source-git / gnutls

Clone
Source Code
GIT

Blame lib/algorithms/ecc.c

c8 c8s master
  1.   4684c19e6b623dac0517d3f3ac8f576d6fbfd0bb
  2.   lib
  3.   algorithms
  4.   ecc.c
Blob History Raw
Packit Service 4684c1 
/*
Packit Service 4684c1 
 * Copyright (C) 2011-2012 Free Software Foundation, Inc.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Author: Nikos Mavrogiannopoulos
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This file is part of GnuTLS.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * The GnuTLS is free software; you can redistribute it and/or
Packit Service 4684c1 
 * modify it under the terms of the GNU Lesser General Public License
Packit Service 4684c1 
 * as published by the Free Software Foundation; either version 2.1 of
Packit Service 4684c1 
 * the License, or (at your option) any later version.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This library is distributed in the hope that it will be useful, but
Packit Service 4684c1 
 * WITHOUT ANY WARRANTY; without even the implied warranty of
Packit Service 4684c1 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Packit Service 4684c1 
 * Lesser General Public License for more details.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * You should have received a copy of the GNU Lesser General Public License
Packit Service 4684c1 
 * along with this program.  If not, see <https://www.gnu.org/licenses/>
Packit Service 4684c1 
 *
Packit Service 4684c1 
 */
Packit Service 4684c1
Packit Service 4684c1 
#include "gnutls_int.h"
Packit Service 4684c1 
#include <algorithms.h>
Packit Service 4684c1 
#include "errors.h"
Packit Service 4684c1 
#include <x509/common.h>
Packit Service 4684c1 
#include <pk.h>
Packit Service 4684c1 
#include "c-strcase.h"
Packit Service 4684c1
Packit Service 4684c1 
/* Supported ECC curves
Packit Service 4684c1 
 */
Packit Service 4684c1
Packit Service 4684c1 
static SYSTEM_CONFIG_OR_CONST
Packit Service 4684c1 
gnutls_ecc_curve_entry_st ecc_curves[] = {
Packit Service 4684c1 
#ifdef ENABLE_NON_SUITEB_CURVES
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "SECP192R1",
Packit Service 4684c1 
	 .oid = "1.2.840.10045.3.1.1",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_SECP192R1,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_SECP192R1,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_ECDSA,
Packit Service 4684c1 
	 .size = 24,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "SECP224R1",
Packit Service 4684c1 
	 .oid = "1.3.132.0.33",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_SECP224R1,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_SECP224R1,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_ECDSA,
Packit Service 4684c1 
	 .size = 28,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
#endif
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "SECP256R1",
Packit Service 4684c1 
	 .oid = "1.2.840.10045.3.1.7",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_SECP256R1,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_SECP256R1,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_ECDSA,
Packit Service 4684c1 
	 .size = 32,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "SECP384R1",
Packit Service 4684c1 
	 .oid = "1.3.132.0.34",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_SECP384R1,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_SECP384R1,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_ECDSA,
Packit Service 4684c1 
	 .size = 48,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "SECP521R1",
Packit Service 4684c1 
	 .oid = "1.3.132.0.35",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_SECP521R1,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_SECP521R1,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_ECDSA,
Packit Service 4684c1 
	 .size = 66,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "X25519",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_X25519,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_X25519,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_ECDH_X25519,
Packit Service 4684c1 
	 .size = 32,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "Ed25519",
Packit Service 4684c1 
	 .oid = SIG_EDDSA_SHA512_OID,
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_ED25519,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_EDDSA_ED25519,
Packit Service 4684c1 
	 .size = 32,
Packit Service 4684c1 
	 .sig_size = 64,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "X448",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_X448,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_ECDH_X448,
Packit Service 4684c1 
	 .size = 56,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "Ed448",
Packit Service 4684c1 
	 .oid = SIG_ED448_OID,
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_ED448,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_EDDSA_ED448,
Packit Service 4684c1 
	 .size = 57,
Packit Service 4684c1 
	 .sig_size = 114,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
#if ENABLE_GOST
Packit Service 4684c1 
	/* Curves for usage in GOST digital signature algorithm (GOST R
Packit Service 4684c1 
	 * 34.10-2001/-2012) and key agreement (VKO GOST R 34.10-2001/-2012).
Packit Service 4684c1 
	 *
Packit Service 4684c1 
	 * Historically CryptoPro has defined three 256-bit curves for use with
Packit Service 4684c1 
	 * digital signature algorithm (CryptoPro-A, -B, -C).
Packit Service 4684c1 
	 *
Packit Service 4684c1 
	 * Also it has reissues two of them with different OIDs for key
Packit Service 4684c1 
	 * exchange (CryptoPro-XchA = CryptoPro-A and CryptoPro-XchB =
Packit Service 4684c1 
	 * CryptoPro-C).
Packit Service 4684c1 
	 *
Packit Service 4684c1 
	 * Then TC26 (Standard comitee working on cryptographic standards) has
Packit Service 4684c1 
	 * defined one 256-bit curve (TC26-256-A) and three 512-bit curves
Packit Service 4684c1 
	 * (TC26-512-A, -B, -C).
Packit Service 4684c1 
	 *
Packit Service 4684c1 
	 * And finally TC26 has reissues original CryptoPro curves under their
Packit Service 4684c1 
	 * own OID namespace (TC26-256-B = CryptoPro-A, TC26-256-C =
Packit Service 4684c1 
	 * CryptoPro-B and TC26-256-D = CryptoPro-C).
Packit Service 4684c1 
	 *
Packit Service 4684c1 
	 * CryptoPro OIDs are usable for both GOST R 34.10-2001 and
Packit Service 4684c1 
	 * GOST R 34.10-2012 keys (thus they have GNUTLS_PK_UNKNOWN in this
Packit Service 4684c1 
	 * table).
Packit Service 4684c1 
	 * TC26 OIDs are usable only for GOST R 34.10-2012 keys.
Packit Service 4684c1 
	 */
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "CryptoPro-A",
Packit Service 4684c1 
	 .oid = "1.2.643.2.2.35.1",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_GOST256CPA,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_GC256B,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_UNKNOWN,
Packit Service 4684c1 
	 .size = 32,
Packit Service 4684c1 
	 .gost_curve = 1,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "CryptoPro-B",
Packit Service 4684c1 
	 .oid = "1.2.643.2.2.35.2",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_GOST256CPB,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_GC256C,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_UNKNOWN,
Packit Service 4684c1 
	 .size = 32,
Packit Service 4684c1 
	 .gost_curve = 1,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "CryptoPro-C",
Packit Service 4684c1 
	 .oid = "1.2.643.2.2.35.3",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_GOST256CPC,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_GC256D,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_UNKNOWN,
Packit Service 4684c1 
	 .size = 32,
Packit Service 4684c1 
	 .gost_curve = 1,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "CryptoPro-XchA",
Packit Service 4684c1 
	 .oid = "1.2.643.2.2.36.0",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_GOST256CPXA,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_GC256B,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_UNKNOWN,
Packit Service 4684c1 
	 .size = 32,
Packit Service 4684c1 
	 .gost_curve = 1,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "CryptoPro-XchB",
Packit Service 4684c1 
	 .oid = "1.2.643.2.2.36.1",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_GOST256CPXB,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_GC256D,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_UNKNOWN,
Packit Service 4684c1 
	 .size = 32,
Packit Service 4684c1 
	 .gost_curve = 1,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "TC26-256-A",
Packit Service 4684c1 
	 .oid = "1.2.643.7.1.2.1.1.1",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_GOST256A,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_GC256A,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_GOST_12_256,
Packit Service 4684c1 
	 .size = 32,
Packit Service 4684c1 
	 .gost_curve = 1,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "TC26-256-B",
Packit Service 4684c1 
	 .oid = "1.2.643.7.1.2.1.1.2",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_GOST256B,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_GC256B,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_GOST_12_256,
Packit Service 4684c1 
	 .size = 32,
Packit Service 4684c1 
	 .gost_curve = 1,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "TC26-256-C",
Packit Service 4684c1 
	 .oid = "1.2.643.7.1.2.1.1.3",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_GOST256C,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_GC256C,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_GOST_12_256,
Packit Service 4684c1 
	 .size = 32,
Packit Service 4684c1 
	 .gost_curve = 1,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "TC26-256-D",
Packit Service 4684c1 
	 .oid = "1.2.643.7.1.2.1.1.4",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_GOST256D,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_GC256D,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_GOST_12_256,
Packit Service 4684c1 
	 .size = 32,
Packit Service 4684c1 
	 .gost_curve = 1,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "TC26-512-A",
Packit Service 4684c1 
	 .oid = "1.2.643.7.1.2.1.2.1",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_GOST512A,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_GC512A,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_GOST_12_512,
Packit Service 4684c1 
	 .size = 64,
Packit Service 4684c1 
	 .gost_curve = 1,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "TC26-512-B",
Packit Service 4684c1 
	 .oid = "1.2.643.7.1.2.1.2.2",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_GOST512B,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_GC512B,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_GOST_12_512,
Packit Service 4684c1 
	 .size = 64,
Packit Service 4684c1 
	 .gost_curve = 1,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
	{
Packit Service 4684c1 
	 .name = "TC26-512-C",
Packit Service 4684c1 
	 .oid = "1.2.643.7.1.2.1.2.3",
Packit Service 4684c1 
	 .id = GNUTLS_ECC_CURVE_GOST512C,
Packit Service 4684c1 
	 .group = GNUTLS_GROUP_GC512C,
Packit Service 4684c1 
	 .pk = GNUTLS_PK_GOST_12_512,
Packit Service 4684c1 
	 .size = 64,
Packit Service 4684c1 
	 .gost_curve = 1,
Packit Service 4684c1 
	 .supported = 1,
Packit Service 4684c1 
	},
Packit Service 4684c1 
#endif
Packit Service 4684c1 
	{0, 0, 0}
Packit Service 4684c1 
};
Packit Service 4684c1
Packit Service 4684c1 
#define GNUTLS_ECC_CURVE_LOOP(b) \
Packit Service 4684c1 
	{ const gnutls_ecc_curve_entry_st *p; \
Packit Service 4684c1 
		for(p = ecc_curves; p->name != NULL; p++) { b ; } }
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_ecc_curve_list:
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Get the list of supported elliptic curves.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This function is not thread safe.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: Return a (0)-terminated list of #gnutls_ecc_curve_t
Packit Service 4684c1 
 *   integers indicating the available curves.
Packit Service 4684c1 
 **/
Packit Service 4684c1 
const gnutls_ecc_curve_t *gnutls_ecc_curve_list(void)
Packit Service 4684c1 
{
Packit Service 4684c1 
	static gnutls_ecc_curve_t supported_curves[MAX_ALGOS] = { 0 };
Packit Service 4684c1
Packit Service 4684c1 
	if (supported_curves[0] == 0) {
Packit Service 4684c1 
		int i = 0;
Packit Service 4684c1
Packit Service 4684c1 
		GNUTLS_ECC_CURVE_LOOP(
Packit Service 4684c1 
			if (p->supported && _gnutls_pk_curve_exists(p->id))
Packit Service 4684c1 
				supported_curves[i++] = p->id;
Packit Service 4684c1 
		);
Packit Service 4684c1 
		supported_curves[i++] = 0;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	return supported_curves;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
unsigned _gnutls_ecc_curve_is_supported(gnutls_ecc_curve_t curve)
Packit Service 4684c1 
{
Packit Service 4684c1 
	GNUTLS_ECC_CURVE_LOOP(
Packit Service 4684c1 
		if (p->id == curve && p->supported && _gnutls_pk_curve_exists(p->id))
Packit Service 4684c1 
			return 1;
Packit Service 4684c1 
	);
Packit Service 4684c1 
	return 0;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_oid_to_ecc_curve:
Packit Service 4684c1 
 * @oid: is a curve's OID
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: return a #gnutls_ecc_curve_t value corresponding to
Packit Service 4684c1 
 *   the specified OID, or %GNUTLS_ECC_CURVE_INVALID on error.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Since: 3.4.3
Packit Service 4684c1 
 **/
Packit Service 4684c1 
gnutls_ecc_curve_t gnutls_oid_to_ecc_curve(const char *oid)
Packit Service 4684c1 
{
Packit Service 4684c1 
	gnutls_ecc_curve_t ret = GNUTLS_ECC_CURVE_INVALID;
Packit Service 4684c1
Packit Service 4684c1 
	GNUTLS_ECC_CURVE_LOOP(
Packit Service 4684c1 
		if (p->oid != NULL && c_strcasecmp(p->oid, oid) == 0 && p->supported &&
Packit Service 4684c1 
		    _gnutls_pk_curve_exists(p->id)) {
Packit Service 4684c1 
			ret = p->id;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	);
Packit Service 4684c1
Packit Service 4684c1 
	return ret;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_ecc_curve_get_id:
Packit Service 4684c1 
 * @name: is a curve name
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * The names are compared in a case insensitive way.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: return a #gnutls_ecc_curve_t value corresponding to
Packit Service 4684c1 
 *   the specified curve, or %GNUTLS_ECC_CURVE_INVALID on error.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Since: 3.4.3
Packit Service 4684c1 
 **/
Packit Service 4684c1 
gnutls_ecc_curve_t gnutls_ecc_curve_get_id(const char *name)
Packit Service 4684c1 
{
Packit Service 4684c1 
	gnutls_ecc_curve_t ret = GNUTLS_ECC_CURVE_INVALID;
Packit Service 4684c1
Packit Service 4684c1 
	GNUTLS_ECC_CURVE_LOOP(
Packit Service 4684c1 
		if (c_strcasecmp(p->name, name) == 0 && p->supported &&
Packit Service 4684c1 
		    _gnutls_pk_curve_exists(p->id)) {
Packit Service 4684c1 
			ret = p->id;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	);
Packit Service 4684c1
Packit Service 4684c1 
	return ret;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
int _gnutls_ecc_curve_mark_disabled(const char *name)
Packit Service 4684c1 
{
Packit Service 4684c1 
	gnutls_ecc_curve_entry_st *p;
Packit Service 4684c1
Packit Service 4684c1 
	for(p = ecc_curves; p->name != NULL; p++) {
Packit Service 4684c1 
		if (c_strcasecmp(p->name, name) == 0) {
Packit Service 4684c1 
			p->supported = 0;
Packit Service 4684c1 
			return 0;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
static int _gnutls_ecc_pk_compatible(const gnutls_ecc_curve_entry_st *p,
Packit Service 4684c1 
				     gnutls_pk_algorithm_t pk)
Packit Service 4684c1 
{
Packit Service 4684c1 
	if (!p->supported || !_gnutls_pk_curve_exists(p->id))
Packit Service 4684c1 
		return 0;
Packit Service 4684c1
Packit Service 4684c1 
	if (pk == GNUTLS_PK_GOST_01 ||
Packit Service 4684c1 
	    pk == GNUTLS_PK_GOST_12_256)
Packit Service 4684c1 
		return p->gost_curve && p->size == 32;
Packit Service 4684c1
Packit Service 4684c1 
	return pk == p->pk;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
/*-
Packit Service 4684c1 
 * _gnutls_ecc_bits_to_curve:
Packit Service 4684c1 
 * @bits: is a security parameter in bits
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: return a #gnutls_ecc_curve_t value corresponding to
Packit Service 4684c1 
 *   the specified bit length, or %GNUTLS_ECC_CURVE_INVALID on error.
Packit Service 4684c1 
 -*/
Packit Service 4684c1 
gnutls_ecc_curve_t _gnutls_ecc_bits_to_curve(gnutls_pk_algorithm_t pk, int bits)
Packit Service 4684c1 
{
Packit Service 4684c1 
	gnutls_ecc_curve_t ret;
Packit Service 4684c1
Packit Service 4684c1 
	if (pk == GNUTLS_PK_ECDSA)
Packit Service 4684c1 
		ret = GNUTLS_ECC_CURVE_SECP256R1;
Packit Service 4684c1 
	else if (pk == GNUTLS_PK_GOST_01 ||
Packit Service 4684c1 
		 pk == GNUTLS_PK_GOST_12_256)
Packit Service 4684c1 
		ret = GNUTLS_ECC_CURVE_GOST256CPA;
Packit Service 4684c1 
	else if (pk == GNUTLS_PK_GOST_12_512)
Packit Service 4684c1 
		ret = GNUTLS_ECC_CURVE_GOST512A;
Packit Service 4684c1 
	else
Packit Service 4684c1 
		ret = GNUTLS_ECC_CURVE_ED25519;
Packit Service 4684c1
Packit Service 4684c1 
	GNUTLS_ECC_CURVE_LOOP(
Packit Service 4684c1 
		if (_gnutls_ecc_pk_compatible(p, pk) && 8 * p->size >= (unsigned)bits) {
Packit Service 4684c1 
			ret = p->id;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	);
Packit Service 4684c1
Packit Service 4684c1 
	return ret;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_ecc_curve_get_name:
Packit Service 4684c1 
 * @curve: is an ECC curve
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Convert a #gnutls_ecc_curve_t value to a string.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: a string that contains the name of the specified
Packit Service 4684c1 
 *   curve or %NULL.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Since: 3.0
Packit Service 4684c1 
 **/
Packit Service 4684c1 
const char *gnutls_ecc_curve_get_name(gnutls_ecc_curve_t curve)
Packit Service 4684c1 
{
Packit Service 4684c1 
	const char *ret = NULL;
Packit Service 4684c1
Packit Service 4684c1 
	GNUTLS_ECC_CURVE_LOOP(
Packit Service 4684c1 
		if (p->id == curve) {
Packit Service 4684c1 
			ret = p->name;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	);
Packit Service 4684c1
Packit Service 4684c1 
	return ret;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_ecc_curve_get_oid:
Packit Service 4684c1 
 * @curve: is an ECC curve
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Convert a #gnutls_ecc_curve_t value to its object identifier.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: a string that contains the OID of the specified
Packit Service 4684c1 
 *   curve or %NULL.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Since: 3.4.3
Packit Service 4684c1 
 **/
Packit Service 4684c1 
const char *gnutls_ecc_curve_get_oid(gnutls_ecc_curve_t curve)
Packit Service 4684c1 
{
Packit Service 4684c1 
	const char *ret = NULL;
Packit Service 4684c1
Packit Service 4684c1 
	GNUTLS_ECC_CURVE_LOOP(
Packit Service 4684c1 
		if (p->id == curve) {
Packit Service 4684c1 
			ret = p->oid;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	);
Packit Service 4684c1
Packit Service 4684c1 
	return ret;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
/*-
Packit Service 4684c1 
 * _gnutls_ecc_curve_get_params:
Packit Service 4684c1 
 * @curve: is an ECC curve
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns the information on a curve.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: a pointer to #gnutls_ecc_curve_entry_st or %NULL.
Packit Service 4684c1 
 -*/
Packit Service 4684c1 
const gnutls_ecc_curve_entry_st
Packit Service 4684c1 
    *_gnutls_ecc_curve_get_params(gnutls_ecc_curve_t curve)
Packit Service 4684c1 
{
Packit Service 4684c1 
	const gnutls_ecc_curve_entry_st *ret = NULL;
Packit Service 4684c1
Packit Service 4684c1 
	GNUTLS_ECC_CURVE_LOOP(
Packit Service 4684c1 
		if (p->id == curve) {
Packit Service 4684c1 
			ret = p;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	);
Packit Service 4684c1
Packit Service 4684c1 
	return ret;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_ecc_curve_get_size:
Packit Service 4684c1 
 * @curve: is an ECC curve
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: the size in bytes of the curve or 0 on failure.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Since: 3.0
Packit Service 4684c1 
 **/
Packit Service 4684c1 
int gnutls_ecc_curve_get_size(gnutls_ecc_curve_t curve)
Packit Service 4684c1 
{
Packit Service 4684c1 
	int ret = 0;
Packit Service 4684c1
Packit Service 4684c1 
	GNUTLS_ECC_CURVE_LOOP(
Packit Service 4684c1 
		if (p->id == curve) {
Packit Service 4684c1 
			ret = p->size;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	);
Packit Service 4684c1
Packit Service 4684c1 
	return ret;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_ecc_curve_get_pk:
Packit Service 4684c1 
 * @curve: is an ECC curve
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: the public key algorithm associated with the named curve or %GNUTLS_PK_UNKNOWN.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Since: 3.5.0
Packit Service 4684c1 
 **/
Packit Service 4684c1 
gnutls_pk_algorithm_t gnutls_ecc_curve_get_pk(gnutls_ecc_curve_t curve)
Packit Service 4684c1 
{
Packit Service 4684c1 
	int ret = GNUTLS_PK_UNKNOWN;
Packit Service 4684c1
Packit Service 4684c1 
	GNUTLS_ECC_CURVE_LOOP(
Packit Service 4684c1 
		if (p->id == curve && p->supported) {
Packit Service 4684c1 
			ret = p->pk;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	);
Packit Service 4684c1
Packit Service 4684c1 
	return ret;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * _gnutls_ecc_curve_get_group:
Packit Service 4684c1 
 * @curve: is an ECC curve
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: the group associated with the named curve or %GNUTLS_GROUP_INVALID.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Since: 3.6.11
Packit Service 4684c1 
 */
Packit Service 4684c1 
gnutls_group_t _gnutls_ecc_curve_get_group(gnutls_ecc_curve_t curve)
Packit Service 4684c1 
{
Packit Service 4684c1 
	gnutls_group_t ret = GNUTLS_GROUP_INVALID;
Packit Service 4684c1
Packit Service 4684c1 
	GNUTLS_ECC_CURVE_LOOP(
Packit Service 4684c1 
		if (p->id == curve && p->supported && _gnutls_pk_curve_exists(p->id)) {
Packit Service 4684c1 
			ret = p->group;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	);
Packit Service 4684c1
Packit Service 4684c1 
	return ret;
Packit Service 4684c1 
}

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation