diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-12-25 15:54:18 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-12-25 15:54:18 +0400 |
commit | ca63ccf685c8a606a3cabde362d418052cddb169 (patch) | |
tree | 126e011a8282b5a0e4c4b6553b70e4d83b451122 /core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java | |
parent | 25b27dfbe500af3c3ffca9637616426e644670e0 (diff) |
Re-organise handling for explicit_char2 curves so that order/cofactor
are included (which is currently needed for TNAF)
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java')
-rw-r--r-- | core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java index cf03caca..f4fbe28d 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java @@ -460,32 +460,32 @@ public class TlsECCUtils int m = TlsUtils.readUint16(input); short basis = TlsUtils.readUint8(input); - ECCurve curve; - switch (basis) { - case ECBasisType.ec_basis_trinomial: + if (!ECBasisType.isValid(basis)) { - int k = readECExponent(m, input); - BigInteger a = readECFieldElement(m, input); - BigInteger b = readECFieldElement(m, input); - curve = new ECCurve.F2m(m, k, a, b); - break; + throw new TlsFatalAlert(AlertDescription.illegal_parameter); } - case ECBasisType.ec_basis_pentanomial: + + int k1 = readECExponent(m, input), k2 = -1, k3 = -1; + if (basis == ECBasisType.ec_basis_pentanomial) { - int k1 = readECExponent(m, input); - int k2 = readECExponent(m, input); - int k3 = readECExponent(m, input); - BigInteger a = readECFieldElement(m, input); - BigInteger b = readECFieldElement(m, input); - curve = new ECCurve.F2m(m, k1, k2, k3, a, b); - break; + k2 = readECExponent(m, input); + k3 = readECExponent(m, input); } - default: - throw new TlsFatalAlert(AlertDescription.illegal_parameter); - } - ECPoint base = deserializeECPoint(ecPointFormats, curve, TlsUtils.readOpaque8(input)); + + BigInteger a = readECFieldElement(m, input); + BigInteger b = readECFieldElement(m, input); + + byte[] baseEncoding = TlsUtils.readOpaque8(input); BigInteger order = readECParameter(input); BigInteger cofactor = readECParameter(input); + + // TODO The order/cofactor are currently needed for tau-adic optimization if Koblitz + ECCurve curve = (basis == ECBasisType.ec_basis_pentanomial) + ? new ECCurve.F2m(m, k1, k2, k3, a, b, order, cofactor) + : new ECCurve.F2m(m, k1, a, b, order, cofactor); + + ECPoint base = deserializeECPoint(ecPointFormats, curve, baseEncoding); + return new ECDomainParameters(curve, base, order, cofactor); } case ECCurveType.named_curve: |