diff options
author | Adam Langley <agl@chromium.org> | 2014-07-19 03:26:25 +0400 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2014-07-19 04:03:13 +0400 |
commit | c0d948490288b91dbaa16f691f4f29a3536ae6e3 (patch) | |
tree | cab15c60d6042931054fb0330bb2233d1b9fed6a /crypto/ec/ec_asn1.c | |
parent | ecc0ce7e67b7dcfdfc57ffa99d70c9a04996e15b (diff) |
ec: recognise known parameters when written in full.
Some EC ASN.1 structures are using a named curve, but include the full
parameters anyway. With this change, BoringSSL will recognise the order
of the curve.
Change-Id: Iff057178453f9fdc98c8c03bcabbccef89709887
Reviewed-on: https://boringssl-review.googlesource.com/1270
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'crypto/ec/ec_asn1.c')
-rw-r--r-- | crypto/ec/ec_asn1.c | 26 |
1 files changed, 23 insertions, 3 deletions
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index 35fff744..7920ae83 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -190,19 +190,39 @@ ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group, EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) { EC_GROUP *ret = NULL; - int nid = 0; + int nid = NID_undef; if (params == NULL) { OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, EC_R_MISSING_PARAMETERS); return NULL; } - if (params->type != 0) { + if (params->type == 0) { + nid = OBJ_obj2nid(params->value.named_curve); + } else if (params->type == 1) { + /* We don't support arbitary curves so we attempt to recognise it from the + * group order. */ + const ECPARAMETERS *ecparams = params->value.parameters; + unsigned i; + const struct built_in_curve *curve; + + for (i = 0; OPENSSL_built_in_curves[i].nid != NID_undef; i++) { + curve = &OPENSSL_built_in_curves[i]; + const unsigned param_len = curve->data->param_len; + if (ecparams->order->length == param_len && + memcmp(ecparams->order->data, &curve->data->data[param_len * 5], + param_len) == 0) { + nid = curve->nid; + break; + } + } + } + + if (nid == NID_undef) { OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, EC_R_NON_NAMED_CURVE); return NULL; } - nid = OBJ_obj2nid(params->value.named_curve); ret = EC_GROUP_new_by_curve_name(nid); if (ret == NULL) { OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, |