Add obj_xref for ECDH schemes in RFC 5753

Found missing sigoid_srt record in crypto/objects/obj_xref.h, and
this causes error while executing openssl cms -encrypt with EC key/cert.
Added required definitions to obj_xref.txt and obj_xref.h.

Issue reported by Theodore Wynnychenko (tmw <at> uchicago.edu) on misc.

ok tb@

diff --git a/lib/libcrypto/objects/obj_xref.h b/lib/libcrypto/objects/obj_xref.h
index 59c597c..cffd006 100644 (file)
--- a/lib/libcrypto/objects/obj_xref.h
+++ b/lib/libcrypto/objects/obj_xref.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: obj_xref.h,v 1.4 2016/12/21 15:49:29 jsing Exp $ */
+/* $OpenBSD: obj_xref.h,v 1.5 2021/05/12 10:24:39 inoguchi Exp $ */
 /* AUTOGENERATED BY objxref.pl, DO NOT EDIT */
 
 __BEGIN_HIDDEN_DECLS
@@ -44,6 +44,16 @@ static const nid_triple sigoid_srt[] =
        {NID_rsassaPss, NID_undef, NID_rsaEncryption},
        {NID_id_tc26_signwithdigest_gost3410_2012_256, NID_id_tc26_gost3411_2012_256, NID_id_GostR3410_2001},
        {NID_id_tc26_signwithdigest_gost3410_2012_512, NID_id_tc26_gost3411_2012_512, NID_id_GostR3410_2001},
+       {NID_dhSinglePass_stdDH_sha1kdf_scheme, NID_sha1, NID_dh_std_kdf},
+       {NID_dhSinglePass_stdDH_sha224kdf_scheme, NID_sha224, NID_dh_std_kdf},
+       {NID_dhSinglePass_stdDH_sha256kdf_scheme, NID_sha256, NID_dh_std_kdf},
+       {NID_dhSinglePass_stdDH_sha384kdf_scheme, NID_sha384, NID_dh_std_kdf},
+       {NID_dhSinglePass_stdDH_sha512kdf_scheme, NID_sha512, NID_dh_std_kdf},
+       {NID_dhSinglePass_cofactorDH_sha1kdf_scheme, NID_sha1, NID_dh_cofactor_kdf},
+       {NID_dhSinglePass_cofactorDH_sha224kdf_scheme, NID_sha224, NID_dh_cofactor_kdf},
+       {NID_dhSinglePass_cofactorDH_sha256kdf_scheme, NID_sha256, NID_dh_cofactor_kdf},
+       {NID_dhSinglePass_cofactorDH_sha384kdf_scheme, NID_sha384, NID_dh_cofactor_kdf},
+       {NID_dhSinglePass_cofactorDH_sha512kdf_scheme, NID_sha512, NID_dh_cofactor_kdf},
        };
 
 static const nid_triple * const sigoid_srt_xref[] =
@@ -61,19 +71,29 @@ static const nid_triple * const sigoid_srt_xref[] =
        &sigoid_srt[5],
        &sigoid_srt[8],
        &sigoid_srt[12],
+       &sigoid_srt[32],
+       &sigoid_srt[37],
        &sigoid_srt[6],
        &sigoid_srt[10],
        &sigoid_srt[11],
        &sigoid_srt[13],
        &sigoid_srt[24],
        &sigoid_srt[20],
+       &sigoid_srt[34],
+       &sigoid_srt[39],
        &sigoid_srt[14],
        &sigoid_srt[21],
+       &sigoid_srt[35],
+       &sigoid_srt[40],
        &sigoid_srt[15],
        &sigoid_srt[22],
+       &sigoid_srt[36],
+       &sigoid_srt[41],
        &sigoid_srt[16],
        &sigoid_srt[23],
        &sigoid_srt[19],
+       &sigoid_srt[33],
+       &sigoid_srt[38],
        &sigoid_srt[25],
        &sigoid_srt[26],
        &sigoid_srt[27],

diff --git a/lib/libcrypto/objects/obj_xref.txt b/lib/libcrypto/objects/obj_xref.txt
index dde52d8..3096e72 100644 (file)
--- a/lib/libcrypto/objects/obj_xref.txt
+++ b/lib/libcrypto/objects/obj_xref.txt
@@ -46,3 +46,16 @@ id_GostR3411_94_with_GostR3410_94_cc id_GostR3411_94 id_GostR3410_94_cc
 id_GostR3411_94_with_GostR3410_2001_cc id_GostR3411_94 id_GostR3410_2001_cc
 id_tc26_signwithdigest_gost3410_2012_256       id_tc26_gost3411_2012_256 id_tc26_gost3410_2012_256
 id_tc26_signwithdigest_gost3410_2012_512       id_tc26_gost3411_2012_512 id_tc26_gost3410_2012_512
+
+# ECDH KDFs and their corresponding message digests and schemes
+dhSinglePass_stdDH_sha1kdf_scheme              sha1    dh_std_kdf
+dhSinglePass_stdDH_sha224kdf_scheme            sha224  dh_std_kdf
+dhSinglePass_stdDH_sha256kdf_scheme            sha256  dh_std_kdf
+dhSinglePass_stdDH_sha384kdf_scheme            sha384  dh_std_kdf
+dhSinglePass_stdDH_sha512kdf_scheme            sha512  dh_std_kdf
+
+dhSinglePass_cofactorDH_sha1kdf_scheme         sha1    dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha224kdf_scheme       sha224  dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha256kdf_scheme       sha256  dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha384kdf_scheme       sha384  dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha512kdf_scheme       sha512  dh_cofactor_kdf