kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Support additional curve names.

Browse Source 
Node's default settings spell P-256 as prime256v1. This comes from
OpenSSL additionally allowing the long and short names of each curve's
NID. This works out to one additional name per curve for the ones we
support. To avoid depending on the giant OID table, this replicates the
names in libssl.

Change-Id: I456a2db6939eb6745e5a9d2f12cf6886e6265b9f
Reviewed-on: https://boringssl-review.googlesource.com/22545
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin 2017-11-02 20:44:26 -04:00 committed by CQ bot account: commit-bot@chromium.org
parent a02ed04d52
commit 6dda166d21
2 changed files with 20 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
ssl/ssl_key_share.cc
View File

@ -171,13 +171,13 @@ class X25519KeyShare : public SSLKeyShare {
CONSTEXPR_ARRAY struct { CONSTEXPR_ARRAY struct {
int nid; int nid;
uint16_t group_id; uint16_t group_id;
const char name[8]; const char name[8], alias[11];
} kNamedGroups[] = { } kNamedGroups[] = {
{NID_secp224r1, SSL_CURVE_SECP224R1, "P-224"}, {NID_secp224r1, SSL_CURVE_SECP224R1, "P-224", "secp224r1"},
{NID_X9_62_prime256v1, SSL_CURVE_SECP256R1, "P-256"}, {NID_X9_62_prime256v1, SSL_CURVE_SECP256R1, "P-256", "prime256v1"},
{NID_secp384r1, SSL_CURVE_SECP384R1, "P-384"}, {NID_secp384r1, SSL_CURVE_SECP384R1, "P-384", "secp384r1"},
{NID_secp521r1, SSL_CURVE_SECP521R1, "P-521"}, {NID_secp521r1, SSL_CURVE_SECP521R1, "P-521", "secp521r1"},
{NID_X25519, SSL_CURVE_X25519, "X25519"}, {NID_X25519, SSL_CURVE_X25519, "X25519", "x25519"},
}; };
} // namespace } // namespace
@ -227,6 +227,11 @@ int ssl_name_to_group_id(uint16_t *out_group_id, const char *name, size_t len) {
*out_group_id = group.group_id; *out_group_id = group.group_id;
return 1; return 1;
} }
if (len == strlen(group.alias) &&
!strncmp(group.alias, name, len)) {
*out_group_id = group.group_id;
return 1;
}
} }
return 0; return 0;
} }

9
ssl/ssl_test.cc
View File

@ -379,6 +379,15 @@ static const CurveTest kCurveTests[] = {
SSL_CURVE_X25519, SSL_CURVE_X25519,
}, },
}, },
{
"prime256v1:secp384r1:secp521r1:x25519",
{
SSL_CURVE_SECP256R1,
SSL_CURVE_SECP384R1,
SSL_CURVE_SECP521R1,
SSL_CURVE_X25519,
},
},
}; };
static const char *kBadCurvesLists[] = { static const char *kBadCurvesLists[] = {