| |
@@ -1,107 +0,0 @@
|
| |
- diff --git a/lib/freebl/blapit.h b/lib/freebl/blapit.h
|
| |
- --- a/lib/freebl/blapit.h
|
| |
- +++ b/lib/freebl/blapit.h
|
| |
- @@ -387,17 +387,18 @@ typedef struct DHPrivateKeyStr DHPrivate
|
| |
- */
|
| |
-
|
| |
- /*
|
| |
- ** The ECParams data structures can encode elliptic curve
|
| |
- ** parameters for both GFp and GF2m curves.
|
| |
- */
|
| |
-
|
| |
- typedef enum { ec_params_explicit,
|
| |
- - ec_params_named
|
| |
- + ec_params_named,
|
| |
- + ec_params_edwards_named
|
| |
- } ECParamsType;
|
| |
-
|
| |
- typedef enum { ec_field_GFp = 1,
|
| |
- ec_field_GF2m,
|
| |
- ec_field_plain
|
| |
- } ECFieldType;
|
| |
-
|
| |
- struct ECFieldIDStr {
|
| |
- diff --git a/lib/freebl/ecdecode.c b/lib/freebl/ecdecode.c
|
| |
- --- a/lib/freebl/ecdecode.c
|
| |
- +++ b/lib/freebl/ecdecode.c
|
| |
- @@ -171,16 +171,17 @@ EC_FillParams(PLArenaPool *arena, const
|
| |
- * (the NIST P-521 curve)
|
| |
- */
|
| |
- CHECK_SEC_OK(gf_populate_params_bytes(ECCurve_SECG_PRIME_521R1,
|
| |
- ec_field_GFp, params));
|
| |
- break;
|
| |
-
|
| |
- case SEC_OID_CURVE25519:
|
| |
- /* Populate params for Curve25519 */
|
| |
- + params->type = ec_params_edwards_named;
|
| |
- CHECK_SEC_OK(gf_populate_params_bytes(ECCurve25519,
|
| |
- ec_field_plain,
|
| |
- params));
|
| |
- break;
|
| |
-
|
| |
- default:
|
| |
- break;
|
| |
- };
|
| |
- diff --git a/lib/softoken/pkcs11.c b/lib/softoken/pkcs11.c
|
| |
- --- a/lib/softoken/pkcs11.c
|
| |
- +++ b/lib/softoken/pkcs11.c
|
| |
- @@ -1921,17 +1921,17 @@ sftk_GetPubKey(SFTKObject *object, CK_KE
|
| |
- /* special note: We can't just use the first byte to distinguish
|
| |
- * between EC_POINT_FORM_UNCOMPRESSED and SEC_ASN1_OCTET_STRING.
|
| |
- * Both are 0x04. */
|
| |
-
|
| |
- /* Handle the non-DER encoded case.
|
| |
- * Some curves are always pressumed to be non-DER.
|
| |
- */
|
| |
- if (pubKey->u.ec.publicValue.len == keyLen &&
|
| |
- - (pubKey->u.ec.ecParams.fieldID.type == ec_field_plain ||
|
| |
- + (pubKey->u.ec.ecParams.type == ec_params_edwards_named ||
|
| |
- pubKey->u.ec.publicValue.data[0] == EC_POINT_FORM_UNCOMPRESSED)) {
|
| |
- break; /* key was not DER encoded, no need to unwrap */
|
| |
- }
|
| |
-
|
| |
- /* handle the encoded case */
|
| |
- if ((pubKey->u.ec.publicValue.data[0] == SEC_ASN1_OCTET_STRING) &&
|
| |
- pubKey->u.ec.publicValue.len > keyLen) {
|
| |
- SECItem publicValue;
|
| |
- @@ -1941,17 +1941,17 @@ sftk_GetPubKey(SFTKObject *object, CK_KE
|
| |
- SEC_ASN1_GET(SEC_OctetStringTemplate),
|
| |
- &pubKey->u.ec.publicValue);
|
| |
- /* nope, didn't decode correctly */
|
| |
- if ((rv != SECSuccess) || (publicValue.len != keyLen)) {
|
| |
- crv = CKR_ATTRIBUTE_VALUE_INVALID;
|
| |
- break;
|
| |
- }
|
| |
- /* we don't handle compressed points except in the case of ECCurve25519 */
|
| |
- - if ((pubKey->u.ec.ecParams.fieldID.type != ec_field_plain) &&
|
| |
- + if ((pubKey->u.ec.ecParams.type != ec_params_edwards_named) &&
|
| |
- (publicValue.data[0] != EC_POINT_FORM_UNCOMPRESSED)) {
|
| |
- crv = CKR_ATTRIBUTE_VALUE_INVALID;
|
| |
- break;
|
| |
- }
|
| |
- /* replace our previous with the decoded key */
|
| |
- pubKey->u.ec.publicValue = publicValue;
|
| |
- break;
|
| |
- }
|
| |
- diff --git a/lib/softoken/pkcs11c.c b/lib/softoken/pkcs11c.c
|
| |
- --- a/lib/softoken/pkcs11c.c
|
| |
- +++ b/lib/softoken/pkcs11c.c
|
| |
- @@ -5655,17 +5655,17 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
|
| |
- sftk_fatalError = PR_TRUE;
|
| |
- }
|
| |
- PORT_FreeArena(ecParams->arena, PR_TRUE);
|
| |
- crv = sftk_MapCryptError(PORT_GetError());
|
| |
- break;
|
| |
- }
|
| |
-
|
| |
- if (PR_GetEnvSecure("NSS_USE_DECODED_CKA_EC_POINT") ||
|
| |
- - ecParams->fieldID.type == ec_field_plain) {
|
| |
- + ecParams->type == ec_params_edwards_named) {
|
| |
- PORT_FreeArena(ecParams->arena, PR_TRUE);
|
| |
- crv = sftk_AddAttributeType(publicKey, CKA_EC_POINT,
|
| |
- sftk_item_expand(&ecPriv->publicValue));
|
| |
- } else {
|
| |
- PORT_FreeArena(ecParams->arena, PR_TRUE);
|
| |
- SECItem *pubValue = SEC_ASN1EncodeItem(NULL, NULL,
|
| |
- &ecPriv->publicValue,
|
| |
- SEC_ASN1_GET(SEC_OctetStringTemplate));
|
| |