#include "curveParams.h"
#include "giantIntegers.h"
#include "elliptic.h"
#include "ellipticProj.h"
#include "platform.h"
#include "falloc.h"
#include "feeDebug.h"
#include <stdlib.h>
typedef unsigned short arrayDigit;
static giant arrayToGiant(const arrayDigit *array);
typedef struct {
feePrimeType primeType;
feeCurveType curveType;
unsigned q;
int k;
const arrayDigit *basePrime; arrayDigit m; const arrayDigit *a;
const arrayDigit *b;
const arrayDigit *c;
const arrayDigit *x1Plus;
const arrayDigit *y1Plus; const arrayDigit *x1Minus; const arrayDigit *cOrderPlus;
const arrayDigit *cOrderMinus; const arrayDigit *x1OrderPlus;
const arrayDigit *x1OrderMinus; const arrayDigit *x1OrderPlusRecip;
const arrayDigit *lesserX1OrderRecip;
} curveParamsStatic;
static const arrayDigit ga_666[] = {1, 666 }; static const arrayDigit ga_zero[] = {1, 0 }; static const arrayDigit ga_one[] = {1, 1 };
#if FEE_PROTOTYPE_CURVES
#include "curveParamDataOld.h"
#else
#include "curveParamData.h"
#endif
#if FEE_PROTOTYPE_CURVES
static curveParamsStatic curveParamsArray[] = {
{ FPT_Mersenne,
FCT_Weierstrass,
31, 1, NULL, 1, ga_w31_1_a, ga_one, ga_zero, ga_w31_1_x1Plus,
NULL, ga_w31_1_x1Minus,
ga_w31_1_plusOrder,
ga_w31_1_minusOrder,
ga_w31_1_x1OrderPlus,
ga_w31_1_x1OrderMinus,
ga_w31_1_x1OrderPlusRecip,
ga_w31_1_lesserX1OrderRecip
},
{ FPT_Mersenne,
FCT_Montgomery,
31, 1, NULL,
1, ga_one, ga_zero, ga_666, ga_m31_1_x1Plus,
NULL, ga_m31_1_x1Minus,
ga_m31_1_plusOrder,
ga_m31_1_minusOrder,
ga_m31_1_x1OrderPlus,
ga_m31_1_x1OrderMinus,
ga_m31_1_x1OrderPlusRecip,
ga_m31_1_lesserX1OrderRecip
},
{ FPT_Mersenne,
FCT_Weierstrass,
31, 1, NULL,
1, ga_31_1P_a, ga_31_1P_b, ga_zero, ga_31_1P_x1Plus,
NULL, ga_31_1P_x1Minus,
ga_31_1P_plusOrder,
ga_31_1P_minusOrder,
ga_31_1P_x1OrderPlus,
ga_31_1P_x1OrderMinus,
ga_31_1P_x1OrderPlusRecip,
NULL
},
{ FPT_FEE,
FCT_Weierstrass,
40, 213, NULL,
1, ga_40_213_a, ga_40_213_b, ga_zero, ga_40_213_x1Plus,
NULL, ga_40_213_x1Minus,
ga_40_213_plusOrder,
ga_40_213_minusOrder,
ga_40_213_x1OrderPlus,
ga_40_213_x1OrderMinus,
ga_40_213_x1OrderPlusRecip,
ga_40_213_lesserX1OrderRecip
},
{ FPT_Mersenne,
FCT_Montgomery,
127, 1,
NULL,
1, ga_one, ga_zero, ga_666, ga_127_1_x1Plus,
NULL, ga_127_1_x1Minus,
ga_127_1_plusOrder,
ga_127_1_minusOrder,
ga_127_1_x1OrderPlus,
ga_127_1_x1OrderMinus,
ga_127_1_x1OrderPlusRecip,
ga_127_1_lesserX1OrderRecip
},
{ FPT_Mersenne,
FCT_Weierstrass,
127, 1, NULL,
1, ga_666, ga_one, ga_zero, ga_127_1W_x1Plus,
NULL, ga_127_1W_x1Minus,
ga_127_1W_plusOrder,
ga_127_1W_minusOrder,
ga_127_1W_x1OrderPlus,
ga_127_1W_x1OrderMinus,
ga_127_1W_x1OrderPlusRecip,
NULL
},
{ FPT_FEE,
FCT_Weierstrass, 160, 57,
NULL,
1, ga_zero, ga_160_57_b, ga_zero, ga_160_57_x1Plus,
NULL, ga_160_57_x1Minus,
ga_160_57_plusOrder,
ga_160_57_minusOrder,
ga_160_57_x1OrderPlus,
ga_160_57_x1OrderMinus,
ga_160_57_x1OrderPlusRecip,
NULL },
{ FPT_FEE,
FCT_Weierstrass, 192, 1425,
NULL,
1, ga_zero, ga_192_1425_b, ga_zero, ga_192_1425_x1Plus,
NULL, ga_192_1425_x1Minus,
ga_192_1425_plusOrder,
ga_192_1425_minusOrder,
ga_192_1425_x1OrderPlus,
ga_192_1425_x1OrderMinus,
ga_192_1425_x1OrderPlusRecip,
NULL
},
{ FPT_FEE,
FCT_Weierstrass,
192, -529891,
NULL,
1, ga_192_M529891_a, ga_192_M529891_b, ga_zero, ga_192_M529891_x1Plus,
NULL, ga_192_M529891_x1Minus,
ga_192_M529891_plusOrder,
ga_192_M529891_minusOrder,
ga_192_M529891_x1OrderPlus,
ga_192_M529891_x1OrderMinus,
ga_192_M529891_x1OrderPlusRecip,
ga_192_M529891_lesserX1OrderRecip
},
{ FPT_General,
FCT_General,
127, 0,
ga_127_1_bp, 1, ga_one, ga_zero, ga_666, ga_127_1_x1Plus,
NULL, ga_127_1_x1Minus,
ga_127_1_plusOrder,
ga_127_1_minusOrder,
ga_127_1_x1OrderPlus,
ga_127_1_x1OrderMinus,
ga_127_1_x1OrderPlusRecip,
ga_127_1_lesserX1OrderRecip
},
{ FPT_General,
FCT_Weierstrass,
160, 0, ga_160_57_bp, 1, ga_zero, ga_160_57_b, ga_zero,
ga_160_57_x1Plus,
NULL, ga_160_57_x1Minus,
ga_160_57_plusOrder,
ga_160_57_minusOrder,
ga_160_57_x1OrderPlus,
ga_160_57_x1OrderMinus,
ga_160_57_x1OrderPlusRecip,
NULL },
{ FPT_General,
FCT_Weierstrass,
161, 0, ga_161_gen_bp, 1, ga_161_gen_a, ga_161_gen_b, ga_zero, ga_161_gen_x1Plus,
NULL, ga_161_gen_x1Minus,
ga_161_gen_plusOrder,
ga_161_gen_minusOrder,
ga_161_gen_x1OrderPlus,
ga_161_gen_x1OrderMinus,
ga_161_gen_x1OrderPlusRecip,
NULL },
};
#else
static const curveParamsStatic curveParamsArray[] = {
{
FPT_Mersenne,
FCT_Montgomery,
31, 1, NULL, 1, ga_one, ga_zero, ga_666, ga_31m_x1Plus,
NULL, ga_31m_x1Minus,
ga_31m_plusOrder,
ga_31m_minusOrder,
ga_31m_x1OrderPlus,
ga_31m_x1OrderMinus,
ga_31m_x1OrderPlusRecip,
ga_31m_lesserX1OrderRecip
},
{
FPT_Mersenne,
FCT_Weierstrass,
31, 1, NULL, 1, ga_31w_a,
ga_31w_b,
ga_zero, ga_31w_x1Plus,
NULL, ga_31w_x1Minus,
ga_31w_plusOrder,
ga_31w_minusOrder,
ga_31w_x1OrderPlus,
ga_31w_x1OrderMinus,
ga_31w_x1OrderPlusRecip,
NULL },
{
FPT_Mersenne,
FCT_Montgomery,
127, 1, NULL, 1, ga_one,
ga_zero,
ga_666,
ga_127m_x1Plus,
NULL, ga_127m_x1Minus,
ga_127m_plusOrder,
ga_127m_minusOrder,
ga_127m_x1OrderPlus,
ga_127m_x1OrderMinus,
ga_127m_x1OrderPlusRecip,
ga_127m_lesserX1OrderRecip
},
{
FPT_FEE,
FCT_Weierstrass,
127, -57675, NULL, 1, ga_128w_a,
ga_128w_b,
ga_zero,
ga_128w_x1Plus,
NULL, ga_128w_x1Minus,
ga_128w_plusOrder,
ga_128w_minusOrder,
ga_128w_x1OrderPlus,
ga_128w_x1OrderMinus,
ga_128w_x1OrderPlusRecip,
ga_128w_lesserX1OrderRecip },
{
FPT_FEE,
FCT_Weierstrass,
160, -5875, NULL, 1, ga_161w_a,
ga_161w_b,
ga_zero,
ga_161w_x1Plus,
NULL, ga_161w_x1Minus,
ga_161w_plusOrder,
ga_161w_minusOrder,
ga_161w_x1OrderPlus,
ga_161w_x1OrderMinus,
ga_161w_x1OrderPlusRecip,
ga_161w_lesserX1OrderRecip
},
{
FPT_General,
FCT_Weierstrass,
161, 0, ga_161_gen_bp, 1, ga_161_gen_a,
ga_161_gen_b,
ga_zero,
ga_161_gen_x1Plus,
NULL, ga_161_gen_x1Minus,
ga_161_gen_plusOrder,
ga_161_gen_minusOrder,
ga_161_gen_x1OrderPlus,
ga_161_gen_x1OrderMinus,
ga_161_gen_x1OrderPlusRecip,
NULL },
{
FPT_General,
FCT_Weierstrass,
192, 0, ga_192_gen_bp, 1, ga_192_gen_a,
ga_192_gen_b,
ga_zero,
ga_192_gen_x1Plus,
NULL, ga_192_gen_x1Minus,
ga_192_gen_plusOrder,
ga_192_gen_minusOrder,
ga_192_gen_x1OrderPlus,
ga_192_gen_x1OrderMinus,
ga_192_gen_x1OrderPlusRecip,
ga_192_gen_lesserX1OrderRecip
},
{
FPT_General,
FCT_Weierstrass,
192, 0, ga_192_secp_bp, 1, ga_192_secp_a,
ga_192_secp_b,
ga_zero,
ga_192_secp_x1Plus,
ga_192_secp_y1Plus,
NULL, ga_192_secp_plusOrder,
NULL, ga_192_secp_x1OrderPlus,
NULL, ga_192_secp_x1OrderPlusRecip,
},
{
FPT_General,
FCT_Weierstrass,
256, 0, ga_256_secp_bp, 1, ga_256_secp_a,
ga_256_secp_b,
ga_zero,
ga_256_secp_x1Plus,
ga_256_secp_y1Plus,
NULL,
ga_256_secp_plusOrder,
NULL,
ga_256_secp_x1OrderPlus,
NULL,
ga_256_secp_x1OrderPlusRecip,
NULL
},
{
FPT_General,
FCT_Weierstrass,
384, 0, ga_384_secp_bp, 1, ga_384_secp_a,
ga_384_secp_b,
ga_zero,
ga_384_secp_x1Plus,
ga_384_secp_y1Plus,
NULL,
ga_384_secp_plusOrder,
NULL,
ga_384_secp_x1OrderPlus,
NULL,
ga_384_secp_x1OrderPlusRecip,
NULL
},
{
FPT_General,
FCT_Weierstrass,
521, 0,
ga_521_secp_bp, 1, ga_521_secp_a,
ga_521_secp_b,
ga_zero,
ga_521_secp_x1Plus,
ga_521_secp_y1Plus,
NULL,
ga_521_secp_plusOrder,
NULL,
ga_521_secp_x1OrderPlus,
NULL,
ga_521_secp_x1OrderPlusRecip,
NULL
}
};
#endif
static giant arrayToGiant(const arrayDigit *array)
{
unsigned numBytes; int numDigits; giant result;
giantDigit digit;
unsigned char byte;
unsigned i;
unsigned digitDex; unsigned digitByte; const arrayDigit *ap; short sign;
if(array == NULL) {
CKRaise("arrayToGiant: NULL array");
}
sign = (short)array[0];
numBytes = abs(sign) * sizeof(unsigned short);
numDigits = BYTES_TO_GIANT_DIGITS(numBytes);
result = (giant) fmalloc(sizeof(giantstruct) +
((numDigits - 1) * GIANT_BYTES_PER_DIGIT));
result->capacity = numDigits;
ap = array + 1;
digit = 0;
digitDex = 0;
for(i=0; i<numBytes;) {
for(digitByte=0; digitByte<GIANT_BYTES_PER_DIGIT; digitByte++) {
if(i & 1) {
byte = (unsigned char)(*ap++ >> 8);
}
else {
byte = (unsigned char)(*ap);
}
digit |= (byte << (8 * digitByte));
if(++i == numBytes) {
break;
}
}
result->n[digitDex++] = digit;
digit = 0;
};
if(sign < 0) {
result->sign = -numDigits;
}
else {
result->sign = numDigits;
}
gtrimSign(result);
return result;
}
curveParams *newCurveParams(void)
{
curveParams *params = (curveParams*) fmalloc(sizeof(curveParams));
bzero(params, sizeof(curveParams));
return params;
}
void allocRecipGiants(curveParams *cp)
{
cp->lesserX1OrderRecip = newGiant(cp->maxDigits);
cp->x1OrderPlusRecip = newGiant(cp->maxDigits);
int_to_giant(0, cp->lesserX1OrderRecip);
int_to_giant(0, cp->x1OrderPlusRecip);
}
curveParams *curveParamsForDepth(feeDepth depth)
{
curveParams *cp;
const curveParamsStatic *cps = &curveParamsArray[depth];
if(depth > FEE_DEPTH_MAX) {
return NULL;
}
#if GIANTS_VIA_STACK
curveParamsInitGiants();
#endif
cp = newCurveParams();
cp->primeType = cps->primeType;
cp->curveType = cps->curveType;
cp->q = cps->q;
cp->k = cps->k;
cp->m = cps->m;
if(cp->primeType == FPT_General) {
cp->basePrime = arrayToGiant(cps->basePrime);
}
cp->a = arrayToGiant(cps->a);
cp->b = arrayToGiant(cps->b);
cp->c = arrayToGiant(cps->c);
cp->x1Plus = arrayToGiant(cps->x1Plus);
if(cps->y1Plus) {
cp->y1Plus = arrayToGiant(cps->y1Plus);
}
if(cps->x1Minus) {
cp->x1Minus = arrayToGiant(cps->x1Minus);
}
cp->cOrderPlus = arrayToGiant(cps->cOrderPlus);
if(cps->cOrderMinus) {
cp->cOrderMinus = arrayToGiant(cps->cOrderMinus);
}
cp->x1OrderPlus = arrayToGiant(cps->x1OrderPlus);
if(cps->x1OrderMinus) {
cp->x1OrderMinus = arrayToGiant(cps->x1OrderMinus);
}
cp->x1OrderPlusRecip = arrayToGiant(cps->x1OrderPlusRecip);
if(cps->lesserX1OrderRecip == NULL) {
cp->lesserX1OrderRecip = cp->x1OrderPlusRecip;
}
else {
cp->lesserX1OrderRecip = arrayToGiant(cps->lesserX1OrderRecip);
}
curveParamsInferFields(cp);
return cp;
}
curveParams *curveParamsCopy(curveParams *cp)
{
curveParams *newcp = newCurveParams();
newcp->primeType = cp->primeType;
newcp->curveType = cp->curveType;
newcp->q = cp->q;
newcp->k = cp->k;
newcp->m = cp->m;
newcp->basePrime = copyGiant(cp->basePrime);
newcp->minBytes = cp->minBytes;
newcp->maxDigits = cp->maxDigits;
newcp->a = copyGiant(cp->a);
newcp->b = copyGiant(cp->b);
newcp->c = copyGiant(cp->c);
newcp->x1Plus = copyGiant(cp->x1Plus);
if(cp->x1Minus) {
newcp->x1Minus = copyGiant(cp->x1Minus);
}
newcp->y1Plus = copyGiant(cp->y1Plus);
newcp->cOrderPlus = copyGiant(cp->cOrderPlus);
if(cp->cOrderMinus) {
newcp->cOrderMinus = copyGiant(cp->cOrderMinus);
}
newcp->x1OrderPlus = copyGiant(cp->x1OrderPlus);
if(cp->x1OrderMinus) {
newcp->x1OrderMinus = copyGiant(cp->x1OrderMinus);
}
newcp->x1OrderPlusRecip = copyGiant(cp->x1OrderPlusRecip);
if(cp->x1OrderPlusRecip == cp->lesserX1OrderRecip) {
newcp->lesserX1OrderRecip = newcp->x1OrderPlusRecip;
}
else {
newcp->lesserX1OrderRecip = copyGiant(cp->lesserX1OrderRecip);
}
if(cp->primeType == FPT_General) {
newcp->basePrimeRecip = copyGiant(cp->basePrimeRecip);
}
return newcp;
}
void freeCurveParams(curveParams *cp)
{
if(cp->basePrime != NULL) {
freeGiant(cp->basePrime);
}
if(cp->a != NULL) {
freeGiant(cp->a);
}
if(cp->b != NULL) {
freeGiant(cp->b);
}
if(cp->c != NULL) {
freeGiant(cp->c);
}
if(cp->x1Plus != NULL) {
freeGiant(cp->x1Plus);
}
if(cp->x1Minus != NULL) {
freeGiant(cp->x1Minus);
}
if(cp->y1Plus != NULL) {
freeGiant(cp->y1Plus);
}
if(cp->cOrderPlus != NULL) {
freeGiant(cp->cOrderPlus);
}
if(cp->cOrderMinus != NULL) {
freeGiant(cp->cOrderMinus);
}
if(cp->x1OrderPlus != NULL) {
freeGiant(cp->x1OrderPlus);
}
if(cp->x1OrderMinus != NULL) {
freeGiant(cp->x1OrderMinus);
}
if(cp->x1OrderPlusRecip != NULL) {
freeGiant(cp->x1OrderPlusRecip);
}
if(cp->lesserX1OrderRecip != cp->x1OrderPlusRecip) {
freeGiant(cp->lesserX1OrderRecip);
}
if(cp->basePrimeRecip != NULL) {
freeGiant(cp->basePrimeRecip);
}
ffree(cp);
}
int curveParamsEquivalent(curveParams *cp1, curveParams *cp2)
{
if(cp1 == cp2) {
return 1;
}
if(cp1->primeType != cp2->primeType) {
return 0;
}
if(cp1->curveType != cp2->curveType) {
return 0;
}
if(cp1->k != cp2->k) {
return 0;
}
if(cp1->q != cp2->q) {
return 0;
}
if(cp1->m != cp2->m) {
return 0;
}
if(gcompg(cp1->basePrime, cp2->basePrime)) {
return 0;
}
if(gcompg(cp1->a, cp2->a)) {
return 0;
}
if(gcompg(cp1->b, cp2->b)) {
return 0;
}
if(gcompg(cp1->c, cp2->c)) {
return 0;
}
if(gcompg(cp1->x1Plus, cp2->x1Plus)) {
return 0;
}
if((cp1->x1Minus != NULL) && (cp2->x1Minus != NULL)) {
if(gcompg(cp1->x1Minus, cp2->x1Minus)) {
return 0;
}
}
if(gcompg(cp1->cOrderPlus, cp2->cOrderPlus)) {
return 0;
}
if((cp1->cOrderMinus != NULL) && (cp2->cOrderMinus != NULL)) {
if(gcompg(cp1->cOrderMinus, cp2->cOrderMinus)) {
return 0;
}
}
if(gcompg(cp1->x1OrderPlus, cp2->x1OrderPlus)) {
return 0;
}
if((cp1->x1OrderMinus != NULL) && (cp2->x1OrderMinus != NULL)) {
if(gcompg(cp1->x1OrderMinus, cp2->x1OrderMinus)) {
return 0;
}
}
return 1;
}
giant lesserX1Order(curveParams *cp)
{
CKASSERT(!isZero(cp->x1OrderPlus));
if(cp->x1OrderMinus == NULL) {
return(cp->x1OrderPlus);
}
else if(gcompg(cp->x1OrderPlus, cp->x1OrderMinus) >= 0) {
return(cp->x1OrderMinus);
}
else {
return(cp->x1OrderPlus);
}
}
#if GIANTS_VIA_STACK
static int giantsInitd = 0;
void curveParamsInitGiants(void)
{
const curveParamsStatic *cps = &curveParamsArray[FEE_DEPTH_MAX];
if(giantsInitd) {
return;
}
initGiantStacks(giantMaxDigits(giantMinBytes(cps->q, cps->k)));
giantsInitd = 1;
}
#endif // GIANTS_VIA_STACK
void curveParamsInferFields(curveParams *cp)
{
calcGiantSizes(cp);
if(cp->primeType == FPT_General) {
cp->basePrimeRecip = newGiant(cp->maxDigits);
make_recip(cp->basePrime, cp->basePrimeRecip);
}
else {
cp->basePrime = newGiant(cp->maxDigits);
make_base_prim(cp);
}
#if CRYPTKIT_ELL_PROJ_ENABLE
if(cp->curveType == FCT_Weierstrass) {
if(cp->y1Plus == NULL) {
pointProj pt = newPointProj(cp->maxDigits);
findPointProj(pt, cp->x1Plus, cp);
if(gcompg(pt->x, cp->x1Plus)) {
CKRaise("curveParamsInferFields failure");
}
cp->y1Plus = copyGiant(pt->y);
freePointProj(pt);
}
}
else {
cp->y1Plus = newGiant(1);
}
#else
cp->y1Plus = newGiant(1);
#endif
if((cp->x1OrderPlusRecip == NULL) || isZero(cp->x1OrderPlusRecip)) {
cp->x1OrderPlusRecip = newGiant(cp->maxDigits);
make_recip(cp->x1OrderPlus, cp->x1OrderPlusRecip);
if(cp->lesserX1OrderRecip != NULL) {
freeGiant(cp->lesserX1OrderRecip);
}
cp->lesserX1OrderRecip = cp->x1OrderPlusRecip;
}
}
#define LOG_DEPTH 0
#if FEE_PROTOTYPE_CURVES
feeReturn feeKeyBitsToDepth(unsigned keySize,
feePrimeType primeType,
feeCurveType curveType,
feeDepth *depth)
{
feeReturn frtn = FR_Success;
switch(keySize) {
case 31:
switch(curveType) {
case FCT_Montgomery:
default:
*depth = FEE_DEPTH_31_1_M;
break;
case FCT_Weierstrass:
*depth = FEE_DEPTH_31_1_P;
break;
}
break;
case 40:
switch(curveType) {
case FCT_Weierstrass:
default:
*depth = FEE_DEPTH_40_213;
break;
case FCT_Montgomery:
return FR_IllegalDepth;
}
break;
case 127:
switch(curveType) {
case FCT_Montgomery:
if(primeType == FPT_General) {
*depth = FEE_DEPTH_127_GEN;
}
else{
*depth = FEE_DEPTH_127_1;
}
break;
case FCT_Weierstrass:
default:
*depth = FEE_DEPTH_127_1W;
break;
}
break;
case 160:
switch(curveType) {
case FCT_Montgomery:
return FR_IllegalDepth;
case FCT_Weierstrass:
default:
if(primeType == FPT_General) {
*depth = FEE_DEPTH_160_GEN;
}
else {
*depth = FEE_DEPTH_160_57;
}
break;
}
break;
case 192:
switch(curveType) {
case FCT_Montgomery:
*depth = FEE_DEPTH_192_M529891;
case FCT_Weierstrass:
default:
*depth = FEE_DEPTH_192_1425;
break;
}
break;
default:
frtn = FR_IllegalDepth;
break;
}
#if LOG_DEPTH
printf("feeKeyBitsToDepth: depth %d\n", *depth);
#endif
return frtn;
}
#else
feeReturn feeKeyBitsToDepth(unsigned keySize,
feePrimeType primeType,
feeCurveType curveType,
feeDepth *depth)
{
feeReturn frtn = FR_Success;
switch(keySize) {
case 31:
if(primeType == FPT_General) {
return FR_IllegalDepth;
}
switch(curveType) {
case FCT_Montgomery:
*depth = FEE_DEPTH_31M;
break;
case FCT_Weierstrass:
case FCT_Default:
*depth = FEE_DEPTH_31W;
break;
default:
return FR_IllegalDepth;
}
break;
case 127:
if(primeType == FPT_General) {
return FR_IllegalDepth;
}
switch(curveType) {
case FCT_Montgomery:
case FCT_Default:
*depth = FEE_DEPTH_127M;
break;
case FCT_Weierstrass:
default:
return FR_IllegalDepth;
}
break;
case 128:
switch(primeType) {
case FPT_General:
case FPT_Mersenne:
return FR_IllegalDepth;
default:
break;
}
switch(curveType) {
case FCT_Weierstrass:
case FCT_Default:
*depth = FEE_DEPTH_128W;
break;
default:
return FR_IllegalDepth;
}
break;
case 161:
switch(curveType) {
case FCT_Weierstrass:
case FCT_Default:
switch(primeType) {
case FPT_General:
*depth = FEE_DEPTH_161G;
break;
case FPT_FEE:
case FPT_Default:
*depth = FEE_DEPTH_161W;
break;
default:
return FR_IllegalDepth;
}
break;
default:
return FR_IllegalDepth;
}
break;
case 192:
switch(curveType) {
case FCT_Montgomery:
default:
return FR_IllegalDepth;
case FCT_Weierstrass:
case FCT_Default:
switch(primeType) {
case FPT_General:
case FPT_Default:
*depth = FEE_DEPTH_192G;
break;
default:
return FR_IllegalDepth;
}
break;
case FCT_ANSI:
switch(primeType) {
case FPT_General:
case FPT_Default:
break;
default:
return FR_IllegalDepth;
}
*depth = FEE_DEPTH_secp192r1;
break;
}
break;
case 256:
switch(curveType) {
case FCT_ANSI:
case FCT_Default:
break;
default:
return FR_IllegalDepth;
}
switch(primeType) {
case FPT_General:
case FPT_Default:
break;
default:
return FR_IllegalDepth;
}
*depth = FEE_DEPTH_secp256r1;
break;
case 384:
switch(curveType) {
case FCT_ANSI:
case FCT_Default:
break;
default:
return FR_IllegalDepth;
}
switch(primeType) {
case FPT_General:
case FPT_Default:
break;
default:
return FR_IllegalDepth;
}
*depth = FEE_DEPTH_secp384r1;
break;
case 521:
switch(curveType) {
case FCT_ANSI:
case FCT_Default:
break;
default:
return FR_IllegalDepth;
}
switch(primeType) {
case FPT_General:
case FPT_Default:
break;
default:
return FR_IllegalDepth;
}
*depth = FEE_DEPTH_secp521r1;
break;
default:
frtn = FR_IllegalDepth;
break;
}
#if LOG_DEPTH
printf("feeKeyBitsToDepth: depth %d\n", *depth);
#endif
return frtn;
}
#endif
feeReturn curveParamsDepth(
curveParams *cp,
feeDepth *depth)
{
if(cp == NULL) {
return FR_IllegalArg;
}
feeCurveType curveType = cp->curveType;
if((curveType == FCT_Weierstrass) && (cp->x1Minus == NULL)) {
curveType = FCT_ANSI;
}
return feeKeyBitsToDepth(cp->q, cp->primeType, curveType, depth);
}