108 lines
4.7 KiB
Diff
108 lines
4.7 KiB
Diff
|
diff --git a/lib/freebl/blapit.h b/lib/freebl/blapit.h
|
||
|
--- a/lib/freebl/blapit.h
|
||
|
+++ b/lib/freebl/blapit.h
|
||
|
@@ -387,17 +387,18 @@ typedef struct DHPrivateKeyStr DHPrivate
|
||
|
*/
|
||
|
|
||
|
/*
|
||
|
** The ECParams data structures can encode elliptic curve
|
||
|
** parameters for both GFp and GF2m curves.
|
||
|
*/
|
||
|
|
||
|
typedef enum { ec_params_explicit,
|
||
|
- ec_params_named
|
||
|
+ ec_params_named,
|
||
|
+ ec_params_edwards_named
|
||
|
} ECParamsType;
|
||
|
|
||
|
typedef enum { ec_field_GFp = 1,
|
||
|
ec_field_GF2m,
|
||
|
ec_field_plain
|
||
|
} ECFieldType;
|
||
|
|
||
|
struct ECFieldIDStr {
|
||
|
diff --git a/lib/freebl/ecdecode.c b/lib/freebl/ecdecode.c
|
||
|
--- a/lib/freebl/ecdecode.c
|
||
|
+++ b/lib/freebl/ecdecode.c
|
||
|
@@ -171,16 +171,17 @@ EC_FillParams(PLArenaPool *arena, const
|
||
|
* (the NIST P-521 curve)
|
||
|
*/
|
||
|
CHECK_SEC_OK(gf_populate_params_bytes(ECCurve_SECG_PRIME_521R1,
|
||
|
ec_field_GFp, params));
|
||
|
break;
|
||
|
|
||
|
case SEC_OID_CURVE25519:
|
||
|
/* Populate params for Curve25519 */
|
||
|
+ params->type = ec_params_edwards_named;
|
||
|
CHECK_SEC_OK(gf_populate_params_bytes(ECCurve25519,
|
||
|
ec_field_plain,
|
||
|
params));
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
break;
|
||
|
};
|
||
|
diff --git a/lib/softoken/pkcs11.c b/lib/softoken/pkcs11.c
|
||
|
--- a/lib/softoken/pkcs11.c
|
||
|
+++ b/lib/softoken/pkcs11.c
|
||
|
@@ -1921,17 +1921,17 @@ sftk_GetPubKey(SFTKObject *object, CK_KE
|
||
|
/* special note: We can't just use the first byte to distinguish
|
||
|
* between EC_POINT_FORM_UNCOMPRESSED and SEC_ASN1_OCTET_STRING.
|
||
|
* Both are 0x04. */
|
||
|
|
||
|
/* Handle the non-DER encoded case.
|
||
|
* Some curves are always pressumed to be non-DER.
|
||
|
*/
|
||
|
if (pubKey->u.ec.publicValue.len == keyLen &&
|
||
|
- (pubKey->u.ec.ecParams.fieldID.type == ec_field_plain ||
|
||
|
+ (pubKey->u.ec.ecParams.type == ec_params_edwards_named ||
|
||
|
pubKey->u.ec.publicValue.data[0] == EC_POINT_FORM_UNCOMPRESSED)) {
|
||
|
break; /* key was not DER encoded, no need to unwrap */
|
||
|
}
|
||
|
|
||
|
/* handle the encoded case */
|
||
|
if ((pubKey->u.ec.publicValue.data[0] == SEC_ASN1_OCTET_STRING) &&
|
||
|
pubKey->u.ec.publicValue.len > keyLen) {
|
||
|
SECItem publicValue;
|
||
|
@@ -1941,17 +1941,17 @@ sftk_GetPubKey(SFTKObject *object, CK_KE
|
||
|
SEC_ASN1_GET(SEC_OctetStringTemplate),
|
||
|
&pubKey->u.ec.publicValue);
|
||
|
/* nope, didn't decode correctly */
|
||
|
if ((rv != SECSuccess) || (publicValue.len != keyLen)) {
|
||
|
crv = CKR_ATTRIBUTE_VALUE_INVALID;
|
||
|
break;
|
||
|
}
|
||
|
/* we don't handle compressed points except in the case of ECCurve25519 */
|
||
|
- if ((pubKey->u.ec.ecParams.fieldID.type != ec_field_plain) &&
|
||
|
+ if ((pubKey->u.ec.ecParams.type != ec_params_edwards_named) &&
|
||
|
(publicValue.data[0] != EC_POINT_FORM_UNCOMPRESSED)) {
|
||
|
crv = CKR_ATTRIBUTE_VALUE_INVALID;
|
||
|
break;
|
||
|
}
|
||
|
/* replace our previous with the decoded key */
|
||
|
pubKey->u.ec.publicValue = publicValue;
|
||
|
break;
|
||
|
}
|
||
|
diff --git a/lib/softoken/pkcs11c.c b/lib/softoken/pkcs11c.c
|
||
|
--- a/lib/softoken/pkcs11c.c
|
||
|
+++ b/lib/softoken/pkcs11c.c
|
||
|
@@ -5655,17 +5655,17 @@ NSC_GenerateKeyPair(CK_SESSION_HANDLE hS
|
||
|
sftk_fatalError = PR_TRUE;
|
||
|
}
|
||
|
PORT_FreeArena(ecParams->arena, PR_TRUE);
|
||
|
crv = sftk_MapCryptError(PORT_GetError());
|
||
|
break;
|
||
|
}
|
||
|
|
||
|
if (PR_GetEnvSecure("NSS_USE_DECODED_CKA_EC_POINT") ||
|
||
|
- ecParams->fieldID.type == ec_field_plain) {
|
||
|
+ ecParams->type == ec_params_edwards_named) {
|
||
|
PORT_FreeArena(ecParams->arena, PR_TRUE);
|
||
|
crv = sftk_AddAttributeType(publicKey, CKA_EC_POINT,
|
||
|
sftk_item_expand(&ecPriv->publicValue));
|
||
|
} else {
|
||
|
PORT_FreeArena(ecParams->arena, PR_TRUE);
|
||
|
SECItem *pubValue = SEC_ASN1EncodeItem(NULL, NULL,
|
||
|
&ecPriv->publicValue,
|
||
|
SEC_ASN1_GET(SEC_OctetStringTemplate));
|