diff options
author | Bodo Möller <bodo@openssl.org> | 2002-08-09 08:56:08 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2002-08-09 08:56:08 +0000 |
commit | ea262260469e49149cb10b25a87dfd6ad3fbb4ba (patch) | |
tree | 7032110f80ba1888d7b3047cfbacd2d46e4fb67c /ssl/s3_both.c | |
parent | 17f627931780f000b8dd47fe030c52cc0fa93ef5 (diff) | |
download | openssl-new-ea262260469e49149cb10b25a87dfd6ad3fbb4ba.tar.gz |
ECC ciphersuite support
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
(Authors: Vipul Gupta and Sumit Gupta, Sun Microsystems Laboratories)
Diffstat (limited to 'ssl/s3_both.c')
-rw-r--r-- | ssl/s3_both.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/ssl/s3_both.c b/ssl/s3_both.c index 8864366f59..a5588360e5 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -108,6 +108,11 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECC cipher suite support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ #include <limits.h> #include <string.h> @@ -520,6 +525,23 @@ int ssl_cert_type(X509 *x, EVP_PKEY *pkey) else ret= -1; } } +#ifndef OPENSSL_NO_EC + /* XXX: Structurally, there is no distinction between + * ECDSA and ECDH public keys (both are ECPoints). + * So EVP_PKEY_ECDSA should really be renamed EVP_PKEY_ECC + * (or similar). As for ECC certificates, additional + * information (e.g. in the optional key usage X509v3 + * extension) could be used when available to distinguish + * between ECDH and ECDSA certificates. For now, we do not + * make that distinction here. Instead, we shift the burden + * of checking for appropriate key usage to the SSL code + * responsible for sending/processing ECC certificates. + */ + else if (i == EVP_PKEY_ECDSA) + { + ret = SSL_PKEY_ECC; + } +#endif else ret= -1; |