Lines Matching +full:use +full:- +full:minimum +full:- +full:ecc
2 * validator/val_secalgo.c - validator security algorithm functions.
8 * Redistribution and use in source and binary forms, with or without
29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
41 * and do the library calls (for the crypto library in use).
93 /* or use ERR_error_string if ERR_error_string_n is not avail TODO */ in log_crypto_error()
102 * @param level: debug level to use in verbose() call
110 /* or use ERR_error_string if ERR_error_string_n is not avail TODO */ in log_crypto_verbose()
176 h->ctx = EVP_MD_CTX_create(); in secalgo_hash_create_md()
177 if(!h->ctx) { in secalgo_hash_create_md()
181 if(!EVP_DigestInit_ex(h->ctx, md, NULL)) { in secalgo_hash_create_md()
182 EVP_MD_CTX_destroy(h->ctx); in secalgo_hash_create_md()
201 return EVP_DigestUpdate(hash->ctx, (unsigned char*)data, in secalgo_hash_update()
208 if(EVP_MD_CTX_size(hash->ctx) > (int)maxlen) { in secalgo_hash_final()
213 *resultlen = EVP_MD_CTX_size(hash->ctx); in secalgo_hash_final()
214 return EVP_DigestFinal_ex(hash->ctx, result, NULL); in secalgo_hash_final()
220 EVP_MD_CTX_destroy(hash->ctx); in secalgo_hash_delete()
432 dsasig->r = R; in setup_dsa_sig()
433 dsasig->s = S; in setup_dsa_sig()
481 while(r_rem < bnsize-1 && d[r_rem] == 0) in setup_ecdsa_sig()
484 while(s_rem < bnsize-1 && d[bnsize+s_rem] == 0) in setup_ecdsa_sig()
489 raw_sig_len = pre_len + r_high + bnsize - r_rem + mid_len + in setup_ecdsa_sig()
490 s_high + bnsize - s_rem; in setup_ecdsa_sig()
496 p[1] = (uint8_t)(raw_sig_len-2); in setup_ecdsa_sig()
498 p[3] = (uint8_t)(bnsize + r_high - r_rem); in setup_ecdsa_sig()
504 memmove(p, d+r_rem, (size_t)bnsize-r_rem); in setup_ecdsa_sig()
505 p += bnsize-r_rem; in setup_ecdsa_sig()
506 memmove(p, mid, (size_t)mid_len-1); in setup_ecdsa_sig()
507 p += mid_len-1; in setup_ecdsa_sig()
508 *p = (uint8_t)(bnsize + s_high - s_rem); in setup_ecdsa_sig()
514 memmove(p, d+bnsize+s_rem, (size_t)bnsize-s_rem); in setup_ecdsa_sig()
542 * @param digest_type: digest type to use
755 *reason = "use of key for crypto failed"; in verify_canonrrset()
765 *reason = "use of key for DSA crypto failed"; in verify_canonrrset()
780 *reason = "use of signature for ECDSA crypto failed"; in verify_canonrrset()
903 h->ctx = HASH_Create(tp); in secalgo_hash_create_type()
904 if(!h->ctx) { in secalgo_hash_create_type()
923 HASH_Update(hash->ctx, (unsigned char*)data, (unsigned int)len); in secalgo_hash_update()
931 if(HASH_ResultLenContext(hash->ctx) > (unsigned int)maxlen) { in secalgo_hash_final()
936 HASH_End(hash->ctx, (unsigned char*)result, &reslen, in secalgo_hash_final()
945 HASH_Destroy(hash->ctx); in secalgo_hash_delete()
1055 key->arena = arena; in nss_key_create()
1056 key->keyType = ktype; in nss_key_create()
1057 key->pkcs11Slot = NULL; in nss_key_create()
1058 key->pkcs11ID = CK_INVALID_HANDLE; in nss_key_create()
1068 /* OBJECTIDENTIFIER 1.2.840.10045.3.1.7 (P-256) in nss_buf2ecdsa()
1069 * {iso(1) member-body(2) us(840) ansi-x962(10045) curves(3) prime(1) prime256v1(7)} */ in nss_buf2ecdsa()
1073 /* OBJECTIDENTIFIER 1.3.132.0.34 (P-384) in nss_buf2ecdsa()
1074 * {iso(1) identified-organization(3) certicom(132) curve(0) ansip384r1(34)} */ in nss_buf2ecdsa()
1103 pk->u.ec.size = (len/2)*8; in nss_buf2ecdsa()
1104 if(SECITEM_CopyItem(pk->arena, &pk->u.ec.publicValue, &pub)) { in nss_buf2ecdsa()
1108 if(SECITEM_CopyItem(pk->arena, &pk->u.ec.DEREncodedParams, ¶ms)) { in nss_buf2ecdsa()
1159 if(SECITEM_CopyItem(pk->arena, &pk->u.dsa.params.prime, &P)) { in nss_buf2dsa()
1163 if(SECITEM_CopyItem(pk->arena, &pk->u.dsa.params.subPrime, &Q)) { in nss_buf2dsa()
1167 if(SECITEM_CopyItem(pk->arena, &pk->u.dsa.params.base, &G)) { in nss_buf2dsa()
1171 if(SECITEM_CopyItem(pk->arena, &pk->u.dsa.publicValue, &Y)) { in nss_buf2dsa()
1209 modulus.len = (len - offset); in nss_buf2rsa()
1214 if(SECITEM_CopyItem(pk->arena, &pk->u.rsa.modulus, &modulus)) { in nss_buf2rsa()
1218 if(SECITEM_CopyItem(pk->arena, &pk->u.rsa.publicExponent, &exponent)) { in nss_buf2rsa()
1230 * @param digest_type: digest type to use
1398 *reason = "use of key for crypto failed"; in verify_canonrrset()
1408 secsig.len --; in verify_canonrrset()
1417 if(SECITEM_CopyItem(pubkey->arena, &secsig, p)) { in verify_canonrrset()
1467 /* if it is not supported, like ECC is removed, we get, in verify_canonrrset()
1491 #include "dsa-compat.h"
1496 #include "ecc-curve.h"
1592 h->active = 384; in secalgo_hash_create_sha384()
1593 sha384_init(&h->ctx384); in secalgo_hash_create_sha384()
1602 h->active = 512; in secalgo_hash_create_sha512()
1603 sha512_init(&h->ctx512); in secalgo_hash_create_sha512()
1609 if(hash->active == 384) { in secalgo_hash_update()
1610 sha384_update(&hash->ctx384, len, data); in secalgo_hash_update()
1611 } else if(hash->active == 512) { in secalgo_hash_update()
1612 sha512_update(&hash->ctx512, len, data); in secalgo_hash_update()
1622 if(hash->active == 384) { in secalgo_hash_final()
1629 sha384_digest(&hash->ctx384, SHA384_DIGEST_SIZE, in secalgo_hash_final()
1631 } else if(hash->active == 512) { in secalgo_hash_final()
1638 sha512_digest(&hash->ctx512, SHA512_DIGEST_SIZE, in secalgo_hash_final()
1768 /* Signature length: 41 bytes - RFC 2536 sec. 3 */ in _verify_nettle_dsa()
1797 /* Validate T values constraints - RFC 2536 sec. 2 & sec. 3 */ in _verify_nettle_dsa()
1803 /* Pubkey minimum length: 21 bytes - RFC 2536 sec. 2 */ in _verify_nettle_dsa()
1858 /* 1-byte length */ in _verify_nettle_rsa()
1862 /* 1-byte NUL + 2-bytes exponent length */ in _verify_nettle_rsa()
1871 /* Check that we are not over-running input length */ in _verify_nettle_rsa()
1877 pubkey.size = keylen - mod_offset; in _verify_nettle_rsa()