fix(cert-create): add default keysize to Brainpool ECDSA
By default, the ECDSA Brainpool regular and ECDSA Brainpool twisted
algorithms support 256-bit sized keys. Not defining this leads to
an error indicating that '256' is not a valid key size for ECDSA
Brainpool. KEY_SIZES matrix must have a value in its table to avoid
problems when KEY_SIZE is defined.
Signed-off-by: Maxime Méré <maxime.mere@foss.st.com>
Change-Id: I34886659315f59a9582dcee1d92d0e24d4a4138e
diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst
index 14eac5f..d2d2eb5 100644
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@@ -737,9 +737,9 @@
+---------------------------+------------------------------------+
| ecdsa | 256 (default), 384 |
+---------------------------+------------------------------------+
- | ecdsa-brainpool-regular | unavailable |
+ | ecdsa-brainpool-regular | 256 (default) |
+---------------------------+------------------------------------+
- | ecdsa-brainpool-twisted | unavailable |
+ | ecdsa-brainpool-twisted | 256 (default) |
+---------------------------+------------------------------------+
- ``HASH_ALG``: This build flag enables the user to select the secure hash
diff --git a/tools/cert_create/include/key.h b/tools/cert_create/include/key.h
index f7adfab..83a7b18 100644
--- a/tools/cert_create/include/key.h
+++ b/tools/cert_create/include/key.h
@@ -45,8 +45,8 @@
{ 2048, 1024, 3072, 4096 }, /* KEY_ALG_RSA */
#ifndef OPENSSL_NO_EC
{ 256, 384 }, /* KEY_ALG_ECDSA_NIST */
- {}, /* KEY_ALG_ECDSA_BRAINPOOL_R */
- {} /* KEY_ALG_ECDSA_BRAINPOOL_T */
+ { 256 }, /* KEY_ALG_ECDSA_BRAINPOOL_R */
+ { 256 } /* KEY_ALG_ECDSA_BRAINPOOL_T */
#endif /* OPENSSL_NO_EC */
};