diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 5f2bd671..cdad0901 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -525,11 +525,15 @@ static const OQSX_EVP_INFO nids_sig[] = { }; // These two array need to stay synced: // note only leading 4 chars of alg name are checked -static const char *OQSX_ECP_NAMES[] = {"p256", "p384", "p521", 0}; +static const char *OQSX_ECP_NAMES[] = {"p256", "p384", "p521", "SecP256r1", "SecP384r1", "SecP521r1", 0}; static const OQSX_EVP_INFO nids_ecp[] = { {EVP_PKEY_EC, NID_X9_62_prime256v1, 0, 65, 121, 32, 0}, // 128 bit {EVP_PKEY_EC, NID_secp384r1, 0, 97, 167, 48, 0}, // 192 bit - {EVP_PKEY_EC, NID_secp521r1, 0, 133, 223, 66, 0} // 256 bit + {EVP_PKEY_EC, NID_secp521r1, 0, 133, 223, 66, 0}, // 256 bit + {EVP_PKEY_EC, NID_X9_62_prime256v1, 0, 65, 121, 32, 0}, // 128 bit + {EVP_PKEY_EC, NID_secp384r1, 0, 97, 167, 48, 0}, // 192 bit + {EVP_PKEY_EC, NID_secp521r1, 0, 133, 223, 66, 0}, // 256 bit + {0, 0, 0, 0, 0, 0, 0} // 256 bit }; // These two array need to stay synced: @@ -610,12 +614,13 @@ static int oqsx_hybsig_init(int bit_security, OQSX_EVP_CTX *evp_ctx, static const int oqshybkem_init_ecp(char *tls_name, OQSX_EVP_CTX *evp_ctx) { int ret = 1; int idx = 0; + while (idx < OSSL_NELEM(OQSX_ECP_NAMES)) { - if (!strncmp(tls_name, OQSX_ECP_NAMES[idx], 4)) + if (!strncmp(tls_name, OQSX_ECP_NAMES[idx], (idx < 3) ? 4 : 7)) break; idx++; } - ON_ERR_GOTO(idx < 0 || idx > 2, err_init_ecp); + ON_ERR_GOTO(idx < 0 || idx > 6, err_init_ecp); evp_ctx->evp_info = &nids_ecp[idx]; @@ -645,7 +650,7 @@ static const int oqshybkem_init_ecx(char *tls_name, OQSX_EVP_CTX *evp_ctx) { break; idx++; } - ON_ERR_GOTO(idx < 0 || idx > 2, err_init_ecx); + ON_ERR_GOTO(idx < 0 || idx > 4, err_init_ecx); evp_ctx->evp_info = &nids_ecx[idx];