/* Find the "weakest link". Get the strength of the signature and symmetric
* keys and choose a curve based on the weakest of those two. */
const sslNamedGroupDef *
ssl_GetECGroupForServerSocket(sslSocket *ss)
{
const sslServerCert *cert = ss->sec.serverCert;
unsigned int certKeySize;
const ssl3BulkCipherDef *bulkCipher;
unsigned int requiredECCbits;
PORT_Assert(cert);
if (!cert || !cert->serverKeyPair || !cert->serverKeyPair->pubKey) {
PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
return NULL;
}
if (cert->certType.authType == ssl_auth_rsa_sign) {
certKeySize = SECKEY_PublicKeyStrengthInBits(cert->serverKeyPair->pubKey);
certKeySize =
SSL_RSASTRENGTH_TO_ECSTRENGTH(certKeySize);
} else if (cert->certType.authType == ssl_auth_ecdsa ||
cert->certType.authType == ssl_auth_ecdh_rsa ||
cert->certType.authType == ssl_auth_ecdh_ecdsa) {
const sslNamedGroupDef *groupDef = cert->certType.namedCurve;
/* We won't select a certificate unless the named curve has been
* negotiated (or supported_curves was absent), double check that. */
PORT_Assert(groupDef->keaType == ssl_kea_ecdh);
PORT_Assert(ssl_NamedGroupEnabled(ss, groupDef));
if (!ssl_NamedGroupEnabled(ss, groupDef)) {
return NULL;
}
certKeySize = groupDef->bits;
} else {
PORT_Assert(0);
return NULL;
}
bulkCipher = ssl_GetBulkCipherDef(ss->ssl3.hs.suite_def);
requiredECCbits = bulkCipher->key_size * BPB * 2;
PORT_Assert(requiredECCbits ||
ss->ssl3.hs.suite_def->bulk_cipher_alg == cipher_null);
if (requiredECCbits > certKeySize) {
requiredECCbits = certKeySize;
}
return ssl_GetECGroupWithStrength(ss, requiredECCbits);
}
/* Find the "weakest link". Get the strength of the signature and symmetric
* keys and choose a curve based on the weakest of those two. */
const namedGroupDef *
ssl_GetECGroupForServerSocket(sslSocket *ss)
{
const sslServerCert *cert = ss->sec.serverCert;
int certKeySize;
int requiredECCbits = ss->sec.secretKeyBits * 2;
PORT_Assert(cert);
if (!cert || !cert->serverKeyPair || !cert->serverKeyPair->pubKey) {
PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
return NULL;
}
if (cert->certType.authType == ssl_auth_rsa_sign) {
certKeySize = SECKEY_PublicKeyStrengthInBits(cert->serverKeyPair->pubKey);
certKeySize =
SSL_RSASTRENGTH_TO_ECSTRENGTH(certKeySize);
} else if (cert->certType.authType == ssl_auth_ecdsa ||
cert->certType.authType == ssl_auth_ecdh_rsa ||
cert->certType.authType == ssl_auth_ecdh_ecdsa) {
const namedGroupDef *groupDef = cert->certType.namedCurve;
/* We won't select a certificate unless the named curve has been
* negotiated (or supported_curves was absent), double check that. */
PORT_Assert(groupDef->type == group_type_ec);
PORT_Assert(ssl_NamedGroupEnabled(ss, groupDef));
if (!ssl_NamedGroupEnabled(ss, groupDef)) {
return NULL;
}
certKeySize = groupDef->bits;
} else {
PORT_Assert(0);
return NULL;
}
if (requiredECCbits > certKeySize) {
requiredECCbits = certKeySize;
}
return ssl_GetECGroupWithStrength(ss->namedGroups, requiredECCbits);
}
