Annotate WTLS7 as being wrong

This should really have been using SECP 160R2, not SECP 160R1. Of course this means in particular that nobody ever used this curve, at least not against another implementation than OpenSSL. Quasi-monocultures are poisonous whether the monopolist is benevolent and competent or not.
author: tb <> 2024-12-04 09:50:52 +0000
committer: tb <> 2024-12-04 09:50:52 +0000
commit: 703bddb95d0d05878d0df6fcb67913f30f9dfabe (patch)
tree: f3d93eca2e878b44978a2c46216353762d50271c /src
parent: 04e1055747d35d495ce4f3ed035892e86af24dd9 (diff)
download: openbsd-703bddb95d0d05878d0df6fcb67913f30f9dfabe.tar.gz
openbsd-703bddb95d0d05878d0df6fcb67913f30f9dfabe.tar.bz2
openbsd-703bddb95d0d05878d0df6fcb67913f30f9dfabe.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/libcrypto/ec/ec_curve.c b/src/lib/libcrypto/ec/ec_curve.c
index fd7831598b..a37f324a24 100644
--- a/src/lib/libcrypto/ec/ec_curve.c
+++ b/src/lib/libcrypto/ec/ec_curve.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_curve.c,v 1.50 2024/11/24 10:12:05 tb Exp $ */
+/* $OpenBSD: ec_curve.c,v 1.51 2024/12/04 09:50:52 tb Exp $ */
 /*
 * Written by Nils Larsch for the OpenSSL project.
 */
@@ -2121,6 +2121,7 @@ static const struct ec_curve {
                .cofactor = 1,
        },
        {
+                /* XXX - this one's been wrong all along. Should use 160r1. */
                .comment = "SECG/WTLS curve over a 160 bit prime field",
                .nid = NID_wap_wsg_idm_ecid_wtls7,
                .seed_len = sizeof(_EC_SECG_PRIME_160R2.seed),
author	tb <>	2024-12-04 09:50:52 +0000
committer	tb <>	2024-12-04 09:50:52 +0000
commit	703bddb95d0d05878d0df6fcb67913f30f9dfabe (patch)
tree	f3d93eca2e878b44978a2c46216353762d50271c /src
parent	04e1055747d35d495ce4f3ed035892e86af24dd9 (diff)
download	openbsd-703bddb95d0d05878d0df6fcb67913f30f9dfabe.tar.gz openbsd-703bddb95d0d05878d0df6fcb67913f30f9dfabe.tar.bz2 openbsd-703bddb95d0d05878d0df6fcb67913f30f9dfabe.zip