Support additional curve names.

Node's default settings spell P-256 as prime256v1. This comes from OpenSSL additionally allowing the long and short names of each curve's NID. This works out to one additional name per curve for the ones we support. To avoid depending on the giant OID table, this replicates the names in libssl. Change-Id: I456a2db6939eb6745e5a9d2f12cf6886e6265b9f Reviewed-on: https://boringssl-review.googlesource.com/22545 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-11-02 20:44:26 -04:00 · 2017-11-02 20:44:26 -04:00 · 6dda166d21
commit 6dda166d21
parent a02ed04d52
2 changed files with 20 additions and 6 deletions
--- a/ssl/ssl_key_share.cc
+++ b/ssl/ssl_key_share.cc
@ -171,13 +171,13 @@ class X25519KeyShare : public SSLKeyShare {
 CONSTEXPR_ARRAY struct {
  int nid;
  uint16_t group_id;
-  const char name[8];
+  const char name[8], alias[11];
 } kNamedGroups[] = {
-    {NID_secp224r1, SSL_CURVE_SECP224R1, "P-224"},
-    {NID_X9_62_prime256v1, SSL_CURVE_SECP256R1, "P-256"},
-    {NID_secp384r1, SSL_CURVE_SECP384R1, "P-384"},
-    {NID_secp521r1, SSL_CURVE_SECP521R1, "P-521"},
-    {NID_X25519, SSL_CURVE_X25519, "X25519"},
+    {NID_secp224r1, SSL_CURVE_SECP224R1, "P-224", "secp224r1"},
+    {NID_X9_62_prime256v1, SSL_CURVE_SECP256R1, "P-256", "prime256v1"},
+    {NID_secp384r1, SSL_CURVE_SECP384R1, "P-384", "secp384r1"},
+    {NID_secp521r1, SSL_CURVE_SECP521R1, "P-521", "secp521r1"},
+    {NID_X25519, SSL_CURVE_X25519, "X25519", "x25519"},
 };

 }  // namespace
@ -227,6 +227,11 @@ int ssl_name_to_group_id(uint16_t *out_group_id, const char *name, size_t len) {
      *out_group_id = group.group_id;
      return 1;
    }
+    if (len == strlen(group.alias) &&
+        !strncmp(group.alias, name, len)) {
+      *out_group_id = group.group_id;
+      return 1;
+    }
  }
  return 0;
 }
--- a/ssl/ssl_test.cc
+++ b/ssl/ssl_test.cc
@ -379,6 +379,15 @@ static const CurveTest kCurveTests[] = {
      SSL_CURVE_X25519,
    },
  },
+  {
+    "prime256v1:secp384r1:secp521r1:x25519",
+    {
+      SSL_CURVE_SECP256R1,
+      SSL_CURVE_SECP384R1,
+      SSL_CURVE_SECP521R1,
+      SSL_CURVE_X25519,
+    },
+  },
 };

 static const char *kBadCurvesLists[] = {