/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
/* For TLS1_VERSION etc */
-#include <openssl/ssl.h>
+#include <openssl/prov_ssl.h>
#include <openssl/params.h>
#include "internal/nelem.h"
#include "internal/tlsgroups.h"
#include "prov/providercommon.h"
-#include "e_os.h"
+#include "internal/e_os.h"
/* If neither ec or dh is available then we have no TLS-GROUP capabilities */
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH)
int maxdtls; /* Maximum DTLS version (or 0 for undefined) */
} TLS_GROUP_CONSTANTS;
-static const TLS_GROUP_CONSTANTS group_list[35] = {
+static const TLS_GROUP_CONSTANTS group_list[] = {
{ OSSL_TLS_GROUP_ID_sect163k1, 80, TLS1_VERSION, TLS1_2_VERSION,
DTLS1_VERSION, DTLS1_2_VERSION },
{ OSSL_TLS_GROUP_ID_sect163r1, 80, TLS1_VERSION, TLS1_2_VERSION,
DTLS1_VERSION, DTLS1_2_VERSION },
{ OSSL_TLS_GROUP_ID_x25519, 128, TLS1_VERSION, 0, DTLS1_VERSION, 0 },
{ OSSL_TLS_GROUP_ID_x448, 224, TLS1_VERSION, 0, DTLS1_VERSION, 0 },
+ { OSSL_TLS_GROUP_ID_brainpoolP256r1_tls13, 128, TLS1_3_VERSION, 0, -1, -1 },
+ { OSSL_TLS_GROUP_ID_brainpoolP384r1_tls13, 192, TLS1_3_VERSION, 0, -1, -1 },
+ { OSSL_TLS_GROUP_ID_brainpoolP512r1_tls13, 256, TLS1_3_VERSION, 0, -1, -1 },
/* Security bit values as given by BN_security_bits() */
{ OSSL_TLS_GROUP_ID_ffdhe2048, 112, TLS1_3_VERSION, 0, -1, -1 },
{ OSSL_TLS_GROUP_ID_ffdhe3072, 128, TLS1_3_VERSION, 0, -1, -1 },
TLS_GROUP_ENTRY("brainpoolP256r1", "brainpoolP256r1", "EC", 25),
TLS_GROUP_ENTRY("brainpoolP384r1", "brainpoolP384r1", "EC", 26),
TLS_GROUP_ENTRY("brainpoolP512r1", "brainpoolP512r1", "EC", 27),
-# endif
TLS_GROUP_ENTRY("x25519", "X25519", "X25519", 28),
TLS_GROUP_ENTRY("x448", "X448", "X448", 29),
+ TLS_GROUP_ENTRY("brainpoolP256r1tls13", "brainpoolP256r1", "EC", 30),
+ TLS_GROUP_ENTRY("brainpoolP384r1tls13", "brainpoolP384r1", "EC", 31),
+ TLS_GROUP_ENTRY("brainpoolP512r1tls13", "brainpoolP512r1", "EC", 32),
+# endif
# endif /* OPENSSL_NO_EC */
# ifndef OPENSSL_NO_DH
/* Security bit values for FFDHE groups are as per RFC 7919 */
- TLS_GROUP_ENTRY("ffdhe2048", "ffdhe2048", "DH", 30),
- TLS_GROUP_ENTRY("ffdhe3072", "ffdhe3072", "DH", 31),
- TLS_GROUP_ENTRY("ffdhe4096", "ffdhe4096", "DH", 32),
- TLS_GROUP_ENTRY("ffdhe6144", "ffdhe6144", "DH", 33),
- TLS_GROUP_ENTRY("ffdhe8192", "ffdhe8192", "DH", 34),
+ TLS_GROUP_ENTRY("ffdhe2048", "ffdhe2048", "DH", 33),
+ TLS_GROUP_ENTRY("ffdhe3072", "ffdhe3072", "DH", 34),
+ TLS_GROUP_ENTRY("ffdhe4096", "ffdhe4096", "DH", 35),
+ TLS_GROUP_ENTRY("ffdhe6144", "ffdhe6144", "DH", 36),
+ TLS_GROUP_ENTRY("ffdhe8192", "ffdhe8192", "DH", 37),
# endif
};
#endif /* !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) */
return 1;
}
-int provider_get_capabilities(void *provctx, const char *capability,
- OSSL_CALLBACK *cb, void *arg)
+int ossl_prov_get_capabilities(void *provctx, const char *capability,
+ OSSL_CALLBACK *cb, void *arg)
{
- if (strcasecmp(capability, "TLS-GROUP") == 0)
+ if (OPENSSL_strcasecmp(capability, "TLS-GROUP") == 0)
return tls_group_capability(cb, arg);
/* We don't support this capability */