Add new APIs EC_curve_nist2nid and EC_curve_nid2nist which convert (64095ce9) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

CHANGES

+5 −0

Original line number	Diff line number	Diff line
		@@ -4,6 +4,11 @@

		Changes between 1.0.1 and 1.1.0 [xx XXX xxxx]

		*) Add new APIs EC_curve_nist2nid and EC_curve_nid2nist which convert
		between NIDs and the more common NIST names such as "P-256". Enhance
		ecparam utility and ECC method to recognise the NIST names for curves.
		[Steve Henson]

		*) Enhance SSL/TLS certificate chain handling to support different
		chains for each certificate instead of one chain in the parent SSL_CTX.
		[Steve Henson]

+3 −0

Original line number	Diff line number	Diff line
		@@ -403,6 +403,9 @@ bad:
		else
		nid = OBJ_sn2nid(curve_name);

		if (nid == 0)
		nid = EC_curve_nist2nid(curve_name);

		if (nid == 0)
		{
		BIO_printf(bio_err, "unknown curve name (%s)\n",

+2 −0

Original line number	Diff line number	Diff line
		@@ -398,6 +398,8 @@ typedef struct {
		* are filled with the data of the first nitems internal groups */
		size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);

		const char *EC_curve_nid2nist(int nid);
		int EC_curve_nist2nid(const char *name);

		/********************************************************************/
		/* EC_POINT functions */

+49 −0

Original line number	Diff line number	Diff line
		@@ -71,6 +71,7 @@

		#define OPENSSL_FIPSAPI

		#include <string.h>
		#include "ec_lcl.h"
		#include <openssl/err.h>
		#include <openssl/obj_mac.h>
		@@ -2160,3 +2161,51 @@ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems)

		return curve_list_length;
		}

		/* Functions to translate between common NIST curve names and NIDs */

		typedef struct {
		const char name; / NIST Name of curve */
		int nid; /* Curve NID */
		} EC_NIST_NAME;

		static EC_NIST_NAME nist_curves[] = {
		{"B-163", NID_sect163r2},
		{"B-233", NID_sect233r1},
		{"B-283", NID_sect283r1},
		{"B-409", NID_sect409r1},
		{"B-571", NID_sect571r1},
		{"K-163", NID_sect163k1},
		{"K-233", NID_sect233k1},
		{"K-283", NID_sect283k1},
		{"K-409", NID_sect409k1},
		{"K-571", NID_sect571k1},
		{"P-192", NID_X9_62_prime192v1},
		{"P-224", NID_secp224r1},
		{"P-256", NID_X9_62_prime256v1},
		{"P-384", NID_secp384r1},
		{"P-521", NID_secp521r1}
		};

		const char *EC_curve_nid2nist(int nid)
		{
		size_t i;
		for (i = 0; i < sizeof(nist_curves)/sizeof(EC_NIST_NAME); i++)
		{
		if (nist_curves[i].nid == nid)
		return nist_curves[i].name;
		}
		return NULL;
		}

		int EC_curve_nist2nid(const char *name)
		{
		size_t i;
		for (i = 0; i < sizeof(nist_curves)/sizeof(EC_NIST_NAME); i++)
		{
		if (!strcmp(nist_curves[i].name, name))
		return nist_curves[i].nid;
		}
		return NID_undef;
		}

+3 −1

Original line number	Diff line number	Diff line
		@@ -252,6 +252,8 @@ static int pkey_ec_ctrl_str(EVP_PKEY_CTX *ctx,
		if (!strcmp(type, "ec_paramgen_curve"))
		{
		int nid;
		nid = EC_curve_nist2nid(value);
		if (nid == NID_undef)
		nid = OBJ_sn2nid(value);
		if (nid == NID_undef)
		nid = OBJ_ln2nid(value);