summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/util
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 01:13:27 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 01:13:27 +0000
commit40a355a42d4a9444dc753c04c6608dade2f06a23 (patch)
tree871fc667d2de662f171103ce5ec067014ef85e61 /security/nss/lib/util
parentAdding upstream version 124.0.1. (diff)
downloadfirefox-40a355a42d4a9444dc753c04c6608dade2f06a23.tar.xz
firefox-40a355a42d4a9444dc753c04c6608dade2f06a23.zip
Adding upstream version 125.0.1.upstream/125.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/nss/lib/util')
-rw-r--r--security/nss/lib/util/nssutil.h4
-rw-r--r--security/nss/lib/util/secoid.c30
-rw-r--r--security/nss/lib/util/secoidt.h3
3 files changed, 31 insertions, 6 deletions
diff --git a/security/nss/lib/util/nssutil.h b/security/nss/lib/util/nssutil.h
index b1a7c5fc59..d49a6890c1 100644
--- a/security/nss/lib/util/nssutil.h
+++ b/security/nss/lib/util/nssutil.h
@@ -19,9 +19,9 @@
* The format of the version string should be
* "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]"
*/
-#define NSSUTIL_VERSION "3.98"
+#define NSSUTIL_VERSION "3.99"
#define NSSUTIL_VMAJOR 3
-#define NSSUTIL_VMINOR 98
+#define NSSUTIL_VMINOR 99
#define NSSUTIL_VPATCH 0
#define NSSUTIL_VBUILD 0
#define NSSUTIL_BETA PR_FALSE
diff --git a/security/nss/lib/util/secoid.c b/security/nss/lib/util/secoid.c
index 800cc7ff62..05208eeffa 100644
--- a/security/nss/lib/util/secoid.c
+++ b/security/nss/lib/util/secoid.c
@@ -613,6 +613,22 @@ CONST_OID evIncorporationCountry[] = { EV_NAME_ATTRIBUTE, 3 };
*/
CONST_OID curve25519[] = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01 };
+/*
+ https://oid-rep.orange-labs.fr/get/1.3.101.112
+ A.1. ASN.1 Object for Ed25519
+ id-Ed25519 OBJECT IDENTIFIER ::= { 1.3.101.112 }
+ Parameters are absent. Length is 7 bytes.
+ Binary encoding: 3005 0603 2B65 70
+
+ The same algorithm identifiers are used for identifying a public key,
+ a private key, and a signature (for the two EdDSA related OIDs).
+ Additional encoding information is provided below for each of these
+ locations.
+*/
+
+CONST_OID ed25519PublicKey[] = { 0x2B, 0x65, 0x70 };
+CONST_OID ed25519Signature[] = { 0x2B, 0x65, 0x70 };
+
#define OI(x) \
{ \
siDEROID, (unsigned char *)x, sizeof x \
@@ -1819,6 +1835,13 @@ const static SECOidData oids[SEC_OID_TOTAL] = {
ODE(SEC_OID_XYBER768D00,
"X25519+Kyber768 key exchange", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+
+ OD(ed25519Signature, SEC_OID_ED25519_SIGNATURE, "X9.62 EDDSA signature", CKM_EDDSA,
+ INVALID_CERT_EXTENSION),
+
+ OD(ed25519PublicKey, SEC_OID_ED25519_PUBLIC_KEY,
+ "X9.62 elliptic edwards curve public key", CKM_EC_EDWARDS_KEY_PAIR_GEN, INVALID_CERT_EXTENSION),
+
};
/* PRIVATE EXTENDED SECOID Table
@@ -2133,10 +2156,9 @@ SECOID_Init(void)
for (i = 0; i < SEC_OID_TOTAL; i++) {
oid = &oids[i];
-
PORT_Assert(oid->offset == i);
-
entry = PL_HashTableAdd(oidhash, &oid->oid, (void *)oid);
+
if (entry == NULL) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
PORT_Assert(0); /*This function should never fail. */
@@ -2196,7 +2218,6 @@ SECOID_FindOID(const SECItem *oid)
PORT_SetError(SEC_ERROR_UNRECOGNIZED_OID);
}
}
-
return (ret);
}
@@ -2206,8 +2227,9 @@ SECOID_FindOIDTag(const SECItem *oid)
SECOidData *oiddata;
oiddata = SECOID_FindOID(oid);
- if (oiddata == NULL)
+ if (oiddata == NULL) {
return SEC_OID_UNKNOWN;
+ }
return oiddata->offset;
}
diff --git a/security/nss/lib/util/secoidt.h b/security/nss/lib/util/secoidt.h
index 3ab0d6cc74..f2618d62cb 100644
--- a/security/nss/lib/util/secoidt.h
+++ b/security/nss/lib/util/secoidt.h
@@ -514,6 +514,9 @@ typedef enum {
SEC_OID_XYBER768D00 = 372,
+ SEC_OID_ED25519_SIGNATURE = 373,
+ SEC_OID_ED25519_PUBLIC_KEY = 374,
+
SEC_OID_TOTAL
} SECOidTag;