Login
Log in using an SSO provider:
Fedora Account System
Red Hat Associate
Red Hat Customer
Login using a Red Hat Bugzilla account
Forgot Password
Create an Account
Red Hat Bugzilla – Attachment 886221 Details for
Bug 1075702
ECC decode refactoring needed to build OpenJDK SunEC provider for ECC support
Home
New
Search
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh90 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
[?]
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Refactor eccdecode from softoken to freebl
refactor.patch (text/plain), 47.83 KB, created by
Elio Maldonado Batiz
on 2014-04-14 17:57:46 UTC
(
hide
)
Description:
Refactor eccdecode from softoken to freebl
Filename:
MIME Type:
Creator:
Elio Maldonado Batiz
Created:
2014-04-14 17:57:46 UTC
Size:
47.83 KB
patch
obsolete
>diff --git a/lib/freebl/blapi.h b/lib/freebl/blapi.h >--- a/lib/freebl/blapi.h >+++ b/lib/freebl/blapi.h >@@ -1571,11 +1571,23 @@ PRBool BLAPI_SHVerifyFile(const char *sh > **************************************************************************/ > PRBool BLAPI_VerifySelf(const char *name); > > /*********************************************************************/ > extern const SECHashObject * HASH_GetRawHashObject(HASH_HashType hashType); > > extern void BL_SetForkState(PRBool forked); > >+#ifndef NSS_DISABLE_ECC >+/* >+** pepare an ECParam structure from DEREncoded params >+ */ >+extern SECStatus EC_FillParams(PLArenaPool *arena, >+ const SECItem *encodedParams, ECParams *params); >+extern SECStatus EC_DecodeParams(const SECItem *encodedParams, >+ ECParams **ecparams); >+extern SECStatus EC_CopyParams(PLArenaPool *arena, ECParams *dstParams, >+ const ECParams *srcParams); >+#endif >+ > SEC_END_PROTOS > > #endif /* _BLAPI_H_ */ >diff --git a/lib/freebl/ecdecode.c b/lib/freebl/ecdecode.c >new file mode 100644 >--- /dev/null >+++ b/lib/freebl/ecdecode.c >@@ -0,0 +1,610 @@ >+/* This Source Code Form is subject to the terms of the Mozilla Public >+ * License, v. 2.0. If a copy of the MPL was not distributed with this >+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ >+ >+#ifndef NSS_DISABLE_ECC >+ >+#ifdef FREEBL_NO_DEPEND >+#include "stubs.h" >+#endif >+ >+#include "blapi.h" >+#include "secoid.h" >+#include "secitem.h" >+#include "secerr.h" >+#include "ec.h" >+#include "ecl-curve.h" >+ >+#define CHECK_OK(func) if (func == NULL) goto cleanup >+#define CHECK_SEC_OK(func) if (SECSuccess != (rv = func)) goto cleanup >+ >+/* >+ * Initializes a SECItem from a hexadecimal string >+ * >+ * Warning: This function ignores leading 00's, so any leading 00's >+ * in the hexadecimal string must be optional. >+ */ >+static SECItem * >+hexString2SECItem(PLArenaPool *arena, SECItem *item, const char *str) >+{ >+ int i = 0; >+ int byteval = 0; >+ int tmp = PORT_Strlen(str); >+ >+ if ((tmp % 2) != 0) return NULL; >+ >+ /* skip leading 00's unless the hex string is "00" */ >+ while ((tmp > 2) && (str[0] == '0') && (str[1] == '0')) { >+ str += 2; >+ tmp -= 2; >+ } >+ >+ item->data = (unsigned char *) PORT_ArenaAlloc(arena, tmp/2); >+ if (item->data == NULL) return NULL; >+ item->len = tmp/2; >+ >+ while (str[i]) { >+ if ((str[i] >= '0') && (str[i] <= '9')) >+ tmp = str[i] - '0'; >+ else if ((str[i] >= 'a') && (str[i] <= 'f')) >+ tmp = str[i] - 'a' + 10; >+ else if ((str[i] >= 'A') && (str[i] <= 'F')) >+ tmp = str[i] - 'A' + 10; >+ else >+ return NULL; >+ >+ byteval = byteval * 16 + tmp; >+ if ((i % 2) != 0) { >+ item->data[i/2] = byteval; >+ byteval = 0; >+ } >+ i++; >+ } >+ >+ return item; >+} >+ >+/* Copy all of the fields from srcParams into dstParams >+ */ >+SECStatus >+EC_CopyParams(PLArenaPool *arena, ECParams *dstParams, >+ const ECParams *srcParams) >+{ >+ SECStatus rv = SECFailure; >+ >+ dstParams->arena = arena; >+ dstParams->type = srcParams->type; >+ dstParams->fieldID.size = srcParams->fieldID.size; >+ dstParams->fieldID.type = srcParams->fieldID.type; >+ if (srcParams->fieldID.type == ec_field_GFp) { >+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->fieldID.u.prime, >+ &srcParams->fieldID.u.prime)); >+ } else { >+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->fieldID.u.poly, >+ &srcParams->fieldID.u.poly)); >+ } >+ dstParams->fieldID.k1 = srcParams->fieldID.k1; >+ dstParams->fieldID.k2 = srcParams->fieldID.k2; >+ dstParams->fieldID.k3 = srcParams->fieldID.k3; >+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.a, >+ &srcParams->curve.a)); >+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.b, >+ &srcParams->curve.b)); >+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.seed, >+ &srcParams->curve.seed)); >+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->base, >+ &srcParams->base)); >+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->order, >+ &srcParams->order)); >+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->DEREncoding, >+ &srcParams->DEREncoding)); >+ dstParams->name = srcParams->name; >+ CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curveOID, >+ &srcParams->curveOID)); >+ dstParams->cofactor = srcParams->cofactor; >+ >+ return SECSuccess; >+ >+cleanup: >+ return SECFailure; >+} >+ >+static SECStatus >+gf_populate_params(ECCurveName name, ECFieldType field_type, ECParams *params) >+{ >+ SECStatus rv = SECFailure; >+ const ECCurveParams *curveParams; >+ /* 2 ['0'+'4'] + MAX_ECKEY_LEN * 2 [x,y] * 2 [hex string] + 1 ['\0'] */ >+ char genenc[3 + 2 * 2 * MAX_ECKEY_LEN]; >+ >+ if ((name < ECCurve_noName) || (name > ECCurve_pastLastCurve)) goto cleanup; >+ params->name = name; >+ curveParams = ecCurve_map[params->name]; >+ CHECK_OK(curveParams); >+ params->fieldID.size = curveParams->size; >+ params->fieldID.type = field_type; >+ if (field_type == ec_field_GFp) { >+ CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.prime, >+ curveParams->irr)); >+ } else { >+ CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, >+ curveParams->irr)); >+ } >+ CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, >+ curveParams->curvea)); >+ CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, >+ curveParams->curveb)); >+ genenc[0] = '0'; >+ genenc[1] = '4'; >+ genenc[2] = '\0'; >+ strcat(genenc, curveParams->genx); >+ strcat(genenc, curveParams->geny); >+ CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, genenc)); >+ CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, >+ curveParams->order)); >+ params->cofactor = curveParams->cofactor; >+ >+ rv = SECSuccess; >+ >+cleanup: >+ return rv; >+} >+ >+SECStatus >+EC_FillParams(PLArenaPool *arena, const SECItem *encodedParams, >+ ECParams *params) >+{ >+ SECStatus rv = SECFailure; >+ SECOidTag tag; >+ SECItem oid = { siBuffer, NULL, 0}; >+ >+#if EC_DEBUG >+ int i; >+ >+ printf("Encoded params in EC_DecodeParams: "); >+ for (i = 0; i < encodedParams->len; i++) { >+ printf("%02x:", encodedParams->data[i]); >+ } >+ printf("\n"); >+#endif >+ >+ if ((encodedParams->len != ANSI_X962_CURVE_OID_TOTAL_LEN) && >+ (encodedParams->len != SECG_CURVE_OID_TOTAL_LEN)) { >+ PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); >+ return SECFailure; >+ }; >+ >+ oid.len = encodedParams->len - 2; >+ oid.data = encodedParams->data + 2; >+ if ((encodedParams->data[0] != SEC_ASN1_OBJECT_ID) || >+ ((tag = SECOID_FindOIDTag(&oid)) == SEC_OID_UNKNOWN)) { >+ PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); >+ return SECFailure; >+ } >+ >+ params->arena = arena; >+ params->cofactor = 0; >+ params->type = ec_params_named; >+ params->name = ECCurve_noName; >+ >+ /* For named curves, fill out curveOID */ >+ params->curveOID.len = oid.len; >+ params->curveOID.data = (unsigned char *) PORT_ArenaAlloc(arena, oid.len); >+ if (params->curveOID.data == NULL) goto cleanup; >+ memcpy(params->curveOID.data, oid.data, oid.len); >+ >+#if EC_DEBUG >+ printf("Curve: %s\n", SECOID_FindOIDTagDescription(tag)); >+#endif >+ >+ switch (tag) { >+ >+ /* Binary curves */ >+ >+ case SEC_OID_ANSIX962_EC_C2PNB163V1: >+ /* Populate params for c2pnb163v1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2PNB163V2: >+ /* Populate params for c2pnb163v2 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V2, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2PNB163V3: >+ /* Populate params for c2pnb163v3 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V3, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2PNB176V1: >+ /* Populate params for c2pnb176v1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB176V1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2TNB191V1: >+ /* Populate params for c2tnb191v1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2TNB191V2: >+ /* Populate params for c2tnb191v2 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V2, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2TNB191V3: >+ /* Populate params for c2tnb191v3 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V3, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2PNB208W1: >+ /* Populate params for c2pnb208w1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB208W1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2TNB239V1: >+ /* Populate params for c2tnb239v1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2TNB239V2: >+ /* Populate params for c2tnb239v2 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V2, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2TNB239V3: >+ /* Populate params for c2tnb239v3 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V3, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2PNB272W1: >+ /* Populate params for c2pnb272w1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB272W1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2PNB304W1: >+ /* Populate params for c2pnb304w1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB304W1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2TNB359V1: >+ /* Populate params for c2tnb359v1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB359V1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2PNB368W1: >+ /* Populate params for c2pnb368w1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB368W1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_C2TNB431R1: >+ /* Populate params for c2tnb431r1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB431R1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT113R1: >+ /* Populate params for sect113r1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_113R1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT113R2: >+ /* Populate params for sect113r2 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_113R2, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT131R1: >+ /* Populate params for sect131r1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_131R1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT131R2: >+ /* Populate params for sect131r2 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_131R2, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT163K1: >+ /* Populate params for sect163k1 >+ * (the NIST K-163 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163K1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT163R1: >+ /* Populate params for sect163r1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163R1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT163R2: >+ /* Populate params for sect163r2 >+ * (the NIST B-163 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163R2, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT193R1: >+ /* Populate params for sect193r1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_193R1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT193R2: >+ /* Populate params for sect193r2 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_193R2, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT233K1: >+ /* Populate params for sect233k1 >+ * (the NIST K-233 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_233K1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT233R1: >+ /* Populate params for sect233r1 >+ * (the NIST B-233 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_233R1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT239K1: >+ /* Populate params for sect239k1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_239K1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT283K1: >+ /* Populate params for sect283k1 >+ * (the NIST K-283 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_283K1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT283R1: >+ /* Populate params for sect283r1 >+ * (the NIST B-283 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_283R1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT409K1: >+ /* Populate params for sect409k1 >+ * (the NIST K-409 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_409K1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT409R1: >+ /* Populate params for sect409r1 >+ * (the NIST B-409 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_409R1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT571K1: >+ /* Populate params for sect571k1 >+ * (the NIST K-571 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_571K1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECT571R1: >+ /* Populate params for sect571r1 >+ * (the NIST B-571 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_571R1, ec_field_GF2m, >+ params) ); >+ break; >+ >+ /* Prime curves */ >+ >+ case SEC_OID_ANSIX962_EC_PRIME192V1: >+ /* Populate params for prime192v1 aka secp192r1 >+ * (the NIST P-192 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V1, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_PRIME192V2: >+ /* Populate params for prime192v2 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V2, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_PRIME192V3: >+ /* Populate params for prime192v3 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V3, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_PRIME239V1: >+ /* Populate params for prime239v1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V1, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_PRIME239V2: >+ /* Populate params for prime239v2 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V2, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_PRIME239V3: >+ /* Populate params for prime239v3 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V3, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_ANSIX962_EC_PRIME256V1: >+ /* Populate params for prime256v1 aka secp256r1 >+ * (the NIST P-256 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_256V1, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECP112R1: >+ /* Populate params for secp112r1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_112R1, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECP112R2: >+ /* Populate params for secp112r2 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_112R2, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECP128R1: >+ /* Populate params for secp128r1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_128R1, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECP128R2: >+ /* Populate params for secp128r2 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_128R2, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECP160K1: >+ /* Populate params for secp160k1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160K1, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECP160R1: >+ /* Populate params for secp160r1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160R1, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECP160R2: >+ /* Populate params for secp160r1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160R2, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECP192K1: >+ /* Populate params for secp192k1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_192K1, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECP224K1: >+ /* Populate params for secp224k1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_224K1, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECP224R1: >+ /* Populate params for secp224r1 >+ * (the NIST P-224 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_224R1, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECP256K1: >+ /* Populate params for secp256k1 */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_256K1, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECP384R1: >+ /* Populate params for secp384r1 >+ * (the NIST P-384 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_384R1, ec_field_GFp, >+ params) ); >+ break; >+ >+ case SEC_OID_SECG_EC_SECP521R1: >+ /* Populate params for secp521r1 >+ * (the NIST P-521 curve) >+ */ >+ CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_521R1, ec_field_GFp, >+ params) ); >+ break; >+ >+ default: >+ break; >+ }; >+ >+cleanup: >+ if (!params->cofactor) { >+ PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); >+#if EC_DEBUG >+ printf("Unrecognized curve, returning NULL params\n"); >+#endif >+ } >+ >+ return rv; >+} >+ >+SECStatus >+EC_DecodeParams(const SECItem *encodedParams, ECParams **ecparams) >+{ >+ PLArenaPool *arena; >+ ECParams *params; >+ SECStatus rv = SECFailure; >+ >+ /* Initialize an arena for the ECParams structure */ >+ if (!(arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE))) >+ return SECFailure; >+ >+ params = (ECParams *)PORT_ArenaZAlloc(arena, sizeof(ECParams)); >+ if (!params) { >+ PORT_FreeArena(arena, PR_TRUE); >+ return SECFailure; >+ } >+ >+ /* Copy the encoded params */ >+ SECITEM_AllocItem(arena, &(params->DEREncoding), >+ encodedParams->len); >+ memcpy(params->DEREncoding.data, encodedParams->data, encodedParams->len); >+ >+ /* Fill out the rest of the ECParams structure based on >+ * the encoded params >+ */ >+ rv = EC_FillParams(arena, encodedParams, params); >+ if (rv == SECFailure) { >+ PORT_FreeArena(arena, PR_TRUE); >+ return SECFailure; >+ } else { >+ *ecparams = params;; >+ return SECSuccess; >+ } >+} >+ >+#endif /* NSS_DISABLE_ECC */ >diff --git a/lib/freebl/ldvector.c b/lib/freebl/ldvector.c >--- a/lib/freebl/ldvector.c >+++ b/lib/freebl/ldvector.c >@@ -275,29 +275,35 @@ static const struct FREEBLVectorStr vect > RSA_EncryptOAEP, > RSA_DecryptOAEP, > RSA_EncryptBlock, > RSA_DecryptBlock, > RSA_SignPSS, > RSA_CheckSignPSS, > RSA_Sign, > RSA_CheckSign, >- RSA_CheckSignRecover >+ RSA_CheckSignRecover, > > /* End of Version 3.016 */ >+ >+ EC_FillParams, >+ EC_DecodeParams, >+ EC_CopyParams >+ >+ /* End of Version 3.017 */ > }; > >-const FREEBLVector * >+const FREEBLVector * > FREEBL_GetVector(void) > { > extern const char __nss_freebl_rcsid[]; > extern const char __nss_freebl_sccsid[]; > > /* force a reference that won't get optimized away */ > volatile char c; > >- c = __nss_freebl_rcsid[0] + __nss_freebl_sccsid[0]; >+ c = __nss_freebl_rcsid[0] + __nss_freebl_sccsid[0]; > #ifdef FREEBL_NO_DEPEND > FREEBL_InitStubs(); > #endif > return &vector; > } > >diff --git a/lib/freebl/loader.c b/lib/freebl/loader.c >--- a/lib/freebl/loader.c >+++ b/lib/freebl/loader.c >@@ -2088,8 +2088,34 @@ SECStatus RSA_CheckSignRecover(RSAPublic > unsigned int maxOutputLen, > const unsigned char *sig, > unsigned int sigLen) { > if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) > return SECFailure; > return (vector->p_RSA_CheckSignRecover)(key, output, outputLen, maxOutputLen, > sig, sigLen); > } >+ >+SECStatus EC_FillParams(PLArenaPool *arena, >+ const SECItem *encodedParams, >+ ECParams *params) >+{ >+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) >+ return SECFailure; >+ return (vector->p_EC_FillParams)(arena, encodedParams, params); >+} >+ >+SECStatus EC_DecodeParams(const SECItem *encodedParams, >+ ECParams **ecparams) >+{ >+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) >+ return SECFailure; >+ return (vector->p_EC_DecodeParams)(encodedParams, ecparams); >+} >+ >+SECStatus EC_CopyParams(PLArenaPool *arena, ECParams *dstParams, >+ const ECParams *srcParams) >+{ >+ if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) >+ return SECFailure; >+ return (vector->p_EC_CopyParams)(arena, dstParams, srcParams); >+} >+ >diff --git a/lib/freebl/loader.h b/lib/freebl/loader.h >--- a/lib/freebl/loader.h >+++ b/lib/freebl/loader.h >@@ -5,17 +5,17 @@ > * License, v. 2.0. If a copy of the MPL was not distributed with this > * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ > > #ifndef _LOADER_H_ > #define _LOADER_H_ 1 > > #include "blapi.h" > >-#define FREEBL_VERSION 0x0310 >+#define FREEBL_VERSION 0x0311 > > struct FREEBLVectorStr { > > unsigned short length; /* of this struct in bytes */ > unsigned short version; /* of this struct. */ > > RSAPrivateKey * (* p_RSA_NewKey)(int keySizeInBits, > SECItem * publicExponent); >@@ -693,16 +693,25 @@ struct FREEBLVectorStr { > unsigned char *output, > unsigned int *outputLen, > unsigned int maxOutputLen, > const unsigned char *sig, > unsigned int sigLen); > > /* Version 3.016 came to here */ > >+ SECStatus (* p_EC_FillParams)(PLArenaPool *arena, >+ const SECItem *encodedParams, ECParams *params); >+ SECStatus (* p_EC_DecodeParams)(const SECItem *encodedParams, >+ ECParams **ecparams); >+ SECStatus (* p_EC_CopyParams)(PLArenaPool *arena, ECParams *dstParams, >+ const ECParams *srcParams); >+ >+ /* Version 3.017 came to here */ >+ > /* Add new function pointers at the end of this struct and bump > * FREEBL_VERSION at the beginning of this file. */ > }; > > typedef struct FREEBLVectorStr FREEBLVector; > > SEC_BEGIN_PROTOS > >diff --git a/lib/freebl/manifest.mn b/lib/freebl/manifest.mn >--- a/lib/freebl/manifest.mn >+++ b/lib/freebl/manifest.mn >@@ -105,16 +105,17 @@ CSRCS = \ > ctr.c \ > gcm.c \ > hmacct.c \ > rijndael.c \ > aeskeywrap.c \ > camellia.c \ > dh.c \ > ec.c \ >+ ecdecode.c \ > pqg.c \ > dsa.c \ > rsa.c \ > rsapkcs.c \ > shvfy.c \ > tlsprfalg.c \ > seed.c \ > jpake.c \ >diff --git a/lib/freebl/stubs.c b/lib/freebl/stubs.c >--- a/lib/freebl/stubs.c >+++ b/lib/freebl/stubs.c >@@ -100,16 +100,17 @@ > #define STUB_SAFE_CALL4(fn,a1,a2,a3,a4) \ > if (fn) { return fn(a1,a2,a3,a4); } > #define STUB_SAFE_CALL6(fn,a1,a2,a3,a4,a5,a6) \ > if (fn) { return fn(a1,a2,a3,a4,a5,a6); } > #endif > > > STUB_DECLARE(void *,PORT_Alloc_Util,(size_t len)); >+STUB_DECLARE(void *,PORT_ArenaAlloc_Util,(PLArenaPool *arena, size_t size)); > STUB_DECLARE(void *,PORT_ArenaZAlloc_Util,(PLArenaPool *arena, size_t size)); > STUB_DECLARE(void ,PORT_Free_Util,(void *ptr)); > STUB_DECLARE(void ,PORT_FreeArena_Util,(PLArenaPool *arena, PRBool zero)); > STUB_DECLARE(int,PORT_GetError_Util,(void)); > STUB_DECLARE(PLArenaPool *,PORT_NewArena_Util,(unsigned long chunksize)); > STUB_DECLARE(void,PORT_SetError_Util,(int value)); > STUB_DECLARE(void *,PORT_ZAlloc_Util,(size_t len)); > STUB_DECLARE(void,PORT_ZFree_Util,(void *ptr, size_t len)); >@@ -136,22 +137,23 @@ STUB_DECLARE(PROffset32,PR_Seek,(PRFileD > STUB_DECLARE(PRStatus,PR_Sleep,(PRIntervalTime ticks)); > STUB_DECLARE(PRStatus,PR_Unlock,(PRLock *lock)); > STUB_DECLARE(PRStatus,PR_WaitCondVar,(PRCondVar *cvar, > PRIntervalTime timeout)); > > > STUB_DECLARE(SECItem *,SECITEM_AllocItem_Util,(PLArenaPool *arena, > SECItem *item,unsigned int len)); >-STUB_DECLARE(SECComparison,SECITEM_CompareItem_Util,(const SECItem *a, >+STUB_DECLARE(SECComparison,SECITEM_CompareItem_Util,(const SECItem *a, > const SECItem *b)); > STUB_DECLARE(SECStatus,SECITEM_CopyItem_Util,(PLArenaPool *arena, > SECItem *to,const SECItem *from)); > STUB_DECLARE(void,SECITEM_FreeItem_Util,(SECItem *zap, PRBool freeit)); > STUB_DECLARE(void,SECITEM_ZfreeItem_Util,(SECItem *zap, PRBool freeit)); >+STUB_DECLARE(SECOidTag,SECOID_FindOIDTag_Util,(const SECItem *oid)); > STUB_DECLARE(int, NSS_SecureMemcmp,(const void *a, const void *b, size_t n)); > > > #define PORT_ZNew_stub(type) (type*)PORT_ZAlloc_stub(sizeof(type)) > #define PORT_New_stub(type) (type*)PORT_Alloc_stub(sizeof(type)) > #define PORT_ZNewArray_stub(type, num) \ > (type*) PORT_ZAlloc_stub (sizeof(type)*(num)) > >@@ -207,24 +209,33 @@ PR_Free_stub(void *ptr) > return free(ptr); > } > > /* > * arenas > * > */ > extern PLArenaPool * >-PORT_NewArena_stub(unsigned long chunksize) >+PORT_NewArena_stub(unsigned long chunksize) > { > STUB_SAFE_CALL1(PORT_NewArena_Util, chunksize); > abort(); > return NULL; > } > > extern void * >+PORT_ArenaAlloc_stub(PLArenaPool *arena, size_t size) >+{ >+ >+ STUB_SAFE_CALL2(PORT_ArenaZAlloc_Util, arena, size); >+ abort(); >+ return NULL; >+} >+ >+extern void * > PORT_ArenaZAlloc_stub(PLArenaPool *arena, size_t size) > { > > STUB_SAFE_CALL2(PORT_ArenaZAlloc_Util, arena, size); > abort(); > return NULL; > } > >@@ -495,24 +506,32 @@ SECITEM_AllocItem_stub(PLArenaPool *aren > extern SECComparison > SECITEM_CompareItem_stub(const SECItem *a, const SECItem *b) > { > STUB_SAFE_CALL2(SECITEM_CompareItem_Util, a, b); > abort(); > return SECEqual; > } > >-extern SECStatus >+extern SECStatus > SECITEM_CopyItem_stub(PLArenaPool *arena, SECItem *to, const SECItem *from) > { > STUB_SAFE_CALL3(SECITEM_CopyItem_Util, arena, to, from); > abort(); > return SECFailure; > } > >+extern SECOidTag >+SECOID_FindOIDTag_stub(const SECItem *oid) >+{ >+ STUB_SAFE_CALL1(SECOID_FindOIDTag_Util, oid); >+ abort(); >+ return SEC_OID_UNKNOWN; >+} >+ > extern void > SECITEM_ZfreeItem_stub(SECItem *zap, PRBool freeit) > { > STUB_SAFE_CALL2(SECITEM_ZfreeItem_Util, zap, freeit); > abort(); > } > > extern int >@@ -555,25 +574,27 @@ freebl_InitNSPR(void *lib) > static SECStatus > freebl_InitNSSUtil(void *lib) > { > STUB_FETCH_FUNCTION(PORT_Alloc_Util); > STUB_FETCH_FUNCTION(PORT_Free_Util); > STUB_FETCH_FUNCTION(PORT_ZAlloc_Util); > STUB_FETCH_FUNCTION(PORT_ZFree_Util); > STUB_FETCH_FUNCTION(PORT_NewArena_Util); >+ STUB_FETCH_FUNCTION(PORT_ArenaAlloc_Util); > STUB_FETCH_FUNCTION(PORT_ArenaZAlloc_Util); > STUB_FETCH_FUNCTION(PORT_FreeArena_Util); > STUB_FETCH_FUNCTION(PORT_GetError_Util); > STUB_FETCH_FUNCTION(PORT_SetError_Util); > STUB_FETCH_FUNCTION(SECITEM_FreeItem_Util); > STUB_FETCH_FUNCTION(SECITEM_AllocItem_Util); > STUB_FETCH_FUNCTION(SECITEM_CompareItem_Util); > STUB_FETCH_FUNCTION(SECITEM_CopyItem_Util); > STUB_FETCH_FUNCTION(SECITEM_ZfreeItem_Util); >+ STUB_FETCH_FUNCTION(SECOID_FindOIDTag_Util); > STUB_FETCH_FUNCTION(NSS_SecureMemcmp); > return SECSuccess; > } > > /* > * fetch the library if it's loaded. For NSS it should already be loaded > */ > #define freebl_getLibrary(libName) \ >diff --git a/lib/freebl/stubs.h b/lib/freebl/stubs.h >--- a/lib/freebl/stubs.h >+++ b/lib/freebl/stubs.h >@@ -9,37 +9,39 @@ > */ > > #ifndef _STUBS_H > #define _STUBS_H_ 1 > > #ifdef _LIBUTIL_H_ > /* must be included before util */ > /*#error stubs.h included too late */ >-#define MP_DIGITES(x) "stubs included too late" >+#define MP_DIGITES(x) "stubs included too late" > #endif > > /* hide libutil rename */ > #define _LIBUTIL_H_ 1 > > #define PORT_Alloc PORT_Alloc_stub >+#define PORT_ArenaAlloc PORT_ArenaAlloc_stub > #define PORT_ArenaZAlloc PORT_ArenaZAlloc_stub > #define PORT_Free PORT_Free_stub > #define PORT_FreeArena PORT_FreeArena_stub > #define PORT_GetError PORT_GetError_stub > #define PORT_NewArena PORT_NewArena_stub > #define PORT_SetError PORT_SetError_stub > #define PORT_ZAlloc PORT_ZAlloc_stub > #define PORT_ZFree PORT_ZFree_stub > > #define SECITEM_AllocItem SECITEM_AllocItem_stub > #define SECITEM_CompareItem SECITEM_CompareItem_stub > #define SECITEM_CopyItem SECITEM_CopyItem_stub > #define SECITEM_FreeItem SECITEM_FreeItem_stub > #define SECITEM_ZfreeItem SECITEM_ZfreeItem_stub >+#define SECOID_FindOIDTag SECOID_FindOIDTag_stub > #define NSS_SecureMemcmp NSS_SecureMemcmp_stub > > #define PR_Assert PR_Assert_stub > #define PR_CallOnce PR_CallOnce_stub > #define PR_Close PR_Close_stub > #define PR_DestroyCondVar PR_DestroyCondVar_stub > #define PR_DestroyLock PR_DestroyLock_stub > #define PR_Free PR_Free_stub >diff --git a/lib/softoken/ecdecode.c b/lib/softoken/ecdecode.c >deleted file mode 100644 >--- a/lib/softoken/ecdecode.c >+++ /dev/null >@@ -1,606 +0,0 @@ >-/* This Source Code Form is subject to the terms of the Mozilla Public >- * License, v. 2.0. If a copy of the MPL was not distributed with this >- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ >- >-#ifndef NSS_DISABLE_ECC >- >-#include "blapi.h" >-#include "secoid.h" >-#include "secitem.h" >-#include "secerr.h" >-#include "ec.h" >-#include "ecl-curve.h" >- >-#define CHECK_OK(func) if (func == NULL) goto cleanup >-#define CHECK_SEC_OK(func) if (SECSuccess != (rv = func)) goto cleanup >- >-/* >- * Initializes a SECItem from a hexadecimal string >- * >- * Warning: This function ignores leading 00's, so any leading 00's >- * in the hexadecimal string must be optional. >- */ >-static SECItem * >-hexString2SECItem(PLArenaPool *arena, SECItem *item, const char *str) >-{ >- int i = 0; >- int byteval = 0; >- int tmp = PORT_Strlen(str); >- >- if ((tmp % 2) != 0) return NULL; >- >- /* skip leading 00's unless the hex string is "00" */ >- while ((tmp > 2) && (str[0] == '0') && (str[1] == '0')) { >- str += 2; >- tmp -= 2; >- } >- >- item->data = (unsigned char *) PORT_ArenaAlloc(arena, tmp/2); >- if (item->data == NULL) return NULL; >- item->len = tmp/2; >- >- while (str[i]) { >- if ((str[i] >= '0') && (str[i] <= '9')) >- tmp = str[i] - '0'; >- else if ((str[i] >= 'a') && (str[i] <= 'f')) >- tmp = str[i] - 'a' + 10; >- else if ((str[i] >= 'A') && (str[i] <= 'F')) >- tmp = str[i] - 'A' + 10; >- else >- return NULL; >- >- byteval = byteval * 16 + tmp; >- if ((i % 2) != 0) { >- item->data[i/2] = byteval; >- byteval = 0; >- } >- i++; >- } >- >- return item; >-} >- >-/* Copy all of the fields from srcParams into dstParams >- */ >-SECStatus >-EC_CopyParams(PLArenaPool *arena, ECParams *dstParams, >- const ECParams *srcParams) >-{ >- SECStatus rv = SECFailure; >- >- dstParams->arena = arena; >- dstParams->type = srcParams->type; >- dstParams->fieldID.size = srcParams->fieldID.size; >- dstParams->fieldID.type = srcParams->fieldID.type; >- if (srcParams->fieldID.type == ec_field_GFp) { >- CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->fieldID.u.prime, >- &srcParams->fieldID.u.prime)); >- } else { >- CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->fieldID.u.poly, >- &srcParams->fieldID.u.poly)); >- } >- dstParams->fieldID.k1 = srcParams->fieldID.k1; >- dstParams->fieldID.k2 = srcParams->fieldID.k2; >- dstParams->fieldID.k3 = srcParams->fieldID.k3; >- CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.a, >- &srcParams->curve.a)); >- CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.b, >- &srcParams->curve.b)); >- CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curve.seed, >- &srcParams->curve.seed)); >- CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->base, >- &srcParams->base)); >- CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->order, >- &srcParams->order)); >- CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->DEREncoding, >- &srcParams->DEREncoding)); >- dstParams->name = srcParams->name; >- CHECK_SEC_OK(SECITEM_CopyItem(arena, &dstParams->curveOID, >- &srcParams->curveOID)); >- dstParams->cofactor = srcParams->cofactor; >- >- return SECSuccess; >- >-cleanup: >- return SECFailure; >-} >- >-static SECStatus >-gf_populate_params(ECCurveName name, ECFieldType field_type, ECParams *params) >-{ >- SECStatus rv = SECFailure; >- const ECCurveParams *curveParams; >- /* 2 ['0'+'4'] + MAX_ECKEY_LEN * 2 [x,y] * 2 [hex string] + 1 ['\0'] */ >- char genenc[3 + 2 * 2 * MAX_ECKEY_LEN]; >- >- if ((name < ECCurve_noName) || (name > ECCurve_pastLastCurve)) goto cleanup; >- params->name = name; >- curveParams = ecCurve_map[params->name]; >- CHECK_OK(curveParams); >- params->fieldID.size = curveParams->size; >- params->fieldID.type = field_type; >- if (field_type == ec_field_GFp) { >- CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.prime, >- curveParams->irr)); >- } else { >- CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, >- curveParams->irr)); >- } >- CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, >- curveParams->curvea)); >- CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, >- curveParams->curveb)); >- genenc[0] = '0'; >- genenc[1] = '4'; >- genenc[2] = '\0'; >- strcat(genenc, curveParams->genx); >- strcat(genenc, curveParams->geny); >- CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, genenc)); >- CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, >- curveParams->order)); >- params->cofactor = curveParams->cofactor; >- >- rv = SECSuccess; >- >-cleanup: >- return rv; >-} >- >-SECStatus >-EC_FillParams(PLArenaPool *arena, const SECItem *encodedParams, >- ECParams *params) >-{ >- SECStatus rv = SECFailure; >- SECOidTag tag; >- SECItem oid = { siBuffer, NULL, 0}; >- >-#if EC_DEBUG >- int i; >- >- printf("Encoded params in EC_DecodeParams: "); >- for (i = 0; i < encodedParams->len; i++) { >- printf("%02x:", encodedParams->data[i]); >- } >- printf("\n"); >-#endif >- >- if ((encodedParams->len != ANSI_X962_CURVE_OID_TOTAL_LEN) && >- (encodedParams->len != SECG_CURVE_OID_TOTAL_LEN)) { >- PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); >- return SECFailure; >- }; >- >- oid.len = encodedParams->len - 2; >- oid.data = encodedParams->data + 2; >- if ((encodedParams->data[0] != SEC_ASN1_OBJECT_ID) || >- ((tag = SECOID_FindOIDTag(&oid)) == SEC_OID_UNKNOWN)) { >- PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); >- return SECFailure; >- } >- >- params->arena = arena; >- params->cofactor = 0; >- params->type = ec_params_named; >- params->name = ECCurve_noName; >- >- /* For named curves, fill out curveOID */ >- params->curveOID.len = oid.len; >- params->curveOID.data = (unsigned char *) PORT_ArenaAlloc(arena, oid.len); >- if (params->curveOID.data == NULL) goto cleanup; >- memcpy(params->curveOID.data, oid.data, oid.len); >- >-#if EC_DEBUG >- printf("Curve: %s\n", SECOID_FindOIDTagDescription(tag)); >-#endif >- >- switch (tag) { >- >- /* Binary curves */ >- >- case SEC_OID_ANSIX962_EC_C2PNB163V1: >- /* Populate params for c2pnb163v1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2PNB163V2: >- /* Populate params for c2pnb163v2 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V2, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2PNB163V3: >- /* Populate params for c2pnb163v3 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V3, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2PNB176V1: >- /* Populate params for c2pnb176v1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB176V1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2TNB191V1: >- /* Populate params for c2tnb191v1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2TNB191V2: >- /* Populate params for c2tnb191v2 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V2, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2TNB191V3: >- /* Populate params for c2tnb191v3 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V3, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2PNB208W1: >- /* Populate params for c2pnb208w1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB208W1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2TNB239V1: >- /* Populate params for c2tnb239v1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2TNB239V2: >- /* Populate params for c2tnb239v2 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V2, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2TNB239V3: >- /* Populate params for c2tnb239v3 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V3, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2PNB272W1: >- /* Populate params for c2pnb272w1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB272W1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2PNB304W1: >- /* Populate params for c2pnb304w1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB304W1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2TNB359V1: >- /* Populate params for c2tnb359v1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB359V1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2PNB368W1: >- /* Populate params for c2pnb368w1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB368W1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_C2TNB431R1: >- /* Populate params for c2tnb431r1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB431R1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT113R1: >- /* Populate params for sect113r1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_113R1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT113R2: >- /* Populate params for sect113r2 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_113R2, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT131R1: >- /* Populate params for sect131r1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_131R1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT131R2: >- /* Populate params for sect131r2 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_131R2, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT163K1: >- /* Populate params for sect163k1 >- * (the NIST K-163 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163K1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT163R1: >- /* Populate params for sect163r1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163R1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT163R2: >- /* Populate params for sect163r2 >- * (the NIST B-163 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163R2, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT193R1: >- /* Populate params for sect193r1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_193R1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT193R2: >- /* Populate params for sect193r2 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_193R2, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT233K1: >- /* Populate params for sect233k1 >- * (the NIST K-233 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_233K1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT233R1: >- /* Populate params for sect233r1 >- * (the NIST B-233 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_233R1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT239K1: >- /* Populate params for sect239k1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_239K1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT283K1: >- /* Populate params for sect283k1 >- * (the NIST K-283 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_283K1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT283R1: >- /* Populate params for sect283r1 >- * (the NIST B-283 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_283R1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT409K1: >- /* Populate params for sect409k1 >- * (the NIST K-409 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_409K1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT409R1: >- /* Populate params for sect409r1 >- * (the NIST B-409 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_409R1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT571K1: >- /* Populate params for sect571k1 >- * (the NIST K-571 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_571K1, ec_field_GF2m, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECT571R1: >- /* Populate params for sect571r1 >- * (the NIST B-571 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_571R1, ec_field_GF2m, >- params) ); >- break; >- >- /* Prime curves */ >- >- case SEC_OID_ANSIX962_EC_PRIME192V1: >- /* Populate params for prime192v1 aka secp192r1 >- * (the NIST P-192 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V1, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_PRIME192V2: >- /* Populate params for prime192v2 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V2, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_PRIME192V3: >- /* Populate params for prime192v3 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V3, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_PRIME239V1: >- /* Populate params for prime239v1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V1, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_PRIME239V2: >- /* Populate params for prime239v2 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V2, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_PRIME239V3: >- /* Populate params for prime239v3 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V3, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_ANSIX962_EC_PRIME256V1: >- /* Populate params for prime256v1 aka secp256r1 >- * (the NIST P-256 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_256V1, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECP112R1: >- /* Populate params for secp112r1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_112R1, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECP112R2: >- /* Populate params for secp112r2 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_112R2, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECP128R1: >- /* Populate params for secp128r1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_128R1, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECP128R2: >- /* Populate params for secp128r2 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_128R2, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECP160K1: >- /* Populate params for secp160k1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160K1, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECP160R1: >- /* Populate params for secp160r1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160R1, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECP160R2: >- /* Populate params for secp160r1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160R2, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECP192K1: >- /* Populate params for secp192k1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_192K1, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECP224K1: >- /* Populate params for secp224k1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_224K1, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECP224R1: >- /* Populate params for secp224r1 >- * (the NIST P-224 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_224R1, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECP256K1: >- /* Populate params for secp256k1 */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_256K1, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECP384R1: >- /* Populate params for secp384r1 >- * (the NIST P-384 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_384R1, ec_field_GFp, >- params) ); >- break; >- >- case SEC_OID_SECG_EC_SECP521R1: >- /* Populate params for secp521r1 >- * (the NIST P-521 curve) >- */ >- CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_521R1, ec_field_GFp, >- params) ); >- break; >- >- default: >- break; >- }; >- >-cleanup: >- if (!params->cofactor) { >- PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); >-#if EC_DEBUG >- printf("Unrecognized curve, returning NULL params\n"); >-#endif >- } >- >- return rv; >-} >- >-SECStatus >-EC_DecodeParams(const SECItem *encodedParams, ECParams **ecparams) >-{ >- PLArenaPool *arena; >- ECParams *params; >- SECStatus rv = SECFailure; >- >- /* Initialize an arena for the ECParams structure */ >- if (!(arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE))) >- return SECFailure; >- >- params = (ECParams *)PORT_ArenaZAlloc(arena, sizeof(ECParams)); >- if (!params) { >- PORT_FreeArena(arena, PR_TRUE); >- return SECFailure; >- } >- >- /* Copy the encoded params */ >- SECITEM_AllocItem(arena, &(params->DEREncoding), >- encodedParams->len); >- memcpy(params->DEREncoding.data, encodedParams->data, encodedParams->len); >- >- /* Fill out the rest of the ECParams structure based on >- * the encoded params >- */ >- rv = EC_FillParams(arena, encodedParams, params); >- if (rv == SECFailure) { >- PORT_FreeArena(arena, PR_TRUE); >- return SECFailure; >- } else { >- *ecparams = params;; >- return SECSuccess; >- } >-} >- >-#endif /* NSS_DISABLE_ECC */ >diff --git a/lib/softoken/manifest.mn b/lib/softoken/manifest.mn >--- a/lib/softoken/manifest.mn >+++ b/lib/softoken/manifest.mn >@@ -28,17 +28,16 @@ PRIVATE_EXPORTS = \ > softoken.h \ > softoknt.h \ > softkver.h \ > sdb.h \ > sftkdbt.h \ > $(NULL) > > CSRCS = \ >- ecdecode.c \ > fipsaudt.c \ > fipstest.c \ > fipstokn.c \ > lgglue.c \ > lowkey.c \ > lowpbe.c \ > padbuf.c \ > pkcs11.c \ >diff --git a/lib/softoken/softoken.h b/lib/softoken/softoken.h >--- a/lib/softoken/softoken.h >+++ b/lib/softoken/softoken.h >@@ -30,29 +30,16 @@ RSA_HashSign(SECOidTag hashOid, NSSLOWKE > unsigned char *sig, unsigned int *sigLen, unsigned int maxLen, > const unsigned char *hash, unsigned int hashLen); > > extern SECStatus > RSA_HashCheckSign(SECOidTag hashOid, NSSLOWKEYPublicKey *key, > const unsigned char *sig, unsigned int sigLen, > const unsigned char *hash, unsigned int hashLen); > >-#ifndef NSS_DISABLE_ECC >-/* >-** pepare an ECParam structure from DEREncoded params >- */ >-extern SECStatus EC_FillParams(PLArenaPool *arena, >- const SECItem *encodedParams, ECParams *params); >-extern SECStatus EC_DecodeParams(const SECItem *encodedParams, >- ECParams **ecparams); >-extern SECStatus EC_CopyParams(PLArenaPool *arena, ECParams *dstParams, >- const ECParams *srcParams); >-#endif >- >- > /* > ** Prepare a buffer for padded CBC encryption, growing to the appropriate > ** boundary, filling with the appropriate padding. > ** > ** blockSize must be a power of 2. > ** > ** We add from 1 to blockSize bytes -- we *always* grow. > ** The extra bytes contain the value of the length of the padding:
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=886221">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1075702
:
882799
|
884160
| 886221