1 /***************************************************************************
2 * Copyright (c) 2024 Microsoft Corporation
3 *
4 * This program and the accompanying materials are made available under the
5 * terms of the MIT License which is available at
6 * https://opensource.org/licenses/MIT.
7 *
8 * SPDX-License-Identifier: MIT
9 **************************************************************************/
10
11
12 /**************************************************************************/
13 /**************************************************************************/
14 /** */
15 /** NetX Secure Component */
16 /** */
17 /** Transport Layer Security (TLS) */
18 /** */
19 /**************************************************************************/
20 /**************************************************************************/
21
22 #define NX_SECURE_SOURCE_CODE
23
24 #include "nx_secure_tls.h"
25
26 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE
27
28 /**************************************************************************/
29 /* */
30 /* FUNCTION RELEASE */
31 /* */
32 /* _nx_secure_tls_find_curve_method PORTABLE C */
33 /* 6.2.0 */
34 /* AUTHOR */
35 /* */
36 /* Timothy Stapko, Microsoft Corporation */
37 /* */
38 /* DESCRIPTION */
39 /* */
40 /* This function finds the curve method for the specified named curve */
41 /* ID. */
42 /* */
43 /* INPUT */
44 /* */
45 /* tls_session TLS control block */
46 /* named_curve Named curve ID */
47 /* curve_method Pointer to hold the curve */
48 /* method */
49 /* curve_priority Pointer to return value for */
50 /* priority value */
51 /* */
52 /* OUTPUT */
53 /* */
54 /* status Completion status */
55 /* */
56 /* CALLS */
57 /* */
58 /* None */
59 /* */
60 /* CALLED BY */
61 /* */
62 /* _nx_secure_tls_generate_premaster_secret */
63 /* Generate Pre-Master Secret */
64 /* _nx_secure_tls_process_certificate_verify */
65 /* Process CertificateVerify */
66 /* _nx_secure_tls_proc_clienthello_sec_sa_extension */
67 /* Process supported groups */
68 /* extensions in ClientHello */
69 /* _nx_secure_tls_process_client_key_exchange */
70 /* Process ClientKeyExchange */
71 /* _nx_secure_tls_process_server_key_exchange */
72 /* Process ServerKeyExchange */
73 /* _nx_secure_tls_send_certificate_verify */
74 /* Send CertificateVerify */
75 /* _nx_secure_tls_send_server_key_exchange */
76 /* Send ServerKeyExchange */
77 /* */
78 /* RELEASE HISTORY */
79 /* */
80 /* DATE NAME DESCRIPTION */
81 /* */
82 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
83 /* 09-30-2020 Timothy Stapko Modified comment(s), added */
84 /* curve priority return value,*/
85 /* resulting in version 6.1 */
86 /* 04-02-2021 Timothy Stapko Modified comment(s), added */
87 /* ECC curve table in X509, */
88 /* resulting in version 6.1.6 */
89 /* 10-31-2022 Yanwu Cai Modified comment(s), */
90 /* updated parameters list, */
91 /* resulting in version 6.2.0 */
92 /* */
93 /**************************************************************************/
_nx_secure_tls_find_curve_method(NX_SECURE_TLS_ECC * tls_ecc,USHORT named_curve,const NX_CRYPTO_METHOD ** curve_method,UINT * curve_priority)94 UINT _nx_secure_tls_find_curve_method(NX_SECURE_TLS_ECC *tls_ecc, USHORT named_curve,
95 const NX_CRYPTO_METHOD **curve_method, UINT *curve_priority)
96 {
97 USHORT i;
98
99 *curve_method = NX_NULL;
100
101 /* Find out the curve method for the named curve. */
102 for (i = 0; i < tls_ecc -> nx_secure_tls_ecc_supported_groups_count; i++)
103 {
104 if (named_curve == tls_ecc -> nx_secure_tls_ecc_supported_groups[i])
105 {
106 *curve_method = tls_ecc -> nx_secure_tls_ecc_curves[i];
107
108 /* The index in the supported list is the curve priority: lower value == higher priority. */
109 if(curve_priority != NX_NULL)
110 {
111 *curve_priority = i;
112 }
113 break;
114 }
115 }
116
117 if (*curve_method == NX_NULL)
118 {
119 return(NX_CRYTPO_MISSING_ECC_CURVE);
120 }
121
122 return(NX_SUCCESS);
123 }
124 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */
125
