static ECName params2ecName(SECKEYECParams * params) { SECItem oid = { siBuffer, NULL, 0}; SECOidData *oidData = NULL; PRUint32 policyFlags = 0; ECName i; /* * params->data needs to contain the ASN encoding of an object ID (OID) * representing a named curve. Here, we strip away everything * before the actual OID and use the OID to look up a named curve. */ if (params->data[0] != SEC_ASN1_OBJECT_ID) return ec_noName; oid.len = params->len - 2; oid.data = params->data + 2; if ((oidData = SECOID_FindOID(&oid)) == NULL) return ec_noName; for (i = ec_noName + 1; i < ec_pastLastName; i++) { if (ecName2OIDTag[i] == oidData->offset) { if (NSS_GetAlgorithmPolicy(oidData->offset, &policyFlags) == SECSuccess && (policyFlags & NSS_USE_ALG_IN_SSL_KX)) { return i; } } } return ec_noName; }
SECStatus ssl3_ECName2Params(PLArenaPool * arena, ECName curve, SECKEYECParams * params) { SECOidData *oidData = NULL; PRUint32 policyFlags = 0; if ((curve <= ec_noName) || (curve >= ec_pastLastName) || ((oidData = SECOID_FindOIDByTag(ecName2OIDTag[curve])) == NULL)) { PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); return SECFailure; } if (NSS_GetAlgorithmPolicy(ecName2OIDTag[curve], &policyFlags) == SECFailure || !(policyFlags & NSS_USE_ALG_IN_SSL_KX)) { PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); return SECFailure; } SECITEM_AllocItem(arena, params, (2 + oidData->oid.len)); /* * params->data needs to contain the ASN encoding of an object ID (OID) * representing the named curve. The actual OID is in * oidData->oid.data so we simply prepend 0x06 and OID length */ params->data[0] = SEC_ASN1_OBJECT_ID; params->data[1] = oidData->oid.len; memcpy(params->data + 2, oidData->oid.data, oidData->oid.len); return SECSuccess; }
SECStatus VerifySignedData(const CERTSignedData* sd, const CERTCertificate* cert, void* pkcs11PinArg) { if (!sd || !sd->data.data || !sd->signatureAlgorithm.algorithm.data || !sd->signature.data || !cert) { PR_NOT_REACHED("invalid args to VerifySignedData"); PR_SetError(SEC_ERROR_INVALID_ARGS, 0); return SECFailure; } // See bug 921585. if (sd->data.len > static_cast<unsigned int>(std::numeric_limits<int>::max())) { PR_SetError(SEC_ERROR_INVALID_ARGS, 0); return SECFailure; } // convert sig->len from bit counts to byte count. SECItem sig = sd->signature; DER_ConvertBitString(&sig); // Use SECKEY_ExtractPublicKey instead of CERT_ExtractPublicKey because // CERT_ExtractPublicKey would try to do (EC)DSA parameter inheritance, using // the classic (wrong) NSS path building logic. We intentionally do not // support parameter inheritance. ScopedSECKEYPublicKey pubKey(SECKEY_ExtractPublicKey(&cert->subjectPublicKeyInfo)); if (!pubKey) { return SECFailure; } SECOidTag hashAlg; if (VFY_VerifyDataWithAlgorithmID(sd->data.data, static_cast<int>(sd->data.len), pubKey.get(), &sig, &sd->signatureAlgorithm, &hashAlg, pkcs11PinArg) != SECSuccess) { return SECFailure; } // TODO: Ideally, we would do this check before we call // VFY_VerifyDataWithAlgorithmID. But, VFY_VerifyDataWithAlgorithmID gives us // the hash algorithm so it is more convenient to do things in this order. uint32_t policy; if (NSS_GetAlgorithmPolicy(hashAlg, &policy) != SECSuccess) { return SECFailure; } // XXX: I'm not sure why there isn't NSS_USE_ALG_IN_SSL_SIGNATURE, but there // isn't. Since we don't know the context in which we're being called, be as // strict as we can be given the NSS API that is available. static const uint32_t requiredPolicy = NSS_USE_ALG_IN_CERT_SIGNATURE | NSS_USE_ALG_IN_CMS_SIGNATURE; if ((policy & requiredPolicy) != requiredPolicy) { PR_SetError(SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED, 0); return SECFailure; } return SECSuccess; }
SECStatus ssl_NamedGroup2ECParams(PLArenaPool *arena, const namedGroupDef *ecGroup, SECKEYECParams *params) { SECOidData *oidData = NULL; PRUint32 policyFlags = 0; SECStatus rv; if (!params) { PORT_Assert(0); PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } if (!ecGroup || ecGroup->type != group_type_ec || (oidData = SECOID_FindOIDByTag(ecGroup->oidTag)) == NULL) { PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); return SECFailure; } rv = NSS_GetAlgorithmPolicy(ecGroup->oidTag, &policyFlags); if (rv == SECSuccess && !(policyFlags & NSS_USE_ALG_IN_SSL_KX)) { PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); return SECFailure; } if (SECITEM_AllocItem(arena, params, (2 + oidData->oid.len)) == NULL) { PORT_SetError(SEC_ERROR_NO_MEMORY); return SECFailure; } /* * params->data needs to contain the ASN encoding of an object ID (OID) * representing the named curve. The actual OID is in * oidData->oid.data so we simply prepend 0x06 and OID length */ params->data[0] = SEC_ASN1_OBJECT_ID; params->data[1] = oidData->oid.len; memcpy(params->data + 2, oidData->oid.data, oidData->oid.len); return SECSuccess; }
const namedGroupDef * ssl_ECPubKey2NamedGroup(const SECKEYPublicKey *pubKey) { SECItem oid = { siBuffer, NULL, 0 }; SECOidData *oidData = NULL; PRUint32 policyFlags = 0; unsigned int i; const SECKEYECParams *params; if (pubKey->keyType != ecKey) { PORT_Assert(0); return NULL; } params = &pubKey->u.ec.DEREncodedParams; /* * params->data needs to contain the ASN encoding of an object ID (OID) * representing a named curve. Here, we strip away everything * before the actual OID and use the OID to look up a named curve. */ if (params->data[0] != SEC_ASN1_OBJECT_ID) return NULL; oid.len = params->len - 2; oid.data = params->data + 2; if ((oidData = SECOID_FindOID(&oid)) == NULL) return NULL; if ((NSS_GetAlgorithmPolicy(oidData->offset, &policyFlags) == SECSuccess) && !(policyFlags & NSS_USE_ALG_IN_SSL_KX)) { return NULL; } for (i = 0; i < ssl_named_group_count; ++i) { if (ssl_named_groups[i].oidTag == oidData->offset) { return &ssl_named_groups[i]; } } return NULL; }