From 0d78bc3356823b8145d5fb99c33db68a141f80dd Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Sat, 29 Nov 2003 09:25:59 +0000
Subject: [PATCH] Add IPSec/IKE/Oakley curves.

PR: 768
Submitted by: Vadim Fedukovich <vf@unity.net>
---
 crypto/ec/ec_curve.c       | 28 ++++++++++++++++++++++++++++
 crypto/objects/obj_dat.h   | 14 ++++++++++----
 crypto/objects/obj_mac.h   |  8 ++++++++
 crypto/objects/obj_mac.num |  2 ++
 crypto/objects/objects.txt |  3 +++
 5 files changed, 51 insertions(+), 4 deletions(-)

diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c
index 0b9b7ca7c7..9bd743c10f 100644
--- a/crypto/ec/ec_curve.c
+++ b/crypto/ec/ec_curve.c
@@ -981,6 +981,31 @@ static const EC_CURVE_DATA _EC_WTLS_1 = {
 	"113 bit binary curve from the WTLS standard"
 	};
 
+/* IPSec curves */
+static const EC_CURVE_DATA _EC_IPSEC_155_ID3 = {
+	NID_X9_62_characteristic_two_field,
+	"0800000000000000000000004000000000000001",
+	"0",
+	"07338f",
+	"7b",
+	"1c8",
+	"2AAAAAAAAAAAAAAAAAAC7F3C7881BD0868FA86C",3,
+	NULL, 0,
+	"IPSec/IKE/Oakley curve #3 over a 155 bit binary field"
+	};
+
+static const EC_CURVE_DATA _EC_IPSEC_185_ID4 = {
+	NID_X9_62_characteristic_two_field,
+	"020000000000000000000000000000200000000000000001",
+	"0",
+	"1ee9",
+	"18",
+	"0d",
+	"FFFFFFFFFFFFFFFFFFFFFFEDF97C44DB9F2420BAFCA75E",2,
+	NULL, 0,
+	"IPSec/IKE/Oakley curve #4 over a 185 bit binary field"
+	};
+
 typedef struct _ec_list_element_st {
 	int	nid;
 	const EC_CURVE_DATA *data;
@@ -1061,6 +1086,9 @@ static const ec_list_element curve_list[] = {
 	{ NID_wap_wsg_idm_ecid_wtls10, &_EC_SECG_CHAR2_233K1},
 	{ NID_wap_wsg_idm_ecid_wtls11, &_EC_SECG_CHAR2_233R1},
 	{ NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12},
+	/* IPSec curves */
+	{ NID_ipsec3, &_EC_IPSEC_155_ID3},
+	{ NID_ipsec4, &_EC_IPSEC_185_ID4},
 };
 
 static size_t curve_list_length = sizeof(curve_list)/sizeof(ec_list_element);
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index 090719a6d2..beb48b8460 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -62,9 +62,9 @@
  * [including the GNU Public Licence.]
  */
 
-#define NUM_NID 724
-#define NUM_SN 719
-#define NUM_LN 719
+#define NUM_NID 726
+#define NUM_SN 721
+#define NUM_LN 721
 #define NUM_OBJ 693
 
 static unsigned char lvalues[4882]={
@@ -1894,6 +1894,8 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
 	&(lvalues[4879]),0},
 {"international-organizations","International Organizations",
 	NID_international_organizations,1,&(lvalues[4880]),0},
+{"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL},
+{"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL},
 };
 
 static ASN1_OBJECT *sn_objs[NUM_SN]={
@@ -1971,6 +1973,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
 &(nid_objs[180]),/* "OCSPSigning" */
 &(nid_objs[379]),/* "ORG" */
 &(nid_objs[18]),/* "OU" */
+&(nid_objs[724]),/* "Oakley-EC2N-3" */
+&(nid_objs[725]),/* "Oakley-EC2N-4" */
 &(nid_objs[ 9]),/* "PBE-MD2-DES" */
 &(nid_objs[168]),/* "PBE-MD2-RC2-64" */
 &(nid_objs[10]),/* "PBE-MD5-DES" */
@@ -3025,6 +3029,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
 &(nid_objs[527]),/* "identified-organization" */
 &(nid_objs[461]),/* "info" */
 &(nid_objs[101]),/* "initials" */
+&(nid_objs[724]),/* "ipsec3" */
+&(nid_objs[725]),/* "ipsec4" */
 &(nid_objs[181]),/* "iso" */
 &(nid_objs[687]),/* "issuer capabilities" */
 &(nid_objs[721]),/* "itu-t" */
@@ -3342,9 +3348,9 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
 
 static ASN1_OBJECT *obj_objs[NUM_OBJ]={
 &(nid_objs[ 0]),/* OBJ_undef                        0 */
-&(nid_objs[721]),/* OBJ_itu_t                        0 */
 &(nid_objs[393]),/* OBJ_joint_iso_ccitt              OBJ_joint_iso_itu_t */
 &(nid_objs[404]),/* OBJ_ccitt                        OBJ_itu_t */
+&(nid_objs[721]),/* OBJ_itu_t                        0 */
 &(nid_objs[434]),/* OBJ_data                         0 9 */
 &(nid_objs[181]),/* OBJ_iso                          1 */
 &(nid_objs[182]),/* OBJ_member_body                  1 2 */
diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h
index 2715cfdd75..ba871f478d 100644
--- a/crypto/objects/obj_mac.h
+++ b/crypto/objects/obj_mac.h
@@ -3176,3 +3176,11 @@
 #define NID_rsaOAEPEncryptionSET		708
 #define OBJ_rsaOAEPEncryptionSET		OBJ_rsadsi,1L,1L,6L
 
+#define SN_ipsec3		"Oakley-EC2N-3"
+#define LN_ipsec3		"ipsec3"
+#define NID_ipsec3		724
+
+#define SN_ipsec4		"Oakley-EC2N-4"
+#define LN_ipsec4		"ipsec4"
+#define NID_ipsec4		725
+
diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
index 0840bac306..b4ff8f0267 100644
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -721,3 +721,5 @@ name_constraints		720
 itu_t		721
 joint_iso_itu_t		722
 international_organizations		723
+ipsec3		724
+ipsec4		725
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index b5209b6fda..0160b3e5f5 100644
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -1008,3 +1008,6 @@ set-brand 6011		: set-brand-Novus
 
 rsadsi 3 10		: DES-CDMF		: des-cdmf
 rsadsi 1 1 6		: rsaOAEPEncryptionSET
+
+			: Oakley-EC2N-3		: ipsec3
+			: Oakley-EC2N-4		: ipsec4
-- 
2.34.1