diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-26 16:29:58 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-27 23:07:42 +0900 |
| commit | 7e17fed37fb0da9e610156efe2b51ea182a21aa5 (patch) | |
| tree | 44806f96c5caba66df8f889c07b6064a155f4a47 /ext/openssl/openssl_missing.c | |
| parent | 77de40a74e687f54647eaf84708aa163a3b5488c (diff) | |
| download | ruby-7e17fed37fb0da9e610156efe2b51ea182a21aa5.tar.gz | |
ext/openssl: add SSLContext#set_ecdh_curves
And deprecate #tmp_ecdh_callback.
Since SSL_CTX_set_tmp_ecdh_callback() was removed in OpenSSL 1.1.0, we
can't provide SSLContext#tmp_ecdh_callback anymore. Instead, we should
use SSL_CTX_set1_curves_list() to set the curves and
SSL_CTX_set_ecdh_auto() to make OpenSSL select automatically from the
list.
Diffstat (limited to 'ext/openssl/openssl_missing.c')
| -rw-r--r-- | ext/openssl/openssl_missing.c | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/ext/openssl/openssl_missing.c b/ext/openssl/openssl_missing.c index 3afba5c8b7..b62d58d444 100644 --- a/ext/openssl/openssl_missing.c +++ b/ext/openssl/openssl_missing.c @@ -99,6 +99,42 @@ CRYPTO_memcmp(const volatile void * volatile in_a, } #endif +#if !defined(OPENSSL_NO_EC) +#if !defined(HAVE_EC_CURVE_NIST2NID) +static struct { + const char *name; + int nid; +} nist_curves[] = { + {"B-163", NID_sect163r2}, + {"B-233", NID_sect233r1}, + {"B-283", NID_sect283r1}, + {"B-409", NID_sect409r1}, + {"B-571", NID_sect571r1}, + {"K-163", NID_sect163k1}, + {"K-233", NID_sect233k1}, + {"K-283", NID_sect283k1}, + {"K-409", NID_sect409k1}, + {"K-571", NID_sect571k1}, + {"P-192", NID_X9_62_prime192v1}, + {"P-224", NID_secp224r1}, + {"P-256", NID_X9_62_prime256v1}, + {"P-384", NID_secp384r1}, + {"P-521", NID_secp521r1} +}; + +int +EC_curve_nist2nid(const char *name) +{ + size_t i; + for (i = 0; i < (sizeof(nist_curves) / sizeof(nist_curves[0])); i++) { + if (!strcmp(nist_curves[i].name, name)) + return nist_curves[i].nid; + } + return NID_undef; +} +#endif +#endif + /*** added in 1.1.0 ***/ #if !defined(HAVE_HMAC_CTX_NEW) HMAC_CTX * |