diff options
author | Robert Relyea <rrelyea@redhat.com> | 2015-10-01 17:50:44 -0700 |
---|---|---|
committer | Robert Relyea <rrelyea@redhat.com> | 2015-10-01 17:50:44 -0700 |
commit | 2f5b478459e5445df2bff625c5668a4d56dd4864 (patch) | |
tree | 954c40e355a17293711c97865e2de14026b88f89 /lib/cryptohi | |
parent | d9b9c172b081bce9cd2e199fdeda5b7e26560e9a (diff) | |
download | nss-hg-2f5b478459e5445df2bff625c5668a4d56dd4864.tar.gz |
bug 1009429
0005-Check-for-acceptable-certificate-parameters-when-ver.patch (also 0004)
Also update tests to use > 512 bit keys.
Diffstat (limited to 'lib/cryptohi')
-rw-r--r-- | lib/cryptohi/keyhi.h | 8 | ||||
-rw-r--r-- | lib/cryptohi/seckey.c | 19 |
2 files changed, 27 insertions, 0 deletions
diff --git a/lib/cryptohi/keyhi.h b/lib/cryptohi/keyhi.h index 411ea00e3..0ed3698eb 100644 --- a/lib/cryptohi/keyhi.h +++ b/lib/cryptohi/keyhi.h @@ -260,6 +260,14 @@ extern int SECKEY_ECParamsToKeySize(const SECItem *params); */ extern int SECKEY_ECParamsToBasePointOrderLen(const SECItem *params); +/* + * Returns the object identifier of the curve, of the provided + * elliptic curve parameters structures. + * + * Return 0 on failure (unknown EC domain parameters). + */ +SECOidTag SECKEY_GetECCOid(const SECKEYECParams * params); + SEC_END_PROTOS #endif /* _KEYHI_H_ */ diff --git a/lib/cryptohi/seckey.c b/lib/cryptohi/seckey.c index db72b7451..1fcd4087f 100644 --- a/lib/cryptohi/seckey.c +++ b/lib/cryptohi/seckey.c @@ -1904,3 +1904,22 @@ SECKEY_CacheStaticFlags(SECKEYPrivateKey* key) } return rv; } + +SECOidTag +SECKEY_GetECCOid(const SECKEYECParams * params) +{ + SECItem oid = { siBuffer, NULL, 0}; + SECOidData *oidData = NULL; + + /* + * params->data needs to contain the ASN encoding of an object ID (OID) + * representing a named curve. Here, we strip away everything + * before the actual OID and use the OID to look up a named curve. + */ + if (params->data[0] != SEC_ASN1_OBJECT_ID) return 0; + oid.len = params->len - 2; + oid.data = params->data + 2; + if ((oidData = SECOID_FindOID(&oid)) == NULL) return 0; + + return oidData->offset; +} |