diff --git a/security/nss/lib/softoken/ecdecode.c b/security/nss/lib/softoken/ecdecode.c index d5e6290f887a..c037dc519cb1 100644 --- a/security/nss/lib/softoken/ecdecode.c +++ b/security/nss/lib/softoken/ecdecode.c @@ -140,15 +140,54 @@ cleanup: return SECFailure; } +static SECStatus +gf_populate_params(ECCurveName name, ECFieldType field_type, ECParams *params) +{ + SECStatus rv = SECFailure; + const ECCurveParams *curveParams; + /* 2 ['0'+'4'] + MAX_ECKEY_LEN * 2 [x,y] * 2 [hex string] + 1 ['\0'] */ + char genenc[3 + 2 * 2 * MAX_ECKEY_LEN]; + + if ((name < ECCurve_noName) || (name > ECCurve_pastLastCurve)) goto cleanup; + params->name = name; + curveParams = ecCurve_map[params->name]; + CHECK_OK(curveParams); + params->fieldID.size = curveParams->size; + params->fieldID.type = field_type; + if (field_type == ec_field_GFp) { + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.prime, + curveParams->irr)); + } else { + CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, + curveParams->irr)); + } + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, + curveParams->curvea)); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, + curveParams->curveb)); + genenc[0] = '0'; + genenc[1] = '4'; + genenc[2] = '\0'; + strcat(genenc, curveParams->genx); + strcat(genenc, curveParams->geny); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, genenc)); + CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, + curveParams->order)); + params->cofactor = curveParams->cofactor; + + rv = SECSuccess; + +cleanup: + return rv; +} + SECStatus EC_FillParams(PRArenaPool *arena, const SECItem *encodedParams, ECParams *params) { + SECStatus rv = SECFailure; SECOidTag tag; SECItem oid = { siBuffer, NULL, 0}; - const ECCurveParams *curveParams; - /* 2 ['0'+'4'] + MAX_ECKEY_LEN * 2 [x,y] * 2 [hex string] + 1 ['\0'] */ - char genenc[3 + 2 * 2 * MAX_ECKEY_LEN]; #if EC_DEBUG int i; @@ -191,406 +230,362 @@ EC_FillParams(PRArenaPool *arena, const SECItem *encodedParams, switch (tag) { -#define GF2M_POPULATE \ - if ((params->name < ECCurve_noName) || \ - (params->name > ECCurve_pastLastCurve)) goto cleanup; \ - curveParams = ecCurve_map[params->name]; \ - CHECK_OK(curveParams); \ - params->fieldID.size = curveParams->size; \ - params->fieldID.type = ec_field_GF2m; \ - CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.poly, \ - curveParams->irr)); \ - CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, \ - curveParams->curvea)); \ - CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, \ - curveParams->curveb)); \ - genenc[0] = '0'; \ - genenc[1] = '4'; \ - genenc[2] = '\0'; \ - CHECK_OK(strcat(genenc, curveParams->genx)); \ - CHECK_OK(strcat(genenc, curveParams->geny)); \ - CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, \ - genenc)); \ - CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, \ - curveParams->order)); \ - params->cofactor = curveParams->cofactor; + /* Binary curves */ case SEC_OID_ANSIX962_EC_C2PNB163V1: /* Populate params for c2pnb163v1 */ - params->name = ECCurve_X9_62_CHAR2_PNB163V1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V1, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2PNB163V2: /* Populate params for c2pnb163v2 */ - params->name = ECCurve_X9_62_CHAR2_PNB163V2; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V2, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2PNB163V3: /* Populate params for c2pnb163v3 */ - params->name = ECCurve_X9_62_CHAR2_PNB163V3; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB163V3, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2PNB176V1: /* Populate params for c2pnb176v1 */ - params->name = ECCurve_X9_62_CHAR2_PNB176V1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB176V1, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2TNB191V1: /* Populate params for c2tnb191v1 */ - params->name = ECCurve_X9_62_CHAR2_TNB191V1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V1, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2TNB191V2: /* Populate params for c2tnb191v2 */ - params->name = ECCurve_X9_62_CHAR2_TNB191V2; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V2, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2TNB191V3: /* Populate params for c2tnb191v3 */ - params->name = ECCurve_X9_62_CHAR2_TNB191V3; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB191V3, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2PNB208W1: /* Populate params for c2pnb208w1 */ - params->name = ECCurve_X9_62_CHAR2_PNB208W1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB208W1, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2TNB239V1: /* Populate params for c2tnb239v1 */ - params->name = ECCurve_X9_62_CHAR2_TNB239V1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V1, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2TNB239V2: /* Populate params for c2tnb239v2 */ - params->name = ECCurve_X9_62_CHAR2_TNB239V2; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V2, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2TNB239V3: /* Populate params for c2tnb239v3 */ - params->name = ECCurve_X9_62_CHAR2_TNB239V3; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB239V3, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2PNB272W1: /* Populate params for c2pnb272w1 */ - params->name = ECCurve_X9_62_CHAR2_PNB272W1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB272W1, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2PNB304W1: /* Populate params for c2pnb304w1 */ - params->name = ECCurve_X9_62_CHAR2_PNB304W1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB304W1, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2TNB359V1: /* Populate params for c2tnb359v1 */ - params->name = ECCurve_X9_62_CHAR2_TNB359V1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB359V1, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2PNB368W1: /* Populate params for c2pnb368w1 */ - params->name = ECCurve_X9_62_CHAR2_PNB368W1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_PNB368W1, ec_field_GF2m, + params) ); break; case SEC_OID_ANSIX962_EC_C2TNB431R1: /* Populate params for c2tnb431r1 */ - params->name = ECCurve_X9_62_CHAR2_TNB431R1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_CHAR2_TNB431R1, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT113R1: /* Populate params for sect113r1 */ - params->name = ECCurve_SECG_CHAR2_113R1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_113R1, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT113R2: /* Populate params for sect113r2 */ - params->name = ECCurve_SECG_CHAR2_113R2; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_113R2, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT131R1: /* Populate params for sect131r1 */ - params->name = ECCurve_SECG_CHAR2_131R1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_131R1, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT131R2: /* Populate params for sect131r2 */ - params->name = ECCurve_SECG_CHAR2_131R2; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_131R2, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT163K1: /* Populate params for sect163k1 * (the NIST K-163 curve) */ - params->name = ECCurve_SECG_CHAR2_163K1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163K1, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT163R1: /* Populate params for sect163r1 */ - params->name = ECCurve_SECG_CHAR2_163R1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163R1, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT163R2: /* Populate params for sect163r2 * (the NIST B-163 curve) */ - params->name = ECCurve_SECG_CHAR2_163R2; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_163R2, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT193R1: /* Populate params for sect193r1 */ - params->name = ECCurve_SECG_CHAR2_193R1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_193R1, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT193R2: /* Populate params for sect193r2 */ - params->name = ECCurve_SECG_CHAR2_193R2; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_193R2, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT233K1: /* Populate params for sect233k1 * (the NIST K-233 curve) */ - params->name = ECCurve_SECG_CHAR2_233K1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_233K1, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT233R1: /* Populate params for sect233r1 * (the NIST B-233 curve) */ - params->name = ECCurve_SECG_CHAR2_233R1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_233R1, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT239K1: /* Populate params for sect239k1 */ - params->name = ECCurve_SECG_CHAR2_239K1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_239K1, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT283K1: /* Populate params for sect283k1 * (the NIST K-283 curve) */ - params->name = ECCurve_SECG_CHAR2_283K1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_283K1, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT283R1: /* Populate params for sect283r1 * (the NIST B-283 curve) */ - params->name = ECCurve_SECG_CHAR2_283R1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_283R1, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT409K1: /* Populate params for sect409k1 * (the NIST K-409 curve) */ - params->name = ECCurve_SECG_CHAR2_409K1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_409K1, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT409R1: /* Populate params for sect409r1 * (the NIST B-409 curve) */ - params->name = ECCurve_SECG_CHAR2_409R1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_409R1, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT571K1: /* Populate params for sect571k1 * (the NIST K-571 curve) */ - params->name = ECCurve_SECG_CHAR2_571K1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_571K1, ec_field_GF2m, + params) ); break; case SEC_OID_SECG_EC_SECT571R1: /* Populate params for sect571r1 * (the NIST B-571 curve) */ - params->name = ECCurve_SECG_CHAR2_571R1; - GF2M_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_CHAR2_571R1, ec_field_GF2m, + params) ); break; -#define GFP_POPULATE \ - if ((params->name < ECCurve_noName) || \ - (params->name > ECCurve_pastLastCurve)) goto cleanup; \ - curveParams = ecCurve_map[params->name]; \ - CHECK_OK(curveParams); \ - params->fieldID.size = curveParams->size; \ - params->fieldID.type = ec_field_GFp; \ - CHECK_OK(hexString2SECItem(params->arena, ¶ms->fieldID.u.prime, \ - curveParams->irr)); \ - CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.a, \ - curveParams->curvea)); \ - CHECK_OK(hexString2SECItem(params->arena, ¶ms->curve.b, \ - curveParams->curveb)); \ - genenc[0] = '0'; \ - genenc[1] = '4'; \ - genenc[2] = '\0'; \ - CHECK_OK(strcat(genenc, curveParams->genx)); \ - CHECK_OK(strcat(genenc, curveParams->geny)); \ - CHECK_OK(hexString2SECItem(params->arena, ¶ms->base, \ - genenc)); \ - CHECK_OK(hexString2SECItem(params->arena, ¶ms->order, \ - curveParams->order)); \ - params->cofactor = curveParams->cofactor; + /* Prime curves */ case SEC_OID_ANSIX962_EC_PRIME192V1: /* Populate params for prime192v1 aka secp192r1 * (the NIST P-192 curve) */ - params->name = ECCurve_X9_62_PRIME_192V1; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V1, ec_field_GFp, + params) ); break; case SEC_OID_ANSIX962_EC_PRIME192V2: /* Populate params for prime192v2 */ - params->name = ECCurve_X9_62_PRIME_192V2; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V2, ec_field_GFp, + params) ); break; case SEC_OID_ANSIX962_EC_PRIME192V3: /* Populate params for prime192v3 */ - params->name = ECCurve_X9_62_PRIME_192V3; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_192V3, ec_field_GFp, + params) ); break; case SEC_OID_ANSIX962_EC_PRIME239V1: /* Populate params for prime239v1 */ - params->name = ECCurve_X9_62_PRIME_239V1; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V1, ec_field_GFp, + params) ); break; case SEC_OID_ANSIX962_EC_PRIME239V2: /* Populate params for prime239v2 */ - params->name = ECCurve_X9_62_PRIME_239V2; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V2, ec_field_GFp, + params) ); break; case SEC_OID_ANSIX962_EC_PRIME239V3: /* Populate params for prime239v3 */ - params->name = ECCurve_X9_62_PRIME_239V3; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_239V3, ec_field_GFp, + params) ); break; case SEC_OID_ANSIX962_EC_PRIME256V1: /* Populate params for prime256v1 aka secp256r1 * (the NIST P-256 curve) */ - params->name = ECCurve_X9_62_PRIME_256V1; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_X9_62_PRIME_256V1, ec_field_GFp, + params) ); break; case SEC_OID_SECG_EC_SECP112R1: /* Populate params for secp112r1 */ - params->name = ECCurve_SECG_PRIME_112R1; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_112R1, ec_field_GFp, + params) ); break; case SEC_OID_SECG_EC_SECP112R2: /* Populate params for secp112r2 */ - params->name = ECCurve_SECG_PRIME_112R2; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_112R2, ec_field_GFp, + params) ); break; case SEC_OID_SECG_EC_SECP128R1: /* Populate params for secp128r1 */ - params->name = ECCurve_SECG_PRIME_128R1; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_128R1, ec_field_GFp, + params) ); break; case SEC_OID_SECG_EC_SECP128R2: /* Populate params for secp128r2 */ - params->name = ECCurve_SECG_PRIME_128R2; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_128R2, ec_field_GFp, + params) ); break; case SEC_OID_SECG_EC_SECP160K1: /* Populate params for secp160k1 */ - params->name = ECCurve_SECG_PRIME_160K1; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160K1, ec_field_GFp, + params) ); break; case SEC_OID_SECG_EC_SECP160R1: /* Populate params for secp160r1 */ - params->name = ECCurve_SECG_PRIME_160R1; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160R1, ec_field_GFp, + params) ); break; case SEC_OID_SECG_EC_SECP160R2: /* Populate params for secp160r1 */ - params->name = ECCurve_SECG_PRIME_160R2; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_160R2, ec_field_GFp, + params) ); break; case SEC_OID_SECG_EC_SECP192K1: /* Populate params for secp192k1 */ - params->name = ECCurve_SECG_PRIME_192K1; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_192K1, ec_field_GFp, + params) ); break; case SEC_OID_SECG_EC_SECP224K1: /* Populate params for secp224k1 */ - params->name = ECCurve_SECG_PRIME_224K1; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_224K1, ec_field_GFp, + params) ); break; case SEC_OID_SECG_EC_SECP224R1: /* Populate params for secp224r1 * (the NIST P-224 curve) */ - params->name = ECCurve_SECG_PRIME_224R1; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_224R1, ec_field_GFp, + params) ); break; case SEC_OID_SECG_EC_SECP256K1: /* Populate params for secp256k1 */ - params->name = ECCurve_SECG_PRIME_256K1; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_256K1, ec_field_GFp, + params) ); break; case SEC_OID_SECG_EC_SECP384R1: /* Populate params for secp384r1 * (the NIST P-384 curve) */ - params->name = ECCurve_SECG_PRIME_384R1; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_384R1, ec_field_GFp, + params) ); break; case SEC_OID_SECG_EC_SECP521R1: /* Populate params for secp521r1 * (the NIST P-521 curve) */ - params->name = ECCurve_SECG_PRIME_521R1; - GFP_POPULATE + CHECK_SEC_OK( gf_populate_params(ECCurve_SECG_PRIME_521R1, ec_field_GFp, + params) ); break; default: @@ -603,10 +598,9 @@ cleanup: #if EC_DEBUG printf("Unrecognized curve, returning NULL params\n"); #endif - return SECFailure; } - return SECSuccess; + return rv; } SECStatus