Use EVP_PKEY_X25519, EVP_PKEY_ED25519 instead of NIDs where appropriate.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3585)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 0f1d95b..0a39b97 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -169,7 +169,7 @@
{NID_brainpoolP256r1, 128, TLS_CURVE_PRIME}, /* brainpoolP256r1 (26) */
{NID_brainpoolP384r1, 192, TLS_CURVE_PRIME}, /* brainpoolP384r1 (27) */
{NID_brainpoolP512r1, 256, TLS_CURVE_PRIME}, /* brainpool512r1 (28) */
- {NID_X25519, 128, TLS_CURVE_CUSTOM}, /* X25519 (29) */
+ {EVP_PKEY_X25519, 128, TLS_CURVE_CUSTOM}, /* X25519 (29) */
};
static const unsigned char ecformats_default[] = {
@@ -719,7 +719,7 @@
NID_sha512, SSL_MD_SHA512_IDX, EVP_PKEY_EC, SSL_PKEY_ECC,
NID_ecdsa_with_SHA512, NID_secp521r1},
{"ed25519", TLSEXT_SIGALG_ed25519,
- NID_undef, -1, NID_ED25519, SSL_PKEY_ED25519,
+ NID_undef, -1, EVP_PKEY_ED25519, SSL_PKEY_ED25519,
NID_undef, NID_undef},
{NULL, TLSEXT_SIGALG_ecdsa_sha224,
NID_sha224, SSL_MD_SHA224_IDX, EVP_PKEY_EC, SSL_PKEY_ECC,
@@ -1418,7 +1418,7 @@
#ifndef OPENSSL_NO_EC
case EVP_PKEY_EC:
return SSL_PKEY_ECC;
- case NID_ED25519:
+ case EVP_PKEY_ED25519:
return SSL_PKEY_ED25519;
#endif
#ifndef OPENSSL_NO_GOST
@@ -1498,7 +1498,7 @@
break;
#endif
#ifndef OPENSSL_NO_EC
- case NID_ED25519:
+ case EVP_PKEY_ED25519:
case EVP_PKEY_EC:
if (!have_ecdsa && tls12_sigalg_allowed(s, op, lu))
have_ecdsa = 1;
@@ -2427,7 +2427,7 @@
if (lu->sig_idx == idx
&& (curve == -1 || lu->curve == curve))
break;
- if (idx == SSL_PKEY_ECC && lu->sig == NID_ED25519) {
+ if (idx == SSL_PKEY_ECC && lu->sig == EVP_PKEY_ED25519) {
idx = SSL_PKEY_ED25519;
break;
}
