diff options
| author | laurenw-arm <lauren.wehrmeister@arm.com> | 2023-08-15 14:53:59 -0500 |
|---|---|---|
| committer | laurenw-arm <lauren.wehrmeister@arm.com> | 2023-10-13 09:59:25 -0500 |
| commit | c512c89cde91f10e1b283522ac956fa4da85a797 (patch) | |
| tree | 72738a9a9d979e3f88376198192a16052f23e0e7 | |
| parent | ad4e978774176a2b0dc6e94c7f63c7e90e031b1e (diff) | |
feat(cert-create): ecdsa p384 key support
Adding ECDSA P384 (secp384r1) key creation support through key_bits
obtained from KEY_SIZE.
Change-Id: I571251caef20222990bd927cdfb5f35bf2a185d0
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
| -rw-r--r-- | tools/cert_create/include/key.h | 4 | ||||
| -rw-r--r-- | tools/cert_create/src/key.c | 17 |
2 files changed, 16 insertions, 5 deletions
diff --git a/tools/cert_create/include/key.h b/tools/cert_create/include/key.h index 312575b44..56f1c21d0 100644 --- a/tools/cert_create/include/key.h +++ b/tools/cert_create/include/key.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -44,7 +44,7 @@ enum{ static const unsigned int KEY_SIZES[KEY_ALG_MAX_NUM][KEY_SIZE_MAX_NUM] = { { 2048, 1024, 3072, 4096 }, /* KEY_ALG_RSA */ #ifndef OPENSSL_NO_EC - {}, /* KEY_ALG_ECDSA_NIST */ + { 256, 384 }, /* KEY_ALG_ECDSA_NIST */ {}, /* KEY_ALG_ECDSA_BRAINPOOL_R */ {} /* KEY_ALG_ECDSA_BRAINPOOL_T */ #endif /* OPENSSL_NO_EC */ diff --git a/tools/cert_create/src/key.c b/tools/cert_create/src/key.c index 32229d1e9..14c8e18ad 100644 --- a/tools/cert_create/src/key.c +++ b/tools/cert_create/src/key.c @@ -1,9 +1,10 @@ /* - * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ +#include <assert.h> #include <getopt.h> #include <stdio.h> #include <stdlib.h> @@ -112,7 +113,12 @@ static int key_create_ecdsa(key_t *key, int key_bits, const char *curve) static int key_create_ecdsa_nist(key_t *key, int key_bits) { - return key_create_ecdsa(key, key_bits, "prime256v1"); + if (key_bits == 384) { + return key_create_ecdsa(key, key_bits, "secp384r1"); + } else { + assert(key_bits == 256); + return key_create_ecdsa(key, key_bits, "prime256v1"); + } } static int key_create_ecdsa_brainpool_r(key_t *key, int key_bits) @@ -154,7 +160,12 @@ err: static int key_create_ecdsa_nist(key_t *key, int key_bits) { - return key_create_ecdsa(key, key_bits, NID_X9_62_prime256v1); + if (key_bits == 384) { + return key_create_ecdsa(key, key_bits, NID_secp384r1); + } else { + assert(key_bits == 256); + return key_create_ecdsa(key, key_bits, NID_X9_62_prime256v1); + } } static int key_create_ecdsa_brainpool_r(key_t *key, int key_bits) |