Dear OpenSSL team, please consider a patch attached. It adds 2 binary curves defined in RFC 2409 and 2412. It unclear whether any well-known OID was ever assigned and I'm not quite sure what are the right cofactor values
regards, Vadim ----- Forwarded message from Vadim Fedukovich <[EMAIL PROTECTED]> ----- Date: Fri, 14 Nov 2003 17:43:48 +0200 From: Vadim Fedukovich <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: DH over ECC groups Dear list, any plans to make racoon aware of elliptic-curve groups, namely ID 3 and 4 from RFC 2409? What is group 7? Any test vectors? Other ideas for testing? A patch is ready that could generate DH private/public values using group 3. What are patch submission rules? Requirements to have it accepted? This patch needs OpenSSL-0.9.8 (snapshot) supporting binary groups regards, Vadim Fedukovich ----- End forwarded message -----
--- crypto/ec/ec_curve.c.orig Thu Jan 16 21:15:21 2003 +++ crypto/ec/ec_curve.c Sat Nov 15 14:24:16 2003 @@ -981,6 +981,31 @@ "113 bit binary curve from the WTLS standard" }; +/* IPSec curves */ +static const EC_CURVE_DATA _EC_IPSEC_155_ID3 = { + NID_X9_62_characteristic_two_field, + "0800000000000000000000004000000000000001", + "0", + "07338f", + "7b", + "1c8", + "57db5698537193aef944",4, // 12 + NULL, 0, + "IPSec/IKE/Oakley curve #3 over a 155 bit binary field" + }; + +static const EC_CURVE_DATA _EC_IPSEC_185_ID4 = { + NID_X9_62_characteristic_two_field, + "020000000000000000000000000000200000000000000001", + "0", + "1ee9", + "18", + "0d", + "01ffffffffffffffffffffffdbf2f889b73e484175f94ebc",2, // 4 + NULL, 0, + "IPSec/IKE/Oakley curve #4 over a 185 bit binary field" + }; + typedef struct _ec_list_element_st { int nid; const EC_CURVE_DATA *data; @@ -1061,6 +1086,9 @@ { NID_wap_wsg_idm_ecid_wtls10, &_EC_SECG_CHAR2_233K1}, { NID_wap_wsg_idm_ecid_wtls11, &_EC_SECG_CHAR2_233R1}, { NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12}, + /* IPSec curves */ + { 0, &_EC_IPSEC_163_ID3}, // NIDs to be assigned + { 0, &_EC_IPSEC_185_ID4}, }; static size_t curve_list_length = sizeof(curve_list)/sizeof(ec_list_element);