From e9d24acc78db366301a54b7149f6c15809605f71 Mon Sep 17 00:00:00 2001
From: zeroclock <zeroclock@icloud.com>
Date: Mon, 14 Dec 2020 09:01:38 +0900
Subject: [PATCH 1/2] [DTLS] Add NamedCurve::P384 (WIP)

---
 dtls/src/curve/named_curve.rs | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/dtls/src/curve/named_curve.rs b/dtls/src/curve/named_curve.rs
index 36dfe5474..1a17cda9e 100644
--- a/dtls/src/curve/named_curve.rs
+++ b/dtls/src/curve/named_curve.rs
@@ -26,6 +26,7 @@ impl From<u16> for NamedCurve {
 
 pub(crate) enum NamedCurvePrivateKey {
     EphemeralSecretP256(p256::ecdh::EphemeralSecret),
+    EphemeralSecretP384(ring::agreement::EphemeralPrivateKey),
     StaticSecretX25519(x25519_dalek::StaticSecret),
 }
 
@@ -45,6 +46,15 @@ fn elliptic_curve_keypair(curve: NamedCurve) -> Result<NamedCurveKeypair, Error>
                 NamedCurvePrivateKey::EphemeralSecretP256(secret_key),
             )
         }
+        NamedCurve::P384 => {
+            let rng = ring::rand::SystemRandom::new();
+            let secret_key = ring::agreement::EphemeralPrivateKey::generate(&ring::agreement::ECDH_P256, &rng)?;
+            let public_key = secret_key.compute_public_key()?;
+            (
+                public_key.as_ref().to_vec(),
+                NamedCurvePrivateKey::EphemeralSecretP384(secret_key),
+            )
+        }
         NamedCurve::X25519 => {
             let secret_key = x25519_dalek::StaticSecret::new(rand_core::OsRng);
             let public_key = x25519_dalek::PublicKey::from(&secret_key);
@@ -53,7 +63,6 @@ fn elliptic_curve_keypair(curve: NamedCurve) -> Result<NamedCurveKeypair, Error>
                 NamedCurvePrivateKey::StaticSecretX25519(secret_key),
             )
         }
-        //TODO: add NamedCurve::p384
         _ => return Err(ERR_INVALID_NAMED_CURVE.clone()),
     };
 
@@ -67,10 +76,9 @@ fn elliptic_curve_keypair(curve: NamedCurve) -> Result<NamedCurveKeypair, Error>
 impl NamedCurve {
     pub fn generate_keypair(&self) -> Result<NamedCurveKeypair, Error> {
         match *self {
-            //TODO: add P384
             NamedCurve::X25519 => elliptic_curve_keypair(NamedCurve::X25519),
             NamedCurve::P256 => elliptic_curve_keypair(NamedCurve::P256),
-            //NamedCurve::P384 => elliptic_curve_keypair(NamedCurve::P384),
+            NamedCurve::P384 => elliptic_curve_keypair(NamedCurve::P384),
             _ => Err(ERR_INVALID_NAMED_CURVE.clone()),
         }
     }

From 9efdfa2d27e0461a2d0201b4e60a7b77f757509c Mon Sep 17 00:00:00 2001
From: zeroclock <zeroclock@icloud.com>
Date: Mon, 14 Dec 2020 09:57:31 +0900
Subject: [PATCH 2/2] [DTLS] Fix wrong curve type

---
 dtls/src/curve/named_curve.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dtls/src/curve/named_curve.rs b/dtls/src/curve/named_curve.rs
index 1a17cda9e..a8d15fdbb 100644
--- a/dtls/src/curve/named_curve.rs
+++ b/dtls/src/curve/named_curve.rs
@@ -48,7 +48,7 @@ fn elliptic_curve_keypair(curve: NamedCurve) -> Result<NamedCurveKeypair, Error>
         }
         NamedCurve::P384 => {
             let rng = ring::rand::SystemRandom::new();
-            let secret_key = ring::agreement::EphemeralPrivateKey::generate(&ring::agreement::ECDH_P256, &rng)?;
+            let secret_key = ring::agreement::EphemeralPrivateKey::generate(&ring::agreement::ECDH_P384, &rng)?;
             let public_key = secret_key.compute_public_key()?;
             (
                 public_key.as_ref().to_vec(),