From de45aab184725b4cf5a02e9a9d5ad8be491bc3fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= Date: Fri, 28 Jul 2023 13:15:48 +0300 Subject: [PATCH] Fix OpenSSL 3.0 API EC curve names The OpenSSL man page examples used the NIST curve names which are supported. But when querying the name, the native OpenSSL name is returned. Use these names to pass curve type checks for engine/provider objects. --- lib/dns/opensslecdsa_link.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c index 04bd67deac..e064c7e7f5 100644 --- a/lib/dns/opensslecdsa_link.c +++ b/lib/dns/opensslecdsa_link.c @@ -125,9 +125,9 @@ static const char * opensslecdsa_key_alg_to_group_name(unsigned int key_alg) { switch (key_alg) { case DST_ALG_ECDSA256: - return ("P-256"); + return ("prime256v1"); case DST_ALG_ECDSA384: - return ("P-384"); + return ("secp384r1"); default: UNREACHABLE(); }