Add support for Elliptic Curve Cryptography. Bug 195135.

Modified Files:
 	cmd/lib/SECerrs.h cmd/selfserv/selfserv.c
 	cmd/tstclnt/tstclnt.c lib/cryptohi/keyhi.h
 	lib/cryptohi/keythi.h lib/cryptohi/seckey.c
 	lib/cryptohi/secvfy.c lib/freebl/Makefile lib/freebl/blapi.h
 	lib/freebl/blapit.h lib/freebl/ldvector.c lib/freebl/loader.c
 	lib/freebl/loader.h lib/freebl/manifest.mn lib/nss/nss.def
 	lib/pk11wrap/pk11skey.c lib/pk11wrap/pk11slot.c
 	lib/softoken/lowkeyti.h lib/softoken/manifest.mn
 	lib/softoken/pkcs11.c lib/softoken/pkcs11c.c
 	lib/softoken/pkcs11t.h lib/ssl/ssl3con.c lib/ssl/ssl3prot.h
 	lib/ssl/sslcon.c lib/ssl/sslenum.c lib/ssl/sslimpl.h
 	lib/ssl/sslinfo.c lib/ssl/sslproto.h lib/ssl/sslsecur.c
 	lib/ssl/sslsock.c lib/ssl/sslt.h lib/util/secerr.h
 	lib/util/secoid.c lib/util/secoidt.h
Added Files:
 	lib/freebl/GFp_ecl.c lib/freebl/GFp_ecl.h lib/freebl/ec.c
 	lib/freebl/ec.h lib/softoken/ecdecode.c

security/nss/cmd/lib/SECerrs.h

@@ -460,3 +460,17 @@ ER3(SEC_ERROR_REUSED_ISSUER_AND_SERIAL,        (SEC_ERROR_BASE + 138),
 "You are attempting to import a cert with the same issuer/serial as \
 an existing cert, but that is not the same cert.")
 
+ER3(SEC_ERROR_BUSY,				(SEC_ERROR_BASE + 139),
+"NSS could not shutdown. Objects are still in use.")
+
+ER3(SEC_ERROR_EXTRA_INPUT,			(SEC_ERROR_BASE + 140),
+"DER-encoded message contained extra usused data.")
+
+ER3(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE,	(SEC_ERROR_BASE + 141),
+"Unsupported elliptic curve.")
+
+ER3(SEC_ERROR_UNSUPPORTED_EC_POINT_FORM,	(SEC_ERROR_BASE + 142),
+"Unsupported elliptic curve point form.")
+
+ER3(SEC_ERROR_UNRECOGNIZED_OID,			(SEC_ERROR_BASE + 143),
+"Unrecognized Object IDentifier.")

security/nss/cmd/selfserv/selfserv.c

@@ -15,8 +15,12 @@
  * Communications Corporation.  Portions created by Netscape are 
  * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
  * Rights Reserved.
- * 
+ *
+ * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
+ * Sun Microsystems, Inc. All Rights Reserved. 
+ *
  * Contributor(s):
+ *	Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
  * 
  * Alternatively, the contents of this file may be used under the
  * terms of the GNU General Public License Version 2 or later (the
@@ -101,6 +105,28 @@ const int ssl2CipherSuites[] = {
     SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5,	/* D */
     SSL_EN_DES_64_CBC_WITH_MD5,			/* E */
     SSL_EN_DES_192_EDE3_CBC_WITH_MD5,		/* F */
+#ifdef NSS_ENABLE_ECC
+    /* NOTE: Since no new SSL2 ciphersuites are being 
+     * invented, and we've run out of lowercase letters
+     * for SSL3 ciphers, we use letters G and beyond
+     * for new SSL3 ciphers. A -1 indicates the cipher
+     * is not currently implemented.
+     */
+    -1, /* TLS_ECDH_ECDSA_WITH_NULL_SHA,     	 * G */
+    -1, /* TLS_ECDH_ECDSA_WITH_RC4_128_SHA,  	 * H */
+    -1, /* TLS_ECDH_ECDSA_WITH_DES_CBC_SHA,  	 * I */
+    -1, /* TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, * J */
+    -1, /* TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,  * K */
+    -1, /* TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,  * L */
+    -1, /* TLS_ECDH_RSA_WITH_NULL_SHA,       	 * M */
+    -1, /* TLS_ECDH_RSA_WITH_RC4_128_SHA,    	 * N */
+    -1, /* TLS_ECDH_RSA_WITH_DES_CBC_SHA,    	 * O */
+    -1, /* TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,   * P */
+    -1, /* TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,	 * Q */
+    -1, /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,	 * R */
+    -1, /* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, * S */
+    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,      	/* T */
+#endif /* NSS_ENABLE_ECC */
     0
 };
 
@@ -119,16 +145,16 @@ const int ssl3CipherSuites[] = {
     TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,	/* l */
     TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,	        /* m */
     SSL_RSA_WITH_RC4_128_SHA,			/* n */
-    TLS_DHE_DSS_WITH_RC4_128_SHA,		/* o */
-    SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,		/* p */
-    SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,		/* q */
-    SSL_DHE_RSA_WITH_DES_CBC_SHA,		/* r */
-    SSL_DHE_DSS_WITH_DES_CBC_SHA,		/* s */
-    TLS_DHE_DSS_WITH_AES_128_CBC_SHA, 	    	/* t */
-    TLS_DHE_RSA_WITH_AES_128_CBC_SHA,       	/* u */
+    -1, /* TLS_DHE_DSS_WITH_RC4_128_SHA, 	 * o */
+    -1, /* SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,	 * p */
+    -1, /* SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,	 * q */
+    -1, /* SSL_DHE_RSA_WITH_DES_CBC_SHA,	 * r */
+    -1, /* SSL_DHE_DSS_WITH_DES_CBC_SHA,	 * s */
+    -1, /* TLS_DHE_DSS_WITH_AES_128_CBC_SHA,	 * t */
+    -1, /* TLS_DHE_RSA_WITH_AES_128_CBC_SHA,	 * u */
     TLS_RSA_WITH_AES_128_CBC_SHA,     	    	/* v */
-    TLS_DHE_DSS_WITH_AES_256_CBC_SHA, 	    	/* w */
-    TLS_DHE_RSA_WITH_AES_256_CBC_SHA,       	/* x */
+    -1, /* TLS_DHE_DSS_WITH_AES_256_CBC_SHA,	 * w */
+    -1, /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA,	 * x */
     TLS_RSA_WITH_AES_256_CBC_SHA,     	    	/* y */
     SSL_RSA_WITH_NULL_SHA,			/* z */
     0
@@ -199,6 +225,9 @@ Usage(const char *progName)
 "D    SSL2 RC2 128 CBC EXPORT40 WITH MD5\n"
 "E    SSL2 DES 64 CBC WITH MD5\n"
 "F    SSL2 DES 192 EDE3 CBC WITH MD5\n"
+#ifdef NSS_ENABLE_ECC
+"T    TLS ECDHE RSA WITH AES 128 CBC SHA\n"
+#endif /* NSS_ENABLE_ECC */
 "\n"
 "a    SSL3 FORTEZZA DMS WITH FORTEZZA CBC SHA\n"
 "b    SSL3 FORTEZZA DMS WITH RC4 128 SHA\n"

security/nss/cmd/tstclnt/tstclnt.c

@@ -15,8 +15,12 @@
  * Communications Corporation.  Portions created by Netscape are 
  * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
  * Rights Reserved.
- * 
+ *
+ * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
+ * Sun Microsystems, Inc. All Rights Reserved. 
+ *
  * Contributor(s):
+ *	Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
  * 
  * Alternatively, the contents of this file may be used under the
  * terms of the GNU General Public License Version 2 or later (the
@@ -74,6 +78,27 @@ int ssl2CipherSuites[] = {
     SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5,	/* D */
     SSL_EN_DES_64_CBC_WITH_MD5,			/* E */
     SSL_EN_DES_192_EDE3_CBC_WITH_MD5,		/* F */
+#ifdef NSS_ENABLE_ECC
+    /* NOTE: Since no new SSL2 ciphersuites are being 
+     * invented, and we've run out of lowercase letters
+     * for SSL3 ciphers, we use letters G and beyond
+     * for new SSL3 ciphers.
+     */
+    TLS_ECDH_ECDSA_WITH_NULL_SHA,       	/* G */
+    TLS_ECDH_ECDSA_WITH_RC4_128_SHA,       	/* H */
+    TLS_ECDH_ECDSA_WITH_DES_CBC_SHA,       	/* I */
+    TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,    	/* J */
+    TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,     	/* K */
+    TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,     	/* L */
+    TLS_ECDH_RSA_WITH_NULL_SHA,          	/* M */
+    TLS_ECDH_RSA_WITH_RC4_128_SHA,       	/* N */
+    TLS_ECDH_RSA_WITH_DES_CBC_SHA,       	/* O */
+    TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,      	/* P */
+    TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,       	/* Q */
+    TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,       	/* R */
+    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,    	/* S */
+    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,      	/* T */
+#endif /* NSS_ENABLE_ECC */
     0
 };
 
@@ -206,6 +231,22 @@ static void Usage(const char *progName)
 "D    SSL2 RC2 128 CBC EXPORT40 WITH MD5\n"
 "E    SSL2 DES 64 CBC WITH MD5\n"
 "F    SSL2 DES 192 EDE3 CBC WITH MD5\n"
+#ifdef NSS_ENABLE_ECC
+"G    TLS ECDH ECDSA WITH NULL SHA\n"
+"H    TLS ECDH ECDSA WITH RC4 128 CBC SHA\n"
+"I    TLS ECDH ECDSA WITH DES CBC SHA\n"
+"J    TLS ECDH ECDSA WITH 3DES EDE CBC SHA\n"
+"K    TLS ECDH ECDSA WITH AES 128 CBC SHA\n"
+"L    TLS ECDH ECDSA WITH AES 256 CBC SHA\n"
+"M    TLS ECDH RSA WITH NULL SHA\n"
+"N    TLS ECDH RSA WITH RC4 128 CBC SHA\n"
+"O    TLS ECDH RSA WITH DES CBC SHA\n"
+"P    TLS ECDH RSA WITH 3DES EDE CBC SHA\n"
+"Q    TLS ECDH RSA WITH AES 128 CBC SHA\n"
+"R    TLS ECDH RSA WITH AES 256 CBC SHA\n"
+"S    TLS ECDHE ECDSA WITH AES 128 CBC SHA\n"
+"T    TLS ECDHE RSA WITH AES 128 CBC SHA\n"
+#endif /* NSS_ENABLE_ECC */
 "\n"
 "a    SSL3 FORTEZZA DMS WITH FORTEZZA CBC SHA\n"
 "b    SSL3 FORTEZZA DMS WITH RC4 128 SHA\n"

security/nss/lib/cryptohi/keyhi.h

@@ -16,8 +16,12 @@
  * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
  * Rights Reserved.
  * 
+ * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
+ * Sun Microsystems, Inc. All Rights Reserved. 
+ *
  * Contributor(s): 
  *	Dr Stephen Henson <stephen.henson@gemplus.com>
+ *	Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
  * 
  * Alternatively, the contents of this file may be used under the
  * terms of the GNU General Public License Version 2 or later (the
@@ -79,10 +83,14 @@ extern SECStatus
 SECKEY_KEAParamCompare(CERTCertificate *cert1,CERTCertificate *cert2);
 
 /*
-** Return the strength of the public key
+** Return the strength of the public key in bytes
 */
 extern unsigned SECKEY_PublicKeyStrength(SECKEYPublicKey *pubk);
 
+/*
+** Return the strength of the public key in bits
+*/
+extern unsigned SECKEY_PublicKeyStrengthInBits(SECKEYPublicKey *pubk);
 
 /*
 ** Make a copy of the private key "privKey"
@@ -110,6 +118,13 @@ SECKEYPrivateKey *SECKEY_CreateRSAPrivateKey(int keySizeInBits,
  */
 SECKEYPrivateKey *SECKEY_CreateDHPrivateKey(SECKEYDHParams *param,
 					   SECKEYPublicKey **pubk, void *cx);
+
+/*
+ * create a new EC key pair. The private Key is returned...
+ */
+SECKEYPrivateKey *SECKEY_CreateECPrivateKey(SECKEYECParams *param,
+                                           SECKEYPublicKey **pubk, void *cx);
+
 /*
 ** Create a subject-public-key-info based on a public key.
 */

security/nss/lib/cryptohi/keythi.h

@@ -16,7 +16,11 @@
  * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
  * Rights Reserved.
  * 
- * Contributor(s):
+ * Portions created by Sun Microsystems, Inc. are Copyright (C) 2003
+ * Sun Microsystems, Inc. All Rights Reserved. 
+ *
+ * Contributor(s): 
+ *	Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
  * 
  * Alternatively, the contents of this file may be used under the
  * terms of the GNU General Public License Version 2 or later (the
@@ -44,7 +48,8 @@ typedef enum {
     dsaKey = 2, 
     fortezzaKey = 3,
     dhKey = 4, 
-    keaKey = 5
+    keaKey = 5,
+    ecKey = 6
 } KeyType;
 
 /*
@@ -117,6 +122,25 @@ struct SECKEYDHPublicKeyStr {
 };
 typedef struct SECKEYDHPublicKeyStr SECKEYDHPublicKey;
 
+/*
+** Elliptic curve Public Key structure
+** The PKCS#11 layer needs DER encoding of ANSI X9.62
+** parameters value
+*/
+typedef SECItem SECKEYECParams;
+
+struct SECKEYECPublicKeyStr {
+    SECKEYECParams DEREncodedParams;
+    int     size;             /* size in bits */
+    SECItem publicValue;      /* encoded point */
+    /* XXX Even though the PKCS#11 interface takes encoded parameters,
+     * we may still wish to decode them above PKCS#11 for things like
+     * printing key information. For named curves, which is what
+     * we initially support, we ought to have the curve name at the
+     * very least.
+     */
+};
+typedef struct SECKEYECPublicKeyStr SECKEYECPublicKey;
 
 /*
 ** FORTEZZA Public Key structures
@@ -173,6 +197,7 @@ struct SECKEYPublicKeyStr {
 	SECKEYDHPublicKey  dh;
         SECKEYKEAPublicKey kea;
         SECKEYFortezzaPublicKey fortezza;
+	SECKEYECPublicKey  ec;
     } u;
 };
 typedef struct SECKEYPublicKeyStr SECKEYPublicKey;