diff options
| author | tb <> | 2024-12-04 09:50:52 +0000 |
|---|---|---|
| committer | tb <> | 2024-12-04 09:50:52 +0000 |
| commit | 54b7e03a99e6dbd79315380653c1bf578c8444b0 (patch) | |
| tree | f3d93eca2e878b44978a2c46216353762d50271c /src | |
| parent | f14751780c164cac61e6f6763b1d8b4e8259080a (diff) | |
| download | openbsd-54b7e03a99e6dbd79315380653c1bf578c8444b0.tar.gz openbsd-54b7e03a99e6dbd79315380653c1bf578c8444b0.tar.bz2 openbsd-54b7e03a99e6dbd79315380653c1bf578c8444b0.zip | |
Annotate WTLS7 as being wrong
This should really have been using SECP 160R2, not SECP 160R1. Of course
this means in particular that nobody ever used this curve, at least not
against another implementation than OpenSSL. Quasi-monocultures are
poisonous whether the monopolist is benevolent and competent or not.
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/ec/ec_curve.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/libcrypto/ec/ec_curve.c b/src/lib/libcrypto/ec/ec_curve.c index fd7831598b..a37f324a24 100644 --- a/src/lib/libcrypto/ec/ec_curve.c +++ b/src/lib/libcrypto/ec/ec_curve.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ec_curve.c,v 1.50 2024/11/24 10:12:05 tb Exp $ */ | 1 | /* $OpenBSD: ec_curve.c,v 1.51 2024/12/04 09:50:52 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Written by Nils Larsch for the OpenSSL project. | 3 | * Written by Nils Larsch for the OpenSSL project. |
| 4 | */ | 4 | */ |
| @@ -2121,6 +2121,7 @@ static const struct ec_curve { | |||
| 2121 | .cofactor = 1, | 2121 | .cofactor = 1, |
| 2122 | }, | 2122 | }, |
| 2123 | { | 2123 | { |
| 2124 | /* XXX - this one's been wrong all along. Should use 160r1. */ | ||
| 2124 | .comment = "SECG/WTLS curve over a 160 bit prime field", | 2125 | .comment = "SECG/WTLS curve over a 160 bit prime field", |
| 2125 | .nid = NID_wap_wsg_idm_ecid_wtls7, | 2126 | .nid = NID_wap_wsg_idm_ecid_wtls7, |
| 2126 | .seed_len = sizeof(_EC_SECG_PRIME_160R2.seed), | 2127 | .seed_len = sizeof(_EC_SECG_PRIME_160R2.seed), |