (Oakley) -----------------------------------------
#
-# oakley155 has too large a cofactor
-# oakley185's group has composite order; we double the generator to
-# produce a group of composite order
-
-curve oakley185 binpoly
- p 0x020000000000000000000000000000200000000000000001
- a 0
- b 0x1ee9
- r 0x007ffffffffffffffffffffff6fcbe226dcf92105d7e53af
- h 4
- gx 0x1bd555555555555555555555555554e8000000000000158
- gy 0x14e999999999999999999999999998d7000000000001fe6
+# The Oakley curves are not good:
+# oakley155 has too large a cofactor
+# oakley185's field has composite degree
+# Hence, we include neither here.
#----- NIST curves from FIPS186-2 -------------------------------------------
#
-# Most of these are duplicates of SEC2 curves.
+# These are duplicates of SEC2 curves. However, the normal basis
+# representations aren't in SEC, so we give them here. (Conversion factors
+# from FIPS186-2.
alias nist-p192 secp192r1
alias nist-p224 secp224r1
h 2
gx 0x05679b353caa46825fea2d3713ba450da0c2a4541
gy 0x235b7c6710050689906bac3d9dec76a835591edb2
-
curve nist-b163n binnorm
p 0x800000000000000000000000000000000000000c9
beta 0x715169c109c612e390d347c748342bcd3b02a0bef
h 4
gx 0x0fde76d9dcd26e643ac26f1aa901aa129784b71fc0722b2d05614d650b3
gy 0x0643e317633155c9e0447ba8020a3c43177450ee036d633501434cac978
-
curve nist-b233n binnorm
p 0x20000000000000000000000000000000000000004000000000000000001
beta 0x1499e398ac5d79e368559b35ca49bb7305da6c0390bcf9e2300253203c9
r 0x01000000000000000000000000000013e974e72f8a6922031d2603cfe0d7
h 2
gx 0x18b863524b3cdfefb94f2784e0b116faac54404bc9162a363bab84a14c5
- gy 0x04925df77bd8b8ff1a5ff519417822bfedf2bbd752644292c98c7af6e02
+ gy 0x04925df77bd8b8ff1a5ff519417822bfedf2bbd752644292c98c7af6e02
curve nist-k283n binnorm
p 0x800000000000000000000000000000000000000000000000000000000000000000010a1
h 4
gx 0x3ab9593f8db09fc188f1d7c4ac9fcc3e57fcd3bdb15024b212c70229de5fcd92eb0ea60
gy 0x2118c4755e7345cd8f603ef93b98b106fe8854ffeb9a3b304634cc83a0e759f0c2686b1
-
curve nist-b283n binnorm
- p 0x800000000000000000000000000000000000000000000000000000000000000000010a1
+ p 0x800000000000000000000000000000000000000000000000000000000000000000010a1
beta 0x31e0ed791c3282dc5624a720818049d053e8c7ab8663792bc1d792eba9867fc7b317a99
a 0x7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
b 0x157261b894739fb5a13503f55f0b3f10c5601166633102201138cc180c0206bdafbc951
h 4
gx 0x1b559c7cba2422e3affe13343e808b55e012d726ca0b7e6a63aeafbc1e3a98e10ca0fcf98350c3b7f89a9754a8e1dc0713cec4a
gy 0x16d8c42052f07e7713e7490eff318ba1abd6fef8a5433c894b24f5c817aeb79852496fbee803a47bc8a203878ebf1c499afd7d6
-
curve nist-b409n binnorm
p 0x2000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001
beta 0x0dfa06be206aa97b7a41fffb9b0c55f8f048062fbe8381b4248adf92912ccc8e3f91a24e1cfb3950532b988971c23042e85708d
h 4
gx 0x04bb2dba418d0db107adae003427e5d7cc139acb465e5934f0bea2ab2f3622bc29b3d5b9aa7a1fdfd5d8be66057c1008e71e484bcd98f22bf8476423767367429ef2ec5bc3ebcf7
gy 0x44cbb57de20788d2c952d7b56cf39bd3e89b18984bd124e751ceff4369dd8dac6a59e6e745df44d8220ce22aa2c852cfcbbef49ebaa98bd2483e33180e04286feaa253050caff60
-
curve nist-b571n binnorm
p 0x80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425
beta 0x452186bbf5840a0bcf8c9f02a54efa04e813b43c3d4149606c4d27b487bf107393c8907f79d9778beb35ee87467d3288274caebda6ce05aeb4ca5cf3c3044bd4372232f2c1a27c4
a 0x7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
b 0x3762d0d47116006179da35688eeaccf591a5cdea75000118d9608c59132d43426101a1dfb3774115f586623f75f00001ce611983c1275fa31f5bc9f4be1a0f467f01ca885c74777
-
r 0x03ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe661ce18ff55987308059b186823851ec7dd9ca1161de93d5174d66e8382e9bb2fe84e47
h 2
gx 0x0735e035def5925cc33173eb2a8ce7767522b466d278b650a2916127dfea9d2d361089f0a7a0247a184e1c70d417866e0fe0feb0ff8f2f3f9176418f97d117e624e2015df1662a8
projects / u / mdw / catacomb / blobdiff