From f838eeda09778ec51fbc002b62f5881f0795dcb3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 2 Jul 2013 14:56:43 +0200 Subject: [PATCH] Add x509_get_ecparams() --- include/polarssl/x509.h | 1 + library/x509parse.c | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index 62c8a931c9..240b9bbba0 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -70,6 +70,7 @@ #define POLARSSL_ERR_X509_FILE_IO_ERROR -0x2B00 /**< Read/write of file failed. */ #define POLARSSL_ERR_X509_PASSWORD_REQUIRED -0x2B80 /**< Private key password can't be empty. */ #define POLARSSL_ERR_X509_PASSWORD_MISMATCH -0x2C00 /**< Given private key password does not allow for correct decryption. */ +#define POLARSSL_ERR_X509_UNKNOWN_NAMED_CURVE -0x2C80 /**< Elliptic curve is unsupported (only NIST curves are supported). */ /* \} name */ /** diff --git a/library/x509parse.c b/library/x509parse.c index b51881a9a7..840319f43f 100644 --- a/library/x509parse.c +++ b/library/x509parse.c @@ -201,6 +201,38 @@ static int x509_get_alg( unsigned char **p, return( 0 ); } +/* Get an EC group id from an ECParameters buffer + * + * ECParameters ::= CHOICE { + * namedCurve OBJECT IDENTIFIER + * -- implicitCurve NULL + * -- specifiedCurve SpecifiedECDomain + * } + */ +static int x509_get_ecparams( unsigned char **p, const unsigned char *end, + ecp_group_id *grp_id ) +{ + int ret; + x509_buf curve; + + curve.tag = **p; + + if( ( ret = asn1_get_tag( p, end, &curve.len, ASN1_OID ) ) != 0 ) + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + + curve.p = *p; + *p += curve.len; + + if( *p != end ) + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + if( ( ret = oid_get_ec_grp( &curve, grp_id ) ) != 0 ) + return( POLARSSL_ERR_X509_UNKNOWN_NAMED_CURVE ); + + return( 0 ); +} + /* * AttributeTypeAndValue ::= SEQUENCE { * type AttributeType,