LEFT | RIGHT |
1 /* | 1 /* |
2 * Key Derivation that doesn't use PKCS11 | 2 * Key Derivation that doesn't use PKCS11 |
3 * | 3 * |
4 * This Source Code Form is subject to the terms of the Mozilla Public | 4 * This Source Code Form is subject to the terms of the Mozilla Public |
5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 5 * License, v. 2.0. If a copy of the MPL was not distributed with this |
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
7 | 7 |
8 #include "ssl.h" /* prereq to sslimpl.h */ | 8 #include "ssl.h" /* prereq to sslimpl.h */ |
9 #include "certt.h" /* prereq to sslimpl.h */ | 9 #include "certt.h" /* prereq to sslimpl.h */ |
10 #include "keythi.h" /* prereq to sslimpl.h */ | 10 #include "keythi.h" /* prereq to sslimpl.h */ |
(...skipping 772 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
783 } | 783 } |
784 /* convert to strength in bits */ | 784 /* convert to strength in bits */ |
785 serverKeyStrengthInBits *= BPB; | 785 serverKeyStrengthInBits *= BPB; |
786 | 786 |
787 signatureKeyStrength = | 787 signatureKeyStrength = |
788 SSL_RSASTRENGTH_TO_ECSTRENGTH(serverKeyStrengthInBits); | 788 SSL_RSASTRENGTH_TO_ECSTRENGTH(serverKeyStrengthInBits); |
789 | 789 |
790 if (requiredECCbits > signatureKeyStrength) | 790 if (requiredECCbits > signatureKeyStrength) |
791 requiredECCbits = signatureKeyStrength; | 791 requiredECCbits = signatureKeyStrength; |
792 | 792 |
793 ecGroup = | 793 ecGroup = ssl_GetECGroupWithStrength(NULL, requiredECCbits); |
794 ssl_GetECGroupWithStrength(NULL, PR_UINT32_MAX, | |
795 requiredECCbits); | |
796 rv = ssl_NamedGroup2ECParams(NULL, ecGroup, &ecParams); | 794 rv = ssl_NamedGroup2ECParams(NULL, ecGroup, &ecParams); |
797 if (rv == SECFailure) { | 795 if (rv == SECFailure) { |
798 break; | 796 break; |
799 } | 797 } |
800 pecParams = &ecParams; | 798 pecParams = &ecParams; |
801 } | 799 } |
802 | 800 |
803 if (testecdhe) { | 801 if (testecdhe) { |
804 /* generate server's ephemeral keys */ | 802 /* generate server's ephemeral keys */ |
805 keapriv = SECKEY_CreateECPrivateKey(pecParams, &keapub, NULL); | 803 keapriv = SECKEY_CreateECPrivateKey(pecParams, &keapub, NULL); |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
878 } | 876 } |
879 | 877 |
880 if (srvPubkey) { | 878 if (srvPubkey) { |
881 SECKEY_DestroyPublicKey(srvPubkey); | 879 SECKEY_DestroyPublicKey(srvPubkey); |
882 srvPubkey = NULL; | 880 srvPubkey = NULL; |
883 } | 881 } |
884 | 882 |
885 return rv; | 883 return rv; |
886 #endif /* NO_PKCS11_BYPASS */ | 884 #endif /* NO_PKCS11_BYPASS */ |
887 } | 885 } |
LEFT | RIGHT |