Hello.
Almost everywhere across NSS the ECC-specific executable code is compiled
conditionally:
#ifndef NSS_ENABLE_ECC
/* ECC-specific executable code ... */
#endif
... but not everywhere. For example,
seckey_ExtractPublicKey() @ cryptohi/seckey.c
http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/cryptohi/seckey.c&rev=1.51&mark=1695-1702,1125-1138#1105
SECKEY_CopyPublicKey() @ cryptohi/seckey.c
http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/cryptohi/seckey.c&rev=1.51&mark=1695-1702,1125-1138#1687
PK11_ImportPublicKey() @ pk11wrap/pk11akey.c
http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/pk11wrap/pk11akey.c&rev=1.29&mark=199-224#188
... aren't conditional.
Conditional ECC compilation occurs at abstraction levels both higher than this
level (in utilities), and lower than this level (softoken, freebl).
So, I am curious, why conditional compilation does not occur for these
particular cases ?
Is this by an oversight or by design ? If by design, what are the guidelines ?
I am asking because "GOST R 34.10-2001" signature/verification algorithm is
also ECC-dependent, and I must decide, which parts of GOST-specific code should be
compiled conditionally, and which shouldn't.
Best regards,
--
Konstantin Andreev, software engineer.
Swemel JSC
--
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
