summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/freebl/ec.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/lib/freebl/ec.c')
-rw-r--r--security/nss/lib/freebl/ec.c44
1 files changed, 5 insertions, 39 deletions
diff --git a/security/nss/lib/freebl/ec.c b/security/nss/lib/freebl/ec.c
index 669c9b147..b28815ade 100644
--- a/security/nss/lib/freebl/ec.c
+++ b/security/nss/lib/freebl/ec.c
@@ -15,8 +15,6 @@
#include "ec.h"
#include "ecl.h"
-#ifndef NSS_DISABLE_ECC
-
static const ECMethod kMethods[] = {
{ ECCurve25519,
ec_Curve25519_pt_mul,
@@ -183,7 +181,6 @@ cleanup:
return rv;
}
-#endif /* NSS_DISABLE_ECC */
/* Generates a new EC key pair. The private key is a supplied
* value and the public key is the result of performing a scalar
@@ -194,7 +191,6 @@ ec_NewKey(ECParams *ecParams, ECPrivateKey **privKey,
const unsigned char *privKeyBytes, int privKeyLen)
{
SECStatus rv = SECFailure;
-#ifndef NSS_DISABLE_ECC
PLArenaPool *arena;
ECPrivateKey *key;
mp_int k;
@@ -309,9 +305,6 @@ cleanup:
printf("ec_NewKey returning %s\n",
(rv == SECSuccess) ? "success" : "failure");
#endif
-#else
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
-#endif /* NSS_DISABLE_ECC */
return rv;
}
@@ -326,15 +319,10 @@ EC_NewKeyFromSeed(ECParams *ecParams, ECPrivateKey **privKey,
const unsigned char *seed, int seedlen)
{
SECStatus rv = SECFailure;
-#ifndef NSS_DISABLE_ECC
rv = ec_NewKey(ecParams, privKey, seed, seedlen);
-#else
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
-#endif /* NSS_DISABLE_ECC */
return rv;
}
-#ifndef NSS_DISABLE_ECC
/* Generate a random private key using the algorithm A.4.1 of ANSI X9.62,
* modified a la FIPS 186-2 Change Notice 1 to eliminate the bias in the
* random number generator.
@@ -391,7 +379,6 @@ cleanup:
}
return privKeyBytes;
}
-#endif /* NSS_DISABLE_ECC */
/* Generates a new EC key pair. The private key is a random value and
* the public key is the result of performing a scalar point multiplication
@@ -401,7 +388,6 @@ SECStatus
EC_NewKey(ECParams *ecParams, ECPrivateKey **privKey)
{
SECStatus rv = SECFailure;
-#ifndef NSS_DISABLE_ECC
int len;
unsigned char *privKeyBytes = NULL;
@@ -425,9 +411,6 @@ cleanup:
printf("EC_NewKey returning %s\n",
(rv == SECSuccess) ? "success" : "failure");
#endif
-#else
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
-#endif /* NSS_DISABLE_ECC */
return rv;
}
@@ -441,7 +424,6 @@ cleanup:
SECStatus
EC_ValidatePublicKey(ECParams *ecParams, SECItem *publicValue)
{
-#ifndef NSS_DISABLE_ECC
mp_int Px, Py;
ECGroup *group = NULL;
SECStatus rv = SECFailure;
@@ -525,10 +507,6 @@ cleanup:
rv = SECFailure;
}
return rv;
-#else
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
- return SECFailure;
-#endif /* NSS_DISABLE_ECC */
}
/*
@@ -549,7 +527,6 @@ ECDH_Derive(SECItem *publicValue,
SECItem *derivedSecret)
{
SECStatus rv = SECFailure;
-#ifndef NSS_DISABLE_ECC
unsigned int len = 0;
SECItem pointQ = { siBuffer, NULL, 0 };
mp_int k; /* to hold the private value */
@@ -589,7 +566,11 @@ ECDH_Derive(SECItem *publicValue,
PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
return SECFailure;
}
- return method->mul(derivedSecret, privateValue, publicValue);
+ rv = method->mul(derivedSecret, privateValue, publicValue);
+ if (rv != SECSuccess) {
+ SECITEM_ZfreeItem(derivedSecret, PR_FALSE);
+ }
+ return rv;
}
/*
@@ -654,9 +635,6 @@ cleanup:
if (pointQ.data) {
PORT_ZFree(pointQ.data, pointQ.len);
}
-#else
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
-#endif /* NSS_DISABLE_ECC */
return rv;
}
@@ -670,7 +648,6 @@ ECDSA_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature,
const SECItem *digest, const unsigned char *kb, const int kblen)
{
SECStatus rv = SECFailure;
-#ifndef NSS_DISABLE_ECC
mp_int x1;
mp_int d, k; /* private key, random integer */
mp_int r, s; /* tuple (r, s) is the signature */
@@ -899,9 +876,6 @@ cleanup:
printf("ECDSA signing with seed %s\n",
(rv == SECSuccess) ? "succeeded" : "failed");
#endif
-#else
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
-#endif /* NSS_DISABLE_ECC */
return rv;
}
@@ -914,7 +888,6 @@ SECStatus
ECDSA_SignDigest(ECPrivateKey *key, SECItem *signature, const SECItem *digest)
{
SECStatus rv = SECFailure;
-#ifndef NSS_DISABLE_ECC
int len;
unsigned char *kBytes = NULL;
@@ -941,9 +914,6 @@ cleanup:
printf("ECDSA signing %s\n",
(rv == SECSuccess) ? "succeeded" : "failed");
#endif
-#else
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
-#endif /* NSS_DISABLE_ECC */
return rv;
}
@@ -961,7 +931,6 @@ ECDSA_VerifyDigest(ECPublicKey *key, const SECItem *signature,
const SECItem *digest)
{
SECStatus rv = SECFailure;
-#ifndef NSS_DISABLE_ECC
mp_int r_, s_; /* tuple (r', s') is received signature) */
mp_int c, u1, u2, v; /* intermediate values used in verification */
mp_int x1;
@@ -1161,9 +1130,6 @@ cleanup:
printf("ECDSA verification %s\n",
(rv == SECSuccess) ? "succeeded" : "failed");
#endif
-#else
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
-#endif /* NSS_DISABLE_ECC */
return rv;
}