oid: Fix confusing identifiers for elliptic curves over prime fields

SECT (indicating a binary field) was incorrectly used in constants for
the SECP (prime field) curves.

diff --git a/src/libcharon/plugins/ipseckey/ipseckey_cred.c b/src/libcharon/plugins/ipseckey/ipseckey_cred.c
index 238f0bdc4e762be851bc70f211f8e5fe14b280a2..f3e8c8fb48abf9f7fbc58b110b7246dd4a1e58ef 100644 (file)
--- a/src/libcharon/plugins/ipseckey/ipseckey_cred.c
+++ b/src/libcharon/plugins/ipseckey/ipseckey_cred.c
@@ -112,7 +112,7 @@ METHOD(enumerator_t, cert_enumerator_enumerate, bool,
                                }
                                else if (key.len == 96)
                                {
-                                       curve = OID_SECT384R1;
+                                       curve = OID_SECP384R1;
                                }
                                if (curve)
                                {

diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt
index c3509102276bd93c6c82d74e97bcbf3244648e70..8fcfe5352476f9ff503234cc5ad672208d228647 100644 (file)
--- a/src/libstrongswan/asn1/oid.txt
+++ b/src/libstrongswan/asn1/oid.txt
@@ -386,11 +386,11 @@
         0x03                 "sect239k1"                               OID_SECT239K1
         0x04                 "sect113r1"                               OID_SECT113R1
         0x05                 "sect113r2"                               OID_SECT113R2
-        0x06                 "secp112r1"                               OID_SECT112R1
-        0x07                 "secp112r2"                               OID_SECT112R2
-        0x08                 "secp160r1"                               OID_SECT160R1
-        0x09                 "secp160k1"                               OID_SECT160K1
-        0x0A                 "secp256k1"                               OID_SECT256K1
+        0x06                 "secp112r1"                               OID_SECP112R1
+        0x07                 "secp112r2"                               OID_SECP112R2
+        0x08                 "secp160r1"                               OID_SECP160R1
+        0x09                 "secp160k1"                               OID_SECP160K1
+        0x0A                 "secp256k1"                               OID_SECP256K1
         0x0F                 "sect163r2"                               OID_SECT163R2
         0x10                 "sect283k1"                               OID_SECT283K1
         0x11                 "sect283r1"                               OID_SECT283R1
@@ -400,14 +400,14 @@
         0x19                 "sect193r2"                               OID_SECT193R2
         0x1A                 "sect233k1"                               OID_SECT233K1
         0x1B                 "sect233r1"                               OID_SECT233R1
-        0x1C                 "secp128r1"                               OID_SECT128R1
-        0x1D                 "secp128r2"                               OID_SECT128R2
-        0x1E                 "secp160r2"                               OID_SECT160R2
-        0x1F                 "secp192k1"                               OID_SECT192K1
-        0x20                 "secp224k1"                               OID_SECT224K1
-        0x21                 "secp224r1"                               OID_SECT224R1
-        0x22                 "secp384r1"                               OID_SECT384R1
-        0x23                 "secp521r1"                               OID_SECT521R1
+        0x1C                 "secp128r1"                               OID_SECP128R1
+        0x1D                 "secp128r2"                               OID_SECP128R2
+        0x1E                 "secp160r2"                               OID_SECP160R2
+        0x1F                 "secp192k1"                               OID_SECP192K1
+        0x20                 "secp224k1"                               OID_SECP224K1
+        0x21                 "secp224r1"                               OID_SECP224R1
+        0x22                 "secp384r1"                               OID_SECP384R1
+        0x23                 "secp521r1"                               OID_SECP521R1
         0x24                 "sect409k1"                               OID_SECT409K1
         0x25                 "sect409r1"                               OID_SECT409R1
         0x26                 "sect571k1"                               OID_SECT571K1

diff --git a/src/libstrongswan/plugins/botan/botan_ec_private_key.c b/src/libstrongswan/plugins/botan/botan_ec_private_key.c
index 326d3eb1f6de1af1a84bf9036b9bfc8f511e9bae..79b7e81e292907d0db328643859a9880fbaf61d9 100644 (file)
--- a/src/libstrongswan/plugins/botan/botan_ec_private_key.c
+++ b/src/libstrongswan/plugins/botan/botan_ec_private_key.c
@@ -316,11 +316,11 @@ botan_ec_private_key_t *botan_ec_private_key_gen(key_type_t type, va_list args)
                        break;
                case 384:
                        curve = "secp384r1";
-                       oid = OID_SECT384R1;
+                       oid = OID_SECP384R1;
                        break;
                case 521:
                        curve = "secp521r1";
-                       oid = OID_SECT521R1;
+                       oid = OID_SECP521R1;
                        break;
                default:
                        DBG1(DBG_LIB, "EC private key size %d not supported via botan",

diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
index a75cec67464efa2a0e1dabb38120f53c89d26b39..892bb5b47416acf7f3ca68ddc3ada2413fcc4b80 100644 (file)
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
@@ -403,13 +403,13 @@ static chunk_t ecparams_lookup(key_exchange_method_t group)
                case ECP_192_BIT:
                        return asn1_build_known_oid(OID_PRIME192V1);
                case ECP_224_BIT:
-                       return asn1_build_known_oid(OID_SECT224R1);
+                       return asn1_build_known_oid(OID_SECP224R1);
                case ECP_256_BIT:
                        return asn1_build_known_oid(OID_PRIME256V1);
                case ECP_384_BIT:
-                       return asn1_build_known_oid(OID_SECT384R1);
+                       return asn1_build_known_oid(OID_SECP384R1);
                case ECP_521_BIT:
-                       return asn1_build_known_oid(OID_SECT521R1);
+                       return asn1_build_known_oid(OID_SECP521R1);
                default:
                        break;
        }

diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c b/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c
index 1f06f83965d0544eadb2258de6b950cfdcc7786d..70dbbf56ca215a8f942b33ccf3c00b2c0e9cee8f 100644 (file)
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c
@@ -90,13 +90,13 @@ static size_t basepoint_order_len(int oid)
        {
                case OID_PRIME192V1:
                        return 192;
-               case OID_SECT224R1:
+               case OID_SECP224R1:
                        return 224;
                case OID_PRIME256V1:
                        return 256;
-               case OID_SECT384R1:
+               case OID_SECP384R1:
                        return 384;
-               case OID_SECT521R1:
+               case OID_SECP521R1:
                        return 521;
                default:
                        return 0;

diff --git a/src/libstrongswan/plugins/sshkey/sshkey_builder.c b/src/libstrongswan/plugins/sshkey/sshkey_builder.c
index 728860ecbb5f5d829663f137ad7ee33ebd3db036..f806dd6fd6068fcc7f8a192f69c4a3e3cfd3d031 100644 (file)
--- a/src/libstrongswan/plugins/sshkey/sshkey_builder.c
+++ b/src/libstrongswan/plugins/sshkey/sshkey_builder.c
@@ -41,11 +41,11 @@ static chunk_t parse_ec_identifier(chunk_t identifier)
        }
        else if (chunk_equals(identifier, chunk_from_str("nistp384")))
        {
-               oid = asn1_build_known_oid(OID_SECT384R1);
+               oid = asn1_build_known_oid(OID_SECP384R1);
        }
        else if (chunk_equals(identifier, chunk_from_str("nistp521")))
        {
-               oid = asn1_build_known_oid(OID_SECT521R1);
+               oid = asn1_build_known_oid(OID_SECP521R1);
        }
        else
        {

diff --git a/src/libstrongswan/plugins/sshkey/sshkey_encoder.c b/src/libstrongswan/plugins/sshkey/sshkey_encoder.c
index c12724dbfac7f298d83dd5c24280efc8a7266d5c..7bd4238c717374274656dda8e84804a9cbd92b0c 100644 (file)
--- a/src/libstrongswan/plugins/sshkey/sshkey_encoder.c
+++ b/src/libstrongswan/plugins/sshkey/sshkey_encoder.c
@@ -35,10 +35,10 @@ static void write_ec_identifier(bio_writer_t *writer, char *prefix, int oid,
                case OID_PRIME256V1:
                        curve = strdup("nistp256");
                        break;
-               case OID_SECT384R1:
+               case OID_SECP384R1:
                        curve = strdup("nistp384");
                        break;
-               case OID_SECT521R1:
+               case OID_SECP521R1:
                        curve = strdup("nistp521");
                        break;
                default:

diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_ec_private_key.c b/src/libstrongswan/plugins/wolfssl/wolfssl_ec_private_key.c
index 2d04d0764ccc23545c24d91c905a7d872be43efa..884bbe077a727ccf58ce8addb6f4215a172f300b 100644 (file)
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_ec_private_key.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_ec_private_key.c
@@ -491,13 +491,13 @@ wolfssl_ec_private_key_t *wolfssl_ec_private_key_load(key_type_t type,
                                                oid = OID_UNKNOWN;
                                        }
                                        break;
-                               case OID_SECT384R1:
+                               case OID_SECP384R1:
                                        if (this->ec.dp->id != ECC_SECP384R1)
                                        {
                                                oid = OID_UNKNOWN;
                                        }
                                        break;
-                               case OID_SECT521R1:
+                               case OID_SECP521R1:
                                        if (this->ec.dp->id != ECC_SECP521R1)
                                        {
                                                oid = OID_UNKNOWN;

diff --git a/src/libtpmtss/tpm_tss_tss2_v1.c b/src/libtpmtss/tpm_tss_tss2_v1.c
index 162f10acd4701a75a91f5203a55a6e3256f29923..47073d9da7612823329ec60aa6ee572ac6a0d48d 100644 (file)
--- a/src/libtpmtss/tpm_tss_tss2_v1.c
+++ b/src/libtpmtss/tpm_tss_tss2_v1.c
@@ -642,7 +642,7 @@ METHOD(tpm_tss_t, get_public, chunk_t,
                                                        asn1_wrap(ASN1_SEQUENCE, "mm",
                                                                asn1_build_known_oid(OID_EC_PUBLICKEY),
                                                                asn1_build_known_oid(ecc->x.t.size == 32 ?
-                                                                               OID_PRIME256V1 : OID_SECT384R1)),
+                                                                               OID_PRIME256V1 : OID_SECP384R1)),
                                                        ecc_point);
                        break;
                }

diff --git a/src/libtpmtss/tpm_tss_tss2_v2.c b/src/libtpmtss/tpm_tss_tss2_v2.c
index 95fe05c0321e4e427f7883ac4108370a7fc59b68..c96fea3c4ec6ee122e940f6abb0b4265cd027e5e 100644 (file)
--- a/src/libtpmtss/tpm_tss_tss2_v2.c
+++ b/src/libtpmtss/tpm_tss_tss2_v2.c
@@ -621,16 +621,16 @@ METHOD(tpm_tss_t, get_public, chunk_t,
                                        curve_oid = OID_PRIME192V1;
                                        break;
                                case TPM2_ECC_NIST_P224:
-                                       curve_oid = OID_SECT224R1;
+                                       curve_oid = OID_SECP224R1;
                                        break;
                                case TPM2_ECC_NIST_P256:
                                        curve_oid = OID_PRIME256V1;
                                        break;
                                case TPM2_ECC_NIST_P384:
-                                       curve_oid = OID_SECT384R1;
+                                       curve_oid = OID_SECP384R1;
                                        break;
                                case TPM2_ECC_NIST_P521:
-                                       curve_oid = OID_SECT521R1;
+                                       curve_oid = OID_SECP521R1;
                                        break;
                                default:
                                        DBG1(DBG_PTS, "ECC curve type not supported");