Merge "Add NID_secp384r1 support on parsing UDS public key" into main
diff --git a/security/keymint/support/remote_prov_utils.cpp b/security/keymint/support/remote_prov_utils.cpp
index 3ac0dee..6638775 100644
--- a/security/keymint/support/remote_prov_utils.cpp
+++ b/security/keymint/support/remote_prov_utils.cpp
@@ -65,9 +65,9 @@
return privKey;
}
-ErrMsgOr<bytevec> ecKeyGetPublicKey(const EC_KEY* ecKey) {
+ErrMsgOr<bytevec> ecKeyGetPublicKey(const EC_KEY* ecKey, const int nid) {
// Extract public key.
- auto group = EC_GROUP_Ptr(EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+ auto group = EC_GROUP_Ptr(EC_GROUP_new_by_curve_name(nid));
if (group.get() == nullptr) {
return "Error creating EC group by curve name";
}
@@ -123,11 +123,12 @@
int keyType = EVP_PKEY_base_id(pubKey.get());
switch (keyType) {
case EVP_PKEY_EC: {
+ int nid = EVP_PKEY_bits(pubKey.get()) == 384 ? NID_secp384r1 : NID_X9_62_prime256v1;
auto ecKey = EC_KEY_Ptr(EVP_PKEY_get1_EC_KEY(pubKey.get()));
if (ecKey.get() == nullptr) {
return "Failed to get ec key";
- }
- return ecKeyGetPublicKey(ecKey.get());
+ }
+ return ecKeyGetPublicKey(ecKey.get(), nid);
}
case EVP_PKEY_ED25519: {
bytevec rawPubKey;
@@ -165,7 +166,7 @@
auto privKey = ecKeyGetPrivateKey(ec_key.get());
if (!privKey) return privKey.moveMessage();
- auto pubKey = ecKeyGetPublicKey(ec_key.get());
+ auto pubKey = ecKeyGetPublicKey(ec_key.get(), NID_X9_62_prime256v1);
if (!pubKey) return pubKey.moveMessage();
return std::make_tuple(pubKey.moveValue(), privKey.moveValue());