From 275224b036c1713bd3162484d17b160ca8203116 Mon Sep 17 00:00:00 2001
From: Magnus Henoch <magnus@erlang-solutions.com>
Date: Mon, 12 Sep 2016 15:48:01 +0100
Subject: Filter elliptic curves depending on FIPS mode

Adapted from commit 675ee6860d2c273bcc6c6a0536634a107e2a3d9f.
---
 lib/crypto/src/crypto_ec_curves.erl | 25 ++++++++++++++++---------
 1 file changed, 16 insertions(+), 9 deletions(-)

(limited to 'lib/crypto')

diff --git a/lib/crypto/src/crypto_ec_curves.erl b/lib/crypto/src/crypto_ec_curves.erl
index 002b03b80c..9602a7e24b 100644
--- a/lib/crypto/src/crypto_ec_curves.erl
+++ b/lib/crypto/src/crypto_ec_curves.erl
@@ -7,29 +7,36 @@ curves() ->
     PubKeys = proplists:get_value(public_keys, CryptoSupport),
     HasEC   = proplists:get_bool(ecdh, PubKeys),
     HasGF2m = proplists:get_bool(ec_gf2m, PubKeys),
-    prime_curves(HasEC) ++ characteristic_two_curves(HasGF2m).
+    FIPSMode = crypto:info_fips() == enabled,
+    prime_curves(HasEC, FIPSMode) ++ characteristic_two_curves(HasGF2m, FIPSMode).
 
 
-prime_curves(true) ->
-    [secp112r1,secp112r2,secp128r1,secp128r2,secp160k1,secp160r1,secp160r2,
+prime_curves(true, true) ->
+    [secp160k1,secp160r1,secp160r2,
      secp192r1,secp192k1,secp224k1,secp224r1,secp256k1,secp256r1,secp384r1,
      secp521r1,prime192v1,prime192v2,prime192v3,prime239v1,prime239v2,prime239v3,
-     prime256v1,wtls6,wtls7,wtls8,wtls9,wtls12,
+     prime256v1,wtls7,wtls9,wtls12,
      brainpoolP160r1,brainpoolP160t1,brainpoolP192r1,brainpoolP192t1,
      brainpoolP224r1,brainpoolP224t1,brainpoolP256r1,brainpoolP256t1,
      brainpoolP320r1,brainpoolP320t1,brainpoolP384r1,brainpoolP384t1,
      brainpoolP512r1,brainpoolP512t1];
-prime_curves(_) ->
+prime_curves(true, false) ->
+    [secp112r1,secp112r2,secp128r1,secp128r2,wtls6,wtls8]
+	++ prime_curves(true, true);
+prime_curves(_, _) ->
     [].
 
-characteristic_two_curves(true) ->
-    [sect113r1,sect113r2,sect131r1,sect131r2,sect163k1,sect163r1,
+characteristic_two_curves(true, true) ->
+    [sect163k1,sect163r1,
      sect163r2,sect193r1,sect193r2,sect233k1,sect233r1,sect239k1,sect283k1,
      sect283r1,sect409k1,sect409r1,sect571k1,sect571r1,c2pnb163v1,c2pnb163v2,
      c2pnb163v3,c2pnb176v1,c2tnb191v1,c2tnb191v2,c2tnb191v3,c2pnb208w1,c2tnb239v1,
      c2tnb239v2,c2tnb239v3,c2pnb272w1,c2pnb304w1,c2tnb359v1,c2pnb368w1,c2tnb431r1,
-     wtls1,wtls3,wtls4,wtls5,wtls10,wtls11,ipsec3,ipsec4];
-characteristic_two_curves(_) ->
+     wtls3,wtls5,wtls10,wtls11];
+characteristic_two_curves(true, _) ->
+    [sect113r1,sect113r2,sect131r1,sect131r2,wtls1,wtls4,ipsec3,ipsec4]
+        ++ characteristic_two_curves(true, true);
+characteristic_two_curves(_, _) ->
     [].
 
 curve(secp112r1) ->
-- 
cgit v1.2.3