]> git.ipfire.org Git - thirdparty/hostap.git/commitdiff
projects / thirdparty / hostap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4584b66)
OpenSSL: Add support for Brainpool Elliptic Curves
authorJouni Malinen <j@w1.fi>
Thu, 25 Jun 2015 19:17:28 +0000 (22:17 +0300)
committerJouni Malinen <j@w1.fi>
Fri, 26 Jun 2015 19:41:51 +0000 (22:41 +0300)
This allows the IKE groups 27-30 (RFC 6932) to be used with OpenSSL
1.0.2 and newer. For now, these get enabled for SAE as configurable
groups (sae_groups parameter), but the new groups are not enabled by
default.

Signed-off-by: Jouni Malinen <j@w1.fi>
src/crypto/crypto_openssl.c patch | blob | blame | history

diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index 33e3c4fd964e5bbab99fd082f4f8a6c58d116f78..dbe812c652f60bdae1f63c145b85c0153e0ac56f 100644 (file)
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -1138,6 +1138,26 @@ struct crypto_ec * crypto_ec_init(int group)
        case 26:
                nid = NID_secp224r1;
                break;
+#ifdef NID_brainpoolP224r1
+       case 27:
+               nid = NID_brainpoolP224r1;
+               break;
+#endif /* NID_brainpoolP224r1 */
+#ifdef NID_brainpoolP256r1
+       case 28:
+               nid = NID_brainpoolP256r1;
+               break;
+#endif /* NID_brainpoolP256r1 */
+#ifdef NID_brainpoolP384r1
+       case 29:
+               nid = NID_brainpoolP384r1;
+               break;
+#endif /* NID_brainpoolP384r1 */
+#ifdef NID_brainpoolP512r1
+       case 30:
+               nid = NID_brainpoolP512r1;
+               break;
+#endif /* NID_brainpoolP512r1 */
        default:
                return NULL;
        }
Unnamed repository; edit this file 'description' to name the repository.