Bug 1347975 - use bytes for curve parameter definitions, r=ttaubert

author: Franziskus Kiefer <franziskuskiefer@gmail.com> 2017-03-16 15:25:29 +0100
committer: Franziskus Kiefer <franziskuskiefer@gmail.com> 2017-03-16 15:25:29 +0100
commit: eb05c62c048a4a546a1e4377f2773b41f63b4731 (patch)
tree: 8d243582832d7492b663f27e5a72a0ef328954dd /cmd/lib
parent: 5370150564a8877efa64f4566f638a9a8863390f (diff)
download: nss-hg-eb05c62c048a4a546a1e4377f2773b41f63b4731.tar.gz
2 files changed, 93 insertions, 0 deletions
diff --git a/cmd/lib/secutil.c b/cmd/lib/secutil.c
index cb4752df9..6e3a9daab 100644
--- a/cmd/lib/secutil.c
+++ b/cmd/lib/secutil.c
@@ -3960,3 +3960,93 @@ done:
     *enabledGroups = groups;
     return SECSuccess;
 }
+
+/* mapping between ECCurveName enum and SECOidTags */
+static SECOidTag ecCurve_oid_map[] = {
+    SEC_OID_UNKNOWN,                /* ECCurve_noName */
+    SEC_OID_ANSIX962_EC_PRIME192V1, /* ECCurve_NIST_P192 */
+    SEC_OID_SECG_EC_SECP224R1,      /* ECCurve_NIST_P224 */
+    SEC_OID_ANSIX962_EC_PRIME256V1, /* ECCurve_NIST_P256 */
+    SEC_OID_SECG_EC_SECP384R1,      /* ECCurve_NIST_P384 */
+    SEC_OID_SECG_EC_SECP521R1,      /* ECCurve_NIST_P521 */
+    SEC_OID_SECG_EC_SECT163K1,      /* ECCurve_NIST_K163 */
+    SEC_OID_SECG_EC_SECT163R1,      /* ECCurve_NIST_B163 */
+    SEC_OID_SECG_EC_SECT233K1,      /* ECCurve_NIST_K233 */
+    SEC_OID_SECG_EC_SECT233R1,      /* ECCurve_NIST_B233 */
+    SEC_OID_SECG_EC_SECT283K1,      /* ECCurve_NIST_K283 */
+    SEC_OID_SECG_EC_SECT283R1,      /* ECCurve_NIST_B283 */
+    SEC_OID_SECG_EC_SECT409K1,      /* ECCurve_NIST_K409 */
+    SEC_OID_SECG_EC_SECT409R1,      /* ECCurve_NIST_B409 */
+    SEC_OID_SECG_EC_SECT571K1,      /* ECCurve_NIST_K571 */
+    SEC_OID_SECG_EC_SECT571R1,      /* ECCurve_NIST_B571 */
+    SEC_OID_ANSIX962_EC_PRIME192V2,
+    SEC_OID_ANSIX962_EC_PRIME192V3,
+    SEC_OID_ANSIX962_EC_PRIME239V1,
+    SEC_OID_ANSIX962_EC_PRIME239V2,
+    SEC_OID_ANSIX962_EC_PRIME239V3,
+    SEC_OID_ANSIX962_EC_C2PNB163V1,
+    SEC_OID_ANSIX962_EC_C2PNB163V2,
+    SEC_OID_ANSIX962_EC_C2PNB163V3,
+    SEC_OID_ANSIX962_EC_C2PNB176V1,
+    SEC_OID_ANSIX962_EC_C2TNB191V1,
+    SEC_OID_ANSIX962_EC_C2TNB191V2,
+    SEC_OID_ANSIX962_EC_C2TNB191V3,
+    SEC_OID_ANSIX962_EC_C2PNB208W1,
+    SEC_OID_ANSIX962_EC_C2TNB239V1,
+    SEC_OID_ANSIX962_EC_C2TNB239V2,
+    SEC_OID_ANSIX962_EC_C2TNB239V3,
+    SEC_OID_ANSIX962_EC_C2PNB272W1,
+    SEC_OID_ANSIX962_EC_C2PNB304W1,
+    SEC_OID_ANSIX962_EC_C2TNB359V1,
+    SEC_OID_ANSIX962_EC_C2PNB368W1,
+    SEC_OID_ANSIX962_EC_C2TNB431R1,
+    SEC_OID_SECG_EC_SECP112R1,
+    SEC_OID_SECG_EC_SECP112R2,
+    SEC_OID_SECG_EC_SECP128R1,
+    SEC_OID_SECG_EC_SECP128R2,
+    SEC_OID_SECG_EC_SECP160K1,
+    SEC_OID_SECG_EC_SECP160R1,
+    SEC_OID_SECG_EC_SECP160R2,
+    SEC_OID_SECG_EC_SECP192K1,
+    SEC_OID_SECG_EC_SECP224K1,
+    SEC_OID_SECG_EC_SECP256K1,
+    SEC_OID_SECG_EC_SECT113R1,
+    SEC_OID_SECG_EC_SECT113R2,
+    SEC_OID_SECG_EC_SECT131R1,
+    SEC_OID_SECG_EC_SECT131R2,
+    SEC_OID_SECG_EC_SECT163R1,
+    SEC_OID_SECG_EC_SECT193R1,
+    SEC_OID_SECG_EC_SECT193R2,
+    SEC_OID_SECG_EC_SECT239K1,
+    SEC_OID_UNKNOWN, /* ECCurve_WTLS_1 */
+    SEC_OID_UNKNOWN, /* ECCurve_WTLS_8 */
+    SEC_OID_UNKNOWN, /* ECCurve_WTLS_9 */
+    SEC_OID_CURVE25519,
+    SEC_OID_UNKNOWN /* ECCurve_pastLastCurve */
+};
+
+SECStatus
+SECU_ecName2params(ECCurveName curve, SECKEYECParams *params)
+{
+    SECOidData *oidData = NULL;
+
+    if ((curve < ECCurve_noName) || (curve > ECCurve_pastLastCurve) ||
+        ((oidData = SECOID_FindOIDByTag(ecCurve_oid_map[curve])) == NULL)) {
+        PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
+        return SECFailure;
+    }
+
+    if (SECITEM_AllocItem(NULL, params, (2 + oidData->oid.len)) == NULL) {
+        return SECFailure;
+    }
+    /*
+     * params->data needs to contain the ASN encoding of an object ID (OID)
+     * representing the named curve. The actual OID is in
+     * oidData->oid.data so we simply prepend 0x06 and OID length
+     */
+    params->data[0] = SEC_ASN1_OBJECT_ID;
+    params->data[1] = oidData->oid.len;
+    memcpy(params->data + 2, oidData->oid.data, oidData->oid.len);
+
+    return SECSuccess;
+}
diff --git a/cmd/lib/secutil.h b/cmd/lib/secutil.h
index c121c55a7..b5c99abb7 100644
--- a/cmd/lib/secutil.h
+++ b/cmd/lib/secutil.h
@@ -18,6 +18,7 @@
 #include "basicutil.h"
 #include "sslerr.h"
 #include "sslt.h"
+#include "blapi.h"
 
 #define SEC_CT_PRIVATE_KEY "private-key"
 #define SEC_CT_PUBLIC_KEY "public-key"
@@ -412,6 +413,8 @@ SECStatus parseGroupList(const char *arg, SSLNamedGroup **enabledGroups,
                          unsigned int *enabledGroupsCount);
 SSLNamedGroup groupNameToNamedGroup(char *name);
 
+extern SECStatus SECU_ecName2params(ECCurveName curve, SECKEYECParams *params);
+
 /*
  *
  *  Error messaging
author	Franziskus Kiefer <franziskuskiefer@gmail.com>	2017-03-16 15:25:29 +0100
committer	Franziskus Kiefer <franziskuskiefer@gmail.com>	2017-03-16 15:25:29 +0100
commit	eb05c62c048a4a546a1e4377f2773b41f63b4731 (patch)
tree	8d243582832d7492b663f27e5a72a0ef328954dd /cmd/lib
parent	5370150564a8877efa64f4566f638a9a8863390f (diff)
download	nss-hg-eb05c62c048a4a546a1e4377f2773b41f63b4731.tar.gz