Changes to DEFAULT curves

Change the ECC default curve list to be this, in order: x25519, secp256r1, secp521r1, secp384r1, brainpoolP256r1, brainpoolP384r1, and brainpool512r1. Reviewed-by: Emilia Käsper <emilia@openssl.org>
author: Rich Salz <rsalz@akamai.com> 2016-01-03 13:24:32 -0500
committer: Rich Salz <rsalz@openssl.org> 2016-03-04 09:50:49 -0500
commit: ddb4c0477af623fcad3e6709640729e82693a4c9 (patch)
tree: e6dce6eec64420a42cbd5601f14ccaa4e53837a1 /ssl
parent: b95779846dc876cf959ccf96c49d4c0a48ea3082 (diff)
1 files changed, 8 insertions, 24 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 3aa01db7e5..f068a2008a 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -230,10 +230,9 @@ typedef struct {
 
 /*
  * Table of curve information.
- * NB: do not delete entries or reorder this array. It is used as a lookup
+ * Do not delete entries or reorder this array! It is used as a lookup
  * table: the index of each entry is one less than the TLS curve id.
  */
-
 static const tls_curve_info nid_list[] = {
     {NID_sect163k1, 80, TLS_CURVE_CHAR2}, /* sect163k1 (1) */
     {NID_sect163r1, 80, TLS_CURVE_CHAR2}, /* sect163r1 (2) */
@@ -276,46 +275,31 @@ static const unsigned char ecformats_default[] = {
 /* The default curves */
 static const unsigned char eccurves_default[] = {
     0, 29,                      /* X25519 (29) */
-    /* Prefer P-256 which has the fastest and most secure implementations. */
     0, 23,                      /* secp256r1 (23) */
-    /* Other >= 256-bit prime curves. */
     0, 25,                      /* secp521r1 (25) */
-    0, 28,                      /* brainpool512r1 (28) */
-    0, 27,                      /* brainpoolP384r1 (27) */
     0, 24,                      /* secp384r1 (24) */
-    0, 26,                      /* brainpoolP256r1 (26) */
-    0, 22,                      /* secp256k1 (22) */
-    /* >= 256-bit binary curves. */
-    0, 14,                      /* sect571r1 (14) */
-    0, 13,                      /* sect571k1 (13) */
-    0, 11,                      /* sect409k1 (11) */
-    0, 12,                      /* sect409r1 (12) */
-    0, 9,                       /* sect283k1 (9) */
-    0, 10,                      /* sect283r1 (10) */
 };
 
 static const unsigned char eccurves_all[] = {
     0, 29,                      /* X25519 (29) */
-    /* Prefer P-256 which has the fastest and most secure implementations. */
     0, 23,                      /* secp256r1 (23) */
-    /* Other >= 256-bit prime curves. */
     0, 25,                      /* secp521r1 (25) */
-    0, 28,                      /* brainpool512r1 (28) */
-    0, 27,                      /* brainpoolP384r1 (27) */
     0, 24,                      /* secp384r1 (24) */
     0, 26,                      /* brainpoolP256r1 (26) */
+    0, 27,                      /* brainpoolP384r1 (27) */
+    0, 28,                      /* brainpool512r1 (28) */
+
+    /*
+     * Remaining curves disabled by default but still permitted if set
+     * via an explicit callback or parameters.
+     */
     0, 22,                      /* secp256k1 (22) */
-    /* >= 256-bit binary curves. */
     0, 14,                      /* sect571r1 (14) */
     0, 13,                      /* sect571k1 (13) */
     0, 11,                      /* sect409k1 (11) */
     0, 12,                      /* sect409r1 (12) */
     0, 9,                       /* sect283k1 (9) */
     0, 10,                      /* sect283r1 (10) */
-    /*
-     * Remaining curves disabled by default but still permitted if set
-     * via an explicit callback or parameters.
-     */
     0, 20,                      /* secp224k1 (20) */
     0, 21,                      /* secp224r1 (21) */
     0, 18,                      /* secp192k1 (18) */
author	Rich Salz <rsalz@akamai.com>	2016-01-03 13:24:32 -0500
committer	Rich Salz <rsalz@openssl.org>	2016-03-04 09:50:49 -0500
commit	ddb4c0477af623fcad3e6709640729e82693a4c9 (patch)
tree	e6dce6eec64420a42cbd5601f14ccaa4e53837a1 /ssl
parent	b95779846dc876cf959ccf96c49d4c0a48ea3082 (diff)