Add support for Dual EC DRBG from SP800-90. Include updates to algorithm
[openssl.git] / fips / rand / fips_drbgvs.c
index b0e431d..db05d40 100644 (file)
@@ -100,6 +100,27 @@ static int parse_md(char *str)
        return NID_undef;
        }
 
        return NID_undef;
        }
 
+static int parse_ec(char *str)
+       {
+       int curve_nid, md_nid;
+       char *md;
+       md = strchr(str, ' ');
+       if (!md)
+               return NID_undef;
+       if (!strncmp(str, "[P-256", 6))
+               curve_nid = NID_X9_62_prime256v1;
+       else if (!strncmp(str, "[P-384", 6))
+               curve_nid = NID_secp384r1;
+       else if (!strncmp(str, "[P-521", 6))
+               curve_nid = NID_secp521r1;
+       else
+               return NID_undef;
+       md_nid = parse_md(md);
+       if (md_nid == NID_undef)
+               return NID_undef;
+       return (curve_nid << 16) | md_nid;
+       }
+
 static int parse_aes(char *str, int *pdf)
        {
 
 static int parse_aes(char *str, int *pdf)
        {
 
@@ -257,6 +278,12 @@ int main(int argc,char **argv)
                        if (nid == NID_undef)
                                exit(1);
                        }
                        if (nid == NID_undef)
                                exit(1);
                        }
+               if (strlen(buf) > 12 && !strncmp(buf, "[P-", 3))
+                       {
+                       nid = parse_ec(buf);
+                       if (nid == NID_undef)
+                               exit(1);
+                       }
                if (!parse_line(&keyword, &value, lbuf, buf))
                        continue;
 
                if (!parse_line(&keyword, &value, lbuf, buf))
                        continue;