summaryrefslogtreecommitdiff
path: root/lib/cryptohi
diff options
context:
space:
mode:
authorRobert Relyea <rrelyea@redhat.com>2015-10-01 17:50:44 -0700
committerRobert Relyea <rrelyea@redhat.com>2015-10-01 17:50:44 -0700
commit2f5b478459e5445df2bff625c5668a4d56dd4864 (patch)
tree954c40e355a17293711c97865e2de14026b88f89 /lib/cryptohi
parentd9b9c172b081bce9cd2e199fdeda5b7e26560e9a (diff)
downloadnss-hg-2f5b478459e5445df2bff625c5668a4d56dd4864.tar.gz
bug 1009429
0005-Check-for-acceptable-certificate-parameters-when-ver.patch (also 0004) Also update tests to use > 512 bit keys.
Diffstat (limited to 'lib/cryptohi')
-rw-r--r--lib/cryptohi/keyhi.h8
-rw-r--r--lib/cryptohi/seckey.c19
2 files changed, 27 insertions, 0 deletions
diff --git a/lib/cryptohi/keyhi.h b/lib/cryptohi/keyhi.h
index 411ea00e3..0ed3698eb 100644
--- a/lib/cryptohi/keyhi.h
+++ b/lib/cryptohi/keyhi.h
@@ -260,6 +260,14 @@ extern int SECKEY_ECParamsToKeySize(const SECItem *params);
*/
extern int SECKEY_ECParamsToBasePointOrderLen(const SECItem *params);
+/*
+ * Returns the object identifier of the curve, of the provided
+ * elliptic curve parameters structures.
+ *
+ * Return 0 on failure (unknown EC domain parameters).
+ */
+SECOidTag SECKEY_GetECCOid(const SECKEYECParams * params);
+
SEC_END_PROTOS
#endif /* _KEYHI_H_ */
diff --git a/lib/cryptohi/seckey.c b/lib/cryptohi/seckey.c
index db72b7451..1fcd4087f 100644
--- a/lib/cryptohi/seckey.c
+++ b/lib/cryptohi/seckey.c
@@ -1904,3 +1904,22 @@ SECKEY_CacheStaticFlags(SECKEYPrivateKey* key)
}
return rv;
}
+
+SECOidTag
+SECKEY_GetECCOid(const SECKEYECParams * params)
+{
+ SECItem oid = { siBuffer, NULL, 0};
+ SECOidData *oidData = NULL;
+
+ /*
+ * params->data needs to contain the ASN encoding of an object ID (OID)
+ * representing a named curve. Here, we strip away everything
+ * before the actual OID and use the OID to look up a named curve.
+ */
+ if (params->data[0] != SEC_ASN1_OBJECT_ID) return 0;
+ oid.len = params->len - 2;
+ oid.data = params->data + 2;
+ if ((oidData = SECOID_FindOID(&oid)) == NULL) return 0;
+
+ return oidData->offset;
+}
View Lorry Controller Status