From aacdf9b232c383693fa0c6d9411d3ec168b9487a Mon Sep 17 00:00:00 2001
From: Wiktor Kwapisiewicz <wiktor@metacode.biz>
Date: Thu, 19 Jan 2023 09:55:34 +0100
Subject: [PATCH] Fix EC curve detection.

  - Some systems have smaller set of supported curves and even though the
    curve identifiers are compiled in the usage of the curve fails.

  - Try to construct an `EcGroup` using retrieved `Nid` as this is a cheap
    check that will fail if the curve is truly unsupported.

  - Fixes #976.
---
 src/crypto/backend/openssl.rs | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/crypto/backend/openssl.rs b/src/crypto/backend/openssl.rs
index 4e610bfe8..aa5c9db7d 100644
--- a/src/crypto/backend/openssl.rs
+++ b/src/crypto/backend/openssl.rs
@@ -43,7 +43,11 @@ impl Curve {
         } else {
             // the rest of EC algorithms are supported via the same
             // codepath
-            openssl::nid::Nid::try_from(self).is_ok()
+            if let Ok(nid) = openssl::nid::Nid::try_from(self) {
+                openssl::ec::EcGroup::from_curve_name(nid).is_ok()
+            } else {
+                false
+            }
         }
     }
 }
-- 
GitLab