Skip to content

Commit 4944226

Browse files
nabla-c0d3nabla-c0d3
committed
Add brainpool curves and support unknown curves
1 parent 43be7b8 commit 4944226

File tree

1 file changed

+36
-21
lines changed

1 file changed

+36
-21
lines changed

nassl/ephemeral_key_info.py

Lines changed: 36 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,22 @@ class OpenSslEcNidEnum(IntEnum):
5252
X25519 = 1034
5353
X448 = 1035
5454

55+
# Brainpool
56+
brainpoolP160r1 = 921
57+
brainpoolP160t1 = 922
58+
brainpoolP192r1 = 923
59+
brainpoolP192t1 = 924
60+
brainpoolP224r1 = 925
61+
brainpoolP224t1 = 926
62+
brainpoolP256r1 = 927
63+
brainpoolP256t1 = 928
64+
brainpoolP320r1 = 929
65+
brainpoolP320t1 = 930
66+
brainpoolP384r1 = 931
67+
brainpoolP384t1 = 932
68+
brainpoolP512r1 = 933
69+
brainpoolP512t1 = 934
70+
5571

5672
# Mapping between OpenSSL EVP_PKEY_XXX value and display name
5773
_OPENSSL_EVP_PKEY_TO_NAME_MAPPING: Dict[OpenSslEvpPkeyEnum, str] = {
@@ -62,26 +78,6 @@ class OpenSslEcNidEnum(IntEnum):
6278
}
6379

6480

65-
# Mapping between the OpenSSL NID_XXX value and NIST name defined in https://tools.ietf.org/html/rfc4492
66-
_OPENSSL_NID_TO_NIST_MAPPING: Dict[OpenSslEcNidEnum, str] = {
67-
OpenSslEcNidEnum.SECT163R2: "B-163",
68-
OpenSslEcNidEnum.SECT233R1: "B-233",
69-
OpenSslEcNidEnum.SECT283R1: "B-283",
70-
OpenSslEcNidEnum.SECT409R1: "B-409",
71-
OpenSslEcNidEnum.SECT571R1: "B-571",
72-
OpenSslEcNidEnum.SECT163K1: "K-163",
73-
OpenSslEcNidEnum.SECT233K1: "K-233",
74-
OpenSslEcNidEnum.SECT283K1: "K-283",
75-
OpenSslEcNidEnum.SECT409K1: "K-409",
76-
OpenSslEcNidEnum.SECT571K1: "K-571",
77-
OpenSslEcNidEnum.PRIME192V1: "P-192",
78-
OpenSslEcNidEnum.SECP224R1: "P-224",
79-
OpenSslEcNidEnum.PRIME256V1: "P-256",
80-
OpenSslEcNidEnum.SECP384R1: "P-384",
81-
OpenSslEcNidEnum.SECP521R1: "P-521",
82-
}
83-
84-
8581
# Mapping between the OpenSSL NID_XXX value and the SECG or ANSI X9.62 name (https://tools.ietf.org/html/rfc4492)
8682
# Where a ANSI X9.62 name is available, this is used in preference to the SECG
8783
# X25519 and X448 also included from https://tools.ietf.org/html/rfc8422
@@ -113,6 +109,20 @@ class OpenSslEcNidEnum(IntEnum):
113109
OpenSslEcNidEnum.SECP521R1: "secp521r1",
114110
OpenSslEcNidEnum.X25519: "X25519",
115111
OpenSslEcNidEnum.X448: "X448",
112+
OpenSslEcNidEnum.brainpoolP160r1: "brainpoolP160r1",
113+
OpenSslEcNidEnum.brainpoolP160t1: "brainpoolP160t1",
114+
OpenSslEcNidEnum.brainpoolP192r1: "brainpoolP192r1",
115+
OpenSslEcNidEnum.brainpoolP192t1: "brainpoolP192t1",
116+
OpenSslEcNidEnum.brainpoolP224r1: "brainpoolP224r1",
117+
OpenSslEcNidEnum.brainpoolP224t1: "brainpoolP224t1",
118+
OpenSslEcNidEnum.brainpoolP256r1: "brainpoolP256r1",
119+
OpenSslEcNidEnum.brainpoolP256t1: "brainpoolP256t1",
120+
OpenSslEcNidEnum.brainpoolP320r1: "brainpoolP320r1",
121+
OpenSslEcNidEnum.brainpoolP320t1: "brainpoolP320t1",
122+
OpenSslEcNidEnum.brainpoolP384r1: "brainpoolP384r1",
123+
OpenSslEcNidEnum.brainpoolP384t1: "brainpoolP384t1",
124+
OpenSslEcNidEnum.brainpoolP512r1: "brainpoolP512r1",
125+
OpenSslEcNidEnum.brainpoolP512t1: "brainpoolP512t1",
116126
}
117127

118128

@@ -137,8 +147,13 @@ class EcDhEphemeralKeyInfo(EphemeralKeyInfo):
137147

138148
def __post_init__(self) -> None:
139149
super().__post_init__()
150+
try:
151+
curve_name = _OPENSSL_NID_TO_SECG_ANSI_X9_62[self.curve]
152+
except KeyError:
153+
curve_name = f"unknown-curve-with-id-{self.curve.value}"
154+
140155
# Required because of frozen=True; https://docs.python.org/3/library/dataclasses.html#frozen-instances
141-
object.__setattr__(self, "curve_name", _OPENSSL_NID_TO_SECG_ANSI_X9_62[self.curve])
156+
object.__setattr__(self, "curve_name", curve_name)
142157

143158

144159
@dataclass(frozen=True)

0 commit comments

Comments
 (0)