From ec6a80c2122918d0d43aa05322cc30a8d45c7d81 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Fri, 6 Dec 2024 04:35:03 +0000
Subject: Set nid on group decoded from EC parameters

We match curve parameters against the builtin curves and only accept
them if they're encoding a curve known to us. After getting rid of the
wtls curves, some of which used to coincide with secp curves (sometimes
the wrong ones), the nid is unambiguous. Setting the nid has no direct
implications on the encoding.

This helps ssh avoid doing ugly computations during the key exchange
for PEM keys using this encoding.

ok djm joshua jsing
---
 src/lib/libcrypto/ec/ec_curve.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'src/lib/libcrypto/ec/ec_curve.c')

diff --git a/src/lib/libcrypto/ec/ec_curve.c b/src/lib/libcrypto/ec/ec_curve.c
index a37f324a24..cc5ad4d4e6 100644
--- a/src/lib/libcrypto/ec/ec_curve.c
+++ b/src/lib/libcrypto/ec/ec_curve.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_curve.c,v 1.51 2024/12/04 09:50:52 tb Exp $ */
+/* $OpenBSD: ec_curve.c,v 1.52 2024/12/06 04:35:03 tb Exp $ */
 /*
  * Written by Nils Larsch for the OpenSSL project.
  */
@@ -2685,16 +2685,21 @@ ec_group_nid_from_curve(const struct ec_curve *curve)
 }
 
 int
-ec_group_is_builtin_curve(const EC_GROUP *group)
+ec_group_is_builtin_curve(const EC_GROUP *group, int *out_nid)
 {
 	struct ec_curve *curve;
 	int ret = 0;
+	int nid;
+
+	*out_nid = NID_undef;
 
 	if ((curve = ec_curve_from_group(group)) == NULL)
 		goto err;
-	if (ec_group_nid_from_curve(curve) == NID_undef)
+	if ((nid = ec_group_nid_from_curve(curve)) == NID_undef)
 		goto err;
 
+	*out_nid = nid;
+
 	ret = 1;
 
  err:
-- 
cgit v1.2.3-55-g6feb