[crypto] Add definitions and tests for the NIST P-256 elliptic curve

Signed-off-by: Michael Brown <mcb30@ipxe.org>

3 files changed, 26 insertions, 0 deletions

diff --git a/src/include/ipxe/asn1.h b/src/include/ipxe/asn1.h
index 752b423b9..d503ccf9b 100644
--- a/src/include/ipxe/asn1.h
+++ b/src/include/ipxe/asn1.h
@@ -127,6 +127,12 @@ struct asn1_builder_header {
 #define ASN1_OID_TRIPLE( value ) \
 	( 0x80 | ( ( (value) >> 14 ) & 0x7f ) ), ASN1_OID_DOUBLE ( (value) )
 
+/** ASN.1 OID for prime256v1 (1.2.840.10045.3.1.7) */
+#define ASN1_OID_PRIME256V1					\
+	ASN1_OID_INITIAL ( 1, 1 ), ASN1_OID_DOUBLE ( 840 ),	\
+	ASN1_OID_DOUBLE ( 10045 ), ASN1_OID_SINGLE ( 3 ),	\
+	ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 7 )
+
 /** ASN.1 OID for rsaEncryption (1.2.840.113549.1.1.1) */
 #define ASN1_OID_RSAENCRYPTION					\
 	ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),	\
diff --git a/src/include/ipxe/p256.h b/src/include/ipxe/p256.h
new file mode 100644
index 000000000..0c4e81665
--- /dev/null
+++ b/src/include/ipxe/p256.h
@@ -0,0 +1,19 @@
+#ifndef _IPXE_P256_H
+#define _IPXE_P256_H
+
+/** @file
+ *
+ * NIST P-256 elliptic curve
+ *
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/weierstrass.h>
+
+/** P-256 value length */
+#define P256_LEN ( 256 / 8 )
+
+extern struct elliptic_curve p256_curve;
+
+#endif /* _IPXE_P256_H */
diff --git a/src/include/ipxe/tls.h b/src/include/ipxe/tls.h
index bf9807230..685c62e6d 100644
--- a/src/include/ipxe/tls.h
+++ b/src/include/ipxe/tls.h
@@ -127,6 +127,7 @@ struct tls_header {
 
 /* TLS named curve extension */
 #define TLS_NAMED_CURVE 10
+#define TLS_NAMED_CURVE_SECP256R1 23
 #define TLS_NAMED_CURVE_X25519 29
 
 /* TLS signature algorithms extension */