fix(cert-create): add default keysize to Brainpool ECDSA

By default, the ECDSA Brainpool regular and ECDSA Brainpool twisted algorithms support 256-bit sized keys. Not defining this leads to an error indicating that '256' is not a valid key size for ECDSA Brainpool. KEY_SIZES matrix must have a value in its table to avoid problems when KEY_SIZE is defined. Signed-off-by: Maxime Méré <maxime.mere@foss.st.com> Change-Id: I34886659315f59a9582dcee1d92d0e24d4a4138e
2025-04-08 05:43:53 +00:00 · 2024-09-18 17:53:21 +02:00 · 2024-09-18 17:53:21 +02:00 · 0da16fe32f
commit 0da16fe32f
parent 999503d285
2 changed files with 4 additions and 4 deletions
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@ -737,9 +737,9 @@ Common build options
   +---------------------------+------------------------------------+
   |          ecdsa            |         256 (default), 384         |
   +---------------------------+------------------------------------+
-   |  ecdsa-brainpool-regular  |            unavailable             |
+   |  ecdsa-brainpool-regular  |            256 (default)           |
   +---------------------------+------------------------------------+
-   |  ecdsa-brainpool-twisted  |            unavailable             |
+   |  ecdsa-brainpool-twisted  |            256 (default)           |
   +---------------------------+------------------------------------+

 -  ``HASH_ALG``: This build flag enables the user to select the secure hash
--- a/tools/cert_create/include/key.h
+++ b/tools/cert_create/include/key.h
@ -45,8 +45,8 @@ static const unsigned int KEY_SIZES[KEY_ALG_MAX_NUM][KEY_SIZE_MAX_NUM] = {
 	{ 2048, 1024, 3072, 4096 },	/* KEY_ALG_RSA */
 #ifndef OPENSSL_NO_EC
 	{ 256, 384 },			/* KEY_ALG_ECDSA_NIST */
-	{},				/* KEY_ALG_ECDSA_BRAINPOOL_R */
-	{}				/* KEY_ALG_ECDSA_BRAINPOOL_T */
+	{ 256 },			/* KEY_ALG_ECDSA_BRAINPOOL_R */
+	{ 256 }				/* KEY_ALG_ECDSA_BRAINPOOL_T */
 #endif /* OPENSSL_NO_EC */
 };