While we don't explicitly support curve secp256r1, we can run 1250 tests

against its ANSI equivalent prime256v1 (compare RFC 4492, Appendix A).

1 files changed, 2 insertions, 11 deletions

diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
index e00edc03a2..92313f4afc 100644
--- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go
+++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go
@@ -1,4 +1,4 @@
-/* $OpenBSD: wycheproof.go,v 1.67 2018/09/30 10:56:46 tb Exp $ */
+/* $OpenBSD: wycheproof.go,v 1.68 2018/10/04 18:25:50 tb Exp $ */
 /*
  * Copyright (c) 2018 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -274,6 +274,7 @@ var nids = map[string]int{
         "brainpoolP512t1": C.NID_brainpoolP512t1,
         "secp224r1":       C.NID_secp224r1,
         "secp256k1":       C.NID_secp256k1,
+        "secp256r1":       C.NID_X9_62_prime256v1, // RFC 4492, Table 6, p.32
         "secp384r1":       C.NID_secp384r1,
         "secp521r1":       C.NID_secp521r1,
         "SHA-1":           C.NID_sha1,
@@ -1224,11 +1225,6 @@ func runECDHTest(nid int, doECpoint bool, wt *wycheproofTestECDH) bool {
 }
 
 func runECDHTestGroup(algorithm string, wtg *wycheproofTestGroupECDH) bool {
-        // No secp256r1 support.
-        if wtg.Curve == "secp256r1" {
-                return true
-        }
-
         doECpoint := false
         if wtg.Encoding == "ecpoint" {
                 doECpoint = true
@@ -1288,11 +1284,6 @@ func runECDSATest(ecKey *C.EC_KEY, nid int, h hash.Hash, wt *wycheproofTestECDSA
 }
 
 func runECDSATestGroup(algorithm string, wtg *wycheproofTestGroupECDSA) bool {
-        // No secp256r1 support.
-        if wtg.Key.Curve == "secp256r1" {
-                return true
-        }
-
         fmt.Printf("Running %v test group %v with curve %v, key size %d and %v...\n", algorithm, wtg.Type, wtg.Key.Curve, wtg.Key.KeySize, wtg.SHA)
 
         nid, err := nidFromString(wtg.Key.Curve)