void eb_hlv(eb_t r, const eb_t p) {
fb_t l, t;
fb_null(l);
fb_null(t);
TRY {
fb_new(l);
fb_new(t);
/* Solve l^2 + l = u + a. */
switch (eb_curve_opt_a()) {
case RLC_ZERO:
fb_copy(t, p->x);
break;
case RLC_ONE:
fb_add_dig(t, p->x, (dig_t)1);
break;
case RLC_TINY:
fb_add_dig(t, p->x, eb_curve_get_a()[0]);
break;
default:
fb_add(t, p->x, eb_curve_get_a());
break;
}
fb_slv(l, t);
if (p->norm == 1) {
/* Compute t = v + u * lambda. */
fb_mul(t, l, p->x);
fb_add(t, t, p->y);
} else {
/* Compute t = u * (u + lambda_P + lambda). */
fb_add(t, l, p->y);
fb_add(t, t, p->x);
fb_mul(t, t, p->x);
}
/* If Tr(t) = 0 then lambda_P = lambda, u = sqrt(t + u). */
if (fb_trc(t) == 0) {
fb_copy(r->y, l);
fb_add(t, t, p->x);
fb_srt(r->x, t);
} else {
/* Else lambda_P = lambda + 1, u = sqrt(t). */
fb_add_dig(r->y, l, 1);
fb_srt(r->x, t);
}
fb_set_dig(r->z, 1);
r->norm = 2;
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(l);
fb_free(t);
}
}
void fb2_mul(fb2_t c, fb2_t a, fb2_t b) {
fb_t t0, t1, t2;
fb_null(t0);
fb_null(t1);
fb_null(t2);
TRY {
fb_new(t0);
fb_new(t1);
fb_new(t2);
fb_add(t0, a[0], a[1]);
fb_add(t1, b[0], b[1]);
fb_mul(t0, t0, t1);
fb_mul(t1, a[0], b[0]);
fb_mul(t2, a[1], b[1]);
fb_add(c[0], t1, t2);
fb_add(c[1], t0, t1);
} CATCH_ANY {
THROW(ERR_CAUGHT);
} FINALLY {
fb_free(t0);
fb_free(t1);
fb_free(t2);
}
}
void fb2_inv(fb2_t c, fb2_t a) {
fb_t a0, a1, m0, m1;
fb_null(a0);
fb_null(a1);
fb_null(m0);
fb_null(m1);
TRY {
fb_new(a0);
fb_new(a1);
fb_new(m0);
fb_new(m1);
fb_add(a0, a[0], a[1]);
fb_sqr(m0, a[0]);
fb_mul(m1, a0, a[1]);
fb_add(a1, m0, m1);
fb_inv(a1, a1);
fb_mul(c[0], a0, a1);
fb_mul(c[1], a[1], a1);
} CATCH_ANY {
THROW(ERR_CAUGHT);
} FINALLY {
fb_free(a0);
fb_free(a1);
fb_free(m0);
fb_free(m1);
}
}
int eb_upk(eb_t r, const eb_t p) {
fb_t t0, t1;
int res = 0;
fb_null(t0);
fb_null(t1);
TRY {
fb_new(t0);
fb_new(t1);
eb_rhs(t1, p);
if (eb_curve_is_super()) {
/* t0 = c^2. */
fb_sqr(t0, eb_curve_get_c());
/* t0 = 1/c^2. */
fb_inv(t0, t0);
/* t0 = t1/c^2. */
fb_mul(t0, t0, t1);
res = (fb_trc(t0) == 0);
/* Solve t1^2 + t1 = t0. */
fb_slv(t1, t0);
/* If this is not the correct solution, try the other. */
if (fb_get_bit(t1, 0) != fb_get_bit(p->y, 0)) {
fb_add_dig(t1, t1, 1);
}
/* x3 = x1, y3 = t1 * c, z3 = 1. */
fb_mul(r->y, t1, eb_curve_get_c());
} else {
fb_sqr(t0, p->x);
/* t0 = 1/x1^2. */
fb_inv(t0, t0);
/* t0 = t1/x1^2. */
fb_mul(t0, t0, t1);
res = (fb_trc(t0) == 0);
/* Solve t1^2 + t1 = t0. */
fb_slv(t1, t0);
/* If this is not the correct solution, try the other. */
if (fb_get_bit(t1, 0) != fb_get_bit(p->y, 0)) {
fb_add_dig(t1, t1, 1);
}
/* x3 = x1, y3 = t1 * x1, z3 = 1. */
fb_mul(r->y, t1, p->x);
}
fb_copy(r->x, p->x);
fb_set_dig(r->z, 1);
r->norm = 1;
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(t0);
fb_free(t1);
}
return res;
}
void eb_rhs(fb_t rhs, const eb_t p) {
fb_t t0, t1;
fb_null(t0);
fb_null(t1);
TRY {
fb_new(t0);
fb_new(t1);
/* t0 = x1^2. */
fb_sqr(t0, p->x);
/* t1 = x1^3. */
fb_mul(t1, t0, p->x);
/* t1 = x1^3 + a * x1^2 + b. */
switch (eb_curve_opt_a()) {
case OPT_ZERO:
break;
case OPT_ONE:
fb_add(t1, t1, t0);
break;
case OPT_DIGIT:
fb_mul_dig(t0, t0, eb_curve_get_a()[0]);
fb_add(t1, t1, t0);
break;
default:
fb_mul(t0, t0, eb_curve_get_a());
fb_add(t1, t1, t0);
break;
}
switch (eb_curve_opt_b()) {
case OPT_ZERO:
break;
case OPT_ONE:
fb_add_dig(t1, t1, 1);
break;
case OPT_DIGIT:
fb_add_dig(t1, t1, eb_curve_get_b()[0]);
break;
default:
fb_add(t1, t1, eb_curve_get_b());
break;
}
fb_copy(rhs, t1);
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(t0);
fb_free(t1);
}
}
/**
* Find non-zero bits for fast trace computation.
*
* @throw ERR_NO_MEMORY if there is no available memory.
* @throw ERR_NO_VALID if the polynomial is invalid.
*/
static void find_trace() {
fb_t t0, t1;
int counter;
ctx_t *ctx = core_get();
fb_null(t0);
fb_null(t1);
ctx->fb_ta = ctx->fb_tb = ctx->fb_tc = -1;
TRY {
fb_new(t0);
fb_new(t1);
counter = 0;
for (int i = 0; i < FB_BITS; i++) {
fb_zero(t0);
fb_set_bit(t0, i, 1);
fb_copy(t1, t0);
for (int j = 1; j < FB_BITS; j++) {
fb_sqr(t1, t1);
fb_add(t0, t0, t1);
}
if (!fb_is_zero(t0)) {
switch (counter) {
case 0:
ctx->fb_ta = i;
ctx->fb_tb = ctx->fb_tc = -1;
break;
case 1:
ctx->fb_tb = i;
ctx->fb_tc = -1;
break;
case 2:
ctx->fb_tc = i;
break;
default:
THROW(ERR_NO_VALID);
break;
}
counter++;
}
}
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(t0);
fb_free(t1);
}
}
/**
* Find non-zero bits for fast trace computation.
*
* @throw ERR_NO_MEMORY if there is no available memory.
* @throw ERR_INVALID if the polynomial is invalid.
*/
static void find_trace() {
fb_t t0, t1;
int i, j, counter;
fb_null(t0);
fb_null(t1);
trc_a = trc_b = trc_c = -1;
TRY {
fb_new(t0);
fb_new(t1);
counter = 0;
for (i = 0; i < FB_BITS; i++) {
fb_zero(t0);
fb_set_bit(t0, i, 1);
fb_copy(t1, t0);
for (j = 1; j < FB_BITS; j++) {
fb_sqr(t1, t1);
fb_add(t0, t0, t1);
}
if (!fb_is_zero(t0)) {
switch (counter) {
case 0:
trc_a = i;
trc_b = trc_c = -1;
break;
case 1:
trc_b = i;
trc_c = -1;
break;
case 2:
trc_c = i;
break;
default:
THROW(ERR_INVALID);
break;
}
counter++;
}
}
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(t0);
fb_free(t1);
}
}
void fb_poly_set_penta(int a, int b, int c) {
fb_t f;
ctx_t *ctx = core_get();
fb_null(f);
TRY {
fb_new(f);
ctx->fb_pa = a;
ctx->fb_pb = b;
ctx->fb_pc = c;
ctx->fb_na = ctx->fb_pa >> FB_DIG_LOG;
ctx->fb_nb = ctx->fb_pb >> FB_DIG_LOG;
ctx->fb_nc = ctx->fb_pc >> FB_DIG_LOG;
fb_zero(f);
fb_set_bit(f, FB_BITS, 1);
fb_set_bit(f, a, 1);
fb_set_bit(f, b, 1);
fb_set_bit(f, c, 1);
fb_set_bit(f, 0, 1);
fb_poly_set(f);
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(f);
}
}
void fb_poly_set_trino(int a) {
fb_t f;
ctx_t *ctx = core_get();
fb_null(f);
TRY {
ctx->fb_pa = a;
ctx->fb_pb = ctx->fb_pc = 0;
ctx->fb_na = ctx->fb_pa >> FB_DIG_LOG;
ctx->fb_nb = ctx->fb_nc = -1;
fb_new(f);
fb_zero(f);
fb_set_bit(f, FB_BITS, 1);
fb_set_bit(f, a, 1);
fb_set_bit(f, 0, 1);
fb_poly_set(f);
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(f);
}
}
/**
* Precomputes half-traces for z^i with odd i.
*
* @throw ERR_NO_MEMORY if there is no available memory.
*/
static void find_solve() {
int i, j, k, l;
fb_t t0;
fb_null(t0);
TRY {
fb_new(t0);
l = 0;
for (i = 0; i < FB_BITS; i += 8, l++) {
for (j = 0; j < 16; j++) {
fb_zero(t0);
for (k = 0; k < 4; k++) {
if (j & (1 << k)) {
fb_set_bit(t0, i + 2 * k + 1, 1);
}
}
fb_copy(fb_half[l][j], t0);
for (k = 0; k < (FB_BITS - 1) / 2; k++) {
fb_sqr(fb_half[l][j], fb_half[l][j]);
fb_sqr(fb_half[l][j], fb_half[l][j]);
fb_add(fb_half[l][j], fb_half[l][j], t0);
}
}
fb_rsh(fb_half[l][j], fb_half[l][j], 1);
}
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(t0);
}
}
void fb_poly_set_trino(int a) {
fb_t f;
fb_null(f);
TRY {
poly_a = a;
poly_b = poly_c = 0;
pos_a = poly_a >> FB_DIG_LOG;
pos_b = pos_c = -1;
fb_new(f);
fb_zero(f);
fb_set_bit(f, FB_BITS, 1);
fb_set_bit(f, a, 1);
fb_set_bit(f, 0, 1);
fb_poly_set(f);
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(f);
}
}
int eb_is_valid(const eb_t p) {
eb_t t;
fb_t lhs;
int r = 0;
eb_null(t);
fb_null(lhs);
TRY {
eb_new(t);
fb_new(lhs);
eb_norm(t, p);
fb_mul(lhs, t->x, t->y);
eb_rhs(t->x, t);
fb_sqr(t->y, t->y);
fb_add(lhs, lhs, t->y);
r = (fb_cmp(lhs, t->x) == CMP_EQ) || eb_is_infty(p);
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
eb_free(t);
fb_free(lhs);
}
return r;
}
void fb_poly_set_penta(int a, int b, int c) {
fb_t f;
fb_null(f);
TRY {
fb_new(f);
poly_a = a;
poly_b = b;
poly_c = c;
pos_a = poly_a >> FB_DIG_LOG;
pos_b = poly_b >> FB_DIG_LOG;
pos_c = poly_c >> FB_DIG_LOG;
fb_zero(f);
fb_set_bit(f, FB_BITS, 1);
fb_set_bit(f, a, 1);
fb_set_bit(f, b, 1);
fb_set_bit(f, c, 1);
fb_set_bit(f, 0, 1);
fb_poly_set(f);
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(f);
}
}
void fb_slv_basic(fb_t c, const fb_t a) {
int i;
fb_t t0;
fb_null(t0);
TRY {
fb_new(t0);
fb_copy(t0, a);
fb_copy(c, a);
for (i = 0; i < (FB_BITS - 1) / 2; i++) {
fb_sqr(c, c);
fb_sqr(c, c);
fb_add(c, c, t0);
}
fb_add_dig(c, c, fb_trc(c));
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(t0);
}
}
void eb_norm_sim(eb_t *r, const eb_t *t, int n) {
int i;
fb_t a[n];
if (n == 1) {
eb_norm(r[0], t[0]);
return;
}
for (i = 0; i < n; i++) {
fb_null(a[i]);
}
TRY {
for (i = 0; i < n; i++) {
fb_new(a[i]);
if (!eb_is_infty(t[i])) {
fb_copy(a[i], t[i]->z);
} else {
fb_set_dig(a[i], 1);
}
}
fb_inv_sim(a, (const fb_t *)a, n);
for (i = 0; i < n; i++) {
fb_copy(r[i]->x, t[i]->x);
fb_copy(r[i]->y, t[i]->y);
if (!eb_is_infty(t[i])) {
fb_copy(r[i]->z, a[i]);
}
}
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
for (i = 0; i < n; i++) {
fb_free(a[i]);
}
}
#if defined(EB_SUPER)
if (eb_curve_is_super()) {
for (i = 0; i < n; i++) {
eb_norm_super(r[i], r[i], 1);
}
}
#endif
#if defined(EB_ORDIN) || defined(EB_KBLTZ)
if (!eb_curve_is_super()) {
for (i = 0; i < n; i++) {
eb_norm_ordin(r[i], r[i], 1);
}
}
#endif
}
void fb_inv_sim(fb_t *c, fb_t *a, int n) {
int i;
fb_t u, t[n];
for (i = 0; i < n; i++) {
fb_null(t[i]);
}
fb_null(u);
TRY {
for (i = 0; i < n; i++) {
fb_new(t[i]);
}
fb_new(u);
fb_copy(c[0], a[0]);
fb_copy(t[0], a[0]);
for (i = 1; i < n; i++) {
fb_copy(t[i], a[i]);
fb_mul(c[i], c[i - 1], a[i]);
}
fb_inv(u, c[n - 1]);
for (i = n - 1; i > 0; i--) {
fb_mul(c[i], u, c[i - 1]);
fb_mul(u, u, t[i]);
}
fb_copy(c[0], u);
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
for (i = 0; i < n; i++) {
fb_free(t[i]);
}
fb_free(u);
}
}
void eb_curve_init(void) {
int i;
#ifdef EB_PRECO
for (i = 0; i < EB_TABLE; i++) {
pointer[i] = &(table[i]);
}
#endif
#if ALLOC == STATIC
fb_new(curve_g.x);
fb_new(curve_g.y);
fb_new(curve_g.z);
for (i = 0; i < EB_TABLE; i++) {
fb_new(table[i].x);
fb_new(table[i].y);
fb_new(table[i].z);
}
#endif
fb_zero(curve_g.x);
fb_zero(curve_g.y);
fb_zero(curve_g.z);
bn_init(&curve_r, FB_DIGS);
#if defined(EB_KBLTZ) && (EB_MUL == LWNAF || !defined(STRIP))
bn_init(&curve_vm, FB_DIGS);
bn_init(&curve_s0, FB_DIGS);
bn_init(&curve_s1, FB_DIGS);
#endif
}
void eb_curve_init(void) {
ctx_t *ctx = core_get();
#ifdef EB_PRECO
for (int i = 0; i < EB_TABLE; i++) {
ctx->eb_ptr[i] = &(ctx->eb_pre[i]);
}
#endif
#if ALLOC == STATIC
fb_new(ctx->eb_g.x);
fb_new(ctx->eb_g.y);
fb_new(ctx->eb_g.z);
for (int i = 0; i < EB_TABLE; i++) {
fb_new(ctx->eb_pre[i].x);
fb_new(ctx->eb_pre[i].y);
fb_new(ctx->eb_pre[i].z);
}
#endif
fb_zero(ctx->eb_g.x);
fb_zero(ctx->eb_g.y);
fb_zero(ctx->eb_g.z);
bn_init(&(ctx->eb_r), FB_DIGS);
bn_init(&(ctx->eb_h), FB_DIGS);
#if defined(EB_KBLTZ) && (EB_MUL == LWNAF || !defined(STRIP))
bn_init(&(ctx->eb_vm), FB_DIGS);
bn_init(&(ctx->eb_s0), FB_DIGS);
bn_init(&(ctx->eb_s1), FB_DIGS);
#endif
}
void fb2_mul_nor(fb2_t c, fb2_t a) {
fb_t t;
fb_null(t);
TRY {
fb_new(t);
fb_copy(t, a[1]);
fb_add(c[1], a[0], a[1]);
fb_copy(c[0], t);
} CATCH_ANY {
THROW(ERR_CAUGHT);
} FINALLY {
fb_free(t);
}
}
void fb_mul_basic(fb_t c, const fb_t a, const fb_t b) {
int i;
dv_t s;
fb_t t;
dv_null(s);
fb_null(t);
TRY {
/* We need a temporary variable so that c can be a or b. */
fb_new(t);
dv_new(s);
fb_zero(t);
dv_zero(s + FB_DIGS, FB_DIGS);
fb_copy(s, b);
if (a[0] & 1) {
fb_copy(t, b);
}
for (i = 1; i < FB_BITS; i++) {
/* We are already shifting a temporary value, so this is more efficient
* than calling fb_lsh(). */
s[FB_DIGS] = fb_lsh1_low(s, s);
fb_rdc(s, s);
if (fb_get_bit(a, i)) {
fb_add(t, t, s);
}
}
if (fb_bits(t) > FB_BITS) {
fb_poly_add(c, t);
} else {
fb_copy(c, t);
}
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(t);
fb_free(s);
}
}
void eb_neg_projc(eb_t r, const eb_t p) {
fb_t t;
fb_null(t);
if (eb_is_infty(p)) {
eb_set_infty(r);
return;
}
if (p->norm) {
if (r != p) {
fb_copy(r->x, p->x);
fb_copy(r->z, p->z);
}
fb_add(r->y, p->x, p->y);
r->norm = 1;
return;
}
TRY {
fb_new(t);
fb_mul(t, p->x, p->z);
fb_add(r->y, p->y, t);
if (r != p) {
fb_copy(r->z, p->z);
fb_copy(r->x, p->x);
}
r->norm = 0;
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(t);
}
}
void eb_neg_projc(eb_t r, const eb_t p) {
fb_t t;
fb_null(t);
if (eb_is_infty(p)) {
eb_set_infty(r);
return;
}
if (p->norm) {
if (r != p) {
fb_copy(r->x, p->x);
fb_copy(r->z, p->z);
}
#if defined(EB_SUPER)
if (eb_curve_is_super()) {
switch (eb_curve_opt_c()) {
case OPT_ZERO:
fb_copy(r->y, p->y);
break;
case OPT_ONE:
fb_add_dig(r->y, p->y, (dig_t)1);
break;
case OPT_DIGIT:
fb_add_dig(r->y, p->y, eb_curve_get_c()[0]);
break;
default:
fb_add(r->y, p->y, eb_curve_get_c());
break;
}
r->norm = 1;
return;
}
#endif
fb_add(r->y, p->x, p->y);
r->norm = 1;
return;
}
#if defined(EB_SUPER)
if (eb_curve_is_super()) {
fb_add(r->y, p->y, p->z);
fb_copy(r->z, p->z);
fb_copy(r->x, p->x);
r->norm = 0;
return;
}
#endif
TRY {
fb_new(t);
fb_mul(t, p->x, p->z);
fb_add(r->y, p->y, t);
if (r != p) {
fb_copy(r->z, p->z);
fb_copy(r->x, p->x);
}
r->norm = 0;
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(t);
}
}
/**
* Doubles a point represented in projective coordinates on an ordinary binary
* elliptic curve.
*
* @param[out] r - the result.
* @param[in] p - the point to double.
*/
static void eb_dbl_projc_imp(eb_t r, const eb_t p) {
fb_t t0, t1;
fb_null(t0);
fb_null(t1);
TRY {
fb_new(t0);
fb_new(t1);
/* t0 = B = x1^2. */
fb_sqr(t0, p->x);
/* C = B + y1. */
fb_add(r->y, t0, p->y);
if (!p->norm) {
/* A = x1 * z1. */
fb_mul(t1, p->x, p->z);
/* z3 = A^2. */
fb_sqr(r->z, t1);
} else {
/* if z1 = 1, A = x1. */
fb_copy(t1, p->x);
/* if z1 = 1, z3 = x1^2. */
fb_copy(r->z, t0);
}
/* t1 = D = A * C. */
fb_mul(t1, t1, r->y);
/* C^2 + D. */
fb_sqr(r->y, r->y);
fb_add(r->x, t1, r->y);
/* C^2 + D + a2 * z3. */
switch (eb_curve_opt_a()) {
case OPT_ZERO:
break;
case OPT_ONE:
fb_add(r->x, r->z, r->x);
break;
case OPT_DIGIT:
fb_mul_dig(r->y, r->z, eb_curve_get_a()[0]);
fb_add(r->x, r->y, r->x);
break;
default:
fb_mul(r->y, r->z, eb_curve_get_a());
fb_add(r->x, r->y, r->x);
break;
}
/* t1 = (D + z3). */
fb_add(t1, t1, r->z);
/* t0 = B^2. */
fb_sqr(t0, t0);
/* t0 = B^2 * z3. */
fb_mul(t0, t0, r->z);
/* y3 = (D + z3) * r3 + B^2 * z3. */
fb_mul(r->y, t1, r->x);
fb_add(r->y, r->y, t0);
r->norm = 0;
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(t0);
fb_free(t1);
}
}
static void openFramebuffer(void)
{
fb= fb_new();
fb_open(fb, kb, fbDev);
}
struct gui_t *gui_init(int angle)
{
struct gui_t *gui;
FB *fb;
gui = malloc(sizeof(*gui));
if (NULL == gui) {
DPRINTF("Can't allocate memory for GUI structure");
return NULL;
}
/* init framebuffer */
fb = fb_new(angle);
if (NULL == fb) {
log_msg(lg, "Can't initialize framebuffer");
free(gui);
return NULL;
}
gui->fb = fb;
/* Tune GUI size */
#ifdef USE_FBUI_WIDTH
if (fb->width > USE_FBUI_WIDTH)
gui->width = USE_FBUI_WIDTH;
else
#endif
gui->width = fb->width;
#ifdef USE_FBUI_HEIGHT
if (fb->height > USE_FBUI_HEIGHT)
gui->height = USE_FBUI_HEIGHT;
else
#endif
gui->height = fb->height;
gui->x = (fb->width - gui->width)/2;
gui->y = (fb->height - gui->height)/2;
#ifdef USE_ICONS
/* Parse compiled images.
* We don't care about result because drawing code is aware
*/
int bpp;
bpp = fb->bpp;
gui->icons = malloc(sizeof(*(gui->icons)) * ICON_ARRAY_SIZE);
gui->icons[ICON_LOGO] = xpm_parse_image(logo_xpm, ROWS(logo_xpm), bpp);
gui->icons[ICON_STORAGE] = xpm_parse_image(storage_xpm, ROWS(storage_xpm), bpp);
gui->icons[ICON_MMC] = xpm_parse_image(mmc_xpm, ROWS(mmc_xpm), bpp);
gui->icons[ICON_MEMORY] = xpm_parse_image(memory_xpm, ROWS(memory_xpm), bpp);
gui->icons[ICON_SYSTEM] = xpm_parse_image(system_xpm, ROWS(system_xpm), bpp);
gui->icons[ICON_BACK] = xpm_parse_image(back_xpm, ROWS(back_xpm), bpp);
gui->icons[ICON_RESCAN] = xpm_parse_image(rescan_xpm, ROWS(rescan_xpm), bpp);
gui->icons[ICON_DEBUG] = xpm_parse_image(debug_xpm, ROWS(debug_xpm), bpp);
gui->icons[ICON_REBOOT] = xpm_parse_image(reboot_xpm, ROWS(reboot_xpm), bpp);
gui->icons[ICON_SHUTDOWN] = xpm_parse_image(shutdown_xpm, ROWS(shutdown_xpm), bpp);
gui->icons[ICON_EXIT] = xpm_parse_image(exit_xpm, ROWS(exit_xpm), bpp);
#endif
#ifdef USE_BG_BUFFER
/* Pre-draw background and store it in special buffer */
draw_background_low(gui);
gui->bg_buffer = fb_dump(fb);
#endif
return gui;
}
void eb_param_set(int param) {
int super = 0;
int ordin = 0;
int kbltz = 0;
char str[2 * FB_BYTES + 1];
fb_t a, b, c;
eb_t g;
bn_t r;
bn_t h;
fb_null(a);
fb_null(b);
fb_null(c);
eb_null(g);
bn_null(r);
bn_null(h);
TRY {
fb_new(a);
fb_new(b);
fb_new(c);
eb_new(g);
bn_new(r);
bn_new(h);
core_get()->eb_id = 0;
switch (param) {
#if defined(EB_ORDIN) && FB_POLYN == 163
case NIST_B163:
ASSIGN(NIST_B163, NIST_163);
ordin = 1;
break;
#endif
#if defined(EB_KBLTZ) && FB_POLYN == 163
case NIST_K163:
ASSIGN(NIST_K163, NIST_163);
kbltz = 1;
break;
#endif
#if defined(EB_ORDIN) && FB_POLYN == 233
case NIST_B233:
ASSIGN(NIST_B233, NIST_233);
ordin = 1;
break;
#endif
#if defined(EB_KBLTZ) && FB_POLYN == 233
case NIST_K233:
ASSIGN(NIST_K233, NIST_233);
kbltz = 1;
break;
#endif
#if defined(EB_ORDIN) && FB_POLYN == 251
case EBACS_B251:
ASSIGN(EBACS_B251, PENTA_251);
ordin = 1;
break;
#endif
#if defined(EB_ORDIN) && FB_POLYN == 257
case HALVE_B257:
ASSIGN(HALVE_B257, TRINO_257);
ordin = 1;
break;
#endif
#if defined(EB_ORDIN) && FB_POLYN == 283
case NIST_B283:
ASSIGN(NIST_B283, NIST_283);
ordin = 1;
break;
#endif
#if defined(EB_KBLTZ) && FB_POLYN == 283
case NIST_K283:
ASSIGN(NIST_K283, NIST_283);
kbltz = 1;
break;
#endif
#if defined(EB_KBLTZ) && FB_POLYN == 239
case SECG_K239:
ASSIGN(SECG_K239, SECG_239);
kbltz = 1;
break;
#endif
#if defined(EB_ORDIN) && FB_POLYN == 409
case NIST_B409:
ASSIGN(NIST_B409, NIST_409);
ordin = 1;
break;
#endif
#if defined(EB_KBLTZ) && FB_POLYN == 409
case NIST_K409:
ASSIGN(NIST_K409, NIST_409);
kbltz = 1;
break;
#endif
#if defined(EB_ORDIN) && FB_POLYN == 571
case NIST_B571:
ASSIGN(NIST_B571, NIST_571);
ordin = 1;
break;
#endif
#if defined(EB_KBLTZ) && FB_POLYN == 571
case NIST_K571:
ASSIGN(NIST_K571, NIST_571);
kbltz = 1;
break;
#endif
#if defined(EB_SUPER) && FB_POLYN == 271
case ETAT_P271:
ASSIGNS(ETAT_P271, PENTA_271);
super = 1;
break;
case ETAT_T271:
ASSIGNS(ETAT_T271, TRINO_271);
super = 1;
break;
#endif
#if defined(EB_SUPER) && FB_POLYN == 353
case ETAT_S353:
ASSIGNS(ETAT_S353, TRINO_353);
super = 1;
break;
#endif
#if defined(EB_SUPER) && FB_POLYN == 1223
case ETAT_S1223:
ASSIGNS(ETAT_S1223, TRINO_1223);
super = 1;
break;
#endif
default:
(void)str;
THROW(ERR_NO_VALID);
break;
}
/* Do not generate warnings. */
(void)kbltz;
(void)ordin;
(void)super;
(void)c;
fb_zero(g->z);
fb_set_bit(g->z, 0, 1);
g->norm = 1;
#if defined(EB_ORDIN)
if (ordin) {
eb_curve_set_ordin(a, b, g, r, h);
core_get()->eb_id = param;
}
#endif
#if defined(EB_KBLTZ)
if (kbltz) {
eb_curve_set_kbltz(a, g, r, h);
core_get()->eb_id = param;
}
#elif defined(EB_ORDIN)
if (kbltz) {
eb_curve_set_ordin(a, b, g, r, h);
core_get()->eb_id = param;
}
#endif
#if defined(EB_SUPER)
if (super) {
eb_curve_set_super(a, b, c, g, r, h);
core_get()->eb_id = param;
}
#endif
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(a);
fb_free(b);
fb_free(c);
eb_free(g);
bn_free(r);
bn_free(h);
}
}
void eb_param_set(int param) {
char str[2 * FB_BYTES + 1];
fb_t a, b;
eb_t g;
bn_t r;
bn_t h;
fb_null(a);
fb_null(b);
eb_null(g);
bn_null(r);
bn_null(h);
TRY {
fb_new(a);
fb_new(b);
eb_new(g);
bn_new(r);
bn_new(h);
core_get()->eb_id = 0;
switch (param) {
#if defined(EB_PLAIN) && FB_POLYN == 163
case NIST_B163:
ASSIGN(NIST_B163, NIST_163);
break;
#endif
#if defined(EB_KBLTZ) && FB_POLYN == 163
case NIST_K163:
ASSIGN(NIST_K163, NIST_163);
break;
#endif
#if defined(EB_PLAIN) && FB_POLYN == 233
case NIST_B233:
ASSIGN(NIST_B233, NIST_233);
break;
#endif
#if defined(EB_KBLTZ) && FB_POLYN == 233
case NIST_K233:
ASSIGN(NIST_K233, NIST_233);
break;
#endif
#if defined(EB_KBLTZ) && FB_POLYN == 239
case SECG_K239:
ASSIGN(SECG_K239, SECG_239);
break;
#endif
#if defined(EB_PLAIN) && FB_POLYN == 251
case EBACS_B251:
ASSIGN(EBACS_B251, PENTA_251);
break;
#endif
#if defined(EB_PLAIN) && FB_POLYN == 257
case HALVE_B257:
ASSIGN(HALVE_B257, TRINO_257);
break;
#endif
#if defined(EB_PLAIN) && FB_POLYN == 283
case NIST_B283:
ASSIGN(NIST_B283, NIST_283);
break;
#endif
#if defined(EB_KBLTZ) && FB_POLYN == 283
case NIST_K283:
ASSIGN(NIST_K283, NIST_283);
break;
#endif
#if defined(EB_PLAIN) && FB_POLYN == 409
case NIST_B409:
ASSIGN(NIST_B409, NIST_409);
break;
#endif
#if defined(EB_KBLTZ) && FB_POLYN == 409
case NIST_K409:
ASSIGN(NIST_K409, NIST_409);
break;
#endif
#if defined(EB_PLAIN) && FB_POLYN == 571
case NIST_B571:
ASSIGN(NIST_B571, NIST_571);
break;
#endif
#if defined(EB_KBLTZ) && FB_POLYN == 571
case NIST_K571:
ASSIGN(NIST_K571, NIST_571);
break;
#endif
default:
(void)str;
THROW(ERR_NO_VALID);
break;
}
fb_zero(g->z);
fb_set_bit(g->z, 0, 1);
g->norm = 1;
eb_curve_set(a, b, g, r, h);
core_get()->eb_id = param;
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(a);
fb_free(b);
eb_free(g);
bn_free(r);
bn_free(h);
}
}
/**
* Doubles a point represented in affine coordinates on an ordinary binary
* elliptic curve.
*
* @param[out] r - the result.
* @param[in] p - the point to double.
*/
static void eb_dbl_basic_imp(eb_t r, const eb_t p) {
fb_t t0, t1, t2;
fb_null(t0);
fb_null(t1);
fb_null(t2);
TRY {
fb_new(t0);
fb_new(t1);
fb_new(t2);
/* t0 = 1/x1. */
fb_inv(t0, p->x);
/* t0 = y1/x1. */
fb_mul(t0, t0, p->y);
/* t0 = lambda = x1 + y1/x1. */
fb_add(t0, t0, p->x);
/* t1 = lambda^2. */
fb_sqr(t1, t0);
/* t2 = lambda^2 + lambda. */
fb_add(t2, t1, t0);
/* t2 = lambda^2 + lambda + a2. */
switch (eb_curve_opt_a()) {
case OPT_ZERO:
break;
case OPT_ONE:
fb_add_dig(t2, t2, (dig_t)1);
break;
case OPT_DIGIT:
fb_add_dig(t2, t2, eb_curve_get_a()[0]);
break;
default:
fb_add(t2, t2, eb_curve_get_a());
break;
}
/* t1 = x1 + x3. */
fb_add(t1, t2, p->x);
/* t1 = lambda * (x1 + x3). */
fb_mul(t1, t0, t1);
fb_copy(r->x, t2);
/* y3 = lambda * (x1 + x3) + x3 + y1. */
fb_add(t1, t1, r->x);
fb_add(r->y, t1, p->y);
fb_copy(r->z, p->z);
r->norm = 1;
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(t0);
fb_free(t1);
fb_free(t2);
}
}
/**
* Adds two points represented in projective coordinates on an ordinary binary
* elliptic curve.
*
* @param r - the result.
* @param p - the first point to add.
* @param q - the second point to add.
*/
static void eb_add_projc_ordin(eb_t r, eb_t p, eb_t q) {
#if defined(EB_MIXED) && defined(STRIP)
eb_add_projc_ordin_mix(r, p, q);
#else /* General addition. */
fb_t t0, t1, t2, t3, t4, t5, t6, t7;
fb_null(t0);
fb_null(t1);
fb_null(t2);
fb_null(t3);
fb_null(t4);
fb_null(t5);
fb_null(t6);
fb_null(t7);
TRY {
fb_new(t0);
fb_new(t1);
fb_new(t2);
fb_new(t3);
fb_new(t4);
fb_new(t5);
fb_new(t6);
fb_new(t7);
if (q->norm) {
eb_add_projc_ordin_mix(r, p, q);
} else {
/* t0 = B = x2 * z1. */
fb_mul(t0, q->x, p->z);
/* A = x1 * z2 */
fb_mul(t1, p->x, q->z);
/* t2 = E = A + B. */
fb_add(t2, t1, t0);
/* t3 = D = B^2. */
fb_sqr(t3, t0);
/* t4 = C = A^2. */
fb_sqr(t4, t1);
/* t5 = F = C + D. */
fb_add(t5, t3, t4);
/* t6 = H = y2 * z1^2. */
fb_sqr(t6, p->z);
fb_mul(t6, t6, q->y);
/* t7 = G = y1 * z2^2. */
fb_sqr(t7, q->z);
fb_mul(t7, t7, p->y);
/* t3 = D + H. */
fb_add(t3, t3, t6);
/* t4 = C + G. */
fb_add(t4, t4, t7);
/* t6 = I = G + H. */
fb_add(t6, t7, t6);
/* If E is zero. */
if (fb_is_zero(t2)) {
if (fb_is_zero(t6)) {
/* If I is zero, p = q, should have doubled. */
eb_dbl_projc(r, p);
} else {
/* If I is not zero, q = -p, r = infinity. */
eb_set_infty(r);
}
} else {
/* t6 = J = I * E. */
fb_mul(t6, t6, t2);
/* z3 = F * z1 * z2. */
fb_mul(r->z, p->z, q->z);
fb_mul(r->z, t5, r->z);
/* t4 = B * (C + G). */
fb_mul(t4, t0, t4);
/* t2 = A * J. */
fb_mul(t2, t1, t6);
/* x3 = A * (D + H) + B * (C + G). */
fb_mul(r->x, t1, t3);
fb_add(r->x, r->x, t4);
/* t7 = F * G. */
fb_mul(t7, t7, t5);
/* Y3 = (A * J + F * G) * F + (J + z3) * x3. */
fb_add(r->y, t2, t7);
fb_mul(r->y, r->y, t5);
/* t7 = (J + z3) * x3. */
fb_add(t7, t6, r->z);
fb_mul(t7, t7, r->x);
fb_add(r->y, r->y, t7);
}
}
r->norm = 0;
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(t0);
fb_free(t1);
fb_free(t2);
fb_free(t3);
fb_free(t4);
fb_free(t5);
fb_free(t6);
fb_free(t7);
}
#endif
}
/**
* Adds a point represented in affine coordinates to a point represented in
* projective coordinates.
*
* @param r - the result.
* @param p - the affine point.
* @param q - the projective point.
*/
static void eb_add_projc_ordin_mix(eb_t r, eb_t p, eb_t q) {
fb_t t0, t1, t2, t3, t4, t5;
fb_null(t0);
fb_null(t1);
fb_null(t2);
fb_null(t3);
fb_null(t4);
fb_null(t5);
TRY {
fb_new(t0);
fb_new(t1);
fb_new(t2);
fb_new(t3);
fb_new(t4);
fb_new(t5);
if (!p->norm) {
/* A = y1 + y2 * z1^2. */
fb_sqr(t0, p->z);
fb_mul(t0, t0, q->y);
fb_add(t0, t0, p->y);
/* B = x1 + x2 * z1. */
fb_mul(t1, p->z, q->x);
fb_add(t1, t1, p->x);
} else {
/* t0 = A = y1 + y2. */
fb_add(t0, p->y, q->y);
/* t1 = B = x1 + x2. */
fb_add(t1, p->x, q->x);
}
if (fb_is_zero(t1)) {
if (fb_is_zero(t0)) {
/* If t0 = 0 and t1 = 0, p = q, should have doubled! */
eb_dbl_projc(r, p);
} else {
/* If t0 = 0, r is infinity. */
eb_set_infty(r);
}
} else {
if (!p->norm) {
/* t2 = C = B * z1. */
fb_mul(t2, p->z, t1);
/* z3 = C^2. */
fb_sqr(r->z, t2);
/* t1 = B^2. */
fb_sqr(t1, t1);
/* t1 = A + B^2. */
fb_add(t1, t0, t1);
} else {
/* If z1 = 0, t2 = C = B. */
fb_copy(t2, t1);
/* z3 = B^2. */
fb_sqr(r->z, t1);
/* t1 = A + z3. */
fb_add(t1, t0, r->z);
}
/* t3 = D = x2 * z3. */
fb_mul(t3, r->z, q->x);
/* t4 = (y2 + x2). */
fb_add(t4, q->x, q->y);
/* z3 = A^2. */
fb_sqr(r->x, t0);
/* t1 = A + B^2 + a2 * C. */
switch (eb_curve_opt_a()) {
case OPT_ZERO:
break;
case OPT_ONE:
fb_add(t1, t1, t2);
break;
case OPT_DIGIT:
/* t5 = a2 * C. */
fb_mul_dig(t5, t2, eb_curve_get_a()[0]);
fb_add(t1, t1, t5);
break;
default:
/* t5 = a2 * C. */
fb_mul(t5, eb_curve_get_a(), t2);
fb_add(t1, t1, t5);
break;
}
/* t1 = C * (A + B^2 + a2 * C). */
fb_mul(t1, t1, t2);
/* x3 = A^2 + C * (A + B^2 + a2 * C). */
fb_add(r->x, r->x, t1);
/* t3 = D + x3. */
fb_add(t3, t3, r->x);
/* t2 = A * B. */
fb_mul(t2, t0, t2);
/* y3 = (D + x3) * (A * B + z3). */
fb_add(r->y, t2, r->z);
fb_mul(r->y, r->y, t3);
/* t0 = z3^2. */
fb_sqr(t0, r->z);
/* t0 = (y2 + x2) * z3^2. */
fb_mul(t0, t0, t4);
/* y3 = (D + x3) * (A * B + z3) + (y2 + x2) * z3^2. */
fb_add(r->y, r->y, t0);
}
r->norm = 0;
}
CATCH_ANY {
THROW(ERR_CAUGHT);
}
FINALLY {
fb_free(t0);
fb_free(t1);
fb_free(t2);
fb_free(t3);
fb_free(t4);
fb_free(t5);
}
}
