| OLD | NEW |
|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 4 | 4 |
| 5 #ifdef FREEBL_NO_DEPEND | 5 #ifdef FREEBL_NO_DEPEND |
| 6 #include "stubs.h" | 6 #include "stubs.h" |
| 7 #endif | 7 #endif |
| 8 | 8 |
| 9 | 9 |
| 10 #include "blapi.h" | 10 #include "blapi.h" |
| 11 #include "prerr.h" | 11 #include "prerr.h" |
| 12 #include "secerr.h" | 12 #include "secerr.h" |
| 13 #include "secmpi.h" | 13 #include "secmpi.h" |
| 14 #include "secitem.h" | 14 #include "secitem.h" |
| 15 #include "mplogic.h" | 15 #include "mplogic.h" |
| 16 #include "ec.h" | 16 #include "ec.h" |
| 17 #include "ecl.h" | 17 #include "ecl.h" |
| 18 | 18 |
| 19 #ifdef NSS_ENABLE_ECC | 19 #ifndef NSS_DISABLE_ECC |
| 20 | 20 |
| 21 /* | 21 /* |
| 22 * Returns true if pointP is the point at infinity, false otherwise | 22 * Returns true if pointP is the point at infinity, false otherwise |
| 23 */ | 23 */ |
| 24 PRBool | 24 PRBool |
| 25 ec_point_at_infinity(SECItem *pointP) | 25 ec_point_at_infinity(SECItem *pointP) |
| 26 { | 26 { |
| 27 unsigned int i; | 27 unsigned int i; |
| 28 | 28 |
| 29 for (i = 1; i < pointP->len; i++) { | 29 for (i = 1; i < pointP->len; i++) { |
| (...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 185 mp_clear(&irreducible); | 185 mp_clear(&irreducible); |
| 186 mp_clear(&a); | 186 mp_clear(&a); |
| 187 mp_clear(&b); | 187 mp_clear(&b); |
| 188 if (err) { | 188 if (err) { |
| 189 MP_TO_SEC_ERROR(err); | 189 MP_TO_SEC_ERROR(err); |
| 190 rv = SECFailure; | 190 rv = SECFailure; |
| 191 } | 191 } |
| 192 | 192 |
| 193 return rv; | 193 return rv; |
| 194 } | 194 } |
| 195 #endif /* NSS_ENABLE_ECC */ | 195 #endif /* NSS_DISABLE_ECC */ |
| 196 | 196 |
| 197 /* Generates a new EC key pair. The private key is a supplied | 197 /* Generates a new EC key pair. The private key is a supplied |
| 198 * value and the public key is the result of performing a scalar | 198 * value and the public key is the result of performing a scalar |
| 199 * point multiplication of that value with the curve's base point. | 199 * point multiplication of that value with the curve's base point. |
| 200 */ | 200 */ |
| 201 SECStatus | 201 SECStatus |
| 202 ec_NewKey(ECParams *ecParams, ECPrivateKey **privKey, | 202 ec_NewKey(ECParams *ecParams, ECPrivateKey **privKey, |
| 203 const unsigned char *privKeyBytes, int privKeyLen) | 203 const unsigned char *privKeyBytes, int privKeyLen) |
| 204 { | 204 { |
| 205 SECStatus rv = SECFailure; | 205 SECStatus rv = SECFailure; |
| 206 #ifdef NSS_ENABLE_ECC | 206 #ifndef NSS_DISABLE_ECC |
| 207 PLArenaPool *arena; | 207 PLArenaPool *arena; |
| 208 ECPrivateKey *key; | 208 ECPrivateKey *key; |
| 209 mp_int k; | 209 mp_int k; |
| 210 mp_err err = MP_OKAY; | 210 mp_err err = MP_OKAY; |
| 211 int len; | 211 int len; |
| 212 | 212 |
| 213 #if EC_DEBUG | 213 #if EC_DEBUG |
| 214 printf("ec_NewKey called\n"); | 214 printf("ec_NewKey called\n"); |
| 215 #endif | 215 #endif |
| 216 MP_DIGITS(&k) = 0; | 216 MP_DIGITS(&k) = 0; |
| (...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 294 mp_clear(&k); | 294 mp_clear(&k); |
| 295 if (rv) | 295 if (rv) |
| 296 PORT_FreeArena(arena, PR_TRUE); | 296 PORT_FreeArena(arena, PR_TRUE); |
| 297 | 297 |
| 298 #if EC_DEBUG | 298 #if EC_DEBUG |
| 299 printf("ec_NewKey returning %s\n", | 299 printf("ec_NewKey returning %s\n", |
| 300 (rv == SECSuccess) ? "success" : "failure"); | 300 (rv == SECSuccess) ? "success" : "failure"); |
| 301 #endif | 301 #endif |
| 302 #else | 302 #else |
| 303 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); | 303 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); |
| 304 #endif /* NSS_ENABLE_ECC */ | 304 #endif /* NSS_DISABLE_ECC */ |
| 305 | 305 |
| 306 return rv; | 306 return rv; |
| 307 | 307 |
| 308 } | 308 } |
| 309 | 309 |
| 310 /* Generates a new EC key pair. The private key is a supplied | 310 /* Generates a new EC key pair. The private key is a supplied |
| 311 * random value (in seed) and the public key is the result of | 311 * random value (in seed) and the public key is the result of |
| 312 * performing a scalar point multiplication of that value with | 312 * performing a scalar point multiplication of that value with |
| 313 * the curve's base point. | 313 * the curve's base point. |
| 314 */ | 314 */ |
| 315 SECStatus | 315 SECStatus |
| 316 EC_NewKeyFromSeed(ECParams *ecParams, ECPrivateKey **privKey, | 316 EC_NewKeyFromSeed(ECParams *ecParams, ECPrivateKey **privKey, |
| 317 const unsigned char *seed, int seedlen) | 317 const unsigned char *seed, int seedlen) |
| 318 { | 318 { |
| 319 SECStatus rv = SECFailure; | 319 SECStatus rv = SECFailure; |
| 320 #ifdef NSS_ENABLE_ECC | 320 #ifndef NSS_DISABLE_ECC |
| 321 rv = ec_NewKey(ecParams, privKey, seed, seedlen); | 321 rv = ec_NewKey(ecParams, privKey, seed, seedlen); |
| 322 #else | 322 #else |
| 323 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); | 323 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); |
| 324 #endif /* NSS_ENABLE_ECC */ | 324 #endif /* NSS_DISABLE_ECC */ |
| 325 return rv; | 325 return rv; |
| 326 } | 326 } |
| 327 | 327 |
| 328 #ifdef NSS_ENABLE_ECC | 328 #ifndef NSS_DISABLE_ECC |
| 329 /* Generate a random private key using the algorithm A.4.1 of ANSI X9.62, | 329 /* Generate a random private key using the algorithm A.4.1 of ANSI X9.62, |
| 330 * modified a la FIPS 186-2 Change Notice 1 to eliminate the bias in the | 330 * modified a la FIPS 186-2 Change Notice 1 to eliminate the bias in the |
| 331 * random number generator. | 331 * random number generator. |
| 332 * | 332 * |
| 333 * Parameters | 333 * Parameters |
| 334 * - order: a buffer that holds the curve's group order | 334 * - order: a buffer that holds the curve's group order |
| 335 * - len: the length in octets of the order buffer | 335 * - len: the length in octets of the order buffer |
| 336 * | 336 * |
| 337 * Return Value | 337 * Return Value |
| 338 * Returns a buffer of len octets that holds the private key. The caller | 338 * Returns a buffer of len octets that holds the private key. The caller |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 374 if (err < MP_OKAY) { | 374 if (err < MP_OKAY) { |
| 375 MP_TO_SEC_ERROR(err); | 375 MP_TO_SEC_ERROR(err); |
| 376 rv = SECFailure; | 376 rv = SECFailure; |
| 377 } | 377 } |
| 378 if (rv != SECSuccess && privKeyBytes) { | 378 if (rv != SECSuccess && privKeyBytes) { |
| 379 PORT_Free(privKeyBytes); | 379 PORT_Free(privKeyBytes); |
| 380 privKeyBytes = NULL; | 380 privKeyBytes = NULL; |
| 381 } | 381 } |
| 382 return privKeyBytes; | 382 return privKeyBytes; |
| 383 } | 383 } |
| 384 #endif /* NSS_ENABLE_ECC */ | 384 #endif /* NSS_DISABLE_ECC */ |
| 385 | 385 |
| 386 /* Generates a new EC key pair. The private key is a random value and | 386 /* Generates a new EC key pair. The private key is a random value and |
| 387 * the public key is the result of performing a scalar point multiplication | 387 * the public key is the result of performing a scalar point multiplication |
| 388 * of that value with the curve's base point. | 388 * of that value with the curve's base point. |
| 389 */ | 389 */ |
| 390 SECStatus | 390 SECStatus |
| 391 EC_NewKey(ECParams *ecParams, ECPrivateKey **privKey) | 391 EC_NewKey(ECParams *ecParams, ECPrivateKey **privKey) |
| 392 { | 392 { |
| 393 SECStatus rv = SECFailure; | 393 SECStatus rv = SECFailure; |
| 394 #ifdef NSS_ENABLE_ECC | 394 #ifndef NSS_DISABLE_ECC |
| 395 int len; | 395 int len; |
| 396 unsigned char *privKeyBytes = NULL; | 396 unsigned char *privKeyBytes = NULL; |
| 397 | 397 |
| 398 if (!ecParams) { | 398 if (!ecParams) { |
| 399 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 399 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| 400 return SECFailure; | 400 return SECFailure; |
| 401 } | 401 } |
| 402 | 402 |
| 403 len = ecParams->order.len; | 403 len = ecParams->order.len; |
| 404 privKeyBytes = ec_GenerateRandomPrivateKey(ecParams->order.data, len); | 404 privKeyBytes = ec_GenerateRandomPrivateKey(ecParams->order.data, len); |
| 405 if (privKeyBytes == NULL) goto cleanup; | 405 if (privKeyBytes == NULL) goto cleanup; |
| 406 /* generate public key */ | 406 /* generate public key */ |
| 407 CHECK_SEC_OK( ec_NewKey(ecParams, privKey, privKeyBytes, len) ); | 407 CHECK_SEC_OK( ec_NewKey(ecParams, privKey, privKeyBytes, len) ); |
| 408 | 408 |
| 409 cleanup: | 409 cleanup: |
| 410 if (privKeyBytes) { | 410 if (privKeyBytes) { |
| 411 PORT_ZFree(privKeyBytes, len); | 411 PORT_ZFree(privKeyBytes, len); |
| 412 } | 412 } |
| 413 #if EC_DEBUG | 413 #if EC_DEBUG |
| 414 printf("EC_NewKey returning %s\n", | 414 printf("EC_NewKey returning %s\n", |
| 415 (rv == SECSuccess) ? "success" : "failure"); | 415 (rv == SECSuccess) ? "success" : "failure"); |
| 416 #endif | 416 #endif |
| 417 #else | 417 #else |
| 418 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); | 418 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); |
| 419 #endif /* NSS_ENABLE_ECC */ | 419 #endif /* NSS_DISABLE_ECC */ |
| 420 | 420 |
| 421 return rv; | 421 return rv; |
| 422 } | 422 } |
| 423 | 423 |
| 424 /* Validates an EC public key as described in Section 5.2.2 of | 424 /* Validates an EC public key as described in Section 5.2.2 of |
| 425 * X9.62. The ECDH primitive when used without the cofactor does | 425 * X9.62. The ECDH primitive when used without the cofactor does |
| 426 * not address small subgroup attacks, which may occur when the | 426 * not address small subgroup attacks, which may occur when the |
| 427 * public key is not valid. These attacks can be prevented by | 427 * public key is not valid. These attacks can be prevented by |
| 428 * validating the public key before using ECDH. | 428 * validating the public key before using ECDH. |
| 429 */ | 429 */ |
| 430 SECStatus | 430 SECStatus |
| 431 EC_ValidatePublicKey(ECParams *ecParams, SECItem *publicValue) | 431 EC_ValidatePublicKey(ECParams *ecParams, SECItem *publicValue) |
| 432 { | 432 { |
| 433 #ifdef NSS_ENABLE_ECC | 433 #ifndef NSS_DISABLE_ECC |
| 434 mp_int Px, Py; | 434 mp_int Px, Py; |
| 435 ECGroup *group = NULL; | 435 ECGroup *group = NULL; |
| 436 SECStatus rv = SECFailure; | 436 SECStatus rv = SECFailure; |
| 437 mp_err err = MP_OKAY; | 437 mp_err err = MP_OKAY; |
| 438 int len; | 438 int len; |
| 439 | 439 |
| 440 if (!ecParams || !publicValue) { | 440 if (!ecParams || !publicValue) { |
| 441 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 441 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| 442 return SECFailure; | 442 return SECFailure; |
| 443 } | 443 } |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 499 mp_clear(&Px); | 499 mp_clear(&Px); |
| 500 mp_clear(&Py); | 500 mp_clear(&Py); |
| 501 if (err) { | 501 if (err) { |
| 502 MP_TO_SEC_ERROR(err); | 502 MP_TO_SEC_ERROR(err); |
| 503 rv = SECFailure; | 503 rv = SECFailure; |
| 504 } | 504 } |
| 505 return rv; | 505 return rv; |
| 506 #else | 506 #else |
| 507 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); | 507 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); |
| 508 return SECFailure; | 508 return SECFailure; |
| 509 #endif /* NSS_ENABLE_ECC */ | 509 #endif /* NSS_DISABLE_ECC */ |
| 510 } | 510 } |
| 511 | 511 |
| 512 /* | 512 /* |
| 513 ** Performs an ECDH key derivation by computing the scalar point | 513 ** Performs an ECDH key derivation by computing the scalar point |
| 514 ** multiplication of privateValue and publicValue (with or without the | 514 ** multiplication of privateValue and publicValue (with or without the |
| 515 ** cofactor) and returns the x-coordinate of the resulting elliptic | 515 ** cofactor) and returns the x-coordinate of the resulting elliptic |
| 516 ** curve point in derived secret. If successful, derivedSecret->data | 516 ** curve point in derived secret. If successful, derivedSecret->data |
| 517 ** is set to the address of the newly allocated buffer containing the | 517 ** is set to the address of the newly allocated buffer containing the |
| 518 ** derived secret, and derivedSecret->len is the size of the secret | 518 ** derived secret, and derivedSecret->len is the size of the secret |
| 519 ** produced. It is the caller's responsibility to free the allocated | 519 ** produced. It is the caller's responsibility to free the allocated |
| 520 ** buffer containing the derived secret. | 520 ** buffer containing the derived secret. |
| 521 */ | 521 */ |
| 522 SECStatus | 522 SECStatus |
| 523 ECDH_Derive(SECItem *publicValue, | 523 ECDH_Derive(SECItem *publicValue, |
| 524 ECParams *ecParams, | 524 ECParams *ecParams, |
| 525 SECItem *privateValue, | 525 SECItem *privateValue, |
| 526 PRBool withCofactor, | 526 PRBool withCofactor, |
| 527 SECItem *derivedSecret) | 527 SECItem *derivedSecret) |
| 528 { | 528 { |
| 529 SECStatus rv = SECFailure; | 529 SECStatus rv = SECFailure; |
| 530 #ifdef NSS_ENABLE_ECC | 530 #ifndef NSS_DISABLE_ECC |
| 531 unsigned int len = 0; | 531 unsigned int len = 0; |
| 532 SECItem pointQ = {siBuffer, NULL, 0}; | 532 SECItem pointQ = {siBuffer, NULL, 0}; |
| 533 mp_int k; /* to hold the private value */ | 533 mp_int k; /* to hold the private value */ |
| 534 mp_int cofactor; | 534 mp_int cofactor; |
| 535 mp_err err = MP_OKAY; | 535 mp_err err = MP_OKAY; |
| 536 #if EC_DEBUG | 536 #if EC_DEBUG |
| 537 int i; | 537 int i; |
| 538 #endif | 538 #endif |
| 539 | 539 |
| 540 if (!publicValue || !ecParams || !privateValue || | 540 if (!publicValue || !ecParams || !privateValue || |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 589 | 589 |
| 590 if (err) { | 590 if (err) { |
| 591 MP_TO_SEC_ERROR(err); | 591 MP_TO_SEC_ERROR(err); |
| 592 } | 592 } |
| 593 | 593 |
| 594 if (pointQ.data) { | 594 if (pointQ.data) { |
| 595 PORT_ZFree(pointQ.data, 2*len + 1); | 595 PORT_ZFree(pointQ.data, 2*len + 1); |
| 596 } | 596 } |
| 597 #else | 597 #else |
| 598 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); | 598 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); |
| 599 #endif /* NSS_ENABLE_ECC */ | 599 #endif /* NSS_DISABLE_ECC */ |
| 600 | 600 |
| 601 return rv; | 601 return rv; |
| 602 } | 602 } |
| 603 | 603 |
| 604 /* Computes the ECDSA signature (a concatenation of two values r and s) | 604 /* Computes the ECDSA signature (a concatenation of two values r and s) |
| 605 * on the digest using the given key and the random value kb (used in | 605 * on the digest using the given key and the random value kb (used in |
| 606 * computing s). | 606 * computing s). |
| 607 */ | 607 */ |
| 608 SECStatus | 608 SECStatus |
| 609 ECDSA_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature, | 609 ECDSA_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature, |
| 610 const SECItem *digest, const unsigned char *kb, const int kblen) | 610 const SECItem *digest, const unsigned char *kb, const int kblen) |
| 611 { | 611 { |
| 612 SECStatus rv = SECFailure; | 612 SECStatus rv = SECFailure; |
| 613 #ifdef NSS_ENABLE_ECC | 613 #ifndef NSS_DISABLE_ECC |
| 614 mp_int x1; | 614 mp_int x1; |
| 615 mp_int d, k; /* private key, random integer */ | 615 mp_int d, k; /* private key, random integer */ |
| 616 mp_int r, s; /* tuple (r, s) is the signature */ | 616 mp_int r, s; /* tuple (r, s) is the signature */ |
| 617 mp_int n; | 617 mp_int n; |
| 618 mp_err err = MP_OKAY; | 618 mp_err err = MP_OKAY; |
| 619 ECParams *ecParams = NULL; | 619 ECParams *ecParams = NULL; |
| 620 SECItem kGpoint = { siBuffer, NULL, 0}; | 620 SECItem kGpoint = { siBuffer, NULL, 0}; |
| 621 int flen = 0; /* length in bytes of the field size */ | 621 int flen = 0; /* length in bytes of the field size */ |
| 622 unsigned olen; /* length in bytes of the base point order */ | 622 unsigned olen; /* length in bytes of the base point order */ |
| 623 unsigned obits; /* length in bits of the base point order */ | 623 unsigned obits; /* length in bits of the base point order */ |
| (...skipping 191 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 815 MP_TO_SEC_ERROR(err); | 815 MP_TO_SEC_ERROR(err); |
| 816 rv = SECFailure; | 816 rv = SECFailure; |
| 817 } | 817 } |
| 818 | 818 |
| 819 #if EC_DEBUG | 819 #if EC_DEBUG |
| 820 printf("ECDSA signing with seed %s\n", | 820 printf("ECDSA signing with seed %s\n", |
| 821 (rv == SECSuccess) ? "succeeded" : "failed"); | 821 (rv == SECSuccess) ? "succeeded" : "failed"); |
| 822 #endif | 822 #endif |
| 823 #else | 823 #else |
| 824 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); | 824 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); |
| 825 #endif /* NSS_ENABLE_ECC */ | 825 #endif /* NSS_DISABLE_ECC */ |
| 826 | 826 |
| 827 return rv; | 827 return rv; |
| 828 } | 828 } |
| 829 | 829 |
| 830 /* | 830 /* |
| 831 ** Computes the ECDSA signature on the digest using the given key | 831 ** Computes the ECDSA signature on the digest using the given key |
| 832 ** and a random seed. | 832 ** and a random seed. |
| 833 */ | 833 */ |
| 834 SECStatus | 834 SECStatus |
| 835 ECDSA_SignDigest(ECPrivateKey *key, SECItem *signature, const SECItem *digest) | 835 ECDSA_SignDigest(ECPrivateKey *key, SECItem *signature, const SECItem *digest) |
| 836 { | 836 { |
| 837 SECStatus rv = SECFailure; | 837 SECStatus rv = SECFailure; |
| 838 #ifdef NSS_ENABLE_ECC | 838 #ifndef NSS_DISABLE_ECC |
| 839 int len; | 839 int len; |
| 840 unsigned char *kBytes= NULL; | 840 unsigned char *kBytes= NULL; |
| 841 | 841 |
| 842 if (!key) { | 842 if (!key) { |
| 843 PORT_SetError(SEC_ERROR_INVALID_ARGS); | 843 PORT_SetError(SEC_ERROR_INVALID_ARGS); |
| 844 return SECFailure; | 844 return SECFailure; |
| 845 } | 845 } |
| 846 | 846 |
| 847 /* Generate random value k */ | 847 /* Generate random value k */ |
| 848 len = key->ecParams.order.len; | 848 len = key->ecParams.order.len; |
| 849 kBytes = ec_GenerateRandomPrivateKey(key->ecParams.order.data, len); | 849 kBytes = ec_GenerateRandomPrivateKey(key->ecParams.order.data, len); |
| 850 if (kBytes == NULL) goto cleanup; | 850 if (kBytes == NULL) goto cleanup; |
| 851 | 851 |
| 852 /* Generate ECDSA signature with the specified k value */ | 852 /* Generate ECDSA signature with the specified k value */ |
| 853 rv = ECDSA_SignDigestWithSeed(key, signature, digest, kBytes, len); | 853 rv = ECDSA_SignDigestWithSeed(key, signature, digest, kBytes, len); |
| 854 | 854 |
| 855 cleanup: | 855 cleanup: |
| 856 if (kBytes) { | 856 if (kBytes) { |
| 857 PORT_ZFree(kBytes, len); | 857 PORT_ZFree(kBytes, len); |
| 858 } | 858 } |
| 859 | 859 |
| 860 #if EC_DEBUG | 860 #if EC_DEBUG |
| 861 printf("ECDSA signing %s\n", | 861 printf("ECDSA signing %s\n", |
| 862 (rv == SECSuccess) ? "succeeded" : "failed"); | 862 (rv == SECSuccess) ? "succeeded" : "failed"); |
| 863 #endif | 863 #endif |
| 864 #else | 864 #else |
| 865 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); | 865 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); |
| 866 #endif /* NSS_ENABLE_ECC */ | 866 #endif /* NSS_DISABLE_ECC */ |
| 867 | 867 |
| 868 return rv; | 868 return rv; |
| 869 } | 869 } |
| 870 | 870 |
| 871 /* | 871 /* |
| 872 ** Checks the signature on the given digest using the key provided. | 872 ** Checks the signature on the given digest using the key provided. |
| 873 */ | 873 */ |
| 874 SECStatus | 874 SECStatus |
| 875 ECDSA_VerifyDigest(ECPublicKey *key, const SECItem *signature, | 875 ECDSA_VerifyDigest(ECPublicKey *key, const SECItem *signature, |
| 876 const SECItem *digest) | 876 const SECItem *digest) |
| 877 { | 877 { |
| 878 SECStatus rv = SECFailure; | 878 SECStatus rv = SECFailure; |
| 879 #ifdef NSS_ENABLE_ECC | 879 #ifndef NSS_DISABLE_ECC |
| 880 mp_int r_, s_; /* tuple (r', s') is received signature) */ | 880 mp_int r_, s_; /* tuple (r', s') is received signature) */ |
| 881 mp_int c, u1, u2, v; /* intermediate values used in verification */ | 881 mp_int c, u1, u2, v; /* intermediate values used in verification */ |
| 882 mp_int x1; | 882 mp_int x1; |
| 883 mp_int n; | 883 mp_int n; |
| 884 mp_err err = MP_OKAY; | 884 mp_err err = MP_OKAY; |
| 885 ECParams *ecParams = NULL; | 885 ECParams *ecParams = NULL; |
| 886 SECItem pointC = { siBuffer, NULL, 0 }; | 886 SECItem pointC = { siBuffer, NULL, 0 }; |
| 887 int slen; /* length in bytes of a half signature (r or s) */ | 887 int slen; /* length in bytes of a half signature (r or s) */ |
| 888 int flen; /* length in bytes of the field size */ | 888 int flen; /* length in bytes of the field size */ |
| 889 unsigned olen; /* length in bytes of the base point order */ | 889 unsigned olen; /* length in bytes of the base point order */ |
| (...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1066 MP_TO_SEC_ERROR(err); | 1066 MP_TO_SEC_ERROR(err); |
| 1067 rv = SECFailure; | 1067 rv = SECFailure; |
| 1068 } | 1068 } |
| 1069 | 1069 |
| 1070 #if EC_DEBUG | 1070 #if EC_DEBUG |
| 1071 printf("ECDSA verification %s\n", | 1071 printf("ECDSA verification %s\n", |
| 1072 (rv == SECSuccess) ? "succeeded" : "failed"); | 1072 (rv == SECSuccess) ? "succeeded" : "failed"); |
| 1073 #endif | 1073 #endif |
| 1074 #else | 1074 #else |
| 1075 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); | 1075 PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); |
| 1076 #endif /* NSS_ENABLE_ECC */ | 1076 #endif /* NSS_DISABLE_ECC */ |
| 1077 | 1077 |
| 1078 return rv; | 1078 return rv; |
| 1079 } | 1079 } |
| 1080 | 1080 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 195763027:
Update NSS to NSS_3_16_RC0. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/