OLD | NEW |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 | 4 |
5 #ifndef NSS_DISABLE_ECC | 5 #ifndef NSS_DISABLE_ECC |
6 | 6 |
7 #ifdef FREEBL_NO_DEPEND | 7 #ifdef FREEBL_NO_DEPEND |
8 #include "stubs.h" | 8 #include "stubs.h" |
9 #endif | 9 #endif |
10 | 10 |
11 #include "blapi.h" | 11 #include "blapi.h" |
12 #include "secoid.h" | 12 #include "secoid.h" |
13 #include "secitem.h" | 13 #include "secitem.h" |
14 #include "secerr.h" | 14 #include "secerr.h" |
15 #include "ec.h" | 15 #include "ec.h" |
16 #include "ecl-curve.h" | 16 #include "ecl-curve.h" |
17 | 17 |
18 #define CHECK_OK(func) if (func == NULL) goto cleanup | 18 #define CHECK_OK(func) \ |
19 #define CHECK_SEC_OK(func) if (SECSuccess != (rv = func)) goto cleanup | 19 if (func == NULL) goto cleanup |
| 20 #define CHECK_SEC_OK(func) \ |
| 21 if (SECSuccess != (rv = func)) goto cleanup |
20 | 22 |
21 /* | 23 /* |
22 * Initializes a SECItem from a hexadecimal string | 24 * Initializes a SECItem from a hexadecimal string |
23 * | 25 * |
24 * Warning: This function ignores leading 00's, so any leading 00's | 26 * Warning: This function ignores leading 00's, so any leading 00's |
25 * in the hexadecimal string must be optional. | 27 * in the hexadecimal string must be optional. |
26 */ | 28 */ |
27 static SECItem * | 29 static SECItem *hexString2SECItem(PLArenaPool *arena, SECItem *item, |
28 hexString2SECItem(PLArenaPool *arena, SECItem *item, const char *str) | 30 const char *str) { |
29 { | 31 int i = 0; |
30 int i = 0; | 32 int byteval = 0; |
31 int byteval = 0; | 33 int tmp = PORT_Strlen(str); |
32 int tmp = PORT_Strlen(str); | 34 |
33 | 35 if ((tmp % 2) != 0) return NULL; |
34 if ((tmp % 2) != 0) return NULL; | 36 |
35 ···· | 37 /* skip leading 00's unless the hex string is "00" */ |
36 /* skip leading 00's unless the hex string is "00" */ | 38 while ((tmp > 2) && (str[0] == '0') && (str[1] == '0')) { |
37 while ((tmp > 2) && (str[0] == '0') && (str[1] == '0')) { | 39 str += 2; |
38 str += 2; | 40 tmp -= 2; |
39 tmp -= 2; | 41 } |
| 42 |
| 43 item->data = (unsigned char *)PORT_ArenaAlloc(arena, tmp / 2); |
| 44 if (item->data == NULL) return NULL; |
| 45 item->len = tmp / 2; |
| 46 |
| 47 while (str[i]) { |
| 48 if ((str[i] >= '0') && (str[i] <= '9')) |
| 49 tmp = str[i] - '0'; |
| 50 else if ((str[i] >= 'a') && (str[i] <= 'f')) |
| 51 tmp = str[i] - 'a' + 10; |
| 52 else if ((str[i] >= 'A') && (str[i] <= 'F')) |
| 53 tmp = str[i] - 'A' + 10; |
| 54 else |
| 55 return NULL; |
| 56 |
| 57 byteval = byteval * 16 + tmp; |
| 58 if ((i % 2) != 0) { |
| 59 item->data[i / 2] = byteval; |
| 60 byteval = 0; |
40 } | 61 } |
41 | 62 i++; |
42 item->data = (unsigned char *) PORT_ArenaAlloc(arena, tmp/2); | 63 } |
43 if (item->data == NULL) return NULL; | 64 |
44 item->len = tmp/2; | 65 return item; |
45 | |
46 while (str[i]) { | |
47 if ((str[i] >= '0') && (str[i] <= '9')) | |
48 » tmp = str[i] - '0'; | |
49 » else if ((str[i] >= 'a') && (str[i] <= 'f')) | |
50 » tmp = str[i] - 'a' + 10; | |
51 » else if ((str[i] >= 'A') && (str[i] <= 'F')) | |
52 » tmp = str[i] - 'A' + 10; | |
53 » else | |
54 » return NULL; | |
55 | |
56 » byteval = byteval * 16 + tmp; | |
57 » if ((i % 2) != 0) { | |
58 » item->data[i/2] = byteval; | |
59 » byteval = 0; | |
60 » } | |
61 » i++; | |
62 } | |
63 | |
64 return item; | |
65 } | 66 } |
66 | 67 |
67 /* Copy all of the fields from srcParams into dstParams | 68 /* Copy all of the fields from srcParams into dstParams |
68 */ | 69 */ |
69 SECStatus | 70 SECStatus EC_CopyParams(PLArenaPool *arena, ECParams *dstParams, |
70 EC_CopyParams(PLArenaPool *arena, ECParams *dstParams, | 71 const ECParams *srcParams) { |
71 const ECParams *srcParams) | 72 SECStatus rv = SECFailure; |
72 { | 73 |
73 SECStatus rv = SECFailure; | 74 dstParams->arena = arena; |
74 | 75 dstParams->type = srcParams->type; |
75 dstParams->arena = arena; | 76 dstParams->fieldID.size = srcParams->fieldID.size; |
76 dstParams->type = srcParams->type; | 77 dstParams->fieldID.type = srcParams->fieldID.type; |
77 dstParams->fieldID.size = srcParams->fieldID.size; | 78 if (srcParams->fieldID.type == ec_field_GFp) { |
78 dstParams->fieldID.type = srcParams->fieldID.type; | 79 CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->fieldID.u.prime, |
79 if (srcParams->fieldID.type == ec_field_GFp) { | 80 &srcParams->fieldID.u.prime)); |
80 CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->fieldID.u.prime, | 81 } else { |
81 &srcParams->fieldID.u.prime)); | 82 CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->fieldID.u.poly, |
82 } else { | 83 &srcParams->fieldID.u.poly)); |
83 CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->fieldID.u.poly, | 84 } |
84 &srcParams->fieldID.u.poly)); | 85 dstParams->fieldID.k1 = srcParams->fieldID.k1; |
85 } | 86 dstParams->fieldID.k2 = srcParams->fieldID.k2; |
86 dstParams->fieldID.k1 = srcParams->fieldID.k1; | 87 dstParams->fieldID.k3 = srcParams->fieldID.k3; |
87 dstParams->fieldID.k2 = srcParams->fieldID.k2; | 88 CHECK_SEC_OK( |
88 dstParams->fieldID.k3 = srcParams->fieldID.k3; | 89 SECITEM_CopyItem(arena, &dstParams->curve.a, &srcParams->curve.a)); |
89 CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.a, | 90 CHECK_SEC_OK( |
90 &srcParams->curve.a)); | 91 SECITEM_CopyItem(arena, &dstParams->curve.b, &srcParams->curve.b)); |
91 CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.b, | 92 CHECK_SEC_OK( |
92 &srcParams->curve.b)); | 93 SECITEM_CopyItem(arena, &dstParams->curve.seed, &srcParams->curve.seed)); |
93 CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.seed, | 94 CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->base, &srcParams->base)); |
94 &srcParams->curve.seed)); | 95 CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->order, &srcParams->order)); |
95 CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->base, | 96 CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->DEREncoding, |
96 &srcParams->base)); | 97 &srcParams->DEREncoding)); |
97 CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->order, | 98 dstParams->name = srcParams->name; |
98 &srcParams->order)); | 99 CHECK_SEC_OK( |
99 CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->DEREncoding, | 100 SECITEM_CopyItem(arena, &dstParams->curveOID, &srcParams->curveOID)); |
100 &srcParams->DEREncoding)); | 101 dstParams->cofactor = srcParams->cofactor; |
101 dstParams->name = srcParams->name; | 102 |
102 CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curveOID, | 103 return SECSuccess; |
103 &srcParams->curveOID)); | 104 |
104 dstParams->cofactor = srcParams->cofactor; | 105 cleanup: |
105 | 106 return SECFailure; |
| 107 } |
| 108 |
| 109 static SECStatus gf_populate_params(ECCurveName name, ECFieldType field_type, |
| 110 ECParams *params) { |
| 111 SECStatus rv = SECFailure; |
| 112 const ECCurveParams *curveParams; |
| 113 /* 2 ['0'+'4'] + MAX_ECKEY_LEN * 2 [x,y] * 2 [hex string] + 1 ['\0'] */ |
| 114 char genenc[3 + 2 * 2 * MAX_ECKEY_LEN]; |
| 115 |
| 116 if ((name < ECCurve_noName) || (name > ECCurve_pastLastCurve)) goto cleanup; |
| 117 params->name = name; |
| 118 curveParams = ecCurve_map[params->name]; |
| 119 CHECK_OK(curveParams); |
| 120 params->fieldID.size = curveParams->size; |
| 121 params->fieldID.type = field_type; |
| 122 if (field_type == ec_field_GFp) { |
| 123 CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.prime, |
| 124 curveParams->irr)); |
| 125 } else { |
| 126 CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, |
| 127 curveParams->irr)); |
| 128 } |
| 129 CHECK_OK( |
| 130 hexString2SECItem(params->arena, ¶ms->curve.a, curveParams->curvea)); |
| 131 CHECK_OK( |
| 132 hexString2SECItem(params->arena, ¶ms->curve.b, curveParams->curveb)); |
| 133 genenc[0] = '0'; |
| 134 genenc[1] = '4'; |
| 135 genenc[2] = '\0'; |
| 136 strcat(genenc, curveParams->genx); |
| 137 strcat(genenc, curveParams->geny); |
| 138 CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, genenc)); |
| 139 CHECK_OK( |
| 140 hexString2SECItem(params->arena, ¶ms->order, curveParams->order)); |
| 141 params->cofactor = curveParams->cofactor; |
| 142 |
| 143 rv = SECSuccess; |
| 144 |
| 145 cleanup: |
| 146 return rv; |
| 147 } |
| 148 |
| 149 SECStatus EC_FillParams(PLArenaPool *arena, const SECItem *encodedParams, |
| 150 ECParams *params) { |
| 151 SECStatus rv = SECFailure; |
| 152 SECOidTag tag; |
| 153 SECItem oid = {siBuffer, NULL, 0}; |
| 154 |
| 155 #if EC_DEBUG |
| 156 int i; |
| 157 |
| 158 printf("Encoded params in EC_DecodeParams: "); |
| 159 for (i = 0; i < encodedParams->len; i++) { |
| 160 printf("%02x:", encodedParams->data[i]); |
| 161 } |
| 162 printf("\n"); |
| 163 #endif |
| 164 |
| 165 if ((encodedParams->len != ANSI_X962_CURVE_OID_TOTAL_LEN) && |
| 166 (encodedParams->len != SECG_CURVE_OID_TOTAL_LEN)) { |
| 167 PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); |
| 168 return SECFailure; |
| 169 }; |
| 170 |
| 171 oid.len = encodedParams->len - 2; |
| 172 oid.data = encodedParams->data + 2; |
| 173 if ((encodedParams->data[0] != SEC_ASN1_OBJECT_ID) || |
| 174 ((tag = SECOID_FindOIDTag(&oid)) == SEC_OID_UNKNOWN)) { |
| 175 PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); |
| 176 return SECFailure; |
| 177 } |
| 178 |
| 179 params->arena = arena; |
| 180 params->cofactor = 0; |
| 181 params->type = ec_params_named; |
| 182 params->name = ECCurve_noName; |
| 183 |
| 184 /* For named curves, fill out curveOID */ |
| 185 params->curveOID.len = oid.len; |
| 186 params->curveOID.data = (unsigned char *)PORT_ArenaAlloc(arena, oid.len); |
| 187 if (params->curveOID.data == NULL) goto cleanup; |
| 188 memcpy(params->curveOID.data, oid.data, oid.len); |
| 189 |
| 190 #if EC_DEBUG |
| 191 printf("Curve: %s\n", SECOID_FindOIDTagDescription(tag)); |
| 192 #endif |
| 193 |
| 194 switch (tag) { |
| 195 |
| 196 /* Binary curves */ |
| 197 |
| 198 case SEC_OID_ANSIX962_EC_C2PNB163V1: |
| 199 /* Populate params for c2pnb163v1 */ |
| 200 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V1, |
| 201 ec_field_GF2m, params)); |
| 202 break; |
| 203 |
| 204 case SEC_OID_ANSIX962_EC_C2PNB163V2: |
| 205 /* Populate params for c2pnb163v2 */ |
| 206 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V2, |
| 207 ec_field_GF2m, params)); |
| 208 break; |
| 209 |
| 210 case SEC_OID_ANSIX962_EC_C2PNB163V3: |
| 211 /* Populate params for c2pnb163v3 */ |
| 212 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V3, |
| 213 ec_field_GF2m, params)); |
| 214 break; |
| 215 |
| 216 case SEC_OID_ANSIX962_EC_C2PNB176V1: |
| 217 /* Populate params for c2pnb176v1 */ |
| 218 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_PNB176V1, |
| 219 ec_field_GF2m, params)); |
| 220 break; |
| 221 |
| 222 case SEC_OID_ANSIX962_EC_C2TNB191V1: |
| 223 /* Populate params for c2tnb191v1 */ |
| 224 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V1, |
| 225 ec_field_GF2m, params)); |
| 226 break; |
| 227 |
| 228 case SEC_OID_ANSIX962_EC_C2TNB191V2: |
| 229 /* Populate params for c2tnb191v2 */ |
| 230 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V2, |
| 231 ec_field_GF2m, params)); |
| 232 break; |
| 233 |
| 234 case SEC_OID_ANSIX962_EC_C2TNB191V3: |
| 235 /* Populate params for c2tnb191v3 */ |
| 236 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V3, |
| 237 ec_field_GF2m, params)); |
| 238 break; |
| 239 |
| 240 case SEC_OID_ANSIX962_EC_C2PNB208W1: |
| 241 /* Populate params for c2pnb208w1 */ |
| 242 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_PNB208W1, |
| 243 ec_field_GF2m, params)); |
| 244 break; |
| 245 |
| 246 case SEC_OID_ANSIX962_EC_C2TNB239V1: |
| 247 /* Populate params for c2tnb239v1 */ |
| 248 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V1, |
| 249 ec_field_GF2m, params)); |
| 250 break; |
| 251 |
| 252 case SEC_OID_ANSIX962_EC_C2TNB239V2: |
| 253 /* Populate params for c2tnb239v2 */ |
| 254 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V2, |
| 255 ec_field_GF2m, params)); |
| 256 break; |
| 257 |
| 258 case SEC_OID_ANSIX962_EC_C2TNB239V3: |
| 259 /* Populate params for c2tnb239v3 */ |
| 260 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V3, |
| 261 ec_field_GF2m, params)); |
| 262 break; |
| 263 |
| 264 case SEC_OID_ANSIX962_EC_C2PNB272W1: |
| 265 /* Populate params for c2pnb272w1 */ |
| 266 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_PNB272W1, |
| 267 ec_field_GF2m, params)); |
| 268 break; |
| 269 |
| 270 case SEC_OID_ANSIX962_EC_C2PNB304W1: |
| 271 /* Populate params for c2pnb304w1 */ |
| 272 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_PNB304W1, |
| 273 ec_field_GF2m, params)); |
| 274 break; |
| 275 |
| 276 case SEC_OID_ANSIX962_EC_C2TNB359V1: |
| 277 /* Populate params for c2tnb359v1 */ |
| 278 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_TNB359V1, |
| 279 ec_field_GF2m, params)); |
| 280 break; |
| 281 |
| 282 case SEC_OID_ANSIX962_EC_C2PNB368W1: |
| 283 /* Populate params for c2pnb368w1 */ |
| 284 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_PNB368W1, |
| 285 ec_field_GF2m, params)); |
| 286 break; |
| 287 |
| 288 case SEC_OID_ANSIX962_EC_C2TNB431R1: |
| 289 /* Populate params for c2tnb431r1 */ |
| 290 CHECK_SEC_OK(gf_populate_params(ECCurve_X9_62_CHAR2_TNB431R1, |
| 291 ec_field_GF2m, params)); |
| 292 break; |
| 293 |
| 294 case SEC_OID_SECG_EC_SECT113R1: |
| 295 /* Populate params for sect113r1 */ |
| 296 CHECK_SEC_OK( |
| 297 gf_populate_params(ECCurve_SECG_CHAR2_113R1, ec_field_GF2m, params)); |
| 298 break; |
| 299 |
| 300 case SEC_OID_SECG_EC_SECT113R2: |
| 301 /* Populate params for sect113r2 */ |
| 302 CHECK_SEC_OK( |
| 303 gf_populate_params(ECCurve_SECG_CHAR2_113R2, ec_field_GF2m, params)); |
| 304 break; |
| 305 |
| 306 case SEC_OID_SECG_EC_SECT131R1: |
| 307 /* Populate params for sect131r1 */ |
| 308 CHECK_SEC_OK( |
| 309 gf_populate_params(ECCurve_SECG_CHAR2_131R1, ec_field_GF2m, params)); |
| 310 break; |
| 311 |
| 312 case SEC_OID_SECG_EC_SECT131R2: |
| 313 /* Populate params for sect131r2 */ |
| 314 CHECK_SEC_OK( |
| 315 gf_populate_params(ECCurve_SECG_CHAR2_131R2, ec_field_GF2m, params)); |
| 316 break; |
| 317 |
| 318 case SEC_OID_SECG_EC_SECT163K1: |
| 319 /* Populate params for sect163k1 |
| 320 * (the NIST K-163 curve) |
| 321 */ |
| 322 CHECK_SEC_OK( |
| 323 gf_populate_params(ECCurve_SECG_CHAR2_163K1, ec_field_GF2m, params)); |
| 324 break; |
| 325 |
| 326 case SEC_OID_SECG_EC_SECT163R1: |
| 327 /* Populate params for sect163r1 */ |
| 328 CHECK_SEC_OK( |
| 329 gf_populate_params(ECCurve_SECG_CHAR2_163R1, ec_field_GF2m, params)); |
| 330 break; |
| 331 |
| 332 case SEC_OID_SECG_EC_SECT163R2: |
| 333 /* Populate params for sect163r2 |
| 334 * (the NIST B-163 curve) |
| 335 */ |
| 336 CHECK_SEC_OK( |
| 337 gf_populate_params(ECCurve_SECG_CHAR2_163R2, ec_field_GF2m, params)); |
| 338 break; |
| 339 |
| 340 case SEC_OID_SECG_EC_SECT193R1: |
| 341 /* Populate params for sect193r1 */ |
| 342 CHECK_SEC_OK( |
| 343 gf_populate_params(ECCurve_SECG_CHAR2_193R1, ec_field_GF2m, params)); |
| 344 break; |
| 345 |
| 346 case SEC_OID_SECG_EC_SECT193R2: |
| 347 /* Populate params for sect193r2 */ |
| 348 CHECK_SEC_OK( |
| 349 gf_populate_params(ECCurve_SECG_CHAR2_193R2, ec_field_GF2m, params)); |
| 350 break; |
| 351 |
| 352 case SEC_OID_SECG_EC_SECT233K1: |
| 353 /* Populate params for sect233k1 |
| 354 * (the NIST K-233 curve) |
| 355 */ |
| 356 CHECK_SEC_OK( |
| 357 gf_populate_params(ECCurve_SECG_CHAR2_233K1, ec_field_GF2m, params)); |
| 358 break; |
| 359 |
| 360 case SEC_OID_SECG_EC_SECT233R1: |
| 361 /* Populate params for sect233r1 |
| 362 * (the NIST B-233 curve) |
| 363 */ |
| 364 CHECK_SEC_OK( |
| 365 gf_populate_params(ECCurve_SECG_CHAR2_233R1, ec_field_GF2m, params)); |
| 366 break; |
| 367 |
| 368 case SEC_OID_SECG_EC_SECT239K1: |
| 369 /* Populate params for sect239k1 */ |
| 370 CHECK_SEC_OK( |
| 371 gf_populate_params(ECCurve_SECG_CHAR2_239K1, ec_field_GF2m, params)); |
| 372 break; |
| 373 |
| 374 case SEC_OID_SECG_EC_SECT283K1: |
| 375 /* Populate params for sect283k1 |
| 376 * (the NIST K-283 curve) |
| 377 */ |
| 378 CHECK_SEC_OK( |
| 379 gf_populate_params(ECCurve_SECG_CHAR2_283K1, ec_field_GF2m, params)); |
| 380 break; |
| 381 |
| 382 case SEC_OID_SECG_EC_SECT283R1: |
| 383 /* Populate params for sect283r1 |
| 384 * (the NIST B-283 curve) |
| 385 */ |
| 386 CHECK_SEC_OK( |
| 387 gf_populate_params(ECCurve_SECG_CHAR2_283R1, ec_field_GF2m, params)); |
| 388 break; |
| 389 |
| 390 case SEC_OID_SECG_EC_SECT409K1: |
| 391 /* Populate params for sect409k1 |
| 392 * (the NIST K-409 curve) |
| 393 */ |
| 394 CHECK_SEC_OK( |
| 395 gf_populate_params(ECCurve_SECG_CHAR2_409K1, ec_field_GF2m, params)); |
| 396 break; |
| 397 |
| 398 case SEC_OID_SECG_EC_SECT409R1: |
| 399 /* Populate params for sect409r1 |
| 400 * (the NIST B-409 curve) |
| 401 */ |
| 402 CHECK_SEC_OK( |
| 403 gf_populate_params(ECCurve_SECG_CHAR2_409R1, ec_field_GF2m, params)); |
| 404 break; |
| 405 |
| 406 case SEC_OID_SECG_EC_SECT571K1: |
| 407 /* Populate params for sect571k1 |
| 408 * (the NIST K-571 curve) |
| 409 */ |
| 410 CHECK_SEC_OK( |
| 411 gf_populate_params(ECCurve_SECG_CHAR2_571K1, ec_field_GF2m, params)); |
| 412 break; |
| 413 |
| 414 case SEC_OID_SECG_EC_SECT571R1: |
| 415 /* Populate params for sect571r1 |
| 416 * (the NIST B-571 curve) |
| 417 */ |
| 418 CHECK_SEC_OK( |
| 419 gf_populate_params(ECCurve_SECG_CHAR2_571R1, ec_field_GF2m, params)); |
| 420 break; |
| 421 |
| 422 /* Prime curves */ |
| 423 |
| 424 case SEC_OID_ANSIX962_EC_PRIME192V1: |
| 425 /* Populate params for prime192v1 aka secp192r1 |
| 426 * (the NIST P-192 curve) |
| 427 */ |
| 428 CHECK_SEC_OK( |
| 429 gf_populate_params(ECCurve_X9_62_PRIME_192V1, ec_field_GFp, params)); |
| 430 break; |
| 431 |
| 432 case SEC_OID_ANSIX962_EC_PRIME192V2: |
| 433 /* Populate params for prime192v2 */ |
| 434 CHECK_SEC_OK( |
| 435 gf_populate_params(ECCurve_X9_62_PRIME_192V2, ec_field_GFp, params)); |
| 436 break; |
| 437 |
| 438 case SEC_OID_ANSIX962_EC_PRIME192V3: |
| 439 /* Populate params for prime192v3 */ |
| 440 CHECK_SEC_OK( |
| 441 gf_populate_params(ECCurve_X9_62_PRIME_192V3, ec_field_GFp, params)); |
| 442 break; |
| 443 |
| 444 case SEC_OID_ANSIX962_EC_PRIME239V1: |
| 445 /* Populate params for prime239v1 */ |
| 446 CHECK_SEC_OK( |
| 447 gf_populate_params(ECCurve_X9_62_PRIME_239V1, ec_field_GFp, params)); |
| 448 break; |
| 449 |
| 450 case SEC_OID_ANSIX962_EC_PRIME239V2: |
| 451 /* Populate params for prime239v2 */ |
| 452 CHECK_SEC_OK( |
| 453 gf_populate_params(ECCurve_X9_62_PRIME_239V2, ec_field_GFp, params)); |
| 454 break; |
| 455 |
| 456 case SEC_OID_ANSIX962_EC_PRIME239V3: |
| 457 /* Populate params for prime239v3 */ |
| 458 CHECK_SEC_OK( |
| 459 gf_populate_params(ECCurve_X9_62_PRIME_239V3, ec_field_GFp, params)); |
| 460 break; |
| 461 |
| 462 case SEC_OID_ANSIX962_EC_PRIME256V1: |
| 463 /* Populate params for prime256v1 aka secp256r1 |
| 464 * (the NIST P-256 curve) |
| 465 */ |
| 466 CHECK_SEC_OK( |
| 467 gf_populate_params(ECCurve_X9_62_PRIME_256V1, ec_field_GFp, params)); |
| 468 break; |
| 469 |
| 470 case SEC_OID_SECG_EC_SECP112R1: |
| 471 /* Populate params for secp112r1 */ |
| 472 CHECK_SEC_OK( |
| 473 gf_populate_params(ECCurve_SECG_PRIME_112R1, ec_field_GFp, params)); |
| 474 break; |
| 475 |
| 476 case SEC_OID_SECG_EC_SECP112R2: |
| 477 /* Populate params for secp112r2 */ |
| 478 CHECK_SEC_OK( |
| 479 gf_populate_params(ECCurve_SECG_PRIME_112R2, ec_field_GFp, params)); |
| 480 break; |
| 481 |
| 482 case SEC_OID_SECG_EC_SECP128R1: |
| 483 /* Populate params for secp128r1 */ |
| 484 CHECK_SEC_OK( |
| 485 gf_populate_params(ECCurve_SECG_PRIME_128R1, ec_field_GFp, params)); |
| 486 break; |
| 487 |
| 488 case SEC_OID_SECG_EC_SECP128R2: |
| 489 /* Populate params for secp128r2 */ |
| 490 CHECK_SEC_OK( |
| 491 gf_populate_params(ECCurve_SECG_PRIME_128R2, ec_field_GFp, params)); |
| 492 break; |
| 493 |
| 494 case SEC_OID_SECG_EC_SECP160K1: |
| 495 /* Populate params for secp160k1 */ |
| 496 CHECK_SEC_OK( |
| 497 gf_populate_params(ECCurve_SECG_PRIME_160K1, ec_field_GFp, params)); |
| 498 break; |
| 499 |
| 500 case SEC_OID_SECG_EC_SECP160R1: |
| 501 /* Populate params for secp160r1 */ |
| 502 CHECK_SEC_OK( |
| 503 gf_populate_params(ECCurve_SECG_PRIME_160R1, ec_field_GFp, params)); |
| 504 break; |
| 505 |
| 506 case SEC_OID_SECG_EC_SECP160R2: |
| 507 /* Populate params for secp160r1 */ |
| 508 CHECK_SEC_OK( |
| 509 gf_populate_params(ECCurve_SECG_PRIME_160R2, ec_field_GFp, params)); |
| 510 break; |
| 511 |
| 512 case SEC_OID_SECG_EC_SECP192K1: |
| 513 /* Populate params for secp192k1 */ |
| 514 CHECK_SEC_OK( |
| 515 gf_populate_params(ECCurve_SECG_PRIME_192K1, ec_field_GFp, params)); |
| 516 break; |
| 517 |
| 518 case SEC_OID_SECG_EC_SECP224K1: |
| 519 /* Populate params for secp224k1 */ |
| 520 CHECK_SEC_OK( |
| 521 gf_populate_params(ECCurve_SECG_PRIME_224K1, ec_field_GFp, params)); |
| 522 break; |
| 523 |
| 524 case SEC_OID_SECG_EC_SECP224R1: |
| 525 /* Populate params for secp224r1 |
| 526 * (the NIST P-224 curve) |
| 527 */ |
| 528 CHECK_SEC_OK( |
| 529 gf_populate_params(ECCurve_SECG_PRIME_224R1, ec_field_GFp, params)); |
| 530 break; |
| 531 |
| 532 case SEC_OID_SECG_EC_SECP256K1: |
| 533 /* Populate params for secp256k1 */ |
| 534 CHECK_SEC_OK( |
| 535 gf_populate_params(ECCurve_SECG_PRIME_256K1, ec_field_GFp, params)); |
| 536 break; |
| 537 |
| 538 case SEC_OID_SECG_EC_SECP384R1: |
| 539 /* Populate params for secp384r1 |
| 540 * (the NIST P-384 curve) |
| 541 */ |
| 542 CHECK_SEC_OK( |
| 543 gf_populate_params(ECCurve_SECG_PRIME_384R1, ec_field_GFp, params)); |
| 544 break; |
| 545 |
| 546 case SEC_OID_SECG_EC_SECP521R1: |
| 547 /* Populate params for secp521r1 |
| 548 * (the NIST P-521 curve) |
| 549 */ |
| 550 CHECK_SEC_OK( |
| 551 gf_populate_params(ECCurve_SECG_PRIME_521R1, ec_field_GFp, params)); |
| 552 break; |
| 553 |
| 554 default: |
| 555 break; |
| 556 }; |
| 557 |
| 558 cleanup: |
| 559 if (!params->cofactor) { |
| 560 PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); |
| 561 #if EC_DEBUG |
| 562 printf("Unrecognized curve, returning NULL params\n"); |
| 563 #endif |
| 564 } |
| 565 |
| 566 return rv; |
| 567 } |
| 568 |
| 569 SECStatus EC_DecodeParams(const SECItem *encodedParams, ECParams **ecparams) { |
| 570 PLArenaPool *arena; |
| 571 ECParams *params; |
| 572 SECStatus rv = SECFailure; |
| 573 |
| 574 /* Initialize an arena for the ECParams structure */ |
| 575 if (!(arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE))) return SECFailure; |
| 576 |
| 577 params = (ECParams *)PORT_ArenaZAlloc(arena, sizeof(ECParams)); |
| 578 if (!params) { |
| 579 PORT_FreeArena(arena, PR_TRUE); |
| 580 return SECFailure; |
| 581 } |
| 582 |
| 583 /* Copy the encoded params */ |
| 584 SECITEM_AllocItem(arena, &(params->DEREncoding), encodedParams->len); |
| 585 memcpy(params->DEREncoding.data, encodedParams->data, encodedParams->len); |
| 586 |
| 587 /* Fill out the rest of the ECParams structure based on |
| 588 * the encoded params |
| 589 */ |
| 590 rv = EC_FillParams(arena, encodedParams, params); |
| 591 if (rv == SECFailure) { |
| 592 PORT_FreeArena(arena, PR_TRUE); |
| 593 return SECFailure; |
| 594 } else { |
| 595 *ecparams = params; |
| 596 ; |
106 return SECSuccess; | 597 return SECSuccess; |
107 | 598 } |
108 cleanup: | |
109 return SECFailure; | |
110 } | 599 } |
111 | 600 |
112 static SECStatus | |
113 gf_populate_params(ECCurveName name, ECFieldType field_type, ECParams *params) | |
114 { | |
115 SECStatus rv = SECFailure; | |
116 const ECCurveParams *curveParams; | |
117 /* 2 ['0'+'4'] + MAX_ECKEY_LEN * 2 [x,y] * 2 [hex string] + 1 ['\0'] */ | |
118 char genenc[3 + 2 * 2 * MAX_ECKEY_LEN]; | |
119 | |
120 if ((name < ECCurve_noName) || (name > ECCurve_pastLastCurve)) goto cleanup; | |
121 params->name = name; | |
122 curveParams = ecCurve_map[params->name]; | |
123 CHECK_OK(curveParams); | |
124 params->fieldID.size = curveParams->size; | |
125 params->fieldID.type = field_type; | |
126 if (field_type == ec_field_GFp) { | |
127 CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.prime,· | |
128 curveParams->irr)); | |
129 } else { | |
130 CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly,· | |
131 curveParams->irr)); | |
132 } | |
133 CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a,· | |
134 curveParams->curvea)); | |
135 CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b,· | |
136 curveParams->curveb)); | |
137 genenc[0] = '0'; | |
138 genenc[1] = '4'; | |
139 genenc[2] = '\0'; | |
140 strcat(genenc, curveParams->genx); | |
141 strcat(genenc, curveParams->geny); | |
142 CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, genenc)); | |
143 CHECK_OK(hexString2SECItem(params->arena, ¶ms->order,· | |
144 curveParams->order)); | |
145 params->cofactor = curveParams->cofactor; | |
146 | |
147 rv = SECSuccess; | |
148 | |
149 cleanup: | |
150 return rv; | |
151 } | |
152 | |
153 SECStatus | |
154 EC_FillParams(PLArenaPool *arena, const SECItem *encodedParams, | |
155 ECParams *params) | |
156 { | |
157 SECStatus rv = SECFailure; | |
158 SECOidTag tag; | |
159 SECItem oid = { siBuffer, NULL, 0}; | |
160 | |
161 #if EC_DEBUG | |
162 int i; | |
163 | |
164 printf("Encoded params in EC_DecodeParams: "); | |
165 for (i = 0; i < encodedParams->len; i++) { | |
166 printf("%02x:", encodedParams->data[i]); | |
167 } | |
168 printf("\n"); | |
169 #endif | |
170 | |
171 if ((encodedParams->len != ANSI_X962_CURVE_OID_TOTAL_LEN) && | |
172 (encodedParams->len != SECG_CURVE_OID_TOTAL_LEN)) { | |
173 PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); | |
174 return SECFailure; | |
175 }; | |
176 | |
177 oid.len = encodedParams->len - 2; | |
178 oid.data = encodedParams->data + 2; | |
179 if ((encodedParams->data[0] != SEC_ASN1_OBJECT_ID) || | |
180 ((tag = SECOID_FindOIDTag(&oid)) == SEC_OID_UNKNOWN)) {· | |
181 PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); | |
182 return SECFailure; | |
183 } | |
184 | |
185 params->arena = arena; | |
186 params->cofactor = 0; | |
187 params->type = ec_params_named; | |
188 params->name = ECCurve_noName; | |
189 | |
190 /* For named curves, fill out curveOID */ | |
191 params->curveOID.len = oid.len; | |
192 params->curveOID.data = (unsigned char *) PORT_ArenaAlloc(arena, oid.len); | |
193 if (params->curveOID.data == NULL) goto cleanup; | |
194 memcpy(params->curveOID.data, oid.data, oid.len); | |
195 | |
196 #if EC_DEBUG | |
197 printf("Curve: %s\n", SECOID_FindOIDTagDescription(tag)); | |
198 #endif | |
199 | |
200 switch (tag) { | |
201 | |
202 /* Binary curves */ | |
203 | |
204 case SEC_OID_ANSIX962_EC_C2PNB163V1: | |
205 /* Populate params for c2pnb163v1 */ | |
206 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V1, ec_field_
GF2m, | |
207 params) ); | |
208 break; | |
209 | |
210 case SEC_OID_ANSIX962_EC_C2PNB163V2: | |
211 /* Populate params for c2pnb163v2 */ | |
212 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V2, ec_field_
GF2m, | |
213 params) ); | |
214 break; | |
215 | |
216 case SEC_OID_ANSIX962_EC_C2PNB163V3: | |
217 /* Populate params for c2pnb163v3 */ | |
218 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V3, ec_field_
GF2m, | |
219 params) ); | |
220 break; | |
221 | |
222 case SEC_OID_ANSIX962_EC_C2PNB176V1: | |
223 /* Populate params for c2pnb176v1 */ | |
224 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB176V1, ec_field_
GF2m, | |
225 params) ); | |
226 break; | |
227 | |
228 case SEC_OID_ANSIX962_EC_C2TNB191V1: | |
229 /* Populate params for c2tnb191v1 */ | |
230 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V1, ec_field_
GF2m, | |
231 params) ); | |
232 break; | |
233 | |
234 case SEC_OID_ANSIX962_EC_C2TNB191V2: | |
235 /* Populate params for c2tnb191v2 */ | |
236 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V2, ec_field_
GF2m, | |
237 params) ); | |
238 break; | |
239 | |
240 case SEC_OID_ANSIX962_EC_C2TNB191V3: | |
241 /* Populate params for c2tnb191v3 */ | |
242 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V3, ec_field_
GF2m, | |
243 params) ); | |
244 break; | |
245 | |
246 case SEC_OID_ANSIX962_EC_C2PNB208W1: | |
247 /* Populate params for c2pnb208w1 */ | |
248 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB208W1, ec_field_
GF2m, | |
249 params) ); | |
250 break; | |
251 | |
252 case SEC_OID_ANSIX962_EC_C2TNB239V1: | |
253 /* Populate params for c2tnb239v1 */ | |
254 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V1, ec_field_
GF2m, | |
255 params) ); | |
256 break; | |
257 | |
258 case SEC_OID_ANSIX962_EC_C2TNB239V2: | |
259 /* Populate params for c2tnb239v2 */ | |
260 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V2, ec_field_
GF2m, | |
261 params) ); | |
262 break; | |
263 | |
264 case SEC_OID_ANSIX962_EC_C2TNB239V3: | |
265 /* Populate params for c2tnb239v3 */ | |
266 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V3, ec_field_
GF2m, | |
267 params) ); | |
268 break; | |
269 | |
270 case SEC_OID_ANSIX962_EC_C2PNB272W1: | |
271 /* Populate params for c2pnb272w1 */ | |
272 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB272W1, ec_field_
GF2m, | |
273 params) ); | |
274 break; | |
275 | |
276 case SEC_OID_ANSIX962_EC_C2PNB304W1: | |
277 /* Populate params for c2pnb304w1 */ | |
278 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB304W1, ec_field_
GF2m, | |
279 params) ); | |
280 break; | |
281 | |
282 case SEC_OID_ANSIX962_EC_C2TNB359V1: | |
283 /* Populate params for c2tnb359v1 */ | |
284 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB359V1, ec_field_
GF2m, | |
285 params) ); | |
286 break; | |
287 | |
288 case SEC_OID_ANSIX962_EC_C2PNB368W1: | |
289 /* Populate params for c2pnb368w1 */ | |
290 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB368W1, ec_field_
GF2m, | |
291 params) ); | |
292 break; | |
293 | |
294 case SEC_OID_ANSIX962_EC_C2TNB431R1: | |
295 /* Populate params for c2tnb431r1 */ | |
296 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB431R1, ec_field_
GF2m, | |
297 params) ); | |
298 break; | |
299 ········ | |
300 case SEC_OID_SECG_EC_SECT113R1: | |
301 /* Populate params for sect113r1 */ | |
302 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_113R1, ec_field_GF2m
, | |
303 params) ); | |
304 break; | |
305 | |
306 case SEC_OID_SECG_EC_SECT113R2: | |
307 /* Populate params for sect113r2 */ | |
308 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_113R2, ec_field_GF2m
, | |
309 params) ); | |
310 break; | |
311 | |
312 case SEC_OID_SECG_EC_SECT131R1: | |
313 /* Populate params for sect131r1 */ | |
314 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_131R1, ec_field_GF2m
, | |
315 params) ); | |
316 break; | |
317 | |
318 case SEC_OID_SECG_EC_SECT131R2: | |
319 /* Populate params for sect131r2 */ | |
320 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_131R2, ec_field_GF2m
, | |
321 params) ); | |
322 break; | |
323 | |
324 case SEC_OID_SECG_EC_SECT163K1: | |
325 /* Populate params for sect163k1 | |
326 * (the NIST K-163 curve) | |
327 */ | |
328 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163K1, ec_field_GF2m
, | |
329 params) ); | |
330 break; | |
331 | |
332 case SEC_OID_SECG_EC_SECT163R1: | |
333 /* Populate params for sect163r1 */ | |
334 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163R1, ec_field_GF2m
, | |
335 params) ); | |
336 break; | |
337 | |
338 case SEC_OID_SECG_EC_SECT163R2: | |
339 /* Populate params for sect163r2 | |
340 * (the NIST B-163 curve) | |
341 */ | |
342 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163R2, ec_field_GF2m
, | |
343 params) ); | |
344 break; | |
345 | |
346 case SEC_OID_SECG_EC_SECT193R1: | |
347 /* Populate params for sect193r1 */ | |
348 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_193R1, ec_field_GF2m
, | |
349 params) ); | |
350 break; | |
351 | |
352 case SEC_OID_SECG_EC_SECT193R2: | |
353 /* Populate params for sect193r2 */ | |
354 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_193R2, ec_field_GF2m
, | |
355 params) ); | |
356 break; | |
357 | |
358 case SEC_OID_SECG_EC_SECT233K1: | |
359 /* Populate params for sect233k1 | |
360 * (the NIST K-233 curve) | |
361 */ | |
362 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_233K1, ec_field_GF2m
, | |
363 params) ); | |
364 break; | |
365 | |
366 case SEC_OID_SECG_EC_SECT233R1: | |
367 /* Populate params for sect233r1 | |
368 * (the NIST B-233 curve) | |
369 */ | |
370 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_233R1, ec_field_GF2m
, | |
371 params) ); | |
372 break; | |
373 | |
374 case SEC_OID_SECG_EC_SECT239K1: | |
375 /* Populate params for sect239k1 */ | |
376 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_239K1, ec_field_GF2m
, | |
377 params) ); | |
378 break; | |
379 | |
380 case SEC_OID_SECG_EC_SECT283K1: | |
381 /* Populate params for sect283k1 | |
382 * (the NIST K-283 curve) | |
383 */ | |
384 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_283K1, ec_field_GF2m
, | |
385 params) ); | |
386 break; | |
387 | |
388 case SEC_OID_SECG_EC_SECT283R1: | |
389 /* Populate params for sect283r1 | |
390 * (the NIST B-283 curve) | |
391 */ | |
392 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_283R1, ec_field_GF2m
, | |
393 params) ); | |
394 break; | |
395 | |
396 case SEC_OID_SECG_EC_SECT409K1: | |
397 /* Populate params for sect409k1 | |
398 * (the NIST K-409 curve) | |
399 */ | |
400 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_409K1, ec_field_GF2m
, | |
401 params) ); | |
402 break; | |
403 | |
404 case SEC_OID_SECG_EC_SECT409R1: | |
405 /* Populate params for sect409r1 | |
406 * (the NIST B-409 curve) | |
407 */ | |
408 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_409R1, ec_field_GF2m
, | |
409 params) ); | |
410 break; | |
411 | |
412 case SEC_OID_SECG_EC_SECT571K1: | |
413 /* Populate params for sect571k1 | |
414 * (the NIST K-571 curve) | |
415 */ | |
416 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_571K1, ec_field_GF2m
, | |
417 params) ); | |
418 break; | |
419 | |
420 case SEC_OID_SECG_EC_SECT571R1: | |
421 /* Populate params for sect571r1 | |
422 * (the NIST B-571 curve) | |
423 */ | |
424 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_571R1, ec_field_GF2m
, | |
425 params) ); | |
426 break; | |
427 | |
428 /* Prime curves */ | |
429 | |
430 case SEC_OID_ANSIX962_EC_PRIME192V1: | |
431 /* Populate params for prime192v1 aka secp192r1· | |
432 * (the NIST P-192 curve) | |
433 */ | |
434 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V1, ec_field_GFp
, | |
435 params) ); | |
436 break; | |
437 | |
438 case SEC_OID_ANSIX962_EC_PRIME192V2: | |
439 /* Populate params for prime192v2 */ | |
440 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V2, ec_field_GFp
, | |
441 params) ); | |
442 break; | |
443 | |
444 case SEC_OID_ANSIX962_EC_PRIME192V3: | |
445 /* Populate params for prime192v3 */ | |
446 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V3, ec_field_GFp
, | |
447 params) ); | |
448 break; | |
449 ········ | |
450 case SEC_OID_ANSIX962_EC_PRIME239V1: | |
451 /* Populate params for prime239v1 */ | |
452 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V1, ec_field_GFp
, | |
453 params) ); | |
454 break; | |
455 | |
456 case SEC_OID_ANSIX962_EC_PRIME239V2: | |
457 /* Populate params for prime239v2 */ | |
458 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V2, ec_field_GFp
, | |
459 params) ); | |
460 break; | |
461 | |
462 case SEC_OID_ANSIX962_EC_PRIME239V3: | |
463 /* Populate params for prime239v3 */ | |
464 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V3, ec_field_GFp
, | |
465 params) ); | |
466 break; | |
467 | |
468 case SEC_OID_ANSIX962_EC_PRIME256V1: | |
469 /* Populate params for prime256v1 aka secp256r1 | |
470 * (the NIST P-256 curve) | |
471 */ | |
472 CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_256V1, ec_field_GFp
, | |
473 params) ); | |
474 break; | |
475 | |
476 case SEC_OID_SECG_EC_SECP112R1: | |
477 /* Populate params for secp112r1 */ | |
478 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_112R1, ec_field_GFp, | |
479 params) ); | |
480 break; | |
481 | |
482 case SEC_OID_SECG_EC_SECP112R2: | |
483 /* Populate params for secp112r2 */ | |
484 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_112R2, ec_field_GFp, | |
485 params) ); | |
486 break; | |
487 | |
488 case SEC_OID_SECG_EC_SECP128R1: | |
489 /* Populate params for secp128r1 */ | |
490 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_128R1, ec_field_GFp, | |
491 params) ); | |
492 break; | |
493 | |
494 case SEC_OID_SECG_EC_SECP128R2: | |
495 /* Populate params for secp128r2 */ | |
496 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_128R2, ec_field_GFp, | |
497 params) ); | |
498 break; | |
499 ········ | |
500 case SEC_OID_SECG_EC_SECP160K1: | |
501 /* Populate params for secp160k1 */ | |
502 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160K1, ec_field_GFp, | |
503 params) ); | |
504 break; | |
505 | |
506 case SEC_OID_SECG_EC_SECP160R1: | |
507 /* Populate params for secp160r1 */ | |
508 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160R1, ec_field_GFp, | |
509 params) ); | |
510 break; | |
511 | |
512 case SEC_OID_SECG_EC_SECP160R2: | |
513 /* Populate params for secp160r1 */ | |
514 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160R2, ec_field_GFp, | |
515 params) ); | |
516 break; | |
517 | |
518 case SEC_OID_SECG_EC_SECP192K1: | |
519 /* Populate params for secp192k1 */ | |
520 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_192K1, ec_field_GFp, | |
521 params) ); | |
522 break; | |
523 | |
524 case SEC_OID_SECG_EC_SECP224K1: | |
525 /* Populate params for secp224k1 */ | |
526 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_224K1, ec_field_GFp, | |
527 params) ); | |
528 break; | |
529 | |
530 case SEC_OID_SECG_EC_SECP224R1: | |
531 /* Populate params for secp224r1· | |
532 * (the NIST P-224 curve) | |
533 */ | |
534 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_224R1, ec_field_GFp, | |
535 params) ); | |
536 break; | |
537 | |
538 case SEC_OID_SECG_EC_SECP256K1: | |
539 /* Populate params for secp256k1 */ | |
540 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_256K1, ec_field_GFp, | |
541 params) ); | |
542 break; | |
543 | |
544 case SEC_OID_SECG_EC_SECP384R1: | |
545 /* Populate params for secp384r1 | |
546 * (the NIST P-384 curve) | |
547 */ | |
548 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_384R1, ec_field_GFp, | |
549 params) ); | |
550 break; | |
551 | |
552 case SEC_OID_SECG_EC_SECP521R1: | |
553 /* Populate params for secp521r1· | |
554 * (the NIST P-521 curve) | |
555 */ | |
556 CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_521R1, ec_field_GFp, | |
557 params) ); | |
558 break; | |
559 | |
560 default: | |
561 break; | |
562 }; | |
563 | |
564 cleanup: | |
565 if (!params->cofactor) { | |
566 PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); | |
567 #if EC_DEBUG | |
568 printf("Unrecognized curve, returning NULL params\n"); | |
569 #endif | |
570 } | |
571 | |
572 return rv; | |
573 } | |
574 | |
575 SECStatus | |
576 EC_DecodeParams(const SECItem *encodedParams, ECParams **ecparams) | |
577 { | |
578 PLArenaPool *arena; | |
579 ECParams *params; | |
580 SECStatus rv = SECFailure; | |
581 | |
582 /* Initialize an arena for the ECParams structure */ | |
583 if (!(arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE))) | |
584 return SECFailure; | |
585 | |
586 params = (ECParams *)PORT_ArenaZAlloc(arena, sizeof(ECParams)); | |
587 if (!params) { | |
588 PORT_FreeArena(arena, PR_TRUE); | |
589 return SECFailure; | |
590 } | |
591 | |
592 /* Copy the encoded params */ | |
593 SECITEM_AllocItem(arena, &(params->DEREncoding), | |
594 encodedParams->len); | |
595 memcpy(params->DEREncoding.data, encodedParams->data, encodedParams->len); | |
596 | |
597 /* Fill out the rest of the ECParams structure based on· | |
598 * the encoded params· | |
599 */ | |
600 rv = EC_FillParams(arena, encodedParams, params); | |
601 if (rv == SECFailure) { | |
602 PORT_FreeArena(arena, PR_TRUE);· | |
603 return SECFailure; | |
604 } else { | |
605 *ecparams = params;; | |
606 return SECSuccess; | |
607 } | |
608 } | |
609 | |
610 #endif /* NSS_DISABLE_ECC */ | 601 #endif /* NSS_DISABLE_ECC */ |
OLD | NEW |