diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2016-05-05 14:40:58 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-05-14 20:00:58 +0900 |
| commit | 435b08b2daeeef125dc1fb43c33756dacb5481d5 (patch) | |
| tree | 8b32a84c92eded1f75ba8c646cec735bf3900be2 /ext/openssl/openssl_missing.c | |
| parent | fe2ba322bfafdbf1a0a195b81f4c241e2841026a (diff) | |
| download | ruby-435b08b2daeeef125dc1fb43c33756dacb5481d5.tar.gz | |
ext/openssl: add SSLContext#set_ecdh_curves
And deprecate #tmp_ecdh_callback.
Since SSL_CTX_set_tmp_ecdh_callback() was removed in OpenSSL 1.1.0, we
can't provide SSLContext#tmp_ecdh_callback anymore. Instead, we should
use SSL_CTX_set1_curves_list() to set the curves and
SSL_CTX_set_ecdh_auto() to make OpenSSL select automatically from the
list.
Diffstat (limited to 'ext/openssl/openssl_missing.c')
| -rw-r--r-- | ext/openssl/openssl_missing.c | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/ext/openssl/openssl_missing.c b/ext/openssl/openssl_missing.c index 131f74d75f..3318880d78 100644 --- a/ext/openssl/openssl_missing.c +++ b/ext/openssl/openssl_missing.c @@ -100,6 +100,42 @@ CRYPTO_memcmp(const volatile void * volatile in_a, } #endif +#if !defined(OPENSSL_NO_EC) +#if !defined(HAVE_EC_CURVE_NIST2NID) +static struct { + const char *name; + int nid; +} nist_curves[] = { + {"B-163", NID_sect163r2}, + {"B-233", NID_sect233r1}, + {"B-283", NID_sect283r1}, + {"B-409", NID_sect409r1}, + {"B-571", NID_sect571r1}, + {"K-163", NID_sect163k1}, + {"K-233", NID_sect233k1}, + {"K-283", NID_sect283k1}, + {"K-409", NID_sect409k1}, + {"K-571", NID_sect571k1}, + {"P-192", NID_X9_62_prime192v1}, + {"P-224", NID_secp224r1}, + {"P-256", NID_X9_62_prime256v1}, + {"P-384", NID_secp384r1}, + {"P-521", NID_secp521r1} +}; + +int +EC_curve_nist2nid(const char *name) +{ + size_t i; + for (i = 0; i < (sizeof(nist_curves) / sizeof(nist_curves[0])); i++) { + if (!strcmp(nist_curves[i].name, name)) + return nist_curves[i].nid; + } + return NID_undef; +} +#endif +#endif + /*** added in 1.1.0 ***/ #if !defined(HAVE_HMAC_CTX_NEW) HMAC_CTX * |