2 * Copyright (C) 2011-2012 Free Software Foundation, Inc.
4 * Author: Nikos Mavrogiannopoulos
6 * This file is part of GnuTLS.
8 * The GnuTLS is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 3 of
11 * the License, or (at your option) any later version.
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>
23 #include <gnutls_int.h>
24 #include <algorithms.h>
25 #include <gnutls_errors.h>
26 #include <x509/common.h>
29 /* Supported ECC curves
32 static const gnutls_ecc_curve_entry_st ecc_curves
[] = {
35 .oid
= "1.2.840.10045.3.1.1",
36 .id
= GNUTLS_ECC_CURVE_SECP192R1
,
39 .prime
= "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
40 .A
= "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
41 .B
= "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1",
42 .order
= "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831",
43 .Gx
= "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012",
44 .Gy
= "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811"
48 .oid
= "1.3.132.0.33",
49 .id
= GNUTLS_ECC_CURVE_SECP224R1
,
52 .prime
= "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
53 .A
= "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
54 .B
= "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
55 .order
= "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",
56 .Gx
= "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
57 .Gy
= "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34",
61 .oid
= "1.2.840.10045.3.1.7",
62 .id
= GNUTLS_ECC_CURVE_SECP256R1
,
65 .prime
= "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
66 .A
= "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC",
67 .B
= "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
68 .order
= "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",
69 .Gx
= "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296",
70 .Gy
= "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5",
74 .oid
= "1.3.132.0.34",
75 .id
= GNUTLS_ECC_CURVE_SECP384R1
,
78 .prime
= "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",
79 .A
= "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC",
80 .B
= "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",
81 .order
= "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973",
82 .Gx
= "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7",
83 .Gy
= "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F"
87 .oid
= "1.3.132.0.35",
88 .id
= GNUTLS_ECC_CURVE_SECP521R1
,
91 .prime
= "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
92 .A
= "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",
93 .B
= "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
94 .order
= "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",
95 .Gx
= "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",
96 .Gy
= "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650",
101 #define GNUTLS_ECC_CURVE_LOOP(b) \
102 { const gnutls_ecc_curve_entry_st *p; \
103 for(p = ecc_curves; p->name != NULL; p++) { b ; } }
106 /* Returns the TLS id of the given curve
109 _gnutls_tls_id_to_ecc_curve (int num
)
111 gnutls_ecc_curve_t ret
= GNUTLS_ECC_CURVE_INVALID
;
113 GNUTLS_ECC_CURVE_LOOP (
114 if (p
->tls_id
== num
)
125 * gnutls_ecc_curve_list:
127 * Get the list of supported elliptic curves.
129 * This function is not thread safe.
131 * Returns: Return a (0)-terminated list of #gnutls_ecc_curve_t
132 * integers indicating the available curves.
134 const gnutls_ecc_curve_t
*
135 gnutls_ecc_curve_list (void)
137 static gnutls_ecc_curve_t supported_curves
[MAX_ALGOS
] = { 0 };
139 if (supported_curves
[0] == 0)
143 GNUTLS_ECC_CURVE_LOOP (
144 supported_curves
[i
++]=p
->id
;
146 supported_curves
[i
++]=0;
149 return supported_curves
;
152 /* Maps numbers to TLS NamedCurve IDs (RFC4492).
153 * Returns a negative number on error.
156 _gnutls_ecc_curve_get_tls_id (gnutls_ecc_curve_t supported_ecc
)
158 int ret
= GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER
;
160 GNUTLS_ECC_CURVE_LOOP (
161 if (p
->id
== supported_ecc
)
172 * _gnutls_oid_to_ecc_curve:
173 * @oid: is a curve's OID
175 * Returns: return a #gnutls_ecc_curve_t value corresponding to
176 * the specified OID, or %GNUTLS_ECC_CURVE_INVALID on error.
178 gnutls_ecc_curve_t
_gnutls_oid_to_ecc_curve (const char* oid
)
180 gnutls_ecc_curve_t ret
= GNUTLS_ECC_CURVE_INVALID
;
182 GNUTLS_ECC_CURVE_LOOP (
183 if (strcasecmp (p
->oid
, oid
) == 0)
194 * _gnutls_ecc_curve_get_id:
195 * @name: is a curve name
197 * The names are compared in a case insensitive way.
199 * Returns: return a #gnutls_ecc_curve_t value corresponding to
200 * the specified curve, or %GNUTLS_ECC_CURVE_INVALID on error.
203 _gnutls_ecc_curve_get_id (const char *name
)
205 gnutls_ecc_curve_t ret
= GNUTLS_ECC_CURVE_INVALID
;
207 GNUTLS_ECC_CURVE_LOOP (
208 if (strcasecmp (p
->name
, name
) == 0)
219 * _gnutls_ecc_bits_to_curve:
220 * @bits: is a security parameter in bits
222 * Returns: return a #gnutls_ecc_curve_t value corresponding to
223 * the specified bit length, or %GNUTLS_ECC_CURVE_INVALID on error.
226 _gnutls_ecc_bits_to_curve (int bits
)
228 gnutls_ecc_curve_t ret
= GNUTLS_ECC_CURVE_SECP224R1
;
230 GNUTLS_ECC_CURVE_LOOP (
231 if (8*p
->size
>= bits
)
242 * gnutls_ecc_curve_get_name:
243 * @curve: is an ECC curve
245 * Convert a #gnutls_ecc_curve_t value to a string.
247 * Returns: a string that contains the name of the specified
253 gnutls_ecc_curve_get_name (gnutls_ecc_curve_t curve
)
255 const char *ret
= NULL
;
257 GNUTLS_ECC_CURVE_LOOP(
269 * _gnutls_ecc_curve_get_oid:
270 * @curve: is an ECC curve
272 * Convert a #gnutls_ecc_curve_t value to a string.
274 * Returns: a string that contains the name of the specified
278 _gnutls_ecc_curve_get_oid (gnutls_ecc_curve_t curve
)
280 const char *ret
= NULL
;
282 GNUTLS_ECC_CURVE_LOOP(
294 * _gnutls_ecc_curve_get_params:
295 * @curve: is an ECC curve
297 * Returns the information on a curve.
299 * Returns: a pointer to #gnutls_ecc_curve_entry_st or %NULL.
301 const gnutls_ecc_curve_entry_st
*
302 _gnutls_ecc_curve_get_params (gnutls_ecc_curve_t curve
)
304 const gnutls_ecc_curve_entry_st
*ret
= NULL
;
306 GNUTLS_ECC_CURVE_LOOP(
318 * gnutls_ecc_curve_get_size:
319 * @curve: is an ECC curve
321 * Returns the size in bytes of the curve.
323 * Returns: a the size or (0).
327 int gnutls_ecc_curve_get_size (gnutls_ecc_curve_t curve
)
331 GNUTLS_ECC_CURVE_LOOP(