Add brainpool curves and support unknown curves

nassl/ephemeral_key_info.py

@@ -52,6 +52,22 @@ class OpenSslEcNidEnum(IntEnum):
     X25519 = 1034
     X448 = 1035
 
+    # Brainpool
+    brainpoolP160r1 = 921
+    brainpoolP160t1 = 922
+    brainpoolP192r1 = 923
+    brainpoolP192t1 = 924
+    brainpoolP224r1 = 925
+    brainpoolP224t1 = 926
+    brainpoolP256r1 = 927
+    brainpoolP256t1 = 928
+    brainpoolP320r1 = 929
+    brainpoolP320t1 = 930
+    brainpoolP384r1 = 931
+    brainpoolP384t1 = 932
+    brainpoolP512r1 = 933
+    brainpoolP512t1 = 934
+
 
 # Mapping between OpenSSL EVP_PKEY_XXX value and display name
 _OPENSSL_EVP_PKEY_TO_NAME_MAPPING: Dict[OpenSslEvpPkeyEnum, str] = {
@@ -62,26 +78,6 @@ class OpenSslEcNidEnum(IntEnum):
 }
 
 
-# Mapping between the OpenSSL NID_XXX value and NIST name defined in https://tools.ietf.org/html/rfc4492
-_OPENSSL_NID_TO_NIST_MAPPING: Dict[OpenSslEcNidEnum, str] = {
-    OpenSslEcNidEnum.SECT163R2: "B-163",
-    OpenSslEcNidEnum.SECT233R1: "B-233",
-    OpenSslEcNidEnum.SECT283R1: "B-283",
-    OpenSslEcNidEnum.SECT409R1: "B-409",
-    OpenSslEcNidEnum.SECT571R1: "B-571",
-    OpenSslEcNidEnum.SECT163K1: "K-163",
-    OpenSslEcNidEnum.SECT233K1: "K-233",
-    OpenSslEcNidEnum.SECT283K1: "K-283",
-    OpenSslEcNidEnum.SECT409K1: "K-409",
-    OpenSslEcNidEnum.SECT571K1: "K-571",
-    OpenSslEcNidEnum.PRIME192V1: "P-192",
-    OpenSslEcNidEnum.SECP224R1: "P-224",
-    OpenSslEcNidEnum.PRIME256V1: "P-256",
-    OpenSslEcNidEnum.SECP384R1: "P-384",
-    OpenSslEcNidEnum.SECP521R1: "P-521",
-}
-
-
 # Mapping between the OpenSSL NID_XXX value and the SECG or ANSI X9.62 name (https://tools.ietf.org/html/rfc4492)
 # Where a ANSI X9.62 name is available, this is used in preference to the SECG
 # X25519 and X448 also included from https://tools.ietf.org/html/rfc8422
@@ -113,6 +109,20 @@ class OpenSslEcNidEnum(IntEnum):
     OpenSslEcNidEnum.SECP521R1: "secp521r1",
     OpenSslEcNidEnum.X25519: "X25519",
     OpenSslEcNidEnum.X448: "X448",
+    OpenSslEcNidEnum.brainpoolP160r1: "brainpoolP160r1",
+    OpenSslEcNidEnum.brainpoolP160t1: "brainpoolP160t1",
+    OpenSslEcNidEnum.brainpoolP192r1: "brainpoolP192r1",
+    OpenSslEcNidEnum.brainpoolP192t1: "brainpoolP192t1",
+    OpenSslEcNidEnum.brainpoolP224r1: "brainpoolP224r1",
+    OpenSslEcNidEnum.brainpoolP224t1: "brainpoolP224t1",
+    OpenSslEcNidEnum.brainpoolP256r1: "brainpoolP256r1",
+    OpenSslEcNidEnum.brainpoolP256t1: "brainpoolP256t1",
+    OpenSslEcNidEnum.brainpoolP320r1: "brainpoolP320r1",
+    OpenSslEcNidEnum.brainpoolP320t1: "brainpoolP320t1",
+    OpenSslEcNidEnum.brainpoolP384r1: "brainpoolP384r1",
+    OpenSslEcNidEnum.brainpoolP384t1: "brainpoolP384t1",
+    OpenSslEcNidEnum.brainpoolP512r1: "brainpoolP512r1",
+    OpenSslEcNidEnum.brainpoolP512t1: "brainpoolP512t1",
 }
 
 
@@ -137,8 +147,13 @@ class EcDhEphemeralKeyInfo(EphemeralKeyInfo):
 
     def __post_init__(self) -> None:
         super().__post_init__()
+        try:
+            curve_name = _OPENSSL_NID_TO_SECG_ANSI_X9_62[self.curve]
+        except KeyError:
+            curve_name = f"unknown-curve-with-id-{self.curve.value}"
+
         # Required because of frozen=True; https://docs.python.org/3/library/dataclasses.html#frozen-instances
-        object.__setattr__(self, "curve_name", _OPENSSL_NID_TO_SECG_ANSI_X9_62[self.curve])
+        object.__setattr__(self, "curve_name", curve_name)
 
 
 @dataclass(frozen=True)