summaryrefslogtreecommitdiff
path: root/key.c
diff options
context:
space:
mode:
Diffstat (limited to 'key.c')
-rw-r--r--key.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/key.c b/key.c
index 90f0a0173..bc84953f3 100644
--- a/key.c
+++ b/key.c
@@ -918,7 +918,9 @@ static const struct keytype keytypes[] = {
918#ifdef OPENSSL_HAS_ECC 918#ifdef OPENSSL_HAS_ECC
919 { "ecdsa-sha2-nistp256", "ECDSA", KEY_ECDSA, NID_X9_62_prime256v1, 0 }, 919 { "ecdsa-sha2-nistp256", "ECDSA", KEY_ECDSA, NID_X9_62_prime256v1, 0 },
920 { "ecdsa-sha2-nistp384", "ECDSA", KEY_ECDSA, NID_secp384r1, 0 }, 920 { "ecdsa-sha2-nistp384", "ECDSA", KEY_ECDSA, NID_secp384r1, 0 },
921# ifdef OPENSSL_HAS_NISTP521
921 { "ecdsa-sha2-nistp521", "ECDSA", KEY_ECDSA, NID_secp521r1, 0 }, 922 { "ecdsa-sha2-nistp521", "ECDSA", KEY_ECDSA, NID_secp521r1, 0 },
923# endif
922#endif /* OPENSSL_HAS_ECC */ 924#endif /* OPENSSL_HAS_ECC */
923 { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", KEY_RSA_CERT, 0, 1 }, 925 { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", KEY_RSA_CERT, 0, 1 },
924 { "ssh-dss-cert-v01@openssh.com", "DSA-CERT", KEY_DSA_CERT, 0, 1 }, 926 { "ssh-dss-cert-v01@openssh.com", "DSA-CERT", KEY_DSA_CERT, 0, 1 },
@@ -927,8 +929,10 @@ static const struct keytype keytypes[] = {
927 KEY_ECDSA_CERT, NID_X9_62_prime256v1, 1 }, 929 KEY_ECDSA_CERT, NID_X9_62_prime256v1, 1 },
928 { "ecdsa-sha2-nistp384-cert-v01@openssh.com", "ECDSA-CERT", 930 { "ecdsa-sha2-nistp384-cert-v01@openssh.com", "ECDSA-CERT",
929 KEY_ECDSA_CERT, NID_secp384r1, 1 }, 931 KEY_ECDSA_CERT, NID_secp384r1, 1 },
932# ifdef OPENSSL_HAS_NISTP521
930 { "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT", 933 { "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT",
931 KEY_ECDSA_CERT, NID_secp521r1, 1 }, 934 KEY_ECDSA_CERT, NID_secp521r1, 1 },
935# endif
932#endif /* OPENSSL_HAS_ECC */ 936#endif /* OPENSSL_HAS_ECC */
933 { "ssh-rsa-cert-v00@openssh.com", "RSA-CERT-V00", 937 { "ssh-rsa-cert-v00@openssh.com", "RSA-CERT-V00",
934 KEY_RSA_CERT_V00, 0, 1 }, 938 KEY_RSA_CERT_V00, 0, 1 },
@@ -1100,8 +1104,10 @@ key_ecdsa_bits_to_nid(int bits)
1100 return NID_X9_62_prime256v1; 1104 return NID_X9_62_prime256v1;
1101 case 384: 1105 case 384:
1102 return NID_secp384r1; 1106 return NID_secp384r1;
1107# ifdef HAVE_OPENSSL_NISTP521
1103 case 521: 1108 case 521:
1104 return NID_secp521r1; 1109 return NID_secp521r1;
1110# endif
1105#endif 1111#endif
1106 default: 1112 default:
1107 return -1; 1113 return -1;
@@ -1116,7 +1122,9 @@ key_ecdsa_key_to_nid(EC_KEY *k)
1116 int nids[] = { 1122 int nids[] = {
1117 NID_X9_62_prime256v1, 1123 NID_X9_62_prime256v1,
1118 NID_secp384r1, 1124 NID_secp384r1,
1125# ifdef OPENSSL_HAS_NISTP521
1119 NID_secp521r1, 1126 NID_secp521r1,
1127# endif
1120 -1 1128 -1
1121 }; 1129 };
1122 int nid; 1130 int nid;
@@ -2031,8 +2039,10 @@ key_curve_name_to_nid(const char *name)
2031 return NID_X9_62_prime256v1; 2039 return NID_X9_62_prime256v1;
2032 else if (strcmp(name, "nistp384") == 0) 2040 else if (strcmp(name, "nistp384") == 0)
2033 return NID_secp384r1; 2041 return NID_secp384r1;
2042# ifdef OPENSSL_HAS_NISTP521
2034 else if (strcmp(name, "nistp521") == 0) 2043 else if (strcmp(name, "nistp521") == 0)
2035 return NID_secp521r1; 2044 return NID_secp521r1;
2045# endif
2036#endif 2046#endif
2037 2047
2038 debug("%s: unsupported EC curve name \"%.100s\"", __func__, name); 2048 debug("%s: unsupported EC curve name \"%.100s\"", __func__, name);
@@ -2048,8 +2058,10 @@ key_curve_nid_to_bits(int nid)
2048 return 256; 2058 return 256;
2049 case NID_secp384r1: 2059 case NID_secp384r1:
2050 return 384; 2060 return 384;
2061# ifdef OPENSSL_NAS_NISTP521
2051 case NID_secp521r1: 2062 case NID_secp521r1:
2052 return 521; 2063 return 521;
2064# endif
2053#endif 2065#endif
2054 default: 2066 default:
2055 error("%s: unsupported EC curve nid %d", __func__, nid); 2067 error("%s: unsupported EC curve nid %d", __func__, nid);
@@ -2065,8 +2077,10 @@ key_curve_nid_to_name(int nid)
2065 return "nistp256"; 2077 return "nistp256";
2066 else if (nid == NID_secp384r1) 2078 else if (nid == NID_secp384r1)
2067 return "nistp384"; 2079 return "nistp384";
2080# ifdef OPENSSL_HAS_NISTP521
2068 else if (nid == NID_secp521r1) 2081 else if (nid == NID_secp521r1)
2069 return "nistp521"; 2082 return "nistp521";
2083# endif
2070#endif 2084#endif
2071 error("%s: unsupported EC curve nid %d", __func__, nid); 2085 error("%s: unsupported EC curve nid %d", __func__, nid);
2072 return NULL; 2086 return NULL;
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-13 02:34:05 +0000