Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Bug 1347975 - use bytes for curve parameter definitions, r=ttaubert
--HG--
extra : rebase_source : b6fc186f6b67c85dc442788fe75aa4e94fcf2351
extra : amend_source : c0448d875ce08e18d0904f365a70296f222d35df
extra : histedit_source : d0396fd62d8cfb72532ab205d6b28b96b313368f%2Cbd0f4860eaf15431b39c5ed60177c4835ce93be3
  • Loading branch information
franziskuskiefer committed Mar 16, 2017
1 parent c41f6d8 commit 6c57015
Show file tree
Hide file tree
Showing 14 changed files with 435 additions and 404 deletions.
2 changes: 1 addition & 1 deletion cmd/bltest/blapitest.c
Expand Up @@ -2830,7 +2830,7 @@ dump_performance_info(bltestCipherInfo *infoList, double totalTimeInt,
ECPrivateKey *key = (ECPrivateKey *)info->params.asymk.privKey;
ECCurveName curveName = key->ecParams.name;
fprintf(stdout, "%12s",
ecCurve_map[curveName] ? ecCurve_map[curveName]->text : "Unsupported curve");
ecCurve_mapB[curveName] ? ecCurve_mapB[curveName]->text : "Unsupported curve");
}
break;
#endif
Expand Down
128 changes: 12 additions & 116 deletions cmd/ecperf/ecperf.c
Expand Up @@ -9,6 +9,7 @@
#include "basicutil.h"
#include "pkcs11.h"
#include "nspr.h"
#include "secutil.h"
#include <stdio.h>

#define __PASTE(x, y) x##y
Expand All @@ -26,70 +27,6 @@

#include "pkcs11f.h"

/* mapping between ECCurveName enum and pointers to ECCurveParams */
static SECOidTag ecCurve_oid_map[] = {
SEC_OID_UNKNOWN, /* ECCurve_noName */
SEC_OID_ANSIX962_EC_PRIME192V1, /* ECCurve_NIST_P192 */
SEC_OID_SECG_EC_SECP224R1, /* ECCurve_NIST_P224 */
SEC_OID_ANSIX962_EC_PRIME256V1, /* ECCurve_NIST_P256 */
SEC_OID_SECG_EC_SECP384R1, /* ECCurve_NIST_P384 */
SEC_OID_SECG_EC_SECP521R1, /* ECCurve_NIST_P521 */
SEC_OID_SECG_EC_SECT163K1, /* ECCurve_NIST_K163 */
SEC_OID_SECG_EC_SECT163R1, /* ECCurve_NIST_B163 */
SEC_OID_SECG_EC_SECT233K1, /* ECCurve_NIST_K233 */
SEC_OID_SECG_EC_SECT233R1, /* ECCurve_NIST_B233 */
SEC_OID_SECG_EC_SECT283K1, /* ECCurve_NIST_K283 */
SEC_OID_SECG_EC_SECT283R1, /* ECCurve_NIST_B283 */
SEC_OID_SECG_EC_SECT409K1, /* ECCurve_NIST_K409 */
SEC_OID_SECG_EC_SECT409R1, /* ECCurve_NIST_B409 */
SEC_OID_SECG_EC_SECT571K1, /* ECCurve_NIST_K571 */
SEC_OID_SECG_EC_SECT571R1, /* ECCurve_NIST_B571 */
SEC_OID_ANSIX962_EC_PRIME192V2,
SEC_OID_ANSIX962_EC_PRIME192V3,
SEC_OID_ANSIX962_EC_PRIME239V1,
SEC_OID_ANSIX962_EC_PRIME239V2,
SEC_OID_ANSIX962_EC_PRIME239V3,
SEC_OID_ANSIX962_EC_C2PNB163V1,
SEC_OID_ANSIX962_EC_C2PNB163V2,
SEC_OID_ANSIX962_EC_C2PNB163V3,
SEC_OID_ANSIX962_EC_C2PNB176V1,
SEC_OID_ANSIX962_EC_C2TNB191V1,
SEC_OID_ANSIX962_EC_C2TNB191V2,
SEC_OID_ANSIX962_EC_C2TNB191V3,
SEC_OID_ANSIX962_EC_C2PNB208W1,
SEC_OID_ANSIX962_EC_C2TNB239V1,
SEC_OID_ANSIX962_EC_C2TNB239V2,
SEC_OID_ANSIX962_EC_C2TNB239V3,
SEC_OID_ANSIX962_EC_C2PNB272W1,
SEC_OID_ANSIX962_EC_C2PNB304W1,
SEC_OID_ANSIX962_EC_C2TNB359V1,
SEC_OID_ANSIX962_EC_C2PNB368W1,
SEC_OID_ANSIX962_EC_C2TNB431R1,
SEC_OID_SECG_EC_SECP112R1,
SEC_OID_SECG_EC_SECP112R2,
SEC_OID_SECG_EC_SECP128R1,
SEC_OID_SECG_EC_SECP128R2,
SEC_OID_SECG_EC_SECP160K1,
SEC_OID_SECG_EC_SECP160R1,
SEC_OID_SECG_EC_SECP160R2,
SEC_OID_SECG_EC_SECP192K1,
SEC_OID_SECG_EC_SECP224K1,
SEC_OID_SECG_EC_SECP256K1,
SEC_OID_SECG_EC_SECT113R1,
SEC_OID_SECG_EC_SECT113R2,
SEC_OID_SECG_EC_SECT131R1,
SEC_OID_SECG_EC_SECT131R2,
SEC_OID_SECG_EC_SECT163R1,
SEC_OID_SECG_EC_SECT193R1,
SEC_OID_SECG_EC_SECT193R2,
SEC_OID_SECG_EC_SECT239K1,
SEC_OID_UNKNOWN, /* ECCurve_WTLS_1 */
SEC_OID_UNKNOWN, /* ECCurve_WTLS_8 */
SEC_OID_UNKNOWN, /* ECCurve_WTLS_9 */
SEC_OID_CURVE25519,
SEC_OID_UNKNOWN /* ECCurve_pastLastCurve */
};

typedef SECStatus (*op_func)(void *, void *, void *);
typedef SECStatus (*pk11_op_func)(CK_SESSION_HANDLE, void *, void *, void *);

Expand Down Expand Up @@ -374,30 +311,6 @@ PKCS11_Verify(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE *hKey,
return SECSuccess;
}

static SECStatus
ecName2params(ECCurveName curve, SECKEYECParams *params)
{
SECOidData *oidData = NULL;

if ((curve < ECCurve_noName) || (curve > ECCurve_pastLastCurve) ||
((oidData = SECOID_FindOIDByTag(ecCurve_oid_map[curve])) == NULL)) {
PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
return SECFailure;
}

SECITEM_AllocItem(NULL, params, (2 + oidData->oid.len));
/*
* params->data needs to contain the ASN encoding of an object ID (OID)
* representing the named curve. The actual OID is in
* oidData->oid.data so we simply prepend 0x06 and OID length
*/
params->data[0] = SEC_ASN1_OBJECT_ID;
params->data[1] = oidData->oid.len;
memcpy(params->data + 2, oidData->oid.data, oidData->oid.len);

return SECSuccess;
}

/* Performs basic tests of elliptic curve cryptography over prime fields.
* If tests fail, then it prints an error message, aborts, and returns an
* error code. Otherwise, returns 0. */
Expand All @@ -423,7 +336,7 @@ ectest_curve_pkcs11(ECCurveName curve, int iterations, int numThreads)

ecParams.data = NULL;
ecParams.len = 0;
rv = ecName2params(curve, &ecParams);
rv = SECU_ecName2params(curve, &ecParams);
if (rv != SECSuccess) {
goto cleanup;
}
Expand Down Expand Up @@ -474,7 +387,7 @@ ectest_curve_pkcs11(ECCurveName curve, int iterations, int numThreads)

lock = PR_NewLock();

if (ecCurve_map[curve]->usage & KU_KEY_AGREEMENT) {
if (ecCurve_mapB[curve]->usage & KU_KEY_AGREEMENT) {
rv = M_TimeOperation(PKCS11Thread, (op_func)PKCS11_Derive, "ECDH_Derive",
&ecPriv, &mech, NULL, iterations, numThreads,
lock, session, 0, &deriveRate);
Expand All @@ -483,7 +396,7 @@ ectest_curve_pkcs11(ECCurveName curve, int iterations, int numThreads)
}
}

if (ecCurve_map[curve]->usage & KU_DIGITAL_SIGNATURE) {
if (ecCurve_mapB[curve]->usage & KU_DIGITAL_SIGNATURE) {
rv = M_TimeOperation(PKCS11Thread, (op_func)PKCS11_Sign, "ECDSA_Sign",
(void *)&ecPriv, &sig, &digest, iterations, numThreads,
lock, session, 1, &signRate);
Expand Down Expand Up @@ -542,9 +455,9 @@ ectest_curve_freebl(ECCurveName curve, int iterations, int numThreads,
unsigned char sigData[256];
unsigned char digestData[20];
double signRate, deriveRate = 0;
char genenc[3 + 2 * 2 * MAX_ECKEY_LEN];
SECStatus rv = SECFailure;
PLArenaPool *arena;
SECItem ecEncodedParams = { siBuffer, NULL, 0 };

arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
if (!arena) {
Expand All @@ -556,28 +469,11 @@ ectest_curve_freebl(ECCurveName curve, int iterations, int numThreads,
return SECFailure;
}

ecParams.name = curve;
ecParams.type = ec_params_named;
ecParams.curveOID.data = NULL;
ecParams.curveOID.len = 0;
ecParams.curve.seed.data = NULL;
ecParams.curve.seed.len = 0;
ecParams.DEREncoding.data = NULL;
ecParams.DEREncoding.len = 0;

ecParams.fieldID.size = ecCurve_map[curve]->size;
ecParams.fieldID.type = fieldType;
SECU_HexString2SECItem(arena, &ecParams.fieldID.u.prime, ecCurve_map[curve]->irr);
SECU_HexString2SECItem(arena, &ecParams.curve.a, ecCurve_map[curve]->curvea);
SECU_HexString2SECItem(arena, &ecParams.curve.b, ecCurve_map[curve]->curveb);
genenc[0] = '0';
genenc[1] = '4';
genenc[2] = '\0';
strcat(genenc, ecCurve_map[curve]->genx);
strcat(genenc, ecCurve_map[curve]->geny);
SECU_HexString2SECItem(arena, &ecParams.base, genenc);
SECU_HexString2SECItem(arena, &ecParams.order, ecCurve_map[curve]->order);
ecParams.cofactor = ecCurve_map[curve]->cofactor;
rv = SECU_ecName2params(curve, &ecEncodedParams);
if (rv != SECSuccess) {
goto cleanup;
}
EC_FillParams(arena, &ecEncodedParams, &ecParams);

PORT_Memset(digestData, 0xa5, sizeof(digestData));
digest.data = digestData;
Expand All @@ -592,15 +488,15 @@ ectest_curve_freebl(ECCurveName curve, int iterations, int numThreads,
ecPub.ecParams = ecParams;
ecPub.publicValue = ecPriv->publicValue;

if (ecCurve_map[curve]->usage & KU_KEY_AGREEMENT) {
if (ecCurve_mapB[curve]->usage & KU_KEY_AGREEMENT) {
rv = M_TimeOperation(genericThread, (op_func)ECDH_DeriveWrap, "ECDH_Derive",
ecPriv, &ecPub, NULL, iterations, numThreads, 0, 0, 0, &deriveRate);
if (rv != SECSuccess) {
goto cleanup;
}
}

if (ecCurve_map[curve]->usage & KU_DIGITAL_SIGNATURE) {
if (ecCurve_mapB[curve]->usage & KU_DIGITAL_SIGNATURE) {
rv = M_TimeOperation(genericThread, (op_func)ECDSA_SignDigest, "ECDSA_Sign",
ecPriv, &sig, &digest, iterations, numThreads, 0, 0, 1, &signRate);
if (rv != SECSuccess)
Expand Down
30 changes: 12 additions & 18 deletions cmd/fbectest/fbectest.c
Expand Up @@ -10,6 +10,7 @@
#include "secder.h"
#include "secitem.h"
#include "nspr.h"
#include "secutil.h"
#include <stdio.h>

typedef struct {
Expand Down Expand Up @@ -68,9 +69,9 @@ init_params(ECParams *ecParams, ECCurveName curve, PLArenaPool **arena,
ecParams->DEREncoding.data = NULL;
ecParams->DEREncoding.len = 0;
ecParams->arena = *arena;
ecParams->fieldID.size = ecCurve_map[curve]->size;
ecParams->fieldID.size = ecCurve_mapB[curve]->size;
ecParams->fieldID.type = type;
ecParams->cofactor = ecCurve_map[curve]->cofactor;
ecParams->cofactor = ecCurve_mapB[curve]->cofactor;

return SECSuccess;
}
Expand All @@ -88,26 +89,19 @@ ectest_ecdh_kat(ECDH_KAT *kat)
SECItem answer = { siBuffer, NULL, 0 };
SECItem answer2 = { siBuffer, NULL, 0 };
SECItem derived = { siBuffer, NULL, 0 };
char genenc[3 + 2 * 2 * MAX_ECKEY_LEN];
SECItem ecEncodedParams = { siBuffer, NULL, 0 };
int i;

rv = init_params(&ecParams, curve, &arena, kat->fieldType);
if (rv != SECSuccess) {
return rv;
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
if (!arena) {
return SECFailure;
}

SECU_HexString2SECItem(arena, &ecParams.fieldID.u.prime, ecCurve_map[curve]->irr);
SECU_HexString2SECItem(arena, &ecParams.curve.a, ecCurve_map[curve]->curvea);
SECU_HexString2SECItem(arena, &ecParams.curve.b, ecCurve_map[curve]->curveb);
genenc[0] = '0';
genenc[1] = '4';
genenc[2] = '\0';
PORT_Assert(PR_ARRAY_SIZE(genenc) >= PORT_Strlen(ecCurve_map[curve]->genx));
PORT_Assert(PR_ARRAY_SIZE(genenc) >= PORT_Strlen(ecCurve_map[curve]->geny));
strcat(genenc, ecCurve_map[curve]->genx);
strcat(genenc, ecCurve_map[curve]->geny);
SECU_HexString2SECItem(arena, &ecParams.base, genenc);
SECU_HexString2SECItem(arena, &ecParams.order, ecCurve_map[curve]->order);
rv = SECU_ecName2params(curve, &ecEncodedParams);
if (rv != SECSuccess) {
goto cleanup;
}
EC_FillParams(arena, &ecEncodedParams, &ecParams);

if (kat->our_pubhex) {
SECU_HexString2SECItem(arena, &answer, kat->our_pubhex);
Expand Down
90 changes: 90 additions & 0 deletions cmd/lib/secutil.c
Expand Up @@ -3960,3 +3960,93 @@ parseGroupList(const char *arg, SSLNamedGroup **enabledGroups,
*enabledGroups = groups;
return SECSuccess;
}

/* mapping between ECCurveName enum and SECOidTags */
static SECOidTag ecCurve_oid_map[] = {
SEC_OID_UNKNOWN, /* ECCurve_noName */
SEC_OID_ANSIX962_EC_PRIME192V1, /* ECCurve_NIST_P192 */
SEC_OID_SECG_EC_SECP224R1, /* ECCurve_NIST_P224 */
SEC_OID_ANSIX962_EC_PRIME256V1, /* ECCurve_NIST_P256 */
SEC_OID_SECG_EC_SECP384R1, /* ECCurve_NIST_P384 */
SEC_OID_SECG_EC_SECP521R1, /* ECCurve_NIST_P521 */
SEC_OID_SECG_EC_SECT163K1, /* ECCurve_NIST_K163 */
SEC_OID_SECG_EC_SECT163R1, /* ECCurve_NIST_B163 */
SEC_OID_SECG_EC_SECT233K1, /* ECCurve_NIST_K233 */
SEC_OID_SECG_EC_SECT233R1, /* ECCurve_NIST_B233 */
SEC_OID_SECG_EC_SECT283K1, /* ECCurve_NIST_K283 */
SEC_OID_SECG_EC_SECT283R1, /* ECCurve_NIST_B283 */
SEC_OID_SECG_EC_SECT409K1, /* ECCurve_NIST_K409 */
SEC_OID_SECG_EC_SECT409R1, /* ECCurve_NIST_B409 */
SEC_OID_SECG_EC_SECT571K1, /* ECCurve_NIST_K571 */
SEC_OID_SECG_EC_SECT571R1, /* ECCurve_NIST_B571 */
SEC_OID_ANSIX962_EC_PRIME192V2,
SEC_OID_ANSIX962_EC_PRIME192V3,
SEC_OID_ANSIX962_EC_PRIME239V1,
SEC_OID_ANSIX962_EC_PRIME239V2,
SEC_OID_ANSIX962_EC_PRIME239V3,
SEC_OID_ANSIX962_EC_C2PNB163V1,
SEC_OID_ANSIX962_EC_C2PNB163V2,
SEC_OID_ANSIX962_EC_C2PNB163V3,
SEC_OID_ANSIX962_EC_C2PNB176V1,
SEC_OID_ANSIX962_EC_C2TNB191V1,
SEC_OID_ANSIX962_EC_C2TNB191V2,
SEC_OID_ANSIX962_EC_C2TNB191V3,
SEC_OID_ANSIX962_EC_C2PNB208W1,
SEC_OID_ANSIX962_EC_C2TNB239V1,
SEC_OID_ANSIX962_EC_C2TNB239V2,
SEC_OID_ANSIX962_EC_C2TNB239V3,
SEC_OID_ANSIX962_EC_C2PNB272W1,
SEC_OID_ANSIX962_EC_C2PNB304W1,
SEC_OID_ANSIX962_EC_C2TNB359V1,
SEC_OID_ANSIX962_EC_C2PNB368W1,
SEC_OID_ANSIX962_EC_C2TNB431R1,
SEC_OID_SECG_EC_SECP112R1,
SEC_OID_SECG_EC_SECP112R2,
SEC_OID_SECG_EC_SECP128R1,
SEC_OID_SECG_EC_SECP128R2,
SEC_OID_SECG_EC_SECP160K1,
SEC_OID_SECG_EC_SECP160R1,
SEC_OID_SECG_EC_SECP160R2,
SEC_OID_SECG_EC_SECP192K1,
SEC_OID_SECG_EC_SECP224K1,
SEC_OID_SECG_EC_SECP256K1,
SEC_OID_SECG_EC_SECT113R1,
SEC_OID_SECG_EC_SECT113R2,
SEC_OID_SECG_EC_SECT131R1,
SEC_OID_SECG_EC_SECT131R2,
SEC_OID_SECG_EC_SECT163R1,
SEC_OID_SECG_EC_SECT193R1,
SEC_OID_SECG_EC_SECT193R2,
SEC_OID_SECG_EC_SECT239K1,
SEC_OID_UNKNOWN, /* ECCurve_WTLS_1 */
SEC_OID_UNKNOWN, /* ECCurve_WTLS_8 */
SEC_OID_UNKNOWN, /* ECCurve_WTLS_9 */
SEC_OID_CURVE25519,
SEC_OID_UNKNOWN /* ECCurve_pastLastCurve */
};

SECStatus
SECU_ecName2params(ECCurveName curve, SECKEYECParams *params)
{
SECOidData *oidData = NULL;

if ((curve < ECCurve_noName) || (curve > ECCurve_pastLastCurve) ||
((oidData = SECOID_FindOIDByTag(ecCurve_oid_map[curve])) == NULL)) {
PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
return SECFailure;
}

if (SECITEM_AllocItem(NULL, params, (2 + oidData->oid.len)) == NULL) {
return SECFailure;
}
/*
* params->data needs to contain the ASN encoding of an object ID (OID)
* representing the named curve. The actual OID is in
* oidData->oid.data so we simply prepend 0x06 and OID length
*/
params->data[0] = SEC_ASN1_OBJECT_ID;
params->data[1] = oidData->oid.len;
memcpy(params->data + 2, oidData->oid.data, oidData->oid.len);

return SECSuccess;
}
3 changes: 3 additions & 0 deletions cmd/lib/secutil.h
Expand Up @@ -18,6 +18,7 @@
#include "basicutil.h"
#include "sslerr.h"
#include "sslt.h"
#include "blapi.h"

#define SEC_CT_PRIVATE_KEY "private-key"
#define SEC_CT_PUBLIC_KEY "public-key"
Expand Down Expand Up @@ -412,6 +413,8 @@ SECStatus parseGroupList(const char *arg, SSLNamedGroup **enabledGroups,
unsigned int *enabledGroupsCount);
SSLNamedGroup groupNameToNamedGroup(char *name);

extern SECStatus SECU_ecName2params(ECCurveName curve, SECKEYECParams *params);

/*
*
* Error messaging
Expand Down

0 comments on commit 6c57015

Please sign in to comment.