Add x509_get_ecparams()

2013-07-02 14:56:43 +02:00 · 2013-07-02 14:56:43 +02:00 · f838eeda09
commit f838eeda09
parent f0b30d0542
2 changed files with 33 additions and 0 deletions
--- a/include/polarssl/x509.h
+++ b/include/polarssl/x509.h
@ -70,6 +70,7 @@
 #define POLARSSL_ERR_X509_FILE_IO_ERROR                    -0x2B00  /**< Read/write of file failed. */
 #define POLARSSL_ERR_X509_PASSWORD_REQUIRED                -0x2B80  /**< Private key password can't be empty. */
 #define POLARSSL_ERR_X509_PASSWORD_MISMATCH                -0x2C00  /**< Given private key password does not allow for correct decryption. */
+#define POLARSSL_ERR_X509_UNKNOWN_NAMED_CURVE              -0x2C80  /**< Elliptic curve is unsupported (only NIST curves are supported). */
 /* \} name */

 /**
--- a/library/x509parse.c
+++ b/library/x509parse.c
@ -201,6 +201,38 @@ static int x509_get_alg( unsigned char **p,
    return( 0 );
 }

+/* Get an EC group id from an ECParameters buffer
+ *
+ * ECParameters ::= CHOICE {
+ *   namedCurve         OBJECT IDENTIFIER
+ *   -- implicitCurve   NULL
+ *   -- specifiedCurve  SpecifiedECDomain
+ * }
+ */
+static int x509_get_ecparams( unsigned char **p, const unsigned char *end,
+                              ecp_group_id *grp_id )
+{
+    int ret;
+    x509_buf curve;
+
+    curve.tag = **p;
+
+    if( ( ret = asn1_get_tag( p, end, &curve.len, ASN1_OID ) ) != 0 )
+        return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
+
+    curve.p = *p;
+    *p += curve.len;
+
+    if( *p != end )
+        return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
+                POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
+
+    if( ( ret = oid_get_ec_grp( &curve, grp_id ) ) != 0 )
+        return( POLARSSL_ERR_X509_UNKNOWN_NAMED_CURVE );
+
+    return( 0 );
+}
+
 /*
 *  AttributeTypeAndValue ::= SEQUENCE {
 *    type     AttributeType,